Oracle breaks silence on Sun plans in ad

Oracle Corp. ended it silence Thursday on its post-merger plans for Sun Microsystems Inc.'s Unix systems in an advertisement aimed at Sun customers to keep them from leaving the Sparc and Solaris platforms. Ever since Oracle announced in April its plans to acquire Sun, its competitors - notably IBM and Hewlett-Packard Co. - have been relentlessly pursuing Sun's core customer base, its Sparc and Solaris users. Oracle's ad to "Sun customers," makes a number of promises that includes spending more "than Sun does now," on developing Sparc and Solaris, as well as boosting service and support by having "more than twice as many hardware specialists than Sun does now." Analysts see Oracle's ad as a defensive move that doesn't answer some of the big questions ahead of the $7.4 billion merger with Sun . In fact, there may be a lot of room for skepticism and parsing of Oracle's claims, despite their apparent black and white assertions.

Among the top hardware makers, Sun registered the biggest decline in server revenue in the second quarter, offering evidence that this protracted merger may be eroding Sun's value. Europe is allowing until mid-January to sort this out, which keeps the merger in limbo for another quarter. Oracle wanted the acquisition completed by now but the European Commission this month said it would delay its antitrust review because of "serious concerns" about its impact on the database market. Analysts point out that Oracle's plans to spend more "than Sun does now," may be a little hallow because Sun's spending on developing Sparc and Solaris is probably at a low. "The ad sounds convincing - but perhaps being a word nitpicker, the Sun does now' might not mean much if Sun has drastically cut back due to plummeting sales," Rich Partridge, an analyst at Ideas International Ltd., said in an e-mail. "I think someone at Oracle suddenly realized that Sun was bleeding so badly that what would be left when Oracle finally got control would be worth a small fraction of what they paid and no one would buy the hardware unit," Rob Enderle, an independent analyst, said in an e-mail. But Enderle said the ad's claims do not preclude Oracle from selling its hardware division, and says the company "will have to support the unit for a short time after taking control; during that short time they can easily outspend Sun's nearly non-existent budgets." Gordon Haff, an analyst at Illuminata Inc., said if it was Oracle's plan to start on day one of the merger to shop the Sparc processor around, "would they have put this ad out? Taken at face value, the ad seems to indicate that Oracle will keep Sun's hardware and microprocessor capability and not spin it off, as some analysts believe possible.

Probably not," he said. "Does it preclude Oracle from changing their mind? Indeed, Oracle's major competitive concern was indicated in the ad in a quote by Oracle CEO Larry Ellison: "IBM, we're looking forward to competing with you in the hardware business." No. Companies change their mind all the time." An erosion of Sun's customer also hurts Oracle, because a lot of Sun customers are also Oracle customers, and Oracle doesn't want its existing customer to go to IBM and move away from Oracle's platform, Haff said.

Ballmer: Windows 7 sells twice as fast as past operating systems

Microsoft Corp. said today that Windows 7 has sold twice as many units as any other Microsoft operating system in the same time period. Those Windows 7 sales include pre-orders that Microsoft and partners began taking in June. During its annual shareholders' meeting, CEO Steve Ballmer also dismissed market share gains by Apple Inc.'s Mac computer to "a couple of tenths of a percent" and said that many young people would eventually outgrow their preference for Macs. "Some of it is marketing, some of it is phase of life," Ballmer said in response to a shareholder question about Microsoft's poor perception among younger buyers. "The truth is we do quite well, even among college students. "Windows 7 gives us a real opportunity to get back that audience," he continued. "With the down economy, people understand that the Mac is a lot more expensive for essentially the same computer" as Windows 7. NPD Group reported earlier this month that first-week retail sales of Windows 7 in North America were 234% higher than Vista's were at launch. The Mac has been making strong market share gains for most of this decade, though that has been limited mostly to North American consumers.

It ranks in fourth place, behind Dell Inc., Hewlett-Packard Co. and Acer Inc. In the most recent third quarter, Apple's unit shipments grew 6.8% year-over-year to give it 8.8% of the U.S. market, according to Gartner Inc. Ballmer said Microsoft plans to keep investing in Web search, the Windows Phone operating system (formerly known as Windows Mobile), and cutting-edge technologies, such as the Xbox's in-air motion controller, Project Natal. We have about 10%-12%, Android has 3%, iPhone about 20%, RIM 20%-25%, and Nokia about 45%." "It is a competitive game," he continued. "We have a lot of opportunities to improve our products and market position." Addressing persistent rumors of a Microsoft-manufactured phone, such as a Zune Phone, Ballmer said, "We think we have the right strategy, which is to focus on the software, not build a phone, and offer a diversity of phones like we offer a diversity of Windows PCs." He defended Windows Phone from a questioner, saying it was a "small but important fact, that we have quite a bit more market share than Android.

Is Twitter-only gadget TwitterPeek a one-hit wonder?

There's a new gadget out today that will let people Twitter while they're on the go. And that's going to be a problem, according to one analyst. The issue is that it's the only thing the device, dubbed TwitterPeek , can do. Gadget-maker Peek unveiled its TwitterPeek mobile device today on Amazon.com.

Even businesses that Twitter will dig TwitterPeek as a convenient way to stay connected with their customers." But the gadget market has moved beyond devices that can only do one thing. The company is touting the $99 device for people who don't have a smartphone or data plan. "TwitterPeek will make it easy and affordable for everyone who doesn't have a smartphone to really enjoy Twitter on the go," said "Peekster-in-Chief" Amol Sarva, in a statement. ""Twitter die-hards will appreciate its 'always-on' instant tweet delivery and newbies will finally 'get Twitter' once they have TwitterPeek in hand. Are users going to lay down money for a gadget that can't multi-function as a cell phone, camera, digital organizer, video camera and GPS navigator? So for the first year, users will be shelling out $146.70 just for the ability to tweet. Dan Olds, principal analyst with The Gabriel Consulting Group, said he doesn't think so. "Just what everyone wants, one more device to carry around," Olds said. "In order to get on the TweetPeek bus, customers will have to pony up $99 and, after six months, an additional $7.95 per month. And only tweet . This thing is just a piece of high-impact plastic that can send and receive great thoughts in 140 character servings.

That would be handy." I don't see the point." While mobility seems to be the next wave for Web 2.0, Olds added that he doesn't think TwitterPeek will be in a position to benefit from it. "Mobile is certainly going to be an increasingly important part of the advance of Web 2.0, but single-function devices like TweetPeek aren't the route mobile is going to take," said Olds. "I guess people could duct tape this thing to whatever old archaic non-Web browsing cell phone they have and maybe to a cheap digital camera too.

Quick actions help financial firm avoid security disaster

While most of the IT world has been spared a devastating security attack like Blaster and Sasser for the last few years, the damage wrought by all manner lesser-known computer viruses continues to inflict corporate pain. 10 of the Worst Moments in Network Security History For example, New York City-based investment firm Maxim Group, faced a security ordeal this year when a virus outbreak pummeled the company's Windows-based desktop computers and servers. "On early April 15th, a few people called to say they were having problems with their computers," relates John Michaels, CTO there in describing how the investment firm's IT staff started to get an inkling that morning that something was terribly wrong. "After looking into it, we knew something bad was happening, affecting all our users, and my servers." Malware was disabling applications by corrupting .exe files so they wouldn't open once they were closed, while also making thousands of connections to servers, saturating the network. "It damaged all the .exe files by corrupting them," says Michaels. "People were logging on and getting a blank screen." The virus was altering the registry of the computers. Maxim Group didn't have a centralized antivirus product in place, having allowed various groups to go their own way with differing products. In response, Maxim Group told the approximately 325 computer users not to shut down the computers while Michaels and his team contacted vendors for assistance.

