- Deaths knell for DoS extortion?
- Microsoft MIX07 conference to begin
- UK Dept. of Health admits data incident
- TJX slapped with class action suit by banks
- Microsoft releases public beta for Longhorn
- Web services transaction spec approved
- Microsoft hails BizTalk Services
- Collaborative software ventures merge
- Microsoft to ship client security products in May
- BEA ponders event-driven architecture
April 30, 2007 | Comments: (0)
Deaths knell for DoS extortion?
I'm always reluctant to believe arguments that some type of IT attack is dead. Remember those e-mails from two years ago about "spam is dead," or a year ago bout "no more worms?"
However, Symantec Security Response Engineer Yazan Gable posted a new blog on the company's Web site that offers some very intriguing conclusions about so-called denial-of-service extortion attacks and why they might be going away.
The simple fact is that the DoS threats (pay us money or we'll take down your network) are no longer as profitable as other alternatives, according to Gable, specifically because they put a big target on both the parties carrying out the attacks and their botnets, which could be used to carry out more profitable, and stealthy, schemes.
Putting yourself and your botnet at direct risk by specifically targeting some organization who will likely hire someone to fight you or track you down just isn't worth the effort, it would seem, when you could do something as crafty as bid up malware-laden ads on Google to distribute spyware, for instance, while keeping a much lower profile.
Gable writes:
"The thing is that DoS attacks are loud and risky. Whenever a bot-network owner carries out a denial-of-service attack they run the risk of losing some of their bots. This could happen either because an attacking computer is identified and disinfected, or if it is simply blocked by its ISP from accessing the network.
Furthermore, if the bot-network owner isn't careful they could lose their entire bot network if their command and control server is identified. Since a DoS extortionist has to carry out at least one successful DoS attack before they can even demand their pay, they run some serious overhead risks."
The DoS extortion model itself also commands a lot of foot work that other attacks don't require -- namely -- following through on your threats if you don't get paid. Gable said that nonpayment is one of the biggest issues for hackers, just like it is for legitimate billers.
"For a DoS extortionist this is the worst scenario because they have to risk their bot network for nothing at all. Since the target has refused to pay, it is likely that they will never pay. As a consequence, the attacker has to spend time and resources on a lost cause."
As a result, the researcher predicts that more hackers will move back to… Spam!
Well, it's a good thing spam is dead!
Posted by Matt Hines on April 30, 2007 09:51 AM
April 27, 2007 | Comments: (0)
Microsoft MIX07 conference to begin
Microsoft on Monday begins its MIX07 conference in Las Vegas, to talk up its graphical application design and Web development strategies.
The company officially declined this week to elaborate further on specific revelations planned for the conference. But it is already known that a beta release of the company's Silverlight technology, formerly called Windows Presentation Foundation Everywhere, is planned for release at the show. Silverlight is a browser plug-in expected to rival Adobe's Flash technology for graphical presentations and multimedia.
Microsoft at the event is expected to reveal plans to offer some source code to Silverlight via open source. Adobe this week, meanwhile, announced it would open-source its Flex SDK for Web development, enabling developers to make modifications to it.
A quick look at the session agenda for MIX07 reveals topics such as AJAX (Asynchronous JavaScript and XML), Amazon Web services and one session questioning whether ASP.Net and PHP (Hypertext Preprocessor) can get along.
The company's Expression design tools line, Visual Studio development platform and LINQ (Language Integrated Query) technologies also will get attention.
Ray Ozzie, the creator of Lotus Notes and now chief software architect at Microsoft, will give a keynote presentation at MIX07.
Despite Microsoft's tight-lipped approach of late, this has not stopped speculation by Miguel de Icaza, vice president of the developer platform at Novell, from making his own guesses about the show in his blog. De Icaza is perhaps best known as one of the authors of the Mono platform, which enables .Net applications to run on Linux.
Among other predictions, de Icaza forecast a version of Silverlight for Linux and an announcement about a dynamic language runtime. But he acknowledged his predictions were just that - guesses. "I have no idea what they are gong to be announcing," de Icaza said in an interview on Friday afternoon.
Microsoft declined to comment on the blog.
Posted by Paul Krill on April 27, 2007 03:07 PM
April 27, 2007 | Comments: (0)
UK Dept. of Health admits data incident
The United Kingdom's Department of Health is apologizing publicly for an IT misstep that resulted in the exposure of hundreds of doctors' personal information online.
According to reports in the nation, including IDG's Computerworld UK affiliate, the British DHS mistakenly published an Excel spreadsheet bearing the affected individuals' details -- including their addresses, phone numbers, sexual orientation and previous convictions (yikes!) -- on an unsecured section of its Web site for several hours yesterday.
The incident comes just a month after the nation's DHS was forced to offer interviews to a number of doctors whose online submissions to the organization's Medical Training Application Service (MTAS) were mistakenly rejected.
DHS officials said that they were uncertain exactly how long the detail-laden Web site, first reported by the UK's Channel 4 News, was up-and-running online, but estimated that it was live for at least several hours.
One can only imagine what types of identity fraud schemes people could cook up with such targeted data. Not only do any potential identity thieves know quite a bit about their targets in general, but they also know that the medical professionals likely make enough money to have something worth stealing.
The DHS issued an apology statement that reads:
"We apologize to any applicants whose details have been improperly accessed. This is a very serious matter and is under investigation."
"This URL was made available to a strictly limited number of people making checks as part of the employment process. This information was never publicly available through the MTAS Web site and was only accessible for only a short period of time after details of the URL were leaked."
"The MTAS team fixed the problem as soon as it was brought to their attention."
Posted by Matt Hines on April 27, 2007 09:04 AM
April 26, 2007 | Comments: (0)
TJX slapped with class action suit by banks
At this point, you've heard about the massive data breach at Massachusetts-based TJX Companies. You know, the Largest Data Breach of All Time in which malicious hackers owned the company's payment system for around two years, repeatedly breaking in, planting malicious programs and ferrying off sensitive credit card and banking card data on tens of millions of TJX customers?
Yeah, that one.
Well, as it turns out, consumers weren't the only ones who got hit by TJX's cluelessness. Banks -- especially in states like Massachusetts -- were also hard hit. Why? Because under current federal law, its banks, not merchants, who have to pay to make customers whole again: forgiving fraudulent purchases on credit and debit cards and, of course, cancelling compromised cards and bank accounts, then issuing new ones to their customers. Needless to say, that's an expensive process, especially when you've got to repeat it 45 million times, as banks across the country will have to do in the wake of TJX. Not surprise, then, that banks aren't taking this sitting down.
TJX already faces lawsuits from individual banks in the wake of the compromise. But on Tuesday, the Massachusetts Bankers Association took it up a notch: filing a class action lawsuit against TJX in U.S. District Court in Boston that seeks to recover damages in the “tens of millions of dollars.” The MBA is being joined in the suit by the Connecticut Bankers Association (CBA), the Maine Association of Community Banks (MACB), and individual banks as co-plaintiffs, MBA said.
The three bankers associations represent nearly 300 banks and include a slew of smaller local outfits like Saugusbank, Eagle Bank, Collinsville Savings Society in Collinsville, Connecticut. MBA said it expects many other banks to join as the suit progresses.
MBA claims that its members have faced "dramatic costs" in the wake of the massive hack and that the banking associations are filing the lawsuit to protect customer privacy and data security for customer
accounts (awww...isn't that nice!). The truth has more to do with the bottom line: New England is a hotbed of TJX stores and local banks are among the hardest hit in the nation by the TJX slip up, second, maybe only to California. And, at $25 a pop to replace stolen cards, banks have been bleeding money to clean up after the breach, with reports of "hot" (or stolen) cards still rolling in, according to an MBA statement attributed to Daniel J. Forte, president and CEO of the MBA.
MBA also thinks it has a chance to win in court against TJX, even though similar suits against hacking victims like BJ's Wholesale failed. (BJ's eventually settled with the FTC over the incident.)
