January 2008 Archives

It’s been an exciting week in the XML-based Open Documentation arena. The Burton Group released a report outlining a list of supposed ‘reasons’ why OOXML is a superior format than ODF.

I’ve written on this before, and I will make no qualms about the fact that I am firmly in the ODF camp. In fact, a number of the things that the Burton Group views as strengths of OOXML, I view as weaknesses. For instance, the Burton Group mentions that OOXML is more closely related to the old binary formats, which makes it superior for interoperability purposes.

As the ODF points out in their rebuttal, these sorts of arguments, which abound in the Burton report, completely fail to make a distinction between file formats, and the applications that use them. Open Office, the most well known of the office suites that use ODF, also supports the old binary Microsoft formats, not as well as Office, but they still support it. The Burton report reads like a Michael Moore book. It’s filled with partial facts and half truths, making broad jumps of logic with very little proof. The report even goes so far as to suggest several times that even attempting to compete with Microsoft was folly, and a waste of time.

There may be no direct evidence that Microsoft paid for this report to be generated, but the bias is still painfully evident.

The report does say a few things that are almost certainly true. OOXML is likely to win due purely to the fact that it is supported by Microsoft Office. Microsoft Office is incredibly prolific particularly in Business, and that position will be easily exploited by Microsoft to push OOXML into acceptance. But that does not make it a superior format. The ODF does an excellent job defending their format in the above link, so I’ll let them do it.

Things have still been moving in a good direction, despite the obvious FUD. Microsoft has agreed to release the specs for the old binary Office formats as part of their Open Specification Promise. Furthermore, they’re going to begin an Open Source project (though whether it will meet the OSI definition remains to be seen), detailing how to convert from the old Office formats to OOXML.

People are excited, particularly the teams who’ve spent the last decade trying to decode those formats. This project should aide greatly in interoperability for both the old and new formats, making it far easier for non-Windows boxes to integrate into a primary Windows network. Interoperability is key at this point, and while ODF may lag behind OOXML in acceptance, that is going to be because people are already familiar with Microsoft’s products, not because of any technical superiority.

I’ve always liked Rudy Giuliani. If you look at his history, this is a man who resembles everything a civil servant should be. From his time as Mayor of New York City, when he made Manhattan a place where it’s safe to walk the streets at night, to his time in the 70s and 80s working for the Department of Justice attacking corruption in Government and taking on Organized Crime. This is a man who’s devotion to public service has shown through the last several decades of not only his work, but his tumultuous, and all to often highly publicized, personal relationships.

With that said, I don’t think that Giuliani will possibly earn a Republican nod for the presidency this year. A large part of this is the poor handling he’s received from his campaign managers, who have allowed him to be turned into a candidate who stands only on his electoral position during the September 11, 2001 attacks, and who is wholly unable to be a decent husband. Of course, the inability to be a decent husband shouldn’t be too much of a detriment after sitting through 8 years of Bill Clinton. To Giuliani’s campaign director, where is all the history of Giuliani’s fighting against organized crime and corruption? You want to win the Republican nomination, but you refuse to talk about the bribery conviction of Bertrand Podell? What about the famous Mafia Commission Trial? Giuliani certainly provided strong leadership in the wake of the 9/11 attacks, but his public service record is so much more, and so much more impressive than much of his competition.

All that aside, Giuliani recently wrote an Op-ed piece for the City Journal, entitled The Resilient Society. In it, he discusses America’s successes in combating terrorism both at home at abroad, and why we have so much more to do. The piece may seem sensationalist at first, latching on to the community of fear that exists in this country today, and that Giuliani almost seems to have been building his campaign on. Digging deeper into the article, while it seems Giuliani may be over emphasizing the risk of another terrorist attack on American soil, his key message is clear.

America should always hope for the best, but we will be safest if we prepare for the worst. A free and open society will never be able to eliminate risk entirely. But we can reduce it and manage it.

