Posted by Delicious auto poster
Sat, 11 Oct 2008 07:19:26 GMT
- Axiom Stack – About
- Quick Axiom Stack Facts * All scripting is done in server side ECMAscript (JavaScript) * Axiom Stack provides a unified object model to all content data * Built-in storage behaves like a transparent, hierarchical object database * TALE templating language, a clean and concise XML based attribute system for building templates * Javascript makes language impedance issues arising from AJAX disappear * Axiom Stack is secure by default – no programming needed * Includes everything that you need to build a web application
- Posted: Fri Oct 10 15:18:55 UTC 2008
Click here for all of my del.icio.us bookmarks.
no comments
Posted by Jonathan Altman
Thu, 04 Sep 2008 18:23:00 GMT
He’s said it before in many different ways, but I finally found a bunch of statements in a single posting of his that summarizes his what I think is very correct thinking about terrorism prevention:
The problem with building security around specific targets and tactics is that its only effective if we happen to guess the plot correctly. If we spend billions defending [target type A] and terrorists bomb [target type B] instead, we’ve wasted our money. If we focus on [event type X] and terrorists attack [event type Y], we’ve wasted our money.
[...]
The following three things are true about terrorism. One, the number of potential terrorist targets is infinite. Two, the odds of the terrorists going after any one target is zero. And three, the cost to the terrorist of switching targets is zero.
We need to defend against the broad threat of terrorism, not against specific movie plots. Security is most effective when it doesn’t require us to guess. We need to focus resources on intelligence and investigation: identifying terrorists, cutting off their funding and stopping them regardless of what their plans are. We need to focus resources on emergency response: lessening the impact of a terrorist attack, regardless of what it is. And we need to face the geopolitical consequences of our foreign policy.
In 2006, UK police arrested the liquid bombers not through diligent airport security, but through intelligence and investigation. It didn’t matter what the bombers’ target was. It didn’t matter what their tactic was. They would have been arrested regardless. That’s smart security. Now we confiscate liquids at airports, just in case another group happens to attack the exact same target in exactly the same way. That’s just illogical.
The problem is it’s much harder to make it look like you’re doing something so when the next attack comes you can say how much work you were doing protecting target type A and event type X, and the only way you could have prevented the attacks on target type B and event type Y would be more resources.
Posted in personal | Tags Schneier, security, terrorism | no comments
Posted by Jonathan Altman
Mon, 11 Aug 2008 19:21:00 GMT
So I disagree with the way the argument in this post is framed, but I am glad to see the “mainstream” tech press realizing there’s a better way to get to SOA:
A growing number of companies are finding that lower-visibility Web-oriented architecture (WOA) developments, spawned through grassroots movements, are a better route to the service-oriented architecture. WOA, like SOA, is an architectural approach to system design, though WOA is resource-oriented rather than service-oriented. What’s the difference? While the core SOA design unit is a reusable service that fulfills a distinct business function, resource-oriented services are more limited and data-focused.
SOA and WOA work at different layers of abstraction. SOA is a system-level architectural style that tries to implement new business capabilities so that they can be consumed by many applications. WOA is an interface-level architectural style that focuses on the means by which these service capabilities are exposed to consumers. Governance, quality of service, security, and management are of equal importance, whether the functionality is being delivered via SOA or WOA.
I think the delineation between SOA design units as a service fulfilling a distinct business function and WOA as a resource-oriented service being more limited and data-focused is so much dissembling for SOA being an attempt to force a top-down, waterfall-based model on what services you offer in your architecture versus an iterative or even agile strategy of building the individual services and then gluing them together.
I think SOA was also overblown in the framework for tying them together, which is the root of this problem, and leads to the conclusion I made up above. Put a bunch of webservices out there that handle orthogonal responsibilities, make it easy to access them (personally, preferably with easy HTTP/POX or a light SOAP layer), rather than a huge management stack that services have to a priori fit into, with the up-front design and overhead that comes with it.
Posted in technical | Tags advocacy, POX, services, SOA, SOAP, web, webservices | no comments
Posted by Delicious auto poster
Sat, 26 Jul 2008 07:19:55 GMT
Click here for all of my del.icio.us bookmarks.
no comments
Posted by Jonathan Altman
Fri, 25 Jul 2008 15:44:34 GMT
So ordinarily, this post would have gone up as a link in del.icio.us, but the interesting part of it is actually a single quote that flows in the article but is not the main point. So I will just crib the interesting part here. It is worth reading the entire post as it is interesting, but what I want to call out is:
bq.IMO the real underlying problem is that as long as programmers expect to write a class and flip a switch to get a service or one or more RESTful resources then we have nothing really but RPC masquerading as something else. Both resource and service advocates would be well-off in trying to move the developer community to get past the “class is all I need” stage. If REST is successful in getting developers to get their hands dirty more power to it.
Posted in technical | no comments
Posted by Delicious auto poster
Sat, 19 Jul 2008 07:19:37 GMT
- “What does the word “Quality mean?
- it has few known defects in its current state, we have high confidence that we will not discover defects in its current state over time, [and] we will not create further defects…as we add to or alter its functionality in the normal course….
- Posted: Fri Jul 18 02:07:04 UTC 2008
Click here for all of my del.icio.us bookmarks.
no comments
Posted by Jonathan Altman
Wed, 02 Jul 2008 06:07:00 GMT
Paul Graham first wrote about a strawman hypothetical programming language blub that examined the constraints that people who choose to stay firmly embedded in only one language seem to impose upon themselves and their programming capabilities and creativity.
Steve Vinoski, who has been writing a bunch about some of the failures of RPC-style distributed systems technologies (and should know, having been involved in CORBA), I think just extended the theme to distributed systems programming here.
Posted in technical | Tags advocacy, blub, RPC, services, web, webservices | no comments
Posted by Delicious auto poster
Sat, 21 Jun 2008 07:19:42 GMT
Click here for all of my del.icio.us bookmarks.
no comments
Posted by Delicious auto poster
Fri, 06 Jun 2008 07:19:36 GMT
- Heroku
- Rails-based competition for Google Apps. Ruby, Rails, EC2 hosting, and an environment to make it easy to build/update/manage apps
- Posted: Thu Jun 05 00:25:34 UTC 2008
- Prototip 2 – Create beautiful tooltips with ease
- Prototip allows you to easily create both simple and complex tooltips using the Prototype javascript framework.
- Posted: Thu Jun 05 00:25:34 UTC 2008
Click here for all of my del.icio.us bookmarks.
no comments
Posted by Delicious auto poster
Sat, 31 May 2008 07:19:30 GMT
Click here for all of my del.icio.us bookmarks.
no comments
