These RSS Newsfeeds reflect the newest and most current information related
to the many facets of intergovermental technology. Content will be added to
and updated daily.
Police software advancements come in all shapes and sizes
PoliceOne By Staff
A GOOD IDEA: In Albany, Power of the Purse Comes With a Pinch
The New York Times By Stephen Ceasar
HP Hints at WebOS's Next Incarnation: 'PalmPad'
But what is it? Few details emerge as HP continues to show signs of taking
the Palm software to a new platform.
internetnews.com by Andy patizio
TOM CORBETT TALKS ABOUT HIS PLAN TO REVITALIZE PENNSYLVANIA'S ECONOMY AT BERKS COUNTY FOOD DISTRIBUTION CENTER
Says it is time to decrease the tax burden on businesses across the state
Robesonia - Republican Gubernatorial candidate Tom Corbett spoke about the importance of creating good, family sustaining jobs as he toured Associated Wholesalers, Inc. With so many Pennsylvania businesses hit hard by the economy, Corbett says it is time to work with our job creators, not against them.
"It is time for businesses like AWI to have someone on their side in Harrisburg," said Corbett. "For far too long, state government has been an adversary to job growth."
Pennsylvania has one of the worst tax burdens for job creators in the nation. Tom Corbett plans to change that by working with public and economic leaders to build bipartisan, strategic policies today that will secure our future for tomorrow.
"We are seeing too many of our young people leaving the state in search of jobs elsewhere," said Corbett. "It is time to change that. It is time to use our vast resources and keep the next generation of workers here in the commonwealth. That is why I am running for governor, for our children and grandchildren."
The policies of Harrisburg have driven too many jobs to other states. Tom Corbett knows it is time to change Pennsylvania's business philosophy to encourage job growth. His plan focuses on securing the commonwealth's financial future and stimulating job creation.
Three primary points of his plan include:
· Tax Reform: Reducing the Corporate Net Income Tax, which is currently the second highest in the nation; repealing the "Death Tax" so small business owners and farmers don't face the high tax burden of passing along the family business; removing the Net Operating Loss Cap. Pennsylvania is one of only 2 states to have caps on NOLs. Removing this would save companies from paying much higher tax rates than our competitor states.
· Regulatory Reform: Pennsylvania businesses have too much red tape to cut through inhibiting growth and limiting their potential. Corbett will eliminate the permit backlog at state agencies; require effective communication between state agencies so businesses are better served by the state as a whole; require compliance assistance, making sure regulatory agencies detail and publish the most frequent violations and compliance rates for each state program; implement a Paperwork Reduction Act cutting down on the overwhelming amount of paperwork required by businesses just to operate year to year.
· Legal Reform: Excessive and frivolous lawsuits must stop. Corbett will pass the "Fair Share Act" so a company, person or government agency isn't responsible for 100% of legal damages despite their limited role in the incident; Corbett will also work to protect "innocent sellers," people who sell a product and are sued, even though they had nothing to do with the creation of the product later claimed to be defective.
Pennsylvania's businesses are an integral part of the state's economy and critical to its success. Tom Corbett has been personally visiting companies like AWI, to learn firsthand the concerns of business owners. He has discussed with business leaders and employees the importance of keeping jobs in Pennsylvania and making sure we see growth in our jobs market.
"I believe it is time to restore the commonwealth's rightful position in the global marketplace by partnering with business leaders to build job creation policies that will secure Pennsylvania's future," said Corbett.
Associated Wholesaler's, Inc (AWI) is a cooperative food distributor that services supermarkets, convenience stores and superettes. It was founded in 1962 and employs 2,100 people throughout the company. Its goal is to give its members the programs and services that will keep them competitive in their marketing areas.
To learn more about Tom Corbett's plan to revitalize Pennsylvania's economy and jobs climate visit http://www.tomcorbettforgovernor.com/issues.
T-Rays: The Future of Airport Security, the End of Suicide Bombers?
ABC News - Technology By NED POTTER
How Wi-Fi Drains Your Cell Phone
Technology.Review By Tom Simonite
Top 10 Software Licencing Mistakes Enterprises Make
IT-Director.com By Patrick Gunn
IT Outsourcing: How to Save Money After the First Year
IT WORLD By Stephanie Overby
Enterprise security market set for strong growth
V3.co.uk by Dan Worth
Five Reasons You Don't Need Microsoft Office 2010
IT WORLD By Julie Sartain
Should CIOs Feel Threatened by the Cloud?
internetnews.com By Pam Baker
Oracle Fixes 59 Flaws in Sun, Database Tech
The 59 security patches Oracle issued today with its third Critical Patch Update
of the year address vulnerabilities in Sun, middleware and database technology.
internetnews.com By Sean Michael Kerner
Half of IT pros say cloud risks outweigh benefits: survey
IT World By Lisa Banks
Say What? The Week's Top Five IT Quotes
internetnews.com By David Needle
Microsoft Announces Cloud-Computing Pacts with Tech Giants
Wall Street Journal - TECH By Nathan Becker
Can BYO Become an IT Management Strategy?
BY P. J. Connolly
IT spending forecasts shrivel
CIO WEBLOG By Scott Wilson
US Government gets into the mobile application business
By Ed Oswald
Harrisburg - Attorney General Tom Corbett today called on Gov. Ed Rendell to refrain from spending nearly $300 million on projects during his last six months as governor.
The $300 million is included in a package of budget bills that raises the state's debt ceiling or borrowing limit by $600 million and was passed by the Legislature as part of the $28 billion state budget approved by Gov. Rendell.
Corbett, the Republican gubernatorial nominee, said when the state unemployment rate is 9.1 percent and we have a hole of $850 million in our current budget, Gov. Rendell wants to borrow more money to fund projects such as the Arlen Specter Library Project Center, which is scheduled to receive $10 million.
Corbett said, "We have a budget deficit for this year, the last thing we should be doing is borrowing more money to fund projects."
The Pittsburgh Tribune Review reports that the debt service, which also must be paid by the taxpayers, is $48 million on the $600 million increase of the debt ceiling.
"This is a classic example of what's wrong with Harrisburg," Corbett said. "Gov. Rendell will be long out of office, but our children and grandchildren will be paying the debt service or interest for his spending for years and years to come."
Corbett also called on Dan Onorato to join him in urging Gov. Rendell to not to spend the $300 million in borrowed funds.
Corbett said the governor should know that this is not the not the time to be borrowing more money to fund projects, regardless of their potential worth, when he just cut spending for family farmers.
Corbett said, "You can't tax, borrow and spend your way to prosperity. Someday the bill comes due and it's the taxpayers who are left holding the bag."
EMC's Tucci: 'Hundreds of public clouds' on the way
By Jon Brodkin
Wi-Fi Networking Could Get Speedier
By Sean Michael Kerner
Next-gen gigabit wireless spec formalized with 7Gbps speeds
By John Timmer
Earlier this week, Speaker Newt Gingrich endorsed Tom Corbett for Governor, citing Tom's record as Attorney General as proof that Tom will reform Harrisburg and make our state government one that can be trusted. This huge endorsement is one highlight in a very eventful week for the campaign.
Over the past seven days, Tom announced his plan to build a world-class transportation infrastructure in Pennsylvania. He unveiled his strategy to make our state an energy leader in the 21st Century. And, he released An Agenda for Excellence - his plan to improve K-12 education which has the backing of Jeb Bush, former Governor of Florida.
Tom's release of these detailed policy plans early in his campaign is evidence of his preparedness to lead Pennsylvania, his commitment to transparency and his ability to deliver real reform, real results, right now.
Needless to say, it has been an exciting week. As we get closer to Primary Day on May 18, Tom's schedule will be full of campaign events and announcements as he works hard to win the Republican nomination for Governor. In the days leading up to May 18th, Tom will be counting on you to help spread the word about his plans to turn on the power of Pennsylvania and encourage your friends to support his campaign.
Tom as set a goal to raise $51,800 by Primary Election on May 18th so he can continue fighting to bring his needed reforms to Harrisburg. Please, help us meet that goal and make a donation to our campaign today. Help us get the word out. Pennsylvania needs Tom as our next Governor.
As Newt Gingrich explained, Tom's record as Attorney General proves that he will take on the status quo in Harrisburg and will do what's right for Pennsylvania. He's the person we can trust to tackle government corruption, reform our education system so our children can reach their full potential, and tap into our state's own energy sources to reduce our dependence on foreign oil and make energy affordable for all Pennsylvanians.
Tom is also the person we can count on to turn around our current economic climate. He will revitalize Pennsylvania's economy and create an environment in which good, family-sustaining jobs can grow so that our families and our businesses can thrive and be prosperous. In the words of Newt Gingrich, if you want jobs for Pennsylvania, you want Tom Corbett as Governor.
NEWT GINGRICH ENDORSES TOM CORBETT FOR GOVERNOR
Sites proven record and courage that is best for Pennsylvania economy
Philadelphia - During a visit to Philadelphia yesterday, Speaker Newt Gingrich announced his endorsement of Tom Corbett for Governor via video. Gingrich cited Tom's proven record of courage and tenacity as the best choice for reform in Harrisburg, and putting Pennsylvania's economy back on track.
"The record he's had as Attorney General tells you that as Governor he will fight to change Harrisburg so the rest of Pennsylvania has a chance to create jobs which is what we have to have if we are going to pay for pensions, for healthcare, for education, for roads," said Gingrich. "Without jobs there is no prosperity."
"If you want jobs for Pennsylvania, you want Tom Corbett for Governor."
Cloud computing: The quiet requirement in mobile
By Mike Dano
HP's Unix OS Gets an Overhaul
By Paul Rubens
Cybersecurity Seen Falling Short on Collaboration
By Kenneth Corbin
CORBETT ANNOUNCES PLAN TO EMPOWER ALL PA KIDS TO ACHIEVE THEIR FULL POTENTIAL Funding, equal access, accountability and safety take priority
York - Republican gubernatorial candidate Tom Corbett today announced his plan for the future of education in Pennsylvania during a visit to Lincoln Charter School in York with Jeb Bush, former Governor of Florida. Following a roundtable with students, parents and school administration Corbett detailed his plan, Agenda for Excellence, to ensure all children in Pennsylvania receive a first class education, enabling their success in the global economy.
"My commitment to reforming our education system can only start in one place, with our children. My plan provides for every Pennsylvania child the choice of a great public school, led by highly effective teachers and leaders that will enable students to achieve their full potential," said Tom Corbett. "In Harrisburg, we must put students and their achievement at the center of our education system. Every child can learn, but we must empower them with the tools they need to achieve and enable their success in the job market of today and tomorrow."
To accomplish the Agenda for Excellence, Tom Corbett's Vision for K-12 education in Pennsylvania encompasses several components:
· Funding schools and students;
· Enhancing educational opportunities;
· Ensuring effective teachers and leaders;
· Embracing accountability for results; and
· Creating safe learning environments.
"Tom and I agree that all children can learn," said Jeb Bush. "Under Tom's plan, Pennsylvania will soon see rising student achievement among all students across the state."
Tom Corbett's Agenda for Excellence will work to ensure education funding aligns more directly with students, linking it directly to students and the schools they attend. By infusing funding directly to the classroom, providing greater control of resources at the school level and promoting portability of funding school districts will be better able to focus on achieving student learning goals.
Tom Corbett believes in Pennsylvania's public school system and will make funding them a priority. Harrisburg needs to change its traditional mindset of compliance and enforcement. Instead, Tom's plan alters the focus of education policy toward setting goals, while providing support and flexibility to school districts to achieve them.
To enhance access to great schools and give families choices in their children's education, Tom Corbett will work to strengthen support for charter schools. Additionally, Tom will work to improve greater dual enrollment opportunities for high school students pursuing post-secondary degrees, expand career and technical schools, support the Education Improvement Tax Credit and pilot Innovation Schools.
"Pennsylvania is home to many great public schools, but not all schools meet the needs of students. We must deliver on our promise of a great school for every child, by allowing families choice in educational opportunities," said Corbett.
Great school choices are only made possible if schools are staffed by effective teachers and leaders. The current systems fall short in ensuring that every student has a highly effective teacher and that every teacher has the tools and support they need to achieve that goal. Pennsylvania can do better for both our students and our teachers by implementing new evaluation systems that fairly and accurately gauge teacher effectiveness and using those evaluations to customize professional development to individual teacher needs.
While Tom Corbett's plan will demand accountability from teachers, he knows that all parts of our education system must be held to high standards of accountability to achieve success including students, teachers, administrators, school districts and lawmakers. Tom's plan embraces performance based accountability and supports the development of a school grading system to better explain education success and identify those schools that are in need of the most assistance.
"Accountability, measurement, high expectations and choice worked in Florida," said Bush. "I am confident Tom's bold vision for reform will bring the same success to Pennsylvania."
As Governor, Tom Corbett will continue to push for safe schools and direct the Pennsylvania Department of Education to strengthen and implement initiatives to ensure that our children not only are getting a quality education, but also learning in a safe environment.
"Whether they are post secondary or technical training bound, going directly into the workplace or achieving milestones as a special needs student, every student not only needs to be embraced, but also must serve as the focal point of Pennsylvania's education system," Corbett said. "As we work to increase economic opportunity in the commonwealth we must also provide the strong educational foundation our children need to succeed in the economy of tomorrow."
Tom Corbett's detailed Agenda for Excellence: A Great K-12 Education for Every Pennsylvania Child is available online. In the coming weeks Tom will unveil additional detailed plans to specifically support early and higher education. For additional information about Tom Corbett and his vision for Pennsylvania, visit www.tomcorbettforgovernor.com.
Oracle Unveils New Java Virtualization Tools
By Larry Barrett
VMware Impresses But Is the Best Yet to Come?
By Larry Barrett
McAfee Antivirus Program Goes Berserk, Freezes PCs
By Peter Svensson AP Technology Writer
How to Maximize Social Media for Improved Business Collaboration
By: Tim Minahan
McAfee Aims to Shut Down 'Malvertisers'
By Larry Barrett
Cisco promises to open source Telepresence Interoperability Protocol
Cisco completed its Tandberg acquisition today and promised to open and improve Telepresence interoperability
IBM optimistic amid signs of tech spending rebound
By Andrew Vanacore, AP
"Moore's Law" essay turns 45
Shaun Nichols in San Francisco
Air Force to add cyberwarfare training
by Lance Whitney
Symantec Debuts New Enterprise Security Apps
By Larry Barrett
CIO as Chief Intelligence Officer?
By Brian Watson - BIZ-TECH 3.0
Surprise in Intel 1Q: Corporate PC spending up
Small businesses are an integral part of Pennsylvania's economy
Small businesses are an integral part of Pennsylvania's economy and are critical to our state's prosperity and success. They create employment opportunities and strengthen the fabric of our communities. In fact, Pennsylvania is blessed to have more than 200,000 small businesses, which account for nearly 50% of its private-sector employment.
I know the important role small businesses play in our state's economy. As Governor, I will fight for small businesses and implement policies that will help them thrive, which means lifting the burdens placed on them by high taxes and unnecessary paperwork.
You can read more about my plan to grow Pennsylvania's small business at TomCorbettforGovernor.com. After you read it, I hope you will help me spread the word by sharing my plan with your friends and family today.
Small-business owners are facing difficult economic circumstances, and they will not commit themselves to investing in new job and facility growth until their earnings improve and they feel more confident about the overall economic and policy climate in Pennsylvania.
As part of my overall plan to revitalize Pennsylvania's economy, I will implement sound policies that will jump start economic growth for small business, including:
*Streamlining and simplifying the tax code and compliance process to lessen the burdens on our job creators;
*Developing a Small Business Portal to consolidate the collection and reporting of all wage reporting (local, revenue and labor) into a single business portal;
*Instituting regulatory flexibility for small business which will give small-business owners a seat at the table when state agencies develop proposed regulations;
*Growing investing opportunities that will put money back into the hands of small business owners so they can hire more workers and grow their businesses; and
*Repealing the "Death Tax" as part of my long-term commitment to Pennsylvania's small business owners and family farms.
Pennsylvania's small businesses have struggled long enough. Now is the time for our state government to truly embrace small business and help them succeed.
If you agree with me that our government must implement policies that will help small businesses thrive, please help me spread the word about my plan to grow our small businesses by sharing it with your friends and family today.
Sincerely,
Tom Corbett
SNIA standard should help in moving cloud data
by Stephen Lawson
IBM software to help states grab back taxes
by Lance Whitney - CNET News
Adobe Prepping Security Updater Service
By Larry Barret
Microsoft Patch Tuesday to Fix 25 Threats
By Stuart J. Johnston
Tech industry recovery under way, says Forrester
By BARBARA ORTUTAY, AP
VBrick to Showcase New Cutting Edge IP Video Streaming Solutions at NAB
Benzinga Staff
WALLINGFORD, Conn.--(BUSINESS WIRE)
Public Safety Faces Capacity Crunch of Its Own
AT&T Invests Nearly $40 Million to Expand Wireless Capacity for Chicago's 3G Mobile Broadband Network
Cities of the Future Part 3: Cloud Quandaries
By Richard Adhikari
Security Experts: 'Malware Like a Sniper'
By David Needle
Enterprise Secrets Often at Risk: Report
By Stuart J. Johnston
Pennsylvania's 8-year itch
By John Gramlich, Stateline.org Staff Writer
AT&T to spend $1 billion to broaden network
By DEBORAH YAO, AP
Microsoft plans April 12 mystery event
by Ina Fried
Web site by Stanford experts monitors app security
'Web Science' is New IT Degree Program at RPI
By David Needle
Apple announces iPhone OS 4 event on April 8
By Charles Starrett
Can smarter IT rescue states drowning in debt?
By Heather Hayes
iPad is Coming to Enterprises, Like it or Not
By Mike Elgan
Sharp shows 3-D displays for mobile devices
The time might be ripe for state and local
By Nick Wakeman
Tom Corbett
Over the past few weeks, Tom Corbett has been traveling the state and talking with Pennsylvanians about his vision to turn on the power of Pennsylvania - including his plans to reform our state government and put Pennsylvanians back to work.
Creating and maintaining an environment in which good, family-sustaining jobs can grow is one of Tom's top priorities. He knows how hard our families have been hit by the recession and as Governor, he will enact meaningful reforms to help our employers create new jobs for Pennsylvanians.
For far too long, the policies of Harrisburg have driven jobs to other states, and unless we change our business philosophy, Pennsylvania will continue to have one of the worst tax burdens for job creators in the nation. That is why Tom is determined to revitalize Pennsylvania's economy and restore the Commonwealth's position in the global marketplace through innovation, improved job creation and 21st Century workforce training.
Tom also knows that to create real economic growth in our state, we must start from the foundation up and reform the government that guides our economy. He believes our government needs to be held to a higher standard to restore taxpayers' trust and confidence and to bring about good government at all levels and in every branch.
Researchers find security holes in smart meters
by Martin LaMonica
Tech Secrets: 21 Things 'They' Don’t Want You to Know
What can WiMAX bring to smart grid program?
by Brad Reed
Femtocell prices have dropped below $100, says vendor
by Mikael Ricknäs
Cloud-based Mobile Apps Gain Popularity
By Herman Mehling
Magnets Can Sway 'Moral Compass,' Say MIT Researchers
Could HTML5 help solve Apple Flash fears?
Good Governing? There's an App for That Citizens Can Use Their Smart Phones to Report Issues to City Officials
By Kristina Wong - ABC News
Mobile Data Traffic Swells 193%
By Andy Patrizio
Common Processes: The Path to Better Project Management
By Bryan Peterson and April Boland
Microsoft takes measured approach to mobile Office apps
by Sumner Lemon
Candidates for Pa. Governor detail income, health
By Tom Infield - Inquirer Staff Writer
Tom Corbett is Protecting Pennsylvania Taxpayers
Earlier this week, Tom Corbett joined with Democrat and Republican Attorneys General in a lawsuit to protect the sovereignty of Pennsylvania from Congress' attempt to strip away the individual liberties of our citizens and businesses; an unconstitutional power grab by the federal government.
Democrats in Harrisburg disagree with Tom that the 10th Amendment and separation of powers between the states and federal government should be preserved. This week liberal Democrats in Harrisburg targeted him with partisan political attacks - even going so far as to publicly threaten to cut funding for the Attorney General's office unless he caves to their demands.
We need your help to defend Tom from these partisan attacks. There is a fundraising report deadline on March 29 - only two short days away. Will you please show your support for Tom by making a donation to our campaign today?
Every day, Tom works hard to ensure that the pocketbooks of the citizens of Pennsylvania are protected. Instead of engaging in mere rhetoric, the Attorney General's office - under Tom's leadership - assisted over 4,700 consumers and saved Pennsylvanians over $4.2 million in 2009 alone.
Now Tom is working to stop the federal government from threatening individual liberties by imposing this mandate that forces individuals to buy health insurance. With Harrisburg Democrats publicly attacking Tom and threatening to withhold funds from the Attorney General's office, he needs your support now more than ever.
If the Democrats are willing to go this far to threaten Tom, imagine how far they will go to raise money to keep him from becoming our next governor.
In two short days, the finance period ends. The media and our opposition will use this to gauge the public support for Tom and his actions on behalf of Pennsylvania's taxpayers.
Please, help us show that Tom's dedication to protecting Pennsylvania's taxpayers has strong support from across the Commonwealth. Your donation of $100, $50, $25 or more will send a strong message to the media and our opponents.
States consolidate technology in response to tough economy
By Doug Beizer - Federal Computer Week
Oracle Database 11gR2: Building an ASM Clustered File System (ACFS)
By Jim Czuprynski - IT Management
Can 4G wireless take on traditional broadband?
By Marguerite Reardon
With AT&T Femtocell, Your Coverage Troubles Could Be Over
By Brian X. Chen
Understanding the cloud and 'devops'--Part 1
by James Urquhart
Security Hardware & IT Security Software: Seattle, Boston, DC Top Cyber-Crime Hot Spots List
Mozilla stops development of Firefox for Windows Mobile
by Mikael Ricknäs
Sybase First to Bring Deep Analytics Offering to Mobile Operators with Hosted Business Intelligence Solution for Messaging Traffic
Hints for Evaluating Open Source in the Enterprise
An IBM exec shares his thoughts on the kinds of questions IT decision-makers should be asking before they dive into any open source project.
By David Needle
Riskiest Cities for Cybersecurity Surprises
By Larry Barrett
Gov Info Sharing
by Mallory Micetich
Security Firm Warns of Hole in Windows Virtual PC
By Stuart J. Johnston
FBI Says Cybercrime Skyrocketing
By Larry Barrett
CORBETT UNVEILS THIRD COMPONENT
OF ECONOMIC DEVELOPMENT & JOBS PLAN
Discusses developing a world class work-force
to put Pennsylvanians back to work
Lancaster - Republican gubernatorial candidate Tom Corbett today announced the third key component of his economic development and jobs plan at Pennsylvania Career Link of Lancaster County. Speaking to unemployed Pennsylvanians who are looking to go back to work, Corbett explained how his plan will create good, family-sustaining jobs.
Corbett detailed "Developing a World-class Workforce," a plan that works to restore Pennsylvania's position in the global marketplace. On Monday, Corbett released the second part of his economic development plan, "Reforming Pennsylvania's Jobs Climate," before southeastern Pennsylvania business and industry leaders. In the coming weeks, Corbett will be traveling the state detailing separate aspects of his seven-point economic development and jobs plan, which includes:
Expanding Pennsylvania's Economy Through Innovation
Reforming Pennsylvania's Jobs Climate
Strengthening Pennsylvania's Regional Economies
Growing Small Business in Pennsylvania
Harnessing Entrepreneurial Leadership from Higher Education
Developing a World-class Workforce
Expanding Pennsylvania Worldwide
Tom Corbett has seen firsthand how the economy has impacted Pennsylvanians. With the Commonwealth's record unemployment numbers, Corbett knows it's time for things to change. "Nothing is more critical to ensuring the economic vitality of Pennsylvania and to securing good-paying jobs for Pennsylvania families than the development of an educated workforce that meets the demands of the marketplace," said Corbett.
The highlights of the plan include:
Improving cooperation and performance among the Departments of Labor and Industry, Public Welfare and Education; changing an outdated system to eliminate redundancy and government waste and improve efficiency and interagency cooperation to help Pennsylvania employers and jobseekers.
Strengthening regional workforce development initiatives through the workforce investment boards (WIB's); Maximizing the potential of WIB's by encouraging private-sector involvement, maintaining local control of WIB's by allowing local elected officials to be more involved and holding each board accountable to their goals.
Aligning education with opportunity; working to connect the education and business communities to identify jobs that are needed and preparing workers for these opportunities; facilitating communication among government, educators and business to determine which jobs are in-demand; supporting manufacturing growth through education; encouraging broad educational opportunities.
Maximizing opportunities through community colleges and alternative educational institutions.
Reengaging high school dropouts.
Recruiting college graduates back to Pennsylvania by creating adequate networks and resources; helping our returning Veterans find jobs by ensuring access to training and services.
Tom Corbett is determined to revitalize Pennsylvania's economy and reduce unemployment. With the wealth of resources in the Commonwealth, from agriculture, an established manufacturing base and a dynamic mix of major corporations and small businesses, the opportunities are there to put Pennsylvanians back to work. Corbett feels giving workers the tools needed to succeed will be the key. "Most often, it is the availability of skilled workers that becomes the deciding factor in the location and growth of industry," said Corbett. "If Pennsylvania is to reclaim its place as a leader in our global economy, we must do a better job of preparing our workforce for the careers of the future."
Pennsylvania businesses and industries are a crucial part of the state's economy and Tom Corbett's economic development plan. Because of that, he has been personally visiting businesses around the state and has been discussing with them what the Commonwealth needs to grow and keep jobs here in Pennsylvania.
Tom Corbett's detailed plan to expand Pennsylvania's economy through innovation is attached and is available online. For additional information about Tom Corbett and his vision for Pennsylvania, visit www.tomcorbettforgovernor.com.
UPDATE: Sprint To Unveil First 4G Phone Next Week - Sources
The Wall Street Journal - Business
Cisco Revamps Ethernet Switches, Talks Up Borderless Networks
By: Jeffrey Burt
Virginia Shakes Up IT Leadership Structure
Expanding Your Mobile Marketing Vision
Posted by: Today's Tip Contributor
Google making it easier to leave Exchange
by Tom Krazit
Cloud Connect: Public, Private, or Hybrid: Where's the Value Today and Where's It Going?
By Brenda Michelson
Poll: Corbett leads local hopefuls, more than third are undecided
By Salena Zito
PITTSBURGH TRIBUNE-REVIEW
HubCast Revolutionizes How Print Is Done -- New Cloud Print Service Offers Unprecedented Speed, Reach and Ease of Use
Microsoft Announces Hardware-Accelerated HTML5, Pushes Boundaries on Web and Cloud Development
Advertiser TALK
Looking Back on 25 Years of .
By David Needle
Secrets to a Successful BPM Implementation: Phil Ayres Explains
US plans to give high-speed broadband to every American
By Maggie Shiels, BBC News, Silicon Valley
The Top 10 IT Certifications
By James Maguire - Datamation
Going beyond Flash, Adobe shows off Web tech
by Stephen Shankland
Revived PC market to enjoy double-digit growth
by Lance Whitney
Awareness Helps Firms Manage Social Networks
By David Needle
Twitter CEO unveils '@Anywhere' platform
by Caroline McCarthy
FCC wants fast Internet for all government buildings
By William Jackson - Washington Technology
Leading U.S. Tech Executives Call Broadband Critical to Nation's Long-Term Economic Health
HP Flashes a Few Slate Details
By Richard Adhikari - Tech News World
IT Spending in 2010 Will Rise Slightly: Ovum
By: Jeffrey Burt
Patching the Security Update Process
By Brian Krebs
Survey: IT executives experimenting with mostly 'private' cloud architectures
By: Dana Gardner, Principal Analyst, Interarbor Solutions
Secure Server Virtualization Using Hyper-V
By Nirmal Sharma - ServerWatch
CA Acquires Cloud Vendor Nimsoft for $350M
By Larry Barrett
Symantec Tackles Mobile Security
By David Needle
Cast Iron launches integration platform to help pull hybrid cloud models together
By: Dana Gardner, Principal Analyst, Interarbor Solutions
Industry Frets Over Software Security
Microsoft Patch Tuesday Includes IE Warning
By Stuart J. Johnston
Google opens Web store for business applications
By MICHAEL LIEDTKE, AP
Cisco Unveils $90,000 Network Router to Lure Carriers (Update2)
By Rochelle Garner
An Explosion of Mobile Patent Lawsuits
By NICK BILTON
Google tries again in search personalization
by Stephen Shankland
IBM: Changing the Way Computers Work
Cray, Microsoft team up on cloud data centers
by Matthew Broersma
Microsoft Calls for Infected PC Quarantine
By Andy Patrizio
AT&T Intros Mobile Apps Portal for SMBs
By Michelle Megna
SafeNet looks to secure data in the cloud
by Jeremy Kirk
At the Forefront of identity management
Security by Scott Wilson
IBM Looks to Secure IT From Soup to Nuts
By Sean Michael Kerne
Spanish Police Make Big Arrests in Botnet Case
Google Dominates in Mobile Search, Touts Mobile First Rule
By Clint Boulton
Skype Pulls Windows Mobile Apps; No Word of Return
4G VoIP to succeed mobile voice
Microsoft's Rules for Law Enforcement Set
By Stuart J. Johnston
Wearable sensors help home and car designers accommodate disability
By Dan Rogers
Microsoft downs site after top-secret guide published
By John E. Dunn
February 26, 2010 11:17 AM ET
Secret Service Computers Only Work at 60 Percent Capacity; Agency Uses 1980s Mainframe
By JASON RYAN WASHINGTON - abc NEWS, Feb. 26, 2010
Microsoft Decapitates Waledac Botnet
By Thomas Claburn
InformationWeek
A major source of spam and malware has been cut off from its controllers.
The Waledac botnet, one of the ten largest networks of compromised computers and a major source of spam and malware, has been dealt a potentially crippling blow by Microsoft.
The world's largest software company on Thursday said that it was granted permission by a Virginia court to go over the heads of the Internet service providers hosting Web domains affiliated with Waledac and pull the plug at the domain registry level, through VeriSign.
Vivek Kundra, federal CIO talks about how he and the administration are transforming the role of technology in government -- away from spending on infrastructure, and toward spending on its customer, the American constituent.
"Microsoft filed a complaint with the US District Court of Eastern Virginia, which issued the temporary restraining order this week directing VeriSign -- the registry operator for all .com domains -- to sever the domains in question," said Richard Boscovich, senior attorney for Microsoft's Digital Crimes Unit, in a e-mailed statement. "VeriSign, in compliance with the TRO, severed those domains within hours of the order, effectively decapitating the botnet."
As a result of what Microsoft has dubbed "Operation b49," some 277 Internet domains that provided command and control capabilities to Waledac have been taken offline. Because Waledac has a peer-to-peer communication component, Microsoft has also been deploying additional technical countermeasures to cut off botnet communication.
In a three week period in December, Microsoft identified some 651 million spam messages directed at Hotmail alone by the Waledac botnet. The company estimates that the botnet, prior to the takedown, was sending 1.5 billion spam messages per day.
"Three days into the effort, Operation b49 has effectively shut down connections to the vast majority of Waledac-infected computers, and our goal is to make that disruption permanent," said Microsoft associate general counsel Tim Cranton in a blog post.
However, Cranton notes that the takedown will not do anything to disinfect compromised computers.
Although Microsoft says that this is the first time registry-level action has been used to shut down a botnet, Bret Fausett, a Los Angeles-based attorney at Adorno & Yoss, observes registry-level enforcement is relatively common in cases such as trademark disputes, when the ISP hosting an infringing site is located outside the U.S. "Using the registry as a point of control for domain names is actually fairly common," he said.
Such tactics, however, may amplify international objections to U.S. control of the Internet domain name system. "I think one of the reasons that this practice flies a little bit under the radar is because of those Internet governance concerns," he said. "What it basically says about .com...is that those domains are ultimately subject to control by a U.S. court."
Karl Auerbach, CTO at InterWorking Labs, Inc. and a former board member of ICANN, said in an e-mail that he believed the effort to combat the Conficker worm involved registry-level intervention and said there are some aspects of this approach that prompt concern.
"While it makes sense to me to use the domain name registration as a way to redress abusive activities on the net, I do have concern about the standards that are used to justify such actions, the constraints on such actions including their duration, and measures to limit collateral damage," he said.
As an example, he said that he'd had some machines at a co-location facility that had its whole range of IP addresses blacklisted due to the activities of spammers using proximate IP addresses.
The fact that these takedowns happen without notice, Auerbach says, makes him wonder about the standards for such actions and the remedies if a mistake is made. "For example, is the initiating party and registry required to put up a bond just in case their actions ultimately prove unjustified or caused harm to innocent third parties?" he asks.
We both know that our state is enduring a difficult time. Jobs are leaving the state and everyday more Pennsylvanians are losing their jobs. Now is the time to put into place solutions that will grow our economy and make Pennsylvania prosperous once again.
Yesterday, I unveiled the first of my plans to turn back on the power of Pennsylvania's economy with the release of my government reform policy platform. To create real economic growth and put hard-working Pennsylvanians back to work, we must first dramatically reform the government that guides our economy. Our government must be held to a higher standard to restore taxpayers' trust and confidence and to bring about good government at all levels and in every branch.
If you agree with me that we need government reform in Pennsylvania, please sign my petition today. After you sign it, will you please ask your friends and family to join you in standing with me for government reform?
I am not only committed to rooting out corruption, waste, fraud and abuse from any source - I will also work to implement real change, reform and certainty in Harrisburg. For far too long, state government has let down the hard-working families of this great commonwealth, and it is time for real change.
If I have the privilege of serving as your Governor, I will provide an open, transparent, accountable and trustworthy government that finally puts Pennsylvania taxpayers first and gets the state back on track and moving in the right direction.
To do this, I will work hard to implement policies that will reduce the size & cost of government, bring about transparency in state government, implement performance-based budgeting and ban political contributions and gifts during the procurement process.
If you believe that we desperately need to reform our government, please sign my petition today and ask your friends and family to join you in standing with me for government reform.
Sincerely,
Tom Corbett
P.S. I need your help to get the word out about my plans to turn on the power of Pennsylvania. Your generous contribution of $100, $50, $25 will help me promote my positive agenda of reform for Pennsylvania's future. Will you please make a donation to my campaign today?
TOM CORBETT UNVEILS PLAN TO REFORM PENNSYLVANIA GOVERNMENT
Kirsten Page, Press Secretary
Corbett will reform Harrisburg through trust, accountability and transparency
Pittsburgh - Speaking before a crowd of Pittsburgh-area business leaders, Attorney General Tom Corbett today unveiled the first of his plans to turn back on the power of Pennsylvania's economy with the release of his government reform policy platform that focuses on changing the way things are done in Harrisburg. "To create real economic growth in Pennsylvania and put hard-working Pennsylvanians back to work, we must start from the foundation up and fix the government that guides it," stated Tom Corbett. "I will provide an open, transparent, accountable and trustworthy government that finally puts the taxpayers of this great state first."
Tom Corbett announced that he will spend his first week as Governor working with members of the General Assembly to introduce his plan to reform state government. "We will immediately begin the process of reforming Harrisburg and putting the people back in the people's government," said Corbett.
The highlights of Tom Corbett's reform plan include:
1. 100% transparency in state government so taxpayers know how their money is spent
2. Reducing the size and cost of state government with a 10% reduction in administrative operations
3. Eliminating WAMS and discretionary funds
4. Eliminating state government paid per diems
5. Reducing the state automotive fleet to help save taxpayers $72 million per year
6. Moving to a biennial budget
7. Zero based/performance-based budgeting to make sure state agencies meet their performance goals to determine their funding
8. Capping the General Assembly "Leadership Funds"
9. Sunset and audit of state boards and commissions
10. Consolidating state services to make state government more efficient
11. Ensuring that state legislators help pay for their own healthcare plans
12. Banning political contributions and gifts during the procurement process
Tom Corbett emphasized that as we work to build trust and accountability in state government, Pennsylvania will be better positioned to grow good, family-sustaining jobs and reduce the tax burden on Pennsylvanians. With Pennsylvania facing near double-digit unemployment, Corbett says we have to work to get our business climate in order. Pennsylvania has an enormous amount of resources and Corbett says it is time we turn them into an innovative economy that makes Pennsylvania globally competitive: "As governor, I will work with you to harness our energy potential, grow jobs and economic development opportunities, build a transportation infrastructure to support our economy and better prepare our children for tomorrow's jobs."
"I am running for Governor because it is the time for leadership in Harrisburg, leadership that doesn't just talk to Pennsylvanians, but listens and does the right thing," declared Corbett. "Leadership that makes decisions in Harrisburg based on what's in the best interest of Pennsylvanians. And that is how I plan to govern."
To view Tom Corbett's government reform plan in its entirety, visit
www.tomcorbettforgovernor.com
Virtual Desktop Infrastructure Fights to Host Client Workload
By: Cameron Sturdevant - eWeek
The technology is advancing that enables once-powerful and now-weak desktop systems to be repurposed to host virtual desktop systems running modern operating systems.
So-called "fat clients" are here for the foreseeable future. But is it possible—and cost-effective—for organizations to transition from far-flung and historically hard-to-maintain desktops to virtual desktops stored in a central data center?
The technology is advancing that enables once-powerful and now-weak desktop systems to be repurposed to host virtual desktop systems running modern operating systems. My review of the Leostream Connection Broker shows that it is possible to put desktops on everything from thin clients to elderly PCs. So the question of physical client connectivity is just about moot, aside from limitations of the Leostream Web viewer—it currently only works with browsers that support VBScript, i.e., Internet Explorer.
As long as fat clients are in the workforce—already licensed and with a myriad of system tools in place to keep them in relatively good working order—I think the idea of using desktop virtualization holds some promise for medium and large organizations. For one thing, if users were doing their butchery—I mean conducting their daily business—on virtual systems that are easily returned to a pristine state at the end of the day, then a large chunk of fat-client system maintenance is moved to the positive side of the scale.
In addition, there are the traditional benefits of VDI (Virtual Desktop Infrastructure) to be considered. Central management of desktop and application configuration and deployment means an end to a reliance on applying delicate patches in what are basically uncontrolled user environments. User systems play a much-reduced role in a VDI world, to the extent that thin clients or AOPOE (Any Old Piece of Equipment) can be swapped in for a failed user client. Since it is conceivable that old spare systems could be stockpiled close at hand, client-machine failure could be reduced from many hours or a day to likely just an hour or two.
From my use of thin clients in my VMware View 4 and Leostream Connection Broker reviews, it is readily apparent that VDI works and works in important ways to satisfy users. When properly configured, virtual desktops are already up and running when users ask for them, making the startup time a startlingly quick experience. Desktop performance is, for the most part, in keeping with how applications work when they are hosted on a local system. In many cases, because my infrastructure is running on 15K drives, with beefy amounts of RAM and speedy Intel Xeon 5500-series processors, applications tend to perform much better when compared to the embarrassingly old, yet strangely durable Dell desktop systems in eWEEK Labs.
Cost Comparison
Cost comparison between VDI and real desktops are notoriously difficult and I don't have a magic formula to offer here. The technology that enables desktops to move into the data center is here and if desktop managers can see a way to preserve their position even with a shift to the data center, then I'm sure the cost-benefit analysis will follow.