The decision to change that practice was made on the spot. It wasn't easy. "Symantec took about three days to identify what the variant of the virus was," Michaels says. "They said they had never seen a variant of this." The virus was finally identified as a variant on "Sality," an older virus that strikes at .exe and now also will install a backdoor and Trojan. "We asked Symantec, are we the only ones telling you about this? Antimalware vendor Symantec was called in to set up a centralized antivirus server, while also attempting to analyze what the malware was and advise on clean-up. And they said 'We have 3 million infected.'"Cleaning up more than 300 virus-riddled PCs was a huge headache. In the course of beating back Sality, Michaels says he also contacted another vendor, Cymtec Systems, whose product he had demoed, to install the security vendor's Sentry gateway, which monitors traffic and bandwidth usage, enforcing Web site policies and blocking antimalware. Symantec advised total re-imaging of the computers, which Maxim Group undertook, a process that consumed several weeks.

The reason for the Sentry gateway is to prevent employees from going to "Web sites they probably shouldn't," especially as Web surfing raises the risks of malware infection, Michaels says. To this day, Michaels says he's not sure how the Sality variant got into Maxim Group's network to explode in that April 15 outbreak. "Maybe it was a Web site or a USB device, I don't know," Michaels says. But the virus outbreak also showed there was communication from the infected PCs to what might be a botnet. "They were connecting to rogue Internet sites," Michaels says, saying Sentry would help monitor for that kind of activity in the future. But on that day things changed in terms of the investment firm deciding to enforce stricter Internet usage policies. "Before this episode, we allowed social network sites, but we don't now," Michaels says. And are the old Blaster and Sasser worms that struck with such devastation over half a decade ago gone?

Social networking sites are gaining a reputation as places where malware gets distributed, and if there's no clear business reason for using them, they're put off limits. Unfortunately not, says the "Top Cyber Security Risks" report released this week by SANS Institute in collaboration with TippingPoint and Qualys. The report — which examined six months of data related to 6,000 organizations using intrusion-prevention gear and 100 million vulnerability-assessment scans on 9 million computers to get a picture of various attack types — notes "Sasser and Blaster, the infamous worms of 2003 and 2004, continue to infect many networks."

Mac News Briefs: Chronos updates SOHO Notes, Organizer

Chronos overhauled both SOHO Notes and SOHO Organizer Thursday, adding a slew of changes to its note management and information organization applications. The application also provides a way to store voice, video, and photo notes. SOHO Notes 8 adds new ways to view notes, with Cover Flow and Icon views to go with a standard list view. In addition, users will be able to sync notes with their iPhone or iPod touch via the new NoteLife mobile app. (As this article was published, NoteLife was not yet available from Apple's App Store.) SOHO Notes 8 also features new backup and encryption systems as well as overall performance improvements, Chronos says.

The look of Desktop Calendar is customizable, and users can position it at any of nine different locations. The new version costs $40, with a family pack available for $70. Users who bought SOHO Notes 7.x after July 21, 2009, can upgrade for free; otherwise, upgrades cost $25. Changes in SOHO Organizer 8 include a desktop calendar feature that puts users' schedules on the desktop for convenient viewing. Organizer also features e-mail integration and the ability to record or shoot video, photo, or voice notes and attach them to contacts. SOHO Organizer 8 costs $100, with a family pack available for $180. As with Notes, anyone who bought SOHO Organizer 7.x after July 21 can upgrade for free; others can upgrade for $50.-Philip Michaels Bug fixes highlight NetNewsWire update NewsGator on Thursday announced the release of NetNewsWire 3.2.2, the latest update to its popular news-reading application for the Mac. Other features include a new print preview and performance improvements.

The new version primarily fixes issues in earlier iterations, such as a bug where command-W would accidentally close a tab instead of a window, a problem where the program could crash while getting the unread count of flagged items, and a broken Check for Updates feature (as a result, you must download the update manually). In addition, NetNewsWire now sports a French localization. The new version incorporates a number of fixes for users running Snow Leopard, including a pair of crashing bugs. NetNewsWire 3.2.2 costs $10 and is also available as a free ad-supported download; it requires Mac OS X 10.5 or later.-Dan Moren Delicious Library update rolls out Snow Leopard fixes The latest update to Delicious Monster's media-cataloging software, Delicious Library 2.3, was announced on Thursday. Other enhancements include the introduction of Help files, faster browsing in cover view, and faster selection of large shelves. Delicious Library 2.3 requires Mac OS X 10.5 or later and a license costs $40.-DM Sente 6 academic reference manager released Sente updated its self-titled academic reference manager this week, adding synchronized libraries, reference tagging, and PDF markup features. There are a number of other improvements with iSight scanning, Bluetooth scanners, and the program's Feedback Panel.

Sente 6 features synchronized libraries, making it easier to maintain multiple copies of a reference library on multiple computers. New PDF markup commands can be used to highlight passages in a PDF file. The update's hierarchical reference tagging allows users to assign and use tags on references; the tags can be assigned hierarchically, and Sente will treat references with child tags as though they had been assigned parent tags. Also, Sente 6 includes support for hundreds of new bibliography formats. Twitterrific 3.2.1 fixes a number of bugs, such as an issue where command-C would not work on Snow Leopard, a problem where tweets were not deleted, and a problem with URLs that use Unicode encoding in the domain name.

A single-user license for Sente 6 costs $130; academic licenses cost $90, with an Undergraduate Edition-which works with 250-reference libraries-available for $35. Users who bought Sente 5 on or after January 1, 2009 can upgrade for free; otherwise, an upgrade costs $40. Sente 6 runs on Mac OS X 10.5.8 and later on both PowerPC- and Intel-based Macs.-PM Iconfactory updates Twitter client for Mac The Iconfactory released an update to its Twitter client, Twitterrific, on Thursday. In addition the program now features a keyboard shortcut to view a tweet in your Web browser: command-shift-left arrow. In addition, it fixes a number of bugs, such as drawing glitches in Snow Leopard and overwriting existing files when exporting to disc. Twitterrific 3.2.1 requires Mac OS X 10.4 or later-a new license costs $15.-DM Snowtape adds support for Windows Media streams Snowtape 1.3, the newest version of Vemedio's application for recording Internet radio, was released on Thursday with support for Windows Media streams, a new option to export songs in the MP3 format, and support for HTTP authentication. Snowtape costs $29 and requires Mac OS X 10.5.2 or later.-DM

HP upgrades Unix platform with data protection

HP this week unveiled updates to its HP-UX Unix OS and Serviceguard high-availability software, offering capabilities in data protection, data privacy, and business continuity. The software packages run on HP Integrity and HP 900 servers. [ Check out InfoWorld's report on how HP has been looking to lure Sun Solaris Unix users to HP-UX. ] The Unix upgrade offers automated features to reduce maintenance requirements, improve availability, and enhance security, the company said. Update 5 of HP-UX 11i v3 and Serviceguard restore application services in the event of hardware or software failure, HP said. Users can lower operational costs and increase efficiency in such demanding applications as online transaction processing or business intelligence, according to HP. "Comprehensive" data protection is provided through encryption for data in transit and at rest, HP said.

Update 5 provides as much as 99 percent of raw disk performance, enabling reduction in operational costs for large databases and accelerated access to business-critical information. Enhanced data privacy is provided through Bastille, an automated system-hardening tool that configures a system to protect against unauthorized access. Administrator productivity is improved with expanded security bulletin analysis and patch maintenance. Business continuity is improved through minimization of downtime in the OS's Logical Volume Manager. Security issues are identified for as many as 100 systems in a single view when integrated with HP System Insight Manager. Simplified standards compliance is offered through PCI (Payment Card Industry) and Sarbanes-Oxley Act report templates HP Serviceguard, which is part of the HP Virtual Server Environment software suite, is integrated with HP-UX 11i to protect applications from down time, HP said.

