January 2008 Archives

Even as the tech industry prepares for the advent of the semantic web -- or Web 3.0 -- security experts are warning that many organizations aren't guarding against the considerable risks Web 2.0 tools introduce into the enterprise.

An article on Silicon.com cites some sobering research data indicating American companies are behind the Web 2.0 security curve:

Almost two-thirds (65 percent) of U.S. companies do nothing to block third-party collaboration tools, such as real-time communications and information sharing, according to research from Yankee Group.

Tom Rashke, senior analyst at Forrester, said 25 percent of U.S. CIOs in a recent survey admitted adoption of Web 2.0 tools would be a priority in 2008, even though the strategy would potentially increase potential areas of attack, increase the complexity of infrastructure and the return on investment (ROI) was not clear.

The ROI isn't clear? Whoa. Did I miss something or has business-IT alignment suddenly become quaint?

According to the Silicon.com article, Rashke says enterprises need content-level security. So instead of monitoring the highway on which data travels (the infrastructure), enterprises need to search vehicles (the data) instead.

One partial solution is more cowbell data encryption, according to a banking IT security expert. Let's face it, though: A partial solution essentially is no solution, especially if you're talking about competitive data being allowed out of the enterprise.

With Super Tuesday coming up in the presidential primaries, MIT's Technology Review has published a timely article about the continuing unreliability of electronic voting machines.

Perhaps surprisingly to the more conspiratorial-minded readers, the article suggests that the main cause of concern does not involve security. Rather, usability appears to be the most troubling issue.

Ben Bederson, an associate professor at the Human-Computer Interaction Lab at the University of Maryland, was part of a team that conducted a five-year study on e-voting machines from about a half-dozen vendors...

"Security, while important, happens to be one of those places where voting machines actually have not proven to fail," Bederson says. "However, in many other ways, they have failed dramatically, especially [regarding] usability."

Participants in the University of Maryland study were instructed to vote for specific candidates in mock elections, using e-voting machines that presented clear choices on a single, uncluttered touch-screen. Even with the streamlined ballot, about 3 percent of participants mistakenly voted for the other candidate.

Worse, the error rate climbed to as high as 15 percent on some machines when researchers asked participants' to perform more challenging tasks, such as voting for a candidate and then trying to change their vote to another candidate on the screen.

The last two presidential elections were extremely close, and the results in several states hotly disputed, in large part because of numerous reports of flaws plaguing e-voting machines. You'd think that would have been motivation enough for someone (other than academic researchers) to focus on trying to fix this unacceptable problem, which threatens to undermine one of the bedrock principles of democracy -- that your vote counts.

There's a funny video floating around cyberspace that tackles a serious topic -- the potential loss of even more privacy for Internet users, courtesy of AT&T and other ISPs.

Joel Johnson, who writes a blog about personal and consumer electronics for the popular web site BoingBoing, was invited onto The Hugh Thompson Show, an Internet talk program on AT&T's Tech Channel, to chat about "gadgets."

Johnson had other plans. After politely ignoring Thompson's hard-hitting opening question ("So I gotta ask you this: You kind of have a different philosophy around gadgets, right?"), Johnson went all subversive:

"Let me ask you a question first, though...What did you think about AT&T's announcement last week..."

At this point Thompson, sensing what was coming, briefly slumps forward behind his desk. You also can hear some murmuring among the video crew.

"...about their plans to filter the Internet?"

This visibly cringing Thompson (sounding like Rob Schneider's Copy Room Guy) replied, "Oh dude, Internet filtering!"

That was followed by two minutes of Johnson making his host squirm before the taping was abruptly terminated. The footage now on YouTube and elsewhere comes from a camcorder brought into the studio by one of Johnson's friends.

To some this may seem like a petty act of defiance, but thanks to the unfiltered Internets, Johnson's act of corporate civil disobedience has morphed into a viral event that is raising the public's awareness of an important issue.

On the down side, it also may have heightened public awareness of The Hugh Thompson Show. Is AT&T doing so well that it can afford to spend production money on a talk show hosted by a former network security consultant and permanent geek who apparently has been instructed to say the word "dude" every time he exhales? The show is taped live in a professional studio, there's a house band, and there's an audience of maybe 100. We're talking a few bucks here, people!

Do the shareholders know about this? And how can I get a piece of the action?

In case you missed it, the Washington Post ran a troubling story over the weekend:

President Bush signed a directive this month that expands the intelligence community's role in monitoring Internet traffic to protect against a rising number of attacks on federal agencies' computer systems.

The directive, whose content is classified, authorizes the intelligence agencies, in particular the National Security Agency, to monitor the computer networks of all federal agencies -- including ones they have not previously monitored.

So we have a "classified" presidential directive (i.e. a secret law) regarding government surveillance of the Internet, and all we know about it is what some "congressional aides and former White House officials with knowledge of the program" decided to tell The Post. It makes you wonder what other secret surveillance laws have been enacted.

Fortunately, just before things get too Orwellian, we are reminded in both a New York Times blog post and here that the American people can always count on financial mismanagement, budget constraints, technical snafus and garden-variety bungling to undermine government omnipotence.

I most emphatically do not endorse cyber-vandalism and other destructive hacker pranks. That being said, those who have seen Tom Cruise's bizarre, wild-eyed, fang-bearing performance in a recently leaked Scientology recruitment video might call this karma:

A copyright violation claim by the Church of Scientology against the posting of one of its videos to YouTube has prompted a full-on assault by a group calling itself Anonymous.

The video, in which Tom Cruise proclaims, in part, that Scientologists are the only experts on the mind, was pulled by YouTube over the weekend at the request of the Church of Scientology as part of a long-standing effort to keep copyrighted material from appearing on the Internet.

According to Robert Vamosi's CNET News.com security blog, the Anonymous vigilantes have taken it to the cyber-streets, defacing the web sites of Scientology local chapters, launching DoS (Denial of Service) attacks on some of those sites, and bombarding Scientology offices worldwide with text messages asking if they have "Prince Albert In a Can". (OK, I made that last one up, but Anonymous will use it sooner or later, just you wait.)

Showing a flair for show-business, Anonymous even has posted its own video on YouTube, in which it makes this solemn vow:

"We shall proceed to expel you from the Internet and systematically dismantle the Church of Scientology in its present form."

Admittedly, that might require a little more throw-weight than "Prince Albert In a Can" can bring to bear. In the meantime, if you haven't seen the 9-minute Cruise video, it might take a bit of searching online, but you should be able to find it. I advise, however, clearing the room of children before you watch. Sorta scary, in my book.

Among our group of IT management sites is SemanticWeb.com, which launched last year to chronicle the commercial development and application of semantic, or Web 3.0, technology.

In reading about semantic web technology, it doesn't take long to learn that they treat it a lot more seriously in Europe, at least if you go by how much money is allocated for research.

From this article on SemanticWeb.com:

“[T]here’s far more money in Europe for the semantic web than in the U.S. American researchers tell me all the time that this has probably been true for 2 to 3 years,” says Dr. John Domingue, deputy director of the U.K.’s Open University’s Knowledge Media Institute.

Concrete numbers are elusive, but the article suggests the U.S. government spends only $10 million to $15 million each year on the semantic web, while the European Union alone spends about $50 million Euros annually on semantic web research.

Then there's how the funds are being spent:

Europe and the U.S. are focused on two different areas [of semantic technology], points out [American researcher] Dr. Mark Greaves.

“The U.S. is looking at the database side. The European side -- the research I track there -- is really on the social and the web side, it’s more about web scale stuff, exploiting social networks, dynamic and imperfect ontologies, vs. more centralized and curated ontologies that are more popular in the U.S.”

By spending more money on research and by exploring a more diverse range of emerging tools and networks, it appears the Europeans are better positioned than the U.S. to reap the commercial benefits of the semantic web.

Last March I wrote a column based on a book by Stanford University management-science professor Robert Sutton titled The No --hole Rule: Building a Civilized Workplace and Surviving One That Isn't.

Judging by the ones of email I received, the column struck a chord with an IT guy in Guam. I was reminded of the piece when I got an email today from The McKinsey Quarterly listing that publication's most popular articles of 2007, one of which also was based on Sutton's book.

That article can be found here, if you want to read it (free registration required). If you can't meet McKinsey's rigorous subscription requirement of having an email address and then making up a password, or if can't bring yourself to leave this riveting blog, the article includes an interesting exhibit that is designed to help organizations figure out exactly how much jerks in the midst are costing them.

The bad news is that you can't plug the info from the exhibit into a spreadsheet to get a bottom-line number. The good news is that the exhibit does offer a framework for "calculating your TCJ (total costs of jerks)":

Damage to witnesses and victims:
-- Distractions from tasks
-- Loss of motivation and energy at work
-- Stressed-induced psychological and physical illness
-- Absenteeism and turnover

Woes of certified jerks (there's a cert program?):
-- Hesitation among others to cooperate or deliver bad news to jerks
-- Retaliation from victims and witnesses
-- Job loss

Consequences for management:
-- Time spent appeasing, calming, counseling or disciplining jerks
-- Time spent cooling off victims inside and outside the org
-- Time spent replacing departed employees

Legal and HR management costs:
-- Anger management and other training for jerks
-- Legal costs, settlement fees

Other negative effects:
-- Reduced creativity and innovation
-- Dysfunctional internal competition
-- Impaired cooperation from outside people
-- Impaired ability to attract talented employees

And this is just a partial list from the exhibit. It's clear that just about every item relates to the same thing: A loss of focus and energy that should be directed toward achieving an organization's goals. The power that we too often cede to jerks truly is amazing. Maybe it's time for HR departments worldwide to develop a new specialty: Jerkologist.

SAN FRANCISCO -- Satisfying the growing public demand for "less is more (expensive)", Apple Inc. this week once again outmaneuvered its cloddish rivals by unveiling an über-thin laptop so light that it floats, does nothing, and can be folded up and put in a shirt pocket.

"For years our competitors have crammed their laptops with useless and unnecessary features such as memory, hard drive, USB ports, keyboards and optical drives," Apple CEO Steve Jobs told a rapt Macworld audience. "Our research shows that consumers are turned off by such excessive frills and long for an elegant, streamlined computing experience. We think the MacBook LighterThanAir fills that growing need. It is, if I do say so myself, 'App-solutely Brilliant.' Pun intended!"

Notoriously skeptical Apple users greeted the news with a gritty mixture of smugness, elation and glee.

"I'll gladly pay $1,800 to avoid the distracting bells and whistles that burden the average PC user," one audience member said. "Those pathetic fools."

"I don't know whether to feel pity or contempt for anyone dimwitted enough not to choose an Apple computing product," said another. "Actually, I'll go with contempt."

It used to be that employees would get annual performance reviews and never really hear about how they're doing again until the next review a year later.

Actually, that's still the case in the vast majority of, um, cases. But an interesting article in the Wall Street Journal tells us that some companies are moving beyond this inefficient, antiquated system toward one that helps and encourages workers' career development. And they're doing it because they just want to be nice!

Not really...

Hoping to reduce turnover and increase worker satisfaction, companies are upgrading the way they manage, assess and share employee performance data. They are investing in Web-based software that tracks the progress of workers from the time they apply to work at a company until they leave.

It's not exactly a tidal wave of enlightenment yet, as the WSJ piece notes that only about a dozen software vendors and a few "search firms and payroll companies are capitalizing on the demand for talent-management systems."

Still, the notion of using Web-based talent-management software should be intriguing to organizations fighting turnover and morale issues for a number of reasons, offering a tool to:

Clarify recruiting and succession-planning needs

Identify internal talent that might currently or someday qualify for expected vacancies

Simplify the performance review process for managers and workers

That last one might be the most important of all because the biggest flaw in the review process usually is a skittish manager who is afraid to critique a worker. This can lead to poor performance, low morale, lack of communication and confusion about expectations -- all of which can hurt a company's bottom line.

From the WSJ:

[I]nstead of filling out forms using a computerized spreadsheet, the technology allows managers to enter ratings and notes into an online database of employee profiles. The entries are cumulative and can be used to make head-to-head comparisons.

Sort of like fantasy football!

Employees can also look up the information at any time, enter feedback and see suggestions on how they can progress to the next level or achieve a particular goal. In addition, they can get a roadmap showing how to improve in weak areas, such as a suggestion to enroll in a company training program.

Who would have thought it would take software to make performance evaluations and career development more human -- and humane?

No payments, no patriotism.

Maybe that should be the new slogan of the anonymous telephone company that, according to this Reuters story, "cut off an FBI international wiretap after the agency failed to pay its bill on time."

The Justice Department's inspector general revealed in a report released last week that shoddy financial practices within the Federal Bureau of Investigation caused at least one international wiretap conducted under the Foreign Intelligence Surveillance Act to be cut off because the G-men failed to pay a bill on time.

"Late payments have resulted in telecommunications carriers actually disconnecting phone lines established to deliver surveillance results to the FBI, resulting in lost evidence, including an instance where delivery of intercept information required by a ... FISA order was halted due to untimely payment," the audit said.

No one is saying which phone company will be left out of any amnesty deal pulled the plug on the feds' tap. But apparently this wasn't a one-shot occurrence:

The FBI acknowledged a "a few instances" in which late phone bills led to surveillance disruptions. It added, "These interruptions were temporary and in our assessment, none of those cases were significantly affected."

There's nothing more reassuring than a self-assessment, especially coming from a government agency. No doubt the FBI will get to the bottom of this, just as the Justice Department did in the Valerie Plame spy leak case.

In the meantime, we can all sleep well at night, knowing that the War on Terror is in small-claims court good hands.

I mean, here's the latest in the ongoing DVD format battle, as reported on PC Magazine's web site...

LAS VEGAS — The adult film industry is still taking a wait-and-see approach to the Blu-ray /HD DVD wars. But while Blu-ray's perceived costs have pushed some companies into the arms of the HD DVD camp, Warner Bros.' decision last week to exclusively support Blu-ray has some thinking that the end of HD DVD is nigh.

Executives in the adult-film industry spoke Wednesday during the opening day of the AVN Adult Entertainment Expo 2008, which briefly overlaps with the more mainstream Consumer Electronics Show ending Thursday.

Sounds like the funeral for Blu-ray might have been as premature as the one for Hillary Clinton's presidential campaign. Which, for computer manufacturers and consumers, is sort of a drag because competing formats are confusing, to say the least.

Of course, technology format wars have a long and gloried (or is it gory?) history. Fortunately, through the years, my gut instincts have usually told me which format will prevail. I'm afraid the rest of you will have to wait for the dust to settle in this particular throwdown.

In the meantime, I have an entire room full of 8-track tapes for sale, if anyone's interested.

I won't be there, but next week I'll be eagerly awaiting reports from the Consumer Electronics Show in Las Vegas on the unveiling of wireless high-definition flat-panel TVs.

Wireless HD video streaming has been promised for several years, but now it looks like it's just about here. There will be demonstrations of three different wireless technologies for high-def at the CES show, and manufacturers plan to begin selling wireless-enabled HDTVs before next Christmas.

You can read all about the technological details in this Associated Press story. And if you really want to drill down, check the web site for WirelessHD, a consortium of major electronics manufacturers such as Intel, LG Electronics, Samsung, Sony and Toshiba.

No news on what they'll cost yet, but I predict (based on neither data nor experience pricing electronics) the wireless sets will be about 50 percent higher than an otherwise identical wired TV. So a consumer paying $1,500 for a 40-inch, wired flat-screen TV would have to shell out $2,300 or so for a wireless 40-inch.

There was a throwaway paragraph at the end of the AP article...

Of course, none of these technologies will let an HDTV go completely wireless: there's still the power cord. People are working on wireless power as well, but we'll have to wait much longer for that.

...that reminded me of one of the most fascinating scientific stories of 2007. In case you didn't catch it last summer, MIT scientists successfully lit a 60-watt lightbulb with a power source seven feet away, without using wires.

A baby step, admittedly, but if wireless electricity can scale up -- and if the energy waves don't turn us into mutants -- it could go commercial in a few years. And that means a lot more than no wires -- it means no batteries for laptops, cell phones, PDAs, really, any portable electronics.

Now that would be cool (the mutant stuff aside).

Since the presidential campaign is about to hit full swing with Thursday's Iowa caucuses, now seems like a good time to consider each candidate's positions on various technology issues.

Fortunately, the folks over at CNET's News.com did the heavy lifting for us, sending a questionnaire to all of the major candidates and receiving replies from a half-dozen. (Not responding were Republicans Mitt Romney, Mike Huckabee, Rudy Giuliani and Fred Thompson, along with Democrats Joe Biden and Bill Richardson. May their wireless connections drop to low.)

CNET will milk the idea roll out the series over the next few days, so right now readers can get detailed positions on tech issues from only Hillary Clinton and Barack Obama. The views of John McCain, Ron Paul, John Edwards and Chris Dodd will be coming.

However, News.com did post some short comments from all six responding candidates, and fortunately none of them appear to be saying anything really crazy (so far). Very briefly:

Clinton: "[We] must ensure that there continues to be open, unimpaired, and unencumbered Internet access for both its users and content providers."

Obama: "I believe that America should lead the world in broadband penetration and Internet access. Full broadband penetration can enrich democratic discourse, enhance competition, provide economic growth, and bring significant consumer benefits."

McCain: "We should place the federal government in the role of stimulator, rather than regulator, of broadband services, remove state and local barriers to broadband deployment, and facilitate deployment of broadband services to rural and unserved communities."

Ron Paul: "Under the Constitution, the federal government does not have the authority to regulate social-networking sites. I would return this matter to state and local governments."

John Edwards: "I believe that if we do not guarantee Net neutrality...the Internet could go the way of network television and commercial radio, with just a few loud corporate voices and no room for the grassroots and small entrepreneurs."

Chris Dodd: "As president, I would use revenue gained from the spectrum auction to expand the development of new technology and ensure affordable high-speed wireless Internet access nationwide."