Now here’s a cool little technology that you may or may not have heard of: OpenID.
It’s like single sign on, but simpler. That’s the angle presented by the project’s leaders anyway, and it appears to be working. This little two-year-old technology currently has 5,000 web sites around the world supporting it, with 120 million individual users (or “OpenID’s” as they’re called by those in the know). That number is projected to grow to approximately 500 million by the end of the calendar year.
I learned a little more about OpenID at this month’s LinuxWorld Conference and Expo in between takes of our highly acclaimed video blogging efforts in the lobby of the Moscone Center. Our good friend and expert Bernard Golden happened to walk by at the right place in the right time, and close behind him was Scott Kveton, the chairman of the OpenID board.
Long story short, Scott and I set up a call last week to talk about OpenID.
First, let’s let the OpenID web site explain just what OpenID is, shall we?
For geeks, OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID takes advantage of already existing internet technology (URI, HTTP, SSL, Diffie-Hellman) and realizes that people are already creating identities for themselves whether it be at their blog, photo stream, profile page, etc. With OpenID you can easily transform one of these existing URIs into an account which can be used at sites which support OpenID logins.
For individuals, OpenID means the elimination of multiple user names and passwords and a smoother, more secure, online experience. For businesses, this means a lower cost of password or account management, the opportunity for easier and higher numbers of new user registrations and the elimination of missed transactions because of user frustration with lost and forgotten passwords. OpenID allows for innovation in the authentication space beyond just using a password to “unlock” your OpenID identity, but the ability to strongly protect your OpenID and have that benefit move with you everywhere you go online.
Kveton bills OpenID as the antithesis of older technologies like Microsoft’s Passport and the Liberty Alliance Project, and with growth as big as he was projecting last week, I’d be hard pressed not to agree with him. “There’s just too many ways to ID users in too many places,” he said. “[OpenID] is super simple. Passport, Livery Alliance — these are too heavy and complicated.”
But what about security? Well, Kveton had an answer for that too, and again it came back to Microsoft Passport. OpenID is a decentralized system, meant to allow a user or a developer to spit out an application “in an afternoon,” Kveton said.
With applications like Passport all of the user information (ID, passwords, personal information) is owned by Microsoft. OpenID is not, a trait Kveton maintains was monumentally helpful in getting the millions of users on board since the projects inception in 2005. Ten times out of ten I’m going to guess a user wants total control over their private info, no?
That said, phishing could still be construed as a concern — as it could be for any ID/single sign on system. “A big concern is that OpenID could become a huge target for phishing; someone would could access your OpenID can get all the sites you visit.” However, even with this superficial concern OpenID has thrived because many users are already comfortable trusting a third party site for password management. Confused? Think of it this way: When you last forgot your Gmail password, how did you get it back? You trusted Google to send you a new one. To me this means the same due diligence required of today’s email passwords will be required in the OpenID era. Basically, don’t be stupid with your sensitive information and you’ll be just fine.
The ultimate goal for OpenID is an ambitious one: to create a unique ID for each individual user that works for the entire Internet. “OpenID by itself is a nice technology … the ability to move data and have a basic, portable social network is what will be the key driver however,” Kveton said. It’d be like a permanent, completely portable ID that woudl follow you to every site and simply work, no questions asked. Think of all the time you’d save — you’d have time to shop in your underwear for, like, an additional five minutes each day. Now that’s Web 2.0.
On the legal side of things, the OpenID Foundation formed in June 2007 to help manage intellectual property, marketing efforts and other activities related to the success of the OpenID community. The singular goal of the OpenID Foundation, its web site says, is to protect OpenID so that it may be used by any and all that want to.
“The goal [of the foundation] is not to drive technology or the community,” Kveton said. “It is to take care of the technology; to take care of trademarking hoops, IP, and provide a framework so the community can thrive around the technology.”
Half a billion users by 2008? Sounds like some serious thriving to me.
Under clever headers like “current conditions” and “Climatological timeframes (i.e., post-2007)” the Forecast page lays out pretty much all you need to know about the kernel and where it’s going both in the short-term and long-term.
For example, in the “weather events that may never occur” section, we see the Reiser4 file system. This year the project’s lead developer encountered, shall we say, a “setback” (read: murder trial) and as a result the direction of this popular open source file system has become a bit muddled, to say the least.
Long-range forecast: Expect 2.6.24 sometime around the beginning of 2008. Features which may be in this kernel include:
- Group scheduling for the CFS scheduler
- Much improved system memory use profiling
- Dynamic tick support for the x86_64 architecture
It’s all presented in a Wiki format, as is par for the course today with open source sites, and I encourage you guys to check it out.
