Feed aggregator

GIDS Session 2 : Demo on Blackberry playbook

Venkat Viswa - Wed, 2011-04-20 00:11
Next up is a session on playbook that was launched in US yesterday

What is a Tablet?

Combines best of both worlds : smartphone and Laptop

Features of Blackberry playbook

features are amazing : dual core 1ghz processor , 7 inch touch screen , front and rear cameras.

multitasking --> this is not currently possible in ipad

full support for adobe flash sites.

support for HTML 5

HDMI PORT

ultra convenient and less than a pound

sales force integration

lots of enterprise features : securely pair Blackberry, document viewing and editing over 2000 apps available.

Developing for playbook

Browser : Flash 10.x + html5

RIA : Adobe AIR + blackberry web works

www.blackberry.com/playbook

GIDS 2011 - .Web day Session 1

Venkat Viswa - Tue, 2011-04-19 23:03

Arijit Chatterjee from Adobe is giving an excellent session on Building Next Generation of Experiences.

His presentation is full of interesting images. I like the fact that there is less content in the presentation and more of verbal communication.

The main message behind the presentation is to how to make the user experience better - Understand your users, how to make beautiful websites, understanding local sentiments and speaking in local language.

Some key things to keep in mind

1) Build trust
2) Maintain Focus on workflows --> move from one task to another
Create in context help - if necesary
3) Involve all Senses - the more sensory organs are involved, the more you will be able to retain users.
for web app Visual,Touch,Sound are the key .

4) do not build something Jazzy - it might drive people away from your site

5) Acknowledge Status clearly once you are done with something irrespective of Victory or Failure.

6) 3 D display wherever relavant

7) Use sound - Judiciously

8) use of high definition haptics


Wrapping up with a few stunning images . Aquarium Sink, Bubble Cosmos , Interactive multi modal workspace.

Heading out to talk to MOS Devs in May

Charles Schultz - Tue, 2011-04-19 15:17
I have been invited to a workshop to talk about enhancements to MOS. I am dearly hoping to collect and possibly organize feedback from the user community in general. So here is what I am looking for:
1) What do you like about MOS? Ie, the things you do not want to see changed.
2) What do you not like about MOS? The more specific the better, and bonus points for suggesting an alternative.

I'll be compiling my own list in the next few days. I realize many user communities have tossed this topic around ad nauseum, so this little effort is mostly my feeble way to gather all that wonderful feedback into a small concise package that can be communicated in a very clear and distinct manner.

The curse of the cursor

Tony Andrews - Tue, 2011-04-19 04:58
For some reason, many Oracle developers avoid SELECT INTO as if it were dangerous, preferring to "have more control" over their code by using cursors for everything. This morning I spent over an hour debugging some code written by one such developer, only to find that the issue I was trying to fix was one that would have been caught by the original developer immediately had he used SELECT Tony Andrewshttp://www.blogger.com/profile/16750945985361011515noreply@blogger.com1http://tonyandrews.blogspot.com/2011/04/curse-of-cursor.html

Ekdahl informs and entertains at Collaborate 2011

Andrews Consulting - Mon, 2011-04-18 07:51
Oracle VP Lyle Ekdahl can be counted on to be entertaining whenever he makes a public appearance as he did Tuesday at Collaborate 2011.  His annual state of the union address to over 500 of the faithful was energetic, articulate and informative as usual.  His declaration that we are entering a “new era for ERP” […]
Categories: APPS Blogs

It's always X, except when it's not

Jeff Hunter - Thu, 2011-04-14 09:05
I drill into my DBAs heads that the first step in tuning any process is to get a trace.  Don't show me the query plan until you show me what the database actually executed.  The trace is the fundamental clue in any performance investigation.  The wait events tell you exactly what's going on and there is no question where the bulk of the time is being spent. When we see a large number of waits on

Independence

David Aldridge - Wed, 2011-04-13 05:10
From slashdot I see that there is once again a new language in town. Now then, there are a great many Java developers who have preached the benefits of implementing data logic (what they call business logic) in the application so-as to create RDBMS-independent code, including James Gosling who apparantly leads the pack in “not […]
Categories: BI & Warehousing

A New OVD Customer Case Study

Mark Wilcox - Wed, 2011-04-13 03:23

The EMEA sales team just published a new case study for Ruhr-Universität Bochum a university in Germany.

They use OVD to provide an LDAP interface to their master identity data which is stored in an Oracle database. This allowed them to avoid needing to synchronize the data to another LDAP - which resulted in faster and more reliable identity services.

Posted via email from Virtual Identity Dialogue

A special event for ADF EMG members - world wide and virtual

Chris Muir - Tue, 2011-04-12 07:14

I'm happy to announce that three key participants of the ADF EMG will be presenting alongside Oracle staff at the upcoming "OTN Virtual Developer Day - Rich Enterprise Applications" .... a virtual conference on all things "ADF" in early May, open to the general public.

Jean-Marc Desvaux, John Stegeman and Sten Vesterli will be presenting under the "Best Practices" stream on the following topics:

* ADF Security in a Project-Centric Environment - An ADF Case Study (Jean-Marc)
* The bit every one forgets: Unit testing your ADF applications with JUnit (John)
* Starting an Enterprise ADF project (Sten)

I need not remind members that these three gentlemen are well known in the ADF community for their volunteer efforts in writing blogs and presenting, writing OTN forum papers, answering OTN forum questions, and even an upcoming ADF book!

Overall what I like about this event is there's a good opportunity to pick and choose across 5 streams. As such depending on your experience and background, you can dip your toe into all sorts of different ADF topics, from basics to best practices, all from the comfort of you're own desk.

The online conference will be repeated in several time zones to ensure everyone gets a chance to attend:

N. America - Tuesday, May 3rd, 2011
08:00 a.m. – 12:30 p.m. US PT

Europe / Russia - Tuesday, May 10th, 2011
08:00 a.m. – 12:30 p.m. U.K. Time
9:00 a.m. – 1:30 p.m. CET

Central / South America - Tuesday, May 17th, 2011
08:00 a.m. – 12:30 p.m. US Eastern Time
09:00 a.m. – 1:30 p.m. Brazil time

Asia Pacific - Tuesday, May 24th, 2011
08:00 a.m. – 12:30 p.m. India Standard Time
10:30 a.m. – 02:30 p.m. Beijing Time

If you're interested in attending please follow this link to register.

