Sunday, December 30, 2007

Where is Netbeans distribution ?

Netbeans can’t find at Sun official site. But you can find distribution from www.netbeans.org , include all latest news, patch, newest version, and even Java Development Kit. Size of Netbeans is about 150 Mb to below of 200 Mb. There are few OS platform for Netbeans, like Windows , Mac, and Linux. So, if in the past we have difficulties to IDE development in Linux Platform, now all the problems gone.

Develop Application in Java using Netbeans 5.5.1 ?

I’ve tried using Netbeans 5.5.1 and Netbeans 6. Why still using ver. 5.5.1 if newest version is released ? As long as I know ( as I’m a Drag and Click – o-holic) , I choose 5.5.1 that ver. 6 if I need to Create (generate) automatically JSF- JPA CRUD from Database Entity / Entity Class. In ver.6, I give up to find this generator code, in this version you just can use Example Source Code that using JSF – JPA. Do you have any comments ?

In ver. 5.5.1 we should install Enterprise Development Pack to integrate Glassfish and Derby Server into Basic IDE.

Netbeans 6 is all in one pack, that’s include Glassfish and Derby Server.

But using Glassfish is absorb large resources, comparing other Application Server like Tomcat. I have started Tomcat separately ( before loading Netbeans 6 ). Then, when using Netbeans , we can feel “Light” when Run Web Project.

Why Starting Java Using Netbeans ?

Netbeans is one of tools IDE development in Java Programming Technology. Another tools example is Eclipse , Intellej IDEA, Notepad (?), etc. Eclipse is very famous , popular IDE to Java Development with advantages : light, better support in code writer ( kind of auto complete , refactoring). Eclipse Project fund by Giant Vendor like IBM, of course don’t ask again about quality. Intellej IDEA is commercial version of Java Development that offer Develop with pleasure. Just need to mention that Intellej IDEA is commercial software. Eclipse is completely free. But is someone who needs to begin code in Java, using Eclipse maybe is little dizzy, insufficient of help. Primarily to Code Developer that switch Development environments from Visual Studio into Java World. Netbeans offering more support for Java Beginner, kind of Click and Drag, to entering Java World. Netbeans disadvantages is just need more resources in development, comparing to Eclipse as free development tools.

Traffic in related to Search Engine

Search Engine is services that deliver list of result based on our keywords that we give to them. Suppose we type “Breaking News” , then search engine try to find closest result that could be related to our hope. An URL can display in top position , depends on how many people keying “Breaking News”, then click to redirect its URL. In that condition we said that this URL has closest relationship with keyword “Breaking News”. You can prove it to find this blog by search keyword “PLTN” in Google (mainly in Indonesia geo-position), then this blog will be display in First Page.

What is benefits , an URL placed on Top Rank ? If your site is not only included within the search engine index but also occupies one of the top positions, you will attract a large amount of visitor traffic. Your target audience is motivated and defined. If they find highly relevant sites at the beginning of their search, they are far more likely to visit sites and buy goods or services.

Why we still need professional help for optimizing our site into top rank ?

Whether you have optimized your site for your principal keywords or not, it is recommended to hire a company that specializes in search engine optimization and web site marketing. Search engines change their algorithms (site recognition formula) all the time, which causes web site ranking to change. SEO companies track all these changes and are equipped to adjust client web sites accordingly.

Traficare is a seo specialist with a highly skilled team of seo expert who combine a
range of Internet skills: campaign management, design, information research, and marketing writing. This seo company provide professional helps to applying a range of optimization and promotional techniques. They develops a smart system for feeding focused and quality traffic to web sites. Focused means selected web site visitors who are directed to a specific target. So, the Ads or the site presented to the surfer is highly relevant according to the search terms that the used. Why Google become a winner Search engine defeating competitor? Because Google has smart algorithm to find specific topics needs by customer, people that using search engine.

Thursday, December 27, 2007

The Blog competition: Global Warming

Dear all,

WWF and Digital Studio held the BLOG COMPETITION the national level with the theme of GLOBAL WARMING! Tagline him “HOT BLOG FOR COOL EARTH”. The competition had a reward of the total belasan million rupiah this was open for the student the SD, SMP, of SMA, the student until the public's community.

So that this Competition information cans be heard evenly from Aceh to Merauke, we asked for help of friends at the same time to in a volunteer manner help WWF to spread this Competition poster in your city. The poster could stamp in the SD, SMP, SMA, the campus, the office building, the place of the course, the place fitnes or places of the other public.

For that was interested, please sent the email to: Nmariza@wwf.or.id (Nazla) my email was accompanied by the complete name and the address sent that was clear with the postcode.
Mention also you needed how many posters and would ditempel anywhere.

We were waiting for friends's email at the same time. Thank you for your help driving the competition and this campaign to success.