Oooo-weee! I just love myself some stable kernel versions early in the morning!
|126.96.36.199||2007-08-15 18:25 UTC||F||V||VI||C||Changelog|
Last Friday’s ruling by Federal District Court Judge Dale Kimball *appears* to have been that first step in setting about the end to one of the longer running dramas in the software industry: The now infamous SCO vs. Linux trial. Or, more accurately and specifically, the end of the legal cases initiated by SCO based on claims of UNIX ownership and Unixware copyrights.
Watching and reading all of the commentary from this week, and witnessing the almost meteoric unraveling of SCO’s stock price, I am reminded of a game from my childhood that puts the entire process in a much more understandable — and humorous — light. Mouse Trap. The past four years (this all began in 2003, can you believe it?) have been nothing but the setting up of a series of various trials and motions — much like Mouse Trap’s rickety stairs and bathtub bowling ball — that have built and built the tension year over year until finally that plastic man jumped and tripped the trap that fell onto the unsuspecting mouse. I mean onto SCO. I’m mixing things up here, forgive me.
Or maybe it was a suspecting mouse, depending on who you talk to. Court filings suggest SCO knew all along that its claims were, well, dead wrong. Hit that link to read more on that.
Analyst Charles King, founder of Hayward, Calif.-based Pund-IT Research, said in a research note released today that Judge Kimball’s ruling, which firmly supported Novell’s ownership of the UNIX and Unix-Ware copyrights, “quite simply eviscerated SCO’s hopes and dreams.” I’m inclined to agree. The trap is sprung, the cage is down, and the mouse is caught. Game over. There are no little pieces of cardboard cheese left with which to barter, plead or use as an attack. I think Pamela Jones has most of them now, but I’m sure that Novell and IBM have a few pieces too. SCO’s stock reflects this and has bottomed out at a few dimes or so in value per share.
King notes that SCO posted “a brave statement claiming that the court determined or did not dismiss a number of technical points in its favor.” Keeping with my mousy analysis, it was at this point in my reading that I imagined the mouse sliding a tin cup across the bars of his new cage, making a ruckus to distract observers from the fact that he was helplessly locked away. The fact that a mouse would know how to do that would be distracting enough to begin with, so we’re talking about being really distracted here.
And speaking of Groklaw’s Pamela Jones… she also dissected the SCO letter and her post positively drips with Schadenfreude. Can you blame her though? As I loosely followed this trial for the past three years I’ve observed SCO using almost as much elbow grease in fighting IBM and Novell as it did when it tried to discredit Jones and Groklaw.
Jones seems to think there might be one last breath in SCO’s legal/business team, but in the same breath she doesn’t sound too impressed with what they’ll come up with. King agreed:
SCO’s plans to “continue to explore our options” sounded as hollowly optimistic as a conventioneer in Las Vegas who, upon emerging from the casino where he has squandered his life savings, declares how lucky he is that the pit boss let him keep his Fruit of the Looms and Rotary pin.
Not only did Judge Kimball favor Novell concerning the copyright issues, he also granted the company the right to direct SCO to waive its claims against IBM and Sequent and stated that SCO is obligated to recognize that waiver. Kimball also found that SCO is obligated to pay Novell for license fees the company collected from Sun and Microsoft in 2003. As much as 95% of those fees, which total some $18.3 million, could be due to Novell. However, since SCO has only a fraction of that amount on hand, it remains to be seen how much Novell will ever collect.
And though SCO will still be with us for the time being, King said the case seems close enough to a resolution that it’s worth considering a few lessons learned:
- First, when heading downhill, use the brake pedal instead of the gas. SCO’s situation illuminated a notable issue in the rise of Linux; that it has impacted UNIX solutions far more seriously than Microsoft, a bugaboo of Linux and Open Source aficionados. The result? Like other dinosaurs, UNIX specialists such as SCO were hammered worst by simple market evolution. By pursuing what turned out to be empty claims against Novell and IBM, the company merely hastened its demise.
- Second, when you hope or plan to do business with people, don’t try to fool them. SCO’s aggressive pursuit of IBM (which enjoys notable good will in the Open Source community) and claims that Linux violated UNIC copyrights made the company’s attempts to position itself as an emerging Linux vendor a tough sell, at best. The Linux community enjoys many well-educated, highly skeptical members who do not take kindly to empty braggadocio. SCO’s stick and carrot marketing approach worked in a few specific instances but was destined to fail among a disparate, diffused, and informed community.