Good luck to Jean-Marc, John and Sten, I look forward to hearing them present, all 3 always have valuable information to share.

11g Gotcha

Jeff Hunter - Mon, 2011-04-11 07:53
Something I discovered recently is that the DEFAULT profile for Oracle 11g sets the PASSWORD_LIFE_TIME to 180 instead of UNLIMTED by default.  Applications will encounter an "ORA-28002: the password will expire within X days" error message if you keep the default value. To change the PASSWORD_LIFE_TIME, you: ALTER PROFILE default LIMIT password_life_time UNLIMITED; One thing to keep in mind is

Screen Protection for IRM Protected Documents

Simon Thorpe - Sun, 2011-04-10 22:44

 

capture

Someone just posted a question to the IRM wall on facebook regarding screen protection. Here is some commentary on the subject based on a blog entry from way back in 2008.

Oracle IRM lets you define policy for screen grabbing as part of user roles. Users with the Screen Capture right assigned as part of their role will be able to take screen shots in the usual ways, but users without that right will find that IRM can mask out sensitive windows.

This immediately illustrates a difference between Oracle IRM and most other solutions, because most solutions attempt to completely disable screen grabbing whenever a protected file is open – even if minimised. To illustrate what I mean, here is a typical example of what you would see if taking a screen shot when there is a sealed document open on the screen and you do not have the Screen Capture right.

OracleIRMScreenShot.jpg

You can see that a portion of the screen has been protected, but the capture was not completely prevented. If we completely blocked screen capture, the user would be forced to close all protected documents before repeating their screen capture attempt. This might be pretty inconvenient and frustrating, for example, if the purpose of taking the screen shot is to insert it into the sealed doc you are currently editing, or you have several sealed docs open and you are not sure which is preventing the screen shot, so you need to close them all.

To be clear, we do not claim that Oracle IRM guards against all methods of screen capture – there are so many to consider, and in any case it is always possible to use a camera or to take notes with a pencil and paper if you are determined to copy the information. The fundamental control always remains the control on whether you can open the document in the first place.

Nevertheless, there is real value in the layer of screen protection we provide. Security is all about layers of protection, but nothing is 100% secure unless it is 100% unusable.

Our solution is also a very good way to remind an end user that content is protected, or to protect content that happens to be open when a user makes a legitimate attempt to take a screen shot of something else. On seeing the area that the IRM Desktop has masked out, the usual reaction is surprise that such protection is possible, and appreciation that the solution is only affecting the content that needs to be protected. Customers agree that this approach is a valuable way to remind user communities that they are dealing with sensitive information, and need to adjust their behaviour accordingly – but at the same time, the inconvenience is limited to the content that needs to be protected, so the solution is balancing protection and productivity.

As always with Oracle IRM, the right to screen capture is defined as part of a role, so it can be assigned to the right users for the right classifications of users as a matter of policy. One of the main reasons to assign the right is to enable authorised users to use sealed documents during web conferences. Web conferencing tools often work by taking a series of screen shots and passing them back and forth.

 

The Bucket List

Mary Ann Davidson - Fri, 2011-04-08 10:20

The title of this blog comes from a recent movie starring Morgan Freeman and Jack Nicholson. I confess I have only seen part of the movie - edited, on a plane, with the headphones off for half the movie - but I still "get" the premise, involving two guys in pursuit of accomplishing the list of things they want to do before their lives are over (i.e., before they "kick the bucket"). I have various personal bucket lists that are really more like "short term wanna-do lists." Mine are nothing grandiose like "climb Mt. Everest,"* but they are personal goals which includes places I want to visit and in some cases things I want to do when I get there (e.g., hike the Kalaulau Trail on one of my trips to Kaua´i, perform Hawaiian music at an "open mic" night without rotten vegetables being thrown in my direction, and so on). It's good to have goals and some of those can certainly include life experiences.

In the context of this blog, "bucket" means something other than "things to do before you kick the ..." For example, we use buckets for things like a) swill, b) mopping floors and c) for the inevitable output of drinking far, far, too much with too little food accompaniment. "Buckets" are receptacles for unsavory things we plan on throwing out, and the sooner, the better.

After multiple years in the work force and in technology specifically, I have amassed a list of concepts, phrases and behaviors I believe should be thrown out with prejudice (meaning, that they never darken our door again). I'm including everything from trite business phrases to entire bodies of obfuscation like "governmentese."

At the end of the day As one of my professors at Wharton said, "in the long run, we are all dead." I might add, "at the end of the day, the sun goes down." So what? There is nothing wrong with using phrases like "the end result is," which has the twin advantages of clarity and being useful advice for more than a single day.

Net/netAt the net/net, we lob/lob. Why can't people just say, "the result of FOO is BAR?"

Security is only as good as the weakest link ...and the second weakest link and the third weakest link and so on, because we call them "determined adversaries" and not "lazy pesterers." If you strengthen the weakest link, then the adversary goes for the second weakest link and so on. In short, there will always be stronger and weaker aspects of security and there will always be - depending on what is being secured - people who try to cirvumvent those security measures. It is certainly good practice to acknowledge weak points of security and monitor those, but if someone can break through security at the second weakest link, the weakest link didn't really matter, did it?

As long as we do not have perfect security, there will always be one point that is arguably weaker than others. There is nothing stunning in this pronouncement unless it's the banality of it.

Zero false positivesEvery security vendor in the world whose product detects bad stuff claims they do so with zero false positives. I can do that, too. Just return (hard code) "no problem" to any scan/test/benchmark that your tool checks. An added plus - the performance is excellent since you don't actually have to do anything, woo hoo!

Most people will tolerate a reasonable rate of false positives because very few alert/alarm mechanisms are 100% accurate. To misquote Dickens, "If I could work my will, every idiot who goes about with 'zero false positives' on his lips should be boiled in his own pudding and buried with a stake of holly through his heart."

There are no silver bulletsSure there are. After all, how many vampires and werewolves do you see out there? Not many. So, clearly there are silver bullets and they work pretty well.