“There are significant differences between this case and prior data breach lawsuits such as the BJ’s cases in Pennsylvania,” Forte said. “We think we have an advantage trying the case here in Massachusetts; when the BJ’s cases were argued in Pennsylvania, the plaintiffs did not include an unfair trade practices statutory claim, and Massachusetts law allows these claims," he said.
Banks want to prove that TJX misrepresented its handling of sensitive financial information (saying it was secure, when it wasn't). The group also wants to raise the stakes of data breaches for merchants, which they argue are the source of most breaches, but bear few of the costs.
If nothing else, TJX has given fuel to debates about passing stronger electronic privacy laws. So far, most of the initiatives on such laws have been industry-based, such as the Payment Card Industry (PCI) security standards.
Posted by Paul Roberts on April 26, 2007 08:44 AM
April 25, 2007 | Comments: (0)
Microsoft releases public beta for Longhorn
Microsoft released on Wednesday the first publicly available test version of Windows Server "Longhorn."
Beta 3 of the next version of Windows Server is available for evaluation. The final version of the server OS is due to ship in the second half of 2007.
"As they take it for a test drive, our customers and partners will find we made some vast improvements in Windows Server 'Longhorn' to help them reduce costs and adapt to changing business needs," said Bill Laing, general manager of the Microsoft Windows Server Division, in a statement released by the company. "Between early adopter customers and Microsoft IT, we have hundreds of servers running in production environments today. If there's one message we want to send today, it is get ready, download and evaluate."
Longhorn features simplified management, including remote administration tools and Windows PowerShell scripting, the company said. Security has been enhanced through a Server Core installation option that reduces the server footprint and potential attack surface.
Simplified failover clustering, dynamic partitioning and other system management features are included as well to provide interrupted network access, Microsoft said.
Beta 3 is accessible here.
Posted by Paul Krill on April 25, 2007 06:22 PM
April 25, 2007 | Comments: (0)
Web services transaction spec approved
OASIS has approved as an official standard WS-Context 1.0, bolstering Web services in transactional environments.
Specifically, WS-Context defines a framework supporting coordinated and transactional compositions for multiple Web services applications, OASIS said on Wednesday. WS-Context ensures that multiple Web services deployed in a variety of execution environments behave as if they are being deployed in a single, consistent environment, according to OASIS.
"For example, an organization's SOA may require security information, conversational session information, database and file handles and process IDs, among other services, to be shared across multiple execution environments built on different platforms. WS-Context ensures that the Java, .Net, and other Web services in the enterprise all behave similarly and as expected at runtime," said Martin Chapman, co-chair of the OASIS Web Services Composite Application Framework Technical Committee and an Oracle official, in a statement released by OASIS.
"When Web services are used in combination, the ability to set the boundaries of an activity (such as start/end or success/failure) and to inform participants of changes to activities become extremely important," explained Eric Newcomer of Iona Technologies, also a co-chair of the committee, in the statement.
"WS-Context provides standard, interoperable ways to demarcate and coordinate Web services activities. Business process transactions can be recovered predictably and consistently with WS-Context, and the standard allows participants to define their relationships with one another," Newcomer said.
Other companies besides Iona and Oracle that participated in development of WS-Context include Red Hat and Sun Microsystems.
Posted by Paul Krill on April 25, 2007 03:19 PM
April 25, 2007 | Comments: (0)
Microsoft hails BizTalk Services
Microsoft has unveiled a Community Technology Preview (CTP) of BizTalk Services, which is part of the company's "Software+Services" vision.
BizTalk Services focuses on enabling developers to integrate services across internal enterprise systems, systems running at business partners and Internet services. BizTalk Services features Internet-hosted services to help developers build and run composite applications at an Internet scale. Featured are hosted versions of technologies developed in the Microsoft Connected Systems Division.
The BizTalk Services platform includes an "Internet Services Bus," which is similar to but different than a traditional enterprise service bus, Microsoft said. An ESB provides connectivity that stops at the corporate firewall, while the Internet Services bus accommodates applications that span networks. Capabilities are provided for workflow, identity and access management. Also, data can be moved between end points regardless of the location of firewall.
Microsoft's Steve Martin, director of product management in the company's Connected Systems Division, covers BizTalk Services in his blog. The CTP is available here.
Also, Microsoft began on Wednesday its Financial Services Developer Conference in New York City. The event brings together technical persons from financial services firms to preview Microsoft technologies. Topics will be covered such as application performance analysis, writing secure code and building Web sites with Microsoft's ASP.Net AJAX technology.
Posted by Paul Krill on April 25, 2007 11:16 AM
April 24, 2007 | Comments: (0)
Collaborative software ventures merge
CollabNet has purchased SourceForge Enterprise Edition from VA Software, a move that CollabNet said places the two leading collaborative software development platforms under the one roof.
The acquisition, announced late on Tuesday, also enables CollabNet to take market share from the IBM Rational legacy development platform, CollabNet said.
"This transaction makes us stronger and bigger from a team perspective and a technology perspective," said Bill Portelli, CollabNet CEO.
With distributed development opportunities opening up, CollabNet wants to expand and believes it offers a more scalable, Web-based solution than the IBM Rational platform, Portelli said. CollabNet will support both the CollabNet and SourceForge product lines going forward but plans to merge the lines in 2009.
Under terms of the purchase agreement, CollabNet has acquired the SourceForge Enterprise Edition business from VA Software in consideration for an equity ownership stake in CollabNet and an undisclosed amount of cash.
CollabNet provides a collaborative platform for globally distributed software development. Project members can work as a team regardless of location. The company also is a primary sponsor of the Subversion open source version control system.
SourceForge also is a collaborative software development platform. By acquiring SourceForge customers, CollabNet triples its installed base, said Portelli.
While CollabNet offers products mostly on a hosted, SaaS basis, SourceForge has been predominantly used behind the firewall, Portelli said.
SourceForge customers get access to CollabNet technologies while CollabNet customers can access SourceForge capabilities such as clustering and software configuration management.
Collabnet will integrate some VA Software employees into the CollabNet organization.
"SourceForge Enterprise Edition customers and VA Software employees will substantially benefit from this combination of the two leading collaborative development teams and solutions," said Ali Jenab, CEO of VA Software, in a statement released by CollabNet an VA Software. "With our equity ownership in CollabNet we demonstrate our continued belief that demand for quality collaborative software development solutions continues to grow."
The VA management team now will focus on growing core online media assets such as SourceForge.net, Slashdot.org and Linux.com, Jenab said.
Posted by Paul Krill on April 24, 2007 05:01 PM
April 24, 2007 | Comments: (0)
Microsoft to ship client security products in May
Microsoft is preparing to ship the final version of its Forefront Client Security package, its most aggressive entry yet into the anti-malware and desktop security space.
In a meeting with customers in The Netherlands on Monday, Microsoft CEO Steve Ballmer revealed that the much-awaited product will likely arrive sometime in May.
Redmond, Wash.-based Microsoft has had a test version of the software -- meant to ward off advanced malware threats such as spyware and root kits -- available since Nov. 2006.
Ballmer said that the package will comprise an integrated suite of desktop security tools whose functions range from testing device security posture to fending off viruses.
"Our client product is shipping in the next month or so and it really does do hygiene, security and anti-virus all the way down to the client level," Ballmer said.
Video of the event is available at IDG Nederland site Webwereld.
Microsoft is hosting a similar session to detail its security plans with U.S. customers and partners at The Beverly Hilton in Beverly Hills, Calif. on May 2.
Ballmer pointed out that the client security piece joins Microsoft's existing Forefront security tools for its SharePoint and Exchange platforms, along with its ISA Server software, to round out the company's burgeoning entrée to the market.
He said that Microsoft has "very robust plans to enhance and update" its product lines, and that it will also soon launch a new product that offers firewall services at an applications level, and another product that handles acceleration, caching and security services "at the edge of the network."
Since Microsoft announced that it would be joining the security applications sector and taking on longtime partners including Symantec, McAfee, Trend Micro and Cisco Systems to carve out a niche, many detractors have pointed out that large businesses won't trust Microsoft to defend its own products, vulnerabilities in which remain the most pressing IT security issue today.
