I speak English natively. My friend that I want to chat with in IM speaks German. A chat-helper service called MTBOT (Microsoft Translation Robot) allows me to type in English, yet my friend sees and reads what I wrote translated into his native German language. Likewise, when he types in German, what I see is his messages machine-translated into English.

If you use Windows Live Messenger, you too can add mtbot@hotmail.com to your buddy list. When you want to chat with someone who speaks another language, add them to a "conversation" with your TBot. You and the other person are asked to specify your native language, and after that you just start typing.

There are a number of commands you can issue to control TBot's behavior. To see a list of commands, just type "TBOT ?" in the IM window. You'll then be presented with the list of available commands:

Cool stuff. Check out the Translator information posted over at the Live Search blog.

Currently-supported languages:

• English to/from:
• Arabic
• Chinese Simplified
• Chinese Traditional
• Dutch
• French
• German
• Italian
• Japanese
• Korean
• Portuguese
• Russian (Russian to English only)
• Spanish
• Chinese Simplified to/from Chinese Traditional

Call your Congressional rep now (202-225-3121) and ask them to support H.R. 7084, the Webcaster Settlement Act of 2008. Pandora and other similar services need your help.

I called last night and left a message for my Congressman in Oregon, David Wu. If it's your first time, calling just know it's easy: The operator will answer the phone, you ask for your congressman by name, and they transfer you to the correct office.

I left a message for Wu last night stating that I wanted him to support the resolution because it was of a timely nature and it ensured fair ad reasonable competition, and that industry lobbyist attempts to defeat it or stall it were anticompetitive in motivation.

If you use online streaming music services like Pandora or other similar ones, their very existence may depend on this resolution, so make your voice known now. It really does make a difference.

If you don't know who your Congressperson is, you can look them up quickly here. All you need is your ZIP code.

On Wednesday morning (September 24th, that is) at 9 a.m. Pacific time, Ed Bott will be joining Microsoft Technical Fellow Mark Russinovich and others for a live IT Springboard panel online discussing Windows Vista performance, a topic of interest to many and (based on my observations) understood by few.

You can ask questions live or email them to the panel ahead of time. The panel should be located here when it happens. The Springboard Virtual Roundtable Series is a great IT resource, worth keeping an eye on. Here's some detail:

Springboard Series Virtual Roundtable
Under the Hood: Windows Vista Performance…Need Answers?

Join Mark Russinovich and a panel of industry experts for a LIVE virtual roundtable to explore your top of mind performance issues, common misconfigurations, and tips on how to fix them. From boot times and applets to disk performance and battery life, find out how to optimize Windows Vista and what you can do to improve overall system performance.

Submit your performance questions live during the event or send them in advance to vrtable@microsoft.com.

Save the date!
Wednesday, September 24, 2008
9:00am Pacific Time

I wasn't going to write anything about the new Microsoft commercials, which I really like, despite the fact that I wrote about the two Seinfeld/Gates commercials.

But then I realized that the PC Guy in the commercials is Sean Siler. He's a real tech guy who actually works at Microsoft for a living - as opposed to being a professional actor. Here's his TechNet blog.

In fact, Sean epitomizes the "I'm a PC" message. We interviewed him not too long ago for RunAs Radio on the topic of IPv6 (he's the program manager for IPv6 at Microsoft). I thought you might be interested in hearing what Sean had to say at that time. He's wicked smart and a fun conversation.

It sounds like it's been an interesting evening for Sean, but he took the time to exchange a couple emails with me, which was cool of him. Congrats to Sean, and to Microsoft. Good start!

So, here you go - Our interview with Sean from a few months ago:

RunAs Radio #53: Sean Siler Sets Us Straight on IPv6! (download MP3)

And here are the three new commercials. Personally, I like 'em.

Oh and if you send an email to Sean's address as listed in the three videos, you'll get a reply. I'd post it here, but it'll be more fun if you do it yourself. :)

It's really the classic case study in information (in)security and the need for strong authentication. With all due respect to the good people at Yahoo!, this opportunity to review Internet security mechanisms is too good and too useful to pass up.