Another improvement is elimination of business interruptions with Online Package Maintenance capabilities that run routine maintenance and upgrades while the system is active. Business connectivity is enabled during Serviceguard upgrades through a Dynamic Root Disk tool that reduces server network down time by 75 percent, the company said. Management of server connections is improved with a graphical cluster topology map for administration and configuration.  Also, traffic is coordinated between clustered servers and storage arrays.

Novell adds debugger to Mono to help Windows apps get to Linux

Novell Tuesday released a Mono-based plug-in for Visual Studio that gives developers a debugger to help them use Windows to design applications that will run on Linux. Mono Tools for Visual Studio is a plug-in for Microsoft's integrated development environment (IDE). The plug-in lets developers use Visual Studio to write and maintain applications that can run on Windows, Linux, Mac and Unix platforms. In addition, Novell is integrating its Suse Studio Online, which lets users build custom distributions of Linux so they can package their applications on an appliance loaded with a Linux operating system. Mono Tools for Visual Studio runs with Mono 2.4, which is available now, and 2.6, which is slated for release in December or January.

Novell's Mono is a .Net-compatible set of tools that includes a Common Language Runtime environment that enables the cross-platform capabilities. Mono Tools for Visual Studio does not support Mono on the iPhone because it requires a Macintosh. Mono can be run on Linux, BSD, Unix, Mac OS X, Solaris and Windows. Now we have a full debugger that people can use from the comfort of their Windows machines with Visual Studio and deploy their applications on remote Linux machines." Mono Tools adds a pull-down menu within Visual Studio that gives access to the debugging capabilities and other coding and testing functionality contained in Mono. Novell officials said the most important part of the plug-in is a debugger that will make it easier for Visual Studio users to tap Linux as a deployment platform. "We did not have a debugger story," says Miguel de Icaza, vice president of the developer platform at Novell and the creator of Mono. "People had to fly by instruments when developing their applications with .Net and wanting to deploy them on a Linux server.

The software also includes an integrated porting analysis tools that directs users onto non-Windows platforms without needing to know any of the development nuances for those platforms. The Professional Edition for individuals is $99, while the Enterprise Edition (one developer per organization) is $249, and the Ultimate Edition is $2,499. The Ultimate Edition includes a limited commercial license to redistribute Mono on Windows, Linux and Mac OS X. It also provides five enterprise developer licenses. Mono Tools for Visual Studio is available in three editions. Follow John on Twitter: http://twitter.com/johnfontana

Ellison mocks Salesforce.com's 'itty bitty' application

Oracle CEO Larry Ellison mocked on-demand CRM (customer relationship management) vendor Salesforce.com during a shareholder meeting Wednesday, saying its "itty bitty" application depends on Oracle's products. "We think Salesforce.com has got terrific underlying technology," he said in response to a question from a shareholder about Salesforce.com and the competitive pressures posed by the cloud-computing model. "In fact, everything they run is on an Oracle database. But they don't stop there. We think the Oracle database is fabulous cloud technology. On top of the Oracle database they build their applications using - what is it?

Oh, my God." Ellison's comments follow reports that Salesforce.com CEO Marc Benioff will be speaking at Oracle's OpenWorld conference during an "executive solution session." Salesforce is also a sponsor of OpenWorld this year. Oracle middleware. His appearance seemed surprising to some observers, given the history between the two companies. Indeed, Ellison's scathingly sarcastic remarks on Wednesday made it sound like the companies' rivalry has not dimmed at all. "Let's look at their technology," he said. "They buy computers. Ellison was an early investor in Salesforce.com and once sat on its board, but left after a falling out with Benioff. They rent a room.

They buy electricity and plug it in. Uh, they put the computers in the room. They then buy an Oracle database to run on those computers and then they buy Oracle middleware to build their applications. A Salesforce.com spokesman wouldn't directly address Ellison's comments, but pointed to the company's successes. "Customers are moving towards cloud computing and away from traditional software," said Bruce Francis, vice president of corporate strategy, via e-mail. "We have more than 63,000 customers experiencing success in the cloud. Oh, excuse me, and then they build this little itty-bitty application for salesforce automation. ... Most of the technology at Salesforce.com is ours." In addition, a long list of companies have "chucked" Salesforce.com's software and replaced it with Oracle's on-demand CRM software, Ellison claimed. And, as we reported in August, the number of customers grew 32% in Q2."

Security researchers ask: Does self-destructing data really vanish?

Researchers this week published a paper describing how they broke Vanish, a secure communications system prototype out of the University of Washington that generated lots of buzz when introduced over the summer for its ability to make data self-destruct. But interesting wasn't good enough for researchers at Princeton University, the University of Texas and the University of Michigan, who wondered how well the system could really stand up to attack. I gave the system a whirl back in July and found it to be pretty interesting.

Ed Felten from Princeton describes in the Freedom to Tinker blog how he, a fellow researcher at Princeton and peers at the University of Michigan and University of Texas figured out how to beat Vanish. Such networks, the same kinds used to share music and other files, change over time as computers jump on or off. Their paper is titled "Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs."  Vanish exploits the churn on peer-to-peer networks by creating a key whenever a Vanish user puts the system to use and then divvying up that key and spreading across the P2P net. As such, portions of the key disappear forever and the original message can't be unencrypted. This led to some interesting technical discussions with the Vanish team about technical details of Vuze and Vanish, and about some alternative designs for Vuze and Vanish that might better resist attacks." Later, Felten ran into an ex-student now at the University of Texas who happened to be investigating Vanish as well, and they wound up collaborating. "The people who designed Vanish are smart and experienced, but they obviously made some kind of mistake in their original work that led them to believe that Vanish was secure - a belief that we now know is incorrect," Felten writes. Felten wrote that after reading about Vanish during the summer "I realized that some of our past thinking about how to extract information from large distributed data structures might be applied to attack Vanish. [S]tudent Scott Wolchok grabbed the project and started doing experiments to see how much information could be extracted from the Vuze DHT [Vuze is the P2P network used by Vanish and DHT is a distributed hash table]. If we could monitor Vuze and continuously record almost all of its contents, then we could build a Wayback Machine for Vuze that would let us decrypt [vanishing data objects] that were supposedly expired, thereby defeating Vanish's security guarantees." Felten goes on to tell an interesting tale about the timing of this realization and the experiments that followed. "We didn't want to ambush the Vanish authors with our break, so we took them aside at the [Usenix Security conference in Montreal in August] and told them about our preliminary results.

The University of Washington researchers investigated the other researchers' findings, updated Vanish and issued a report of their own on the experience.  Among other things, they came up with a way to make breaking Vanish more expensive, Felten writes. We do encourage researchers, however, to analyze it and improve upon it. The University of Washington researchers sum up their latest findings here as well, noting that Vanish does not have to be wedded to Vuze and in fact might be better based on a hybrid system that uses multiple distributed storage systems.  They write: "However, we recommend that at this time, the Vanish prototype only be used for experimental purposes. We strongly believe that realizing Vanish's vision would represent a significant step toward achieving privacy in today's unforgetful age." For more on network research, read our Alpha Doggs Blog. Follow Bob Brown on Twitter.

Microsoft's CodePlex Foundation leader soaks in stinging critique

After a stinging critique from a noted expert in establishing consortia, the leader of Microsoft's new CodePlex Foundation says such frank evaluation is welcome because the open source group's structure is a work in progress. The CodePlex Foundation's aim is to get open source and proprietary software companies working together. Sam Ramji, who is interim president of the CodePlex Foundation, was responding to last week's blog by Andy Updegrove, who said the group has a poorly crafted governance structure and looks like a sort of "alternative universe" of open source development.

