IT-Code-News: IT News HeadLines (InfoWorld) 07/03/2009

Top 10: Win 7 leaks, the U.S. gets a CIO, trade show news

The Demo 09 and Cebit trade shows added a steady stream of news to what already seemed like a busy week in IT -- narrowing the list to 10 stories was tougher than usual. Even allowing for the likelihood that we have a case of early spring fever, the headlines were hopping and for a change the ones that captured our attention did not tend to be related to the recession. There was a key federal appointment, some more blunt talk from Yahoo's new CEO and a warning from the FTC, among other things.

1. Microsoft confirms IE8 kill switch in Windows 7 and Windows 7 leaks continue as new build hits BitTorrent: In what will certainly be considered a key positive feature to some users -- we will refrain from naming names here -- Microsoft confirmed that users will be able to remove Internet Explorer 8 and an expanded list of integrated applications and features from Windows 7. In related news, the second post-beta build of the operating system leaked onto the Web.

[ Video: Catch up on the hottest news from Cebit with the World Tech Update. ]

2. Meet the nation's first CIO: President Barack Obama offered up a surprise this week, naming Vivek Kundra the first federal CIO. Kundra earned high marks as Washington, D.C.'s, CTO, putting the nation's capitol on the map as a leader in government use of technology.

3. Demo 09: Recession weeds out uninspiring start-ups and Cebit 2009 highlights: Demo has become one of the more interesting IT shows in recent years, showcasing emerging technologies, while even a shrunken Cebit remains enormous. Both shows were this week and Network World offered a round up of news from each, complete with a slide show out of Hanover.

4. Yahoo CEO likes Google maps better than Yahoo maps: In the morale-boosting (insert eye-rolling emoticon) news story of the week, Yahoo CEO Carol Bartz said she prefers Google Maps to Yahoo Maps and that Yahoo Maps is not as good as it should be. OK, so that second part is not much of a news flash, but from other comments made by a Yahoo executive at the conference, it does not sound likely that Yahoo is going to improve its maps anytime soon. Bartz also let it be known that she told Microsoft CEO Steve Ballmer that any future negotiations between their companies have to stay confidential. Good luck with that. Although there is reason to believe that Ballmer might just have met his match in Yahoo's blunt new CEO.

5. Linux Foundation moves on training: While developers are being laid off, job postings related to Linux development are up, so the Linux Foundation decided to offer training along those lines. The foundation also announced that it is taking charge of the Linux.com information site.

6. Apple releases new iMacs, Apple releases first Mac Pro update in more than a year, Apple adds dual-band capabilities to AirPort, Time Capsule and MacBook Pro gets small speed boost: As we would expect, Macworld was all over coverage of Apple's new iMacs, the Mac Pro update, additions to other products and the MacBook Pro speed bump. Although Apple fans hang on such news, not all of the reports were rosy as we see in the next entry.

7. Analysts: Mac buyers still pay more than PC buyers for same hardware 'guts': That Macs cost more than PCs is well known (and something that does not seem to much bother Mac enthusiasts), but Computerworld boldly decided to undertake a comparative analysis and found that Macs cost more for what are essentially the same components as in a PC.

8. Facebook redesign may earn thumbs down from ordinary users: Facebook users may want to brace themselves -- the popular social-networking site's forthcoming redesign appears to be more appealing to "social media insiders" than to those who make up Facebook's core. In other words, our cousin in Kansas who just took the Facebook plunge might not be pleased.

9. FTC warns of bogus economic stimulus sites: This should go without saying, but we feel compelled to pass along the warning from the Federal Trade Commission -- Web sites that claim to provide "free" U.S. government grants as part of the economic stimulus bill are not for real. These are bogus sites. Do not send $2 of your hard-earned money to those that require payment in alleged exchange of information about how you too can reap the benefits of the huge influx of federal money meant to goose the economy. Do not give them your personal information. The only things they will stimulate for you are a headache and embarrassment when you realize that you have been had.

10. PC shipments to recover in 2010: IDC revised its 2009 PC shipment forecast to reflect the expectation that the recession is going to worsen. Shipments will be particularly slapped down in the first half of this year, dropping 8 percent, with a full-year dip of 4.5 percent, compared to the 3.8 percent dip IDC predicted last December. On the bright side, shipments will pick up next year.

Tech trade group: Stimulus money is major focus

The No. 1 government goal of trade group TechAmerica in the coming year is assisting federal and state governments in how to wisely spend money from the $787 billion economic stimulus package, officials there said.

TechAmerica, formed from the merger of four other tech trade groups, feels a responsibility to make the tech portions of the stimulus package successful, said CEO Christopher Hansen. The 1,500-member TechAmerica came out of the merger of AeA, the Information Technology Association of America and two other tech trade groups.

