Ok, since I haven't made a post about geek stuff in awhile, I'll give a quick review of what I've been playing around with lately. Now, I've been using Linux as my primary operating system for close to 10 years now. In fact, as soon as I got my MCSE (Microsoft Certified System Engineer) back in '97, I abandoned Redmond and followed my heart and principles and put myself permanently in the upstart OS's hands, destination be damned. Since then, I've been privileged to be part of a Linux startup, part of active local user community and hired in my current job primarily as open source expert (which, in reality, you can't be a good information security analyst without a deep understanding of open source technologies, including Linux). I was the lead engineer for the City of Austin's Linux pilot projects, Open Office trials and first forays into public wifi (which the units we spec'd ran Linux) back in '03. But during most of that time, I had never really recommended to anyone that the average computer user was ready for Linux, primarily because Linux's strength is paradoxically it greatest weakness (it's flexiblity). Oh, sure. It's great from an enterprise standpoint where it's inherent network and multiuser support as well as upkeep far outshine anything from Microsoft. And in the hands of a knowledgeable administrator, a great desktop experience could be crafted together. But now I'm ready to change that policy for the average home user.

Now I've tried just about every combination of window manager and user environment. I'm a huge fan of Mac OSX from the usability and eye candy aspect (I've got a G4 iBook and had a dual proc, dual head G4 PowerMac for awhile as well) and also love it's UNIX underpinnings (FreeBSD). On Linux, I started out using KDE pre-1.0 and quickly moved to my first cherished desktop environment; WindowMaker. I loved the combination of simplicity and eye candy that was available for it (I still have some WM themes up on freshmeat.net). Since KDE 3.0, though, I've pretty much used KDE exclusively, especially when GNOME decided to start "dumbing down" their environment in favor of usability vs. customization. But, just for the fun of it, a few days ago, I changed my desktop over to the latest GNOME in the Fedora Core 5 repository and sparked up my first use of GNOME in close to 4 years.

And the result? In a word: impressive. Now make no mistake about it. I'm a Linux power user by any definition of the term. That was probably the main reason why I stayed away from GNOME as I figured that any environment that limited what I could do on *my* OS just wasn't worth my time. Not to mention the fact that it just seemed that KDE was always ahead of the curve on the all-important eye candy front (that's one of the big reasons for me which separates Linux and Mac from that lame excuse of an OS, Windows).

Since I loaded up GNOME on my meager home machine (P4 1.5Ghz, 512MB RAM, dual head Nvidia+MGA vid cards), I've been impressed by its snappy performance and sharp rendering of fonts and widgets (metacity seems to have come a long way since they made the switch from sawfish oh-so-many years ago). GTK2 (the widgeting library) is light years ahead of the last time I played around with GNOME and GTK, easily rendering colors, buttons and menus with ease. And I have to say that I'm quite impressed with Fedora's array of extras (themes, backgrounds, etc) and the graphical interface to Fedora's software installation and update tool, yum.

I was so impressed with this setup on my home machine that I decided to take the ribbing from my co-workers and load up GNOME on my slightly more powerful work machine (P4 2.4Ghz, 512RAM, Dual head 32MB Nvidia vid card). Now, the thing to note here is the video card. That card, unlike my mix of cards at home where only the Nvidia is 3d capable, allowed me to install a different window manager, XGL. And let me tell you, my friends, *this* is how computing in the 21st century is supposed to be...

Don't let Microsoft's upcoming marketing of Vista fool you. There is nothing in Vista that will even come close to XGL. Besides Vista's bloated hardware requirements, it just doesn't have anything in it close to this functionality. So what is this miracle window manager? It's a hardware accelerated desktop which shows the potential of where this free operating system is going and why Microsoft *really* needs to think about getting out of the "for-pay" operating system market altogether (esp. if the rumors are true that Apple might be working to position OSX as an alternative OS for new PCs). After all, if you can get all of this for free, why would you pay for anything else?

Now, the movies of XGL are impressive, especially considering that it's really just a late alpha to early beta release. But even in this early stage, it's absolutely usable as an everyday desktop. It features "wobbly" windows and menus (windows and menus that shake and distort based on movement or focus), true alpha blending with user defined window transparencies (you can even have different transparency levels on each window), fully rendered drop shadows (I find them better than OSX as you can define how much shadow and offset you like), OSX-like "expose" and fully rendered mini app windows on the alt+tab key combo and the jaw-dropper for most people, the "cube" desktop switcher.