Greetings

WWF-Indonesia
Kantor taman A9, Unit A-1
Jl. Mega Kuningan Lot 8-9/A9
Mega Kuningan
Jakarta 12950
Phone: +62 21 5761070 Ext. 606
Fax: +62 21 5761080


Wednesday, December 19, 2007

Fastest Steps to CRUD(Create,Read,Update,Delete) Database using JPA in Netbeans 6 for Super Duper Dummies

Using JPA is very easy , I mean we can using simple instruction ( just essential / basic ) only. I just try help somebody that extremely unfamiliar in Java environment. This step maybe makes 'expert' boring to hear, but I think , I have rensponsibility to help other.
In this topics, no step needed to access database directly. Creating Table handled automatically. All you need is using Netbeans 6.

PREPARATION
First, create Java Application Project. Create New Project -> Categories : Java , Project : Java Application -> Project Name : JavaApp (whatever you want to named).
Leave checked option in : Set As Main Project, and, Create Main Class : javaapp.Main
Finished create Project.

Let's start Database (Derby) ,using : Tools -> Java DB Database -> Start Server.

Now, Create Entity.
At the Project Tab , choose JavaApp project, right click, choose : New -> Entity Class.

At The bottom of Modal Windows, you can see button : Create Persistance Unit. Please click this.
On the "Database Connection" please choose databse connection :
jdbc:derby://localhost:1527/sample[app on APP].

Leave Generation strategy : Create.

Then click Button "Create".

Fill Class Name, in example : Persons.
Package, for example : mypackage.


Change Primary Key Type from : Long , into : int.

Click Finish.

Now, we will add Derby driver.
From the Left Panel, Right Click Java App project, Choose: Properties.

Choose Categories : Libraries.
On the Right panel, Add Library -> Java DB Driver. Then click Add Library Button.
On the Modal windows of Project Properties, click OK.

Now , in this step mean, we have Derby driver to make connection to Derby Server.

CODING in ACTION.
Load Person.java with double click Button,

You will see :
@Entity
public class Persons implements Serializable {

Just insert below @Entity with : @Table, so the code become :
@Entity
@Table
public class Persons implements Serializable {

If eror exist, then : Right Clik anywhere, choose Fix Import, it will importing :
import javax.persistence.Table;

Before : private int id; please add : @Column, so the code become :

@Column
private int id;

If error happen, Just Right Click, and Fix Import.
If Error happend again, I think this class need : Follow assist (click th Error Sign, Right side of code)
Choose Unify field access.

Now , for example, we Add column: firstName, write code :
private String firstName;

Double click at the firstName , Rhight clik , it will shown pop up , Choose : Insert Code -> Getter And Setter.
Check the property (firstName) then CLick : Generate.

Like Step before, we add annotation : @Column before property, then code like this :
@Column
private String firstName;


Now we load Main.java from package : javaapp. Just double click Main.java on the Left Panel (Project Tab).

We looking code :
public static void main(String[] args) {

Then, just Enter.
Right Click between bracket, we'll see : Persistance -> Use Entity Manager.

You can see, that Editor add this code :
public void persist(Object object) {
...
..

CREATE
Now, back to the Main Method, let's code :

Persons pers = new Persons();
pers.setId(1);
pers.setFirstName("bagusalfa");

persist(pers);

If error happen, because persist Method is not static,then add "static" keyword,
changed into :
public static void persist(Object object) {

Now, Run Main Project ...

Well done, you've got CREATE operation with JPA.

READ
now , add this code (just copy paste from "persist" Method) :

EntityManagerFactory emf = javax.persistence.Persistence.createEntityManagerFactory("JavaAppPU");
EntityManager em = emf.createEntityManager();

Now, we are doing Find object :
Persons findPersons=(Persons) em.find(Persons.class, pers.getId());
System.out.println(findPersons.getFirstName());

Well done,you've got READ operation.


UPDATE
now we will change Name persons.
// TODO code application logic here
Persons pers = new Persons();
pers.setId(1);
pers.setFirstName("bagusalfa");

persist(pers);
EntityManagerFactory emf = javax.persistence.Persistence.createEntityManagerFactory("JavaAppPU");
EntityManager em = emf.createEntityManager();

Persons findPersons=(Persons) em.find(Persons.class, pers.getId());
System.out.println(findPersons.getFirstName());

pers.setFirstName("alvax");
em.getTransaction().begin();
em.merge(pers);
em.getTransaction().commit();

DELETE
We will delete Person object:
EntityManagerFactory emf = javax.persistence.Persistence.createEntityManagerFactory("JavaAppPU");
EntityManager em = emf.createEntityManager();

Persons findPersons=(Persons) em.find(Persons.class, pers.getId());
System.out.println(findPersons.getFirstName());


em.getTransaction().begin();
em.remove(pers);
em.getTransaction().commit();

Tuesday, December 18, 2007

Mobile Virus Coming Soon

Beware of Over crowded information, and over loaded information that triggering penetration of Mobile virus on your handheld. This is the review:

Sandra Kay Miller
Contributor, Information Security magazine
said that :

There has been a rise in the threat vector of various mobile devices -- specifically malware. Is the problem really that serious? Our expert will explain to security professionals the top threat vectors and how they happen:

* Viruses transmitted from the "network"

