 | | |
| | |
|
Spaces home  In-Cider KnowledgePhotosProfileFriendsMore |  Tools   |
In-Cider KnowledgeFirefox, System Administration & Life
|
|||||||||||||||||||||||||||||||
|
December 05 Time to Go From HereOK, I've had enough of Spaces. It has troubled me over the past couple of weeks just how often this site is down. And then posts just don't happen...
I've also been looking for an inspiration to blog a bit more of late, and have decided to come up with a bit of a kick: This blog is off to Wordpress. After some annoyance about not being able to find an ideal name, In Cider Knowledge will continue and with new impetus, for a bit!, at http://ick2.wordpress.com.
I'll continue to post any major FirefoxADM/Group Policy Firefox Extension stuff here as well as at the new blog, but bye bye from here. Update your RSS feeds! November 13 Web 2.0: The Blind Technology RushIf you ever read Brian Kelly's excellent UK Web Focus blog, you will often come across comments by myself. Almost always, I am taking the role of the grumpy naysayer, attacking many of the notions of Web 2.0, as presented enthusiastically by Brian.
The funny thing is, as Web 2.0 technologies go, I am a keen and long time user of the sort of tools which people lump under the category - I have been regularly contributing to wikis since 2002, had a blog since 2004, have a page on Facebook which is a significant part of my social life, have messed around with a lot of mash-ups (such as the mapping posts I made on this blog) and use countless services which are regarded as Web 2.0. So why grumpy?
Well, let's go through the services I use. I started to contribute to our wiki at work because we decided in our organisation that this was the best way to flexibly disseminate and update information for those people who needed across a very devolved structure. I started my blog in 2004 primarily as a development diary for those people who were interested in or using FirefoxADM. I got a page on Facebook because I was out at the pub and at parties and friends and, more importantly, good looking girls were asking that question "do you have Facebook?". Saying no was a bad answer... Even the stuff I did for the mashups was my attempt to see if I could produce a better version of the mapping site the University of Edinburgh used. Every Web 2.0 technology I use is used because I had a reason to use it.
The fact is every time you choose any technology first and then try to figure out a reason to use it, it does not work. This is not just with Web 2.0 technologies, but ANY technology - people don't go to DIY shops and buy hammers and then get home and then figure out what things they can hammer, they have a problem in their home and go out and buy the right tools for the job.
Yet, it is all too common with Web 2.0 technologies that people are encouraged to adopt them without this reasoning in place, and often when there is a reason it is the circular argument of "because its Web 2.0"! The granddaddy of these is the blog. People, teams, organisations are told "you should blog" and they are encouraged and encouraged to set one up. The problem is, all too often, they have nothing to say. So, they get told they should blog at a Web 2.0 conference and get back to work the next day and enthusiastically go to Wordpress or Blogspot and set one up, and start off with a "hello world, this is my blog" post. Then a day or so later, a real post of meaning, something they are getting off their chest. Then, time passes, maybe a third post a week later and then one or two more sporadic posts and the blog dies. Even worse are those organisations who indoctrinate their blog into their policy when they have no reason to blog. Libraries are particularly bad for this, having had it rammed down their throats that they must blog and wiki and use all these other Web 2.0 tools to be "Library 2.0". These librarians often have no reason to blog than the FUD of "you'll be left behind as Library 1.0!", so library blogs are forcibly created. Unfortunately, because they have nothing really interesting to say on them, they become full of nothing more than the same content that used to live under the news link on the library's home page.
Interestingly, also on Brian's blog, he points to an library-targetted OCLC report he contributed to on the use of these sort of technologies. Some of the quotes are quite interesting:
Very interesting. I wonder if we are now starting to see a maturity of Web 2.0 as people move away from a belief they have to implement certain specific Web 2.0 technologies and actually start to think of how and which ones can be used to be a worthwhile contribution to the services people use and run.
Its got to be better than it is now... November 11 The Measure of ChangeI previously mentioned that Change Management was a part of ITIL, and one of the major areas for me as someone who makes more and greater changes to the setup and application layer of the University Managed Desktop at the University of Edinburgh than anyone else.
A lot of the learning process from being on the course is that the organisation is putting a lot more thought into how we have a process for this change management, especially bringing in ideas from ITIL such as forward schedules of change, a change advisory board and documented processes. I'm glad of this, as this has been something I have pushed for. Up until now, what has happened is that I tended to be the arbiter of these changes, and I went through my own (documented) process of change and announcement.