Glibness aside, there are, occasionally, silver bullets that are (cliché alert) game changers because they work against problems that were previously considered unsolvable. For example, before there was a vaccine for polio, it was a scourge upon youth - too many kids were left crippled or in an iron lung for life. Thanks to the Salk and Sabin vaccines, polio is almost nonexistent. It's pretty darn close to a silver bullet. Vaccines in general are almost silver bullets when you consider the horrible diseases that they protect against which (rant on) makes parents' reluctance to vaccinate particularly heinous.

Digital Pearl HarborYou could argue that, perversely, Pearl Harbor did the US a favor by galvanizing public fervor. Prior to Pearl Harbor, there was a strong isolationist movement in the US; afterwards, not. "Remember the Arizona and remember Pearl Harbor" were rallying cries throughout the Pacific war. The attack on Pearl Harbor paradoxically put the US in a stronger position in the long run because they had to rely upon aircraft carriers instead of battleships (the Japanese having done significant damage to battleships at anchor in O´ahu) and, as any student of naval history knows, aircraft carriers were the key to success in the Pacific. (While the lack of carriers spelled the end of the British Empire's rule of the seas, notably as the Prince of Wales and Repulse were sunk in the early stages of the war due in no small part to No Air Cover, duh.)

Admiral Yamamoto - who meticulously planned the attack on Pearl Harbor - nonetheless actually opposed doing so since, as he noted, it would buy him at most 6 months to roam around the Pacific. It was almost 6 months to the day between the attack on Pearl Harbor (December 7, 1941) and the battle of Midway (June 3-5, 1942), at which Japan lost the war. Japan also erred in not destroying the POL (petroleum, oil and lubrication) facilities on O´ahu that would have rendered Pearl Harbor effectively useless as a port.

In short, while nobody wants to have a digital (or other) event that amounts to a) a sneak attack with b) a significant loss of life, Pearl Harbor is a poor metaphor to use because, in the long run, it was an attack that ultimately backfired on the attackers.

Very uniqueUnique means "one-of-a-kind" and requires no other modifier. Unique is thus binary: something is or is not unique, but cannot be "sort of" or "exceedingly" unique.

It's a hard problemWhen does anybody ever have an easy problem? If it's easy, it's not a problem for very long! "Hard problem" is the mother of all redundancies.

I have a better phrase: "it's an unsolvable problem." Some problems are not solvable; you merely, if you are lucky, whack away at them until they are less intractable. Or, a problem may be unsolvable as stated and thus you must change the way you think about it to devise better strategies for addressing it.

One of my favorite "it's an unsolvable problem" discussions involves trying to find deliberately introduced malware in code. It's not possible to prevent someone putting something bad in code in a way that is undetectable. Instead of expensive boogeyman hunts (like requiring background checks on all employees of a company whether or not they touch code), other strategies may be more effective, such as having multiple suppliers of a component instead of a sole source (thus reducing the chances that a corrupted core component gives someone the keys to the digital kingdom). Creating more isolation for network elements (e.g., so their interactions with other elements are more constrained and through known paths) is another potential strategy. If I cannot get to a back door to open it, does it matter that it is there? Many things in life do not lend themselves to "solutions" as much as "management." We are better off acknowledging that than holding out false hope of perfect solutions.

Elegant solutionA technoid favorite, and entirely too cutesy. Most of us do not care if a solution is elegant or not, as long as it works. To me, elegance involves black tie and classical music. However, I do not need most problem solutions to be accompanied by Chopin and presented by a white-gloved waiter. "Ugly gets you there."

Awesome and CoolIf ever there were words that were overused, they are "awesome" and "cool." It's as if surfer-dude speak has permeated our national consciousness. As much as I love surfing, and "speak the lingo" when I am out in the water, I dislike hearing non-surfers try to use "gnarly" correctly and pepper their lexicon with "awesome" and "cool." These are the same loons who wear "No Fear" T-shirts when they wouldn't even set a toe in the ocean on a flat day, most likely. Only God is awesome: everything else is, at best, spectacular.

Core competenciesWho admits to core incompetencies? I think it is fair for individuals and entities to think about what they should do themselves, which is likely a subset of "things that I am actually good at." If something is a core competency, it's probably not a good candidate for being outsourced to a third party. More to the point, if something is a core mission - it absolutely should not be outsourced, or why are you in business?

For example, I have been concerned about the US National Institute for Standards and Technology (NIST) recently outsourcing some standards development. I restate that I have immense respect for the mission of NIST and the people I know who work there. But they should not, IMHO, be hiring contractors to develop standards for them, particularly not when by definition paying a contractor to develop a standard means it is not a standard, but a "contractor-developed, closed way of doing something that has not been developed with others, with industry, or sanity checked by a broad group of actual experts." If it is proprietary, it's not a standard unless you are handed a monopoly. Which is what happens when the government pays to develop something that they then mandate through procurement - you get a government-proprietary way of doing something instead of an open standards way of doing something. None of which is conducive to use of core competencies.Think outside of the boxThinking inside the box is perfectly acceptable for 98% of daily living. For example, if I look in the backyard and see that Thunder is not there, which is more likely to be true:

  • I let him in and forgot about it?
  • He was attacked by a mountain lion (without my hearing it)?
  • He was beamed up by aliens looking for a very noisy and hairy addition to their alien zoo?
I'm betting on a), but if I were to "think outside the box," I might go for c).

My mantra is to by all means, think inside the box, because there is a lot of amassed wisdom as to how you do things well that is just ripe for the picking - far preferable to an expensive experiment to "think creatively" for a problem best solved using current approaches. And let's face it, the majority of tasks that the majority of us do is a problem someone else, somewhere, has already dealt with.

Reinvent the wheelPresumably, once something has been invented it cannot be reinvented, and it certainly cannot be reinvented if someone has a patent on it. Maybe people who are reinventing the wheel were told once too often to think outside the box?

Boil the oceanThe global warming alarmists are convinced that we are boiling the ocean by degrees, so people who say, "we shouldn't try to boil the ocean" are apparently mistaken. Of course, nobody is presumably actually trying to warm the ocean, except - perhaps - surfers like me who would be happy to wear less neoprene in northern climes.