He proposes many things, some of which would take decades to fully implement, but in the end could make us all safer, without infringing further on personal liberty. In New York City, under his watch, the NYPD implemented CompStat, a combination of procedure and technology that has aided the NYPD in managing crime in their streets. It is a process which sits on top of existing data structures to make it easy for Police officials to map crime patterns, and determine how best to utilize resources. While Giuliani may not have been instrumental in the development and implementation of this system, he does have direct proof of it’s effectiveness, and it helped his job of cleaning up New York immensely.

By extending the ideas learned under the CompStat program to other disciplines, such as Border Control and Emergency Response, we can better analyze trends, and focus on how to respond to them far more efficiently. These analysis systems would allow officials to respond far faster to events which may not seem abnormal on first glance. If a city like Chicago begins to see a spike in Mercury poisining cases at the local hospitals, this could be automatically brought to someones attention faster than if it depended on a single institution or individual noticing and reporting the trend. Admittedly, an automated notification process will likely result in a fair number of false positives, but false positives will be reported early enough that they can be investigated without a panic being raised. It is unclear if such a program is as helpful as Giuliani claims, though in my mind better methods of analyzing patterns (which incident databases and GIS can provide), are never going to hurt.

CompStat style programs help to fulfill Giuliani’s first Homeland Security principle of Prevention, particularly when paired with improved communications between agencies at local, state, and federal levels. However, he does acknowledge that nothing is perfect, and that we need to be prepared in case of emergency. Unfortunately, not everyone is prepared enough. As Guiliani states, Hurricane Katrina proved that we are not always as prepared as we need to be, though I place that blame firmly on the shoulders of the City of New Orleans and the State of Louisiana, though their failure has forced FEMA to change their role to be more proactive. Giuliani attributes much of the City of New York’s success in responding to the 9/11 attacks to the emergency drills ran by civil servants throughout the city, which helped prepare everyone for the event, even though they’d never run a drill for that particular event.

Traditionally, American’s have always been quick to preparation, which is why it saddened me so much to see such an immense failure in the City of New Orleans. RACES holds regular drills for amateur radio operators to prepare for emergency conditions, the National Guard (as heavily utilized as they are in Iraq) trains regularly to be prepared to respond in defense of the homeland. All across the country citizens prepare in the event of a disaster.

Yet somehow, the city of New Orleans was caught completely unaware when Hurricane Katrina came barreling down on it. There was a complete failure to prepare from the local to state to federal levels. I believe it wasn’t the Federal Government’s responsibility to prepare, but perhaps they should have tried to step in when the incompetence of Louisiana and New Orleans became apparent.

Despite the lack of preparedness in that circumstance (which I believe to be a unique instance), the resilience of Americans was proven in the aftermath. Giuliani describes a charity organization being formed within 72 hours of the hurricane, that was able to move 75 times the number of supply trucks into the devastated city as FEMA within a week of creation.

In December of 1941, once the Japanese attacked Pearl Harbor and President Roosevelt declared war, the American people banded together, turning over huge amounts of supplies to be recycled in support of the war effort. The sacrifices made by Americans at home to support the war abroad was significant, and in the end, the resiliency of the American people and their willingness to band together to help no doubt aided in ending the war.

Global Disasters, the American people always give far more than any other nation. Just because our government isn’t writing the check, doesn’t mean that the people aren’t giving. As a whole, the American people are concerned and generous when it comes to disasters either at home or abroad, and it is our preparation and resiliency that make us able to do that.

Giuliani’s writing helped to remind me why this country is so great. Why this country is the greatest nation on the planet. While I disagree with some of his points, particularly about the Patriot Act and the use of civilian informants, I believe that the systems he describes can be implemented in such a way that trends quickly become evident.

I don’t think Rudy Giuliani is going to win the Presidency. I just hope that whoever does takes into account some of what he’s had to say. By focusing on Prevention, Preparedness, and Resiliency, we can begin to restore some of the lustre to this country. Giuliani wants to make this country truly secure, and not the bizarre fear culture in which we live today.

Recently, Jeff Atwood over at Coding Horror, posted regarding how Computer Science is taught, and how he feels it should be taught. Apparently, Joel Spolsky of Joel on Software, has also recently weighed in on the issue. Spolsky, whom I don’t read regularly, began his post with a quote from CrossTalk

“It is our view that Computer Science (CS) education is neglecting basic skills, in particular in the areas of programming and formal methods. We consider that the general adoption of Java as a first programming language is in part responsible for this decline.”