- Finally, when heading toward a concrete wall, avoid high speed collisions at all costs. In essence, SCO chose to pursue a high stakes strategy which was finally unsubstantiated by facts. That suggests that the company was deliriously optimistic, deeply misinformed, or simply attempting to bluff its way into the winner’s circle. This approach can succeed sometimes, but not against companies such as IBM and Novell that possess the legal and financial resources to fight a battle to its ultimate conclusion.
“Without the possibility of a legal pay day, how long will SCO be able to function as a commercial company? If it is headed for destruction, is a partnership or acquisition in SCO’s future, and if so, by who? How will SCO cope with owing potentially millions in licenses fees to Novell, and how far will Novell go in pursuing payment? Will Novell follow Judge Kimball’s lead and order SCO to waive its legal claims against IBM? Will the resolution of these legal cases have any tangible impact on Linux of the Open Source movement? As the SCO melodrama winds toward its sad if predictable dénouement, these are points we will be watching carefully,” King said. All good questions, and they’ll probably all have answers sooner rather than later.
On that note however, it sounds like we’re about ready to play a new game with SCO. Any ideas out there? Oh, I know what we could play. How about Sorry!?
As a journalist, I get perturbed when I see talking heads on TV (on issues political, technological or otherwise) “attack the messenger” when the message they’re delivering isn’t something they agree with. The theory is, of course, that if you can discredit the person, then the public will not focus on the message — however legitimate it is to the conversation — and your position will win out.
I hate this. Reminds me of immature schoolyard antics from grade school. I know you are but what am I, etc. In the land of adults, which many of us presently inhabit I hope, I see no place for this kind of discourse. It leads to stagnation, and I’m fond of progression.
Today, I took another look at Ron Hovsepian’s keynote address from LinuxWorld last week, and his message of “expanding, extending, and enlarging” the Linux operating system. Was the message tainted a bit by the fact that Hovsepian is a businessman at the head of the number two commercial Linux distributor in the world? Sure it was, but there were points to be gleaned from his talk that I think the Linux community would be apt to mull over for a bit before they jump on the Microsoft hating bandwagon.
Red Hat’s Michael Evans, vice president of corporate development at the company, didn’t get that memo. Speaking to InfoWorld, Evans said he liked the idea but at the same time expressed doubts about the effort since Hovsepian was involved. “Personally, that he’s the guy that did the deal with Microsoft, I’m suspicious of things he says,” Evans told InfoWorld.
I’m not sure I agree. If this is true, shouldn’t we not also be suspicious of what Red Hat executives say, because they’re also trying to make a buck off of Linux? Maybe “paying a premium for Linux support” from Red Hat because it’s the best in town deserves a deeper look, eh, Oracle? Should we outright dismiss what Red Hat has to say about Oracle Linux whenever Oracle fires off a press release about another big name customer making the switch to that which Ellison has wrought? Obviously not. If we’re suspicious all the time, then we’re not doing work. We’re getting complacent — which was one of the pillars of Hovsepian’s keynote. Ironic, don’t ya think?
These personal attacks muddy the issue, which I am going to assume is exactly the point. They also do little to advance intelligent conversation (and this is where I’ll concede that my blogging may also fall into this category). Why is Red Hat attacking Novell so much these days anyway? Aren’t they currently kicking ass in the commercial Linux market? Last I checked it was bad business to even acknowledge the competition when you’re so far ahead in the standings.
Hovsepian’s keynote focused, as I said, on the expansion of Linux. He used phrases like “vendor neutral” to describe his ideas, and never once implied that Novell (or Microsoft) should be the one driving the ideas he put forth. Unlike many of the LinuxWorld keynotes last week, Novell’s was refreshingly lacking many of the self-aggrandizing remarks that plagued those of eBay and Amazon.com. Note to Amazon — we get it, you have a new SaaS initiative coming out, thanks for the advertisement for it in the middle of your keynote. Novell’s keynote did see a product pitch or two, as Hovsepian took some time in the middle there to gush about ZENWorks. It seemed out of place in a keynote full of general ideas about expanding Linux, but that doesn’t mean we should ax the entire speech en masse.
Aside from his moment of ZEN, Hovsepian seemed to be about promoting ways to take Linux past the enterprise success it’s enjoyed for the past five years or so. Linux is mission critical, sure, but there now exists the danger of complacency both with its developers and its corporate handlers.
Some points to address:
Today, if an ISV writes an application on Linux, it might run everywhere, and it might not. Even if it runs on multiple Linux distributions, the market desires that it be certified on multiple distributions. We need to work more on standardization. The Linux Standards Base is doing incredible work, but does anyone out there agree that there could is something more to be don? In a vendor neutral kind of way? Maybe you don’t agree with that. Why?