The cube is a virtual desktop switcher and by using that definition, it seems to trivialize it's function. An easy way to think about what it the cube is imagine that your computer screen is just one face of a cube that extends behind your monitor. On each face of that cube, you can have another desktop containing whatever applications running you like. Now, virtual desktops have been part of UNIX for the better part of 30 years but XGL has a major difference; its performance. Because is uses hardware rendering to draw the windows and effects, to quote some of my bretheren in Boston, it's "wicked fahst." And as this video shows, the cube floats in space when you change desktops or grab the desktop with the mouse and the ctrl+alt key combination. Add in the fact that you can customize the picture that goes on the top of the cube and in the background as well as many other customizations (like standing inside the cube looking out instead of looking at the cube from the outside) and you have some major eye candy sure to make your Windows friends weep in envy.

And because this feature is so responsive, it makes this implementation of a virtual desktop switcher worth using. Software based virtual desktops, to me, have always suffered from slowness. So much so that I didn't care to use them. XGL is the first one I've ever used where I can switch desktops and focus an app faster than I can actually think about it doing it.

Now, to be honest, XGL also works just fine with KDE. But the combination of GNOME and it's clean, almost sparse lines with this new functionality as well as GNOME's focus on usability just seems to fit better. It feels leaner and meaner.

But eye candy is great, you might be saying, but what is prompting you to say that Linux can now be used by the great computing masses? Linux's biggest detraction over the years was the supposed lack of applications on the platform. That is no longer the case. Nowadays, you can find an application to do exactly what you need to do natively on Linux or, if you want, probably can run that same Windows app on Linux using Wine or it's commercial counterpart, Codeweavers Crossover. And since Vista will be breaking backwards compatiblity in some ways, you won't be guaranteed that your preferred app will run if you upgrade. Add in that XP is scheduled to be end-of-lifed in 2008, the lofty hardware requirements needed to even run Vista and the RIAA/MPAA pushed DRM (Digital Rights Management) which take your rights away from your legally purchased content, it all adds up to a big fat "why do I need that? And you want me to pay for it as well? Yes, sir... Can I have another?" Geez...

So now I humbly urge you that if you have never given Linux a try, now's the time. There are numerous LiveCD distros available so you can try Linux/GNOME/KDE without damaging your current Windows install. And for those of you wanting to try an XGL-based experience, the only LiveCD I know of is located at Kororaa.org (btw, kororaa is a species of penguin, Linux's mascot) and it is heavily dependent on which video card you have installed. Good luck and let me know your experiences!

Update: Seems that Business 2.0 magazine is recommending *not* to buy Vista when it comes out. From the article:

"Boycott Vista. Keep your old Windows XP PC around. Don't buy a new one. That's the only way we have to let Microsoft know Vista is an overhyped, late, and pointless update to XP - a perfectly fine operating system."

Not exactly a ringing endorsement. Just another reason to give Linux a spin...

Update II: A friend sent me a link (h/t Harris) to another story about the inevitable death of Windows. From the article:

"The Vista saga has two interesting lessons for the computer business. It raises, for example, the question of whether this way of producing software products of this complexity has reached its natural limit. Microsoft is an extremely rich, resourceful company - and yet the task of creating and shipping Vista stretched it to breaking point. A lesser company would have buckled under the strain. And yet while Microsoft engineers were trudging through their death march, the open source community shipped a series of major upgrades to the Linux operating system. How can hackers, scattered across the globe, working for no pay, linked only by the net and shared values, apparently outperform the smartest software company on the planet?"

And it goes downhill from there...

Well, I guess this makes it official. The patent can viewed here. This was a long, hard slog for us and especially our patent attorney (Thanks, Jeff!) At one point, we really thought the patent wouldn't go through as it was just taking too long (you can see that the original patent we filed this under was in May, 1999. This particular patent, which deals with our distributed firewall and communication system was filed off the original patent application in July, 2000. So it took 6+ years to get it through.)

