greg hughes - dot net

You have firewalls and anti-malware system, video surveillance and monitoring systems for network traffic to and from the Internet. But look at eWeek's semi-smart list of the top ten infosec risks workers pose to your business today, and you may need to rethink your plans.

I call this a "semi-smart" list because it's practical and real-world, and doesn't assume the "standards" out there cover all the bases. But, at the same time it doesn't offer much in the way of solutions, which always frustrates me (and it misses some key points, especially related to intentional worker behavior, as opposed to neglect, and how it can substantially enhance the potential associated with these risks).

Point is, each of the items pointed out is very much worth considering and reviewing in your business security program. Just don't forget to look at them in the big-picture perspective of the business.

And now for the list:

• USB Flash Drives
• Laptops
• P2P
• Web Mail
• Wi-Fi
• Smart Phones
• Collaboration Tools
• Social Networks
• Unauthorized Software Updates
• Virtual Worlds

Pretty much every modern technical productivity enhancer. Before anyone starts screaming the alarmist song, think about not only how these things can be used for good, but also about how they could be used to to Very Bad Things.

How many of those technologies are specifically and can be proven effectively covered under your infosec policies? How many have you tested in the real world to see what your compliance profile really looks like? Could you meaningfully test for these threats, even if they were on your plan?

You can check out the eWeek article here.

Google Talk is now available on the iPhone in the Safari browser. At the Google Mobile blog, the details are laid out. If you use Google Apps for your domain and have the Talk app activated there, word is you can access it, too using this URL syntax:

http://hostedtalkgadget.google.com/a/yourdomain/talkgadget/m

"We've just released in the US a new version of Google Talk designed specifically for the iPhone and iPod Touch browsers. In addition to sending your friends Gmail messages from your iPhone, you can now chat with them while you're on the move, too! In your iPhone browser, just go to www.google.com/talk, sign in and start chatting. That's it. Google Talk runs entirely in the browser so there's no need to download or install anything."

Announcement: Official Google Mobile Blog: Google Talk for the iPhone

Tired of relying on well-funded commercial software companies testing their software on you while you come to truly rely on it, with little to no control?

Well, the world is (potentially) changing.

If you're - for example - a Twitter user, you might be interested in checking out Identi.ca, a brand-new open-source platform for microblogging. Press release below.

I can be found at http://identi.ca/greghughes - Check it out.

Control Yourself, Inc. launches Identi.ca, the Open Microblogging Service (July 2nd, 2008)

Montreal, Quebec-based Control Yourself, Inc. today launched Identi.ca, the open microblogging service. Users can post short messages about themselves to Identi.ca, which are then broadcast to friends in their social network using instant messages (IM), RSS feeds, and the Web.

Identi.ca is similar to existing microblogging sites such as Twitter, Jaiku, or Pownce. Unlike those services, Identi.ca’s underlying software is available under an Open Source license. Identi.ca is also the first service to support OpenMicroBlogging, a standard for exchanging short messages between microblogging sites. Identi.ca also makes public user data available under a Creative Commons license in standard formats.

“Too many existing social networks keep users locked in to their services,” says Evan Prodromou, president of Control Yourself. “With an Open Source code base, and support for standard data exchange formats, we are giving users back the autonomy to control their own social Web presence.”

Response from initial testers has been enthusiastic, both for the software’s design and functionality, as well as the site’s openness. “It makes me feel alive again to see the resurgence of free/open on the web,” said Jon Phillips, Community Manager with Creative Commons in San Francisco, CA.

Control Yourself will grow the service exponentially throughout 2008, adding features such cell phone text messaging (SMS) and multilingual support in its next software release.

Link to the original press release: Control Yourself

CIO.com has posted a great opinion article by Mike Gualtieri offering nine ways to make sure you're not labeled as a "clueless" CIO. I must say, the list is excellent and one that should be taken to heart by executive managers in general, and information/technical execs in particular.

Among his observations of a good CIO: "He gets opinions from his experts but there is never any question about who will make the final decision. And, if you never watched Star Trek then you shouldn't even be a CIO."

But the list contains several important and valuable points, it's not just humor. Do you know what your reports have to say about you? Does your CIO make the grade? This quick article is highly recommended.

I can especially relate to the issues associated with "drinking vendor Kool-Aid" and the need to keep a distance. In fact, my experiences with massive numbers of vendors led me to take drastic action to stop cold calls and other sales tactics, to the point even of angering those vendors. Basically, if I didn't have an established preferred relationship with a vendor, calls were relegated to a special mailbox. It gave me my time back.

Also, it is important to watch the balance between being a good geek leader and being the "uber-geeky" supervisor. If you are a professional manager, you hire the best and the brightest and make sure they can do their jobs well. If you're hiring smart, those people are much better at the tactical aspects of your organizational responsibilities than you are, anyhow.

Microsoft will soon be selling it's Office suite, along with security protection software (OneCare) and a slew of other applications for a $70 annual fee under the name "Equipt" this month. This is the first time a consumer has had the option to pay-as-you-go for the Microsoft productivity software, and will likely open up the possibility of a more budget-affordable option for many. When you consider an annual OneCare subscription runs you $50 a year and a copy of Office Home and Student Edition sells for a one-time fee of $150 (and a new version seems to come out every three years on average), it's an attractive deal. The $69.99 subscription fee will let you install the software on up to three home PCs.

Infoworld:

Equipt, which was formerly known by its code name, Albany, includes Office Home and Student 2007, Windows Live OneCare, Office Live Workspaces, Windows Live Mail, Live Messenger and Live Photo. Microsoft plans to begin selling it in the U.S. on July 15 through Circuit City, with other outlets to follow. It will be offered in other countries at about the same time, though pricing elsewhere was not announced.

The name comes from the idea that the package will help customers "equip their PC with a core set of services," said Bryson Gordon, a group product manager for Microsoft Office. "It resonated well with customers in testing."

Link to the Original Article at InfoWorld: Microsoft to sell Office 'value pack' for $70 per year

AT&T has released a set of informative videos (all of which appear below) with details about when, where and how to buy the iPhone 3G. Prepare to qualify!

There are three videos. The first one is for people who are not existing AT&T customers:

Next, information for people who are already customers of AT&T (including iPhone owners and non-iPhone customers):



Finally, if you want to give your first-generation iPhone to your old friend Chris someone you know, here are those details:



In addition, a press release outlining all the details for various types of purchasers describes the in's and out's of contracts, upgrades and whatnot:

AT&T Inc. (NYSE:T) today announced iPhone 3G pricing for new and existing AT&T customers, several attractive voice and data plans, and tips on how to be “iReady” when iPhone 3G goes on sale at AT&T retail stores at 8 a.m. local time on Friday, July 11.

“We can’t wait to offer iPhone 3G to our customers, and we want to make sure the buying process is as easy as possible,” said Ralph de la Vega, president and CEO of AT&T’s wireless unit. “Considering all the great new features of iPhone 3G, we think our pricing and monthly plans present a tremendous value for consumers and businesses alike.”

Pricing and Eligibility

AT&T is making it easy for customers to prepare for their iPhone 3G purchase by posting “Get iReady” tips and frequently asked questions at www.att.com/iphone. The site also will include a link for customers to check their upgrade eligibility and other wireless account information.

iPhone 3G will be available for $199 for the 8GB model and $299 for the 16GB model. These prices require two-year contracts and are available to the following customers:

• iPhone customers who purchased before July 11
• Customers activating a new line with AT&T
• Current AT&T customers who are eligible, at the time of purchase, for an upgrade discount

Existing AT&T customers who are not currently eligible for an upgrade discount can purchase iPhone 3G for $399 for the 8GB model or $499 for the 16GB model. Both options require a new two-year service agreement. In the future, AT&T will offer a no-contract-required option for $599 (8GB) or $699 (16GB).

Current customers may also choose to wait until they become eligible for an upgrade discount. Eligibility is generally determined by amount of time remaining on a current contract and payment history.

Current AT&T customers who are upgrading to iPhone 3G will pay an $18 upgrade fee and new AT&T customers will pay the standard $36 activation fee.

Voice, Data and Text Messaging Plans

AT&T brings iPhone 3G customers the best coverage on the globe and the largest mobile-to-mobile calling community with unlimited calling to AT&T’s 71.4 million wireless customers. iPhone 3G customers can choose from four individual AT&T Nation plans, which bundle voice and unlimited data (e-mail and Web browsing).

• AT&T NationSM Unlimited: Includes unlimited Anytime Minutes for $129.99 a month.
• AT&T Nation 1350: Includes 1350 Anytime Minutes and unlimited Night & Weekend Minutes for $109.99 a month.
• AT&T Nation 900: Includes 900 Anytime Minutes and unlimited Night & Weekend Minutes for $89.99 a month.
• AT&T Nation 450: Includes 450 Anytime Minutes and 5,000 Night & Weekend Minutes for $69.99 a month.

All AT&T Nation and AT&T FamilyTalk® plans for iPhone 3G include nationwide long distance and roaming, Visual Voicemail, Rollover®, unlimited Mobile to Mobile calling, Call Forwarding, Call Waiting, Three-Way Calling and Caller ID.

AT&T will offer FamilyTalk plans, with bundled voice and unlimited data, starting as low as $129.99 a month for two iPhone 3G lines. Up to three additional iPhone lines can be added for $39.99 each.
Unlimited text messaging can be added for an additional $20 ($30 for FamilyTalk plans of up to five lines); $15 (1,500 messages), or $5 (200 messages).

iPhone for Business

Business customers interested in iPhone 3G should contact an AT&T business sales representative or review their account information online to determine their eligibility for upgrade pricing. Corporate e-mail and other business applications require the Enterprise Data Plan for iPhone, which is $45 a month and bundled with an eligible voice plan. Small business customers may qualify for AT&T BusinessTalk, the industry’s only shared plan specifically for small businesses. Additional details on iPhone business offerings are available at www.att.com/iphoneforbusiness.

iPhone 2.0 Software

All iPhone customers will benefit from the iPhone 2.0 software, which will be pre-loaded on all iPhone 3Gs and available as a free download for current iPhone customers. The new software will include numerous enhancements, such as business-class e-mail access via Microsoft Exchange ActiveSync; the iPhone Software Development Kit (SDK), which allows a business to easily create applications customized to its needs; and the App Store, which offers a wide-range of applications — from games to business, education to entertainment and productivity to social networking. For example, AT&T has developed YELLOWPAGES.COM Mobile for iPhone, which takes local mobile search to a new level by allowing users to discover businesses and local events based on their popularity among other iPhone users, get directions and access business reviews.

So - The real question is this: Who plans to get in line early? :)

Nate Westheimer of The Silicon Alley Insider has this to say:

Twitter should take full advantage of their messaging platform, user base and user disposition to lead in the P2P mobile payments space, where, despite years of hype, no one has much of a head start.

Link to the article: How Twitter Could Be Worth A Billion In A Year

I have to admit, coming from the Internet financial services space, the thought of this actually happening scares me slightly, given the serious lack of stability and the manner in which changes have been made at Twitter with less than complete communication. But at any rate, they have a lot of money to throw at the problems, so I am rooting for them to get things right. It just hurts. :)

Westheimer makes some good points. Twitter is carrier/provider-agnostic and has amazingly terrific user and market penetration. Just as I send you a direct message today by typing "d yourname hi how are you?" I could pay you using syntax like "p yourname $20."

But getting from here to there is an whole other story. It's far from trivial to create a financial transaction and accounting system, especially one that scales to the sizes required (but it certainly can be done).

It's an appealing and interesting idea and one that warrant some real thought. As someone who comes from the the online banking software, infrastructure and security world, I can see the market need as well as the challenges from many fronts that will face any company that finally jumps fully on-board the micro-payments and mobile-payments train. A number of good, well-funded companies have given it a run before with limited success. It's a complex problem to solve, but it's doable.

It sure sounds like a fun challenge, and there's a massive marketplace out there just waiting for someone to get it right. Note the operative verbiage there - Doing it well is critical to success. The fact is there's no room for "scale later" in this game.

What do you think? Would you pay people via Twitter if you could? Would it be useful to you?

I've really missed Windows Live Writer since I starting using my Macbook Air so much. Even though I have it in a Fusion virtual machine running Windows, I find I rarely use it since it uses the VM's filesystem (not the Mac's), and copying stuff onto the Mac clipoard and then pasting into a Windows virtualized app is not what one might wish.

I was pleasantly surprised to run across a Mac app called Blogo, which I am using to write this post. It's nowhere near as feature-rich as Live Writer, but Blogo is a great start on a WYSIWYG editor with many of the bells and whistles. I pointed it at my blog home page during setup, with very little hope it would auto-discover my blog settings, but I was pleasantly surprised. Up popped a dialog asking for my username ad password, and once I provided it, there on the screen was my list of blog posts pulled straight from the server's API (which I seem to recall emulates the Blogger API). Very nice.

Blogo has a funny icon logo, is available as a free 21-day trial, and after that it's $25. There are a few key features missing that might make me pause when it comes to shelling out the cash. Specifically there is no spell checking (I'd like to see red underlines and inline corrections with the right-click action), selecting text and trying to drag it around doesn't work, the image editor is fairly limited, and it doesn't seem to pull my list of existing categories. Plus you cannot edit the HTML it creates (yet) and pasting multimedia content inline doesn't seem to work well. But as I said, it's a great start. If you have a Mac and you're frustrated with other blogging apps, you should check it out.

It's the best WYSIWG mac client I've found so far, so it earns a spot on my Mac's Dock. I will be keeping up with this editor's progress with high hopes, and am encouraged there may yet me a Mac blogging client to rival WLW.

We can hope!

For the past several months I have had the pleasure of improving my communication effectiveness while at the same time reducing my reliance and the massive amount of time I used to spend on email. Tools like Twitter, blogging, and - yes - actively making sure I am using the telephone (remember that thing?) have all contributed to my big picture of improvement: Use better tools where they make the most sense, rather than relying on the cumbersome and often ineffective email medium.

What prompts me to write this? Luis Suarez works for IBM and today's NY Times online contains a piece written by him where he discusses his change away from email. I can relate and have had many of the same experiences.

Email is often chastised for a variety of shortcomings, among them the frustrating fact that often people come across (or are perceived) in a way they do not intend. Maybe the reader perceives the writer is angry or being short when that's not the intent. If I had a dime for every email-miscommunication I'd observed (or been a part of), I'd be a rich man.

Systems like Twitter (assuming you can forgive that app's famous reliability and availability issues), allow community information sharing in a manner you can never get with email, and which classic instant messaging doesn't quite do. Post your thoughts, questions or whatever you're up to and others who want to follow your thoughts can read then in your "tweets." And if they wish they can respond, either publicly (called replying) or in private (called direct-messaging). Twitter is basically a public broadcast communication system of short messages, with private messaging capabilities also available. All Twitter communication is (hopefuly) archived for access and reference later on if you like. The signal-to-noise ratio, however, can be quite high, especially when people use it like an instant messaging client (which it is not really suited for, in my opinion). You can tune the SNR of your tweet feed by choosing whose communications you subscribe to. Too much noise from Joe? Just stop following his tweet stream.

Instant messaging is well-suited for casual, right-now conversations where archiving in the "cloud" is not as important. I can archive all of my instant messages locally, but I have to be on the archiving computer where I was writing to read the archives. It makes it easy to do provate chats with one person and add another person(s) if needed, although my use is almost always 1:1.

Of course, email works well - even best - for some things. I try to avoid using it as a filing cabinet, or at least limit it to specific critical uses. But by pulling all the real-time conversations out and using the real- or near-real-time tools, by email bloat has been significantly reduced, hence the amount of time I need to spend in it is less than the quality of the time I do spend there is higher.

Finally, the telephone. When it comes to making personal connections, nothing beats hearing the other person and them being able to hear you. It's real time in the most "real" sense. You can argue that voice and video capabilities of IM applications fill this need, and you'd be right. But there is something about the phone that really works well.

One other side effect of the technology growth I have noticed (and it's also probably a result of life changes for me as well) is that I don't blog quite as much as I used to. A lot of the quick thoughts that I used to turn into blog entries end up being tweets on Twitter or IM messages (or just left sitting on my brain's virtual table).

How have you changed your communication habits as a result of technology? Or have you?

Trevin pointed to a cool site called Wordle, where you can enter a bunch of text and the web app then creates a visual image representation of the text, where the most commonly used words are larger. You have control over many aspects of the visualization, such as font, colors, layout direction, removing common words, how many words to display in the image (default is 150), etc.

I copied the text from the home page of my blog just before posting this and used Wordle to generate the image below. It's interesting to see what words flat to the "top" of the list. Makes me thing that maybe you can tell something about people from their writing, and as such from the words that dominate what they write.

You can make your own at http://wordle.net, and see what you learn about your own writing. There's also a gallery of wordles created by others, which I got quite caught up in for a while, reading what others have created. Wordle was created by Jonathan Feinberg, who works in IBM Research with the Collaborative User Experience group.

Everything about this video - The Website is Down - is so sarcastically and stereotypically hilarious. Josh Weinberg (the creator) is my new hero.

A mashup of true and mostly-true stories from IT hell. If you've ever called tech support and wondered what the hell they are doing down there... well, this should answer some questions for you. Starring Apache, Windows XP, Linux and Halo (among many others).

Note: There's some very NSFW language and visuals. You have been warned.

I'm not going to post video here -- You need to go to the site and watch the whole thing, and then be sure to check out the geeky interactive UI at the end.

(via Chris Pirillo on Twitter)

I've traveled to Europe with my iPhone before, and despite activating an international data plan I ended up spending a bit more than I wanted to (by about $100). But Raven Zachary came back home to a $800+ bill, and there are many tales of others having even worse experiences.

Raven wrote a blog article offering some tips to keep your costs down, all of which are good. So, if you are traveling out of the USA with your AT&T iPhone (and yes, that DOES include to Canada or Mexico, so do your homework), check out what he wrote.

As of today, there is no "unlimited" international data plan available. It can get very expensive to deal with email attachments and use the maps program, or even just to check email the same way you do back home (meaning automatically every n minutes). With the 3G network coming on the new iPhone and the associated roaming costs for high-speed access projected to be higher, this all becomes even more important.

Until AT&T makes it a little easier to be their customers, and simplifies things for those of use paying them big bucks for service, you'll need to order specific international services and configure your iPhone in certain ways to make sure you don't get nailed and you'll have to search the 'net to find sources to read about the problems and related solutions. I feel sorry for people who get completely blindsided (and there are a lot of those people out there). So much for seamless, don't-have-to-think-about-it use, eh?

Jeff Martens had an idea, one I had been thinking similarly about - but he vocalized it first (or "tweeterized it" might be more accurate). I jumped right in and created a new LinkedIn group called "PDX Tech," a networking group for people in the Portland, Oregon general area who work in what we will loosely define as the technology marketplace.

If you'd like to join the group and you meet the above requirements (which are not too restrictive), just click here and sign right up.

In the first 24 hours we already have a substantial group of people who have joined, but I know there are many, many more out there in PDX-land. Hope to see you on the group list!

The Mars Phoenix crew has just announced they've discovered ice on Mars. There will be more tests soon, and ones that should be more direct in their analysis. Today's discovery is based on the visualized disappearance of some white material from the surface over the past few days. From the Mars Phoenix web site:

June 19, 2008 -- Dice-size crumbs of bright material have vanished from inside a trench where they were photographed by NASA's Phoenix Mars Lander four days ago, convincing scientists that the material was frozen water that vaporized after digging exposed it.

"It must be ice," said Phoenix Principal Investigator Peter Smith of the University of Arizona, Tucson. "These little clumps completely disappearing over the course of a few days, that is perfect evidence that it's ice. There had been some question whether the bright material was salt. Salt can't do that."

Very cool stuff, and it will be even more interesting to see what's next:

Also early today, digging in a different trench, the Robotic Arm connected with a hard surface that has scientists excited about the prospect of next uncovering an icy layer.

And how/where did the news come to us? Via Twitter!

You can follow http://www.twitter.com/marsphoenix for regular updates if you wish. The specific ice updates from today on Twitter are here and here.

Today the trucking company showed up with my oh-so-cliché-midlife-crisis mobile, a 1969 Mustang convertible that I recently purchased from a good guy in Pennsylvania. I made a trip back east a couple weeks ago to hand over the check, transfer the title and drive the car a bit, and then painfully left it there to wait for a vehicle transport company to pick it up and deliver to Oregon.

The car made a long and round-about trip all over the country, and it got pretty grungy while in New Mexico thanks to a dirt road construction zone detour in the desert. I used to live there, so I understand. The soil in the desert, if you can call it that, is very fine and it gets into the air and can find its way on and into everything. When the car came off the truck today, it looked so dull and gross I almost couldn't stand it. But, after two complete washes it looks quite a bit better. It will need another good hand wash and them some detailing and a good wax, but it looks pretty nice already. These pictures were taken after the second wash and a hand-drying.

Most of my day was spent on the car: Receiving it from the back of the truck, washing it the first time, getting title and registration taken care of at the DMV, fueling up and washing it again, driving to town and giving some friends rides, stopping by the 60's-style corner soft ice cream and burger place with outdoor tables in the town I live near, and driving home on twisty-turny roads through the woods. It's a powerful, cool sounding and fun-to-drive machine, without a doubt. It's several years since I owned a convertible and I forgot how much fun and how relaxing it is on a nice day to just put the top down and drive. Add the raw power of this car's engine, and wow... A pretty darned good day, if I do say so myself.

And a bonus, which I only discovered when I got it home tonight: It fits in the garage with just about 12 inches of room to spare, nose to tail. Phew! Looks like I need to relocate some shelves.