Aside: I am endlessly amused by watching surfers in the water who wear far, far, too much "bundle up gear" in not-all-that-cold water. Such as a surfer I saw in San Diego wearing a) a full suit b) a hood c) booties d) and had some oxygen apparatus on his back - all on a 3 foot day in 57 degree water, which is warm for winter surfing in SoCal. I wanted to ask him, "what are you going to wear when it gets really big and really cold?"

FrameworksFrameworks are the "F" words of technology. A framework is something that is never actually implemented. It's kind of the scaffolding of technology, actually, because scaffolding can go anywhere and you never really know what the building it rises beside is going to look like.

TattoosThis is not a verbal cliché but it is a cliché nonetheless. I like tasteful tribal tattoos on Hawaiians and other Pacific islanders: it's a cultural thing ("tattoo" comes from the Polynesian word "tatau" - or kākau" in Hawaiian, which means "to write"). I even like a tasteful globe-and-anchor on members of the US Marine Corps (which also represents a tribal affiliation of sorts). I really, really hate tattoos on pasty haoles for two reasons. One is the general lack of "truth in advertising;" e.g., a guy I saw who must have weighed 350 pounds, very little of it muscle, with "buff" tattooed on the back of his neck. He was anything but buff, but I guess nobody wants to get a tattoo that says, "out-of-shape pudgewad."

Second, given so many people are getting or have tattoos now, how "individual," and "cutting edge" is it to get one? It's mainstream and crowd following. More to the point,when you get old, tattoos fade, sag, and generally look even more awful than they do now, if that is possible. As the French say, "a chacun son goût" - each to his own taste. But in my opinion, except for Marines and Pacific islanders, I think most people look dumb with a tattoo.

GovernmenteseAccording to one waggish definition, an expert is "someone who knows more and more about less and less until finally (s)he knows everything about nothing." I am, alas, beginning to think that a similar definition can be extended to the way in which some employees and "deputies" of the government express themselves: "governmentese is the language by which one says more and more less and less comprehensibly until finally ones says nothing that can be understood." (To be fair, the same can be said about academia, particularly in areas of study that have been strip-mined more than Appalachia, and technologists who insist upon speaking in acronyms - without spelling out first use - such as SOA, CRSF, and EIEIO.)

I am particularly frustrated by government documents that

a)

do not clearly define a problem b)

are written in passive voice, so that the actual actors (and direct objects of the acts) are unclear, and that thus obfuscate who has actual responsibility, if anybody does** c)

that make heavy use of acronyms and jargon that is not spelled out (e.g., VBBWAR, which stands for Very Big Bureaucracy Without Actual Responsibility)

People who are proposing legislation that's going to cost somebody something - probably a lot - or are proposing building something - that will cost a lot - have a responsibility to articulate clearly. What they mean, who does what, and with what proposed effect.

Information sharingInformation sharing is a mantra for every problem in cybersecurity: if only we shared more information with more people, we'd all be more secure. This is postulated as a Universal Truth.*** My response to this is that I am happy to share information: I don't like any opera written after Puccini died, I think post-modern anything is by definition dreary, devoid of moral values and second rate, my weight and age are...OK, I am not going there. I could "overshare" a lot of information that might be of interest to somebody but to the larger security populace, oversharing of information is:

a)

not relevant b)

does not help anybody mitigate risk better c)

is a tactic and not a strategy d)

risks "hardening of the digital arteries" to the extent more and more information is shared and drowns out or crowds out the really useful information in our technical and neural pathways.

Finding the useful nuggets in a sea of overshared information is like looking for a platinum needle in a haystack of silver needles: "good luck with that." The next time someone proposes "information sharing" as a solution, let us ask them "to what problem? And what information, precisely, and to whom?"

I would agree that selected information sharing may help us improve the security of the commons if it enables collective situational awareness that we do not have now. Unfortunately, most people who opine on information sharing want to feed at the public trough as they create frameworks, repositories, standards and so forth as to how to do it, and offer information sharing as the cure for all digital ills. Presuming, of course, that all that shared information only got to the right people, and wasn't shared with or leaked to the wrong people. As we've been so recently reminded, sharing more information with more people carries its own set of risks. Thus, the problem with looking for the platinum needle in a haystack of silver needles is that you may prick yourself and lose a lot of blood before you find what you are looking for.

* Mostly because, while I like reading about mountaineering, I have no interested in doing technical climbing. And anyway, being hauled up Mt. Everest by a guide when you have no actual technical climbing skill in my book does not count as "climbing Mt. Everest."

** "Mistakes were made" is the poster child for responsibility avoidance masked in passive voice.

*** "It is a truth universally acknowledged, that a single man in possession of a good fortune must be in want of a wife." This, the opening line of Pride and Prejudice, is one of the catchiest and most-quoted first lines of a book, the other two being "it was a dark and stormy night" (the opening of Paul Clifford by Bullwer Lytton), and "In the beginning, the world was formless and void," the opening of the book of Genesis, whose authorship is a matter of faith.Book of the MonthThe Twilight Warriors by Robert Gandt

This is a wonderful read about the air battle for Okinawa, which was the most expensive naval battle in American history. It is very well researched but also reads well: you have a strong sense of the players, the terror caused by the kamikaze attacks, the valor of the defending pilots and ship crews, and the human cost of the carnage. Well worth the read.

Buffalo for the Broken Heart: Restoring Life to a Black Hills Ranch by Dan O'Brien

I picked this up because my local Sun Valley bookstore had it on their staff picks list. About three pages into it, I was hooked. If you think, "why would I want to read a book about ranching in South Dakota," you are missing a treat. It's a poignant book encompassing natural history, hopes, dreams, and the unique ecology of the buffalo. The Great Plains evolved around the buffalo and has - devolved, for lack of a better word - under cattle. A beautifully written book that will sweep you up in the life of a buffalo rancher.

Killer Summer, Killer View, Killer Weekend by Ridley Pearson

These are just fun "thriller" reads, set in Sun Valley and starring a protagonist - Walt Fleming - whose name is a whisker away from the real-life sheriff, Walt Femling. (As of this writing, Sheriff Femling has just retired after a 24-year career of public service to Blaine County. Happy retirement, Walt.) As the book notes, the sheriff of Blaine County looks after a county bigger than the state of New Jersey. They are great reads and I enjoy them as much for the celebration of Sun Valley - gorgeous views, and outdoor living punctuated by "got-bucks" living - as for the fact they are great page turners "I betcha can't read just one."

