Archive for May, 2010

Cut the cord with $19.99 stereo Bluetooth headset

Thursday, May 27th, 2010

Instead, let’s revisit the Jabra BT8010, a stereo Bluetooth headset that TigerDirect has on sale for $19.99. I’ve covered it before: CNET rated it four stars out of five for its convertible design, OLED display, and music-playback features.

I have a BT8010, and I’d give it 3.5 stars because the headset is overly susceptible to ambient noise and a little uncomfortable over long stretches. But for $19.99 (plus a reasonable $7 for shipping), it’s almost too good to pass up.

Just make sure your phone supports A2DP stereo Bluetooth. Many models do, but for some reason, it’s not available on all handsets (cough
iPhone cough). And it’s pretty much AWOL on MP3 players, which mystifies me because, as I may have mentioned, wireless earbuds are suh-weet.

Find more deals, coupon codes, and bargains on CNET’s

During business hours, the BT8010 functions as a fairly standard headset, albeit one with a cool OLED display and jog dial. When you want to get your groove on, you just connect the second earpiece and presto: stereo earbuds. Once you’ve experienced the joy of walking around with your phone in your pocket and music piping wirelessly into your head, you’ll never go back to corded headphones.

Grumble, grumble. I was going to post about the Asus Eee PC 900a that Best Buy is selling for $299, but fellow CNET blogger Michael Horowitz beat me to it. (Still waiting to learn what Netbooks have to do with “defensive computing,” Michael. Ahem.)


Facebook app verification smells like open source

Monday, May 24th, 2010

Ironically, this is much the same tactic that open-source businesses are often pushed to by their communities or, rather, by the community. (The paying customer community generally could not care less.)

Facebook application developers must pay a fee ($375) to be part of the program. Given the nominal cost, it’s likely that many will sign up. But it’s not the cost that should be worrisome: it’s the idea.

Because open-source vendors like MySQL have been harangued by the community into providing little to no product-level differentiation between their “community” and “enterprise” products, they have been left to forage for dollars, sometimes by implying that the community product is not up to snuff.



Basically, application developers (there are 48,000 applications on Facebook today) can apply to become a verified app. If they pass, they get a badge and special placement in the application directory, plus increased communication limits with users, increased visibility in the news feed, and some free advertising credits. If they don’t pass, they get stuck into the unwashed masses of apps that aren’t verified because they aren’t “meaningful,” “trustworthy,” or “well designed”…You don’t want to be in the loser group.

TechCrunch calls Facebook’s new Application Verification Program a “protection racket.”

That’s a bit harsh, but the marketing behind the move does smack of The Godfather: “Yes, my son, you could use that unverified application, but you don’t want to get hurt, do you?” TechCrunch’s take:

No more litmus tests. I’ve been as guilty as anyone of establishing these in the past for what constitutes an “open-source company.” I was wrong. It’s a bigger playground than that.

Verified apps will get a green checkmark.

This is the wrong way to go about product differentiation, and it’s as true for Facebook as it is for open source. Some projects like ZipTie are apparently going off the open-source grid in order to make money that the pure-play open-source model hasn’t afforded them. We don’t want to see this happen.

How new tech standards wind up stillborn

Thursday, May 20th, 2010

A document (PDF) making its way onto the Web–the “Open Cloud Manifesto”–makes the case for the vision of what it terms “an open cloud.”

What's it gonna be: my cloud or yours?

If you have the stomach, revisit the heated debates over how Unix or Web services should develop. Strong companies and strong personalities dominated the arguments. Ultimately, Web services flourished while the Unix standard fragmented, ending up with proprietary versions that were too weak to compete against Linux years later.

“But, what we’ve heard from customers thus far, customers who are really committed to using the cloud, is that the best way to illustrate openness and customer flexibility is by what you actually provide and deliver for them.”

“This document does not intend to define a final taxonomy of cloud computing or to charter a new standards effort. Nor does it try to be an exhaustive thesis on cloud architecture and design. Rather, this document speaks to CIOs, governments, IT users, and business leaders who intend to use cloud computing and to establish a set of core principles for cloud providers. Cloud computing is still in its early stages, with much to learn and more experimentation to come. However, the time is right for the members of the emerging cloud-computing community to come together around the notion of an open cloud.”

Not exactly the equivalent of “Give me liberty or give me death.” But the split represents the divide between a couple of (important) companies with a head start in cloud computing and a larger cohort of wannabes anxious to avoid vendor lock-in. Sound familiar? It should. We’ve been here before–many times.

Such are the birth pangs that attend every interesting new technology. But while they say experience is a teacher, any lessons seem destined to land on deaf ears when it comes to the computer industry. At the dawn of the cloud-computing era, we’re about to witness key tech companies again pull in opposite directions.

Amazon, which is building a fabulously profitable business as a cloud services supplier, was even more blunt about why it opted not to sign on the dotted line:

Henry Kissinger doing anything these days?

“We as industry participants must work together to ensure that the cloud remains as open as all other IT technologies. Some might argue that it is too early to discuss topics such as standards, interoperability, integration, and portability. Although this is a time of great innovation for the cloud-computing community, that innovation should be guided by the principles of openness outlined in this document. We argue that it is exactly the right time to begin the work to build the open cloud.”

“It appears to us that one company, or just a few companies, would prefer to control the evolution of cloud computing, as opposed to reaching a consensus across key stakeholders (including cloud users) through an “open” process. An open Manifesto emerging from a closed process is at least mildly ironic.”

Cloud computing, or more precisely, cloud computing in its latest incarnation, is still in a state of becoming. So there’s still time and room to figure out how things should work to the betterment of individuals and businesses. What’s needed now is the intervention of cooler heads who can rise above the fray to figure out how to heal the rift before it widens.

Nice sentiment, but they’ll have to do it without Microsoft and Amazon. Both companies have rejected the initiative. Microsoft, which says that its Azure platform is sufficiently open, slammed the way the manifesto came together and dunned its backers for their take-it-or-leave-it approach.

I can’t say which group is on the side of the angels. The document in question is actually a starting point in what its signatories hope will turn into a broader conversation about how to break down barriers to adoption and foster wider acceptance in the IT world. (The full roster of participating companies was not immediately available.)

On the surface, there’s not much to find upsetting or controversial with the document. Frankly, it reads like one of those anodyne diplomatic communiques published after a meeting between heads of state. To wit:

Fannie Mae IT contractor indicted in malware case

Tuesday, May 18th, 2010

Luckily, the Fannie Mae server scripts were returned to normal before mortgage chaos ensued. But the errors listed in the complaint are clear. The biggest problem: Makwana’s access wasn’t terminated when he was. He had access to Fannie Mae servers longer than he should have.

The good news is that Makwana’s access didn’t go on indefinitely. I’ve known more than a few people who could access their former employer’s network for months after they left the company.

This was originally posted at ZDNet’s Between the Lines.

Sophos’ Graham Cluley says:

Makwana worked at Fannie Mae’s data center in Urbana, Md., as a Unix engineer, as a contractor with a firm called OmniTech. He had root access to all Fannie Mae servers.

Here’s a look at the notable excerpts of the complaint. As you can see there were warning signs and mistakes made along the way. Emphasis is mine.

Rajendrasinh Makwana was indicted on Tuesday in the U.S. District Court for Maryland (press report, complaint PDF, and indictment PDF). From early 2006 to Oct. 24, Makwana was a contractor for Fannie Mae. According to the indictment, Makwana allegedly targeted Fannie Mae’s network after he was terminated. The goal was to “cause damage to Fannie Mae’s computer network by entering malicious code that was intended to execute on January 31, 2009.” And given that Fannie Mae–along with Freddie
Mac–was nationalized in an effort to stabilize the mortgage market, a malware intrusion could have caused a good bit of havoc.

A former Fannie Mae IT contractor has been indicted on charges of planting a virus that would have nuked the mortgage agency’s computers, caused millions of dollars in damages, and even shut down operations. How might this have occurred? The contractor was terminated, but his server privileges were not.

So far so good right? Makwana screwed up, was terminated, and had to turn in his gear and access privileges.

Well, that last part didn’t go so well.

Details of Makwana’s alleged plot surfaced in a complaint that was initially sealed to protect the identity of Fannie Mae. In the complaint, Fannie Mae is referred to as “ABC,” but defined as an outfit that facilitates mortgages. In a sworn statement, FBI agent Jessica Nye outlined the following:

There was also some good detective work too–the complaint details Makwana’s alleged techniques and script set-up–by the Fannie Mae security team. However, a lot of work could have been avoided if only Makwana’s privileges were terminated when he was.

As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the decision to make staff redundant. As we’ve written before, a disaffected employee could create havoc inside your organisation so make sure that appropriate security is in place.

However, catching the malware script was really a function of luck.

The tale of the malware bomb plot is a warning shot to all security teams and IT departments. Given the level of layoffs we’ve seen lately, the ranks of disgruntled former employees is likely to grow. Is there any company NOT lopping off a big chunk of its workforce? And some of these workers may even have Makwana’s access privileges and knowledge of the corporate network.

Indeed, Makwana allegedly had intended to do some serious damage such as “destroying and altering all of the data on all Fannie Mae servers.” That quote from the indictment puts it mildly. According to the initial complaint against Makwana, the former contractor’s virus “would have caused millions of dollars of damage.” Anyone who logged into the Fannie Mae network on Jan. 31 would have seen a message “Server Graveyard.”

CNET News Daily Podcast Obama’s PDA addiction get

Saturday, May 15th, 2010

President-elect Barack Obama is hopelessly addicted to his PDA–in this case a BlackBerry. But while Research In Motion offers encryption, the U.S. government has stricter requirements for communications security. And the president-elect is on notice that things are going to have to change. But as CNET News’ Declan McCullagh explains, there are handheld devices that Obama’s security handlers don’t have any issues with.

Download today’s podcast

Today’s stories:

Windows 7 beta gets a mascot

Yahoo makes an offer to Bartz

Listen now:

Electric-car maker Think gets rescue funds

Nvidia slashes Q4 revenue guidance 40-50 percent names Jim Cramer chairman

Monday, May 10th, 2010

The move by to separate the positions is one that corporate America has increasingly embraced, though mainly to address corporate governance issues that have become a hot button in the era of Sarbanes-Oxley.

The investor Web site noted that the separation of duties will allow Clarke to focus more on his efforts as CEO, during a period when the company is moving through a difficult economic environment. named co-founder and high-profile market commentator Jim Cramer as its chairman, in a move to separate the dual role of its Chief Executive Thomas Clarke.

HP ‘innovation’ reeks of self-interest

Monday, May 3rd, 2010

In the mind of the CTO and CIO, however, innovation may actually mean open source.

Embedded in the news that Hewlett-Packard plans to cut 24,600 jobs from its roster in an effort to make its EDS acquisition work, was this interesting tidbit from its call with analysts, as ZDNet captured:

I agree that enterprises should spend less money on licensing and more on tailoring software to specific enterprise needs. Where perhaps I disagree with HP, however, is on the most efficient route to get there. Open source is tailor-made for this sort of value proposition, but HP has traditionally paid more lip service to open source (beyond Linux) than it has actually done anything.

One of the things HP says it wants to offer with its portfolio of offerings–across the board in hardware, software and now services–is flexibility in meeting the customer’s demand. CIOs today are dealing with…big issues (like) needing to flip that spending ratio to less on maintenance and more on innovation…And there are choices on how to do it: buy it from HP or let HP do it for you, executives said.

If HP is truly interested in enterprise innovation, let it commit its significant resources to deploying services and hardware around open-source software. No more licensing waste with ever-increasing maintenance fees born of lock-in to a proprietary platform. Just pure value to the customer.


How about that, HP?

Very cheeky. Though HP makes quite a bit of money from software, its real business going forward is hardware and services. In HP’s mind, this means “innovation,” and the more of that innovation bought from HP, the better.