Now comes the question, "What do we do with it?" Jon Crain (another of the co-founders of that business) and I have been thinking real hard about that. I've tossed a few ideas out there on starting another business that could utilize some of the claims within the patent and I think we'd both like to go there again someday. Originally, Triptych Microsystems (that was our company) was formed in late 1998 around an idea to build a set-top tuner/DVR/computer atop a full Linux OS (think back in mid-1999 when the Netpliance I-Opener came out and other companies were building limited use Internet appliances at a loss in an attempt to subscribe customers to their Internet service.) Our set-top was different in many ways and some of those differences made it to other companies current products.

For example, one of our differences was installing applications. At the time, most applications on Linux were still being complied but some distributions, like Red Hat and SuSE, were using packages called RPMs. We decided that we could compile all the applications for our platform (which was StrongARM based) and "wrap" the complexity using a GUI through a web-browser (this idea pre-dated any of the now many GUI package managers for example Synaptic or pirutby a good 2 years). In our specific embodiment, the user would open a browser and go to our web site, search for the application they wanted to install and then click on the link provided. Then the application would be installed all off the one-click (which is what our internal name for that service was called, "One-Click.") Now, we don't claim that we "invented," so to speak, that process; that idea grew organically from the Linux commons. But that exact process is still being used today by one of the major distributions, Linspire in their "Click-N-Run Warehouse." We had tons of other ideas for that set-top system (a cheaper "satellite" system that would allow you to watch your recorded videos on another tv in the house using wireless (at that time, 802.11a/b/g wasn't as prevalent and we were designing the system around Symphony/Proxim 56k RF wireless cards. Try shoving a 640x480, stereo video recording through a 56k modem. T'wasn't easy... :-) We also developed a Java-based system management program called in-house "Teresa" (a mashup of the real name Triptych Remote Support and Administration = TRSA). That in it's own right could have had it's own company formed around it (doing remote support and maintenance for Linux machines).

Ultimately, though, we decided to "split out" our unique security system we designed for the set-top, a "distributed" and connected firewall system into it's own distinct product called StrongNet. It was a hardware-based firewall that was designed to be an open hardware / open source unit that we were going to give away. Our business model had us making our money on the backend subscription service. The patent covers this device in its preferred embodiment including the electronics that comprised it and it's unique feature; it was able to "report" back what it thought were attacks to our central expert system. We could then correlate events in that expert system and send out updates to all of our subscribed units to protect against those attacks. An example would be a cracker attempts to crack one of our devices. The attacked device would block and detect the attack, send the relevant attack information back to our expert system using encrypted communications where we would then send the attack neutralizing rulesets back to all our subscribed units using a still-waiting-to-be-patented communications protocol. In this way, each firewall was a node in a million-plus unit and growing distributed firewall. From the expert system, we would be able to see how attacks develop, block DDOS attacks from infected clients behind the firewall as well as notify users when they were infected. It was really a neat system.

We also had a road map that got into next generation implementations of the idea. Gen1 was the projected $30 hardware device that you plugged into your broadband modem (and remember, at the time in late 1999/2000, people were just getting on-board for security protection on their broadband nodes as the saturation of broadband hadn't made it very far). Our business model had us giving as many of those devices away as possible and they would have been released under a "hacker's license" which would have stated you could crack open, tweak, microwave or do anything you wanted with the device if you didn't want the backend security service. The units weren't very powerful or expensive so we figured there would be enough subscribers to make up the difference in our "loss leader" business model. Gen2 was designed to have all of the features of the hardware unit on a few chips. That way we could embed the security service into other products like ethernet cards and routers and vendors could outsource their security needs. Our Gen3 product would be specifically designed for mobile devices using a single, low-power chip that could be embedded in PDA's, mobile phones or any device that needed secure communications.

But, alas, we ran out of angel money in mid-2000 and even though we were doing some heavy talking with industry players, they knew that a small start-up like ours wouldn't survive without that first round of venture capital (we actually turned down a first round because the vulture capitalist wanted 75% of the company for a few million dollar stake. We were unwilling to give up control of our company so we turned it down, keeping our pride but not the doors open.) Over the years, Jon and I decided to keep the security patent applications going (abandoning the other 5 patent applications we had written on such cool things as keyboards with application dynamic key remapping...) and today, one of the two patent applications left finally issued.

We really enjoyed the start-up and are absolutely convinced that had we a little more time, our company would still be in business today with a great little 4th or 5th generation product. We still have our business plan and this idea is still just as relevant today as 6 years ago so if any of you venture capitalists would like to talk, just drop me a line. I've got a great idea on how to combine an IPS with this patent... ;-)