TIANJIN, Oct. 14 (Xinhua) -- China's anti-cyber virus authorities warned on Sunday that a new virus, transmitted by Microsoft's MSN (Microsoft Service Network) instant messaging program, can steal registered users' accounts and passwords, eventually causing economic losses. http://english.sina.com/china/1/2007/1014/128278.html

* Viruses transmitted from other mobile devices

Viruses can be transmitted to the cellphone through air, between the mobile and other wireless devices. One can also get a cellphone virus while downloading things like ringtones from the Internet. http://infotech.indiatimes.com/articleshow/1538652.cms

* SMS text messaging spam

Reach Out and Text Someone: How Text Message Spam May Be a Call Under the TCPA
http://www.lctjournal.washington.edu/Vol4/a03Hadjinian.html

* Downloads: Trojans/back doors in photos, video, email, ring tones
* Preventive procedures/policies for security managers
* Preventive technologies: baked in and add-ons
* Threats to anticipate in the future

Mac OS About Java : Java 1.4 and J2SE 5 can be exploited in Mac OS X 10.4.

Apple recommend to upgrade their Java based program into Java Released 6 in Mac OS X 10.4. Secunia.com says that :

1) An error in Java due to an improper access check can be exploited via a specially crafted Java applet to add or remove items from a user's Keychain, without prompting the user.

This vulnerability affects Mac OS X versions prior to 10.5.

2) Some vulnerabilities in Java 1.4 and J2SE 5.0 can be exploited to bypass certain security restrictions, conduct cross-site scripting attacks, to cause a DoS (Denial of Service), or to compromise a user's system.

http://secunia.com/advisories/28115/

Vulnerability discovered by :
Bruno Harbulot
Manchester Computing / School of Computer Science (Office 1.17)
University of Manchester
Oxford Road
Manchester M13 9PL, UK

Sunday, December 16, 2007

From AS/400 legacy program Consume by Java

Legacy AS/400 program can be expose as Web Service. Web Service like component that can we consume by our Java application. Development Tools like Netbeans 6 demonstrating 'easy to use' , I mean to consume Web Service. With Netbeans 6 (actually from Netbeans 5) , consume Web Service just in a few steps. Exposing legacy AS/400 programs as a Web service, can using IBM Toolbox. If you want to Learn how to expose old RPG and COBOL programs as Web services so that any simple Web service client can use it , then you can follow this link :

http://www.ibm.com/developerworks/webservices/library/ws-as400/

So, Accessing legacy applications on AS/400 from our application in Java can using Web services.
How it could be done ? It can be done with IBM Toolbox for Java (JTOpen).
JTOpen is is the set of Java application program interfaces (APIs) exposed by IBM to open up the legacy world of iSeries. To encourage open systems and cross-platform development, JTOpen is distributed for free and is open source. JTOpen contains APIs to execute programs, commands, access data queues/data areas, and so forth on iSeries using Java programs. This article provides a new dimension to expose Legacy AS/400 elements to the open world.

Friday, December 14, 2007

Cisco Security Advisory: Access Point Memory Exhaustion from ARP Attacks

Summary
A vulnerability exists in Cisco Aironet Wireless Access Points (AP) running IOS which may allow a malicious user to send a crafted attack via IP address Resolution Protocol (ARP) to the Access point which will cause the device to stop passing traffic and/or drop user connections.

Repeated exploitation of this vulnerability will create a sustained DoS (denial of service).

Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20060112-wireless.shtml.

Affected Products
This section provides details on affected products.

Vulnerable Products
This security advisory applies to all Cisco Aironet Wireless Access Points that run Cisco IOS Software. The affected device types include:

Cisco Aironet 1400 Series Wireless Bridges

Cisco Aironet 1300 Series Access Points

Cisco Aironet 1240AG Series Access Points

Cisco Aironet 1230AG Series Access Points

Cisco Aironet 1200 Series Access Points

Cisco Aironet 1130AG Series Access Points

Cisco Aironet 1100 Series Access Points

Cisco Aironet 350 Series Access Points running IOS

Products Confirmed Not Vulnerable
Cisco Wireless devices running a VxWorks based image (Version 12.05 and earlier)

No other Cisco products are currently known to be affected by this vulnerability.

Details
The Address Resolution Protocol (ARP) is used to dynamically map physical hardware addresses to an IP address. Network devices and workstations maintain internal tables in which these mappings are stored for some period of time.

An attacker, who has successfully associated with a Cisco IOS Wireless Access Point, may be able to spoof ARP messages to the management interface on the Access Point. The attacker could add entries to the ARP table on the device until physical memory has been completely exhausted. This will leave the device in a state where it is unable to pass traffic until the device has been reloaded by cycling the power.

After upgrading the Access Point (see Software Versions and Fixes), add the command L2-FILTER BLOCK-ARP to each radio interface.

EXAMPLE:

!
!
interface Dot11Radio0
l2-filter block-arp
!
!
This vulnerability is documented in the Cisco Bug Toolkit as Bug ID CSCsc16644 ( registered customers only)

Impact
Successful exploitation of this vulnerability may result in a denial of service (DoS) impacting the availability of the Wireless Access Point. Management and packet forwarding services will be unavailable.

Software Versions and Fixes
This issue is fixed in IOS version 12.3-7-JA2 which is available for download at http://www.cisco.com/public/sw-center/sw-wireless.shtml.

It is important to note that in addition to the software upgrade, a configuration change is also necessary to resolve this vulnerability. Please see the Details section for information on this configuration change.

When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.

In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center ("TAC") or your contracted maintenance provider for assistance.

Workarounds
The workaround for this issue is to use Virtual LANs (VLANs) to isolate wireless clients from the Access Point (AP) management interface. A wireless VLAN infrastructure can be deployed that places AP management interfaces in one VLAN and places wireless clients into different VLANs based on SSID. No wireless clients should be allowed on the same VLAN as the management interface of the AP. There are several design considerations that must be accounted for when deploying VLANs on the wireless network. For a discussion of the prerequisites, design considerations, and wireless and wired hardware configuration examples refer to:

Using VLANs with Cisco Aironet Wireless Equipment http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml

Additional information is available at:

Configuring VLANs http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_guide_chapter09186a0080341d34.html

In this example an existing AP is reconfigured to use VLANs. The AP is configured in VLAN 10 (the native VLAN) and wireless clients are configured in VLANS 20 and 30.

Creating VLANs will disable existing SSIDs. So for this example, the existing SSID was deleted, the VLANs were created, Encryption Mode and Keys were then set for each VLAN, and SSIDs were created for each VLAN.

!
! Set encryption ciphers and broadcast key rotation
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
encryption vlan 10 mode ciphers tkip
! Encryption ciphers are set under the physical radio interface
!
encryption vlan 20 mode ciphers tkip
!
encryption vlan 30 mode ciphers tkip
!
broadcast-key change 43000
!
broadcast-key vlan 10 change 43000
! Broadcast key rotation is set under the physical radio interface
!
broadcast-key vlan 20 change 43000
!
broadcast-key vlan 30 change 43000
!
!
!
! Set the SSID's and their vlans and authentication method
!
ssid ap-devices-only
! each SSID must have a vlan and authentication settings
vlan 10
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
!
ssid red20
vlan 20
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
!
ssid red30
vlan 30
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa

!--------------------------
! Consider not configuring an SSID for the native VLAN
! which in this example is VLAN 10. Not configuring an
! SSID for the native VLAN will prevent all wireless
! clients from estabishing management connections to
! the AP
!-------------------------


!

interface Dot11Radio0.10
encapsulation dot1Q 10 native
! AP's are placed in this VLAN
no ip proxy-arp
no ip route-cache
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
! If the virtual interfaces are configured via the HTTP GUI
! the bridge-group settings will be configured automatically
!
interface Dot11Radio0.20
encapsulation dot1Q 20
! Clients are placed in this VLAN
no ip route-cache
no cdp enable
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
!
interface Dot11Radio0.30
encapsulation dot1Q 30
! Clients are placed in this VLAN
no ip route-cache
no cdp enable
bridge-group 30
bridge-group 30 subscriber-loop-control
bridge-group 30 block-unknown-source
no bridge-group 30 source-learning
no bridge-group 30 unicast-flooding
bridge-group 30 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no cdp enable
!
!
! Set the Wired virtual interfaces
!
interface FastEthernet0.10
encapsulation dot1Q 10 native
no ip proxy-arp
no ip route-cache
no cdp enable
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
! If the virtual interfaces are configured via the HTTP GUI
! the bridge-group settings will be configured automatically
!
interface FastEthernet0.20
encapsulation dot1Q 20
no ip route-cache
no cdp enable
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
!
interface FastEthernet0.30
encapsulation dot1Q 30
no ip route-cache
no cdp enable
bridge-group 30
no bridge-group 30 source-learning
bridge-group 30 spanning-disabled
!
!
! The AP's BVI1 IP address must be from the native VLAN's subnet
!
interface BVI1
ip address 192.168.1.40 255.255.255.0
no ip route-cache
Wireless Network Security Best Practices

In addition to the above workarounds and example, Cisco recommends deploying Wireless network security best practices which are discussed in the references below:

SAFE: Wireless LAN Security in Depth - version 2

http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns128/networking_solutions_white_paper09186a008009c8b3.shtml

Wireless LAN Security Solution for Large Enterprise

http://www.cisco.com/en/US/netsol/ns340/ns394/ns348/ns386/networking_solutions_package.html

Cisco Wireless LAN Security Overview

http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_brochure09186a00801f7d0b.html

Mitigation

The risk of this issue can be mitigated by requiring all wireless clients to authenticate with an EAP based authentication protocol such as EAP-FAST, PEAP, or EAP-TLS. However authenticated users could still exploit this vulnerability as the mitigation cannot completely eliminate the vulnerability.



http://www.cisco.com/warp/public/707/cisco-sa-20060112-wireless.shtml

Advertising and click-through fraud top the list of malicious activities funnelled through open proxy servers

Researchers study open-proxy attacks

Advertising and click-through fraud is currently topping the list of malicious activity funnelled through open proxy servers, followed by junk e-mail, according to a research project deploying fake open proxies to catch crooks.

The research was carried out by the Web Application Security Consortium (WASC) using a network of virtual Apache proxy servers running on VMware and deploying an array of tools to identify, log and block traffic. The project started off with servers in seven countries in January, and has now expanded into 14 countries.

Open proxies are a frequent means by which attackers and scammers cover their tracks, making such traffic difficult to identify and trace. The WASC's approach gives researchers an insight into exactly what is passing through such servers.

When malicious traffic is identified, the honeypot servers block it and feed spoofed information back to the attackers, such as HTTP status codes, according to Ryan Barnett, director of application security training for Breach Security and head of the WASC's Distributed Open Proxy Honeypots project.

Click fraud traffic, employed to distort results from click-throughs to Web ads or other commercial links, led malicious activity during the month of October, with 2.6 million requests. That compares to 158,000 requests for the entirety of the January-April period.

Spam followed with nearly two million requests, compared to slightly more than 109,600 in January-April. Most of the attacks are automated, WASC said.

The most serious attacks measured by the WASC's honeypots were designed to implant malicious Javascript code into often legitimate Web sites. Malicious Javascript is often used to exploit known browser flaws, in order to install malware onto client machines.

The project also noted an extensive scan designed to break into the e-mail accounts of a popular Internet service provider.

The scan, using a method called distributed reverse brute force authentication, is distributed across hundreds of unique e-mail authentication hosts in order to evade detection.

The technique involves checking a large number of different e-mail usernames to see if they match specific common passwords. By "cracking" the username rather than the password, the attackers can evade many ordinary security defenses.

Even if the attack doesn't allow the attackers to break into e-mail accounts, it yields a list of valid e-mail accounts that can be used for spamming purposes.

http://www.infoworld.com/article/07/11/15/Researchers-study-open-proxy-attacks_1.html?source=NLC-SEC&cgd=2007-11-19

SQL Puzzle 8

Published Tuesday, November 27, 2007 7:12 PM


/*
So I thought it was just about time for another puzzle but I was having great difficulty in coming up with a new challenge. Luckily Andras has posted a blog entry about how the
POWERSUM function has been removed from SQL Server.

http://www.simple-talk.com/community/blogs/andras/archive/2007/11/22/40021.aspx

This puzzle is a nice simple one and is to write a single select statement that will return the same results as POWERSUM when run on the supplied table variable. The input values will be between 0 and 127 but it would be nice to see solutions that will scale to beyond that. Andras has posted an explanation of what POWERSUM does but if it is still unclear exactly what it does (The output seems to be the reverse of what I expect it to be!) add a comment to the blog and I will add some clarification. Have fun!

Lionel

*/

SET NOCOUNT ON

DECLARE @Data TABLE
(
Col INT
)

INSERT INTO @Data(col)
SELECT 1
INSERT INTO @Data(col)
SELECT 1
INSERT INTO @Data(col)
SELECT 2
INSERT INTO @Data(col)
SELECT 98
INSERT INTO @Data(col)
SELECT 31
INSERT INTO @Data(col)
SELECT 32
INSERT INTO @Data(col)
SELECT 32
INSERT INTO @Data(col)
SELECT 63
INSERT INTO @Data(col)
SELECT 17
INSERT INTO @Data(col)
SELECT 100
INSERT INTO @Data(col)
SELECT 56
INSERT INTO @Data(col)
SELECT 24
INSERT INTO @Data(col)
SELECT 17
INSERT INTO @Data(col)
SELECT 2
INSERT INTO @Data(col)
SELECT 127
INSERT INTO @Data(col)
SELECT 76
INSERT INTO @Data(col)
SELECT 84
INSERT INTO @Data(col)
SELECT 99
INSERT INTO @Data(col)
SELECT 12
INSERT INTO @Data(col)
SELECT 103
SET NOCOUNT OFF

-- This should return the same as
-- SELECT POWERSUM(col) FROM @Data
-- which is 0x0610028101000081001010009C000080

Sun's new award program will involve the OpenSolaris, GlassFish, OpenJDK, OpenSparc, NetBeans, and OpenOffice.org communities

Update: Sun dangles prize money over open-source efforts
Sun's new award program will involve the OpenSolaris, GlassFish, OpenJDK, OpenSparc, NetBeans, and OpenOffice.org communities

Sun Microsystems on Wednesday will release details of a new award program meant to spur growth and activity within the company's open-source efforts, according to a post by Sun's open-source officer, Simon Phipps, on his corporate blog.

"We'll be providing a substantial prize purse and working with the communities involved to develop the approach that works best," Phipps wrote.

The award program will involve the OpenSolaris, GlassFish, OpenJDK, OpenSPARC, NetBeans and OpenOffice.org communities, according to Phipps. "This is a great opportunity for members of these open-source communities to take their passion and creativity and push the innovation boundaries -- and get paid in the process," he wrote.

Phipps did not provide details Tuesday as to how much money would be involved. A spokeswoman for Sun said the company would provide additional information Wednesday, and Phipps wrote that he planned to talk about the program during a keynote address Friday at the FOSS.IN/2007 show in Bangalore.

The location of his speech is deliberate, Phipps said. "I'm announcing it in India because that's where I expect the greatest open-source community growth to come from in the near future. ... If we can play a part in catalyzing the emergence of India as a key international open source power-house, the effect on the software industry will be huge."

Phipps' post comes some months after Rich Green, Sun's executive vice president of software, voiced skepticism over the open-source status quo, where developers who contribute to various efforts go uncompensated while corporations are enriched.

"It really is a worrisome social artifact," Green said at the time. "I think in the long term that this is a worrisome scenario [and] not sustainable. We are looking very closely at compensating people for the work that they do."

Michael Coté, an analyst with Redmonk, said Sun's move is welcome. "In the open-source community, you get sort of soft rewards, like respect and a reputation in the overall IT community, and the adoration of your fans," said Coté, who has worked as a developer. "That's great, but it's also great to get cash."

There are established ways for open-source developers to enjoy financial gain -- such as by being hired by an open-source software company, or through "bounty" jobs. But overall, Coté said, "we haven't figured a way to support the lifestyle of programmers in an open-source world."


http://www.infoworld.com/article/07/12/04/Sun-dangles-prize-money-over-open-source_1.html?source=NLC-LINUXOS&cgd=2007-12-05

An Example of a SOA Strategy: “Government of Canada Service Oriented Architecture Strategy - Statement of Direction”

You have to hand it to some organizations, they are indeed thinking proactively around SOA. Case is point is the "Government of Canada Service Oriented Architecture Strategy - Statement of Direction." You can find it on-line here.

From the Introduction:

"In this context "Service Orientation" is the planning and delivery of all services by formally componentizing each of the services and their subordinate services such that the overall collection of services work as a whole and supports a high level master-plan (or strategic design).

This document introduces the Service Oriented approach and the GC SOA reference model that provides all departments and agencies a statement of direction and orientation to help ensure a consistent adoption of SOA in support of a cohesive approach to service delivery across government."

In essence, they are stating a few critical things. First, that SOA is strategic and we're moving in that direction. Second, we want to do it consistently and thus why this document (site) exists. Moreover, kudos to them for putting it on the Web, that shows commitment.

In reading further:

"This document provides a statement of direction for a GC Service Oriented Architecture. The statement of direction consists of:

An announcement of CIOB's intent to place a strong emphasis on service oriented architecture;

An introduction to the concept of service orientation, its benefits and implications; and

An outline of next steps planned by CIOB to provide specific guidance in the adoption of Service Oriented Architecture across the Government of Canada."

Unfortunately, I can't really point to similar document on the US government side of things that is as specific or direct. However, that does not mean they don't exist, perhaps my blog readers can point me to a few.

What's exciting about this to me is that it's so direct, and provides specific guidance, not just "we're moving towards SOA" but how we intend to do it, and why it's important. Moreover, there is a fairly complete definition of the value, thus validating this direction.

I would urge you to read through this and perhaps use it as a template for your own SOA strategy…commercial or government.

Posted by Dave Linthicum on December 7, 2007 06:44 AM

http://weblog.infoworld.com/realworldsoa/archives/2007/12/soa_wins_in_veg.html?source=NLC-SOA&cgd=2007-12-11

Cisco's Telepresence winning big in conferencing

Telepresence combines high-definition video with high-quality audio and presentations, and is designed to create the impression of a live meeting

Cisco is running on all cylinders selling its Telepresence high-definition conferencing system, according to a top executive.

Marthin De Beer, senior vice president of Cisco's Emerging Markets Technology Group, said Tuesday that he is not aware of a first-time videoconferencing customer Cisco has lost to a competitor in the past six months. Some enterprises that already had videoconferencing systems have stuck with their old vendors instead of switching, but Cisco has been winning every time in so-called "greenfield" opportunities, as far as he knows, De Beer said.

The aggressive report came during a press lunch at Cisco's annual C-Scape analyst conference in San Jose, Calif., where executives described a big future for collaboration in the company's future business. Between products for consumers, enterprises and service providers, Cisco expects to be doing a $50 billion business in video by 2013, De Beer said. Router sales driven by the increased bandwidth demands from video are on top of that, he said.

Cisco has already made 100 deals with large enterprises to deploy Telepresence systems throughout their organizations, it announced Monday. One of those, Proctor & Gamble, will be deploying 360 of the high-end systems within 18 months, De Beer said. It will also use Cisco's intercompany Telepresence technology, announced last week, to conduct conferences with its partners and suppliers. That will probably lead to the deployment of 500 to 1,000 additional systems, he added.

Telepresence combines high-definition video with high-quality audio and presentations, and is designed to create the impression of a live meeting. A three-screen system has a list price in the neighborhood of $300,000. It has already cut travel costs at Cisco and helped the company keep more in touch with its customers around the world, according to chairman and CEO John Chambers.

http://www.infoworld.com/article/07/12/12/cisco-telepresence-conferencing_1.html?source=NLC-WEBSERVICE&cgd=2007-12-12

Monday, December 10, 2007

Lembaga-lembaga terkorup di Indonesia

(Tulisan ini juga disajikan di website
http://kontak.club.fr/index.htm)


Hasil penelitian yang dilakukan Transparency Internasional Indonesia (TII) mengenai korupsi di negeri kita makin meyakinkan kita bahwa kebejatan moral atau kerusakan akhlak sudah melanda secara ganas dan juga meluas sekali di kalangan sebagian besar aparat dan lembaga negara. Menurut hasil penelitian tersebut, institusi kepolisian, parlemen, lembaga peradilan, dan partai politik menduduki peringkat teratas sebagai lembaga terkorup di Indonesia (Kompas, 6 Desember 2007).

Membaca berita tersebut di atas, kita semua bisa geleng-geleng kepala, dan bertanya-tanya :”Sudah begitu parahkah sakitnya bangsa kita ?” Betapa tidak ! Sebab, menurut penelitian tersebut, institusi kepolisian menduduki peringkat teratas sebagai lembaga terkorup di Indonesia. Demikian juga parlemen dan lembaga peradilan. Demikian juga partai-partai politik. Kalau sudah begini, lalu apa saja di negeri kita yang masih bersih dari korupsi?

Kita tahu sendiri, bahwa selama ini koran dan televisi di Indonesia juga sering sekali menyiarkan banyaknya pejabat di kalangan eksekutif yang tersangkut korupsi. Termasuk adanya menteri atau mantan menteri (bahkan menteri agama!!!), gubernur, bupati, walikota yang mencuri kekayaan negara atau uang rakyat. Yang agak jarang terdengar adalah adanya korupsi di kalangan TNI. Dan itu pun tidak berarti bahwa tidak ada korupsi atau penyelewengan di kalangan TNI, melainkan karena ketatnya “pembungkusan” informasi, sehingga jarang sekali bocor.

Parahnya wabah korupsi yang sudah begitu meluas ini, mencerminkan rusaknya sebagian besar akhlak atau merosotnya moral bangsa.Dan kerusakan moral atau kebejatan akhlak ini sudah begitu meluas, sehingga “budaya korupsi” sudah tidak membikin malu atau takut bagi banyak orang. Demikian buruknya moral ini sehingga korupsi atau mencuri harta publik sudah dianggap normal saja, atau hal yang dianggap wajar dan “lumrah” saja. Mengapa negeri kita jadi begini rusak? Siapakah yang harus bertanggung jawab? Apa saja yang menyebabkan kerusakan moral atau kebejatan akhlak ini?

Banyak orang yang masih ingat bahwa selama pemerintahan dipimpin oleh Bung Karno sampai 1965, korupsi adalah sedikit sekali kalau dibandingkan dengan sekarang ini.Walaupun waktu itu keadaan sulit, karena ekonomi diboikot oleh kekuatan asing dan dirongrong oleh berbagai pergolakan dalam negeri (pemberontakan PRRI-Permesta, DI-TII, peristiwa tiga daerah, konfrontasi dengan Belanda mengenai Irian Barat dll dll) tetapi rakyat banyak masih menyokong berbagai politik Presiden Sukarno. Suasana perjuangan dan mengabdi kepentingan rakyat secara gotong-royong membikin negara dan bangsa Indonesia terkenal di dunia sebagai bangsa yang revolusioner.

Tetapi, setelah Suharto dkk membangun rejim militer Orde Baru, kerusakan moral atau kebejatan akhlak di kalangan elite Indonesia menjadi ciri utama bangsa, sehingga korupsi merajalela secara ganas. Hal yang menyedihkan begini ini dianggap “lumrah” saja karena Suharto sebagai pimpinan tertinggi negara sendiri sudah menjadi maling terbesar di seluruh dunia, dan tidak diapa-apakan. Banyaknya berita tentang urusan harta yang diperoleh oleh keluarganya (istri dan anak-anaknya, antara lain Tommy dan Tutut) secara haram, menjadi contoh yang jelek bagi banyak orang.

Seperti sudah sama-sama kita saksikan kerusakan moral atau kebejatan akhlak ini adalah produk utama pemerintahan Orde Baru, yang diwariskan kepada bangsa kita. Dan kerusakan moral inilah yang dipertahankan, bahkan dikembangkan oleh kekuatan sisa-sisa Orde Baru. Sebab, justru dengan kerusakan moral bangsa inilah (atau berkat kebejatan akhlak inilah)) mereka dapat juga dengan mudah menumpuk kekayaan dengan cara haram pula. Jadi, dengan merajalelanya korupsi di seluruh aparat dan lembaga negara, mereka malah diuntungkan. Karena itu, pada dasarnya, mereka tidak berkepentingan akan terberantasnya korupsi. Mereka malah dirugikan, kalau pemberantasan korupsi berjalan dengan sungguh-sungguh dan efektif.

Jadi, jelaslah bahwa pemberantasan korupsi tidak akan bisa berjalan dengan sukses, selama sisa-sisa kekuatan Orde Baru masih menguasai alat kepolisian, parlemen, lembaga peradilan, dan partai-partai politik. Sebab, di kalangan mereka-mereka itulah yang banyak melakukan korupsi dan kolusi. Pemberantasan korupsi secara tuntas hanya mungkin kalau kekuasaan politik sudah dapat direbut oleh kekuatan-kekuatan demokratis dan pro-rakyat. Kita semua harus membuang ilusi bahwa reformasi bisa berjalan dan korupsi bisa sungguh-sungguh diberantas tuntas dengan orang-orang lama yang sekarang menduduki tempat-tempat penting di berbagai lembaga negara kita. Kita memerlukan wajah-wajah baru, yang mempunyai komitmen tegas pro-rakyat, dan yang betul-betul anti Orde Baru.

Sejarah dan waktu akan membuktikan kepada kita semua, bahwa perubahan-perubahan besar di negeri kita untuk kesejahteraan rakyat banyak tidak akan bisa dilakukan oleh orang-orang yang bermental Orde Baru.

Paris, 7 Desember 2007

*** *** ***

Lampiran :
berita Kompas 6 Desember 2007 :

.” Institusi kepolisian, parlemen, lembaga peradilan, dan partai politik menduduki peringkat teratas sebagai lembaga terkorup di Indonesia. Demikian hasil penelitian yang dilakukan Transparency International Indonesia (TII).

Dalam pengumuman TII yang disiarkan Kamis (6/12), pada acara Peluncuran Barometer Korupsi Global 2007, kepolisian mendapatkan nilai indeks korup 4,2, disusul lembaga peradilan dan parlemen dengan angka 4,1, dan partai politik, yang meraih indeks 4,0.

Penelitian yang dilakukan terhadap 1010 responden di tiga kota besar di Indonesia yaitu Jakarta, Surabaya dan Bandung ini juga mendapati bahwa 59 persen responden yakin akan terjadi peningkatan korupsi, 22 persen yakin tingkat korupsi akan turun, 18 persen yakin tidak akan ada perubahan sama sekali.

Mengenai hasil penelitian yang telah dilakukan untuk ke lima kalinya ini, Ketua TII todung Mulya Lubis menilainya sebagai sangat mengecewakan. "Hasil penelitian ini menunjukkan adanya mosi tidak percaya masyarakat pada lembaga-lembaga penegak hukum, parpol dan DPR," ujar Tobing.

Oleh karenanya TII mendesak KPK agar lebih serius menangani kasus-kasus korupsi yang terjadi di lingkungan penegak hukum khususnya kepolisian dan kejaksaan.

Selain itu pemerintah juga dituntut agar mempercepat proses reformasi demokrasi di institusi penegak hukum, meminta Presiden secara aktif memantau pelaksaan rencana aksi pemberantasan korupsi, serta mengintensifkan kembali fungsi pengawasan dalam konteks pemberantasan korupsi

Joke today : Seks Dapat Membakar Lemak

Melakukan seks merupakan cara yang praktis dan unik untuk menurunkan
berat badan.
Berikut ini daftar jumlah kalori yang terbakar dengan cara-cara
berhubungan seks.

1. MELEPAS PAKAIAN
Dengan persetujuannya (12 cal)
Tanpa persetujuannya (187 cal)

2. MELEPASKAN BH
Dengan dua tangan (8 cal)
Dengan satu tangan (12 cal)
Dengan mulut (85 cal)

3. MEMASANG KONDOM
Sambil ereksi (6 cal)
Tanpa ereksi (315 cal)

4. PENDAHULUAN
Mencari clitoris (8 cal)
Mencari G spot (92 cal)
Tak perduli keduanya (0 cal)

5. SAAT MELAKUKAN
Mengangkat tubuhnya (12 cal)
Hanya di lantai (8 cal)

6. POSISI
Posisi mama-papa (12 cal)
Posisi kuda lumping (26 cal)
Posisi 69 tiduran (8 cal)
Posisi 69 berdiri (112 cal)

7. SAAT ORGASME
Orgasme betulan (112 cal)
Orgasme bohongan (315 cal)

8. PASCA ORGASME
Tetap di ranjang (18 cal)
Melompat dari ranjang (36 cal)
Menjelaskan kenapa lompat dari ranjang (816 cal)

9. MENDAPAT EREKSI KEDUA
Bila usia anda antara 16 dan 19 tahun (12 cal)
Usia anda antara 20 dan 29 (36 cal)
Usia anda antara 30 dan 39 (108 cal)
Usia anda antara 40 dan 49 (324 cal)
Usia anda antara 50 dan 59 (972 cal)
Diatas 60 tahun (2916 cal)

10. MENGENAKAN BAJU KEMBALI
Secara perlahan (32 cal)
Terburu-buru (98 cal)
Terburu-buru karena suaminya sudah membuka pintu (12182 cal)

Hmmmm, itu semua hanya bercanda loh……

From : Ephanus