Unbroken: A World War II Story of Survival, Resilience, and Redemption by Laura Hillenbrand

This is the "amazing but true" story of Louis Zamperini, a former Olympian and "survivor" par excellance. He survived his plane being shot down over the Pacific, 47 days in a raft, and years in Japanese captivity where he was the target of a particularly sadistic guard. Meticulously researched, brilliantly written, it is a book that will lift the spirit of all who read it. Sometimes truth is not only stranger than, but more transcendent than fiction.

The Bucket List

Mary Ann Davidson - Fri, 2011-04-08 10:20


The title of this blog comes from a recent movie starring Morgan Freeman and Jack Nicholson. I confess I have only seen part of the movie - edited, on a plane, with the headphones off for half the movie - but I still "get" the premise, involving two guys in pursuit of accomplishing the list of things they want to do before their lives are over (i.e., before they "kick the bucket"). I have various personal bucket lists that are really more like "short term wanna-do lists." Mine are nothing grandiose like "climb Mt. Everest,"* but they are personal goals which includes places I want to visit and in some cases things I want to do when I get there (e.g., hike the Kalaulau Trail on one of my trips to Kaua´i, perform Hawaiian music at an "open mic" night without rotten vegetables being thrown in my direction, and so on). It's good to have goals and some of those can certainly include life experiences.

In the context of this blog, "bucket" means something other than "things to do before you kick the ..." For example, we use buckets for things like a) swill, b) mopping floors and c) for the inevitable output of drinking far, far, too much with too little food accompaniment. "Buckets" are receptacles for unsavory things we plan on throwing out, and the sooner, the better.

After multiple years in the work force and in technology specifically, I have amassed a list of concepts, phrases and behaviors I believe should be thrown out with prejudice (meaning, that they never darken our door again). I'm including everything from trite business phrases to entire bodies of obfuscation like "governmentese."

At the end of the day
As one of my professors at Wharton said, "in the long run, we are all dead." I might add, "at the end of the day, the sun goes down." So what? There is nothing wrong with using phrases like "the end result is," which has the twin advantages of clarity and being useful advice for more than a single day.

Net/net
At the net/net, we lob/lob. Why can't people just say, "the result of FOO is BAR?"

Security is only as good as the weakest link
...and the second weakest link and the third weakest link and so on, because we call them "determined adversaries" and not "lazy pesterers." If you strengthen the weakest link, then the adversary goes for the second weakest link and so on. In short, there will always be stronger and weaker aspects of security and there will always be - depending on what is being secured - people who try to cirvumvent those security measures. It is certainly good practice to acknowledge weak points of security and monitor those, but if someone can break through security at the second weakest link, the weakest link didn't really matter, did it?

As long as we do not have perfect security, there will always be one point that is arguably weaker than others. There is nothing stunning in this pronouncement unless it's the banality of it.

Zero false positives
Every security vendor in the world whose product detects bad stuff claims they do so with zero false positives. I can do that, too. Just return (hard code) "no problem" to any scan/test/benchmark that your tool checks. An added plus - the performance is excellent since you don't actually have to do anything, woo hoo!

Most people will tolerate a reasonable rate of false positives because very few alert/alarm mechanisms are 100% accurate. To misquote Dickens, "If I could work my will, every idiot who goes about with 'zero false positives' on his lips should be boiled in his own pudding and buried with a stake of holly through his heart."

There are no silver bullets
Sure there are. After all, how many vampires and werewolves do you see out there? Not many. So, clearly there are silver bullets and they work pretty well.

Glibness aside, there are, occasionally, silver bullets that are (cliché alert) game changers because they work against problems that were previously considered unsolvable. For example, before there was a vaccine for polio, it was a scourge upon youth - too many kids were left crippled or in an iron lung for life. Thanks to the Salk and Sabin vaccines, polio is almost nonexistent. It's pretty darn close to a silver bullet. Vaccines in general are almost silver bullets when you consider the horrible diseases that they protect against which (rant on) makes parents' reluctance to vaccinate particularly heinous.

Digital Pearl Harbor
You could argue that, perversely, Pearl Harbor did the US a favor by galvanizing public fervor. Prior to Pearl Harbor, there was a strong isolationist movement in the US; afterwards, not. "Remember the Arizona and remember Pearl Harbor" were rallying cries throughout the Pacific war. The attack on Pearl Harbor paradoxically put the US in a stronger position in the long run because they had to rely upon aircraft carriers instead of battleships (the Japanese having done significant damage to battleships at anchor in O´ahu) and, as any student of naval history knows, aircraft carriers were the key to success in the Pacific. (While the lack of carriers spelled the end of the British Empire's rule of the seas, notably as the Prince of Wales and Repulse were sunk in the early stages of the war due in no small part to No Air Cover, duh.)

Admiral Yamamoto - who meticulously planned the attack on Pearl Harbor - nonetheless actually opposed doing so since, as he noted, it would buy him at most 6 months to roam around the Pacific. It was almost 6 months to the day between the attack on Pearl Harbor (December 7, 1941) and the battle of Midway (June 3-5, 1942), at which Japan lost the war. Japan also erred in not destroying the POL (petroleum, oil and lubrication) facilities on O´ahu that would have rendered Pearl Harbor effectively useless as a port.

In short, while nobody wants to have a digital (or other) event that amounts to a) a sneak attack with b) a significant loss of life, Pearl Harbor is a poor metaphor to use because, in the long run, it was an attack that ultimately backfired on the attackers.

Very unique
Unique means "one-of-a-kind" and requires no other modifier. Unique is thus binary: something is or is not unique, but cannot be "sort of" or "exceedingly" unique.

It's a hard problem
When does anybody ever have an easy problem? If it's easy, it's not a problem for very long! "Hard problem" is the mother of all redundancies.

I have a better phrase: "it's an unsolvable problem." Some problems are not solvable; you merely, if you are lucky, whack away at them until they are less intractable. Or, a problem may be unsolvable as stated and thus you must change the way you think about it to devise better strategies for addressing it.