[ The Obama administration is planning more changes to the country's IT infrastructure, with the appointment of the nation's first federal CIO, Vivek Kundra | Your source for the latest in government IT news and issues: Subscribe to InfoWorld's Government IT newsletter. ]

The stimulus package, pushed by U.S. President Barack Obama, includes about $50 billion in direct spending by the U.S. government, including $19 billion for health IT projects, $7.2 billion for broadband deployment, and $4.5 billion for smart energy grid projects. TechAmerica is offering its advice to state governments, which much of the money will flow through, on how to most efficiently spend the money, said Roxanne Gould, TechAmerica's senior vice president for state government affairs.

For example, TechAmerica is working with Florida's state government to extend fiber broadband networks to schools currently using dial-up, she said.

While many people watching the stimulus package have called on the government to get the money out as quickly as possible in the hope of creating jobs, TechAmerica has a longer view, Gould said. "Our mantra has really been that, even if used in the next year or two, we really need to focus on using these dollars to benefit our communities for the next decades," she said.

Obama outlined three major policy focuses in a Feb. 24 address to Congress: energy, education, and health care. Even beyond the stimulus package, tech will play a major role in each of those areas, Hansen said.

"There is a confluence of interest between the president and this association in terms of using technology to help this country really get our economy out of the doldrums," Hansen added. "Because of that, we think there is a real [tech industry] responsibility ... for that being successful."

In addition to working on stimulus-package spending, TechAmerica is working to pull together a coalition of companies and trade groups to push for a larger tech and innovation agenda, Hansen said. Among the top priorities in the Innovation Now agenda are pushing green technology and health IT, patent reform, allowing foreign workers to stay in the United States and deploying broadband across the country, he said.

Dynamics users ready to network, solve problems

Next week's Microsoft Convergence conference in New Orleans will likely be light on new product announcements but heavy on talk about how the vendor's ERP and CRM software can help companies adapt to change and save money in challenging economic times.

Dynamics users say those topics are certainly compelling for them -- but the answers they seek may come from each other, not the keynote stage.

[ In more recent Microsoft news, images from its upcoming Kumo search have leaked, and the company is under fire for its H-1B hiring practices in these harsh economic times | Get sage advice on IT careers and management from Bob Lewis in InfoWorld's Advice Line blog and newsletter. ]

"I don't expect any earth-shattering [news] from Microsoft this year, which is fine by me," said Dynamics NAV user Kim Dallefeld, chairman of the NAV User Group and IT director of GSM, LLC of Grand Prairie, Texas, which sells cameras and other equipment for hunters.

"People are really wanting to find other people and hear about the issues they've dealt with," she said. "Sometimes that's how you really find your cost savings. You're kicking it around with someone else, rather than your service provider. It's just nice to run it by somebody else and know you're not on the clock and paying a fee."

A number of Dynamics users groups will be experimenting with a range of social-networking tools at this year's show, said Mike Smith, chairman of the Dynamics GP User Group and CIO of Intelident Solutions, which runs a chain of dental clinics.

The effort will employ Twitter feeds and live blogging, with the goal being to provide a wellspring of best practices, helpful hints other information that can be used later by attendees or those who couldn't make it.

Web 2.0 technologies like Twitter have "become table stakes" among members' everyday lives and so it made sense to introduce it in the context of the user groups and Convergence, he said.

Users like Smith will find ample opportunity to network during the 400 sessions planned for the event.

Scores are devoted to each Dynamics product line, as well as Office and related technologies like SharePoint and Office Communications Server. Others focus on BI and Microsoft's BizTalk Server enterprise service bus.

But Convergence's main speeches and presentations will be heavier on topical matters than hard news, said Craig Dewar, director of marketing, Dynamics.

"There will be some product announcements, but mainly we're focusing on helping customers get more value out of what they're already own," he said.

Customers are no doubt already trying to rein in costs, a reality reflected by the show's expected attendance. About 7,000 people are set to arrive in New Orleans for Convergence, down from Microsoft's original project of 8,500, he said.

CRM customers who make it to the event will hear Microsoft officials lay out guidance and best practices for five different scenarios, such as "better customer service," he said.

The main keynote address by Kirill Tatarinov, corporate vice president of business solutions at Microsoft, will be themed around "dynamic business," Dewar said. "Essentially, the only constant for business is change."

Tatarinov will illustrate how companies can "turn change into opportunity," showing a series of videos about a customer, the American Red Cross.

And a Thursday keynote by Kevin Schofield, general manager in Microsoft Research, will showcase forward-looking technologies in development at Microsoft and how they might end up in business applications over time, according to Dewar, who didn't provide specifics: "I expect that to be incredibly well-received."

Convergence-related events start Monday and run through Friday, with Tatarinov's keynote scheduled for Tuesday morning.

Microsoft: Enterprises will self-host Windows Azure someday

Future versions of Windows Server will enable companies to efficiently manage and provide virtualized applications through the Web just like Microsoft's upcoming platform-as-a-service, Windows Azure, a company executive said this week.

