Thursday, November 13, 2008

More Parallelism Support in upcoming IDE version

The October issue of the MSDN magazine contains an article on the improved support for parallelism in the next version of Visual Studio [v. 10] as well as in .NET 4.0. Stuff from the Parallel Extensions (TPL, PLINQ) to the .Net 3.5 Framework (available as Community Technology Preview) went in as well as new features to support parallelism in native code. In addition, testing tools to cover parallelism in code are in the pipeline too. Most of these new features were presented at this year’s PDC in Los Angeles (slides are available for download). This is definitely a step in the right direction but a long road to go until writing parallel code is daily business for mainstream programmers. I got still concerns if existing programming languages, libraries, frameworks and compilers can deliver the final answer to cope with the complexity of expressing explicit parallelism.

Monday, November 10, 2008

New Music on my turntable

Talking about the stock market, the October was a nightmare; everything went south. Fortunately, there is still Rock’n’Roll (“There is noting conceptual better than Rock’n’Roll!”, you remember John Lennon saying this in an Rolling Stone interview? It is so true, so true!). Well, the October was not so bad in terms of new releases. Here are my new acquisitions:
  • Metallica - "Death Magnetic" [****]
  • Oasis - "Dig Out Your Soul" [***]
  • ACDC – "Black Ice" [*****]
    Please note, ACDC gets five stars [*****] by default.

Sunday, November 09, 2008

Mauerfall und Schwarze Schwäne

Heute vor 19 Jahren ist die Mauer, ein Symbol von Unfreiheit und Unterdrückung, gefallen. Momentan lese ich gerade The Black Swan“ von Nassim Nicholas Taleb. Wie passt das zusammen? Für mich ist der Mauerfall ein typischer Schwarzer Schwan, der alle Eigenschaften erfüllt, die Taleb in seinem Buch beschreibt: selten (rare), mit extremen Auswirkungen (extreme impact) und rückblickend vorhersehbar (retrospective predictable), ein so genannter Outliner. Natürlich ist das eine theoretische, fast schon philosophische Sichtweise, die die emotionalen Gesichtspunkte eines solchen Ereignisses (das extreme Leid vorher und die überschwängliche Freude beim Fall der Mauer) nur ungenügend berücksichtigt. Sie birgt aber auch die Hoffnung, das es in Zukunft ähnliche Schwarze Schwäne geben kann, die unterdrückten Menschen in Not endlich Freiheit und Demokratie bringen werden.

Saturday, November 08, 2008

Autumn in Germany

autumn impression - webduke pics 2008

Wednesday, November 05, 2008

Concurrency Aspects

The new issue of the ACM Queue got the “The Concurrency Problem” on the front page. One article is about the programming language Erlang which has the ability to solve parallel problems by design. Another excellent contribution (Real World Concurrency) is about the why and when and tries to nullify any taste of black magic. I totally agree that developers should not feel forced to use parallelization by implementation in any scenario. Performance is the main objective when parallelization is considered. But there are different ways to achieve this (and not just by using threads and locks [lets call this multithreaded code] within one process). The author calls this approach concurrency by architecture. I can live with that perception perfectly. Furthermore, a lot of hints and pitfalls are listed in order to handle locks, threads, mutexes, semaphores, and debugging in the correct way which includes good advice how to identify the right code segments for parallelization. Must read (*****)!

Tuesday, November 04, 2008

A brief history of Access Control

Access Control is an important part of the computer security realm. It is complex, hard to achieve in a robust and bullet-proof manner and it will always screw up ordinary users that want to surf and play around without being confronted with nasty restrictions, decisions and limitations. Is this realistic, achievable? Well, everything seems to be a big loop in the computer and software industry [a reference to the good old times :-)]. Take the cloud-stuff as example. Sharing resources and deploying thin clients is not that new. Its just branded (and pushed) like a new hype. Where is the relation to access control? Access control can be implemented in the operating system (OS) as well as in other layers of the application stack. I’m gonna focus on the OS level here. I remember times [aka as the good old times :-)] where user-rights in terms of access control were very limited. The change came with the advent of personal computing. Everybody wants to be an admin (and can be an admin) very easily, even programmers. In case of a disconnected, single-user machine, it might not be a problem. But this is not a valid scenario. We want and need the Internet. Yes! But beside all the cool stuff, male-ware is everywhere, and needs our machines as host or target. We are easy prey when running everything as admin. So we need to get back to the good old times [in order to complete the loop:-)]. In Vista, a serious attempt has been started. It might be boring to get asked all the time when feeling like an admin (but just being a standard user for the process in execution which is the parent process for later stuff). And, it might be cumbersome to maintain the virtualized registries for the old programs. Security versus usability and maintainability, this is the battle that it is raging. It should be fought and security must prevail (in the era of identity theft, male-ware and root-kits); especially when everything is running in the clouds. Hopefully, smart people will come up with some smooth solutions that make limited user-rights in terms of access control more acceptable.

Monday, November 03, 2008

Security and Virtual Machines, Part II

I announced lately to get back to this virtual thing and the ramifications when talking about security. Here we go. Identity and ownership are important factors in the security realm. Both attributes are often handled different in the world of Virtual Machines (VM). The owner of the real box might not be the owner of the VM. Identifiers (port number, MAC address) can differ and old-fashioned identity-schemas can not be applied anymore. Another side-effect coming with VM’s is an increase of complexity for the patch and update management. This is because of the broad variety of operating systems and versions that can be installed (and that will be installed) on the top of VM’s. All of them got their own life-cycle and their security-patches that must be applied. The VM life-cycle which can be characterized by snapshots and rollbacks is definitely helpful for testing and other evaluation purposes. But there are operations in the area of cryptography that could suffer. Time, random numbers, seeds, initials vectors, transaction states – just to name a couple of potential vulnerabilities. I see some room for improvement, especially for randomness in a virtualized environment. This must be addressed in the scope of the security architecture for a given system.