One of my favorite "it's an unsolvable problem" discussions involves trying to find deliberately introduced malware in code. It's not possible to prevent someone putting something bad in code in a way that is undetectable. Instead of expensive boogeyman hunts (like requiring background checks on all employees of a company whether or not they touch code), other strategies may be more effective, such as having multiple suppliers of a component instead of a sole source (thus reducing the chances that a corrupted core component gives someone the keys to the digital kingdom). Creating more isolation for network elements (e.g., so their interactions with other elements are more constrained and through known paths) is another potential strategy. If I cannot get to a back door to open it, does it matter that it is there? Many things in life do not lend themselves to "solutions" as much as "management." We are better off acknowledging that than holding out false hope of perfect solutions.

Elegant solution
A technoid favorite, and entirely too cutesy. Most of us do not care if a solution is elegant or not, as long as it works. To me, elegance involves black tie and classical music. However, I do not need most problem solutions to be accompanied by Chopin and presented by a white-gloved waiter. "Ugly gets you there."

Awesome and Cool
If ever there were words that were overused, they are "awesome" and "cool." It's as if surfer-dude speak has permeated our national consciousness. As much as I love surfing, and "speak the lingo" when I am out in the water, I dislike hearing non-surfers try to use "gnarly" correctly and pepper their lexicon with "awesome" and "cool." These are the same loons who wear "No Fear" T-shirts when they wouldn't even set a toe in the ocean on a flat day, most likely. Only God is awesome: everything else is, at best, spectacular.

Core competencies
Who admits to core incompetencies? I think it is fair for individuals and entities to think about what they should do themselves, which is likely a subset of "things that I am actually good at." If something is a core competency, it's probably not a good candidate for being outsourced to a third party. More to the point, if something is a core mission - it absolutely should not be outsourced, or why are you in business?

For example, I have been concerned about the US National Institute for Standards and Technology (NIST) recently outsourcing some standards development. I restate that I have immense respect for the mission of NIST and the people I know who work there. But they should not, IMHO, be hiring contractors to develop standards for them, particularly not when by definition paying a contractor to develop a standard means it is not a standard, but a "contractor-developed, closed way of doing something that has not been developed with others, with industry, or sanity checked by a broad group of actual experts." If it is proprietary, it's not a standard unless you are handed a monopoly. Which is what happens when the government pays to develop something that they then mandate through procurement - you get a government-proprietary way of doing something instead of an open standards way of doing something. None of which is conducive to use of core competencies.

Think outside of the box

Thinking inside the box is perfectly acceptable for 98% of daily living. For example, if I look in the backyard and see that Thunder is not there, which is more likely to be true:


  • I let him in and forgot about it?

  • He was attacked by a mountain lion (without my hearing it)?

  • He was beamed up by aliens looking for a very noisy and hairy addition to their alien zoo?

I'm betting on a), but if I were to "think outside the box," I might go for c).

My mantra is to by all means, think inside the box, because there is a lot of amassed wisdom as to how you do things well that is just ripe for the picking - far preferable to an expensive experiment to "think creatively" for a problem best solved using current approaches. And let's face it, the majority of tasks that the majority of us do is a problem someone else, somewhere, has already dealt with.

Reinvent the wheel
Presumably, once something has been invented it cannot be reinvented, and it certainly cannot be reinvented if someone has a patent on it. Maybe people who are reinventing the wheel were told once too often to think outside the box?

Boil the ocean
The global warming alarmists are convinced that we are boiling the ocean by degrees, so people who say, "we shouldn't try to boil the ocean" are apparently mistaken. Of course, nobody is presumably actually trying to warm the ocean, except - perhaps - surfers like me who would be happy to wear less neoprene in northern climes.

Aside: I am endlessly amused by watching surfers in the water who wear far, far, too much "bundle up gear" in not-all-that-cold water. Such as a surfer I saw in San Diego wearing a) a full suit b) a hood c) booties d) and had some oxygen apparatus on his back - all on a 3 foot day in 57 degree water, which is warm for winter surfing in SoCal. I wanted to ask him, "what are you going to wear when it gets really big and really cold?"

Frameworks
Frameworks are the "F" words of technology. A framework is something that is never actually implemented. It's kind of the scaffolding of technology, actually, because scaffolding can go anywhere and you never really know what the building it rises beside is going to look like.

Tattoos
This is not a verbal cliché but it is a cliché nonetheless. I like tasteful tribal tattoos on Hawaiians and other Pacific islanders: it's a cultural thing ("tattoo" comes from the Polynesian word "tatau" - or kākau" in Hawaiian, which means "to write"). I even like a tasteful globe-and-anchor on members of the US Marine Corps (which also represents a tribal affiliation of sorts). I really, really hate tattoos on pasty haoles for two reasons. One is the general lack of "truth in advertising;" e.g., a guy I saw who must have weighed 350 pounds, very little of it muscle, with "buff" tattooed on the back of his neck. He was anything but buff, but I guess nobody wants to get a tattoo that says, "out-of-shape pudgewad."

Second, given so many people are getting or have tattoos now, how "individual," and "cutting edge" is it to get one? It's mainstream and crowd following. More to the point,
when you get old, tattoos fade, sag, and generally look even more awful than they do now, if that is possible. As the French say, "a chacun son goût" - each to his own taste. But in my opinion, except for Marines and Pacific islanders, I think most people look dumb with a tattoo.

Governmentese
According to one waggish definition, an expert is "someone who knows more and more about less and less until finally (s)he knows everything about nothing." I am, alas, beginning to think that a similar definition can be extended to the way in which some employees and "deputies" of the government express themselves: "governmentese is the language by which one says more and more less and less comprehensibly until finally ones says nothing that can be understood." (To be fair, the same can be said about academia, particularly in areas of study that have been strip-mined more than Appalachia, and technologists who insist upon speaking in acronyms - without spelling out first use - such as SOA, CRSF, and EIEIO.)

I am particularly frustrated by government documents that

a) do not clearly define a problem
b) are written in passive voice, so that the actual actors (and direct objects of the acts) are unclear, and that thus obfuscate who has actual responsibility, if anybody does**
c) that make heavy use of acronyms and jargon that is not spelled out (e.g., VBBWAR, which stands for Very Big Bureaucracy Without Actual Responsibility)

People who are proposing legislation that's going to cost somebody something - probably a lot - or are proposing building something - that will cost a lot - have a responsibility to articulate clearly. What they mean, who does what, and with what proposed effect.

