« Older Entries | archive for 2009 | Newer Entries »


Topics: Onyx, Proteolix, and an Autoimmune Fix?

20 Oct 2009 16:07 EDT

I read with interest yesterday of Onyx Pharmaceutical‘s acquisition of Proteolix. (Thanks to VentureLoop for the tweet that tipped me to this.)  Onyx specializes in cancer therapies, and Proteolix has drug therapies that are useful in treatment of both cancer and autoimmune disorders. Among the products in the Proteolix pipeline are immunoproteasome-selective inhibitors.

Proteasomes are barrel-shaped  complexes found in every cell of our body. They are cellular recyclers – their job is to break down old or unwanted proteins and turn them in to peptide building blocks that can then be recycled to make new proteins. An immunoproteasome is the form this structure takes in cells of the immune system. Normally, they play a role in fighting infections, by breaking down proteins from invaders and using the broken-down pieces as a sort of signal for infection-fighting cells. But increased activity of the immunoproteasome has been implicated in many autoimmune disorders, like rheumatoid arthritis and lupus, where the body attacks itself instead.

Proteasome inhibitors block the action of proteasomes. Since proteasomes are necessary for the day-to-day life activities of cells, inhibiting them can induce apoptosis (cell death), which sounds bad but which is a great thing when you’re fighting cancer. And immunoproteasome-specific inhibitors are likewise a great thing when fighting autoimmune disorders.

Immunoproteasome inhibitors are being studied as therapies for autoimmune diseases such as RA and psoriasis (where they’ve been shown to be effective in animal models) and potentially many other diseases.

One autoimmune disease that I’d hope was an eventual target for this sort of therapy is Goodpasture Disease. OK, I’m admittedly very biased here: I have that disease. It’s a very rare autoimmune disorder that causes kidney and lung failure; I was diagnosed with the disorder in 1989. It’s a rare enough disease that it’s considered an orphan disease for which there are no specifically-targeted therapies.

Encouragingly, there is good evidence (such as this paper from the journal Proteomics [PDF] and this one from the Federation of European Biochemical Societies) and a good chain of reasoning to indicate that immunoproteasome inhibitors would be effective against Goodpasture Disease as well.

I’m happy to see that this novel kind of research into therapies for autoimmune diseases like Goodpasture’s is bearing fruit. Onyx Pharmaceuticals has been concentrating on cancer therapies. I certainly strongly encourage Onyx to take advantage of Proteolix’s full pipeline and continue the development of proteasome inhibitor-based therapies for autoimmune disorders as well. There are established links between the pathologies of cancers and autoimmune diseases; and there are millions of suffers of  these diseases who could benefit from therapies based on this biotechnology.

Boy, do I love this stuff! The intersection of entrepreneurship, innovation, biotechnology, and the hyper-hyper-local. More, please!

[cross-posted to A Marble Desk]

Tags: , , , ,
Posted by mark beadles in Uncategorized | 2 Comments » Bookmark and Share
 

Every day is a new day, just like every other day.

19 Oct 2009 15:53 EDT

Today is the 15,518th day of my life. [Numerological note: I was born on the 26th. Strangely, 15518 in base 26 is "MOM". Hi, Mom!] Now, you might think that after maybe the first 15,000 I’d have had this all figured out. But, like all days, every day is different. We can’t predict the nature or even the existence of tomorrow. If we can’t stop the flow of the river of time, though, maybe we can build some locks to make our journey across the rapids easier. We rely on watches, clocks, calendars, alarms, reminders, schedules.

I’m a big fan of Google Calendar for its ubiquity (it’s available anywhere I can get to the web and syncs with my Blackberry), its ease of use (it looks like a paper calendar), and its shareability (I subscribe to calendars from my church and the YMCA and can easily add event from other organizations). I carry my Blackberry compulsively. My own brain didn’t come with a good memory for schedules and events, so I tote along an extra brain in my pocket. My extra little black rectangular brain is very good at remembering things. Computers are augmented brains, just like cars are augmented limbs. They get us where we’re going better than our natural equipment.