Updegrove, a lawyer, noted expert on standards, and founder of ConsortiumInfo.org, laid out in a blog post five things Microsoft must change if it wants CodePlex to succeed: create a board with no fewer than 11 members; allow companies to have no more than one representative on the Board of Directors or Board of Advisors; organize board seats by category; establish membership classes with rights to nominate and elect directors; and commit to an open membership policy. He added, however, "There are some best practices [for running the boards of non-profits] that we are not as familiar with as we would want to be." Slideshow: Top 10 open source apps for Windows  Stephanie Davies Boesch, the foundation's secretary and treasurer, is the only board member with experience sitting on a non-profit's board. Despite the stinging tone in Updegrove's assessment, Ramji says he is thankful for the feedback. "Andy's been incredibly generous with his expertise and recommendations," Ramji says. "It is the kind of input and participation we were hoping to get by doing what is probably non-traditional for Microsoft but not necessarily non-traditional for non-profit foundations, which is to basically launch as a beta." For instance, Ramji says that the decision to go with only five people on the board came from Microsoft's experience that larger groups often have difficulty with decision making. Ramji says Updegrove's suggestion to have academic representation on the board was "outstanding. And basically it is re-writable. We did not think of that." And to Updegrove's point on becoming an open membership organization, Ramji says, "our goal is to become a membership organization and Andy has some excellent recommendations for that."He says the fact that Updegrove took the time to respond "in the format that he did is more proof that there is something worth doing here." Ramji, compares the Foundation's formation to the early days of a software development project. "We have said in these first 100 days we are looking at everything as a beta.

Obviously, there are some areas like contributions and licensing agreements we put a lot of time into but even those can be modified." Microsoft announced the foundation Sept. 10 with a stated goal "to enable the exchange of code and understanding among software companies and open source communities." The company seeded the group with $1 million and Microsoft employees dominated the interim board of directors and board of advisors. One is a call for a broad independent organization that can bridge cultural and licensing gaps in order to help commercial developers participate in open source. Ramji says the foundation has spent the past couple of weeks listening to feedback in "Twitter messages, email, and phone calls in order to understand what people hope this can be." Within that feedback two patterns have emerged, Ramji says. The other focuses on creating a place where open source .Net developers can gain strong backing. "Look at projects related to Mono, you also can look at NUnit, NHibernate, we really feel optimistic that the Foundation could help them gain a higher level of credibility in the open source community. Miguel de Icaza, the founder of the Mono project and the creator of the Gnome desktop, is a member of the Foundation's interim board of directors. They feel they have been lacking that strong moral support," Ramji says.

From a high level, Ramji says the Foundation stands as a sort of enabler that helps independent developers, companies and developers working for those companies navigate the nuances and practices of open source development so they can either contribute source code to projects or open source their own technologies. "One suggestion has been that the Foundation should house all the best practices we have seen software companies and open source communities use," said Ramji. "We want to have a place where everyone interested in how to participate can come and read and if they choose they can use our license agreements or can use the legal structure of the Foundation to grant patent licenses and copyrights for developers and derivative works." Those licensing agreements have a distinct focus, Ramji said, on the rights that are related to code that is being contributed and on how to contribute the patent rights on that code. Ramji says the goal is to service multiple projects, multiple technologies and multiple platforms rather than having one specific technology base, which is how most current open source foundations are structured. "It's early days and we have received a lot of good ideas from experts in a variety of fields from law to code to policy that is what we had hoped for," says Ramji. "Someone wrote it is nice to see Microsoft engaging early on without all the answers and to have the community solve what they would like to see. Once those issues are settled, code would be submitted using existing open source licenses. That is satisfying for me and refreshing to others. This is the right way to proceed." Follow John on Twitter

Malware Threat Emanates from Growing Unemployed Ranks

Looking at the statistics, February was a positively brutal month for workers being idled. There were 2,769 mass layoff actions putting throwing 295,477 out of work. Last Friday, the Bureau of Labor Statistics (BLS) released the ugly numbers.

That's 542 mass layoff actions more than January and 57,575 laid off. The BLS only obliquely breaks out what could represent IT workers as "professional and technical services." Not surprisingly, manufacturing bore the brunt of February's layoffs accounting for 47% of the unemployment claims, but IT folks could represent a small piece in all the 19 industry sectors that BLS follows. I wondered how many of those were IT people and what percentage might turn to cyber crime. Suffice it to say there's plenty of IT folks with little or nothing to do. The story explores how idled workers in China are turning to cyber crime.

That out of work IT professionals turn to cyber crime should come as no surprise so the headline China becoming the world's malware factory on top of an IDG News service is to be expected. Everyone needs to be vigilant (but not turn into vigilantes). Indeed, a story at Chief Security Officer cites a Symantec study that says 98 percent of organizations suffer "tangible loss" as the result of cyber crime (more than a little self-interest on Symantec's part should be noted). With the third variant of the Conficker worm set to strike on April 1, take the message of vigilance to heart (let's hope it's as tepid as Y2K). By the way, the BBC reported this morning that the U.K. Government is monitoring social networking sites like Facebook to "tackle criminal gangs and terrorists." That's vigilance of a controversial nature. It's obvious: the latter. Is this just another day in the cyber jungle or is the cyber crime problem exacerbated by the expanding ranks of the idled? So if you want to freshen up your knowledge of malware, check out the many primers on the subject. I like Wikipedia's or check out the Chief Security Officer web site.

Crowdsourcing takes center stage at DEMOfall ’09

One unmistakable trend at this year's DEMOfall show is the number of Web sites and applications that rely to some degree on crowdsourcing. 13 hot products from DEMOfall '09 Crowdsourcing – a buzzword loosely defined as giving large crowds of users the ability to collaboratively create or change content on Web sites or applications – was made popular by open-source encyclopedia Wikipedia and has since become a staple of Web 2.0 applications. So why does crowdsourcing have such an appeal for developers? "With all due respect it's because developers are lazy," laughs Micello founder and CEO Ankit Agarwal. "When I crowdsource it means that I don't have to do the work to get data myself." But crowdsourcing does have perks beyond getting other people to do your work for you. Among the new crowdsourcing technologies to debut at DEMO this fall are Article One Partners' AOP Patent Studies, an open-source enterprise service that employs an online community of patent advisors to research patent claims; Waze, a mobile application that can be used to update traffic conditions in real time; TrafficTalk, a mobile application that is similar to Waze but also lets users provide traffic updates simply using their voice rather than typing into their mobile phone; Micello, a mobile app that aims to be the Google Maps of indoor spaces; and Answers.com, a Web site that combines established reference resources and crowdsourcing to create a comprehensive information database. Some crowdsourcing developers say if you can create an application that meets a common need and gives people a real stake for getting involved, then it can go a long way toward growing your product's popularity.

It's a shared pain of being frustrated by traffic jams and the like, but our goal is to resolve that pain and to minimize the wait during commutes." Greenfield says that while larger crowds are obviously better for an application such as TrafficTalk, the application can be relatively successful even if only two people who trust each other are using it. TrafficTalk founder Larry Greenfield, whose product is still currently in its alpha testing phase, says that he has found fertile crowdsourcing ground in the form of frustrated commuters during tests he has run of his software. "For us, crowdsourcing has to create a sense of community among our users," he says. "There has to be something that binds people together. After all, he notes, if one friend who shares a commute route with another friend can notify that friend of a traffic accident using TrafficTalk, the application will have served its purpose. Demo's biggest stars of all time Answers.com, on the other hand, is a Web site that really does require massive participation if it is to meet its lofty goal of becoming a central hub for people seeking answers to their queries. Even so, he says the application needs around a dozen or so people to really reach its potential.

Right now, the Web site lets users ask questions whose answers are partially provided by information culled from licensed professional encyclopedias and dictionaries and partially provided by user-generated Wiki-style content. This past August, for instance, Answers.com got around 45 million unique visitors. "Crowdsourcing for us really starts to work when you get to a certain scale," he explains. "Right now we get 45,000 new questions asked each day and then about one third of those are answered every day. Answers Corp. founder and CEO Robert Rosenschein says that as the Wiki portion of the Web site has grown over the past year, participation has snowballed to the point where the company doesn't have to work as hard to promote itself. Those answers are the most valuable thing we have even though some are more detailed and some less so… When you start to get that sort of scale it just sort of happens. As Rosenschein acknowledges, crowdsourced answers are far more likely to contain factual errors than are answers taken from professional sources. The more new questions you get, the more new answers you get." Of course, the paradox of success is that the more popular your crowdsourcing site is, the more likely it will become the target of vandals.