"The innovation in Azure and future versions of Windows Server will be shared, and that code base will continue to cross-pollinate," said Steven Martin, senior director for developer platform product management at Microsoft, in an interview. "The corporate datacenter at some point in time will look like a mini-cloud, partitioned by application workload."

[ Related: Making sense of Windows Azure | Steve Ballmer recently declared that Windows Azure will be ready for general release by the end of the year | Follow the cloud with InfoWorld's Cloud Computing blog ]

First previewed last fall, Windows Azure is Microsoft's foray into bringing Windows Server online as a cloud computing platform. Developers will be able to port or write applications using Microsoft's popular .Net tools and Web standard interfaces such as REST, SOAP and Atom, and host them on Azure, similar to Amazon.com's EC2, Salesforce.com's Force.com, or Google's App Engine.

Azure is expected to be released later this year. Detailed pricing hasn't been released. Microsoft is expected to talk about Azure at its MIX Web development conference in Las Vegas next week.

Conventional hosting entails companies buying or leasing a server from a datacenter operator and running a set number of applications off it. That can be complicated to manage, entail a lot of upfront cost, and be difficult to scale quickly on demand.

Azure, like other newer-generation cloud platforms, enables faster setup and easier scaling, and lets users pay for usage, thus avoiding upfront investment.

"Our goal is to completely hide the complexity of hardware from developers," Martin said.

Martin mentioned several Azure beta testers. One, a company called S3Edge, helps manufacturers recall defective products.

"Ideally, a product doesn't get recalled and they don't need to activate our service," Martin said. "But if it does, they need to be prepared to scale very fast."

An independent software vendor, Epicor Software Corp., is writing the next version of its ERP software so it can be hosted via Azure, Martin said, while another, Micro Focus, is taking Cobol applications off a mainframe and hosting them on Azure (as well as Amazon's EC2) for its customers.

Azure runs on Windows Server 2008 inside Microsoft's datacenters. The fact that Microsoft offers both Windows Server software and the Azure service as part of its "software plus services" strategy, is a plus for companies unsure about committing completely to a cloud infrastructure, Martin said, whether because they think they can run it cheaper or with more agility, or because regulations require them to do so.

"We make it really easy for you to transition back to on-premises without having to completely rewrite your app. You control your own destiny," Martin said. By contrast, "if I'm a startup, it's gotta be in the back of my mind when I look at Amazon.com's 10-K, that 'Gosh, they may want to go back to just selling books.'"

Besides corporations, Web hosting companies may be interested in hosting Azure to make their infrastructure more nimble and efficient. Martin said hosting companies and other application service providers won't get access to Azure before enterprises, though.

Computerworld is an InfoWorld affiliate.

Microsoft confirms IE8 kill switch in Windows 7

Microsoft on Friday confirmed that users will be able to remove Internet Explorer 8 (IE8), as well as several other integrated applications, from Windows 7.

The ability to remove IE8 was revealed by a pair of bloggers on Wednesday after they poked around Windows 7 Build 7048, a post-beta version that has leaked to file-sharing sites on the Web.

[ Getting ready to pick a new browser? Read security reviews of Firefox, Internet Explorer, Google Chrome, and Opera. And for the full Test Center rundown on browser security, see InfoWorld's special report. | Also check out the special report on Microsoft's new OS: Early looks at Windows 7. ]

Yesterday, Mike Nash, vice president of Windows product management, declined to comment on the bloggers' reports. "It's unfortunate that builds leak out," Nash said. "But I can't comment on unreleased products."

On Friday, however, Jack Mayo, a group program manager on the Windows team, acknowledged that Windows 7 will include an expanded list of features and applications that can be switched off.

In an entry to the Engineering Windows 7 blog, Mayo listed the applications that can be switched off, which include: Internet Explorer 8; Fax and Scan; Handwriting recognition; Windows DVD Maker; Windows Gadget Platform; Windows Media Player; Windows Media Center; Windows Search; and XPS Viewer and Services.

He also explained that the files associated with those applications and features are not actually deleted from the hard drive. "If a feature is deselected, it is not available for use," said Mayo. "This means the files (binaries and data) are not loaded by the operating system and not available to users on the computer. These same files are staged so that the features can easily be added back to the running OS without additional media. This staging is important feedback we have received from customers who definitely do not like to dig up the installation DVD."

Furthermore, said Mayo, the APIs related to those features are still supported by Windows 7 -- even if the application or feature has been disabled -- if "these APIs are necessary to the functionality of Windows or where there are APIs that are used by developers that can be viewed as independent of the component."

Mayo didn't provide examples of what APIs would still be supported when a user switches off IE8, but presumably Windows Update, which relies on the browser, would remain functional. Nor did he mention the European Union's new antitrust charges against Microsoft, which bloggers Chris Holmes and Bryant Zadegan cited as a possible reason why the company added the IE8 option.

