Earlier this week I once again recorded an Identity Buzz episode with Sun’s Brandon Whichard. You can download the episode directly here, or subscribe to the podcast feed to have episodes automatically downloaded, and official show-notes here.

Bouncing off noting IBM’s acquisition of Encentuate, I ask Brandon to explain the difference between Enterprise SSO and SSO. As with most things prefixed with “Enterprise,” the use of the E-word doesn’t really explain what the exact technology is. In this case, ESSO simply means Single Sign On for non web applications: things like GUI, desktop applications, that is. SSO, on the other hand, is understood to mean Single Sign On for web applications.

We also talk about how identity management – tacking the activity thereof – laces through recent US political scandals like passport-gate and Eliot Spitzer’s high-price hookers.

Raising the topic of another M&A move – Ping buying the SaaS-SSO parts of Sxip – we, as ever, we also talk about eagerly awaiting the industry-wide victory of OpenID.

Finally, we round up with some music recommendations.

Disclaimer: Sun is a client and pays for my participation in this podcast. IBM is a client as well.

Technorati Tags: esso, identitybuzz, openid, sunw, sso

After speaking with Brainware this morning, I’ve been left with the question “is enterprise search an application in itself, or just middleware (or a feature) for other applications?”

Remember Enterprise Search?

About a year ago, every major software company (IBM, Oracle, Microsoft, SAP, etc., not to mention all the medium and small ISVs) came out with an enterprise search product. Essentially, the product replicated Google behind the firewall, giving you a search box that allowed users to search over content behind the firewall. Sure, there were adaptors to previously “dark data,” security to limit access to sensitive search results, and the number one cliché use case of any new enterprise technology (a favorite of mine), the geo-cyborg salesperson:

so, you’re a sales guy in the bay area, and you have some spare time. Why spend that time on your own when you could opportunistically find other clients to pester and visit. You just type in your address and – BAAM! – it shows you the movement of clients in a 5 block radius. Look! That guy crossing the street is a client! Go human-spam him! Sell! Sell! SELL! (Hey, those 24″ inch monitors aren’t gonna buy themselves, code-monkey.)

Enterprise Search vs. (Just) Search

I’ve had a long history with trying to figure out enterprise search. The obvious, easy win that any Google mini (or whatever) will take care of is just fixing your intranet search. Intranets are littered with endless web pages and having one way to search over all of it should be required now-a-days. You know, for simple stuff, like, “what are the company holidays for 2008.”

You, dear readers with intranets (of any size), should do an experiment and see how long it takes you to find that info: no cheating if you have saved on your desktop or know how to directly click to it. Pretend that you have no idea where it is and can’t email or ask someone. How long does it take?

Other than simply searching over intranet pages, though, I haven’t heard too many stories of enterprise search being used as an application on it’s own, or even as critical a part of daily corporate work as Google is to daily public web work.

Hierarchical work drives category-think

Enterprise search as a Google-like drop in doesn’t seem to be taking off at the moment. I’m wide open to being corrected, in fact I’d love to be as I always have big hopes fro search.

There are numerous (possible) reasons for this (see an extended discussion from my SAP TechEd 2006 coverage, but at the end of the day, my current theory is that enterprise users just don’t think, or want, to use search as their primary tool. People are very siloed and categorized at work, and I think that mind set trickles down into an employees want to categorize things rather than search for them. As psuedo-metaphor: I’m sure more people – more “civilians” (non-powerusers) – use email folders than just search for their email amongst a pile of messages.

Search is Big with Breakin’ the Law

There is an exception here: search is big for workflows involving illegal activities. That is, lawyers love search for looking over emails for court cases, search is great for auditors and compliance. Basically, if you’re trying to “figure out what happened” when the law or regulations were broken, you love search.

While GRC is a lucrative field now-a-days, in the context of this discussion, I’d say it’s niche.

Search as a Feature

The alternative, which Brainwave spoke to, was the notion of search just becoming a feature in other software. Rather than being the start of a work flow – you go to search.yourcompany.com – it’s embedded in other applications and work flows.

This is certainly the way I experience search in my daily life, on my OS X laptop. I search in my email, my calendar, on my blog (to look up past articles), and other silos. The distinction here is that I first go to the data silo in question and then search, instead of searching and then narrowing down to the silo.