I may have been orbiting a black hole for the past year, though; my perception, my experience of time has been altered — perhaps allowing me a closer view of the strands that make up its structure. Perhaps just spinning me round: Time when you’re seriously ill is undependable. Time in the hospital is interminable. Time in recovery is hour-by-hour. Time with family and friends is far too short.

I’ve not had the constraining luxury of a regular 9-to-5 for a few months now. It’s blissful freedom, but also another clock ripped from my wall. I wandered footloose and fancy free (!) this summer. But I don’t operate well without structure, schedules, and deadlines. They give me something to battle against. I’ve therefore put up some new calendars and clocks on my metaphorical wall, and wound a few watches as well.

I’ve set some interesting and barely-attainable goals for each day and each month. Every day during the month of October I must go to the gym. Every day I must write a blog entry, either here or on my more professionally-oriented blog.  Every day I must take active steps to either land an excellent job or start a venture of my own. In the month of November I must write a 50,000+ word novel, which means that every day in October I must be working in preparation. I’ve also set a goal of reducing my material possessions by donating, trashing, or recycling something every week.

The benefits of going to the gym daily are most obvious. Although I’ve made a diligent effort to ‘get to the YMCA!’ every week since my surgery, it’s been limited to 2-3 times a week, and only when I’ve been feeling good. Guess what? Going to the gym every day has me feeling really good. Going to the gym every day is becoming a great habit, even addictive — I’m back to getting a runner’s high after a half hour on the rowing machine. Last week when I mentioned to my doctor that I was well enough to work out every day his jaw dropped (good thing he’s a doctor, they can fix that). Exercise is helping me get through my steroid withdrawal. My joint pain is gone, my mood is much improved, and I’m building significant amounts of muscle mass. My family’s much happier about all of the above.

Folks, I’ve done a wide variety of things in the last 15,518 days. Many of them were supremely challenging, and I’ve discovered that it’s in challenges where I’m at my best. I thrive on unachievable or unbelievable goals. It’s the day-to-day stuff I’m bad at. So I think that complete recovery from my second kidney transplant, writing a young-adult fantasy novel about three brothers, and starting a new business venture is a good set of challenges for the next few hundred days.

Old man river, he just keeps rolling, just keeps rolling along….

Tags:
Posted by mark beadles in Uncategorized | 1 Comment » Bookmark and Share
 

What is "Context-Aware Computing"?

15 Oct 2009 23:24 EDT

Market analysts Gartner, Inc. recently published some research on the subject of “context-aware computing“. Perhaps their recommendations were a little opaque to those not already versed in the topic (a common problem with market analysts’ findings), since a question popped up today on LinkedIn Answers asking what exactly context-aware computing is.

I gave a short and, I hope, helpful response on that forum; but the subject interests me so I thought I’d expand on it here. The barrel of monkeys with keyboards at Wikipedia has an article on context-aware computing; you can read that at your leisure, it’s not bad. Here’s my synopsis:

Context-aware computing is at its core the idea of systems that take the user’s environment into account. By the user’s environment I mean such things as the user’s:

  • geographic location
  • presence information (such as online/offline availability and status)
  • social-networking information and preferences
  • interaction and communications preferences
  • privacy preferences
  • device type (mobile/laptop/etc.)
  • and, really, any other data which corresponds to the current state associated with that user.

Context-aware computing can take advantage of all these factors when delivering the user experience. Systems can attempt to make the experience optimal even when the user is accessing different applications from different devices, different locations, different browsers, and so forth. Context-aware computing can make apps better suited to the needs and desires of the individual users.

Without context, user experience can be very fragmented across apps, systems, and devices. Applications can behave generically for users. Non-context-aware applications may make no allowances for how the user is accessing, where the user is located while accessing, and what is happening in the physical and social world around the user.

Over the past few years, we have certainly been beginning to see context-aware applications in the consumer world, especially in social networking. The next wave of support could be in enterprise apps. Examples that are well-suited in the enterprise include call centers, customer services, and collaboration apps, and access control. This last area is where my own work in context-sensitive computing has been. By examining details such as a user’s location, time of day, trust level, device type, computer state, etc., in addition to standard access privileges, a system can make more rational — and more secure — decisions about what level of system access to actually grant a user.