One thing that has fascinated me about this is that this is another area where ITIL suggests these processes get setup but does not prescribe what that process should look like. This is the way it should be, obviously, because each organisation is different. If you talk about application support and managed desktops, a common method in Universities is to only make major changes to the core set of applications once a year. A good example of this that I have mentioned in this blog is the situation with Firefox, where we only change a major supported version (eg. 1.0, 1.5, 2.0 or soon, 3.0) once a year, during the so-called quieter summer months. Then through the year, as patches are released, they are tested and then deployed. However, in other organisations things are quite different. I know a common methodology in some major banks is to have quarterly releases of the desktop, and have very little change inbetween each update. I have to say, I am growing to like this idea more and more - you release a desktop, rebuild everyone's machine to the new version and then for 3 months you can develop and extensively test the next iteration and release it. Arguably, it couldn't work in a University environment, but with Universities now having more and more going on during the summer, maybe the one-update-a-year idea is growing old.
But that's for the Change Advisory Board to decide! September 22 Speaking IT Common SenseOne thing that I think will be pretty big over the next year is ITIL. ITIL has been around for the best part of 10 years, so why big in the next year? Simply, people have been waiting for ITIL version 3, years in composition, to be released.
I have mentioned ITIL a couple of times before on this blog, most recently after I attended an "ITIL Foundation" course earlier this summer and posted some thoughts here. I talked about it then as "documented common sense", and probably didn't make the best case for people attending the course! However, time has effected my opinion of this course. I have to admit, when I was on the course and then after it just finished, I saw ITIL almost like an extra few boxes to tick when starting a new service. Actually, the opposite has happened: because the processes, practices and framework in ITIL make so much sense, when you see services (either new or ones that have existed for some time) in your organisation and you see they don't have a change management process, for example, it seems like a whacking great big hole in the quality of that service. If they are services that you are involved with, it gives you the momentum to fix this big hole in the service. This has happened to me, where with one major service I am heavily involved with and that effects pretty much every student and member of staff at the University, I now feel the communication of changes within the service is too weak, and as such I am looking into how to radically overhaul it. It might seem strange but without the ITIL course, I doubt I would have seen this. It effectively gave me the ability to properly stand back from a service and see it objectively.
However, there is something even more significant. I have found a remarkable thing when talking to others who have been on the course, especially in meetings: the language. When you are talking to other people who have been on the course, the language is now interspersed with vocabulary we picked up on the ITIL course. So, we talk about things like "incident management" and "change management" and both know what we mean by this. This is a massive boon because it means we know exactly what we are talking about when improving services and get on with actually improving services. The vocabulary is also important because to me, the term "change management" is now native, understandable, but to someone who hasn't been on the course, its confusing and scary (eg. they think: the "management" part means filling in forms and making everything slower and is nothing more than a hassle and "change" is never a good thing). This is one of the key reasons that organisations need a good strategy for ITIL adoption. It needs to be part of a multi-year strategy of adoption and you need to get a good set of people onto a Foundation course. These MUST NOT only be from Management layers, because you are dealing with services and many of these services can only be helped by having people onside on the "front line". Get a few up further than this and they can teach the rest - at least the basics, the framework and the language!
The reason organisations are looking towards ITIL now is that Version 3 has taken some time to come out, finally coming out early this summer. However, it doesn't take away from probably the biggest reason many organisations will be looking into it: it works. This is not a management fad. It has a long standing reputation worldwide. The other big reason is that a few years ago, many companies suddenly had IT Governance slammed into them thanks to Sarbanes-Oxley (SOX) and ITIL is seen to be a major way to both enforce the practices and processes as required by SOX, whilst adding the extra benefit of making for a generally more high-quality service. IT Governance isn't going to go away, so its best that companies use the right framework.