Ballmer broached the topic and said that Microsoft can play an important role while retaining tight relationships with those firms.
"Some of our customers viewed this [move into offering security products] a little controversially and asked if we could solve these problems at a root level, why is there a need for extra products," Ballmer said "But we also live in a world where the bad guys are getting smarter all the time and it is important to lock down core infrastructure and protect around it in a way that is more dynamic."
"Despite our entry into the security business, we will continue to work well with companies like Symantec, McAfee, CA and IBM that have their own lines of security product," he said. "We will be the best and earn it, but many others will want a heterogeneous environment and we will continue to work with those vendors."
"This is a major investment for us, it's a very serious investment for us, we know that if you choose to adopt these products they instantaneously become mission critical in your environment," Ballmer said. "So, we're very focused on doing a very good job not only in launching these products but in providing appropriate services so that you can be successful with them."
Posted by Matt Hines on April 24, 2007 09:56 AM
April 23, 2007 | Comments: (0)
BEA ponders event-driven architecture
BEA Systems plans in late-May to update its product roster with offerings in the event-driven architecture and real-time processing spaces, according to BEA correspondence received on Monday
The company is planning a new product in event-driven architecture that will enable event-driven SOA. BEA also will announce the latest version of its WebLogic Real Time server, which offers real-time processing services for applications such as financial services. The product set has featured the WebLogic Express 9.2 application server and the JRockit Runtime Analyzer tool.
Also planned by BEA is general availability of WebLogic Server - Virtual Edition. This product is intended to enable Java applications to run better on virtualized hardware.
The three products together provide a foundation for "extreme transaction processing," which allows enterprises to respond to complex computing environments and changing business conditions quickly, BEA said.
Also at BEA, Bill Roth, BEA vice president of marketing in the company's Workshop Business Unit, offers his predictions for the upcoming JavaOne conference in a blog entry posted on Monday. Roth anticipates Web 2.0 themes at the event.
Posted by Paul Krill on April 23, 2007 04:02 PM
April 19, 2007 | Comments: (0)
Tech firm kickback scandal could claim many victims
The Department of Justice threw its weight behind three whistle blower lawsuits that contend some of the nation's leading IT firms have been overcharging the U.S. Government for services and supplies, by way of a large scale "alliance" between companies that provided kickbacks and discounts that the government never saw.
As Grant Gross of the IDG News Service reports, the DOJ is backing three cases filed in 2004 by Accenture employee Norman Rille in U.S. District Court for the Eastern District of Arkansas. Rille alleges that three companies: HP, Sun and Accenture submitted false claims to the U.S. government on "numerous" government contracts since the late 1990s.
But the list of companies who may have had their hand in the government's till is much longer -- almost three dozen companies that reads like a who's who of the tech sector: Cisco Systems Inc., Microsoft Corp., IBM Corp., Dell Inc. and Oracle Corp. and on and on.
Fishy business deals between and among IT firms doing business with the government are no secret, says Alan Paller of the SANS Institute, an IT Professional association.
IT professionals who worked within the beltway have long known about what was often referred to as "SPIFF," a business term that typically refers to small, immediate bonuses paid to salespeople for selling a particular product. In the world of government IT contracts, it was often used to refer incentives and extras paid to companies that resold to the government, Paller said. The end result was that the cost of services and products sold to the government got inflated, he said.
"This could be the equivalent of the backdating of options scandal," said Alan Paller of The SANS Institute, an IT professional association. "It's the equivalent not just because it will bring some of these companies into ill repute and their officials into jail, but also because it's something that was very widespread --so widespread that people thought it was OK," he said.
While Paller isn't critical of government IT purchasing per se, he thinks that paying inflated costs for basic goods and services leaves less money available to tackle important tasks -- like IT security.
If found guilty, the firms named could be forced to pay triple the amount of losses in addition to civil penalties. While its not clear how much the DOJ reckons it has lost as a result of the alliance kickbacks, the numbers involved are likely to be quite large.
Accenture reported that its Government operating group reported revenue of $655 million and profits of around $93 million in the quarter ending February 28, and profits of $120 million on $1.2 billion in revenue in the last two quarters.
Posted by Paul Roberts on April 19, 2007 01:35 PM
April 19, 2007 | Comments: (0)
Fake news gets top bill at MySpace
MySpace went live today with a news aggregation Web site: news.myspace.com. The site is based on technology MySpace parent Fox Interactive acquired when it scooped up zgotic startup Newroo back in March, 2006. According to the folks over at TechCrunch (and who are we to question!), Newroo's technology indexes and groups blog posts based on topic, showing emerging news in real time.
TechCrunch, reporting today, quotes Newroo cites Brian Norgard and Dan Gould as well as Fox Interactive Labs head Dan Strauss (talk about well-sourced!) saying that MySpace news will pull news items from "a number of trusted sources via their RSS feeds."
News items are organized into 25 main categories and 300 sub-categories. The order of the news items is set by user voting, taking into account the freshness of the news. So far, however, users can't submit stories directly, according to TechCrunch.
MySpace and Fox are hoping to tap into some of the link love that sites like news.google.com and Digg.com have enjoyed. In particular, the site takes a page out of Digg's book, allowing readers to vote for stories they like, giving those stories top billing on the site. The technology used to select stories for Google's news site is more opaque, though the company does allow that it crawls designated news sources, then uses computer algorithms to select news stories.
But allowing anybody to promote a story for a self-described "news" Web site were immediately apparent on Thursday, hours after news.myspace.com launched. The top billed story on the page:
"Brady Quinn: 'I'm Going to Be a Bust," is actually a spoof sports story from The Onion about Notre Dame Quarterback and top NFL draft prospect Brady Quinn who, according to The Onion, told scouts interviewing him that he'd likely fail in the NFL.
That story was accompanied by coverage of Chicago White Sox pitcher Mark Buehrle's no hitter against the Texas Rangers on Wednesday.
News from astrology Web sites ranks high on the news site, as did a vitriolic piece from right wing political blog Scrappleface with inflammatory and invented quotes attributed to Senator and presidential candidate Hillary Clinton in response to the Supreme Court's decision to uphold the 2004 Partial Birth Abortion ban. More mainstream coverage of the Virginia Tech shootings from the New York Times, MSNBC and Reuters also ranked high.
Of course, even established news aggregation sites like News.google.com have their eccentricities. And news.myspace.com is only a few hours old, so it has yet to attract the following that make sites like Digg.com and slashdot.org entertaining, interactive and mostly accurate. Time will tell whether this site ends up being a source for news...or just entertainment.
Posted by Paul Roberts on April 19, 2007 08:47 AM
April 18, 2007 | Comments: (0)
Web 2.0 surprise: Let's hear it for old folks
Bill Tancer, GM at Web research firm Hitwise, shook up the crowd yesterday at the Web 2.0 conference by revealing that the emperor --while possibly not stark naked -- is severely underdressed. According to Hitwise research, only a minute fraction of users are generating and uploading content to all those Web 2.0 sites built around "user-generated content." Just .16% of users are adding their own content to Web 2.0 poster child Youtube, and photo site Flickr does only a little better, with .2 %. The winner here is Wikipedia, with 4.5% participation. The rest of the crowd is just voyeuristic Then again, I've never noticed Youtube suffering from a lack of content, so maybe a fraction of a percent is a completely sustainable model.
But the real story, to me, is the surprising age distribution of Web 2.0 content generators. Pundits always hold up Gen X and Y -- born to the Web -- as the participatory generation. But -- surprise -- it turns out that Wikipedia is built on the backs of participating 35-55 year olds. Even YouTube skews older than you'd think, with most active uploaders weighing in north of 35. In other words, old farts rule. As a card-carrying oldish guy myself, I say bravo. Now it's time for my nap.
