Any university worth the title is likely to have a very mixed identity environment. At Plymouth State University we’ve been pursuing a strategy of unifying identity and offering single sign-on to web services, but an inventory last year still revealed a great number of systems not integrated with either our single sign-on (AuthN) or authorization systems (AuthZ, see difference). And in addition to the many application/system specific stores of identity information (even for those systems integrated into our single sign-on environment), we also use both LDAP and AD (which we try to synchronize at the application level). Worst of all, the entire environment is provisioned solely from our MIS database, which is good if you want to make sure that students and faculty get user accounts, but bad if you want to provision an account for somebody who doesn’t fit into one of those roles.

The one way relationship between our user accounts and the MIS database also makes it difficult to engage with new users online. If you can’t get an account until you become a student, how do you allow potential students to apply online if all your systems are integrated with single sign-on? And if you can’t authenticate the online identity of your users, how do you set initial passwords into your system? Or allow them to reset a forgotten password online?

Internet companies never struggled with this issue, as their customers could only approach them online, but most universities built systems around paper applications and have fond (and relatively recent) memories of offering their students their first internet experience. It’s still not unusual for universities to offer their students their campus computing account with a default password based on supposedly secret data shared between the user and the school. But your SSN, birth date, and mother’s name are no longer secret. A proposed change in FERPA policy (see the the top of page 15586 in the NPRM) would have barred the use of “a common form user name (e.g., last name and first name initial) with date of birth or SSN, or a portion of the SSN, as an initial password to be changed upon first use of the system” in systems that store academic data. The final rule excluded that provision, much to the relief of those schools with more lobbying clout than brains.

Read more…

Posted September 29, 2009 by Casey
Categories: Technology. Tags: authentication, CAS, hacks, identity, identity management, idm, login, single sign on, university portal, wordpress, WordPress MU. 7 Comments.

It was a tech story so apparently humorous that the popular media felt compelled to cover it: carrier pigeons delivered 4GBs of data faster than an ADSL line. The BBC story’s subtitle read “broadband promised to unite the world with super-fast data delivery – but in South Africa it seems the web is still no faster than a humble pigeon,” and that’s how most stories played it. Unfortunately, they all got it wrong.

The race was run by The Unlimited Group, but the clearest telling of it comes from Wikipedia:

Inspired by RFC 2549, on 9 September 2009 the marketing team of The Unlimited, a regional company in South Africa, decided to host a tongue-in-cheek “Pigeon Race” between their pet pigeon “Winston” and local telecom company Telkom SA. The race is to send 4 gigabytes of data from Howick to Hillcrest, approximately 60 km apart. The pigeon carrying a microSD card (an avian variant of a sneakernet), versus a Telkom ADSL line. Winston beat the data transfer over Telkom’s ADSL line, with a total time of two hours, six minutes and 57 seconds from uploading data on the microSD card to completion of download from card. At the time of Winston’s victory, the 4GB ADSL transfer was just under 4% complete.

Read more…

Posted September 21, 2009 by Casey
Categories: Technology. Tags: adsl, bandwidth, broadband, dsl, growth, IP over Avian Carrier, network speeds, pigeonrace2009, pigeons, storage capacity, upload speeds. Be the first one.

Ben Fisherman’s JSNES runs entirely in the browser using nothing more intrusive than JavaScript. It apparently manages real-time performance within Chrome, but it works (if not playably) on an iPhone.

I wish the screen was resizable and that it supported iPhone compatible controls, but both of those assume that browser performance will improve enough to make it playable. Interestingly, though not surprisingly, the Safari JS engine is limited to consuming a single CPU (which it quickly does while playing JSNES).

Posted September 20, 2009 by Casey
Categories: Dispatches, Technology. Tags: browser-based, emulator, javascript, JSNES, NES, Nintendo, Nintendo Entertainment System. Be the first one.

Will Norris has discovered that iTunes 9’s interactions with the Store are more web-happy. I’ve been asking where the iTunes Store API was for some time, now I think I’ve got what I need to build one.

Posted September 16, 2009 by Casey
Categories: Dispatches, Technology. Tags: api, itunes, itunes music store api, iTunes Store, iTunes Store API. 3 Comments.