This discussion isn’t anything new. A coworker I have today graduated ten or so years ago, had the same remarks regarding an institution which neighbored his alma mater. The neighboring institution was so theory based, that the students graduating from it were unable to work in Industry. The key logical fault being made by those arguments, is that Computer Science has different goals than Software Engineering. Certainly, Software Engineering is based heavily on the ideas of Computer Science, but while they may solve similar problems, their intent in solving those problems in greatly different.

Atwood laments how many fresh graduates know nothing of Source Control, and I share that view. Source Control should be more prevelant among researchers, as it provides a strong record of the work they’ve done. As it becomes more prevelant among researchers and professors, it will become more prevelant among students. In some respects, I was lucky. The education I received at Montana State University was targeted largely toward Software Engineering. Too much so, I’ve grown to believe. My theoretical background is weaker than I wish it was, and I know that partly my inability to appreciate Mathematics when I was taking pure math courses is largely responsible for that.

I agree with Spolsky’s conclusion. Programs in Software Engineering are necessary for what most people are trying to achieve with Computer Science degrees. Most software engineers don’t really need to know the theory of Turing Machines and Finite State Automata. Most Software Engineers don’t need experience writing code to prove theories and concepts, but need to write code that accomplish tasks.

The best courses I had in College were the ones where we actually produced a product. Where our program had to do something, be interactive and usable. But that wasn’t the focus of the program, because I was, in theory, being trained to be a Computer Scientist, not a Software Engineer. Aside from a single Professor, every last one of my instructors was bore within Academia. It’s what they knew. It’s what they cared about, and these days, I’m giving a lot of thought to returning to Academia, and working more with the theory.

Spolsky and I clearly aren’t the only one’s who thought that Computer Science embodies different goals than Software Engineering. Steve Yegge writes about Wizard Schools, an idea which talks about professional Boarding Schools modeled after JK Rowling’s Harry Potter universe. In this idea, students go to boarding school from 11 until 18, taking hard core software engineering curriculum for seven years. When they get out, they are all easily the top software engineers available to industry, they are fast typers, and they literally think in code. It’s an interesting read.

Will Universities ever be able to fulfill the needs of Software Engineering curricula? I’m not sure. I suspect not, and I suspect that more vocationally oriented programs, not quite “Wizard Schools” probably, as who wants to damn their 11-year old into a field they may not enjoy or be cut out for? Wait, maybe I’m thinking too much into people’s parenting ability. Anyway, even the existence of Vocational programs, which can exist alongside academic programs, but might not do so quickly enough to matter.

We require both kinds though. Theory still has a place. Academic Research still has a place. Sure, research can exist within industry, but it ends up so laden in Intellectual Property issues and patent problems that it can’t thrive. While we need to acknowledge that a degree in Software Engineering may be necessary for Industry, Academia should not give up on pure Computer Science, for those students who actually want to pursue that path. While a PhD is Computer Science may never mean much in Industry, perhaps a PhD in Software Engineering can be made to return prestige to the Academic process in our industry.

Electronic Arts recently approved the porting of the original Sim City to the OLPC XO Laptop. As a kid who grew up playing Sim City, I think it’s fantastic that a new generation of children will be introduced to computing and gaming by this fantastic, simple economic simulation. Sim City has always held a special place in my heart. Hell, I used to refuse to restart cities until they either failed, or I was simply out of room to do anything.

I remember once, I experienced a nuclear meltdown in the very first year of a new city (always built Nuclear, why bother with Coal?). Rather than scrapping that city like a reasonable person, I rebuilt across the river, my city scrimping along on virtually no money and almost a quarter of my land unusable due to nuclear contamination.

I managed to turn that game into a successful city that one day reached Metropolis status. Sim City is one of the few game franchises that has managed to remain relevant and entertaining over all these years. Sure, the new features hasn’t always been fantastic, and often have taken a revision or two. Like water in Sim City 2000, worked alright, but you could run a surprisingly small number of mains. In Sim City 3000, a sector had to be a certain distance from a main in order to have water, which makes more sense when looking at water mains. Plus, as a player you had more control. I’m sure the traffic features introduced in Sim City 4 will be improved greatly in the next revision of the game.