Posted by Steve Fox on April 18, 2007 02:07 PM
April 18, 2007 | Comments: (0)
Universities scramble for notification technology
In the wake of the horrific mass shooting at Virginia Tech on Monday, colleges and universities in the U.S. are scrambling to buy notification technology that will allow them to connect with wired college students via cell phone, e-mail or SMS.
Ken Dixon, vice president of sales and marketing at MIR3 of San Diego, which makes emergency notification and disaster recovery software, says his company has been deluged with calls and e-mail since the shootings.
"We've heard from the University of Michigan, the University of San Diego, the University of Chicago, the ivys, a bunch of Big 10 schools," said Dixon.
The company has not spoken with anyone from Virginia Tech, he said.
Administrators at colleges and universities may be shaken by criticism of Virginia Tech's handling of the April 16 shooting, during which two hours passed between two fatal shootings by disgruntled student Cho Seung-Hui is a fatal dorm shooting, during which time many students went to classes, unaware that anything was amiss.
The university's decision to send an e-mail to students warning them of the violence has been criticized as too passive, with many students complaining that they did not check their email account before heading out of their dorms.
University officials have been quoted in reports saying that there was no easy way to contact Virginia Tech's tens of thousands of on and off campus students, employees and faculty. But Dixon, of MIR3, said that his company's technology does allow customers to quickly and automatically reach out to tens of thousands of people using a variety of modes -- from phone calls, to SMS text messages, to e-mail.
The technology, which costs organizations around $100,000 a year to license, is mostly used by businesses and municipalities for IT alerting and business continuity planning, Dixon said.
The company counts Shell, Visa and Bank of America as customers, as well as local governments in Florida and other states. In recent days, though, it's been universities who are clamoring for the MIR3 technology.
"The phone has been ringing constantly," he said. "They're in reactive mode now. Asking 'how do we fix this system?'"
Customers can specify multiple modes of communications, and collect responses from recipients. They can also automate a hierarchy of communications, starting with phone calls or e-mail, then switching to SMS, pages and the like for individuals who don't respond, he said.
Being able to reach students via cell phone is particularly important these days, said Dixon. "Every student is tethered to their cell. Your communication has got to be through that device," he said.
MIT (The Massachusetts Institute of Technology) also uses the product to notify IT personnel of events, but may expand it to communicate with students as well, Dixon said. (MIT hasn't yet responded to a request for comment on its plans. )
But emergency notification technology is no easy fix, said David Escalante, CSO of Boston College in Chestnut Hill, Massachusetts.
"Anytime something like this happens, there's an interplay between the people who are concerned about mitigating the situation and the difficulty of doing the things necessary to mitigate it," he said.
BC is in the process of sorting out its own emergency response plans, following the Virgina Tech massacre.
"We're moving in the direction of implementing something but we're not there yet," he said. Among the challenges universities like BC face are reaching commuters and off campus students in a timely manner, especially when they might not be on campus and know there's a problem.
Loudspeakers are good for on-campus students, but not for commuters or students who aren't on campus.
Cell phone notifications are promising, but could pose problems in classroom environments, if students begin to treat text messages to their phone as communications of the utmost importance that trump lectures or exams, he said.
"We've been telling students not to look at their cell phones during exams because we're worried that friends may SMS them answers to tests. So what do we say now?" Escalante noted. "And, if you have a system where you can broadcast to everyone and it gets used too much, people won't pay attention," he said.
Dixon said those fears are real, but that his company's technology -- which requires and monitors responses to messages, can mitigate some of the problems.
The biggest barrier to schools adopting the technology so far has been a concern for student privacy and cost, he said.
Posted by Paul Roberts on April 18, 2007 01:21 PM
April 18, 2007 | Comments: (0)
Corporate makeover, Web 2.0-style
If the vibe at this year's Web 2.0 Expo is any indication, the corporate customer-facing Web is in need of a serious makeover. And though the bugbears of user experience brought up at the conference -- inexcusable latency, insipid presentation, limited user control of data display and categorization -- are certainly well-established, in some cases, Web 2.0's answer may in fact be a vector-in-progress pointing toward a new set of warts rather than a cure.
In a presentation entitled "Corporate Makeover: Web 2.0 Edition," well-known designers took a crack at redefining large corporate Web sites with the tenets of Web 2.0 design, features, and user experience in mind.
"It is about putting services back in people's hands," Tom Hobbs, of the experience design group at Adobe, said in overview of the tenets of Web 2.0 design. But as much as the options opened up by the Web 2.0 design ethos succeed in putting users in control of their own site visitation destinies, the overall impression is that of a paradigm in which the designer remains more than essential, but central.
Central to the ethos appears to be an exuberance for anticipating every permutation of the user's experience throughout the design phase, oftentimes to the point of overstuffing. Category slicing for every possible data segment, tagging for every structurable element, relevancy meters of all ilk tracking back to myriad other users' opinions, immediate access to maps that plot any data entry in the browser that hints of location -- in many cases, simply because it can be done. And though there is wisdom in providing users with encapsulated previews to better inform them of the payoff of their next invested click, the proliferation of rollover scripts on many of these site designs seem intent on occluding access to the information presented on the present page, superimposing a trembling layer of where-next teases intent on making you sticky, a structure for encapsulating many possible futures into the present tense, begging the question of whatever happened to the here and now of the here and now?
"It's about guiding from one place to another," Hobbs said, in a sense summing up the panel, which by and large suggested that the competition for providing the most complete user experience has transformed into a competition for attention among islets of content themselves.
To be fair, the Adobe design Hobbs presented for a banking site proved more than compelling -- a worthwhile, trustworthy banking Web app, rather than the banking equivalent of a fantasy baseball information site UI. But with Adobe's design prowess, dedicated user experience team, and Hobb's real-world experience designing such sites, the results were unsurprising.
Naturally, the success of the Adobe demonstration was due in large part to having a team dedicated to reminding developers that one day there will in fact be actual, variably technically adept users on the other end of the line. Many in the Web 2.0 crowd simply don't have the resources or proclivity to incubate practical user experience design for corporate sites. That said, many of the innovations of the Web 2.0 movement (tagging, offering multiple views of the same content, and so on) are certainly worth incorporating in the corporate Web environment.
Next year, "Corporate Makeover, Web 2.0 Edition" will be a competition open to all attendees. Should be interesting to see where a year of Web 2.0 maturity and innovation will lead.
Posted by Jason Snyder on April 18, 2007 01:11 PM
April 18, 2007 | Comments: (0)
Google Presentation just another 'Docs' feature
Google's planned presentation application will be just another feature of the Google Docs application, Rajen Sheth, product manager for Google Enterprise Applications told InfoWorld.
[ Hear podcast: Google's Rajen Sheth discusses its latest acquisition ]
Rather than appearing as a separate application within the Google Apps suite, the new Google presentation features will be just another feature, along side the document and spreadsheet features that are accessed by clicking on Documents within the Google desktop environment, he said.
"What you'll see is similar to something like Google Docs. In terms of naming and branding, the way we look at it is as a feature of Google Docs and Spreadsheets," Sheth said.
That decision is consistent with the approach Google took when it unveiled its Docs and Spreadsheets features in February, 2006. Rather than treat each application separately, as Microsoft Office does, Google combines them within a user environment built around collaboration and online sharing.
Google CEO Eric Schmidt unveiled plans for the new application yesterday at the Web 2.0 Expo in San Francisco. The application, which will use technology Google recently acquired from Tonic Systems, a Java-based presentation software firm with offices in the Bay Area and Melbourne, Australia.
Google is still developing the product and can't say yet what the core features will be when it is unveiled this summer. The company is also trying to figure out exactly what role the Tonic technology will play in the final product, Sheth said.
"They have a lot of expertise in presentation file formats and presentation software in general. They're going to be adding that expertise into the mix here and that will,in the end, make it a better product," he said.
While CEO Schmidt was greeted with skepticism if not outright laughter when he tried to suggest that Google wasn't trying to take on Microsoft and its Office franchise, Sheth confirmed his company's view that comparing Office and Google Apps is like comparing apples (no pun intended) and oranges.