There is another technology to be taken into account when considering desktop strategies, and that is a fully virtual move to the cloud. As business applications are increasingly available in multitenant, always-on, maintained-and-secured-by-someone-else hosting centers, it seems that a third viable option for cost-effective business computing is on the table.
What is clear to me is that an automatic hardware refresh with yet another fat client is not the automatic right answer for large enterprises today. Good options are now available for putting that client on a virtual desktop inside the data center for regulatory and security purposes. There are also increasing opportunities to put applications in the cloud. And in many cases, there are still good reasons to put a piece of hardware with a full operating system and a collection of applications at a user’s desk.
In the case of VDI specifically, desktop managers should pay close attention to advances in moving high value workloads into a virtual setting. Although still in its infancy, VDI is pushing to extend multimonitor support to users who need landscape and portrait mode screens. VDI also is being pushed to support four-monitor configurations with a variety of screen resolutions. And as noted earlier, compute advances on the server side are making it increasingly likely that a more powerful, multicore system with fast RAM and disk resources is as likely to be running the virtual desktop. The best thing about placing these high-power resources in the data center is that they can be quickly repurposed for other workloads through the day and night, a task that is much more difficult to do with desk-side compute resources.
FTC Warns Of Widespread Data Breaches
By Thomas Claburn
InformationWeek
Almost 100 organizations have been notified by the agency that sensitive personal data about their employees and customers has been shared from their networks over peer-to-peer file sharing services.
The Federal Trade Commission on Monday said that it had notified almost 100 organizations in both the public and private sector that they need to review their security practices.
In letters to these organizations, the FTC says that "at least one computer file containing sensitive personal information from or about your customers and/or employees has been shared from your computer network, or the network of one of your service providers, to a peer-to-peer file sharing (P2P) network."
Failure to prevent this information from being shared may represent a violation of one or more laws that the FTC enforces, such as the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, and the Federal Trade Commission Act.
The FTC however has not filed any lawsuits related to these breaches.
FTC Chairman Jon Leibowitz said in a statement that companies of all sizes are vulnerable to P2P-related breaches. He said that the FTC found information that could be used to commit identity theft, including health information, financial data, drivers' license numbers and social security numbers.
"Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure," Leibowitz said. "Just as important, companies that distribute P2P programs, for their part, should ensure that their software design does not contribute to inadvertent file sharing."
Despite recent calls by some security experts for greater openness about security breaches, the FTC did not name the entities that received letters. The agency did note that affected organizations ranged in size from eight employees to over 10,000.
The FTC said it is advising organizations that receive letters to identify affected employees and customers and to consider notifying them. States and federal agencies each may have different notification requirements in circumstances like this.
50 Open Source Tools: Desktop Downloads
By Cynthia Harvey - Datamation
The universe of open source tools is large and rapidly expanding. If your desktop doesn't look and perform exactly like you want it to, you really have no excuse.
We found dozens of great open source tools that let you customize your desktop environment, whether you're ready to try out a whole new operating system or just a new screen saver.
While many of these tools add new features to software you probably already have on your system, others offer brand new functionality, like the Florence virtual keyboard and the PNotes sticky notes. You might even find a open source tool or two that you just can't live without.
Open Source Tools: Desktop Enhancements
1. Console
If you like to operate from the command line in Windows, Console is a great alternative to cmd.exe. Features include multiple tabs, alpha and color-key transparency, configurable font, and different window styles and backgrounds. Operating System: Windows
2. Dave’s Quick Search Deskbar
Are the Google deskbar and "I'm feeling lucky" button not fast enough for you? Try Dave's Quick Search Deskbar. It lets you search the Internet without opening a browser first, and it has lots of helpful features that speed up search even more. Operating System: Windows
3. Florence
Primarily designed for the Gnome desktop, Florence offers a virtual keyboard on the screen that hides when you're not using it. It's a great tool if you can't use a regular keyboard because of a handicap or injury--or because you just spilled your coffee on it. Operating System: Linux, OS X
4. GeoShell
GeoShell replaces the standard Windows interface (start menu, taskbar, system tray, etc.) with a customizable version. As an added bonus, it usually requires fewer resources to run than the standard interface. Operating System: Windows
5. Kysrun
Kysrun works a lot like Launchy (below), letting you open applications, files, or bookmarks with a couple of keystrokes. As you begin typing, it offers suggestions for what you might be trying to find. Operating System: Linux
6. Launchy
Why bother moving your hand all the way from the keyboard to the mouse and back again? With Launchy, you can open applications, documents, and bookmarks with a couple of keystrokes. You'll never need your start menu or desktop icons again. Operating System: Windows
7. LCARS 24
This is the ultimate conversation piece for true Trekkies. LCARS turns an old PC into a talking alarm clock that uses the graphics you've seen on Star Trek. The latest version runs on Windows, as well as DOS. Operating System: DOS, Windows
8. PNotes
Have trouble remembering things--like where you left the pad of sticky notes to use for reminders? Leave yourself a virtual sticky note on your desktop instead with this handy app. Operating System: Windows
Open Source Tools: Desktop Gadgets/Widgets
9. Google Gadgets
At this site, you'll find a number of gadgets that work with the Google Desktop. They range from the useful (calendar, clock, calculator) to the useless-but-interesting (flower pot, Star Trek star date calculator). Operating System: Windows
10. Google Gadgets for Linux
As you might expect, this app lets you run Google Gadgets developed for Windows or iGoogle on Linux. Operating System: Linux
11. Kludgets
Short for "Klumsy, Lame, Ugly, Dumb, but Good Enough," Kludgets aims to bring OS X-style widgets to Windows. The site includes links to lots of interesting widgets to get you started. Operating System: Windows
12. Qalculate
In addition to all the basic arithmetic functions, this desktop Linux calculator handles logarithmic functions, complex and infinite numbers, graphing, statistics, unit conversion, data plotting, and much more. It also includes financial calculators, geometric functions, and a currency converter. Operating System: Linux
Open Source Tools: Desktop Search
13. Beagle
Beagle searches your documents, emails, web history, IM/IRC conversations, address book contacts, calendar appointments, notes, source code, images, music/video files, archives, and applications to find the keywords you're looking for. It indexes changes to files, conversations, Web pages, etc. as they are made for fast searching. Operating System: Linux
14. DocFetcher
Why waste time searching all the files on your system, when you know you need a document? This application indexes and searches the text of the documents on your PC, very quickly. Operating System: Windows, Linux
15. Pinot
This search tool allows advanced queries (probabilistic search, boolean filters, wildcards, ranges on date, time and size) and detects multiple languages, including Asian characters. You can use it to search the Web as well as your personal files. Operating System: Linux
16. Recoll
A text-only searching tool, Recoll finds keywords in most documents types, including e-mail messages and their attachments. In other words, you don't need to know the name of the file you're looking for, just some of the text from the file. Operating System: Linux
17. Tracker
Built for the Gnome desktop, Tracker organizes and categorizes your files, as well as providing search capabilities. As a result, other apps like photo or music managers can find appropriate content quickly. It also lets you use metadata and keywords to make it easier to find the information you're looking for. Operating System: Linux
Page Two
Strategy Execution Process
By Scott Cleveland - ebiz
From Robert L. Howie Jr., Managing Director of the Palladium Group...
He mentions a survey that compared two groups, one with and one without a formal strategy execution process in place. A formal process means strategy maps, derived projects and process improvements from it, and associated key performance indicators (KPIs) with targets reported in scorecard dashboards and cascaded down into the organization. Seventy percent of organizations with the formal process were exceeding the performance of their peers in their industry, while in contrast only 27 percent of those without a formal process were.
The key conclusions are for executives to communicate strategy to their workforce in a way they can understand (e.g., a visual strategy diagram), and also involve the employees in identifying the actions and projects while also holding them accountable with appropriate measures and targets for those measures. The executives' primary role is to set direction - leadership. They must answer, "Where do we want to go?" With that done, managers and employees can answer a very different but related question, "How are we going to get there?"
My Thoughts...
This reminds me of Einstein's definition of insanity - 'doing the same thing over and over again and expecting different results.'
Most companies do not generate a formal process. They do not have strategy maps, derived projects, process improvements and associated key performance indicators (KPIs) with targets reported in scorecard dashboards and cascaded down into the organization.
How surprising is it that companies with a formal process are successful 70% of the time while those without are successful only 27% of the time?
Business Process Management [in general] needs a process - a process to manage [improve] business processes. Here is an often used process: Identify high value processes; Document the process as it exists today; Measure [metrics] the time it takes today; Identify potential improvements looking for efficiency and automation; Implement the changes; Measure the new process to see if you were successful; Make changes [improvements]; Implement & Measure; Repeat.
With the economy in its current state, now is the time to look for ways to be more efficient. Why? Efficiency will lower costs which should result in higher profits.
As I have said before - Just do it.
VeriSign rolls out new Web site verification service
by Jeremy Kirk - IT World
VeriSign is introducing a certification service that confirms whether a business is legitimate and that their Web site is free of malware.
VeriSign already sells various SSL (Secure Sockets Layer) certificates for Web sites that aim to let visitors know the site meets high standards for encryption of sensitive information. Those sites are also allowed to display a so-called "trust seal," designed to inspire confidence in the Web site.
The latest product, VeriSign Trust Seal, is aimed at small and medium-size businesses that do not need to purchase a SSL certificate because they don't directly handle sensitive information, said Martin Mackay, VeriSign vice president for Europe, the Middle East and Africa.
The target business for VeriSign is one that may outsource their payment processing to a third-party Web site but still may want to have their brand and Web site vetted for security problems.
If a business signs up, VeriSign checks to see if the business is real. "We will go out and check that the business is a registered business with the appropriate authority in the country concerned," Mackay said.
If approved, the business can display the "Trust Seal" on their Web site, which is essentially a badge that, if clicked, shows further verification information. While the badge has been faked before, the fake ones don't show further information, Mackay said. VeriSign contends that potential visitors are more likely to buy something when they see VeriSign's seals.
The business's Web site will also get a daily scan for malware. VeriSign has partner with an unnamed vendor to provide that service. The scan can find if a Web site has been hacked and rigged to attack computers visiting the site.
Hackers often look for weak Web sites in order to spread malware. One type of attack is a drive-by download, where the victim's computer is attacked upon merely visiting a bad Web page. If the Web browser software, for example, isn't up to date, the computer could be infected.
A one-year subscription to Trust Seal costs US$299. The service will be sold through VeriSign.com starting Thursday and its resellers later this year.
Improved data center productivity, private clouds
By: Dana Gardner, Principal Analyst, Interarbor Solutions
Published: 22nd February 2010
Copyright Interarbor Solutions © 2010
LISTEN (33.13)
Improved data center productivity now appears to be a natural progression from converged infrastructure. Many enterprise data centers have embraced a shared service management model to some degree, and now converged infrastructure applies the shared service model more broadly to leverage modular system design and open standards, as well as to advance proven architectural frameworks.
The result is a realignment of traditional technology silos into adaptive pools that can be shared by any application, as well as optimized and managed as ongoing services. Under this model, resources are dynamically provisioned efficiently and automatically, gaining more business results productivity. This also helps rebalance IT spending away from a majority of spend on operations and more toward investments, innovations, and business improvements.
This latest BriefingsDirect discussion explores the benefits of a converged infrastructure approach, and now how to better understand attaining a transformed data center environment. We'll see how converged infrastructure provides a stepping stone to private cloud initiatives. But, as with any convergence, there are a lot of moving parts, including people, skills, processes, services, outsourcing options, and partner ecosystems.
We're here with two executives from Hewlett-Packard (HP) to delve deeply into converged infrastructure and to learn more about how to get started and deal with some of the complexity, as well as to know what to expect as payoff. Please welcome Doug Oathout, Vice President, Converged Infrastructure at HP Storage, Servers, and Networking, and John Bennett, Worldwide Director, Data Center Transformation Solutions at HP. The discussion is moderated by Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Bennett: I often think of many CIOs as being at the heart of a vise, where, on one side, they have the business pressures. ... They need to support growth. They need to do a faster job of creating acquisitions. They need to spend more on business projects and innovation. They need to exploit technology for business advantage. They need to reduce costs.
On the other side of the vise are the constraints that they have in the environment that get in the way of them successfully addressing the business needs—legacy infrastructure and applications and antiquated methods of managing the infrastructure that make it difficult to be responsive to change, or people with the skills that won’t serve modern technology's needs or environments.
Data-center transformation (DCT) helps enterprises implement a data center and infrastructure strategy that's aligned to their goals and objectives. The key here is that it's customer-driven, and it has to be built around the plans and directions of the targeted organization. This is clearly not a one-size-fits-all type of environment.
For many organizations, those strategies for infrastructure can include traditional shared infrastructure solutions or servers using virtualization and automation with shared storage environments. Increasingly, we've seen a natural evolution into a tighter integration of the capabilities and assets of the data center in the fabric infrastructure.
HP's Converged Infrastructure represents a pretty significant step forward in terms of benefits and capabilities for customers looking at having infrastructure strategy aligned to their future needs. The neat thing is that converged infrastructure can be the foundation for private cloud architectures.
Oathout: About two-thirds, if not 70 percent, of the IT operations budget is spent on maintaining IT and the IT workload within the data center.
When you have a recession, like we just experienced, what happens is that 30 percent spent on innovation or new workload placement gets cut immediately to help manage the budget within an organization. Therefore, in the last 18 months, very little innovation and few new projects were taken on by IT to support new business growth.
Now we have customers who are starting to spend again and who are starting to see the light at the end of the tunnel. They want their IT environment to be more flexible in the future. So, they're looking at their server and storage upgrades, and how they can implement converged infrastructure, so that the new infrastructure is more flexible and can adapt more to the requirements of the business.
As you're going through your technology refresh now, coming out of the recession, you can start implementing better and faster IT equipment. You can also use better and more efficient processes—virtualization, automation, and management. When you put those pools of resources in place, you put them in a virtual environment so they can be shared among applications or can be transferred among applications when needed.
You are in the process now of creating pools of resources, versus dedicated silo resources, like you had prior to the recession, which couldn’t be reused for some of the application, and therefore you couldn’t support business growth.
The opportunity now is to break down those silos, give our customers the ability to share resources in the same footprint they have today, and actually become more efficient, so that when business changes or business needs change, they can adapt to the requirements of the business.
In a converged infrastructure environment, you really don’t want to care about the infrastructure you are putting it on. What you want to care about is that it's resilient, it's optimized, and it's modular, so it can grow and shrink with the application's demand.
Let me give you an example. A server consolidation using virtualization and new server equipment will generally double or triple your capacity within your data center for the same footprint, just by getting the utilization of the servers up, better performance within the servers, and better capabilities within virtual environments. You can basically double or even triple the size of your capacity within your data center.
The same thing holds true for storage. Storage disk drives become twice as dense over a two- or three-year period. The performance of the drives gets better. So, for the same footprint in your data center you can actually fit twice as much storage.
... What you really have is a process change that's required between the IT application managers, the test and development people, and a team that actually runs the infrastructure. They need to talk more about standardization. They need to talk about how their IT comes together.
That's where the Data Center Transformation Workshop that John Bennett's team does helps. It gives you an architecture for future deployments, so that you have a converged infrastructure. You have pools of resources to put new applications down or revamp older applications onto a newer architecture, so it becomes more flexible.
You have to break down that silo or break down that fence between application deployments and what line of businesses are telling the application deployers and the people who run the infrastructure. Customers really do see that as a deployment barrier, but they're working through it, because there are significant benefits on the other side, just due to the fact that you increase agility, lower cost, and you have more money and more people to go do the innovation to support the workloads of future businesses.
Bennett: Good organizations are always rethinking IT. What are the organization's strategy, goals, and objectives? What is it going to take to realize those objectives? What capabilities do we need from IT in order to make those real? And then, how do we make them happen?
This is where the partnership between the technology team and the business team comes into play. The technology team will have more insights into how it can be exploited, and the key thing for the business is to make sure they specify their needs and not specify the answer.
... There's economic return to the organization from being able to roll out a new business service more quickly. There's an economic return to the business from being able to provision more resources when they are needed based on demand, so that demand doesn't disappear. There's a competitive business benefit, which is financial in nature, in being able to respond to competitive threats more quickly.
And a lot of the benefits of this are in the nature of direct cost savings—the consolidation, modernization, and virtualization that Doug spoke to—the savings from energy related projects and investments with Data Center Smart Grid, for example. All are easily quantifiable.
Oathout: A cloud-computing environment is really an application-rich environment that allows you to bring more users on quickly and expand your capabilities and shrink your capabilities as you need them.
Converged infrastructure can be for public cloud, private cloud, or for a web workload or an high-performance computing (HPC) workload or an SAP workload. It doesn't really matter. A converged infrastructure is the optimal deployment of IT to support any kind of application, because it's modular in nature.
It has the flexibility to have more storage, more memory, less CPUs or more CPUs, less storage, or less memory, but it's all modular, so you can put the pieces together as you need them. So, it is a base support for either a cloud environment or a traditional IT environment. It really doesn't matter. It's designed to support both.
A private cloud is the IT department saying, "I'm now going to create a service catalog for my lines of business to develop upfront." You're getting software as a service (SaaS) now sitting on top of either a converged infrastructure or legacy infrastructure. A converged infrastructure is a lot easy to put SaaS on. But, you make that service catalog available to line of businesses, so they can turn on applications as they need them, very quickly.
Then, you can put more users on an enterprise resource planning (ERP) application, an online application, or a Web 2.0 application. IT is there as a support service now, setting that up, taking it down, and optimizing it over time, depending on the business needs.
So, private cloud is kind of that SaaS that sits on either a converged infrastructure or a legacy infrastructure or uniquely designed infrastructures that you get from some of the public cloud providers. Converged infrastructure is the optimal way to develop and deploy that in a standard data-center environment, and it's in support of a private cloud.
When you start bringing a storage and server and networking platforms together through a flexible fabric, the economies of scale of a shared resources and open systems is going to drive down the cost of acquiring IT. Then, with the software and the services capabilities that companies bring to market, they're going to bring the efficiencies along with them.
So, it is inevitable, starting with the simplest of workloads, moving to some of the hardest of workloads, that you are going to have a converged infrastructure. You are going to have application as a service, whether it's internal or external from a cloud provider, just because the economies of scale are there, and the ability to deploy the stuff is so simple once you get it set up that the efficiencies are also there besides the economies of purchase.
For example, a customer, the Dallas Cowboys, built a new football stadium in the Dallas area. It's a $1.4 billion investment. In the bottom of the thing is their data center. They run 30 different businesses out of the data center in the Dallas Cowboys stadium.
They have built it on a virtual environment. They have BladeSystems. They have the FlexFabric built into the environment. They went from over 500 servers down to 16 blades, with virtual machines running on them for the point of sale environment within the stadium. It drove a smaller footprint, but also the dynamics in the server and storage environment, so they can bring on new applications for the 30 businesses very quickly.
They changed their infrastructure to support their environment. ... They bring applications online and very reactive to the lines of businesses they are supporting. That's what a converged infrastructure really delivers, besides the lower economic cost that John and I have talked about. It's that efficiency to bring new opportunities to the lines of businesses, accelerate business growth, or increase customer satisfaction.
U.S. experts close in on Google hackers
By Joseph Meen - FT Com
(FT) -- U.S. analysts believe they have identified the Chinese author of the critical programming code used in the alleged state-sponsored hacking attacks on Google and other western companies, making it far harder for the Chinese government to deny involvement.
Their discovery came after another team of investigators tracked the launch of the spyware to computers inside two educational institutions in China, one of them with close ties to the military.
A freelance security consultant in his 30s wrote the part of the program that used a previously unknown security hole in the Internet Explorer web browser to break into computers and insert the spyware, a researcher working for the U.S. government told the Financial Times. Chinese officials had special access to the work of the author, who posted pieces of the program to a hacking forum and described it as something he was "working on".
The developments will add to the furore over the hacking campaign, revealed last month when Google said its systems had been compromised. It threatened to pull out of China, and secretary of state Hillary Clinton asked the Chinese foreign minister for a probe.
The disclosure of the cyberspying campaign has brought attention to technology security matters and the policies of the Chinese, who western experts say have been using software vulnerabilities to steal commercial and military know-how.
The Obama administration has pledged to make cyber-security a priority.
"We're realizing there are other aspects of this problem beyond the technological and that there are other agencies that need to get involved," said Mischel Kwon, a former U.S. cybersecurity official now working for RSA Security.
Beyond the immediate forensic inquiry, the work of U.S. researchers sheds light on how cyber-operations are conducted in China.
The man who wrote code to take advantage of the browser flaw is not a full-time government worker, did not launch the attack, and in fact would prefer not be used in such offensive efforts, according to the U.S. team that discovered his role.
"If he wants to do the research he's good at, he has to toe the line now and again," the U.S. analyst said. "He would rather not have uniformed guys looking over his shoulder, but there is no way anyone of his skill level can get away from that kind of thing. The state has privileged access to these researchers' work."
A separate team of U.S. contractors has traced the launch of the spyware to computers at Shanghai Jiaotong University and Lanxiang Vocational School, according to two people familiar with that inquiry.
Jiaotong University has one of the best security departments in the country, U.S. analysts said, with former government cyber commanders in residence.
The state-run Xinhua news agency said officials at both schools denied involvement.
In theory, outsiders could have compromised both schools' machines before using them to collect data from the Western companies.
But US analysts said at least Jiaotong University's networks are closely monitored, making them an odd choice for an independent attacker seeking to avoid detection. In addition, "Our investigation shows the hosts that did the attacks were not compromised that we could tell", said an analyst involved in that probe.
Web 2.0 a Top Security Threat in 2010, Survey Finds
By nathan Eddy - eWeek.com
Internet security provider Webroot reports IT managers in small to midsize businesses believe malware spread through social networks, Web 2.0 applications and other Web-based vectors will pose the most serious risk to information security in 2010.
The data is part of a survey of 803 IT professionals in companies with 100 to 5,000 employees in the United States, the United Kingdom and Australia.
The vast majority of respondents (80 percent) said Web 2.0-based malware will be a problem in 2010. The survey found 73 percent believe Web-based threats are more difficult to manage than e-mail-based threats.
Survey respondents identified data security and confidentiality, data loss prevention, and securing mobile and laptop users as the top three priorities for Web security in 2010. Webroot said it commissioned the survey to identify the threats security professionals most anticipate in 2010; the weakest links in Web security; and how to guard against Web-borne threats, how employees put organizations' security at risk and how best-in-class companies are addressing these issues.
Nearly one quarter of those surveyed believe their company is very or extremely vulnerable to threats from Microsoft operating system vulnerabilities (25 percent); unpatched client-side software, such as Adobe Flash or Adobe Reader, Apple QuickTime, Microsoft Office or Sun Java (24 percent); browser vulnerabilities (24 percent); and Web 2.0 applications like Facebook or Twitter (23 percent). About a quarter of SMBs were compromised by employees who accessed personal Webmail accounts (23 percent), used social networking sites (24 percent), used P2P networking (25 percent) or downloaded media (32 percent).
Even among respondents who said they strongly believe that their companies devote sufficient resources to protect against security threats, 60 percent reported attacks from viruses, as well as attacks from spyware (57 percent), phishing (47 percent), hacking (35 percent) and SQL injections of their Websites (32 percent). The majority (73 percent) of respondents agree that managing Web-based threats is more challenging than managing e-mail-based threats.
Eighty-eight percent of SMBs said they have an Internet use policy, and 95 percent said they do something to enforce the policy. The most commonly reported way that companies reported they enforce policies is explaining the policy at employee orientation (69 percent) and sending reminders one or more times per year (44 percent). In addition, 56 percent of SMBs have Internet use policies against visiting social networking sites.
Gerhard Eschelbeck, chief technology officer at Webroot, said businesses of all sizes are waking up to the reality that threats lurk in new places on the Web, including Web 2.0 sites. "Among our own Web Security Service customers, we're now seeing about half restrict employee access to social networks as a pre-emptive strike against malware infections and data compromise, as well as impacted productivity," he explained. “Because SMBs tend to have fewer layers of protection than large enterprises, we especially encourage them to keep up with the latest threat vectors by using a service that automatically stops Web-based threats, filters Web traffic and enforces Internet use policies."
Sprint To Usher In the Year of 4G Wireless
By David Coursey - IT World
4G wireless--which operates at speeds up to 10 times greater than today's 3G networks--could become a reality for many businesses over the coming year. Sprint, the current 4G leader, says it will introduce its first 4G smartphone before mid-year.
Sprint introduced its 4G WiMAX network in 2008, but so far there have been no handsets to use on it. While the carrier has introduced non-phone devices, such as wireless cards, mobile hotspots, and USB modems for 4G, phones have waited as the network was built out.
That makes sense, considering the small footprint of Sprint's 4G network, which today reaches about 30 million people in 27 markets. By the end of the year, however, the addition of Houston, New York, San Francisco, Boston, and Washington will expand the footprint to include 120 million people.
Forbes reported Thursday night that Sprint's new 4G smartphone will launch during the "first half of 2010--a few months earlier than many expected."
Published reports suggest the handset will be dual mode, able to operate on both Sprint's 3G and 4G networks to provide coverage where 4G is not available. The phone will supposedly be made by HTC and be based upon Google's Android operating system.
While Sprint's 4G is built on WiMAX technology, Verizon has said it will introduce its 4G network later this year using a competing technology called LTE. AT&T is expected to launch its own LTE network sometime in 2011. T-Mobile is another LTE supporter, although some say excitement about the new standard should be restrained because of low availability this year.
No doubt Sprint's rush to deliver 4G ahead of its competitors explains its choice of network technology. WiMAX has been around for several years with little commercial adoption, and may be ripe for deployment by a major carrier. However, the decision to go with WiMAX over the more broadly supported LTE could ultimately hurt Sprint down the road.
The 4G transition is an important opening for the troubled carrier, which saw losses of both revenue and customers during the quarter just ended. Sprint has never quite recovered from its rocky 2005 acquisition of Nextel Communications. 4G gives the company an exciting story and the possibility of attracting large numbers of new customers.
Key to that will be an exciting smartphone lineup that takes full advantage of 4G bandwidth, up to 10mb/s, for interactive and content-based applications, such as on-demand video. Business will, as usual, ride along with the consumer apps, developing technologies like mobile telepresence and on-demand training for 4G handsets.
Beyond handsets, tablets and other data devices such as mobile hot spots, will allow businesses to create networks on-the-fly at field locations or as a standard part of service vehicles. 4G offers enough speed that multiple users can get good throughput simply using their own Wi-Fi connected to the wireless hotspot.
David Coursey has been writing about technology products and companies for more than 25 years. He tweets as @techinciter and may be contacted via his Web site.
Computer jargon baffles users, hinders security
William Maclean, Security Correspondent - REUTERS
BRUSSELS (Reuters) - Computer jargon, a "tick box" culture and unimaginative advertising are discouraging Internet users from learning how to protect themselves online.
Faced with such gobbledegook, many of the world's nearly 2 billion Internet users conclude that security is for "experts" and fail to take responsibility for the security of their own patch of cyberspace -- a potentially costly mistake.
That was the message from cyber experts who met this week to work out how to protect computer users from the growing problem of online theft, fraud, vandalism, abuse and espionage.
"The malicious and criminal use of cyberspace today is stunning in its scope and innovation," said Dell Services President Peter Altabef.
One problem is that computer "geeks" use jargon to cloak their work in scholarly mystique, resulting in a lack of clarity in everything from instruction manuals and systems design to professional training, the experts said.
"If you don't demystify security, people become anxious about it and don't want to do it," former U.S. Homeland Security Secretary Michael Chertoff told Reuters on the sidelines of the EastWest Institute security meeting in Brussels.
"There are some people in the profession who to some degree enjoy the mystification of what they do, that it's not penetrable. It's almost a sense of superiority," he said.
Doctors and lawyers used to enjoy "a sense of mystified special knowledge," Chertoff said. "But ... once you empower people to understand what's going on, doctors do a better job. So with cybersecurity the task is to make the architecture more user-friendly -- and to teach people better."
The industry has made progress in educating users, but a huge and urgent task lies ahead in view of the growing criminal threat and the imminent arrival of billions more Internet users.
USE SIMPLE LANGUAGE
Plain language is vital, said Steve Purser, head of Technical Competence at the European Network and Information Security Agency, a European Union body.
"We use a lot of complex terminology where it's not needed. We don't encourage people to think enough," he said.
"We give people the impression ... that everything is about pushing the right button at the right time. But if someone is out to attack you, they are going to use their brain to do it. They are going to think how to get round the system."
Educating the individual customer has long been a top goal for an industry struggling to balance security against ease of use and the clamor for mobile communications.
Users may be advised to install security software, or create better, more complex passwords -- but few are told why in vivid terms. There is too much reliance on procedure, Purser said.
"If we try to teach standard messages such as 'always protect your password' the danger is that people will learn the recipe but not learn why this happens," Purser said. "It's more important to learn the why of doing something..."
Delegates said imaginative messages explaining the importance of online protection are needed, tailored to different age groups and audiences and posted on media ranging from TV advertising and schools curriculums to Youtube, Second Life, social network sites and video games.
"In an ideal world you would change your password every day. You would have 14 characters and no more than two would repeat themselves. No one can live with that," said Chertoff.
Curtis Siller, director of Standards at the Institute of Electrical and Electronics Engineers, said the industry had to do a better job of communicating the risks to various audiences.
With cars, "You watch TV news and see the consequences of not wearing a seatbelt," he said. But the risks of Internet use are less apparent, so a sense of responsibility does not take root.
(Editing by Tim Pearce)
Word 2011's Ribbon Will Tie Mac Users in Knots
By Scott M. Fulton
Betanews
The introduction of the ribbon puts Microsoft Word 2011 for Mac at an odd crossroads. It appears in a spot on the user interface that Windows and OS X normally use very differently. How are Word's ribbon and OS X's menu bar to coexist? Recently released screenshots of the latest version of the program are not encouraging. Why force two different design styles together?
Microsoft was under no obligation to build a ribbon component, similar to the one premiered in Office for Windows, for the Mac. That's especially true given the fact that the menu bar is such a prominent element of the Mac user experience. Ever since System 7, the menu bar -- which remains fixed to the top of the screen -- indicates which application is active. In Windows, applications have their own menu bars, if they have them at all; and starting with Office 2007, the ribbon replaced the menu bar.
In Windows, the replacement of the menu bar for Office apps was one of its design goals: a way to reduce screen clutter and minimize the steps or clicks required for a user to find a function. At least that's how Microsoft presented the original idea back at PDC in September 2005. In Mac OS, you can't replace the menu bar, so a ribbon would have to find some way of complementing it, sharing the workload with it, in a way that makes sense to the user.
That's the problem: Judging from the one screenshot Microsoft released last week of an early development build of Word 2011 for Mac, it's not obvious how its implementation of the ribbon will complement, and coexist with, the menu bar. Perhaps one screenshot isn't a good enough clue, but that screen does show the new Home tab of Word, as it's currently being envisioned. If a new user, unfamiliar with the word processor, were to sit down to this screen and try to ascertain how to use this program on her own, it seems more likely she'd start by perusing the menu bar than the ribbon tabs.
Things and Actions
For three decades now, the most skilled developers have embraced and extended the principle that menus in a bar should have consistent categories whose divisions are simple for someone to intuit without a manual. When asked to give my advice on the matter, I've always maintained that menus should distinguish between actions and things, the same way a sentence clearly distinguishes between verbs and objects. For instance, "Insert" is a very straightforward menu name that implies the creation of something new, typically a visual component rather than just text. "Insert" is the name of a ribbon tab in Office 2007 and 2010 for Windows. "Edit," meanwhile, implies the changing of something already present. It has been the second menu category of nearly all applications ever created that follow the Common User Access principles, for both Mac and Windows; and it remains the second menu category in the Office 2011 screenshot.
On the other hand, things can be both edited and inserted. So you can see how the confusion over what function does what action, can begin. Several years ago, I commented to Microsoft developers about how the Word menu bar contained "Edit" (an action) and "Table" (something that can be edited). A reasonable novice user might ask, "If I want to edit a table, which menu should I pull down?" Depending upon whom I was speaking with at the time, the response I got was, "Well obviously, 'Edit,'" or "Well obviously, 'Table.'"
It didn't help that the menu selection for inserting a table fell under the "Table" menu rather than the "Insert" menu -- technically, it was under a submenu: Table > Insert > Table. How intuitive is that, really? The explanation I usually got was, "Well, the 'Table' menu is for tables that already exist." "Then why isn't the 'View' menu for views that already exist?" I responded.
Getting in Rhythm With the Ribbon
This was one of the quandaries Microsoft designers specifically addressed in the creation of the ribbon for Office 2007. When it was first demonstrated to me at PDC 2005, developers said that the most reasonable thing to expect a novice user to do when editing a table, was to click on the table. The ribbon should then respond with the features that pertain to changing or doing stuff to the table. That's when the design principles clicked for me, and I started really liking where the ribbon was going.
Microsoft's screenshot of an early build of Office 2011 for Mac, now featuring the ribbon.
So I'm wondering why these same principles appear not to have been referenced in the initial design of Word 2011. Here, the ribbon contents we're looking at are from the Home tab, where the general character and paragraph editing features are most often found -- the contents of the regular toolbars in earlier versions of the product. What Word 2010 for Windows calls the File tab is represented here in the Word menu, which is alongside the File menu.
Inside the Home tab, one finds the Insert frame. Now, suppose you're a new user and you want to insert a table. There's a big Insert frame in the Home tab, but it only gives you Text Box, Shape and Picture. So you don't go there. Perhaps a table is one of the Document Elements represented by that tab. (We won't know from just this one screenshot.) Assuming that's wrong, the user gets sent back to the menu bar. And we're back at square one; do we try the Insert menu or the Table menu?
From PDC 2005, a screenshot of the premiere public showing of the ribbon in an early beta build of Excel 2007, in what was then code-named 'Office 12.'
It appears from this glance that the Word for Mac designers weren't trying to solve any of the same problems the Word for Windows designers were working on. Instead, they concentrated on the sole problem of getting a ribbon-like something into a Mac window. To do that, they didn't even bother to borrow the more refined elements of Office 2010; they went instead to the five-year-old drawing board of the "Office 12" project.
The idea of making the ribbon subdivisions into tabs came after the initial design was shown off to the public. In this 2005 screenshot from Excel above, as well as in this blow-up from Word below, you see how the frame categories (at one time, folks experimented with calling them "drawers," but thankfully that never caught on) were printed on top of the frame. The user clicked the little plus sign that pointed up, to pull up a dialog box with expanded options below -- which didn't make sense.
Granted, on the Mac, the system clipboard is a sacrosanct Apple (Nasdaq: AAPL) property. Still, it is the tool with which one cuts, copies and pastes, even if she's accustomed to typing Command-X, Command-C, or Command-V to do it. Ever since the beginning of the ribbon project in Office 12 for Windows, designers had the objective of making cut, copy and paste more obvious.
So where are they in Word for Mac? Probably under the File menu where they've always been. Possibly a user could customize what Office 2011 designers are calling the "Standard Toolbar" by adding cut, copy, and paste to it (thereby making it non-standard). The counterpart for this device in Office for Windows, the "Quick Access Toolbar," takes up just the left corner of the title bar by default, though it can be scooted down below the ribbon. On Mac OS, since the title bar is Apple property, the Standard Toolbar must be displayed as a full-size stripe below the title bar, although I imagine there's a way to turn it off.
In almost every sense, the addition of the ribbon to this rendition of Word 2011 for Mac distributes the application's functionality to a bunch of various on-screen devices -- perhaps a ribbon, perhaps a menu, perhaps a toolbar -- rather than consolidating them in one place, which was the ribbon's original design goal. Marketing this implementation using trendy phraseology doesn't mask this choice to the user.
Why the Forced Marriage?
Nevertheless, Microsoft is wont to try anyway: "Together, the menu bar, standard toolbar, and ribbon complement each other seamlessly," wrote developer Han-Yi Shaw for the company's blog. "The standard toolbar hosts the most highly used controls -- such as New, Open, Print, Save -- so if you've seen an Standard Toolbar in Office sometime in the past 20 years, you'll know where and what to expect. The Office for Mac ribbon hosts the most highly used formatting and creation tools that were previously evenly distributed between the Formatting Palette and Elements Gallery in Office 2008. With the new Office for Mac ribbon, you know [sic] longer have to travel between these two user elements, but instead just focus on a single, unified, tab-based design."
Put together with the existing menu bar, this design can't possibly regain lost screen real estate in exactly the same way as for Office 2007. But perhaps if we just say it does anyway: "You'll also be pleased learn that the combined height of the standard toolbar and ribbon is noticeably less tall than the standard toolbar and Elements Gallery in Office 2008 for Mac. So you actually regain screen real estate when you switch over to Office 2011 ... For the remaining least used 20 percent of functionality, it doesn't clutter up the user interface and you can simply access them via the Mac OS X menu bar during that rare occasion when you them."
I used to write about Macintosh two decades ago for Computer Shopper. One thing that has never changed about people who use the Mac is that it's because they want to use a Mac. So they want to use the menu bar at the top of the screen because that's what they prefer. It works for them. The problem Microsoft is trying to solve by grafting the Windows Vista/Windows 7-style ribbon onto Office for Mac is not so much a functionality problem as a perception problem: If Office for Mac can work well the old-fashioned way, then one might possibly ask why Microsoft developers didn't leave Office for Windows the way it was, or at least give them an option to switch back to the old menu bar.
However, something which perhaps has never occurred to the company's developers to believe is the sheer possibility that maybe, just maybe, some people use Windows because they want to use Windows. Don't laugh. Why not envision a time when that's possible, and build Windows apps to suit the needs of Windows customers? And then for Mac customers, make Mac applications that run like they belong on Macs. If both groups were equally pleased with good design choices that appeal to them individually, there would be no perception problem for Microsoft to solve.
Linux and the Power of Virtual Mega-Machines
By Shai Fultheim - LinuxInsider
Some applications just weren't built for the cloud -- they either need more RAM or more processing cores than most clouds can easily provide. Many of these applications are written for or easily migrated to Linux. New technologies provide a new kind of virtualization: virtualization for aggregation. Using hypervisor fundamentals, the power of multiple x86 boxes can be combined to create gigantic virtual machines.
Cloud computing describes an Internet-based computing infrastructure that has abstracted users and user applications from the underlying computing resources that support them. In concept, cloud computing is functionally different from previous IT architectures in that users no longer need to own, have expertise in, or have control over the underlying technology -- they are only aware of borrowing and consuming IT services, much as they would with telephony, electrical or plumbing infrastructures.
The cloud paradigm has developed along with the maturity of virtualization and provisioning technologies that enable resources-as-a-service using Internet protocols.
Wikipedia defines the cloud as "a computing capability that provides an abstraction between the computing resource and its underlying technical architecture (e.g., servers, storage, networks), enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction." This definition states that clouds have five essential characteristics: on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service."
Too Big for the Cloud?
The challenge for evolving cloud computing architectures is that there have been and always will be a significant number of applications that can't easily serve existing compute nodes. These demanding workloads require either a large number of processing cores or large memory (RAM) footprints that are beyond the scale of normal cloud computing resources. For end users who have been increasingly disaggregated from the compute nodes and trained to think of compute resources as on-demand, this is both frustrating and challenging, as they have to differentiate workloads that can run in the cloud from those that continue to need dedicated, expensive and purpose-built hardware. These users also need to maintain and manage these additional compute resources when their energies are likely better spent running workloads and generating application results instead of managing IT.
