Jason Yow

Have some extra USB hard drives you'd like to put to a good use? Though marketed primarily as a media-sharing device, the forthcoming second-generation Pogoplug is a cool and useful tool for sharing business information as well. How using them to create an Internet storage cloud for your company, yourself, or your family? The device was introduced earlier today.

It provides a hardware device and online service that together provide secure file access and sharing. Here's the pitch: For $129, Pogoplug gives you the ability to connect USB hard drives directly to the Internet. Scheduled to ship next month, Pogoplug 2 (as I am calling it) is optimized for Internet viewing and sharing of multimedia files. Because the Pogoplug service keeps track of stored files-indexing across multiple hard drives-it allows users to share files without having to upload them. It can, for example, stream video to an iPhone, which can also upload and download files from the storage cloud the Pogoplug creates.

Optional Windows and Mac desktop apps provide local access to Pogoplug-managed storage. The new model offers four USB connections, allowing multiple drives to be connected without the need for a USB hub. There is no monthly charge for the online service, included in cost of the device. Other new features include better transcoding and wider support for streaming movies on the Web or to an iPhone app. There is also tighter integration with Facebook, Twitter, and MySpace, as well as automatic organization of your music, photos, and videos. The new software also provides the ability to automatically sync photos, music, videos, and other content from apps such as iTunes and iPhoto.

An address book remembers e-mail addresses with which you've shared content for future sharing. If not, Seagate's DockStar is a somewhat less expensive device, based on Pogoplug technology. The first version, introduced in January at CES, had but a single USB connection and was pretty utilitarian in appearance. (Here is our review). The new Pogoplug is fairly attractive, if you like bright pink. The hitch? Storage is, after all, a terrible thing to waste.

After the first year, Pogoplug service will cost Seagate customers $29.95-a-year. (The DockStar is one of our "25 Top Tech Gifts" for 2009). Meanwhile, Pogoplug's maker, a company called Cloud Engines, said it will "soon" enable additional features, such as "backup, file synchronization, photo printing and more." My take: I didn't think the first Pogoplug was useful enough the buy one, but having recenty discovered a half-dozen extra USB drives around my office, the device suddenly seems almost necessary. I will probably order one online, that is if I can get past the obnoxious self-starting music and videos on the Pogoplug Web site. With the product features now improved, maybe the site can be fixed, too. It keeps repeating over and over. David Coursey tweets as @techinciter and can be contacted via his Web site.

Nominum is hoping that the second time is the charm in the outsourced DNS market, as the maker of high-end DNS software announces a hosted service on Tuesday. Slideshow: How DNS cache poisoning works On Tuesday, Nominum will reenter the outsourced DNS market with the announcement of SKYE, a separate business unit that will offer its software as a cloud-based service to smaller ISPs and enterprises. Nominum had a managed DNS services operation earlier this decade but sold it to rival UltraDNS in 2002. Nominum has since focused on its DNS and Dynamic Host Configuration Protocol (DHCP) server software, counting among its customers many of the world's largest carriers including Verizon, Sprint and NTT Communications. Jon Shalowitz, vice president and general manager of SKYE, says the new venture's biggest differentiator is the underlying Nominum software, which is higher performing and more reliable than open source alternatives such as Berkeley Internet Name Domain (BIND). "This is the same software running in the top 100 ISPs around the world," Shalowitz says. "It handles two to three trillion transactions or queries per day.

Rodney Joffe, senior vice president and senior technologist at Neustar, says hosted DNS is a big enough market to support multiple vendors. "Despite the fact that it's been a pretty awful recession, we've continued to grow very effectively in our area of managed DNS for enterprises," Joffe says. "There is definitely a market, and we're nowhere near saturation." Nominum has set up SKYE as a separate organization, with 30 full-time employees and five data centers to run Nominum's software. "Enterprises need to wake up to the risks associated with ignoring their DNS and assuming that if it's not breaking all they time [they] can ignore it," Shalowitz says. "There are still a lot of organizations running legacy DNS and open source DNS that are fraught with vulnerabilities." SKYE is offering four hosted services: SKYE Core recursive DNS service; SKYE Secure authoritative (or external) DNS services; SKYE Search redirection service; and SKYE Trust, a blacklist service for malicious Web sites. "Our target customer is anyone who has a strong Web presence: E-commerce companies, banks, anyone that has regulations for protecting data such as hospitals and healthcare companies; and any other company where breaches of personal information could be catastrophic such as credit card companies," Shalowitz says. We're leveraging that same technology in a cloud model." SKYE's main competitor will be UltraDNS, now owned by Neustar. Nominum says the time is right for hosted DNS services because of a broader push by corporate IT departments toward cloud-based services. "Part of the reason why cloud is becoming the rage is because of its operational benefits," Shalowitz says. "When companies look at the cost/benefit analysis, they'd much rather have [DNS] being done by experts and run in the cloud." Abner Germanow, director of enterprise communications at IDC, says enterprises are realizing that DNS is a critical service and are paying more attention to it. Most of them are buying DNS appliances from vendors such as Infoblox or hosted DNS services such as the ones being offered by SKYE. "We've seen a fair amount of growth in hosted DNS services," Germanow says. "There are a whole slew of companies offering a variety of DNS services both for internal, recursive DNS services and external, authoritative services…This is something that's clearly rising in popularity." Joffe said new entrants into the enterprise DNS space such as SKYE and OpenDNS, which announced an enterprise offering earlier in the month, will face difficulties if they can't deliver top-notch service level agreements. "Companies that have tried to get into this market have been burned not because having DNS servers and networks is that hard but because making them work in a carrier-like way is not easy," Joffe said, adding that UltraDNS also runs its own DNS software rather than BIND. "The ability to do DNS in a really reliable way turns out to be hard."

Indian outsourcer Wipro has designed a gateway that uses GSM (Global System for Mobile Communications) wireless technology to collect data remotely from medical devices such as blood pressure monitors, glucose meters, pedometers, and weighing scales available with patients. The design, which will be customized by Wipro for its clients in the medical devices business, has been designed using Intel's Atom processor. In remote areas in India, GSM coverage is better than that of broadband or fixed-line dial-up connections, said R. Manimaran, general manager of the medical devices unit of the Wipro Technologies business of Wipro.

Using a standard platform like the Atom platform for embedded applications has helped drive down costs, making the technology affordable in emerging markets, Manimaran said. Indian outsourcers are increasingly focused on the development of intellectual property (IP) and reference designs that they expect will give them an edge in delivering product design and IT services to customers. The final price of the product will, however, be decided by the vendors, he added. Another Indian services company, MindTree, said in September that it was acquiring the Indian development subsidiary of Kyocera Wireless to do mobile handset design for Kyocera and other clients. It also supports video and audio conferencing for interactions between the patient and the doctor, and between doctors consulting with each other. The medical gateway designed by Wipro allows the transmission of real-time medical data to application servers, physicians' handheld devices, and hospital systems through GSM, broadband and dial-up connections.

In rural areas, where sometimes individual patients may not have the connectivity, they can come to rural health care centers where the information can be collected and communicated to larger hospitals in the city, Manimaran said. Medical devices can connect to the gateway through both wired technologies and wireless technologies such as Bluetooth to provide real time medical data, video and image transfer from a patient to doctor, and in turn from a doctor to doctor, Manimaran said.

Avaya has emerged as the winning bidder for Nortel's enterprise business, reportedly beating out Siemens Enterprise Communications over the weekend. Avaya will also contribute an additional pool of $15 million for an employee retention program. The firm will pay $900 million for the unit, Nortel's Government Solutions group and DiamondWare Ltd., a Nortel-owned maker of softphones.