There are some challenges to implementation of this concept. We need to figure out just how to obtain this context data and share it with the applications.  We also need to consider trust and privacy – can we deliver context-aware systems while securely maintaining trust and without compromising users’ privacy?

Many of the elements of context-aware computing have been around for decades; Gartner predicts that they have now achieved a critical mass and will become a core part of applications in the near-to-medium future. This makes sense to me: context-aware computing seems to be intimately connected with the related trends of social networking and cloud computing. The three aren’t the same things, of course, but there is a symbiotic relationship among them.

Remember, this is what we humans do all the time: we adjust our interactions based on the context of the situation we find ourselves in — and that context includes other people. We use different vocabularies and different tones of voice with different audiences; we adjust how loud our voice is based on the ambient environment; we use titles of respect and manners of behavior in situations where they are expected. By integrating this concept into human-computer interactions we can make them more natural, more useful, and more flexible.

Tags: , , ,
Posted by mark beadles in Uncategorized | No Comments » Bookmark and Share
 

Vista calling today's Critical updates only "Important"??

14 Oct 2009 02:12 EDT

Today (Patch Tuesday!) Microsoft released a record number of security patches. This includes some items rated  Critical — here’s a good breakdown of the patches at SANS and another from Microsoft themselves.

I’ve been through the Patch Tuesday rounds seemingly countless times now, whether on my personal machines, in data centers, or as part of the process of building and operating commercial security software that’s patch-aware. It’s complex — lots of moving parts that can go wrong.

So I immediately noticed something when doing my check for today’s patches. None of the patches were rated Critical on my Vista machine. Instead, Vista told me that I had 15 Important patches ready to download and install:

With all the news and hype surrounding this release, I certainly expected more than this. Where was the Windows Media Player vulnerability? The SMBv2 vulnerability?  I dug in and looked:

Well, there they are:  the Media Player fix is KB954155. The SMBv2 fix is KB975517. Etc. These are Critical vulnerabilities with known exploits. But they are all listed as only Important by my Vista Home Premium SP2 personal laptop.

This is a major oversight. If someone thinks these updates are only Important, they may defer installation. Since there are in-the-wild exploits, this would be a very dangerous choice to make.  People who aren’t following the news, aren’t tech-savvy, and don’t have their updates set to automatically install could find themselves in a bad situation.

Microsoft needs to investigate and correct this. I’ll report the issue and follow up on anything I learn.

Tags: ,
Posted by mark beadles in Uncategorized | No Comments » Bookmark and Share
 

Danger in the clouds!

13 Oct 2009 01:52 EDT

OK, everyone, let’s take a deep breath here.

Any kind of architecture might carry the risk of losing all your customer data in one catastrophic event – if it’s poorly designed or poorly operated. Microsoft/Danger’s loss of customer data was due either due to a design failure or an operations failure or both. It’s also possible that the loss was due to a calculated risk: that known design or operations flaws were nevertheless judged unlikely to lead to a loss. Or all three. Either way, it was not due to any particular feature of cloud computing.

Secure computing gets a lot of attention today — but mostly in the attacker/malware aspects.  To be sure, malware and other attacks are significant and serious risks. But another important aspect of security is reliability. Even if your data were absolutely impregnable to attackers, in the event of irrecoverable data loss your customers are just as out of luck as if they’d been hacked. There are decades of best practices on how to maintain data reliably, yet naturally, losses still occur.

It’s impossible, of course, to guarantee against data loss with 100% certainty. There are always events which have some small yet finite chance of occurrence that are capable of causing catastrophic loss in any system. And in the real world of engineering, there is always a trade-off between cost and function. Generally speaking, the more you engineer a system to be reliable, the more the system costs. Money isn’t unlimited, and so there is only so much reliability one can realistically achieve with any given budget.

The best kind of risk is the one you’re aware of — the one you can calculate the chance of occurring, the cost if it does occur, and how to recover from the event. Not every risk is even imaginable, much less predictable. In the best case, Microsoft/Danger was aware of the kind of risk that existed in their system, engineered appropriately around that risk, operated with awareness of that risk, and simply got hit with an unlucky event. In the worst case, they were unaware of a poor design or slipshod operations.

None of the above has anything to do with ‘cloud computing’.

Now, ‘cloud computing’ does have some general features which do change the risk profile of these sort of events.