Recently, Penguin Computing and SGI announced a new HPC solution targeting end users interested in deploying their applications in the cloud. Penguin Computing and SGI are only the latest in a growing number of vendors either supplying the technology to deploy HPC in private clouds or service providers offering high-performance computing cloud services.
What makes this trend even more interesting is that traditional cloud provisioning services were targeted at enterprise workloads -- largely parallel or small data-set application services. These workloads have commonly been the focus of virtualization vendors like VMware (NYSE: VMW) or Citrix (Nasdaq: CTXS), who are providing cloud managers with the ability to share hardware resources among several workloads and multiple customers. Workloads requiring a large number of processing cores and/or very large memory footprints, sometimes requiring hundreds of GB of RAM, have been completely eliminated from cloud computing deployments.
So What Is Changing?
Currently, the vast majority of workloads requiring a large number of processing cores or large memory have already moved or are in the process of moving to Linux.
These once-proprietary Unix applications have been relatively easy to migrate or are increasingly being written for a Linux or open source operating system alternative. This makes it inherently easier for these workloads to move to x86 infrastructure, providing more flexibility in their deployment models and giving customers the ability to take advantage of higher-performance and lower-cost commoditized systems.
The Hypervisor in the Cloud
Virtualization is one infrastructure market not often thought of as being relevant for demanding workloads. Partitioning virtualization, as that from VMware or Citrix, is thought of as a way to optimize individual server utilization when running workloads that require less than full system resources. However, other workloads are often looking for ways to increase processor cores and memory -- not partitioning them.
New technologies from companies like ScaleMP provide a new kind of virtualization technology: virtualization for aggregation. Using the same fundamental hypervisor technology, these vendors have found a way to aggregate the power of multiple x86 boxes and run off-the-shelf Linux (for ScaleMP that is Linux kernel level 2.6.11 or later) to create very large virtual machines scaling across hundreds of processor cores and terabytes of RAM. These large virtual machines (VMs) are perfect for demanding workloads.
However, this is only half the story. Once vendors have created large VMs out of smaller x86 servers, it's just a small step to provisioning systems from a cloud infrastructure on-demand. Provisioning large VMs on an on-demand basis will lead to a revolution in architectural design -- one in which workloads requiring sub-system resources and workloads demanding resources of several systems can coexist in the same infrastructure and dynamically allow IT administrators to modify their compute resources -- accommodating needed workload rather than restricting the infrastructure to the workloads that fit within a single node. This increase in workload addressability will, in most cases, increase cloud utilization to close to 100 percent of enterprise and compute workloads and increase cloud infrastructure ROI.
This VM-on-demand-for-any-workload paradigm is not a futuristic revolution. For example, HPC-as-a-service enabled by hypervisor aggregation technologies exist today and are available from companies like R Systems in El Dorado Hills, Calif.
The common thread in this discussion is Linux and virtualization. Virtualization allows Linux to utilize exactly the hardware resources required by a specific workload -- whether these workloads require sub-system resources (partitioning) or combination of multiple systems (aggregation). Growing flexibility allows cloud infrastructures to be more power- and resource-efficient, and it provides users with virtual resources that fit their workload. Furthermore, it is possible that future cloud deployments will combine both capabilities to allow small VMs to be aggregated into large Vms, providing even greater level of flexibility -- a capability that deserves an article of its own.
Over 75,000 systems compromised in cyberattack
By Jaikumar Vijayan - IT World
Security researchers at Herndon, Va.-based NetWitness Corp. have unearthed a massive botnet affecting at least 75,000 computers at 2,500 companies and government agencies worldwide.
The Kneber botnet, named for the username linking the affected machines worldwide, has been used to gather login credentials to online financial systems, social networking sites and e-mail systems for the past 18 months, according to NetWitness.
A 75GB cache of stolen data discovered by NetWitness included 68,000 corporate login credentials, login data for user accounts at Facebook, Yahoo and Hotmail, 2,000 SSL certificate files and a large amount of highly detailed "dossier-level" identity information. In addition, systems compromised by the botnet also give attackers remote access inside the compromised network, the company said.
"Disturbingly, the data was only a one-month snapshot of data from a campaign that has been in operation for more than a year," NetWitness said in a statement announcing the discovery of the botnet late yesterday.
NetWitness did not release the names of the companies compromised in the attacks, which it described as being highly targeted and well coordinated. But a story Wednesday in the Wall Street Journal identified pharmaceutical company Merck & Co., Cardinal Health Inc., Paramount Pictures and Juniper Networks Inc. as some of U.S. firms that had been infiltrated. Systems belonging to 10 government agencies were also penetrated in the attacks.
According to the Journal , the attacks started in late 2008 and appeared to originate in Europe and China. Computers in as many as 196 countries have been affected, with many systems compromised after users clicked on phishing e-mails with links to sites containing malicious code. Most of the compromised systems appeared to be in Egypt, Mexico, Saudi Arabia, Turkey and the U.S., the Journal reported, quoting an unnamed source with information on the attacks.
NetWitness, which provides a range of network monitoring and forensics services for companies and government agencies, discovered the botnet in January during a routine engagement with one of its clients. According to the company, the botnet is a variant of the ZeuS botnet, which is known primarily for stealing banking credentials.
More than half of the infected systems in the Kneber botnet also contained the competing Waledac Trojan, probably because those behind the attacks wanted to build some redundancy into their attacks, NetWitness said. "The coexistence of ZeuS and Waledac suggests the goals of resilience and survivability and potential deeper cross-crew collaboration in the criminal underground," the company noted.
Windows is the Choice of Enterprise Developers
By Sean Michael Kerner - internetnews.com
New data confirms that PHP developers have differing tastes when it comes to their operating system of choice for development and for deployment.
The open source PHP dynamic language is one of the most widely deployed languages on Web servers today. But what operating systems are PHP developers using to develop and deploy their applications? It's a question that has been asked before and now it's being answered with a new study from Zend, one of the lead commercial backers behind PHP.
The study surveyed 2,000 PHP developers in December and found that 85 percent reported that Linux was their primary operating system as a production environment for PHP.
Windows came in at a distant second at 11 percent while Mac OS X came in third at just 2 percent. However, when Zend drilled down into which platforms respondents prefer for their development, the rankings change dramatically.
According to the study, 42 percent of respondents reported that Windows was their primary operating system for development. Linux came in as No. 2 at 38.5 percent while Mac OS X remained in third place at 19.1 percent.
Storage Virtualization Gets Serious
By Amy Newman - internetnews.com
Virtually Speaking: A torrent of products are being unleashed to meet the challenges of backing up virtual machines. From cloud storage to golden image management, virtualization technologies for storage are on the move.
As virtualization and cloud computing continue a seemingly endless trajectory of prominence, their disadvantages is becoming as clear to those in the trenches as those on top perceive their benefits.
Thus, a raft of solutions are springing up to resolve many of these issues. In the past two weeks, storage virtualization seems to have found its way to the forefront.
Two week's ago, CommVault (NASDAQ: CVLT) took its storage management product, Simpana, to the cloud with an eye on organizations requiring more space for archiving, replacing infrastructure or looking to simplify compliance management. CommVault described the product as a "cloud storage connector for Simpana" and sells it under a $900 per-terabyte capacity license. Customers can store data on-premises, or in a public or private cloud and move it back and forth as necessary.
It's no surprise that CommVault is far from alone in seeing the value in storage virtualization solutions. On Tuesday, Virsto joined the fray with its first product: Virsto One, a hypervisor-based storage virtualization solution.
'Business architecture' helps leaders decide on and execute changes at the new speed of business
By Dana Gardner, Principal Analyst, Interarbor Solutions - IT-Director.com
Listen to the podcast
What's the difference between enterprise architecture (EA) and business architecture (BA)? We pose the question to Tim Westbrock, Managing Director of EAdirections, as part of a podcast discussion coming to you from The Open Group’s Enterprise Architecture Practitioners Conference in Seattle, the week of Feb. 1, 2010.
The discussion is moderated by me, Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Gardner: I really enjoyed your presentation today. Can you tell us a little bit about some of the high-level takeaways. Principally, how do you define BA?
Westbrock: Well, the premise of my discussion today is that, in order for EA to maintain and continue to evolve, we have to go outside the domain of IT. Hence, the conversation about BA. To me, BA is an intrinsic component of EA, but what most people really perform in most organizations that I see is IT architecture.
A real business-owned enterprise business architecture and enterprise information architecture are really the differentiating factors for me. I'm not one of these guys that is straight about definitions. You’ve got to get a sense from the words that you use.
To me enterprise business architecture is a set of artifacts and methods that helps business leaders make decisions about direction and communicate the changes that are required in order to achieve that vision.
Gardner: How do we get here? What's been the progression? And, why has there been such a gulf between what the IT people eat, sleep, and drink, and what the business people expect?
Westbrock: There are a lot of factors in that. Back in the late '80s and early '90s, we got really good at providing solutions really quickly in isolated spots. What happened in most organizations is that you had really good isolated solutions all over the place. Integrated? No. Was there a need to integrate? Eventually. And, that's when we began really piling up the complexity.
We went from an environment, where we had one main vendor or two main vendors, to every specific solution having multiple vendors contributing to the software and the hardware environment.
That complexity is something that the business doesn’t really understand, and we haven’t done a real good job of getting the business to understand the implications of that complexity. But, it's not something they should really be worried about. It's our excuse sometimes that it's too complex to change quickly.
Focus on capabilities
We really need to focus the conversation on capabilities. Part of my presentation talked about deriving capabilities as the next layer of abstraction down from business strategy, business outcomes, and business objectives. It's a more finite discussion of the real changes that have to happen in an organization, to the channel, to the marketing approach, to the skill mix, and to the compensation. They're real things that have to change for an organization to achieve its strategies.
In IT architecture, we talk about the changes in the systems. What are the changes in the data? What are the changes in the infrastructure? Those are capabilities that need to change as well. But, we don't need to talk about the details of that. We need to understand the capabilities that the business requires. So, we talk to folks a lot about understanding capabilities and deriving them from business direction.
Gardner: It seems to me that, over the past 20 or 30 years, the pace of IT technological change was very rapid -- business change, not so much. But now, it seems as if the technology change is not quite as fast, but the business change is. Is that a fair characterization?
Westbrock: It's unbelievably fast now. It amazes me when I come across an organization now that's surviving and they can't get a new product out the door in less than a year -- 18 months, 24 months. How in a world are they responding to what their customers are looking for, if it takes that long to get system changes products out the door?
BA is a means by which we can engage as IT professionals with the business leadership, the business decision-makers who are really deciding how the business is going to change.
We're looking at organizations trying monthly, every six weeks, every two months, quarterly to get significant product system changes out the door in production. You've got to be able to respond that quickly.
Gardner: So, in the past, the IT people had to really adapt and change to the technology that was so rapidly shifting around them, but now the IT people need to think about the rapidly shifting business environment around them.
Westbrock: "Think about," yes, but not "figure out." That's the whole point. BA is a means by which we can engage as IT professionals with the business leadership, the business decision-makers who are really deciding how the business is going to change.
Some of that change is a natural response to government regulations, competitive pressures, political pressures, and demographics, but some of it is strategic, conscious decisions, and there are implications and dependencies that come along with that.
Sometimes, the businesses are aware of them and sometimes they're not. Sometimes, we understand as IT professionals -- some not all -- about those dependencies and those implications. By having that meaningful dialogue on an ongoing basis, not just as a result of the big implementation, we can start to shorten that time to market.
Gardner: So, the folks who are practitioners of BA, rather than more narrowly EA, have to fill this role of Rosetta Stone in the organization. They have to translate cultural frames of mind and ideas about the priorities between that IT side and the business side.
Understanding your audience
Westbrock: This isn't a technical skill, but understanding your audience is a big part of doing this. We like to joke about executives being ADD and not really being into the details, but you know what, some are. We've got to figure out the right way to communicate with this set of leadership that's really steering the course for our enterprise.
That's why there's no, "This is the artifact to create." There's no, "This is the type of information that they require." There is no, "This is the specific set of requirements to discuss."
That's why we like to start broad. Can you build the picture of the enterprise on one page and have conversations maybe that zero in on a particular part of that? Then, you go down to other levels of detail. But, you don't know that until you start having the conversation.
Gardner: Okay, as we close out, you mentioned something called "strategic capability changes." Explain that for us?
. . . There's a missing linkage between that vision, that strategy, that direction, and the actual activities that are going on in an organization.
Westbrock: To me, so many organizations have great vision and strategy. It comes from their leadership. They understand it. They think about it. But, there's a missing linkage between that vision, that strategy, that direction, and the actual activities that are going on in an organization. Decisions are being made about who to hire, the kinds of projects we decide to invest in, and where we're going to build our next manufacturing facility. All those are real decisions and real activities that are going on on a daily basis.
This jump from high-level strategy down to tactical daily decision-making and activities is too broad of a gap. So, we talk about strategic capability changes as being the vehicle that folks can use to have that conversation and to bring that discussion down to another level.
When we talk about strategic capability changes, it's the answer to the question, "What capabilities do we need to change about our enterprise in order to achieve our strategy?" But, that's a little bit too high level still. So, we help people carve out the specific questions that you would ask about business capability changes, about information capability changes, system, and technology.
Why IT managers have embraced Skype
By David Tang, Global VP, VoSKY Technologies - IT-Director.com
It's funny that some of the most revolutionary technologies are first brought into businesses by individual users, rather than IT departments. Then, when others see the benefits those pioneering users are getting, the technology is quickly adopted company-wide. It happened this way with PC-based fax, then email, and with instant messaging. And it's happening with Skype.
And that's really no surprise. Individuals first embraced Skype because it offered free voice and video calls over the Internet. The adoption rate skyrocketed due to Skype's ease of use and superior voice quality over the public Internet. But now that it operates the world's largest and most reliable Internet communications community, with over 405M registered users, it's also a very attractive infrastructure for business telephony applications. According to Skype, 30% of its users are using Skype for business.
What's more, it complements the communications infrastructure that you already have in place, enabling you to do more with the resources you already have, which is particularly compelling in the current business climate.
So here are five key reasons why corporate IT managers have embraced Skype in their organizations—and how they can deploy and centrally manage it effectively.
It saves—and keeps on saving
Skype isn't just about cost savings—but it's a great benefit nonetheless. It saves your business money on all call costs: national, international, mobile, inter-office, to any user, and it keeps on delivering savings.
With Skype centrally managed in your organisation via PBX-to-Skype gateways you can create global numbering plans, enabling employees to use extension dialling between offices. Site-to-site calls are free, and long-distance calls are handled using SkypeOut to reduce costs. The gateways also centralise Skype provisioning and management, giving IT managers full control and eliminating the need to install Skype on each PC. All Skype voice functions are delivered to users' handsets.
The benefits can also extend to mobile users. With Skype installed on any smart mobile phone that can run the lite version of Skype, the user's call preferences can be set up centrally by the IT team, via the PBX gateway, for alternate routing to the mobile user's Skype account. This is done via mobile broadband under the user's mobile data plan, giving huge savings compared with even the cheapest international mobile tariffs.
It leverages your existing technology
These PBX-to-Skype application gateways can link any office phone system (whether traditional digital switch, or IP / SIP PBX) to Skype, for a low one-time upgrade cost without having to swap out or replace existing equipment. The gateways add anything from 4 to 30 Skype lines to the company PBX, so that Skype calls can be made and transferred between extensions as normal. Employees simply dial 8 for Skype, or 9 for an ordinary line.
None of your investments are made obsolete. You just make your existing assets work harder for your business—and start saving money.
It's easy to manage
The gateways can be installed, and Skype provisioned, in less than half a day, with zero changes to existing PBX equipment, phones, or PCs. The gateway ties the Skype Online number to the business to enable Skype DID. It also simplifies configuration, management and support, putting Skype under the IT manager's full control.
There's no need to install Skype on each PC—Skype usage can be monitored by the business just like ordinary calls, and number schemes easily managed. You set it up and it's under centralised control right away.
Skype is completely free of malware, adware and spyware
So it does not add another potential security threat, or attack vector to your network. How many other corporate networks can say the same?
Skype is encrypted
When Skype users connect, it's over an AES-encrypted session, whether it's via instant message, voice, video, or the sending of files. So Skype communications are secure—giving an advantage over conventional VoIP or voice VPNs.
And of course, with a gateway at each office, you get secure voice VPN working over Skype without paying for expensive leased lines, or having to deploy IP PBXs from the same vendor at every office. That's in addition to the benefits outlined earlier.
So with the cost savings and functionality benefits available to you through Skype usage, what's not to love about it?
EMC's Really Big Storage Network
By Paul Shread - internetnews.com
EMC's Atmos cloud storage system gets new levels of data protection and a big boost in performance and capacity.
EMC (NYSE: EMC) has updated its Atmos cloud storage system to add new levels of data protection, along with a big boost in performance and capacity.
The new GeoProtect feature gives Atmos RAID-like data protection — in addition to replication — with support for three or six failures at 33 percent and 66 percent storage overhead, respectively, by encoding and distributing objects across an Atmos cloud.
Atmos also gets new Intel Xeon 5500 processors for a 50 percent performance boost and 2 terabyte drives to double capacity. Atmos nodes can pack in anywhere from 60TB to 720TB with the new drives.
Jon Martin, director of product management and marketing for EMC's Cloud Infrastructure Group, said Atmos is nothing like the wave of clustered network-attached storage offerings that have hit the market lately and instead is more along the lines of Amazon's Simple Storage Service (S3), except in product form: a massively scalable storage network that can span many locations across the globe.
Corbett gets GOP endorsement, not tea partyers'
By Thomas Fitzgerald and Tom Infield
Inquirer Staff Writers
HARRISBURG - White-haired and assured, a candidate from central casting, Attorney General Tom Corbett captured the endorsement for governor from the Republican State Committee yesterday and assumed the leadership of a party brimming with confidence for across-the-board electoral gains in Pennsylvania.
But just down the hall, conservative State Rep. Sam Rohrer was holding a daylong counterconvention for his own campaign for the GOP nomination for governor, drawing 350 right-wing activists from evangelical churches, home-schooling associations, and the antitax tea party movement.
It was a reminder that despite the balloon drops and cheering in the main ballroom, divisions remain between establishment Republicans and many of the grassroots conservatives the party needs for victory.
"Rebelling against our party's decision may sound romantic, but ultimately it hurts our party," state Republican chairman Rob Gleason warned from the dais as the state committee deliberated on endorsements for governor, U.S. senator, and lieutenant governor.
With a lead over any of his potential Democratic opponents in a recent poll, Corbett projected confidence addressing party leaders as the nominee-in-waiting.
The GOP will not only win the governorship and the U.S. Senate seat, Corbett said, but also capture the state House, tighten its grip on the state Senate, and regain a majority of the state's 19 U.S. House seats.
"As governor, I look forward to carrying our party's message forward," Corbett told a ballroom full of 400 Republicans. "Lowering taxes. Cutting the spending of state government. Creating jobs. And charting a course of honest change."
In the U.S. Senate race, the committee endorsed former U.S. Rep. Pat Toomey, whose primary challenge forced Sen. Arlen Specter to switch to the Democratic Party last year in his push for a sixth term. Toomey nearly defeated Specter in the GOP primary in 2004.
Bucks County Commissioner Jim Cawley emerged from a field of seven with the endorsement for lieutenant governor. He would provide regional balance to a ticket headed by Corbett, who's from suburban Pittsburgh.
As the Republican State Committee meeting began, about a dozen people from the Berks County Patriots, a tea party group, paraded in the hallway with signs protesting the endorsement process as "machine politics."
"Both parties are full of lies," said Willard Strunk, 71, of Mertztown, Pa. "We have to take the country back from these socialist programs." A registered Republican from Rohrer's home county, Strunk said, "We like Sam, but we belong to nobody."
Rohrer and U.S. Senate candidate Peg Luksik, a leader of the antiabortion movement, represent the more conservative side of a conservative party, and pulled some support among the 348 voting delegates.
On the vote whether the party should endorse anyone for governor, 51 delegates said no. Nearly as many - 47 - said no to a Senate endorsement.
Rohrer's influence was strongest in his home county, Berks, and in neighboring York County, but he had some support in Montgomery County and other pockets across the state.
Toomey, who congratulated Luksik in his acceptance speech, said he had reached out to tea party activists and wanted to "welcome them to our cause."
Pressed by reporters, he pointedly declined to get behind the endorsement of Corbett. "I will support the Republican nominee," Toomey said. "I have a lot to do, and that's what I'll focus on."
On the other hand, Toomey did not attend Rohrer's rally, though he was listed on the program.
Rohrer's "Mobilize for Liberty" event turned into an all-day affair, complete with box lunches, a campaign school, and, finally, a rally featuring Joe Wurzelbacher - the "Joe the Plumber" of 2008 presidential-campaign fame.
Vowing to keep running, Rohrer characterized the party's endorsement of Corbett as the work of a few insiders. "The vote on May 18 by the people is the one that counts," he said.
Activists listened to training sessions on how pastors can discuss politics without jeopardizing a church's tax-exempt status, how to organize a precinct, effective blogging, and mobilization via the Internet.
With voter anger against incumbents in general - and many Democrats in particular - Republicans believe they can gain the four seats necessary to retake control of the state House.
Corbett, by most accounts, is a slight favorite to beat whoever wins the Democratic nomination - likely to be either of two fellow Pittsburghers, Allegheny County Executive Dan Onorato or state Auditor General Jack Wagner. Even Democratic strategists admit privately that Corbett starts with an edge.
Among all gubernatorial candidates, Corbett is by far the best known, the fruit of his five years as the state's chief prosecutor. His Bonusgate investigation of legislators and aides has boosted his candidacy, but also poses a threat.
Partisans on both sides are watching the trial of former Democratic House Whip Mike Veon, who is charged with running a scheme to award state bonuses to Democratic House employees for purely political chores. If Corbett loses the case, it could damage his credibility as a reform crusader. He failed to win an earlier Bonusgate trial.
Perhaps because of the Bonusgate investigation and prosecutions, Corbett has lain low since announcing his candidacy with balloons and loud music in the fall in Pittsburgh. The Republican State Committee meeting was one of the few times that he has engaged publicly in pure political theater.
For most of last year, he had no opponent at all. Rohrer, who entered the contest in November, has been unable to raise even a small fraction of the more than $3 million that Corbett has in the bank. Almost all of the state's top Republicans, starting with former Gov. Tom Ridge, have anointed Corbett as the party's presumptive nominee.
In his campaign, Corbett has been the ever-so-cautious front-runner.
Outlining yesterday what he'd do as governor, Corbett said he'd introduce a package of good-government reforms within in a week of taking office. But he offered few specifics, except to say he'd end WAMs - the "walking around money" that legislators use to fund pet projects in their districts.
He also proposed to eliminate the per-diem payments that members of the House and Senate receive for expenses when in Harrisburg.
Both proposals have been staples of gubernatorial campaigns for decades. But John Brabender, Corbett's campaign strategist, said the difference was that Corbett intended to make them his first priority.
State GOP taps Corbett for governor, Toomey for U.S. senator
By James O'Toole, Pittsburgh Post - Gazette - updated February 16, 2010
HARRISBURG -- A year ago, the Republican State Committee gathered for its winter endorsement meeting in a very different mood.
"The climate was depressing," recalled Robert Gleason, the party chairman. "I was concerned. Barack Obama had just taken office; we were stunned by the lashing we took."
The night before that Saturday session, Sen. Arlen Specter had announced that he would support the stimulus package of an administration whose president enjoyed stratospheric favorability ratings. The prospects for the slate of seven appellate court judges that the GOP hierarchy endorsed that day looked uncertain at best.
They were running in a state whose Democratic registration and turnout soared as President Obama won the state's electoral votes in a landslide. By the spring, Mr. Specter would abandon the Republican Party, giving the Democrats a 60-vote supermajority in the Senate and spurring widespread gloomy assessments on the future of the Republicans in the Northeast.
But in November, after months more of the nation's economic slog, six of those seven judges would win. The same day, Republicans won governors' race in New Jersey and Virginia. The New Year would bring another, still more stinging defeat with the loss of the late Ted Kennedy's Senate seat in Massachusetts.
Now?
"The mood is euphoric," Mr. Gleason said.
He spoke as his party's officialdom was about to endorse Pat Toomey as its U.S. Senate candidate, Attorney General Tom Corbett for governor, and, after two ballots, Bucks County Commissioner Jim Cawley for lieutenant governor.
Mr. Toomey defeated Johnstown activist Peg Luksik. By a similarly overwhelming margin, Mr. Corbett won over state Rep. Sam Rohrer. Before the day was over, however, Mr. Rohrer would pick up his own endorsement from one of the surprise political stars of 2008 -- "Joe the Plumber."
Mr. Gleason acknowledged that he had no inkling when 2009 opened that the political winds would shift so dramatically, but he said he was confident that his party would take advantage of them.
"We're targeting eight congressional districts. That's the most in the nation," he said. "We're getting so many good candidates that I'm having trouble finding staff."
At this point last year, Mr. Toomey was still considering a run for governor. But Mr. Specter's stimulus vote led him to renew his challenge to Mr. Specter that had fallen short six years ago.
Mr. Toomey said he too was surprised by the rapid shift in the political pendulum nationally and in a Pennsylvania Senate race in which he holds significant leads over both of the Democratic candidates, Mr. Specter and Rep. Joe Sestak.
"But a lot of things have surprised me," he said. "I was surprised at the ambition and the drastic leftward lurch of the Democrat-led Congress. I was surprised at the breadth and depth of the reaction across the country ??? it's been an unusual year in American politics."
"?? think this time we're going all the way," he told one supporter at a reception on Friday, moments after he had boasted to the crowd that he was the national leader among Senate challengers in campaign contributions.
"How can anyone trust government when Harrisburg has become less interested in William Penn's holy experiment and more interested in self-preservation," said Mr. Corbett, whose profile has been lifted by investigations of charges of corruption in the Legislature.
He called for "leadership in Harrisburg that does the right thing for the right reason, during the most challenging of times."
The mood of optimism that pervaded the weekend meeting was also reflected in speakers' predictions that the GOP would retake the state House and add to its already substantial majority in the Senate.
Their confidence in the Senate projection was strengthened by the face that, so far, three sitting Democrats have announced retirement plans while no Republican senators have said they would relinquish their seats.
The GOP officials at the Harrisburg Hilton hotel seemed unanimous in the expectation that those majorities would smooth the governing prospects of Mr. Corbett.
Mr. Gleason pointed out that a Rasmussen poll released this week found the Allegheny County Republican with leads of more than 20 points over each of his most prominent potential Democratic opponents, Allegheny County Executive Dan Onorato, Montgomery County Commissioner Joe Hoeffel and Auditor General Jack Wagner.
But a suggestion that the gales of political change could shake the Republican establishment as well as the Democrats' came elsewhere in the Hilton Saturday.
Mr. Rohrer organized a parallel "Mobilize for Liberty 2010" event, featuring speakers identified with the Tea Party and 9
12 groups that have raised a populist outcry across the country over the past year. Speakers included, by telephone, Rep. Michelle Bachmann, the heroine of the Tea Party movement, who had a controversial televised confrontation with Mr. Specter earlier this month.
Her piped-in voice praised the GOP longshot as a mentor and an inspiration. She described Mr. Rohrer as "an old friend," who got her into politics.
Later, defying the expiration date on Andy Warhol's 15-minutes-of-fame adage, was Joe Wurzelbacher -- "Joe the Plumber" -- who spoke in person.
Both Senate candidates, Mr. Toomey and Mrs. Luksik, were originally on the list of speakers, although the former congressman did not appear as scheduled. If he had, he would have heard his opponent, Mrs. Luksik, declare that "The Republican establishment, today, got it wrong twice."
Mr. Wurzelbacher told the crowd of about 400 that the Tea Party movement was not part of either party.
"That's why I'm backing Sam Rohrer. It's about the individual, not the party," he said.
He made his estrangement from the Republican establishment still more clear as he criticized former Alaska Gov. Sarah Palin over her support for the man who made him famous during the 2008 presidential campaign -- Sen. John McCain. He characterized Mr. McCain as a creature of the Republican establishment.
He was followed by Mr. Rohrer, who strode to the stage to the unexpected anthem of "I'm a Soul Man."
In his earlier acceptance speech, Mr. Toomey had made a point of reaching out for the support of the Tea Party enthusiasts, stressing the need for a broad and diverse party. But Mr. Corbett was conspicuously absent from the program. His challenger, Mr. Rohrer, is far behind the frontrunner in the polls and in campaign cash, but he hopes to harness the political energy of the Tea Party movement to wrest the nomination from the Republican Party's candidate.
But Mr. Corbett was prepared, at least rhetorically, to deal with the concerns of the conservative populists. In his remarks this weekend and throughout his campaign, however, he has left little breathing room between his fiscal positions and those of Mr. Rohrer, who has a reputation as a budget hawk in the Legislature.
Mr. Corbett called for less spending, smaller government, and in a debate Friday, criticized the state for having accepted federal stimulus aid.
The Democratic political position has clearly eroded over the last year, but does the very speed of that change suggest at least the possibility that the climate could quickly shift again, back toward the Democrats?
"I don't see it changing back," Mr. Gleason said. "You look at the economy. Even the Democrats don't expect unemployment to come down for a while and that's killing them."
Reclamere Gains Approval as PA ITQ Vendor
BY Nikki Brown, PHR - News Release
Reclamere, Inc., The Data Security Experts, gained approval as a pre-qualified Information Technology vendor under Pennsylvania’s Invitation to Qualify (ITQ) program.
Reclamere applied for and won ITQ approval for the following service categories:
Information Technology (IT): Includes all matters concerned with the furtherance of computer science and technology and with the design, development, installation, and implementation of information systems and applications.
Telecommunications: Includes all matters concerned with carrier class and premises services for voice, video (broadband & conferencing), data, VPN and remote access, wireless networking, radio (terrestrial & satellite, and associated infrastructures.
Reclamere, has been in the data security business since 2001 servicing customers in regulated industries. Reclamere's service offerings include: IT Audit and Assessments, IT Asset Management, Data Recovery, and e-Forensics and Litigation Support Services. To learn more about the company and the services they offer, please visit reclamere.com
Microsoft Makes Sharepoint 2010 More Web-Like
By Deborah Gage - DevX.com
Microsoft is trying to attract Web developers to Sharepoint 2010, while at the same time keeping the product integrated with a long list of other Microsoft products and services.
Pleasing everybody is difficult, though. Despite the numerous changes Microsoft has made to Sharepoint to make it easier to use and manage for both developers and customers, it can still get gummed up.
One issue that’s not been addressed, said Microsoft senior director Tom Rizzo at the Sharepoint Technology Conference near San Francisco on Thursday, is the 256-character limit on naming documents, folders and subfolders, which users can accidentally exceed.
“We didn’t address it because we allow so many ways to get at Sharepoint –- Internet Explorer, Windows Explorer, and so on,” said Rizzo in response to a question from a developer, who said her users struggle with the problem. “We try the best we can to tell you if you’re going to break it. We can do that in certain scenarios, but not in all access methods. When we get rid of WebDAV access in the future we can address it…it’s a pain point we hear about, and it’s high on our list (to fix).”
But Rizzo demonstrated several other changes that Microsoft has made in hopes of making Sharepoint more attractive to Web-savvy users and developers and cutting down on calls from users to IT.
Among these changes are enhanced, Facebook-like profiles that allow users to update their status, tag and rate content (even from the Internet), see graphics of who in the company reports to whom, and search for expertise among their co-workers based on keywords that occur in Outlook e-mails. (IT can turn off this last feature).
Content is easier to find and organize -- before it was based on a hierarchy of folders, and now it’s based on metadata. “With 2010, I don’t care where the content lives in the site,” Rizzo said, “even if it’s 50 folders deep.”
Improved Look and Feel
Sharepoint 2010 looks better. Parts of it are integrated with Microsoft Visio 2010, so users can see a graph of where their projects might be stuck, or import line of business data to get a graphic representation of what’s selling.
Users also have more control over how sites look. They can, for example, more easily create links to content and they can export themes – background images, fonts and so on -- from Powerpoint, which Rizzo said the Sharepoint users he talks to tend to understand. In case users get confused, there’s now a giant button on the Sharepoint interface to show them where to upload content.
Developers have better control too, Rizzo said. They can monitor the slowest running pages, shut down users who create lists with millions of items and prevent developers from writing code with millions of loops. In an interview, Rizzo said that developers who know Ruby on Rails, PHP and other Web languages should be comfortable with Sharepoint 2010.
Several questions from the audience, though, revolved around how compatible Sharepoint 2010 is with previous versions of Sharepoint and Microsoft Office. Sharepoint Designer, tools and the back end infrastructure are not backward-compatible, Rizzo said, and some parts of Sharepoint 2010 will run in a Microsoft cloud.
IT staffs can, however, get by with older versions of Microsoft Office, at least on the client. “You won’t get the great taxonomy stuff (with Office 2007), but it will be in the browser – you could save Powerpoint (for example) to the server and set the taxonomy that way,” he said. Office 2003 also works with Sharepoint 2010, although the results, Rizzo said are “not pretty.”
Some Web-enabled Office applications will also come with Sharepoint, although Microsoft is still deciding which ones. Rizzo said the majority will come with the Office client, not Sharepoint 2010, but the situation will be clearer in the next couple of weeks.
Sharepoint 2010 is still due in June.
Microsoft Pulls Crashing XP Security Update
By stuart J. Johnston - eSecurity Planet
Microsoft has suspended automatic distribution of a recently released security patch that it says may be causing a spate of crashes for some Windows XP users.
Problems for XP users cropped up immediately, resulting in systems caught in endless reboot cycles and so-called "Blue Screen of Death" (BSoD) crashes, leaving many users in dire straits.
Even though Microsoft moved to pull the suspected update by Thursday afternoon, it was too late for many users.
"My mom is 70 and lives 2500 miles away. Her computer is completely hosed with this problem and she's in a panic," said another dissatisfied user who goes by the screen name "Ala123," also Friday morning.
By Thursday afternoon, the number of entries on the topic at Microsoft's user forum had hit 157 with nearly 17,000 views -- ostensibly other users with the same problem looking for solutions. By Friday morning, those numbers had swelled to 297 entries and some 108,000 views.
"I am writing to let you know that we are aware that after installing the February security updates a limited number of users are experiencing issues restarting their computers. Our initial analysis suggests that the issue occurs after installing MS10-015 (KB977165). However, we have not confirmed that the issue is specific to MS10-015 or if it is an interoperability problem with another component or third-party software," Jerry Bryant, senior security communications manager lead at Microsoft, said in a post on the Microsoft Security Response Center blog on Thursday afternoon.
The nettlesome patch, however, was not ranked as "critical" on Microsoft's four-tiered severity rating system for security. Rather, it was ranked at the second-highest severity level of "important," meaning that it is not as easy to exploit as a critical security flaw.
Partly, that rating is based on the fact that to take advantage of the security hole, an attacker would have to have physical control of the PC and have administrator access to the system. That would tend to indicate that a successful attacker would be an insider, not just a random hacker.
While Microsoft is working to fix the rebooting and crashing problems, Bryant suggested that concerned users can protect themselves from the potential security breach by disabling 16-bit applications, as described in MS10-015, Tuesday's Security Bulletin.
Bryant also reiterated his earlier statement that Microsoft provides free technical support for users who encounter problems applying security patches.
Users in the U.S. can reach Microsoft consumer technical support here or can call in on the company's PC Safety hotline at 1-866-727-2338 (PCSAFETY).
Leveraging Information and Intelligence
BY David Linthicum - ebiz
If there is one thing I hear from SOA/EA architects out there is that it's difficult to get the design, development, and deployment teams focused on the data. The real fun seems to be in the services and processes, and thus most work is concentrated there. The data, and integration strategies around the data, is something that most figure is there, will be there, and requires very little thinking and planning.
However, those who neglect the data, and the integration of that data with other systems, are going to find the bitter truth at some point. Data quality issues rise up first, then data consistency issues, and finally the lost faith in the IT system by the end users, and typically a the death spiral at that point. Time to redo things, and that's both expensive, best case...career limiting, worst case.
So, how do you make data integration a priority? It's really a matter of just looking at the business benefits, and thus the business case for data integration. Without a sound data integration strategy you're simply not going to be able to meet the requirements of the business, and can't get more clear than that.
Moreover, you need to consider data integration as something that's systemic to your architecture, and not just an afterthought. Back in the EAI days, it was all about adding a message broker between major systems, and life was good. It's was a Band-Aid at best.
These days it's about managing data from the source, to the target, including any binding to services as required by the SOA. You can't back your way into that, thus architects needs to do...well...architecture, thus a bunch of advanced planning to make sure that the data integration strategy is sound, and brings the value to the IT infrastructure, and therefore the business. In other words, it's needs to be an architectural priority.
Election 2010: Pennsylvania Governor
Pennsylvania Governor: GOP's Tom Corbett Well Ahead of Three Potential Opponents
By Rasmussen Reports
State Attorney General Tom Corbett continues to hold big leads over three potential Democratic rivals in this year’s race for governor in Pennsylvania.
The latest Rasmussen Reports telephone survey in the state shows Corbett leading former Congressman Joe Hoeffel 51% to 29%. Against Allegheny County Chief Executive Dan Onorato, he leads 52% to 26%. When State Auditor Jack Wagner is his Democratic opponent, Corbett is ahead 49% to 28%.
However, in all three match-ups, at least 15% of voters remain undecided at this point.
Last month, Corbett, by far the leading GOP gubernatorial contender, held roughly two-to-one leads over four potential Democrats but earned less than 50% support in every match-up.
Incumbent Pennsylvania Senator Arlen Specter remains barely over 50% but still holds a 15-point lead over his Democratic Primary challenger, Congressman Joe Sestak. Little is changed this month in Pennsylvania’s overall race for the Senate, with Republican hopeful Pat Toomey still ahead of Specter by nine points.
Both parties will choose their Senate and gubernatorial candidates in May 18 primaries.
(Want a free daily e-mail update? If it's in the news, it's in our polls). Rasmussen Reports updates are also available on Twitter or Facebook.
Male voters favor Corbett by substantial margins over any of the Democrats. Women voters also prefer the Republican by anywhere from seven to 13 points. Voters not affiliated with either major party support Corbett by sizable double-digit margins.
Corbett is viewed very favorably by 17% of Pennsylvania voters, while only five percent (5%) hold a very unfavorable opinion of him. Eighteen percent (18%) have no opinion of him yet.
Ten percent (10%) have a very favorable opinion of Onoroato, while the identical number (10%) view him very unfavorably.
Hoeffel is viewed very favorably by eight percent (8%) and very unfavorably by 14%.
For Wagner, very favorables total five percent (5%) and very unfavorables seven percent (7%).
One-in-three Pennsylvania voters don't know enough about any of the Democratic candidates to give even a soft favorable or unfavorable opinion of him at this point.
At this point in a campaign, Rasmussen Reports considers the number of people with strong opinions more significant than the total favorable/unfavorable numbers.
This year’s election will determine the replacement for term-limited Democratic Governor Ed Rendell. Forty-three percent (43%) of Pennslylvania voters approve of Rendell’s job performance, while 56% disapprove.