In January, EU regulators claimed Microsoft "shields" IE from competition by bundling it with Windows. Among possible remedies, the EU's Competition Commission said it might make the company cripple the browser if the user installed a rival, such as Mozilla's Firefox or Google's Chrome. "Microsoft could also be ordered to technically allow the user to disable Internet Explorer code should the user choose to install a competing browser," EU spokesman Jonathan Todd said in an earlier e-mail to Computerworld.

The EU's case stemmed from a December 2007 complaint by Norwegian browser maker Opera Software ASA, and has been joined by both Mozilla and Google as "interested parties" who are allowed to participated on the periphery.

Microsoft has declined to comment on whether the decision to allow users to remove IE8 is connected to the EU's case.

Other applications in the Windows 7 list have been the subject of previous antitrust action or complaints. Windows Media Player, for example, was one focus of a concluded EU antitrust case, and Microsoft gave in to demands made by Google to the U.S. Department of Justice in 2007 to change Windows Vista's desktop search tool. And in 2006, Adobe threatened to go to the DOJ over the "Save as PDF" command in the upcoming Microsoft Office 2007 suite; XPS (XML Paper Specification) is Microsoft's answer to Adobe's PDF format.

The option to remove IE8 is available only in post-beta builds, which have been restricted to a small group of testers. The company has been mum about the timing of the next milestone, although it has hinted it take the upcoming Release Candidate, or RC, public as well.

A pirated copy of Windows 7 Build 7048, which includes the new removal options, has leaked to the Internet. Traffic in the build has been brisk, with BitTorrent tracking sites such as Mininova.org claiming that as many as 14,000 copies have been downloaded.

Computerworld is an InfoWorld affiliate.

Users gain options for mobile voice encryption

U.S. President Barack Obama's dilemma over the security of his BlackBerry has given rise to an increased interested in systems that can scramble voice calls to avoid interception.

At this year's Cebit trade show, mobile device security vendors rolled out an array of systems for governments and companies looking to protect their voice calls.

[ The brouhaha over whether President Obama would continue to use his BlackBerry highlighted two ideas: information security isn't what it should be and top-level execs make the juiciest targets for information theft | Get the latest on mobile developments with InfoWorld's Mobile Report newsletter. ]

In some cases, employing mobile voice encryption can save companies money, as it can allow top-level executives to discuss sensitive information without needing to travel to secure company offices, said Christoph Erdmann, managing director and founder of Secusmart, which makes a flash card with hardware-based encryption for voice calls.

Erdmann used to work in security in Nokia. He frequently had to travel to Finland to discuss important company information to avoid speaking over a phone.

Nokia eventually decided that the market for supersecure devices was too small, so Erdmann started his own company to provide higher security for Nokia smartphones.

Secusmart's microSD flash card, called SecuVoice Version 1.0, fits into Nokia Series 60 devices, which are frequently issued to government employees. The software is installed on the phone when the card is first inserted into a device.

Secusmart's card uses Elliptic Curve Cryptography, a proven method for establishing a secure connection between two devices. It's also faster than using the RSA algorithm, which employs large keys or certificates that increase the time needed to connect a call by up to 15 seconds. ECC does it in under five seconds.

"In mobile systems, every bit counts," Erdmann said.

Voice calls are encrypted using 128-bit AES (Advanced Encryption Standard) keys. The card is tamper proof. It has been approved by Germany's Federal Office for Information Security, which tests IT security products for the government, for use at a "restricted" classification, the lowest rank for sensitive material, Erdmann said. The microSD card costs €2,200.

Another option for encrypted voice is a system from Rohde and Schwarz of Munichy. Its 55-gram TopSec Mobile device encrypts voice calls using 128-bit AES keys. In a few months, the company will upgrade it to accommodate 256-bit AES keys, said Henning Krieghoff, Rohde and Schwarz's president.

The device, which resembles a small phone but without number buttons, is carried along with the person's regular mobile phone. It encrypts the voice traffic and then sends that data through the user's regular mobile via Bluetooth.

While a person has to carry two devices, the system offers the advantage of being compatible with nearly every mobile device with Bluetooth, said Mark Dencker, product manager. TopSec Mobile costs €1,800.

The company also offers a desktop encryption appliance for ISDN (Integrated Services Digital Network) lines, the TopSec 703. It costs €1,200. Secure calls can then be made between mobiles and normal desk phones.

Also in Cebit's security hall are Caspertech of Torino, Italy, and Compumatica of Aachen, Germany. The two companies rolled out two encryption products at Cebit that are now under evaluation by the Netherland's National Communications Security Agency.

One product, CompuGSM, is an entry-level model that does voice encryption. Users can opt to add SMS encryption, said Petra van Schayik, a manager at Compumatica.

