Google Site Search


Friday, January 30, 2009

JBoss Kerberos/SPNego Support

Here is the GA version of the JBoss Negotiation project that is being driven by Darran Lofthouse.

Why is this important?
- Allows you to do seamless SSO to your web applications running on JBoss Application Server if you authenticate to the desktop (Windows 2000/XP) via Active Directory. This uses SPNego.
- Compatible with FreeIPA (Fedora, Fedora Directory Server).


Wednesday, January 21, 2009

Security issues surrounding Social Networks

Social Networks carry a lot of private information about people. This can be advantageous as well as disastrous to individuals.

Giles Hogben of ENISA has been doing a lot of research work on security issues surrounding social networks. A position paper from Giles titled "Security issues in the future of social networking", has been presented at the W3C workshop on the Future of Social Networks.

Interesting bit from Giles's paper:

The biggest repository of personal images on the internet is not Flickr but Facebook (already with a staggering 30 billion images, while 14 million new images are uploaded every day). The largest number of personal profiles on the planet is held not in a government identity registry (at least not one we know about...) or one of the much heralded Federated Identity Providers but in the data warehouses of the Social Networking providers.

Friday, January 16, 2009

Computer Forensics: Paul Wright Speaks

Paul Wright is the head of HiTech Crime Unit for the City of London Police. He has been trying hard to bridge a rapport with security experts in the industry and law enforcement. I was one of the primary drivers for Paul to come and make a keynote presentation at the Oasis Security Forum in London 2008 ( At the particular keynote, he stressed the need for companies/enterprises to report break-ins/fraud etc to law enforcement asap and not to make changes to the infrastructure that has become exposed to crime. Slides.

He stressed the need for checkpoints in databases and applications that enable the law enforcement detectives to figure out what the crime involved by looking at the changes.

I would point out to an online interview that Paul has delivered here:
Interview with Paul Wright, City of London Police - 5/9/08

Paul Wright: All over the globe more and more instances of hi-tech and e-crime are being investigated by law enforcement agencies and other investigative bodies. Along with this increase in workload has come the realisation that crimes involving computers (either as the target of offending, as one of a range of tools, or as the principal tool used in the commission of offences) are technically difficult to investigate and raise many practical problems. One of my main roles is solving those problems and anticipating as many of them as I possibly can.
Great Interview, Paul. Happy New Year 2009.

Picture of Paul Wright. His Profile.

Thursday, January 15, 2009

US CTO Candidate and Open Source

Vivek Kundra is the current CTO of the DC Government. He is in the running to be the next CTO of the US Government as per the following article in the Business Week.

Keeping the title of the Business Week aside which hints at both the candidates being born Indian, the following paragraph caught my eye.

In D.C., he runs his 600-person staff like a startup, experimenting in cloud computing, open source software, social networking, and other cutting-edge technologies. Kundra advises Obama's transition team on technology issues.

Impressive that a potential candidate is hands-on and has had experience in open source. :)

According to GovTech, Mr.Kundra is a big proponent of OSS.

Washington, D.C., Mayor Adrian Fenty appointed Kundra the District of Columbia's CTO in March 2007, and Kundra has quickly made a name for himself as an innovator who is unafraid of new ideas.

Last week, Kundra and Fenty announced winners of the district's Apps for Democracy contest, which challenged participants to design open source applications that integrate data from the D.C. Data Catalog, information that's released in real time by several government agencies. Fenty said last week the contest would save Washington, D.C., millions of dollars in software development costs.


Wednesday, January 7, 2009

Don't ever shout at Disk Drives...

An interesting phenomenon of shouting at Disk Drives causing I/O latency....

The Register reports this:

My blog post


Tuesday, January 6, 2009

Survey: Do you use JBoss XACML?

I am trying to get a sense of usage of JBoss XACML either as a standalone project or inside JBoss Application Server v5.0. If you are using this project, please choose any of the 3 options. Takes less than 10 seconds.

The survey is available on the Left Hand Column of


What is JBoss XACML?
Refer to:

What is Oasis XACML?
Refer to:

Can I use JBossXACML without using the JBoss Application Server?
Of course, it is a standalone project.
Pick your jars from the following two places for the latest version:


Monday, January 5, 2009

Wikipedia reaches $6million in donations

It is an extremely positive news as we start 2009. Jimmy Wales, founder of Wikipedia has announced that Wikipedia has collected $6 million in donations to cover the operating costs for 2009.

A great quote:
Imagine a world in which every single person on the planet is given free access to the sum of all human knowledge. -- Jimmy Wales, Wikipedia

Read this blog post.