Information sharing
Information sharing is a mantra for every problem in cybersecurity: if only we shared more information with more people, we'd all be more secure. This is postulated as a Universal Truth.*** My response to this is that I am happy to share information: I don't like any opera written after Puccini died, I think post-modern anything is by definition dreary, devoid of moral values and second rate, my weight and age are...OK, I am not going there. I could "overshare" a lot of information that might be of interest to somebody but to the larger security populace, oversharing of information is:

a) not relevant
b) does not help anybody mitigate risk better
c) is a tactic and not a strategy
d) risks "hardening of the digital arteries" to the extent more and more information is shared and drowns out or crowds out the really useful information in our technical and neural pathways.

Finding the useful nuggets in a sea of overshared information is like looking for a platinum needle in a haystack of silver needles: "good luck with that." The next time someone proposes "information sharing" as a solution, let us ask them "to what problem? And what information, precisely, and to whom?"

I would agree that selected information sharing may help us improve the security of the commons if it enables collective situational awareness that we do not have now. Unfortunately, most people who opine on information sharing want to feed at the public trough as they create frameworks, repositories, standards and so forth as to how to do it, and offer information sharing as the cure for all digital ills. Presuming, of course, that all that shared information only got to the right people, and wasn't shared with or leaked to the wrong people. As we've been so recently reminded, sharing more information with more people carries its own set of risks. Thus, the problem with looking for the platinum needle in a haystack of silver needles is that you may prick yourself and lose a lot of blood before you find what you are looking for.

* Mostly because, while I like reading about mountaineering, I have no interested in doing technical climbing. And anyway, being hauled up Mt. Everest by a guide when you have no actual technical climbing skill in my book does not count as "climbing Mt. Everest."

** "Mistakes were made" is the poster child for responsibility avoidance masked in passive voice.

*** "It is a truth universally acknowledged, that a single man in possession of a good fortune must be in want of a wife." This, the opening line of Pride and Prejudice, is one of the catchiest and most-quoted first lines of a book, the other two being "it was a dark and stormy night" (the opening of Paul Clifford by Bullwer Lytton), and "In the beginning, the world was formless and void," the opening of the book of Genesis, whose authorship is a matter of faith.

Book of the Month

The Twilight Warriors
by Robert Gandt

This is a wonderful read about the air battle for Okinawa, which was the most expensive naval battle in American history. It is very well researched but also reads well: you have a strong sense of the players, the terror caused by the kamikaze attacks, the valor of the defending pilots and ship crews, and the human cost of the carnage. Well worth the read.

Buffalo for the Broken Heart: Restoring Life to a Black Hills Ranch by Dan O'Brien

I picked this up because my local Sun Valley bookstore had it on their staff picks list. About three pages into it, I was hooked. If you think, "why would I want to read a book about ranching in South Dakota," you are missing a treat. It's a poignant book encompassing natural history, hopes, dreams, and the unique ecology of the buffalo. The Great Plains evolved around the buffalo and has - devolved, for lack of a better word - under cattle. A beautifully written book that will sweep you up in the life of a buffalo rancher.

Killer Summer, Killer View, Killer Weekend by Ridley Pearson

These are just fun "thriller" reads, set in Sun Valley and starring a protagonist - Walt Fleming - whose name is a whisker away from the real-life sheriff, Walt Femling. (As of this writing, Sheriff Femling has just retired after a 24-year career of public service to Blaine County. Happy retirement, Walt.) As the book notes, the sheriff of Blaine County looks after a county bigger than the state of New Jersey. They are great reads and I enjoy them as much for the celebration of Sun Valley - gorgeous views, and outdoor living punctuated by "got-bucks" living - as for the fact they are great page turners "I betcha can't read just one."

Unbroken: A World War II Story of Survival, Resilience, and Redemption by Laura Hillenbrand

This is the "amazing but true" story of Louis Zamperini, a former Olympian and "survivor" par excellance. He survived his plane being shot down over the Pacific, 47 days in a raft, and years in Japanese captivity where he was the target of a particularly sadistic guard. Meticulously researched, brilliantly written, it is a book that will lift the spirit of all who read it. Sometimes truth is not only stranger than, but more transcendent than fiction.

What's old is new again

Jeff Hunter - Thu, 2011-04-07 17:11
We had a fair number of problems related to bind variable peeking in our 10.2.0.3 and 10.2.0.4 dbs.  In fact, the plans became so erratic that we decided to just turn bind variable peeking off by setting _optim_peek_user_binds=false in all the init.ora files. Flash forward to Oracle 11g (11.2.0.2) and the optimizer has been enhanced to use bind variable peeking much better.  After converting to

Oracle EPM 11.1.2.1 is Available

Look Smarter Than You Are - Thu, 2011-04-07 15:20
Gentlemen, begin your upgrades.  Oracle EPM 11.1.2.1 has finally shipped.  Those who've been waiting for the migration (and slightly more stable) releases of Essbase, Hyperion Planning, HFM, and the rest for around a year can finally get real lives.


I know: I'm shocked it's out too.  It's not on edelivery.oracle.com yet (at least as of 4:15PM Eastern on April 7, 2011) but it is available for download on download.oracle.com.  I made a bit.ly link to the exact page:
Oracle EPM 11.1.2.1


Tell everyone and impress your friends.


UPDATE: As of April 8, 2011, EPM 11.1.2.1 is now available in nice Media Packs on eDelivery.oracle.com for the following operating systems:

  • HP-UX (Itanium)
  • IBM AIX (64-bit)
  • Linux (32-bit and 64-bit)
  • Solaris (64-bit only)
  • Windows (32-bit and 64-bit)

As mentioned before, the EPM docs (including all the new features and yes, there are some new features) on 11.1.2.1 can also be found here:
http://download.oracle.com/docs/cd/E17236_01/index.htm
Categories: BI & Warehousing

Rep gone rogue or disturbing trend?

