Blog Compass Lite 2.0 - personal blog About Me Album Bookmarks

Thursday, October 27, 2005

Exhausted for a pass

Studying for CISSP is really exhausting. I start to wonder if I can really be one of those talents who can manage to grab these qualifications one by one. Yet anyway, I am going hard for it.
I have got a job offer recently and I will change my job very soon. So essentially, everything are happening together and they are all pirority one...
Longing for a good day for sleeping....

Sunday, October 23, 2005

Banks get new online authentication guidelines

Banks get new online authentication guidelines - Computerworld

Rules and guidelines are clearly becoming more stringent. Banking should be the most credible services that should take the first step to improve its security measures. After the mechanisms are proven to be working, other industries are bound to imitate.

Thursday, October 20, 2005

IT execs see higher spending because of Sarb-Ox rules

IT execs see higher spending because of Sarb-Ox rules - Computerworld

An expected outcome that may trouble many enterprises. By enforcing a compliance to best practices of IT governance, the costs will definitely increase, yet for an obvious and foreseeable reward. Executives who is viewing IT as a budget burden are understandable. IT is seldom a drive for core business value afterall. But what if you consider the cost of processing everything manually instead?

The increasing dependence on computers and electronic transactions directly induce an increase of risks. Poor IT infrastructure and operation management may well transform those risks to threats and losses. You may plan an investment on IT to scale your business or to cut costs by simplifying workflow, but one should always be prepared to raise these spendings to keep your information system in good shape, lest the loss of your system being compromised can be devastating.

Wednesday, October 19, 2005

RSA boosts security of single sign-on

RSA boosts security of single sign-on - Computerworld

A new single sign-on product that supports two factors authentication is out in the market. A good thing about RSA is her extensive adoption of SecurID token in her products. Sooner or later as online banking and transactions start to gain acceptance from the public, people will realize the delicacy of mere password protection.

Passwords can be forgotten, can be too simple to be guessed or brute force attacked. They can be shoulder-surfed or sniffed in the network. If your machine was infected by malicious code your password can be recorded by keystroke. So far people need a second degree of protection that is easy to use, a token can be the best choice.

We can foresee a drop of hardware cost and later on we can have affordable fingerprint scanners. Maybe RSA may adopt biometric authentication to her subsequent single sign-on products too.

Tuesday, October 18, 2005

Putting myself together

It’s less than two months to my CISSP exam and there are still lots to study. It is really an uneasy one and I can’t guarantee a pass. Nevertheless I will try my utmost so lets see what the outcome would be in the end…

Monday, October 17, 2005

China spacecraft returns to Earth

BBC NEWS | World | Asia-Pacific | China spacecraft returns to Earth

Chinese astronaut Nie Haisheng gets out of the re-entry capsuleAnother great success. I am looking forward to the successes of Shenzhou VII and those afterwards!

Other results from Technorati :

Saturday, October 15, 2005

Apple - new iMac G5, even thinner

Apple - iMac G5

iMac G5The desktops are right becoming thinner and lighter, just as I said in Decline of Desktop, Apple is really doing great in reducing the size of desktop computers, making it more or less the same as a plasma television. In the announcement presentation Steve Jobs emphasized a size reduction not just in the iMac itself, but also in the remote control. And truly, a simpler control is obviously more user-friendly to senior citizens, who are more likely to have time on video entertainment.

It seems that Apple is really proficient in designing compact hardware and reducing sophistication, while Microsoft emphasizes on broad reaches and functionalities that simplify people lives. Can there be a synergy between the two, just like what Microsoft and Palm did on smart phone recently?

Friday, October 14, 2005

Comparison of AJAX frameworks

Survey of AJAX/JavaScript Libraries
For those who are considering which AJAX framework to adopt, you may find the above comparison useful.
I am looking forward to seeing a richer comparison of RIA frameworks which can possibly include Macromedia Flex and other open source packages.

Thursday, October 13, 2005

China astronauts blast into space

BBC NEWS | World | Asia-Pacific | China astronauts blast into space

Witnessing for the second time that we have China astronauts up in the sky, tides of patriotic feelings are filling up everybody’s heart.

I am not biased, but having observed the recent trends and changes, China is obviously becoming much stronger and significant, all politically, economically and technically. China goods are being very competitive in terms of price, leading to issues of garment export to Europe and Yuan FX rate becoming controversal. It is a country with healthy positively growth, with a gradual increase in trading opportunities hence achieving mutual benefits between the east and the west.

Hopefully we can see further improvements in computer technologies in China, it may open up a golden gate for IT practitioners in Hong Kong.

Raible Designs ~ DWR and now included in AppFuse and Equinox

DWR and now included in AppFuse and Equinox

I have tried DWR for some time. Now I would really want to see what the new Appfuse is up to with this…

DWR (Direct Web Remoting)

What DWR does for you:

  • DWR gives you a very easy way to call Java code directly from Javascript. It gets rid of almost all the boiler plate code between the web browser and your Java code. So you don't need to create servlets and web.xml entries for all your code, you don't need struts config files or JSF magic incantations, no writing Actions or implementing some special interface. Just you, DWR, Java, HTML and Javascript.
  • DWR gives you a jump-start to being able to create GMail type interactivity. We are gradually moving to a web where more and more is done dynamically, and love it or lothe it that means Javascript. DWR makes the Javascript easier by giving you a set of examples of how to create dynamic sites.

