Picking Out The Mind Fluff

The murmurings of a jibbering mad Geek fool!

Yahoo Pipes drains my patience but is full of potential!

PipesUg I have just spend a few infuriating hours playing with Yahoo latest utility, Yahoo Pipes. Tim O’Reilly said this was a milestone in the History of the Internet. (Ug isn’t he the same bloke that coined the phrase ‘Web 2.0’? Ug, what does that mean?)

In a nutshell Yahoo Pipes is a utility that lets you build your own custom searches, it allows you to aggregate search-engines searches and RSS into one stream of output. So for example, if I wanted to see all what had been posted about ‘Girl Geek Dinners’ from a number of different sources, I would grab all the RSS feeds of people I know who go to them and also add in search- engine results from say Google, Yahoo and Live, pipe them all together and created one mashed up data stream. Easy, no reason to go to one specific search engine like Google or go through the list of the people I subscribe to in my RSS reader to see what they have written about ‘Girl Geek Dinners’ and I can get go back to my pipe and re-run it time and time again, it even build it’s own RSS feed so I can run my pipe from my RSS Reader, fantastic! Infact other people can use your pipe as well, you can even go back and edit it and continue to refine it.

The system it system is a graphical one, where you drag control boxes from a toolbox box at the side of the screen, configure them, then link them together to form a nice linear logical workflow.

Other the last ten years or so I’ve seen afew graphical development environments all with the same aim, ‘wouldn’t it be cool to write code using a flow-chart’, from IBM’s Visual Age to UML and the plethora of tools that used that (Visio ironically being the most popular) more recently the Biztalk orchestrator or Whitehorse in Visual Studio 2005, the simple fact is that they have either been far to complicated and un intuitive to be pragmatically practical for daily use so therefore used only by the diehard geek who loves to master the complex or on the other hand these graphical environments have been to simplistic to be of any real use, so whoever strikes the balance is going to make a killing.

Yahoo Pipes is just awful, it’s made a meal of what could have been something so simple. For a start it’s just not obvious what you have to do, the tutorial is just 4 examples and a dialog box, handy then. The toolbox and the controls in aren’t exactly intuitive and the help doesn’t help much, it appears in this next to useless small box in the bottom left hand-corner of the screen. Whilst I’m having a good moan, what kills the whole thing for me is the performance, yep, so it’s using Ajax but it’s just soooooooooo sllllllooooooowwww to do just about anything, maybe if I up-sticks and moved to the US the latency is bound to better then perhaps I’m in with a chance of not loosing enough patience to master it. Whoever when actually running the pipe itself it doesn’t hang-around and produces the result set very quickly, which I found very surprising.

Having had my bitch I have to say it’s a very ambitious thing that Yahoo have produced and it is a freebie and in BETA so fortune favors the brave, the potential is staggering. Yahoo are on to something with the idea it’s just the execution, they will have to work hard on the usability issues as the main priority otherwise this will become a white-elephant in afew months.

So who is going to use Yahoo Pipes? Well initially, it’s clearly not going to be for everyone other than the most geeky of us, however, those brave souls that do create feeds are going to delivery quite an impressive service for the rest of us specially as the data result-set comes in RSS so we can all enjoy the benefits of the creation.

In summary, one to watch then. Hmmm, I wonder how long before we see the other big boys do something in the same vein?


February 18, 2007 Posted by | Uncategorized | 1 Comment

Securing Vista Part 2: NTL, Telewest, Virgin.net and now Virgin Media

Well it seems NTL, Telewest & Virgin.Net have all joined forces and are now Virgin Media this happened after ntl:Telewest purchased Vigrin Mobile for £1 billion last year and have chosen to merge under the stronger brand. Virgin Media offer cable & ADSL broadband, land & mobile phone, cable and mobile TV (using the HTC Monet)

Virgin Media are offering a free security system much as the same as NTL did with the ntl NetGuard called PCGuard

As you may have guessed by look at the screen shot, PCGuard and NetGuard are the same product made by Radial Point.

They also aren’t hidding the fact it’s not ready for Vista yet with this nice and large disclaimer at the bottom of the page, that reads,

“* PCguard is only available to Virgin Broadband customers, and can only be used on PCs using Windows XP, or Windows 2000. It will soon be compatible with Windows Vista, but if you are running Windows Vista, please do not install PCguard for now, and check back soon. “

So I’m going to be checking back soon when it’s ready for Vista, i’ll try it and let you know how I get on.

February 9, 2007 Posted by | Uncategorized | Leave a comment

The Wikipedia Explorer and mistaken Google hacks.

I have been playing with this fascinating little tools for hours now!

Wikipedia explorer is a wonderful free tool for viewing and navigating around articles in Wikipedia.