That price is nearly twice what Avaya was initially said to be buying the enterprise business for back in July before auction bidding kicked in. Telecom carrier Verizon, however, is expected to contest the sale on the grounds that Avaya does not plan to retain customer support contracts between Nortel and Verizon. Slideshow: The rise and fall of Nortel Avaya has sought Nortel's enterprise business in hopes of boosting its share of the enterprise telephony and unified communications markets, and getting more customers to migrate to its IP line of communications products.  The sale, expected to close later this year, is subject to court approvals in the U.S., Canada, France and Israel as well as regulatory approvals, other customary closing conditions and certain post-closing purchase price adjustments. Nortel is confident the sale will go through without any snags. "We do not expect the Verizon interaction to impact court approval or the close of this deal," said Joel Hackney, president of Nortel Enterprise Solutions. "We will continue to go forward in supporting customers." Hackney would not say whether Nortel is engaged in the negotiations between Avaya and Verizon on the future of certain customer support contracts, mentioning only that Nortel supports Verizon as a customer as well as the carrier's customers. Nortel customers hope the deal works out in their interest. "Nortel earned the trust of our user group members by delivering innovative, reliable communications solutions and ensuring high-levels of service and support, " said Victor Bohnert, Executive Director of the International Nortel Networks Users Association, in a prepared statement. "With the announcement of today's purchase by Avaya, we look forward to extending that relationship forward to serve the business communications needs of our constituency base across the globe." Nortel will seek Canadian and U.S. court approvals of the proposed sale agreement at a joint hearing on September 15, 2009. The sale close is expected late in the fourth quarter.

Hackney also said there were two bidders for the enterprise unit but would not identify the second suitor. In some EMEA jurisdictions this transaction is subject to information and consultation with employee representatives. As previously announced, Nortel does not expect that its common shareholders or the preferred shareholders of Nortel Networks Limited will receive any value from the creditor protection proceedings and expects that the proceedings will result in the cancellation of these equity interests.

Almost as soon as it was launched, in only nine hours in fact, the Defense Advanced Research Projects Agency (DARPA) announced that the MIT Red Balloon Challenge Team won the $40,000 cash prize in the DARPA Network Challenge, a competition that required participants to locate 10 large, red balloons at undisclosed locations across the United States. Bots, bombs and weird science: The wackiest stories of 2009 "The Challenge has captured the imagination of people around the world, is rich with scientific intrigue, and, we hope, is part of a growing 'renaissance of wonder' throughout the nation," said DARPA director,Dr. Regina E. Dugan in a statement. The MIT team received the prize for being the first to identify the locations of all 10 balloons.

DARPA last month offered up the rather interesting challenge: find and plot 10 red weather balloons scattered at undisclosed locations across the country. According ton the agency, the balloons were in readily accessible locations, visible from nearby roadways and accompanied by DARPA representatives. The first person or team to identify the location of all the balloons and enter them on the challenge Web site will win a $40,000 cash prize. All balloons are scheduled to go on display at all locations at 10:00AM (ET) until approximately 4:00 PM on Saturday, December 5, 2009. Should weather or technical difficulties arise with the launch, the display will be delayed until Sunday, December 6 or later, depending on conditions. Latitudes and longitudes are entered in degree-minute-second (DDD-MM-SS) format as explained on the website Coordinates must be entered with an error of less than one arc-minute to be accepted.

If, for any reason, the balloon is displayed in one location then moved to a second location, either location will be accepted. 12 mad science projects that could shake the world Entrants were required to register and submit entries on the event website. The DARPA Network Challenge is designed to mark the 40th anniversary of the Internet. "It is fitting for DARPA to announce this competition on the anniversary of the day that the first message was sent over the ARPANET, the precursor to the Internet," said Dr. Regina E. Dugan, who made the announcement at a conference celebrating the anniversary. "In the 40 years since this breakthrough, the Internet has become an integral part of society and the global economy. The Grand Challenge competitions were started in 2004 to foster the development of autonomous robotic vehicle technology for use on the battlefield. The DARPA Network Challenge explores the unprecedented ability of the Internet to bring people together to solve tough problems." This is the latest example of DARPA's interest in reaching nontraditional sources of ideas and talent. The competition model for stimulating technological development enabled significant strides that will someday keep our men and women in uniform out of harm's way. DARPA has held a number of challenges including one that featured robot cars and another that seeks to develop lunar spacecraft.

A look back at the week's biggest Google-related news stories:   Google, Verizon unite on Android devices  Verizon and Google have entered into an agreement to jointly develop wireless devices based on Google's open source Android mobile platform. Verizon says that it will have two Android-based handsets on the market by year-end with more to come by 2010   Google celebrates anniversary of bar code patent  Google's "doodle" on its search home page Wednesday was a bar code that presumably translated into the word "Google". It also said happy 57th anniversary to the awarding of a patent for the bar code by Joseph Woodland and Bernard Silver. During a teleconference Tuesday, Verizon CEO Lowell McAdam and Google CEO Eric Schmidt outlined the companies' new strategic partnership that will see them working together to develop Android-based smartphones, PDAs and netbooks, and to deliver users with applications sold through the Android Market app store. It also coincided with the announcement earlier this week of the Nobel Prize for Physics to Charles Kao for his work on fiber-optic communications and Willard Boyle and George Smith, who invented imaging technology using a digital sensor dubbed a CCD (Charge-Coupled Device). The CCD has enabled developments such as bar codes/bar code readers to come along.   Gmail, other webmail passwords stolen  In the wake of the posting in online forums of stolen account and password information for thousands of Hotmail, Gmail and Yahoo e-mail accounts, evidence emerged of yet more abuse that entails attackers exploiting that information to hack into compromised accounts over the last few days to send spam aimed at stealing credit cards.

Attackers have been taking advantage of the exposed account information for Hotmail, Gmail and Yahoo to break into the victim's e-mail accounts and send out deceptive messages to the victim's contacts to promote the scam.   Google Voice in the middle of things AT&T buoyed the spirits of Google Voice fans this week by saying it would allow the application to run on its network, but later in the week word emerged that lawmakers want the FCC to look into whether Google Voice blocks calls to people in rural areas because they are expensive to connect. According to Patrik Runald, senior manager security research at Websense, the security firm noticed about a 40% surge in spam related to Yahoo, Gmail and Hotmail accounts in recent days, with some of the spam being a phishing scam related to a fake Chinese electronics shopping site. And guess which big carrier is encouraging the lawmakers in this pursuit?   Google Squared freshens up  PC World's David Coursey writes that "Google Squared, the ambitious project that delivers search results as a table, has received an update that improves both the quality and quantity of the information it presents." He cites a post on Google's blog that the update results will allow up to four times as many facts to be squeezed into a square.   Google, Microsoft woo Twitter  Various reports (All Things Digital, Reuters, etc.) had Google and Microsoft chatting with Twitter separately about how to best integrate Twitter with outside search engines.   Google: DRAM, DRAM, DRAM!  Computerworld reports that Google and the University of Toronto released a study of tens of thousands of Google servers showing that "data error rates on DRAM memory modules are vastly higher than previously thought and may be more responsible for system shutdowns and service interruptions." For more on Google, visit Network World's independent Google community, Google Subnet.

Lawmakers called upon the Transportation Security Administration and private sector companies to quickly re-establish a nationwide registered traveler program to help frequent travelers get through airport security checkpoints faster. Both lawmakers and vendors said the TSA had not done enough to support the registered traveler program and in fact distanced itself from the effort over the past year. The calls came after the abrupt closure earlier this year of Verified identity Pass Inc. (VIP), the largest provider of registered traveler services, and the subsequent shutting of services by two other vendors that offered the same service. The TSA, meanwhile, insisted that the program did little to improve security.