Despite the improvements in the series over the years, the original game still has a lot of charm, that the other games haven’t quite managed to match. This new release of the source code and game files for Sim City (rebranded as Metropolis for this release), was welcome to see. Now, the game will live on for a good long while, being improved by the community.

The first thing I think the community should improve upon? Well, they went through and removed the Plane Crash disaster from the game, due to 9/11 they claim. Why are we not allowed to be reminded of 9/11? It was a tragedy, certainly. It was the greatest loss of innocence of my generation. But to try to remove and hide anything that might remind us of it, is ridiculous. Low on my pending project queue is to fix this stupid omission, and release it as a patch, unless someone beats me to it.

So, go grab Micropolis, and either relive the fun of our youth, or experience one of the pinnacles of gaming for the first time.

Yesterday, Donald Knuth, the preeminent professor of Computer Science from Stanford, who is easily the most well known person in Computer Science today, at least from a Programming perspective. Over the years his papers and thoughtful letters on the science of programming have been a welcome change for those of us who actually write code.

Donald Knuth is not the father of anything in Computing. The theory of computing and programming had been dreamed up by Alonzo Church and Alan Turing, but for them it was only theory. The research of Knuth has taken the Art of Computer Programming, and through the course of the three volumes of this work, converted it into a craft.

Unfortunately, I haven’t read enough Knuth to do justice to the man’s work. I’ve read a few key papers, such as Goto Considered Harmful, passages from The Art of Computer Programming and his more recent letter regarding the shady racket that is Scientific Journals.

Knuth is easily the most influential person of modern computing. The paper’s he’s been writing since the early seventies have had an impact on everyone writing code since then. Jeffrey Shallit felt that Computer Science bloggers should all talk about their favorite Knuth writing in honor of his birthday, and how he’s influenced their own work.

I wish I could do this great man justice. However, while his work has no doubt affected me in a profound manner, so much of what he’s done has become part of the common knowledge of Computer Programming, that, having read as criminally small amount of Knuth as I have, I cannot fairly attribute my knowledge to him or not. [Luckily], there are a good number of bloggers who are more educated than I.

From extending Big-O notation for algorithmic analysis, to inventing LR-Processing, to providing the strongest argument for the establishment of procedural programming from linear programming of anyone at the time, Donald Knuth has impacted every programmer’s life in an innumerable amount of ways.

What impressed me most about this celebration of all things Knuth, was what Scott Aaronson had to write about Knuth. Not about Knuth the scientist, for that he mostly talked about TeX, but about Knuth the Man. A Man who is deeply religious (I’m really curious about his book analyzing verse 3:16 of every book of the bible), but who is rational enough to acknowledge that the circumstances of his upbringing made him into the man who he is today, belief in God and all.

The beauty of Knuth, is not that he said what he said. But that he said it because he believed it to be true. Donald Knuth is a man of well-thought conviction. Everything he’s written has been well thought out. Well researched. Well considered. His opinions have often been unpopular, but Knuth doesn’t form opinions to appease others, with his opinions come conviction. It is a testament to his intelligence and attention to detail, that he has so often been correct, even though the opinion wasn’t always popular.

Evidently, Second Life has been having problems with people stealing money using fake banks as fronts. In response, Linden Labs has decided that all banks must be properly, and provably, registered to operate as a financial institution within the jurisdiction in which the operator lives.

It’s really quite fascinating, because the reasons Linden Labs has implemented this policy very closely mimic the circumstances that led to the formation of the banking infrastructure we have in the US today. Banks were opening which were offering ‘too good to be true’ interest opportunities, which were unsustainable, and the investments backing these high rates collapsed, taking the bank, and all the depositor’s money with it.

Banking is an inherently dangerous business, as was shown in the depression when one-third of banks failed in only a few years. Holding money that can be taken at any time, but has been invested largely in loans is risky. Modern banks have mitigated this by offering far lower interest on standard, easily liquidated, accounts in favor of bank investments (CDs, and the like) which have steep early withdrawal penalties.

