Archive for Software vendors

GraalVM is a Technology to Watch

Oracle

This was originally published on the Amalgam Insights site on April 17, 2017.

Oracle Labs has recently (April 17, 2018) announced the 1.0 release of GraalVM. GraalVM is an open source language virtual machine(VM), much like the Java VM or Node.js virtual machine. What makes GraalVM interesting, is that it can execute code written in a variety of languages including Java (and Java VM based languages such as Scala, Groovy, or Kotlin), R, JavaScript, along with Ruby, R, and Python. This is a departure from mainstream VM designs. It is much more common to have separate and specific VMs for languages such as PHP or Python. In some cases, a language will byte compile to a different virtual machine, for instance Clojure compiling to the run on the Java VM. Those languages are purpose built to run on a specific VM. GraalVM, on the other hand, runs code written in languages originally built for their own VM.

This approach offers advantages over the traditional approach of one language, one VM. For example, any program that is compiled for GraalVM can share libraries with other programs that is likewise compiled. Developers can write in different languages but still maintain interoperability and code reuse across them all. This also allows developers to continue to use code written in “older languages” while migrating to a new one. Similarly, it allows the continued used of majority language, such as Java, while leveraging languages that are built for specific purposes, such as R. Another advantage of GraalVM is ubiquity. One VM for multiple needs means fewer VMs to provision and update across IT servers and containers. That can be a serious time saver and makes maintaining large and complex systems a bit easier.

GraalVM is also embeddable. The ability to build plugins using GraalVM was one of the reasons that Oracle started the Graal project. By creating GraalVM compatible code that can be embedded in an Oracle Database opens the door to customers extending their Oracle databases. This is clearly better than writing code outside the database for common query-related processing.

At the moment GraalVM only supports a handful of languages – in other words, it does not have ubiquitous support for all common programming languages. The mainstays of Microsoft application programming, Microsoft CLR based languages such as C# and F#, are not available. Obviously, languages that are native compiled, such as C, C++, or Go, won’t run on GraalVM unless they can be compiled for it. This will probably limit GraalVM to the Java and open source language crowd that is dabbling in Node.js JavaScript for microservices or R and Python for analytics. Another small hang-up is that Ruby, R, and Python are listed as “experimental.” This should inhibit deployment of these languages in production environments using GraalVM. That is a temporary issue that time will hopefully solve.

GraalVM has serious potential. It can simplify a complex VM landscape and allow choice in programming languages without proliferation of VMs and libraries. At the moment, it’s mostly potential, especially given the limited range of supported programming languages. That potential, however, is the reason why GraalVM is worth keeping an eye on.

Blockchain! What is it Good For?

Blockchain

This blog post was also published on Amalgam Insights.

Blockchain is one of those up and coming technologies that is constantly being talked about by vendors and pundits. Many of the largest IT companies – IBM, Microsoft, and Oracle to name few – plus an industry group or two are heavily promoting blockchain. Clearly, there is intense interest, much of it fueled by exotic sounding cryptocurrencies such as Bitcoin and Ethereum. The big question I get asked – and analysts are supposed to be able to answer the big questions – is “What can I use blockchain for?”

To begin with, the best applications of blockchain are those that require an authenticated source. Blockchain (sort of) provides an immutable proof of the a virtual or material object’s authenticity. Using cryptography to generate unbreakable codes (for the moment) that take a lot of resources to generate insures that hacking the authenticity of a blockchain is not feasible. This is what made it attractive as a currency. Blockchain makes it hard to create a forgery of the “coin” while supporting changes of ownership.

Another indicator that blockchain may be useful for an application is when lack of a central authority to manage transactions is desirable or unattainable. Blockchain allows for participants to interact as peers without a clearinghouse to moderate the transactions. Credit cards, for example, are transactions between consumers who want to buy something and merchants who want to sell them. Visa, American Express, Discover, and Mastercard enable these transactions by clearing them between the banks of the buyer and seller. Without the clearinghouse, credit cards wouldn’t work. In the case of Bitcoin, changes in ownership are recorded in the blockchain that underlies the currency and distributed to all parties participating in Bitcoin.

I’m oversimplifying the complexity of blockchain, of course. That doesn’t change the fact that the best blockchain applications will be those that require authentication and lack a central authority to grant it. Some examples of these type of applications are:

  • Material supply chains. Blockchain holds promise as a way to inhibit counterfeit parts from entering the supply chain. The blocks in the chain represent parts that can be transferred from owner to owner. This would produce a history of where the part originated and where it has been as it moved through the supply chain. A hash can identify the part and the ledger agreed to by all participants in the supply chain since they all have a copy of it.
  • Transportation. Similar to material supply chains, blockchain shows potential to help track shipments along a series of routes, even while the shipments change hands between different carriers. This can keep shipments from being diverted or stolen.
  • Smart contracts. Blockchains can represent a contract, it’s amendments, and agreement to the final document. Unlike many electronic contracts, all parties would have a complete copy of the entire history of the agreements made within the contract and it will be hard to dispute the “signatures” later. The contract can be agreed to without a third party, such as Docusign, or the potential for forged signatures.
  • Professional credentials. It is not news that job seekers will sometimes inflate or falsify their academic credentials. In some cases, job seekers go so far as to claim doctorates that they never earned. Now, imagine how easy it might be to claim technical credentials that are conferred by training organizations that may not exist forever. There are also plenty of professions such as medical, dental, and law, where a constant stream of new learning is required to maintain licensing. In all of these cases, blockchain could be used to create a trustworthy method of verifying credentials that can easily be shared with anyone to prove their authenticity.
  • Personal identification. Almost everyone has had their email system hacked at some point or another. This is an example of someone stealing an aspect of someone’s electronic identity. The same is true for credit card numbers, social security numbers, and other forms of personally identifying information. If personal identification was actually a blockchain, this would be much more difficult since thieves would have to steal something that is never shared online. Blockchain hold the promise of online authentication that is harder to hack then even two-factor authentication.

Some of these are purely speculative though plausible. Others, especially the professional credentials, transportation, and material supply chains applications are already under development.

Like so much interesting technologies, the hype is a bit early and probably overstates the technology. We shouldn’t let the hype undermine blockchain’s potential nor dissuade developers from exploring its usefulness. There are so many instances where authentication of transactions is hard but necessary and a central authority doesn’t exist or is undesirable. These are just the early emerging applications – the low hanging fruit – and it is hard to predict the good ideas developers will come up with for blockchain.