"I think a lot of traditional office tools were built on the notion of individual productivity -- you built tools that were there to make one person on one PC very productive. What's missing is team productivity -- the ability to make it so that people working on things together can quickly publish and share information with coworkers or others outside the company or friends. Thats where this adds to it," Sheth said.
In fact, "traditional office tools" as Sheth calls them (aka Office) only cover one fourth of what Google considers must have functionality: document creation. The other three fourths -- collaboration, document publishing and retrieval (aka search) aren't part of the traditional Office suite, but are central to Google's vision.
"A lot of traditional office applications grew up in a world before the Internet was widely available. (Google) Apps have grown up in a world that's based on the Internet. Because of that, the paradigms of how people work together are very different and things grow in different directions," he said.
Though Google Apps was initially envisioned for small enterprises, Google is seeing traction even at large enterprises and Fortune 500 firms, which are warming to the software as a service (SaaS) concept, he said.
Recent stories, like the revelation that some public Google Calendars have been leaking sensitive scheduling information from brand name companies companies is just proof that there's hunger in many large firms for the sharing and collaboration features that Google Apps offer, he said. (Noting that companies can keep confidential information from leaking out by using Google's Apps suite, rather than the public calendaring feature.)
But Sheth ruled out a full fledged marketplace for Google Apps, akin to Salesforce.com's successful AppExchange.
"Our strength is in end user collaboration applications. What Google is great at is connection to the end user. What we want to do is set a framework for how people can collaborate, but allow extensions to that framework so that customers can customize and collaborate in ways that are specific to their industry or applications," he said.
For now, Google is happy with what it is seeing on forums like Google Gadgets, where third party developers can post their Google Desktop add-ons for download, and from its Google enterprise professional program.
As for the future, Sheth says anything is possible, given the rate of change in the tech community as Web 2.0 development and deployment paradigms take hold.
"The great thing about Web 2.0 and the development model on Web is that you can iterate things and get them out quickly ... A year and a half ago, I could not have looked you in the eye and said that we'd have a viable spreadsheet program on the Web. The same thing will happen in the next couple years, we're going to see things happen we can't even anticipate happening today."
Posted by Paul Roberts on April 18, 2007 11:42 AM
April 18, 2007 | Comments: (0)
Exec explains Apple-Cisco iPhone interoperability
In the previous chapter of the iPhone Saga, Apple and Cisco had agreed to put aside their differences and attornies and instead share the coveted iPhone name -- and work toward iProduct interoperability.
That was all well and good, except it left some people scratching their heads, wondering just what "interoperability" might mean between the Apple iPhone, which is a iPod/cell phone crossbreed, and the Cisco iPhone, which is a telephone handset designed for use on a VOIP network.
Well, Cisco Chief Development Office Charlie Giancarlo shed some light on what that interoperability might look like in a recent interview, according to reports. "Cisco wants the Apple iPhone to work with its corporate phone systems, Giancarlo said. A partnership would allow users to get the same services, such as instant messaging and teleconferencing, on their Cisco desk phones and Apple iPhones," Bloomberg reports.
Apple, meanwhile, has remained mum on the subject, perhaps still suffering painful memories from the last time it let a certain cat out of the bag.
Posted by Ted Samson on April 18, 2007 12:16 AM
April 17, 2007 | Comments: (0)
Google CEO says company isn't after Powerpoint
Call it Chutzpah 2.0: Google CEO Eric Schmidt gets up in front of a capacity crowd at the Web 2.0 Expo in San Francisco and claims that a new presentation software package that his company is unveiling isn't intended to compete against Microsoft's Powerpoint, the dominant business presentation software on the market.
That takes nerve, alright, but that didn't prevent Schmidt from saying it all the same. As reported by InfoWorld and others, Schmidt made little of the comparisons between his company's growing suite, Google Apps, and Microsoft Office.
"I don't think we compete with them. We're not as fully functional as MS Office -- we're more in line with how people use the web than how they use the desktop."
To his credit, tech guru and author John Battelle, who was interviewing Schmidt, was having none of it: "Come on!" Battelle exclaimed "This totally competes with Microsoft Office," forcing Schmidt to concede that there were similarities, despite the fact that Google Apps "doesn't have all of Office's functionality," (translation: no BLOAT) and "is more focused on Web collaboration (a.k.a "the future") than Office."
Why so coy? Two words: plausible deniability. Frankly, it does nothing for Google to come out swinging at MS Office and saying that Google Apps is a replacement for Office. First off, it may just get Microsoft to shake off its doldrums and wake up to the reality of how vulnerable their Office monopoly (and thus, their bottom line is) to a fast shift in the competitive landscape towards Web-based applications and SaaS. With Microsoft's cash reserves and competitive spirit, it's still to Google's interest to show its belly and pretend that there's no real competition, even when everyone knows there is.
In addition, playing into the media's desire to cover the "horse race" aspect of Office vs. Google Apps comparison ultimately favors Microsoft and hurts Google. How so? By allowing Microsoft to play the "feature comparison" game and emphasize the greater capabilities of the Office applications.
What Google really wants to do is change the conversation entirely, away from Windows and Office and towards things Google is happy talking about: the Web, SaaS, collaboration, presence. Continuing to talk about Windows and Office and how the compare makes it hard to do that -- you're still arguing with terms that Microsoft invented and owns. So for now, Google is happy to trade on its stellar reputation to pick low hanging fruit from the Office tree (mostly price-conscious SMBs, EDUs and non profits at this point) and to pretend as much as it can that Office doesn't exist, at least until Office doesn't exist anymore.
Posted by Paul Roberts on April 17, 2007 07:14 PM
April 17, 2007 | Comments: (0)
MS isn't charging into charger biz
Attention people of Earth: Microsoft is not going into the fuel-cell charger business.
Rumors that Redmond was entering that market started flying Friday, though, after Medis Technologies issued a press release saying it was beginning commercial sales of its Fuel Cell 24/7 Power Pack, and that its first shipment was a set of Microsoft-branded chargers.
The result: Members of the media got a little excited, as they're wont to do, and began to speculate the Redmond was poised to start selling these chargers for its Zune digital music-player line. No one at Microsoft was available for comment on the matter over the weekebd.
Today, though, Microsoft issued a statement saying it only was purchasing a "small amount" of the chargers with the intent of distributing them for free at an upcoming event, according to reports.
So there you have it. Looks like Microsoft is sticking to its roots: operating systems. And business applications. And databases. And search. And video games consoles. And digital music players. But certainly not fuel-cell chargers.
Posted by Ted Samson on April 17, 2007 04:21 PM
April 17, 2007 | Comments: (0)
An article in today's New York Times on the gender gap in computer science education further underscores the troubling trend of women opting out of IT as a career path, as reported by Carmen Noble in a recent InfoWorld feature.
Recent InfoWorld Features
Dynamic languages prove their mettle
What IT can learn from consumer tech
Rethinking business intelligence
Moreover, the article goes on to suggest that demand for computer scientists should increase in the coming years, according to the Bureau of Labor Statistics. Jan Cuny, who directs a National Science Foundation program to broaden participation in computer scientist, presents one take on the downside of the gender gap in tech education as relates to the increasing demand for computer scientists in the workforce:
"If you look at the demographics of the country, if we are not going to get our new professionals from women and minorities and persons with disabilities, we are not going to have enough."
Another problem with imbalance in the IT workforce, as Maggie Biggs assesses in her recent analysis of the trend, is that "today's global IT envrionment requires an organizational chart rife with intangibles -- not just a checklist of technical skills. And as the tenets of Web 2.0 continue to take hold, women will be an increasingly vital component of any winning IT strategy, as they tend to be effective communicators who thrive in highly distributed and collaborative environments."
Activism at the educational level is vital, as experts quoted in the Times article advocate. Companies are also getting into the education activism mix. For example, IBM and Cisco have launched highly successful initiatives aimed at inspiring girls and young women to take an interest in IT. And when it comes to keeping women in the IT workforce, many women tech leaders stress the ongoing importance of on-job mentoring.