At a hearing on the future of the registered traveler program Wednesday, members of a House subcommittee on Homeland Security urged the TSA and private vendors to work together to quickly restore the service. The agency said that just because members of such programs had been pre-screened didn't eliminate the need for them to go through airport security checks like everyone else. The hearing came on the same day an investment banking firm, Henry Inc., said it had signed a letter of intent to buy VIP's assets and relaunch the service by the end of the year." U.S. Rep. At the same time, private sector companies need to find a model "that can support a security benefit, but which does not rely on one," she said. Sheila Jackson Lee (D-Texas), the subcommittee chairwoman, expressed hope that the TSA would make a "good faith effort" to explore a security benefit, or an additional layer of security vetting, for the registered traveler program. Even if passengers must still go through a security screeening, these companies can still offer the convenience of getting their customers through the process quicker, such as using a separate member-only line at security checkpoints.

Since 2005, the TSA has piloted several iterations of the program with private sector companies. The registered traveler program was established under the Aviation and Transportation Security Act (ATSA). It authorizes the TSA to implement trusted passenger programs to speed up the security screening of passengers who have submitted to comprehensive background and security checks. The biggest of them was VIP, which offered a registered traveler service called "Clear" at 21 major airports. The announcement raised immediate concerns about the data that VIP had collected as part of its Clear service, including Social Security and credit card number and home address. The company, which had signed up more than 200,000 subscribers, stopped service in June saying it had run out of money.

The company had also collected fingerprints, iris scans and digital images of customers' faces. Soon after Clear stopped its service, rivals Fast Lane Option Corp . (Flo) and Vigilant Solutions also shut down their services. Many who had paid a $199 annual fee were unable to get refunds. During the hearing, U.S. Rep. Going forward, the TSA needs to take the lead in supporting the program, Thompson and others said. Bennie Thompson (D-Miss.) said it is Congress' intent that such "a quick closing of business" does not happen again. "The traveling public deserves better," Thompson said.

Much of the reason the program is in disarray is because the TSA failed to support the effort, witnesses said. Despite the mandate from Congress, the TSA has not fully implemented the use of biometrics as a primary form of identification, Fischer said, nor has it used background screening to vet those using the RT lanes as it was supposed to. While the registered traveler program at one time was expected to provide add an additional layer of security at airports, today it is little more than a convenience for travelers willing to pay for it, they said. "To date, while the private sector has invested over $250 million and upheld its side of the partnership, the TSA has not," said Fred Fischer, managing partner at Flo Corp. Though the TSA at one point collected $28 per passenger to do a so-called Security Threat Assessment (STA) of passengers who had signed up for registered traveler programs, not one applicant was ever vetted using a criminal history records check, he claimed. John Sammon, an assistant administrator at the TSA, said that based on the pilot programs and the agency's own insight, registered traveler programs do not offer any additional security. As a result, the promised security benefits of the registered traveler program have yet to be realized, he said.

He said the TSA stopped doing security threat analysis for registered traveler programs because there was little value to be gained. "The prospect of a terrorist not identified on a watch list raised questions about the viability of a registered traveler program," he said. Going forward, the TSA will work with private vendors to identify programs that will support registered travelers programs, he said. After an evaluation of the pilot programs, the TSA concluded that registered traveler programs "do not provide any additional levels of security," he said. However, from a security standpoint, such passengers will still be subject to the same security checks as other ticketed passengers, he said.

If a research and development tax credit is allowed to expire at the end of the year, 120,000 U.S. jobs could be put at risk, according to a group of companies supporting an extension. The coalition on Wednesday called for Congress to make the tax credit permanent and to increase the credit paid to some companies. A lapse in the tax credit could also put at risk US$16 billion in R&D and related economic activity, the R&D Credit Coalition said. The R&D tax credit, which gives eligible companies a tax credit of 14 percent to 20 percent of R&D spending, has been temporarily extended multiple times since it was first approved by Congress in 1981. The tax credit "has been a driver of jobs and a boost for the U.S. economy, said Karen Myers, vice president of global government relations for CA. Coalition members are concerned that Congress will adjourn this year without extending the tax credit, putting U.S. companies' R&D plans in flux, she said.

Some groups, including tax reform advocates Citizens for Tax Justice, have called the R&D tax credit "corporate welfare." But members of the coalition said the tax credit has huge economic benefits for the U.S. and President Barack Obama, who has called for the credit to be made permanent, has said it returns $2 to the U.S. economy for every dollar spent. "We're talking about 120,000 jobs - if anything, this is citizen welfare ... or employee welfare," said Bartlett Cleland, senior director of policy for TechAmerica, a tech trade group aligned with the R&D Credit Coalition. "These are not 120,000 sweep-the-floor jobs. Lawmakers have been reluctant to make the tax credit permanent partly because of its cost - about $7 billion [b] a year. These are highly compensated, well-educated U.S. employees. The U.S. had the highest R&D incentives when the tax credit was first passed in 1981, but now 16 other nations have more generous incentives, they said. "When you see the other incentives that countries are offering, it's becoming a more challenging hurdle to keep R&D in the United States," said Marie Lee, director of finance and tax policy for TechAmerica. "Particularly when we see the credit lapse, that does [affect] the decisions companies make." The cost of extending the credit - without increasing it to 20 percent across the board, as the coalition wants - would cost about $68 billion over 10 years, according to congressional estimates. There's a growing pressure on U.S. companies to take R&D work overseas, coalition members said. Asked about budget concerns in Congress, Myers said many lawmakers continue to be concerned about jobs and unemployment in the U.S. "Lawmakers are very sensitive to cost in this environment," she said. "However, the fact that the credit is very closely aligned with jobs, and closely aligned with economic growth, I think its an incentive for which lawmakers have a lot of sympathy." On Tuesday, more than 400 companies and trade groups sent a letter to all members of Congress, asking them to make the R&D credit permanent and increase the rate.

A number of companies outside the IT sector also signed the letter, including Harley-Davidson, Toyota and the Schwan Food Co. A number of tech companies signed the letter, among them Adobe Systems, AT&T, Cisco Systems, Dell, Intel, Hewlett-Packard, and Microsoft.

A Seattle computer security consultant says he's developed a new way to exploit a recently disclosed bug in the SSL protocol, used to secure communications on the Internet. Frank Heidt, CEO of Leviathan Security Group, says his "generic" proof-of-concept code could be used to attack a variety of Web sites. The attack, while difficult to execute, could give attackers a very powerful phishing attack.

While the attack is extremely difficult to pull off - the hacker would first have to first pull off a man-in-the-middle attack, running code that compromises the victim's network - it could have devastating consequences. The SSL Authentication flaw gives the attacker a way to change data being sent to the SSL server, but there's still no way to read the information coming back. The attack exploits the SSL (Secure Sockets Layer) Authentication Gap bug, first disclosed on Nov. 5. One of the SSL bug's discoverers, Marsh Ray at PhoneFactor, says he's seen a demonstration of Heidt's attack, and he's convinced it could work. "He did show it to me and it's the real deal," Ray said. Heidt sends data that causes the SSL server to return a redirect message that then sends the Web browser to another page. A consortium of Internet companies has been working to fix the flaw since the PhoneFactor developers first uncovered it several months ago. He then uses that redirect message to move the victim to an insecure connection where the Web pages can be rewritten by Heidt's computer before they are sent to the victim. "Frank has shown a way to leverage this blind plain text injection attack into a complete compromise of the connection between the browser and the secure site," Ray said.

Their work gained new urgency when the bug was inadvertently disclosed on a discussion list. Last week, IBM researcher Anil Kurmus showed how the flaw could be used to trick browsers into sending Twitter messages that contained user passwords. Security experts have been debating the severity of this latest SSL flaw since it became public knowledge. This latest attack shows that the flaw could be used to steal all sorts of sensitive information from secure Web sites, Heidt said. Many high-profile banking and e-commerce Web sites will not return this 302 redirect message in a way that can be exploited, but a "huge number" of sites could be attacked, Heidt said. To be vulnerable, sites need to do something called client renegotiation under SSL and also to have some element on their secure Web pages that could generate a particular 302 redirect message.

