• Welcome to another time of gift-crazed Christmas-shopping drivers! Seems like not long ago that we were celebrating our first Christmas in a new house, and here we are again, doing the exact same thing once again, but in a different new house. The tree is up and illuminated, as is our house. I managed to put up some new LED lights around the front of the house, though somehow half of one string of lights is completely dark. Figures they worked before they went up on the eavestrough.

• By next Christmas, we'll have a new addition to our family, so there will be four Chungs! We're very excited to be expecting a little one somewhere near May 9th, 2007.

• I recently bought a new laptop to replace my T42, which I sold; a new Lenovo (was IBM) X60. It's a great little laptop, weighing in at somewhere around 3.5lbs with a Core Duo CPU, 2 gigs of RAM, and a 100 gig hard drive. Initially I was skeptical of the move from a 15" 1400x1050 panel to a 12.1" 1024x768 panel, but I'm finding now that I'll gladly give up the extra screen resolution and bigger screen for the portability and battery life of the X60. The new X60 tablet has an option for a 12.1" 1400x1050 panel, though I'm thinking that that might be a wee-bit small and hard on the eyes. Too bad there aren't anymore of those IBM stores where you could go touch and feel IBM personal computing gear!

• With the launch of Windows Vista around the corner, I decided to give it a whirl. I can't say I'm all that impressed with it. I managed to install it, then started to install a whole slew of the applicaitons I use on a regular basis under XP, rebooted, and witnessed my very own Vista blue screen! The eye candy is nice, with Flip3D and the new Aero interface, though I find that the window frames are gigantic. I found a Vista Expose clone called MyExpose which is actually very cool -- not only does it scale the windows down, but they're all fully live, so if you're watching a DVD or movie clip, and you hit F9, the media player window gets scaled down, but continues to play in realtime. On top of that, the original windows at the original sizes are still visible in the background, but made very transparent so you end up seeing the original cluttered desktop (albeit faded and not very visible) and the newly scaled and spaced out live windows. Amazing how it's taken an entirely new version of Windows to be able to deliver the same functionality Mac OS X has had for quite some time now.

• Since eye candy and expose seems to be the rage these days, I also tested out the LiveCD/DVD for Sabayon Linux, a derivative of Gentoo. It includes AIXGL and the beryl window manager which leverages OpenGL hardware acceleration to deliver some stunning visual effects. Four virtual desktops appear as the faces of a cube, which can be rotated (while still displaying all windows contents in realtime) and flattened so they are all visible at the same time. Expose-like functionality is also there. It's quite amazing, and quite a step forward for Linux as a desktop OS.
  

In my work life, I'm involved in the design and architecture of systems and network solutions; I'm also primarily tasked with the implementation of these solutions. In all but rare instances, there's always more than one way to accommodate requirements and choosing the best option becomes the real challenge.

I personally favour options which provide the customer with the most flexibility and control; and it should go without saying that choosing the right tools for the job goes a long way to providing this.

Lots of applications which are Internet facing, or primarily web-based utilize load balancing to distribute load across a farm of servers. This provides fault-tolerance and higher performance. Dedicated hardware load balancers usually perform the role of monitoring the servers in the farm, and distributing incoming requests across them; they can also provide HTTPS and SSL offloading so that the servers in the farm don't have to deal with the processing overhead of generating session keys for encryption. This is a good thing for reasons including but not limited to:

• It allows the server farm to concentrate on serving web requests and not on performing encryption which is processor intensive, increasing overall application performance
  
• It simplifies SSL configuration for websites by centralizing SSL certificates on the load balancer instead of on every server in the farm
  
• Wherever security policy allows an HTTPS connection can be terminated on the load balancer, and then sent over HTTP to the server farm, allowing for Intrusion Detection/Prevention systems to inspect the request for malicious content and potentially prevent the server farm from being compromised
  
• Since the load balancer can see the unencrypted request, it has a greater variety of options available to it to accomplish sticky or persistent style configurations where an application requires that a particular web client or browser is always served by the same server in the farm

Some common workarounds:

1. Stop terminating SSL on the load balancer, and instead pass it through to the server farm
   
2. Have the load balancer send a redirect to an HTTPS version of the same URL if the original request was to an HTTP URL
   
3. Have the server send a redirect to an HTTPS version of the same URL if the original request was to an HTTP URL

1) Should be used as a last resort, since it negates all of the aforementioned benefits of offloading SSL.

2) Isn't always possible depending on what type of hardware load balancer is used. It's convenient, but moves control and responsibility away from the customer's application logic to the load balancer. In many hosted customer environments, load balancers are not under direct customer administration.

3) Is marginally more difficult because the server can't tell whether or not the original request was HTTP or HTTPS. This can be fixed easily by having the load balancer insert a custom HTTP header when the request is an HTTPS request, and having the server-side application logic check for the header and send a redirect if it isn't present. It's about 3 lines of code.

Since the decision to have to redirect is based on application-driven security requirements, and the customer is responsible for the application, it would seem to make the most sense to perform and code the redirect logic at the application level.

In the real world, this isn't a common perspective.

As an early birthday present, Kelly bought me a new BlackBerry Curve. It replaced my old 8700R which was a great device for the year and a half or so that I had it. The Curve feels like much more than a BlackBerry. Its got expandable storage in the form of a MicroSD socket, and a media player which can manage fullscreen video in a variety of formats, MP3s, ringtones and the multitude of photos captured with the built-in 2MP camera.

One personally long awaited feature over the 8700R is the Curve's Bluetooth Dial-Up Networking profile, which finally allows me to wirelessly tether my laptop and use the Curve as a modem to connect to the Internet when on the run, or train as the case often happens to be.

The upgrade itself from the 8700R to the Curve was surprisingly easy and painless -- having our own BlackBerry Enterprise Server means that besides our Outlook email, contacts, calendars, memos and tasks synchronizing wirelessly in near realtime, after activating the new device even call logs and settings were synchronized.

Pleasantly, the Curve also acts as a USB Mass Storage Device when a MicroSD card is installed. No special DRM software is required for importing or converting MP3s prior to transferring them onto the device, simple drag-and-drop works for MP3s, ringtones (which can be MP3s), video and photos. The media player also reads ID3 tags, and organizes your tunes by genre, artist and album. There's even a 3.5" stereo headphone jack, the first of it's kind on a BlackBerry.

We're still getting acquainted with each other, but so far, so good!

For a while, before I was in-the-know, I tried different RSS aggregators under Windows and OSX, including Outlook 2007, Vienna and netNewsWire. They're pretty nice, but then I found Google Reader. Like everything else Google these days, it's a Web 2.0 application and since most of the time you're online when you're wanting to look through your plethora of RSS feeds, it's very convenient. No more worrying about synchronization and cross-platform feed settings. You can even import and export OPML files to and from Google Reader in case you still want to synchronize your Reader and non-reader feeds.

So, as per typical google style, you can easily search through all of your feeds, it supports keyboard shortcuts for quick and dirty navigation, and even trends what you read.

It constantly recommends other feeds that you might find interesting too, and my feed list has been growing because of it.

One of the really cool features is integration with Google Gears, which allows you to even use reader in "offline" mode. You can click the "offline" mode button in reader, and it will download the most recent 2000 feed items for your viewing pleasure in a disconnected state.