Situation: you’ve got WordPress Multi-User setup to host one or more domains in sub-directory mode (as in site.org/blogname), but you want a deeper directory structure than WPMU allows…something like the following examples, perhaps:

• site.org/blogname1
• site.org/departments/blogname2
• site.org/departments/blogname3
• site.org/services/blogname3

The association between blog IDs and sub-directory paths is determined in wpmu-settings.php, but the code there knows nothing about nested paths. So a person planning to use WordPress MU as a CMS must either flatten his/her information architecture, or do some hacking.
Read more…

Posted September 15, 2009 by Casey Bisson
Categories: Libraries & Networked Information, Technology. Tags: cms, hack, hacks, information architecture, url path, wordpress, WordPress MU, wpmu. 6 Comments.

With AT&T facing lawsuits for not delivering MMS features at the iPhone 3GS launch, they kind of had to do something. I’m not sure if I’d be satisfied by this video if I were among the plaintiffs, but I think it does a good enough job. The stat about 300% annual increases in mobile data use is pretty powerful. I’d heard it a dozen times before*, but because I wasn’t in Austin for SXSW iPhone meltdown, I don’t have quite the same appreciation as some do. AT&T added capacity then, and they seem to have been scrambling elsewhere too.

iPhone users are said to be six times as likely as anybody else to watch video on their phones, and if WiFi aggregator JiWire’s report says anything about cell data, the iPhone has certainly changed the game. JiWire’s Mobile Audience Insights Report shows that over 97% of the devices on their network are either iPhones (about 56% of the total) or iPod Touches! And all the way back in 2007 in Britain, iPhone users were 33 times as likely as other phone users to send or receive more than 25MB a month.

It will be interesting to see what happens to other carriers as they get devices that encourage use as the iPhone has.

*Actually, I hadn’t heard the 300% stat specifically, just inspecific reports of increased usage.

Read more…

Posted September 7, 2009 by Casey Bisson
Categories: Technology. Tags: ATT&T, iphone, video. Be the first one.

Okay, I don’t want to watch all the movies depicted in this 100 year overview of film special effects, but I did just add a few to my Netflix queue.

Read more…

Posted September 6, 2009 by Casey Bisson
Categories: Books, Movies, Music. Tags: history, movies, special effects, video. Be the first one.

Situation: using WordPress MU (possibly including BuddyPress) on multiple domains or sub-domains of a large organization with lots of users.

WordPress MU is a solid CMS to support a large organization. Each individual blog has its own place in the organization’s URL scheme (www.site.org/blogname), and each blog can have its own administrators and other users. Groups of blogs in WPMU make up a “Site” and one or more Sites can be hosted with a single implementation. (I’m capitalizing Site for the same reason WordPress docs capitalize Page) Each Site has a defined set of administrators and options controlling various features. You might, for instance, lock down the plugins on your blogs.site.org, while keeping it open on your www.site.org. Or maybe you’d like to let your helpdesk staff create new blogs at blogs.site.org, but not at www.site.org. That’s what WPMU’s notion of Site can help you control.
Read more…

Posted September 3, 2009 by Casey Bisson
Categories: Technology. Tags: authentication, cms, cookies, hacks, sub-domains, wordpress, WordPress MU. 4 Comments.

I don’t know if it’s just the Mother’s day effect, but the top 10 online retailers for May 2009 were dominated by flower shops. The top shop is converting almost 40% of their visitors to buyers, though the average is just over 5%. Tim, meanwhile, claims he’s lowered his bounce rate to just 10%.

Posted September 2, 2009 by Casey
Categories: Dispatches. Tags: bounce rates, conversion rates, marketing, metrics, web. Be the first one.

Liam Lynch explains the origin of the video, but what was Dan Deacon thinking as he recorded the audio? Of all the free MP3 downloads he offers, Two Friends from the Acorn Master album may be the most, um, listenable.

Thanks to daily songsmith Corey B (Corey Blanchette) for the tip.

Posted August 15, 2009 by Casey Bisson
Categories: Questionable...funny. Pointless.. Tags: Dan Deacon, drinking out of cups, funny, Liam Lynch, music, spoken word, video. Be the first one.