  • In contrast to a system where customer data is always stored locally to the customer, a system where data is stored centrally is more likely to experience a loss of data across multiple customers. But central data storage is neither a necessary nor a sufficient feature of cloud computing. 
  • In contrast to a system where customer data never transits the Internet, a system were it does cross the Internet is more likely to experience a loss related to such transit. Internet transit is a necessary feature of cloud computing, but not a sufficient one. Customer data travels across the Internet in many other ways that are unrelated to cloud computing.
Proper architectures and proper operations will be made with awareness of these risk profiles and account for them in line with the costs of the system. But hey, that ain’t exactly rocket sci…actually, come to think of it, that is rocket science; or at least rocket engineering.
One can argue that the above points represent the very essence of why cloud computing may be more prone to this kind of problem: it encourages centralized data storage and transmission of data across untrusted networks. Well, yes. Different architectures have different risks, different benefits, and different economies. As cloud-based architectures become more and more pervasive, engineers and architects will need to adapt to patterns and models that are appropriate to the cloud and its unique characteristics. (In my opinion, these disciplines should become part of a modern computer-systems education. I digress…)
But this doesn’t seem to be the problem in the MS/Danger/T-Mobile case. Sounds like they just screwed up in any number of ways. Lay this at the feet of ordinary human failings, but not of cloud computing. 
Tags: , ,
Posted by mark beadles in Uncategorized | No Comments » Bookmark and Share
 

A heretical thought experiment: do strong passwords still matter?

09 Oct 2009 17:57 EDT
Phishing is growing as an important mechanism for stealing passwords. Is phishing the leading way that criminals are gathering credentials? If so, does this mean using ever-stronger passwords doesn’t confer the protection that it once did?
Acutenix performed a great statistical analysis of a small number (9843) of passwords that were phished and released on the Internet. Some reports about this analysis, such as this one from Elinor Mills’s InSecurity Complex at cnet [edit: I had the wrong name for her column initially] have focused on how weak many of the passwords were — one-character passwords, all lower-case dictionary words, etc. Weak passwords are easy to guess through automated mechanisms, which can rapidly focus in on the correct password if it’s not well constructed.
What I noticed was at the other end of the strength curve. There were some relatively strong passwords on the list — 565 (6%) passwords were composed of alpha + numeric + other characters, and there was even one 30-character password. Here’s what struck me: strong passwords did not protect these users from having their passwords stolen. These passwords were successfully phished and released, even though they followed standard security guidance on construction.

Consider that strong passwords carry their own risks based in psychology. Strong passwords can be hard to remember — resulting in password re-use; forgotten passwords requiring intervention (creating a weak link in the security process); and writing passwords on sticky-notes for anyone walking by to see.

I’m not suggesting that we abandon the teaching of creating strong passwords. Strong passwords are still an element of layered security or defense-in-depth. If you’re going to use a password, make it strong. But if strong passwords don’t provide any protection against an important new vector, what do we do about that vector? Is this just another piece of evidence that we need to be (finally) moving beyond passwords?

Think of it this way: in a world where everyone uses keys to lock doors, criminals will get better and better at picking locks. Correspondingly, locksmiths will make locks that are more complex and harder to pick. This will continue to escalate in arms-race fashion. But if a rash of criminals find they can just bust the doors down and do so in ever-increasing numbers, isn’t it time to consider if we need something else in addition to the locks?

The answer to these questions might be found empirically. Thought experiment: an we numerically calculate the relative risks of weak passwords vs. phishing, based on actual evidence from the field.  Work for another day.

Tags: , ,
Posted by mark beadles in Uncategorized | No Comments » Bookmark and Share
 

Nebula and open-source democracy

09 Oct 2009 01:50 EDT

I’m ambivalent and skeptical (ambivical? skeptivalent?) but definitely optimistic about Nebula. No, not the science fiction award (although, hey! Wouldn’t it be great to win one from a novel written during November’s NaNoWriMo?) or the various Messier catalog objects.   This Nebula is the US Government’s entry platform into cloud computing.