Andrews Consulting - Thu, 2011-04-07 14:51
A JDE customer has told me that the local Oracle applications sales team is pushing his company hard to replace JDE with eBusiness Suite. In doing so the Oracle team has lost all credibility with this customer and has made serious enemies out of the many JDE advocates within his company. I have heard a […]
Categories: APPS Blogs

cloud services

Nuno Souto - Thu, 2011-04-07 07:29
In the last 48 hours or so there have been two interesting events in the Oracle and IT front in Sydney.   First one was the Oracle Cloud Summit at the Sofitel Wentworth. Like so many other marketing events it had its fair share of "ooh-aahh" stuff. You know, the usual:   "Exadata can finish work before it started",  "Exalogic can finish it before it was thought out in the first place", Noonsnoreply@blogger.com2

Surrender (a little) to the Dark Side

alt.oracle - Wed, 2011-04-06 22:05

When I was a freshman in college, I, like many, was bouncing back and forth on what my major should be. I was leaning heavily toward electrical engineering, but my long standing love of computers had me seriously considering Comp Sci as well. I decided to take a couple of introductory Comp Sci classes to see if I liked them. So I tried taking the Introduction to Programming course and lab during my first semester. While I imagine that today they use some cool and zippy language, back then they used Fortran, a programming language that only a mother language could love. The class was fine, but throughout the course, I began to have visions of myself growing old sitting in front of a room-sized mainframe typing in endless subroutines using indecipherable languages. As the old joke goes, "a computer without COBOL and Fortran is like a piece of chocolate cake without ketchup and mustard." That's a bit of an exaggeration, but let's face it, back then, being a computer professional was a lot different than it is today. So I chose a different path, but wound up in computers anyway. Fancy that.

Even though I chose to turn away from the "Dark Side" of development and became a DBA (i.e. Jedi Master), I've always regretted it a little bit. Why? Because programming is fun. But let's make a distinction here between programming and software development. Programming is cool, creative and useful. Software development is an everlasting grind of hateful user requirements, rigid coding standards and endless revisions because your functional wants that company logo to be moved three pixels to the left of where it is on the company website.

True story here. During my incredibly short stint as a sort-of web developer, I was assigned to revise the page on a company's website that had the pictures and biographies of the CEO and all his lackeys. The page was fine, but then I got a request that came from the CEO - his picture on the page needed to be bigger than everyone else's. Why? Well, he's the CEO, that's why – he's better than everyone else. So I did it and moved the page elements around to allow for the bigger picture. Soon after, I started getting requests to put in bigger pictures of the lackeys, as well. Why? Well, they're important too! So I did that. Then the CEO was pissed so he ordered an even BIGGER picture and a longer, more flowery bio. Then the lackeys... well you get the idea. It was the Cold War all over again. So I'm making a distinction here between writing actual programs that do something as opposed to a dog and pony show for a bunch of suits.

The IT world is so specialized anymore that we DBAs don't get to sling code on a regular basis, unless it's maybe PL/SQL or some shell scripts. A lot of DBAs are missing out on the fun. Maybe you've gotten the chance to debug some Perl or Python. That stuff is good too, but there's a whole world of cool, useful tools that have yet to be coded, because YOU haven't coded them.

We talked last time about GUIs and the bias against them. My main problem with GUIs is that they can only do what they're programmed to do. But what if you could make your own GUI that would do whatever you wanted? Well, "I could never do a GUI" you say. "There's all the drawing objects at the right pixel coordinates," etc, etc. Nope. I haven't had to do stuff like that since the days of my Commodore 64. Modern software is mostly based on libraries of code that some other poor shmuck has already done. You don't really need to "draw" a window – you just find out what the command is to say, "Hey – put a window on the screen." The libraries for windows, dialog boxes, dropdowns, etc, have probably already been written for your language of choice. If they haven't, well, you're probably writing in Fortran. Shame on you.

I'm not saying it's easy, but it's also not as hard as you think. A few years back, I stumbled on some example code on a website that let you make simple GUIs in Tcl/Tk. Tcl is a language, by the way. Tk is a set of extensions that lets you make pretty GUI-type stuff. I typed the commands into my Linux console and, voila – pretty windows and clicky boxes. A light clicked on somewhere in a my head and I figured out the general idea of how this worked. All you're really doing is making function calls. We DBAs know how to do this. If you do a SELECT AVG(SALARY) FROM EMP, you're just passing in the values from the SALARY column of the EMP table and the AVG function spits out the results. Using GUI libraries in some languages isn't that much more complicated. It's all pushing and pulling the data you want in and out of these functions/subroutines.

Awhile back I wrote a program in Perl that works as a GUI interface to Data Pump. Not a CGI that runs from a webpage (although that's cool too), but a real, bonefide, run-on-your-desktop GUI. Yes it took awhile – I don't have a degree in Comp Sci and all my experience in coding is self taught. It's probably moderately useful, but more than anything else it was COOL. It's hard to match the satisfaction of creating your own useful tool, whether it's a script or a GUI, that solves a problem. You're not gonna program the next sequel to Doom (that's a video game), but you can still do cool stuff. So don't sell yourself short – dive in and learn something new. Give in to the Dark Side a little. Yoda won't mind.
Categories: DBA Blogs

Oracle SOA Suite and BPM Suite VM [Oracle Virtual Box]

Ramkumar Menon - Wed, 2011-04-06 13:39

Just in case you missed to notice, you do have this all-in-one Box that runs SOA Suite, BPM Suite, B2B and BAM, right on OTN.
Click here for the download link.

Take a look at this entry in Antony Reynold's blog for getting started on this.

Enjoy!

 

 

Oracle Enterprise Manager FMW Control versus Oracle Enterprise Manager Grid Control

Ramkumar Menon - Wed, 2011-04-06 11:34

I have had questions from customers on what comes extra within our EM Grid Control offering above and beyond our EM FMW Control.

EM FMW Control 11g is for managing and monitoring one single FMW Farm/ WLS Domain. If your topology comprises of multiple FMW Farms/Weblogic domains, you cannot use a single FMW Control to manage all of them at one place.

This is where EM GC 11g adss value. Apart from being a single management and monitoring portal for several FMW farms, EM GC 11g also allows you to monitor and manage non-middleware software such as OS resources, JVM, Database. With access to much more metrics than the EM FMW Control, it adds more value in Diagnosability and End to End Visibility.
Please refer to this link for details.

 

Pages

Subscribe to Oracle FAQ aggregator