Yahoo, Microsoft link IM services

Yahoo, Microsoft link IM services | Tech News on ZDNet

        That is what I’d really like to see. The network of IM is finally converging. The giants are providing free form of services which are obviously redundant, in order to enjoy all the unique features each of them provide, customers have to install two to three similar software packages.

Afterall, technologies are built for the convenience of men. The companies can definitely continue to have their own software clients, but at least should share the same protocols that allow message interactions. The competition should lay on value added services.

Sunday, October 09, 2005

Brin: Google succeeded by luck

Sergey Brin unplugged at Web 2.0 | Between the Lines |

Starting up: The number one success factor for Google was luck. We followed our hearts in terms of research areas and eventually we found we had something useful and we wanted to be impactful about it. We talked about open sourcing the code and working with universities, but it was difficult to do that because of the computational resources required–we needed money to pay for it.

It was truly a legend. Google started up great and achieved a greater value than Microsoft in a much shorter period of time. She was growing so fast that eventually has the face the head to head combat with Microsoft. Then we ponder: is there a true need for the two giants to have overlapping product lines? Both want to do searching, RSS, browser. As far as I see recent web applications (personal portal, groups, blog, photo album, IM etc) are all about a competition between Google, Yahoo and Microsoft. Personally I like to see them improve through competition, but I am also concern if they are rolling out new applications to get the market’s attention, without true demand or good quality…

Being an IT practitioner myself, I always see the giants as my role models for developing good software and applications. Luck may be a good catalyst to boost a success, but luck is never a factor to sustain a success. I look forward to seeing more IT companies, no matter big or small, to come up with new ideas that can make the world a better place.

Friday, October 07, 2005

Macromedia Announces Flex 2

Macromedia - Press Room : Macromedia Announces Flex 2 Product Line and Flash Player 8.5

It’s definitely good news to me, at least I know Flex is still growing after the acquisition of Adobe. Probably I won’t give up the chance to test this new product out.

So much I want to learn more about Flex and Ajax as Rich Internet Applications will definitely become the mainstream in the near future. For applications with sophisticated form fillings and presentations, it is intolerable to have many page refreshes and waitings. Moreover as security measures are improved more people are willing to accept online transactions, improving the purchasing experience is an absolute competitive edge for an online application to be widely endorsed.

Yet right now my CISSP and CISA examinations are drawing near, pray that I can finish them soon and resume my research on these cutting edge technologies…

Thursday, October 06, 2005

Web 2.0 and RSS = Content Theft?

The Net is Dead? On RSS and the coming wave of content theft

It is a pretty new perspective on the issue. When we crossover Google PageRank, as is recognized as an important benchmark of website popularity, with the way news aggregators syndicating RSS feeds; before long we will ponder: so they can fetch all the grestest contents from the web and get the highest page rank?

Most people understand the concept of running a site with meaningful content and earning some cash with advertisement embedded into this content. So what if you don't want to write the content yourself? You'll just STEAL it! Since the rise of RSS, stealing has never been easier. RSS stands for Really Simple Syndication but to some it means Really Simple Stealing.

If we are taking the view that Web 2.0 is becoming the trend, we should also embrace the idea that the web architecture is transforming, from client/server model to more like P2P network. Taking Bittorrent, eDoney and Kazaa aside, but the World Wide Web itself is becoming symmetric, every hosts can have equal chance and ability to aggregate, view, quote and publish; making the traffic to websites less significant, or instead we should honour the contents by ranking the sources of feeds.

So we can share files, contents, and what next? Maybe the wind is blowing towards utility (or distributed) computing

Tuesday, October 04, 2005

Google Group for Java Web Application

Google Groups Subscribe to Java Web Application
Browse Archives at

Delighted to see that the group is approaching a membership of 300. Lets join our knowledge base for building better web applications!

Monday, October 03, 2005

Ants unearthed with Google Earth

Official Google Blog: Ants unearthed with Google Earth

When I see this in Google Blog, I start to have a fancy feeling: how much longer will it take for Google to put a zoomed in satellite picture of an ant on Google Map?

You may find the satellite picture of your apartment on Google Map. With the recent deal between Google and NASA, will it be possible to zoom in even closer? Maybe later on we will have something like Earth Live available real time…

CISSP Mock Test

CISSP and SSCP Open Study GROUP Online Quizzer

I am going to take the test on the 30th this month and there are two more chapters of text to go. Obviously taking mock tests/exercises is much more important that diving into the text, and this Quizzer from is exactly what is needed.
I have accessed other sources which are quite helpful for the study:

And a reminder for those interested, Shon Harris CISSP All In One Third Edition is out. I am having the 2nd edition myself and also the Official (ISC)2 Guide. Hopefully there are enough resources, and maybe what I need now is luck.
PS: If you have other online resources to share, do share with me in the comments!