encrypt command will suddenly no longer be annoying!

Thanks to a fix from Dina Nimeh's latest push of changeset 27f403fbf8ca, the next OpenSolaris release will now prompt you twice for the passphrase it uses to generate the key to encrypt your data with. This is a long overdue change, one that I can't believe we didn't do sooner. The way we implemented it before, it was too easy to lose your data if you made a mistake the first time you put in your passphrase. Yay!

Rough Cut of Solaris Security book published!

I'm about to become a published author! Okay, currently I'm just credited as "Sun Microsystems Security Engineers", but it is a step in the right direction.  Our organization found that a lot of papers and books out there on Solaris security were out of date, just plain wrong or missing coverage of cool features, so we thought what better way of setting the record straight then writing our own book?

Management got behind this, and many of the members from our organization set to writing an outline for the book and for each chapter and found an interested publisher.  Next came the hard part - writing the actual chapters! Okay, it wasn't that hard, because we all wrote about the technology areas we know and love, but we had to make tough calls on what to leave out and make sure we didn't miss any critical information.  Once we got all of our drafts together, Sharon Veach edited our work and wrote the introduction for the book, Solaris Security Essentials. The book is on Safari right now for review before we publish - please leave comments on the Safari site so nothing gets lost. The external link only shows excerpts, so if you are internal to Sun, please create a login using your Sun email address and look at the Sun Internal link.

I worked with Jan Pechanec and Darren Moffat on the Solaris Cryptographic Framework chapter, which is all based on Solaris 10 Update 4.  We leveraged work from my previous white paper and an updated paper by Wolfgang Ley. Some chapters appear to be missing still, but I'm sure they'll appear on the site over the next few days.

During this process I was told I use too many exclamation points in my writing, which (apparently) makes readers tired. How strange is that?

Here we come a caroling...

Okay, actually there we went.  Today was the annual Sun Caroling day.  We went from building to building in Menlo Park spreading holiday cheer, including a few lesser known Hanuka songs. Carol of the Bells, Psallite and 12 Bugs of Christmas seemed to be the favorites this year. I know I've been so busy rehearsing for Babes in Hollywood that I had a hard time keeping some of the harmonies for the classic holiday songs in my head. Too used to singing melody on those, I suppose.

OpenSolaris 2008.11 officially released!

Seems like ages ago when I was testing the first release candidate on my laptop, but I guess it was really less than a month ago. I'm pleasantly surprised at how quickly we are turning around these releases and getting them out the door.  I am pleased that NWAM works so much better on 2008.11 than on 2008.05, it's good to know the team took all of the feedback they got from the previous release and incorporated a lot of good changes. For example, I now have the ability to bring up the NWAM GUI and request to change networks when the one I'm on is no longer desirable (or I've found that I chose poorly when given the initial selection).  I can't wait to try this out in a conference environment, where access points change every time you go into a different room.

I'm still running Nevada development bits on my desktop, though, as it's SPARC based and we don't have OpenSolaris for SPARC yet.  It's still the same base kernel & most of the same utilities and applications, so I am still doing valuable testing on the latest & greatest... but, let's face it, not nearly as cool. :-)

What on earth are the credit card companies up to?

I've heard a lot of cautionary advice over the last few weeks about watching the mail for updates to credit card agreements and that the credit card companies were doing a lot of sneaky tricks to attempt to get more money from the consumers, so I was surprised when a letter from my Chase United Airlines credit card came and informed me that my fixed rate would be lowered from %14.99 to %7.99.  Then more surprised when an innocuous "update" to my card holder agreement arrived saying that as of January 2009, the card would switch to a variable rate of up to %29.99 APR.  No indication of what the initial rate would be or of any controls on when or how often the rate would change.  The first letter looked like a regular personal letter, the "update" was a small piece of seeming junk mail. Now, I don't carry a balance on this card, so it doesn't really matter to me, but this really seems like a bait-and-switch type activity. Tell folks loud & clear how low their new fixed APR is, right before the holidays to encourage spending - then slip in a large rate increase in January. It was very clear that the new rate would apply to existing balances.

Isn't this the type of thing that is now known as predatory lending? Of course, neither piece of mail came with a phone number or contact for questions...

Neil Young and the Linc Volt in Menlo Park!

Neil Young brought his Linc Volt, reconditioned classic 1959 Lincoln Continental Mk IV, to Sun's Menlo Park campus today to give employees a chance to see the car and the singer up close. The car is now a hybrid, powered by natural gas and lots of batteries. I was surprised at how well it was done - hiding the batteries where the convertible top normally folds down, the engine under the back seat and the generator in the front. Why did Neil drive it to Sun's campus today? Because the car uses Java to monitor performance. I'm not huge car nut, but do like Neil Young and appreciate cool technology so I definitely enjoyed myself.

Voting

I got myself to my polling place around 9AM this morning, finding it a bustle of activity, but no real lines.  California is trying to really push voting-by-mail and if your polling place does not have enough in-person voters, it will be shut down and anyone in that precinct will be required to vote-by-mail.  There are many concerns about voting by mail: ease of coercing a vote, stolen ballots, undelivered ballots, ballots returned with insufficient postage after the deadline to vote, etc. There are provisions for people who did not receive their ballot to go & vote by person in their polling place, but then they only get a provisional ballot - one with a complicated procedure for determining whether or not it will be counted.  For those reasons I show up in person, but the thing I found odd is that there are three polling places in the one building where I go to vote. Wouldn't it make more sense to combine these polling places rather than get rid of them all together? Really, it wouldn't effect my voting at all - two of the polling places are in the same room, but I have not heard of any cases of combining polling places.  If my polling place ever goes extinct, I guess I'll have to go line up at the registrars office.

All the same, I believe this is a very important election for our country and for the state of California, where we seem to love ballot initiatives. If you haven't done so yet, please get out there and vote!