Linden Labs really wants Second Life to be a reasonable virtual counterpart to the real world. L$ as directly convertable to real world money, they’ve got systems in place to facilitate virtual ownership of goods, and everything is transferable. The economy is based on a real economy, and in theory Second Life is a great means to do business.

Of course, Second Life is likely going to fail in it’s grand experiment. The technology just hasn’t met up with the idea. It isn’t emotive enough for true interaction, and quite a lot is lost in having to communicate via typing (voice communication is in the works, though I know not how well it will operate). The world is filled with people who enjoy engaging in disruptive behavior, whether it be sexual in nature, or merely grief causing. Admittedly, some of the grief caused in Second Life is really funny, but a lot of it isn’t and is simply destructive.

I got an e-mail back from the Software Freedom Law Center regarding my complaint of D-Link violating the GPL for busybox for the DIR-615 rev A1. It was nothing exciting, merely a note that they would look into it, but I felt I would further expound upon my findings.

As mentioned before, the firmware images available on D-Link’s website are merely jffs2 images which are uploaded directly to the device, which are then used to overwrite the root drive on the system. As autopsy can’t analyze these images just yet, and the MTD driver complains when I try to mount the image loopback, I’m left merely analyzing the filesystem dump from jffs2dump, a program available in the mtd-tools package in Ubuntu.

Luckily, there are no shortage of damning dirents in the output:

Dirent node at 0x00000240, totlen 0x0000002f, #pino 1, version 11, #ino 7, nsize 7, name linuxrc

Dirent node at 0x00110a8c, totlen 0x0000002f, #pino 2, version 35, #ino 19, nsize 7, name busybox

Other entries for libc, the 2.4.27 lib directory, etc, make it clear the this is definitely running Linux, and D-Link is definitely distributing GPL software on their devices. With any luck, the SFLC will succeed in bringing D-Link into compliance.

As it stands, I’m still working on my analysis of the JFFS2 filesystem, a slight challenge as I currently have next to no filesystem experience. It does help that I have JFFS2 documentation, some experience reverse engineering file formats, and a good hex editor.

Unfortunately, all is not roses. The JFFS2 documentation suggests that a clean marker is placed on a node just after it’s been cleaned. These markers occur within the dlink image every 0x10000 bytes, which confuses me because they occur in blocks which I know are “dirty” because they contain data. It seems that, unlike what the documentation suggests, a sector is dirty if it contains a clean marker, and any other node, which would immediately follow the clean marker.

I’ve been busy lately, and I see that continuing, but hopefully I’ll be able to get a rough version of support into task by this weekend.

Not quite, but the Army’s recent decision to replace a large number of servers with Apple Mac OS X-based hardware is certainly interesting. More interesting, is that the Army has been working on this since 2005.

I don’t blame the Army for wanting to move away from Windows. Microsoft has had an embarrassing array of security vulnerabilities over the years. Including the fact that the Master Boot Record is still writable from user-space after all these years. The additional security that the Unix-based Mac OS X offers could be very interesting to the army, who is easily one of the highest profile targets of intrusion attempts in the world.

What’s interesting about this announcement is what it means for the future of Mac OS X security. Mac OS X is a reasonably secure OS. It’s based on BSD Unix, which provides better process and memory management, which in many ways leads to better security. There is a lot of Open Source software in Mac OS X (the Darwin kernel, WebKit, etc), which Apple has leveraged to keep a lot of eyes on their code.

However, Mac OS X has only rarely been the target of any attacks. By throwing their support toward the Apple camp, it’s inevitable that we’re going to see a sharp rise in the number of attacks targeting Mac OS X. While Mac OS X is a more secure kernel than Windows, it will be interesting to see how it holds up against a more powerful onslaught.

In the end, I’m surprised that the Army chose to go with Macintoshes. The cost of Apple hardware has always been high, and the Forbes article suggest that the Mac program in the Army is proving to be more secure because it’s “not Windows” more than anything in particular that the army is doing to secure the boxes.

Our military needs more secure systems, and the migration away from Microsoft is a great step in that direction, but the reasoning presented in this article is cumbersome at best. The readers at Bruce Schneier’s Blog are want to agree.

While Mac OS X is fairly secure, it is still designed first and foremost to be an easy to use and administer commercial platform. For similar reasons, I’m unlikely to choose Ubuntu as my server linux of choice, it wasn’t designed to fill that role. In addition, you can’t run Mac OS X on hardware that isn’t Apple made, you can’t even virtualize it for testing purposes.

The Army’s money probably would have been better spent on Linux boxes. The hardware would have been cheaper, support contracts are available through a variety of houses, and the NSA sponsors SELinux, a security enhanced version of the Linux kernel which gives a user far more control over the fine-grained security concerns than anything I’ve seen on Mac OS X.

Finer grained security with far less financial outlay. I can’t call the Army cash-strapped by any means, but I firmly believe the Army could have met it’s Information Assurance needs more efficiently, and more effectively. I fear that Apple made allowances within Mac OS X which will make it less suitable for such operations, but no matter what, this is going to be a huge financial boon to Apple, for their sakes, let’s hope they can weather the coming storm.

I recently purchased a D-Link DIR-615 Wireless-N Router. It’s proved to be a capable, powerful router, and I’ve been happy with it. Of course, I’m a tinkerer, always interested in knowing how a thing works, so shortly after I got the device working, I started testing it. nmap scans and p0f fingerprinting suggested the device was running a Linux-2.4 kernel, a fact corraberated by the logging mechanism within the logging mechanism within the router.

As if the fact that there was strong evidence in the network traffic and the log that the system was running Linux, the most damning evidence of all didn’t hit me until a few days ago, when a power outage forced a reboot of the router, and I checked the Router log to see when the power came back. In the log’s bootup messages, it clearly indicated that it was running BusyBox 1.1. Further curious, I grabbed the firmware update I had on my computer, and ran

file

Regrettably, my preferred forensic analysis software, autopsy and task, do not yet support jffs2 images, though I’m working to rectify that situation. If nothing else, this will be a good opportunity to further my knowledge of file system internals (the only other file system I’ve studied in detail was FAT). So, for the moment, my analysis of the software on the DIR-615 revA is at an empasse.

Of course, I knew that this meant that D-Link was distributing GPLv2 software without complying with the terms of the license (making the source available). BusyBox has had quite a few problems with this in the past, and has taken to simply informing their legal benefactors, the Software Freedom Law Center of these such transgressions. I’ve already sent them an e-mail providing proof of this GPL violation. The version of BusyBox that D-Link is pirating for this router, could potentially also be licensed under the GPLv3, which contains specific anti-TiVoization clauses to prevent this sort of activity.

Unfortunately, to my knowledge, the GPL has never successfully been tested in this way in US courts. The lack of precedent is disturbing, but the work of the Software Freedom Law Center should help that soon. D-Link has actually been found guilty of GPL violations before, except that it was in Germany, on a different device.

I was ecstatic when I learned that my hardware was running Linux, as my original plan was the build my own router, though that was cost prohibitive. Even if I could only get SSH access into the box, I’d be a lot happier with it. Ultimately, D-Link needs to do the right thing here, and release the GPL’d source that they’re using on this device. If they wrote the code correctly, this doesn’t mean they’ll have to give up any of their precious IP. While their at it, I’d really appreciate native Linux driver for my DWA-130 USB Adapter, though I’ll settle for Vista 64 ones to use via ndiswrapper.

A while back, I was playing around with Rhythmbox, my GNOME music-player of choice, and I came across the plugin for Magnatune, a new kind of internet-based record label, which sells an artist’s music online splitting profits with them 50/50. Not only that, but they also make Ogg Vorbis and FLAC versions of recordings available, and you get to name your own price, between $5 and $18 US. Not a bad deal, especially since you can preview the music before you buy it, and decide how much you think it’s worth.

This isn’t about Magnatune though, this is about an San Francisco-based artist I discovered via Magnatune named Jeffrey Luck Lucas, a Country/Folk artist. Lucas cites 40s and 50s Country music and Mexican Folk as his muses for his unique brand of music, and is able to produce hauntingly beautiful music. I think the BBC review of Hell Then Devine says it best.

Rather than the usual collection of songs, Hell Then Divine is like listening to a drunken man mumbling through his life story. Sometimes banal, occasionally bizarre, the story is somehow gripping as you strain to listen.

The music is dark and moody, but not depressing. It bends and sways like a leisurely stroll down a deserted city street. Lucas’ own deep voice calls out slowly and deliberately, telling stories he’s yearned to tell since his punk rock days in Morlock.

I began listening to Lucas because he reminded me of Tom Waits, and his sound is similar, though he stays to the haunting stories. As haunting and miserable as the lyrics are, the songs don’t leave you depressed, as Lucas’ voice contains a comfortable acceptance, a sense of peace with the world, and a general feeling of contentment.

The world Lucas’ began to paint in 2004’s Hell Then Devine, contined in 2006’s What We Whisper, and hopefully continues in 2008’s upcoming The Lion’s Jaw is not a happy world. But it’s real. The realness and honesty in Lucas’ voice will draw you in and you’ll lay happily wrapped in a cocoon of his bluesy country drawl.

Check him out on Magnatune, you’ll be able to check his music out, before deciding to buy it. And if you live in San Francisco, try to check out one of his shows. I’d be there if I could.

So, I may be a little late for my 2008 Predictions, seeing as how we’re almost 72 hours into the new year, and I may be basing some of my predictions on news from the last several days, but I still feel it’s important.

Privacy is going to be compromised more and more readily this year. And companies will stoop to more and more despicable acts to violate our privacy to make a buck. If the Facebook and the existing hacker economy have shown nothing to us, it’s that there is a ton of money to be made by harvesting and selling people’s private information, and the trend will continue. Sure, it’s nearly impossible to function these days without leaving some sort of a digital footprint, but we should have more say in how our footprints are used. Of course, to do that, we need to be more careful how big a footprint we leave.

Not that this is going to become any easier. Data is money, and as long as people are willing to pay, others are going to figure out how to harvest this data. The Storm botnet will be remembered as a pleasure memory as larger and more insidious botnets replace it. I suspect that by the end of the year, even Nugache will be viewed as quaint.

Despite being declared an utter failure this year, Microsoft’s Vista Operating System will take on a new life in Corporate America this year as Windows Server 2008 is released, which will finally make Vista worthwhile for industry. While Business will be the early adopters of Vista, I suspect home use will become the norm by the end of 2008. Vista performance will not improve appreciably, but hardware will improve, and the major vendors (Dell, HP, etc) will drop XP in their consumer lines once the business sales pick up.

Apple will continue to grow in the laptop and mobile device markets, though desktop sales will continue to flounder. The iPhone SDK will be a joke, and it will be nearly impossible for a developer to get approval from Apple to run their code on the iPhone. The AppleTV and iTunes’ video store will take off this year (along with competitors), as the media houses begin to tap into this market. However, we will not see DRM-free video on a large scale this year, though DRM—free music will continue to thrive.

Google’s Android will flounder this year, particularly in the US. They lack hardware support from any major cell phone producers, and while the GSM network has greatly improved, it’s still not as common as the CDMA network. People will leave their CDMA service vendors for the iPhone, but Android, despite it’s capabilities and developer support will enter the market this year with a whimper.

Mono’s recently added support for Windows.Forms will begin to draw more attention from developers (who will be more interested in the Mac support, than Linux). This will be a huge year for the Mono project, as many more companies take interest in the fairly trivial porting of their applications. Most people are still developing .Net 2.0 or 3.0 applications, both of which have strong support in Mono, making it a reasonable target.

Linux will maintain very slow growth on the desktop, but the server market will pick up considerably this year, particularly with the Samba project’s new access to Active Directory/SMB/CIFS documentation. Mono’s ability to run ASP.NET applications will aide greatly in once again widening the gap between Windows and Linux on the webserver market. The ability for companies to save thousands of dollars on licensing fees by going with a Linux-based solution will be the impetus for this migration.

I don’t foresee any game changing events this year, but it should prove very interesting nonetheless.