It’s strength is it’s ability to graphically show relationships between articles on Wikipedia and hoping from one article to another which is a lovely way to surf around.


Sculpture of a Wellsian Martian Tripod.

I picked on my own home town, Woking in the UK and jumped from link to link and found this lovely picture of the Alien Martian Tripod heading towards the Lastminute offices where I work which is only yards away from an Aeroplane that was mistaken by Google Earth Hacks as low-flying!



February 7, 2007 Posted by | Uncategorized | Leave a comment

What is SOA Governance?


Enterprise or corporate governance is the ability for executive management to create policies that apply to their organisations, communicate those policies, provide employees with the tools they need to comply with those policies, enforce those policies, obtain visibility into levels of compliance and mitigate any deviations from corporate policy.

SOA governance, in addition to the more traditional human-based software development life-cycle (SDLC) checkpoints and role-based review signoffs, focuses on the creation, communication and enforcement of service policies. Service policies are metadata that consist of a set of constraints and capabilities that govern how services and their consumers interact. Simple policies typically include rules describing who can access a service and what credentials they need, how messages should be routed to the service and what service-level agreements (SLAs) apply to the service.

SOA governance requires that organisations take business policies, typically in written form, and transform them into metadata-based rules that can help automate the process of validating and enforcing compliance with those policies in both design time and runtime environments. Companies must then manage policies through their entire lifecycle. In general, policy lifecycle management within SOA focuses on ensuring the quality, performance and applicability of available services, enabling service consumers to discover and reuse services as well as other artifacts, managing service versions, handling the security of services and other SOA artifacts, and assessing and managing the impact of change across all service consumers. Managing policies also includes providing visibility into whether people are following policies, as well as handling policy infractions. Such policy management tasks are also an inherent aspect of IT governance.

What a SOA Governance consists of,

Organisation Changes


XML Schemas

WSDL documents


Management of SOA artifacts

Organisation Changes

There is a common misconception that SOA governance is governance of a SOA, as though SOA were one more IT asset in need of governance in the organisation. That belief, however, indicates a fundamental misunderstanding of the role of SOA. Fundamentally, SOA is enterprise architecture — when an enterprise adopts SOA, it should approach the organisation of all of its IT assets from an SO perspective. As such, Service orientation provides a broad organising principle for all aspects of IT in the company — including IT governance. That’s why we say SOA governance is IT governance in the context of SOA, rather than governance of SOA.

Furthermore, SOA requires a reorganisation of IT personnel and the users of IT into domains. The need for governance highlights the importance of such reengineering, but is not its cause. On the contrary, the need to break down silos and organise a company’s efforts based upon the core needs of the business is as old as the term “reengineering” suggests. SOA enables the enterprise to organise IT functionality into Services that meet the needs of the business, finally enabling companies to achieve the long-desired business goals of breaking down silos and focusing on the needs of the business and the customer.

The IT governance process begins with setting objectives for the enterprise’s IT efforts. Traditional IT governance processes then distribute these objectives to each department within IT, for example, applications, networking and development. SOA governance, however, introduces the notion of domain ownership, where domains are managed sets of Services sharing some common business context. In many cases these sets of Services are business Services, such as customer information, order processing, or product analysis.

Each domain is responsible for maintaining the applications that support its Services and for maintaining the interfaces to its Services for other domains. The owner of each domain must therefore handle such issues as Service management, business logic encapsulation, location independence, and the data format issues associated with its Services. When the people in charge of some product area want access to a Service from a domain, they make a request to the owners of the domain and the two groups determine the relationship between their respective spheres of influence, creating a Service-level agreement between them. Such relationships and agreements also exist between domains.

SOA governance also introduces new roles that the company must provide for:

• The domain owner — manages the direction of the domain and the business relationships between the domain and business units, as well as other domains. The domain owner also helps business process owners in various business units understand the business application of the Services within the domain. This person also tracks the usage of Services for management purposes and ROI calculations.

• SO domain business analyst — identifies abstracted, normalised business Services. Translates business requirements into Service definitions. Works closely with IT personnel to direct Service implementation.

• Line of business representative — communicates business requirements and identifies business Services for each of the domains.

• Domain developer — builds and maintains Services consistent with the SOA lifecycle. Implements Services consistent with implementation guidelines and the SOA.

• Service tester — certifies that each Service conforms to the business requirements that apply to that Service. Builds test cases for the Service interface.

Each person working within a given Service domain is responsible for developing the business Services that are shared across the lines of business. This shift in responsibility introduces a change in the organisational structure for application development, as people shift from developing functionality within an application to developing functionality within a particular Service domain. These new roles should work in conjunction with the enterprise architecture team.


