Liudvikas Bukys

Michael Bacarella:
The Peon’s Guide To Secure System Development
“Increasingly incompetent developers are creeping their way into important projects. Considering that most good programmers are pretty bad at security, bad programmers with roles in important projects are guaranteed to doom the world to oblivion.”
Good old-fashioned polemic.
[Slashdot]

UniversityBusiness:

Death to Bureaucracy!

When Dr. Edward Hundert took on the presidency of Case Western Reserve this summer, he laid out a multipoint vision for the university; one that would elevate the institution to its place as “the most powerful learning environment in the world.” The cornerstone of his mission? To “annihilate all unnecessary bureaucracy.” (Alas, good men and women before him have espoused the dream.) Yes, it’s all about streamlining technology and business processes, but translated, says the new president, that means: delegation, empowerment, and action.

“How many layers of signatures must you have?” Hundert asks, delivering ideas in a salvo that seems appropriate for the 45-year-old first-time president, reputed to move at the speed of light. “Just getting a position posted was taking an incredible amount of time. Does our provost have to sign off on every adjunct dean he appoints?” He could delegate that duty, says Hundert, and “we could simultaneously delegate the sign-off function further down the line,” he adds, describing any number of areas this domino-effect delegation of power could revise. It’s all about streamlining “huge layers” of business processes with delegation, Hundert explains—processes that typically cut across all areas of a large academic institution.

But delegation is only one step toward the annihilation of gratuitous bureaucracy, he says. He moves on to describe a new empowerment that must pervade CWRU, in order to free up administration and faculty to concentrate on the “aggressive” leaps in curriculum integration, research, and business development that will propel the institution toward its new position.

The empowerment begins with the determination to see the academic and business sides of the university work in tandem, to slice through the bureaucracy issues quickly. Contrary to the historical church-and-state separation of power prevalent in many universities, “My senior management team reflects the philosophy that you shouldn’t separate the academic from the business side of a university,” Hundert tells me. From his president’s cabinet on down, university leaders from both worlds meet in teams, to discuss issues and to put plans into action.

“They must first decide which protocols work, and which don’t,” says Hundert. “We have to kill bureaucracy, but we can’t kill it randomly. If some steps are in place to recruit more minorities, we don’t want to lose those. Yet, if steps are in place just because some top person has always had the power to sign, why do we have to keep it that way?” The teams are looking at everything, says Hundert, right down to purchasing capability. (“The sign-off threshold on bids was $2,500; we raised it to $10,000 immediately. How else can you get anything done?”)

But to empower team members to think and work across academic and business disciplines, it’s not enough to simply combine academic and business leaders around a table. So the new president has merged the academic and business focuses of key individuals, and changed titles along the way. The Senior VP of Finance has become the Executive VP and COO (“Senior VP of Finance conveys that that person doesn’t think about academic things,” Hundert explains.); the Provost has become the Provost and University VP (“That conveys that he is vice president of all facets of the university.”). He’s also added the new role of VP of Corporation—a now not uncommon full-time position that interfaces with the university president and the Board. (The Board, by no coincidence, is now involved in what Hundert terms “massive self-study and benchmarking,” to eliminate and streamline committees, and make itself more efficient).

Of course, technology will play a major role in Hundert’s war on bureaucracy, and the president plans to implement it everywhere he can, and as quickly as possible, to free up administrators and faculty members, and to enable new models of efficiency and achieve new levels of satisfaction. Hundert points to the changes in Student Affairs that he helped to institute at the University of Rochester, where he has served as dean for the past two years.

“If a student wanted to take a year to do integrated study, he had to go from office to office, peddling his story at the front door. Getting through to a key individual was so difficult. So we implemented a one-stop, integrated student center where the people at the central desk were cross-trained to solve problems at Step One. Half the time, it turned out that a student only needed a simple form.” Almost immediately, says Hundert, the student satisfaction level skyrocketed. “And the people in the offices were so energized, they decided to stay open to offer evening help as well,” he adds. At Case Western, that kind of integration will soon criss-cross courses, schools, and institutions, says Hundert, creating a model for the kind of integrated study that will be unique to CWRU—”No deans negotiating shared tuition agreements,” he foretells. “Faculty will be excited to take positions here as opposed to anywhere else, because of the innovation. But it’s all dependent on streamlining bureaucracy.”

We’ll be watching.

WSJ:

For Bulk E-Mailer, Pestering Millions Offers Path to Profit
“In the first week of the Triumvirate Technologies campaign, 81 orders came through from 3.5 million messages, a 0.0023% response rate. Still, that generated $1,555 in commissions, and Ms. Betterly was pleased. At that rate, she expected to clear about $25,000 in the end.”

[via Slashdot: The Economics of Spam]

See also

NPR Morning Edition interview with Laura Betterley

Slashdot: “The National Security Agency recently certified the Harris Corp’s Secnet-11 as the first 802.11b system permitted to carry US SECRET level data. See press release. The system integrates NSA crypto with commercial chipset based 802.11b PCMCIA cards and access points to create a secure wireless LAN. Unfortunately, you and I won’t be able to buy them, as they are only available to organizations with an NSA COMSEC account.”

Web Hosting News: Comodo Declares SSL Price Freeze. Web Host Directory Nov 13 2002 8:38AM ET [Moreover – Computer security news]

Trojan Found in libpcap and tcpdump [Slashdot]

Oracle’s GPL Linux Firewire Clustering “It seems that Oracle just released libraries to allow low cost Linux clustering solutions using firewire…
Aside from the coolness factor (imagine a beowulf cluster of DV cameras…) it’s quite new for Oracle to release GPL software. They also seem to include really useful tools for NIC failover, Wizard building framework and integration of the cluster into Gnome (via a gnomevfs plugin).” [Slashdot]

EE Times:

10-Tflops computer built off the shelf

Lawrence Livermore National Lab is putting together a supercomputer that will boast nearly the same performance as the ASCII White system from IBM Corp. that the lab now uses but it promises to be 10 times cheaper. Called Evolocity, the system will be the fastest clustered supercomputer in the world, according to Lawrence Livermore.

…

“This network approach is nice because we can use a standard PCI slot on each processor node, which gives a 4.5-microsecond latency,” he said, as opposed to 90-µs latency for Gigabit Ethernet.

The network uses bus host adapters on each node, supporting a 320-Mbyte transfer speed in one direction and 400-Mbyte bidirectional throughput. Each processing node is a server board from SuperMicro Inc. (San Jose, Calif.), built around the Intel E7500 chip set with two Xeon processors running at 2.4 GHz. The boards are linked by a network assembled by Linux Networx into a clustered system that will have 960 server nodes.

The file system, called Lustre, uses a client/server model. Large, fast RAM-based memory systems support a metadata center, and data is represented across the enterprise in the form of object-storage targets. “Being able to share data across the enterprise is an exciting new capability. It will allow more collaboration among research projects,” Seager said. For example, workstations on the network running visualization programs can directly access data generated by Evolocity.

MSS Initiative Makes Progress
Phil writes
“The MSS Initiative was started by Richard van den Berg and myself to combat sites that are broken (enable Path MTU Discovery AND block ICMP 3,4) which include such big sites as SecurityFocus and CERT (causing those behind PPPoE and other less-than-1500-MTU-protocols to be unable to view the sites). This past week we were priveleged enough to be able to present a paper at the 16th LISA Systems Administration Conference! Check out the paper and slides and be sure, like many members of the audience, to fix the sites you administer!”
[Slashdot]

Slashdot: Members of the Oasis interoperability consortium approved the

Security Assertion Markup Language (SAML)
on Wednesday as an OASIS open standard. The move paves the way for the XML-based framework to enable secure SSO (single sign-on) and other security functions for Web services transactions spanning multiple hosted sites.