October 2006 Archives

It didn't take Wall Street long to lay odds on Oracle's challenge to open-source darling Red Hat.

No sooner had Oracle CEO Larry Ellison announced the software giant's plans to slug it out with Red Hat in the enterprise support market, shares of the Linux software and services provider began sinking faster than ratings for Studio 60.

By midafternoon Thursday, Red Hat stock was down 26 percent, to $14.31, from Wednesday's close. It had been as low as $13.70 shortly after trading began, bounced a little and has flatlined ever since.

Of course, the reason investors are dumping Red Hat shares is because they think Oracle will mop up the enterprise floor with the much smaller player. Indeed, the technology graveyard is full of companies that gained an early edge in a market, only to be crushed by a larger competitor with more resources.

Is that Red Hat's fate?

Ellison doesn't necessarily think so, or at least he says he doesn't think so. From Andy Patrizio's internetnews.com article:

One of the first questions asked during a Q&A with the audience of corporate customers was "Is killing [Red Hat] an unintended side effect?" Ellison responded "I don't think Red Hat will be killed, I would expect Red Hat is going to compete very aggressively. This is how capitalism works. We're competing. We expect them to improve their product."

There is another likely scenario. Many small companies, as we know, build themselves from Day One with an eye toward eventually "merging" (code for being acquired) with a deep-pocketed partner.

That could be the end game for Red Hat. Whether the "partner" is Oracle or another giant, such as Microsoft, well, that's where the real fun begins.

I used to rely on the flimsiest of rationales to exploit the ongoing browser war between Internet Explorer and Firefox -- market share reports, analysts' comments, my dark inner voices.

Now, faced with genuine news -- the long-awaited full, official updates to both browsers -- I can barely stifle a yawn.

Which is weird because I read that both Microsoft and the Mozilla Foundation made some significant improvements to their respective browsers. In this week's Executive Tech column, Brian Livingston urges readers to download IE 7 (released last week) because it features a number of security upgrades over IE 6, which Brian dubs "the world's least secure browser."

And today Mozilla made Firefox 2.0 available for download. According to internetnews.com's Sean Michael Kerner:

FF2 includes new features, a new look and more stability and performance than its predecessors in the 1.5.x Firefox branch, which debuted nearly a year ago.

Sounds great! So too does the improvement to Firefox's tabbed browser , one of my favorite tools.

Yet I remain oddly indifferent. Maybe it's because, on my list of Internet-related annoyances, a glitchy browser rates well below, say, spotty wireless connections and endless emails urging me to change that eBay password I don't have.

On the other hand, solutions for those problems don't appear to be readily available for free download. But the improved browsers are.

In this age of electronic data, you can't blame organizations for wanting their employees to be more security-savvy. You also can't blame managers for instinctively turning to an old, reliable reinforcement technique: threats training.

Trouble is, it's extremely difficul to train employees against any number of security threats, including one that HP recently made famous. That's according to Richard Stiennon, CIO Update contributor and founder of IT security research firm IT Harvest. In his latest column, Stiennon says:

Take the concept of pretexting. This has gotten a lot of press recently because top executives of HP hired private investigators to obtain phone records of board members and journalists in an overzealous attempt to determine who was leaking information about board discussions.

The PI’s would masquerade as these individuals and call the telephone companies requesting their phone records. I am at a loss for how you could train a CSR to recognize a pretexting attack.

Stiennon makes a good point, and he offers a tandem solution:

[T]he phone companies should take two steps. One is policy: No customer information given out over the phone, phone records only mailed to the address of record, etc. Second, technology can be deployed to identify and alert when these types of attacks are underway.

It's not just pretexting, though. Using training to enforce sensible policies regarding passwords and screensavers usually meets with equally disappointing results, Stiennon says. But then, you already know that.

Formidable as the task is, our CIO Update columnist does offer some sound advice on instilling in your employees a greater appreciation for security. It's worth a look.

Whether your company has jumped on the Web 2.0 bandwagon or is still just thinking about, I recommend you read the latest column by eSecurity Planet contributor Ray Everett-Church.

Ray finds much to enjoy about Web 2.0 technology and services -- the YouTubes, the Wikipedias, the mash-ups -- yet he is bothered as only a network security professional can be:

[W]ith the rush to make websites “2.0 compliant,” companies are throwing privacy and security considerations out the window in hopes of riding this new wave of catch-phrase coolness.

You think this mere hyperbole? Read on:

Recently a colleague of mine suggested I try a service called Meebo which allows you to send and receive instant messages from all the major IM services through one interface. All you have to do is give Meebo your usernames and passwords for all your accounts and let them be the intermediary for all your online interactions thereafter. (Chilling italics mine.)

I'm sure you can figure out why that might pose a problem, but for the naive and unsuspecting, Ray lays it out:

For services like Yahoo!, AOL, and Google, the username and password for your IM service also gives access to your email, your public and private photo albums, your calendar, your address book, and in some cases your billing information and other personal data. This is not information that anyone should hand over very easily.

That's an understatement (which I probably could liven up with some italics). In any event, go check out Ray's column, especially if you want to know his front-runner for the "Greatest Looming Web 2.0 Disaster Award." (Hint: It involves a company mentioned in this post.)

I haven't been over at BusinessWeekOnline for awhile, but this week the site features two good reads on HP-related stuff.

In one column, Hubris at HP — and Beyond, author David Holtzman argues that the genesis of HP's spying scandal extends beyond the company's executive suites:

There is a cult of arrogance behind HPGate that pervades the business community and is bigger than any one scandal. It manifests differently from time to time, but its roots all grow out of the same soil. Whether it's option-repricing, insider trading, or spying on journalists, business decisions are made at the highest corporate levels that are at best murkily legal and visibly unethical. Ethical thinking does not seem to be part of today's business environment.

In another commentary piece, author Peter Burrows takes a look at What Carly Doesn't Say in his analysis of former HP CEO Carly Fiorina's new book, Tough Choices.

And apparently she doesn't say a lot, which may come as a surprise to those who saw her 60 Minutes interview in which Fiorina dished out plenty of blame for her eventual ouster from the company. A couple of excerpts:

The book paints Fiorina's tenure as a hard but rewarding and constant drive toward improved performance. That's not what happened. The company she inherited from Lewis Platt was healthy, if not exciting, and Fiorina's rapid attempt at "transformation" did not go over so well. ...[B]y the time she pitched the idea of buying Compaq in September 2001, HP was badly in need of some big move — or, as many on Wall Street were already saying on background, a new CEO. In other words, the Compaq deal was not made from a position of strength, but of weakness.

And this:

Fiorina writes a lot about the deficiencies of some top HP managers and about the need for a strong team. While she does explain that she didn't initially want to bring in a bunch of outsiders, she doesn't address her complete record on this front. In her five years at the company, she brought in only one top executive—to replace retiring human relations vice-president Susan Bowick. She got close to luring a few others, including Acer president Gianfranco Lanci, but didn't close the deal. This became a major concern for some board members, as many of Compaq's best operating executives began jumping ship.

Here's Dallas Mavericks owner and YouTube basher Mark Cuban last Friday on the rumor that search giant Google intended to buy the wildly popular online video-sharing site: "They'd be crazy."

Well, get out the straightjacket because Google announced today plans to purchase YouTube in a $1.65 billion stock deal.

Like Cuban, I don't like the deal, but for different reasons. Cuban thinks YouTube is a lawsuit waiting to happen. From Roy Mark's internetnews.com article:

"Once you go commercial, once you have to monitor for copyright violations, your whole business model changes," Cuban said. "They [YouTube] are going to get crushed."

It's a legitimate concern. YouTube features an awful lot of copyrighted material, in addition to its usual mix of home-made videos.

But I don't care about any of the lawsuit stuff. My great fear is that Google somehow will ruin YouTube. These kinds of big acquisitions almost always go awry, with the notable exception of AOL Time Warner. (Yes, I am joking.)

I suppose you can't blame Google. After all, YouTube has almost half the online video audience share, with more than 100 million videos viewed daily. And I'm sure Google would hate to see that audience fall into the clutches of Yahoo or Microsoft, both of which have expressed interest in buying YouTube.

So it may have been a good pre-emptive move by Google. I just don't want them to meddle with a good thing.