With so many Web sites at risk to the flaw, Heidt says he does not intend to release his code immediately. The attack is similar to the SSL Strip attack demonstrated by Moxie Marlinspike [cq] at a security conference earlier this year. From the victim's perspective, the only noticeable change during an attack is that the browser no longer looks as though it's connected to an SSL site. Leviathan Security Group has created a tool that webmasters can use to see if their sites are vulnerable to a SSL Authentication Gap attack. Thierry Zoller, a security consultant with G-Sec, says that theoretically, the flaw could be used to attack mail servers. "An attacker can potentially highjack mails send over secured SMTP [Simple Mail Transfer Protocol] connections, even if they are authenticated by a private certificate," he said in an instant message interview. Because SSL, and its replacement standard, TLS, are used in a wide range of Internet technologies the bug has far-reaching implications.

Zoller, who has not seen Leviathan's code, said that if the attack works as advertized, it will be just a matter of days before someone else figures out how to do it.

Social networking site MySpace.com announced today that it has switched from using hard disk drives in its servers to using PCI Express (PCIe) cards loaded with solid state chips as primary storage for their data center operations. MySpace said the solid state storage uses less than 1% of the power and cooling costs that their previous hard drive-based server infrastructure had and that they were able to remove all of their server racks because the ioDrives are embedded directly into even its smallest servers. "We looked at a number of solid state solutions, using many different kinds of RAID configurations, but we felt that Fusion-io's solution was exactly what we needed to accomplish our goals," Buckingham stated. The PCIe cards, from Fusion-io Inc., have allowed MySpace to replace multiple server farms made up of 2U (3.5-in high) servers that had used 10 to 12 15,000 RPM Fibre Channel drives each with 1U (1.75-in high) servers using a single ioDrive . "In the last 20 years, disk storage hasn't kept pace with other innovations in IT, and right now we're on the cusp of a dramatic change with flash technologies," said Richard Buckingham, vice president of technical operations for MySpace, in a statement.

MySpace's new servers also have replaced its high-performance hosts that held data in large RAM cache modules, a costly method MySpace had been using in order to achieve the necessary throughput to serve its relational databases. Salt Lake City-based Fusion-io claims the ioDrive Duo offers users unprecedented single server performance levels with 1.5GB/sec. throughput and almost 200,000 IOPS. The system can reach such performance levels because four ioDrive Duos in a single server can scale linearly, which provides up to 6GB/sec. of read bandwidth and more than 500,000 read IOPS. The cards come in 160GB, 320GB and 640GB capacities. MySpace said its new servers using the NAND flash memory modules give it the same performance as its older RAM servers. A 1.28TB card is expected in the second half of this year. "Social networking sites and other Web 2.0 applications are very database dependent. Ethernet pipe," David Flynn, CTO of Fusion-io, said in an interview.

Our 320GB ioDrive can fill a 10Gbit/sec.

Microsoft made its holiday pitch Tuesday in New York giving a sneak peak at what its gadget lineup will look like. The OS adds improvements to Internet Explorer Mobile, new navigation tools, Flash Lite support, and the introduction of Windows Marketplace for Mobile - a new app store. (See Related: Review of Windows Mobile OS 6.5 HTC Pure) To me Windows Mobile 6.5 seems like a transitional step to a future OS - might it be called Windows Mobile 7? - that could pose a more realistic challenge to Android, iPhone, and other mobile operating environments on the consumer side. Here Microsoft stressed its portable music player Zune, Xbox, Windows Mobile 6.5 OS phones, and Windows 7. Microsoft's Robbie Bach, head of Microsoft's entertainment and devices division, said this season it will stress the integration of "lifestyles" with "work-styles." All eyes were on Microsoft's Mobile 6.5 operating system which was announced today.

As for Zune and Xbox, Microsoft says it will be rolling out a new feature that enables content downloaded to one of these devices to be played back on the other. Microsoft Zune representatives say the move will represent the first in a series of steps by Microsoft toward greater integration between various Windows-enabled hardware devices. The video quality will support an impressive 1080p high-definition (HD) video. In attendance Tuesday was phone makers Samsung, HTC, LG, Hewlett-Packard and Toshiba were all on hand delivering first looks at Windows Mobile 6.5 devices. Microsoft, though, faces increasingly visible competition from both the Google Android and Apple iPhone camps in a struggle to expand beyond its relatively good position in the corporate smartphone space. Also on hand were mobile carriers Verizon Wireless, AT&T, Sprint, Telus and Bell Mobility.

Today Verizon and Google announced a partnership to bring Android-based smartphones, PDAs, and netbooks to market later this year. At the CTIA show in Dallas, TX this week, Samsung and T-Mobile introduced the Behold II, a touchscreen phone that brings together the Linux-based Android operating system with Samsung's new TouchWiz user interface for one-touch access to the user's favorite features and applications.

Baring a last minute delay, the Federal Trade Commission is set to enforce its identity theft rules known as Red Flags on Nov. 1. The rules have been delayed three times already and were originally set to become practice Nov. 1, 2008. NetworkWorld Extra: 12 mad science projects that could shake the world Under the Red Flags rules all companies or services that regularly permit deferred payments for goods or services, including entities such as health care providers, attorneys, and other professionals, as well as retailers and a wide range of businesses that invoice their customers must develop a written program that identifies and detects the relevant warning signs - or "red flags" - of identity theft. The program must also describe appropriate responses that would prevent and mitigate the crime and detail a plan to update the program. These may include, for example, unusual account activity, fraud alerts on a consumer report, or attempted use of suspicious account application documents.

The final rules require financial and credit institutions that hold any consumer account, or other account for which there is a reasonably foreseeable risk of identity theft, to develop and implement an Identity Theft Prevention Program for combating identity theft in connection with new and existing accounts, the FTC said. Many entities also argue that, because they generally are not required to comply with FTC rules in other contexts, they have not had enough time to develop compliance plans. The FTC stated that some industries and entities within the agency's jurisdiction were uncertain about their coverage under the Red Flags Rule. Others have raised a stink about complying with the rules. This month the House unanimously approved a measure to exempt health care, legal and accounting firms employing fewer than 20 people from Red Flags. As a result the program hasn't been without its legal challenges.

That bill is now in committee. The ruling gave a victory to an industry that objected to the FTC's definition of what constitutes a "creditor." The FTC said it may fight that ruling. Also this month a US District court ruled that lawyers are exempt from the red flags rule requirements. Meanwhile the identity theft problem appears to grow unabated. For the ninth year in a row identity theft - particularly in Arizona and California - was the number one consumer complaint filed with the Federal Trade Commission in 2008. Of 1,223,370 complaints received in 2008, 313,982 - or 26%- were related to identity theft.

The FTC in February released the list of top consumer fraud complaints for 2009 and showed that for the ninth year in a row, identity theft is the number one problem and it is showing no signs of letting up. The FTC 's list shows that credit card fraud was the most common form of reported identity theft at 20%, followed by government documents/benefits fraud at 15%, employment fraud at 15%, phone or utilities fraud at 13%, bank fraud at 11 %and loan fraud at 4%. The CSN received over 1.2 million complaints during calendar year 2008.

Future doctors are too frequently putting inappropriate postings and sometimes confidential patient information on social sites like Facebook and Twitter, according to a study published in the Journal of the American Medical Association. Thirteen percent reported that students had violated patient confidentiality in postings on social networking sites. The study shows that in a survey of medical colleges, 60% reported incidents of medical students' posting unprofessional content online. The survey also showed that 39% of colleges found medical students posting pictures of themselves being intoxicated, and 38% reported medical students posting sexually suggestive material.