This is why, he says, it's so important to foster a tight community that takes pride in keeping the site accurate and will work quickly to clean up any vandalism. Because the service uses its online community to research the validity of patent claims – a time-consuming task if there ever was one – it pays money to users who are the first to come up with a correct solution to whether a patent is valid or not. For AOP Patent Studies, developing a sense of community is also important, but it's not the only incentive it uses to push its users toward greater accuracy. It basically works like this: a company comes to AOP Patent Studies and pays them to look into a patent claim. The first two people to get results get paid a portion of the money. The Web site then throws the case to its online community for research.

Still, Article One Partners CEO Cheryl Milone thinks that monetary incentive can't help your crowdsourcing site if you don't first develop a strong sense of cooperation among users. "There really has to be a sense of camaraderie and loyalty," she says. "Whether people are brought to the site because they know a lot about a particular technology or because they feel strongly that the patent system needs to be strengthened, it's the feedback they get from the community that keeps them coming back and is in itself compensation for their efforts."

ICANN freed from US gov't oversight

The Internet Corporation for Assigned Names and Numbers (ICANN) has reached a new agreement with the U.S. Department of Commerce allowing the nonprofit greater independence, while giving more countries oversight of the organization. The DOC will continue to be involved in ICANN's Governmental Advisory Committee, but the new agreement recognizes ICANN as a global "private-sector led organization." The new agreement is a "huge moment not just for ICANN but for the Internet," said Paul Levins, vice president at ICANN. "This really vital resource was being overseen by one government." The U.S. government will have "one seat at the table" for the three-year reviews, ICANN CEO Rod Beckstrom said in a video on the organization's site. "What it really means is we're going global," he said. "All the reviews and all the work done will be submitted for public comment to the world. The new agreement, called an Affirmation of Commitments, sets up reviews of ICANN's performance every three years, with members of ICANN advisory committees, the Department of Commerce (DOC), independent experts and others serving on the review teams.

But there's no separate or unique or separate reporting to the United States government. The new agreement won praise from critics who have complained that the U.S. governmenthas had too much control over ICANN, which manages the Internet's DNS (domain name system). The new agreement should allow ICANN to become more open and accountable to users worldwide, said Viviane Reding, the European Union's commissioner for information society and media. All the reporting is to the world; that's the real change." The new agreement was announced Wednesday, the same day that an 11-year series of memorandums of understanding between ICANN and the DOC expired. The new agreement ends "unilateral" review of ICANN by the DOC and sets up independent review panels, she said in a statement. "I welcome the U.S. administration's decision to adapt ICANN's key role in internet governance to the reality of the 21st century and of a globalized world," Reding said in her statement. "If effectively and transparently implemented, this reform can find broad acceptance among civil society, businesses and governments alike." The challenge, she said, will be to make ICANN's Governmental Advisory Committee more effective, as it has a major role in appointing the review panels. "Independence and accountability for ICANN now look much better on paper," she said. "Let's work together to ensure that they also work in practice." The new agreement commits ICANN to a "multi-stakeholder, private sector led, bottom-up policy development model for DNS technical coordination." It also requires ICANN to "adhere to transparent and accountable budgeting processes, fact-based policy development, cross-community deliberations, and responsive consultation procedures that provide detailed explanations of the basis for decisions." ICANN will publish annual reports that measure the organization's progress and it will provide a "thorough and reasoned explanation of decisions taken, the rationale thereof and the sources of data and information" on which it relied. The Internet Society, a nonprofit organization focused Internet-related standards, education, and policy, also praised the new agreement, saying it emphasizes ICANN's obligation to "act in the public interest as the steward of a vital shared global resource." The new agreement doesn't change the DOC's contract with ICANN to perform the functions of the Internet Assigned Numbers Authority (IANA), which is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources. While the expiration of the old agreement with the DOC "threatened to open an accountability gap" for ICANN, the new agreement should resolve that concern, added Steve DelBianco, executive director of e-commerce trade group NetChoice. "The Commerce Department has crafted an arrangement here that delivers what the global Internet community has clamored for: permanent accountability mechanisms to guide ICANN in the post-transition world," he said. "These reviews should help ICANN stay focused on security, choice and consumer trust, with an added emphasis on interests of global Internet users - especially those who can't yet use their native language in domain names or e-mail addresses."" The new agreement addresses an issue that's been missing at ICANN, "a balanced way to bring all governments into the oversight process alongside private sector stakeholders, with a sharpened focus on security and serving global internet users," he added.

The DOC, in the new agreement, also doesn't endorse ICANN's efforts to allow an unlimited number of new generic top-level domains, such as .food or .basketball. The controversial plan has met resistance from trademark owners, who say they'd have to register for dozens of new Web sites to protect their brands. "Nothing in this document is an expression of support by DOC of any specific plan or proposal for the implementation of new generic top level domain names or is an expression by DOC of a view that the potential consumer benefits of new gTLDs outweigh the potential costs," the new agreement said.

Tweets rolling in as frozen Twitter thaws out

After freezing up early this afternoon, Twitter is starting to thaw out as frustrated users tweet about the downtime. About half an hour earlier, many users had started reporting that their service was back up and running and tweets were no longer frozen. At about 3:30 p.m. EDT today, Twitter updated users on its status page that the problem that had stymied Twitterers for a few hours today had been repaired. At 1:50 p.m., Twitter had told users that tweets were not reaching the followers of Twitterers and that engineers were starting to deploy fixes.

The Twitter woes started between 10 a.m. and 11 a.m. EDT today. By 3 p.m., many users were reporting that their service was back up and running and that their tweets were no longer frozen. Users could post tweets, which would be published on their own stream. Twitter has not disclosed what caused the problem. Updates from their followers weren't showing up on usr streams. The microblogging company did not respond to a request for comment but noted on its Web site that engineers ware deploying fixes.

PRE-FRIENDS days... none of you will get this, but it's WAY TO QUIET in my world!!!! miss you all...," wrote one Twitterer. Once tweets started moving again, users were quick to vent their frustration with the lack of service today. "twitter is frozen..." feels weird!! Another tweeted, "Twitter Is Frozen, which means right now, in offices all around the world, stuff is actually getting done." Another tweet read, "Twitter was frozen in time. I stared at my own updates for 3 hrs," while another said, "Twitter is frozen and y'all bout to lose ya minds. Really weird.

I'd hate to see what y'all would do if Twitter shuts down for good."

Father of fiber-optics snags share of Nobel Physics Prize

Charles Kao, whose work in the 1960s laid the foundation for today's long-distance fiber-optic networks, has won a share of this year's Nobel Prize in Physics. More technical details on the prize winners' efforts are outlined in this paper.  Slideshow: Nobel vs. Kao, sometimes referred to as the "father of fiber-optic communications," was formally honored by the Nobel Foundation in Stockholm, Sweden "for groundbreaking achievements concerning the transmission of light in fibers for optical communication" The Shanghai-born Kao shares the award with Willard Boyle and George Smith, who invented imaging technology using a digital sensor dubbed a CCD (Charge-Coupled Device) that makes use of the photoelectric effect theorized by Albert Einstein under which light is transformed into electric signals.

