Tuesday, September 30, 2008

Private Browsing's False Sense of Security

They call it private browsing. Microsoft recently released a beta version of Internet Explorer 8 that offers it. You'll find it in Mozilla's Firefox and the new Google Chrome. Apple's Safari has offered the feature for some time.

But what vendors call private browsing, others call porn mode.

Not everyone who uses private browsing wants to view porn anonymously, but there is a good reason for the name. Private browsing can prevent others who sit down at your computer from seeing what Web sites you've visited, but it doesn't do much to keep more sophisticated sleuths from seeing where you've been and what you've been doing.

When browsers are in privacy mode, they automatically delete search histories, browse histories and page caches. But they do nothing to protect you from hackers or spyware that tracks and reports on your online activities.

"The private-browsing mode avoids embarrassment and prevents your spouse from learning about the surprise gift you're researching for her," said Ray Dickenson, chief technology officer at Authentium. The company offers SafeCentral technology for secure browsing.

"But it doesn't prevent the disclosure of your user names, passwords, credit card numbers and other personal information to criminals," he added. "While we applaud the feature as a valuable tool for users, we're concerned the name will only exacerbate the current explosion of digitally cultivated identity theft by fooling users into thinking they're protected."

Authentium obviously has an interest in warning users about what private browsing does not protect them from, but some degree of paranoia is warranted.

Make no mistake, private browsing is a welcome feature. As vendors say, it can keep your spouse from finding out -- accidentally or otherwise -- about the birthday present you just ordered online. And yes, it can keep your friends, family and co-workers from seeing items in your browser history that you don't want them to see.

But don't get the idea that private browsing offers any real protection from the Internet's more nefarious denizens.

Shia LaBeouf, ‘Eagle Eye’ Co-Stars Remind Us That We’re All Being Watched
Privacy Uncertain With New IE8 Feature
‘Igor’: Calling All Monsters, By Kurt Loder
Microsoft Releases Internet Explorer 8 Beta 2

.NET Making Gains Against Java, Survey Says

Who's ahead: Microsoft Corp.'s .NET or Sun Microsystems Inc.'s Java Platform Enterprise Edition (Java EE)?

Five years in and counting, the battle still rages with no clear victor. However, according to a new survey, .NET appears to be widening its lead over Java EE, as the latest revision of the erstwhile Java 2 Enterprise Edition (J2EE) specification is now called. Given the volatility of the .NET/Java EE match-up, that could easily change.

Last year, for example, a survey from development consultancy Evans Data Corp. identified a clear trend in favor of Java development, even though .NET still retained a narrow lead. Thirty-one percent of developers said they planned to tap .NET as their platform of choice for SOA development; 28 percent cited Java.

Evans Data flagged a steep decline in the percentage of developers who expressed a preference for using .NET as a platform for their SOA activities, citing a 20 percent drop in just a six-month period.

This year, the reverse seems to be the case.

According to a new survey from Evans Data, .NET is once again outpacing Java. The survey, which polled 350 developers at enterprise shops with 1,000 or more employees, found that three-fifths (60 percent) of respondents indicated that their .NET investments were growing; fully half said they planned to add additional .NET development personnel.

"These survey results confirm that .NET applications are pervasive in large enterprises and their acceptance and dependability is continuing to increase," said Mike Allen, director of product management for CA Wily Technology, in a statement. CA Inc. -- which markets application performance management (APM) tooling (and which claims that the Evans Data results underscore the importance of effective APM programs) -- is a sponsor of the survey.

There might be something to CA's claims. What's surprising is how much enterprise IT organizations are spending on their next-gen application architecture investments -- particularly for .NET products. More than half of respondents said they're spending about a quarter of their IT application budgets on .NET development or support, while a staggering one-fifth of respondents say they're spending between 75 and 100 percent this way.

Also surprising is the non-partisan heterogeneity of today's enterprise application architectures. Many shops are supporting mixed .NET and Java EE deployments, Evans Data said. A clear majority of respondents said their organizations maintain both .NET and Java groups, for example.

It's a sign of the times, according to industry veteran Jasmine Noel, a principal with consultancy Ptak, Noel & Associates.

"An increasing number of enterprises are realizing the benefits of deploying applications built on both .NET and Java. However, with those benefits come the challenges of managing a heterogeneous environment coupled with the unique issues of both development architectures," Noel said in a prepared statement.

Elsewhere, .NET developers are far more likely than Java coders to blame changes -- at both the application level and in the back-end -- for slowdowns. Java users, on the other hand, disproportionately cite memory leaks and out-of-memory conditions as triggers for application failure.

.NET users were also more likely to cite issues with connectivity to back-end transaction systems, including mainframe systems. Java users, conversely, seem to generate or encounter more bugs. They're also more likely to find fault with JVM or architecture issues than are .NET users (with the .NET CLR, that is).

‘Tropic Thunder’ Rolls Over Box-Office Competition For Second Week
Virtualization Not as Easy as 1-2-3
Shia LaBeouf, ‘Eagle Eye’ Co-Stars Remind Us That We’re All Being Watched

Microsoft and State of Washington Fight 'Scareware'

Microsoft and the state of Washington are waging a legal war against vendors of "scareware," according to an announcement from the Washington State Attorney General's Office issued on Monday. Scareware pressures the user into buying software or a service, typically via alarming pop-up messages.

The latest in a flurry of lawsuits was filed on Monday by the state's AG against a Texas-based distributor. James Reed McCreary IV of The Woodlands, Texas, is accused of sending bogus pop-up messages to PCs running Windows Messenger.

The official-looking pop-up warns about a damaged or corrupted registry. Users are directed to a Web site for a free scan that invariably identifies 43 critical problems that can be fixed by purchasing a software program (Registry Cleaner XP) for $39.95.

The state and Microsoft say Registry Cleaner XP is a nebulous program that does nothing but "lull the consumer into a false sense of security."

State Attorney General Rob McKenna called the software "a blatant rip-off of consumers." The lawsuit alleges "claims of misrepresentation, harassment, and high-pressure sales" by the defendant.

According to lead attorney Paula Sellis, senior council for the Washington State Attorney General's Office, the state will ask the court for an injunction to shut down Alpha Red and Branch Software, Houston-based companies owned by McCreary.

"Under Washington law, we are suing for restitution for victims in the state, however, since we are asking for an injunction to cease and desist, this might have a positive effect for users in other states indirectly," said Sellis in a telephone interview.

This latest suit brings the number of civil actions against spyware and scareware proliferators to 24, since Washington enacted the Computer Spyware Act in 2005. Microsoft has filed 17 of those suits. According to Sellis, the state and Microsoft have prevailed in all of the suits to date.

"We have been extremely successful in our suits and have recovered attorney fees, and restitution in many of the cases," Sellis said. "In 2006 we were successful in recovering more than a million dollars from a New York-based company called Secure Computer that had a similar scareware program [to Registry Cleaner XP]."

Microsoft has filed no less than seven suits against SMP Soft for programs that "allegedly falsely alert consumers to problems on their computers and offer to sell software fixes." Programs named in the suits include Scan & Repair, Antivirus 2009, MalwareCore, WinDefenderXPDefender.com and WinSpywareProtect.  Defendants in these suits face up to $2,000 per violation plus restitution and attorney fees, according to the state's AG office.

According to the statement released on Monday, consumers can file complaints themselves. However, such lawsuits typically file against "John Doe" defendants because tracking down identities in such cases can be difficult.

Microsoft estimates that spyware is the problem for the more than 50 percent of calls to its customer support reporting computer crashes. The state AG calls spyware "the biggest online threat to consumers and businesses since the advent of the Internet."

‘Burn After Reading’: Mixed Nuts, By Kurt Loder
Microsoft Announces SP-1 for Forefront Client Security

Browser-Makers Seek Clickjacking Fix

What is clickjacking? Security pros are trying to make sense of a new bug found by researchers that apparently affects various Web browsers, including Microsoft's Internet Explorer.

The new threat, revealed late last week by SecTheory LLC CEO Robert Hansen and Jeremiah Grossman, WhiteHat's chief technology officer, is being called "clickjacking." According to these researchers, clickjacking happens when users are directed to malicious Web sites where hackers lay in wait to take control of a user's browser profile.

The clickjacking technique "gives an attacker the ability to trick a user into clicking on something only barely or momentarily noticeable," explained a warning on the homepage of the United States Computer Emergency Readiness Team, or CERT. "Therefore, if a user clicks on a web page, they may actually be clicking on content from another page."

The vulnerability reportedly can affect multiple browsers and even Web applications, such as Adobe's Flash. Browsers at risk include Internet Explorer, Mozilla Firefox, Apple's Safari, Opera and Google's new Chrome browser, which altogether constitute more than 95 percent of browser market share, according to Aliso Viejo-Calif.-based Net Applications.

"It's pretty pervasive," said Ryan Naraine, an IT security analyst at U.K.-based Kaspersky Lab. "[The exploit] attacks a fundamental flaws in the way most browsers work, and cannot be fixed with a simple patch."

Moreover, a hacker doesn't need access to a trusted Web site to rollout a clickjack, the researchers say. It's not so much a Web site security issue; rather, it's something that browser vendors need to fix.

Hansen and Grossman were slated to expound on the threat and its implications at last week's OWASP NYC AppSec 2008 Conference. They postponed their conference talk on the vulnerability at the request of Adobe and other "affected vendors," which wanted to wait until a systemic workaround or hotfix could be applied.

Redmond, Apple and Google have yet to comment on the threat. However, Mozilla on Monday released updates to its Thunderbird v2.0.0.17 e-mail application and Firefox v3.0.3 Web browser in an effort to "address multiple vulnerabilities." The updates are designed to prevent hackers from executing "arbitrary code," stealing personal information, undertaking cross-site scripting and denial of service attacks as well as clickjacking.

Experts say that NoScript, a security add-on to Firefox that blocks JavaScript execution, is designed to defend against most attack scenarios.

Hansen and Grossman said on Friday that they plan to release their research and a proof-of-concept exploit but won't do so until Adobe issues a patch.

Privacy Uncertain With New IE8 Feature
IE Share Continues Decline but How Far Will It Go?
Peter Facinelli Compares ‘Twilight’ Patriarch Carlisle Cullen To His Breakthrough Role In ‘Can’t Hardly Wait’

AppSense Partners With CSC on Hosted Desktop Solution

AppSense Ltd. announced a desktop virtualization marketing deal with IT services company CSC, based in Falls Church, Va. Under this partnership arrangement, the Melvile, N.Y.-based company's AppSense Management Suite will be included as a component of CSC's Dynamic Desktop, a hosted desktop virtualization offering.

Hosted desktop (also called VDI) relies on centrally based and managed virtualized servers to provide full Windows desktop capability to end users across an enterprise over LAN or WAN connections. Analysts expect this segment of the virtualization market to enjoy robust growth over the next several years.

The AppSense Suite provides what the company calls user environment management specifically associated with personalization and policy profiles. Personalization is especially important in VDI deployments because it maintains end user customization.

End user profile attributes include items such as wallpaper, browser favorites and custom operational settings. The AppSense solution abstracts such user data from both the OS and applications and then manages it, along with policy information specified by IT admins, on a separate server.

AppSense typically works with partners offering VDI solutions via jointly marketed distribution channels. Its current partners include both VMware and Citrix. The CSC offering is being offered through a strategic partnership with Citrix and involves the company's XenDesktop product.

VMware Launches vClient, Aims To Create Desktops That Follow Users Anywhere
Mickey Rourke Explains His Preparation For ‘The Wrestler’: ‘I Had Some Demons’
‘Twilight’ Tuesday: Robert Pattinson, Kristen Stewart And Taylor Lautner Will Present At The VMAs

Monday, September 29, 2008

It's Official: Visual Studio 2010 and .NET Framework 4.0

Microsoft is revealing more about its plans for the next generation of Visual Studio Team System (code-named Rosario), part of the now officially named Visual Studio 2010 and .NET Framework 4.0 rollout. All of these products are still in the very early stages.

"We've got a name called Visual Studio 2010 and that's about all we've got right now," said Dave Mendlen, director of developer marketing at Microsoft. "We're not saying much more about schedule at this point."

The company is outlining some of the new functionality in Visual Studio Team System 2010, which consists of Team Foundation Server and the Team Suite of role-based Visual Studio clients. This next release will focus on "breaking down the walls between the roles that exist today," said Mendlen. With VSTS 2010, Microsoft is addressing the need to better integrate the functions of the project lead, architect, developers and testers throughout the application lifecycle. Key features in the 2010 Team Suite enable reuse of code assets, modeling across tools and architecture, higher quality test and better collaboration. 

SQL Server 2005 Dropped
Going forward, the VSTS Database Edition will be rolled into VSTS Developer Edition.

"Developers are more hybrid today than they were in the past, this need to work not just with the core source code but also with the database is becoming more and more important to them," said Mendlen. "With that in mind, we've made the decision to fold these two products together in the 2010 release of the product."

Starting this month, Software Assurance customers with licenses for VSTS 2008 Developer Edition or VSTS 2008 Database Edition can download the VSTS 2008 Database Edition, VSTS Developer Edition, VS2005 Team System for Software Developers and VS2005 Team System for Database Professionals at no extra cost.

In a surprise move, Microsoft has also decided to discontinue TFS "Rosario" support for SQL Server 2005. VSTS lead Brian Harry explained in his blog: "That was a controversial decision but it is a final decision. The primary driving force behind it is that the Report Server feature in SQL Server 2008 is sooooo much improved over that in previous versions that we simply could not pass up taking advantage of it for Rosario." 

Plans for Expression Studio integration or a VSTS "Designer" edition are not currently on the 2010 roadmap. "There's more work to be done to enable cross designer developer collaboration," said Mendlen. "[We have] nothing specific to announce but it's absolutely an area of focus for both sides."

Team Suite Upgrades
The VSTS April 2008 CTP12 offered a glimpse of many of the new features in the upcoming Developer, Test and Architecture Editions. The next CTP is expected in the PDC timeframe, although Mendlen declined to confirm that timeframe.

Developers can expect improved customization of the continuous build process through new features such as architectural validation. That includes the ability to model the app's UI layer, business layer and data layer, set up constraints, and map back-end code onto that architectural diagram. Using the new "Architecture Explorer" and "Layout Diagram designer" in the 2010 Architecture Edition, project leaders can enforce policies at code check-ins through architectural validation.

"Team Build will include a WF engine that is very extensible," said Cameron Skinner, product unit manager for Visual Studio Team Studio. The next version of Team Build introduces an agent/controller architecture, with support for distributed builds.

The new client environment for testers beefs up its support for manual testing and test case management. It is built using Windows Presentation Foundation to enable better visualizations of software processes. Testers can run test cases that relate only to modified code. They can also capture what happens in the debugging process through video recording -- TiVo for test -- and that along with a debugging log, can be handed off to the developer.

The 2010 Developer Edition adds support for historical debugging, a standalone debugger on a USB stick for testing code on separate machines, code analysis rule sets and test impact of code changes. 

New Modeling Platforms
The April CTP of VSTS supports UML, which Skinner said makes sense for higher level concepts such as the logical layer, with DSL at the physical layer. Microsoft has long championed DSL, as an alternative to UML.

Forrester Research analyst Jeffrey Hammond believes Microsoft views UML "as a great DSL for software architects." One of the issues for Microsoft early on was the problem of complexity in modeling, and "Microsoft rightly noted that building off UML 2.0 can create some complex tooling for architects and developers," Hammond said.

Microsoft officials have hinted that support for UML might be coming in "Oslo," a new modeling platform that consists of a repository, language and tools. The company has confirmed that it will issue the first CTP of "Oslo" at next month's Professional Developers' Conference in Los Angeles.

"In Team System 2010, we clearly need to be able to interoperate and get the models that you're creating in the Team Architecture Edition into the Oslo repository," said Skinner. "That's something that we're currently working on, we're still early in making that happen but that interoperation is absolutely going to be there, and we are actually chasing out more integrations between the two, but it's still too early to talk about at this point."

Microsoft's announced earlier this month that it was joining the Object Management Group, the steward of the UML standards. - Jeffrey Schwartz contributed to this article.

Small Business Server 2008 Hits Metal
Microsoft Boosts Modeling Strategy and Rejoins OMG

Saturday, September 27, 2008

Oracle To Sell Hardware

Oracle Corp. is getting into the hardware business.

Speaking to attendees at the company's annual Oracle OpenWorld conference on Wednesday, CEO Larry Ellison unveiled a three-year-old partnership with Hewlett-Packard to produce a new storage server. Kept under wraps until this week, the Exadata programmable storage server combines Oracle software with HP hardware (and dual-core Intel processors) into super-fast disk-drive storage systems.

Two offerings in the new server line are ready to go, Ellison said: the HP Oracle Exadata Storage Server and the HP Oracle Database Machine.

The high-capacity Exadata server is based on the HP ProLiant DL 180 G5 server. It will come with either SAS or SATA drives and a storage capacity up to 12 TB. A version that runs on the Oracle distribution of Linux is available now; versions for other operating systems are on the way, Ellison said.

Exadata is billed by the company as the "building blocks" for the Database Machine, which is a package of software, servers and storage aimed at large, multi-terabyte data warehouses.

"I'm here today to announce Oracle's first-ever hardware product," Ellison told a packed auditorium in San Francisco's Moscone Center. He called the decision to add metal to the company's product line "radical new thinking," and he pointed to the design of his own racing yacht as an example.

Oracle actually first took a stab at the hardware business back in 1996 with a product called The Network Computer (NC). The Internet-only system (no hard disks) failed to capture much of the market, due, it was thought at the time, to slow network speeds, and was scrapped.

One difference this time around: "We're going into the hardware business, but we're not going alone," Ellison said.

HP chief Mark Hurd joined the keynote via video. "We're bringing to market two great things that our companies do best," Hurd said.

Partnering with HP has allowed the company to create servers that aren't "just a bunch of dumb disk drives," Ellison said.

"[We've] put intelligence next to ever disk drive in the storage system," he said. "That intelligence, built into the storage server, allows us to reduce the amount of data that flows across that interconnect between the storage servers and the database servers...We've taken a tremendous burden off the interconnect."

The company will also be relying on bigger data pipes to enhance the performance of the new systems, combining them with InfiniBand networking. Oracle is also exploiting multilevel grid technology to accelerate DBMS performance.

"The disk storage systems that are available today simply can't cope with the amount of data that has to be moved off those disk drives and into the database server," Ellison said. "There's a huge bandwidth problem. To solve that problem, we had to go beyond software."

‘House Bunny’ Stars Katharine McPhee, Emma Stone, Rumer Willis Claim They’re Awkward On The Inside
SQL Server 2008 Hits High Mark, Minus the Competition
Sun Expands Virtualization Portfolio, Partners with Microsoft

Microsoft Takes Stock, and Ballmer Hits the Road

Microsoft has been sending signals to investors this week amidst a U.S. economy teetering on the edge of a major financial meltdown. On Monday, the company described a stock buy-back plan of $40 billion that was approved by Microsoft's board. Companies typically buy back their stock when they have cash reserves and feel their stock may be undervalued.

Microsoft also started a debt financing program -- a "first-ever commercial paper program" of $2 billion, according George Zinn, Microsoft's treasurer. The company plans to use the money for working capital and stock repurchases.

Microsoft got top-grade ratings for its debt, both short-term and long-term, from Standard & Poor's Rating Services and Moody's Investors Service. However, the company's long-term debt got downgraded to an "AA+" by Fitch Ratings, according to an AP story published on Friday. Fitch cited potential challenges to Microsoft's business model, pointing to open source software and Internet cloud-based computing as possible disruptors, as well as potential problems on the regulatory front.

Meanwhile, Microsoft's CEO Steve Ballmer has been hitting the road, speaking at three business-oriented venues in the last couple of days.

On Thursday, Ballmer spoke before an audience at the Santa Clara-based Churchill Club. He joked about the bad financial news running on CNBC, but mostly to suggest that Microsoft expects to weather the current economic storm.

"Our industry is not immune to what goes on in the global economy…but I would say given the current circumstances, people still see a certain buoyancy in the market," Ballmer said. The Churchill Club talk was moderated by Ann Winblad, founder of the Hummer Winblad venture capital firm. She reportedly dated Microsoft's Chairman Bill Gates for five years.

Ballmer added that nobody is really sure just how bad the economic fallout will be.

Currently, the economic horizon seems bad indeed. The U.S. Congress is contemplating a $700 billion U.S. taxpayer-funded bailout plan for Wall Street, based on consequences from the industry's practice of stuffing bad housing debts into securities. Also, Washington Mutual Inc. collapsed. It was the largest savings and loan failure to date. WaMu was bought in an auction by JPMorgan Chase & Co., according to reports on Thursday.

Ballmer told the Churchill Club that Microsoft has shifted its focus more toward digital lifestyle products and software plus services. The company also is enacting its long-term organic growth vision toward the search advertising business in the wake of its failed Yahoo bid. Ballmer explained that Microsoft would "be willing to lose between five and ten percent of our total operating income for several years" to catch up with its search competitors, which include Google and Yahoo.

Microsoft has become a major online advertising player, having sold more than $3 billion in ads per year, Ballmer said.

Microsoft sees virtualization as an untapped opportunity as "less than five percent of all servers are virtualized," Ballmer said. He criticized rival company VMware, suggesting that it was charging three times the cost of a server for its virtualization solution.

Another area of expansion for Microsoft is the smart phone market, where 125 million smart phones have been sold this year, Ballmer said.

Ballmer quibbled with the term "cloud computing," which Winblad suggested was a hot-ticket item. However, when she directly asked Ballmer about Project Red Dog, a supposed Microsoft cloud computing utility, he refused to describe it. Ballmer said that Microsoft would talk more about Red Dog in about six weeks at its Professional Developers Conference in Los Angeles.

One area where Ballmer said "we've got some work to do" was with Web servers. He noted that Microsoft holds about 40 percent of the Web server market, whereas Linux-based systems lead with a 60 percent market share.

Microsoft has been acquiring companies at a constant pace, Ballmer said, at about 20 companies per year. Microsoft typically looks at companies valued at "up to a few $100 million," he added. The Silicon Valley continues to be prime hunting grounds for Microsoft, but noted exceptions, such as recent Microsoft acquisitions in Israel and France.

Ballmer reiterated his message at other events this week.

In Mountain View, Calif. on Thursday, Ballmer told Microsoft Venture Capitalist 2008 attendees a little bit more about Microsoft's software plus services strategy, hinting at a bombshell.

"We'll announce a new operating system, one that runs in the cloud, and has a wide variety of capabilities. That is part of what we'll talk about at our Professional Developers Conference," Ballmer said.

He identified Microsoft's biggest growth opportunity as "the sale of more PCs," saying that it's a $300 million market that is growing at a double-digit rate. "And despite things or including things like the EEE PC and these other kind of low-cost $300, $400 notebooks, the market continues to explode," Ballmer said. China will surpass the United States as the biggest market for buying PCs in two years, he added.

On Friday, Ballmer gave a talk at the Stanford Graduate School of Business, largely about his CEO role. Microsoft now has about 90,000 employees and Ballmer said he has had to rethink his role as the company diversifies its operations.

He runs things now less hands-on, Ballmer said, shaping the activities of "about 300 or 400 people." He said that the No. 1 activity taking up his time is "developing the top talent."

One of the motivating things that Microsoft has been doing is talking with its employees about the company's values and what it is doing. "But we have to talk to our employees these days a little bit about the stock price," Ballmer added.

The company's stock price has been flat for 10 years, which is something typical of large-cap stocks, he said. By explaining stock valuations, Microsoft aims to help its employees get past "a very ineffective day-to-day scorecard" in assessing the worth of the company, Ballmer explained.

What Do ‘Sex And The City’ Stars Want From A Sequel? ‘Lots More Men’
VSLive! NY: A Glimpse of .NET Framework in the Cloud

Virtualization Not as Easy as 1-2-3

Technology executives are turning to virtual systems to lower costs and reduce energy costs, but issues with the technology remain, according to a survey which also found companies struggling with service and power consumption issues.

Technology operations management provider Avocent's survey, conducted by Actionable Research, polled 299 executives and technology managers in the United States in the government, manufacturing, high-technology, retail, banking, health care and education sectors.

Respondents saw virtualization technology as a solution to reducing costs, particularly hardware costs, and saving energy. A majority of respondents have rolled out some level of server virtualization; 33 percent of companies implemented the technology to save energy.

However, respondents found the new technology was not perfect. Of those using virtualization technology, 24 percent have experienced a disappearance of a virtual server from their system, and 18 percent reported having permanently lost a virtual server. Additionally, 45 percent of respondents said they had concerns about the lack of expertise that IT personnel had with virtualization; 44 percent said they were concerned that virtual servers could fail from a component failure in a single physical server.

Monitoring power usage and keeping networks up and running were other challenges for those polled. The survey found that many administrators lack the tools they need to properly manage power usage in data centers, with only 55 percent of respondents saying they are able monitor power usage today, and then mostly at the universal power supply level

Survey respondents said that energy conservation was the most difficult issue to resolve with their current tools, with managing the total cost of power the second most difficult task. Eighty-three percent consider the ability to measure power consumption at the entire data center level as "valuable" or "extremely valuable."

Keeping networks connected is another constant challenge for government technology executives. Thirty-five percent of organizations polled lost mission-critical data due to unplanned downtime.

Microsoft Makes Major Virtualization Splash
Aaron Eckhart Tried To Portray Controversial ‘Towelhead’ Character As A ‘Human Being’
Xen Hypervisor Gets an Update
Have You Found A ‘Flint’? ‘Harry Potter’ Editor On How Fans Shaped The Series

Thursday, September 25, 2008

SQL Server 2008 Hits High Mark, Minus the Competition

Microsoft this week cited top performance results for SQL Server 2008, particularly with regard to the TPC-E benchmark, but there's just one problem -- the test fielded no other database management system competitors.

The nonprofit Transaction Processing Performance Council (TPC) created the TPC-E benchmark to simulate online transaction processing workloads that might typically be found in a brokerage firm. The test enables organizations to better evaluate server performance based on transactions per second measurements. The transactions are executed using three database tables, representing broker data, customer data and market data, according to TPC literature.

To date, Microsoft is the only vendor to test its database management server using the TPC-E benchmark. As noted by Windows IT Pro blogger Michael Otey, IBM and Oracle currently use the earlier TPC-C benchmark for their database management systems. Microsoft abandoned that benchmark in favor of TPC-E.

The TPC-E test results drew praise from the Microsoft camp, particularly with regard to scalability.

"SQL Server [2008] is the only data management and business intelligence platform to be proven capable of delivering scalable results on TPC-E, the industry's newest and most challenging online transaction processing benchmark," said Fausto Ibarra, Microsoft's director of product management for SQL Server, in a released statement.

The statement is literally true because other database management systems have yet to be tested via the TPC-E benchmark. Microsoft's announcement also claims that the latest benchmark results ranked SQL Server 2008 first for "price/performance on industry leading hardware" -- another claim that can't be assessed without competitors.

Scalability also has a technical meaning here, as explained by the TPC organization's Web site.

"The benchmark is 'scalable,' meaning that the number of customers defined for the brokerage firm can be varied to represent the workloads of different-size businesses."

The TPC is a vendor-neutral and database-agnostic nonprofit organization that establishes benchmarks for server performance. TPC-E is the newest of four active benchmarks established by the organization.

The TPC-E price-performance benchmark results using Microsoft SQL Server 2008 can be seen here. SQL Server 2008 had its release to manufacture appearance in August.

Mickey Rourke Explains His Preparation For ‘The Wrestler’: ‘I Had Some Demons’
BizTalk Server 2009 To Arrive Before July

Microsoft's Phil Taylor Takes Flight, Going to Intel

Senior Program Manager Phil Taylor announced his departure from Microsoft today on his blog. Taylor, one of Microsoft's top PC graphics programmers, will join chip-maker Intel to help launch a new wave in graphics processing, code-named "Larrabee."

In his message to fellow team members in Microsoft's Flight Simulator community, Taylor wrote, "Sometimes you run across an opportunity that is so big, so cool, that you just have to take it."

Taylor alluded to having served on teams that sprung some important firsts in 3D hardware/software developments. With Larrabee, Taylor expects to join a team preparing to launch what Taylor sees as the "third sea change in PC graphics."

"Larrabee has the potential to not only change the face of PC graphics, but ultimately the shape of the PC architecture as well," Taylor wrote.

Larrabee is a new graphics processing unit (GPU) being developed by Intel. Wikipedia calls it a hybrid that combines multi-core CPU and GPU qualities. It features x86 architecture with SIMD vector units.

A video card with Larrabee is anticipated to compete with Nvidia's GeForce and AMD/ATI's Radeon products. In the highly competitive video game industry, Larrabee is expected to make a splash. According to Intel's SIGGRAPH 2008 paper, Larrabee is likely to run faster than 1 GHz, which should accommodate the most demanding games.

Taylor's last day at Microsoft will be Friday, September 26. He noted that the Larrabee team may be interested in Microsoft's FS11 project and that he may be interacting with his colleagues again in the near future.

Intel's Larrabee is scheduled to be ready by the end of the year, with the first video card hitting the shelves by late 2009.

Former Microsoft Exec Joins BizNet Engineering Team
‘Twilight’ Stars Kristen Stewart, Nikki Reed, Taylor Lautner Get Cagey About Reshoots
NCSA To Build New Supercomputer

Cisco's UC Platform Signals IBM, Microsoft Tussle

Cisco, a company synonymous with telecommunications networks, is flexing its muscles in yet another arena -- unified communications. On Wednesday, the company set the stage for head butts with incumbents IBM and Microsoft by unveiling a UC portfolio for the enterprise.

Cisco, which recently gobbled up hosted e-mail provider PostPath, also partners with Microsoft in the UC market. Microsoft, for its part, has moved into the voice-over-IP space where Cisco is a major competitor.

The market for UC, also known as "collaboration," is valued at $34 billion by some industry sources. UC systems typically combine voice, video, e-mail and other communications technologies into an integrated platform.

Cisco's move is predicated on its newly released UC 7.0 system and the mash-up of its TelePresence and WebEx capabilities into that platform as part of WebEx Connect. The technology combination signals that the equipment vendor is continuing to integrate the 36 companies it bought in the last four years.

Cisco plans to use its potent network and myriad of applications developers and partners to develop solutions and widgets that personalize the UC experience and extend it to integrate business applications, IT infrastructure and Web services. It's an opportunity to secure its corporate customers that already use Cisco switching and routing gear.

The glue that holds together Cisco's new collaboration offering is WebEx Connect. Cisco acquired the technology when it paid $3.2 billion for the online meetings specialist company. WebEx Connect is a software-as-a-service platform designed to integrate existing software with on-demand collaboration and business applications.

It's expected that Jabber, which Cisco recently acquired, will also play a role in the new UC. Jabber software lets rival free instant messaging services users not only interact with each other but also send messages to commercial-grade services such as Microsoft's Office Communications Server.

Another potential piece of the pie -- although this is farther off in the future -- is a linkage between Cisco's TelePresence and its Scientific-Atlanta group. Scientific-Atlanta builds cable boxes, but one could envision some further use for that technology within the enterprise.

The Cisco offering will directly compete with Microsoft's Windows-based SharePoint collaboration.

‘The House Bunny’: Butterflies, By Kurt Loder
PostPath Deal Adds to Cisco-Microsoft UC Fight

Serena Acquisition Takes Aim at Microsoft Project

Serena Software acquired Projity on Wednesday and is promoting that company's software as an open source alternative to Microsoft Project.

The acquisition adds two solutions to Serena's enterprise-grade project and portfolio management (PPM) product line. The solutions include Projity's OpenProj open source desktop management software and Project-ON-Demand, a subscription-based management platform delivered via software as a service.

OpenProj last year had more than 600,000 downloads in 142 countries, according to a Serena news release, demonstrating "considerable market opportunity for an open source alternative to commercial desktop management applications."

Project-ON-Demand is designed for small-to-medium businesses, enabling small group collaborations. It builds on the functionality of OpenProj to eliminate "the complexity of deploying Microsoft Project for large, geographically dispersed teams," the announcement added.

The two open source solutions will be integrated into Serena's Mariner PPM product next year. Projity's open source solutions are still currently available, but they are renamed as "Serena OpenProj" and "Serena Projects On Demand."

Integrated Serena-Projity solutions are expected to become available in the first quarter of 2009.

Former Microsoft Exec Joins BizNet Engineering Team
Sun Expands Virtualization Portfolio, Partners with Microsoft
Charlize Theron Wonders Why ‘The Hills’ Is A Hit, Raves About ‘Riding The Will Smith Train’

MSPAlliance, Microsoft To Work Together

The International Association of Managed Service Providers (MSPAlliance) and Microsoft today said they are joining forces to better educate and certify companies using Microsoft IT management tools.

Charles Weaver, president of the MSPAlliance, described the relationship with Microsoft as a kind of "reciprocal recognition" -- for the MSPAlliance's Managed Services Accreditation exam and Microsoft's IT infrastructure certification.

"When a company takes our exam and specifies they have achieved Microsoft IT certification, they will receive credit for that, whereas today they do not," Weaver explained. "Conversely, Microsoft is promoting the Managed Services Accreditation exam to their partners worldwide…a big win for us."

The managed services space is expanding, especially as the economy contracts and enterprises and corporations shrink in-house IT departments. Microsoft is "certainly paying more than lip service to the concept of managed IT services" so the relationship with the MSPAlliance is delivering a "resounding and pro-channel message," Weaver said.

With 7,000 worldwide members, the MSPAlliance has developed a certification and accreditation standard for a variety of players who are "getting into the technology sector with the express purpose of delivering some sort of managed IT service," he continued. Among those players will be companies that use Microsoft's expanding managed services platforms.

"They're [Microsoft] taking a very hands-on approach to this relationship in terms of getting the news out to their partners," Weaver said.

The MSPAlliance is a trade organization open to employees of managed IT service provider companies, and more information is available here.

Dynamics CRM Online Users Get Ad Tracking

Windows 7 Bits To Be Released at PDC'08

Microsoft hopes to draw crowds to its upcoming Professional Developers Conference by making Windows 7 bits available to the public attending the event. The venue will be the staging ground for the first public release of the new operating system.

Microsoft plans to provide a "pre-beta copy of Windows 7" at the Los Angeles-based event, which will be held on Oct. 27 to 30. The copy can be installed and tested on your PC, according to Microsoft's announcement.

The company's latest operating system has so far been kept closely under wraps, although a private group of testers has been checking out build versions of it. Veteran Microsoft watcher Mary-Jo Foley, citing leaked information, has identified one of the builds as "M3" or "Milestone 3."

One Microsoft blogger suggested that "mostly faked Photoshop renderings" of Windows 7 have been circulating so far.

PDC attendees will get a 160 GB portable USB2 drive with the Windows 7 pre-beta on it, along with software development kits and other Microsoft materials. Microsoft also plans to have compatibility labs at the PDC so that attendees can test their applications by running them on the new OS.

Panel sessions on Windows 7 have been increased to about 21 so far at the PDC. The other venue where Windows 7 will figure prominently is Microsoft's WinHEC event, to be held in Los Angeles on Nov. 5 to 7.

The actual beta release of the operating system is unclear. Foley's sources tell her that Windows 7 Beta 1 "is due in December 2008" with the final release expected in the second half of 2009.

Microsoft's "software plus services" concept will be the other major theme at the PDC event. The concept, which envisions a software world that combines Internet cloud-based services with installed software, has been much discussed by Microsoft officials, but the PDC will be its "coming out party," according to Gianpaolo Carraro, Microsoft's director of SaaS architecture.

Microsoft plans to launch "a comprehensive service platform" for its software plus services vision at the event, according to Mike Swanson, the PDC 2008 content owner.

Microsoft will have one edge in ushering in this software plus services world, and it's associated with how supplementary programs will be offered with Windows 7.

For instance, unlike earlier Microsoft operating system releases, Windows 7 will lack e-mail, movie making and photo-editing programs, according to Microsoft officials cited by CNET's Ina Fried. Instead, those programs will be offered as services. They will be available as free downloads through Windows Live, Microsoft's services portal.

More Windows 7 Leaks Sprout
Private Tests of Windows 7 Lead to Release Rumors

Tuesday, September 23, 2008

Cloud Computing Leaving Relational Databases Behind

One thing you won't find underlying a cloud computing initiative is a relational database. And this is no accident: Relational databases are ill-suited for use within cloud computing environments, argued Geir Magnusson, vice president of engineering at 10Gen, an on-demand platform servicer provider.

Magnusson, who also helped write the Apache Geronimo application server software, spoke at the O'Reilly Web 2.0 conference, being held this week in New York.

"Cloud computing is different kind of technology," he said. "It is different enough it will change how we do things as developers. We will have to re-examine how we build things."

During his talk, Magnusson listed a number of new databases created specifically to work in a cloud computing environment. They include Google's Bigtable, Amazon's SimpleDB, 10Gen's own Mongo, AppJet's AppJet database and the Oracle open-source BerkelyDB.

None of these databases, Magnusson pointed out, are relational ones (He did point out one notable exception, a version MySQL tweaked for Web environments, called Drizzle.

These databases all have characteristics that make them uniquely suited to serving cloud computing-styled applications. Most of these databases can be run in distributed environments -- meaning that they can be spread out over multiple servers in multiple locations. None of them are transactional in nature. And they all sacrifice some advanced querying capability for faster performance. (In many cases, these databases can be queried using object calls, rather than SQL queries, which programmers are far more comfortable working with anyway.)

Although very large relational databases, such as those offered by Oracle, have been implemented in data centers, cloud computing requires a different kind of setup to operate to its full potential. It necessitates that the database material be spread across different locations -- hence the name cloud computing. Executing complex queries across vast geographic distances can slow response time; moreover, it is difficult to design and maintain an architecture to replicate relational data across different locations and keep that data in sync if one location goes down.

"The scale out of [cloud] architectures have properties that are different from the ones we work on," he said. As a result, in cloud environments, "no one is doing relational. Data is being targeted in a clustered fashion," he said.

Magnusson's view was echoed by another speaker at the Web 2.0 conference, Alex Iskold of AdaptiveBlue, a consumer-oriented company that offers a browser plug-in featuring personalized recommendations based on a user's history, using semantic tags and Web services. The company built the service on Amazon's hosted platform services, including SimpleDB. Iskold noted that such a service would not scale up to widespread use if AdaptiveBlue used a relational database for the job.

‘Mean Girls,’ ‘Naked Gun’ Sequels Will Prove Direct-To-DVD Movies Aren’t Automatically Bad, Exec Insists
VSLive! NY: A Glimpse of .NET Framework in the Cloud
‘Harry Potter’-Inspired Wizard-Rock Movement Captured On Film For ‘Rockumentary’
Troubles in Terrorist Database

VMware Launches vClient, Aims To Create Desktops That Follow Users Anywhere

In an announcement at VMworld last week, VMware unveiled plans to deliver a portfolio of solutions intended to turn virtualized desktops into "universal clients." The initiative, dubbed vClient, begins with a series of products called VMware View.

VMware View extends the company's current Virtual Desktop Infrastructure (VDI) to include both server- and client-hosted virtual desktops, allowing them to run on any laptop or desktop computer, and giving users a "single view" of their computing environment. The solution is intended to provide organizations greater flexibility, as well as enhanced security when managing virtual environments.

"The desktop of the future will not be a single device like a laptop or a thin client -- it will be all the richness and personalization of their desktop experience accessible from any location," said Paul Maritz, president and chief executive officer of VMware, in a prepared statement. "Users want a desktop that follows them wherever they go while IT wants to manage those environments securely, cost-effectively and more easily than they do today. VMware is addressing both ends of the spectrum with our vClient Initiative and our new VMware View product portfolio will satisfy both stakeholders' priorities."

Some of the technologies that make up VMware View include client virtualization, allowing for the efficient management and administration of user devices and applications; VMware View Composer, providing image management that helps to reduce storage needs while at the same time decreasing provisioning time; and Offline Desktop, allowing users to access their server-hosted desktop from their local machine.

Products included in the vClient initiative will be introduced beginning in 2009.

‘Twilight’ Tuesday: Robert Pattinson, Kristen Stewart And Taylor Lautner Will Present At The VMAs
VMworld Preview: VMware’s Vision of Virtualization as the OS

U.S. Tops List as Source for Botnet Attacks

The United States was the top source of distributed attack traffic, originating nearly three times as many attacks as second-place China, according to a recent study by security service provider SecureWorks Inc.

The figures are based on identified attacks attempted against the company's 2,000 customers so far in 2008. The bad guys launching the attacks were not always based in this country, but they used compromised computers in the United States to form botnets as platforms for the attacks.

According to SecureWorks, 20.6 million attacks originated from U.S. computers and 7.7 million from Chinese computers.

"It clearly shows that the United States and China have a lot of vulnerable computers that have been compromised and are being used as bots to launch cyberattacks," said Hunter King, a security researcher at SecureWorks. "This should be a warning to organizations and personal computer users that not only are they putting their own computers and networks at risk by not securing them, they are providing these cybercriminals with a platform from which to compromise other computers."

The rest of the top 10 sources of attack traffic were:

South Korea with 162,289 attempted attacks.Poland with 153,205.Japan with 142,346.Russia with 130,572.Taiwan with 124,997.Germany with 110,493.Canada with 107,483.Brazil with 16,987. The vulnerabilities exploited to compromise botnet computers do not necessarily have anything to do with the attacks launched from them. Once compromised, computers can be updated with malicious code and instructions for sending spam or other attack traffic.

Because the attacks can make use of address lists on compromised computers, malicious code can appear to come from trusted sources, which makes it difficult to screen e-mail traffic by address. Computers can also be compromised by malicious code hosted on legitimate Web sites and in third-party applications.

The ability of botnet activities to cross national borders complicates the job of blocking hostile traffic, said Don Jackson, director of threat intelligence at SecureWorks.

"The Georgia/Russia cyber conflict was a perfect example of this," Jackson said. "Many of the Georgian [information technology] staff members thought that by blocking Russian IP addresses they would be able to protect their networks. However, many of the Russian attacks were actually launched from IP addresses in Turkey and the United States, so consequently they were hit hard."

Hacking patterns in China appear to differ from those in other countries, Jackson said. Although hackers still assemble distributed networks of computers, they tend to use entire networks they control with the help of insiders at schools, data centers and companies. But the technique of wholesale compromise is not unique to China, he added. "We also see many local hacker groups in Japan and Poland compromise hosts within their own country to use in cyberattacks, so the Chinese hackers are not alone in using resources within their own borders."

In addition to keeping up-to-date with security protocols, administrators can seek protection by using security services that block traffic from known or suspected malicious sources. They can also monitor outgoing network traffic to detect suspicious activity from computers that have been compromised.

SQL Injection Attack Hits BusinessWeek Site
‘Lakeview Terrace’ Reigns Over Slow Box-Office Weekend

Monday, September 22, 2008

Small Increase Predicted in Demand for IT Workers

The latest news on the IT hiring outlook is something of a mixed bag.

U.S. firms expect to add IT personnel over the next quarter, but few are contemplating aggressive expansions. Instead, the hiring outlook seems subdued. Companies are taking a wait-and-see attitude, according to IT staffing specialist Robert Half Technology, which surveys more than 1,400 North American CIOs every quarter to get a feel for their hiring plans.

It isn't as if IT organizations aren't hiring, of course. Eleven percent of shops plan to add IT staff over the coming quarter, and just 3 percent anticipate making cuts. However, the net hiring increase (8 percent) is a drop from the previous quarter, when Robert Half projected an uptick of 10 percent. For the second quarter of 2008, the company anticipated a net hiring increase of 12 percent, and a 10 percent increase for Q1.

Robert Half's Q4 tally clearly reflects a cooling-off period.

"Companies are being judicious with their hiring plans, evaluating economic conditions and business demands before adding full-time IT staff," said Katherine Spencer Lee, executive director of Robert Half Technology, in a statement.

The Robert Half survey is the latest in a series of mixed reports from market watchers. A recent survey from research giant Gartner Inc. concluded that IT organizations are becoming more cautious on the hiring tip, hedging their bets in case of potential budget cuts.

The Gartner survey cited a year-over-year decline in the number of organizations that expect to hire additional IT personnel. Firms are still hiring, Gartner stressed -- but not as aggressively as they have in the past.

According to Robert Half, IT organizations that do plan to add staff are primarily looking to fill positions in specific areas. "Organizations are directing recruitment efforts toward professionals who can provide essential services -- such as help desk and networking -- and support the launch of Web 2.0 based functionality," Spencer Lee said.

In the past, IT chiefs were most likely to cite business growth as a primary driver for increased hiring. In this report, however, a plurality of CIOs (25 percent) cited customer service or end user support as the main reasons they expect to add IT staff in the coming quarter.

It's the first time since the firm began asking the question 22 quarters ago that business growth didn't top the list. To be sure, 23 percent of IT chiefs did cite business growth as a key driver, which was good enough for the No. 2 spot on the list. Still another indicator of growth -- enterprise-wide application development or deployment efforts -- placed third on the list of most important drivers, cited by just over one-fifth of respondents.

Where the Jobs Are
If you're an IT pro looking for employment, the Middle Atlantic region might be your best bet. Sixteen percent of IT chiefs in that region plan to add IT personnel, while just 1 percent anticipate cutbacks. A Midwest region that includes Illinois, Indiana, Wisconsin and Michigan was second, with a net hiring increase of 13.

"Tier-1 help desk professionals are in strong demand in the Middle Atlantic states, as well as individuals with .NET development and Java 2 Enterprise Edition skills," Spencer Lee said. "Companies are quicker to hire IT candidates in this region, particularly at the entry-to-mid-levels, because these professionals are needed for applications support, Web site development and systems upgrades."

Overall, there's strong demand for IT pros with expertise in network administration. Seventy percent of CIOs cited a need for networking pros, 69 percent of IT chiefs cited demand for IT workers with Windows skills (particularly Windows Server 2000 and 2003) and 69 percent also cited strong demand for desktop support professionals.

Windows Essential Business Server Hits RTM Status
‘Tropic Thunder’ Rolls Over Box-Office Competition For Second Week

Education IT Spending To Top $56 Billion by 2012

In the United States, IT spending in education will reach $47.7 billion by the end of this year and is expected to top $56 billion by 2012, according to a new report from Compass Intelligence, an IT consultancy and market research firm. This growth in education -- both K-12 and higher ed -- is being fueled in particular by expenditures in telecommunications, collaborative technologies and outsourced IT services.

According to the new report, "Education Snapshot: Learning with Technology," the bulk of education IT spending is occurring in higher education -- about 64 percent versus 36 percent in K-12. In 2008, telecommunications accounted for almost $16 billion of total education expenditures, but, according to Compass, this category will be outpaced by outsourced IT services over the next four years.

Stephanie Atkinson, managing partner and principal analyst for Compass Intelligence, said in an e-mail interview, "Most of the spending is in telecommunications and applications. Applications is one of the fastest growing categories. This includes things such as learning content, student-teacher-admin portals, video applications and more." She said that shifts in IT spending in education are being impacted largely by "the younger generation entering into the education workforce, [who] are becoming increasing factors in terms of influencing the decision-making process for IT purchases."

Atkinson also cited virtualization as an important factor impacting IT spending, although virtualization was not quantified in the report. "It is becoming increasingly difficult to manage disparate IT systems, servers and networks," Atkinson said. "Virtualization could be a crucial area to help improve these challenges. With bandwidth and security of IT systems becoming large priorities, virtualization can do nothing but improve IT management for schools and universities."

Another large category for education in general, according to the report, is wireless technology. It's expected to account for $13 billion in education IT spending in 2008, or about 27 percent of the total forecast. More than half of higher education campuses are currently using wireless, and some 35 percent of total K-12 schools are using or are expected to be using wireless by the end of the year. This wireless explosion, in turn, is also fueling spending on security.

Internet and electronic learning tools will account for $9.1 billion in spending in 2008, which the report said is expected to grow to $12.9 billion by 2012.

The report also highlighted mobile computing as a growing category, a trend that's expected to continue for the next three to five years. According to information released by Compass on Thursday, "When asked which mobile and Internet applications Education IT decision-makers plan to roll out within the next six months, collaboration applications ranked the highest."

‘Bangkok Dangerous’ Tops Fizzling End-Of-Summer Box Office
‘Tropic Thunder’ Rolls Over Box-Office Competition For Second Week
Intel Rolls Out Six-Core Xeon 7400 Processors

McAfee To Acquire Secure Computing

McAfee Inc. has agreed to purchase Secure Computing Corp. for about $465 million.

The addition of Secure Computing's products and services will give McAfee a complete network security portfolio covering intrusion prevention, firewall, Web security, e-mail security and data protection, and network access control, company officials said.

Secure Computing, of San Jose, Calif., provides technology solutions that help customers protect their critical Web, e-mail and network assets.

With the acquisition of Secure Computing, which has more than 22,000 customers in 106 countries, McAfee expects to become one of the largest network security players.

After the closing, which is expected in the latter part of the fourth quarter of 2008, Secure Computing's technologies will be incorporated under McAfee's Network Security product business unit.

In August, Santa Clara, Calif.-based McAfee acquired Reconnex Inc., a privately held company in Mountain View, Calif., that specializes in data loss-prevention technology to enterprises, government agencies and educational institutions.

‘Hamlet 2′: The Play’s The Thing, By Kurt Loder
Microsoft To Expand Security Lifecycle Expertise

More Windows 7 Leaks Sprout

Microsoft's strategy for keeping recent builds of its latest operating system tightly under wraps sprang a few holes last week.

On Friday, longtime Microsoft watcher Mary Jo Foley reported that new pictures and videos (here and here) of the "M3" build have been leaked online, to Redmond's chagrin. The images show various Windows 7 functions, including the Start button, calculator and WordPad, plus sticky notes and ribbon functionality.

Foley, who saw a preview of the build last week from an non-official source, said on her All About Microsoft blog that Microsoft won't confirm or deny the legitimacy of the images leaked, nor will it comment directly on any Windows 7 rumors.

Microsoft has said it will reveal much of Windows 7 at its upcoming Professional Developers Conference in late October and/or its Hardware Engineering Conference (subtitled "Windows 7 Unveiled") in early November -- and may, as reported last week, launch an early public beta of Windows 7 at one or both of the shows.

While Microsoft may not be speaking out on the leaks, it appears to be trying to stop them: Foley also reported that Microsoft has attempted to identify the sources of the leaks and -- depending on who is telling the truth -- either some site owners hosting leaks have asked for spots on the beta team/copies of the beta in return for revealing their sources, or Microsoft is offering the beta spots/copies as rewards for those who do.

Read Foley's full report on these leaks here.

Mickey Rourke Explains His Preparation For ‘The Wrestler’: ‘I Had Some Demons’
Microsoft’s HPC 2008 Now Live

Microsoft's HPC 2008 Now Live

Microsoft Corp. announced this morning that the High Performance Clustering (HPC) Server 2008 has been released -- both to manufacturing and the general public.

The software is the next generation of Microsoft's Computer Cluster Server 2003. With its release, Microsoft will be taking on Unix and Linux's significant dominance in the supercomputing market. And it appears to know the challenge it faces.

"Yes, there are a lot of skeptics. The HPC industry uses mostly Linux or Unix servers. To even suggest Windows could be successful in HPC is blasphemy," commented Ryan Waite, Microsoft's Windows HPC Server product unit manager, in a blog post this morning announcing the release. Waite said the group researched exactly what it needed to do to compete, talking with Unix and Linux supercomputer administrators, and focused the product around that feedback.

And while it has yet to be seen how successful Microsoft will be at its run, the company appears to be taking the challenge seriously. Redmond has partnered with Cray Inc. as an OEM for HPC Server 2008 and announced a new line of supercomputers starting at $25,000. And, according to the company, the No. 23 fastest supercomputer in the world, at 68.5 teraflops, is running HPC Server 2008.

In a Q&A posted on Microsoft's Web site today, Vince Mendillo, a director of marketing for Microsoft, said that the company's doesn't just want to compete in the supercomputing market, it also wants to bring supercomputing into the mainstream. "Our goal is to make it a part of mainstream computing, make it available to companies that could previously not afford it, to IT pros who found HPC too daunting to consider and to users who have problems that require supercomputing performance but have never had access to it before," he commented.

According to Microsoft, a free trial download of the final version of HPC Server 2008 will be available today starting at noon Pacific time.




More Windows 7 Leaks Sprout

by Becky Nagel

Microsoft's strategy for keeping recent builds of its latest operating system tightly under wraps sprang a few holes last week.

On Friday, longtime Microsoft watcher Mary Jo Foley reported that new pictures and videos (here and here) of the "M3" build have been leaked online, to Redmond's chagrin. The images show various Windows 7 functions, including the Start button, calculator and WordPad, plus sticky notes and ribbon functionality.

Foley, who saw a preview of the build last week from an non-official source, said on her All About Microsoft blog that Microsoft won't confirm or deny the legitimacy of the images leaked, nor will it comment directly on any Windows 7 rumors.

Microsoft has said it will reveal much of Windows 7 at its upcoming Professional Developers Conference in late October and/or its Hardware Engineering Conference (subtitled "Windows 7 Unveiled") in early November -- and may, as reported last week, launch an early public beta of Windows 7 at one or both of the shows.

While Microsoft may not be speaking out on the leaks, it appears to be trying to stop them: Foley also reported that Microsoft has attempted to identify the sources of the leaks and -- depending on who is telling the truth -- either some site owners hosting leaks have asked for spots on the beta team/copies of the beta in return for revealing their sources, or Microsoft is offering the beta spots/copies as rewards for those who do.

Read Foley's full report on these leaks here.

‘Lakeview Terrace’ Reigns Over Slow Box-Office Weekend
‘Traitor’: Lost In Thought, By Kurt Loder
More Windows 7 Leaks Sprout

IBM and Microsoft Top Tech Brands in Survey

According to international marketing brand firm Interbrand, IBM and Microsoft are No. 2 and No. 3 respectively in its 2008 ranking of the "Best Global Brands."

Both fall behind the No. 1 global brand, Coca-Cola. According to Interbrand, IBM's "brand value" has increased 3 percent over the last year, enough for it to pass Microsoft and take the No. 2 spot that Redmond held in 2007. Even so, Microsoft's brand value grew 1 percent last year, Intebrand said.

Other tech companies to make it into the top 10 in 2008 -- alongside non-tech brands such as GE, Toyota, Microsoft and Disney -- are Nokia (5th), Intel (7th) and Google (10th). According to Interbrand, Google's value grew a whopping 43 percent this year; last year, it came in at No. 20.

According to Interbrand, HP ranks 12th, Cisco 17th and Apple 23rd. BlackBerry was the only new technology brand to make the list this year, debuting at No. 73.

A complete list of Interbrand's rankings can be found here. Methodology information for the study can be found here.

Google’s Chrome Browser Contains Microsoft Code
‘Harry Potter’-Inspired Wizard-Rock Movement Captured On Film For ‘Rockumentary’
‘Mean Girls,’ ‘Naked Gun’ Sequels Will Prove Direct-To-DVD Movies Aren’t Automatically Bad, Exec Insists
Microsoft Starts Windows Ad Campaign, With Nod to Shareholders

Sunday, September 21, 2008

Observers At ZendCon Ponder What's Next For Microsoft and PHP

Despite speculation that Microsoft might make an announcement around its Silverlight runtime environment at this week's fourth annual Zend/PHP Conference and Expo in Santa Clara, Calif., the company's profile was lower than past ZendCon events.

Microsoft would not comment on the rumors, which circulated against the backdrop of Adobe Systems Inc.'s announcement that it is now collaborating with Zend to start delivering content, technology and services to enterprise developers building rich Internet applications (RIAs) using its Flex technology on the client and PHP on the server.

"I wouldn't be shocked to see a Silverlight announcement around PHP in the near term," said Gartner analyst Mark Driver. "Adobe's Flex is a competitor, and Microsoft won't want to sit on the sidelines while they scoop up all the PHP developers."

Bola Rotibi, analyst with Macehiter Ward-Dutton, agrees: "Adobe had to support PHP in Flex," she says. "And so will Microsoft in Silverlight. There are just too many Web developers who use PHP not to."

Driver also believes that a Microsoft-Zend collaboration to bring support for PHP to Microsoft's Dynamic Language Runtime (DLR) would make sense. The DLR adds a set of services designed for dynamic languages to its Common Language Runtime (CLR). Python and Ruby are currently supported.

PHP (PHP Hypertext Preprocessor) is one of the most popular dynamic scripting languages. It continues to grow in popularity; TIOBE Software's Programming Community Index currently ranks PHP ahead of Ruby, Python and Perl, and just behind Visual Basic and C++ on its popularity index.

Microsoft began working with Zend in October 2007 to provide customers with richer functionality and better integration of PHP on Windows. Zend is regarded as a leading supplier of PHP-based software for Web applications deployed on Linux.

Despite its diminished presence at this year's annual ZendCon, the Redmond software maker has been working with Zend to improve compatibility between Windows and the Cupertino, Calif.-based company's PHP distribution, and continues to do so, says Andi Gutmans, Zend's co-founder and co-CTO.

During his conference keynote, Gutmans said that the Microsoft-Zend collaboration was moving forward apace. In fact, he said, the PHP community is currently working to improve the performance of PHP applications running on Windows with a better binary package in the upcoming PHP 5.3 release, which will include the latest Microsoft compilers. He also noted that a growing number of third-party libraries are supporting PHP on Windows.

Still, the Microsoft brand was scarcely in evidence at this year's show. Gartner's Driver sees Microsoft's lower profile at the conference as a wise move, given the anti-Redmond sentiments that tend to pervade open-source events. "There's an extremely vocal minority of people who have a chip on their shoulder when it comes to Microsoft getting involved with open source," he said.

With Microsoft in the open-source mix, the open-source world is not likely to remain unchanged. During his conference-opening keynote, Zend CEO Harold Goldberg suggested that the configuration of the open-source LAMP stack, which currently comprises Linux, Apache, MySQL, and PHP/Python/Perl, might one day include Windows, Microsoft SQL Server, IBM DB2, JavaScript, VMware, and Dojo.

Microsoft wasn't totally absent from ZendCon. Tom Hanrahan, director of the Microsoft Open Source Technology Center, talked up the company's efforts to embrace open source through its Open Source Labs, and in particular, PHP. "We are trying to drive interoperability and integration with open source into the Windows platform by design," he said in the one session hosted by Microsoft.

Driver says Microsoft must take these steps. "Microsoft doesn't want four to five million PHP programmers to assume that there's an inherent advantage to deploying their applications on Linux instead of Windows," he said. "The Zend-Microsoft collaboration is a good, solid strategy for Microsoft and Zend, but it's also good for the PHP community."

Google’s Chrome Browser Contains Microsoft Code
Microsoft and Novell Roll Out Virtualized Linux Solution

Card Use Can Stem ID Theft, Microsoft Says

Microsoft this week released a white paper on identity theft with the aim of starting a "vendor-neutral" discussion on the use of "information cards" as an Internet security solution.

In its call to arms, "Online Identity Theft: Changing the Game" (PDF), Redmond said it wants to advance its "vision" in conjunction with government entities, law enforcement agencies, industry peers and ordinary consumers.

Information cards are generated by software -- they are not physical cards such as credit or ATM cards. Microsoft's white paper considers them to be "an interoperable, neutral framework" and a cost-effective answer to alleviating identity theft. The cards are "a basic tool to reduce online identity theft and increase confidence in e-commerce and other online services," according to the report.

The appeal for collaboration comes as Microsoft is already well into implementing its Windows CardSpace technology. CardSpace is Microsoft's current information card technology. It's a client application for Windows operating systems that stores digital identities.

Some security and IT pros are giving Redmond kudos for reaching out to the larger community and agree that a streamlined framework for personal identifiable information is needed.

"A vendor-neutral plan is essential. Absolute power corrupts absolutely," said Randy Abrams, director of technical education for ESET.

"This is one area that is critical to the future of commerce as it is currently taking shape," Abrams added. "The critical element to look closely at is if the technology can be implemented without also causing unacceptable incursions on privacy. That will be a difficult balancing act to pull off.

Microsoft bolstered its identity security expertise by acquiring Credentica's U-Prove technology this year. U-Prove is said to allow authentication while preserving anonymity. Microsoft is currently integrating U-Prove into CardSpace and other software.

Many authentication technologies exist, and new business PCs are typically including them, according Steven Sprague, president and CEO of Massachusetts-based security software firm Wave Systems Corp.

More than "250 million PCs now have now been delivered to users with hardware to facilitate strong authentication," Sprague estimated.

"Should [information cards] be where Redmond is focusing its security efforts?" Sprague asked. "I'd say yes, the time is now to begin to address the authentication problem at scale. As Microsoft has stated, it is time to turn it on and get everyone to play."

Sprague sees two components to identity security.

"One can think of it as two key pieces: the differentiation between the trustworthiness of fellow users and the identity provider; and second, the question of whether one is truly associated with the data that is provided, and whether that person is properly authorizing its release."

‘Traitor’: Lost In Thought, By Kurt Loder
‘Mean Girls,’ ‘Naked Gun’ Sequels Will Prove Direct-To-DVD Movies Aren’t Automatically Bad, Exec Insists
Windows Security Update Targets Elevation of Privilege Attacks
BitLocker Password Exploit Is ‘Very Unlikely,’ Sisk Says

Saturday, September 20, 2008

Microsoft To Expand Security Lifecycle Expertise

Microsoft is crossing the aisles to see the security process through from start to finish -- not just internally, but for outside software developers too. The company plans to export its Security Development Lifecycle (SDL) process to a greater extent by releasing tools and support to IT pros later this fall, Redmond said this week.

The software giant wants to support developers in building fortified apps, starting at the design and development phase with SDL.

SDL is a "software security assurance process" that has been in place as part of Microsoft's internal architectural policy, going as far back as 2004, explained Steve Lipner, Microsoft's senior director of security engineering strategy for the Trustworthy Computing Group, in a Microsoft-published Q&A.

The SDL methodology, he said, has led to security improvements in flagship products such as Windows Vista and SQL Server. In recent months, hackers have favored attacks on SQL Server solutions via the Internet, although Microsoft has explained the vulnerability as due to insecure Web pages and Web applications.

SDL allows development managers and IT policy-makers to "assess the state of their secure software development practices and to create a vision and road map for reducing customer risk," Lipner explained.

In an effort to broaden its SDL practices, Microsoft is planning a three-pronged rollout, beginning in November.

First, Microsoft plans to make its SDL optimization model (PDF) freely available via a download on MSDN.

Second, if IT pros want to consult security experts, Redmond is forming a "SDL Pro Network," which will be available in November. The network will include trained independent channel partners and Microsoft staff members in the United States and Europe.

Microsoft also generally plans to share its SDL concepts with independent software vendors, partners and customers as a means to achieving security and privacy throughout the "entire computing ecosystem."

Finally, Microsoft plans to release an SDL Threat Modeling Tool 3.0 (PDF) in November. The tool is similar to risk assessment and analysis solutions used to map enterprise IT security.

Microsoft's SDL announcement is part of the company's broader outreach on security. In August at the Black Hat Conference, Microsoft promoted a more collaborative effort on security issues. It also promised for greater transparency during its security patch release cycles.

Microsoft Announces SP-1 for Forefront Client Security

HP's Big EDS Plans Include Big Cuts

HP has completed the acquisition of EDS, an outsourcing innovator; now it's restructuring, with plans to cut jobs, the companies announced on Monday. In order to effectively play in the enterprise IT space, HP aims to cut about 7.5 percent of its workforce. A combined 24,600 employees, half in the United States -- will feel the affects.

HP spent $22 billion to get its hands on EDS to expand its enterprise presence. The company now has "the broadest technology capabilities in the market to meet customer needs today and in the future," said Mark Hurd, HP's chairman-CEO.

Hurd's job is safe, but others won't be so lucky. HP said it would replace the positions over the next three years to create "a global workforce that has the right blend of service delivery capabilities to address the diversity of its markets and customers worldwide."

The goal of the streamlining is to address what HP, in a news release, called "enterprises…facing an explosion of digital content, aging infrastructure and constrained resources" in an environment where CIOs "must rethink their technology environments and choose to manage it themselves, outsource it or receive services through the cloud."

The decision to cut people in a slow economy drew mixed, albeit mostly positive reviews from John Madden, principal analyst at Ovum.

Madden posited that "letting go of people in a slowing economy is never enjoyable for any company [but] what's encouraging is that HP committed to reinvesting integration savings into its workforce…to ensure it has the global footprint it needs, sending an important message to customers concerned about how the reduction will affect their HP/EDS contracts."

‘Righteous Kill’: Telltale Signs, By Kurt Loder
Cisco and HP Partner for UC

Windows Essential Business Server Hits RTM Status

Windows Essential Business Server (EBS) was released to manufacturing (RTM) on Monday, with a general availability launch date scheduled by Microsoft for November 12.

EBS is an all-in-one server stack designed to meet the needs of medium-size businesses. The server bundle, available in two editions, can be configured with support from Microsoft's channel partners.

The Standard Edition of EBS includes Windows Server, Exchange, SQL Server, System Center Essentials, Forefront Security for Exchange and Forefront Threat Management Gateway.

Microsoft's Forefront Threat Management Gateway has been released to manufacturing for the very first time with this ESB release. It replaces Microsoft's ISA firewall product and adds "unified threat management" capabilities. For example, the Threat Management Gateway solution provides network edge security that can support a company's headquarters, as well as its branch offices, according to Microsoft's Forefront TMG blog.

EBS was first shipped as a beta in December of 2006. The product has undergone testing that went "well beyond the typical betas," according to Microsoft's announcement. Customer advisory groups provided a laundry list of likes and dislikes. In addition, the ESB beta project got advice from Microsoft's "most valuable professionals" and top VARs.

The EBS RTM will help bring resources to medium-size organizations with few or no IT support staff. The product is designed to have "baked-in" best practices and enterprise-grade security. It also features fast and easy set-up and migration capabilities, as well as centralized IT administration.

EBS is part of Microsoft's Windows Essential Server Solutions product line, which also includes a small business version. For more information on Windows Essential Business Server, click here.

‘Mean Girls,’ ‘Naked Gun’ Sequels Will Prove Direct-To-DVD Movies Aren’t Automatically Bad, Exec Insists
Small Business Server 2008 Hits Metal
Jada Pinkett Smith Says She Would Play Michelle Obama In A Biopic ‘Any Day’

Thursday, September 18, 2008

Cloud Computing: More Work for Admins

Pundits have widely predicted that cloud computing will minimize -- if not eliminate -- the need for organizations to maintain large IT infrastructures. But Alistair Croll, a principal analyst for consulting coalition BitCurrent, argues that moving to Internet-based Software as a Service (SaaS) offerings, "won't eliminate work [but will] just change the work," for IT administrators.

The administrator's job will "move from racking and stacking to clicking and dragging," Croll said, during a presentation on SaaS at the Interop conference, being held this week in New York. The job will shift from managing computers to managing computing resources.

Certainly, by moving to a SaaS offering to handle some IT functions, an organization eliminates the need to buy and maintain servers and software in-house, both of which are normally under the charge of the IT professional. But as cloud computing services proliferate within the enterprise, additional duties will also pop up on the administrator's to-do list, Croll said.

Croll based his reasoning on what he called the law of unintended consequences. He likened the emergence of SaaS to that of the rise of home appliances in the early part of last century. Despite the advent of modern conveniences such as irons and washing machines, we spend about the same amount of work toiling within the home as we ever did.

"The amount of hours of housework per week has almost not changed at all, from 1914 to 1965," Croll said. "Wasn't this stuff supposed to save us time?"

But as conveniences made individual chores easier, the number of chores and the degree to which chores are being done changed dramatically.

"I think we will see a very similar change when we get to cloud computing. We will have these unforeseen consequences, things we didn't realize will happen," he said. "They'll probably keep us just as busy as we were before."

What sort of new duties will administrators be tasked with?

One major set of duties will be simply managing all the SaaS services that an organization will be using. "We will put together lots and lots of tools to manage the offerings," Croll said.

Croll's own firm, BitCurrent, only has less than 10 employees, and yet it uses more than 20 SaaS offerings, such as Wordpress, FeedBurner, Google Analytics and eBay's PayPal. All of the services an organization uses will need to be measured against performance metrics, to ensure the organization is getting its money's worth. And the performance will also need to be checked against the billing, especially with the pay-as-you-go payment methods.

Another duty will be security. For instance, one of the biggest shortcomings of cloud computing is a lack of any sort of standard for single sign-on. So when an employee quits, the administrator needs to make sure all the appropriate accounts at all the SaaS outlets are closed.

Data management will be yet another duty. The organization will need to make sure that its data remains independent from the SaaS provider, so the organization could move it to a competing SaaS provider if necessary. If the organization's data is not easily moved off the service, then the provider can charge more for that service, in effect holding the organization's data for ransom.

Report Outlines SMB SaaS Strategies for Vendors
‘Twilight’ Tuesday: Robert Pattinson, Kristen Stewart And Taylor Lautner Will Present At The VMAs
‘Tropic Thunder’ Leads Box Office For Third Week, While ‘Dark Knight’ Tops $500 Million