Policies are design rules specify interfaces, eliminate certain paths from consideration, and delineate boundaries between subsystems. A primary goal of architecture is to increase modularity and create well-defined abstractions based on service APIs. After those choices have been made, they must be recorded, communicated, and enforced.

The very mention of policies makes many IT professionals break out in a cold sweat. Developers, particularly innovative ones, worry that policies and rules will straightjacket them. Worse, they know from experience that many policies are unrealistic, and they fear that governance will lead to bottlenecks and impractical, ivory-tower restrictions. With care, however, it’s possible to create a governance process that promotes service enablement and earns a buy-in from the people who have to live with it.

Creating palatable policies

Effective governance hinges on the processes that produce policy decisions — that is, the methods by which you make, communicate, and enforce choices.

Good SOA governance processes resemble town meetings more than they do dictatorships. The biggest governance mistake organisations make is short-changing communication and collaboration

The decision-making process can be organised in various ways, but ultimately it’s a social process that has to work in an organisational culture. The rise of social software systems like ‘LinkedIn’ has helped gained an appreciation for SOA governance. It’s about recognising that people are socially organised. SOA governance must incorporate best practices around organisational dynamics and how human beings behave in organisations.

It is easy to create animosity toward governance for example, for developers to adhere to policies that they aren’t aware of up front. Policies have to be set down on paper. Awareness created, expectations set, and clearly stated but it is important that the policy isn’t overwhelming.

Many organisations create a centre of excellence or some other group in the enterprise architecture group to provide resources and guidance, to serve as a repository for best-practice information, and to operate tools that support the SOA governance process.

The idea is to build schools, not prisons with the goal being to help people conform to best practices, not police them.

Policy No. 1

Policies can affect every aspect of the service lifecycle, including design, deployment, and operation. For example, a design-time policy might set out a corporate namespace, whereas a deployment policy might require that production-level services meet requirements laid out by the WS-I (Web Services Interoperability) organisation. Or an operational policy might require all deployed services to be managed and use the corporate security infrastructure.

But in most organisations, it makes sense to begin policy-making efforts with standards. After all, standards make SOA possible. Each enterprise must determine which standards are used where and when. For example, will WS-Security and WS-Policy be used? Under what circumstances will they be required?

You could call out specific standards in individual policies, but a better strategy is to create an IF (interoperability framework). An IF is a special policy that lists the standards that your organisation will use, points to reference information, and indicates the status of the choice: approved, de facto, emerging, sustained, sunset, or in process.

These indicators are largely self-explanatory, but two deserve special mention. “Sustained” indicates that even though the organisation has decided to support another standard in this area, use of the older standard is supported. “Sunset” indicates that developers should migrate from the standard as soon as practical.

An IF separates references to quickly changing standards from individual policies, making them easier to manage. Overall, an IF is a great place to begin, if only because agreeing on standards will probably be the easiest policy task you’ll face.

Creation of Registries

Registries are the primary tool organisations use for managing and communicating governance artifacts, as well as automating key governance activities. A registry provides a central reference or “system of record” for services. Think of it as a place where services can be advertised by providers and discovered by consumers inside an organisation — a control point for governing service availability, versioning, and compliance with internal and external requirements.

Some vendors offer what they call “repositories” — registries that also serve as places to store metadata for services that go beyond WSDL documents. Because registries and repositories are so important to the development process, look for software that deeply integrates with your development environment. For example, if you’re an Eclipse shop, be sure that the registry you choose has a plug-in for Eclipse.

Registries also have APIs that are used by applications at run time to find services and associated policies dynamically. Additional metadata might, for example, tell the service consumer what security policy the service requires so that the client can dynamically adjust to changing service offerings.

Run-time policies are most effective when they can be expressed in a WSM (Web services management) system, such as those provided by Actional, AmberPoint, Blue Titan for example. Most WSM systems provide a means of enforcing conditions on the SOAP envelope at run time. For example, a WSM can ensure that services use a particular security protocol or that enclosed XML documents conform to a particular schema.

Look for systems that not only allow you to manage, version, and discover policy at design and run time but also provide for policy reuse. Being able to create and manage policies independent of a specific service allows you to fully leverage policy assets.

In general, enterprises should automate as much of the governance process as possible. That requires a centralised investment in people, organisations, and tools to establish the appropriate context for SOA. Properly done, your governance process and its associated infrastructure may be the only centralised elements in your entire SOA deployment.





February 4, 2007 Posted by | Uncategorized | Leave a comment

Just call me Mr Card-Shark!

I’m loving this new Texas Hold’em Poker games that comes with Windows Vista Ultimate Edition.

Anyone else a Card-Shark? Then post your best score up on your blog.