Sounds *somewhat* sane, right? Well it’s basically paraphrased from Jeff Jaffe’s blog over at Novell. So now it’s suddenly not worth pursuing or discussing at all?
Jaffe also calls for sacrifice, reducing fragmentation of Linux, and unification (standardization of ISV applications). But we should ignore them all because his company now has a newly created position for working with Microsoft? Maybe the LSB is doing great work, or maybe just good work. There’s now at least one major company out there that thinks more could be done with standards and certifications. Ignoring that opinion, and going along on the road to status quo feels like something to me. I can’t quite put my finger on it… oh wait, that’s right, it’s complacency.
Ultimately, we must remember that this was a keynote, meant to garner a few headlines and begin the brainstorming process–not solve any major problems. But to simply dismiss the message outright because you disagree with a company’s business plan seems kind of reckless to me. Don’t rest of your laurels just yet, Linux, there’s still much more to be done.
Apparently, the Perfect Server Storm hit popular third party news site LinuxToday.com yesterday and everything went dark. Countless legions of Linux reading geeks and nerds (LinuxWorld Golden Penguin Bowl, anyone?) went entire minutes, if not hours without Linux news and views. It was awful.
Thanks to a crashing server, a database that went awry, and a certain editor’s home/office Internet connection going belly up–all at the same time, yesterday afternoon Linux Today, JustLinux, and LinuxPR all went into the mode technologists sometimes refer to as “bye-bye.”
It was, actually, almost the perfect storm of things that could go wrong all at once. I would like to thank the system administrators who logged in after hours to restart the site at around 2215 EDT (0215 GMT) last night. (Some readers noted the sudden appearance of 13 new stories at that time.)
All three situations seem repaired now, so I would also like to thank everyone for all of their patience and continued readership.
I’ve had the pleasure of meeting and conversing with LinuxToday Managing Editor Brian Proffitt for the better part of the past three years now at various shows, so my sympathies are with him on this dark, dark day. 🙂 Good job to his systems administrators for getting LT back up and running so quickly.
On that note, perhaps Brian would like to read my upcoming post-LinuxWorld story on disaster recovery? Hmm? 🙂
Oracle announced today the general availability of 11g for the Linux platform only. You Windows and Unix guys will just have to wait your turn! Don’t worry though, because if historical trends are any indication, you’ll be rolling in 11g love a mere month or so from now.
Much was said of why Oracle chose to release on Linux first and decline comment on the other OS’s, with most of it focusing on the fact that Linux was “here to stay” or “mission critical” or whatever. That very well may be be the case, but I decided to dig a bit deeper thanks to an inside tip from one of my many infamous blog spies.
After the tip, I called over to Forrester Research analyst Noel Yuhanna, who follows Oracle, to discuss 11g, Linux, and the fact that Windows SQL Server is pretty hot right now. Hot enough for Oracle to take notice anyway, and make a huge push behind Linux. Was it Oracle making bank off of Linux, or Oracle positioning itself against Microsoft? Both?
We agreed that Linux is a huge moneymaker for Oracle, and has been for some time. Another analyst firm, Gartner, compiled some numbers recently that bare this out: Gartner’s recent report showed that Oracle on Linux grew 72% in 2006, which was faster than overall relational database management system market growth and faster than “general RDBMS growth” on Linux (67%).
Wim Coekaerts, Oracle’s vice president of Linux engineering, told me during a call we had set up for LinuxWorld that the growth is expected to continue. More Unbreakable Linux customers were announced at LinuxWorld, including game company Activision, which will “gradually” switch over to Oracle Linux (based on Red Hat Enterprise Linux) and has purchased support from Oracle. There’s already more than a few dozen customers on record saying they went to Oracle for their Linux support, but Coekaerts said the list has grown much larger than that since Oracle Linux was announced in late 2006. FYI — More on that call and our Oracle 11g on Linux coverage will be live soon on SearchEnterpriseLinux.com.
Michael Dolan, who works for IBM but blogs 100% independently from that company on his blog at MichaelDolan.com, put things into perspective with some thoughts on 11g, Linux and hardware a few weeks back.
Ok, I added the “[Oracle 11g] for Linux” b/c I’m sure they still support all the usual platforms. I actually saw this today and thought… hmmm… what will happen to all those 10g (or pre-10g) Solaris, HPUX and Windows systems when those customers go to upgrade? Solaris and SPARC are on their way out, Windows = Microsoft and Oracle hates that, and HPUX is on a rotting Itanium vine and many users wouldn’t dare go there… I suspect with Oracle going to Linux as its primary OS of choice (RHEL based) we’ll probably see yet another round of thousands of systems moving onto Linux.