The higher-level version is CompumaticaGSM, which includes a key management station that helps administer keys to a large number of devices, said Pavel Ivanov, program manager for Caspertech.

CompumaticaGSM will encrypt SMS and e-mail in combination with the CompuWall firewall. It uses 256-bit AES keys, but is also capable of substituting a different encryption algorithm in the software, Ivanov said.

Both products are only compatible with mobile devices made by HTC running Microsoft's Windows Mobile operating system. Pricing has not been released yet, but it will be on a per-use basis, van Schayik said.

Zoho releases Writer 2.0 with new tab-based UI

Zoho has given its Web-based word-processing application a makeover with a new version that features a tab-based user interface designed to help make users more productive, the company said.

Zoho Writer 2.0 features what the company is calling a "MenuTab" interface, which provides drop-down tabs as menu items at the top of the page. The tabs have the titles Format, Insert, Review, Share and Views, and their respective drop-down menus allow users to execute commands based on each category.

[ InfoWorld's Test Center pitted Zoho against Office competitors Google Docs, IBM Lotus Symphony, and OpenOffice.org -- see which one prevailed | Keep up on the latest tech news headlines at InfoWorld News, or subscribe to the Today's Headlines newsletter. ]

The 1.0 version of the application had a menu toolbar across the top of the UI, and as the company included new buttons of functionality in the toolbar, it got "cluttered," Raju Vegesna, Zoho evangelist, said on a conference call Thursday. "Enhancing the productivity of the user" was the main goal for the UI changes, he said.

Before-and-after screenshots of the Zoho Writer UI are available on a company blog. The MenuTab appears to be a cross between the new UI Microsoft put into its Office 12 product and page tabs that are found in most modern browsers.

Aside from the MenuTab changes, the new UI has the same basic setup of the old one, with a list of the user's documents on the left-hand side of the UI and a larger document view on the right.

Vegesna said the UI changes in Writer 2.0 apply to both the online and offline versions of the application.

Zoho Writer is just one of a host of Web-based applications the company offers to rival traditional software from much larger competitors like Microsoft and SAP, and Web-based apps from Google. Zoho offers nearly 20 Web-based applications -- some free for personal use, while business applications require a fee -- and continues to make improvements to its portfolio.

Last week Zoho added single sign-on support for its CRM application, a move that provides the capability across its entire suite of programs and sets the stage for tighter integration between the modules, the company said.

Netuitive integrates VMware into monitoring tools

Netuitive plans to detail on Monday the latest version of its Netuitive SI, which can now operate in VMware infrastructures.

"We've fully integrated all our virtualization monitoring into our core SI product, and we've added support for clusters and the datastore," said Daniel Heimlich, a vice president at Netuitive.

[ Read Test Center's guide: "Virtualization for the rest of us." ]

The new support for clusters enables users to monitor and analyze them as a single entity and brings failover and load-balancing. The SI product, he added, "self-learns the behavior of all infrastructure resources."

The sum of the enhancements enables what the company refers to as a Total Health Index, or a snapshot of the health of a virtual infrastructure. From there, Heimlich explains, companies can drill down into virtual machines and get application data from out-of-the-box tools, such as Tivoli, Microsoft's Operations Manager, HP OpenView, and BMC Patrol.

"We show a correlated composite view of the infrastructure," Heimlich said.

Netuitive's approach appeals to IT shops because most of those tools Netuitive works with were built for distributed computing, not virtual architectures, according to David Williams, research vice president at Gartner.

"It's about optimizing your current infrastructure," Williams said. "Netutive gives an overview and visibility into data IT might then use to reprovision."

Williams added, however, that customers have to be mature enough, from an infrastructure perspective, to manage in such a holistic manner. That said, Netuitive SI might be a natural fit for companies with cloud or service-oriented infrastructures because they already think this way, while more traditional infrastructures would require an adjustment to make the most of the tool.

IT pro gets four years for building botnets

An employee of search engine startup Mahalo has been sentenced to four years in prison for infecting as many as 250,000 computers with malicious botnet computer code.

John Schiefer was sentenced Wednesday in federal court after previously pleading guilty to hacking, fraud, and wiretapping charges. He was arrested in 2007 as part of a large U.S. Federal Bureau of Investigation enforcement action against botnet makers, called Operation Bot Roast II.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

The case marks the first time that someone has been charged with operating a botnet under federal wiretapping laws. Schiefer could have been sentenced to as much as five years in prison on the charges.

When they hired him, Mahalo executives didn't know about his criminal activities. In a blog posting, Mahalo founder Jason Calacanis said company CTO Mark Jeffrey had "screwed up by not doing a simple Google search on John’s name," but he stood by his employee, saying there is a fine line between hackers "who put one foot over the line" and commit minor indiscretions, and others like Schiefer, who "race past it."

