open source days

Oct 04 2008

Why openID will fail

Martin Strandbygaard just gave an introductory talk about openID, at Open Source days in Denmark, Given the recent discussion about openID and security, mostly the phishing opportunities it created I was interrested to hear the talk.

Yes I have an openID, I use it at like 2-3 sites.. why.. because most of the sites haven't adopted yet..
Martin gave an overview of different sites already allowing people to use openID to log on. And also which sites today allow you to create an openid identity with them that you then can use elsewhere. Yes you can use your LiveJournal, or Yahoo Account as an OpenID. I'm not doing that. I'm running my own Open Source Open ID server (funny he didn't touch that subject).

When he continued to discuss adoption he mentionned that even the company from RedMond was starting to allow people to logon with their OpenID , however just an OpenID from a restricted set of OpenID servers.

I asked where on the Yahoo site I could log on using an OpenID, and my fear was confirmed, you can't. So yahoo indeed is promoting OpenID, but why .. so they can see which other services their users are using so they can quickly acquire them ?

And according to Martin different other sites that allow OpenID authentication are gearing towards allowing just a limited set of OpenID services, the ones that they have partnerships with.

Now I don't want to use a 3rd party OpenID server, I have my own.. I want to control my own data. For services that use the above mentionned mode, trusting a limited set of openidproviders, my presonal OpenID is useless. I would once again endup having to sign up with different OpenID servers , which kind of makes the whole idea of not having to keep different username/password combinations around void :(

One of the questions from the audience was about how strong the authentication of an OpenID logon was. fact is that you can make it as strong as you want. If you build an OpenID server you could go with plain text authentication over http, basic authentication over https or even build an authentication system based on a challenge response framework.
The bigger question however is how and what data goes to the OpenID consumer.

So apart from the existing security challenges today , there are a lot of organisatins claiming to support OpenID, while they actually aren't, and that's the first blocking factor for quick openID adoption. And the ones that are adopting aren't doing it open enough.

I fear it was a nice attempt .. but I don't really think it's going to be a big success.
It should have taken of allready ..

Oct 04 2008

Open Source Days 2008 , Day 2

As I was already up since yesterday 0500 , it was dinner with Sven , Robin and some other conference visitors at a Turkish Buffet place , after which we headed to what seemed to be a great bar where they failed to serve us while waiting for over 10 minutes, so we moved on to another place. and then to be "early"

After walking around a bit in Copenhagen and looking for a bus stop to go to the university I managed to bump into Wim & Co who offered me a ride to the IT University. Where I was almost in time for the first talk by
Jan Wieck about Slony-I, A master to multiple slaves-replication system for PostgreSQL
Given my recent MySQL MultiMaster setups I was fairly interested where PostgreSQL is at today.

Jan started out with explaining where he used replication the most,
For backups and Specialized services so he could offload long running and intrusive reporting tools to an isiolated server.

While going over the history of Slony he also mentioned eRserver, first written in Perl later rewritten in Java and that was a ... Well lets just say that memory usage wasn't really ideal.

The presentation covered different potential replication scenarios and the problems one could run into.
No sign however of multimaster replication. Jan Wieck even told us he had no plans to implmenent multimaster replication
at all at the moment. To me MultiMaster means that I can move my database connection together with my application service in a HA setup. I don't need to wory about the possibility of writing in a slave and breaking replication as the slave is also a master and the other node Will catch up.

Next up was a talk about openID, which made me realize a couple of things about it.. all off that in a separate post :)

The University restaurant was open and you could pay for your Chilli Con Carne to a really Grumpy cashier which brings me right to the next talk I followed.. A Developers Guide to Grumpy Old Sysadmins however, the majority of people in the room were Sysadmins , or people with a mixed role doing both development and sysadmin work.

You don't let your developers even close to your production systems. He then went on to read a fairly big part of "Over Clocked, Stories of the Future Present " by Cory Doctorow , which I've promptly put on my holliday reading list :

So what's it like being a sysadmin ? You get calls in the middle of the night because a system breaks,
When you work you .. people complain when things go wrong.. they don't cheer when things go right or when you have done your job correctly

Reminds me of this situation at a customer where the Cisco people that fail to automate their work and get to travel around the qworld to do their work using their serial console , where as the Linux platform team has automated their work so far they get to stay home and watch the machines boot then do a quick check over ssh to see if they actually work.

Anyhow.. the talk really wasn't focusing on how developers could cooperate better with sysadmins, apart from a couple of general tips so it really missed its goal.

I popped into the Lightning talk about Ubuntu on EEE talk , hoping to learn something, apart from 1 url that I should read I guess it was the otherway around , it's usually a bad sign when a speaker starts every 2 slides with "I haven't tested this myselve but " ...

Oct 04 2008

Open Source Virtualization

I've just placed the presentation I gave both yesterday at the Open Source Days in Copenhagen , and last week in Zurich at the Open Expo , about Open Source Virtualization online.
The presentation is based on a series of articles I wrote earlier this year for

You can download it here

The presentation covers a fairly complete overview of what's around in Open Source Virtualization tools and and their Management frameworks.

I will be giving the same presentation again at the end of the month at T-Dose in Eindhoven, The Netherlands

Oct 03 2008

Open Source Days 2008 , Copenhagen, Day 1

I'm expecting different people not using Dopplr to come back to me next week and tell me they were in Denmark also , as Copenhagen is the place to be this week(end)

I was late for the first talk on how to automate a large scale school environment with gentoo. So I missed the rationale for the development of DIPO, and I didn't want to bother the speaker with questions he had already explained in his earlier slides, however .. it spelled "reinventing the wheel" all over again.

The second speaker apologised for being late on schedule as the first speaker had to compile everything. Nigel Kersten from from Google talked about Puppet, need I say more.. it was great :)

So lunch is really really early here as from 11u30 on , however I didn't mind as I was up since 5 , so I actually was pretty hungry :)

After lunch 3 talks and a Keynote were scheduled. In order not to be late for my own talk I headed into the Open Solaris Storage talk ... , not really interesting :(

Funny quote from the talk however "The clients are still Linux, but the server is already solaris"...funny thing to say ... certainly for a dying breed.

My own talk was fairly well attended, people were sitting on the stairs in the Auditorium and there was a lot of Q&A after.

As said in my talk last week in Zurich I don't think
Sun has a really clear message with what they are doing with xVM etc
So the talk aftermine should have cleared that out shouldn't it.
Well it didn't , all I got back from it was .. "We ported Xen to Solaris" , and "Our demo doesn't work because of a funky dns problem."

So Robin Rowe is keynoting about about Linux at the Movies.. and tonight it's off to the Social event .. well one of them :)