The competition for bright minds among career tracks is stiff. And drawing from a smaller applicant pool will prove problematic for IT's long-term prospects. Especially as some feel the trend of women opting out of computing careers may in fact signal a greater migration away from IT among men in the future. As the Times article states:
"Women are the canaries in the coal mine," Lenore Blum, a computer scientist at Carnegie Mellon University, told an audience at Harvard University in March, in a talk on this "crisis" in computer science. Factors driving women away will eventually drive men away as well, she and others say.
Posted by Jason Snyder on April 17, 2007 11:43 AM
April 16, 2007 | Comments: (0)
Tragedy news travels faster via crowdsourcing
The smoke has barely cleared on the horrific tragedy at Virginia Tech University today, but already the Web, social networking and wireless technology have proven themselves, yet again, as game-changers in the world of reporting. Here are a few examples of how tech has played a role in the emerging coverage of the shooting:
Mobile video -- with this event on a campus full of wired 18-24 year olds, it's no surprise that many students captured photos and mobile video of the event as it unfolded. Perhaps the best example of this is CNN's use of a video from VT student Jamal Albarghouti, who might be remembered as the Abraham Zapruder of the VT shooting incident, after he captured a dramatic shootout between police and the gunman (gunmen?) outside Norris Hall, where many of the student fatalaties occurred. His camera of choice? A Nokia E70 Cellphone with built in video camera.
Social networking: Student-centered social networks have already figured in coverage of the shooting, with CNN, among others, citing discussions on Facebook.com that include notes from Virginia Tech students and others with knowledge of the event. In fact, those dicussions are a bit ahead of the national media with many contributors linking to TV and other reports about the individual believed to be responsible for the shootings, who he may have been (reports say an asian male, college age), what his motives where, and so on. Most of these reports are bunk, but some are true and, in true crowdsourcing style, the good stuff floats to the top.
E-mail and text messaging: Not only are e-mail and text messages connecting students on a locked down VT campus, but how to and how not to reach wired students is sure to be one of the big stories to come out of the VT shooting -- especially concerning VT's decision to keep its campus open after two people were found murdered in a dorm early in the day, then to notify students via e-mail after the decision to lock down campus was made later in the morning. No less a person than Mr. Albarghouti said that he hadn't had time to check his e-mail before heading out to morning class, and hadn't received the bulletin to students about the violence on campus. Countless other students interviewed on camera said they were unaware of what was unfolding on campus. As the Washington Post reported last month, today's students can be deceptively hard to reach, despite their fondness for cell phones, IM, texting and other communications gear.
In an ominous comment that now sounds prophetic, Gwendolyn Dungy of the National Association of Student Personnel Administrators observed in the Post article that "everyone is hoping there's not some emergency where they can't get in touch with students."
In fact, that same article notes that administrators at Virginia Tech were left scrambling to warn tens of thousands of people to stay inside after an escaped prisoner shot a guard on campus earlier in the year.
"That was a very clear indicator that the ways that we reach students are changing, that we have to stay ahead of the curve," VT spokesman Mark Owczarski was quoted saying then.
As contributors on Facebook were quick to point out, SMS based alert systems would have been a far better way to reach students than e-mail, which most cell phone users don't get.
Posted by Paul Roberts on April 16, 2007 02:35 PM
April 16, 2007 | Comments: (0)
MS-Adobe salvos fuel app-delivery debate
Lost perhaps amid the recent media-technology saber-rattling between Microsoft and Adobe Systems is the ongoing struggle for the future of enterprise app delivery that is fast taking shape.
Recent InfoWorld Features
Dynamic languages prove their mettle
What IT can learn from consumer tech
Rethinking business intelligence
Microsoft's Silverlight, being dubbed a Flash killer, will certainly provide the foundation for the company's burgeoning RIA (rich Internet application) play. But whether Microsoft can leverage its expansive install base -- and marketing/partnering muscle -- to successively chip away at the near ubiquitous Flash platform remains questionable. What will be interesting to see, however, will be how the company's forthcoming Expression package will compete with Adobe's Creative Suite in terms of delivering -- and winning the minds of those who create them -- the kind of rich Web-based apps quickly gaining traction both inside and outside the corporate firewall.
Although the practicality of and entrenched corporate affinity for desktop apps suggests they will remain a vital component of the enterprise mix for years to come, the RIA movement certainly plays to Adobe's strengths and could very well leach significant market share from Microsoft in the near future. Obviously, Microsoft's re-branding of its Windows Presentation Foundation Everywhere in the form of Silverlight suggests it is intent on not letting Adobe get too far ahead in the RIA game.
Meanwhile, the Adobe Media Player -- a desktop app aimed at Microsoft's Windows Media Player -- showcases the kind of offline functionality that can be developed using the company's Apollo framework, currently in alpha. Apollo allows developers to create applications using HTML, Flash, and Ajax and run them offline. Not only does the runtime seek to shake the popularity of Java and .Net, but by enabling the development of offline RIAs, it brings into focus a larger RIA debate, namely, whether the enterprise will more likely embrace the desktop Web app model -- as proposed by Google, for example, with its Google Apps environment -- or offline RIAs.
Apollo is not alone in the offline RIA development camp. Startup Dekoh, which will also be showcasing its platform at this week's Web 2.0 Expo in San Francisco, today announced the public alpha of its Dekoh Desktop for developing, running, and sharing offline RIAs. And certainly the debate between desktop Web apps and offline RIAs will not be reductive. Instead, enterprises will likely embrace both paradigms where use cases prove either to be the best fit.
Which apps will go the desktop Web route and which the offline RIA will be an intriguing evolution to watch, as will the edge cases where both models prove effective yet provide distinctly different competitive edges.
Posted by Jason Snyder on April 16, 2007 11:29 AM
April 16, 2007 | Comments: (0)
Microsoft to shed more light on Silverlight
Although Microsoft is unveiling Silverlight, its browser plug-in technology for rich media experiences, on Monday, the company will reveal more about the software later this month.
At the Mix07 conference in Las Vegas on April 30, Microsoft will detail development methodologies and capabilities as well as languages and tools associated with Silverlight, said Forest Key, director of product management for the Microsoft server and tools division. Silverlight previously was known as Windows Presentation Foundation Everywhere. A beta version of Silverlight is planned for release at the Mix07 show.
Key did note that the company has earmarked its Expression Studio and Visual Studio tools for use with Silverlight. Serving as a rival to Adobe's ubiquitous Flash plug-in technology, Silverlight is intended to bolster Web applications with multimedia, even extending video experiences to mobile phones.
"The development community is very interested in building these types of applications in the future, so we're very excited to be able to offer Silverlight," Key said.
Microsoft believes it offers a more standards-based approach than Flash by supporting the VC-1 video codec. But an Adobe official disagreed that.
"I would say the prevalence of Flash video in terms of usage with YouTube and MySpace would tend to counter that argument," said Pam Deziel, director of product marketing for the Adobe Platform business unit.
Given Adobe's success with Flash video, it makes sense for Microsoft to shift its own emphasis to video, Deziel said.
As far as competing with Microsoft, Deziel stressed the benefits of competition and how Adobe would still lead the way.
"I think we'll continue to innovate and lead in the [Web development arena] and that competition is good both for the industry and for end users," she said.
Posted by Paul Krill on April 16, 2007 05:00 AM
April 13, 2007 | Comments: (0)
Google-DoubleClick: Dangerous monopoly?
Google already scares the pants off many Web site publishers. Yes, the sites love the traffic -- can't live without it, in fact. But they compete with Google for advertising dollars, often chasing the same ad dollars. To add insult to injury, it is those same Web sites' ever-expanding content base that allows Google to do what Google does.
And now, the crushing blow: Google buys DoubleClick, the service that serves up ads on a fantastically high percentage of major web sites. DoubleClick has a stranglehold on the digital advertising market, just as Google owns the search market.