Here, search is embedded in other applications or, the more general, silo. Brainwave seems to think that’s a good way to go (in addition to general search), and the discussion around Microsoft purchasing FAST for SharePoint search touches on that a bit. John Willis has also done a lot of research and thinking about using enterprise search in IT Management.

What’s your thinking?

So, the open question to you, dear readers, is just that: do you see enterprise search being used as the first part in workflows, that is, as a stand-alone application? Or do you see it being used more as a part, or feature, of other applications? And, to put it in the future tense, which of the potential uses seems better?

Disclaimer: SAP, IBM, and Microsoft are client.

Technorati Tags: search, brainware, enterprisesearch

You can download the episode directly here, or subscribe to the Sun Identity Management feed in iTunes or other podcatcher.

Disclaimer: Sun is a client and are paying for my co-hosting on this show.

Technorati Tags: identitybuzz, RBAC, GRC

The Deal with the IT Department

In the main, most IT in large companies is farmed out to the IT department. This is good and bad:

• Food because centralizing on the IT department gives you, the company, more of a chance to control costs and comply with regulations.
• Bad because the IT department becomes a bottle-neck and (more than likely) moves implementation time from week to months.

In times of cost-cutting and compliance, the good often wins over the bad. In “looser” times, the bad of slowness drives the company mad.

FileMaker and Hypercard

In days of yore, we had FileMaker and Hypercard, two rapid application development platforms that relied more on right-click programming that keyboard programming.

In the last few years, I had the “pleasure” of “writing” an application in FileMaker. As a “real” developer, it was no fun, and I kept wanting to dip my hand into the gear-box to tweak things. For example, there was no (obvious?) way to simply execute straight SQL against the FileMaker database.

On the other hand, I could actually quite quickly write the application from data-model to GUI. More important: after a few hiccups, it’s served the users well and I’ve had to do very little support.

That is, FileMaker solved their problems. That is, in the short to medium term.

Upgrade Time

Long term, once the users wanted much more sophisticated reporting and functionality, they’re thinking of contracting out for a re-write. Of course, they’ll probable never actually do this: they’re not technologists and they’d rather prioritize their main business much, much higher than editing their tools. While they’re “stuck” with FileMaker, it gets the job done better than the manual process they had previously.

Thinking further back, Hypercard had much the same utility. The metaphor of a stack of cards with links between them, glued together with AppleScript worked well. It was early constraint-based design and tooling.

I’ve even heard that Hypercard was long used a “good enough” front-end for AS/400′s. I’m sure there’s still some stacks in production.

The point here harkens back to our less code/config idols of several years ago. For many business applications, in the short and medium term, throwing up a good enough platform is good. It’s like an appetizer until the main course is cooked. And if that main course never gets cooked, it’s a good enough meal.

Filling the Gap

Looking at the use of Web 2.0 technology behind-the-firewall, many of the same opportunities exist. Mashup servers, wikis, blogs, XML-over-HTTP, and dynamic languages may seem toyish and not check off all the items a line of business needs to satisfy the long-term goal. But, that bag of tricks might curb your appetite long enough to let the IT department code up the “real” solution.

Of course, this can be a massive tar-pit of problems. The core issue is allow the user’s data and config to be migrated to the long-term solution. In all my years as a developer, that’s the first thing to be ignored, even before testing: a solid data model. I’m often quoted as saying unit tests are the dog everyone kicks as they go out the door. Data models are the dog that was long ago buried in an unmarked highway grave, probably dug up by other dogs as a snack.

Yes, it’s that bad.

Web 2.0 Providing More Options

But, if there is a simple enough way of exporting data and it’s semantics from the good enough solution, architects can at least make a more informed risk decision to give the business a good enough short-term solution. It’d be great if that data format was a standards-based data format, but I’ll take simple over standard in a crunch.

As I’ve said before, whole-hog, “real” Web 2.0 is about a lot more than just technology. That said, when it comes to delivering quick, good enough solutions, Web 2.0 technology seems to have inherited the quick-fix position that FileMaker and Hypercard once served well.

Technorati Tags: 400, filemaker, hypercard, web2.0

“The iPhone is not positioned at all for the IT world,” he say. “It’s a very personal device. Most corporations are probably not going to support the iPhone on their networks.” –Randy Giusto, IDC

Indeed, it strikes me that Giusto is tragically spot-on. Why tragic? The notion that a “very personal device” as compelling as the iPhone (have you seen them ads?!) would be against everything IT wants — secured, affordable, and other inherently submissive to IT policy that helps the business make money rather than lose it — sucks for end-users.