The governor’s low job approval numbers may be linked to the fact that the plurality of voters in the state (47%) says he is doing a poor job handling the state’s budget problems. Just 25% give the governor good or excellent ratings on his handling of budget issues.
In order to help alleviate those problems, Rendell is proposing a decrease in the state’s sales tax rate to 4% while expanding it to more items. Most Pennsylvania voters have been following stories on this proposal, but they are evenly divided on their opinions of it. Forty-two percent (42%) are in favor of lowering the sales tax but taxing more items, while 41% are opposed. Another 18% are undecided.
But nearly half (48%) believe the proposal will eventually lead to higher taxes, while just 21% say the end result will be lower taxes. Thirty-one percent (31%) are not sure what impact the governor’s proposal will have on their taxes overall.
Rendell’s proposal to expand the state’s tobacco tax to include smokeless tobacco and cigars is much more popular, with 70% in favor of it. Just 22% are opposed.
Seventy-one percent (71%) of Pennsylvania voters are angry with the current policies of the federal government, including 46% who are very angry. Most (58%) also agree with the idea that neither Democratic nor Republican leaders in Congress know what is needed today. Those results are similar with those found on the national level.
Sixty-six percent (66%) of voters in Pennsylvania believe it would be better for the country if most congressional incumbents up for reelection this year were defeated, while only 16% say it would be better if most were reelected.
Only 34% believe their own representatives in Congress deserve to be reelected, while 44% disagree.
On another issue close to home, 28% in Pennsylvania think the Philadelphia Eagles should trade quarterback Donovan McNabb. Twenty-seven percent (27%) say McNabb should remain as the Eagles quarterback next season. Forty-five percent (45%) are undecided.
In 2008, Rasmussen Reports projected nationally that Obama would defeat John McCain by a 52% to 46% margin. Obama won 53% to 46%. Four years earlier, Rasmussen Reports projected the national vote totals for both George W. Bush and John Kerry within half-a-percentage-point.
In Pennsylvania during the 2008 campaign, Rasmussen Reports polling showed Barack Obama winning the state by a 52% to 46% margin. Obama won 55% to 44%. Four years earlier, Rasmussen Reports polling showed John Kerry leading George W. Bush in Pennsylvania 49% to 47%. Kerry won 51% to 49%.
In the 2006 Pennsylvania governor’s race, Rasmussen polling showed Ed Rendell defeating Lynn Swan 56% to 38%. Rendell won 60% to 40%. In the 2006 race for U.S. Senate, Rasmussen polling showed Bob Casey defeating Rick Santorum 55% to 42%. Casey won 59% to 41%.
How to Effectively Use Cloud Computing
By Jay Litkey - eWeek.com
Cloud computing is a term that's been latched onto with a vengeance. The basic premise of "data center on demand" is pretty sexy, but cloud computing is not a new concept. The vision of the on-demand data center has existed for years and is often described as the "holy grail" of data center architectures—always sought after but remaining out of reach. Here, Knowledge Center contributor Jay Litkey explains what enterprises need to consider in order to effectively use cloud computing.
The media, as well as the market at large, have latched onto the term "cloud computing" with a vengeance. Admittedly, the basic premise of "data center on demand" is pretty sexy. But be warned: all may not be as it seems. The vision and concept of cloud computing and the on-demand data center have been around in one shape or another for decades. The vision has always been sought after but remained just out of reach. Virtualization has made this real, bringing the vision almost into our grasp. The key word here is "almost."
Those looking to include cloud computing in their architecture need to address the issue of how they can most effectively complement existing architectures. One of the biggest challenges for IT planners and strategists is that the term "cloud" is being used today to describe everything from the traditional software as a service (SAAS) delivery model to infrastructure outsourcing to infrastructure renting. It's the buzzword du jour with which everyone seems to be trying to associate.
For the purposes of this article, I will ignore the renamed traditional service delivery models and narrow the definition of a cloud to its most basic: an amorphous infrastructure owned and operated by someone else that accepts and runs workloads created by its customers.
Thinking about a cloud in this way, the first and most obvious question becomes: "Can all my applications actually run in such an environment?" If the answer to that question is no, then you must ask, "What subset of my data and applications could safely run there?"
Clearly, there are some applications that you would probably never want out of your control, including those you need in order to pass an audit (for example, to comply with the Sarbanes-Oxley Act, the Payment Card Industry Data Security Standard or the Gramm-Leach-Bliley Act). A cloud translates into the physical at some point in space but, today, you cannot audit its security, file systems and access controls with absolute certainty.
Today's cloud tools barely manage provisioning and some level of mobility management. Plus, security and audit capabilities are still a long way off, as well as the ability to move the same virtual machine in and out of cloud infrastructures while tracking and tracing its movement and access. Let's face it: most auditing groups still haven't even come to grips with the impact of virtualization on basic enterprise data center auditing, let alone cloud governance.
Page 2 Virtualization: a new data center architecture
Page 3 Clouds not ideal for critical or sensitive information
Patch Tuesday Update Crashes XP Users' Parade
By Stuart J. Johnston - Datamation
One of the bug fixes released on February's Patch Tuesday event this week may be causing some Windows XP users serious problems, including repeated reboots and the dreaded "Blue Screen of Death" (BSoD).
The patch, which several reports have fingered as the cause of the problem, is numbered MS10-015. It is meant to fix a recently revealed vulnerability in Microsoft (NASDAQ: MSFT) Windows that dates back some 17 years.
An undetermined number of users were faced with the crashes immediately after installing the update. By Thursday morning, frustrated users were complaining on multiple online forums, including Microsoft's own.
On Microsoft's forums, users had lodged 157 entries and nearly 17,000 views by early Thursday afternoon relating to the problem.
"After installing today's update 02/09/10 I now get the BSoD PAGE_FAULT_IN_NONPAGED_AREA 0x00000050," said one user, who goes by the screen name Sacdan69. "This has happened to both my wife's computer and my nephew's."
"After installing Windows Update 2 hours ago on 2/09/2010, I restarted my laptop [and] got the bluescreen. When I try to start in Safe Mode, it freezes on the Safe Mode startup screen. I cannot start my computer at all. Please help," said another user posting with the handle Brownca88.
The early phase of the hubbub over the crashes and BSoDs was first spotted by security blogger Brian Krebs early Thursday.
February's Patch Tuesday bug fix drop, so named because on the second Tuesday of every month, Microsoft releases all, or most, of the fixes it will release each month, was chock-a-block with patches anyway. It included 13 patches fixing a total of 26 individual bugs.
To further complicate things, netbook computers running XP, the most popular operating system for netbooks, do not have optical drives, so providing a fix for those users is problematic.
This is the second time in the past two weeks that an update to Windows caused system crashes for some users. One of several non-security "stability and reliability" updates released in late January caused crashes for Windows 7 and Windows Server 2008 Release 2 (R2).
Company officials acknowledged the latest problems.
"Microsoft is investigating reports of an installation issue with a security update released on Feb. 9, 2010. We are investigating the issue to determine the cause of the issue," Jerry Bryant, senior security communications manager lead, said in an e-mail to InternetNews.com.
Bryant also offered free help to anyone believed to have been affected, urging users to contact Microsoft tech support for assistance.
Users in the U.S. can reach Microsoft consumer technical support here or can call in on the company's PC Safety hotline at 1-866-727-2338 (PCSAFETY).
Stuart J. Johnston is a contributing writer at InternetNews.com, the news service of Internet.com, the network for technology professionals.
Google's Big Fiber Play: What Gives?
By Ian Paul, PCWorld
Google on Wednesday announced that it wants to "build and test ultra high-speed broadband networks in a small number of trial locations across the United States." Google's proposed networks would service anywhere from 50,000 to 500,000 people with commercial broadband Internet service reaching speeds of up to 1 Gigabit per second.
In a recent blog post, Google painted a very compelling picture for what this super high-speed broadband would look like, by asking you to "imagine sitting in a rural health clinic, streaming three-dimensional medical imaging over the web and discussing a unique condition with a specialist in New York. Or downloading a high-definition, full-length feature film in less than five minutes." Very compelling indeed.
But why Google would want to undertake such a major project in the first place is not exactly clear yet. It's doubtful that Google would want to deliver broadband service to every home in the United States. So what is the search giant up to this time? Is Google's goal to influence national broadband policies? Maybe Google wants to show that traditional ISPs are deploying broadband ineffectively. It's hard to know for sure what Google's up to, but here are five different possibilities.
Google Is Trying To Shape Broadband Policy
Maybe Google's biggest point is to create a model broadband network that the United States, and maybe even the rest of the world, can use as an example of how broadband Internet should be deployed on a national level. Google's broadband network would not only be fast, but would also be managed with the principles of net neutrality in mind.
If that really is what Google's up to, it would be very similar to what the company did when it bid on the 700 MHz wireless spectrum in 2007. At the time, Google wanted the FCC to require winning bidders to run the newly available wireless spectrum with several caveats. First, the bidder had to run an open wireless platform where customers could choose to run any device they wanted and subscribe to any wireless provider they wanted. Google also wanted the FCC to require network providers to resell their wireless bandwidth at wholesale prices to other firms (the wholesale-resale model). Google's main goal with its wireless spectrum bid seemed to be about promoting openness and freedom of choice for consumers rather than actually buying up wireless spectrum. So maybe Google's broadband experiment is more about promoting the principles of an open and free Internet using a modern broadband connection as opposed to becoming a full-fledged ISP.
ISPs Must Bend To The Will Of Google
If Google can prove that its broadband experiment not only delivers customer satisfaction, which it may, but also that Google's method can deploy broadband cheaper and faster than other ISPs, then watch out. Dow Jones Newswire on Thursday reported that Verizon pegs the cost of delivering fiber-to-the-home connections at $1,350 per home, and cost is one reason why upgrading broadband networks across the country has been a relatively slow process.
As part of Google's broadband experiment, the company says it wants to "try out new ways to build and operate fiber networks, and share what [they] learn with the world." So what if Google ends up building and operating a fiber network faster and cheaper than other ISPs? A better customer experience, and it's cheaper to deploy? Now that could be disruptive.
Google's Broadband Plan Is Naive
While Google's intentions may be in the right place, the day-to-day demands of running a broadband network for consumers may be more difficult than the search giant imagines. As one anonymous industry executive told Dow Jones, "Google doesn't have experience sending trucks and technicians to people's homes or sending out monthly bills." Well, that's not exactly true, because Google is getting a crash course in customer service right now, thanks to its newly launched Nexus One mobile device. Has Google learned enough about customer service from its Nexus One adventure to be an effective ISP? Well, as long as Google can master the phrase, "We'll be at your home between 1 p.m. and 6 p.m. next Thursday," I think Google the ISP will be just fine.
Privacy
You can't talk about Google without talking about privacy, and broadband service is no exception. In May 2008, Internet service provider Charter Communications came under fire after it launched a pilot project to test behavioral ad targeting. Charter's plan was to hand over the browsing habits of its customers to a third party, NebuAd, which would then deliver online advertisements to Charter customers. Eventually, Charter backed off the behavioral tracking plan after heavy criticism from privacy advocates.
What made Charter's plan so troubling is that ISPs have the ability to track everything you do online. With Google, the complications and conflicts of interest between running an ISP and an advertising network could be problematic. Google's advertising network is focused on delivering relevant advertising to Google users, so it's not unreasonable to wonder if the commercial interests of Google the ISP and Google the advertising network wouldn't conflict with the privacy interests of Google's broadband customers.
Google Is Building Up Municipal Broadband
One of the biggest threats to the way national ISPs do business are municipal broadband projects where a city develops its own broadband network and then creates a city-owned utility to deliver Internet service to city residents. City governments love the municipal broadband concept since traditional ISPs serving city residents may not be willing to incur the cost of upgrading broadband networks in smaller or more remote communities. But ISPs feel threatened by municipal broadband since city-owned utilities may be exempt from paying to city governments the same taxes, fees and surcharges that private corporations do. As a result, there have been cases of lobbying state legislatures to pass laws that discourage cities from developing municipal broadband or of larger ISPs trying to stop municipal broadband through the courts.
However, if cities entered into public-private partnerships with companies such as Google, it might help long-suffering municipal broadband projects get off the ground. One possible scenario would be where city councils financed the broadband construction, and then let Google run the network as an ISP. In that case, competing ISPs may find it difficult to fight city hall and Google at the same time.
That may not be Google's initial plan with its pilot project, but then again, check out this entry from part 3 of Google's request for information from municipal governments that want to be included in Google's broadband project: "Describe any current or planned programs in your community to accelerate and expand adoption and use of broadband Internet access." Sounds like that part of the questionnaire is tailor-made for describing a failed municipal broadband project, don't you think?
InformationWeek Launches First InformationWeek Government Digital Issue
SAN FRANCISCO, Feb. 11 /PRNewswire-FirstCall/ -- TechWeb's InformationWeek launched the first InformationWeek Government digital issue this week.
The first InformationWeek Government digital issue adds to a robust editorial portfolio of news, insightful articles, analytics research reports, and tools for federal, state and local government IT professionals. This effort is also part of InformationWeek's green initiative, a focused effort to reduce its carbon footprint and to plant trees around the world.
Editorial highlights from the first issue include:
1. Open Government Mandate: Federal agencies must increase transparency and engage the public in new ways. Here's how they're doing it.
2. Top Fed Leadership Priorities: Cross-agency collaboration, hiring and retaining top talent, and automating processes are some of the biggest challenges, according to our Technology Leadership In Government Survey.
3. Obama's Budget For Tech: 2011 budget proposal would cut IT spending while steps to cut costs get implemented.
4. Q&A With Defense CIO: Defense Department Deputy CIO David Wennergren talks with J. Nicholas Hoover about what it takes to oversee the largest IT budget and organization anywhere.
5. Q&A With Postal Service CIO: CIO Ross Philo talks with John Foley about innovation and automation at the Postal Service.
John Foley: Stop dancing around open government as if it's some sort of skunk works and evaluate it based on hard returns.
"InformationWeek Government's sole mission is to specifically address the needs of CIOs, CTOs and other technology executives within government agencies, with the ultimate goal of helping them make informed, intelligent IT decisions," said John Ecke, VP and Group Publisher of InformationWeek Government. "This week's 36-page special digital edition of InformationWeek Government focused on open government is a prime example of how we go about executing on this mission."
InformationWeek Government (http://www.informationweek.com/government) serves government IT professionals tasked with the responsibility of analyzing the technology products, services, policies, and vendor strategies aimed at the public sector.
To download the InformationWeek Government Digital Issue, please visit http://www.informationweek.com/gogreen/020810/index.jhtml.
InformationWeek Business Technology Network: (http://www.informationweek.com/)
The InformationWeek Business Technology Network provides IT executives with unique analysis and tools that parallel their work flow -- from defining and framing objectives through to the evaluation and recommendation of solutions. Anchored by InformationWeek, the multimedia powerhouse that looks across the enterprise, the network scales across the most critical technology categories with online properties like DarkReading.com (security), IntelligentEnterprise.com (application architecture), NetworkComputing.com (networking and communications) and PlugintotheCloud.com (cloud computing). The network also provides focused content for key IT targets, such as CIOs, developers and SMBs via InformationWeek Global CIO, Dr. Dobb's and InformationWeek SMB, as well as vital vertical industries with InformationWeek Financial Services, Government and Healthcare sites. Content is at the nucleus of our information distribution strategy -- IT professionals turn to our experts and communities to stay informed, get advice and research technologies to make strategic business decisions.
About TechWeb (http://www.techweb.com/aboutus)
TechWeb, the global leader in technology media and professional information, enables people and organizations to harness the transformative power of technology. Through its three core businesses – media solutions, marketing services and paid content – TechWeb produces the most respected and consumed brands and media applications in the technology market. More than 14 million business and technology professionals (CIOs and IT managers, Web & Digital professionals, Software Developers, Government decision makers, and Telecom providers) actively engage in TechWeb's communities and information resources monthly. TechWeb brands includes: global face-to-face events such as Interop, Web 2.0, Black Hat and VoiceCon; award-winning online resources such as InformationWeek, Light Reading, and Network Computing; and market-leading InformationWeek, Wall Street & Technology, and Advanced Trading magazines. TechWeb is a UBM company, a global provider of news distribution and specialist information services with a market capitalization of more than $2.5 billion.
Microsoft plans antipiracy update for Windows 7
by Ina Fried - cnet news
An optional update to Windows closes a number of hacks that counterfeiters have used to bypass the product activation technologies built into Windows 7. With the update, Windows will try to restore Windows to its proper state, as well as marking tampered versions as non-genuine copies of the operating system.
Microsoft said on Thursday that it is planning an update to Windows 7 that will close a number of loopholes that counterfeiters had used to thwart the operating system's built-in antipiracy measures.
The Windows Activation Technologies Update for Windows 7, which will be released later this month, closes more than 70 "activation hacks," according to Joe Williams, general manager of Microsoft's Genuine Windows unit, responsible for anti-counterfeiting measures. The update will also check with a server periodically to see if there are further hacks that need to be addressed, though Williams said no personally identifiable information about the user will be sent to the server.
In an interview, Williams cautioned about the dangers that come with using nongenuine versions of the operating system, citing a German study that looked at several hundred copies of Windows 7 that were posted online and found that nearly a third had some type of malware.
"We do see malicious code--everything from easily discoverable malware to keyboard recording," he said. "There's all sorts of things we've seen that puts our customers at risk and their data at risk."
The update will be available for manual download from Microsoft's genuine Web site on Feb. 16 and from the Microsoft Download center the following day. Later this month, the update will also be offered through Windows Update as an "important" (but optional) update.
Williams said the new update will remain optional and that those who choose not to install it will still be able to get other Windows updates, a position that marks a fairly sharp contrast to the once hard line Microsoft was taking against piracy.
With the first release of Windows Vista, Microsoft took an aggressive stance, shifting users it determined to have nongenuine versions of the operating system into a severely limited "reduced functionality" mode. In that mode, all users could do was access the Internet for an hour a day.
However, Williams said that Microsoft heard from customers, businesses, and governments that the restrictions were to draconian and decided to try a different approach.
In the first update to Vista, Microsoft relaxed things considerably, choosing instead to just prominently notify users that their version was not genuine.
Starting with Vista Service Pack 1, users saw their background changed to black and a message that their version was nongenuine, as well as getting a dialog box encouraging them to activate a genuine copy. One could choose to do so immediately, or, after 15 seconds, could click an option to activate later.
With Windows 7, Microsoft eased things even more, allowing users to immediately choose to deal with the issue later, although those that choose that option are notified of some of the benefits of genuine software.
Williams declined to say whether Microsoft will close any of the activation hacks with the first service pack to Windows 7, noting that the company has not yet confirmed any plans for that update. Microsoft did close a number of activation holes in Vista with the service pack to that product.
Williams said Microsoft has put much of its focused on informing customers that may have been duped into buying a PC with non-genuine software.
"We are pretty realistic," Williams said. "People who are actively pirating will try to find ways to continue to pirate."
CERN's evolution toward cloud computing
By: Dana Gardner, Principal Analyst, Interarbor Solutions - IT Director
What are the likely directions for cloud computing? Based on the exploration of expected cloud benefits at a cutting edge global IT organization, the future looks extremely productive.
In this podcast we focus on the thinking on how cloud computing—both the private and public varieties—might be used at CERN, the European Organization for Nuclear Research in Geneva.
CERN has long been an influential bellwether on how extreme IT problems can be solved. Indeed, the World Wide Web owes a lot of its usefulness to early work done at CERN. Now the focus is on cloud computing. How real is it, and how might an organization like CERN approach cloud?
In many ways CERN is quite possibly the New York of cloud computing. If cloud can make it there, it can probably make it anywhere. That's because CERN deals with fantastically large data sets, massive throughput requirements, a global workforce, finite budgets, and an emphasis on standards and openness.
So please join us, as we track the evolution of high-performance computing (HPC) from clusters to grid to cloud models through the eyes of CERN, and with analysis and perspective from IDC, as well as technical thought leadership from Platform Computing.
Join me in welcoming our panel today: Tony Cass, Group Leader for Fabric Infrastructure and Operations at CERN; Steve Conway, Vice President in the High Performance Computing Group at IDC, and Randy Clark, Chief Marketing Officer at Platform Computing. The discussion is moderated by BriefingsDirect's Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Conway: Private cloud computing is already here, and quite a few companies are exploring it. We already have some early adopters. CERN is one of them. Public clouds are coming. We see a lot of activity there, but it's a little bit further out on the horizon than private or enterprise cloud computing.
Just to give you an example, we at IDC just did a piece of research for one of the major oil and gas companies, and they're actively looking at moving part of their workload out to cloud computing in the next 6–12 months. So, this is really coming up quickly.
CERN is clearly serious about it in their environment. As I said, we're also starting to see activity pick up with cloud computing in the private sector with adoption starting somewhere between six months from now and, for some, more like 12–24 months out.
Clark: At Platform Computing we have formally interviewed over 200 customers out of our installed base of 2,000. A significant portion—I wouldn’t put an exact number on that, but it's higher than we initially anticipated—are looking at private-cloud computing and considering how they can leverage external resources such as Amazon, Rackspace and others. So, it's easily one-third and possibly more [evaluating cloud].
Cass: At CERN we're a laboratory that exists to enable, initially Europe’s and now the world’s, physicists to study fundamental questions. Where does mass come from? Why don’t we see anti-matter in large quantities? What's the missing mass in the universe? They're really fundamental questions about where we are and what the universe is.
We do that by operating an accelerator, the Large Hadron Collider, which collides protons thousands of times a second. These collisions take place in certain areas around the accelerator, where huge detectors analyze the collisions and take something like a digital photograph of the collision to understand what's happening. These detectors generate huge amounts of data, which have to be stored and processed at CERN and the collaborating institutes around the world.
We have something like 100,000 processors around the world, 50 petabytes of disk, and over 60 petabytes of tape. The tape is in just a small number of the centers, not all of the hundred centers that we have. We call it "computing at the terra-scale," that's terra with two R's. We’ve developed a worldwide computing grid to coordinate all the resources that we have with the jobs of the many physicists that are working on these detectors.
If you look at the past, in the 1990’s, we had people collaborating, but there was no central management. Everybody was based at different institutes and people had to submit the workloads, the analysis, or the Monte Carlo simulations of the experiments they needed.
We realized in 2000–2001 that this wasn’t going to work and also that the scale of resources that we needed was so vast that it couldn’t all be installed at CERN. It had to be shared between CERN, a small number of very reliable centers we call the Tier One centers and then 100 or so Tier Two centers at the universities. We were developing this thinking around the same time as the grid model was becoming popular. So, this is what we’ve done.
Grid sets stage for seeking greater efficiencies
[Our grid] pushes the envelope in terms of the scale to make sure that it works for the users. We connect the sites. We run tens of thousands of jobs a day across this and gradually we’ve run through a number of exercises to distribute the data at gigabytes a second and tens of thousands of jobs a day.
We've progressively deployed grid technology, not developed it. We've looked at things that are going on elsewhere and made them work in our environment.
The grid solves the problem in which we have data distributed around the world and it will send jobs to the data. But, there are two issues around that. One is that if the grid sends my job to site A, it does so because it thinks that a batch slot will become available at site A first. But, maybe a grid slot becomes available at site B and my job is site A. Somebody else who comes along later actually gets to run their job first.
Today, the experiment team submits a skeleton job to all of the sites in order to detect which site becomes available first. Then, they pull down my job to this site. You have lots of schedulers involved in this—in the experiment, the grid, and the site—and we're looking at simplifying that.
We’re now looking at virtualizing the batch workers and dynamically reconfiguring them to meet the changing workload. This is essentially what Amazon does with EC2. When they don’t need the resources, they reconfigure them and sell the cycles to other people. This is how we want to work in virtualization and cloud with the grid, which knows where the data is.
... We’re definitely concentrating for the moment on how we exploit effective resources here. The wider benefits we'll have to discuss with our community.
Conway: CERN's scientists have earned multiple Nobel prizes over the years for their work in particle physics. CERN is where Tim Berners-Lee and his colleagues invented the World Wide Web in the 1980s.
More generally, CERN is a recognized world leader in technology innovation. What’s been driving this, as Tony said, are the massive volumes of data that CERN generates along with the need to make the data available to scientists, not only across Europe, but across the world.
For example, CERN has two major particle detectors. They're called CMS and ATLAS. ATLAS alone generates a petabyte of data per second, when it’s running. Not all that data needs to be distributed, but it gives you an idea of the scale or the challenge that CERN is working with.
In the case of CERN’s and Platform’s collaboration, the idea is not just to distribute the data but also the applications and the capability to run the scientific problem.
Showing a clear path to cloud
CERN is definitely a leader there, and cloud computing is really confined today to early adopters like CERN. Right now, cloud computing services constitute about $16 billion as a market.
That’s just about four percent of mainstream IT spending. By 2012, which is not so far away, we project that spending for cloud computing is going to grow nearly threefold to about $42 billion. That would make it about 9 percent of IT spending. So, we predict it’s going to move along pretty quickly.
... [Being able to manage workloads in a dynamic environment] is the single biggest challenge we see for not only cloud computing, but it has affected the whole idea of managing these increasingly complex environments—first clusters, then grids, and now clouds. Software has been at the center of that.
That’s one of the reasons we're here today with Platform and CERN, because that’s been Platform’s business from the beginning, creating software to manage clusters, then grids, and now clouds, first for very demanding HPC sites like CERN and, more recently, also for enterprise clients.
Clark: Historically, clusters and grids have been relatively static, and the workloads have been managed across those. Now, with cloud, we have the ability to have a dynamic set of resources.
The trick is to marry and manage the workloads and the resources in conjunction with each other. Last year, we announced our cloud products— Platform LSF and Platform ISF Adaptive Cluster—to address that challenge and to help this evolution.
[Cloud adoption] is being driven by the top of the organization. Tony and Steve laid it out well. They look at the public/private cloud economically, and say, "Architecturally, what does this mean for our business?" Without any particular application in mind they're asking how to evolve to this new model. So, we're seeing it very horizontally in both enterprise and HPC applications.
What Platform sees is the interaction of distributed computing and new technologies like virtualization requiring management. What I mean by that is the ability, in a large farm or shared environment, to share resources and then make those resources dynamic. It's the ability to add virtualization into those on the resource side, and then, on the server side, to make it Internet accessible, have a service catalog, and move from providing IT support to truly IT as a competitive service.
The state of the art is that you can get the best of Amazon, ease of use, cost, accessibility with the enterprise configuration, scale, and dependability of the enterprise grid environment.
There isn't one particular technology or implementation that I would point to, to say "That is state of the art," but if you look across the installations we see in our installed base, you can see best practices in different dimensions with each of those customers.
Conway: People who have already stepped through the earlier stages of this evolution, who have gone from clusters to grid computing, are now for the most part contemplating the next move to cloud computing. It's an evolutionary move. It could have some revolutionary implications, but, from a technological standpoint, sometimes evolutionary is much safer and better than revolutionary.
KDE Brings Advances to the Linux Desktop
The latest KDE4 desktop release sports thousands of new features and bug fixes, and includes the best integration yet of semantic 
By Sean Michael Kerner- internetnews.com
Ever since the first KDE 4 release in 2008, the KDE open source desktop has been evolving to provide a different type of experience for Linux users
With the KDE Software Compilation (SC) 4.4 release today, KDE's desktop evolution continues with more than 1,400 new features and nearly 7,300 bugs fixed.
"KDE SC 4.4 is about both incremental evolution as well as continuing to make great strides forward in our pursuit of power and elegance," KDE core developer Aaron J. Seigo told InternetNews.com. "While there have been many performance improvements and defect fixes along with incremental improvements such as multi-touch support, we also have a lot of new things in KDE SC 4.4 ranging from applications such as Blogilo, to the over 20 new plugins for Plasma Desktop and Plasma Netbook, new semantic desktop features and a number of tools for large and managed deployments of KDE software."
The 4.4 version comes six months after the KDE 4.3 release, which itself provided more than 10,000 bug fixes. Seigo noted that KDE has adopted a time-based release schedule for all releases since the KDE v4.0 release, and the release cycles for versions 4.3 and 4.4 were identical in length.
"We release a new feature upgrade every six months and a patch-level release every month that brings bug fixes, performance improvements and new translations to the last feature release," Seigo said. "This certainly gives a sense of rapid motion to all involved and has been quite successful for KDE in bringing the KDE 4 series to maturity."
One of the biggest items to impact KDE 4.4 was Nokia's release of Qt 4.6 in December 2009. The Qt open source GUI framework is the core user interface framework used by KDE. Qt 4.6 brought KDE 4.4 a number of significant advancements, including noticeable performance improvements and a new animation framework, Seigo noted.
While KDE 4.3 included features for users to connect to social networks, KDE 4.4 goes a step further.
"Most significantly, the Social Desktop widgets for the Plasma Desktop and Netbook systems have been extensively expanded and refined in terms of usability," Seigo said. "They make it easier than ever to interact with other KDE users."
KDE 4.4 also includes the new Blogilo blogging client and improvements to the micro-blogging desktop widget for Twitter and identi.ca.
Federal CIO pursues relentless efficiency via TechStat meetings
Vivek Kundra says the administration intends to leverage the power of technology to make the government run more efficiently
By Matthew Weigelt - WashingtonTechnology
Federal Chief Information Officer Vivek Kundra today said he has started new accountability sessions with department officials to assess their information technology projects.
In these sessions, called TechStat meetings, Kundra intends to delve deep into departments’ IT projects to check on whether the projects are working as planned. He said he and other officials have already met with the Environmental Protection Agency’s CIO and other agency officials about an IT project that is $30 million over its budget and a year behind schedule. After the discussion, Kundra sent the EPA a detailed memo on what he wants the agency to do to get the project on course again, he said, adding that he expects to see the agency start working immediately.
Kundra said he intends to make the TechStat meetings “a very relentless pursuit of oversight.” He said he could possibly halt or terminate a project or even revise the plans for the project as a result of the meetings.
Hands On With Google Buzz - It’s a Stream in Your Inbox
By Michael Calore, February 10, 2010 - webmonkey
Tuesday saw the debut of Google Buzz, a new service for sharing status updates, links and media with your friends. It’s currently being rolled out to the public slowly — you can sign up at buzz.google.com — but we’ve had access to Buzz since shortly after it launched, and I’ve had a chance to play around with it.
Buzz integrates directly with your Gmail inbox, so updates and comments appear along side your e-mails. It bears a strong resemblance to other sharing platforms like FriendFeed or Twitter and Facebook’s News Feed — imagine all of those magically inserted into your Gmail inbox and you get the picture.
It has all the makings of a powerful, real-time social platform that’s ready to compete with, or compliment, those established players.
But for now, Buzz is a bit of a mystery. Only a handful of people are actually using it, so the sharing features don’t really feel that social. It’s as if you’re broadcasting into an empty void. In that regard, my first day with Buzz reminds me of my first few days with Google Wave, or my first few days with FriendFeed. That feeling of being in a big empty room will change once Buzz opens up and more of my friends join, just as it did for those other services.
There’s another more serious limitation: What happens in Buzz stays in Buzz. You can’t use it to post to your favorite social networks. You can add feeds from Twitter, Flickr, Google Reader and any other social site (except for Facebook, notably), and all that stuff gets aggregated into a single feed on Buzz where your friends can leave comments. But when you post a status update or share any sort of link or media on Buzz, you don’t have the option to CC Twitter or FriendFeed.
Google noted during Tuesday’s launch event that it does plan on adding the ability to post out to Twitter and other services soon. And, since all public posts in Buzz are available as an XML feed, you could hack together a way to post to Twitter if you know what you’re doing. But for now, for most every user, Google Buzz remains a one-way street.
Once those two things change — the volume problem and the cross-posting problem — Buzz will be a serious player on the social web. Right now, it’s worth playing with and getting used to, because once it gains momentum, it’s going to become part of our daily lives. It’s that easy to use, and that powerful.
Oracle Patches Dangerous WebLogic Server Flaw
By Brian Prince - eWeek Security Watch
Oracle has released an emergency patch for a security flaw in WebLogic Server in response to the discovery of a vulnerability that leaves users open to attack.
The vulnerability lies in the Node Manager component of WebLogic Server, and could be exploited by attackers to remotely gain access to a vulnerable system. According to Vupen Security, the issue is due to a missing authentication within the "Node Manager" (beasvc.exe) process when processing incoming connections to port 5556/TCP, which could allow remote unauthenticated attackers to execute certain commands.
The patch, issued Feb. 4, came roughly two weeks after Intevydis CEO Evgeny Legerov revealed the bug on a blog.
"A successful exploitation of this vulnerability may result in a full compromise of the targeted server on Windows," blogged Eric Maurice, manager for security in Oracle's global technology business unit. "On other platforms (Unix, Linux, etc.), the attacker may gain access to the targeted server with the same privileges as the WebLogic server processes. This kind of vulnerability further highlights the need to use 'least privilege' as much as possible on operating systems for running sensitive processes and applications."
As a workaround, users can restrict access to the Node Manager port through firewalls or other network access controls to prevent the exploitation by anonymous Internet users. In addition, organizations should consider updating their policies to permit access to this port only by trusted subnet/users, Oracle advised.
Security chip that does encryption in PCs
By Joredan Robertson, AP
Deep inside millions of computers is a digital Fort Knox, a special chip with the locks to highly guarded secrets, including classified government reports and confidential business plans. Now a former U.S. Army computer-security specialist has devised a way to break those locks.
The attack can force heavily secured computers to spill documents that likely were presumed to be safe. This discovery shows one way that spies and other richly financed attackers can acquire military and trade secrets, and comes as worries about state-sponsored computer espionage intensify, underscored by recent hacking attacks on Google Inc.
The new attack discovered by Christopher Tarnovsky is difficult to pull off, partly because it requires physical access to a computer. But laptops and smart phones get lost and stolen all the time. And the data that the most dangerous computer criminals would seek likely would be worth the expense of an elaborate espionage operation.
Jeff Moss, founder of the Black Hat security conference and a member of the U.S. Department of Homeland Security's advisory council, called Tarnovsky's finding "amazing."
"It's sort of doing the impossible," Moss said. "This is a lock on Pandora's box. And now that he's pried open the lock, it's like, ooh, where does it lead you?"
Tarnovsky figured out a way to break chips that carry a "Trusted Platform Module," or TPM, designation by essentially spying on them like a phone conversation. Such chips are billed as the industry's most secure and are estimated to be in as many as 100 million personal computers and servers, according to market research firm IDC.
When activated, the chips provide an additional layer of security by encrypting, or scrambling, data to prevent outsiders from viewing information on the machines. An extra password or identification such as a fingerprint is needed when the machine is turned on.
Many computers sold to businesses and consumers have such chips, though users might not turn them on. Users are typically given the choice to turn on a TPM chip when they first use a computer with it. If they ignore the offer, it's easy to forget the feature exists. However, computers needing the most security typically have TPM chips activated.
"You've trusted this chip to hold your secrets, but your secrets aren't that safe," said Tarnovsky, 38, who runs the Flylogic security consultancy in Vista, Calif., and demonstrated his hack last week at the Black Hat security conference in Arlington, Va.
The chip Tarnovsky hacked is a flagship model from Infineon Technologies AG, the top maker of TPM chips. And Tarnovsky says the technique would work on the entire family of Infineon chips based on the same design. That includes non-TPM chips used in satellite TV equipment, Microsoft Corp.'s Xbox 360 game console and smart phones.
That means his attack could be used to pirate satellite TV signals or make Xbox peripherals, such as handheld controllers, without paying Microsoft a licensing fee, Tarnovsky said. Microsoft confirmed its Xbox 360 uses Infineon chips, but would only say that "unauthorized accessories that circumvent security protocols are not certified to meet our safety and compliance standards."
The technique can also be used to tap text messages and e-mail belonging to the user of a lost or stolen phone. Tarnovsky said he can't be sure, however, whether his attack would work on TPM chips made by companies other than Infineon.
Infineon said it knew this type of attack was possible when it was testing its chips. But the company said independent tests determined that the hack would require such a high skill level that there was a limited chance of it affecting many users.
"The risk is manageable, and you are just attacking one computer," said Joerg Borchert, vice president of Infineon's chip card and security division. "Yes, this can be very valuable. It depends on the information that is stored. But that's not our task to manage. This gives a certain strength, and it's better than an unprotected computer without encryption."
The Trusted Computing Group, which sets standards on TPM chips, called the attack "exceedingly difficult to replicate in a real-world environment." It added that the group has "never claimed that a physical attack - given enough time, specialized equipment, know-how and money - was impossible. No form of security can ever be held to that standard."
It stood by TPM chips as the most cost-effective way to secure a PC.
It's possible for computer users to scramble data in other ways, beyond what the TPM chip does. Tarnovsky's attack would do nothing to unlock those methods. But many computer owners don't bother, figuring the TPM security already protects them.
Tarnovsky needed six months to figure out his attack, which requires skill in modifying the tiny parts of the chip without destroying it.
Using off-the-shelf chemicals, Tarnovsky soaked chips in acid to dissolve their hard outer shells. Then he applied rust remover to help take off layers of mesh wiring, to expose the chips' cores. From there, he had to find the right communication channels to tap into using a very small needle.
The needle allowed him to set up a wiretap and eavesdrop on all the programming instructions as they are sent back and forth between the chip and the computer's memory. Those instructions hold the secrets to the computer's encryption, and he didn't find them encrypted because he was physically inside the chip.
Even once he had done all that, he said he still had to crack the "huge problem" of figuring out how to avoid traps programmed into the chip's software as an extra layer of defense.
"This chip is mean, man - it's like a ticking time bomb if you don't do something right," Tarnovsky said.
Joe Grand, a hardware hacker and president of product- and security-research firm Grand Idea Studio Inc., saw Tarnovsky's presentation and said it represented a huge advancement that chip companies should take seriously, because it shows that presumptions about security ought to be reconsidered.
"His work is the next generation of hardware hacking," Grand said.
Broadband and Recovery - the ARRA and State Policies in 2010
By Fabiola Carrion -Progressive States Network
Innovation in the States Under Initial ARRA Grants
State Legislation to Promote Digital Leadership
How Broadband Delivers Economic Growth
The Next Round of ARRA Grants
The American Recovery and Reinvestment Act (ARRA) apportioned $7.2 billion to stimulate the development of broadband infrastructure and services. As the U.S. is now ranked only 17th in global use of broadband and information technology, the ARRA is not only considered a job creator, but also key to regaining long-term economic competitiveness for the nation. Moreover, as a recent study documents, broadband is becoming a significant determinant of economic vitality at the local level.
Although a limited number of grant applications have been awarded, the ARRA promises to still spin the wheels of innovation as the Administration starts evaluating the next wave of applications for the second round of funding. In the meantime, states have been moving forward on laying the policy groundwork for using advanced communication technologies to strengthen both economic opportunity and local job creation.
This Dispatch will highlight the trends in the initial grants when it comes to mapping, deployment and adoption broadband, outline broadband policies that states have been pursuing (using federal and state funding), and why these broadband investments are so critical to the long-term economy of our states.
Advancing understanding of cloud-use benefits for enterprises
By: Dana Gardner, Principal Analyst, Interarbor Solutions
Published: 8th February 2010
BriefingsDirect now presents a podcast discussion on the ongoing activities of The Open Group's Cloud Computing Work Group. We'll meet and talk to the new co-chairmen of the Cloud Work Group, learn about their roles and expectations, and get a first-hand account of the group's 2010 plans.