I smell monopoly here, one that could be disastrous for many Web site publishers --and ultimately bad for Web consumers as well. Here's the danger: Google already knows a tremendous amount about the traffic it sends to individual Web sites -- where it comes from, what people are looking for, even some basic demographics. With DoubleClick in the fold, they will also know what ads are being served on any given page. That gives Google unprecedented insight into publishers' business. And remember, those publishers may be partners, but they are also competitors, often trying to woo the same advertisers as Google.
Web sites live and die based upon ad revenue and on charging advertisers a certain rate based upon the number of pages served and the quality of their readership/user base. I could imagine a not-entirely-paranoid fantasy in which Google can run the numbers, turn around, and offer better rates to advertisers for a similar audience. Let's say you run a fashion site and charge $100 CPM, or cost per thousand, meaning an advertiser would pay you a hundred bucks for every thousand page impressions. Google/DoubleClick may not know your CPM (though they could take a good guess based upon your traffic). But they will know who they've sent your way and how many ads you've served. With a bit of calculation, they could easily offer a slightly better deal to a fashion advertiser, offering up $90 CPMs to anyone who types in "fashion," "couture" and "Prada." Long-standing rumors that Google will soon enter the banner ad market further fuel these fears.
An ad ops guy I know who chooses to remain anonymous notes that DoubleClick has been exploring a product that would establish auctions to sell surplus ad inventory. DC wants to open an auction for those transactions. Google has also expressed interest in the remnant ad market, making Google potentially a full service media buying agency -- picking the audience, buying the ads, etc. As a combined entity, Google and DoubleClick could undercut publishers' ability to set their own CPM base, "allowing the market to set those prices."
Clearly this prospect would terrify publishers because it commoditizes advertising and ultimately makes it hard for sites to compete. That might sound great to advertisers for a while -- at least until sites started folding because they could no longer afford to stay in business.
DoubleClick has assured customers in a memo that a "change in ownership will not affect your ownership of your data. Your data remains your property and subject to the terms of your contract." That's a lovely sentiment, but I am by nature suspicious. I'm thinking many publishers will be as well.
I would not be surprised to see this one smacked down by antitrust law. Or at the very least, I'd expect DoubleClick customers will insist that a firewall be put in place that will keep the two sides of the Google/DC house from merging and mining their data.
When one company owns the railroad tracks, the trains, and the ticket office, customers may benefit in the short run. In the long run, monopolies are bad for everyone, unless you happen to own stock in the monopoly.
Posted by Steve Fox on April 13, 2007 04:22 PM
April 13, 2007 | Comments: (0)
Forrester's Latest Take on SOA
One of our all-time favorite industry analysts, Forrester's Randy Heffner, has just published a new report on SOA adoption based on a monster survey of thousands of enterprises and SMBs. His most startling finding: While 14 percent of North American and European businesses said they would adopt SOA in 2006, only 2 percent did. Put another way, actual SOA usage rose from 39 percent to just 41 percent. As Randy dryly notes, "it is apparently easier to say that a firm will adopt SOA than it is to make specific plans and follow through on them."
Randy's report goes on to say that, despite falling short in actual implementation, businesses' depth and breadth of commitment to SOA is on the upswing, especially among larger companies. Optimism knows no bounds: 75 percent of the Global 2000, for example, claim they will adopt SOA by the end of 2007.
The implication of the report is clear. SOA sounds great, but boy, is it hard. Especially on a wide scale, because doing it right generally requires rethinking how IT is organized. Right now just about everyone believes that SOA is the only way to achieve the Holy Grail of true enterprise agility (that is, a flexible app infrastructure that adapts to changing business processes). But if that was easy, we would have gotten there a long time ago.
Posted by Eric Knorr on April 13, 2007 02:02 PM
April 13, 2007 | Comments: (0)
News that the U.S. military will put an Internet router in space may mark the final frontier for the little network that could, with Iris destined to remove the link with terrestrial networks in favor of satellite-to-satellite.
From our news report yesterday:
To send a message from one remote terminal to another via satellite today requires the first terminal to send the data to the satellite, from where it is bounced back to an earth station for routing. The earth station retransmits it to the satellite on a different frequency, selected depending on its destination, and the satellite bounces it back to its destination. With the router in space, the satellite can pick the channel used to send the message to its destination. By eliminating the message's round trip to the earth station, operators can increase satellite capacity and reduce transmission times between remote terminals by using fewer hops and fewer frequencies for each message.
Seems a little full-circle is at play here too: "Iris is to the future of satellite-based communications what Arpanet was to the creation of the internet in the 1960s," Don Brown, of Intelsat General, one of the companies who will build the platform, told the BBC.
I hope that means the end of Internet monopolies such as cable in the suburbs too. But grander things are in the stars, the BBC report says.
With IP becoming more prevalent for use in space, Nasa and internet pioneer Vint Cerf have also investigated the possibility of using internet technology across the solar system.Although some work has been carried out on the necessary standards and protocols, no definite schedule has been announced for this interplanetary internet.
Surely Cerf's involvement in the movement means Google is thinking Interplanet Janet for the Internet too.
Far out? Talk back to us.
Posted by Mike Barton on April 13, 2007 01:46 PM
April 13, 2007 | Comments: (0)
Rumors are flying about Oracle's so called Project X, the details of which Oracle President Chuck Phillips will announce on Monday.
The buzz is that Oracle will release business process components abstracted from its huge portfolio of ERP and CRM applications -- and will provide a framework for reassembling them into new apps tailored to specific business needs.
Actually, Oracle has been throwing strong hints in this direction for awhile now, suggesting that Fusion middleware will provide the SOA infrastructure for a new, more modular world of enterprise applications.
The Oracle Web site teases that Project X will be "an important development initiative that has been underway to unify our broad portfolio of applications and help customers close the gap between evolving business needs and IT's ability to execute."
Ironically, one of the best descriptions of what Oracle may be up to comes from an interview I did last year with BEA CEO Alfred Chuang about the future of software.
"You will have vendors like us that will be selling platforms (and) application vendors that will be selling application components, yet they will be assembled on the fly by an end-user. End-users will be using a tool -- or they will be using templates or processes -- that will represent what their environment is. They can always go back to change the process on the fly, yet the components will continue to be usable within those processes."
I'm betting that's a spot-on general description of Project X, although obviously the "platform" as well as the applications will be Oracle's, not BEA's. We'll see on Monday.
Posted by Eric Knorr on April 13, 2007 12:55 PM
April 11, 2007 | Comments: (0)
Security alliance pitches government incentives
The Internet Security Alliance (ISAlliance) has published a white paper outlining a new set of guidelines for fighting cyber-criminals that calls on privately-held companies to do a better job of securing their IT systems, but asks the federal government to lend a hand in that work.
In the paper, ISAlliance -- a collaboration of the Electronic Industries Alliance and Carnegie Mellon University's CyLab -- lays out a set of measures it would like the federal government to adopt in order to aid, protect and reward businesses who invest in defending their operations.
The paper specifically calls on federal agencies to create incentives for private industry to utilize well established practices for improving IT security.
"The threats to the world's Internet infrastructure are real and growing," Ken Silva, chairman of the ISAlliance board of directors, and chief information security officer for VeriSign, said in a statement.
"We must intensify our efforts to convince industry to adopt and maintain best practices that will lead to a secure and sustainable system," said Silva. "The private sector knows a good deal about how to protect this infrastructure; the federal government's role ought to be to provide incentives encouraging corporations to utilize these practices."
Among the suggested policies the ISAllaince would like to see the government adopt are:
-For Dept of Commerce and Dept. of Homeland Security officials to give more attention to IT security within the context of attack preparedness
-For federal agencies to establish a mechanism which will enable companies that adopt standards-based security practices to be qualified to receive incentives.
-For private companies to be able to acquire additional cyber-security insurance to cover losses arising from catastrophic events and limit their liability to third-parties.
-For the Dept. of Homeland Security to create a national program for temporary, short term reinsurance through which insurers may purchase reinsurance coverage for their exposure to catastrophic losses under these policies.
