| The Ultimate Business Machine Technology, business And, not least, about by: Bernard Teo
|
Wed 13 Jul 2005 WebMon and SSLCategory : Technology/WebMonSSL.txt I'm now able to get WebMon to set up SSL on the server with one click of the button. It now uses a test cert, which WebMon also generates. The idea is that you can use the test cert to test that you can serve web pages on port 443 and that they're encrypted (the lock shows on the browser), and that you can still continue to use port 80. And then you can use WebMon to generate a certificate request and get a real cert from a proper issuing authority, which you can stick in place of the test cert. (This should probably get done by tomorrow.) But the thing I'm interested in finding out is, if you have a legal properly verified cert, can you turn around and be your own certification authority, and issue certificates to each of your own employees, which they could use to sign, encrypt their mail, and prove that they are who they say they are? I think it's very do-able technically. I already have all the pieces, but whether it will work or not, I will only know when I try putting it all together. The bonus, when you get a properly verified cert, is that you can use the same cert for your mail server. I can make a change to Postfix Enabler so that it'll be able to share the cert with the web server. Actually, I'm already doing that with our own server. Things are starting to come together. Postfix Enabler 1.1.6 and OS X Tiger 10.4.2Category : Technology/Tiger10_4_2.txt We did a test when 10.4.2 came out. It looks OK and everything still runs fine. I may be speaking too soon (I hope not) but I think it's okay to upgrade to 10.4.2 if you're running Postfix Enabler for Tiger 1.1.6. Okay, hope to see Xcode 2.2 next because 2.1 is still pretty buggy. Tue 12 Jul 2005 Bobos in a Flat WorldCategory : Commentary/bobos.txt I first saw the word "Bobo" on a column in the Raffles City in Shanghai, whose thick round grey metal-clad columns look exactly like the ones we have in the Raffles City in Singapore, no doubt to make us Singaporeans feel right at home. I was waiting for my chicken rice and, as usual when I don't have a book to read, I was reading anything that pass my way - the menu, the exit signs, the words on people's T-shirts - but this time I didn't need to bother. I was sitting next to a column that had past issues of the Straits Times wrapped all round it. And right at my eye level was the story of the Bobos in China. "The term BoBo, short for Bourgeois Bohemian, has caught on in China since David Brooks's book "BoBos in Paradise: The New Upper Class and How They Got There" was translated into Chinese and published in separate editions in Taiwan and China. "In cities such as Beijing, Shanghai, Guangzhou and Shenzhen, the word is on everyone's lips - especially young executives and other members of the nouveau riche, known in Chinese as "xiaozi" or "petit bourgeoisie" - a group that was once a target of ideological campaigns. "Even for a casual observer from Hong Kong, the new social scene is fascinating. For the Chinese BoBos have matched, if not surpassed, their American and European counterparts in the wealth, glamour and intellectual elitism of their self-constructed images." I didn't write that - it was written by someone called "Leo Ou-fan Lee", evidently for the International Herald Tribune and reproduced in the Straits Times, and I could only find a reference on the Net in, of all places, the on-line version of "The Kathmandu Post" (for the full article, look under the section - "China's BoBos mountain (sic) urban revolution"). Anyway, I made a point to read that book when I got back and I've just finished it and I'm wondering what could have been going on in the Chinese bobos' minds' when they were reading it. It's funny in (increasingly sparse) parts (as you go further into the book). It made some excellent points but I couldn't quite get past the smugness in its tone. I feel more like the reviewer in this critique of the book. The book is sub-titled : "The New Upper Class and How They Got There". And so I'm thinking about trajectory - what could happen next. A good book to read in parallel (and maybe in opposition) to Bobos is Thomas Friedman's "The World is Flat". Both books talk about the role technology plays as the defining element in 21st Century lives. But, while one book talks about the feast, the other has you picturing the hungry hordes that are about to eat the Bobos' lunch. I don't know. I'm still digesting it - both of them. But it's one past midnight and all this talk about food and chicken rice is working up an appetite. WebMon 1.1.1 with PHP and WebDav SupportCategory : Technology/webmon111.txt I've released WebMon 1.1.1. WebMon can now turn on PHP and WebDav on the web server with just one click. The WebDav folder name and path, login user name, and password can all be customised. The WebDav folder can be used to store (and publish) iCal calendars. The folder name, login, and password correlates with the three fields on iCal's Publish Calendar dialog box. It's really powerful being able to integrate the use of shared calendars. Together with ability to store address book data on a shared LDAP server, we've got the beginnings of a pretty promising Customer Relationship Management System on the Mac with largely off-the-shelf parts. One day, I'll get there.
After this, it will be SSL - turning on SSL using test certs that you can generate from within WebMon. And then, the ability to make a certificate request to an issuing authority. And finally, the ability to stick a "real" cert into the web server. And all without needing to know any Unix. After all that, I'll be going back to DNS Enabler. I'm this close to making DNS Enabler work for the public network (rather than just the local network). I'm trying to build this suite of applications that can help people put a business together quickly using the Mac. I can visualise how it'll all work. And we could tie in PayPal so that you could just sell your stuff (and collect money) on the web (assuming you have stuff to sell that people want to buy). Hai Hwee's going to have Luca, the accounting system, ported over to Objective-C soon, using an embedded SQLite database that will make it so much easier to deploy and install. So the key is to figure out how it'll all come together and make it sing. Fri 08 Jul 2005 The Nordstrom of the Software Business?Category : Commentary/nordstrom.txt I don't know but when I first started my own company I had dreams of providing the best service, the most thoughtfully designed software, the best quality bug-free systems, and the most enthusiastic passionate support. But over a decade, these dreams have gone through quite a bit of wear and tear. Providing consistently good service over any length of time, in spite of the vagaries of human nature - that's really hard to do. And I've developed quite a jaundiced eye when I cast my mind over the prospects. So it's always been a wonder to me : how did companies like Nordstrom do it? How do you keep your optimism in the face of all these disenchantments? I've read my share of Nordstrom books, always looking for an answer. Here's a little bit of a clue, as I was reading yet another Nordstrom book from Robert Spector - if you can grow your business to a certain size, you can then pay people to do it, i.e., provide excellent service on your behalf. Nordstrom's return policy is virtually an unconditional, money-back guarantee. If customers aren't completely satisfied with their purchase, for whatever reason, the store takes it back, no questions asked. Doesn't that unconditional policy invite abuse? Sure it does, but central to the Nordstrom policy is a desire not to punish the many for the dishonesty of a few. Which is not to say that returns are not often frustrating for Nordstrom salespeople. You have that customer who "borrows" a dress for a couple of years and then returns it. But top salespeople realize that returns are part of the game; they take back the returns with a smile, knowing that many of those customers will come back. Some enterprising Nordstrom people will even send a thank-you note to a customer who has returned a purchase. Wouldn't a gesture like that get your attention as a customer? That kind of resourceful thinking was exactly what Everett, Elmer, and Lloyd Nordstrom had in mind when they established this generous warranty back when Nordstrom was a two-store operation. The brothers dreaded having to deal with obviously outrageous or unreasonable returns, so, they reckoned, if they could pass off the responsibilities for the adjustments and complaints, the business would be more personally enjoyable. So, it's good to know that they were also human after all. That's one way to do it - split the responsibilities so that you can do what's right for the business and "delight the customer", and yet maintain enough detachment to get over any sense of dread or outrage, over any perceived injustice or unfairness (which is really not a good thing to harbour when you're in business). So, this is what I have learnt : among the customers, there are the many and there are the few. The many are mostly good. Among these, the best are the ones who show their appreciation. They're the ones to slog our heart out for. They're why we're in business. And business is meant to be enjoyable. And then there are the bad. But the good vastly outnumber the bad. So just focus on the good. And try to be happy. Otherwise there is no other reason to be taking this route. Perhaps, one day, we'll get to reach our Nirvana? WebMon 1.1Category : Technology/WebMon1dot1.txt WebMon can now monitor more than one web server. Actually, it's been able to do that for some time, but I've created an interface that will make this obvious and usable.
In addition to showing only Page Views, you can now also filter out the robots. And, you can set whether the search starts immediately when the program launches. In order to incorporate per-server preference settings, WebMon 1.1 uses a new preferences file. I've been diving a bit deeper into the innards of Cocoa Bindings this last week. I'm amazed at what we can now do. And I'm looking forward to being able to do even more. Fri 01 Jul 2005 Release Early, Release OftenCategory : Technology/WebMon1010.txt This is the mantra of business at the speed of the Internet. Here's WebMon 1.0.10. I'm really using all these stuff myself. I've now added the ability to show Page Views rather than page hits. It'll ignore hits on items with the following extensions : "jpg, gif, css, png, js". But you can change or add to these in the Preferences Panel. Turns out to be not too bad. It's better to log everything coming in, so you don't lose the ability to zoom into the little things. Then you can use the search functions to control the granularity with which you study the web server activity. I've also added a Tab Delimited option to the Export function. Double-click on the exported file and it'll launch Excel. And the Show/Hide Column Menu and Search Menu keep in sync with the order in which you re-arrange your table columns, no matter how often you switch them around. This is so fun to do from a programming point of view. I'm just getting Cocoa to flex some muscles. With tools like these you can really build a lot of good stuff. Tue 28 Jun 2005 WebMonCategory : Technology/WebMon.txt I'm tired of typing WebServer Monitor every time, so I'm shortening it to WebMon (as in Pokemon). I've just released 1.0.9. This release takes care of the slower servers that time-out while WebMon is trying to configure it. There was a bug whereby a hidden column disappears from the "Show or Hide Column" menu completely when the program is re-launched, so you can't ever show it again. So I fixed that. And I also fixed the "Export to CVS" function in the File menu so it works again. I'm trying to get it to work completely reliably. If I know that the connection has been set up properly and securely between a trusted mobile machine and the server, I can move on to the next phase, which is to allow the mobile machine to set up as many useful services on the server as possible, e.g., PHP, WebDav, and digital certificates for SSL, including the certificate request phase. That'll be WebMon 1.1. Sat 25 Jun 2005 WebServer Monitor 1.0.8 ReleasedCategory : Technology/WebMon108.txt While WebServer Monitor itself will run on either Panther or Tiger, there is a bug when the web server is on Tiger. WebServer Monitor doesn't SSH (login) into the remote (Tiger) machine correctly and therefore cannot set up its server log format properly. This release fixes that bug. Also I've re-arranged the Navigation menu, changed its keyboard short-cuts, and added a menu item to revert to the last search done on the Search History List (in the Search Field). Hopefully, these will make it even easier to move around the log data. WebServer Monitor can be downloaded here. Stay Foolish. Because God Rewards Fools.Category : Commentary/stayFoolish.txt The trio of Martin Hellman, Whitfield Diffie and Ralph Merkle had been the first to find an answer to the key distribution problem of cryptography (see previous post). Or, at least, a conceptual answer, because they were followed by another trio - whose initials made out R, S, and A - who actually supplied an implementable solution. That's why PKI encryption is also known as RSA encryption today. But, anyway, here's a quote from Martin Hellman, from Simon Singh's book : "The way to get to the top of the heap in terms of developing original research is to be a fool, because only fools keep trying. You have idea number 1, you get excited, and it flops. Then you have idea number 2, you get excited, and it flops. Then you have idea number 99, you get excited, and it flops. Only a fool would be excited by the 100th idea, but it might take 100 ideas before one really pays off. Unless you're foolish enough to be continually excited, you won't have the motivation, you won't have the energy to carry it through. God rewards fools." Remember the end of Steve Jobs' Stanford commencement speech where he said, "Stay Hungry. Stay Foolish"? Because God rewards fools. Alice and Bob Go PublicCategory : Commentary/PKI.txt I was reading Simon Singh's "The Code Book - The Science of Secrecy from Ancient Egypt to Quantum Cryptography" and this is the first time I really understand this concept called the Public Key Infrastructure (PKI) which we use in mail and web servers when we "turn on SSL". If you start with Simon Singh, then move on to Steven Levy's "Crypto", and then reach David Kahn's "The Codebreakers", you should be able to get a very good grounding as to why having an understanding of this dismal science is really so important to running a business in our Internet age. This is the first time I've found someone who could draw a meaningful picture around PKI - i.e., the problem it was meant to solve, how it solved it, and why that's significant. And so I'll quote that part of the book that created that Eureka moment and encourage you to read it, too. If you're concerned about running a business on the 'Net, this will be a meaningful journey : "The whole problem of key distribution is a classic catch-22. If two people want to exchange a secret message over the phone, the sender must encrypt it. To encrypt the secret message the sender must use a key, which is itself a secret, so then there is the problem of transmitting the secret key to the receiver in order to transmit the secret message. In short, before two people can exchange a secret (an encrypted message) they must already share a secret (the key)." "When thinking about the problem of key distribution, it is helpful to consider Alice, Bob and Eve, three fictional characters who have become the industry standard for discussions about cryptography. In a typical situation, Alice wants to send a message to Bob, or vice versa, and Eve is trying to eavesdrop. If Alice is sending private messages to Bob she will encrypt each one before sending it, using a separate key each time. Alice is continually faced with the problem of key distribution because she has to convey the keys to Bob securely, otherwise he cannot decrypt the messages. One way to solve the problem is for Alice and Bob to meet up once a week and exchange enough keys to cover the messages that might be sent during the next seven days. Exchanging keys in person is certainly secure, but it is inconvenient, and if either Alice or Bob is taken ill the system breaks down. Alternatively, Alice and Bob could hire couriers, which would be less secure and more expensive, but at least they will have delegated some of the work. Either way, it seems that the distribution of keys is unavoidable. For two thousand years this was considered an axiom of cryptography - an indisputable truth. However, there is a thought-experiment that seems to defy the axiom." And so the stage is set ... "Imagine that Alice and Bob live in a country where the postal system is completely corrupt, and postal employees will read any unprotected correspondence. Alice wants to send an intensely personal message to Bob. She puts it inside a strongbox, closes it, and secures it with a padlock and key. She puts the padlock box in the post and keeps the key. However, when the box reaches Bob he is unable to open it because he does not have the key. Alice might consider putting the key inside another strongbox, padlocking it and sending it to Bob, but without the key to the second padlock he is unable to open the second box, so he cannot obtain the key that opens the first box. The only way around the problem seems to be for Alice to make a copy of her key and give it to Bob in advance when they meet for coffee. So far, I have just restated the same old problem in a new scenario. Avoiding key distribution seems logically impossible: surely, if Alice wants to lock something in a box so that only Bob can open it, she must give him a copy of the key. Or, in terms of cryptography, if Alice wants to encipher a message so that only Bob can decipher it, she must give him a copy of the key. Key exchange is an inevitable part of encipherment - or is it?" And now the denouement ... "Now picture the following scenario. As before, Alice wants to send an intensely personal message to Bob. Again, she puts her secret message in a strongbox, padlocks it and sends it to Bob. When the box arrives, Bob adds his own padlock and sends the box back to Alice. When Alice receives the box, it is now secured by two padlocks. She removes her own padlock, leaving just Bob's padlock to secure the box. Finally she sends the box back to Bob. And here is the crucial difference: Bob can now open the box because it is secured only with his own padlock - to which he alone has the key." "The implications of this little story are enormous. It demonstrates that a secret message can be securely exchanged between two people without them first exchanging a key. For the first time we have a suggestion that key exchange might not be an inevitable part of cryptography." And so this is the start - having a clear mental model of the basic issues to make the mind more ready to consider a few other possibilities. It takes a couple more steps from here to reach how public key encryption actually works today in our systems. And then one more step to understandiing something called PGP - Pretty Good Privacy. I believe it's going to become very important to learn how to make these things work for us in our businesses. We've already got all these stuff built into our little Macs. All we need is to figure out how to turn them on. Right. The Mac Way. Fri 24 Jun 2005 Singapore Map Plug-In for Address Book - works on TigerCategory : Technology/addressBookMapPluginTiger.txt I've finally found the time to fix this. The Address Book Map Plug-In works again for Tiger. And thanks to Ashwin Kumar's code snippet, it should continue to work on Panther.
You can download a Tiger-compatible installer for the plug-in from here. There's a short write-up on how to use it, here. Read more ... |
Mac@Work
Services running on this server, a Mac Mini running Mac OS X 10.9.2 Mavericks:
all set up using MailServe, WebMon, DNS Enabler, DNS Agent, VPN Enabler, Liya and our SQL installers, all on Mavericks. |
||||||||||||||||||||||||||