Join us as we examine the evolution of cloud, how businesses are grappling with that, and how they can learn to best exploit cloud-computing benefits, while fully understanding and controlling the risks. These topics and more were also under discussion at The Open Group's Architecture Practitioners and Security Practitioners conferences last week in Seattle.
In many ways, cloud computing marks an inflection point for many different elements of IT, and forms a convergence of other infrastructure categories that weren't necessarily working in concert in the past. That makes cloud interesting, relevant, and potentially dramatic in its impact. What has been less clear is how businesses stand to benefit. What are the likely paybacks and how can enterprises prepare for the best outcomes?
We're here with an executive from The Open Group, as well as the new co-chairmen of the Cloud Work Group, to look at the business implications of cloud computing and how to get a better handle on the whole subject.
Please join David Lounsbury, Vice President for Collaboration Services at The Open Group; Karl Kay, IT Architecture Executive with Bank of America, and co-chairman of the Cloud Work Group, and Robert Orshaw, IBM Cloud Computing Executive, and co-chair of the Cloud Work Group. The discussion is moderated by BriefingsDirect's Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Lounsbury: One of the things that everybody has seen in cloud is that there has been a lot of take up by small to medium businesses who benefit from the low capital expenditure and scalability of cloud computing, and also a lot by individuals who use software as a service (SaaS). We've all seen Google Docs and things like that. That's fueled a lot of the discussion of cloud computing up to now, and it's a very healthy part of what's going on there.
But, as we get into larger enterprises, there's a whole different set of questions that have to be asked about return on investment (ROI) and how you merge things with the existing IT infrastructure. Is it going to meet the security needs and privacy needs and regulatory needs of my corporation? So, it's an expanded set of questions that might not be asked by a smaller set of companies. That's an area where The Open Group is trying to focus some of its activities.
There is a whole different scale that has to occur when you go into an enterprise, where you have got to think of all the users in the enterprise. What does it take to fund it? What does it take to secure it, protect the corporate assets and things like that, and integrate it, because you want services to be widely available?
Orshaw: A few years ago, there was a tremendous amount of hype, and the dynamics, flexibility, and pricing structures weren't there. It's an exciting time now that you're seeing that from a flexibility, dynamic, and pricing standpoint, we're there. That's both in the private cloud and the public cloud sector—and we'll probably get into more detail about the offerings around that.
A tremendous amount has happened over the past few years to improve the market adoption and overall usability of both public and private clouds.
In a former life, I was CIO of a large industrial manufacturing company that had 49 separate business units. Cloud today can be an issue in the beginning for CIOs. For example, at that large manufacturing company, in order for a business unit to provision new development test environments or production environments for implementing new applications and new systems, they would have to go through an approval process, which could take a significant amount of time.
Once approved, we would have centralized data centers and outsourced data centers. We would have to go through and see if there was existing capacity. If there wasn't, we would then go ahead and procure that and install it. So, we're talking weeks, and perhaps even a few months, to provision and get a business unit up and running for their various projects.
These autonomous business units that weren't very happy with that internal service to begin with, are now finding it very easy to go out with a credit card or a local purchase order to Amazon, IBM, and others and get these environments provisioned to them in minutes.
This is creating a headache for a lot of CIOs, where there is a proliferation of virtual cloud environments and platforms being used by their business units, and they don't even know about it. They don't have control over it. They don't even know how much they're spending. So, the cloud group can have a significant effect on this, helping improve that environment.
Kay: Certainly the leading items like cost savings and time to market are two of the big motivators that we look to for cloud. In a lot of cases, our businesses are driving IT to adopt cloud as opposed to the opposite. It's really a matter of how we blend in the cloud environment with all of our security and regulatory requirement and how we make it fit within the enterprise suite of platform offerings.
The work groups are really focused on trying to deliver some short-term value. In the business use cases, they're really trying to define a clear set of business cases and financial models to make it easier to understand how to evaluate cloud with certain scenarios.
We're seeing a skill-set change on the technical side, in that, if you look at the adoption of cloud, you shift from being able to directly control your environments and make changes from a technical perspective, to working with a contractual service level agreement (SLA) type of model. So it's definitely a change for a lot of the engineers and architects working on the technical side of the cloud.
The Cloud Architecture Group is looking to deliver a reference architecture in 2010. One of the things we've discovered is that there are a lot of similarities between the reference architecture that we believe we need for cloud and what already has been built in the SOA reference architectures. I think we'll see a lot of alignment there. There are probably some other elements that will be added, but there's a lot of synergy between the work that's already going on in SOA and SOI and the work that we are doing in cloud.
Number of activities
Lounsbury: There are a number of activities inside The Open Group. Enterprise architecture is a very large one, but also real-time and embedded systems for control systems and things of that nature. We've got a very active security program, and also, of course, we've got some more emerging technologically-focused areas like service oriented architecture (SOA) and cloud computing.
We have a global organization with a large number of industrial members. As you've seen, from our cloud group, we always try to make sure that this is a perspective that's balanced between the supply side and the buy side. We're not just saying what a vendor thinks is the greatest new technology, but we also bring in the viewpoint of the consumers of the technology, like a CIO, or, as Karl represents on the Cloud Group, an architect on the design side. We make sure that we're balancing the interests.
We did a number of presentations reaching back to our Seattle conference about a year ago on cloud computing. We've reached out to other organizations to work with them to see if there is interest in working together on cloud activities. We've staged a series of presentations.
We've gotten about 500 participants virtually, and that represents about 85–90 companies participating.
The members decided in mid-2009 to form a work group around cloud computing. The work group is a way that we can bring together all aspects of what's going on in The Open Group, because cloud computing touches a lot of areas: security, architecture, technology, and all those things. Also, as part of that we've reached out to other communities to open a nonmember aspect of the Cloud Work Group as well.
Orshaw: At the end of this, we'll have a complete model for both public and private cloud. It's an exciting endeavor by the team, and I'm excited to see the outcome. We'll have short-term milestones, where we'll produce, document, and publish results every two months or so. We hope, towards the end of the year, to have all of these wrapped up into these global models that I described.
IBM launches eight-core Power7 processor, servers
by Agam Shah - IT World
IBM on Monday launched its latest Power7 processor, which adds more cores and improved multithreading capabilities to boost the performance of servers requiring high up time.
The Power7 chip has eight cores, with each core able to run four threads, IBM said. A Power7 chip can run 32 tasks simultaneously, which is quadruple the number of cores on the older Power6 chip. The Power7 will also run up to eight times more threads than Power6 cores.
The new chip also has TurboCore technology, which allows customers to crank up the speed of active cores for performance gains. The technology also puts memory and bandwidth from eight cores behind the four active cores to drive up the performance gains per core.
The company also launched four Power7-based servers. IBM Power 780 and Power 770 high-end servers are based on modular designs and come with up to 64 Power7 cores. The IBM Power 755 will support up to 32 Power7 cores. The company also launched the 750 Express server. The Power 750 Express and 755 will ship on Feb. 19, while the Power 770 and 780 will become available on March 16.
In addition to boosting performance, the Power7 servers can save more energy, IBM said. A technology called Unique Intelligent Energy allows parts of a system to be switched off to reduce power drawn. The technology also allows the processor clock speed to be cranked down on a single server or across a pool of multiple servers, which can reduce power consumed.
IBM did not respond to immediate requests for comment on server pricing.
The chip is aimed at industries that require servers with high up time, such as the financial or electric industries, IBM said. The chips is designed for Internet, database or analytical workloads that process a large number of concurrent transactions, the company said.
IBM's Power7 launch could set off a new battle in the high-end microprocessor market where it competes with companies like Intel, which offers the Itanium chip, and Sun Microsystems, which offers the Sparc chip.
Intel is expected to launch the latest version of the Itanium chip code-named Tukwila on Monday. The Itanium chips go into high-end servers offered by Hewlett-Packard, which competes with IBM in the server space.
During the third quarter of 2009, IBM was the leader in server revenue with 31.8 percent market share, with HP in a close second with a 30.9 percent market share.
The application is the new the operating system
by Matt Asay - cnet news
If you're a Google Nexus One user, you experienced a bit of magic last week.
In one click of an over-the-air update, your Nexus One became an iPhone--offering the ability to pinch and expand the screen to zoom in or out.
Can you spot the OS in this picture?
Just one click, with little to no user intervention. That's what operating systems look like in the 21st century, a future more clearly playing out in mobile than in the more traditional realms of personal computers and servers.
Apple is leading the way on this, but application developers have been quick to pick up on the trend.
Consider, for example, Apple's forthcoming iPad. According to Funambol's Fabrizio Capobianco:
The iPad is a new paradigm of human-computer interaction. The desktop is gone. The folders are gone. The documents live inside the app. The device transforms itself in the object it becomes. It is a non-object. It is what you want it to be. One touch on an icon, it is a calculator. No folders, no files, just numbers as if you were holding a calculator. One touch and it is a notepad. One touch and it is a picture frame. It is the future of computing.
The iPad is the replacement of the home desktop computer.
Why? Because it simplifies the user experience to what they actually want to do, removing all the complexity as to how it is actually done. Open-source developers have been slow to pick up on this, thinking that everyone wants to muck around in source code, or at least have the ability to do so.
We don't. Not average users. We just want our machines to work for us. We don't want to have to work for them.
Facebook gets this, and particularly so in its mobile incarnation. On the personal computer, Facebook is relatively easy but a bit too cluttered, a bit too PC-like. On the iPhone, Facebook is magically simple to use. Facebook was made for this "operating system-free" world.
No wonder Facebook is the king of mobile, according to studies of mobile usage.
In this post-PC, post-OS world, can open source play a leading role?
I think so, as does Linux Foundation Executive Director Jim Zemlin. But it's going to require a very different kind of open source than we've hitherto experienced. We need open-source development communities that demonstrate keen appreciation for end-user requirements, with as much emphasis on user interfaces as underlying architecture.
We need to create the same sort of "magic" that Apple does, the kind that makes former Red Hat marketing lead Chris Grams suggest that "no company can make more folks put their beliefs aside for a shiny new object quicker than Apple."
Open source needs that shiny-ness, without the sacrifice of freedom.
We're already starting to deliver, as Steven J. Vaughan-Nichols notes, but we need to do better. We need to be less Dickens, to borrow from Gartner analyst Thomas Otter, and more revolutionary.
Here's where to begin: stop thinking about the OS and start thinking about the network. Call it cloud or whatever you like, but the magic of the iPhone is not in its OS. It's in the fact that the iPhone OS gets out of the way as users connect with the Internet in increasingly interesting ways.
Open source is a child of the Internet. Linux is the first true network operating system. All that is missing, therefore, is to eradicate the fixation with file systems and other remnants of the 20th-century PC and instead look beyond to the network, one that happily runs Linux, but in the background, letting the user experience the Web and its applications first and foremost and not worry about how the application is running.
Apple can do this because it isn't concerned about selling OSes. That's not where the money is. One of the reasons Microsoft so often stumbles is because it is chained to its decades-old Windows revenue stream, as former executive Dick Brass recently opined.
Guess what? Open source is more Apple than Microsoft in this respect. We don't need to monetize the OS. Linux is free.
Now we just need to focus on innovation, and by "innovation" I don't mean coming up with "gee whiz!" shiny, new objects. Open source can follow Apple's (and Microsoft's) lead, as Gavin Clarke writes in The Register:
In the past, and even with some of the new ideas like Bing and Azure and a hosted version of Office, it's been a case of Microsoft following others. One of its strengths, like Apple, has been in taking an existing idea and making it work better as it did on Windows and Office in the 1980s and 1990s. Not so much innovating the new, as innovating the existing.
So, it's a question of focus. Focus on the user. That's not to say that developers go by the wayside, but that the most successful commercial open-source projects will be those that remember who their customers are, not just who their development community is.
As we do this, we can surpass Apple in refining the future of the operating system, letting applications, and particularly Web applications, dominate the computing experience, instead of making customers plod through file systems and other remnants of a bygone era.
IT managers look to hydrogen fuel cells
By REBECCA NEAL
At a data facility in Germantown, Md., the Energy Department runs its most mission-critical operations: office management applications; e-mail services; network management; personnel, procurement, financial and project management applications; and others.
That's why Jake Wooley, deputy director of Energy's information technology management office, worries what might happen if the East Coast's power grid failed.
Like IT managers at a handful of other federal agencies, Wooley has begun studying whether hydrogen fuel cells could be used as an alternate power source for the Energy Department's primary data center.
Besides the promise of offering greater energy security, fuel cells come with another benefit, Wooley says: less ozone-damaging pollution than traditional energy sources. Fuel cells generate energy through a hydrogen reaction, which is cleaner than energy produced by combustion at coal-fired power plants.
One drawback: Fuel cells may be too large to install near many Washington buildings. Finding space for fuel cells — some of which can be the size of half a semi-truck — is a challenge for agencies and companies, said Frank Wolak, vice president of business development for FuelCell Energy, a Connecticut-based company consulting with agencies on fuel cell technology.
"Those buildings were designed to be esthetically pleasing. ... The building stock is also old, so there's not a lot of mechanical space for fuel cells," he said.
Nevertheless, the Commerce and Interior departments are talking with a local utility company and a fuel cell manufacturer about installing fuel cells for their Washington headquarters. Commerce has considered placing fuel cells in the courtyard.
Despite concerns about their size, fuel cells are an attractive option for federal IT managers. That's because agencies are under increasing pressure from the White House to reduce their greenhouse gas emissions, and data centers are among the biggest energy hogs in government.
Agencies combined must reduce their greenhouse gas emissions by 28 percent over the next decade. Fuel cells are not considered renewable energy sources — which would be ideal — because they require natural gas, but they produce far less emissions than coal-burning electrical plants emit and no particulate matter, Wooley said.
Automakers have experimented with hydrogen fuel cells to power cars, but hydrogen-powered vehicles are proving impractical because obtaining hydrogen on the road is difficult. But hydrogen fuel cells are easy to power for buildings because they can pull hydrogen from natural gas lines, said Bob Tierney of UTC Power, one of the companies providing analysis for the Energy Department's study.
"Buildings have such extensive networks of natural gas that you take away that concern of how to refuel hydrogen," said Tierney, manager of business development and strategic planning for the Connecticut-based fuel cell manufacturer.
Fuel cells also produce heat that can be pumped through buildings or used to heat water, Wooley said.
The fuel cells may best be used in buildings such as data centers that are occupied around the clock, allowing agencies to get the most for their technology dollars, said Wolak of FuelCell Energy.
"Is the building's electrical and thermal composition suitable for fuel cells? If the building's dark at night and no one's around, then that equipment is sitting idle," Wolak said.
Fuel cells can cost millions of dollars, and private companies have been able to buy them thanks to state and federal tax credits and incentives. The federal government won't have access to such subsidies, which is why the Energy Department is studying whether purchasing fuel cells is financially and logistically feasible, Wooley said. The study, which started about a month ago, may take up to a year.
Private facilities that have installed fuel cells include the Sierra Nevada Brewing Co. brewery in California, a Whole Foods supermarket in California and a Cabela's outfitter in Connecticut.
"Where there are state incentives, the cost of electricity from fuel cells is comparable to the grid," Tierney said.
But Wolak said the fuel cell industry could use the boost that federal investment would bring, as agencies' orders would increase the volume produced and help lower costs.
Linux Founder a "Happy Camper" With Google's Nexus One
By Rob Wright, ChannelWeb
Linux founder Linus Torvalds wrote in a blog post over the weekend that although he typically hates mobile phones, Google (NSDQ:GOOG)'s Nexus One has made him a believer.
Torvalds declared on his personal blog that he "broke down and bought a Nexus One last week," and that the new device had made him a "happy camper." In the relatively brief post, he describes his general disdain for mobile phones ("they are irritating and disturb you as you work or read or whatever") and states that he owned the original G1 but "hardly ever used it" beyond playing Galaga and Solitaire during long flights.
Torvalds, however, admits he loves the concept of a mobile phone running Linux, so he decided to give the Nexus One a shot after learning that a recent software update had fixed the phone's pinch-to-zoom capability. And after a week of using the new smartphone, Torvalds is now raving about the Nexus One.
"[I] have to admit, the Nexus One is a winner," Torvalds wrote on his blog. "I no longer feel like I'm dragging a phone with me 'just in case' I would need to get in touch with somebody - now I'm having a useful (and admittedly pretty good-looking) gadget instead. The fact that you can use it as a phone too is kind of secondary."
In particular, Torvalds raves about the Nexus One's GPS capabilities with Google Navigation. However, Linux's creator doesn't discuss his impressions of the Android OS, which is built on the Linux kernel but runs applications on a Java layer called the Dalvik Virtual Machine. No doubt open-source software fans and Torvalds' followers are eagerly awaiting his hands-on impressions of the OS, as well as application development for the Nexus One.
Security, simplicity and control ease make desktop virtualization ready for enterprise uptake
By Dana Gardner, Principal Analyst, Interarbor Solutions - IT DIrector.com
The growing interest and value in PC desktop virtualization strategies and approaches has its roots in both technology and economics. Recently, a lot has happened technically that has matured the performance and economic benefits of desktop virtualization and the use of thin-client devices.
At the same time as this functional maturity improved, we are approaching an inflection point in a market that is accepting of new clients and new client approaches like desktop virtualization.
Indeed, the latest desktop virtualization model empowers enterprises with lower total costs, greater management of software, tighter security, and the ability to exploit low-cost, low-energy thin client devices. It's an offer that more enterprises are going to find hard to refuse.
In desktop virtualization, the workhorse is the server, and the client assists. This allows for easier management, support, upgrades, provisioning, and control of data and applications. Users can also take their unique desktop experience to any supported device, connect, and pick up where they left off. And, there are now new offline benefits too.
Here to help us learn more about the role and outlook for desktop virtualization, we're joined by Jeff Groudan, vice president of Thin Computing Solutions at HP. The BriefingsDirect interview is conducted by Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Groudan: There certainly are some things in the market that are sure driving a potential inflection point [for client virtualization]. The market-driven things coming out of the recession are opening a lot of customers up to re-looking at some deployments that they may have delayed or specific IT projects that they have put on hold.
Just to put it into context, there was recently some data from Gartner. They feel like there are well over 600 million desktop PCs in offices today. Their belief is that over the next five years, upwards of 15 percent of those could be replaced by thin clients. So that's quite a number of redeployments and quite an inflection point for client virtualization.
In addition, there has been an ongoing desire to increase security and a lot of new compliance requirements that the customers have to address. In addition, in general, as they are looking for ways to save on costs, they are consistently and constantly looking for different ways to more efficiently manage their distributed PC environments. All of these things are driving the high level of interest in virtualizing PCs.
One of the key benefits of client virtualization is the ability to keep all the data behind the firewall in the data center and deploy thin clients to the edge of the network. Those thin clients, by design, don't have any local data.
You're also seeing better performance on the hardware side and the infrastructure side. It's really also helping bring the cost per seat of the client virtualization deployment down into ranges that are lot more interesting for large deployments. Last, and near and dear to my heart, you're seeing more powerful, yet cost-effective, thin clients that you can put on the desk and that really ensure those end-users get the experience that you want them to get.
Not an IT panacea
Our general coaching to customers is that client virtualization is not necessary for everyone, for every user group, or every application set. But, certainly, for environments where you need to get them more manageable, you need more flexibility.
When you think about the cost savings of client virtualization, usually the costs come from some of the long-term acquisition costs.
You need higher degrees of automation in order to manage a high number of distributed PCs with the benefits from centralized control, reduced labor costs, and the ability to manage remote or hard to get at locations—things like branches, where you don't have a local IT. Those are great targets for early client virtualization deployments.
All of a sudden, the data-center guys need to be thinking about the end-user. The end-user guys need to be thinking about the data center. Roles and responsibilities need to be hammered out. How do you charge the capital expense versus operational expense? What gets budgeted where? My advice is: as you're thinking about the technical architecture and all of the savings end-to-end, you need to also be thinking about the internal business processes.
We look at this market in two ways, in the context of client virtualization and in the broader context of thin computing. Just zeroing in on client virtualization, we call it Client Virtualization HP. It's desktop virtualization. It's the same animal.
We look at it as a specific set of technologies and architectures that dis-aggregate the elements of a PC, which allows customers to more easily manage and secure their environment. What we're really doing is taking advantage of a lot of the new software capabilities that matured on the server side, from a server virtualization and utilization perspective. We're now able to deploy some of those technologies, hypervisors, and protocols on the client side.
The first is that you don't want to have customers having to figure out how to architect the stuff on their own. If you think about PCs 20–25 years ago, customers didn't know how to architect a distributed PC environment. In 25 years, everybody has gotten good at it. We're still at the early stages on client virtualization.
Our specific objective is figuring out how to simplify virtualization, so that customers get past the technology, and really start to deliver the full benefit of virtualization, without all the complexity.
So our focus is to deliver more complete integrated solutions, end to end from the desktop to the data center, lay it all out, and reference designs so customers can very comfortably understand how to go build out a deployment. They certainly may want to customize it. We want to get them 80–90 percent there just by telling them what we have learned.
Wide applicability across industries
There are opportunities for just about every industry. We've seen certain verticals on the cutting edge of this. Financial services, healthcare, education, and public sector are a few examples of industries that have really embraced this quickly. They have two or three themes in common. One is an acute security need. If you think about healthcare, financial services, and government, they all have very acute needs to secure their environments. That led them to client virtualization relatively quickly.
We certainly have some very exciting launches coming up in the next couple of months where we're really focused on total cost per seat. How do we let people deploy these kinds of solutions and continue to get further economic benefits, delivering better tighter integration across the desktop to the data center?
The ease of deployment of these solutions can get easier and easier, and then ease of use and manageability tools. They allow the IT guys to deploy large deployments of client virtualization with as little touch and as little complexity as we can possibly make it. We're trying to automate these kinds of solutions. We're very excited about some of the things we'll be delivering to our customers in the next couple of months.
Cisco to unleash data center extensions
By Jimm Duffy - IT World
Cisco next week is expected to unveil new and enhanced data center products that are designed to more easily interconnect and allocate resources among multiple data centers and are optimized for cloud computing and virtualization.
The Cisco enhancements extend across the company's Nexus 7000 and Catalyst 6500 and 4900M Ethernet switches as well as its Wide Area Application Services (WAAS) acceleration and Application Control Engine (ACE) load balancing appliances.
Ethernet Switch Cheat Sheet
Front and center is an enhancement to the Nexus 7000's NX-OS operating system called Overlay Transport Virtualization (OTV). This is a data center interconnect feature intended to simplify establishment of those links by extending Layer 2 Ethernet LANs across geographically dispersed data centers.
Essentially, OTV performs "MAC routing," Cisco says. OTV encapsulates and tunnels Ethernet through a routed Layer 3 infrastructure to enable multiple dispersed data centers to look like one logical entity. This allows IT administrators to move workloads and virtual machines across data centers without having to redesign or reconfigure their network, Cisco says.
This is important as more enterprises deploy, for example, VMware's VMotion to move data center workloads across long distances for resource allocation or disaster recovery. It requires only four commands per site and can be enabled as a simple overlay over existing Layer 3 networks in just five minutes, Cisco claims.
Other data center interconnect techniques – such as MPLS or dark fiber – require months of design and planning, the company says. But what if a customer already uses MPLS with a Layer 2 tunneling technique such as pseudowires?
OTV may not be needed in those cases, but it still could be used for fault isolation, and for faster, easier establishment of new data center interconnections, Cisco claims. It also alleviates the need to manage a web of individual point-to-point links, the company says.
"The routers do all of the work," says Craig Huitema, Cisco director of marketing for data center solutions.
IBM hits graphene transistor breakthrough
By Larry Dignan - cnet
IBM Research on Friday announced that it has demonstrated a radio-frequency graphene transistor with the highest frequency so far: 100GHz.
Graphene is a special form of graphite, consisting of a layer of carbon atoms packed in honeycomb lattice. In a nutshell, graphene is like "atomic scale chick wire." Graphene's properties could lead to faster transistors.
IBM's paper, which is being published in Science, details how the latest graphene breakthrough could enable new communications devices and electronics. The paper was penned by Phaedon Avouris, IBM Fellow and manager of the company's nanometer-scale science and technology research team.
IBM Talks Up New Data Management Strategy
By Janet Rae-Dupree - CIO UPDATE
In a flurry of announcements Wednesday, IBM spelled out a holistic strategy for data management that it refers to as "information governance," tying together information flow and analysis across corporate networks.
Among the announcements at its Information Governance Council meeting here were two new technologies, one new business services consultancy and a company acquisition – IBM's thirtieth purchase of an information management or analytics company in the last five years.
Michael Curry, director of Strategy for Information Management at IBM (NYSE: IBM), said the company has been working toward this "tipping point" since creating the governance council in 2005.
"There's a recognition that data volumes are growing dramatically and that much of that, 80 percent of that, is unstructured data, PDF files and other forms of text," he said. "All those things require a different level of focus to prevent risk and problems and to turn it into something of value for the corporate structure overall."
IBM's InfoSphere Business Information Monitor software will see a limited release as part of what IBM calls a technology preview program. Developed through IBM Research and new technologies acquired as part of the company's purchase of software company Guardium late last year, Business Monitor is intended to track the quality and flow of a company's information and provide real-time alerts about potential flaws or gaps in the data.
Ron Ben Natan, CTO of Guardium Software within the IBM Software Group, described the program as "end-to-end information supply chain tracking" intended to ensure the integrity of data as it moves from collection to analysis and ultimately to the kinds of reports upon which major business decisions are made.
"We're no longer looking at data in a single dimension," he said. "This is about convergence of data quality, data management, business process automation, security and compliance. That all starts with getting clear visibility into what you have."
Blocking Sensitive Information
The second technology announced at the event, Optim Data Redaction, automatically identifies sensitive information such as Social Security numbers or credit scores within larger documents, and blocks access to that information if a user does not have clearance to see it. The software is scheduled for release in March.
To help companies deploy the new technologies, IBM Global Business Services outlined an expansion of its consulting work through what it's calling the Information Governance Center of Excellence. Through the center, more than 250 IBM consultants are available to help companies globally deploy a comprehensive information governance plan.
According to a 2009 IBM survey, four of five business leaders see information as a source of competitive advantage, but half don't have access to the information they say they need to do their jobs properly. And more than one-third of these executives reported having made critical business decisions without all the information they would have liked to have had.
Mike Schroeck, who currently heads up IBM's business analytics and optimization efforts, said the new consulting business is intended to improve those numbers.
"Information management problems are pervasive, complex, and seem insurmountable," he said. "The lack of consistency in standards, policies and procedures have resulted in limited success of information management efforts. And the lack of common definitions or understanding of data elements is behind many of these issues.”
The information governance center will address six new areas, including information governance assessment, policy development, organizational design and development, quality analysis and remediation, metadata strategies, and information governance implementation and change management.
IBM also announced its plans to acquire privately-held Initiate Systems, which provides software to improve information sharing between health care providers, insurance companies and government agencies.
"Nothing on the planet needs information governance more than the health care industry," Curry said. "You really need to be careful to protect the information and track who's touched what and when. All of these things are core components of information governance."
U.S. 'Severely Threatened' By Cyber Attacks
By Thomas Claburn
InformationWeek
Testifying before the Senate Intelligence Committee on Tuesday, the top U.S. intelligence official warned that U.S. critical infrastructure is "severely threatened" and called the recent cyber attack on Google "a wake-up call to those who have not taken this problem seriously."
"Sensitive information is stolen daily from both government and private sector networks, undermining confidence in our information systems, and in the very information these systems were intended to convey," said Dennis C. Blair, Director of National Intelligence, in prepared remarks outlining the U.S. intelligence community's annual assessment of threats.
Jim Christy, the Director of Futures Exploration at the Department of Defense Cyber Crime Center, talks about the increasing sophistication of attacks that he is starting to see.
While Blair's testimony covered terrorism, nuclear proliferation, geo-political conflicts, global economic problems, risks associated with climate change, and global health challenges, it addressed cyber threats first.
"Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication," he said, citing as an example the emergence in 2009 of malware that modifies itself to avoid detection.
Cyber criminals' capabilities presently exceed the response capabilities of those defending networks, Blair said, and urged companies to promptly report attacks to help the government understand and address the full range of cyber threats. He warned that cyber-facilitated bank fraud and credit fraud have serious implications for the economy and national security.
Looking ahead, he said that voice and data networks will converge over the next five years and that this convergence amplifies the potential disruption from cyber attacks.
To protect cyberspace, the U.S. government will need to collaborate more effectively with private sector partners and international authorities, said Blair.
He also urged Congress to fully fund the U.S. government's cyber security initiatives, noting that Congress had funded most, but not all, of the Administration's request last year.
Blair's comments come just days after the emergence of a leaked report from MI5, the U.K.'s counter-intelligence agency, about the risk of Chinese cyber-espionage and malware-infected electronic gifts.
Pay fiasco fueled bonuses, aide says of Veon
By Brad Bumsted
TRIBUNE-REVIEW
HARRISBURG -- Former top House Democratic staffer Michael Manzo testified Tuesday that the aborted legislative pay raise of 2005 was a key factor in boosting the cost of a secret taxpayer-funded bonus program to help incumbents win re-election.
And despite losing his re-election bid in November 2006, in large part because he supported the pay hike, former House Democratic Whip Mike Veon continued to approve staff bonuses for campaign work before leaving office, Manzo said.
Manzo, who pleaded guilty to charges in the bonus scandal, was the prosecution's first witness in the criminal trial of Veon and three former aides.
Manzo, ex-chief of staff for former House Minority Leader Bill DeWeese, said Veon approved bonuses from 2004 to 2006. Manzo said he is convinced DeWeese knew about the program, though he testified he never "explicitly" discussed it with DeWeese.
"Mike (Veon) set the amounts for his staff. It was my suggestion for everybody else," Manzo said.
The 16 percent to 54 percent pay hike lawmakers approved in the middle of the night in July 2005 sparked taxpayer outrage. By November, legislators repealed the raise, and Veon cast the lone dissenting vote among legislators in both chambers.
Retirements led to open seats, and "there were a lot more members in very tough races because of the pay raise vote," Manzo said.
"We needed more bodies" to campaign, he said.
Manzo said he wasn't sure who dreamed up the idea, but Democrats began using bonuses to motivate campaign work in part because of frustration from being in the minority status in the House and to counter the Republicans' superior fundraising capacity. In 2006, Democrats recaptured a House majority for the first time in 12 years.
In January 2007, news broke that millions in bonuses were quietly given to legislative employees, prompting an investigation by the Attorney General's Office.
The cost of the bonus program soared from $188,000 in 2004 to $1.28 million in 2006, Deputy Attorney General Patrick Blessington told the jury.
Veon, 53, who represented his Beaver County district for 20 years, is accused of overseeing the bonus system and other political efforts by the Democratic Caucus, including taxpayer-paid campaigns to knock opponents off the ballot.
Three former aides also are on trial: Annamarie Peretta-Rosepink, 47, a former district office manager in Beaver Falls; Brett Cott, 37, a former policy aide in Harrisburg; and Stephen Keefer, 39, the ex-director of House Democrats' information technology department.
Blessington called it a case of "organized, institutional, criminal behavior."
But, said Cott's lawyer Bryan Walk: "Politics, legislating and campaigning are like a big ball of yarn."
Manzo testified that he and former administrator Scott Brubaker recommended bonus amounts and got Veon's approval. Brubaker then informed DeWeese, Manzo said.
The prosecution submitted e-mails into evidence intended to show Veon's and Cott's involvement in the bonus program.
DeWeese, charged with crimes in a separate case, denies knowledge of bonuses for campaign work.
Lemoyne defense attorney William C. Costopoulos, who has handled high-profile cases, confirmed he is now representing DeWeese. Costopoulos said he had no comment.
Prosecutors reduced charges against Manzo and his wife, Rachel, who pleaded guilty. Walk said prosecution witnesses with plea agreements who will testify against the defendants are "liars" who are in a "cover-your-butt mode."
Veon's lawyers have claimed the bonus investigation is politically motivated because Attorney General Tom Corbett is running for governor. Corbett said the case is based on a state grand jury's recommendation.
Veon is one of 12 Democrats charged in July 2008. Seven defendants who pleaded guilty this month are awaiting sentencing.
Last month, a jury acquitted former Rep. Sean Ramaley of Baden, accused of holding a "ghost job" in Veon's office.
In November, 10 Republicans were charged with diverting $10 million in tax money for sophisticated computer systems to give the GOP an edge in elections.
DeWeese and two other Democrats were charged in December with running campaigns out of his Harrisburg and Waynesburg offices.
Do CIOs Blog — And Should They?
By Sharyn Leaver - The Forrester Blog for CIO's
We’ve become curious ever since we interviewed Linda Cureton of NASA a few months ago, when we were a bit surprised to discover that she has an active blog (her Thanksgiving entry implores CIOs to give thanks to their “geeks”). And there’s Rob Carey, CIO of the Navy, who has been blogging for the past two years. So we decided to look around to see other CIOs who are actively blogging. Active implies recent — which takes quite a bit of time and thought, and is probably not for everyone. So who else besides Linda takes the time and thought? Here are a few who do, though not always frequently.
Healthcare CIOs blog as individual musings. There’s Will Weider, who is CIO of Ministry Healhh Care and Affinity Health System in Wisconsin (14.5 hospitals and 400 employees). In his blog, "CandidCIO," he blogs about issues and observations from his job, including musings about job descriptions, federal stimulus programs, and e-mail overload. At the other end of the blogosphere, there’s John Halamka in Boston, CIO of Beth Israel Deaconess Medical Center, Chief Information Officer at Harvard Medical School, and too many other roles to count. Per his blog profile, he supports “3000 doctors, 18,000 faculty, and 3 million patients”). John posts nearly every day at 3:00 a.m. (!), perhaps due to insomnia or a regularly scheduled upload process. Sometimes these are about technical issues such as his post on time servers and sometimes about clothes as in this Gortex suit blog post.
Government CIOs blog as part of a communication strategy. There are the very occasional bloggers like Vivek Kundra, CIO of the Federal Government — with his last blog entry from September on information security and the government standards for compliance. On the other hand, it’s remarkable that his blog entry is part of the IT dashboard for the Federal Government — where Federal spending projects and amounts can be reviewed graphically and in great detail. And there’s John Suffolk’s blog — "Government CIO" (for Her Majesty’s Government) — most recent entry on project costing.
Industry CIOs blog — and tweet. There’s Martin Marietta Materials’ CIO Chuck Musciano’s “The Effective CIO” blog, started fairly recently as an effort to share best practices. Unlike the others, Chuck is also scrolling Twitter updates on his blog site — he’s tweeted over 1000 times and has 951 followers (as of this writing). And as we know, the great thing about tweeting is the 140-character limit.
There are a few more, but after you look at these, you get the idea. Forrester has offered great advice about blogging as a marketing tool and also has advice for execs on Twitter — but we’ve yet to weigh in on whether CIOs should blog or Tweet. Let’s get right down to it — being a CIO is a lonely job and offers few great opportunities for well thought out written communication, unless you count PowerPoint.
So let me offer a theory and get your input about whether CIOs should even think about blogging. Consider blogging if:
You feel a strong need to write, you’re known to be good at it, you have someone who takes a look before you post, and you’re willing to keep it up — weekly or more often. Quarterly posts are not blogs — they’re press releases.
It’s good for your organization as a whole that you do this and they’re not going to be embarrassed or disavow you.
You market your blog (or someone does) so that it is read and invites comment — you tweet it, put it on Facebook, and take note of feedback and comments.
You’re willing to link to other thoughts and ideas (from in or outside your organization), creating the greatest reach and connectedness.
Otherwise, keep a low profile in the blogosphere — and hone your PowerPoint. Other thoughts?
CommVault offers Cloud-Based Data Storage
By Paul Shread - internetnews.com
Storage management and backup software vendor CommVault is giving its Simpana software new cloud storage capabilities.
CommVault's integrated cloud storage connector lets customers move onsite backup and archive data in and out of private and public cloud storage without the need for scripting or cloud gateway appliances.
The data storage software vendor isn't looking to join the growing list of online storage providers, however. Instead, the new feature simply lets users work with the likes of Amazon Web Services, EMC (NYSE: EMC) Atmos, Iron Mountain, Microsoft and Nirvanix.
The move comes despite persistent skepticism among enterprise storage users about cloud storage security, service levels, chain of custody and other issues, according to a recent Forrester study.
Jeff Echols, CommVault's director of cloud solutions, agreed that enterprise storage users are still trying to grasp the possible use cases for cloud storage, but he added that such services have potential as a low-cost tier for compliance-related data retention, citing GE as one such use case. "For compliance-type applications, it could get interesting for enterprises," Echols said.
CommVault Simpana uses native REST over HTTP to achieve tight integration with APIs from Amazon S3, EMC Atmos, Iron Mountain's Archive Services Platform, Microsoft Azure and Nirvanix SDN. CommVault customers simply create a storage policy to select cloud storage as a target.
CommVault also offers data deduplication, compression and FIPS-certified encryption to reduce storage costs and boost security, while Simpana Search can index data before sending it to the cloud to help meet compliance and e-discovery needs.
The new cloud storage capability is available in the latest CommVault Service Pack. Users need a per-terabyte capacity license from CommVault and an account with one of the cloud service providers.
Makara turns the cloud into a virtual layer
By Dave Rosenberg - cnet
Several months back, I spoke with Issac Roth, CEO of platform-as-a-service start-up WebappVM, about taking advantage of the cloud by moving to a virtual layer approach.
The idea behind this virtual layer is to enable developers to easily take Web applications to cloud environments--be they private, public, hybrid, or elsewhere in the ether.
On Tuesday, Roth and company are announcing the developer edition for their Cloud Application Platform with a newer, catchier name: Makara.
According to Roth, developers want to be able to get their apps up and running quickly but haven't had the ability to do so previously. They've just been copying data center deployment architecture wholesale to the cloud. But this kind of quick and dirty transfer ends up adding unnecessary manual labor.
Instead of retrofitting system management software designed for traditional application environments, developers can leverage the virtual layer to allow developers to deploy, scale, and monitor applications in cloud environments--with an emphasis on speed and ease.
Using the Makara Cloud Application Platform, developers don't need to rewrite applications specifically for deployment in the cloud. You simply place your existing program into the Cloud Application Platform capsule and launch it into the cloud. No code changes and no new development are necessary, according to the company.
Once deployed, the Cloud Application Platform sits on top of the hypervisor and under the application stack. This means maximum flexibility when it comes to porting it across cloud and virtual environments. Developers can provision across clusters without problem and even move between cloud providers with one click.
While there is no doubt that Makara and others targeting the space still have a lot of work to do, this new application delivery model provides a glimpse of a future where the underlying infrastructure becomes as much of a commodity as the hardware it runs on.
RSC Straw Polls In Southwest and Nothewest Causcuses Votes to Support Tom Corbett for Governor
FOR IMMEDIATE RELEASE CONTACT: Brian Nutt
January 30, 2010 (717) 238-4009
Harrisburg - The Southwest and Northwest Caucuses of the Republican State Committee met today and voted to support Attorney General Tom Corbett for Governor. Tom Corbett received 57 of 61 votes in the Southwest Caucus and 37 of 39 votes in the Northwest Caucus.
"Our message of reducing the tax burden on Pennsylvania families and revitalizing the economy to create family sustaining jobs has been resonating with voters," stated Corbett. "We are honored and humbled to receive such an overwhelming majority of support from Republican State Committee members."