"I consider myself a fairly decent judge of character, and after spending months with John, I’m convinced he was an angry stupid kid when he launched his botnet attack (which did .000000001% of the damage it could have)," Calacanis wrote. "Now he’s an adult who just wants to make a decent living, spend time with his significant other and breathe the clean air off the Pacific Ocean by our offices in Santa Monica.

"When he comes out, I hope to be able to offer him a job and that we can work together again," Calacanis said.

Schiefer built his botnet army while a consultant at 3G Communications, a small Los Angeles telecommunications company. The network, built with the help of two accomplices, was used to snoop in on Internet traffic between victims' computers and financial institutions such as PayPal, prosecutors said. Schiefer would then make purchases or simply drain his victims' bank accounts.

He used several partners in the scheme -- some of them minors whom he "bullied ... into participating in the crimes," prosecutors said in the suit, filed in the U.S. District Court for the Central District of California.

When a minor named Adam expressed reservations about claiming stolen money from PayPal, Schiefer told Adam to "quit being a bitch and claim it," the filing states.

Online, Schiefer was known as Acidstorm. His MSN Messenger handle also included the tagline, "Remember the name or feel the pain."

In another scam, a Dutch online marketing company called Simpel Internet paid him more than $19,000 for installing the company's TopConverting adware on PCs, which he did without the consent of his victims. As part of his plea agreement, Schiefer will pay $20,000 in restitution to Simpel Internet and the financial institutions he defrauded.

He also used the botnet to launch DDoS attacks, and in an interview with the FBI he claimed to have knocked the Los Angeles Times' Web site offline, prosecutors said.

According to an FBI affidavit filed in the case, Schiefer also accessed computers at an unnamed 3G Communications client without authorization.

Schiefer seemed happy with the money he was making from his scams. According to evidence entered into court, another one of his instant messaging signatures read: "Crime pays, and it also has an excellent benefits package."

Schiefer hopes to seek future employment in the information security field, prosecutors said.

How Microsoft can save Live Services

PC World's Preston Gralla recently explored five useful things that Microsoft Live can do for you. I was pleased to see that that what may be Microsoft's most screwed-up program, its online business, is still chugging along in search of salvation. And it seems to be finding some.

Maybe that is a little strong, because Microsoft's various Live offerings have sometimes been almost as good as they are confusing. And since they are totally confusing, that means I have really liked some of what Redmond offers. Preston's story talks about the current winners and I'd encourage you to take a look. I am going to start using them myself -- especially the free synchronization.

[ Related: "Microsoft to merge Windows Live and Office Live." | Follow the cloud with InfoWorld's Cloud Computing blog ]

Microsoft has certainly abused the Live brand since its introduction back in 2005. Many people can tell you about Google's non-search offerings, in part because if you log into your Google account you likely to be presented with a list of them. Go over to www.live.com and you are presented -- as you follow the links -- with a sometimes bewildering array of services and features. I usually end up closing my eyes and hoping it will all just go away.

Redmond badly needs to reorganize its offerings, with it seems to do with enough frequency that change after change in what it means to be Microsoft "Live" is how it all become so confusing. If those of us in the business of knowing what Microsoft is up to can't make sense of the company's online offerings, what's a mere user to do? In this case, follow the link to Preston's story. Again, just because Microsoft has messed up its marketing and branding, doesn't mean the stuff isn't good.

Google should probably not be too worried, however. The juggernaut that should be a tightly coupled Microsoft desktop, server, and online experience has yet to appear. Maybe Office 14 will do it, though the next Office is still out there a ways, probably to be released once the economy picks up, if I were to hazard a guess.

Because it is more tightly focused than Microsoft, Google looks positively adept at bringing new online products to market. Some are more successful, some less so, but Google has done an excellent job. If Google offers it, it is probably of good quality and the price is right.

Microsoft, on the other hand, feels a duty to integrate its free online services with the Microsoft Office or OS that is already installed on your PC. Microsoft online is supposed to bring some special value to the desktop experience, but has thus far only brought confusion. I believe that will change, but it makes Microsoft's fundamental task both different and more difficult than what Google needs to accomplish to be perceived as a winner.

My sense is that Microsoft ends up spending way too much time parsing how online services will affect sales of desktop applications than it really ought to. Windows Live needs to find ways to bring value to Microsoft customers without regard to how other business units might feel about it. The justification is that if Microsoft can't bring real value to Windows Live, then Google will prevail.

The good news, at least according to Gralla, is that Microsoft just may understand this and is putting out interesting services. Now, if they can just help customers find them.

David Coursey has spent more than 25 years analyzing the tech industry in general and Microsoft in particular. Contact him via his Web site. PC World is an InfoWorld affiliate.

A look at HP's Mini 1000 Mi netbook

Don't blink. Somewhere among the launches of the HP Mini 1000, the business-based Mini 2140, and the ridiculous, high-fashion Mini 1000 Vivian Tam Edition, HP released the Mini 1000 Mi. The difference this time around: the operating system. HP ships the Mini 1000 Mi with a customized Linux distro. Instead of using a more typical Windows-esque user interface, HP decided to make its own.

HP's version of Linux isn't hard to figure out -- in fact, it's very similar to what you'll find in other Linux-based netbooks. Still, it might throw some users for a loop. Instead of a traditional desktop, you start at a home screen, giving you easy access to your music and photos, as well as the Web and e-mail.

[ Do netbooks in the business make sense? | The InfoWorld Test Center rates netbooks for business. See which came out on top. ]

Clicking the Start New Program button on the bottom of the home screen will take you to a categorized listing of other installed applications. Clicking the HP icon in the lower-right of the screen will take you back to the home screen from any program. In general, I felt that the HP user interface is usable, though a little confusing at first. And it certainly isn't as polished as Windows Vista. Then again, how many netbooks out there can actually run Vista?

The Mini 1000 Mi comes bundled with a Web browser presumably based on Firefox, the Thunderbird e-mail client, Pidgin for IM, Skype, OpenOffice, and HP's MediaStyle interface for playing music, photos, and video.

How does it perform? Unfortunately, because of the custom OS, we're unable to provide WorldBench test results. WorldBench doesn't work with Linux. Performance seemed good enough, and all in all, it was pretty responsive; I never felt I had to wait on it for an unacceptable length of time, even with several applications running simultaneously.

I played an 820-by-480 WMV-encoded video clip on the Mini 1000 Mi. Playback ran smoothly; in fact, the only time I was able to get it to drop frames was by going back to the home screen and then switching back to the video. The only real downer: The included media player software didn't seem to recognize an MPEG-4 video file from a video podcast.

And while we can't fully verify battery life, basic battery drain tests show the three-cell battery lasts for about 3 hours.

Underneath the front end, you can still access files on the hard drive by clicking Files in the upper-right corner of the screen. From here I could access just about anything on the hard drive that didn't require root (super-user) access, and you can get to a number of advanced settings with a little digging. There's nothing preventing you from having a nerdy field day with the bundled OS. I can get to the terminal, so it's probably safe to say that HP didn't lock down the OS completely.

As for the hardware, the Mini 1000 Mi edition remains identical to the Windows XP-based flavor: It packs Intel's 1.6GHz Atom processor; 1GB of RAM; and a 4,200-rpm, 60GB PATA hard disk. HP's 10.3-by-6.5-by-0.9-inch plastic shell is identical to what you've already seen with the XP-flavored Mini 1000--groovy-looking hard plastic lid, great keyboard, annoying mousepad, and all.

The only real downer is the price of the Mi edition. You see, while HP says that these machines start at $400, our configuration costs $460. You'd figure that with Linux, we'd get a bit more of a price break on this netbook.

PC World is an InfoWorld affiliate.

Meet the nation's first CIO

In a surprise announcement, President Obama has named the nation's first federal CIO: Vivek Kundra, CTO of the District of Columbia. (He has yet to name the position he did promise he would create: the first national CTO.) So who is Kundra, and what might his appointment mean for the federal government's direction for and spending on technology?

As the federal CIO, he will oversee a $71 billion IT budget and manage technology interoperability among agencies. Kundra told a press conference that he will investigate how the government might improve its technology investments and make more information accessible to citizens through the Internet. He's done both as D.C.'s CTO.

The District of Columbia has been a leader in smart deployment of technology for years, boasting a succession of strong CTOs. Under Suzanne Peck's tenure, previous to Kundra's, D.C. was among the first to use SOA to rationalize software development efforts, to use XML to make government operational data open for mashups, and to deploy next-gen wireless technology for public safety and other agency usage. Kundra became CTO in 2006 and quickly staked out his own innovation focus.

As D.C.'s CTO, Kundra has emphazied what he calls a stock-market approach to IT project management and the adoption of consumer technologies in business. Both approaches come from the same epiphany he recalls having: The technology most users employ at work is kludgy compared to what they use in their daily routines, even though consumer technologies are often less expensive or even free. "For some weird reason I cannot understand, the way we organize ourselves at work is so much less agile than what we do in our personal lives," Kundra told InfoWorld. "Why not use consumer technology at work?"

The IT "stock market"
As D.C.'s CTO, Kundra hired a team of analysts to track projects -- in the style of a financial analyst -- on a daily basis. Smaller projects get bundled into "funds" of related efforts. Pretty quickly, the successes and failures were obvious. For example, the analysts discovered that a three-year enterprise content management project had made little progress and was run by project managers who had four previous failures.

"It was not going anywhere. So I decided to 'sell' the stock -- I killed the project -- and put that capital elsewhere," Kundra recalls. In this case, he redirected the money to add mobile laptops to police cars.

The stock metaphor made sense to more business-minded leaders at the district, but Kundra admits he had to really sell the concept to most employees and the 87 agency heads served by his team. "It was an education," he notes drily. What really sold the concept was the result: lower cost due to fewer long-burning misfires.

The stock approach also supplanted the traditional project management mentality of creating specifications and periodically assessing progress against them subjectively. "I wanted a more data-driven model -- after all, the data is the data. If you're over budget for two or three quarters, you can't avoid being exposed," Kundra says. "People don't make tough decisions easily, so you have to show them the data. [As government leaders,] it's our duty to make sure they're not failing," he adds. Objective measurements make that assessment easier.

For Kundra, the stock-market approach is really just a metaphor for a technique driven by ongoing analytics. "You can use a different metaphor if that works better in your industry," he says. But essential to success is a "ruthless discipline" in your data collection, analysis, and consequent management decisions.

Freeing up resources for meaningful innovation
Kundra was not focused solely on weeding out bad "stocks." He also used this approach to free up capital for innovative bets. For example, he's initiated a project that combines YouTube with Wikipedia to increase government's accountability to citizens. All requests for proposals (RFPs) for city contracts are posted on a Web site in a wiki, with all bids being available as PDF attachments. Attendee lists from public hearings are scanned and posted as well, as are videos of hearings and even RFP presentations. Also posted or linked are any district communications with the potential vendors on the RFPs. If this effort succeeds, "no one can say that there are deals done behind closed doors," he says.

"It's tough in tight budgets to find the innovative path," Kundra notes, which is why he was so focused on gaining stock-market-like efficiencies in weeding out wasteful projects and identifying strong ones. Thanks to the savings already established from this approach, he was able to set up an R&D lab to test new ideas.

The two areas of Kundra's fancy are new-generation mobile devices -- "I believe the iPhone is the future for integrated voice, data and video" -- and Web 2.0 technologies, thus the experiments using wikis and YouTube.

Windows security patches coming next week

Microsoft will release three sets of security updates next Tuesday, fixing at least one critical bug in its Windows operating system.

The software vendor said Thursday that the ost serious of these updates fixes a bug that could be used to install malicious software on a victim's computer on any supported version of Windows. The other two Windows updates fix flaws that are not considered to be quite so dire, and one of these two important fixes does not affect Windows XP or Vista users.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

Microsoft releases its security updates on the second Tuesday of each month, and it gives customers advance notification of what patches are coming the Thursday before they are released.

This month's early notification makes one thing clear: A highly publicized Excel bug that has been used in a small number of targeted attacks will not be patched this month.

Given that the Excel bug was reported to Microsoft just weeks ago, it's not surprising that Microsoft has not had time to fully test and release a bug-fix, said Andrew Storms, director of security operations with security vendor nCircle. Still, the fact that users will have to wait another month for protection is "disappointing," he said via instant message.

Microsoft has a couple of other software bugs to fix in addition to the Excel issue. In December, the company acknowledged a security issue in its WordPad Text Converter that affects older versions of Windows.

There is also another unpatched Windows issue that has been lingering since April of last year. Storms said it's possible that Microsoft could fix that vulnerability -- which allows attackers to get elevated user privileges on a victim's system -- next week.

EU loosens Microsoft monitoring requirement

The European Commission is no longer requiring a full-time monitor to oversee a 2004 decision that found Microsoft broke EU competition law by restricting interoperability with Windows and integrating the OS and media player software.

The Commission ruled Tuesday that the technical assistance it receives from the monitor would now be done on an ad hoc basis using consultants as issues arise.

[ Earlier this year, the EU hit Microsoft with new antitrust charges | Get the analysis and insights that only Randall C. Kennedy can provide on PC tech in InfoWorld's Enterprise Desktop blog. And download our free Windows performance-monitoring tool. ]

The commission said that since Microsoft has already documented interoperability information and altered licensing to give third parties rights in court that monitoring restrictions would be relaxed.

Microsoft, however, is still obligated to supply "complete and accurate interoperability information" as specified in the original decision.

In the 2004 judgment against Microsoft, the EU found Microsoft illegally used its "near monopoly" in the operating system market to restrict interoperability between Windows PCs and non-Microsoft work group servers, and to tie Windows Media Player into the Windows OS to stave off competition.

The ruling came after a five-year investigation and resulted in Microsoft being fined €497.2 million.

As part of the judgment, the Commission appointed a full-time monitor to oversee Microsoft's disclosure of its interfaces and ensure functional equivalency between versions of Windows with and without Media Player.

Now that monitoring will be done ad-hoc and Microsoft will be released from having to pay the monitor and fund the operation.

Network World is an InfoWorld affiliate.

Saturday, March 7, 2009

IT News HeadLines (InfoWorld) 07/03/2009

No comments: