As with all its operating system releases go, Microsoft is again going to miss the shipping deadline for Windows Vista. There already as a lot of items out there so I am not going to add to that nor give any link. But it leads me to think, when will MS deliver a piece of software on time. Not able to resist a temptation, this is a very good article on Windows and Linux and their delivery schedules.

It seems though that MS has (finally) realised that there exists a problem and is changing it organizational hierarchy to address this issue. Microsoft has tasked Steven Sinofsky who headed the Office business. It seems that Sinofsky has a reputation for being a no-nonsense taskmaster and a person who gets things done on time. Whether he manages to turn-around the division to fuel growth and meet deadlines remains to be seen.

I have been a fan of open source software, specifically Linux for a long time now. Even when I earned my living through Windows, I loved playing around with Linux. Till recently I did not play with any open source applications and open source was becoming just a hobby. Some time back one of my colleagues showed me two products called Zope and Plone. I thought at first those are goofy names for products and didn't think much of it.

I was planning to launch my website for a long long time now. But I never had enough time, resources or skills to do it. I slowly developed it and then one day I launched my website. And guess what I am using? A part of LAMP architechture, Linux, Apache (front-ending Zope and Plone), Python and I am loving it.

Recently I started putting photos on the website. But the functionality was not good enough. Some products were broken (CMFPhotoAlbum and CMFPhoto) and some didn't work. But Plone 2.1.2 has builtin support for handling photos (more about that later), but it was not providing me with navigation links and when I chose different view method, it used to give me an error. I fought with it for two days without success, then I gave up and registered myself onto SourceForge.net and put in a request for help. I received replies almost instantaneously and I worked with Matt (I don't know his full name, but I suspect he is from New Zealand) and he pointed out that there was a bug in the system (Yes!! I found out a bug) and he suggested a fix which worked like a dream.

I will be soon submitting (like today) a bug report to the Plone development team and I hope to contribute to open source software movement as soon as I finish learning Python and plone programming. What amazed me was the speed and the quality of response I recieved from Matt and the overall open source community.

Ok granted that the open source products are not mature and may have many bugs, but the support that you get from the community is amazing. And this too from people who work in the spare time and do not stand to gain financially or otherwise. The entire thing took me less than 24 hours to resolve. I would be surprised if I get the same turn around time from proprietary vendors.

As a part of my job responsibilities and growth plan in my organization I was supposed to undergo an examination to test my technical competence and knowledge. While studying a section on application administration something caught my eye. One part of the subject was on analysis of prominent services of web servers and application servers. While outlining the reasons why performance issues might occur in a web application, one of the reasons given was security. Risking copyright infringement, I am pasting the line verbatim:

In my attempt to host pictures on my websites, I tried out multiple things. From evaluating different products (CMFPhotoAlbum, CMFPhoto, ATPhoto) to installing add-on components to modifying source code. I learnt a lot of things during those two days (nights)  when I was trying to get it working. I initially thought about just posting a note here, but then I thought I won't do justice to the entire content and let my thoughts trail off here. So now I have decided to write up an article on my experiences and learning so that someone else can benefit from it and not waste so much time in doing the same thing.

In a nutshell, the lessons I learnt are:

1. Plone can handle photos natively since v 2.1. Just change the view from standard to thumbnail.
   
2. You need PIL / JPEG support installed on your linux computer / python compilation for it work
3. There is bug in the ArcheTypes product in the way plone renders the image using the image_view or atct_album_image viewing method. More on that later.
4. If you are stuck anywhere, ask the experts. Open source community is so much helpful and forthcoming, it would be a waste not to ask for help.
   

Do you know or ever wonder why cyber bad guys succeed in their attempts to well, do bad things to your computers, despite the kind of awareness that prevails? One of the reason I feel is there is no concentrated effort against them. I recently joined up a mailing group called stopbadware. I was reading through the emails and I realised that many of the people are upset about the bad guys and the threats they pose and want to do something about it. Each one has its one views / opinions about how to tackle it and once they feel that they cannot have their say or can't agree to the current, they leave the group and start another one with roughly the same mission.

So far I have seen:

1. APWG - Antiphishing Working group
2. Stop Badware
3. Cleanware
4. Clearware (coming up)
   
5. MS-ISAC
6. Security software vendors websites
7. Innumerable forums
8. Technology magazines
9. Certification bodies (ISACA, ISC² )
   

I am sure that I have seen just the tip of the iceberg (or even less) and there is a lot more to this. Frankly this effort is not good enough. Everyone has a limitation in what they can see and report or even notice. Because of this you are more likely to miss out some things. Every vendor has its own method to fight badware and justifiably so. But what would make it effective is a single place for a list of all existing badware. I know this is a very lofty goal and risking the same thing, I would say, I would make my website the destination for this. As of now, I am the lone ranger maintaining and updating the site. But if I get help from people in anyway, I feel I can build a decent database and a go-to place for people looking to protect themselves from badware.

Another group to tackle the phishing menace has spawned up. This time headed by Symantec. Well, this is not a new group strictly speaking, this group was run by WholeSecurity with Symantec acquired recently. But Symantec will definitely will bring a different focus and additional resources to this group.

But the point is, why another one? Symantec itself is a member of APWG, so why not pour more resources in that effort instead of creating a separate group or running a separate group. I think APWG would have been more than happy to give Symantec credit and exposure for its contributions if that is what Symantec was after. That according to me would have made a considerable difference.

Instead of having such uncoordinated efforts, if we can have a some coordinated effort, I am sure we can make a greater headway against the menace and the bad guys.

According to this report on Bloomberg, Microsoft, Oracle and Intel is pressurising the US government to raise the H1-B visa cap to 115000, almost double to the existing cap (current cap is 65000). Microsoft says that otherwise it may be forced to move more jobs abroad as it finds difficulty in attracting and retaining talent. As per Jack Krumholtz (Managing director for Federal Affairs for Microsoft, Microsoft has a couple of thousands positions for which it cannot find the right people and if the situation persists, Microsoft may be forced to do more of their development abroad.

Bill Gates, Cheif Software Architect of Microsoft recently said while in Washington DC that by limiting the number of technical professional work can come into US for work, US would pose a serious threat to US competitiveness with more and more number of competitive technical education institution of higher caliber appearing in India and China.

Not long ago I read an article on the same lines which essentially compared the US steel and automobile industry in wake of increased inflow of IT professionals. Industry experts and analysts felt that by protecting the industry from outside competition, the government is infact making it prone to failure similar to the steel industry in US. Whereas foreign competition in the automobile market made it stronger and stronger and brought it to a place where it is now.

With the third world countries like India rising up meteorically to a dominant position in technology industry, it might serve well for US to lift the cap on the number of H1 visas.

Its been delayed so often that it is becoming a joke. Ballmer has said that the consumer launch (which means for people like you and me) could slip further based on feedback from beta release program and product road maps from hardware vendors. What it really means is there are many many bugs still in Windows Vista and that the hardware requirements are so high and / or that the hardware vendors have not yet figrued out a working configuration for Windows Vista.

Let's assume that Microsoft will finally release the OS sometime next year (let's say April 2007). Why should I buy the OS? Just because it is new and Microsoft will not support older versions? Maybe. But what if it's going to pinch my purse as a home users too tightly? Or it does not match upto expectations? Why shouldn't I move to Linux or even Mac? What does a home user really need when using PCs? Internet, browser, office applications. That's it. There are some people who play games... Serious gamers. But then that's a small percentage of user community.

All the above applications are available on other OS in some form or other and at a lower cost. That is going to be a real possibility. So after so much of delays and slips, people may decide, "Why bother?". Microsoft might also want to ask the same question to themselves.