The vote occurred after Corbett addressed the Caucus members and reiterated his commitment to reduce state spending and cut government waste, improve the economic climate to create jobs and bring openness and accountability to state government.
Corbett earned the support of the Republican State Committee Central Caucus earlier this month.
At his announcement for Governor in September Tom Corbett outlined the need to reduce the tax burden on Pennsylvania's families and change the culture in Harrisburg, including reforming legislative WAMs.
Tom Corbett was born and raised in Pennsylvania. He married his college sweetheart Susan Manbeck Corbett. They are the proud parents of two grown children Tom and Katherine. He has served as Pennsylvania Attorney General since 2005. For a full biography, please visit www.tomcorbettforgovernor.com.
GOP Southwest Caucus endorses Corbett, Toomey
By Richard Robbins
TRIBUNE-REVIEW
Attorney General Tom Corbett of Shaler and former congressman Pat Toomey of Reading emerged from Saturday's meeting of Republican leaders from southwestern Pennsylvania with overwhelming straw-vote endorsements.
Corbett, who is being challenged for the GOP nomination for governor by state Rep. Sam Rohrer of Reading, garnered 57 votes in unofficial balloting by the GOP Southwest Caucus. Rohrer received 2.
Toomey, who almost unseated then-Republican U.S. Sen. Arlen Specter six years ago, breezed past Peg Luksik of Johnstown, 51-6, in the race for that seat. Specter switched parties and will seek the Democrats' nomination for re-election.
Moments before stepping to the podium at St. Vincent College's Fred Rogers Conference Center, Corbett said he would tell the private gathering of state committee members that the upcoming election was about "a change of direction for Pennsylvania," including placing limits on the size of state government and relying more on "free enterprise."
Corbett said that the GOP committee "knows me. I've been around since 1988."
Corbett has brought a series of criminal charges against state legislators from both parties for alleged misuse of their offices. Calling himself a consensus builder, Corbett said the investigation would not harm his relationship with lawmakers and his legislative agenda, if he were to be elected governor.
Rohrer said that regardless of what happens at a statewide endorsement meeting Feb. 13, he intended to stay in the race "through" the primary on May 18.
Rohrer, who labeled himself a "Constitutional Republican," said his campaign would be "driven by issues" -- the economy, education and ethics.
Toomey was unable to attend yesterday because of a "long-standing commitment" to one of his children, according to Bill Darr of Indiana, the Southwest Caucus chairman.
Speaking in his place was businessman James Roddey, a former Allegheny County chief executive.
Luksik, who has run in the past for governor, raised questions about Toomey's conservative credentials. The founder of Mom's House, an alternative to abortion, Luksik charged that Toomey has been on different sides of the same issue in a number of instances, including gun control and immigration reform.
"Who is the real Pat Toomey?" she said. "He is all over the place."
Luksik, who suggested she was being kept at arm's length by party insiders because she doesn't consult them before taking positions on issues, indicated a strong intention to remain a candidate through the primary.
In the lieutenant governor tally, 21 votes were cast for Chet Beiler of Lancaster County, the GOP candidate for state auditor general in 2008. Beiler bested Bucks County Commissioner Jim Cawley, who collected 18 votes, and seven other hopefuls.
The southwest caucus includes party leaders from 11 counties -- Allegheny, Armstrong, Beaver, Butler, Cambria, Fayette, Greene, Indiana, Somerset, Washington and Westmoreland.
Cloud Computing in 2012
By Scott Cleveland ebiz
Let's define Cloud Computing ...
From Wikipedia - Cloud computing is a paradigm shift whereby details are abstracted from the users who no longer need knowledge of, expertise in, or control over the technology infrastructure "in the cloud" that supports them.
Gartner Group is predicting that cloud computing will become so pervasive that by 2012, one out of five businesses will own no IT assets at all. The shift toward cloud services hosted outside the enterprise's firewall will necessitate a major shift in the IT hardware markets, and shrink IT staff. If the ownership of hardware shifts to third parties, then there will be major shifts throughout every facet of the IT hardware industry.
My Thoughts...
Gartner's Cloud Computing Prediction
I don't believe that companies will create an IT strategy that is 100% cloud or the opposite. I believe that there will be a mixed strategy that includes both. They might choose Google to provide their Email while their ERP [the lifeblood of most companies] will be hosted internally. And, I don't see 20% of companies drawing up and executing this plan by 2012.
What does this have to do with BPM?
BPM is about managing business processes. We manage processes to increase revenues, decrease costs and improve customer relationships. And, you can manage business processes without using any software - it has been happening for years.
I see cloud computing as an implementation philosophy. BPM software solutions can be implemented on site or in the cloud. An observation: Most companies adopt the position that they need to control the data - therefore they believe that it needs to be running within the walls of their environment.
State considers expansion of court system for veterans
By Mark Scolforo
THE ASSOCIATED PRESS
HARRISBURG — Pennsylvania's first special court for nonviolent criminal defendants who happen to be military veterans got up and running in Pittsburgh last fall on the Marine Corps' birthday.
Since then, veterans courts have begun operating in Scranton and Philadelphia; next week in Harrisburg, a statewide task force will hold its first meeting with the goal of expanding the effort to courthouses across the state.
Delaware, Chester, Bucks, York and Erie counties are looking at the issue.
The "problem-solving courts" approach is not new, having been used in Pennsylvania and many other states to deal with mental illness, domestic violence and substance abuse by addressing underlying causes of defendants' misbehavior.
About three years ago, a judge in Buffalo set up the nation's first veterans treatment court, and the federal Department of Veterans Affairs is helping other states adopt similar procedures.
In Pennsylvania, the push is led by state Supreme Court Justice Seamus P. McCaffery, a Marine veteran who witnessed the link between criminal behavior, mental illness and substance abuse as a longtime Philadelphia police officer and city judge.
"It's not only proving to be effective, so beneficial for people with mental illness, it's also cost-effective," McCaffery said. "We're diverting people with mental illness out of the courts, getting them now the treatment that they need."
A report by the Administrative Office of Pennsylvania Courts said about 3,000 veterans are in state prisons, a figure that does not include those in county jails.
The veterans court approach brings in the medical resources of the VA and employs volunteer mentors who work with defendants. The cases are scheduled for the same courtroom on the same day, reinforcing a message that the defendants are not alone.
"We've noticed that when veterans are tried separately, they feel that no one understands," McCaffery said.
Michael E. Moreland, regional director for VA hospitals, including eight in Pennsylvania, said the agency is committed to helping any county that wants to establish a veterans court — a decision ultimately up to each county's president judge.
The idea is to tie together medical and psychiatric care with other veterans services such as housing and job training.
"Our goal is to reach veterans who have gotten into the legal system and help them get into treatment," said Moreland, who will co-chair the task force with McCaffery. "Then we can help them turn their lives around."
Veterans courts operate in Arizona, California, Georgia, Nevada, New York, Oklahoma and Wisconsin, said Karen Blackburn, the Pennsylvania court system's program administrator for problem-solving courts. About a dozen defendants are enrolled in the Allegheny County veterans court.
Oracle Announces Sun Java Roadmap
By Charles Babcock
InformationWeek
The nine month delay between the announcement of Oracle's planned acquisition of Sun Microsystems and its close was apparently put to some use: Oracle was ready with a roadmap of how it would mesh Oracle and Sun software as soon as the deal closed last week.
At a briefing Jan. 28, Oracle's Thomas Kurian, executive VP of product development, offered a detailed explanation of where specific pieces of both brands of software were headed.
Find out how to increase availability while reducing data center energy consumption
At the end of an exhaustive rundown, he offered this summary: "Our strategy remains to bring a complete integrated stack of hardware and software to deliver fundamental breakthroughs in performance, scalability, and high reliability There is no other vendor in the world that brings the breadth and depth and market-leading portfolio of software and systems that we do" In short, Oracle's software strategy is now harnessed to a hardware strategy.
"We have a very focused and crystal clear direction of what we want to do, down to features and function," he said in closing. "That will translate into a rapid integration and delivery of an integrated product ilne." In many cases, the interoperability of a Sun and similar Oracle product will be assured first, followed by their integration into one product. Customers may continue with the product they have or adopt a new, combined product with features of both.
Kurian's first priority was to emphasize that Oracle wants to improve the performance of the Java programming language for over nine million developers using it. Oracle wants to "revitalize" the Java Community Process, the multi-vendor organization for ongoing Java development. Kurian would do that by "making the JCP a more participatory process to people from a variety of organizations." Java, he said, is one of the "crown jewels" coming to Oracle as a result of its acquisition of Sun.
Oracle gained the JRocket high performance Java virtual machine when it acquired BEA Systems. It will integrate JRocket technology with Sun's Hot Spot JVM to give Hot Spot greater modularity. That is, Oracle will organize JRocket into more discrete parts that work together.
Oracle will also seek to make Hot Spot a better performer when it encounters multi-core chips. One way to do that is to get the JVM to support "local garbage collection," the flushing of software objects and data that are no longer in use by a program for more efficient use of memory.
As a result of the acquisition, Oracle now owns its third Java application server, Sun's GlassFish, which will be maintained as the reference implementation of Java Enterprise Edition 6 and available for what Kurian referred to as "departmental application uses." In other words, small projects may start out with GlassFish, a free download as Sun open source code. Investment in its ongoing development will be continued, he added. Oracle will rebuild it around a microkernel architecture, he said.
On the enterprise level, however, Oracle said BEA's WebLogic remains its strategic product, and Oracle Application Server is still offered as a secondary product. Java application servers were one of the few highly profitable products to emerge in the early development of Java. After Kurina spoke, Oracle CEO Larry Ellison conceded that Oracle and other application server vendors had probably made more money on Java than Sun, which entered the application server market late as it tried meld together models from NetDynamics, acquired in 1998, and Netscape. "We will share technology across WebLogic and GlasssFish," he said.
Next page
Federal IT Budget Grows To $79.4 Billion
By J. Nicholas Hoover
InformationWeek
President Obama's fiscal 2011 budget includes $79.4 billion for federal IT spending, a 1.2% bump from the $78.4 billion 2010 budget level.
That number includes bullet point like $364 million for the operations of the Department of Homeland Security' National Cyber Security Division, a 30% increase in the budget for the Federal Adviation Administration's next-generation air traffic control system, new spending on health IT and increased spending to upgrade IT at the Small Business Administration.
From the exhibit floor at Interop Las Vegas 2009, InformationWeek Global CIO editor Bob Evans explains the issues on attendees' agendas, including cloud computing, virtualization, unified communications, and reducing infrastructure costs.
The budget also lays out a number of key administration strategies for IT over the next year. For example, data center glut has become a major problem for the federal government, with the number of federal data centers jumping from 432 in 1998 to more than 1,100 last year, and the administration hopes to reverse this trend, it notes in the budget. Though the timing is unclear, the Office of Management and Budget plans to release a strategy to reduce both the number and cost of federal data centers.
The budget paints government cloud computing efforts -- which federal CIO Vivek Kundra has looked toward as a partial solution to some of the government's data center problems -- with a broad brush, saying only that, "after evaluation in 2010, agencies will deploy cloud computing solutions across the government" and pointing to both Apps.gov and the importance of security in cloud computing.
The administration also plans to centralize provision of a number of IT services for non-military agencies, a strategy largely untapped in the past. One of those platforms will be a government-wide collaboration platform to be deployed in 2011, and another will be a platform for geospatial data. "This approach could prevent billions in increased costs across the federal government over the next few years," the budget projects.
Open government remains a key part of the administration's IT efforts. The budget notes plans to re-launch the USASpending.gov platform with new data, expand the use of Data.gov, develop a Citizens' Services Dashboard to provide transparency into customer service, launch a Web-based "Challenge Platform" to allow citizens to participate in solving particular government problems, launch a new government regulations Website, work to release more data on research and development spending, and review the Paperwork Reduction Act and the Federal cookies policy.
Performance management is another key part of the administration's forward-looking IT strategy. For example, the budget disclosed that Kundra has begun holding "TechStat" sessions with agencies, using the IT Dashboard to help "detect IT problems early, reduce waste, and increase the rate of successful project completion."
In terms of cybersecurity, the budget includes plans to unveil a cybersecurity dashboard in the spring, improve its collection of cybersecurity spending, implement new metrics for use in 2010 Federal Information Security Management Act reporting,
Other plans include some procurement and workforce efforts. For example, the administration plans to help the government further pool its IT purchasing power by encouraging the expanded use of online purchasing Websites. To analyze federal IT workforce needs, the federal CIO Council will carry out a government-wide survey of federal IT pros in 2010.
In other tech spending, the 2011 budget propses $4.0 billion for networking and information technology research and development, $3.7 billion in funding for science, technology, engineering, and mathematics education, an additional $418 million in broadband spending, and a budget increase for the National Institute of Standards and Technology.
Google Chrome takes market share from Firefox and IE
AHARON ETENGOFF - TG Daily
Google Chrome has managed to capture at least 5 percent of the browser market share from rivals Internet Explorer and Firefox.
According to NetApplications, the popular browser ended January with a share of 5.2 percent, up 0.6 of a percentage point.
The increase, which was slightly less than Chrome's recent jump during December, was the browser's second largest since its release in September 2008.
"Chrome has doubled its share since July 2009," explained ComputerWorld's Gregg Keizer.
"IE, meanwhile, lost half a percentage point to end January with a share of 62.2 percent, another record low in a long decline that cost Microsoft's browser 10 percent of its share in the past year alone."
Keizer warned that IE was in danger of "slipping" below the 50 percent mark by April, 2011 if it maintained the pace of the last three months.
However, Keizer emphasized that Mozilla's Firefox share also declined - by 0.2 of a percentage point to 24.4 percent.
"Firefox has yet to hit the magic 25 percent mark, having come closest in November 2009 before growth stalled," added Keizer.
AT&T 3G version of Nexus One coming
by Marguerite Reardon - cnet
A new version of Google's Nexus One smartphone will apparently arrive soon for use on AT&T's 3G wireless network.
Customers are already able to buy an unlocked version of the Nexus One for $529. But the Android-based phone, which was launched last month, supports GSM radio frequency bands. The only 3G wireless bands that it supports are on T-Mobile USA's network.
This means that customers wishing to use the "unlocked" phone on AT&T's network can access only AT&T's 2.5G or EDGE network. And even though AT&T has been criticized for network quality, the company has a much larger 3G footprint than T-Mobile.But soon customers wanting the Google Nexus One will have an option. According to documents filed at the Federal Communications Commission, a new version of the Nexus One will operate in the 3G wireless bands for WCDMA Bands I, II, and V, which are used by AT&T and Canadian wireless providers Rogers, Bell Canada, and Telus Mobility. The device will likely work throughout most of Europe, too.
This means that a version of the phone will likely be available for these networks soon. Google has already said that it will make a version of the phone that can be used on Verizon Wireless and Sprint Nextel's networks. That version is expected this spring.
The documents filed with the FCC show the new label that will be on the latest Nexus One phone. When compared with the label on the original Nexus One, the FCC IDs are identical except for one number. The new device has the FCC ID NM899110. The old Nexus One has FCC ID NM899100. The fact that the new label is only off by one number is a good indication that the new phone is a variation of the previous device.
New attack against IE could expose all files on a victim's PC
By Angela Moscaritolo - SC Magazine
Microsoft's popular Internet Explorer web browser suffers from several minor flaws, which, when combined, can allow an attacker to read all the files on a user's computer, according to researchers at penetration testing vendor Core Security Technologies.
This new security issue came to light just days after Microsoft delivered an emergency patch to correct several other IE vulnerabilities, including at least one that was used in the recent attacks against more than 30 brand companies.
Jorge Luis Alvarez Medina, a security consultant at Core Security Technologies, is scheduled to give a presentation on Feb. 3 at the Black Hat conference in Washington, D.C., demonstrating how an attacker could leverage four to five flaws in design features of Internet Explorer to read every file on a user's computer. Following the presentation, Medina plans to release proof of concept demonstrating the attack, as well as further details on the flaws.
“Its not a presentation about how to exploit a bug in the browser, but how to take advantage of different, legitimate features of IE to deploy an attack vector,” Medina said. “Those features that are part of this attack are not vulnerabilities in and of themselves, but features that involve minor risk.”
While each bug poses a low security risk on its own, they can be combined to launch the attack, Medina said. IE versions 8 and earlier are affected.
“All an attacker needs is for a victim to click on a link and that's it,” Medina said. “An attacker would be able to read every file from a victim's machine.”
Core Security researchers have been working with Microsoft to fix the issues for some time, Medina said.
Microsoft is investigating the issue and has not identified any attacks in the wild, Dave Forstrom, group manager, Microsoft's Trustworthy Computing, said in a statement sent to SCMagazineUS.com.
“Once we're done investigating, we will take appropriate action to help protect customers,” Forstrom said. “This may include providing a security update through the monthly release process, an out-of-cycle update or additional guidance to help customers protect themselves.”
Medina, however, said that some of these minor bugs “will probably never get fixed.” Since the attack leverages flaws that exist in legitimate IE features, Microsoft cannot fix all the problems without impacting existing applications, he said.
“Some of them cannot be fixed as they are needed for different applications to run properly,” Medina said.
Meanwhile, Microsoft recommends users upgrade to IE 8, sign up for Microsoft Update and enable the automatic update functionality to ensure their browser is up to date with the most secure version.
Mobile Touch Screens Could Soon Feel the Pressure
A quantum switch could add pressure sensing to mobile screens.
By Duncan Graham-Rowe - Technology.Review Published by MIT
Forget swiping or pinching--the next generation of portable touch-screen devices will be able to distinguish between a gentle touch and a hard poke.
Peratech, a U.K. company, has signed a $1.4 million deal to license its pressure-sensing touch-screen technology to Japanese screen manufacturer Nissha, which makes displays for companies including LG and Nintendo. Peratech's technology is one of several approaches that can be packed into portable devices. But it uses a novel quantum mechanism to sense pressure, and this promises to be more sensitive and more efficient than the other approaches.
Peratech, which was spun out of a research lab at Durham University in 1996, uses an electrically conductive material dubbed a quantum tunneling composite (QTC). Quantum tunneling occurs when electrons jump between two conductors that are brought close together, but remain separated by an insulating barrier. In Peratech's switches, a polymer acts as the insulating layer. It is embedded with spiky, conductive metallic particles, each about 10 nanometers in size.
"These are polymer materials that change their resistance as force is applied," says Philip Taysom, Peratech's CEO. So as force is applied, these particles are brought closer together. "As they come into proximity, they allow quantum tunneling," he says.
The approach allows Peratech's QTC sensors to be extremely thin: just 75 micrometers thick. The sensors line the perimeter of a display. When pressure is applied and the screen bends very slightly (as little as two micrometers), the switches detect this change. By comparing the readings from the sensors with sensory data from the touch screen, it is possible to tell precisely where, and how hard, the screen is being pressed.
Patrick Olivier, a human-computer interaction and computer graphics expert at Newcastle University, in the U.K., says that pressure sensing has largely been limited to large screens with cameras mounted behind them. An example is Microsoft's tabletop system, called Surface. This approach works by using a technique called frustrated total internal reflection, where the camera detects light from within the screen itself as it is refracted by a finger that makes contact with the screen.
Jeff Han, founder of New York-based Perceptive Pixel, a company that has pioneered the development of large pressure-sensitive, multi-touch interfaces, says that Peratech's approach is one of many that could bring pressure sensing to mobile devices. "There have been many efforts to augment touch screens with strain gauges or force-sensing resistor sensors situated at the mounting points of the screen.
Cisco Protocol Simplifies Telepresence
Early Cisco Telepresence Interoperability Protocol (TIP) licensees include LifeSize, RADVISION and Tandberg.
By Sean Michael Kerner - internetnews.com
Companies that need to use telepresence technology to communicate with their customers, partners and employees on multiple communications platforms will find life a bit easier with Cisco's new Telepresence Interoperability Protocol (TIP). Enterprise Networking Planet breaks down what every IT administrator wrestling with incompatible real-time communications and collaboration applications needs to know.
Ever tried having a telepresence meeting with a user that has a different system that yours? It's not easy. That could be about to change thanks to a new telepresence interoperability initiative from networking giant Cisco (NASDAQ:CSCO).
The Cisco Telepresence Interoperability Protocol (TIP) effort is a free protocol licensed by Cisco, that enables multi-vendor conferencing. Initial licensees include LifeSize, RADVISION and Tandberg. LifeSize was recently acquired by Logitech for $405 million and Tandberg is in the process of being acquired by Cisco for $3.4 billion. While TIP is not an open standard itself, it builds on existing standards to enable interoperability.
"The Telepresence Interoperability Protocol builds on SIP and is used between media endpoints to signal information related to the various media streams involved in an immersive Cisco TelePresence call," Cisco spokesperson Jacqueline Roy told InternetNews.com. "With open standards such as SIP, we’re able to deliver interoperability with standard and HD video conferencing systems and other collaboration applications while preserving the experience."
While TIP itself is not an industry standard, Cisco overall is active in standard bodies and today's TIP announcement is an early step for interoperability standards in telepresence.
Read the full story at Enterprise Networking Planet:
Cisco's Telepresence Interoperability Push
CIOs See 2010 IT Economic Outlook Improving
With renewed optimism and strengthening balance sheets, IT execs see opportunities in security, healthcare, green IT and virtualization.
By CIO Update Staff
A new survey of CIOs finds they are increasingly optimistic that 2010 will be a year where they get to actually roll out new technologies and upgrade aging equipment. CIO Update has the details.
The CompTIA IT Industry Business Confidence Index experienced its largest jump ever in December 2009, reflecting renewed optimism and strengthening balance sheets among IT companies. The December rating jumped 6.3 points to 56.6, marking the first time net positive opinions exceeded net negative opinions. The December results come on the heels of a relatively stagnant confidence reading for most of 2009.
Over the next six months, IT industry executives expect further strengthening of the U.S. economy, the IT industry and their companies. The group forecasts an additional 6.5 point increase in confidence, moving the rating into a solidly positive range on the 100-point scale.
"Many macro-economic indicators have improved over the past six months, lending factual support to the positive perceptions of IT executives," said Tim Herbert, vice president, research at CompTIA, in a statement. "Yet some big unknowns still loom, such as unemployment, the impact of public sector debt and the tight lending and credit market. Until these factors start to turn around, exuberance about an economic recovery will rightfully be tempered."
The impact on the IT industry will be evident as executives perform the delicate balancing act of investing in the future, through research and development and new business investments, while at the same time maintaining cutting costs, Herbert said.
2010 IT Industry Economic Outlook Looking Up
Voters back constitutional convention to reform Pennsylvania government
By Brad Bumsted
TRIBUNE-REVIEW
HARRISBURG — Nearly three of four Pennsylvanians favor a constitutional convention to address state government reform issues, and most voters haven't made up their minds about Republican or Democratic candidates in the May 18 primaries for governor, a poll shows.
With 69 percent undecided, Attorney General Tom Corbett of Shaler holds a more than 4 to 1 lead over state Rep. Sam Rohrer of Berks County in the Republican gubernatorial primary, according to the poll released Tuesday by Franklin & Marshall College. The poll, conducted for the Tribune-Review, WTAE-TV and other news outlets, showed Corbett with 23 percent and Rohrer with 5 percent. Three percent chose "other."
"Voters of the state are disenchanted with state government and the state Legislature and believe fundamental change needs to take place," said poll director G. Terry Madonna. The governor's race "hasn't taken shape yet with voters. The reason is, there hasn't been any public outreach yet to voters, taking to the airwaves."
Among Democrats, Allegheny County Executive Dan Onorato of Brighton Heights led with 10 percent, while Auditor General Jack Wagner of Beechview, Scranton Mayor Chris Doherty and Montgomery County Commissioner Joe Hoeffel each garnered 4 percent. But 75 percent of those polled were undecided, and 4 percent selected "other." Philadelphia businessman Tom Knox, who dropped out of the race last week, had 2 percent of the vote.
The poll surveyed 1,165 adults, of whom 993 were registered voters. The margin of error overall is plus or minus 2.9 percentage points. For registered voters, it's 3.1 percentage points. Among 443 registered Democrats, the sampling error is 4.7 percentage points. And it's 4.8 percentage points among 416 registered Republicans. The poll was conducted over a seven-day period through Sunday.
Of adults polled, 53 percent said Pennsylvania is on the wrong track.
Elizabeth Cipriani, 61, of Castle Shannon wants change after nearly eight years of Democratic Gov. Ed Rendell.
"I thought he was good when he started; then I realized how big his pockets were getting," said Cipriani, who responded to the poll and considers herself an independent voter who leans toward Democrats. "He gives raises to all his friends and compadres."
Poll participant Anna Marie Fisher, 86, of Uniontown, a retired beautician and registered Republican, said she doesn't recognize either Corbett's or Rohrer's names.
"I don't have enough information on both of them," Fisher said.
The economy and jobs resonate as a top issue with voters, followed by taxes and government spending.
In a separate question, 78 percent of those polled see a need to reform state government. Overhauling campaign finance laws, changing the structure and operation of the Legislature, and considering term limits attracted strong support, the poll showed, as did looking at how state and local governments are financed.
Asked whether a review of the laws governing how the state is structured and run needs to be addressed at a constitutional convention, 72 percent favored it to some degree. The last such convention was in 1967.
In Pennsylvania's U.S. Senate race, health care was the top issue.
Incumbent Sen. Arlen Specter, a Democrat since an April party switch, doesn't deserve re-election, those polled said by a 60 to 29 percent margin, with 11 percent undecided.
Yet Specter, of Philadelphia, holds a commanding 30 to 13 percent lead over U.S. Rep. Joe Sestak of Delaware County in the Democratic primary, according to the poll. Half of the state's Democrats were undecided, and 7 percent chose "other."
A theoretical November general election matchup between Specter and Republican Pat Toomey, a former congressman from Allentown, showed each with 30 percent of the vote, with 35 percent undecided and 5 percent favoring "other."
Among likely voters, Toomey leads Specter, 40 to 31 percent, and leads Sestak 41 to 39 percent. The margin of error is higher, 4.9 percentage points, among 395 likely voters.
Computer system improves police work
By The Tribune-Review
The Pennsylvania State Police has a new computer system for issuing traffic tickets that officials say improves safety and uses troopers' time more efficiently.
The department says issuing tickets takes about half the time it used to, so troopers spend less time exposed to traffic. The system lets the state police send citations to district courts electronically.
Tickets are being issued on legal-size thermal paper that's considered less confusing than the old carbon copy tickets. The software provides automatic checks of state and national databases of drivers' license and registration information.
Next Up For CIOs: "Smart Computing?"
By Sharyn Leaver - The Forrester Blog for CIO's
I’ve met many CIOs, all with their own unique challenges and approaches to overcome them. But despite their differences, all CIOs ask me the same question: “what is the next big technology trend that I should look out for?”
It’s a tough question — not because there is a shortage of emerging tech trends out there. The tough part is whittling down all of trends to the really big ones — I mean the ones that could really change the way we do business. So all through 2009, my answer was: 1) consumerization of IT (what we at Forrester refer to as Groundswell), 2) lean IT, and 3) cloud computing. For those interested, you can still view the Three Tech Movements CIOs Should Know webinar I did with colleagues Ted Schadler and John Rymer late last year.
But there may be another — one that frankly has been hanging around for years, but hasn’t hit the big time, so to speak: Smart computing (FYI — you can replace “computing” with your favorite second word like “technology” or “grid” but I’ll stick with “computing” for simplicity's sake). What is Smart Computing? Smart Computing extends existing technologies by adding new real-time situation awareness and automated analysis to help firms solve smarter and more complex business problems. My colleague Andrew Bartels recently penned, “Smart Computing Drives The New Era Of IT Growth” which can give you more insight.
Like I said, it’s a concept that’s been around for a while — showing its face in stalled RFID deployments and interesting sensor experiments. But new advances and focus by tech giants like IBM and Oracle could finally push it into the mainstream. Many tech pundits (Forrester not withstanding) have pegged Smart Computing as the next big thing. But has it crossed the CIO’s radar yet? Is Smart Computing on the horizon in your organization? And if so, how will Smart Computing change your role in the organization (if at all)?
I would love to hear your thoughts on Smart Computing and what it means for your role in IT and the business.
IT execs expect upturn, survey finds
By Lance Whitney - cnet news
IT executives are feeling optimistic about a possible sector recovery this year, according to a new survey from CompTIA.
Following a wave of well-deserved pessimism that lasted most of 2009, executives were more upbeat when surveyed by the tech trade association in December. The new outlook prompted the rating for CompTIA's third IT Industry Business Confidence Index to jump 6.3 points to 56.6 out of 100.
With a rating higher than 50, the index now marks the first time positive sentiments outshone negative ones. The first two indexes from July and September of last year both scored under 50.
Over the next six months, IT executives are expecting further growth in the economy, the IT industry, and their own companies. If all goes well, CompTIA expects its confidence index to rise another 6.5 points this year, pushing sentiment firmly into positive territory.
Among IT executives surveyed, 34 percent said they're likely to boost spending over the next six months, and 31 percent plan to hire more staff. On average, most see global IT spending rising 2 percent to 4 percent this year, with growth in the U.S. slightly lower. Executives also forecast that their own IT services will rise anywhere from 2.5 percent to 5.5 percent in 2010.
Identifying growth technologies and markets for the year ahead, those surveyed cited four key areas: security products and services, health care IT, green IT, and virtualization.
Seventy-five percent said consumer tech will increasingly influence corporate tech, 80 percent said more businesses will look at cloud computing models such as software as a service, and 78 percent felt that companies will rely more on telework, virtual offices, and other mobile ways of working.
But those questioned conceded that the economy is by no means out of the woods yet.
"Many macro-economic indicators have improved over the past six months, lending factual support to the positive perceptions of IT executives," Tim Herbert, CompTIA's vice president of research, said Monday in a statement. "Yet some big unknowns still loom, such as unemployment, the impact of public sector debt and the tight lending and credit market. Until these factors start to turn around, exuberance about an economic recovery will rightfully be tempered."
As 2010 unfolds, IT will also face challenges trying to juggle the goal of investing in R&D versus the pressure to rein in costs.
CompTIA, short for the Computer Technology Industry Association, is a nonprofit trade association that offers certification, research, and other services to IT professionals. To compile its Business Confidence Index report, CompTIA surveyed executives from more than 300 U.S. tech companies in mid-December.
Ethernet aimed at data center virtual machines
By Jim Duffy - IT World
Combatants in the data center wars keep reloading. This week, two switching vendors -- Extreme Networks and Voltaire -- unveiled Ethernet gear designed to support the growing number of virtual machines moving around data centers, and provide a bridge to legacy environments such as Infiniband.
Ethernet everywhere!
The move by these two smaller players come as larger combatants like Cisco, Juniper, Brocade, HP and IBM continue to stock their arsenals and line up allies for what is certain to be a long battle for control of enterprise and service provider data centers. Later this quarter, Cisco is expected to roll out 10G data center and virtualization tools, and perhaps this week discuss enhanced partnerships at its Networkers conference in Barcelona.
And new Ethernet standards are being defined to help manage the growing number of switched VMs. That's an area where Extreme is targeting its new products -- modules for its BlackDiamond 8900 core switch and a new Summit X480 stackable edge switch. Both support large MAC and IP address tables corresponding to the growth of data center VMs.
The BlackDiamond 8900-xl modules do not increase port density on the core switch -- 582 10G ports per rack -- but they allow the switch to support 512K MAC and IP addresses per switch. This is an increase from 32k on the 8900.
The new Summit X480 edge data center switch also supports 512K MAC addresses. It, too, does not increase port density beyond the 24 to 48 10/100/1000 ports of Extreme's Summit X450a edge switch, which supports 16k MAC and IP addresses.
The BlackDiamond –xl modules start at $15,995. The Summit X480 costs $9,995 for copper and $11,995 for fiber. Both products will be available later this quarter.
To connect an Extreme -- or any vendors' -- Ethernet environment to installed Infiniband fabrics, Voltaire rolled out the GridDirector 4036E gateway. The 4036E sports 34 non-blocking 40Gbps InfiniBand ports and two 1 or 10 Gigabit Ethernet ports. It can bridge traffic in less than 2 microseconds, Voltaire claims, at less than 100 nanoseconds of latency.
The1U Infiniband switch can be used in financial services for multicasting real-time market data feeds, and in high-performance storage and clustered database applications. It will be available later this quarter at $1,000 per port.
Office 2010 Coming Ahead of Schedule?
Microsoft CEO Steve Ballmer's remarks hint at an early delivery.
By Stuart J. Johnston - internetnews.com
Despite many challengers, Microsoft Office is still the dominant suite of productivity applications in most enterprises. So any news that the software giant is readying a new version of Office is a big deal.
There's one perk that Microsoft's Steve Ballmer likes to exercise, as much as the CEO's handlers might like him to stifle some of his out-of-the-blue statements. The head of Microsoft (NASDAQ: MSFT) can announce anything he wants, even unrealistic ship dates for important products.
Last week, in a speech to the Nashville Technology Council at Trevecca Nazarene University in Nashville, Tenn., Ballmer pulled a classic. The outspoken CEO either got a little ahead of his developers or he pre-announced early availability of Office 2010. It wouldn't be the first time for either scenario.
"You'll see the new version of Office [2010], which comes out here in just a couple of months," Ballmer told the audience. He didn't elaborate, however.
That may be news to the Office development team. On Dec. 1, the company announced that Office 2010, the successor to Office 2007, will ship right when it was first promised -- in June 2010.
Hackers ran detailed reconnaissance on Google employees
By Phil Muncaster - V3
The hackers who infiltrated the computer systems of Google earlier this month first carried out sophisticated reconnaisance and may even have posed as friends of Google employees, according to McAfee chief technology officer George Kurtz.
In a project dubbed Operation Aurora by the security giant, hackers are likely to have used sophisticated social engineering techniques and advanced reconnaissance work to target individuals at the companies who had access to sensitive data.
"In this case we saw a lot more reconnaissance done upfront, which is a shift people may not have been aware of," Kurtz told V3.co.uk.
"Speaking generically, we're seeing a lot more targeted attacks where people focus on [employees with] the highest set of privileges, and then work backwards, gaining access to secondary parties to get to the primary source."
This could involve compromising the social networking accounts of employees' friends, then sending them malicious links which they are more likely to click on because they appear to come from a friend.
The technique is not new, but it would be the first time it has been detailed in such a high-profile attack.
Kurtz added that the incident could actually be good for enterprise security in the long run by showing chief information officers that anti-virus and firewall capabilities are not enough.
"We know government-on-government attacks happen all the time, but an alleged government attack on the commercial world is a different story," he said. "It has shed additional light to force upper management to say: 'Are we doing enough?'."
IT isn't a business
By Scott Wilson - CIO Weblog
So alleges Bob Lewis in an excellent InfoWorld article dissecting the traditional perspective that IT departments should operate as internal mini-businesses with other departments within the company as their customers.
Internal customers, Lewis says, simply encourage both IT and other departments to behave with a "the customer is always right" attitude that frequently puts uneducated users in the driver's seat with respect to technical decisions better left to IT experts. Moreover, as with most supplier/customer arrangements, the interests of both parties are fundamentally opposed... what is best for the customer isn't best for the supplier, and vice versa. A common feature of such implementations, departmental chargebacks for the use of IT resources, is inconvenient to corporate strategic planning and defeats much of the point of keeping any IT services in-house... inefficiencies abound in such systems. And as Joe McKendrick points out in his take on the article, setting IT up as just another provider puts it up against external suppliers with whom it will frequently compare unfavorably... a significant and growing threat as CIOs find more and more of their traditional role usurped by low-cost, easily engaged SaaS firms.
I had thought this outmoded model was already on the wane, driven aside by practicality and a growing understanding that the best strategic use of internal IT resources is in partnership with other business units, not in subservience to them. If the whole business/IT alignment kerfuffle that has played out over the past couple of years hasn't been about exactly this subject, then what has it been about? If "aligning IT with the business" didn't mean integrating IT with the rest of the business, as Lewis suggests, what exactly was the point?
But Lewis says this isn't an emerging consensus, or a growing trend, but instead a guerilla approach that is still off the radar in most IT organizations. I hope he's wrong; it hasn't been what I have been seeing recently, but I don't work with enterprise IT shops, and perhaps the inertia of those large organizations has been outpaced on the whole alignment thing by the smaller and more nimble companies I work with. If so, that's bad news for enterprise IT, and specifically for enterprise CIOs, because they are going to continue to look very bad compared to increasingly adept and specialized outsourcing solutions, all of which are becoming easier and easier to engage and use without any need for corporate IT to get involved. As I have said before, the end-state of such a situation, sooner or later, is with the CEO and board ultimately realizing they don't need and shouldn't be paying a CIO to head up a massive internal IT organization.
Mozilla releases Firefox 3.6 with new security feature
By Angela Moscaritolo - SC Magazine
Mozilla on Thursday released an updated version of its Firefox web browser to include a new feature to detect out-of-date plug-ins, Mozilla said in its release notes.
Firefox 3.6 will warn users if one of their plug-ins, such as Adobe Flash Player or Windows Media Player, is outdated, Mozilla said. Having an outdated plug-in could expose users to security vulnerabilities.
Users will see the warning if they visit a web page that uses the out-of-date plug-in. The warning will take users to a site where they can download the latest version of each outdated plug-in.
Older versions of Firefox (3.5.3 and 3.0.14) warn users if their Flash Player plug-in is not up to date, but this feature has been expanded in version 3.6 to warn users if any plug-in is vulnerable, Mozilla said.
The updated browser also includes stability improvements that decrease the number of crashes caused by third-party software, Mozilla said. In addition, Mozilla said the new browser is more than 20 percent faster than Firefox 3.5, has improved JavaScript performance, and contains a feature that allows users to customize the theme of their browser.
The new version does not contain any security fixes.
End-to-End Encryption: Beyond PCI Compliance
By Paul Meadowcroft
E-Commerce Times
Prior to the creation of PCI DSS, cardholder and payment-related data was highly insecure. While the regulation has significantly improved the state of information security within the payments infrastructure, it only addresses the more obvious areas of vulnerability.
The Payment Card Industry Data Security Standard (PCI DSS) has undoubtedly made a significant improvement to the security of cardholder account numbers and other sensitive information within the payment card infrastructure. The standard lays out a strong set of requirements that merchants, acquirers and processors must follow.
However, complying with PCI DSS should not be considered a silver bullet for protecting information and battling fraud. Consider that many of the companies victimized by data breaches in the past several years were, in fact, found to be PCI-compliant prior to the breach.
As fraudsters become more sophisticated and develop tactics for identifying and exploiting a given system's vulnerabilities, it is important that organizations across all industries realize that comprehensive data protection requires technologies and processes that extend beyond the basic requirements outlined by PCI DSS.
Specific reference to the use of encryption is increasingly found in privacy mandates and industry best practices that attempt to go beyond the traditional focus on "people and processes." Furthermore, encryption is often favored by regulators and policy makers because of the black-and-white nature of the technology. Data is either encrypted or it is not, which in theory means it is either secure or not -- a very measurable parameter that is well received by auditors and regulators.
While PCI DSS mandates data encryption at various points in the payments cycle, it does not explicitly prescribe end-to-end encryption -- the most sophisticated and successful approach for protecting sensitive cardholder data and other information. Only by implementing end-to-end data protection throughout the entire payment ecosystem can the industry actually achieve the needed security for sensitive data. An example of this is how PIN data is protected in today's environment -- from the point of entry all the way to the Issuer.
Substantiating this approach, Visa (NYSE: V) recently issued its global industry best practices for data field encryption, also known as "end-to-end encryption." Included in Visa's best practices is guidance to use robust key management solutions and encryption consistent with international and regional standards. This includes the management of encryption/decryption keys within Secure Cryptographic Devices such as PIN Entry Devices (PEDs) or Hardware Security Modules (HSMs).
However, despite the growing recognition of the benefits of encryption, there remains a general lack of understanding about deploying and, more importantly, managing the process.
The Key to Simplified Encryption
IT and security administrators often consider encryption to be a costly, time-consuming endeavor that requires a great deal of day-to-day management and slows down other processes. However, these concerns have been addressed as enhanced encryption technologies have come to market.
The true challenge that companies face when it comes to deploying and managing the encryption process is controlling they keys -- the secret codes that have the power to unlock data.
As more and more organizations consider implementing end-to-end encryption, they must be able to manage an increasing number of encryption keys. This is crucial not only to prevent keys from being lost or stolen, but also for important operational reasons like on-demand recovery of encrypted data, automated updates and compliance reporting.
Once encrypted, information only becomes readable if the encryption key is available to unlock it. Consequently, the key becomes as valuable as the data it is protecting. This situation can be likened to the security of a home: Locking the house significantly increases the security of its contents, but if the key is left under the doormat, then the level of security is compromised.
In the same way, while end-to-end encryption is an effective approach to safeguarding sensitive data, encryption keys need to be stored and managed effectively in order to ensure that information remains secure.
An additional component of effective encryption key management is implementing a mechanism for securing the keys themselves. Usurping an encryption key is far easier than cracking the encryption, so this is where much criminal activity is focused. With encryption effectively impossible to break, the key management system becomes a natural target for attack. Consequently, deploying end-to-end encryption also requires that security officers establish a method for keeping the keys protected at all times.
While it may appear that key management creates a tremendous burden for organizations considering end-to-end encryption, there are technology solutions and best practices that companies can implement to simplify the key management process.
Good Key Management
To simplify and secure the key management process, techniques to provide enhanced physical and logical security in hardware have become well established. It is worth noting that keys stored using software are subject to attack by Trojans, other forms of spyware, or even malicious use of debugging and system-maintenance tools.
To that end, many companies that deploy end-to-end encryption use hardware security modules (HSMs) to properly store, manage and secure keys. This fundamental approach is reinforced in Visa's best practices for data field encryption. What's more, security certifications such as the Federal Information Processing Standard (FIPS) and Common Criteria have helped organizations evaluate the design of these devices to ensure that they are implementing the most robust protection technologies available.
One of the issues when dealing with key management is that in many cases the different security solutions implemented in an organization have their own system and methodology for managing keys. As a result, security administrators are faced with the challenge of having to manage keys in different systems without a common process or framework.
However, several initiatives under way aim to provide standards that can help in the development of common methods for exchanging and managing keys between systems. These include key management standards such as IEEE 1619.3 and the OASIS Key Management Interoperability Protocol (KMIP). As these standards find their way into general adoption, the situation for centralized and uniform key management will improve, allowing security administrators the ability to bring all key management under a unified umbrella.
Measures such as these will help enable organizations to implement cohesive key management strategies moving forward. Once a well thought-out approach to key management is established, effective security policies, reporting practices and, ultimately, a stronger sense of control over data will be achieved.
Bottom Line
Encrypting sensitive data throughout the payment cycle is among the most robust strategies for ensuring the continuous protection of systems, but organizations must understand their own specific security risks and proactively deploy appropriate security measures, such as end-to-end encryption.
Maintaining a security infrastructure that incorporates ongoing compliance with PCI DSS at its foundation remains a baseline of defense against potential data breaches, but organizations often face challenges when trying to properly implement and maintain encryption and the keys that unlock the information.
By thoroughly analyzing available key management technologies and standards, IT managers can identify the most appropriate solutions for their environments that will cost-effectively simplify the end-to-end encryption process.
These approaches will not only help all parties in the payments ecosystem meet and surpass PCI DSS requirements, but also ensure the long-term protection of sensitive information, and help eliminate the lasting negative consequences of a security breach.
Microsoft issues emergency "Google attack" patch
By Reporting by Bill Rigby, Jim Finkle and Anna Driver; Editing by Richard Chang and Robert MacMillan - Reuters
SEATTLE (Reuters) - Microsoft Corp on Thursday released a patch to protect users of its Internet Explorer browser from attacks similar to those directed at Google Inc's operations in China last week.
The world's largest software company, which said hackers targeting Google and at least 20 other companies in China exploited a weakness in its browser, said its new patch was "critical" and people should apply it as soon as possible.
Other hackers have begun to exploit the flaw, according to researchers with Symantec Corp, the world's biggest security software maker.
Symantec has found viruses that take advantage of the weakness in Microsoft's browser on some 100 websites, security researcher John Harrison said on Thursday.
They are dangerous because they can infect the PC of any user who visits those sites. Unlike less powerful viruses, it is not necessary for people to download software for their machines to become infected, Harrison said.
PCs are safe if they apply the patch, which resolves eight vulnerabilities in Internet Explorer, Microsoft said. The most serious could allow hackers to gain control of a computer remotely via Web sites people visit while using the browser.
"We're always working, we have fewer vulnerabilities
than our competitors," said Microsoft Chief Executive Steve Ballmer at an energy conference in Houston, addressing cyber-security concerns.
He gave no indication that Microsoft would change its business in China after Google threatened to quit the country last week. "We respect the laws of China, it's the only appropriate thing for us to do," he said.
The viruses Symantec has found only successfully attack Internet Explorer 6, though hackers could figure out how to break through the defenses of Internet Explorer 7 and 8, the most recent version of the software, Symantec's Harrison said.
Most Internet Explorer customers, who have automatic updating enabled on their systems, will not need to take any action on the security patch, Microsoft said. For manual updating, it directed users to its website (here).
Ruling could ease some Pa. campaign rules
By Tom Infield, Jonathan Tamari, and Dylan Purcell
Inquirer Staff Writers
When it comes to campaign finance in Pennsylvania, almost anything goes.
The Wild, Wild West climate in the nation's sixth-largest state permits individual donations of any amount to a candidate for state or local office.
In 2002 for example, 53 individuals donated $100,000 or more to Gov. Rendell's campaign, which raised a total of $42 million, still a Pennsylvania record. Federal law, by contrast, limits individual donations to $5,000 in elections for Congress and president.
But one thing that Pennsylvania's loosey-goosey law does prohibit is spending on behalf of candidates by corporations and labor unions.
Part of the ban on corporate spending - and probably on union spending, too - could be trimmed as a result of yesterday's U.S. Supreme Court decision in the case of Citizens United v. Federal Election Commission.
The ruling applied directly to federal races, but analysts said it opened the door for legal challenges to laws in Pennsylvania and 23 other states that bar corporations from advocating election of a particular candidate, typically in TV ads.
Pennsylvanians for Modern Courts, a court watchdog group, predicted that yesterday's decision would ultimately "open the floodgates to direct corporate and union spending in statewide judicial elections."
In New Jersey, the ruling is less likely to affect state law, said Jeff Brindle, executive director of the Election Law Enforcement Commission.
New Jersey already allows corporations and unions to support candidates. Contributions are limited to $3,400 for a candidate for governor and $2,600 for a legislative candidate - a ceiling that applies to both individuals and corporations.
The Supreme Court ruling isn't likely to overturn Pennsylvania's ban on direct corporate donations to a candidate, analysts said. But it will allow a corporation to go out on its own and support a candidate.
The only thing a corporation won't be able to do is coordinate its ads with the candidate's.
Gregory Harvey, a Philadelphia election lawyer, noted that the Pennsylvania law against corporate spending already had been stretched by a 2007 court case. The case was handled by State Attorney General Tom Corbett, now a candidate for governor.
Corbett, in a consent order, agreed that independent expenditures by corporations would be permitted in Pennsylvania as long as the corporation's ads didn't use words such as vote for or vote against when it came to a candidate.
"That has cut back the law in Pennsylvania considerably," Harvey said.
Under rules laid down yesterday by the Supreme Court, corporations will be able to use vote for or vote against, he said.
Harvey said that since 1943, Pennsylvania rules prohibiting corporate donations had been read to include union donations. He said he expected that the union ban would be lifted, as well.
At present, under federal and state rules, unions and corporations both organize political action committees. But the committees must raise their money from individuals.
Corporations typically tap their officers and shareholders for funds.
Unions, likewise, have had to appeal for individual donations. They have not been able to use member dues.
Catherine Ngo, of the Pennsylvania Public Interest Research Group, said the new ruling could be "particularly devastating in Pennsylvania because the prohibition of campaign spending from corporate and union treasuries is one of few limits on campaign finance here."
"The court's opinion on Citizens United has opened the floodgates for corporate coffers to influence elections," she said.
Microsoft and Intuit forge small business Web apps partnership
By Paul Krill - ITWorld
Microsoft is working with a company it once tried to acquire, Intuit, in an effort to boost delivery of Web applications to small businesses, leveraging cloud computing.
The companies plan to integrate the Intuit App Center online application store with Microsoft's Windows Azure cloud application deployment platform, enabling development of applications on Azure for access via App Center. Azure becomes a "preferred platform" for small business cloud application development on the Intuit Partner Platform.
[ InfoWorld's Savio Rodriguez says Intuit's open source play last year was all business. ]
Developers and channel partners can offer solutions to small business that use Intuit QuickBooks financial software. Applications ranging from CRM to event management to Web conferencing are anticipated.
"What we're doing for the developer is combining the Intuit Partner Platform and Azure," said Alex Chriss, director of the Intuit Partner Platform. Services will be provided for the applications including billing, authentication and data APis to connect to QuickBooks.
"This is basically bringing the Azure platform to all of those developers so they can quickly build cloud applications and have them integrated into the QuickBooks data stores," said Kim Akers, general manager of evangelism at Microsoft. "Then, [developers] have a channel so they can sell those applications that they just built."
"I think it's a pretty significant announcement for these two SMB-focused industry leaders to come together and work together," said analyst Sanjeev Aggarwal, founder and partner at SMB Group. Microsoft's recent discontinuance of its Microsoft Office Accounting software, which competed with Intuit, probably helped in bringing about the partnership, Aggarwal said.
"I'm sure that [lent] positive synergy to the deal," he said.
Azure will be named by Intuit as a "preferred platform" for small business cloud application development on the Intuit Partner Platform. Developers can access the free beta version of the Windows Azure SDK for Intuit Partner Program. Developers can use the Microsoft Visual Studio development platform or other tools.
Also as part of the announcement, Microsoft in the fourth quarter of this year plans to make available Microsoft Online Services applications, including Exchange Online, Office Live Meeting, and Office Communications Online via Intuit App Center.
Microsoft had tried to acquire Intuit in 1994 but later abandoned the effort after facing opposition from the U.S. Department of Justice.
Microsoft to issue "Google attack" browser patch
Reporting by Bill Rigby, editing by Leslie Gevirtz - Reuters
SEATTLE (Reuters) - Microsoft Corp said it will issue a patch to fix the old version of its Internet Explorer browser that allowed recent attacks on Google Inc's network in China.
The patch, due out on Thursday, "addresses the vulnerability related to recent attacks against Google and a small subset of corporations," said Jerry Bryant, senior security program manager at Microsoft. "Once applied, customers are protected against the known attacks that have been widely publicized."
Google said last week it had been the target of sophisticated cyber-attacks in China, along with more than 20 other companies. Microsoft acknowledged that the hackers took advantage of a weakness in Internet Explorer 6 to mount the attacks.
Microsoft said it continues to see some attacks, with the only successful attacks against Internet Explorer 6. The most recent version of the software is Internet Explorer 8.
IT Spending in 2010 to Grow 4.6 Percent: Gartner
By: Jeffrey Burt - eWeek
Gartner analysts are upper their projections for IT spending in 2010, calling for an increase of 4.6 percent based on the growing confidence in businesses in the economic recovery. The increase will return IT spending to 2008 levels, a year ahead of what Gartner originally projected. All areas of the industry, including computing hardware, software and IT services, will see an increase in spending.
IT spending worldwide will see a jump of 4.6 percent in 2010, according to research firm Gartner.
However, while the 4.6 percent figure—spending should reach $3.4 trillion for the year—is relatively modest, it’s a significant gain after recession-riddled 2009, when spending declined 4.6 percent, Gartner analysts said in its Jan. 21 release of the numbers.
The firm initially didn’t expect to see spending return to 2008 levels until 2011—it earlier had projected an increase of 3.3 percent—but that has changed, according to Gartner analyst Richard Gordon.
“This sounds like quite an upper revision, but we do, in fact, see global economic conditions improving, and we have seen that for the past six months or so,” Gordon said in a video blog.
Gordon said that confidence among businesses was improving, which should help loosen the purse strings a bit. In addition, the new 2010 projection was helped by the weakened dollar compared to 2009, he said.
Gartner’s spending projections come days after the analyst firm said that CIOs will see their 2010 budgets remain relatively flat following a difficult 2009, when their allowed IT spending fell 8.1 percent.
Gordon said businesses will spend about 1.6 percent more in 2010 on computer hardware as they look to replace their aging systems, particularly PCs. Hardware spending took a steep 13.9 percent drop in 2009.
“In the hardware space, we have seen significant interest in restocking,” he said, noting that the trend started in the second quarter of 2009 and is continuing into early 2010.
Businesses will increase spending in every area, including IT services, software and telecommunications.
Consumers will remain cautious on technology spending, Gordon said. Confidence is fragile, and the threat of layoffs remains. However, that should improve as the economy grows.
“As the years roll out, we will see the [consumer] spending pick up quite strongly as well,” he said.
Regionally, emerging markets—such as Latin America, the Middle East, Africa and Asia—which were least impacted by the recession, will lead the recovery, Gordon said. The recovery in IT spending in more established regions such as the United States, Western Europe and Japan will happen more slowly. Other areas, such as Central and Eastern Europe, will continue to lag.
Microsoft: U.S. Must Weigh In on Cloud Computing
By Kenneth Corbin - Internetnews.com
WASHINGTON -- Microsoft today made an emphatic pitch in the nation's capital urging Congress to enact legislation to support cloud computing, calling for a federal mandate to codify security and privacy protections for data stored on remote servers.
Here at the Brookings Institution think tank, Microsoft (NASDAQ: MSFT) General Counsel Brad Smith argued for the need to modernize the legal framework overseeing information technology to keep pace with the rapid migration to the cloud.
"In order to make the cloud a success, those of us in industry need to pursue new initiatives to address issues such as privacy and security," Smith said. "At the same time, the private sector cannot meet all of these challenges alone. We need Congress to modernize the laws, adapt them to the cloud, and adopt new measures to protect privacy and promote security."
Code Is the New Resume: How to Get an IT Job in Today's Economy
By: Amanda McPherson - eWeek
Code Is the New Resume: How to Get an IT Job in Today's Economy
( Page 1 of 3 )
Even as the unemployment rate grows, demand for Linux-knowledgeable developers is on the rise. In this economy, becoming trained in open source is a safe bet for expanding one's job prospects. The work of open-source developers lives in an open-source community where future employers can easily view a potential hire's work. By building expertise in Linux and open source as a long-term investment, Knowledge Center contributor Amanda McPherson explains how you can better position yourself to get that IT job you want.
I doubt there is anyone in the IT field who hasn’t been affected by the current economic downturn—either personally or through friends and family. I know scores of people laid off from their jobs but some, while still obviously upset, are taking it in stride since they are better positioned for success than others. What's their secret?
Their code—and thus their work—lives on in an open-source community, where it can easily be seen and used by many companies, not just the one who laid them off. They are open-source developers.
I'll give you an example of the difference this makes during an employment search, using employees named "Larry" and "Dmitri."
Larry has worked for Giant Widget Supplier (GWS) for 10 years, writing in C for an embedded, proprietary operating system that GWS uses in its products. When Larry lost his job this past fall, he posted his resume. He quickly received a few interviews, but none have converted.
His C skills are certainly translatable to other projects and companies, but it's harder for him to prove how translatable because his ex-employer won't let him show any sample code from their products. It's their product after all, and future employers find it harder to vet whether or not his work will directly translate to their environment. (Larry is still looking for employment, so contact me if you know of anyone.)
Dmitri, on the other hand, is a Linux developer. His power management code has been mainlined into the Linux kernel steadily over the last few years. He's even been invited to Kernel Summit. Behemoth Consumer Products (BCP) employed Dmitri for the last three years, for work on their version of Linux that they embed in their devices. They, too, hit a rough patch, and Dmitri is out looking for work.
Luckily for Dmitri, his colleagues in the Linux community all work for companies who use embedded Linux. It's easier for him to network, and employers don’t have to count on Dmitri for a description of his work. It lives in the open, in the kernel tree, for anyone to inspect. (He can even make it in the "Who Writes Linux" report that the Linux Foundation publishes every year.)
Demand for Linus Developers on the Rise
Smart Outsourcing: Avoiding the Pitfalls
By: Dr Sam De Silva, Partner, Taylor Walton Solicitors - IT-Director.com
Outsourcing continues to be a key part of many companies' supply and cost management strategy. The strategy has proven to be effective but brings with it significant risks that must be recognised and managed. In outsourcing, a company is relying on someone else to run certain business functions. If not properly managed, companies may negatively affect their operations and customers. Whilst there are a number of reasons for outsourcings to fail, the risks of failure can be managed with a well thought out and structured outsourcing contract.
The outsourcing contract should be a living document that directs and guides the parties throughout each of the stages of the outsourcing lifecycle; from engagement, transition to renewal or exit. Outsourcing arrangements are often long term relationships (contract periods of 5 to 10 years are not uncommon) and, as such, the outsourcing contract needs to be flexible and adaptable to the changes during the term. Changes in market practice, technology, pricing models, business strategies and the economic climate will result in parties having different objectives than they had at signing. The challenge is to develop an outsourcing contract that provides clarity and certainty whilst at the same time being sufficiently flexible to meet changing requirements. The following are examples of mechanisms which should be included in an outsourcing contract to ensure a "smart" outsourcing contract is developed:
- a change control procedure for processing and agreeing changes to the contact and schedules;
- contract management and governance provisions;
- technology refresh obligations and associated cost allocation;
- provisions for service measurement and regular review meetings;
- mechanism for price variations and rights to benchmark charges and services;
- flexibility to add or remove business/companies in connection with customer group restructuring activities;
- rights of partial termination and termination with appropriate financial compensation for the service provider;
- and practical remedies for dispute, including escalation, service credits, step-in rights and expert determination/mediation.
A substantial part of the detail in an outsourcing transaction is contained in the schedules to the contract. These schedules should address fundamental issues such as scope and description of the services, service levels, service credit regimes, transition and transformation timelines charges and payment, price variations and benchmarking and exit management. It is of little use to either party if the front-end of the contract i.e. the Terms & Conditions (Ts&Cs) have been carefully and appropriately drafted but the schedules themselves are incomplete, unclear or inadequate. The content in the schedules needs to be correct and complete, accurately describes the nature of the deal and includes language which creates legally enforceable obligations. It is crucial that a review exercise is undertaken to ensure that there are no inconsistencies between the schedules and the Ts&Cs.
It is certainly true that the process of negotiating an outsourcing contract can be frustrating and lengthy. However, managed properly, the process of negotiating and agreeing the outsourcing contract can be extremely important in establishing mutual expectations as well as identifying and getting the parties to address and find solutions to possible issues. This contribution is key as it offers the outsourcing relationship the best possible start for the long term. However, it must be recognised that it is only a start.
To help business who are currently considering outsourcing (whether it is IT, catering, accounting, finance, HR, logistics, marketing, cleaning or waste management or other business function) for the first time or re-negotiating their existing outsourcing arrangements, Taylor Walton Solicitors, in association with CIPS (Chartered Institute of Purchasing & Supply), is hosting "Smart Outsourcing" on March 18 2010.
A New Breed of Laser TV
By Kate Greene - Technology Review Published by MIT
New display concepts are a dime a dozen. However, very few of them find their way beyond prototype stage, and even if they do, they usually can't compete with the manufacturing muscle of the $100 billion liquid crystal display (LCD) industry. But a display startup called Prysm believes that its technology, called laser phosphor display (LPD), has the perfect combination of picture quality, energy efficiency, and manufacturing simplicity to have a chance of breaking through.
The San Jose-based Prysm, which came out of stealth mode last week, has been getting plenty of media attention due to its claims of energy efficiency. According to Roger Hajjar, the company's chief technology officer, an LPD consumes a fourth of the power of a liquid crystal display with the same brightness and about a tenth of the power of a plasma screen (although an LPD also shines brighter than a plasma screen, so the comparison isn't direct, according to Hajjar).
"The physics is simple," says Hajjar. In other displays, he says, "the light source is mostly on and there's a threshold power requirement even to keep the screen black." In an LPD, he says, the lasers get to rest where the screen is dark, saving power.
The concept behind LPD is relatively straightforward. Beams of light from several ultra-violet lasers are directed by a set of movable mirrors onto a screen made of a plastic-glass hybrid material coated with color phosphor stripes. The laser draws an image onto the screen by scanning line by line from top to bottom. The energy from the laser light activates the phosphor, which emits photons, producing an image.
An LPD differs significantly from a LCD, in which a backlight, made of either white LEDs or a cold-cathode florescent light, shines through layers of optics, including color filters and liquid crystals, to produce an image. More than 90 percent of the original light is lost in this process. Another competitor, plasma display technology, consists of small cells of ionized gases that emit light--a process that requires a relatively large amount of power. And a conventional laser television, such as the LaserVue, made by Mitsubishi, uses red, blue, and green lasers and a micromirror device that combines and directs the light. This is essentially a rear-projection display, but because of its high price tag, it hasn't become widely popular.
Crucially, Hajjar says, larger LPDs are also energy efficient compared to today's larger displays, such as electronic billboards. Compared to an LED billboard, where each diode is a pixel, an LPD of the same size and brightness eats up only about a tenth of the power, since fewer lasers are used compared to the number of LEDs required for the billboard.
Technically, an LPD is most similar to a cathode ray tube (CRT) display--the bulky design that is quickly becoming obsolete. Inside a CRT, a magnet directs an electron beam onto a phosphor-coated screen. But because LPD uses solid-state lasers, which are compact and lower power, an LPD set can be thinner and more energy efficient while producing a similar high-quality image.
Hajjar explains that LPDs are possible thanks to the growth of the solid-state lighting industry, in which LEDs are becoming an alternative to incandescent bulbs and compact fluorescent lighting. The type of phosphors used in an LPD is identical to the type used to coat LEDs in lighting applications.
This means that the manufacturing of LPDs will piggyback on the growth of the fledgling LED lighting industry. This is an advantage, says Hajjar, who stresses that it's easier to assemble components that can be bought off the shelf than to develop entirely new manufacturing processes. Indeed, Prysm, which has a manufacturing facility in Concord, MA, doesn't need to build a new semiconductor fabrication plant, as other new display companies tend to do. This is expensive and it takes a significant amount of time to get the fab up and running.
There are potential advantages in the simplicity of the manufacturing process, says Paul Semenza, an analyst at research company Display Search, because there's no need for huge factories, expensive equipment, and a lot of materials. "The capital investments are much, much less than for flat-panel displays," he says.
That said, Semenza suspects that technical challenges could come from the fact that Prysm has developed and is manufacturing its own screens, which could hamper production. In addition, there could be some challenges reliably aligning the lasers, optical scanner, and screen.
However, if these problems are overcome, Semenza says, LPD could be attractive to a number of different markets. It's possible to inexpensively tailor an LPD to a specific brightness, size, and resolution, he notes.
Prysm is initially targeting the consumer display market, competing directly with companies making the types of flat-screen televisions many people are putting in their living rooms today. According to Prysm, the first product will be announced in the coming months, and it will be priced competitively with other displays on the market, with an eye toward expanding to large advertising displays.
Licensing Contracts: Wellsprings of Found Money
By Laura DiDio
E-Commerce Times
If your business is strapped for cash and wondering how it's going to find the money to pay for much needed hardware, software and network upgrades in 2010, it's time to revisit your existing licensing contracts. The specific terms and conditions of your licensing contracts could literally translate into money in your company's coffers.
C-level executives and IT departments may be pleasantly surprised to find that there's a source of hidden gold that may potentially net your organization much needed licenses and other already-negotiated extras. While there are no guarantees, the chances are good that your organization's existing licensing contracts could net you a windfall similar to falling heir to unclaimed funds or finding treasure in Grandma's attic.
These overlooked items may include things like unused and available desktop, server and software application licenses; discounted or free training; and technical service and support. They could be worth thousands -- or even millions -- depending on the size and scope of the company.
ITIC primary research indicates that eight out of 10 businesses will undertake a major product or application upgrade during 2010. Eight out of 10 businesses will perform a major network migration in the next 12 to 15 months, and with budgets still tight, upper management is demanding tangible TCO and ROI.
Using What You Paid For
Natural skepticism may prompt many readers to question how organizations could fail to notice licenses and tools that they've already paid for, which are so crucial to the bottom line. Very easily -- it happens all the time. When my colleague Julie Giera, an analyst at Giga Information Group, and I put together a series of licensing boot camps or user seminars throughout the U.S., Canada and Europe., we were stunned to realize that the majority of organizations don't know what licenses they've bought, or what they're using or not using. Frequently, they don't take advantage of extras and freebies that are written into their contracts.
I'm not accusing users of being ignorant or lazy. The fact is, licensing agreements are most often negotiated by persons within the organization who are only tasked with getting the deal done. Once the contract is signed, the negotiator hands it off to the appropriate executive or accounting person, who promptly files the document and forgets about it.
Lax communication among departments means that IT departments may not see the actual contracts. Thus, they may be unaware that they are entitled to myriad "extras" like expanded technical service and support; access to days or weeks of free training on specific products; or access to free online inventory and asset management tools that could assist the organization in tracking license usage and remaining compliant.
Compounding the problem is the fact that the majority of licensing contracts are negotiated once every two, three or even four years. ITIC research indicates that 60 percent of the time, a different person will negotiate the licensing contract once it comes due for renewal. Since organizations oftentimes don't keep good records, the new contract negotiator may be unaware of specific terms and conditions, or whether the organization or the vendor fulfilled its responsibilities.
The result: Organizations -- from academic institutions and nonprofits to the largest commercial enterprises -- can unwittingly cheat themselves out of licenses and benefits that are rightfully theirs, leaving tens of thousands -- or even millions -- on the table. Not everyone does this, of course. Approximately 10 percent of organizations aggressively negotiate their contracts and keep tabs on their T&Cs, with the passionate obsession of Les Miserables' Inspector Javert pursuing Jean Valjean through Paris.
In this instance, the ongoing economic downturn can work your organization's favor. Vendors and resellers are anxious to retain your business and get you to re-sign your contracts once the licenses expire. Even if you just signed a new contract six months or a year ago, you can still contact the vendor or reseller and initiate interim negotiations.
Negotiating to Save
First things, first: Assemble a team that includes the appropriate members of the organization, such as the CIO, CTO, VP of IT, and the appropriate network administrators (e.g. database, server, messaging, security, storage, etc.) to review the T&Cs of your various licensing contracts. It's also a good idea to involve the corporate attorneys. If your firm doesn't have in-house counsel, engage the services of an outside firm. Legal counsel will help unravel the confusing and nebulous terms.
Do a thorough cost/analysis of your current environment. Next, conduct a thorough assessment of your current environment, and tally up your licenses: Are you using everything you paid for, and are you paying for all the seats you're using? Compliance is crucial. You won't be able to negotiate a better deal if your organization has not paid for all its licenses -- even if it was an honest mistake.
There are lots of free software inventory- and asset-management tools available to assist your organization in this task. You may discover that your current licensing agreement entitles your organization to an online asset-management tool. This tool will act as a discovery mechanism to uncover unused or available licenses for key products and applications. This is "found money," because your business has already paid for these product licenses.
Organizations that have recently been involved in mergers, acquisitions or divestitures should pay especially close attention to the T&Cs of the licensing contracts for all of the acquired or discarded business units. Some licenses will carry over but some may not, and M&A activity will affect planned purchasing decisions.
Next, the team should collaborate and define the business needs and goals. Determine what's most important. There are many ways to improve TCO and ROI.
Where the Money Is
The team also must determine whether or not the organization purchased a maintenance and upgrade plan. These plans can be a real treasure trove, including everything from free or discounted upgrades to access to online training, learning and assessment tools. Additionally, they may also entitle the organization to many free services, such as 24x7 phone support, free training vouchers for specific products, or access to on-site technical training and support.
Customers who purchased Microsoft's (Nasdaq: MSFT) Software Assurance maintenance and upgrade plan, for example, have the ability to swap or convert their Software Assurance tech-support incidents for Microsoft Premier Problem Resolution incidents. The latter provides a much more detailed and hands-on level of support service. Microsoft's SA agreements also allow customers to purchase extended Hot Fix support to resolve code issues on products that are no longer sold or supported, and complimentary "cold backup" server licenses for the purpose of disaster recovery.
If you're not in compliance, take steps to return to compliance in advance of any product negotiations. Next, do a cost/analysis of your projected environment for at least two years -- preferably three years. This should include estimates on staff increases or decreases that will affect future purchasing levels and licensing agreements. Don't overestimate. It's better to buy at a lower level and upgrade than to commit to purchase at a higher level and be forced to downgrade, and give back a percentage discount to your vendor or reseller in the event your company's fortunes wane.
Before approaching your vendor/reseller, investigate what types of deals your peers are getting on their licensing contracts. Compare notes to determine that the T&Cs of your contracts are competitively priced. User groups are a great source of information. When it comes to negotiating for better terms, knowledge really is power.
Approach your vendor or reseller with several "wish list" items. Be as specific as possible. "I'd like a 10 percent discount on 50 licenses for XYZ product," will yield better results than an open-ended request like, "How much of a discount can you give me?" or "What can you do for us?"
Above all, be reasonable. The economic recession has had an adverse impact on vendors as well as end-users, so don't ask for the sun, the moon and the stars.
If you have a good relationship, there's a good chance your vendor or reseller sales representative will be receptive to negotiating things like fixed annual payments or extended payment plans -- and even negotiate down the percentage of the True-Up payment if your organization has experienced a reversal of fortune over the past year or two. Here's a list of things your organization may want to negotiate:
- the ability to keep your unused licenses and have them carry over when you re-sign
- a new contract;
- price caps on product and licensing increases;
- price protection for the duration of your licensing contract;
- contract buy-outs;
- licensing transfer fees;
- penalty waivers if you're noncompliant;
- flexibility in signing upgrade and maintenance agreements;
- discounted or free training;
- discounted or free technical service and support incidents;
- and free training vouchers.
- Again, this is all saved money that will shave your organization's capital expenditure and operational expenditure budget. Don't get discouraged if your vendor or reseller initially balks. That's all part of the negotiating process. Be persistent; remember, your vendor wants to keep you as a customer. Be prepared with a counteroffer. Remember: You have nothing to lose and everything to gain.
Classification Projects
By: Raphael Reich - eWeek
Protecting sensitive information is a challenge for many organizations. To protect certain files, businesses must first find them, and that's no easy task with terabytes of data and hundreds of thousands of files on SharePoint sites, network attached storage devices and file systems. Here, Knowledge Center contributor Raphael Reich explains how to streamline data classification projects, including how to identify data owners, know which metadata accelerates searches, and streamline reporting and remediation.
Organizations can quickly become overwhelmed with managing and protecting all of the unstructured data in their possession. Unstructured data includes all of the documents, spreadsheets, presentations and more that are stored on shared file servers, network-attached storage (NAS) devices, SharePoint sites, etc. It accounts for roughly 80 percent of business data. In addition to being the majority of business data, unstructured data grows in excess of 50 percent per year, making it hard to keep pace with this key business resource.
To deal with unstructured data, many organizations initiate data classification projects in the hopes of identifying their most sensitive data, fixing any problems and implementing proper controls. Regrettably, there are both business and technical challenges that prevent data classification deployments from reaching their full potential.
From a business perspective, a lack of actionable results is the primary challenge. Data classification solutions produce a list of files with sensitive content, but the question of what the files mean to the business and what to do with them is not inherently obvious. On the technical side, the issue is that data classification solutions scan every file looking for relevant content and are, consequently, slow to deliver results. And on subsequent searches, these solutions must look at all files again, making it virtually impossible to keep pace with data growth and change.
The following are five measures that organizations can take to accelerate the pace of producing actionable data classification results:
Measure No. 1: Determine who owns the data
Data owners are a critical component to managing unstructured data. They understand the importance of data assets to the business and are, therefore, integral to the process of classifying this data. They can help determine who should and should not have access, what type of protections the data should have, and point out when the data is no longer relevant to the business. When it comes to sensitive data, owners can help determine whether data is at risk and what remediation steps are required.
Identifying owners is not easy to do though. The locations of data and the names of data folders, directories or sites often provide little indication of true data ownership, and file system metadata about data ownership goes stale quickly. The most common methods for identifying data owners—phone calls and e-mail messages—are not efficient or effective processes.
The best way to track data owners is to have an automated, repeatable process in place. One of the most effective ways to determine data owners is to track who is accessing the data. Over time, the top users of data will become obvious and these users will be able to tell organizations who own the data.
Next: Document What Data Is Of Interest >>
'Tens of millions' expected to buy tablets in 2010
by Don Reisinger - cnet news
A Deloitte research note claims that tablet computers will finally capture the affection of consumers this year.
"Tens of millions of people" will buy a tablet computer--or a "NetTab," as dubbed by Deloitte--in 2010, the company predicted Monday.
"NetTabs are expected to meet specific consumer needs" that aren't being met by either smartphones or by laptops, the company said. Deloitte reasons that smartphones are "still a bit small for watching videos or even Web browsing," while notebooks, Netbooks, and ultra-thin PCs are still "too big, heavy, or expensive."
Deloitte is even more optimistic when it comes to years beyond the current one. The company said that once the market sees just how well NetTabs sell in 2010, competition will increase at a rapid rate, building a sector of the tech industry that could outpace that of GPS devices.
"While it is difficult to forecast sales of devices whose specifications are unknown, some analysts estimate 12-month sales from launch of over one billion dollars," Deloitte said. "This is larger than global sales of personal navigation devices."
So far, major PC vendors, including Hewlett-Packard and Dell have said they will offer tablets. Microsoft CEO Steve Ballmer showcased HP's Slate at the CES trade show earlier this month.
Perhaps in the most anticipated announcement in this arena, Apple may be unveiling its own tablet at an event set for next week.
Still, tablets aren't anything new. Previous devices from PC vendors failed to take off, causing some to wonder whether the value they purportedly offer is really there. Deloitte asserts that previous tablet devices failed because of their design and focus and that the new wave of products will fare much better.
"The graphics, software, and user interface were underwhelming, not well connected to cellular or Wi-Fi networks, and, most important, they have largely served as work-oriented data-entry devices," Deloitte said of earlier tablets. "By contrast, an easy-to-use, consumer-focused device used primarily for media and Web browsing is much more likely to be widely accepted by the market."
For now, a consumer-focused tablet has yet to make a splash in the market. But all that could change next week when Steve Jobs takes the stage to show off his company's self-anointed "latest creation."
House budget writers hammer Va. computer agency
By BOB LEWIS
AP Political Writer
RICHMOND, Va. (AP) - Members of the budget-writing House Appropriations Committee demanded better cost information and more candor from Virginia's troubled computer superagency.
Senior members of the panel on Monday voiced outrage at cost overruns, service outages and delays that have paralyzed state agencies, failures that have prompted a scathing review by the General Assembly's watchdog agency.
The 10-year, $2.4 billion partnership between the Virginia Information Technologies Agency, created in 2003, and defense and government contracting giant Northrop Grumman Corp. is the largest state contract ever with a single vendor.
On Monday, senior Republicans and Democrats vented frustrations at VITA's primary overseer, state chief information officer George Coulter, when he appeared before them.
"The problem is, Mr. Coulter, a lot of us on this committee feel no one's taken responsibility for this debacle, either Northrop Grumman or VITA, and the problem is in the business world someone has to take responsibility," said Del. Steven Landes, R-Augusta County.
"Your credibility and the agency's credibility and, to be honest, with some of us the company's credibility is minimal to say the least," Landes said. "You started out your comments like everything was rosy. It's not rosy!"
Coulter stood before the panel shortly afterit heard a briefing on the critical report the Joint Legislative Audit and Review Commission finished and presented last month. Its findings outlined how Northrop Grumman had missed several key deadlines for upgrading and standardizing the far-flung network of computers and online systems each state agency once maintained independently.
He noted that the report also noted that overall, the state's information technology system is far superior to what it would have been by now had the VITA-Northrop Grumman partnership not formed in 2005.
"While the transformation process is difficult, I firmly believe the commonwealth benefits greatly (from) improved our information security, having a standard infrastructure in place, and correcting deficiencies across the board," Coulter said.
Northrop Grumman had no representative before the panel. The company had no comment, said one of its lobbyists, Julie Rautio.
But senior members of the panel, which is responsible for appropriating money for the partnership, made it clear that they were not happy with how VITA was managing its corporate alliance.
"The biggest bill of goods we were sold back in 2003 was all these cost savings, unrealistic expectations of what was going to occur. From this committee's standpoint, we need real-time information, we need honesty, and we also need to know exactly what we're getting," said Del. M. Kirkland Cox of Colonial Heights, the committee's ranking Republican.
Del. S. Chris Jones, R-Suffolk, grilled Coulter on whether VITA would demand to renegotiate its performance bond with Northrop Grumman to have clearer and more specific targets.
"We had an expectation that it was going to get better, but having a relative who worked under the old and went to the new, I knew from the beginning it would be a disaster," Jones said.
VITA also had defenders on the panel. Del. Clarence Phillips, D-Dickenson County, said he was opposed to filing lawsuits that could result in the dismantling of the Northrop Grumman contract.
"In my opinion, if we file suit (for) breach of contract, theoretically the whole IT system could have collapsed," Phillips said. "It wouldn't have been a computer off line a few days and then put it back on."
Copyright 2010 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
IPv4 addresses to be exhausted by 2012
Only 10 per cent of the entire IPv4 address range is still available and businesses need to start preparing for the switch to IPv6 within the next two years, according to the Number Resource Organisation (NRO).
The NRO is the official representative of the five Regional Internet Registries that oversee the worldwide allocation of internet number resources, and has called on various internet stakeholders to help facilitate the use of IPv6 addresses.
advertisement
Axel Pawlik, chairman of the NRO, explained that it is particularly important for governments to take the lead by ensuring that they are using IPv6 technology in order to bring their vendors and other users onboard.
"We've seen some governments such as the Germans and Japanese take good steps to prepare for a switchover to IPv6, and it's important that others take this lead to help educate organisations about the switchover," he said.
Pawlik also argued that organisations and their staff had been too relaxed about the upcoming need to move to IPv6, and must act now to make the change as smooth as possible.
"There is very little time left to make the switchover but there is enough time for IT teams to plan and test their switchover to IPv6 before 2012, rather than panicking at the last moment," he said.
The NRO also called on the business sector to provide IPv6-capable services and platforms, including web hosting and equipment, to help ensure accessibility for IPv6 users.