Legacy & Forgiveness

Now, I’m not being dismissive of those wants at all. If anything, there’s a constant disconnect between those who write software, those who use the software, and the IT departments who are charged with taking care of the software. Software providers and users are always racing far ahead of what IT departments want to support.:

• Software providers wants to develop the newest, coolest chunk of software without much care of the “legacy” software or how that software will be when it becomes “legacy.” They want to do this because it’s fun and profitable.
• End users want software that will give them the most benefit and differentiation in the short-term over whoever they’re competing against, intra- or extra-companies. If newer technology or processes gives this edge, they’ll follow the principal of decide now and ask for forgiveness later.
• The IT department wants software that prevents end-users from yelling at them when data is leaked, revenue is lost, or the “plumbing to the business” that is IT fails. The IT department wants stability, predictability, and manageability.

This context results in skunk-works and bottom-up introduction of technologies in companies. Instant Messaging is the canonical example here. You could call the end-users who starting using non-approved IT the “rebellious majority.”

Now, of course, the above is a generalization. Paying attention to the needs of IT is part of what makes “enterprise software” and part of why such software is more expensive than, say, GMail. Of course, as we discussed a few weeks ago on the MonkCast, a mind-share shift (or big switch, if you will) to URL-based computing could erase, or at least dramatically change, that line of thinking. There would still be IT to manage, but beyond desktop and network management (what you need to get to those URLs, and still a pretty big chunk of work), the day-to-day tasks of the IT department would be different than they are now.

SMB-mania

Most tech companies are ga-ga over the mid-market now-a-days as the source of their next large chunk of revenue. Now, that motivation is probably more driven by the saturation of enterprise software and services in the enterprise space. But, it’s also got to be mega-attractive as a market that lacks rigid enterprise IT departments. Sure, it’s still the same trade-off of opportunity today for hassle tomorrow, but you’d expect SMBs to err more towards today than a questionable tomorrow.

iPhone

But, back to the iPhone, right? When it comes to Apple, I generally follow a “buy the 2nd or 3rd” release policy. I use Apple products — hardware and software — everyday, all day. But, I’m extremely hesitant to buy the first release of any of their products for two reasons:

• There’s usually bugs or at least limited features that are fixed or enhanced within a year.
• The first versions are usually mega-expensive, but subsequent versions get cheaper.

Clearly, I’m no gadget-freak. I have no idea about the validity of the touch-screen or any other, usual passel of “will this thing actually be the solution to all past, present, and future problems and desires” nervous hand-wringing that comes with pre-release musings of an Apple product. Us unwashed massed will just have to wait until the damn thing is out before we can pass iGod judgement.

That said, hell yes I want an iPhone! Who wouldn’t?

(Photo by agkamai.)

Technorati Tags: apple, bottomup, goodenough, grc, iphone, it, itmanagement

As an IT management wonk, I have a huge bucket of respect and even admiration for Splunk. Not only is their whole “Google search of IT” awesome, but they were one of the first people to try out collaborative systems management, a trend that more and more people are getting to in their own platforms.

But, I don’t want people to read into my comments. The fault isn’t the reporter’s at all, rather I left out some clarification and contextualization from my original email, esp. given the context of the article.

Re-reading the article, I can see how a reader could insert quite a bit more than I intended in there, thinking that Splunk is a soup-to-nuts compliance detection and management system.

According to Coté, Splunk crawls all the data in a given IT ecosystem and classifies discrete events of its findings.

Now, that’s true, but if your mindset is narrowed down to just compliance instead of the wider scope of IT, you’ll start to add in all sorts of compliance specific stuff that Splunk could be doing. While it Splunk does try to ferret out compliance related events along side all manner of other IT events, I don’t think even Splunk themselves claims that Splunk alone will handle all of your compliance and audit needs. Indeed, their press release from RSA says it well:

Splunk can index any type of logs and IT data by sampling and learning formats automatically. System administrators and security analysts can search and navigate server logs, firewall events and IDS alerts to investigate potential incidents in real time. Compliance analysts and auditors can review, report and achieve long-term retention of data from every component in the data center.