-For companies with appropriate attack insurance to have litigation-related incentives available, excluding liability for consequential and punitive damages.
-To create privacy reform legislation establishing federal limitation of liability for companies that experience breaches of personal information that occur despite their use of standards-based security best practices.
The nonprofit group noted that the paper eschews tax incentives because those measures can be "difficult to enact" and often require federal budget cuts elsewhere.
"Government regulations can't keep up with Internet threats, but the profit motive can," said ISAlliance President Larry Clinton in a statement. "Unfortunately, most companies see investment in security as a cost center."
"We will need to alter that perception if we are to create a system wide secure and sustainable Internet; the best way to do that is through market incentives," said Clinton. "Virtually all of these programs are already in use the agriculture, transportation and energy and other sectors, but they haven't yet been integrated into cyber-security policy."
Posted by Matt Hines on April 11, 2007 08:05 AM
April 11, 2007 | Comments: (0)
OASIS announced on Wednesday formation of the Open Composite Services Architecture (Open CSA) Member Section, which is an initiative to advance standards that simplify SOA.
Open CSA will promote development of the Service Component Architecture (SCA) and Service Data Objects (SDO) specifications.
SCA is intended to enable design and transformation of IT assets into reusable services. SDO lets programmers access and manipulate data from heterogeneous services, such as databases, XML data services and Web services. OASIS has been selected as the venue for advancing these specifications.
The Open CSA Member Section will oversee new OASIS Technical Committees for SCA and SDO. Members of the Open CSA initiative include companies such as BEA Systems, Oracle, IBM and Sun Microsystems.
Posted by Paul Krill on April 11, 2007 07:16 AM
April 10, 2007 | Comments: (0)
Judge: Even MySpace speech protected
Political speech is just that -- even if in MySpace, an Indiana court ruled today.
Odd. Why would there be any First Amendment test just because it is speech on MySpace?
From the Associated Press report:
The three-judge panel on Monday ordered the Putnam Circuit Court to set aside its penalty against the girl, referred to only as A.B. in court records."While we have little regard for A.B.'s use of vulgar epithets, we conclude that her overall message constitutes political speech," Judge Patricia Riley wrote in the 10-page opinion.
This makes me wonder, if newspaper publishers do not understand online, do judges? In other words, how could the earlier judge have made such an obviously wrong (unconstitutional) decision? And given so, what would happen if the same thing occurred with text messages (SMS) or viral video, sent to all the schoolkids' cell phones?
Is this just an example of technology ahead of the courts, or a judge who does not understand free speech rules? Talk back to me, below.
Posted by Mike Barton on April 10, 2007 03:37 PM
April 09, 2007 | Comments: (0)
Code search partnership launched
Krugle's code search engine for developers has been embedded into the SourceForge.net repository of open source software, the two companies said on Monday.
The search engine provides developers with direct, contextual access to underlying code of the site's 145,000 open source projects. Developers can find code quicker and access projects they may not have been aware of, according to Krugle and SourceForge.net.
"The software industry is moving toward a search-driven development model," said Ken Krugler, founder and CTO of Krugle, in a statement released by the companies. "What we announced today is the equivalent of search on steroids: giving developers the power to search deep inside the world's largest repository of open source code."
"Embedding code search directly into Sourceforge.net makes what is already the world's largest open source destination much stronger and opens new opportunities for developers to create the next great open source project," said Mike Rudolph, vice president and general manager of SourceForge.net, in the companies' statement.
Krugle in February announced similar arrangements with Microsoft and Yahoo. A partnership with CollabNet was launched in March.
Posted by Paul Krill on April 9, 2007 01:51 PM
April 09, 2007 | Comments: (0)
RadView will offer up its WebLoad Internet applications testing tool to open source this week.
WebLoad OpenSource is to be re-launched on Wednesday under the GNU General Public License version 2. Users can test applications such as AJAX (Asynchronous JavaScript and XML) applications to find performance bottlenecks. Application-monitoring also is featured.
"Current proprietary solutions are too costly and too inflexible, creating daily frustrations for Internet application developers who constantly face performance issues," said Ilan Kinreich, chief strategist at RadView, in a statement released by the company. "RadView's open source approach will foster innovation, expand the use of performance testing, provide the foundation for an open source testing ecosystem and help to define testing standards."
WebLoad has had an installed base of 1,600 customers and the company is now looking to take away market share from rivals such as HP Mercury, a RadView representative said.
Also on Wednesday, the company will introduce a new commercial version of WebLoad, called WebLoad Professional. It will offer additional enhancements not in the open source product, such as certification and compatibilty for Oracle Forms.
WebLoad Open Source can be accessed here on Wednesday.
Posted by Paul Krill on April 9, 2007 10:57 AM
April 06, 2007 | Comments: (0)
WikiSky: Google Earth for the Heavens
We all know how useful tools like Google Earth and Microsoft's Virtual Earth have been to understanding what's out there on our lovely planet earth, most of us are just lost when it comes to the heavens above. First of all, depending on where you live, light pollution might make seeing the night time sky impossible, unless you count the moon and maybe Mercury and Venus. Thankfully, though, the folks over at the Sloan Digital Sky Survey (SDSS) have put together wikisky.org, which is kind of like Google Earth for the heavens above. Using a cool graphical interface, visitors can zoom in or out on stars or constellations, pulling up detailed astronomical data collected from SDSS's survey.
SDSS is an ambitious sky mapping project that wants to create detailed optical images covering more than a quarter of the sky, and a 3-dimensional map of about a million galaxies and quasars, according to the Wikisky Web site.
Check it out.
Posted by Paul Roberts on April 6, 2007 11:28 AM
April 06, 2007 | Comments: (0)
WSJ: Judge's ruling puts Vonage on Ice
A ruling from a Federal Judge on Friday prohibits Internet-based phone company Vonage from signing up any new customers and could be a death sentence for the company if it is not overturned on appeal.
The Wall Street Journal reported Friday that U.S. District Court Judge Claude Hilton ordered Vonage to stop signing up new customers until it has stopped using Internet calling technology owned and patented by Verizon Communications.
The order follows an injunction against Vonage, in March, which ordered the company to stop using the Verizon technology after a jury found that Vonage had violated three Verizon patents.
Verizon sued Vonage over the patents in June, 2006, just weeks after the company issued an Initial Public Offering.
According to the report, Vonage has pledged to appeal the ruling, which a company lawyer said would cut off oxygen -- new customers -- that Vonage needed to survive. Judge Hilton said that the company would need to post a $66 million bond for that appeal.
Failing victory on appeal or a technology fix that replaces the Verizon patents, Vonage will soon face an existential dilemma: how to service its millions of customers without the benefit of being able to add new customers to its rosters.
Posted by Paul Roberts on April 6, 2007 08:59 AM
April 03, 2007 | Comments: (0)
Web services security bolstered
The Web Services Interoperability Organization announced on Tuesday publishing of the WS-I Basic Security Profile 1.0.
The document is intended to be a guide to enable secure, interoperable Web services. It can be accessed here.
(More to follow.)
Posted by Paul Krill on April 3, 2007 10:02 AM
April 03, 2007 | Comments: (0)
CodeGear, the developer tools subsidiary of Borland Software, has a new CEO.
Jim Douglas, who was most recently president and CEO of ReShape, an electronic design automation startup, takes over for Ben Smith, who had led CodeGear through its formation phase since last November. Smith will return to the private equity, acquisition and venture arena, CodeGear said.
Douglas also has been an executive and Tality and Cadence Design Systems.
Borland initially had planned to sell its tools group but instead opted to make it a wholly owned subsidiary in November.
Posted by Paul Krill on April 3, 2007 08:48 AM
April 02, 2007 | Comments: (0)
Google April 1 gotcha: Gmail Paper
When I logged in to Gmail on Sunday night I almost fell to this April Fools from Google: Gmail Paper.
The new feature promises to allow you to snail-mail any of your Gmail messages. Some people would not doubt welcome this, and I was taken by the irony of it for InfoWorld,