Sure it’s skewed because he works for IBM, but does the message bear out where the messenger might be tainted by some bias?
IDC and Forrester don’t track specific numbers, only market share, so comparisons between the number of Oracle databases on Linux and Windows are hard to come by. However, Yuhanna told me during our call that Windows customers are a “lost cause” to Oracle because by and by they are completely content with SQL Server and would be hard pressed to switch soon, if ever. But Linux is growing by leaps and bounds, and Unix is still there to be cannibalized. Oracle, Yuhanna said, might be using Linux not only as a moneymaker, but as a defense against losing more market share to SQL Server.
Oh, and they might acquire Red Hat. Maybe. Stay tuned to SearchEnterpriseLinux.com and sister site SearchOracle.com for more on this soon.
So another LinuxWorld Conference and Expo has come and gone — but what’s this?! Where’s the Linux?!
Sure, it was there in sessions on interoperability between Linux and Windows; and in Novell CEO Ron Hovsepian’s “can’t we all just get along” keynote; but overall this year was one to remember for all the things that weren’t 100% Linux-related.
Take the conference that happened concurrently with LinuxWorld, for example. The Next Generation Data Center conference was a treehugging lovefest with sessions devoted to “green computing” and power and cooling. Our brothers and sisters in arms over at SearchDataCenter.com had a field day talking with users and analyst sat the show about these and many other topics, including Site Editor Matt Stansberry. Matt flew down on a puddle jumper from Oregon to cover the show alongside myself and Sr. SearchEnterpriseLinux.com site editor Jan Stafford, and I’m happy to say he was able to basically commandeer our good friend Andy Kutz’s afternoon keynote on greening the data center. SearchDataCenter also managed to corner Andy after the session and get some thoughts up on YouTube, which was an interesting venture to say the least.
Then there was virtualization; a topic that dominated LinuxWorld’s of the past, sure, but seemed to really come a boil in San Francisco last week. At InternetNews.com, writer Sean Michael Kerner described it pretty well, leading off an article with, “If this week’s Linux World were to be summed up under a single theme, it would be penguins gone virtual.”
“Gone virtual” they most certainly did, with the virtualization track getting nice traffic from attendees and from Jan, who threw together a few cool videos on virtualization, Linux and everything else in between with her trusty (and inexpensive) Flip video recorder. A side note: That thing’s pretty good for YouTube quality video. One hour point and shoot recording time for $150? Yes please! /shameless promotion.
Bernard Golden, one of our expert contributors at both SEL and SearchServerVirtualization.com, penned a nice recap of the virtualization news from LinuxWorld that addressed the debate surrounding the Xen vs. KVM camps. Is fragmentation a good thing when we’re talking about virtualization technologies? Read Golden’s column and see if it answers your questions or creates new ones.
Of course, this is but a sampling of our LinuxWorld 2007 coverage. For more, I encourage you to head over to our LinuxWorld conference page and see what SEL, SSV and SearchDatacenter.com had to offer. The page is getting new content every day as we add some post-coverage content too, so check back often.
Meeting people who develop new products and start up companies is a fun thing to do at a show. AT LinuxWorld 2007 in San Francisco this week, I talked with Laura Merling of Krugle Inc. about Krugle Enterprise Appliance, which is in beta now and heading for release within weeks. Krugle has made a code search engine for in-house and independent enterprise-level software development. This code search system searches across heterogenous code repositories amd other tools in the development lifecycle. Merling says it can also be used as a watchdog. Merling told me that the appliance can be used to track progress on projects, for one thing. For instance, she’d talked with a company that had hired a firm to do some development work and got burned. A week before the code-freeze deadline, the company demanded that the outsourcer show what had been done and found that only a bit of the project had been done.
“They had been fooled because they could see that updates had been made to a massive number of files, making it look like lots was going on. When they actually went in and looked at the changes, they saw it had been things doing a global change, replace on the logo. Needless to say, the release date was missed.”
In my view, Krugle’s appliance could help software developers. To succeed in the enterprise IT department space, however, the marketing team will need to get traction with companies that develop their own apps in house, which are usually larger firms. The big question: Is tracking code a big problem for these companies?
The latest Linux kernel release is out and about today. Hold onto your hats!
We (the -stable team) are announcing the release of the 188.8.131.52 kernel.
This release has a lot of bugfixes and some security updates so all
users of the 2.6.22 series should update to it.
I’ll also be replying to this message with a copy of the patch between
184.108.40.206 and 220.127.116.11
The updated 2.6.22.y git tree can be found at:
and can be browsed at the normal kernel.org git web browser:
Bug fixes and security seem to be the words of the day.