Also, check out the Steve Loyd’s screencast on the Splunk compliance page for all of this in action. His use of tags is fascinating, huh?

What I was thinking I was saying was that Splunk searches over your IT log (or things you’ve setup to be crawlable by Splunk), attempts to identify the type of event (“classifying” it), and provides one interface to search over all those found events. Thus, you need to search through logs and whatnot, you can go to Splunk and start searching away for events related to compliance problems.

More importantly, Splunk gives you a unified interface and sort of “normalization” over events from your “IT soup” to (hopefully) make it quicker and easier to search over all those logs and their events in aggregate, in one place, rather than visiting each system separately.

In the context of winning the “Product of the Year Award for Compliance Software,” I can see how someone would fill in the gaps and then think that Splunk is doing more than searching over all that “soup” along with the classification and event management level alerting that comes with it. Clearly, you’ll need something else to detect compliance problems in the large: Splunk is just search, it doesn’t have algorithms or “intelligence” ferreting out artfully hidden compliance breaches. That said, Splunk definitely looks like a great tool for IT, but I’d be misleading you if thought it was the only tool you needed, as I speak to in the last quite in the article:

Most [systems management vendors and] projects recognize that Splunk is finally providing the search functionality that they’ve wanted for sometime but haven’t gotten around to implementing, so it’s great that Splunk is partnering rather than taking the view that there’s only one way to manage IT.

Technorati Tags: splunk, sysmgmt, search, itsoup, redmonkpressquotes

Obviously, in the consumer space “video conferencing” or “web-cams” are a big deal. They’re fun, even if you’re not doing porn! But, in business, I’ve never gotten the feel that video conferencing took off. After 9/11, there was a slight optimism in the air and the billboards to and fro the AUS. Now, I’m not saying that video conferencing “failed,” just that it didn’t reach a sort of “everyone’s doin’ it” momentum. For example, when a new company starts, they don’t think, “first thing we gotta do is get some video conferencing gear.”

Desktop Sharing “Distraction”

As I was trying to hunt down a WebEx plugin to play this webinar on OS X (side-note: AHHH! WebEx!), I got to thinking: WebEx and friends are certainly a, though not the, nail in the coffin of hardware based video conferencing. Now, the difference is desktop sharing: it turns out people really, really want to share their desktops (to run presentations and do demos) rather than just see each other. Now, while I absolutely hate having a presentation over desktop sharing vs. just getting the PDF or PPT, people seem to love it. Thankfully IBM, Sun, Eclipse, and many of our more long-term clients make it a practice of sending over the presentation. Funny side-note: new companies usually go through the cycles of using WebEx, hating it, and then just emailing out presentations.

But, desktop sharing focus makes me think that seeing someone’s face in remote-meetings is over-rated. That applies, at least and perhaps “only,” in the software development and briefing/consulting context I’m thinking of: I have no idea what the uptake is in health, military, and other verticals. I sure wouldn’t be a big fan of always having my face on in every briefing I do: I’d have to comb my hair and wear a nice shirt all the time! Man, and what’s more dorky looking than wearing a headset?

On one of my briefings with SXIP, Dick Hardt had the video portion turned on in Acrobat Connect (née the much better named “Breeze”) and it was actually quite nifty…but then I just maximized the presentation.

To my mind, then, it seems like there’s room for partnerships and integration between folks like Polycom on one side, and WebEx and Adobe on the other. It seems like both sides would benefit greatly from being able to cross-launch into each other. I’m sure Cisco is drooling over the idea. I don’t follow the video conferencing space at all, so I’m not even sure if that’s already happening.

Disclaimer: IBM, Sun, and Eclipse are clients. As is, or will be, Adobe. Like I said, my dad works at Polycom, so take that thorny bias however you like ;>

Technorati Tags: desktopsharing, video, videoconferencing, polycom, adobe, webex, globo, distributed, sxip, briefings

• Man, I need to turn on FileVault!
• The real problem is that all our systems are crackable if you know my first dog’s name (Huckleberry) or mother’s Maiden name (Murphy).

SSN? Those are a joke. For example, until a few years ago, UT used them as your student ID. Countless other places use them, and you have to casually hand them out for everything like ordering pizza.

You might as well tattoo your SSN on your fore-head.

As I’ve said before, I’m (theoretically, see below) in favor of living the naked life when it comes to data privacy. I want to protect the integrity and authenticity of my data, but there are very few things I’d want to hide.