Also, have you seen the prizes on the Windows Vista site? They are really amazing ! So, I thought I would enter, why not? It just means watching three short videos and then you can enter to win.

February 4, 2007 Posted by | Uncategorized | 1 Comment

Securing Vista with NTL NetGuard, AVG Grisoft, Trend, Panda, Sophos & Live OneCare

Now I have Vista installed I want to protect my installation with some decent security software.

NTL NetGuard the free Internet Security software for NTL subscribers which is made by Radial Point is actually very good and meets my needs very well but during installation under Vista an Error 1321!? appears.

After speaking to NTL technical support it seems they will support Vista eventually but the operative couldn’t supply me with any dates. Jan 30th I suggested!

Another reminder that I would have changed broadband supplier years ago if I could have ADSL but sadly I’m to far from the local telephone exchange.

So what if I run the install under ‘Run As Administrator’? The install still comes up with the same error!

Next port of call was the Windows Market Place to get some idea of what pieces of software where supported under Vista which isn’t actually what easy to find, so I hit Google and got this which was mostly a list of news articles telling me about the wrangling security firms such as Symantec and Mcafee had with Microsoft regarding securing Vista. Ok, so I get both sides of the debate, but this isn’t helping me, the consumer, now!

I adjusted my search to this and found a piece of software called AVG from Grisoft with a free version. Sadly after some poking around on the forum, the free version isn’t support under Vista.

Hmm, before I randomly start downloading and installing AV software I had better decide on my requirements before I continue.

Ok, so my requirements are,

  • Naturally, will comprehensively protect me from nasties, AV, spyware, malware and with a nice firewall would be good.
  • I only want a temporary solution until NTL/Radial Point pull their finger out, but if it’s better and doesn’t cost earth I will blow dust off the credit card.
  • Don’t want to bother with Symantec and McAfee because I’ve used them before and hated the bloatware with a passion.
  • Would be nice if didn’t steal all my system resources
  • Didn’t annoy me with lack of thought or common sense
  • Some degree of control would be nice
  • … and works under Vista 32bit … and 64bit … as I may want to upgrade later!

So to start the search I had to install something to protect me now, so I went for the easy option and installed Windows Live OneCare as it had a menu item off the Vista welcome screen.

As OneCare installs with a nice long 90 day trial I could have easily stop my search here. This surely must be enough time for NTL to sort themselves out? But for my mind it failed because it automates way to much for me.

OneCare is a fantastic piece of software for someone like my Mum, who just wants to set it up and forget it and be completely protected and doesn’t want complication or fuss.

An annoyance is the Tune-Up process that has taken day! Yes days to do it’s thing! Admittedly it’s got 100GB of stuff to wade through but really should it take that long?

Where is my options/preferences so I can tell the software where to scan or tune-up? OneCare is a jack of all trades and master of none but I suspect this is by design, the anti-competitive stuff has really weakened Microsoft from being a great competitor in new markets that have strong competition already, how exactly is this in my interest? So Microsoft has obviously decided on the ‘just enough approach’to protect but not do as much as the rest so no big cry of foul from the competition.

Anyway, at least I now have the protection to start my search onto the web.

My first stop was Sophos and it didn’t take me all of two minutes to realise they didn’t have a home solution. If I had an Enterprise or Small business I would do well to look at their solutions in more depth as they completely support Vista, but as this is for me and my laptop, it’s off to the next piece of software.

Trend Micro has a very well known piece of software called PC-cillin and I got all excited that this piece of software could indeed tick all my boxes, all was looking good until this wonderfully spelt error message appeared during the installation.

Nice one Trend! Anyway, I kicked myself for not checking before hand so I went digging around their website and found a link off a news article.

So why isn’t this on the front page? So here is a link to the Beta version of PC-cillin.

So now I have a dilemma (or demela hehe) do I install Beta software? Well, I do want to protect my system and it would be ideal if it was a fully supported released version. So, I’ll reserve the right to come back to it, but for now no. 

My next port of call was Panda Software. A version of their AV software is going to be branded for the UK’s #1 retailer Tesco’s so worth a visit.

After my last experience I decided before I downloaded and installed any software it has to say the magic words, ‘Vista Compatible’ before I proceed. Hmm, no joy here, but after a quick search I found yet another piece of beta software for Vista.

Next stop on the journey which is ending up like a PC Pro group test is Avast! from Alwil software. There is a nice big Vista logo on the front page which takes me to a very reassuring page that tells me that every version is already Vista compatible and there is also a free version!

So we have a winner? Well at the moment yes! All of my requirements are happily ticked. I could continue the test but I will live with Avast for a bit and report back on my progress.

January 21, 2007 Posted by | Uncategorized | Leave a comment