Of the schools that reported finding inappropriate student content only, 67% said they gave informal warnings and 7% said they expelled the student. The study, published this week, surveyed deans or their counterparts at 78 U.S. medical colleges. People are frequently warned that photos and posts, and even comments from friends and family - on sites like Facebook, MySpace and Twitter could come back to haunt them. Dan Olds, an analyst with The Gabriel Consulting Group, said people who post inappropriate material, such as pictures of themselves drunk, has long been a downside of social networking. Companies report that they check social networking sites before hiring a prospective employee, and an off-hand comment about a work project or annoying colleague can easily come back to bite someone in the office. However, when health care workers are involved in such activity, it takes on a new dimension. "Doctors are in a bit of a unique position in society - almost universally trusted by patients to hold some of their most personal information confidential," Olds said. "This relationship needs to exist, because if patients hold back information from their doctor, it can have a serious impact on their lives.

And it's hard to believe that medical students, folks who are highly educated, are so stupid as to not see the downside of these social networking activities." He added that aside from posting patient information online, it's also a bad idea for medical students to post pictures of the drunken party they were at the night before or information about their latest tryst. "Even though this was probably done innocently and with no bad intent, the potential for damage to patients is large," Olds said. "Seeing their doctors partying and drunk is not the way to engender trust, particularly if you're the person who has an appointment with that doctor the next day." If patients believe their doctors are unintentionally, or, worse yet, intentionally, revealing confidential information, then that trust will be irreparable damaged.

Akamai Tuesday began pitching its new HD Network as the perfect solution for entertainment companies that want to deliver high-definition video streams over the Internet. During a live videoconference Tuesday, Akamai executives pitched the network to entertainment companies as a compliment for live TV and DVDs that would let content providers stream higher quality videos without the traditional problems of jitter and long buffer times that users regularly encounter. The CDN provider's new HD Network utilizes its HD EdgePlatform and combines it with digital video recorder technology and an adaptive bitrate streaming technology that adjusts users' delivery bitrates based on their network capacity.

Separated at Birth: Tech Honchos and Their Famous Lookalikes "Our HD Network has been designed for large-scale broadcasters and studios," said Akamai CEO Paul Sagan. "Our goal is to meet and surpass the needs of the film and television industries… TV is now possible online at HD bitrates." Akamai cofounder and chief scientist Tom Leighton said that Akamai's HD Network had a unique advantage in delivering HD streams because it had roughly 1,000 servers located on networks' last miles in 750 cities around the world. Users streaming content over the Akamai HD Network will be able to watch video using Flash, Silverlight and iPhone protocols. Leighton said that this access to the last mile has enabled Akamai to deliver content at a rate of 2Mbps or greater to two-thirds of users in the United States and at a rate of 5Mbps or greater to around a quarter of users in the United States. The network also features an HD content analytics that allow providers to monitor and understand who is accessing their content and an HD player based on the open source standard provider through the Open Video Player Framework.

There are a lot of reasons why Dell Inc. agreed to buy Perot Systems Corp. for $3.9 billion, but Congress' vote earlier this year to appropriate billions of dollars to spread the use of electronic medical records may be a key one. Even before today's announcment that Dell plans to buy Perot, the PC maker and IT services firm had agreements in place develop platforms dedicated to electronic health care applications. Perot, which says that about half of its $2.8 billion in annual revenue is derived from health care projects, is in a good position to gain a significant chunk of the $36 billion the federal government is poised to spend on IT related health care projects.

During a conference call with reporters today, Michael Dell, CEO and chairman of Dell, called the move "the right acquisition" for his company, and that the two Texas-based firms share several similar characteristics. "Our products, services and structures are overwhelmingly complementary," Dell said. EDS was spun off in 1996 as an independent firm and remained that way until it was acquired last year by Hewlett-Packard Co. for $13,9 billion . Ross Perot founded Perot Systems in 1988. Harry Greenspun, chief medical officer for Perot Systems' health care group, told investors garthered at an industry conference this month that there's tremendous opportunity for companies like Perot in the health care market. "Most hospitals, most physicians' offices are very immature in their adoption in their technology," he said, according to an archived recording on Perot's web site. Ross Perot, the chairman emeritus of Perot, added, "We saw this as a cultural match, and we saw what we could do together, and I think that made it a lot easier to jump on Michael's vision to build Dell," Perot founded Electronic Data Systems (EDS) in 1962 and sold it to General Motors Corp. in 1984 for $2.5 billion. Dell hopes to complete the deal by year's end, just after the federal fiscal year starts on Oct. 1, which is when federal spending on electronic records is set to begin in earnest. Dell and Perot are already jointly offering what Greenspan called a "dumb box" without ports of disk drives. The demand for help in implementing new health care IT projects should come quickly - Under the law, health care providers have to start upgrading e-health systems by 2015 or face federal penalties.

The Software-as-a-Service system delivers electronic records to virtual desktops that charge customers on a subscription basis. "This is a different way of delivering this service," said Greenspun. Bendor-Samuel said improved revenue from health care projects should be a strong side effect of the merger, but contended that Dell's primary interest is gaining access to a broader base of enterprise customers. "It's great to be a dominant player in the fastest growing segment of the economy, but I view that as a nice thing to have," he said. The purchase of Perot Systems will also give Dell some credibility among large users as a service provider, said Peter Bendor-Samuel, CEO of Everest Group, an Dallas-based outsourcing consultancy. "It both significantly improves their delivery capability and tremendously improves their credibility," he said. Dane Anderson, an analyst at Gartner Inc., believes that the deal shows only that Dell is finally embarking on a services strategy. It has not offered the broader consulting and integration services provided by IT services firms like Perot Systems, he added.. "Really, where the opportunity is in the nearest term is to bring more capabilities to the table for that Dell installed based of clients, he said. Dell's support operation has traditionally focused on providing services to meet the needs of existing users.

Anderson said that he doesn't expect Dell to quickly gain new services contracts due to the acquisition of Perot. Enterprise aren't likely to exit existing contracts with other services providers.

Today Google released Picasa 3.5, an updated version of its free photo editing software. The most notable addition in this release is an enhanced version of Picasa's people-tagging feature, previously only available in Picasa Web Albums. With Picasa you can edit and organize your images, and sync and share them with Picasa Web Albums, Google's online photo-sharing site. Other improvements include Google Maps integration for faster and easier geotagging, a smarter keyword-tagging interface, and more importing options.

You can then go through and add name tags one at a time or in bulk. When you first launch Picasa 3.5, it scans all of the images on your computer and groups similar faces. If you already use name tags in your Picasa Web Albums, you can log into your Google account and download that information to the Picasa application (Tools-> Download Name Tags from Picasa Web Albums). Logging in also means you can use your Google contacts list when tagging people. Geotagging is much easier in 3.5. In the Places panel, a Google map displays the locations of your geotagged photos. Picasa will automatically create an album for each person you tag. To add location information to a photos, you can search directly in the panel and add a pin, or drag and drop an image or images onto the map from your library.

It's now possible to upload images directly to Picasa Web Albums from your camera, iPhone, or memory card. Picasa's import features have also been greatly improved. Before importing you can choose which images to include or exclude. This update is for both Mac and PCs, and is the first Mac version of Picasa to drop the beta label. For example, you could opt to upload all of the images to your hard drive, but only starred images to the Web.

Nortel enterprise customers will be able to buy the company's current line of products for 12 to 18 months after Avaya officially takes ownership of Nortel's enterprise division that it won at auction for $900 million. Support for Nortel gear will continue throughout that transition, an Avaya spokesperson says. Slideshow: The rise and fall of Nortel    After that period, Avaya says it will have a migration path laid out that customers can follow to bring themselves into Avaya's official product line.

Because the two companies' products overlap, some analysts think the deal was more about customers than it was technology. Regardless of the migration path, Avaya says it will honor three- to five-year product support for all customers. Task forces from both companies will be tapped to figure out what products make the most sense to keep and which ones need to be merged. The company says the product road map for the expanded Avaya will be ready 30 days after the deal is officially closed. The contracts in question extended to Verizon customers through its services business.

Avaya says it will honor all Nortel's service contracts including those that Verizon claimed in a legal filing would be canceled. Verizon sought last week to get Avaya removed from the auction for Nortel's enterprise division. The customers will receive service," an Avaya spokesperson says. The last-minute appeal claimed Avaya intended to toss out the contracts and that would result in national security issues because some of the gear was supplied to critical governmental agencies. "We intend to fulfill the contract that is the subject of their filing. Long term Avaya says it will rely on its Aura Session Manager platform to unify customers' Session Initiation Protocol-based communications gear into a single system. Because Avaya Aura is compatible with Nortel's open architecture, customers will be able to build multi-vendor environments without requiring a swap-out to all-Avaya equipment.

Aura already supports Nortel gear as well as products from major VoIP vendors Alcatel-Lucent, Cisco, Mitel, NEC, Nortel, ShoreTel and Siemens. As for R&D, Avaya says the Nortel and Avaya resources are complementary enough to help the combined company bring new products to market more quickly.

Bharti Airtel, India's largest mobile services company, said Wednesday that it had called off talks for an alliance with MTN Group of South Africa. The South African government, which views MTN as a national champion, has insisted on keeping MTN's separate identity, according to reports. The South African government did not approve the proposed alliance's structure, Bharti Airtel said in a filing to the Bombay Stock Exchange.

Perhaps to avoid government objections, the talks between the companies were described as leading to a partnership, though a merger at a later date was not ruled out. The broad structure discussed had taken into account the sensibilities and sensitivities of both companies and their countries, including ensuring continuity of business in areas such as management, brand and stock listing, Bharti said. The period for exclusive talks between the companies was scheduled to end Wednesday, after two earlier extensions. The companies said in May that a full merger between them was a broad strategic objective, as soon as it was practicable, indicating that the immediate focus of the talks was on a loose partnership and cross-investments between the two companies. Together the two companies would have US$20 billion in revenue and 200 million customers, Bharti Airtel said in May. Under the terms for an arrangement announced in May, Bharti Airtel was to acquire 49 percent shareholding in MTN, while MTN and shareholders would acquire a 36 percent economic interest in Bharti Airtel through a stock and cash deal.

Under the arrangement, Bharti Airtel would have substantial and governance rights in MTN, enabling it to fully consolidate the accounts of MTN. Bharti Airtel would be the primary vehicle for the expansion of both Bharti Airtel and MTN in Asia, while MTN would focus on expansion in Africa and the Middle East. Dual listing of companies in India and another country is not allowed by Indian rules, which only allow depository receipts of Indian companies to be listed abroad under specific conditions. The South African government is said to have insisted on a dual listing of the combined entity after a merger, in order to protect the identity of MTN as a South African entity, according to informed sources. This is the second time that alliance talks between Bharti Airtel and MTN fell through over the structure of the combined entity. Bharti will continue to explore international expansion opportunities, the company said in its statement on Wednesday.

Bharti Airtel, which has Singapore Telecommunications as a key shareholder, said last year that earlier talks fell through after disagreement on the structuring of the deal, particularly MTN's insistence that Bharti Airtel should be a subsidiary company of MTN after the deal. It hoped that the South African government would review its position on the proposed structure and allow the two companies an opportunity to re-engage.

Some industry observers still like to kick dents in the mainframe saying it's not the corporate platform of the future but the Big Iron seemingly takes the licks and keeps on ticking. Only IBM mainframe users were included in the survey population, IDC noted. Case in point: According to a study out today of 300 end users by researchers at IDC nearly one-half of said they plan to increase annual spending on mainframe hardware and software over the next five years. Network World Extra: How to really bury a mainframe Many mainframe users reported that they can plan another wave of investments in the System z platform over the next 2–5 years, citing the system's high availability, reliability, and security for mission-critical applications as major drivers, IDC stated. "Customers continue to collect dividends on their System z investments, which makes future investments much more palatable, even in difficult economic times," said Tim Grieser, program vice president, Enterprise System Management Software in a release.

IBM has engaged in some price cutting to make some of these processors more palatable though. The study says IBM's strategy of building specialty processors for the mainframe, such as the Integrated Facility for Linux (IFL) System z Integrated Information Processor (zIIP) for ERP and CRM transactions and z Application Assist Processor (zAAP) processors for Java and XML transactions are key to ongoing success of the platform. According to a Network World article IBM has cut in half prices for some specialty Linux processors. Another source said the price changed from $90,000 to $47,500 for IFLs running on the System z Business Class mainframe. IBM acknowledged "new pricing" for the IFL processors, but did not offer specific numbers.

And IBM's mainframes haven't been immune to the economic downturn. Still all is by no means rosy in mainframeland. This summer IBM reported that System z mainframe server revenue decreased 39% year-over-year in the second quarter, while overall company revenue declined 13%. IDC however says the mainframe will benefit down the road from these new processors which will require additional mainframe-related database and storage facilities to handle new workloads. Another recent study raised an ever-increasing issue – retiring mainframers. However, while today individuals still train to become commercial pilots, the number of IT professionals going into the mainframe arena is fast disappearing.

One study by system vendor Shoden found that 96% of respondents working for financial businesses said that they are concerned to some degree that with cloud computing and SaaS they will not be able to retain the necessary skills to operate and maintain legacy environments such as IBM mainframe or AS/400. The study said in the manufacturing sector, 88% of IT decision makers admitting to being concerned, while across all the markets polled, the average comes in at a staggering 83%. The retail, distribution and transport sectors come in just a little lower at 80%. The study went on to state that mainframe technology is as old as the Boeing 747 and, like the iconic aircraft, it is still the default workhorse for many of its original adopters. A similar study funded by CA found that Financial Services organizations are leading the drive to tackle the shortage of mainframe skills in Europe where 60% of financial service firms use the mainframe for administering their critical data. In the CA study it found 57% of financial services organizations said an easy-to-use Web-enabled GUI would help close the skills gap.

Fund Formed for Chinese Start-ups BEIJING - Kai-Fu Lee, who resigned as president of Google Inc.'s China operation earlier this month, has founded an angel investment fund and plans to help out three to five new Chinese high-tech companies annually. Steve Chen, a co-founder of YouTube Inc., is also an investor in Innovation Works. The fund, dubbed Innovation Works, launched with some $115 million (U.S.) provided by several IT vendors, including Taipei-based Foxconn Electronics Inc. and Lenovo Group Ltd. The new company said the funds will be used to train young entrepreneurs and help them build Internet, mobile Internet and cloud computing companies. - Owen Fletcher, IDG News Service Telecom Firms Plan Joint Venture LONDON - Deutsche Telekom AG and France Telecom SA plan to form a joint venture that would oversee their respective U.K. mobile communications networks - T-Mobile U.K. and Orange U.K. The combined company would have about 28.4 million customers, or 37% of U.K. mobile subscribers, leapfrogging current market leader O2 U.K. Ltd., which reported 20.7 million customers at the end of June, the companies said.

Ombudsman P. Nikiforos Diamandouros said he will rule on the complaint later this month. - Agam Shah, IDG News Service The venture is expected to realize overall savings of more than £3.5 billion ($5.7 billion U.S.) by, among other things, closing some stores and "optimizing" the companies' customer service staffs. - Peter Sayer, IDG News Service Briefly Noted The European Union has confirmed that its ombudsman received a complaint from Intel Corp. in July alleging that "procedural errors" were made by the European Commission during an antitrust investigation that led to a record fine of €1.06 billion ($1.44 billion U.S.) against the chip maker.

Nortel enterprise customers will be able to buy the company's current line of products for 12 to 18 months after Avaya officially takes ownership of Nortel's enterprise division that it won at auction for $900 million. Support for Nortel gear will continue throughout that transition, an Avaya spokesperson says. Slideshow: The rise and fall of Nortel    After that period, Avaya says it will have a migration path laid out that customers can follow to bring themselves into Avaya's official product line.

Because the two companies' products overlap, some analysts think the deal was more about customers than it was technology. Regardless of the migration path, Avaya says it will honor three- to five-year product support for all customers. Task forces from both companies will be tapped to figure out what products make the most sense to keep and which ones need to be merged. The company says the product road map for the expanded Avaya will be ready 30 days after the deal is officially closed. The contracts in question extended to Verizon customers through its services business. Avaya says it will honor all Nortel's service contracts including those that Verizon claimed in a legal filing would be canceled.

Verizon sought last week to get Avaya removed from the auction for Nortel's enterprise division. The customers will receive service," an Avaya spokesperson says. The last-minute appeal claimed Avaya intended to toss out the contracts and that would result in national security issues because some of the gear was supplied to critical governmental agencies. "We intend to fulfill the contract that is the subject of their filing. Long term Avaya says it will rely on its Aura Session Manager platform to unify customers' Session Initiation Protocol-based communications gear into a single system. Because Avaya Aura is compatible with Nortel's open architecture, customers will be able to build multi-vendor environments without requiring a swap-out to all-Avaya equipment.

Aura already supports Nortel gear as well as products from major VoIP vendors Alcatel-Lucent, Cisco, Mitel, NEC, Nortel, ShoreTel and Siemens. As for R&D, Avaya says the Nortel and Avaya resources are complementary enough to help the combined company bring new products to market more quickly.

Avid Technology has introduced new versions of its Media Composer, Symphony, and NewsCutter professional editing software, and Interplay, its production asset management system. Overall, these updates let users mix and match different frame rates and resolutions in a timeline within the same project, expand native support for file-based media with additional formats, and extend workgroup capabilities to Wide Area Networks.

Media Composer 4.0, Symphony 4.0, and NewsCutter 8.0 software offer an array of new features, according to the company. These include:

• Improved Stereoscopic 3-D editing to let customers view 3-D material side by side in addition to over and under. This ensures greater editing accuracy and a wider choice of monitors for viewing.
• Monitoring HD and SD cross-and-down converted formats from 1080p24 masters, which lets customers using Mojo DX or Nitris DX hardware view HD material on an SD monitor.
• Panasonic AVC-I encoding support, which allows customers to deliver final masters in Panasonic's AVC-I format while working natively in the Avid editing system from start to finish.
• Mac support for Pro Tools Video Satellite, which lets customers work on a Mac or PC when using Media Composer as a video satellite with Pro Tools systems.
• Mix and match capabilities let customers use media sources of different frame rates and resolutions (SD and HD) in the same timeline, eliminating external transcoding and time-consuming frame-rate conversions.
• Avid Media Access (AMA) enhancements offer native support for the popular Ikegami GFCAM 100 mb/s format. Customers can now directly access GFCAM media, including full metadata, and begin work immediately without transcoding, copying, or re-wrapping the material.
• New production suite updates include new versions of Boris Continuum Complete, Sorenson Squeeze, and SmartSound SonicFire Pro.

Interplay 2.0 lets broadcasters and post facilities work remotely. Lower bandwidth streaming proxies let Interplay workgroup members work with media anytime from anywhere, using a Mac or PC with a 1Mb/s Internet connection. Highlights of the new asset management software include the following:

• WAN workflow with Interplay Access that lets journalists, producers, and editors remotely search and work with media assets across multiple workgroups. A new streamlined interface allows users to browse, log and shot list media in three viewing modes, via a single screen, and toggle between views.
• Final Cut Pro workflow support offers check-in and check-out of FCP media with project links as well as media and metadata conversion of FCP-to-Avid and Avid-to-FCP projects.
• Interplay Delivery improvement offers a one-step transfer of materials such as subclips and shot lists.
• Interplay Transcode, with new mixdown capability, lets users mixdown full audio and video sequences while transcoding to a specified output format, simplifying processes such as archiving or publishing to mobile, Web, or digital signage formats.

Interplay 2.0 will be available on September 16. Media Composer 4.0, Symphony 4.0, and NewsCutter 8.0 systems will be available on September 30. Media Composer is $295 for educational institutions and students. Beginning September 30, students with academic versions of Media Composer (versions 3.5 through 4.0 purchased on or after March 1, 2009) will qualify for complementary upgrades for four years from the date of activation.

BMC on Monday said it has bought MQSoftware, maker of middleware that helps companies monitor the performance of IBM's WebSphere MQ software, as well as other platforms. Terms were not disclosed.

BMC competes with Novell, CA, IBM and a range of smaller vendors in the market for BSM (business service management) software, which is meant to help companies manage their IT infrastructure effectively and align it in support of business processes.

By purchasing MQSoftware, BMC wants a stronger play in companies that are working on SOA (service-oriented architecture) projects.

WebSphere MQ is a messaging platform that allows various applications and systems to communicate with each other. It thereby plays a key role in SOA implementations, which seek to create composite applications consisting of multiple, sometimes shared sources.

MQSoftware sells products for managing WebSphere MQ implementations and analyzing the flow of transactions through the systems.

The company has more than 1,000 customers, and some 92 percent of large IT organizations are using WebSphere MQ, according to a statement.

While BMC's announcement emphasized MQSoftware's close alignment with WebSphere MQ, the vendor also makes other products, such as for monitoring Tibco's Enterprise Message Service platform, which competes with WebSphere MQ.

.

MQSoftware's Web site indicates its portfolio will be rebranded as BMC Middleware Management.

However, the MQSoftware tools will be offered on BMC's price lists in stand-alone form, and "customers will not be forced to buy more products," a spokeswoman said via e-mail.

"However, BMC also may create solution bundles that combine MQSoftware products and existing BMC products in groupings that address customer IT issues, such as for cross-platform management of middleware," she added.

In a research note published Monday, Gartner analyst Milind Govekar said the deal should benefit customers of both companies.

"Gartner client feedback indicates that customers regard BMC's Mainview and Performance Manager (formerly Patrol) tools as less than strong when it comes to IBM WebSphere suite management," he wrote. Purchasing MQSoftware gives BMC "credible and proven technology to defend and grow its installed base in this area."

Meanwhile, MQSoftware has been trying to increase its revenue and customer count in recent years, but has encountered reluctance from large enterprises who "perceived it as risky to do business with a relatively small company," Govekar added. "When MQSoftware becomes part of BMC ... this should help alleviate some of those fears."

The IT director of a nonprofit organ procurement center for more than 200 hospitals in Texas was sentenced last week to two years in prison for intentionally deleting numerous organ donation records and other data after being fired from her job.

Danielle Duann, 51 was also sentenced to three years of supervised release upon completion of her term and ordered to pay more thanb $94,000 in restitution to her former employer, LifeGift Organ Donation Center. Duann in April had pleaded guilty to one count of unauthorized access to a protected computer.

Court documents filed in connection with the case describe what's becoming an increasingly familiar tale of companies victimized by insiders.

Duann was hired by LifeGift in 2003 and put in charge of overseeing the company's entire IT infrastructure and fired in November 2005 for reasons not specified in court documents. At the time of her termination, Duann was informed in writing that all her access rights had been revoked. The company also took steps to lock all administrator accounts to which Duann was known to have access.

Despite such steps, Duann still managed to access LifeGift's network from her home on the same evening she was fired, via a VPN account that she appears to have previously set up without anyone's knowledge.

Once inside the network, Duann used an administrator account belonging to another LifeGift employee to log into several servers, including the company's organ donor database server and main accounting server, multiple times. Over the next several hours, she then deleted donor records, accounting invoice files, database and software applications, backup files and the software tokens needed to run some applications.

In a bid to cover her tracks, Duann manually deleted all logs of her VPN sessions with the company's network. She also disabled the activity logging functions on the database and accounting servers - making it impossible for LifeGift to identity all of the individual files and applications she deleted, the court documents said.

Duann's sabotage, however, was discovered the next morning by an employee of a network services company that had just been hired by LifeGift to provide backup and disaster recovery services for the non-profit. The employee noticed someone deleting files in real-time from a VPN connection, which he quickly terminated. The VPN connection logs and IP address was later traced back to Duann's home Internet connection. A subsequent search of Duann's home and computer systems by the FBI uncovered more evidence that linked her to the sabotage.

Like countless similar incidents, this one highlights the challenges that companies face when it comes to protecting data and systems from malicious insiders. In this case, the sabotage occurred even though LifeGift appears to have taken most of the measures that security experts recommend when employees leave the company or are fired.

For instance, the company immediately revoked Duann's access privileges after terminating her and disabled all administrator accounts to which she had had previous access. The fact that Duann still managed to access the company's servers just hours later, highlights how difficult it can sometimes be to stop insiders who plan to do harm.

The U.S. White House is determined to follow through on its efforts to make cybersecurity a top priority, despite earlier government efforts that have fallen flat, a top official said Wednesday.

A 60-day review of the nation's cybersecurity stance, completed recently by White House cybersecurity experts, has a list of specific goals, said Christopher Painter, cybersecurity director at the U.S. National Security Council.

"It's not the report, it's where we go after the report," Painter said during a speech at the Gartner Information Security Summit at National Harbor, Maryland. "The action plans ... are concrete steps we can take."

The cybersecurity policy review, unveiled in late May, includes a list of short-term and long-term action plans aimed at improving the cybersecurity of the U.S. government and private Internet users. Among the short-term goals for the U.S. government announced by President Barack Obama: appoint a White House cybersecurity coordinator; develop metrics for measuring improvements in cybersecurity; create a public education campaign; develop a cyberincident response plan.

Painter, who's worked on cybersecurity issues since the early '90s, said Obama's speech May 29 was the first time a national leader has devoted an entire talk to cybersecurity. Obama's emphasis on cybersecurity should demonstrate the seriousness of this effort, Painter said.

But Gary McGraw, CTO at software security and quality consulting firm Cigital, noted that past presidential administrations have also issued cybersecurity reports, and little improvement has come from them.

"We're very good at putting out these reasonable pieces of review," he said. "We're not very good at actualizing those, turning them into action, actually doing something."

Parts of the Obama report look "awfully familiar" to old government reports, including former President George W. Bush's National Strategy to Secure Cyberspace, released in 2003, McGraw said. "The main thing I'd like the government to do is get past talking about talking about cybersecurity," he said. "We've seen a number of reviews, a number of blue-ribbon panels ... around talking about cybersecurity. But we haven't really seen any tangible movement in the government space outside the intelligence community and the [Department of Defense]."

McGraw, speaking by video to the Gartner summit, said he's cautiously optimistic that some of the report's focus on reducing software vulnerabilities and cybersecurity threats will have a positive impact on U.S. cybersecurity. He also applauded Obama's emphasis on privacy and civil liberties.

But he questioned one of the main focuses of the Obama report, that the White House needs a cybersecurity coordinator. The coordinator may have limited access to Obama and little budgetary authority, McGraw said.

"It looks to me like cheerleader role," he said. "We don't really need a cheerleader, although I suppose having a cheerleader is better than having nothing at all."

Painter defended the Obama administration's efforts and suggested that many U.S. companies and residents are "ready for a change" in cybersecurity policies. The report sets out many priorities, but they're all important, he added. "All those [priorities] are fairly ambitious things we need to get done, but we need to get them done now," he said.

Cybercriminals are becoming more organized, international and targeted in their attacks, he added.

Cyberthreats have evolved into "incredibly severe attacks," he said. "We have insiders ... we have nation-state threats, a whole spectrum of threats from a bunch of guys."

Mac clone maker Psystar owes Apple Inc. $75,000, according to recently filed documents in the Florida company's federal bankruptcy case.

Earlier today, Apple spokeswoman Susan Lundgren declined to comment about what the debt represented, but said she would look into the matter. By 4 p.m. ET, she had not contacted Computerworld with more information.

Under "Schedule F - Creditors Holding Unsecured Nonpriority Claims," Psystar listed Apple Inc. and said it owed the California computer maker $75,000. The only other information on the form was the phrase "Litigation Pending" in the section where Psystar was to provide "consideration for claim."

The contact name listed for Apple in the document was Paul Singerman, a Miami attorney and the co-CEO of Berger Singermman, a law firm that specializes in bankruptcy proceedings. Singerman's office confirmed that he was representing Apple in the Psystar bankruptcy case.

It's unclear what comprises the $75,000 Psystar owes Apple. Last January, the Mac clone maker, which is being sued by Apple because it installs Mac OS X on generic Intel-powered computers, said it bought copies of the operating system from Apple itself.

"Psystar distributes computers with legitimately purchased copies of Mac OS loaded thereon," the company said in the January 2009 filing. "Many of those copies [were] directly obtained from Apple."

It's possible that all or part of the $75,000 represents Mac OS X orders Psystar placed with Apple. At the list retail price of $129 per license, the $75,000 translates into 581 copies of Leopard.

Psystar filed for Chapter 11 protection May 21, and claims over $334,000 in debts to several creditors other than Apple, including its own law firm, Carr & Ferrell, and several shipping companies and component suppliers.

When he was a senator, President Barack Obama pitched the idea of of what was widely called a " Google-enabled government" to illustrate his interest in making public data easily searchable and accessible. But the White House's reported plan to appoint another Google executive to a top tech advisory post is, for some, carrying the idea too far.

Andrew McLaughlin, Google's director of global public policy, is expected to be appointed U.S. deputy chief technology officer, reporting to href="http://www.computerworld.com/action/article.do?command=printArticleBasic&taxonomyName=IT+in+Government&articleId=9131827&taxonomyId=69">federal CTO Aneesh Chopra. Both are new White House positions.

Two groups, the Center for Digital Democracy and Consumer Watchdog, yesterday urged Obamanot to appoint McLaughlin to the post. In a letter signed by Jeffrey Chester, executive director of the Center for Digital Democracy and and John Simpson, consumer advoicate at Consumer Watchdog, the groups said that McLaughlin "has been a lobbyist for the biggest digital marketing company in the world, and we believe no special-interest connected person should assume a position of vital importance to the country's future."

It's the same argument they would have made had Obama appointed someone from Microsoft or Yahoo to a similar position, according to the letter.

The consumer groups also cited earlier appointments of Google executives and managers to help make the case that Google's White House reach is too deep. Google's CEO, Eric Schmidt, who advised the Obama transition team, was recently appointed to the President's Council of Advisors on Science and Technology. Other Google employees now working for the White House include Katie Stanton, a former Google project manager who now leads citizen participation efforts, and Sonal Shah, former head of development at Google.org, the company's philanthropic arm, who directs a new White House Office of Social Innovation.

While the appointments are obvious points of intersection between Google and the new administration, the concern raised about Google's influence is much deeper.

For example, Google's settlement of a lawsuit filed against it by major authors and publishers is getting scrutiny from the Department of Justice, and the Federal Trade Commission is probing the company's hiring practices and links to Apple.

"There are an increasing number of emerging issues that will likely pit the commercial interests of Google against the rights of American citizens, including protecting our privacy and consumer rights online," the two groups wrote.