Please Don’t Hack the Coté

Sure, I bet there’s plenty that would be embarrassing and would prevent me from running for even Neighborhood Dog Catcher, but there’s nothing that would destroy my life. Such braggadocio is kind of like saying “Bloody Mary” 13 times and hoping she won’t pop out of the mirror.

That is: this is not a invitation to test out my theories. Please do not hack me.

The problem is that our systems are built around keeping data hidden instead of securing our systems. Worse, most of our systems aren’t built around keeping our data hidden or securing our systems, they’re built around punishing people once they’ve cracked the system.

Banking

I remember the shock we all had back in the FundsXpress days when we realized how insecure most bank networks are. The amount of security fretting we did was ironic in the face of how insecure the bank system was by nature. As I recall, as long as you had a set of well used golf clubs, you could just ACH whatever amount you wanted from where ever you wanted.

Meanwhile, this was the company whose security culture consisted of The Mighty Kult of Kerberos and all but punching you in the gut if you looked at someone while they typed in a password. Those were all good habits, mind you (a genuine thanks goes to hartmans for putting me through security boot camp way back them); though Kim still laughs at me when I get all uneasy after she asks me for a password.

Direct Hacking

In the end though, our security was strictly CYA in the otherwise incredibly insecure banking world.

Anyone who’s worked for a large company with direct despot has experienced this:

Whoops [the email from HR/accounting will read] we accidently paid you twice, so we’re pulling the money out of your account. H-dog Out!

I mean, we don’t even have email recall on the ‘net, and yet in the world of hard-cash, they can just over-pay you and then pull the money out of your account with a few phone calls.

That system is just a few poorly placed decimal places away from another email:

Whoops! We accidently withdrew $10,000 from everyone’s account. Please fill out these 6 forms and kill a chicken to avoid paying $5,000 in over-draft charges. Sorry! Kisses! P.S.: send all complaints to noreply@yourcompany.crap

Baddies are Real

At the group level, it’s probably cheaper to spend less up front and just handcuff the baddies once they commit crimes. At the individual level, of course, it means days of hassle, years of credit report crap, and all together a terrible experience.

What this means is that, despite my desire to live free and reckless with my personal data, I have to worry about encrypting it, peppering numbers and weird characters into my passwords, and all manner of annoying things, like shredding all my bills.

I would say that it means that all software and IT must be equally secure, but we’ve said that forever, and the industry doesn’t listen. Supposedly, Vista will solve all our problems, but I have too much faith in history repeating itself to bank on that. I don’t doubt that the OS will be more secure, but I do doubt that people will use that more secureness if it’s not turned on by default, or even if there’s a way to turn it off. That’s part of the reason that *nix is so secure: there is no other way to run it. And *nix is still hacked.

A SaaSy Poke-Stick

The only upside to all this (aside from revenue for security software), as James pointed out, is that companies worrying about leaking their precious data outside the firewall is totally bogus. As the countless lost laptops and backup tapes show, the IT world isn’t quite playing it’s A-game when it comes to protecting data, no matter how many firewalls are involved.

So, instead of balking at the notion of shooting all the data up into the cloud with much hand-waving about security, we should really be discussing how we can encrypt and protect the data no matter where it is. My hunch is that the cloud will be a lot easier to secure than those tapes in Melvin’s briefcase while he’s tying one off at the Friday’s.

Disclaimer: Microsoft is a client.

Technorati Tags: banking, crypto, data, encryption, privacy, saas, security, vista

I am, by no means, as into ODF, PDF, Office, and document formats as my esteemed colleague Steve O’Grady. That, as Brandon often comments, is his passion.

PDF

I do, however, like PDF documents. Before PDF, you had to either open up The Beast to read a .doc file or hunt down a .ps reader. Both of those options are like using an 18 wheeler to deliver flowers. Not to mention the fact that every time I open a .doc file in Word to just read it, Word asks me if I want to save the changes. What changes? Just close and get out of my face.

Also, in case you didn’t know, I’m a Mac guy. PDFs are native on Macs. You can print anything to a PDF, and Apple’s Preview.app PDF reader is leagues ahead of Acrobat in speed and prettiness. (Maybe Acrobat has gotten faster and prettier, but why spend the time to check it out when Preview works great?) When I switched over to Macs 2-3 years ago, being able to print to PDF was one of the most amazing features in that it was one of those “oh, of course you’ll want to do that!”

PDF Not Going to be So Portable

So, with that context lined up, you’ll understand why the most interesting aspect of Office 2007 for me iswas the out-of-the-box ability to Save As PDF. Sure, there’s all sorts of vendor-sports reasons to be interested in Office, but that’s the one that was of most interest to me personally. PDF just works, and I was looking forward to the day when I’d never have to open a .doc file again.

But now, never mind that happy day:

Adobe wants the software giant to remove the PDF “save as” feature from its beta version of Office 2007 or to charge a fee for it, whereas Microsoft wants to offer that feature for free, said Dave Heiner, the deputy general counsel who oversees Microsoft’s antitrust cases.

“The ‘save as PDF’ feature is the second most popular request we get from customers,” Heiner said, adding, “Adobe has told the world that PDF is an open format…and (rival) products OpenOffice, WordPerfect Office and Apple (Computer’s applications) already support PDF and tout it as a selling feature. Microsoft should be able to support PDF as well.”

PDF will no longer be out-of-the-box for Office 2007.

The Problem with de facto Standards

PDF comes from that weird, liminal world of the 90′s when open standards and source weren’t quite understood. Those cob-webs, no doubt, help make snafus like this happen.

If I put myself in that 90′s mindset, I’m sympathetic with Adobe in that, sure, putting Save As PDF in Office would kill most Acrobat sales. But, on the other hand, limiting the creation of PDF documents will ultimately hurt Adobe more than it will help. As Adobe themselves and people like Workshare show, there’s a whole lot more to making money in document management than simply formatting the document.

There’s controlling who can see the document, cleaning out meta-data, expiring the document, and an endless list of other (though I shudder to say it) well-intentioned DRM features around documents. Sure, we all crave effortless distribution and portability of music in the form of MP3s, but do you want your medical records circulating as effortlessly as those MP3s?

This is one of my cynical models for making money off open source and other “free” software: if you help create a big enough mess, people will pay you to help clean it up. More people Saving As PDF in Office would create a huge PDF mess. Adobe could make plenty of money managing and cleaning up that mess. Q.E.D. ;>

Put more optimistically, the document market is primed for a freemium play, even giving away the functionality to create the raw documents. Thus, Adobe would have to shift the way it makes money to these higher level features once Save As support for PDF in Office infrastructurized PDF creation.

Innovation they call it.

The Winners

The users aren’t the winners, I’ll tell you that. On the other hand, it’s good news of the ODF camp. Not only can the
likes of Simon Phipps point at this disagreement between Adobe and Microsoft and say “See what I told you? Do you really want a ‘closed standard?’” but, it also greatly quells the very real threat that native PDF in Office could have been to ODF. PDFs are, more or less, universal as it is. If they were native in Office, they’d be like JPEGs or GIFs: anyone could produce and use them. The perfect micro-platform for documents.

So, really, what went wrong here? Probably the usual deadly technology cocktail of money, lawyers, hubris, and fear.

Just add it to the ever growing list of why you need a Mac ;>

Disclaimer: Adobe, Microsoft, Workshare, Sun, and Eclipse are clients.

Technorati Tags: adobe, de feactor, documents, drm, microsoft, odf, office, office2007, pdf, standards, word, workshare

“As entertaining as this has been, it will only get better…”

Check out the first episode of “Identity Management Buzz” with Brandon Whichard and Nick Crown. Here’s an Odeo page for the podcast.

While it’s definitly a pitch for Sun, they cover the idea that change in identity management (getting to the user-centric identity we all lust for) will have to come from a cultural shift, not a technical one.

We also hear one of Brandon’s favorite rants: those damn NIH developers ;> TCO for TCB, baby. And check the SXIP, OpenID, etc. talk ;>

I’ve known Brandon personally for many years (from back at BMC where he was an excellent product manager for PATROLExpress and it’s decedents), and this is a good slice of the extreme passion he has for software and enterprise software. I know it might sound weird to some folks to be passionate about it, but just listen: he really cares about this stuff. Every software company needs that kind of energy and passion in product management, it makes a world of difference.

Disclaimer: Sun is a client, and like I said, Brandon is a friend.

Update: Brandon sent me the list of all Sun podcasts.

Technorati Tags: identity, programmers, sunw