By now, we all know Republican vice-presidential candidate Sarah Palin's Yahoo! email account was broken into on Tuesday night (read the link to get the details). Apparently (and fairly obviously), access was gained via the forgotten password mechanism on the Yahoo! webmail interface, which allowed the malicious person to reset the profile's password with just a few pieces of information about the Alaska governor (birthdate, ZIP code and a piece of info related to where she met her spouse) that could be easily discovered by searching Google. That fact that so much of Palin's life history has been documented on the Web makes her that much more vulnerable to knowledge-based security mechanism hacks. It should also be noted that some security questions are better (or stronger) than others, so it's important that questions you choose for online protection are not ones that can be answered with information available on the Internet.

We security folk frequently talk about something called "multifactor authentication." By "multifactor" we mean an authentication process that requires two or more of the following:

• Something you know (passwords, user names, answers to questions)
• Something you have (token, device, phone, etc.)
• Something you are (physical fingerprint, voiceprint, or other biometric measure such as a verifiable, non-spoofable behavior (some call this "something you do"))

Most multifactor auth systems are pretty easy to recognize. You know them when you see them. Those key fobs or cards with the revolving digits that you have to provide at login are a common example. They're also fairly expensive and complicated. Some multifactor technologies are easier to use than others. There are a variety of behind-the scenes systems that track user behavior and other markers to determine if the person accessing an account is the legitimate user or a bad guy, for example. A well-designed and well-implemented system balances usability with security strength, and some systems yield higher results in that regard than others.

In this particular case, the bad guy was able to leverage only things he knew (found via a search engine) to change the password on the account and gain access to the Yahoo! Mail account. No other verification or mechanism was required. That's simply weak security in this day and age.

I walked through the account password reset system on my Yahoo! account, just so I could get a first-hand look at how it works and how simple it is to reset an account there. Honestly, it was a little too easy. Here are the details (you can click each image to see them full-size):

First of all, I selected the option on the login screen that says, "Forgot your ID or password?"

Next I was prompted either to supply an email address for reset, or to choose the option to reset without access to a registered email account (which to me was an immediate red flag). Obviously, I chose the latter.

This is where the security mechanism breaks down. I'm immediately asked to answer a "secret" security question. This process is called knowledge-based authentication. It's an additional layer of validation in a single-factor authentication scheme - I have to provide "something else I know." Even in my case it's information that could be fairly easily discovered (assuming I answered the question accurately). It should also be noted that in order to change my security question, I need to contact Yahoo! customer support (which I did).

Once I supply the correct answer to a single question, I'm immediately allowed to change my password. At this point it should be noted that if I was prompted to answer multiple questions in this validation workflow, using some randomization of questions and setting a time limit to answer each one, that would at least make it more difficult for someone to gain unauthorized access. Systems are available to do exactly that (I know, I used to manage a team that built one such authentication app).

I'm asked to verify my ZIP code and country (just for profile information), and that's it. Note that other analyses of this process seemed to say that providing the ZIP code and Country was required to reset, but that was not the case in my review. In fact, it appears the bad guy is just being handed that information after changing the password, for free. Take that info, stick it in your Google and smoke it: More search accuracy for the next phase in your attack. Not good.

I'm then notified that my account is now "up to date." I also got an email notifying me of the changes that were made to an account I had tied to the Yahoo! profile for communication purposes. At least I can rest assured that I'll get an email before the bad guy goes into my profile and removes that address from the account.

I think you're starting to get the picture. The authentication mechanism is only as strong as it's weakest part, and the fact that I have an option to reset without ever having to leave the browser window is a problem. Even changing the system to require that I receive an email (which is already the standard reset mechanism) would be better. As it stands today, that's an option, but not a requirement.

Many will argue that hey, it's just an email account, and that Yahoo! can't be expected to implement stronger security on their site as a requirement. I say that's flat out wrong (and what the account was or wasn't used for isn't particularly relevant to this analysis). Email is the number one mechanism used to move information - both innocuous and sensitive - among people. The fact that it's not the best mechanism for doing so ignores the fact that it's how people do things. There are a variety of options available to help ensure only authorized users can get access to email accounts. The fact they are not regularly implemented is a sad state of affairs.

There are many options to strengthen the identification and authentication processes. We can't discuss them all here, but a couple on my mind are described below.

Physical tokens - Making the jump from only having to remember a user name (which is usually the email address, so hardly a secret ) and a password to a scheme where one must carry a token and provide information from it in order to log in is quite a leap (carrying yet another piece of technology around doesn't exactly appeal to me), but it works. The costs associated with fulfilling, supporting and maintaining such a system are very real, and for Yahoo! may not be realistic. But there are systems available to those who know and choose to use them that can substially improve your authentication profile. Check out Omar Shahine's recent blog entry describing how he's securing his accounts in a few ways, including with an OpenID-integrated single-sign-on token system from Verisign.

But, even if you use an OpenID to sign in, what if your OpenID is a Yahoo! ID or other identity that you can reset with a single piece of discoverable knowledge? It still needs to be protected from unauthorized changes and access.

How to do that? There are several ways. I have a couple of favorites, but please feel free to share yours.

Require security changes to take place out of band - One option, probably quicker and less expensive to implement than physical tokens, is using something like an automated telephone call or text message to require the owner of the account to verify a change should be allowed. By registering one or more phone numbers when the account is created and requiring a unique secret be provided via that channel to authorize a change, one can sufficiently secure the account. Vidoop uses a system like this for resetting information on their OpenID accounts. It's simple and it works. It requires me to have the correct device (my phone), uses a different communication channel (the phone network, hence "out-of-band") to contact me and then verifies I am a legitimate user. It requires me to interact as part of any change.

But the technology options get even better: JanRain's myOpenID, for example, now has a feature called "CallVerfID" that equips your myOpenID for two-factor authentication via the phone. It's quick and easy to set up and instantly protects every login with a multifactor authentication mechanism. I found I was not able to use it with a couple phone services due to the way they answer the call (I should provide feedback about that, added to my to-do list), but when set up for my cell or home phone it works as advertised.

Expect more of this class of technology in the future. Think, for example, about voice biometrics: Is that really you that's answering your phone? That kind of technology would be very cool if it was reliable. It's a complicated but useful technology that's being refined even as we discuss this.

I would guess that "review of all Internet email accounts" has been added to every campaign manager's list of things to do deal with early in the vetting process (not to mention the Secret Service's list). Any of the technologies above would likely have prevented the malicious bad guy from accessing the Yahoo! email account.

In the security world, change only happens when enough people make enough noise, a regulator gives an order, or enough companies feel enough financial pain. This looks like one of those cases where noise is the better option. It's certainly better than regulatory mandates (which tend to create collateral damage), and waiting on big companies to suffer is not exactly a reliable plan.

So... Feeling okay? How safe is your account, really?

The third wave of official beta apps under the Windows Live name have been made available a bit early for download. Full information and download links are located over at liveside.net. The updated Windows Live apps are:

• Messenger v9
• Windows Live Movie Maker
• Mail with Calendar synchronization
• Writer
• Photo Gallery
• Family Safety
• Outlook Connector

There are also non-English versions listed on the site and a few individual reviews posted at liveside.net:

• Wave 3: Windows Live Movie Maker Beta
• Wave 3: Windows Live Mail - Calendar, Calendar, Calendar (and more)
• Wave 3: Windows Live Writer – A First Look
• Wave 3: Windows Live Messenger 9 Beta – What’s New- A Comparison With 8.5

The most noticeable change is a whole new UI scheme for the apps, but there are a number of other changes in there, as well. Messenger's look and feel is very different. I see Live Writer now has direct YouTube integration - nice move and probably one that took some serious discussion to make happen (understandably). Time to start digging in and seeing what else the new apps offer under the hood.

The latest version of SQL Server implements several object models through Powershell to let folks manage SQL Server without using the SQL management tools.

We've just published a new episode of the RunAs Radio podcast with Michiel Wories, in which we dive into SQL Server 2008's Powershell features. Michiel is certainly the one to know and share about these features: He joined Microsoft 7 1/2 years ago in the role of Senior Program Manager for Microsoft SQL Server and is currently working as a Principal Architect on defining the next generation SQL Server management platform infrastructure. Michiel's blog is at http://blogs.msdn.com/mwories/

RunAs Radio is a weekly Internet-audio talk show for IT Professionals presented in a high-quality podcast format. Since April 2007 RunAs Radio has brought experts in the field of IT to its 10,000+ listeners, to inform and entertain. Professionally produced interviews are about 30 minutes in length and pack a substantial amount of information for maximum benefit. For more information about RunAs Radio, visit http://www.runasradio.com. RunAs Radio is available on iTunes and the Zune Marketplace, as well as directly from the RunAs Radio web site.

I enjoy the fact that my DirecTV DVR (model HR21-200) records HD content for me. The quality is generally pretty darned good (it does 1080i video now and 1080p is coming via a software upgrade), and it beats the heck out of anything else available to me in the boonies. The unit comes equipped with a 320GB (give or take) internal drive, which allows something like 30 hours max of HD recording. I found that when recording full seasons of a few shows like The Office or Lost in HD (and most of us will tend to add a few HD movies in the mix), the drive tends to fill up before I want it to.

So, I ordered a Cavalry 1TB external eSATA/USB 2 drive from Newegg.com, which arrived today. I've hooked it up and it's working. My new capacity numbers? Well, it depends on the specific content, but up to about 145 hours of HD content or as much as 1000 hours of SD programming (wow). Variables that affect actual video-time capacity includes resolution, compression (MPEG2 uses more space than the newer MPEG4) and how much motion there is in the video (since more motion means less compression benefit).

I wanted to document the simple setup steps here, so people can get theirs to work if they should want to do the same thing. You can find similar info on the 'net, but people seem to have a hard time with it. My drive came pre-formatted NTFS, which is fine. The DVR will wipe any file system on whatever drive you hook up. Below are the steps that one needs to follow in order to get the external drive up and running with the DVR. The order of the steps is crucial. Don't try to power up your hard drive after you start the DVR, for example.

First of all, if your external drive is a Seagate FreeAgent, you will probably not have any luck, unless you have a HR20 DVR unit. My HR21-200 unit refused to work with my 750GB Seagate drive, so it's doing video editing duty now. Your milage may vary, but my experience is that they just don't work.

To start using your new hard drive:

1. Power down the DVR.
2. Unplug the DVR from the wall power. This is important.
3. Attach the external drive's eSATA cable to the back of the DVR unit.
4. Power up the external hard drive first, and allow it to "spin up" (give it about a minute to be safe).
5. After the hard drive has "spun-up," plug the DVR back into the wall power plug.
6. Be patient (very patient) and wait for the DVR to restart. It's not dead. Be patient.
7. After it does it's thing, you'll be able to watch TV again. Check your recorded items list and make sure it's blank.
8. Run a recording test and make sure you can play back.

Note that the DVR's internal drive is completely bypassed when you add a new external hard drive - the system no longer sees it. So your recordings and what-have-you from the internal drive will not be available to view. However, in my experience if you restart the DVR without the external drive attached the internal drive "comes back to life" and you'll see your old recordings there.

Any scheduled recordings on your "To Do List" that you set up before adding the external hard drive will no longer be programmed. This is important - You will need to set up your recording schedules again. Head over to DirecTV's online scheduler or their mobile scheduling site at http://m.directv.com and sign in to start setting things up. I sometimes find the mobile site to be a bit easier to use, even on a desktop or laptop PC - especially since it lets me search by name.

Also, note that whatever you set up online may not be configured using the default recording setting you've established on your receiver, so be sure to go to the receiver's Manage Recordings list and review the new items that appear in your To Do list to make sure they're set to what you want. In my case, I had to make changes. Seems like recordings scheduled online should use the defaults you've established on your machine, but they didn't for me.

Most importantly, you can look for good deals on decent external eSATA hard drives to do an inexpensive upgrade to your DVR. If you like spending lots of money, you could go to one of the sites that offers upgrade hardware services, but one such site sells essentially the same drive I bought and installed myself. Their price? $299.00, and that's just for the hardware. If you want your internal drive copied to the new drive, they can do that for an additional $59 - Not worth it to me.

How much did I pay for mine? $167.00 from Newegg. You can do the math. Shop around, you might find an even better deal out there.

Over at Wired's Gadget Labs blog, Brian Chen writes about information discovered during a webcast presentation on Thursday covering the recently discussed iPhone security weaknesses having to do with bypassing the password-protected lock screen.

Jonathan Zdziarski, a data forensics expert and author of the forthcoming book "iPhone Forensics," did the presentation for law enforcement personnel and anyone else who might have a need to access an iPhone to discover information. During the presentation, in which he outlines a method for breaking into the phone with modified firmware and some hairy manipulation, he also showed how the iPhone takes a screenshot of every application the iPhone's user closes by pressing the "home" button. The saved image is used to "draw" the collapsing screen animation you see when your application closes and you're returned to the home screen. The image file is then deleted from the iPhone's storage.

But, nothing is ever really completely "deleted." And in this case, apparently when the temporary image file is killed from storage, the data "on-disk" is not overwritten or otherwise cleaned, so anyone with some basic forensics knowledge can search the iPhone storage space for the old files and recover them easily. You can do the same thing on pretty much any computer.

Depending on your point of view, this is either a potential privacy issue or a great forensics feature. Having worked as both a police officer and as a business security professional responsible for privacy and data integrity issues, I can understand both arguments. Certainly as a cop, being able to dig into someone's iPhone (with a proper warrant of course) to find evidence of crimes where the phone was used in some manner is of real value, and screen shots are potentially pretty useful evidence. But as a person who also values privacy as a matter of basic principle, it's a little disconcerting, especially since I didn't realize until today screen shots are being made.

The webcast recording is not yet available as of the time of this writing, but it should be posted to http://www.youtube.com/OreillyMedia in the next few days. If you're interested in learning something about electronic data forensics, it will be worth the time to check it out. Here's the O'Reilly abstract from the session:

In this free, live webcast, iPhone hacker and data forensics expert Jonathan Zdziarski guides you through the steps used by law enforcement agencies to bypass the iPhone 3G's passcode lock by creating a custom firmware bundle. Author of the upcoming book, iPhone Forensics, Jonathan has devoted much of his talent supporting law enforcement personnel with his development of a forensics toolkit that allows them to recover, process, and remove sensitive data stored on the iPhone, iPhone 3G, and iPod Touch. This live presentation is aimed towards law enforcement and anyone else who has a need to access the not-so-readily available data on an iPhone.

Jeff Goodwin Rings Us Into Unified Communications
RunAs Radio Show #73 - 9/3/2008 (35 minutes)

Richard and I talked to Jeff Goodwin about Microsoft Unified Communications in this week's RunAs Radio show. Jeff lays out the relationship between Exchange, Office Communicator and Unified Messaging Server to combine email, telephone and instant messaging. Check out Jeff's TechNet articles at http://www.shrinkster.com/11mj and http://www.shrinkster.com/11mk.

UPDATED: Chrome is now out and available for Windows, other platforms coming in the future - Check out http://www.google.com/chrome/

As mentioned earlier here and everywhere else on the 'net, Google's Chrome web browser is coming. Today Google put an official release notice on its Official Google Blog, and they tell us it will be made available for you and me to download and try on Tuesday.

Over at Google Blogoscoped there's a whole bunch of screen shots you can check out if you can't wait until tomorrow. Screen shots are a bit hard to come by today, but tomorrow it'll be in-person for everyone, and you can probably imagine how many people will be posting pictures and writing about the new browser.

Google seeded a paper comic book to some people recently, to present and describe their future web browser (or you might just think of it as the web browser of the future), which is called Google Browser or Chrome.

So, what's the story? Making the browser more stable, more usable, more secure. At first glance, it looks like a strong starting point for the future of Internet browsers. Written from the ground-up from scratch and with the experience of several years of past browser platforms to learn from, Google has addressed many of the main concerns in today's browsers.

Now the only question is: When will we get it? I will be watching here to see if something shows up. Hopefully it's soon!

UPDATE: The release date is tomorrow (Tuesday, September 2, 2008) - More info and link to screenshots here.

A variety of technologies are incorporated into the Chrome design that improve on common browser weaknesses. The key improvements fall into the areas of stability (memory allocation and management, process management), some incredibly cool javascript environment enhancements (in the form of a new, open-source javascript engine), a bunch of user experience improvements and significant security changes.

And, it's all open source. That's right - Anyone (including other browser makers) can leverage the work done in the Chrome project and can contribute or modify to meet their own needs. Good move, Google.

Pretty exciting stuff. It will be fun to see what comes next, and when.

As mentioned the other day, LinkedIn today released their new Groups features. Groups are one of the most popular features on LinkedIn, despite the limited feature-functionality provided for groups on the web site in the past.

The new features include a searchable contacts roster (search by name, company, or other keywords such as specific areas of expertise), which is accessible to all members; and discussions with email-digest notifications (which are configurable by individual group members). A few screen clips of the new functionality are shown below, and LinkedIn has published an informational page describing the new functionality.

Notification when you sign in that your managed group now has new features:

The new tabs available reflect the new functionality:

Choose your notification email delivery preferences for discussions:

Write a new discussion topic for the group:

Recent discussions list:

Vidoop Labs has a dream:

The dream is to see Identity baked into all browsers. Just imagine opening your web browser and then selecting your Identity Provider (IDP) the way you select your default search provider. The benefits are numerous; never type in a username, never look for a login button/page (you are authenticated when you land on a domain), no phishing/MITM (the browser can do domain and SSL cert validation). You fire up your browser and authenticate (or login) similar to the way you log in to your computer every time you turn it on. The difference is you get to choose your provider and can take control of the data you safeguard, store and share on the Internet.

I could get into that.

Vidoop is a Portland, Oregon company that has built some interesting technology around OpenID. I really like the idea of OpenID, and I have a couple OpenIDs of my own that I use on various sites. But OpenID is not exactly perfect. It's still relatively young, and from the usability standpoint it needs improvement. The identity and authentication requirements of the modern Internet demand some additional features and capabilities that OpenID doesn't deliver (and you can argue that it shouldn't). By combining openID with other technologies (such as Information Cards and other strong-auth offerings) and improving usability for end-users, it could become a widely-adopted, used and trusted standard, or part of a broader one covering strong authentication and identity protection/assertion in a commonly-accepted and deployed package.

Vidoop's Luke Sontag today posted an announcement that the company's newly-formed Vidoop Labs has fired up a community project called IDIB (pronounced "Eye-Dib"), which aims to improve on the OpenID usability model and make it stronger at the same time. They've released a developer preview of IDIB in hopes of involving people and getting your input and feedback.

From the Vidoop announcement:

Over the past few years we’ve seen the adoption of OpenID continue to increase but the work that we’ve done as a community to develop this technology has only just begun. Looking at the landscape of OpenID adoption, its clear that there are several key factors inhibiting adoption, but two that we want to focus on today, namely usability and security in the browser.

It was almost two years ago when the Firefox 3.0 roadmap wasannounced and OpenID was mentioned as a new component to the platform. The Mozilla Firefox team looked to members of the OpenID community to step up and provide guidance on what exactly we imagined identity in the browser looking like, but we failed to mobilize and answer their call.

In light of that missed opportunity, Vidoop Labs has been working hard over the last several weeks to produce a prototype that we intend to use to initiate a wider discussion about OpenID in the browser and what it might look like.

And the current developer preview (which is open-source) is just a beginning. Imagine leveraging Information Cards (such as one would use with Microsoft's CardSpace, or the similar open-source offerings for Mac and Linux) in the cloud, and being able to use OpenID - one logon for all your web sites - confidently, securely and with proper security protection.

The Internet needs a good, strong, reliable, usable and secure standard technology to solve the issues related to user names, passwords, single sign on and identity protection. IDIB looks like a serious and positive attempt to start the journey directly down that path.

I thought I'd present some casual observations I made throughout the day Wednesday on a trip from Portland to Seattle, as well as some newly reported information about the AT&T 3G network that's hit the 'net over the past 24 hours or so.

The back-story here is that I - like many others - have found the reliability and consistency of the iPhone 3G to be less than satisfactory while on the 3G AT&T network.

First of all, it became clear to me over the course of several hours yesterday that the iPhone is not to blame with regards to connectivity on the 3G network. While driving from Portland, Oregon to Seattle, Washington and back yesterday, I had the opportunity to run a whole slew of speed/connectivity test sessions using the iPhone app called "iNetwork Test" (click here to get the free app in the iTunes App Store).

AT&T actually has fairly impressive 3G network coverage from south of Olympia, Washington practically all the way to Seattle, with one or two small gaps in-between where the phone switched to EDGE. Much of the area along that I-5 corridor is rural or sparsely-populated. From a wireless connectivity standpoint, it's a pretty decent area to live in if you're going to be far away from the city.

My experience in using the 3G network along my drive up and down the Interstate can be summed up thusly:

In areas with higher population density, and thus more iPhone (and other device) users, ability to a) connect to the voice network and make calls, b) stay connected to the voice network, c) make data connections and d) maintain data connections was substantially worse. The difference between dense and sparsely populated areas was like night and day.

Where population density was lower, even in cases when fewer bars are displayed on the signal strength icon, voice and data connections were reliable and solid without exception. In contrast, in high-population areas even full-signal connectivity was spotty and unreliable.

I'm running the latest iPhone software, v2.0.2, which both Apple and AT&T have encouraged people to upgrade to. AT&T even sent a text message to all users asking them to upgrade - a first-time action on the part of the carrier.

Some new information, part of which you'll find quoted below, helps explain why I experienced substantially poorer performance in the cities and heavily-populated areas but not in the rural sections of my drive. According to reports, it appears AT&T's 3G radio systems are power-constrained, and are not able to maintain all the connections. The incredible number of iPhone 3G devices on the network - especially in metropolitan and urban areas - is most certainly placing a heavy load on the radios. In addition, iPhone 3G devices that have not been updated to the v2.0.2 software are placing an even heavier burden on the radios from a power-consumption standpoint.

So, there's a power-management problem, as well as a capacity problem. When the network "noise" in the radio spectrum used gets to be higher, the towers have to increase power to try to overcome the noise. You can see how that doesn't work. Eventually the noise keeps climbing and the power consumption at the tower (and presumably on the iPhone as well) goes through the roof.

More towers would increase capacity, reduce power requirements and resulting noise, and generally improve coverage. But that's not something that can be changed overnight.

All of this helps explain why my ability to make calls, connect to the 3G data network and download at high speeds was much better where the network is only lightly used.

The Daily Tech site has a detailed report (and some intelligent reader comments) that describes the cell-site power issues, the problems related to the older iPhone 3G software, and other items. Go to the Daily Tech site to get all the details. Here is a portion of the information, including some text quoted from Roughly Drafted Magazine, whose author was able to get some new details from a source inside AT&T's wireless business describing the power issues and what the iPhone's v2.0.2 software update changes:

Basically the update "fixed power control on the mobile" according to the source. To understand what they're going to say next, you must first know a bit about AT&T's jargon for UMTS -- the technology it uses to deliver its 3G network. In the technology, phones are referred to as user equipment, "UE" for short. The base transceiver station towers are known as "Node B".

With this jargon in mind, the AT&T source explains:

"In UMTS power control is key to the mobile and network success. If the UE requires too much downlink power then the base station or Node B can run out of transmitter power and this is what was happening. As you get more UEs on the cell, the noise floor rises and the cell has to compensate by ramping up its power to the UEs. If the UE power control algorithm is faulty then they will demand more power from the cell than is necessary and with multiple users this can cause the cell transmitter to run out of power. The net result is that some UEs will drop their call. I have seen the dropped call graphs that correspond to the iPhone launch and when the 2.0.2 firmware was released. The increase in dropped calls, (were the result of) dropped calls due to a lack of downlink power."

In essence, the iPhone is asking for a stronger signal than it needs. In areas with lots of users, some or all of whose phones are doing this, calls start to get dropped and signal quality drops. This all follows with the conclusions the media had reached -- the problems were somehow correlated to user distribution and seemed puzzlingly to be both with AT&T's network, and with the hardware.

The source continues:

"The power control issue will also have an effect on the data throughput, because the higher the data rate the more power the Node B transmitter requires to transmit. If the UEs have poor power control and are taking more power than is necessary then it will sap the network’s ability to deliver high speed data. This is one of the reasons why AT&T has been sending text messages to users to persuade them to upgrade to the 2.0.2 software. In a mixed environment where users are running 2.0, 2.0.1, and 2.0.2, the power control problems of 2.0 and 2.0.1 will affect the 2.0.2 users. It is not the network that is fault but the interaction of the bad power control algorithm in 2.0 and 2.0.1 software and the network that is at fault. The sooner everybody is running 2.0.2 software the better things will be. Having seen the graphs the 2.0.2 software has already started to make difference."

Since transmitting lots of data takes lots of transmission power, and transmission power was unnecessarily being raised above that necessary for the use levels on phones, the network in areas of heavy use was unable to handle high speed data.

My first-generation Nikon D70, which I bought the day it was released to the market a few years back, died on me a few months ago. Without a card in it, it won't start, and when you insert a CF card in the slot, the green data-access indicator flashes on and off. If I hold down the Menu button, the menu flashes on and off along with the green LED.

As it turns out, this is a known problem with the original Nikon D70 cameras, and Nikon USA has a service bulletin out on the camera body. They'll repair it free of charge.

So, if you have the same problem, visit this service bulletin page, click on the D70, and you can access a PDF file that you'll need to print, fill out and send to Nikon along with your camera body. Be sure to take your camera strap off and remove the battery, and don't send any lenses or other accessories.

Mine's on it's way to Nikon now - they say the turnaround is five days (plus shipping time).

Dear #####,

First, thank you for managing your group on LinkedIn. We sincerely appreciate the time and effort you devote to your members, and we know they value it. Together you have made Groups one of the top features on LinkedIn.

This Friday, we will be adding several much-requested features to your group:
<