Ig Nobel  Kao's breakthrough discovery in 1966 was to determine how to transmit light over long distances using ultrapure optical glass fibers. The first ultrapure fiber was created in 1970. According to the Nobel organization, if all the glass fibers in the world were put end to end, they would circle the globe more than 25,000 times. This would extend the distance of such transmissions to 62 miles vs. the mere 65 feet allowed under previous technology held back by impurities. Kao accomplished his work while with Standard Telecommunication Laboratories, Harlow, UK, which eventually became part of Nortel. More recent research into fiber-optics has resulted in such findings as those by Alcatel-Lucent researchers who multiplied the speed of the fastest undersea cables by 10 and by researchers from the Technion-Israel Institute of Technology who have come up with a way to use the same sort of fiber-optic cables used for telecom to detect tunnel excavation at depths of more than 60 feet. 

He is now Chairman of ITX Services.

Secret Service probes Obama assassination poll on Facebook

The U.S. Secret Service is investigating a poll posted on Facebook asking people to vote on whether President Barack Obama should be assassinated. He said the poll, which went online Saturday, was taken down Monday morning after the Secret Service alerted Facebook to its presence on the site. Special Agent Ed Donovan, a spokesman for the Secret Service, said this afternoon that the agency launched a probe into the matter and currently is looking for the person who posted the poll. The poll asked Should Obama be killed? and gave users the choice of yes; maybe; if he cuts my health care; and no.

A screen shot of the poll , which was posted on the blog, The Political Carnival , shows that at some point at least 387 people had voted. Neither the Secret Service nor Facebook would say how many people voted in the poll and what the results were. Barry Schnitt, a spokesman for Facebook, was quick to point out that this was not a poll that originated from the social networking site itself. A source within law enforcement noted that while posting the poll, in and of itself, is not illegal, federal investigators can t discount the possibility that the person behind the poll has malicious intentions. The third-party application that enabled an individual user to create the offensive poll was brought to our attention this morning, wrote Schnitt in an e-mail to Computerworld . The application was immediately suspended while the inappropriate content could be removed by the developer and until such time as the developer institutes better procedures to monitor their user-generated content. The source said the Secret Service needs to interview the person to gauge his or her ultimate intent.

US lawmakers question ICANN gTLD plan

Several U.S. lawmakers urged the Internet Corporation for Assigned Names and Numbers (ICANN) to back off on a plan to offer an unlimited number of new generic top-level domains until concerns about trademark protections and other issues can be addressed. You guys made us come here today." The board at ICANN, the nonprofit organization created in 1998 to oversee the Internet's domain name system, voted in June 2008 to move toward unlimited gTLDs, in addition to the 21 gTLDs available now, including .com, .biz, and .info. Members of a subcommittee of the U.S. House of Representatives Judiciary Committee on Wednesday questioned ICANN Chief Operating Officer Doug Brent about why the organization continues to move forward with its plan to sell new generic top-level domains, or gTLDs. Judiciary Committee Chairman John Conyers, a Michigan Democrat, complained that ICANN hasn't been able to resolve complaints about its plan to sell new gTLDs to compete with .com, .org and other current TLDs. "This is a hearing we shouldn't have had to call," Conyers said. "If the parties had come together, I doubt if we'd be here this morning. Under the ICANN plan, anyone could apply for a new gTLD - some suggested have been .food, .basketball and .eco - at a cost of about US$100,000. Asked by lawmakers how soon ICANN planned to offer new gTLDs, Brent said he wasn't sure.

Critics of the TLD expansion, including Hewlett-Packard and Dell, have complained that a huge expansion of gTLDs would force trademark owners to buy multiple domains on each new gTLD, potentially costing them and their customers billions of dollars. ICANN had originally planned to offer them this year, but the latest estimate is February, and Brent said he expects that deadline to slip as ICANN works with critics to resolve issues. This week, the Coalition Against Domain Name Abuse (CADNA), an organization with 19 large-business members, called on the U.S. government to conduct a "full-scale" audit of ICANN. "ICANN has not properly vetted this decision in an objective fashion," CADNA said. "This rollout expands the size of the Internet exponentially without first performing a sound cost/benefit and security and risk analysis to determine both desirability among and risk to Internet users." At the Wednesday hearing, Conyers seemed to connect the gTLD disagreements with the end of an oversight agreement ICANN has with the U.S. Department of Commerce. A spokesman for Conyers wasn't immediately available to clarify his comment. ICANN's long-standing formal relationship with the U.S. government ends Sept. 30. "If you don't meet the 30th deadline, you're going to all be sorry that you didn't make it," Conyers said.

ICANN's Brent defended the organization's decision to move forward with new gTLDs. Internet users, including the U.S. government, have long called for new TLDs, he said. Winners of new gTLDs will have to abide by a lengthy set of rules, he said. "ICANN did not casually think this plan up," Brent added. "This will not be an unbridled expansion. In addition, the expansion of TLDs would allow Internet users who don't use the Roman alphabet to have domain names in their native languages, he noted. It is the work of many hands from a bottom-up process." Representative Bob Goodlatte, a Virginia Republican, questioned whether ICANN had enough resources to enforce strong trademark protections and other rules in the new gTLDs. He asked if ICANN saw that there were still "a lot of things that need to be worked out here." "We might question 'a lot,' but I think, absolutely we have more work to do," Brent answered. Instead, we should address these concerns." But Steve DelBianco, executive director of e-commerce trade group NetChoice, suggested the new gTLDs are little more than an effort to create new labels, when ICANN has more important issues to work on. "Every day our industry and my members create new applications, Web sites and services," he said. "Labels are just one of the ways people find these new services.

Despite the continued concerns, Paul Stahura, CEO and president of domain-name registrar eNom, said the ICANN plan will lead to more competition among domain-name registries. "There is high consumer demand for many new gTLDs," he said. "There currently is little or no competition to satisfy this demand, and ... we shouldn't prohibit competition because of trademark concerns. The label is not the creation, it's just something we stick on it." One proposed gTLD is .food, he said. "Dot-food won't create a single new restaurant," DelBianco said. "It won't create a new Web page, it won't create new restaurant reviews or online reservation sites."

The Net at 40: What's Next?

When the Internet hit 40 years old - which, by many accounts, it did earlier this month - listing the epochal changes it has brought to the world was an easy task. Businesses stay in touch with customers using the Twitter and Facebook online social networks. It delivers e-mail, instant messaging, e-commerce and entertainment applications to billions of people.

CEOs of major corporations blog about their companies and their activities. On Sept. 2, 1969, a team of computer scientists created the first network connection, a link between two computers at the University of California, Los Angeles. Astronauts have even used Twitter during space shuttle missions. But according to team member Leonard Kleinrock , although the Internet is turning 40, it's still far from its middle age. "The Internet has just reached its teenage years," said Kleinrock, now a distinguished professor of computer science at UCLA. "It's just beginning to flex its muscles. That will pass as it matures." The next phase of the Internet will likely bring more significant changes to daily life - though it's still unclear exactly what those may be. "We're clearly not through the evolutionary stage," said Rob Enderle, president and principal analyst at Enderle Group. "It's going to be taking the world and the human race in a quite different direction. The fact that it's just gotten into its dark side - with spam and viruses and fraud - means it's like an [unruly] teenager.

We just don't know what the direction is yet. It may doom us. It may save us. But it's certainly going to change us." Marc Weber, founding curator of the Internet History Program at the Computer History Museum in Mountain View, Calif., suggested that the Internet's increasing mobility will drive its growth in the coming decades. Sean Koehl, technology evangelist in Intel Corp.'s Intel Labs research unit, expects that the Internet will someday take on a much more three-dimensional look. "[The Internet] really has been mostly text-based since its inception," he said. "There's been some graphics on Web pages and animation, but bringing lifelike 3-D environments onto the Web really is only beginning. "Some of it is already happening ... though the technical capabilities are a little bit basic right now," Koehl added. The mobile Internet "will show you things about where you are," he said. "Point your mobile phone at a billboard, and you'll see more information." Consumers will increasingly use the Internet to immediately pay for goods, he added.

The beginnings of the Internet aroused much apprehension among the developers who gathered to watch the test of the first network - which included a new, state-of-the-art Honeywell DDP 516 computer about the size of a telephone booth, a Scientific Data Systems computer and a 50-foot cable connecting the two. We were confident the technology was secure. The team on hand included engineers from UCLA, top technology companies like GTE, Honeywell and Scientific Data Systems, and government agencies like the Defense Advanced Research Projects Agency. "Everybody was ready to point the finger at the other guy if it didn't work," Kleinrock joked. "We were worried that the [Honeywell] machine, which had just been sent across the country, might not operate properly when we threw the switch. I had simulated the concept of a large data network many, many times - all the connections, hop-by-hop transmissions, breaking messages into pieces. It was thousands of hours of simulation." As with many complex and historically significant inventions, there's some debate over the true date of the Internet's birth. The mathematics proved it all, and then I simulated it.

Some say it was that September day in '69. Others peg it at Oct. 29 of the same year, when Kleinrock sent a message from UCLA to a node at the Stanford Research Institute in Palo Alto, Calif. Kleinrock, who received a 2007 National Medal of Science, said both 1969 dates are significant. "If Sept. 2 was the day the Internet took its first breath," he said, "we like to say Oct. 29 was the day the infant Internet said its first words." This version of this story originally appeared in Computerworld 's print edition. Still others argue that the Internet was born when other key events took place. It's an edited version of an article that first appeared on Computerworld.com.

Avaya wins Nortel enterprise business for $900 million

Avaya has emerged as the winning bidder for Nortel's enterprise business, reportedly beating out Siemens Enterprise Communications over the weekend. Avaya will also contribute an additional pool of $15 million for an employee retention program. The firm will pay $900 million for the unit, Nortel's Government Solutions group and DiamondWare Ltd., a Nortel-owned maker of softphones.

That price is nearly twice what Avaya was initially said to be buying the enterprise business for back in July before auction bidding kicked in. Telecom carrier Verizon, however, is expected to contest the sale on the grounds that Avaya does not plan to retain customer support contracts between Nortel and Verizon. Slideshow: The rise and fall of Nortel Avaya has sought Nortel's enterprise business in hopes of boosting its share of the enterprise telephony and unified communications markets, and getting more customers to migrate to its IP line of communications products.  The sale, expected to close later this year, is subject to court approvals in the U.S., Canada, France and Israel as well as regulatory approvals, other customary closing conditions and certain post-closing purchase price adjustments. Nortel is confident the sale will go through without any snags. "We do not expect the Verizon interaction to impact court approval or the close of this deal," said Joel Hackney, president of Nortel Enterprise Solutions. "We will continue to go forward in supporting customers." Hackney would not say whether Nortel is engaged in the negotiations between Avaya and Verizon on the future of certain customer support contracts, mentioning only that Nortel supports Verizon as a customer as well as the carrier's customers. Nortel customers hope the deal works out in their interest. "Nortel earned the trust of our user group members by delivering innovative, reliable communications solutions and ensuring high-levels of service and support, " said Victor Bohnert, Executive Director of the International Nortel Networks Users Association, in a prepared statement. "With the announcement of today's purchase by Avaya, we look forward to extending that relationship forward to serve the business communications needs of our constituency base across the globe." Nortel will seek Canadian and U.S. court approvals of the proposed sale agreement at a joint hearing on September 15, 2009. The sale close is expected late in the fourth quarter.

Hackney also said there were two bidders for the enterprise unit but would not identify the second suitor. In some EMEA jurisdictions this transaction is subject to information and consultation with employee representatives. As previously announced, Nortel does not expect that its common shareholders or the preferred shareholders of Nortel Networks Limited will receive any value from the creditor protection proceedings and expects that the proceedings will result in the cancellation of these equity interests.

UN document details $300 million ERP mega-project

An early-stage planning document for the United Nations' ongoing global ERP (enterprise resource planning) project calls for a budget north of US$300 million and provides a detailed look at the challenges the effort must overcome.

Dubbed "Umoja," after a Swahili word meaning 'unity,' the project "presents a once-in-a-generation opportunity to equip the organization with twenty-first century techniques, tools, training and technology," the document states.

The UN's IT infrastructure is a staggering tangle of disconnected, redundant and antiquated legacy infrastructure, resulting in gross inefficiencies throughout the organization, according to the document.

Over the years, the organization has collected "at least" 1,400 information systems, many of which are "used to support or track paper-based processes," states the report, which was first brought to light in a Fox News report this week.

For example, the equivalent of up to 40 full-time employees is currently being used to process interoffice and interagency vouchers, and the total time spent each year processing travel claims "is more than the full-time equivalent (FTE) of 60 person-years," the report said.

IT operations are also heavily siloed, according to the report: "Most duty stations, and many organisational units within duty stations, contain their own stand-alone finance, human resources, supply chain, central support services and information technology areas."

If the ERP implementation is successful, it could provide between roughly $470 million and $770 million in "ongoing annual capacity improvements, costs savings and cost recovery," the document states.

But the project has a sizable price tag of its own. The report proposes a budget of $337 million, which is divvied up among a series of line items, including:

- $76 million for "2,597 work months" of system build and implementation services.

- $14 million for travel, which presumes 1,285 trips will be taken by "ERP team members, subject-matter experts and corporate consultants" at an average air ticket cost of $6,000. Each trip will also get $202 for "terminal expenses" and $5,000 for 20 days worth of per diems, for a total cost of about $11,000 per trip.

- $1.8 million for office furnishings to support 234 workers, including 80 core staff, 66 subject matter experts, eight consultants and 80 system integrators, or about $7,700 per person.

- $6.7 million for office rental, based on an annual rate of $14,300 per person

- $564,200 for long distance telephone calls, teleconferencing and videoconferencing

- $18 million for hiring "limited replacements" for subject matter experts involved in the project

- $16 million for software licenses and maintenance fees

Also, according to the Fox News report, the project had originally been budgeted at $286.6 million.

The draft report has since been updated and the numbers in it have changed, said UN spokesman Farhan Haq. He could not say whether the project's scale had shifted significantly or confirm the budget figure cited by Fox News.

Haq declined to comment further, but said the UN would discuss the project in greater detail once the report is finalized.

What is clear is that the project remains in extremely early stages. An initial design phase began in May and is scheduled to last between nine and 12 months, according to the document.

In addition, the UN has yet to finalize a contract with its chosen vendor, SAP, and won't solicit bids for the integration work until the last quarter of this year.

Despite the project's staggering scale, the UN could recoup its investment within two years of "full deployment and stabilization," the report said.

In the UN's case, a slow pace may well be for the best, said Ray Wang, a partner with the analyst firm Altimeter Group.

While every global ERP rollout is difficult, the UN is in a special situation given its international makeup and set of missions, such as managing military peacekeeping forces and responding to emergencies, he said.

"You're trying to push a system out to people with different cultures, habits, levels of [connectivity]. It requires a lot of change management, a lot of face-to-face sessions for a project of this type to succeed.This isn't a standard business case. ... This isn't your standard ERP system," he said.

The UN report echoes the sentiment: "The enormous change in the human skills, working methods, procedures and technology required to fully realize the benefits of Umoja requires a strong commitment from staff at all levels."

Report: Hathaway resigns as acting cybersecurity czar

Melissa Hathaway, who was regarded as one of the top contenders for the newly created position of White House cybersecurity coordinator, has withdrawn from consideration and resigned as acting senior director for cyberspace citing personal reasons, the Wall Street Journal reported.

Hathaway's resignation is effective Aug. 24. She had been viewed as a top contender for the post of White House cybersecurity coordinator, which was announced by President Barack Obama in May. According to the Journal, Hathaway asked not to be considered for that post about two weeks ago, citing personal reasons.

Hathaway, a former Bush administration aide, was working as cybercoordination executive for the Office of the Director of National Intelligence (ODNI) when she was appointed to her new role by President Obama in February. She was directed to conduct a 60-day review of governmentwide cybersecurity preparedness.

Hathaway's highly anticipated review was completed in May, and recommended several measures that the government needed to take to bolster cybersecurity. One of her recommendations was to establish a cybersecurity office within the executive offices of the president to oversee and enforce the development and implementation of a national cyber security policy.

As cybercoordination executive for the ODNI during the Bush Administration, Hathaway headed a multiagency group called the National Cyber Study Group that was instrumental in developing the multibillion-dollar, highly classified Comprehensive National Cyber Security Initiative (CNCI) that was approved by former President Bush in early 2008. Since then, right up to the time she was reassigned by Obama, Hathaway had been in charge of coordinating and monitoring the CNCI's implementation.

Hathaway's sudden resignation is likely to raise questions about the delay in naming the new White House cybersecurity coordinator. Though it's been more than eight weeks since Obama announced his plans to appoint a White House cyber czar, there is no indication that he is close to naming anyone to the post.

Some observers say the administration may be having a hard time finding someone to fill the role because it is expected to be a largely consultative position with little real enforcement clout.

Mac News: PocketMac releases RingtoneStudio 2 software

PocketMac announced on Tuesday the release of RingtoneStudio 2.0, an update to its software for creating and editing iPhone ringtones. Included in version 2.0 are visual sound editing, which lets you view the actual waveforms in realtime with a zoom of up to 16x, volume control for sound clips, and the ability to add fade-ins or fade-outs to any ringtone.

RingtoneStudio 2.0 costs $30 for a new license, or $10 to upgrade from version 1.0; it requires Mac OS X 10.5 and supports any model of iPhone.-Dan Moren

Sonar adds Leopard, Snow Leopard compatibility

Matterform media has released Sonar 2.0, an update to the real-time security monitor for the Mac. It's now compatible with Mac OS X 10.5 Leopard and Mac OS X 10.6 Snow Leopard. Sonar displays realtime info about changes made to your hard drive; it's helpful for debugging apps that write too frequently to the hard disk and for monitoring untrusted apps downloaded from the Internet. Sonar costs $18.-Peter Cohen

SharewarePublisher fixes several bugs

SharewarePublisher 1.1 is an improved version of Ergonis Software's shareware submission tool and assistant for Mac OS X. The software assists shareware software developers with submitting information about their products to software listing sites and repositories, and works with more than 100 Web sites. The latest update adds a function to extract a category from a Web page and store it in the database, fixes drag and drop in Snow Leopard, and more.

SharewarePublisher requires Mac OS X 10.5 or later and costs €70.-PC

Freeway extends CSS menu creation tool

Softpress Systems has updated Freeway to version 5.4. The new release of the Web page design software features an extended Cascading Style Sheet (CSS) menu creation tool and AddThis social bookmarking capabilities, among other new features and bug fixes.

Freeway 5.4 is a free update for registered owners; it comes in Pro and Express versions for $249 and $79 respectively.-PC

Palm delays webOS developer kit, Mojo

With little explanation, Palm has delayed the release of Mojo, the software development kit for its webOS platform, until the end of the summer.

Hackers dissect Palm Pre

The operating system, based on a Linux kernel with an embedded Webkit rendering and JavaScript engine, is the foundation for building applications for the just-released Palm Pre. Mojo provides an array of interfaces and services that let developers easily access Pre features and functions.

The delay, announced on the Palm developers blog, makes it more difficult for existing PalmOS developers and the new army of HTML and JavaScript developers to coalesce behind the new operating system and create the wealth of applications that will make it a viable challenge to Apple's iPhone.

"We've been working very hard on the SDK and are eager to open access on a wider scale, but the software and the developer services to support it just aren't ready yet. Our goal is to make the SDK available to everyone by the end of this summer," wrote Palm's Chuq Von Rospach in a June 19 post on the Palm developer blog.

But Palm is trying to expand the number of developers with access to Mojo as rapidly as possible in a series of stages, he added.

Starting at once, Palm will "accelerate the growth of the [Mojo] early access program, expanding as quickly as resources allow, to include thousands of developers in the next few weeks," Rospach wrote.

At the same time, Palm said it will start publishing new webOS, development, and Mojo information outside of the early access program, and free up existing Mojo users finally to talk more freely about the SDK and webOS.

Developers working with the early-release version of Mojo have been impressed: Applications are written in JavaScript, HTML, HTML 5 and Cascading Style Sheets, all widely used and well-known Web development tools. The webOS with its embedded Webkit engine runs these programs, which mimic traditional native applications in performance and interactivity, natively on the Palm Pre handset.

Plenty of developers aren't happy about the release target, and vented on the Palm blog.

"END OF SUMMER!? Am I the only one [appalled] at this??" posted Jeremy.

"You have developers climbing all over themselves trying to help your platform be a success and trying to help your ecosystem grow, but you just keep putting us off with vague promises of releasing Soon or the End of the Summer or Early Access or "hundreds" and "thousands", but the longer you delay actually getting the SDK in the hands of developers like myself who are ready, willing, and able to use it to make your platform a success the more of an uphill battle it will be once you finally do," wrote Kyle Goodwin, CEO of Palindrome Softworks, a custom developer of reusable business software.

Hackers have already been busy dissecting and working with the webOS software even before the phone went on sale earlier this month. One poster on the Palm blog alluded to those activities, urging Palm to leverage it by releasing Mojo as soon as possible.

"Given the success of the experimental/homebrew community in less than two weeks, without official support, documentation, or debugging tools, I can only imagine that the pool of quality apps will explode exponentially once the SDK is released," wrote Jason LaBrun.

Another poster, Adam, wrote, "Come on guys. You need to open up this phone and get the apps flowing. It's sad that more exciting things are coming out of the Palm/webOS dev wiki instead of Palm itself! It's like you've dropped a wonderful gadget into the hands of thousands of people and now it has to just sit there looking pretty for months before [its] potential can be unleashed! You need to pull all-nighters and get this SDK released BEFORE that fall deadline."

Mozilla to let enterprises build custom Firefox browsers

Mozilla is readying a program that will allow companies to build their own customized browsers based on the next version of Firefox, which will be out in a few weeks.

The Build Your Own Browser program is a good fit for enterprises that want to create a customized browser that can be easily installed across multiple corporate desktops, said Mike Beltzner, director of Firefox at Mozilla Corp.

Through the program, which will start sometime soon after Firefox 3.5 is released at the end of June, companies can use a Web application provided by Mozilla to specify certain customizations for the browser - such as bookmarks to certain sites or corporate intranets or portals, he said.

Companies also can brand the browser through technology called Personas that allows them to code a skin across the top of the browser with a company's logo on it, Beltzner said.

Once the custom browser is developed, the application then will send it to the company and give it an installation program that makes it possible to install the browser across all desktops in the company, Beltzner added.

The bulk of enterprises still use Internet Explorer if they mandate a browser for company use, because Microsoft provides provisioning and installation software for IE that makes it easy for enterprises to control browser settings and install across all corporate desktops, said Forrester analyst Sheri McLeish.

Mozilla has not historically done this, but something like the Build Your Own Browser program is a good start to encourage enterprises to use Firefox over IE, she said.

"If Mozilla can enable some customization to developers and IT professionals to not only brand but give greater control to manage and administer the Firefox browser, that will certainly have companies take another look at it to make it the default browser of choice," McLeish said.

Up until now Mozilla has offered "deep customization tools" for Firefox, but they weren't always obvious to the average user and there has never been a good way for someone to build a customized version of the browser, Beltzner said.

Mozilla also has not provided software akin to Microsoft's installation pack for IE, but does make it possible for people to build their own multiple-machine installers for Firefox, given that the browser is open source and applications for it can easily be developed, he said.

Firefox has about 300 million users worldwide, and Firefox 3.5 will be available in more than 70 languages on the day it is available, according to Mozilla. A beta of the browser is available online now.