IT-Code-News: IT News HeadLines (InfoWorld) 21/01/2009

New paint promises high-speed Wi-Fi shielding

IT managers should start familiarising themselves with a new security tool, the paint brush, as Japanese researchers have come up with a paint that they say will block high-speed wireless signals, giving businesses a cheap option to protect their wireless networks.

The problem of securing wireless networks has been an issue for a while now. Wi-Fi LANs with no encryption or running the obsolete WEP system, run the risk of having hackers outside the building eavesdrop on wireless LAN traffic, or simply stealing bandwidth. However, there are a number of solutions, besides encryption, for companies wishing to secure their networks.

[ Keep up on the latest networking news with our Networking Report newsletter. And discover the top-rated IT products as rated by the InfoWorld Test Center. ]

For example, Meru Networks said last year that it was using Wi-Fi signals to "cloak" wireless LANs and make it impossible for hackers to decipher them outside the office building. Other methods include putting energy-efficient windows in buildings, physically blocking radio signals or even turning a building or office into a 'Faraday Cage' using mesh metal. However these options tend to be expensive.

But now, according to a report in the New Scientist, paint can be used to secure high-speed wireless networks. This is nothing new though, as RF-blocking paints have been available for a number of years now. Indeed, EM-SEC Technologies successfully tested its own RF-blocking paint back in March 2007 to shield wireless devices and other electronic equipment within a building.

But what the New Scientist is reporting is that existing technologies are becoming increasingly obsolete as companies are now using new, higher frequencies to send data. For example, the best wave absorbers commercially available today are only effective up to around 50GHz, whereas the latest wireless communications tend to use electromagnetic waves with a frequency of over 100GHz plus. The Japanese researchers say they now have a paint that can block the higher frequencies.

So how does this new blocking paint actually work? Well, electromagnetic (EM) waves can only be blocked when a material's magnetic field resonates at the same frequency as the wave. The New Scientist says that wave absorbers are usually made from iron-rich oxides, but higher-frequency transmissions outstrip the power of iron to absorb electromagnetic waves. This is because the standard oxide coating has a maximum resonance frequency that is outstripped at 48GHz.

But Shin-ichi Ohkoshi's team at the University of Tokyo in Japan has now identified a new aluminium-iron oxide able to block waves with a frequency almost four times higher. They used a sensitive magnetometer (a scientific instrument used to measure the strength and/or direction of a magnetic field) to confirm that a powder of the new oxide can absorb EM waves of up to 182GHz at room temperature.

According to the researchers, the composition of the new material somehow distorts the bonds between iron and oxygen from their usual shape, which they believe explains the material's magnetic properties. They feel that further study, would lead to identifying new metal oxides that can absorb EM waves at even higher frequencies.

And it seems that the cost of this paint will not stretch IT budgets, as aluminium and iron are abundant materials and therefore the paint will be cheap to make.

"We collaborated with DOWA Electronics, a Japanese industrial company [to make a 100-kilogram sample order]," Ohkoshi is reported as saying. "The manufacturing cost is very cheap, around £10 ($14) per kg."

Techworld is an InfoWorld affiliate.

Google shuts off antiphishing feature in Firefox 2.0

Google planned to turn off an antiphishing service used by Firefox 2.0 Monday, a Mozilla executive said Tuesday.

Although the two most-recent builds of Firefox 2.0, labeled 2.0.0.19 and 2.0.0.20, have omitted the defense, earlier editions of the browser were still able to query Google for a list of sites suspected of hosting identity theft scams. But Google is now shutting down the blacklist, said Mike Beltzner , the director of Firefox.

[ Discover the top-rated IT products as rated by InfoWorld's 2009 Technology of the Year Awards. ]

"If you're using a previous version of Firefox 2, even though the feature is enabled in your browser, as of January 20 no new data will be sent to your computer," Beltzner said in a post to the Mozilla developer center blog Monday.

Mozilla had warned users last month that Firefox 2.0, which was slated to be dropped from support, would soon lack antiphishing protection because Google wanted to discontinue the obsolete blacklist protocol that served the aged browser.

Google and Mozilla had worked together to update the protocol, first to SafeBrowsing v2.1 in late 2007, and then to SafeBrowsing v2.2 last year. In December, Mozilla urged people still running Firefox 2.0 to upgrade to the newer Firefox 3.0, which includes a working antiphishing feature.

Beltzner repeated that advice Monday. "If you're running Firefox 2.0.0.20, you can select 'Check for Updates' in the Help menu to receive an update right now," he said in another blog entry.

Mozilla has made three separate upgrade offers to Firefox 2.0 users since August, the most recent on Jan. 8. In notes published last week, however, Mozilla said that the uptake on the offer had not been "very good."

Users running versions older than Firefox 2.0.0.20 can download Firefox 3.0 from Mozilla's site .

If users can't or do not want to upgrade to Firefox 3.0, Beltzner recommended that they disable the setting "Tell me if the site I'm visiting is a suspected forgery" in the Security preferences section of Firefox 2.0's Options dialog box.

Computerworld is an InfoWorld affiliate.

Google kills Print Ads program

Google continues to trim off its underperforming services , this time cutting one that had been met with skepticism when it launched but nevertheless garnered some support.

On Tuesday, the search giant announced it would close its Print Ads service. The program launched in 2006 and was met with raised eyebrows because it meant Google, an online specialist, would be venturing into print. Print Ads allowed anyone with a Google AdWords account to buy advertising in the print editions of any newspaper that joined the program. AdWords is Google's online advertising platform.

[ Keep up on the latest tech news headlines at InfoWorld News, or subscribe to the Today's Headlines newsletter. ]

While Print Ads started out with 50 newspaper partners, it now has more than 800, Google said.

Despite attracting those newspapers, many of which are desperate to find new ways to generate revenue, Print Ads apparently hasn't performed well. "While we hoped that Print Ads would create a new revenue stream for newspapers and produce more relevant advertising for consumers, the product has not created the impact that we -- or our partners -- wanted," Spencer Spinnell, director of Google Print Ads, wrote in a blog post announcing the closure of the service.

Google plans to shut down the service on Feb. 28.

Spinnell said that a team at Google will continue to investigate new ways to help newspaper companies. That's despite the company's sometimes-uneasy relationship with the publishing industry. Some publishers, particularly in Europe, have accused Google of copyright theft for displaying snippets of their content on sites like Google News without permission.

Google was building new features for Print Ads as recently as October, when it added an image gallery where users could find free photos to incorporate in their ads. But over the past several months, the bulk of the announcements on Google's "Let's Take it Offline" blog have been about new features in Google's TV and audio advertising services, with little mention of Print Ads.

Shutting down Print Ads appears to be part of the house cleaning that Google admitted to last week, when it announced it would close several other services including Google Video, Jaiku, Mashup Editor, Dodgeball, Catalog Search, and Google Notebook.

"In the last few months we've been taking a long, hard look at all the things we are doing to ensure we are investing our resources in the projects that will have the biggest impact for our users and partners," Spinnell wrote in Tuesday's post. "By moving resources away from projects that aren't having the impact we want, we can refocus our efforts on those that will delight millions of users."

Despite Google's successes in recent years, the services closures show that it too is not immune to the economic meltdown. It also recently laid off 100 recruiters and consolidated some engineering offices.

Citrix, Intel developing 'bare metal' desktop hypervisor

Citrix Systems is working with Intel to develop a "bare metal" hypervisor for client PCs, which proponents say could broaden the use of desktop virtualization by overcoming some of the technology's shortcomings.

Citrix plans to deliver the hypervisor in the second half of the year with the first release of a new product code-named Project Independence, which Citrix says will make it easier to create and centrally manage virtual desktop images for PCs used in the workplace.

[ Stay up to date on the latest virtualization developments with InfoWorld's Virtualization Report blog and newsletter. ]

A bare metal hypervisor should improve on today's desktop virtualization by providing better security, because the hypervisor runs independently of the client OS, and better performance for end users, because it allows applications to run on the local client instead of a remote server, the companies said.

"What this product will do at a high level is address some of the core challenges and core barriers that have kept client virtualization solutions and usage models from being broadly adopted in the past," said Gregory Bryant, a vice president and general manager at Intel, during a conference call for press and analysts on Friday.

The hypervisor is the layer of software that manages interaction between a virtual machine and the underlying hardware. Most products for the client today are "Type 2" hypervisors, which are installed on a PC's host OS. Type 1 hypervisors are installed with the firmware beneath the OS, directly on the computer's "bare metal."

The new hypervisor should help Citrix keep pace with VMware, which announced its own Type 1 hypervisor at the VMworld conference last October. VMware's product is also due in the second half of this year, a spokeswoman said.

Virtualization has been widely adopted on servers but its use on desktops has been limited. Proponents say it can offer big savings for IT departments because it allows them to create and manage desktop images centrally, instead of on each client individually.

But today's products have drawbacks. In one model, used by XenDesktop and VMware View, desktop images are stored in virtual containers on a server and streamed to end users. That model can create performance issues for end users, since data is constantly shuttled back and forth over a network. It also doesn't allow users to work offline.

Another model, used by VMware ACE, installs the desktop image on a Type 2 hypervisor on the client OS. That provides better performance and the ability to work offline, but critics say security is weaker because it is dependent upon the security of the client OS.

"The Type 2 hypervisor provides no security to stop the host from snooping on what the virtual machine is doing. It can arbitrarily corrupt it and steal data from it," said Ian Pratt, founder of the open-source Xen project and a Citrix vice president.

Bare metal hypervisors aim to combine the best of both worlds. They will also allow companies to install two separate desktop images side by side on a PC, meaning an employee could have one environment for work use and another for personal use, said Andi Mann, a research director with Enterprise Management Associates, in Boulder, Colorado.

"It really enables this fundamental and clear separation of the corporate and the personal, and that's very significant," he said. "From a usability point of view it makes my personal desktop environment really my own, and from the corporate standpoint it allows them to lock down their desktop. So it satisfies both parties' desires."

Citrix said its Project Independence product will allow companies to centrally manage one copy of Windows, one copy of each application and one copy of each employee's user data and profile. It will then assemble and deliver those elements as an "on-demand service" to a virtual machine on each user's local machine.

Citrix believes employees will increasingly use the same computer for work and personal use, so having a way to isolate work and personal environments on a PC will be a big benefit, said Calvin Hsu, director of product marketing for Citrix's desktop delivery group.

Used with XenApp and other Citrix products, Project Independence will also be able to automate data back-up and recovery, as changes to the "virtual desktops" on local machines are synchronized with the data center, the company said.

VMware dominates the server virtualization market, but Citrix may have an advantage on the desktop because it has focussed much of its efforts on application delivery, Mann said. "My feeling is that Citrix is better poised to manage the virtual client environment," he said.

Claims that a Type 1 hypervisor is inherently more secure because it runs independently of the host OS need to be tested, however, Mann said. A skilled hacker could potentially gain access a Type 1 hypervisor from another part of the machine. "We can't tell until we do some penetration tests how secure it really is," he said.

The work with Intel makes use of the virtualization technology in its vPro business-class chipsets. The hypervisor will be able to run on existing Intel PCs that have that technology, and applications will not need to be rewritten to run on the new software, according to Pratt.

The hypervisor will be based on software developed through the open-source Xen Client Initiative announced last year, and Citrix expects to release an open source version of the hypervisor along with its commercial product. It is not discussing pricing yet for Project Independence.

Heartland data breach could be bigger than TJX's

A data breach disclosed Tuesday by Heartland Payment Systems may well displace TJX Companies' January 2007 breach in the record books as the largest ever involving payment data with potentially over 100 million cards being compromised.

Heartland, a N.J.-based provider of credit and debit card processing services said that unknown intruders had broken into its systems sometime last year and planted malicious software to steal card data carried on the company's networks. The company, which is among the largest payment processors in the country, claimed to have discovered the intrusion only last week after being alerted by Visa and MasterCard of suspicious activity.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

The card companies' alerts triggered a subsequent investigation by "several forensic investigators" during which the intrusion was discovered, Robert Baldwin Jr., Heartland's president and CFO, said in the statement. The company said the intrusion may have been the result of a "widespread global cyberfraud operation".

Heartland claimed that no merchant data, cardholder's Social Security numbers, or unencrypted personal identification numbers (PIN), addresses, or telephone numbers were compromised.

As with most data breach notifications, Heartland offered no explanations on when it was first informed of the breach by the card companies, when in 2008 the company had been breached, how long the intruders had remained undetected, or how many cards might have been compromised in the intrusion. A company spokeswoman did not immediately respond to requests for comment.

But given that Heartland processes more than 100 million card transactions per month, it is very possible that the number of compromised credit and debit cards is at least that much, if not more, said Avivah Litan , an analyst with Gartner. "It does look like the biggest ever," Litan said. The TJX breach involved the compromise of over 45 million cards.

It also appears that those behind the breach "made off with the gold" by intercepting and stealing the so-called Track 2 data from the magnetic stripe on the back of cards, which is all that's needed to create counterfeit cards, Litan said.

Dan Clements, president of CardCops , an identity protection service of Affinion Group, said that he has noticed activity in underground chat rooms that suggested a major compromise at a processor such as Heartland.

Typically when a card is stolen, crooks first check to see if the cards are still active by using it for some transaction -- often a very small donation to a charitable organization -- to see if it works. This sort of validity check has increased by nearly 20 percent over the past few months, suggesting a major compromise. But it's not clear yet if it is related to the Heartland breach, Clements said.

The Heartland compromise is the second involving a large payment processor over the past few weeks. One Dec. 23, RBS WorldPay, the payment processing division of The Royal Bank of Scotland Group, announced that its systems had been breached by unknown intruders, resulting in the compromise of personal information belonging to about 1.5 million card holders. The compromised information included the Social Security numbers of 1.1 million individuals using payroll cards, the company said.

The incidents suggest that cybercrooks are increasingly beginning to target payment processors, Litan said. "Attacking a processor is much more serious than attacking a retailer. A processor sits at the nerve center of the payment process,"and processes far more payment card data than any retailer, she said.

"More radical security moves" need to be taken by payments industry as a whole to address the problem, she added. Such incidents show that the security requirements of the Payment Card Industry Data Security Standard (PCI DSS) being pushed by the major card companies is clearly not enough, Litan added.

Computerworld is an InfoWorld affiliate.

Obama inauguration drives record Web usage

The swearing in of U.S. President Barack Obama and the other presidential inauguration activities generated massive Web traffic Tuesday, leading to site slowdowns but not to a general meltdown of the Internet.

With intense and widespread interest in the ceremonies and festivities, especially President Obama's oath of office and inaugural address, millions of people had been expected to tune in online, especially those without TV access while at work.

[ What should Obama's tech strategy be? InfoWorld's Ephraim Schwartz reports on three thought leaders' suggestions for where Obama should spend his tech stimulus. | InfoWorld's Galen Gruman proposes a national tech agenda. | Inspired by Obama's inaugural address InfoWorld's Tom Yager urges IT to take the lead in the recovery. ]

Big media, news, and U.S. government sites streamed events live and prepared special sections for the inauguration, yet some were still caught off-guard and experienced performance problems, mostly between midmorning and 12:30 p.m. U.S. Eastern Time.

Among those experiencing significant slowdowns were the sites of ABC, CBS, Fox Business, the L.A. Times, NBC, National Public Radio, USA Today, and The Wall Street Journal, according to Keynote Systems, an Internet measurement and testing company. Government sites that buckled under the traffic included those of the White House, the U.S. Senate and the National Park Service, according to Keynote. Gomez, another Web performance-tracking company, also noticed a performance problem at the National Public Radio Web site.

"We predicted today would be one of the most, if not the most, significant online streaming event[s]," said Shawn White, Keynote's director of external operations.

"This was an unprecedented online event. I don't think we've ever seen as many viewers go online to watch an event," he added. "It's difficult to prepare for something that's unprecedented."

"On a positive note, I had heard predictions that the Internet would crumble, which didn't happen," White said.

A group of 40 large Web sites that Keynote routinely tracks also saw, on average, a collective slowdown during the swearing-in ceremony and the inaugural address, likely caused by the demand placed on Internet bandwidth by millions of live video streams, White said.

Interest in Tuesday's events was fueled by a combination of factors. President Obama is the country's first African-American president. In addition, he comes into office trailed by widespread hope that he'll fix the country's economic crisis.

This inauguration was the first since online video became a mainstream activity, so it wasn't a surprise that TV networks like CNN and MSNBC, as well as major newspapers like The New York Times and The Washington Post, provided live broadcasts on their sites.

CNN, which began its Web broadcast at 8 a.m., partnered with Facebook to display "status updates" from members of the social-networking site as they reacted to the events. According to Facebook, by 1:15 p.m., 600,000 status updates had been posted on CNN.com Live, with 8,500 hitting at the minute President Obama began his speech.

CNN.com, which will stream live video until the last inaugural ball ends, had, as of 3:30 p.m., generated more than 136 million page views, and its CNN.com Live section had served up more than 21.3 million live video streams globally, setting a new daily streaming record for itself, a spokeswoman said via e-mail. CNN.com Live estimates it served more than 1.3 million concurrent live streams during its peak immediately prior to President Obama’s inaugural address, she said.

Also breaking its own record for live streams was NBC's Hulu.com video site, the company said.

Content delivery specialist Akamai reported delivering record streams and content to its customer sites, such as The New York Times, Viacom and The Wall Street Journal. Akamai delivered a peak of more than 7 million simultaneous streams, most of them live, over its EdgePlatform, at approximately 12:15 p.m., at which time total traffic on its network surpassed more than 2 terabits per second. Akamai’s Net Usage Index for News, a daily Web traffic report of aggregate total visitors per minute to more than 100 news sites, recorded more than 5.4 million visitors per minute at approximately 11:45 a.m.

Other inauguration day sections could be found in Google's YouTube video sharing site and Yahoo's Flickr photo sharing site. The Twitter microblogging service partnered with Al Gore's Internet TV company Current TV to display messages from Twitter members online and on TV during the inauguration.

In addition to video and news articles, sites often provided other features like photo slide shows, interactive maps, opinion polls, reader comment forums and timelines.

Many TV stations and Web sites began tracking President Obama and First Lady Michelle Obama when they emerged at around 8:30 a.m. from Blair House, their temporary Washington, D.C. residence, and headed to a prayer service at a nearby church.

After the one-hour church service, the Obamas were driven to the White House for coffee with now-former President George W. Bush and his wife, Laura Bush. All four arrived at the Capitol for the inauguration ceremony at around 11 a.m.

President Obama was sworn in shortly after noon and wrapped up his speech at around 12:30 p.m. A lunch at the Capitol and a parade to the White House followed, and the festivities will continue into the night.

IBM posts strong Q4 results, no layoffs announced

IBM on Tuesday reported fourth-quarter fiscal 2008 earnings of $3.28 per share, a 17 percent increase year-over-year, but said total revenue for the quarter dropped 6 percent to $27 billion.

Analysts polled by Thomson Reuters had on average predicted earnings of $3.03 per share and $28.15 billion in revenue.

[ Just how severe is the impact of the economy on IT? Find out in "Is tech in more trouble than we think?" And also learn the "Five top spending priorities for hard times." ]

Net income for the fourth quarter was $4.4 billion, a 12 percent increase over 2007. For the full year, IBM posted company records for revenue, with $103.6 billion; pre-tax profit, with $16.7 billion; and earnings per share at $8.93.

The company said it expected earnings per share of at least $9.20 in 2009. Chief Financial Officer Mark Loughridge said he expects the first half of next year to be more difficult than the second. Revenue growth will be relatively flat in the first quarter but then expand, he added.

IBM said the strong dollar contributed to its drop in fourth-quarter 2008 revenue. When adjusted for currency fluctuations, revenue would have fallen 1 percent, the company said.

Software revenue grew 3 percent, but Global Technology Services and Global Business Services fell 4 percent and 5 percent, respectively, an indication that customers are pulling back somewhat on IT projects. However, IBM also reported service engagements worth $17.2 billion, including some 24 deals with a price tag higher than $100 million.

IBM's Systems and Technology division took a significant hit, dropping 20 percent to $5.4 billion, a sign that customers are holding off on hardware purchases. System z mainframe sales fell 6 percent, while System p product revenue grew by 8 percent year-over-year. System Storage revenue dropped 20 percent and revenue from Retail Store Solutions shrank by 28 percent.

Fourth-quarter revenue was weakest in Europe, the Middle East and Africa, where it fell 12 percent. Revenue from the Americas fell 2 percent and Asia-Pacific dropped 1 percent.

IBM said it achieved its results by focusing on improving profit margins and investing in growth markets, although it also benefited from a lower tax rate. Its tax rate was 23.8 percent for the quarter, compared to 28 percent in the same period last year.

The company's press release included no announcement about major layoffs, which have been the subject of rampant rumors in recent weeks.

"Right now we're in wait-and-see mode," said Lee Conrad, national coordinator of the Alliance at IBM/CWA Local 1701, a union that is trying to organize workers at IBM, in an interview prior to the earnings release. "We do know people have been told to look for other jobs."

The union is calling on IBM to take certain measures to avoid layoffs, such as suspending its stock buyback program, eliminating executive positions and cutting executive pay. It also wants IBM to be transparent about where any job cuts are taking place and whether they are being moved offshore.

If it does cut jobs, IBM would be only the latest of its peers in the tech industry to do so as the worldwide economic crisis continues.

Forrester Research recently predicted that global IT spending would drop slightly overall this year, but then rebound in 2010.

Hands-on video guide to Windows 7

Now that Microsoft has made the Windows 7 beta available for public download, many people are trying to figure out what's new and different. And many others not willing to risk their PCs by installing a beta OS are curious, too. (Thinking of installing the beta yourself? Use InfoWorld's free Windows Sentinel applet to see if it's compatible with Windows 7.)

Either way, I've put together 10 video tours of Windows 7, explaining what's added, remove, and changed in 10 areas that business users and IT care about. The short videos are quick lessons on what you can expect when Windows 7 ships later this year or early next year.

[ Find out how Windows 7 trumps Vista | See how Windows 7 beta performs in InfoWorld's benchmark tests. ]

Lesson 1: Installation changes
Lesson 2: New desktop features
Lesson 3: The new Superbar and Aero features
Lesson 4: Application enhancements
Lesson 5: The Action Center and UAC settings
Lesson 6: Display and device improvements
Lesson 7: New networking features
Lesson 8: Control Panel applets
Lesson 9: Notable features for IT admins
Lesson 10: Libraries and searching

Sun's open source Java move gets mixed reviews

In November 2006, Sun Microsystems began making all of its Java technology implementations open source, offering them under the GPL. More than two years later, reactions are mixed as to what exactly has been the impact of this momentous change.

Some, including the chief executive at Eclipse Foundation and Sun's own James Gosling, considered the father of Java, have seen little impact. "That was mostly about community relations," says Gosling, who is CTO of the client software group at Sun. "So far, I think it hasn't had too much [effect]," says Mike Milinkovich, executive director of Eclipse, which was spawned in an IBM-based effort to build Java tools.

[ Sun also has made its Solaris Unix open source, an effort belittled by the Linux Foundation. Is Solaris on its deathbed? ]

But Sun's Jeet Kaul, senior vice president for the Java client group at Sun, sees it differently: "We have gotten a lot of people who have taken up the code and started building solutions with it. So the adoption that we have had, the adoption curve has grown dramatically ever since we did open source," he says. But he could not cite specific adoption figures.

"Sun's revenue for Java has increased ever since we did open source and has increased by double-digit numbers," Kaul says. Opportunities have increased in areas such as support, services, and solutions, and Java revenues will grow in 2009, he adds.

The open sourcing of Java had been sought by parties such as IBM and BEA Systems, which argued that such a move would boost innovation. Sun initially resisted, citing concerns about potential forking of the platform. But the company relented and made the switch, arguing that the open source move would inspire a new phase of developer collaboration and innovation.

Today, open source implementations from Sun include OpenJDK for Java Platform Standard Edition (Java SE), GlassFish for Java Platform Enterprise Edition (Java EE), and Mobile & Embedded Community for Java Platform Micro Edition (Java ME).

Java now more easily bundled with open source tools
Sun urged the open source community to include the GPL-enabled distribution of the Java Development Kit as part of open source repositories commonly included with GNU/Linux distributions. And it has had some success in that effort; for example, OpenJDK ships as part of the Red Hat Fedora Linux variant. Red Hat Enterprise Linux 5.3, unveiled on Tuesday, also features OpenJDK.

Java for Linux had long been available for download, so in a sense it was as accessible as any open source code, says Gosling. But to let open source providers include the Java code in their products required a new licensing agreement at Sun, which took some time to develop. Today, Debian, Red Hat, and Ubuntu are license-compatible with Java and thus can bundle it, he adds. The open source move by Sun has made it much easier to get Java on Linux, concurs Geir Magnusson, Jr., director of the Apache Software Foundation.

Being open source may not have dramatically changed Java usage, but it has made some users happier about Java. "It's not that I picked up Java because it's open source, but that's when I considered it more," says Harald Rudell, a software engineer for Filmsoft. With the source code, Rudell says that all he needs to do is press the F3 key to view the source if there is a problem. "It's a waste of time to use something where you don't have the source code," he adds. "I used to be a C++ programmer, but I think Java is way better now." However, it does take a long time to get problems fixed with Java, Rudell says, unlike Ubuntu, where problems are fixed right away.

Aleksandar Gargenta, a senior consultant at open source training firm Marakana, says having Java open and available makes the Java community stronger. "Personally, I haven't seen much of an impact because it doesn't affect me and what I do. But for the community, I believe that it solidifies the future of Java and basically makes it a more compelling technology," he notes.

Little impact seen on Java development
Despite the broader availability of Java in open source products, Sun's inclusion of the open source community in Java's development has been limited. Kaul says that's because Sun is behind in the logistics of supporting those who want to actively contribute.

Eclipse's Milinkovich says Java remains very much a Sun-driven community. "I honestly haven't seen [Sun's open source move] changing the dynamics of the Java ecosystem," he says.

Milinkovich would like to see more support for the Apache Harmony version of Java. But Sun and Apache have disagreed over terms of a compatibility testing kit for Harmony, with Apache arguing terms of the license for the kit put restrictions on its users.

Rod Johnson, founder of the popular Spring Framework and CEO at SpringSource, says he has not seen much effect on the language part of Java since the open sourcing. "We think that Sun open sourcing Java is a good thing, but we also think with the language itself, Sun was already doing a fairly good job running it."

Sun's initial fears about forking of Java, leading to fragmentation, have not been realized. "Obviously, the community really doesn't want to fork Java," Johnson says. "One of the strengths of Java is it's been very unified, historically," he notes, adding that Sun has done a good job of avoiding incompatibilities.

Where Johnson sees a desire of open source community involvement with Java is not in the language but in the non-Sun open source frameworks, servers, and software that sit on top of the Java platform. For Java itself, "I'm not sure that there's really been that much growth in the community outside Sun," he adds.

"The fact that such a major platform is open-sourced, that fact that most people can grab it and play with it, do what they want with it, I think is very significant," says Patrick Curran, chairman of Java Community Process (JCP), which provides an official means to update Java technology. (Johnson, Magnusson, and Milinkovich are also JCP executive committee members.)

But Curran says he had not seen any change in the technical direction of Java as a result of the open source effort. "What it does change is the way that development is done. It provides much greater access to many more people, but I don't think it necessarily changes the technical direction because -- despite the fact that things are being done in an open source manner -- you still have a core group of people who have a very clear sense of what it is they want to do and where they want to take the platform," he says.

But Curran has noticed lately more Java specification requests (JSRs) to amend Java are being done in an open source manner.

Where should Obama spend his tech stimulus?

Now that the excitement of the inauguration of a new president is over, the anticipation begins, especially in the high-tech community. Why? Because the new administration has promised to stimulate the U.S. economy by spending billions of dollars on high tech.

The question is what kind of projects should money allocated to high tech go to? How is it best spent? For some, such an investment holds great promise. "If we pull this off right, we will build an infrastructure that will make us the world's leader in the 21st century," says John Seely Brown, co-chairman of Deloitte's Center for Edge Innovation and formerly chief scientist at the famed Xerox Palo Alto Research Center. Others are pessimistic that the stimulus money will really make its way into high-tech investments: "It's more apparent how the cement industry will benefit rather than IT," says Ken McGee, a Gartner vice president.

[ What should Obama's tech strategy be? InfoWorld's Galen Gruman proposes a national tech agenda. | Inspired by Obama's inaugural address InfoWorld's Tom Yager urges IT to take the lead in the recovery. ]

InfoWorld asked several thought leaders for their advice to President Obama.

John Seely Brown: Build a collaborative, smart fabric
Brown says the U.S. should not be looking at technologies per se but systems. Any stimulus plan should be about building a smart infrastructure, what he calls a "collaborative fabric" where objects talk to objects, people to people, and yes, even objects to people and vice versa. "My lightbulb should have a conversation with me," he says, so the lights come on when you walk into the room or the lights dim and the blinds open when the sun comes streaming into a room.

To do those kinds of things, says Brown, we must refurbish our 20th century infrastructure so that instead of a bridge collapsing when a key piece breaks, the bridge talks to us and tells us what is worn. Another variation: "Why aren't cars conversing with cars?" Brown asks, so that we don't waste an incredible amount of time sitting stuck in traffic jams.

Essentially, what are now passive objects are remade into smart objects; doing so would require a redesign and a retrofitting of the infrastructure as well. In Brown's view, high tech becomes the tool to fix traditional infrastructure, and as we retool America we reinvest in new industries and new jobs. To make this vision a reality, Brown says someone in the Obama administration -- perhaps the new CTO position as yet to be filled to assemble a unified theory and vision about how the whole is more than the sum of the parts.

In the longer term, Brown says the U.S. needs to create a? "culture of learning." In such a climate, we won't have to go back to college to learn new skills. Instead we will always be learning from each other -- peer-based learning, in other words. The concept of peer-based learning goes beyond mutual education. Brown says: Thanks to collaboration and cloud computing technologies, a $3 million electron microscope can be shared across the Internet.

Ken McGee: Support our services-based economy
Gartner's McGee is skeptical in what he's seen in the stimulus package proposed thus far. For example, in the current stimulus package, $79 billion is allocated for schools, "but that doesn't appear to include an infrastructure of technology," he says. Instead, the money is allocated to only brick-and-mortar improvements.

McGee adds that spending on mass transit improvements and renewable energy -- two other proposed focus areas for the stimulus package -- can't really succeed without the infusion of high technology.

McGee says it doesn't make that much sense to focus stimulus dollars on brick-and-mortar projects. In a services-based economy like ours, tax abatements and tax strategies will have a greater impact on high tech and the economy, he argues, because these strategies can induce people to invest. In the modern world, information -- not roads or buildings -- is the real infrastructure and thus increasing demand for information services is what should be encouraged, he says.

David McQueeney: Focus on broad-use information infrastructure
David McQueeney, IBM Software's CTO for the U.S. government sector and former head of the IBM Research lab in Zurich, recommends that the stimulus plan focus on technologies that touch as many other things as possible, for maximum effect.

He lists the power distribution grid, high-speed networking[es1] infrastructure, and electronic medical records as the modern era's equivalent of the interstate highway system that was created under the Eisenhower administration. That bold move led to the blossoming of manufacturing and jobs over 50 years ago. McQueeney believes a similar approach to information infrastructure projects will have similar broad benefits.

Of course, for the stimulus dollars to really have an impact, they have to be well spent. Thus, the stimulus plan's spending and results must be held as accountable as any IT department's work would be in private industry, says McQueeney. "We need to be able to say the money went in here, it was used for this and got that result." He notes there are plenty of performance measurement systems in private industry that could be used for monitoring the tech stimulus efforts.

McQueeney says that everyone needs to keep in mind what Obama's chief of staff, Rahm Emanuel, recently said: "You never want a serious crisis to go to waste."

Adobe to publish streaming specification

Adobe Systems plans to publish its RTMP (Real-Time Messaging Protocol) specification for high-performance transmission of audio, video, and data between Adobe Flash technologies, the company said Tuesday.

RTMP was developed by Adobe to stream content from Adobe Flash Media Server. The specification will be offered as part of the Adobe-led Open Screen Project, an initiative intended to enable delivery of multi-screen experiences built on a consistent runtime environment based on Flash.

[ For more on the Open Screen Project, see, "Adobe opening up Flash." ]

"We're documenting and opening up the specification just as we have for SWF (Flash file format) and PDF (Portable Document Format) to give the market access," said Jennifer Taylor, director of product management for Flash content creation and delivery at Adobe.

Developers and companies implementing the specification will be able to provide video, audio, and data streaming regardless of device used or where the content is coming from, Adobe said. One example of a potential use would be incorporating it into different devices to stream content from a security camera to a database, Taylor said.

"It's a very efficient protocol in terms of its delivery of data," so it can be expected to be used in many contexts, said Taylor.

The specification is expected to be published on the Adobe Developer Connection Web site in the first half of this year.

RTMP supports the AMF (Action Message Format), SWF, FLV (Flash video). and F4V formats compatible with Adobe Flash Player.

Adobe's RTMP specification documentation, however, will not include Adobe's unique secure measures and the license that accompanies the specification will not allow developers to circumvent these measures. Developers will be able to use their own technological measures to secure content, Adobe said.

"If we were to open up and document them, it would defeat the purpose of the security measure," Taylor said. Doing so would enable hijacking of content from Flash Media Server or any other solutions, she said. "We encourage developers to use RTMP with their own security measures," she stressed.

Battle brewing over next-generation private clouds

Enterprises could make their datacenters more efficient by turning them into private computing clouds -- but the biggest winners could be companies like EMC, Cisco Systems, and Sun Microsystems, which stand to gain a larger share of datacenter spending.

On Sunday, EMC vice president and global marketing CTO Chuck Hollis wrote in his blog about the merits of private clouds, and then on Monday Cisco Systems' Chief Technology Officer Padmasree Warrior addressed reports of an impending datacenter push in a Cisco blog.

[ See also: "Report: Cisco to elbow into server fray" and InfoWorld's cloud computing primer. | Keep up on the latest tech news headlines at InfoWorld News, or subscribe to the Today's Headlines newsletter. ]

EMC (with VMware in tow), Cisco, and a number of other vendors aim to position themselves as the vendor of choice for building next-generation datacenter services, with the intent of grabbing a larger part of datacenter budgets, according to Andrew Butler, vice president at research firm Gartner.

Both Hollis and Warrior wrote of the potential new architectures, virtualization, and automation hold for improving the effectiveness of IT systems.

However, while they hold out the benefits of a private cloud, they will also use this as an opportunity to lock customers into their own solutions, Butler said. The message is that tying yourself to only one vendor will help you achieve the full benefits of a private cloud, according to Butler.

"What you've got are these big system vendors who are increasingly reluctant to share the spoils," he said.

The emergence of private clouds -- which work in the same way as public cloud services, but are run by the enterprises themselves -- will play an important part in this evolution of IT systems, according to Hollis' blog posting.

They have all the advantages of public cloud computing for enterprise IT without the downside, because IT departments retain control of security and legacy applications won't have to be rewritten, Hollis said.

The concept of private clouds is gaining prominence, according to Butler.

Just recently Sun acquired Q-layer. Its NephOS will allow enterprises to create and manage their own private computing clouds by linking facilities operated by different divisions of the enterprise.

So far the nascent private cloud arena has been dominated by smaller companies, including Elastra, 3Tera, Cassatt, and ParaScale.

ParaScale, which develops software for cloud storage clusters, has seen increased interest in private clouds.

Now, especially the larger companies are thinking that they can leverage their scale to provide cloud services to internal customers, instead of placing data and applications in the hands of external parties, said CEO Sajai Krishnan via e-mail.

Warrior doesn't use the term "cloud computing" when describing Cisco's vision of "Unified Computing," but "building a next-generation datacenter that links all resources together in a common architecture" isn't far off from just that scenario. There is a lot of symmetry, according to Butler.

"When you get to Cisco's level of domination, unless there is significant organic growth in the market, it becomes difficult to sustain success, and you have to start looking elsewhere. I think what we have here is a recognition on Cisco's part that it has to influence decision making at a higher order in the data enter," said Butler.

A move deeper into the datacenter will put Cisco on a collision course with some of the traditional hardware vendors, including IBM, Sun, and HP.

Both Warrior and Hollis are vague about upcoming products. EMC has, for example, already got Atmos, a storage product targeted at newer storage clouds, but there is more to the story, said Hollis via e-mail without elaborating.

Warrior didn't go into any detail on upcoming datacenter products, except to say that Cisco is developing them.

Eclipse PHP upgrade tackles object-oriented programming

The Eclipse Foundation is releasing on Wednesday version 2.0 of its Eclipse PDT (PHP Development Tools) project, which adds object-oriented programming and usability features.

PDT is an open-source development tool offering basic code editing capabilities for PHP applications. PHP is a server-side scripting language popular in Web development.

"This project [with the earlier 1.0 release] has seen wide adoption, [with] over 1 million downloads to date," said Roy Ganor, project lead for both PDT and the Zend Studio for Eclipse platform at PHP tool maker Zend Technologies.

[ For more on PHP and other scripting languages, see "Scripting languages spark new programming era." ]

Object-oriented features in version 2.0 include a type hierarchy view for faster code navigation; type and method navigation for searching of code based on type information, and override indicators to visually tag PHP methods that have been overridden.

"Object oriented [programming] in general gives you the ability to have much more modular code," Ganor noted.

Usability enhancements include an indexing and caching engine based on the Eclipse Dynamic Language Toolkit to improve performance of PDT operations, a Mark Occurrences indicator to make it easier to see where an element is referenced, and a more sophisticated Code Assist feature for code completion based on PHP variable types.

Also highlighted is a project management tool to navigate project resources. PDT 2.0 offers better support for capabilities in PHP 5, Ganor said. PDT 2.0 will be downloadable at this Web page.

By providing an environment similar to Eclipse Java Development Tools, Java programmers can use PDT 2.0 to write PHP code in a familiar setting, Eclipse said.

Zend is working on a version of Zend Studio for Eclipse that is based on PDT 2.0, said Ganor. While developers can use the base PDT platform, companies like Zend can offer commercial products based around PDT. Zend does not yet have a release date for its PDT 2.0 product.

This June, the PDT team plans to offer an upgrade to the platform, to be called version 2.1, which will be part of the annual Eclipse technology release train in June. That release train will be called Galileo. The 2.1 release will continue to add object-oriented features as well as features from PHP 5.3, the next major release of PHP, Ganor said. He did not elaborate on what the language features will be.

SAP wants information about Oracle's deal with partner

SAP wants a federal court to make Oracle hand over records of its business arrangement with CedarCrestone, an Alpharetta, Georgia, systems integrator that provides third-party support for Oracle PeopleSoft applications.

The filing was made on Jan. 16 in U.S. District Court-Northern District of California, in connection with the lawsuit Oracle filed against SAP in March 2007 . Oracle charges that SAP's now-shuttered subsidiary TomorrowNow, a provider of third-party support for Oracle's PeopleSoft, JD Edwards, and Siebel applications, illegally downloaded material from Oracle's support systems and used it to woo Oracle customers.

[ Keep up on the latest tech news headlines at InfoWorld News, or subscribe to the Today's Headlines newsletter. ]

SAP has said that TomorrowNow workers were authorized to download materials from Oracle's site on behalf of TomorrowNow customers, but acknowledged some "inappropriate downloads" had occurred. SAP has also said that Oracle's software remained in TomorrowNow's systems and has denied Oracle's allegations of a wider pattern of wrongdoing.

SAP's Jan. 16 filing argues that since "Oracle's partners apparently pay for the right to access Oracle's Software and Support Materials," Oracle's deal with CedarCrestone is "directly relevant" to calculating damages in the suit.

"Moreover, the mere fact that customers have options for support from Oracle partners (rather than obtaining support services directly from Oracle) may prove that customers would have left Oracle to get support elsewhere regardless of the activities of TomorrowNow," the filing adds.

In addition, SAP wants Oracle to provide the terms and conditions by which CedarCrestone can access and use Oracle software and support materials; and "documents sufficient to identify" which Oracle customers CedarCrestone is supporting.

SAP also issued a subpoena to CedarCrestone in November, seeking a range of information on its relationship with Oracle, according to another filing. In a Dec. 8 letter, an attorney for CedarCrestone objected to the subpoena on the grounds it was "overbroad, vague, ambiguous and burdensome," and also requested proprietary and confidential information. The attorney could not immediately be reached for further comment Tuesday.

Oracle and SAP both declined comment Tuesday.

The Jan. 16 filing follows another request by SAP that could bring potentially sensitive information from Oracle into public view. SAP recently asked that Oracle reveal its profit-margin information regarding PeopleSoft and JD Edwards software and support , also saying such information would be relevant to calculating damages.

A settlement conference in the case has been scheduled for Feb. 23, and a trial date is set for February 2010.

IBM could face mainframe antitrust investigation

Florida mainframe manufacturer T3 Technologies has filed a formal complaint against IBM with the European Union's antitrust authority, it said Tuesday. In its complaint, T3 accuses IBM of refusing to sell its mainframe operating system to customers wanting to run it on computers made by T3.

The company wants the Commission to investigate the prices IBM charges for its mainframe systems, saying that European mainframe buyers could save $48 billion over 20 years if there was fair competition in the market

[ Discover the top-rated IT products as rated by InfoWorld's 2009 Technology of the Year Awards. ]

T3's complaint had not reached the Commission by late afternoon European time, said Commission spokesman Jonathan Todd.

However, the Commission on its own initiative is already looking at competition in the mainframe sector, he said.

"It's not a formal investigation," but could become one if the Commission became convinced that there had been market abuses, he said.

IBM was ordered by the U.S. Department of Justice to stop its tying of hardware and software sales in a landmark case half a century ago.

Since then, according to T3, IBM has taken a calculated series of actions to stop companies such as Amdahl, Hitachi, Comparex, PSI, and T3 from selling IBM-compatible mainframes, giving IBM an exclusive lock on the mainframe market.

T3 warned last August that it was preparing to file the complaint with the European Commission's Directorate General of Competition, shortly after IBM acquired Platform Solutions Inc., putting an end to an antitrust case brought by PSI in which T3 had wanted to participate.

That case began in 2006, when IBM sued PSI in the U.S. District Court for the Southern District of New York, alleging patent infringement. PSI countersued in early 2007, accusing IBM of antitrust violations and unfair competition, and T3 asked the court to be allowed to join the case against IBM. PSI withdrew the case after its acquisition by IBM.

U.S. taxpayers too have something to gain from T3's European action, according to the Computer and Communications Industry Association, a lobby group based in Washington, D.C. Many banks and government departments are reliant on mainframes and must pay the price IBM demands, the CCIA said.

The fact that a U.S. company had to go to Europe to seek relief is indicative of the vacuum in U.S. competition law enforcement, the CCIA said. It called on Barack Obama and the incoming U.S. government to direct the U.S. Department of Justice and the U.S. Federal Trade Commission to better protect competition in the mainframe market.

A former IBM partner and mainframe reseller, T3 introduced its own competing IBM-compatible computers, the tServer range, at the low end of the market starting in 2000. It introduced a new family of mainframes, Liberty, in 2006.

T3 now has the backing of Microsoft, which invested an undisclosed sum in the company last November to fund development of new products for mutual customers. Microsoft has had its own share of antitrust conflicts with the Commission, which opened a new investigation last week into the company's practice of bundling its Internet Explorer browser application with its Windows operating system.

Wednesday, January 21, 2009

IT News HeadLines (InfoWorld) 21/01/2009

No comments: