HP LCD HD TV

If you want to pay close to two grand for a flat-screen LCD, you might want to consider the HP LC3760N 37-inch HD LCD TV. It has enough connectors to keep you busy for the better part of the day hooking up everything you own, the picture is beautiful, and it doesn’t take up much space; it’s less than 6 inches deep. It comes with a simple stand, or you can mount it on your wall.

You can read the review in CPU Magazine here.

How to build your own corporate IM system

Corporate IT managers who haven’t gotten on board with instant messaging need to start paying attention and evaluating how they will design their own IM systems. Before you dive into the world of IM, there are three basic strategies you will want to consider:

First, deploying one of the various IM blocking and monitoring products to prevent any unauthorized public IM use. Second, using software from Microsoft Corp. or IBM’s Lotus, the major private IM system vendors. Finally, building your own IM system using a variety of open sources.
These three strategies aren’t mutually exclusive, so you might want to mix and match.

You can read the article in Computerworld here.

AIM Pro — Still in the amateur leagues

Last week AOL released a new business-oriented IM client called AIM Pro. (You can download it for free from www.aim.com.) The client offers some interesting features, however, it is only available for Windows. While it is nice to see AOL thinking about business IM use, AIM Pro doesn’t come close to delivering a competitive offering that Microsoft and Lotus have with their private IM networks and LCS and Sametime clients.

You can read my review in Computerworld here.

Hacker U.

It is a war zone out there, on our networks. And the front lines are our high school networks, where budding hackers and kids who want to think of themselves are daily practicing their penetration skills, network penetration that is. And what happens when they graduate? They get to practice some more on college networks, where the good ones can get paid as research assistants to security start-ups. If they get really good, these folks get to go to conferences such as the upcoming romps in the desert next week, Black Hat/Defcon, Here they are celebrated for their exploits and the press has a field day writing about all the trouble caused. Is there any wonder why something is wrong with this picture? We reward people for the wrong things.

I was thinking about this recently, as I had the opportunity to interview a school district’s network administrator this week. As I was talking to him, I was flashing back on my own in-school experience. Five years ago, I had a part-time job teaching a bunch of high school boys on beginning networking topics, and the class was an eye-opener for me. I found out, for example, how hard it was to teach someone how to do subnetting. And that faced with the really hard work of protocol decodes, the kids just wanted to login as system administrator and leave it at that. Some of the guys are now out of college and have jobs in the IT industry, something that I am very proud of. (And some of them are still slackers, something that I am not proud of.)

But anyway, back to the attacks. My school district source was very clear about his frustrations in trying to keep the kids under control, and told me of a continuing struggle of his private battle between the forces of good and evil, and it isn’t pretty.

He locks down his network pretty tightly. He runs a content filter, so they can’t grab p0rn sites and go to other objectionable places, but even still these filters don’t stop everyone, especially students who have time on their hands and know how to reconfigure their browsers to hit proxy servers to avoid the filters. “It is amazing how clever the kids are at finding proxy servers to get around our blocks,” he told me. Many of the proxy sites use SSL connections, and “It didn’t take long for the kids to figure out how that worked.” So he has to lock down proxy servers now too, and more than that has to scan his network everyday to see if the kids have exploited something new. He has even gone so far as to assign static IP addresses, all the better to keep track of where the rogue user might be entering his network.

What I find interesting about this school district — and I am sure that they are typical — is that so many of their issues are threats from within. The days of having a perimeter and keeping the bad guys on the outside are so over. I was interested to learn that there is a whole class of newish products that go under various headings such as “extrusion detection” and “data leakage monitors” to track and prevent insiders from doing bad things, such as sending your entire customer file to their hotmail accounts.

That isn’t to say that there are plenty of bad guys out there scanning away: when I was at Stanford last month doing some tests for Information Security magazine, we had someone try to penetrate one of the SSL VPN boxes that I was testing. (They didn’t get in, but still was spooky to watch as we were going about our business at hand.) Turns out they get thousands of attempts every hour of every day. It helps that they are a very visible target, but still: put a new PC on the Internet, and someone will try to break in within a few seconds nowadays. You gotta have protection!

The technology has changed in five years since I was teaching, but the attitudes and methods haven’t. Back when I was in the classroom, we had networked PCs and I often taught from the back of the room, the better to see what the kids were doing. Most of the time, they were checking their overnight ratings on CS or IM’ing their friends telling them about their overnight ratings. Soon, the district put a stop to that, but they still could use the Web IM client (this is in the days before there were products to specifically block IM traffic). Now we have peer-to-peer music sharing and MySpace to worry about. “It is amazing how often the kids want to check their MySpace pages — they can’t go a couple of hours without trying to login,” my school source was telling me.

Now that summer is here, the district relaxes its policies for the staff a bit — they can download streaming music during the summer but not once school is back in session. And indeed, when we were scanning the network we saw one staffer listening to Internet radio and having a nice time taking all that bandwidth.

As a parent, I operated under the maxim of protect but verify, and it is a good one for a networked school district — or even any corporate environment — to operate under as well. One way is to install remote desktop software on every machine in your network, so the support people can reach out and touch someone’s PC if they are having problems, or doing something that they shouldn’t. A hospital that I visited last month had implemented this solution. They found it useful when their activity logs showed some spike in network traffic coming at either an odd hour or from an odd place. A quick look-see would generate a phone call to the user’s boss: “Do you know what your staff is doing with their PC?” No one I know wants to receive that phone call. My source at the hospital told me that he found an ex-employee who still had login credentials was using the network the night after he was fired — and didn’t realize that every mouse click was being watched.

Yes, we have come a long way since I was teaching Networking 101. But if I have learned anything over the years, it is getting harder to protect and verify our networks, as the users and exploit tools get more sophisticated. You just can’t stand still, and have to continue to tighten things up.

As if we all don’t have enough to do

Yahoo and Tim O’Reilly have come up with this fantasy stock market called Buzz Game. You buy and sell shares of technologies based on whether you think they are hot or not, using monopoly play-dough.

They give their reasons:

• To see if search buzz (including spikes and trends) can indeed be predicted by the collective wisdom of crowds in a market
• To provide an index of “what’s next” for technology enthusiasts
• To separate the wheat from the chaff among the various technologies that O’Reilly is constantly watching and tracking; to measure which forces in the technology industry are truly disruptive and which are mere flashes in the pan
• To discover how Yahoo! Research’s dynamic pari-mutuel market mechanism behaves in the “wild”
• To investigate opportunities around predicting trends in search engine behavior, and how they relate to events in the real world
• Last but not least, to entertain and engage participants in the game

I guess after fantasy fly fishing, this is the next big thing.

How to explain REST to civilians

Ryan Tomayko offers up here a very readable explanation of the latest Web acronym/meme, in the form of a socratic dialogue. We are thinking big, people.

Getting a lock on endpoints for the channel

Endpoint security can generate new business for solution providers if you can sort through the haze and the hype. In my latest column for eWeek, I talk about ways that VARs and resellers can leverage endpoint products.

Does the damage that could be caused by a random roaming laptop coming onto your customers’ networks keep you awake at night? It should, but rather than losing any more sleep, consider the potential for new business in the endpoint security marketplace. These days, one infected laptop can bring a network to its knees, and a personal firewall and an anti-virus checker are good only if they are consistently used and updated when new exploits are discovered. Read the column here.

Giving up the Ghost

Most of you have heard that Microsoft is trying to finish up its long-awaited update to Windows XP, called Vista later this year. What you might not have heard about is that under the covers, Vista is very different and there are so many changes that many independent software developers are having to learn a lot of new tricks to make sure their products run properly on Vista.

But this isn’t a column about Vista. I’d like to turn the attention to something that doesn’t get a lot of press, what is going on with .Net framework, and how that will influence what happens with Vista. The extra time that Microsoft is taking on Vista could turn out to be a blessing in disguise for these ISVs using this developer’s toolkit. (For those of you that don’t know, the period in front of things is pronounced “dot net.”)

.Net framework is one of those things that mostly operates under the covers. It takes up about 50 MB of space on your hard disk, which doesn’t seem like a lot of room these days. But there is a lot going on in that 50 MB.

Microsoft uses this framework to provide a variety of services that should have been in the underlying Windows operating system but somehow weren’t there initially. And as you can imagine, they will be included as part of Vista from the get-go. Most of the ISVs that are doing things with .Net have to do with developing Web-facing applications, or database access, or a combination of both.

What does .Net do for a developer? Lots of things. It creates a unified security model for its applications, so a developer doesn’t have to worry about debugging each and every program and can just call the security routines at one place from .Net’s common programming libraries. It also simplifies patching a developer’s programs, because .Net handles more of the security vulnerabilities and one update from .Net is a lot easier than dealing with patching multiple programs and then testing for whether they are working.

This is all well and good, and a testimonial to Microsoft’s ability to energize the developer community behind .Net. There are hundreds of applications, if not thousands. People can program for .Net in one of dozens different programming languages, and there are hundreds of .Net programming books available in the marketplace. (A search on Amazon for .Net framework got more than 1600 hits. A search for J2EE Framework got about 1200, just to put things in perspective.)

.Net framework is now used in Symantec’s Norton Ghost version 10, which is the motivation for this screed.

Norton Ghost is what is called a “drive imaging” product, meaning that it takes a snapshot of the computer’s hard disk and puts all the information in a single file. If something should go awry with the PC, you can repave things with a few simple commands and a few minutes of time.

Now why would a utility product be interested in using .Net? The older Ghost versions didn’t have much of an interface — they had to take control over the machine in order to make their copies of the disk, and they did this by rebooting with a more primitive OS — in this case, the dear DR DOS. Many of you might remember that this was the product that eventually helped to hone SCO’s legal challenges.

The Ghost 10 version runs in ordinary Windows, so you don’t have that messy rebooting going on. Thanks to .Net framework, the developers didn’t have to write their own user interface and could still use the underlying engine for the drive imaging. “By using Winforms classes in .NET, many of the innovations in Vista’s new shell show up automatically,” said a Symantec representative.” Doing the same thing in C++ is possible but would mean we’d lag behind Vista’s release date. Absorbing UI innovations automatically through the .NET framework also makes our product’s UI more likely to be similar to others that the user may encounter.”

Second is security. “A number of security features in XP and Vista are carefully enforced by the .NET framework,” he said. “Although the same effect can be achieved in raw C++, the possibility of errors and opportunities for exploits is much greater. Using .NET gives us better security.” Third is easier testing, since Symantec can use its automated test tools more widely if Ghost is a true Windows application.

“We believe the switch to .NET at most levels in a codebase is a ‘when’, not an ‘if’, for all ISVs,” he said.

I used to run Ghost all the time on various machines in my lab, but Symantec using .Net framework is going to make me to give up on Ghost. While it does make Ghost easier to run, it takes more time to boot up a recovery disk and run from scratch. It is also made more complex, with more opportunities to not work on older hardware.

I don’t think that this is progress. Symantec is turning a good product into a real pain in the neck because of another innovation, that of product activation. Now, I am not a big fan of activation. Given how many times I reinstall various things as part of my testing, activation just gets in my way and often gives me fits as I try to match up the right keys. Symantec, though, has taken activation to a new frustrating level.

I got a new Dell PC a couple of weeks ago, and I was pleasantly surprised to see that it came with a copy of Ghost already on it, and a second drive partition too. For those of you that haven’t yet used these products, it is helpful to split your hard disk into at least two pieces, and save the drive image on the D: portion along with your data files, just in case you have to re-image the C: portion.

All well and good, until I realized that I had a “try or die” version. At the same time, my inbox received an offer to purchase Ghost v10 and get all sorts of rebates, making the purchase almost free. So rather than deal with buying an electronic copy and making a bunch of CDs, I thought, why not buy the boxed version and this way I have the printed documentation, the boot CD (you need the actual Ghost CD to boot a non-working PC), and get all the rebates too?

What a mistake that was. Here’s the problem: even though I have the EXACTLY SAME SOFTWARE on the CD that I have on the hard disk, they have different activation mechanisms and if you buy the physical CD it comes with a different activation key. The only solution is to uninstall the software, and then reinstall it from the physical CD. So much for those rebates, and now I lost about an hour trying to figure this all out.

I asked Symantec why they have two activation methods, and they didn’t really give me a satisfactory answer. While I think they made the right call on .Net framework, let’s simplify the activation process. A utility product like Ghost shouldn’t be this hard to run.

How Instant Messaging Is Transforming the Enterprise Network

I continue to publish articles about the intersection of IM and corporate networks. The latest piece appears this month in Cisco’s Internet Protocol Journal and discusses the evolution of IM from the protocol perspective. I compare the largest public IM operators with the XMPP approaches, and talk about how the various pieces fit together and what protocols they use to communicate.

DNS for people: eTelemetry’s Locate

Ever wonder who is using your PC when you leave work at night? If your users are doing something they shouldn’t be, such as running peer-to-peer servers or sucking up huge amounts of network bandwidth downloading Internet radio (or porn)? If unauthorized users are still connecting to your network?

Then wonder no more. A new tool from eTelemetry called Locate is here, and it is a dandy way to answer these and other questions. You can read my review of this nifty network tool here at Computerworld.com.