Now, all I need, is a ITILv2 Foundation to ITILv3 bridging course... September 15 Its All In The ProcessEarlier this week, whilst waiting on other processes to complete I started to play with the Shared Document feature of our team's Sharepoint Services install. We put this in place earlier this year after one of my colleagues in the team played with it and convinced us it was a good idea - a system to help track changes, track what each other was doing (especially as we had a new job share post in the team) and allow us to have internal task lists, and with Sharepoint Services being essentially a free "role" built into Windows Server 2003. I was pretty sceptical but had no better ideas so agreed we should give it a go. Over the past couple of months, my scepticism has been allayed, as I have found it more and more useful. Certainly, the 2 team members in the job share have found the blogging extension to it almost essential to their job, as there is no overlap in their hours.
In the last week, though, I have been looking at how we can use the Shared Documents feature and have been very impressed - not so much by the technology itself, but by how it manifests itself. The Document Lifecycle is, especially in Office 2007, a first-class citizen. You can open, check out, modify and check in content all from within Office. It works almost as smoothly as opening and saving to disk (I say almost because checking in and checking out files is a bit of a foreign concept to most, at least at the start). You can also add the likes of tasks, notifications and permissions which are major requirements for collaboration. On top of all this, in the 2007 version, Office has clarified the process of document preparation, to make processes like mark-up removal, adding data protection, signatures and compatibility checks, more naturally flowing (thanks to the ordering in the new Office button menu).
The point here is not to say anything particular about how good or otherwise Sharepoint or Office 2007 is, but to say, it is a good example of the sort of process we need to be thinking about. At the moment, a lot of Web 2.0 services are based on a very old school method of creating your document/data in your software application and then once complete going to the web site, browsing to where you saved it on your hard drive and uploading. I think it is becoming all the more clearer that desktop/software and cloud/services are not mutually exclusive paradigms, and if we want to get the very best of both, we need to think of the best processes to make the differences between the two much more smooth, to the point where users might not even be able to tell between the two. We also need to be minded towards making sure the services give us the flexibility we need in a two-way direction. It is only then that we will find an approach which fit our needs and allows our users and our systems to be as productive as they can be with these services. August 16 Web 2.0 - A Year OnI first wrote about Web 2.0 on this blog almost exactly a year ago with this post. Looking back, I talked about Web 2.0 as a kind of threat, "competition" for the services IT Services provide, and suggested IT Services risked becoming irrelevant if the services did not match or better these sort of services. In my opinion, the relevancy would come by realising what we can work with and what battles weren't worth fighting. Reading some blogs and news items of the time, I think that was a pretty accurate snapshot of where we as a profession were a year ago. How have things changed?
One strange thing is that its almost as interesting to talk about what HASN'T happened, as what has. To be honest, when I was giving my theory that Web 2.0 "equates to one of the biggest changes in the way services are delivered" since the Web itself, I expected a whole lot more to have happened in the past year than it has. I did expect Web 2.0 to take off in a big way in the past year; I expected to see by now what I would call the "Web 2.0 software stack" - in that users will log into any machine and then go off to Windows Live or Google and from there, their entire software experience is based around that web service: email, IM, VOIP, Documents, Presentations, Storage, etc. Why hasn't things happened quite to this extent?
Firstly, the technology wasn't and, dare I suggest, isn't mature enough. Or powerful enough. If you analyse, for example, Google Docs (Writely), it is now barely better functionality-wise than Wordpad or the equivalent application on other platforms. There is no doubt that the likes of Google are currently developing these apps to make them better but I wonder just how powerful they could make an application running in a web browser, across the Internet. To be honest, I think you can only go so far before edging at the security and performance boundaries. There is no doubt to me that these boundaries will offer less features, be less responsive and end up giving less productivity in these applications than in a traditional desktop application.
One area that grown over the past year is the concept of Enterprise 2.0. The whole area of "Enterprise 2.0" has really matured in the past year from being an idea championed by the likes of Andrew McAfee (who, well, coined the term) and Dion Hinchcliffe to having real possibilities. There are real steps being taken forward. However, if you search Google for "Enterprise 2.0", you will see that there are still a lot of baby-steps occurring, and a lot of people still figuring out where this area needs to go. Its important to note though that Enterprise 2.0 is not really a revolution - it is more an organic development of understanding how Web 2.0 can fit into the very rigid structures of an enterprise environment and is being crafted into the latest take on Service Oriented Architecture (SOA). One offshoot of this is that Enterprise 2.0 tends to be less burdened with the more extreme and ridiculous ideologies that Web 2.0 has.
For myself, a complete pragmatist when it comes to IT and technology, this is important. I look back over my posts of the past year and see myself go through a similar maturing from what could be defined as Web 2.0 thinking to Enterprise 2.0 thinking: I like a lot of the ideas of Web 2.0, but many of the practicalities don't fit an organisation/enterprise environment, therefore there needs to be a different take. When I blogged about "IT Services 2.0", it was very much angled towards this idea of Enterprise 2.0, more than Web 2.0.
So, for the year ahead? Over the next year I expect, actually, very little. By the middle of 2008, you can expect to see a lot more Web 2.0/Enterprise 2.0 applications get targeted towards the enterprise but the current problem is that everyone lacks a clear leading platform to work against. And that is the area that will form up in the next year (and it wont be Facebook!). But that's for another post. August 02 Group Policy Extension querySomeone contacted me to ask me a question about how to use the Group Policy extension to set a proxy url for their organisation. Because of the odd way this whole spaces thing is set up, I couldn't reply to his message! Anyway, worth posting for everyone who has been trying it to see how its done.
If you download the Group Policy Extension zip, you will see an example ADM template. Install the extension (better to install to %ProgramFiles%\Mozilla Firefox\extensions and not the user's profile) and apply the admin template to your local group policy and set the home page to whatever and you should see it sets and locks that.
For the proxy, you need to set 2 preferences: network.proxy.autoconfig_url and network.proxy.type. The first is obviously the url of your proxy and the second is type, which you want to set to 2 (set it in the Administrative Template as a string, not a DWORD). You need to set both to get them to work. So, just add those entries to the Admin Template in the same way as the browser.startup.homepage entry and it should be good to go.
Anyway, an ADM template to do this will look like:
CLASS MACHINE
CATEGORY "Mozilla Firefox Group Policy Settings" KEYNAME "Software\Policies\ADM\Firefox\Locked"
POLICY "General Settings"
PART "Homepage" EDITTEXT REQUIRED VALUENAME browser.startup.homepage END PART END POLICY POLICY "Proxy"
PART "Type (set 2 for autoconfig)" EDITTEXT REQUIRED VALUENAME network.proxy.type END PART PART "autoconfig url" EDITTEXT REQUIRED VALUENAME network.proxy.autoconfig_url END PART END POLICY END CATEGORY You can tidy it up and make it a lot more "user friendly"!
If anyone has any questions about this or anything else Firefox Group Policy related, feel free to contact me at the address to the left of the page: mark(dot)sammons(at)ed(dot)ac(dot)uk (replace the dots and ats obviously!)
July 28 Firefox Enterprise Working GroupI should have mentioned this before but got carried away with blogging about Web stuff!
I am participating in a really exciting venture. Mike Kaply of IBM and many Firefox improvements, has managed to seriously kick the whole enterprise market into gear by organising the Firefox Enterprise Working Group. This venture, which you can read more about here, has managed to bring together several people with experience of Firefox usage in the enterprise (and education). I much appreciated that Mike asked me to be involved and I give as much time as I can, gladly.
The great thing was that there were a number of really large companies contributing to the first conference call of the Working Group, indicating that a lot of people are serious about this. Equally important was that it had buy-in from people at Mozilla Corp on the call. Oh, and of course, we educational establishments are important too! I'm, personally, really excited at the prospects.
The first call was titled "Experiences" and was to give people the chance to express what happens in their organisation.
The first people to talk was "Team A" (obviously, a lot of people on the call need to keep anonymous because competitors are also in on the call). They are a massive company, a Fortune 100. Their contribution was really interesting and they have also uploaded a case study about their environment. Several interesting points made include that they use Mission Control for their configuration management. This surprised me because Mission Control is actually an ancient Netscape management tool from about 8-10 years ago tailored for Netscape 4. It doesn't surprise me that it works, given how much Netscape code runs through Firefox's veins, but interested to know how they came about to use that. At a guess, maybe they had it for Netscape 4 and several people are experts in it, or have even modified it over the years, and they've found it fits their needs for Firefox. As I understand it, the configuration management part actually works very similarly to the way FirefoxADM works - except it gets the prefs and lockPrefs from the LDAP-based Mission Control WebApp as opposed to the Policies part of the registry. It IS better than FirefoxADM, especially because you can update over the internet and can update on-the-fly, but personally, I prefer the group policy approach (though I obviously would seeing as I wrote FirefoxADM!). I'd like to thank the guys from Team A, because their experiences were really interesting, and got me thinking, especially with regard to how they deploy plugins as extensions.
I talked next. I'll say more in a post once I've uploaded my case study to the wiki - early next week hopefully if I get approval from my manager. What I will say is that apart from the nuances of education, such as the fact you can only really update major applications once a year during the summer, it surprised me how close my experiences were to Team A. Our deployment procedures are similar, if less formal. Oh, and whereas Team A have security teams signing off patches, and several core engineering teams involved in making sure Firefox and its plugins work, here its...well...me: I sign off patches, package Firefox, package all the extensions on all browsers and make sure of its readiness. However, the turnaround times are similar for minor and major updates.
Mike Kaply also talked about his experiences at IBM. He made some really good points about intranet applications and the fact that whilst compatibility with Firefox is becoming more and more of a common feature, for bought web services sometimes the compatibility is only added in, in a version beyond which you are using. Therefore, it becomes a case of persuading the business that Firefox compatibility is worth the cost of the upgrade. I think in an educational establishment, where there is more of a build not buy attitude, this is less of a case (and it helps when you have people like me badgering the Applications division for the compatibility!). At IBM they use, unsurprisingly, Kaply's Client Customization Kit mainly. So 3 organisations, 3 different approaches - I wonder what the others are doing?
There was a lot more talked about in the session, which Yuriy does a great job of describing here (excellent blog about Enterprise 2.0 too). Overall it was a really great first call and I came away really buoyed up about the possibilities of where this could go.
If you are reading my blog and are using Firefox in an enterprise environment, go to the wiki and post your experiences, post your thoughts or if you want, email me (address on the right there) with your experiences, issues and wishes and I'll do my best to raise these things. And if you can join in on the call or the IRC channel please do so - its really important that while we've got the ear of Mozilla Corp, we let them know what is wanted, needed and I really do believe that it could lead to Firefox becoming really big in the enterprise market. Exciting times ahead... July 18 The Unwanted Invasions of FacebookI never expected the topic and arguments in my previous post to be justified so quickly! Yesterday, this story broke:
I see this as very different a situation than the Facebook threats at Keele. In the Keele case, all the students were doing was criticising the University, and seeing as they pay a lot of money to go to these institutions, it was wrong to threaten those students. However, in this case, the students are learning the hard way everything I said in my previous post: things put up on Facebook are not private, and things that are put up there can and will come back to haunt you. There is a beautiful quote in the Telegraph report of the story, from the University spokesperson: "The perception is that this site is private. But it is not and everyone in the modern world has to adjust to that.".
In a way, these students have found this out in a not too bad way. If it wasn't the Oxford deans who found these photos first and made students tighten their privacy on facebook or better still take the content down, then it would have been an interviewer doing "research" on that student as a potential employee, where the research is done via searching Facebook, Google, Bebo, MySpace et al (and they DO!). This slap on the wrist from Oxford staff is better than being turned down for a job because the employer thinks you are a potential trouble maker who plagued the residents of Oxford with anti-social behaviour...
The reaction of the students in both the Keele and Oxford cases makes one thing abundantly clear, though. The Oxford Student Union President makes it clear how students see Facebook and that is "the ethos of the site" is a "community for connecting friends". In other words, Facebook is about life at University (friends, lovers, socialising) and not University life (studying, lectures, exams). In that these two areas are so well defined, it should be possible for student bodies such as the Student Union to come together with the University and draw up some "rules" on appropriateness for the University to involve itself in the Facebook (or whatever Social Network is in fashion) community. Personally, I'd want the University to stay as much out of it as possible, as they are mostly an unwanted invasion into the students' space.
I do hope one thing, as an aside. I hope a lot of those in Higher Education institutions who hype Web 2.0, stop and take a long hard look at this situation. A lot of the hype of Web 2.0 has been by their definition of "user-centric" - instead of creating tools and portals at the University, port and outsource your services to the tools and sites the users use. The release of Facebook Apps API left many frothing at the mouth with the possibilities (I'll come back to Facebook as a platform in a post soon). I've never bought into this idea (especially with web sites - students have figured out they can SHOCK! have more than one site open at a time, so having Facebook in one tab and the Web Portal in another is not really a user-crippling inconvenience...). This definition of "user-centric" has, essentially, been derailed because it forgot to factor in one important component: what the users actually want! And all the evidence in this case is, such developments, such involvements are simply unwanted. July 13 Permanent Footsteps in the Internet SandThe year was 1996. At the time (and still so), I was heavily into electronic and dance music. I was coming up to the end of my first year at University and had an idea. Down in Oxford, at the start of May, there was a big dance music festival called Tribal Gathering organised. The lineup was amazing. Me and a friend got tickets and made plans - this was the perfect event before we knuckled down to our final exams of the year. Then, barely a couple of weeks before the event, the license for the event was not given, citing "traffic concerns". My plans and what was effectively my holiday for that year, was ruined. My sense of outrage was massive, but tipped over the edge a few days later when it was announced The Who were going to be playing a massive event that summer in Hyde Park. That is a big park in the centre of London. Where were the "traffic concerns" here? The whole thing looked like yet another state-sponsored attack on dance music culture.
At the time, I often wrote on a Usenet newsgroup called, uk.music.rave. It was, despite the name, a newsgroup for all dance music. I spent a lot of time on the group doing the rather sad but useful activity of track spotting - people would post asking if anyone knew a tune which has this or that sample and I had a good knack of remembering the name of tunes. Soon after the Tribal Gathering debacle, I posted a rant about the event blaming everyone from the organisers to the police to politicians. Soon after, exams and flat hunting matters meant I forgot all about it.
Many, many years later, I was in the pub with some friends having a regular drink when one of them pulled a piece of paper from his pocket and, to me cringing like I had just been wrapped in fibreglass, he started to read out the rant I posted. For my friends, this was amusement and me getting slightly embarrassed. They especially took great amusement at me, these days darkly cynical about the world, signing off the message with the acronym, PLUR (which I find amazingly has a wikipedia entry...). How had this happened? Simply put: In 2001, Google bought the Usenet archive from DejaNews and made it simple to search. My bored friend searched for my name and found my post.
I never considered that 7 or more years after I wrote the post, it would come back to haunt me. Usenet was one of the earliest "user generated content" parts of the World Wide Web and Internet to be archived in such a way where you can identify a person's posts, profile them if you want. Now consider the Web of today, and in this area, it starts to look, frankly, scary. Take Facebook as an example. Users these days not only supply a LOT more information to this service, but supply a lot more intimate details, down to their list of friends and even who they are dating and their religion. Even worse, an attitude has sprung up on Facebook where, as I suggested in my post about Keele University and Facebook, people regard messages and groups on Facebook as akin to pub talk. The situation is not helped at all by the rather poor definition of privacy these sites have. I've been experimenting with accessing data from the site whilst not logged in on a test machine and, to my surprise, knowing some URLs, I can extract a load of data from Facebook (and even logging in is rather insecure, using just HTTP as opposed to SSL and HTTPS). All in all, as most technical people will tell you, the difference between putting something up on Facebook and something up in the public domain is pretty damned slim.
Working at a University, I truly believe it is our job to advise the students who are using the likes of Facebook about the dangers, about the possibilities that something written on the site, maybe even in jest, could come back to haunt them in a possibly awful way years later on. Seeing some of the stuff I've seen on Facebook, we're talking about the likes of the difference between getting jobs and not, the difference between being labeled a team player and labeled a troublemaker. Or worse. I believe we need to open their eyes to the fact that these services might seem free but these companies will always try and find new ways to exploit this data for profit. Of course, this should be tempered with explaining the "no such thing as a free lunch" principle - they will get a certain amount of targeted advertisement and profiling and this is the price you pay for services like GMail, Hotmail, Facebook and Bebo. Simply, just be as clear as possible about this from all angles.
The problem is, if an institution is looking or has adopted these sites for their services, will they be willing to tell their users these realities? What if, such as an outsourcing to a Google or Windows Live, you are not giving your users any choice in the matter of whether or not to adopt these services? The privacy aspect of adopting these services simply isn't being held in high enough regard amongst the people who decide on the matter at institutions because they keep seeing the word "FREE" in front of the service. Free to the University, maybe. But at what cost in the future to the users?
Thanks for visiting!
|
|
||||||||||||||||||||||||||||||
|
|
Invite as friend
Profile
Blog
Guestbook
Photos
Lists