Pawlik maintained that a failure to move to IPv6 could stifle the growth of the internet, and warned businesses reliant on the internet for their day-to-day operations that a failure to prepare for IPv6 could affect their position in the market.
"There is a danger that, as some firms start to offer IPv6 capabilities, those still on IPv4 will start to lose business to customers who move to firms with the additional capabilities IPv6 could offer," he said.
IT to go outside IT department
By Dave Bailey Computing
Analyst Gartner has predicted that "the future of IT lies outside the IT department."
The reason for this is that over the next two years, business demand for IT-driven growth and innovation will outstrip the supply of qualified people to fulfil job roles resulting in traditional IT tasks moving outside the IT department according to Gartner distinguished analyst Debra Logan.
She added: "CIOs are increasingly coming from the business and users are taking control of their own information delivery infrastructure.”
The result, says Gartner, is that 40 per cent of people who report into IT in a rigid, "matrixed" fashion, or directly, will have substantial business and non-IT experience.
Gartner has identified four information management roles that IT departments will need to create if their management and governance frameworks are to remain effective:
1. legal and IT hybrids
2. digital archivists
3. business information managers
4. enterprise information architects
The legal and IT hybrid post will add the role of litigation support manager by 2010, according to Gartner. Other duties for these hybrids will be to create policies and schedules, help design and execute discovery exercises for regulators, and mediate between legal and IT departments.
Digital archivists will be expected to appraise, arrange and preserve digital records for legal and regulatory purposes.
Logan also predicts an increasing trend towards employing business information managers, who combine business and information management expertise in a single role.
Enterprise information architects will normally be involved in creating document templates and data models.
Apple to Show Off Its ‘Latest Creation’ Next WeekBy
By Brad Stone - New York Times Technology
Apple sent e-mail invitations to journalists Monday morning for a “special event” to be held next Wednesday in San Francisco. “Come see our latest creation,” the message says.
Unless you’ve been living on another, Internet-deprived planet for the last year or so, you’ve probably got a pretty good idea what this is likely to be: the unveiling of Apple’s long-awaited, breathlessly hyped tablet computer. The device promises to hasten the extinction of paper, solidify Apple’s advantages in the mobile computing market, cure hunger and finally broker a peace between Jay and Conan.
We’ll have more analysis and reporting on this in the weeks ahead. In the meantime, what do you hope to see from Steve Jobs and company in a tablet computer?
Hard Drive Theft Nets Health Data of Thousands
By Larry Barrett - internetnews.com
More than 15,000 Kaiser Permanente patients in Northern California this week are being notified that their personal information, including birth dates, addresses, phone numbers and medical-record numbers, was exposed last month after an unencrypted external storage drive was stolen from an employee's car.
Kaiser Permanente officials said the theft occurred in early December after an employee left the drive inside the car at her home in Sacramento. A week after the break-in, the unidentified employee notified hospital officials of the potential data breach.
The employee was fired for violating Kaiser's security policies after she stored the patient files on a personal device without encryption and failed to receive permission to remove the data from the hospital.
Russia Blamed for 13% of Net Attack Traffic
New report from Akamai awards Russia the dubious distinction of world's leading source of cyber threats.
Wireless Carriers Shift Plans to Focus on Data
By Andy Patrizio - internetnews.com
New billing program seems to hint that voice is no longer the wave of the future.
Verizon Wireless, AT&T and T-Mobile have all announced plans to revamp their wireless plans with more emphasis on 3G data than on voice, an acknowledgement that the wave of the future is data, not voice communications.
The Verizon (NYSE: VZ) rollout comes ahead of its planned 4G launch and is undoubtedly designed to shift to more lucrative data plans than plain old voice. It also is turns out to be a stealth price increase.
Verizon starts off with a new data tier at $9.99 per month with a 25MB cap that includes 3G use, which is cheaper than any rate previously offered, but it's also a reduction in data per dollar. Right now, Verizon offers a $19.99 per month plan with a 75MB cap. So the data amount goes down two-thirds but the price goes down by half.
Verizon also introduced an Unlimited Talk rate plan for $69.99 a month or $89.99 if you want to include text, photo, and video messaging. Then there's the Family SharePlan plan for $119.99 which will get you unlimited voice, and a $149.99 version which will include voice as well as unlimited messaging.
Not every 3G phone will be covered, and Verizon Wireless CEO Lowell McAdam told analysts on a conference call this morning that the company plans to reduce the number of phones Verizon carries from 80 to 50.
Not to be outdone, AT&T (NYSE: T) did its own shuffling. It announced that it is dropping the price of the Unlimited Talk plan to $69.99 per month for individuals and $119 for Family Talk customers (two or more lines), matching Verizon's unlimited offerings.
It will also offer Unlimited Talk & Text plans for its Quick Messaging devices for $89.99 per month for individuals and $149.99 for two lines on a Family Talk plan. It also announced an Unlimited Voice and Data plan for smartphones, including the iPhone, for $99 per month for individuals and $179.99 for a Family Talk plan.
The mandatory data plan remains in place at $29.99 per month.
In addition to that, mobile technology blog Boy Genius Reports says T-Mobile is planning to adjust its monthly service fees to match Verizon and AT&T and is also looking to knock money off the price of a variety of smartphones. These include BlackBerrys, HTC, Motorola and G1 phones. The price cut is expected to be between $30 and $50. T-Mobile, however, has made no such official announcement.
Both Verizon and AT&T's plans will be effective Monday, January 18.
Microsoft admits IE flaw to blame for Google hack
By Dan Worth - V3
In a move bound to cause red faces at Redmond, Microsoft has been forced to admit that a flaw in its Internet Explorer (IE) browser was the route by which Chinese hackers sought to infiltrate Google's corporate systems.
"Based on our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks," wrote Mike Reavey, director of the Microsoft Securtity Response Center, in a blog posting.
Microsoft's announcement came after McAfee's chief technology officer, George Kurtz, wrote in a blog posting that the firm had discovered a new vulnerability in IE that had been exploited by the hackers.
"In our investigation we discovered that one of the malware samples involved in this broad attack exploits a new, not publicly known vulnerability in Microsoft Internet Explorer," he said.
Kurtz added that the targeted attack used tried and tested methods to get users to click on a link that then compromised their machine.
"These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That’s when the exploitation takes place, using the vulnerability in Microsoft’s browser," he added.
As a result of this, Microsoft issued guidelines to help customers reduce the risk of further attacks and called on firms to remain vigilant against the continued threats that exist.
"Attacks targeting specific corporate networks are becoming more prevalent in the threat landscape and organisations should follow defence-in-depth best practices, and deploy multiple layers of protection to improve their security posture," added Reavey.
In a move bound to cause red faces at Redmond, Microsoft has been forced to admit that a flaw in its Internet Explorer (IE) browser was the route by which Chinese hackers sought to infiltrate Google's corporate systems.
"Based on our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks," wrote Mike Reavey, director of the Microsoft Securtity Response Center, in a blog posting.
Microsoft's announcement came after McAfee's chief technology officer, George Kurtz, wrote in a blog posting that the firm had discovered a new vulnerability in IE that had been exploited by the hackers.
"In our investigation we discovered that one of the malware samples involved in this broad attack exploits a new, not publicly known vulnerability in Microsoft Internet Explorer," he said.
Kurtz added that the targeted attack used tried and tested methods to get users to click on a link that then compromised their machine.
"These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That’s when the exploitation takes place, using the vulnerability in Microsoft’s browser," he added.
As a result of this, Microsoft issued guidelines to help customers reduce the risk of further attacks and called on firms to remain vigilant against the continued threats that exist.
"Attacks targeting specific corporate networks are becoming more prevalent in the threat landscape and organisations should follow defence-in-depth best practices, and deploy multiple layers of protection to improve their security posture," added Reavey.
Greening Your Data Center: The Real Deal
By: Matthew Sarrel - eWeek
From HVAC to rack density to hot/cool aisles, eWEEK Labs recommends the computing models and energy-saving practices to focus on for the biggest rewards.
A lot of attention these days is being devoted to going green: Save the planet, buy a hybrid, recycle, put lights on timers, don’t waste paper and so on. All of these things will help the environment, but let's come right out and say it: Going green makes sense when a business saves capital and resources by doing so. A warm feeling at night is not a compelling business reason for going green, but saving millions of dollars on power and HVAC sure is.
Indeed, many businesses have saved significantly by implementing environmentally friendly practices and trimming power consumption.
In 2009, organizations including IBM, Sun, the National Security Agency, Microsoft and Google announced that they were building green data centers.
The most recent announcement comes from IBM, regarding what it claims is the world’s greenest data center—a project jointly funded by IBM, New York state and Syracuse University. Announced in May 2009 and constructed in just over six months, the $12.4 million, 12,000-square-foot facility (6,000 square feet of infrastructure space and 6,000 square feet of raised-floor data center space) uses an on-site power generation system for electricity, heating and cooling, and incorporates IBM's latest energy-efficient servers, computer-cooling technology and system management software.
The press release is filled with all sorts of flowery language about saving the planet and setting an example for others to follow, but about three-fourths of the way through we get to the bottom line: “This is a smart investment … that will provide much needed resources for companies and organizations who are looking to reduce both IT costs and their carbon footprint.”
How can you separate the wheat from the chaff when it comes to designing a green data center? Where does the green-washing end and the true business case begin?
The first thing to do is to understand several key principles of data center design. This ensures that you maintain a focus on building a facility that serves your organization’s needs today and tomorrow.
Build for today and for the future. Of course, you don’t know exactly which hardware and software you’ll be running in your data center five years from now. For this reason, you need a flexible, modular and scalable design. Simply building a big room full of racks waiting to be populated doesn’t cut it anymore.
Types of equipment—such as storage or application servers—should be grouped together for easier management. In addition, instead of cooling one huge area that is only 25 percent full, divide the facility into isolated zones that get populated and cooled one at a time.
Most data centers incorporate a hot aisle/cold aisle configuration, where equipment racks are arranged in alternating rows of hot and cold aisles. This practice allows air from the cold aisle to wash over the equipment; the air is then expelled into the hot aisle. At this point, an exhaust vent pulls the hot air out of the data center.
It's important to measure energy consumption and HVAC. Not only will this help you understand how efficient your data center is (and give you ideas for improving efficiency), but it will also help control costs in an environment of ever-increasing electricity prices and put you in a better position to meet the increased reporting requirements of a carbon reduction policy.
There are currently two methods of measuring energy efficiency.
CADE (Corporate Average Datacenter Efficiency), developed by the Uptime Institute (now 451 Group), multiplies IT efficiency (asset utilization times energy efficiency of those assets) by physical efficiency (space used times energy efficiency of the building). By this measure, larger numbers are better.
The measure I prefer to use is PUE (Power Usage Effectiveness), developed by The Green Grid. PUE is calculated by dividing the total utility load by the total IT equipment load. In this case, a lower number is better. Older data centers typically have a PUE of about 3 or 4, while newer data centers can achieve a PUE of 1.5 or less.
Rack density is a very important aspect of modern data center design. Server consolidation and virtualization are leading us toward denser, and fewer, racks. Blades and 1U to 3U servers are the norm. The denser the data center, the more efficient it can be, especially if we’re talking in terms of construction costs per square foot: With the average data center costing $200 to $400 per square foot to construct, if you can cut the size of your data center by 75 percent, you could save significant construction costs—perhaps ranging into the millions of dollars.
However, denser racks mean increased power requirements and the generation of more heat.
In the past, a rack might consume 5 kW, whereas today’s denser designs consume 20 kW or more. Conventional HVAC solutions could be used to cool a 5-kW rack, but a 20-kW (or even 30- or 40-kW) rack requires a high-density cooling solution, as well.
Look to implement rack-level cooling technologies using either water or forced air. The IBM/Syracuse project converts exhaust heat to chilled water that is then run through cooling doors on each rack. A high-density cooling solution such as this removes heat much more efficiently than a conventional system. A study conducted by Emerson in 2009 calculated that roughly 35 percent of the cost of cooling the data center is eliminated by using such a solution.
Next: No More Raised Floor
President Obama: Feds still use outdated tech
By CBS Interactive staff - cnet
Here's another reason why your government isn't working to its optimum capacity: antiquated computer technology.
That's what Peter Orszag, director of the Office of Management and Budget at the White House, says.
In conjunction with the opening of a summit meeting between President Obama and business CEOs, Orszag complained that federal workers own better computers for their personal use than the ones the government equips them with during their work days. (Among the executives scheduled to attend were Steve Ballmer of Microsoft, Shantanu Narayen of Adobe Systems, Dan Hesse of Sprint Nextel, and Craig Newmark of Craigslist.)
"Twenty years ago, people who came to work in the federal government had better technology at work than at home," Orszag said in a statement. "Now that's no longer the case.
Read more of "Obama: Feds Still Use Outdated Technology" at CBSNews.com.
Understanding Infrastructure 2.0
By James Urquhart - cnet
In an interview this week, Greg Ness, a senior director at network automation vendor Infoblox, outlines the problems lurking in today's network architectures and processes in the face of dynamic distributed computing models like cloud computing and data center virtualization.
The interview focuses on the concepts behind Infrastructure 2.0, and how vendors and enterprises are working together to address the many opportunities and challenges they present.
Take a look at the core TCP/IP and Ethernet networks that we all use today, and how enterprise IT manages those services. Not long ago, I wrote an article that described how most corporations relied heavily on manual labor to manage everything from IP addresses and domain names to routing and switching configuration. At the time, I cited a survey that indicated that a full 63 percent of enterprises were still using spreadsheets to manage IP addresses.
I think Greg summarizes the basic issue quite well when he notes that "today's networks are run like yesterday's businesses." Unfortunately, as we move into an era of data center virtualization and cloud computing, spreadsheets just don't cut it anymore. Logging into switches one by one, or even executing a manual update to a set of switches at once simply can't be fast and agile enough to react to the changing needs of an automated application and server infrastructure. We need to take a systems view of our entire infrastructure, and build our automation around the end-to-end architecture of that system.
As Doug Gourlay, my former colleague at Cisco Systems and now vice president of marketing for Arista Networks, once observed, data center virtualization breaks our existing enterprise networking models, and cloud computing will break the Internet.
The problem isn't just arcane practices like IP address or domain name management by spreadsheet. It goes further into the challenges that infrastructure such as today's decades-old Domain Name Service (DNS) and network peering systems face when the location, capabilities and even existence of software payloads changes much more unpredictably.
Right now, Infrastructure 2.0 is one of those "squishy" terms that can potentially incorporate a lot of different network automation characteristics. As is hinted at in the introduction to Ness' interview, there is a working group of network luminaries trying to sort out the details and propose an architectural framework, but we are still very early in the game.
There has been a tremendous amount written about Infrastructure 2.0 already, so I don't want to repeat it all here. Rather, if you are interested in learning more, I highly recommend reading the following:
The Infrastructure 2.0 blog, specifically:
"Virtualization, Clouds and Meta Orchestration" (Greg Ness) -- an excellent description of how the relationship between those three concepts forms a basis for Infrastructure 2.0.
"Next-Gen Data Center Management Should be More Like Facebook" (Lori Macvittie) -- an interesting exploration of how to make computer networking leverage some of the lessons learned from human networking.
What To Do When Your "Core" Infrastructure Services Aren't In Your "Core?" (Chris Hoff) -- Hoff's "aha" moment surrounding the change from a product to services thinking about everything, including core networking capabilities.
The Emotion of VMotion... (Chris Hoff) -- Hoff's classic analysis of the reality of cross-cloud live motion of virtual machines, and the need for next generation infrastructure that it would generate.
Why virtualization is shaking up IT data centers (James Urquhart) -- a description I wrote some time ago comparing the creation of infrastructure in a virtualized IT architecture with the manufacturing of automobiles, including the effect that has on the flexibility of underlying physical systems.
There are other works by each of these authors and still others they link to that are worth reading as well, depending on whether your interest leans toward the data center, the Internet or other forms of core infrastructure.
Is the "Infrastructure 2.0" work happening today going to evolve into a body of standards that will have the same impact as BGP or DNS? I believe it will, though I make no promises about how those standards develop or who develops them. Rather, I believe that it is the changing nature of systems architecture that will force the evolution of the networks within those systems, and the networks that connect them.
And when those changes enter the public network--the Internet itself--we have the makings of the Intercloud...a whole other kettle of "squishy-ness".
State and local government agencies have new resource in JackBe
By Richard Hartman- OhMyGov
Dashboards and data feeds are already part of the federal government landscape, but one enterprising company sees an opportunity to expand that business to state and local governments who face new strict reporting requirements tied to the $300 billion they have received in federal assistance through the American Recovery and Reinvestment Act of 2009 (informally known as the "stimulus package").
The enterprise mashup company JackBe recently announced the release of their "Transparency 2.0 Solution" designed exclusively to provide real-time data feeds and data widgets for state and local agencies that need to deliver stimulus, recovery and related data to their constituents.
OhMyGov! spoke briefly with John Crupi, JackBe's Chief Technology Officer to find out more about JackBe's entry into the market of state and local governments.
"We look for customers that fit the problem we solve. There is a big problem in the federal government to get the stimulus data out, which also applies to the states," Crupi said when asked why the company was turning their attention to this new market segment.
In order to address these new, dynamic information demands, astute state and local government leaders are looking to mashups to provide public facing dashboards and data feeds that allow users to access a complete view of the information pertinent to their functions, resulting in improved decision-making across the organization and increased transparency into those decisions.
Crupi added that most state and local agencies do not have the technological agility to keep up with their tech-savvy constituents or to weave together data from many systems to address stimulus-driven reporting requirements.
"The states have an even bigger challenge to meet the federal transparency and reporting requirements, as they don't necessarily have the mechanisms, means and staff," said Crupi.
"What the states don't have that the feds generally have is infrastructure to do it...and they may not have as many resources to do it so we provide consulting and integration to help."
JackBe's new platform allows state and local government agencies to provide real-time insight into how the money was spent, how many jobs were created, and related metrics while also identifying opportunities for internal organizational development and cohesion. And through improved data visibility it also allows agencies to make faster, more informed decisions and improve organizational outcomes.
Pa. House Speaker McCall decides not to run again
By MARC LEVY and MARK SCOLFORO
Associated Press Writer
Pittsburgh Tribune-Review
Pennsylvania House Speaker Keith R. McCall said Tuesday he would not seek another term in the Legislature, creating a power vacuum in a chamber roiled by scandal and riven by partisan infighting.
McCall, 50, said his decision to retire was largely driven by a desire to spend more time with his wife and school-aged children.
"This decision was neither quick nor easy," the Carbon County Democrat said in a statement. "The House of Representatives has been my life's work but - after one more year of very hard work yet to come - it will be time to take another step forward in that life for myself, my family and my loved ones."
The Legislature has been in a state of near-continual crisis in the year since McCall was elected speaker.
There have been a series of arrests in the attorney general's legislative corruption investigation, and budget negotiations, in which he played a central role, were not resolved until more than three months after the July 1 deadline had passed.
"I had one goal that stood apart from all others - to do everything in my power to help restore the public's trust in the finest institution of government anywhere in the world," McCall said. "That work is far from finished."
His departure ensures that the House will soon have its fourth speaker in a period of about four years. John Perzel ended 2006 at the head of the chamber, followed by a fellow Philadelphia Republican, Dennis O'Brien, who served as speaker in 2007-08, thanks largely to Democratic votes. McCall became speaker for the current legislative session that began in January 2009.
The House is currently in Democratic control, 103-97, with three vacancies. All 203 seats are up for election in November.
Perzel was among the 25 people arrested in the investigation into whether state workers and resources were illegally diverted for campaigns and other improper purposes. Last week, seven people tied to the House Democratic caucus pleaded guilty to related charges, and four others are expected to go on trial next week.
In the one trial so far, former Rep. Sean Ramaley, D-Beaver, was acquitted of all charges.
Gov. Ed Rendell said in a statement Tuesday that McCall's departure will be a significant loss.
"For a long time he has been a leader in moving the progressive agenda forward to help meet Pennsylvania's challenges," Rendell said.
House Majority Leader Todd Eachus, D-Luzerne, called McCall a statesman who was committed to working families.
Recently, McCall was a prime architect of a 2007 transportation funding law that could deliver tolls to Interstate 80 and a 2008 law designed to cut Pennsylvanians' electricity bills by encouraging energy conservation.
McCall, of Summit Hill, has spent most of his adult life in the Legislature. He had been working in the state auditor general's office before being elected in 1982 to fill a House seat left open by the death of his father, Rep. Thomas J. McCall, on Christmas Eve 1981.
He served as the ranking Democrat on the Consumer Affairs and Transportation committees before becoming majority whip in 2006.
Pennsylvania Tax Incentives Questioned
By KRIS MAHER - The Wall Street Journal Tech
Pennsylvania's attempts to lure high-tech companies by offering big tax incentives have brought only marginal gains, according to a new study.
The state had a net gain of 43 high-tech employers between 1990 and 2006, but a net loss of 2,850 jobs, according to the study, funded by the Pittsburgh nonprofit Heinz Endowments and conducted by the Washington nonprofit Good Jobs First. The Heinz Endowments focuses on improving southwestern Pennsylvania's economy and culture. Good Jobs First researches state and local jobs subsidies.
The study contends that the job losses show the tax incentives aren't enough to offset other factors like globalization. It said Pennsylvania's tax and incentive codes provided "little appreciable advantage or disadvantage" over states it competes with to draw high-tech companies, including Maryland, New Jersey, New York, Ohio, West Virginia and North Carolina.
Pennsylvania officials argued that several recent incentives created jobs in the state, including an expansion project by Westinghouse. Gary Tuma, Gov. Ed Rendell's press secretary, said the state offered about $7 million in incentives to Westinghouse Electric Co., and the company in turn plans to invest $450 million.
"That's quite a strong return on our investment there," Mr. Tuma said. Still, he said the state -- whose incentives are worth hundreds of millions of dollars each year -- would use the study "to see how we can maximize the return from our economic development investments and see if there are any policy adjustments that are warranted."
The study adds to the debate over the effectiveness of tax incentives -- such as training grants, infrastructure improvements and sales-tax exemptions on new equipment -- in creating jobs. The issue has gained national attention recently as the Obama administration has considered a federal tax credit to boost employment.
Economists disagree on the usefulness of tax incentives, with some saying they shouldn't be underestimated as a job-creation tool. "Taxes can become a definitive incentive," said Jim Diffley, an economist with Global Insight in Philadelphia.
Mr. Diffley says the primary factors companies look for in a location are the quality of the labor force and prevailing wage rates, as well as the ease of transporting goods to market and traveling to the site. But when a company has narrowed its choices to several states, taxes can be the deciding factor, he argues.
Richard Florida, director of the Martin Prosperity Institute at the University of Toronto, said he thinks competition among states has calmed down amid the recession because there is less to fight over. He said that while many economic-development policy makers want to use the same incentives as competing states, many academics are finding that "at best they don't work, and at worst they're counterproductive and wasteful."
Many companies argue for the incentives. Vaughn Gilbert, a spokesman for Westinghouse, said: "Without question the incentives were important. I think Pennsylvania really stepped up to the plate and that's a big reason why we chose to stay here and expand here."
Jeff Finkle, president and chief executive of the International Economic Development Council, a Washington nonprofit that represents regional economic-development groups, said in the current economy "business is in the driver seat," and states are unlikely to drop incentives. He said such incentives are important when a company is deciding between a few options. He declined to comment on the study because he hadn't read it.
Daniel Wilson, a senior economist at the Federal Reserve Bank of San Francisco, has studied tax credits aimed at spurring job creation in 25 states from 1990 to the present. "We see this bump-up in employment right after this credit comes into effect," he said, but that overall "there was a zero sum across all states."
A big concern, he says, is that companies could game the system by firing workers before using a credit to rehire more workers, or by switching workers to part-time status before a credit takes effect. But Mr. Wilson said more states are adding measures to avoid those problems.
The Pennsylvania study found that more jobs were lost to other countries than to other states by a 30-to-1 ratio. It also found that job creation is driven more by factors in the state, such as expansion of pre-existing companies, than by interstate relocations.
Microsoft releases single patch for January
By Shaun Nichols in San Francisco - V3
Redmond kicks off security year with lone fix and warnings for Flash
Microsoft has released a single fix in the first of its 2010 monthly Patch Tuesday security updates.
The January update addresses a flaw in a component of Windows and Windows Server which, if exploited, could allow an attacker to remotely execute code on the targeted system.
The company explained that the flaw lies within the Windows components that handle Embedded OpenType Font packages. Researchers found that, by bundling attack code into a font package, an exploit could be performed to give the attacker control over the system.
While the vulnerable code is believed to be present in all supported versions of Windows, the targeted component is accessible only in Windows 2000.
As such, the flaw is being categorised as a 'critical' risk for Windows 2000 SP4 users, but is regarded only as a 'low-level' risk for XP, Vista, Windows 7, Server 2003 and Server 2008.
Microsoft also posted a warning to XP users regarding the Adobe Flash Player 6 component, advising users to upgrade the copy of Flash Player originally bundled with Windows XP in order to patch recently discovered vulnerabilities.
There's More Than One Way to Plug Enterprise Data Leaks
By Kevin Prince - TechNewsWorld
Even if leaked data is never used to commit fraud or used for identity theft, data breaches can cost companies millions of dollars and a great deal of trust among customers and partners. Within a couple of years, all financial organizations will have to take data leakage prevention very seriously.
Data leakage prevention (DLP) is a topic that has been getting a lot of attention lately. Keeping sensitive data from leaving the network has quickly risen to the top of many IT and compliance officers' lists of priorities.
DLP will likely be the first thing most organizations spend their 2010 information security budgets on.
The Problem
Any time sensitive data gets into the hands nonauthorized individuals, it can constitute a data security breach. Malicious employees may take and use sensitive customer or employee information to commit fraud, identity theft or sell to others for quick, easy money. Careless and untrained employees also make mistakes that lead to breaches.
All data security breaches must be publicly disclosed, which often leads to negative public perception, loss of customers, expensive damage control, class-action lawsuits, and more.
Data breaches can cost companies million of dollars, even if the data is never used to commit fraud or used for identity theft.
The Methods
There are countless ways an insider can capture data and remove it from the network. Email, FTP (file transfer protocol), and a variety of other standard utilities available on every computer can be used, as well as social media networks, posts to other Web sites and forums, and online storage solutions.
Peer-to-peer (P2P) software can also be utilized to capture and post information for download anywhere in the world. There are lots of tools that can utilize encryption to hide the storage and transport of sensitive information.
Then there are even simpler methods, including burning a CD or DVD, or copying files to a USB thumb drive. The variety of memory sticks available on the market offer massive amounts of storage. Additionally, smartphones, iPods, and other portable media devices are commonly connected to corporate systems, each with the capacity to store and transport massive volumes of data.
The Regulations
As a result of this ever-growing threat, state and federal regulators have created new laws and are strictly enforcing previous requirements.
For example, Massachusetts and Nevada both passed state data encryption laws that are designed to keep sensitive information in the hands of those who are meant to see and use it. The new Red Flags rule, although delayed now for the fourth time until June 1, 2010, before FTC enforcement goes into effect, is specifically designed to regulate how sensitive customer and employee data is kept private.
Regulations such as HIPAA and GLBA have been around for more than a decade with various data privacy requirements; however, starting about a year ago, regulators and auditors have been looking at data leakage prevention very seriously.
Regulators under the umbrella of the FFIEC that enforce GLBA for U.S. financial institutions are now putting pressure on banks and credit unions to implement data leakage prevention solutions. After speaking with various examiners over the last month or so, it is clear to me that this requirement is going to be one on the top of their lists for the next couple of years. To date, the financial institutions that have been feeling the brunt of this new focus are large organizations with many billions of dollars in assets.
We have seen this trend before. We saw it with vulnerability assessments, firewalls, intrusion detection and prevention systems, and many others. The regulators start the enforcement with the very large financial institutions and move down from there. Within a couple of years, all financial organizations will have to take data leakage prevention very seriously.
The Definition
When the term "data leakage prevention" became popular a couple of years ago, many technology vendors had claims that their product was a DLP solution, and they received the venture capital money at the time.
In the beginning, the term by itself was broad enough that nearly any solution could qualify as DLP. A firewall could qualify because you can write rules that block outbound traffic. Analyst firms such as Gartner (NYSE: IT) stepped in and clearly defined what a DLP must be.
A DLP solution should:
1. Detect sensitive content in any combination of network traffic, data at rest or endpoint operations;
2. Detect sensitive content using sophisticated techniques such as partial and exact document matching, structure data fingerprinting, statistical analysis, regular expression matching, conceptual and lexicon analysis and keywords;
3. Support the detection of sensitive data content in structured and unstructured data using registered or described data definitions; and be able to block (at minimum) policy violations that occur over email.
In other words, a DLP needs to identify and classify data, filter based on classification anytime data leaves the network, and control data both while at rest and in motion.
The Solution
In the last couple of years, many solutions under the title of DLP have entered the market. There are several of these that do not qualify as DLP from a regulatory compliance perspective.
Some organizations are looking to solutions such as those offered by Vontu (now Symantec) or Websense. These solutions have an all-in-one approach and can single handedly take care of your data leakage issues and regulatory compliance.
The other method is using several solutions to achieve DLP. Some might wonder why they would want to employ several solutions when they can just use one. The answer is that some organizations are already using solutions that are part of an overall DLP solution. So in an effort to maximize the existing investment, adopting additional solutions is a good alternative for some. For example, if you are using an email-based content filtering system that blocks sensitive data from leaving the network, that is part of a DLP solution. If your firewall, proxy or other network device can be configured to detect and block sensitive data from leaving the network, that can be part of your DLP solution. If you use desktop security software that blocks sensitive data from being written to portable media devices, that can be part of your DLP solution. So perhaps money can be saved by utilizing existing solutions to create a total DLP solution.
One thing that I feel is often missed when people think about DLP is backup tapes and drives. Lots of sensitive data is stored on our backup media ... often unencrypted. If this media is lost or stolen, it will usually constitute a data breach. In some states it doesn't even matter if the data is encrypted -- public disclosure is required regardless. So in my opinion, using a remote data backup service that utilizes the Internet, rather than traditional backup tapes or other backup media, should be considered an important part of a comprehensive DLP solution.
In Conclusion
While there are a couple of different approaches to full data leakage prevention, the most important thing is to do something soon. It is a legitimate problem for most organizations today. Data breaches can cost companies millions of dollars, not to mention loss of revenue and customer loyalty. Regulators are putting a lot of emphasis on it now.
This is a lot more work, and will cost more money than similar initiatives in the past such as firewall, IDS and IPS. However, it is one of the very best ways of protecting the data the matters most to your company.
INSIDE MOBILE: 2010 Outlook for Mobile and Wireless: Better
By J. Gerry Purdy - eWeek.com
To help mobile and wireless device vendors, software firms and operators build and offer the best possible mobile and wireless products and services, Knowledge Center mobile and wireless analyst J. Gerry Purdy offers his wish list of things he would like to see happen within the mobile and wireless industry in 2010.
Forrester: Tech spending downturn is over
By Chris Kanaracus - IT World
The worst is over for technology spending and the sector is set to rebound this year, according to a new report from Forrester Research.
The analyst firm expects U.S. IT spending to grow by 6.6 percent in 2010 after plummeting 8.2 percent in 2009. On a global basis, IT expenditures will jump 8.1 percent in U.S. dollars and 5.6 percent based on local currencies.
Forrester is making its predictions even though final data for the fourth quarter of 2009 isn't in yet. It's basing that confidence on recent signs of economic recovery around the world, including strong earning reports from vendors such as Oracle and the increased availability of credit.
Although the sector will experience strong growth, this won't result in a full recovery across the board, according to Forrester's data. For example, while computer equipment purchasing will jump 9.2 percent, the overall level of spending will be lower than in 2008 or 2007.
But software is also expected to grow by 9.2 percent in 2010, which will negate the 7.4 percent drop experienced in 2009 and exceed 2008's level.
Communications equipment spending will remain comparatively weak, rising only 2.8 percent this year, according to Forrester.
Forrester's report also examines the possibility that a "double-dip" recession will occur this year following a short period of economic growth. There is a 15 percent chance of this happening, and if it does, tech spending will instead see a decline of 3 percent to 4 percent in 2010, Forrester said.
Symantec to Acquire Gideon Technologies for Risk Management Technology
By Brian Prince - eWeek.com
Symantec has agreed to acquire Gideon Technologies in a bid to add to its risk management capabilities to meet the compliance needs of the public sector.
Gideon Technologies specializes in vulnerability, configuration, policy and compliance management as well as network and asset discovery. According to Symantec, Gideon Technologies' security content automation protocol-validate configuration and vulnerability assessment tool will enhance Symantec's ability to meet the needs of its public sector companies.
“As the U.S. Government continues to make the cyber security of our country’s public and private infrastructures a priority, Symantec will support public sector customers with standards-based solutions that meet their complex compliance requirements with the highest degree of accuracy,” said Gigi Schumm, vice president and general manager public sector at Symantec, in a statement. “As demonstrated by this acquisition, Symantec is committed to SCAP and emerging standards and intends to lead the ongoing advancement of these standards.”
The security content automation protocol (SCAP) is a series of specifications used to standardize the way in which security software products communicate software flaw and configuration information.
Symantec’s plan is to integrate Gideon Technologies' SecureFusion product with the Symantec Management Platform to compliment its compliance offerings and allow the company to offer customers automated situational awareness and remediation management solution for their environment.
The deal is expected to close by the end of the March quarter. Financial terms were not disclosed.
Anti-theft chip turns laptop into ‘brick'
By John E. Dunn - IT World
Absolute Software has added a new feature to its Computrace Lojack anti-theft software that can remotely turn a stolen laptop into a useless, non-bootable 'brick'.
The point of the feature - the first implementation of Intel's latest Anti-Theft Technology (ATT) chipset - is to make it possible for the owner to leave data intact on the laptop in that the hope that the machine is recovered by the police at a later date. Up to now, the only options offered by LoJack have been to remotely monitor a machine in the hope of tracing the thief or executing a complete data wipe.
Absolute now reckons that for the technology to establish itself with consumers, the option of recovering data is probably essential.
"Many consumers don't back up data on a frequent basis so when we wipe data it is gone for good," said Absolute Software's Stephen Midgley. "Losing a laptop is like losing a wallet."
LoJack has been available on any laptop, including Apple Macs, for some time, though the company recommends users pair it with a more limited selection of machines supporting its own BIOS. This increases security by making it extremely difficult for the criminal to circumvent the LoJack software agent upon which the tracking depends.
Intel's new ATT chipset simply embeds the technology further, adding the consumer-friendly remote locking feature. If stolen, a user alerts Absolute which issues a remote command that puts the machine into a locked state which makes it impossible to boot or access the OS, or even get at encryption keys if these are being used.
At this point, the thinking goes, the laptop has become of no economic value and is more likely to be abandoned. Removing the hard disk makes no difference.
One short-term problem is that the chip has only made its way into a limited number of machines, including a small number of X-Series laptops from Lenovo and a couple of Fujitsu Lifebooks. The irony is that these are relatively expensive business machines unlikely to be bought by many consumers who might benefit most from the new technology.
"It's early days," admitted Midgley, who said he believed more affordable models supporting the system would be announced in 2010.
On the good news front, the company has temporarily cut $25 from the subscription price of LoJack, which can currently be purchased in two versions, a Standard Edition at $24.99 (£16) per annum, and Premium version at $34.99 per annum.
The cheaper version offers only a basic theft-tracking feature, which allows a stolen laptop to be traced remotely should it connect to the Internet subsequently. For most users the extra $10 for the Premium version will be a better buy as it adds to this the ability to remotely delete data from the machine, a feature that will be foremost in the minds of most users.
The company also offers Premium users a degree of insurance up to $1,000 if a machine cannot be recovered, as long as certain conditions are met.
Gartner's Roy Schulte speaks on Continuous Intelligence
By Leah Archibald - ebiz
What is continuous intelligence, and how can it impact the workings of a business? In this live presentation, Gartner Distinguished Analyst Roy Schulte will present his latest research into the field of continuous intelligence, and describe how companies are driving success with smarter IT.
W. Roy Schulte is Vice President and Distinguished Analyst at Gartner Inc. in Stamford Connecticut. Mr. Schulte was a co-author of the 1996 report that introduced the term SOA to the industry. He also originated research into the field of message brokers, coined the term business activity monitoring (BAM), and wrote the first analyst reports on the zero-latency enterprise and the enterprise service bus (ESB). His current work centers on event-driven architecture (EDA).
Does The Business (Still) Hate IT?
By Sharyn Leaver - The Forrester Blog for CIOs
There is certainly no shortage of books to read about how to do a better job in 2010. One of those just noted is "8 Things We Hate About IT" by Susan Cramm. Given a quick review of the list, probably a better way to title it would be “8 Beaten-to-Death Clichés” about IT-business relationships. Come on, folks, can’t we move past these old saws: IT inhibits change, doesn’t support innovation, condescends about technology, is too reactive, advocates for the expensive (deluxe) solution, yadda, yadda, validated from a 2009 survey. She offers up an equivalent list of complaints from the other vantage point (IT’s) that you can probably imagine without spelling it out. Here’s a teaser to get your imagination going: “IT hates it when the business wants it all right now.” [Caution – if you ask people to select choices from lists — and construct the list with certain choices, surveys tell you about those choices.]
But Susan is on to something — why (if it is the case) are the issues between IT and the business the same as they’ve been since retiring CIOs were knee-high? Here are a couple ideas:
• Tension between IT and line businesses is designed into organizational structures. Hard-wiring organizational lines into centralized IT “shops” assigned to business units or combinations puts IT unwittingly into a self-perceived servant relationship with business units. No doubt in recent economic downturn years, increasing centralization of IT has resulted in a cementing of “us” versus “them” — where as federated and decentralized structures preserve some of “us” within “them” and align attitudes and goals accordingly. HR, Accounting, Facilities, and other centralized services all struggle with balancing acts of meeting the needs of those they service.
• Preserving a request-fulfill relationship institutionalizes disappointment all around. Missed expectations and unhappiness result from a “take a number” approach to queuing up service requests, ranking them according to some criteria, estimating fulfillment time, and attempting to deliver in the face of numerous “Look over there!” distractions. Again, breaking up some of the IT resources into the business units for dedicated and local work would help. CIOs should read and absorb Forrester’s BT model for operating IT.
• IT priorities are too inside-out. A business exec wants to start Tweeting to customers and sneers at the IT folks who are too busy ensuring that Twitter doesn’t import nasty viruses into the firm to help with best practices. As the economy improves, IT must put back the folks who do market scans for how other firms are using this and that tech, scan the departments (especially marketing) for what they might be thinking, and be ready to pilot and roll out tools to maintain competitive parity. Lunch-and-learn sessions about interesting new technologies should be part of the job responsibility of IT. And CIOs should convince peers that sending their staff to participate is also a requirement.
These are just a few ideas — frankly, this list could get pretty long. But I’m tired of living a groundhog day of IT-Business battles, aren’t you
Data Center Migration: Easy as Changing the Engine Mid-Flight
By Dan Gardner - E Commerce Times (podcast 39:07)
Congratulations, you've completed your new data center. The hard part now will be to move all your existing data into the new place without a massive service interruption. It's about as easy as changing the engine on a plane in the middle of a flight. With sufficient advanced planning, however, it can be done.
The crucial migration phase when moving or modernizing data centers can make or break the succe