Testing email posting

Just a quick test to see if I can get this whole post-from-Blackberry thing working. I’m trying to use postie for this, as well as the many wonders of UTW. [tags]meta, roaming, geekery[/tags]

hit list

Just so I don’t forget.

I was gonna set up something to help me track such hit lists, so that I don’t have to keep asking “what was that cool thing graydon showed me?” all the time, but, you know.

the maturity of writing your own

Daniel Glazman has written about the pain he’s experienced trying to update his splinter NVu tree to track the significant Gecko development. It’s a very difficult task, and not one that I would have signed up for. There are a number of suggestions that others have made that might have made the task easier, but that’s for another post. To be perfectly frank, I have little personal interest in making the “maintain a fork of Gecko in another CVS repository” use case materially easier, let alone adding cost to already-difficult Gecko development to support it.

(I had a huge section here about the details of internals-vs-platform and some excellent responses that others have made to the post, but I just moved it to another draft because this post is about something else, dammit.)

What I really want to write about is this passage in Daniel’s latest post on the topic:

Let me first give you an example : suppose you are an experienced c++ coder but a true beginner in Mozilla, and you need to build a xul standalone front-end for an app of yours; you can’t rely on xulrunner yet, because it’s said to a bit immature for the time being. So you want to build a standalone toolkit-based app like Nvu, Firefox or Thunderbird… You start looking at mozilla/browser, mozilla/mail and then you cry. The makefiles are incredibly complex and almost not commented, most of the files in app directory are hard to understand so you don’t really know how to tweak them[...]

If you are a software developer faced with the choice between

  • a piece of software that is designed to solve your exact problem, which is not yet release-quality, but is already being used by other people for their projects in exactly this way; and
  • writing your own such piece of software on the basis of code you don’t understand, and which was never intended to be anything more general than “the startup code for Firefox”

then you might have some reasons to choose the latter, I suppose, but I can’t for the life of me understand how “maturity” is one of them. XULRunner is farther towards its stated goal — which happens to be completely identical to the goal that Daniel uses in his example — than anything you’ll find in the directories that Daniel lists, as evidenced by the fact that a number of people are already using it in service of that goal.

Even if XULRunner falls short of some subgoal today, investment in improving it to suit the needs of your own app is almost certainly the wiser course, as you reduce the need to maintain your own private fork of the firefox/thunderbird/whatever code — back in the early Mozilla days, we used to refer to this as “the stupid tax”, and talk about how it was often a strong disincentive to keep patches private instead of integrating well-designed hooks into the core app.

or maybe not paranoid enough

In 1996, I watch Peter Gutmann present a paper about how extremely difficult it is to delete data from hard drives such that it is deleted for keepsies. I remember the discussions with Marcus and others afterwards that centered around how incredibly doomed we were, as security professionals.

It might be that time again. I sort of hope I only have one of these doomed moments once a decade.

shuffled again

At some point recently, iTunes’ most excellent Party Shuffle feature stopped working for me. It was “locked” on some small playlist, and none of the controls did anything that I could detect with the primitive instruments at my disposal. It was very sad times.

We tried a number of things, including blowing away my preferences, but nothing worked until I found this simple solution on the 5th page of my 8th or 9th Google attempt. All better now, and just in time for yet another trip to the left coast.

And here’s another neat Party Shuffle trick, which exactly describes how I most often want to use the feature: “party shuffle an empty playlist”.

I got yer crypto right here

I am tremendously excited to see that the boys at RHAT have put together mod_nss, a module that uses Mozilla’s NSS to provide SSL services to Apache. Woot!

I don’t know why there isn’t a parade over this, honestly.

laws of identity

This is the first — perhaps second — in what I expect will be a long-ish series exploring some of my thinking behind what the “identity strategy” for Mozilla should look like. Not necessarily what the strategy will be, but what problems it needs to solve, and how the values of the project are reflected in the choices that we face.

If you are new to the modern discussion of “digital identity”, you might find some useful discussion of the issues and stakes here in Kim Cameron’s “Laws of Identity”. Kim’s captured a lot of good thinking from himself and others, and I think it’s a solid basis for discussing the differences between identity systems (or, as is the more fashionable thing these days, identity metasystems — but that’s another post).

So that’s my plan! I finally feel like I have a handle on enough of this stuff to start sharing it without being totally incoherent, and so I will try.

or maybe there was a banana in his ear

George Colony, CEO of Forrester Research, recently described Sun’s “fighting chance” strategy for recovery, as told to him by Jonathan Schwartz, including this first step:

Step No. 1: Make the argument that Linux equals Red Hat. … Sun’s view is that Linux is nothing more than Red Hat.

But some three weeks before, Jonathan himself decried that very attitude:

And Red Hat is not linux, despite what they say, and despite what the media (and IBM’s ads) seem to conflate. … Let’s start calling a distro a distro.

This doesn’t strike me as the sort of misinterpretation that one would expect to arise from a conversation between the CEO of one of the industry’s most influential analyst firms and the president/COO of Sun Microsystems. I wonder why Sun didn’t make them post a correction.

careful what you wish for

The case for: if you separate mechanism sufficiently from policy, people can use that mechanism to implement arbitrary policies.

The case against: if you separate mechanism sufficiently from policy, people will use that mechanism to implement very arbitrary policies.

Je vous remercie pour votre attention.

the relentless march of progress

From various channels, early this morning:

* bryner is really disturbed by redhat's gcc 3.3.3 (fc2) generating worse code than their 3.3.2 in fc1

< vlad> vladimir@tornado[1099]% rpm -q gcc34
< vlad> gcc34-3.4.0-1
< vlad> who needs 3.3.3?

< shaver> use gcc34?
< bryner> it's even worse

next page »