I’m ambivalent because, first off: the government (inasmuch as you can attribute any unified direction to such a hydra) has been working on getting into cloud computing (under various names and models) for a long time, at least a decade. Cloud computing seems to be the soup du jour, but really we’ve been stirring the cloud computing pot for years now.  We just didn’t call it cloud computing or even software-as-a-service back in the nineties when many of us were already building the stuff. So the gov jumping into the cloud is certainly very welcome, but to a large degree was inevitable.
I’m skeptical because, um, well, it’s the government. There are some very very sharp people working in the government, do not mistake me. Unfortunately they’re working for a bureaucratic and politicized organization with a history of being slow, over budget, and off the mark.
Overall, I’m optimistic. There certainly is some fawning commentary about Nebula, but to give credit where it’s due, it’s a great direction for the feds to go.  The high-level architecture certainly looks sound, and the claims of the kind of service improvements Nebula could make are in line with the best models for cloud computing, SaaS, and SOA.

One of the best things about the system is that it’s open source.  I’m not an open-source devotee, as such; generally I believe that both open and proprietary software have their places in the market. But I firmly believe that in an open democracy the government should only use open-source software (with certain limited exceptions such as legitimate national-security concerns). There are certainly strong theoretical precedents for this, such as the fact that the US Government does not have copyright in its creative works (17 USC 105, 2007). There is legal precedent which supports the concept as well, for example courts ordering a couple years ago that the source code to breathalyzers be released to criminal defendants. These are certainly not dispositive, but at least lend moral support to the idea of democratic open source.

So the fact that it’s open source, and the fact that the architecture looks reasonable are good signs. Keep your eyes on Nebula and its evolution.

Tags:
Posted by mark beadles in Uncategorized | No Comments » Bookmark and Share
 

Interesting NAC-related tidbit

07 Oct 2009 03:15 EDT

I noticed via VentureLoop today (a great resource for filling and finding jobs at venture-funded companies) that Infoblox is on a hiring spree. Infoblox makes products to help manage DNS and DHCP, two of the core protocols of the Internet — and in fact of all modern corporate networks as well. They have some fairly senior positions open, such as “Principal Software Engineer” and “Senior Product Manager”, and sales positions in Europe. Sequoia Capital, a very well-respected VC firm (with a fantastic web site, by the way!), is backing them.

The network access control (NAC) angle is that Infoblox also has some very interesting DHCP/DNS security mechanisms and interfaces, including NAC. DHCP is, in itself, an insecure protocol even though it is in widespread, in fact nearly universal, use. Infoblox added some capabilities to allow DHCP to be made more secure. They weren’t the only ones to do this, of course. And Infoblox is looking fairly successful for a combination of reasons (great leadership team, great field team), not that one particular feature. But I’m glad to see some capital flowing into the IP network management space, and some hiring going on as well.

Nice to see some stars shining through the smog of the downturn!

Tags: , , , ,
Posted by mark beadles in Uncategorized | No Comments » Bookmark and Share
 

Lots of talk about Toobla, and Tech in the Midwest

06 Oct 2009 01:30 EDT

Toobla is in launch mode right now. Toobla is a local (Columbus, Ohio) company working out of the TechColumbus business incubator, on Kinnear Road near Ohio State University. The ether has been vibrating today with Toobla news: tweets upon tweets.  They recently were named one of “The Best Web 2.0 Applications for Education – 2009” by blogger Larry Ferlazzo. They also were featured in Inspired Magazine in a story entitled “10 Amazing Tools for Sharing Visual Inspiration through Screenshots“.  Their rolling thunder continued with an interview of Toobla CEO Brian Link (formerly of Digg) on local station 10TV.

Toobla offers a service, currently in beta, that they say allows you to “collect and enjoy your favorite stuff in visual containers that can be shared anywhere.” It ostensibly is a bookmarking service with a visual metaphor, allowing you to manage your favorite content with channels, services, and subscriptions. I haven’t used the service yet (although I’d like to), so I can’t comment any more than that. In the future I hope to be able to take a deeper technical dive and learn what they’re all about. Seems quite intriguing and potentially useful at first glance.

First off, let me send kudos to their marketing team for creating what appears to be effective buzz and getting Toobla noticed. Let’s hope the noise can continue.

Then, let me send even more kudos to the whole gang, especially the founders, for starting this venture in Columbus. This is a great decision and I’m very pleased to see another high-profile startup here.

Columbus is a great city that is gaining more and more respect as a technology center.  There is a great depth of talent … in my own experience, for example, when we founded SmartPipes (a decade ago this month) there was already an incredible population of bright, talented, educated technical folks to come aboard.  In the decade since then, tech has become a growing and increasingly significant part of the Columbus economy. In fact, Columbus’s economy has not suffered the ill effects that the rest of the Midwest is unfortunately succumbing to. Tech companies in Columbus can be found in diverse segments from nanotech to healthcare to web services to security software, and there’s a major university to draw talent as well. I’ve done some work with TechColumbus, and I know that they have a thriving incubator culture and are an asset to the community and to the hard-working entrepreneurs they work with.

I haven’t met the guys at Toobla yet, but let me just say: good on ya, Toobla. Keep it up and best of luck.

Tags: , , , ,
Posted by mark beadles in Uncategorized | 4 Comments » Bookmark and Share
 

Getting ready for NaNoWriMo

04 Oct 2009 18:52 EDT

Well, I’ve committed to the public, to my family, and to myself that this year I’ll be participating in National Novel Writing Month – NaNoWriMo. To participate, I signed up at the web site and agreed to start writing a novel on November 1st. Every day I’ll upload my current word count, which is posted for all to see. The goal is to have at least 50,000 words written by November 30th. This is serious stuff, if you want to take it seriously.

I’ve actually been working on the background to some stories since the early summer. Finding myself with an excessive amount of free time this spring, I plunged into creation. Many people start from characters, but I’m not a character-driven person. The maxim is “write what you know:, and I don’t know much about people. Other than being one, and perhaps about being a father. I do know linguistics and astrophysics; mathematics and computing. I know music and little about poetry, some chemistry, some philosophy, and a lot about being lost. I know soldiers and cooking and evolution. So my novel will be about these things, and probably some others.

Genre comes from the Old French gendre, in turn from Latin gener- (a root of genus), finally from Classical Greek γενος, a term which Aristotle was the first to apply to writing. It still means “kind”, or “type”. The original Indo-european root form is ǵenh-, which meant “to give birth”. So what kind or type of novel am I to give birth to? Again “write what you know”. The genres of fiction to which I continually return are science fiction, fantasy, horror, and mystery. Mystery seems to me — I may be wrong here — to be a particularly tricky genre and I’m loath to try it as a starting point. So again, my novel will be somewhere in the science-fiction/fantasy/horror spectrum.

I don’t think we can avoid being influenced by our influencers; all we can hope for is to avoid plagiarizing them, I suppose. I may as well admit my influences right up front and get the comparisons out of the way. I’ve really enjoyed the following authors; observe that not all are authors of fiction.

  • JRR Tolkien
  • CS Lewis
  • Roger Zelazny
  • Larry Niven
  • Jerry Pournelle
  • Fred Saberhagen
  • HP Lovecraft
  • Arthur Conan Doyle
  • Wm Shakespeare
  • Douglas Hofstadter
  • Umberto Eco
  • Jorge Luis Borges
  • JK Rowling
  • Stephen King
  • Douglas Adams
  • Ayn Rand
  • Adam Smith
  • L Frank Baum
  • Daniel Handler (Lemony Snicket)
  • Philip Pullman
  • Oliver Sacks
  • Orson Scott Card
  • Michael Crichton
  • Philip K Dick
  • Stephen J Gould
  • Richard Dawkins
  • Stephen R Donaldson
  • Frank Herbert
  • Dante Alighieri
  • Piers Anthony
  • Rex Stout
  • EE ‘Doc’ Smith
  • Kurt Vonnegut

I imagine I will be influenced by some to all of the above, and will probably outright steal from at least one. Imitation is the sincerest form of flattery, and stealing is the sincerest form of imitation. QED.

So, gentle and not-so-gentle readers, I’ve shown you the blank, ungessoed canvas upon which I’ll be splashing words come November. I have no idea what will come out the other side.

Excelsior et citior!

Tags: , , ,
Posted by mark beadles in Uncategorized | 2 Comments » Bookmark and Share
 
Next Page »« Previous Page