Microsoft Certified Professional MCITP Certification refers to all individuals who have completed a Professional certification by Microsoft. The program itself is designed for employment of office environment, scientific computing and desktop/professional technicians in both repair shop and corporate engineering workshop environment. Likewise to Apple, Cisco, Oracle, Red Hat, Sun, Ubuntu programs, these certifications mainly focus on their respective product, as opposed to employment aptitude tests designed for programmer trainee jobs. These branches of technical series with the MC (Microsoft Certified) prefix include IT Professional (MCITP), architect (MCA), Professional Developer (MCPD), Technology Specialist (MCTS), Systems Administrator (MCSA), Systems Engineer (MCSE), Solution Developer (MCSD) and Database Administrator (MCDBA).
Each exam costs approximately $125 USD. Exams usually take between 2 and 3 hours to complete and consist of between 40 and 90 multiple choice, drag and drop, solution building questions and simulated content within exams where students are required to perform certain common administrative tasks appropriate for the topic at hand.
MCSE stands for "Microsoft Certified Systems Engineer". It is the most widely known Microsoft certification and it is available for Windows 2000 and Windows server 2003. Each has a different set of examinations. MCSE qualified persons have the ability to provide business solutions by designing and implementing the required infrastructure.MCTS: Windows 7, Configuration is useful for technical support & systems engineers, technical consultants, network and systems analysts and also for regular software engineers.
There are many ways of obtaining MCSE training, including training at local training center. MCSE training can also be done at home by CD-ROMS or through books. The courses usually have extensive content and basic tutorials can guide you to pass the examination if you have a basic knowledge of Microsoft systems.
There are lots of benefits of free practice tests like industry recognition, access to technical and product information directly from Microsoft, discounts on products and services, Microsoft paraphernalia like MCSE logo, certificate, transcript etc. However the immediate and most important benefit is the increase in market value of the person and boost in career for software professionals.
Read the views of online Certification Experts, which provide the real questions and correct answer and explanation for the students / professionals who are seeking or enhancing their level of expertise. more at certkingdom.com
May 31, 2011
May 30, 2011
Worst hackers ever?
We always hear about the big data breaches, the most devastating viruses, and the most denying of the denial-of-service attacks. But for every hacker with that level of deviousness, there are a thousand wannabes out there. Some get ridiculed, some get arrested.
Here are a few favorites, as reported by the Internet:
1. “Virus” targets Whac-A-Mole
There are so many things wrong with this headline. The first and most glaring is that it wasn’t a “virus” at all, though I have no doubt that’s what the police told the Orlando Sentinel. They allege that a programmer wrote code in the Whac-A-Mole software “to make them shut down after a pre-determined number of plays” so that he could charge the company to fix it. It’s not a virus, which would have the ability to travel from machine to machine; it’s just… well, sabotage.
And secondly… Whac-A-Mole? Really?
2. YouN00b
Jesse William McGraw was a security guard at a Dallas hospital. One night in 2009, he decided to install some botnet code on a nurse’s station computer. The thing is, he filmed the whole thing, with himself as the star, and pretended to break into the hospital. He then posted the video on YouTube. Surprisingly, the FBI has access to YouTube. Long story short, last year he pled guilty to charges that he broke into his employer’s computers.
3. ALL MY BASE ARE BELONG TO ME
This text [warning: foul language] has been kicking around on the Web for years, supposedly the result of an exchange on Internet Relay Chat, or IRC. In it, a blustering hacker wannabe threatens to take down a rival’s machine using unidentified hacker software: “i have a program where i enter your ip and you're dead.”
He then asks for the rival’s IP address, and is told that it’s “127.0.0.1.” The hacker gleefully describes how he is now wiping out each of the victim’s hard drives, one by one:
“you idiout your hard drive g: is deleted... and d: is at 45% you idiot lolololol… you're so stupid never give your ip on the internet”
And of course, he didn’t. The IP address 127.0.0.1 is the loopback address, the one pointing right back at yourself. A moment later the hacker disappeared off the IRC.
4. World of Whoopscraft
Steps to success:
1. Break into World of Warcraft user account
2. Use stolen credit card to set up recurring payments
3. Enjoy hours and hours of play on someone else’s dime
4. Realize that there should have been a step 1a, where you change the password on the account
5. Studying them… for science
If you drink most (but not all) of a Coke and leave the bottle out on a picnic table in late summer, chances are that after a while you’ll find a yellow jacket or two inside it, attracted by the Coke syrup but unable to navigate out of the bottle.
Information security has an equivalent called a “honeypot,” which is basically a system set up to attract would-be hackers and make them waste their time trying to hack something that has no value and no way out.
Normally, you would just screw the cap on top of the bottle and throw it in the recycling bin, but sometimes security folks get a kick out of watching the clueless hackers bounce around in there and make sport out of trying to figure out what it is the hackers are attempting and why. Heck, why not even set it to music and post it on YouTube?
6. Worst hacker ever
As a bonus, this amusing image (purportedly from Facebook) has been making the rounds, and it’s good for a chuckle.
Here are a few favorites, as reported by the Internet:
1. “Virus” targets Whac-A-Mole
There are so many things wrong with this headline. The first and most glaring is that it wasn’t a “virus” at all, though I have no doubt that’s what the police told the Orlando Sentinel. They allege that a programmer wrote code in the Whac-A-Mole software “to make them shut down after a pre-determined number of plays” so that he could charge the company to fix it. It’s not a virus, which would have the ability to travel from machine to machine; it’s just… well, sabotage.
And secondly… Whac-A-Mole? Really?
2. YouN00b
Jesse William McGraw was a security guard at a Dallas hospital. One night in 2009, he decided to install some botnet code on a nurse’s station computer. The thing is, he filmed the whole thing, with himself as the star, and pretended to break into the hospital. He then posted the video on YouTube. Surprisingly, the FBI has access to YouTube. Long story short, last year he pled guilty to charges that he broke into his employer’s computers.
3. ALL MY BASE ARE BELONG TO ME
This text [warning: foul language] has been kicking around on the Web for years, supposedly the result of an exchange on Internet Relay Chat, or IRC. In it, a blustering hacker wannabe threatens to take down a rival’s machine using unidentified hacker software: “i have a program where i enter your ip and you're dead.”
He then asks for the rival’s IP address, and is told that it’s “127.0.0.1.” The hacker gleefully describes how he is now wiping out each of the victim’s hard drives, one by one:
“you idiout your hard drive g: is deleted... and d: is at 45% you idiot lolololol… you're so stupid never give your ip on the internet”
And of course, he didn’t. The IP address 127.0.0.1 is the loopback address, the one pointing right back at yourself. A moment later the hacker disappeared off the IRC.
4. World of Whoopscraft
Steps to success:
1. Break into World of Warcraft user account
2. Use stolen credit card to set up recurring payments
3. Enjoy hours and hours of play on someone else’s dime
4. Realize that there should have been a step 1a, where you change the password on the account
5. Studying them… for science
If you drink most (but not all) of a Coke and leave the bottle out on a picnic table in late summer, chances are that after a while you’ll find a yellow jacket or two inside it, attracted by the Coke syrup but unable to navigate out of the bottle.
Information security has an equivalent called a “honeypot,” which is basically a system set up to attract would-be hackers and make them waste their time trying to hack something that has no value and no way out.
Normally, you would just screw the cap on top of the bottle and throw it in the recycling bin, but sometimes security folks get a kick out of watching the clueless hackers bounce around in there and make sport out of trying to figure out what it is the hackers are attempting and why. Heck, why not even set it to music and post it on YouTube?
6. Worst hacker ever
As a bonus, this amusing image (purportedly from Facebook) has been making the rounds, and it’s good for a chuckle.
May 29, 2011
Microsoft seen not to blame for Skype rejecting open source company
Golvin says it is conceivable that Microsoft might avoid new partnerships with companies whose products compete directly against Microsoft.
But Elliot says he thinks Microsoft is likely to expand the number of platforms Skype works on. "They would like to have as many companies interact with Skype as possible," Elliot says.
A problem might arise, though, if Microsoft competitors decide to back out of current integrations with Skype because of their rivalries with Microsoft, he says.
Companies like Cisco and Avaya make SIP trunks that are compatible with Skype, but "if the Skype-compatible trunks become something that is competitively advantageous for Microsoft, they might be a little less enthusiastic," Elliot says.
Still, Elliot says Cisco and Avaya are more likely than not to preserve Skype integration.
Microsoft, of course, will do its best to integrate Skype functionality into products like Office and Lync, its unified communications platform, which competes against Cisco and Avaya.
Although Skype has primarily been a consumer brand, Elliot says he expects "that Skype will offer a premium, business-oriented service that includes the rich presence, various federation and security services, the kinds of things that enterprises want."
Keeping Skype open to competitors would not harm Lync -- it would make it easier for Lync customers to communicate with non-Lync users, Elliot says.
Skype is expected to become a Microsoft division, led by Skype CEO Tony Bates, as opposed to being swallowed up into another product division.
In a short analysis published May 12, Gartner analysts wrote that "Skype's independent position, which Gartner expects it to maintain for at least three to four years, will allow it to continue relationships with Microsoft competitors Avaya and Cisco, as well as other mobile platform vendors." (See also: "Microsoft's top 12 rivals")
But Elliot says he thinks Microsoft is likely to expand the number of platforms Skype works on. "They would like to have as many companies interact with Skype as possible," Elliot says.
A problem might arise, though, if Microsoft competitors decide to back out of current integrations with Skype because of their rivalries with Microsoft, he says.
Companies like Cisco and Avaya make SIP trunks that are compatible with Skype, but "if the Skype-compatible trunks become something that is competitively advantageous for Microsoft, they might be a little less enthusiastic," Elliot says.
Still, Elliot says Cisco and Avaya are more likely than not to preserve Skype integration.
Microsoft, of course, will do its best to integrate Skype functionality into products like Office and Lync, its unified communications platform, which competes against Cisco and Avaya.
Although Skype has primarily been a consumer brand, Elliot says he expects "that Skype will offer a premium, business-oriented service that includes the rich presence, various federation and security services, the kinds of things that enterprises want."
Keeping Skype open to competitors would not harm Lync -- it would make it easier for Lync customers to communicate with non-Lync users, Elliot says.
Skype is expected to become a Microsoft division, led by Skype CEO Tony Bates, as opposed to being swallowed up into another product division.
In a short analysis published May 12, Gartner analysts wrote that "Skype's independent position, which Gartner expects it to maintain for at least three to four years, will allow it to continue relationships with Microsoft competitors Avaya and Cisco, as well as other mobile platform vendors." (See also: "Microsoft's top 12 rivals")
15 High-Tech Cooking Tools for BBQ Season
Barbecue season is nigh! We want to help you tech-lovers prepare for your most impressive, champion-league, "winningest" (thanks, Charlie Sheen) cookout ever. You've already got your stainless steel natural gas outdoor grill with dual burners, as well as far too many useless kitschy tools—corn holders, shrimp deveiners, avocado slicers—probably received as gifts, through gritted teeth, from some over-priced mod kitchen store. Forget this stuff. It's all old hat. You need to break out something wild!
The list kicks off with a group of tools that you can find in most hardware stores, some of which seem like they belong in the garage rather than the kitchen. From there, we'll move onto chemicals—not exactly "tech," but they fit right in with a scientifically equipped kitchen. We'll also explore some affordable plug-in appliances, some of which have unusual culinary applications. Finally, a few drool-inducing pro tools are too expensive for most people to own, but may inspire your culinary experimentation nonetheless.
In putting together this article, I spoke with several professional chefs and food experts who are on the bleeding edge of molecular gastronomy. Many thanks go out to James Beard Award-nominee Chef Francisco Migoya of the Culinary Institute of America, Chef Michael Cirino, Alex Talbot of Ideas in Food, and Volcano Vaporizer distributor Adam Schoenfeld. They all contributed a significant amount of time and insight in putting together this list of 20 extraordinary tools that will not only wow your guests but also help you make one hell of a meal.
So cooks, get ready. Most of these tools are not for the faint of heart. But if you're prepared to order your first tank of liquid nitrogen, steel yourself for these 15 incredible and high-tech kitchen gadgets and tools, with tips on how to use them and what to make.
The list kicks off with a group of tools that you can find in most hardware stores, some of which seem like they belong in the garage rather than the kitchen. From there, we'll move onto chemicals—not exactly "tech," but they fit right in with a scientifically equipped kitchen. We'll also explore some affordable plug-in appliances, some of which have unusual culinary applications. Finally, a few drool-inducing pro tools are too expensive for most people to own, but may inspire your culinary experimentation nonetheless.
In putting together this article, I spoke with several professional chefs and food experts who are on the bleeding edge of molecular gastronomy. Many thanks go out to James Beard Award-nominee Chef Francisco Migoya of the Culinary Institute of America, Chef Michael Cirino, Alex Talbot of Ideas in Food, and Volcano Vaporizer distributor Adam Schoenfeld. They all contributed a significant amount of time and insight in putting together this list of 20 extraordinary tools that will not only wow your guests but also help you make one hell of a meal.
So cooks, get ready. Most of these tools are not for the faint of heart. But if you're prepared to order your first tank of liquid nitrogen, steel yourself for these 15 incredible and high-tech kitchen gadgets and tools, with tips on how to use them and what to make.
May 27, 2011
AT&T's $1 Billion Cloud Bet Shows Carriers Clamoring For Cloud
AT&T (NYSE:T) has pledged to invest $1 billion in cloud services and mobility, among other things, this year as more traditional telcos and carriers show they're serious about cloud computing.
AT&T recently said it is focusing its plans to deploy global network-based cloud, mobility and networking sourcing solutions to companies of various sizes across multiple industries. The Dallas-based mega-carrier said the nearly $1 billion investment this year will focus on deploying next generation services like mobile applications, as-a-service cloud-based solutions and network sourcing.
"We continue to invest significantly in cloud-based, mobility and network sourcing solutions because customers are increasingly recognizing that transformative services like these increase productivity, improve operational effectiveness and lower costs," said John Stankey, president and CEO of AT&T Business Solutions, in a statement.
AT&T said the proliferation of high-speed wired and wireless networks, along with the massive influx of mobile devices and applications has made a cloud and mobile strategy an important component of the carrier's roadmap.
Along with pushing money into enterprise mobility apps and cloud and as-a-service upgrades, AT&T said it will also roll out platforms, systems and capabilities that enable automation, and enhance and simplify how business customers receive support.
The investment will be targeted at companies, government agencies and institutions in various industries like manufacturing, retail, hospitality, healthcare and automotive.
AT&T has already started investing in cloud-based and emerging services. So far this year the carrier has embedded cloud capabilities directly into its network so the company can manage and deliver services and applications to any device. The cloud services also give customers flexibility and shared economics in their compute and storage needs, the company said.
Another key area of investment, mobility solutions and connected devices, is also already receiving the fruits of AT&T's $1 billion bet. The company said that in the first quarter of 2011 it added 1.6 million emerging devices like tablets, netbooks and laptops pushing its total number of emerging devices connected to its network to 12 million. Additionally, AT&T has seen the use of mobile applications triple since 2009.
Other major investment areas include global enterprise networking, small business services and services for the healthcare industry.
AT&T's $1 billion blockbuster comes as carriers, cable companies and traditional telecoms look to corner the cloud computing market through strategic investments and acquisitions.
Last year, Verizon said a large portion of its roughly $17 billion growth investment would be flagged for cloud computing endeavors as the company spends to build, operate and integrate its networking and computing platforms. And earlier this year, Verizon bought cloud computing provider Terremark for a whopping $1.4 billion.
In the weeks that followed Verizon (NYSE:VZ)'s Terremark acquisition, Time Warner Cable said it would purchase cloud hosting provider NaviSite for $220 million.
Then, in April, CenturyLink Inc. revealed plans to acquire cloud provider and hosting operator Savvis Inc. for a $2.5 billion cash and stock purse. As part of the deal, CenturyLink also agreed assume or refinance Savvis' $700 million in debt, pushing the total deal to $3.2 billion.
AT&T is also no stranger to big time investment. While it is putting $1 billion toward cloud and mobility efforts, AT&T also revealed plans to acquire wireless rival T-Mobile for a whopping $39 billion.
AT&T recently said it is focusing its plans to deploy global network-based cloud, mobility and networking sourcing solutions to companies of various sizes across multiple industries. The Dallas-based mega-carrier said the nearly $1 billion investment this year will focus on deploying next generation services like mobile applications, as-a-service cloud-based solutions and network sourcing.
"We continue to invest significantly in cloud-based, mobility and network sourcing solutions because customers are increasingly recognizing that transformative services like these increase productivity, improve operational effectiveness and lower costs," said John Stankey, president and CEO of AT&T Business Solutions, in a statement.
AT&T said the proliferation of high-speed wired and wireless networks, along with the massive influx of mobile devices and applications has made a cloud and mobile strategy an important component of the carrier's roadmap.
Along with pushing money into enterprise mobility apps and cloud and as-a-service upgrades, AT&T said it will also roll out platforms, systems and capabilities that enable automation, and enhance and simplify how business customers receive support.
The investment will be targeted at companies, government agencies and institutions in various industries like manufacturing, retail, hospitality, healthcare and automotive.
AT&T has already started investing in cloud-based and emerging services. So far this year the carrier has embedded cloud capabilities directly into its network so the company can manage and deliver services and applications to any device. The cloud services also give customers flexibility and shared economics in their compute and storage needs, the company said.
Another key area of investment, mobility solutions and connected devices, is also already receiving the fruits of AT&T's $1 billion bet. The company said that in the first quarter of 2011 it added 1.6 million emerging devices like tablets, netbooks and laptops pushing its total number of emerging devices connected to its network to 12 million. Additionally, AT&T has seen the use of mobile applications triple since 2009.
Other major investment areas include global enterprise networking, small business services and services for the healthcare industry.
AT&T's $1 billion blockbuster comes as carriers, cable companies and traditional telecoms look to corner the cloud computing market through strategic investments and acquisitions.
Last year, Verizon said a large portion of its roughly $17 billion growth investment would be flagged for cloud computing endeavors as the company spends to build, operate and integrate its networking and computing platforms. And earlier this year, Verizon bought cloud computing provider Terremark for a whopping $1.4 billion.
In the weeks that followed Verizon (NYSE:VZ)'s Terremark acquisition, Time Warner Cable said it would purchase cloud hosting provider NaviSite for $220 million.
Then, in April, CenturyLink Inc. revealed plans to acquire cloud provider and hosting operator Savvis Inc. for a $2.5 billion cash and stock purse. As part of the deal, CenturyLink also agreed assume or refinance Savvis' $700 million in debt, pushing the total deal to $3.2 billion.
AT&T is also no stranger to big time investment. While it is putting $1 billion toward cloud and mobility efforts, AT&T also revealed plans to acquire wireless rival T-Mobile for a whopping $39 billion.
May 26, 2011
5 questions to ask before buying Microsoft licenses
Also, you don't have to make the upgrade during the three years of your Software Assurance contract. "For example, if you have a Desktop Platform EA ending in 2011 you will have rights to Windows 7, Office 2010, and CALs [Client Access Licenses] for Windows Server 2008 R2 even if you don't renew it. You can upgrade at any time in the future," Forrester notes.
Corporations often take several years to consider, plan and implement a companywide software upgrade, so the ability to upgrade after SA coverage expires is important.
"Few companies upgrade every three years as Microsoft releases new versions, but an EA removes one obstacle: the challenge of securing budget to buy a complete set of new licenses," Forrester notes.
3. How does your company budget for and fund IT investment?
The process of securing approval for a major software upgrade can vary depending on whether a company handles all technology budgeting centrally, or spreads the decision-making process across many autonomous business units.
"Financially empowered group sourcing executives" can make decisions without worrying about politics, but companies without a centralized purchasing system may struggle to bring disparate business units to agreement on budgeting.
"One public sector procurement director told Forrester, "'I'll never be able to persuade the departments to put SA back in their budgets if I ever let them take it out,'" the analyst report states.
4. How much are favorable licensing rules worth to you?
Microsoft periodically adds benefits to Software Assurance (or, restricts benefits to Software Assurance, you might say) to convince customers to upgrade.
The questions is, are you willing to pay a premium for what Microsoft offers? Besides upgrade rights, Software Assurance provides access to Windows 7 Enterprise edition, the right to extend licenses to virtual desktops and application streaming instances, and enhanced ability to deploy a standard desktop image across a company's user base.
Unfortunately, the rules regarding virtual desktop licensing are unclear, so customers need to do some legwork to get the right information, Forrester says.
While an Enterprise Agreement might "be the cheapest way to support large VDI or streamed environments, ... there is a major potential gotcha, which is that employee-owned devices that employees use regularly for business purposes might count as qualifying desktops," Forrester writes. "Microsoft might insist that you include, for example, the home PC of someone who frequently uses it to work from home. Unfortunately some Forrester clients have received erroneous advice on this point from Microsoft reps and LARs [large account resellers], so you need to be careful."
One possible solution: Don't buy the Enterprise Agreement, and get Software Assurance only for PCs whose primary users need access to virtual desktops.
5. Do other Software Assurance benefits sway a close decision?
If your decision is still unclear after weighing the previous four questions, there may be some less well-known Software Assurance services that might make the extra cost worth it.
Corporations often take several years to consider, plan and implement a companywide software upgrade, so the ability to upgrade after SA coverage expires is important.
"Few companies upgrade every three years as Microsoft releases new versions, but an EA removes one obstacle: the challenge of securing budget to buy a complete set of new licenses," Forrester notes.
3. How does your company budget for and fund IT investment?
The process of securing approval for a major software upgrade can vary depending on whether a company handles all technology budgeting centrally, or spreads the decision-making process across many autonomous business units.
"Financially empowered group sourcing executives" can make decisions without worrying about politics, but companies without a centralized purchasing system may struggle to bring disparate business units to agreement on budgeting.
"One public sector procurement director told Forrester, "'I'll never be able to persuade the departments to put SA back in their budgets if I ever let them take it out,'" the analyst report states.
4. How much are favorable licensing rules worth to you?
Microsoft periodically adds benefits to Software Assurance (or, restricts benefits to Software Assurance, you might say) to convince customers to upgrade.
The questions is, are you willing to pay a premium for what Microsoft offers? Besides upgrade rights, Software Assurance provides access to Windows 7 Enterprise edition, the right to extend licenses to virtual desktops and application streaming instances, and enhanced ability to deploy a standard desktop image across a company's user base.
Unfortunately, the rules regarding virtual desktop licensing are unclear, so customers need to do some legwork to get the right information, Forrester says.
While an Enterprise Agreement might "be the cheapest way to support large VDI or streamed environments, ... there is a major potential gotcha, which is that employee-owned devices that employees use regularly for business purposes might count as qualifying desktops," Forrester writes. "Microsoft might insist that you include, for example, the home PC of someone who frequently uses it to work from home. Unfortunately some Forrester clients have received erroneous advice on this point from Microsoft reps and LARs [large account resellers], so you need to be careful."
One possible solution: Don't buy the Enterprise Agreement, and get Software Assurance only for PCs whose primary users need access to virtual desktops.
5. Do other Software Assurance benefits sway a close decision?
If your decision is still unclear after weighing the previous four questions, there may be some less well-known Software Assurance services that might make the extra cost worth it.
May 25, 2011
Microsoft releases Silverlight 5 Beta
On a busy day for Microsoft, the company has launched a public Beta version of Silverlight 5, its updated web app creation tool.
Silverlight 5, which operates as a browser plug-in to offer video, apps, tools and games in much the same way that Adobe Flash does, boasts a host of new features for developers to sink their teeth into.
Microsoft says it "adds significant new features and capabilities, and enables developers to create premium media experiences and deliver rich applications across browsers, desktops and devices".
Among over 40 new features, there'll be support for 64-bit operating systems, 3D graphics support, improved text clarity and out-of-browser functionality.
Media improvements
There's also a host of improvements to the media playing capabilities (anyone who has used Sky Player has used the Silverlight plug-in). Users will no be able to use remote controls and screensavers won't kick in when you're watching video.
You'll also be able to alter the pace of video content, speeding up or slowing down, while improvements in video decoding mean that even your humble netbook will be able to handle full 1080p video.
On Tuesday, chip designer Nvidia announced a new Silverlight-based plug-in that will allow 3D video streaming on websites.
There's also a huge array of jargon-heavy improvements for developers to help them create better applications, explained here by Microsoft's Silverlight guru Scott Guthrie.
Is this enough for Silverlight to best HTML 5 as the future web standard? We'll have to wait and see what developers come up with with this new Beta in the coming weeks and months.
Silverlight 5, which operates as a browser plug-in to offer video, apps, tools and games in much the same way that Adobe Flash does, boasts a host of new features for developers to sink their teeth into.
Microsoft says it "adds significant new features and capabilities, and enables developers to create premium media experiences and deliver rich applications across browsers, desktops and devices".
Among over 40 new features, there'll be support for 64-bit operating systems, 3D graphics support, improved text clarity and out-of-browser functionality.
Media improvements
There's also a host of improvements to the media playing capabilities (anyone who has used Sky Player has used the Silverlight plug-in). Users will no be able to use remote controls and screensavers won't kick in when you're watching video.
You'll also be able to alter the pace of video content, speeding up or slowing down, while improvements in video decoding mean that even your humble netbook will be able to handle full 1080p video.
On Tuesday, chip designer Nvidia announced a new Silverlight-based plug-in that will allow 3D video streaming on websites.
There's also a huge array of jargon-heavy improvements for developers to help them create better applications, explained here by Microsoft's Silverlight guru Scott Guthrie.
Is this enough for Silverlight to best HTML 5 as the future web standard? We'll have to wait and see what developers come up with with this new Beta in the coming weeks and months.
May 24, 2011
I’m now a MCITP: Enterprise Desktop Support Technician 7
Being a bit of a fan of exams (!) on Friday went to a lovely little training centre in Wokingham and sat a couple of hours worth of exams, 070-680 and 070-685. Thankfully I passed both and I can now report back on them, just like I did with the MTA exams. The first thing to say is that these were, just as you’d expect, much harder than the MTA exams requiring both depth and breadth of knowledge of Windows 7 and how to deploy, manage and troubleshoot it. Why are they worth it? How did I study? What’s next?
Microsoft Certifications are available for most Microsoft technologies and all skill levels
When I started my IT career just over 10 years ago I met a bunch of guys who had their NT4 MCSE and I also had a boss who knew his onions, the guys he hired with MCSEs knew their onions too, they didn’t just have the bit of paper. They formed my view of why it’s important to be well trained and why it’s worth getting the cert. What I learnt was that studying Microsoft’s products according to the official curriculum helps you flesh out all the facets and features of a product that you might not necessarily see in your day to day life. Overall the biggest thing that certifications do is make sure you cover all the bases and widen your knowledge.
Some people expect that when they get a certification they should suddenly earn more money. Wrong. Some people expect that when you get a certification you should suddenly get a promotion. Wrong. It’s about how you apply the skills you’ve learnt to your business and add value, not about a bit of paper. There’s one place that certs matter and that’s when you’re getting hired as a contract employee. In my experience certifications get you past the junior recruitment consultants who vet CVs. When you’re passed there you are back to how you’ve applied your skills again.
So why are they worth it? Studying for a cert improves your knowledge and that improves the skills that you apply to your day to day life as an IT Professional. I think of extra skills as extra tools in the kit bag, making me more capable in more situations.
Over the years I’ve developed a pretty good understanding of how I learn, every IT Pro probably has. The way I do it is to grab a nice thick study guide, in this case I used MCTS Self-Paced Training Kit (Exam 70-680): Configuring Microsoft Windows 7 by Ian McLean and Orin Thomas (review here tomorrow) and I grabbed it in eBook format from Safari Books Online downloaded it to my Kindle and took it away with me to Tenerife over Christmas. There I proceeded to read it all, including all the bits I thought I knew. As always in those sections I picked up new nuggets of knowledge that I’d never picked up before. When I got back to the UK I sat down a couple of days before the exam and did all the exercises that I don’t do all the time…I use MDT quite a lot so I skipped those. Finally I read all the chapter summaries over again in one sitting. Essentially I was packing my brain with focused information about what I needed at a particular time.
I could not have done the exam with just that information.
If I hadn’t had experience to apply to the scenario questions in the exams there is no way I’d have made it. In fact I didn’t think I had made it on either exam until I got the results. The current crop of exams are really taxing. They aren’t as taxing as the Windows NT to Windows 2000 upgrade exam but they really aren’t easy.
For me certifications are also a matter of professional pride and I don’t under estimate what that professional pride will drive me to. I used to work in a team (of contractors) where certification was a competitive sport and that’s still with me.
So what’s next? I’ll be doing Exam 70-686 next but I’m currently proofing some books and reading previews of others so it’ll probably be a few months.
Microsoft Certifications are available for most Microsoft technologies and all skill levels
When I started my IT career just over 10 years ago I met a bunch of guys who had their NT4 MCSE and I also had a boss who knew his onions, the guys he hired with MCSEs knew their onions too, they didn’t just have the bit of paper. They formed my view of why it’s important to be well trained and why it’s worth getting the cert. What I learnt was that studying Microsoft’s products according to the official curriculum helps you flesh out all the facets and features of a product that you might not necessarily see in your day to day life. Overall the biggest thing that certifications do is make sure you cover all the bases and widen your knowledge.
Some people expect that when they get a certification they should suddenly earn more money. Wrong. Some people expect that when you get a certification you should suddenly get a promotion. Wrong. It’s about how you apply the skills you’ve learnt to your business and add value, not about a bit of paper. There’s one place that certs matter and that’s when you’re getting hired as a contract employee. In my experience certifications get you past the junior recruitment consultants who vet CVs. When you’re passed there you are back to how you’ve applied your skills again.
So why are they worth it? Studying for a cert improves your knowledge and that improves the skills that you apply to your day to day life as an IT Professional. I think of extra skills as extra tools in the kit bag, making me more capable in more situations.
Over the years I’ve developed a pretty good understanding of how I learn, every IT Pro probably has. The way I do it is to grab a nice thick study guide, in this case I used MCTS Self-Paced Training Kit (Exam 70-680): Configuring Microsoft Windows 7 by Ian McLean and Orin Thomas (review here tomorrow) and I grabbed it in eBook format from Safari Books Online downloaded it to my Kindle and took it away with me to Tenerife over Christmas. There I proceeded to read it all, including all the bits I thought I knew. As always in those sections I picked up new nuggets of knowledge that I’d never picked up before. When I got back to the UK I sat down a couple of days before the exam and did all the exercises that I don’t do all the time…I use MDT quite a lot so I skipped those. Finally I read all the chapter summaries over again in one sitting. Essentially I was packing my brain with focused information about what I needed at a particular time.
I could not have done the exam with just that information.
If I hadn’t had experience to apply to the scenario questions in the exams there is no way I’d have made it. In fact I didn’t think I had made it on either exam until I got the results. The current crop of exams are really taxing. They aren’t as taxing as the Windows NT to Windows 2000 upgrade exam but they really aren’t easy.
For me certifications are also a matter of professional pride and I don’t under estimate what that professional pride will drive me to. I used to work in a team (of contractors) where certification was a competitive sport and that’s still with me.
So what’s next? I’ll be doing Exam 70-686 next but I’m currently proofing some books and reading previews of others so it’ll probably be a few months.
May 23, 2011
LCD Module With Graphic Display
LCD module designed to be simple advanced project as easy as LCD driver integrated display unit. 3.5 "LCD display module, the RS232 can be used for lithography inverted RS232 serial port, SPI or IIC mode, the interface allows the user to select the final control. Controller can be from a single board, special purpose micro-controller or PC Machine different applications, anything. 3.5 "LCD module provides a simple command structure, so that numbers and words is a vertical bar graph display on the screen. Text fonts are built-in, and use standard ASCII mapping. 8 user defined characters may be generated. Low-light situations the screen backlight. Backlight can be turned on or off under program control. Contrast adjustment to compensate for different lighting conditions and viewing angle. In order to achieve higher liquid crystal display module in two different levels of command and control protocol can choose to use the software or hardware constraints. Display screen users can set the power and onboard EEPROM memory.
LCD module is designed as a small, easy to use and 525 connected to the UART or serial LCD display technology equipment. This will 2400-115200 Potter and the TTL and RS232 level signals of the speed - not MAX232 required! As a result of ultra-thin chips of glass' (COG) technology, which is to provide a transparent thermal cover, can be used for a variety of different ways, for example: installed in the cabinet, held hands, or even stay in the surface and the double- sided / Velcro ® tape. Set up is simple, there are no DIP switches or jumper connection configuration and the display module the wrong way, will not hurt it, which means that it is for educational and experimental applications of the ideal choice. It will also supply different operating between 3.5 and 20 volts it is to adapt.
A TFT-LCD module is characterized by its 'GraphSmart' automatic bar facilities, so that the data graphic LCD module is very easy. No need for a complex program on your micro-controller - it can do only two bytes of data - the graphics and to show the percentage of length.
Incredible size!
Picture on the right shows how thin synlink compared to liquid crystal display module is a typical LCD module. Use of glass on the chip, surface mount components and PCB's synlink 0.8mm thin module takes almost no room for your product or project! As one of only 6 mm, maximum thickness synlink least common multiple is the thinnest in the market of its product range.
Easy to install!
The synlink least common multiple is incredibly easy to set up - no jumpers, missing or microcontroller in the special program. The module can be set in a small part of the four time using the touch buttons - each side of the screen two. These buttons can be used not only to set the screen, but they can also be programmed to send user-defined characters back to the host device.
Continue!
LCD module is so thin, you can use Velcro or double-sided sticky tape. This means that you can you never be able to fit their place, and then displayed. If you decide to use the four touch buttons, you can use a completely separate terminal control host device.
Measurement of liquid crystal display module has a radio control servo signal specific model - unlike any other product on the market - will also measure the pulse width and frequency. This means that the receivers, gyroscopes and other R / C equipment can be checked and matched to the corresponding servo. TextStar the same time and with the standard 1520us 760us signal compatible with the pulse repetition rate up to 1kHz. Learn more about using the least common multiple radio control Click here for more!
LCD module is designed as a small, easy to use and 525 connected to the UART or serial LCD display technology equipment. This will 2400-115200 Potter and the TTL and RS232 level signals of the speed - not MAX232 required! As a result of ultra-thin chips of glass' (COG) technology, which is to provide a transparent thermal cover, can be used for a variety of different ways, for example: installed in the cabinet, held hands, or even stay in the surface and the double- sided / Velcro ® tape. Set up is simple, there are no DIP switches or jumper connection configuration and the display module the wrong way, will not hurt it, which means that it is for educational and experimental applications of the ideal choice. It will also supply different operating between 3.5 and 20 volts it is to adapt.
A TFT-LCD module is characterized by its 'GraphSmart' automatic bar facilities, so that the data graphic LCD module is very easy. No need for a complex program on your micro-controller - it can do only two bytes of data - the graphics and to show the percentage of length.
Incredible size!
Picture on the right shows how thin synlink compared to liquid crystal display module is a typical LCD module. Use of glass on the chip, surface mount components and PCB's synlink 0.8mm thin module takes almost no room for your product or project! As one of only 6 mm, maximum thickness synlink least common multiple is the thinnest in the market of its product range.
Easy to install!
The synlink least common multiple is incredibly easy to set up - no jumpers, missing or microcontroller in the special program. The module can be set in a small part of the four time using the touch buttons - each side of the screen two. These buttons can be used not only to set the screen, but they can also be programmed to send user-defined characters back to the host device.
Continue!
LCD module is so thin, you can use Velcro or double-sided sticky tape. This means that you can you never be able to fit their place, and then displayed. If you decide to use the four touch buttons, you can use a completely separate terminal control host device.
Measurement of liquid crystal display module has a radio control servo signal specific model - unlike any other product on the market - will also measure the pulse width and frequency. This means that the receivers, gyroscopes and other R / C equipment can be checked and matched to the corresponding servo. TextStar the same time and with the standard 1520us 760us signal compatible with the pulse repetition rate up to 1kHz. Learn more about using the least common multiple radio control Click here for more!
May 22, 2011
Qakbot takes off, profiting bot masters
The latest version of Qakbot has spread amongst corporate computers, leading security firm Symantec to issue a warning Friday that companies need to beware of the bot's worm-like propagation.
Between early April and early May, Symantec researchers saw the number of Qakbot-infected computers jump to more than 200,000, much higher than average, according to a report released by the company this afternoon. Activity from the bot program surges every three to six months, but rarely exceeds 50,000 compromised systems, says Vikram Thakur, principal security response manager for Symantec's threat intel group.
Also see: The botnet hunters
"This is definitely something to watch out for, considering it has been under development and it has been continuously evolving over the past few years," Thakur says. "This threat is a major problem for corporations because of just the way it actually spreads within an environment."
Recently, Qakbot appeared online signed with a valid digital key, a technique used most famously by the Stuxnet worm, to appear to be legitimate software. The bot is seeded within a company using compromised Web sites to push code to potential victims. Once inside a corporation, the bot program turns worm-like and spreads to open file shares and internal Web sites, which typically have far less security than external facing services, says Thakur.
"These things are not locked down as much as we imagine inside corporations," he says.
Also see: What a botnet looks like
Once on a computer, Qakbot steal banking credentials and other files. The program allows the cybercriminal group controlling the botnet to inject transactions into online banking sessions, stealing money from the victim's account.
Because of its success within corporation, the bot program could also be used to steal corporate data. For cybercriminals, however, bank account credentials continue to be a ready source of cash, so it's likely that they will continue to focus their efforts there.
"The ultimate aim, like almost every other threat we see, is to make money," Thakur says. "And these guys are using the most lucrative data they can get to make money."
Between early April and early May, Symantec researchers saw the number of Qakbot-infected computers jump to more than 200,000, much higher than average, according to a report released by the company this afternoon. Activity from the bot program surges every three to six months, but rarely exceeds 50,000 compromised systems, says Vikram Thakur, principal security response manager for Symantec's threat intel group.
Also see: The botnet hunters
"This is definitely something to watch out for, considering it has been under development and it has been continuously evolving over the past few years," Thakur says. "This threat is a major problem for corporations because of just the way it actually spreads within an environment."
Recently, Qakbot appeared online signed with a valid digital key, a technique used most famously by the Stuxnet worm, to appear to be legitimate software. The bot is seeded within a company using compromised Web sites to push code to potential victims. Once inside a corporation, the bot program turns worm-like and spreads to open file shares and internal Web sites, which typically have far less security than external facing services, says Thakur.
"These things are not locked down as much as we imagine inside corporations," he says.
Also see: What a botnet looks like
Once on a computer, Qakbot steal banking credentials and other files. The program allows the cybercriminal group controlling the botnet to inject transactions into online banking sessions, stealing money from the victim's account.
Because of its success within corporation, the bot program could also be used to steal corporate data. For cybercriminals, however, bank account credentials continue to be a ready source of cash, so it's likely that they will continue to focus their efforts there.
"The ultimate aim, like almost every other threat we see, is to make money," Thakur says. "And these guys are using the most lucrative data they can get to make money."
May 21, 2011
Google plans expanded 24/7 phone support … but not just yet
Google has always been known for fast and easy-to-use Web services loved by consumers. Google has never been known for the kind of dedicated support enterprise IT shops demand from technology vendors.
Yet Google has pushed forward into providing office software with Gmail, Google Docs and Calendar, and now even desktops with the just-announced Chromebooks from Samsung and Acer. To make the offerings more business-friendly, Google is planning to extend 24/7 phone support to more customers, Google enterprise chief Dave Girouard said during an interview at last week's Google I/O conference.
GOOGLE LAPTOPS: First look at Chrome OS
For Google consumer services, such as the Android Market, the only support option is often email and community discussion boards monitored by Google employees. But businesses that pay the $50 per user per year for Google Apps already get 24/7 phone support "for severe issues where you can't access the system," Girouard says.
A Web-based ticketing service is designed to handle non-urgent Apps issues. But Girouard says, "We are going to change that within a few months so it's 24/7 phone for any type of issue."
If it comes to fruition, 24/7 phone support for all problems would be a major upgrade over Google's current support. Email support for business users is available only Monday through Friday, with response time estimated at one business day. There is 24/7 access to online support forums, and phone support is also 24/7 -- but only for "system critical event emergencies."
Google defines those emergencies as "Any situation where Customer is unable to access or use the Services for the majority of its End Users or where Customer's network is not receiving any inbound email (and/or outbound email from the Services)." If taken literally, that means as long as 51% of users can receive email a customer cannot call Google on the phone.
Google's service-level-agreement, which details the circumstances under which customers may receive credits, also defines downtime loosely. "A five percent user error rate" must be reached for an outage to be considered "downtime," according to Google's SLA.
Google understands that it needs to provide more robust support to paying customers, Girouard says.
"It's not realistic for us to ever have 24/7 phone for a free service," Girouard says. "But for paid services, you should be able to call us at any time for any problem, period, full stop. And we're working toward that."
Chromebooks will be sold to businesses in subscription packages starting at $28 per user per month, which includes hardware replacements and support. They go on sale June 15, and Google says that support for Chromebooks will be roughly the same as support for Google Apps.
Eventually, Girouard says he expects 24/7 phone support for all issues to be offered both for Apps and Chromebooks, but "I don't know exactly where we will be at launch."
CHROME OS LAUNCH: Google says Windows is 'torturing users'
In an email statement released to Network World after the interview with Girouard, Google said its customer satisfaction ratings are above 90% and the number of support calls it receives has been declining.
Yet Google has pushed forward into providing office software with Gmail, Google Docs and Calendar, and now even desktops with the just-announced Chromebooks from Samsung and Acer. To make the offerings more business-friendly, Google is planning to extend 24/7 phone support to more customers, Google enterprise chief Dave Girouard said during an interview at last week's Google I/O conference.
GOOGLE LAPTOPS: First look at Chrome OS
For Google consumer services, such as the Android Market, the only support option is often email and community discussion boards monitored by Google employees. But businesses that pay the $50 per user per year for Google Apps already get 24/7 phone support "for severe issues where you can't access the system," Girouard says.
A Web-based ticketing service is designed to handle non-urgent Apps issues. But Girouard says, "We are going to change that within a few months so it's 24/7 phone for any type of issue."
If it comes to fruition, 24/7 phone support for all problems would be a major upgrade over Google's current support. Email support for business users is available only Monday through Friday, with response time estimated at one business day. There is 24/7 access to online support forums, and phone support is also 24/7 -- but only for "system critical event emergencies."
Google defines those emergencies as "Any situation where Customer is unable to access or use the Services for the majority of its End Users or where Customer's network is not receiving any inbound email (and/or outbound email from the Services)." If taken literally, that means as long as 51% of users can receive email a customer cannot call Google on the phone.
Google's service-level-agreement, which details the circumstances under which customers may receive credits, also defines downtime loosely. "A five percent user error rate" must be reached for an outage to be considered "downtime," according to Google's SLA.
Google understands that it needs to provide more robust support to paying customers, Girouard says.
"It's not realistic for us to ever have 24/7 phone for a free service," Girouard says. "But for paid services, you should be able to call us at any time for any problem, period, full stop. And we're working toward that."
Chromebooks will be sold to businesses in subscription packages starting at $28 per user per month, which includes hardware replacements and support. They go on sale June 15, and Google says that support for Chromebooks will be roughly the same as support for Google Apps.
Eventually, Girouard says he expects 24/7 phone support for all issues to be offered both for Apps and Chromebooks, but "I don't know exactly where we will be at launch."
CHROME OS LAUNCH: Google says Windows is 'torturing users'
In an email statement released to Network World after the interview with Girouard, Google said its customer satisfaction ratings are above 90% and the number of support calls it receives has been declining.
May 20, 2011
Microsoft Office 2010 Puts Word, Excel and PowerPoint on the Web
In an expected and inevitable move, Microsoft has announced that the next version of Office will include Web-based versions of Word, Excel, Powerpoint and OneNote.
Not to be confused with Microsoft Live Office Workspaces, which lets users of the desktop Office suite collaborate online, Office Web Apps will be full lightweight versions of the products, allowing users to create, edit, save, and share docs on the Web. And, like obvious competitor Google Docs, Office Web Apps will be available for free.
Like Docs, which requires a Google account, it seems the only requirement to use Office Web Apps will be a Microsoft Windows Live account, with two other options as well:
“Office Web applications will be available in three ways: through Windows Live, where more than 400 million consumers will have access to Office Web applications at no cost; on-premises for all Office volume licensing customers including more than 90 million Office annuity customers; and via Microsoft Online Services, where customers will be able to purchase a subscription as part of a hosted offering.”
Unfortunately, there isn’t anything to try out yet – Microsoft says that the new version of Office and its accompanying Web version won’t be available until the first half of next year. For now, the company has launched a preview site and a series of videos, introduced below:
Not to be confused with Microsoft Live Office Workspaces, which lets users of the desktop Office suite collaborate online, Office Web Apps will be full lightweight versions of the products, allowing users to create, edit, save, and share docs on the Web. And, like obvious competitor Google Docs, Office Web Apps will be available for free.
Like Docs, which requires a Google account, it seems the only requirement to use Office Web Apps will be a Microsoft Windows Live account, with two other options as well:
“Office Web applications will be available in three ways: through Windows Live, where more than 400 million consumers will have access to Office Web applications at no cost; on-premises for all Office volume licensing customers including more than 90 million Office annuity customers; and via Microsoft Online Services, where customers will be able to purchase a subscription as part of a hosted offering.”
Unfortunately, there isn’t anything to try out yet – Microsoft says that the new version of Office and its accompanying Web version won’t be available until the first half of next year. For now, the company has launched a preview site and a series of videos, introduced below:
May 18, 2011
Microsoft Bests Google, IBM In San Francisco's Cloud E-Mail Migration
In San Francisco, Walton said the city paid close attention to the Microsoft system's security and access controls and said the system could prevent a similar incident to the 2008 San Francisco network hijacking by then network administrator Terry Childs, who locked the city's network, preventing access to data and information.
And Walton noted that last week's BPOS cloud outages, which sparked lengthy delays in Microsoft Exchange Online e-mail delivery, helped influence San Francisco's move to the cloud-based e-mail service. He said that the city's ability to call Microsoft during the outage, which occurred during the pilot program, cemented that Microsoft was its top choice. He said when the city has had e-mail outages in the past it was often left hanging in the wind waiting for a response or an update.
"E-mail outages, unfortunately, are something that's happened to us before," Walton said, noting that e-mail outages aren't just a cloud issue. He said last week's BPOS outage only affected San Francisco's Exchange Online pilot users for about four hours.
Microsoft Vice President of State and Local Government at Microsoft, Gail Thomas-Flynn, added that not having to fret during an outage or other hiccup helps government agencies remain focused on serving their constituents and customers, instead of having to put out IT fires.
The San Francisco win is another feather in the Redmond, Wash.-based software giant's cloud cap as Microsoft continues to compete with chief cloud foe Google for cloud computing contracts, many of which are state and local government deals.
Microsoft and Google have also squared off over the Federal Information Security Management Act (FISMA), a certification that shows a company's solutions have meet the security requirements necessary to be leveraged by government agencies. Microsoft last month accused Google Apps of lacking FISMA certification. Google quickly responded and pointed out that it was indeed certified under FISMA, and it was eventually revealed that Microsoft itself had not received full FISMA certification for its BPOS-Federal play, which Microsoft later obtained.
The question over FISMA came to light as part of a recent lawsuit in which Google accused the DOI of not opening the bidding processes for its cloud e-mail to competition and wording its proposal to heavily favor Microsoft. A judge has placed an injunction on Microsoft's DOI cloud deployment until the matter is sorted out further.
And Walton noted that last week's BPOS cloud outages, which sparked lengthy delays in Microsoft Exchange Online e-mail delivery, helped influence San Francisco's move to the cloud-based e-mail service. He said that the city's ability to call Microsoft during the outage, which occurred during the pilot program, cemented that Microsoft was its top choice. He said when the city has had e-mail outages in the past it was often left hanging in the wind waiting for a response or an update.
"E-mail outages, unfortunately, are something that's happened to us before," Walton said, noting that e-mail outages aren't just a cloud issue. He said last week's BPOS outage only affected San Francisco's Exchange Online pilot users for about four hours.
Microsoft Vice President of State and Local Government at Microsoft, Gail Thomas-Flynn, added that not having to fret during an outage or other hiccup helps government agencies remain focused on serving their constituents and customers, instead of having to put out IT fires.
The San Francisco win is another feather in the Redmond, Wash.-based software giant's cloud cap as Microsoft continues to compete with chief cloud foe Google for cloud computing contracts, many of which are state and local government deals.
Microsoft and Google have also squared off over the Federal Information Security Management Act (FISMA), a certification that shows a company's solutions have meet the security requirements necessary to be leveraged by government agencies. Microsoft last month accused Google Apps of lacking FISMA certification. Google quickly responded and pointed out that it was indeed certified under FISMA, and it was eventually revealed that Microsoft itself had not received full FISMA certification for its BPOS-Federal play, which Microsoft later obtained.
The question over FISMA came to light as part of a recent lawsuit in which Google accused the DOI of not opening the bidding processes for its cloud e-mail to competition and wording its proposal to heavily favor Microsoft. A judge has placed an injunction on Microsoft's DOI cloud deployment until the matter is sorted out further.
May 17, 2011
Microsoft's open source love-in expands with CentOS Linux support
First, Microsoft submitted source code to the Linux kernel. Then, one of its executives claimed "We love open source." And just last night, Microsoft said it is now adding interoperability support for CentOS Linux so it can be run on Hyper-V, the virtualization platform that comes with Windows Server.
Microsoft's top 12 rivals
There's a healthy does of self-interest here, as Microsoft is trying to improve the viability of Hyper-V in an all-out war to topple VMware from its place at the top of the virtualization market, while also fending off open source competitors Xen and KVM. Plus, Linux is widely used in the Web server market. But you also might call supporting CentOS an indirect compliment paid to rival Red Hat, because CentOS is a version of Linux based on the Red Hat OS.
Bashing Microsoft 'like kicking a puppy,' says Linux Foundation chief
Microsoft marketing GM Sandy Gupta explains that Microsoft is targeting CentOS because it "is a popular Linux distribution for hosters," and therefore an important entry point for Microsoft to get its software into cloud networks.
"This development enables our Hosting partners to consolidate their mixed Windows + Linux infrastructure on Windows Server Hyper-V; reducing cost and complexity, while betting on an enterprise class virtualization platform," Gupta writes. Microsoft is set to share more details about Hyper-V's support for CentOS at this week's Open Source Business Conference.
Microsoft has a long, mostly contentious relationship with Linux and open source software users, often claiming that Linux software infringes on its patents. Linux-based Android is one of Microsoft's latest targets in enforcing patent claims. But if Linux and open source can be integrated with Microsoft software in a way that helps Microsoft sell more licenses, then Redmond officials become a little more forgiving, even supporting Linux servers (including Red Hat's) in its System Center management suite.
We'll keep a close eye on Microsoft's evolving stance toward open source software.
Microsoft's top 12 rivals
There's a healthy does of self-interest here, as Microsoft is trying to improve the viability of Hyper-V in an all-out war to topple VMware from its place at the top of the virtualization market, while also fending off open source competitors Xen and KVM. Plus, Linux is widely used in the Web server market. But you also might call supporting CentOS an indirect compliment paid to rival Red Hat, because CentOS is a version of Linux based on the Red Hat OS.
Bashing Microsoft 'like kicking a puppy,' says Linux Foundation chief
Microsoft marketing GM Sandy Gupta explains that Microsoft is targeting CentOS because it "is a popular Linux distribution for hosters," and therefore an important entry point for Microsoft to get its software into cloud networks.
"This development enables our Hosting partners to consolidate their mixed Windows + Linux infrastructure on Windows Server Hyper-V; reducing cost and complexity, while betting on an enterprise class virtualization platform," Gupta writes. Microsoft is set to share more details about Hyper-V's support for CentOS at this week's Open Source Business Conference.
Microsoft has a long, mostly contentious relationship with Linux and open source software users, often claiming that Linux software infringes on its patents. Linux-based Android is one of Microsoft's latest targets in enforcing patent claims. But if Linux and open source can be integrated with Microsoft software in a way that helps Microsoft sell more licenses, then Redmond officials become a little more forgiving, even supporting Linux servers (including Red Hat's) in its System Center management suite.
We'll keep a close eye on Microsoft's evolving stance toward open source software.
May 16, 2011
Google launches Chrome OS, says Windows is 'torturing users'
Google co-founder Sergey Brin said Windows and other traditional PC operating systems are "torturing users" at Google's Chrome OS launch event Wednesday, where the company claimed 75% of business users can be converted from Windows to Chrome OS right away.
Google is partnering with Samsung and Acer to ship laptops based on Google's browser-turned-operating-system on June 15, it was announced at the Google I/O conference. In a briefing with reporters afterward, Brin was asked how many Google employees still use Windows. As a rough guess, he said it's about 20%. The rest must use Macs or Linux. But by next year, Brin hopes the vast majority of Googlers will be doing their work on Chrome OS.
"I don't think there is anything inherently wrong with Windows," Brin said. "Windows 7 has some great security features."
But Chrome OS, by putting most of a user's applications and data on the Web with some offline capabilities, presents a "stateless" model that Brin believes will eliminate complexity for users and IT departments by un-tethering people from machines that are difficult to set up and manage.
"With Microsoft, and other operating system vendors, I think the complexity of managing your computer is really torturing users," Brin said. "It's torturing everyone in this room. It's a flawed model fundamentally. Chromebooks are a new model that doesn't put the burden of managing the computer on yourself."
Google executives said they surveyed 400 companies and found that with a combination of Web applications, offline access to Google Docs and other services, and applications delivered through virtualization software, businesses could move 75% of their users onto Chrome OS devices.
Microsoft (and even Apple) could probably come up with a survey showing exactly the opposite. But Google does have an interesting plan to market Chrome OS devices, including partnerships with VMware and Citrix to deliver remote access to enterprise applications.
Chrome OS is basically nothing more than the Chrome browser on top of a stripped-down version of Linux, with no need to install antivirus software because of Chrome's sandboxing security, and cloud-based backups to restore data on the off chance you get a virus. All user data is encrypted by default.
While the devices are primarily designed to surf the Web, the laptops will have a file system and some offline access to key productivity applications.
CHROME OS: 10 things you can (and can't) do with the Google PC
Devices from Samsung and Acer will be sold at Best Buy and Amazon.com for between $350 and $500, but businesses can get the devices in a package for $28 per user per month, which includes support and hardware replacements. A similar deal for $20 per user per month is available to schools.
Samsung will offer a $429 version with a 12.1-inch screen and Wi-Fi, and Verizon will ship a 3G version for $499. An Acer device with an 11.6-inch screen will start at $349.
Google is partnering with Samsung and Acer to ship laptops based on Google's browser-turned-operating-system on June 15, it was announced at the Google I/O conference. In a briefing with reporters afterward, Brin was asked how many Google employees still use Windows. As a rough guess, he said it's about 20%. The rest must use Macs or Linux. But by next year, Brin hopes the vast majority of Googlers will be doing their work on Chrome OS.
"I don't think there is anything inherently wrong with Windows," Brin said. "Windows 7 has some great security features."
But Chrome OS, by putting most of a user's applications and data on the Web with some offline capabilities, presents a "stateless" model that Brin believes will eliminate complexity for users and IT departments by un-tethering people from machines that are difficult to set up and manage.
"With Microsoft, and other operating system vendors, I think the complexity of managing your computer is really torturing users," Brin said. "It's torturing everyone in this room. It's a flawed model fundamentally. Chromebooks are a new model that doesn't put the burden of managing the computer on yourself."
Google executives said they surveyed 400 companies and found that with a combination of Web applications, offline access to Google Docs and other services, and applications delivered through virtualization software, businesses could move 75% of their users onto Chrome OS devices.
Microsoft (and even Apple) could probably come up with a survey showing exactly the opposite. But Google does have an interesting plan to market Chrome OS devices, including partnerships with VMware and Citrix to deliver remote access to enterprise applications.
Chrome OS is basically nothing more than the Chrome browser on top of a stripped-down version of Linux, with no need to install antivirus software because of Chrome's sandboxing security, and cloud-based backups to restore data on the off chance you get a virus. All user data is encrypted by default.
While the devices are primarily designed to surf the Web, the laptops will have a file system and some offline access to key productivity applications.
CHROME OS: 10 things you can (and can't) do with the Google PC
Devices from Samsung and Acer will be sold at Best Buy and Amazon.com for between $350 and $500, but businesses can get the devices in a package for $28 per user per month, which includes support and hardware replacements. A similar deal for $20 per user per month is available to schools.
Samsung will offer a $429 version with a 12.1-inch screen and Wi-Fi, and Verizon will ship a 3G version for $499. An Acer device with an 11.6-inch screen will start at $349.
May 15, 2011
Windows 8 to kill off Adobe Reader?
So long, farewell to Acrobat
Windows 8 is set to include its own native PDF reader, signalling the end of forced Adobe Reader integration.
A thousand weary PDF perusers are no doubt crying tears of happiness at the mere thought of never again having to update their PDF reader eighty-four times a day.
Hopefully the proprietary reader will also see an end to the almost-mandatory desktop shortcut that Adobe Reader drops on your desktop every time you update - but then again, this is Microsoft so we wouldn't bet on it.
Modernity
The new Microsoft PDF reader is known as 'Modern Reader', and uses the new AppX application package type, which is very similar to that of Windows Phone 7 and is likely to be used in Windows Phone 8 software too.
This should make emailing and opening PDF files on your phone and computer a much smoother experience, we'd hope, and could make developing cross-device applications much easier for devs.
The screenshots of the Modern Reader UI are pretty standard, featuring a very Windows Phone 7-esque look; it renders PDFs in full fidelity, offers zoom, allows for side-by-side page viewing and has a bookmark side-bar for skipping through chapters.
Windows 8 is set to include its own native PDF reader, signalling the end of forced Adobe Reader integration.
A thousand weary PDF perusers are no doubt crying tears of happiness at the mere thought of never again having to update their PDF reader eighty-four times a day.
Hopefully the proprietary reader will also see an end to the almost-mandatory desktop shortcut that Adobe Reader drops on your desktop every time you update - but then again, this is Microsoft so we wouldn't bet on it.
Modernity
The new Microsoft PDF reader is known as 'Modern Reader', and uses the new AppX application package type, which is very similar to that of Windows Phone 7 and is likely to be used in Windows Phone 8 software too.
This should make emailing and opening PDF files on your phone and computer a much smoother experience, we'd hope, and could make developing cross-device applications much easier for devs.
The screenshots of the Modern Reader UI are pretty standard, featuring a very Windows Phone 7-esque look; it renders PDFs in full fidelity, offers zoom, allows for side-by-side page viewing and has a bookmark side-bar for skipping through chapters.
May 14, 2011
Windows Event Viewer tips and tricks
The Event Viewer doesn't look like a very exciting Windows componment. If your PC is unstable you might use it to check for error messages, but otherwise, well, that's about all. Or is it?
Look a little closer and you'll discover that the tool has all kinds of useful additional capabilities. It can sometimes be hard to find important events using the default settings, but creating a custom view will help you zoom in quickly on the data that really matters, which can be an essential troubleshooting aid.
If you have a network, then you can set up one copy of the Event Viewer to collect events from several PCs, and manage them all centrally.
One excellent feature gives you the ability to run a particular program or task when a given event occurs. If a program crashes you could restart it, for example. If you're short on hard drive space, you could delete your temporary files – whatever you like.
Then there are the secret Event Logs that you may not even know exist, the leftover logs that need to be deleted, the hidden management features and a whole lot more.
Please note, while we're focusing on the Windows 7 Event Viewer here, much of what we're saying also applies to Vista and even XP. Whichever version of Windows you're using, the Event Viewer deserves a much closer look.
The basics
Event viewer
The prime purpose of Event Viewer is to act as a log for various applications and Windows components. Many of these issues don't have an interface, or don't report all their problems and status issues via alert messages, so if you want to find out what's really going on with your PC then it's essential to take a look at the Event Viewer on a regular basis.
You can access the viewer via the Control Panel (go to 'System and security | Administrative tools | View event logs' if you're using Windows 7), but we find it easier to launch the tool directly: click 'Start', type eventvwr.msc, click the 'Event Viewer' link and it will pop up in a second or two.
If you just want to find out more about your PC, then you can expand the 'Windows Logs' section of the tree and browse the Application, Security, Setup and System logs for any interesting looking events.
These logs are presented in reverse chronological order, so the most recent events are at the top and as you scroll down you'll move back in time.
What will you see here? It depends entirely on the setup of your system, but we checked a test PC and came up with many interesting entries. There were detailed error messages for application and system crashes, for instance. If you come home and someone tells you the PC crashed an hour ago, but they can't remember the error message, the Event Log may tell you more.
We found performance-related information, including an Outlook message that said its launch was delayed because of a particular add-on. There were also warnings about four boot drivers that had failed to load. That's information we wouldn't have found anywhere else, and could explain all kinds of odd system behaviour.
Other issues
There were also events relating to the PC startup and shutdown process, installed programs, hardware problem, and many other issues. You wouldn't want to browse the Event Viewer for fun, but if you're having any kind of computer issues then it's wise to give it a closer look – you just might find the clues you need to uncover their real cause.
The problem with scrolling through the main Windows logs is that there are only a few interesting events, and they're masked by a great deal of irrelevant junk. Fortunately the Event Viewer provides several alternatives that will help you zoom in on the data that matters.
Custom view
The Windows 7 Event Viewer, for instance, opens with a useful 'Summary of Administrative Events'. Particularly important event types, such as 'Critical', 'Error' and 'Warning', are listed right at the top and you can expand these to find out more.
Trying this on our test system revealed seven disk errors in the past week. Double-clicking the entry revealed the details, and it turned out one of our drives was experiencing controller errors. Could the drive be about to fail? We're not sure, but at least the Event Viewer has given us a warning so we can back it up.
Another possible option is to expand the 'Applications and Services Logs' section of the viewer. This area contains logs dedicated to applications and areas of your system, such as hardware events, Internet Explorer and Media Center.
Perhaps the most important log here is a little buried, though. Browse to 'Applications and services logs | Microsoft | Windows | Diagnostics-Performance | Operational' and you'll find information about your PC's boot and shutdown processes. Again, everyone will see different things, but when we checked this log on our PC we found a wealth of essential data.
There were events warning us that the Bonjour Service, Function Discovery Resource Publication Service and Orbit Downloader were all causing delays in the system shutdown process. Other events pointed fingers at particular programs for delaying our PCs boot, too – if we were to remove anything non-essential, our system would speed up.
There were general warning events too, such as 'Video memory resources are over-utilised and there is thrashing happening as a result'. If your PC seems slow, or unstable, then this could be a clue. Simply closing some windows could make all the difference, as might updating the video drivers.
As usual, these logs are packed with clues to all sorts of problems, many of which you may not even realise you have. Take a look – it's surprising what you can learn.
Subscriptions
Subscriptions
The Event Viewer isn't only able to reveal issues with your own PC. It can also collect information on Vista or Windows 7 systems all across your network, so you can troubleshoot many problems from the comfort of your own desktop.
To set this up you must prepare the remote computers to forward events. First launch an elevated command prompt on each of these (do this by right-clicking the link 'cmd.exe' and selecting 'Run as administrator'), then enter the command winrm quickconfig.
Next, go to the central PC where you'll be collecting these events, launch another elevated command prompt and enter the command wecutil qc.
You can then launch the Event Viewer on the collecting computer, click 'Subscriptions | Create subscription' and tell the system exactly which events you'd like to collect from which computers. These will then appear in the log you specify, and you'll be able to view and filter them just as you can events on your own computer. Well, that's the basic principle at least.
In practice, there are usually some complications. You might have to specifically allow the Remove Event Log Management process to connect through your firewall, for instance, and you'll need to add an account with administrator privileges to the Event Log Readers group on each of the remote PCs. Check the 'Event viewer help' file under 'Manage subscriptions' for more details.
Run a task
Alert
So far we've only used Event Viewer in a passive way, allowing it to record what various apps are doing, but the best part of the tool is that it can also be active and dynamic, responding to events with the specific action that you choose.
Suppose one of your favourite apps has its own event log, for instance. It might only add one event a week, but that event might be very important and you may want to know about it right away. Is this a problem? Not at all. In a few clicks you can be alerted whenever a new event appears.
To make this happen, launch Event Viewer, expand the 'Applications and services logs' section of the tree, right-click your log of choice and select 'Attach a task to this log'. Click 'Next' twice, choose the 'Display a message' option, and click 'Next' again. Enter a title for your message, then the message itself, and click 'Next'. Click 'Finish' and that's it – Windows will now display a pop-up alert with your selected message whenever an event is placed in this particular log.
You can also attach a task to a specific event. If you see something that might be really important, like a message that a hard drive is returning controller errors, then right-click it, select 'Attach a task to this event' and the wizard will appear. With a few clicks, you can ensure that you're informed directly about important events, rather than just hoping you'll catch them later.
Perhaps most usefully, the Event Viewer can also launch a task in response to a particular event. If your system is regularly displaying some low-level drive error, for example, you could automatically launch Windows chkdsk or some other drive error checker to confirm that all is well.
If you're running short of hard drive space and related events are appearing, you could have these launch something like CCleaner to quickly free up a little space.
The principle is the same: right-click an event and select 'Attach a task to this event' to launch the Create Basic Task Wizard. This time, when you get to the 'Action' point, select 'Start a program'. Click 'Next', choose your program or script and any optional command line arguments, then click 'Next', finish the wizard and your configuration is complete.
Event details
Windows will now respond automatically to events as they occur, which could mean your PC problems are fixed before you realise they've occurred.
Look a little closer and you'll discover that the tool has all kinds of useful additional capabilities. It can sometimes be hard to find important events using the default settings, but creating a custom view will help you zoom in quickly on the data that really matters, which can be an essential troubleshooting aid.
If you have a network, then you can set up one copy of the Event Viewer to collect events from several PCs, and manage them all centrally.
One excellent feature gives you the ability to run a particular program or task when a given event occurs. If a program crashes you could restart it, for example. If you're short on hard drive space, you could delete your temporary files – whatever you like.
Then there are the secret Event Logs that you may not even know exist, the leftover logs that need to be deleted, the hidden management features and a whole lot more.
Please note, while we're focusing on the Windows 7 Event Viewer here, much of what we're saying also applies to Vista and even XP. Whichever version of Windows you're using, the Event Viewer deserves a much closer look.
The basics
Event viewer
The prime purpose of Event Viewer is to act as a log for various applications and Windows components. Many of these issues don't have an interface, or don't report all their problems and status issues via alert messages, so if you want to find out what's really going on with your PC then it's essential to take a look at the Event Viewer on a regular basis.
You can access the viewer via the Control Panel (go to 'System and security | Administrative tools | View event logs' if you're using Windows 7), but we find it easier to launch the tool directly: click 'Start', type eventvwr.msc, click the 'Event Viewer' link and it will pop up in a second or two.
If you just want to find out more about your PC, then you can expand the 'Windows Logs' section of the tree and browse the Application, Security, Setup and System logs for any interesting looking events.
These logs are presented in reverse chronological order, so the most recent events are at the top and as you scroll down you'll move back in time.
What will you see here? It depends entirely on the setup of your system, but we checked a test PC and came up with many interesting entries. There were detailed error messages for application and system crashes, for instance. If you come home and someone tells you the PC crashed an hour ago, but they can't remember the error message, the Event Log may tell you more.
We found performance-related information, including an Outlook message that said its launch was delayed because of a particular add-on. There were also warnings about four boot drivers that had failed to load. That's information we wouldn't have found anywhere else, and could explain all kinds of odd system behaviour.
Other issues
There were also events relating to the PC startup and shutdown process, installed programs, hardware problem, and many other issues. You wouldn't want to browse the Event Viewer for fun, but if you're having any kind of computer issues then it's wise to give it a closer look – you just might find the clues you need to uncover their real cause.
The problem with scrolling through the main Windows logs is that there are only a few interesting events, and they're masked by a great deal of irrelevant junk. Fortunately the Event Viewer provides several alternatives that will help you zoom in on the data that matters.
Custom view
The Windows 7 Event Viewer, for instance, opens with a useful 'Summary of Administrative Events'. Particularly important event types, such as 'Critical', 'Error' and 'Warning', are listed right at the top and you can expand these to find out more.
Trying this on our test system revealed seven disk errors in the past week. Double-clicking the entry revealed the details, and it turned out one of our drives was experiencing controller errors. Could the drive be about to fail? We're not sure, but at least the Event Viewer has given us a warning so we can back it up.
Another possible option is to expand the 'Applications and Services Logs' section of the viewer. This area contains logs dedicated to applications and areas of your system, such as hardware events, Internet Explorer and Media Center.
Perhaps the most important log here is a little buried, though. Browse to 'Applications and services logs | Microsoft | Windows | Diagnostics-Performance | Operational' and you'll find information about your PC's boot and shutdown processes. Again, everyone will see different things, but when we checked this log on our PC we found a wealth of essential data.
There were events warning us that the Bonjour Service, Function Discovery Resource Publication Service and Orbit Downloader were all causing delays in the system shutdown process. Other events pointed fingers at particular programs for delaying our PCs boot, too – if we were to remove anything non-essential, our system would speed up.
There were general warning events too, such as 'Video memory resources are over-utilised and there is thrashing happening as a result'. If your PC seems slow, or unstable, then this could be a clue. Simply closing some windows could make all the difference, as might updating the video drivers.
As usual, these logs are packed with clues to all sorts of problems, many of which you may not even realise you have. Take a look – it's surprising what you can learn.
Subscriptions
Subscriptions
The Event Viewer isn't only able to reveal issues with your own PC. It can also collect information on Vista or Windows 7 systems all across your network, so you can troubleshoot many problems from the comfort of your own desktop.
To set this up you must prepare the remote computers to forward events. First launch an elevated command prompt on each of these (do this by right-clicking the link 'cmd.exe' and selecting 'Run as administrator'), then enter the command winrm quickconfig.
Next, go to the central PC where you'll be collecting these events, launch another elevated command prompt and enter the command wecutil qc.
You can then launch the Event Viewer on the collecting computer, click 'Subscriptions | Create subscription' and tell the system exactly which events you'd like to collect from which computers. These will then appear in the log you specify, and you'll be able to view and filter them just as you can events on your own computer. Well, that's the basic principle at least.
In practice, there are usually some complications. You might have to specifically allow the Remove Event Log Management process to connect through your firewall, for instance, and you'll need to add an account with administrator privileges to the Event Log Readers group on each of the remote PCs. Check the 'Event viewer help' file under 'Manage subscriptions' for more details.
Run a task
Alert
So far we've only used Event Viewer in a passive way, allowing it to record what various apps are doing, but the best part of the tool is that it can also be active and dynamic, responding to events with the specific action that you choose.
Suppose one of your favourite apps has its own event log, for instance. It might only add one event a week, but that event might be very important and you may want to know about it right away. Is this a problem? Not at all. In a few clicks you can be alerted whenever a new event appears.
To make this happen, launch Event Viewer, expand the 'Applications and services logs' section of the tree, right-click your log of choice and select 'Attach a task to this log'. Click 'Next' twice, choose the 'Display a message' option, and click 'Next' again. Enter a title for your message, then the message itself, and click 'Next'. Click 'Finish' and that's it – Windows will now display a pop-up alert with your selected message whenever an event is placed in this particular log.
You can also attach a task to a specific event. If you see something that might be really important, like a message that a hard drive is returning controller errors, then right-click it, select 'Attach a task to this event' and the wizard will appear. With a few clicks, you can ensure that you're informed directly about important events, rather than just hoping you'll catch them later.
Perhaps most usefully, the Event Viewer can also launch a task in response to a particular event. If your system is regularly displaying some low-level drive error, for example, you could automatically launch Windows chkdsk or some other drive error checker to confirm that all is well.
If you're running short of hard drive space and related events are appearing, you could have these launch something like CCleaner to quickly free up a little space.
The principle is the same: right-click an event and select 'Attach a task to this event' to launch the Create Basic Task Wizard. This time, when you get to the 'Action' point, select 'Start a program'. Click 'Next', choose your program or script and any optional command line arguments, then click 'Next', finish the wizard and your configuration is complete.
Event details
Windows will now respond automatically to events as they occur, which could mean your PC problems are fixed before you realise they've occurred.
May 12, 2011
Better Platform for Better Career
Microsoft MCTS Microsoft Certified Technology Specialist validates knowledge and skills to demonstrate your specialized technical expertise by earning this credential. Microsoft MCSD The Microsoft Certified Solutions Developer (MCSD) credential validates your advanced skill set, demonstrating to customers.
Microsoft is offering its own specialised MCITP exams (http://www.certkingdom.com) which also known to be the one of the best reputed certification world wide. It has the huge range of certification and training programmes which turn out to be really useful for the candidates. According to the recent survey, people who achieved and gained the credential of Microsoft certification are getting better career opportunities, why? Because Microsoft certifications and training programme specialises a candidate in a particular field therefore they stand out more infront of employers. Some of the most popular certifications of Microsoft are as follow; Microsoft MCDBA Microsoft Certified Database Administrator demonstrate your ability to design, implement, and manage the administration of Microsoft SQL Server 2000 databases successfully, Microsoft MCDST Microsoft Certified Desktop Support Technician, This credential proves your ability to successfully troubleshoot desktop environments that run on the Microsoft Windows operating system, Microsoft MCITP Microsoft Certified Information Technology Professional Demonstrate your range of expertise, real-world skills, and mastery of Microsoft technologies by earning this credentials and there are three tracks available to do this certification and that is MCITP Server, MCITP Enterprise and MCITP Business Intelligence,Microsoft MCSA Microsoft Certified Systems Administrator Prove your expertise in systems administration on Windows Server operating systems by earning this credential, Microsoft MCSE Microsoft Certified Systems Engineer equips you with the MCITP benefits (http://www.certkingdom.com)
technical capabilities and industry-recognized validation to help you compete. This certification is also being offered in two environments (Windows Server 2000 & Windows Server 2003 and in MCSE-Messaging & MCSE-Security). Microsoft MCTS Microsoft Certified Technology Specialist validates knowledge and skills to demonstrate your specialized technical expertise by earning this credential. Microsoft MCSD The Microsoft Certified Solutions Developer (MCSD) credential validates your advanced skill set, demonstrating to customers. Microsoft Certified Internetwork Professional validates advanced knowledge and skills required to manage service provider infrastructures and Microsoft MCPD Microsoft Certified Professional Developers validate your job-relevant skills and mastery of Microsoft Visual Studio and the Microsoft .NET Framework by becoming a Microsoft Certified Professional Developer.
Most IT professionals look for this document in determining the perfect candidate for the job vacancy. It’s better if you have newer certification because it speaks of fresher learning and knowledge, which is needed in the business today.
One leading industry that dictated the evolution of computers and the likes is none other than Microsoft. The rise of the IT industry is unstoppable at present. The said industry has created lots of opportunities through the development of its certification programs. They are specially designed to enhance the technical skills of these IT associates. With the growth of MCITP or Microsoft Certified IT Professional in this business many professionals will have the chance to follow a certain path for their desired free practice tests (http://www.certkingdom.com) . Wherein they can function well and display their knowledge and expertise.
Microsoft is offering its own specialised MCITP exams (http://www.certkingdom.com) which also known to be the one of the best reputed certification world wide. It has the huge range of certification and training programmes which turn out to be really useful for the candidates. According to the recent survey, people who achieved and gained the credential of Microsoft certification are getting better career opportunities, why? Because Microsoft certifications and training programme specialises a candidate in a particular field therefore they stand out more infront of employers. Some of the most popular certifications of Microsoft are as follow; Microsoft MCDBA Microsoft Certified Database Administrator demonstrate your ability to design, implement, and manage the administration of Microsoft SQL Server 2000 databases successfully, Microsoft MCDST Microsoft Certified Desktop Support Technician, This credential proves your ability to successfully troubleshoot desktop environments that run on the Microsoft Windows operating system, Microsoft MCITP Microsoft Certified Information Technology Professional Demonstrate your range of expertise, real-world skills, and mastery of Microsoft technologies by earning this credentials and there are three tracks available to do this certification and that is MCITP Server, MCITP Enterprise and MCITP Business Intelligence,Microsoft MCSA Microsoft Certified Systems Administrator Prove your expertise in systems administration on Windows Server operating systems by earning this credential, Microsoft MCSE Microsoft Certified Systems Engineer equips you with the MCITP benefits (http://www.certkingdom.com)
technical capabilities and industry-recognized validation to help you compete. This certification is also being offered in two environments (Windows Server 2000 & Windows Server 2003 and in MCSE-Messaging & MCSE-Security). Microsoft MCTS Microsoft Certified Technology Specialist validates knowledge and skills to demonstrate your specialized technical expertise by earning this credential. Microsoft MCSD The Microsoft Certified Solutions Developer (MCSD) credential validates your advanced skill set, demonstrating to customers. Microsoft Certified Internetwork Professional validates advanced knowledge and skills required to manage service provider infrastructures and Microsoft MCPD Microsoft Certified Professional Developers validate your job-relevant skills and mastery of Microsoft Visual Studio and the Microsoft .NET Framework by becoming a Microsoft Certified Professional Developer.
Most IT professionals look for this document in determining the perfect candidate for the job vacancy. It’s better if you have newer certification because it speaks of fresher learning and knowledge, which is needed in the business today.
One leading industry that dictated the evolution of computers and the likes is none other than Microsoft. The rise of the IT industry is unstoppable at present. The said industry has created lots of opportunities through the development of its certification programs. They are specially designed to enhance the technical skills of these IT associates. With the growth of MCITP or Microsoft Certified IT Professional in this business many professionals will have the chance to follow a certain path for their desired free practice tests (http://www.certkingdom.com) . Wherein they can function well and display their knowledge and expertise.
May 11, 2011
When will PlayStation Network be back up?
Perhaps the question should be: "If I hold my breath waiting for Sony to answer and I die, can someone sue?" Because Sony's continued promises when PSN will be back up are like the kid who incessantly promises to clean his room and never does. Subscribers grow impatient, with the vast majority answering our poll are ready to switch to Xbox 360 and Xbox Live.
Late last month, Sony promised partial PSN restoration -- gaming, music and video services -- on May 4, a pledge repeated on May 1. It's now May 8, and PSN is still down. I checked just before posting.
Two days ago, in another "I promise to clean my room soon" blog post, Patrick Seybold, Sony Senior director of Corporate Communications & Social Media, writes: "We know many of you are wanting to play games online, chat with your friends and enjoy all of the services PlayStation Network and Qriocity services have to offer, and trust me when I say we're doing everything we can to make it happen. We will update you with more information as soon as we have it. We apologize for the delay and inconvenience of this network outage."
What's the excuse this time? Simply put, Sony cannot yet guarantee that PSN is secure enough to put back online. "When we held the press conference in Japan last week, based on what we knew, we expected to have the services online within a week," Seybold explains. "We were unaware of the extent of the attack on Sony Online Entertainment servers, and we are taking this opportunity to conduct further testing of the incredibly complex system."
Within hours of the May 1 promise to restore PSN last week, Sony Online Entertainment went down, and the company issued yet another security warning. Hackers had stolen data from SOE, and this time Sony confirmed that credit card information had been taken. At least 12,700 credit or debit card and 10,700 direct debt card numbers (with bank account numbers) were stolen from SOE subscribers in Austria, Germany, Netherlands and Spain. So the initial breach was much greater than Sony understood, and the company took much longer uncovering the problem.
Hackers broke into PlayStation Network between April 17-19 and stole massive amounts of personally-identifying user data. On April 20, Sony voluntarily took down the network, after discovering the hack. The action may have helped prevent further data losses and allowed Sony, third-party security investigators and law enforcement to begin a forensic analysis of the hack. To reiterate: Hackers didn't take down PlayStation Network. Sony did. The same can be said of SOE, which Sony took offline, arguably belatedly, after discovering the hack.
In mid April 2011, Sony took down PlayStation Network after hackers stole subscribers' personal data. PlayStation users, will you switch to Xbox?
Absolutely
Not even if Hell froze over
VoteView Results
Share This
Quantcast
The full extent of the data breach is still unknown. Hackers did steal subscriber account IDs, passwords, addresses and phone numbers, security questions, email addresses and birth dates. Sony has insisted that, despite reports of millions of stolen credit card numbers being up for sale, the data was encrypted. While 77 million stolen credit cards makes great headlines, the other information is far more damaging since it can be used to steal peoples' identities. Not surprisingly, lawsuits are piling up, one and one now, for each the PSN and SOE breaches and Sony's handling of the aftermath.
Last week, Sony accused Anonymous of the security breach. Based on my limited knowledge of the hacker group, stealing user information for profit is out of character. Anonymous denied the accusation.
"When will PSN be back up?" is the still unanswered qustion. "We're still working to confirm the security of the network infrastructure, as well as working with a variety of outside entities to confirm with them of the security of the system," Seybold writes. "Verifying the system security is vital for the process of restoration. Additional comprehensive system checks and testing are still required, and we must complete that process before bringing the systems online. As you've heard us say, our utmost priorities are the security of the network and ensuring your data is safe. We won't restore the services until we can test the system's strength in these respects."
That's perhaps good for PSN subscribers' personal data protection in the future. There are plenty of dissatisfied PlayStation Network users in the here and now. On April 30, I started a poll asking PSN subscribers: "Will you switch to Xbox?" The results aren't so interesting as how they changed the longer the PSN outage went on. In the first few days, the results consistently hung around 54 percent switching. But the number crept up the longer PSN stayed down -- to 60 percent, then 65 percent and as of this morning 72.94 percent based on 3,285 responses.
I'm surprised that someone hasn't started a betting pool for when PSN will be back up.
Late last month, Sony promised partial PSN restoration -- gaming, music and video services -- on May 4, a pledge repeated on May 1. It's now May 8, and PSN is still down. I checked just before posting.
Two days ago, in another "I promise to clean my room soon" blog post, Patrick Seybold, Sony Senior director of Corporate Communications & Social Media, writes: "We know many of you are wanting to play games online, chat with your friends and enjoy all of the services PlayStation Network and Qriocity services have to offer, and trust me when I say we're doing everything we can to make it happen. We will update you with more information as soon as we have it. We apologize for the delay and inconvenience of this network outage."
What's the excuse this time? Simply put, Sony cannot yet guarantee that PSN is secure enough to put back online. "When we held the press conference in Japan last week, based on what we knew, we expected to have the services online within a week," Seybold explains. "We were unaware of the extent of the attack on Sony Online Entertainment servers, and we are taking this opportunity to conduct further testing of the incredibly complex system."
Within hours of the May 1 promise to restore PSN last week, Sony Online Entertainment went down, and the company issued yet another security warning. Hackers had stolen data from SOE, and this time Sony confirmed that credit card information had been taken. At least 12,700 credit or debit card and 10,700 direct debt card numbers (with bank account numbers) were stolen from SOE subscribers in Austria, Germany, Netherlands and Spain. So the initial breach was much greater than Sony understood, and the company took much longer uncovering the problem.
Hackers broke into PlayStation Network between April 17-19 and stole massive amounts of personally-identifying user data. On April 20, Sony voluntarily took down the network, after discovering the hack. The action may have helped prevent further data losses and allowed Sony, third-party security investigators and law enforcement to begin a forensic analysis of the hack. To reiterate: Hackers didn't take down PlayStation Network. Sony did. The same can be said of SOE, which Sony took offline, arguably belatedly, after discovering the hack.
In mid April 2011, Sony took down PlayStation Network after hackers stole subscribers' personal data. PlayStation users, will you switch to Xbox?
Absolutely
Not even if Hell froze over
VoteView Results
Share This
Quantcast
The full extent of the data breach is still unknown. Hackers did steal subscriber account IDs, passwords, addresses and phone numbers, security questions, email addresses and birth dates. Sony has insisted that, despite reports of millions of stolen credit card numbers being up for sale, the data was encrypted. While 77 million stolen credit cards makes great headlines, the other information is far more damaging since it can be used to steal peoples' identities. Not surprisingly, lawsuits are piling up, one and one now, for each the PSN and SOE breaches and Sony's handling of the aftermath.
Last week, Sony accused Anonymous of the security breach. Based on my limited knowledge of the hacker group, stealing user information for profit is out of character. Anonymous denied the accusation.
"When will PSN be back up?" is the still unanswered qustion. "We're still working to confirm the security of the network infrastructure, as well as working with a variety of outside entities to confirm with them of the security of the system," Seybold writes. "Verifying the system security is vital for the process of restoration. Additional comprehensive system checks and testing are still required, and we must complete that process before bringing the systems online. As you've heard us say, our utmost priorities are the security of the network and ensuring your data is safe. We won't restore the services until we can test the system's strength in these respects."
That's perhaps good for PSN subscribers' personal data protection in the future. There are plenty of dissatisfied PlayStation Network users in the here and now. On April 30, I started a poll asking PSN subscribers: "Will you switch to Xbox?" The results aren't so interesting as how they changed the longer the PSN outage went on. In the first few days, the results consistently hung around 54 percent switching. But the number crept up the longer PSN stayed down -- to 60 percent, then 65 percent and as of this morning 72.94 percent based on 3,285 responses.
I'm surprised that someone hasn't started a betting pool for when PSN will be back up.
May 10, 2011
What is Microsoft thinking, paying $8.5B for Skype?
It's hard to envision what Microsoft intends to do with Skype for corporate IT. So what can users expect to get out of Microsoft's $8.5 billion investment?
The people who paid $2.5 billion for Skype two years ago are starting to look very astute.
A week or two ago that wasn't the case. Skype's IPO had been delayed. Google and Facebook were sniffing around Skype, but a buyout didn't seem likely -- too many samolies for Facebook to muster, and all sorts of potential problems for Google, including an antitrust hurdle of Brobdingnagian proportions.
But this morning comes the announcement that Microsoft will purchase Skype for $8.5 billion. As a defensive move, Microsoft buying Skype has some merit: a Google Voice-and-Skype combination would prove a formidable challenge to Windows Live Messenger and Lync, both in the consumer market and in the enterprise. The Skype international telephone number inventory -- and Skype's long experience with local telcos all over the world -- would provide an instant presence that Google Voice is still struggling to establish.
But $8.5 billion?
It's hard to envision what Microsoft intends to do with Skype for corporate IT. Skype is widely regarded by network admins as anathema. Five years ago, at the BlackHat conference in Europe, Philippe Biodi and Fabrice Desclaux described Skype's obfuscated code, saying it "looks like /dev/random" and it hasn't gotten any better. Like any P2P program, Skype basically runs a backdoor, with random pings and relays going out even when there's nobody using the phone. Security people love software like that.
So if the software's no good in the corporate environment, what can enterprise IT expect to get out of Microsoft's $8.5 billion investment?
Not much, as far as I can tell. Speculation that Skype will integrate into the Lync or Exchange environment seem completely far-fetched: The architectures are completely different, and the software isn't reusable. Surely, Microsoft isn't expecting to keep many key Skype developers around, even with fat paychecks. Those international phone numbers and telco connections could help extend Lync, at least in theory. Skype has a good-sized user base, with 120 million active users every month, but that's small potatoes compared to Live Messenger.
Some analysts speculate that Microsoft will meld the Kinect (currently Xbox-only, but coming soon to a Windows 8 near you) with Skype, but that doesn't make a very compelling argument. Offering a $100 Kinect as a replacement for a $2.95 webcam makes about as much sense as ... as ... as buying Skype for $8.5 billion, eh?
The only positive note for IT, as best I can tell, is possible integration of P2P VoIP technology with Windows Phone. Microsoft may be playing a long game, with a Skype client for Windows Phone 8. Presumably the client wouldn't send chillls down the spine of Exchange and Lync admins. Having Skype available for free corporate calls worldwide certainly has a nice ring to it.
But $8.5 billion?
The people who paid $2.5 billion for Skype two years ago are starting to look very astute.
A week or two ago that wasn't the case. Skype's IPO had been delayed. Google and Facebook were sniffing around Skype, but a buyout didn't seem likely -- too many samolies for Facebook to muster, and all sorts of potential problems for Google, including an antitrust hurdle of Brobdingnagian proportions.
But this morning comes the announcement that Microsoft will purchase Skype for $8.5 billion. As a defensive move, Microsoft buying Skype has some merit: a Google Voice-and-Skype combination would prove a formidable challenge to Windows Live Messenger and Lync, both in the consumer market and in the enterprise. The Skype international telephone number inventory -- and Skype's long experience with local telcos all over the world -- would provide an instant presence that Google Voice is still struggling to establish.
But $8.5 billion?
It's hard to envision what Microsoft intends to do with Skype for corporate IT. Skype is widely regarded by network admins as anathema. Five years ago, at the BlackHat conference in Europe, Philippe Biodi and Fabrice Desclaux described Skype's obfuscated code, saying it "looks like /dev/random" and it hasn't gotten any better. Like any P2P program, Skype basically runs a backdoor, with random pings and relays going out even when there's nobody using the phone. Security people love software like that.
So if the software's no good in the corporate environment, what can enterprise IT expect to get out of Microsoft's $8.5 billion investment?
Not much, as far as I can tell. Speculation that Skype will integrate into the Lync or Exchange environment seem completely far-fetched: The architectures are completely different, and the software isn't reusable. Surely, Microsoft isn't expecting to keep many key Skype developers around, even with fat paychecks. Those international phone numbers and telco connections could help extend Lync, at least in theory. Skype has a good-sized user base, with 120 million active users every month, but that's small potatoes compared to Live Messenger.
Some analysts speculate that Microsoft will meld the Kinect (currently Xbox-only, but coming soon to a Windows 8 near you) with Skype, but that doesn't make a very compelling argument. Offering a $100 Kinect as a replacement for a $2.95 webcam makes about as much sense as ... as ... as buying Skype for $8.5 billion, eh?
The only positive note for IT, as best I can tell, is possible integration of P2P VoIP technology with Windows Phone. Microsoft may be playing a long game, with a Skype client for Windows Phone 8. Presumably the client wouldn't send chillls down the spine of Exchange and Lync admins. Having Skype available for free corporate calls worldwide certainly has a nice ring to it.
But $8.5 billion?
May 9, 2011
Dirty IT jobs: Partners in slime
Dirty Job No. 2: The shadow
You probably don't want to know where your coworkers are going on the Web. But sometimes you have no choice. Nancy Hand knows this, well, firsthand.
Until three years ago, Hand was a network engineer for a large public utility in the Southwest. When any of that site's 3,000 employees got a malware infection, Hand received an alert via the utility's McAfee software. She was then called in to investigate by remotely combing through the employee's browser cache, looking for the source of the attack.
[ Get a $50 American Express gift cheque if we publish your anonymous experiences from tech's front lines. Send your story of a lesson learned, of dealing with frustrating coworkers/end-users/managers, or a humorous happening to offtherecord@infoworld.com. ]
Along the way, Hand got to see where these employees had been surfing while they were allegedly working. Most of the time what she found was benign -- a lot of sites devoted to cooking, fashion, cars, and day trading. Inevitably, though, she'd encounter the darker side.
Like the employee who swore it was a spam email that caused his browser to visit that members-only bondage site, though how that email also managed to create a member profile for him was less clear. (Hand says the head of IT security jokingly awarded her the "Golden Garter Belt" for uncovering that one.)
Or the company vice president whom Hand discovered had been spending work time visiting TeenageVirginSluts.com. Naturally, he was the VP of IT.
"He was my boss's boss's boss," she says. "After I found this I contacted my manager and said, 'We have a zero-tolerance policy for this kind of thing, so I am officially notifying you of what I found.' To my knowledge nothing was ever done. About a year later that VP got fired for another sexually related infraction."
Some employees ended up being escorted from the facility by armed guards, though Hand never knew whether it was due to something she had found.
"Sometimes it was a little unsettling to be on the machine of someone I'd met in another part of my job who seemed like a very toe-the-line type of person, only to discover it wasn't true," she said. "People aren't as innocent as they seem. And the next time they complained about catching a virus, I'm thinking 'Well, you sort of did this to yourself.'"
Dirty jobs survival tip: Be prepared to go it alone.
"Management didn't seem to take any of it very seriously, even after we got hit with a denial-of-service attack that put us out of business for almost an entire day," she says. "It all becomes political, even though you think it shouldn't be. The VP is given a pass, but the secretary gets fired."
You probably don't want to know where your coworkers are going on the Web. But sometimes you have no choice. Nancy Hand knows this, well, firsthand.
Until three years ago, Hand was a network engineer for a large public utility in the Southwest. When any of that site's 3,000 employees got a malware infection, Hand received an alert via the utility's McAfee software. She was then called in to investigate by remotely combing through the employee's browser cache, looking for the source of the attack.
[ Get a $50 American Express gift cheque if we publish your anonymous experiences from tech's front lines. Send your story of a lesson learned, of dealing with frustrating coworkers/end-users/managers, or a humorous happening to offtherecord@infoworld.com. ]
Along the way, Hand got to see where these employees had been surfing while they were allegedly working. Most of the time what she found was benign -- a lot of sites devoted to cooking, fashion, cars, and day trading. Inevitably, though, she'd encounter the darker side.
Like the employee who swore it was a spam email that caused his browser to visit that members-only bondage site, though how that email also managed to create a member profile for him was less clear. (Hand says the head of IT security jokingly awarded her the "Golden Garter Belt" for uncovering that one.)
Or the company vice president whom Hand discovered had been spending work time visiting TeenageVirginSluts.com. Naturally, he was the VP of IT.
"He was my boss's boss's boss," she says. "After I found this I contacted my manager and said, 'We have a zero-tolerance policy for this kind of thing, so I am officially notifying you of what I found.' To my knowledge nothing was ever done. About a year later that VP got fired for another sexually related infraction."
Some employees ended up being escorted from the facility by armed guards, though Hand never knew whether it was due to something she had found.
"Sometimes it was a little unsettling to be on the machine of someone I'd met in another part of my job who seemed like a very toe-the-line type of person, only to discover it wasn't true," she said. "People aren't as innocent as they seem. And the next time they complained about catching a virus, I'm thinking 'Well, you sort of did this to yourself.'"
Dirty jobs survival tip: Be prepared to go it alone.
"Management didn't seem to take any of it very seriously, even after we got hit with a denial-of-service attack that put us out of business for almost an entire day," she says. "It all becomes political, even though you think it shouldn't be. The VP is given a pass, but the secretary gets fired."
May 8, 2011
Microsoft Office 2010 takes on all comers
Microsoft Office 2010 takes on all comers: IBM Lotus Symphony 3.0
Don't let the name fool you. IBM's Lotus Symphony suite has almost nothing to do with the earlier incarnations of the Lotus Symphony suite -- it's now a rebranded spin-off of OpenOffice.org, with a heavily reworked interface courtesy of IBM's programmers. It also features only three applications from the OpenOffice.org suite, but they're the ones that matter: word processor, spreadsheet, and presentations.
Launch Symphony and you'd scarcely know you were dealing with anything derived from OpenOffice.org at all. The look of the program is markedly different and, in my opinion, substantially more attractive. Open a word processing document, for instance, and you'll see a familiar toolbar along the top, but also a set of slide-out panels to the right of the text area: text properties, a document explorer/organizer, clip art, text styles, and a Widgets window. Also, multiple documents opened within Symphony are now organized as tabs within a single window by default, although you can undock them into their own window by right-clicking the relevant tab and selecting "Open in new window."
The Widgets panel lets you add various Internet-based services -- Google Gadgets or other Web pages -- into that window for reference or access to online applications. The usefulness of this feature is a little unclear, but it seems like it's being positioned as an open-ended version of the reference panel that's used in Word for translations, word definitions, and more.
One omission that would have been handy is support for the enhanced right-click context menu available through the Windows 7 Taskbar and Start menu. This typically provides access to recently used documents or common program functions. OpenOffice.org or LibreOffice don't have this either, but IBM could have easily added this extra bit of system integration while it was redesigning the rest of the program's look.
While Symphony may look different, most of its features (apart from obviously new things like the Widgets panel) and their behavior are almost identical to the OpenOffice.org counterparts. Anyone who has cut his or her teeth on the former program shouldn't have trouble figuring out how Symphony works. Most of the menus sport the same option sets, and utilities like the Template Organizer behave the same way.
Many of the new features that have come to Symphony 3.0 are courtesy of the new OpenOffice.org code base -- such as support for Microsoft Office VBA macros, or the Detective (dependency and debug tracer) for spreadsheet equations. Symphony can open most Office 2007 documents -- although you get a warning that some documents may not render with total fidelity. A number of files I tried, like the mortgage calculator spreadsheet I tested with OpenOffice.org and LibreOffice, opened but had the same issues as with those two programs. Password-protected Word and Excel files can also be opened, but only if they're saved in the Office 97-2003 binary format; password-protected Office 2007 XML-format files can't be opened.
The relatively stripped-down focus of Symphony means some features found in OpenOffice.org proper aren't found here. WordPerfect users looking to open their documents in Symphony are likely to be let down; support for WordPerfect documents is not included and is not available through the plug-in directory either. Format conversion also doesn't seem as well-supported in Symphony as it does in OpenOffice.org. When I couldn't open an .html document, I looked for a plug-in to allow that. The closest I could find was an output filter that saves ODF as a .html document and a plug-in that converts .html files to ODF spreadsheets (not text documents), but no import filter. To that end, those already using ODF as their standard document format will find Symphony a lot more accommodating.
Don't let the name fool you. IBM's Lotus Symphony suite has almost nothing to do with the earlier incarnations of the Lotus Symphony suite -- it's now a rebranded spin-off of OpenOffice.org, with a heavily reworked interface courtesy of IBM's programmers. It also features only three applications from the OpenOffice.org suite, but they're the ones that matter: word processor, spreadsheet, and presentations.
Launch Symphony and you'd scarcely know you were dealing with anything derived from OpenOffice.org at all. The look of the program is markedly different and, in my opinion, substantially more attractive. Open a word processing document, for instance, and you'll see a familiar toolbar along the top, but also a set of slide-out panels to the right of the text area: text properties, a document explorer/organizer, clip art, text styles, and a Widgets window. Also, multiple documents opened within Symphony are now organized as tabs within a single window by default, although you can undock them into their own window by right-clicking the relevant tab and selecting "Open in new window."
The Widgets panel lets you add various Internet-based services -- Google Gadgets or other Web pages -- into that window for reference or access to online applications. The usefulness of this feature is a little unclear, but it seems like it's being positioned as an open-ended version of the reference panel that's used in Word for translations, word definitions, and more.
One omission that would have been handy is support for the enhanced right-click context menu available through the Windows 7 Taskbar and Start menu. This typically provides access to recently used documents or common program functions. OpenOffice.org or LibreOffice don't have this either, but IBM could have easily added this extra bit of system integration while it was redesigning the rest of the program's look.
While Symphony may look different, most of its features (apart from obviously new things like the Widgets panel) and their behavior are almost identical to the OpenOffice.org counterparts. Anyone who has cut his or her teeth on the former program shouldn't have trouble figuring out how Symphony works. Most of the menus sport the same option sets, and utilities like the Template Organizer behave the same way.
Many of the new features that have come to Symphony 3.0 are courtesy of the new OpenOffice.org code base -- such as support for Microsoft Office VBA macros, or the Detective (dependency and debug tracer) for spreadsheet equations. Symphony can open most Office 2007 documents -- although you get a warning that some documents may not render with total fidelity. A number of files I tried, like the mortgage calculator spreadsheet I tested with OpenOffice.org and LibreOffice, opened but had the same issues as with those two programs. Password-protected Word and Excel files can also be opened, but only if they're saved in the Office 97-2003 binary format; password-protected Office 2007 XML-format files can't be opened.
The relatively stripped-down focus of Symphony means some features found in OpenOffice.org proper aren't found here. WordPerfect users looking to open their documents in Symphony are likely to be let down; support for WordPerfect documents is not included and is not available through the plug-in directory either. Format conversion also doesn't seem as well-supported in Symphony as it does in OpenOffice.org. When I couldn't open an .html document, I looked for a plug-in to allow that. The closest I could find was an output filter that saves ODF as a .html document and a plug-in that converts .html files to ODF spreadsheets (not text documents), but no import filter. To that end, those already using ODF as their standard document format will find Symphony a lot more accommodating.
May 6, 2011
Death by Facebook: MySpace bids expected, Friendster transitions
Bids are expected to be received for social networking site MySpace by the end of the week, the Wall Street Journal reported on Wednesday. News Corp, which acquired the site in 2005 for $580 billion, is said to be seeking bids of at least $100 billion for the site.
At least a half-dozen companies are said to be considering bids, including several equity firms and Criterion Capital Partners LLC, owners of social networking site Bebo. The structures of the deals are not known although it is said that some include News Corp retaining a small stake.
The news confirms comments made in January by CEO Mike Jones that the company was considering a sale. What interested parties plan to do with the site is unknown: it may continue to operate as it currently has or be merged into an existing property.
Video site Vevo has also been rumored to have shown interest although it is believed to have backed away from making a deal, the WSJ reports. Either way, it appears that News Corp is set to take a major hit on its now six-year-old investment -- a victim of the meteoric rise of Facebook.
As usage of that social networking site exploded, interest among consumers in MySpace waned. Last month it had 36.1 million unique visitors, half of what it had just a year before and its lowest traffic total since shortly after the merger occurred. Even an attempted refocus was not the solution to MySpace's woes.
That effort, announced in October, switched the focus away from social networking among friends and turned MySpace into an entertainment hub. So far, there has been little evidence that the change has stopped the site's slide into irrelevancy, unfortunately.
In related news, another social networking site is also exiting the business. Friendster announced this week that it would delete most profile information after May 31, as it looks to transition into a gaming site. The company was one of the pioneers in the social networking space when it first launched in 2002, but found itself first trumped by the rise of MySpace and then later by Facebook.
At least a half-dozen companies are said to be considering bids, including several equity firms and Criterion Capital Partners LLC, owners of social networking site Bebo. The structures of the deals are not known although it is said that some include News Corp retaining a small stake.
The news confirms comments made in January by CEO Mike Jones that the company was considering a sale. What interested parties plan to do with the site is unknown: it may continue to operate as it currently has or be merged into an existing property.
Video site Vevo has also been rumored to have shown interest although it is believed to have backed away from making a deal, the WSJ reports. Either way, it appears that News Corp is set to take a major hit on its now six-year-old investment -- a victim of the meteoric rise of Facebook.
As usage of that social networking site exploded, interest among consumers in MySpace waned. Last month it had 36.1 million unique visitors, half of what it had just a year before and its lowest traffic total since shortly after the merger occurred. Even an attempted refocus was not the solution to MySpace's woes.
That effort, announced in October, switched the focus away from social networking among friends and turned MySpace into an entertainment hub. So far, there has been little evidence that the change has stopped the site's slide into irrelevancy, unfortunately.
In related news, another social networking site is also exiting the business. Friendster announced this week that it would delete most profile information after May 31, as it looks to transition into a gaming site. The company was one of the pioneers in the social networking space when it first launched in 2002, but found itself first trumped by the rise of MySpace and then later by Facebook.
May 5, 2011
OpenERP launches latest version of its open enterprise resource planning suite
Belgium-based commercial open source software vendor OpenERP today announced the availability of OpenERP v6, the latest version of the company's enterprise resource planning (ERP) suite. OpenERP v6 includes updates to almost all of the components in the suite, including its CRM, Purchase Management, Manufacturing, Warehouse Management, Project Management, Accounting, Marketing, Human Resources, and Point of Sale modules.
OpenERP Web Interface
OpenERP says this version has more than a hundred new features in total, which are the result of thousands of customer and community suggestions and more than a year's worth of development from its community of 800 individual developers.
For those who have never experienced OpenERP, the company has set up a demo server where you can play around with examples of the different software modules. The idea is that customers can build a comprehensive ERP system one module at a time, eventually growing it into an end to end solution, contained within a single piece of software.
OpenERP v6 costs $39 per user per month and comes with a 1GB per user data limitation. Like previous versions, it can be deployed on site, and this version brings with it an SaaS on-demand version.
"We believe that SaaS and Open Source are an interesting combination. The customers always have an option if for any reason the SaaS platform no longer meets their needs. It is their insurance policy, and it is in line with our no lock-in policy," Mark Laporte, OpenERP's Chief Operations Officer said in a statement today. "Our competitors will never offer such flexibility".
OpenERP Web Interface
OpenERP says this version has more than a hundred new features in total, which are the result of thousands of customer and community suggestions and more than a year's worth of development from its community of 800 individual developers.
For those who have never experienced OpenERP, the company has set up a demo server where you can play around with examples of the different software modules. The idea is that customers can build a comprehensive ERP system one module at a time, eventually growing it into an end to end solution, contained within a single piece of software.
OpenERP v6 costs $39 per user per month and comes with a 1GB per user data limitation. Like previous versions, it can be deployed on site, and this version brings with it an SaaS on-demand version.
"We believe that SaaS and Open Source are an interesting combination. The customers always have an option if for any reason the SaaS platform no longer meets their needs. It is their insurance policy, and it is in line with our no lock-in policy," Mark Laporte, OpenERP's Chief Operations Officer said in a statement today. "Our competitors will never offer such flexibility".
May 4, 2011
New Wi-Fi gear aims to wipe out Ethernet edge switches
A third new service is a patent-pending technology called Orthogonal Array Beam Forming (OABF). WLAN vendors over the past two years have been adding support for various optional parts of the 11n standard, (see from May 2010, "Major Wi-Fi changes ahead") including transmit beam forming (sometimes "beamforming"). The same waveform is sent over 11n's multiple antennas, with the magnitude and phase adjusted at each transmitter to focus the beam direction toward a particular receiver. This increases the signal's gain so it's more stable, and can be "steered around" interferers so it's more reliable.
[Ruckus Wireless in 2009 was the first to introduce beam forming for 11n products, exploiting its unique multi-component antenna design. Wireless blogger Craig Mathias used that introduction to explore the topic.]
Meru has created what it says is a more fine-grained alternative. Each Wi-Fi signal is made up of about 60 sub-carriers over a wide swath of spectrum, says Graham Melville, Meru's director of product management. Meru's code can optimize each of the sub-carriers and the result, he says, is an improvement in gain, or sensitivity, on the order of 8-10 dB.
The result of the improved gain is a higher signal quality and higher data rates: where Meru saw 36Mbps before applying its beamforming technology, it saw 54Mbps after, for example. "It stays at the high data rates because the signal is stronger, and better quality," Melville says.
The new access points also can use the optional Meru Proactive Spectrum Analysis as part of another service, called Air Traffic Services. One of the AP400 radios can be assigned the job of continually monitoring the Wi-Fi radio frequencies for unauthorized radios, analyzing the spectrum usage and interference, and running Meru's integrated wireless intrusion prevention system.
Another network service is called Mobile Application Segregation: administrators can create a dedicated channel for individual applications or groups of them, high definition video, or wireless VoIP.
John Cox covers wireless networking and mobile computing for "Network World."
[Ruckus Wireless in 2009 was the first to introduce beam forming for 11n products, exploiting its unique multi-component antenna design. Wireless blogger Craig Mathias used that introduction to explore the topic.]
Meru has created what it says is a more fine-grained alternative. Each Wi-Fi signal is made up of about 60 sub-carriers over a wide swath of spectrum, says Graham Melville, Meru's director of product management. Meru's code can optimize each of the sub-carriers and the result, he says, is an improvement in gain, or sensitivity, on the order of 8-10 dB.
The result of the improved gain is a higher signal quality and higher data rates: where Meru saw 36Mbps before applying its beamforming technology, it saw 54Mbps after, for example. "It stays at the high data rates because the signal is stronger, and better quality," Melville says.
The new access points also can use the optional Meru Proactive Spectrum Analysis as part of another service, called Air Traffic Services. One of the AP400 radios can be assigned the job of continually monitoring the Wi-Fi radio frequencies for unauthorized radios, analyzing the spectrum usage and interference, and running Meru's integrated wireless intrusion prevention system.
Another network service is called Mobile Application Segregation: administrators can create a dedicated channel for individual applications or groups of them, high definition video, or wireless VoIP.
John Cox covers wireless networking and mobile computing for "Network World."
May 3, 2011
New features of Microsoft Dynamics AX 2012 revealed
Microsoft on Monday offered new information about the next version of its enterprise resource planning software, Microsoft Dynamics AX 2012, and revealed that beta testing for the suite is expected to begin this month. Microsoft Dynamics AX 2012
Here's a point by point list of the improvements that Microsoft announced today:
* Dynamics AX 2012 comes with five high-level "industry templates," for instant optimization for specific usage scenarios: manufacturing, distribution, public sector, professional services and retail. Within these, Dynamics AX 2012 has customizable sets of Unified Natural Models that cover real-world situations that each of these businesses face.
* Microsoft Dynamics AX 2012 uses Microsoft SQL Server as the default data management system, for more uniform embedded business intelligence functionality.
* Bi-directional integration with Microsoft Office 2010, and Enterprise Search functionality through connection with Microsoft SharePoint 2010 Business Connectivity Services.
* Integration with Microsoft Lync 2010 collaboration and communication services.
* Overall design streamlining, including the simplification of processes, and access to RoleTailored business intelligence data.
* Support for currencies, time zones, languages, and regional banking, reporting and legislative compliance for business systems in 38 countries worldwide.
Microsoft Dynamics AX 2012 logo
The beta of Microsoft Dynamics AX 2012 will be released this month, but Microsoft did not yet specify a date. The final release is expected to be available some time in August. Subsequent versions of Microsoft's ERP software will be available on the Azure cloud platform, Microsoft revealed on Monday. Their design will be similar to Microsoft's CRM products which are available both as on-premises software and as cloud-based SaaS.
Here's a point by point list of the improvements that Microsoft announced today:
* Dynamics AX 2012 comes with five high-level "industry templates," for instant optimization for specific usage scenarios: manufacturing, distribution, public sector, professional services and retail. Within these, Dynamics AX 2012 has customizable sets of Unified Natural Models that cover real-world situations that each of these businesses face.
* Microsoft Dynamics AX 2012 uses Microsoft SQL Server as the default data management system, for more uniform embedded business intelligence functionality.
* Bi-directional integration with Microsoft Office 2010, and Enterprise Search functionality through connection with Microsoft SharePoint 2010 Business Connectivity Services.
* Integration with Microsoft Lync 2010 collaboration and communication services.
* Overall design streamlining, including the simplification of processes, and access to RoleTailored business intelligence data.
* Support for currencies, time zones, languages, and regional banking, reporting and legislative compliance for business systems in 38 countries worldwide.
Microsoft Dynamics AX 2012 logo
The beta of Microsoft Dynamics AX 2012 will be released this month, but Microsoft did not yet specify a date. The final release is expected to be available some time in August. Subsequent versions of Microsoft's ERP software will be available on the Azure cloud platform, Microsoft revealed on Monday. Their design will be similar to Microsoft's CRM products which are available both as on-premises software and as cloud-based SaaS.
May 2, 2011
Security researcher: 'Trivially easy' to buy SSL certificate for domain you don't own
Last week, Betanews reported on the discovery by two university researchers, made at a recent security conference, that security companies often deal with governments that can compel certificate authorities to produce SSL security keys for them. Those keys can then be used to sign certificates as any other Web site, enabling a law enforcement authority -- hypothetically speaking, of course -- to spoof virtually any other site.
Today, Betanews heard from world-renowned security expert Kurt Seifried, author of numerous books on Linux system administration, network security, and cryptography. In the May 2010 issue of Linux Magazine, Seifried reports on his own discovery, which goes one very critical step further: You don't need to be a government, he found, to compel a certificate authority (CA) to issue an SSL certificate for a major Web mail service of your choice. You just need a valid credit card.
"Brief summary: One way to get certificates for domains you don't own: 1) Find a free Web mail provider. 2) Register an account such as ssladmin. 3) Go to RapidSSL.com and buy a certificate. When given the choice of what e-mail address to use, simply select ssladmin. 4) Go through certificate registration process (this takes about 20 minutes). 5) You will now have a secure Web certificate for that Web mail provider," Seifried told Betanews this afternoon.
In his Linux Magazine article, Seifried lists several other permutations of generic-sounding e-mail account names that may be given to the guy in charge of administration, including the obvious postmaster, administrator, and root. In his own tests, Seifried says, it usually took only a half-hour to acquire a perfectly valid certificate for a major Web mail service.
"The industry-accepted standard for confirming someone is who they say they are and that they control a domain is that 'the CA takes reasonable measures to verify,' which is very ambiguous at best and meaningless at worst," reads Seifried's article. "One CA proposed that customers could fax a signed letter on company letterhead as proof that they controlled a domain (Have they not heard of word processors and image editing programs? Or online fax services?). CAs want to sell as many certificates for as little money as they can; if this puts users at risk but doesn't cost the CA anything, then there is no incentive to fix things."
We asked Seifried, what can the general user do to protect himself against a possible authoritative spoof using a false certificate? We didn't like the sound of his answer: "Nothing. User education hasn't worked and won't work...The only reason I know the difference is I investigated this a while back; I've been writing about how broken SSL is off and on for a decade now."
Seifried credits Mozilla Firefox for at least giving the user good visual clues as to the validity of a signed certificate -- for instance, using the color-coded bars next to the HTTPS: address in the upper bar. But ask everyday folks what those colors mean, he said, and they wouldn't be able to tell you. Are there further steps Mozilla, or any other browser maker, could take to make "Trust" more meaningful to the user, and less likely to be something else for him to ignore? "Well there would be one possibility, but it'll never happen, and that would be to boot out all the CAs that don't do a good job verifying domains/etc. and only have root CAs that do a good job," Seifried responded.
"Basically right now, when a CA checks 'ownership' of a domain, it checks one e-mail address, which is trivial to bypass especially with, say, a free Web mail provider," he continued. "If it were to add more checks -- i.e., the CA generates a random string (say an MD5 sum) and requires you to place 8987a978d987e987c978.html or whatever in your webroot at www.yourdomain.com to prove you have control over the Web server as well; and maybe a DNS check, like requiring you to create a DNS record of iugasdcviuoba.yourdomain.com to prove that you have control over the DNS -- that would greatly help, because in that case, you either are a legit domain owner, or the attacker has such a degree of control over your domain that any checks won't matter. The funny thing is, Google used to do this for some of its services like Google Analytics. Also making the e-mail check more stringent -- i.e., only e-mail_address@the domain listed in WHOIS, or well-known and typically controlled e-mail address such as postmaster@, would also help greatly.
"But then buying a certificate would take time and the verification process would fail more often (waiting for DNS propagation/etc.), so it's very unlikely to happen. Once you get a certificate in the root CA store, you basically have a license to print money."
Today, Betanews heard from world-renowned security expert Kurt Seifried, author of numerous books on Linux system administration, network security, and cryptography. In the May 2010 issue of Linux Magazine, Seifried reports on his own discovery, which goes one very critical step further: You don't need to be a government, he found, to compel a certificate authority (CA) to issue an SSL certificate for a major Web mail service of your choice. You just need a valid credit card.
"Brief summary: One way to get certificates for domains you don't own: 1) Find a free Web mail provider. 2) Register an account such as ssladmin. 3) Go to RapidSSL.com and buy a certificate. When given the choice of what e-mail address to use, simply select ssladmin. 4) Go through certificate registration process (this takes about 20 minutes). 5) You will now have a secure Web certificate for that Web mail provider," Seifried told Betanews this afternoon.
In his Linux Magazine article, Seifried lists several other permutations of generic-sounding e-mail account names that may be given to the guy in charge of administration, including the obvious postmaster, administrator, and root. In his own tests, Seifried says, it usually took only a half-hour to acquire a perfectly valid certificate for a major Web mail service.
"The industry-accepted standard for confirming someone is who they say they are and that they control a domain is that 'the CA takes reasonable measures to verify,' which is very ambiguous at best and meaningless at worst," reads Seifried's article. "One CA proposed that customers could fax a signed letter on company letterhead as proof that they controlled a domain (Have they not heard of word processors and image editing programs? Or online fax services?). CAs want to sell as many certificates for as little money as they can; if this puts users at risk but doesn't cost the CA anything, then there is no incentive to fix things."
We asked Seifried, what can the general user do to protect himself against a possible authoritative spoof using a false certificate? We didn't like the sound of his answer: "Nothing. User education hasn't worked and won't work...The only reason I know the difference is I investigated this a while back; I've been writing about how broken SSL is off and on for a decade now."
Seifried credits Mozilla Firefox for at least giving the user good visual clues as to the validity of a signed certificate -- for instance, using the color-coded bars next to the HTTPS: address in the upper bar. But ask everyday folks what those colors mean, he said, and they wouldn't be able to tell you. Are there further steps Mozilla, or any other browser maker, could take to make "Trust" more meaningful to the user, and less likely to be something else for him to ignore? "Well there would be one possibility, but it'll never happen, and that would be to boot out all the CAs that don't do a good job verifying domains/etc. and only have root CAs that do a good job," Seifried responded.
"Basically right now, when a CA checks 'ownership' of a domain, it checks one e-mail address, which is trivial to bypass especially with, say, a free Web mail provider," he continued. "If it were to add more checks -- i.e., the CA generates a random string (say an MD5 sum) and requires you to place 8987a978d987e987c978.html or whatever in your webroot at www.yourdomain.com to prove you have control over the Web server as well; and maybe a DNS check, like requiring you to create a DNS record of iugasdcviuoba.yourdomain.com to prove that you have control over the DNS -- that would greatly help, because in that case, you either are a legit domain owner, or the attacker has such a degree of control over your domain that any checks won't matter. The funny thing is, Google used to do this for some of its services like Google Analytics. Also making the e-mail check more stringent -- i.e., only e-mail_address@the domain listed in WHOIS, or well-known and typically controlled e-mail address such as postmaster@, would also help greatly.
"But then buying a certificate would take time and the verification process would fail more often (waiting for DNS propagation/etc.), so it's very unlikely to happen. Once you get a certificate in the root CA store, you basically have a license to print money."
May 1, 2011
California Revokes Four Voting Machine Certifications
Following last week's report by University of California, Davis engineers on the integrity -- or lack thereof -- of electronic voting machines used in statewide elections, the California Secretary of State late last week revoked the approval of systems from Diebold, Hart InterCivic, Sequoia, and Elections Systems and Software, Inc. Manufacturers now each have 30 days to come up with a plan for how they intend to harden their systems' internal configuration security, and 45 days for a network security hardening plan, before their systems can be submitted for re-approval for use in next February's presidential primary.
Among the findings Sec. of State Debra Bowen cited in her proclamations this morning was this: "The Diebold Red Team members [from UC Davis], with access only to the Windows operating system on the Diebold GEMS election management server supplied to Diebold and without requiring access to Diebold source code, were able to access the Diebold voting system server software and to corrupt the election management system database, which could result in manipulated voter totals or the inability to read election results, rendering an election impossible to complete electronically."
Officially dis-approved and uncertified for use in next year's primaries were the Diebold/AccuVote TS system to which Sec. Bowen referred above, plus the Hart InterCivic system 6.2.1 (the manufacturer voluntarily withdrew version 6.1) and a Sequoia WinEDS system that Bowen mentioned was found to contain "a shell-like scripting language in the firmware of the Edge direct recording electronic voting machine that could be coerced into performing malicious actions, in apparent violation of 2002 Voting System Standards that prohibit 'self-modifying, dynamically loaded or interpreted code."' One of its shell commands easily reset the machine's protective vote counter.
Bowen revoked the certification for the ES&S InkaVote Plus system after its manufacturer only complied with requests to participate in the testing program just five days prior to the release of test results during last week's public hearing. ES&S won't get a chance to resubmit.
Responding to this morning's decision, Diebold Election Systems (DESI) President Dave Byrd took issue with the way the testing was conducted. "Secretary Bowen's top-to-bottom review was designed to ignore security procedures and protocols that are used during every election," Byrd said. "Her team of hackers was given unfettered access to the equipment, the source code, and all other information on security features provided by DESI to the Secretary of State's office. And she refused to include in the review the current version of DESI's touch screen software with enhanced security features."
Byrd's characterization of UC Davis' researchers lends credence to the argument that manufacturers didn't feel obliged to cooperate with the research effort, on the basis that manufacturers would not be obliged or expected to cooperate with real malicious users to the same extent. However, California's refusal not to test the latest version of Diebold's software has to do with the fact that the state has not yet certified that version, and chose to only test machines already certified.
Sequoia Voting Systems issued a similar statement: "The California Top-to-Bottom Review was not a security risk evaluation but an unrealistic worst case scenario evaluation limited to malicious tests, studies and analysis performed in a laboratory environment by computer security experts with unfettered access to the voting machines and software over several weeks. This is not a real-world scenario and does not reflect the diligence, hard work and dedication to the stewardship of our nation's democracy that Sequoia's customers - and election officials everywhere - carry out every day in their very important jobs of conducting elections in California and throughout the United States."
Last week, in an attempt to pre-empt possible criticism, UC Davis principal investigator Matt Bishop defended the methodology used by his and one other "Red Team." "The threats were taken to be both insiders (those with complete knowledge of the system and various degrees of access to the system) and outsiders (those with limited access to the systems)," Bishop wrote.
"As a result, all information available to the Secretary of State was made available to the testers. The testers were told to assume that the environments in which the systems were used would vary, and that the testers could do whatever they thought necessary to test the machines. The testers therefore assumed the attackers would include anyone coming in contact with the voting systems at some point in the process - voters, poll workers, election officials, vendor employees, and others with varying degrees of access."
Bishop added that his teams chose not to presume that hackers on the outside wouldn't know or be able to ascertain everything they could about the technology they were working to compromise. This way, he said, the teams could concentrate on the integrity of the technology rather than the mindsets of hackers or the efficacy of manufacturers' policies.
But criticism of the Red Teams' methods has not been restricted to outside of state government. In a statement prior to last week's public hearing, the president of the California Association of Clerks and Election Officials, Steve Weir, expressed his regret that researchers didn't appear to be conducting searches for malicious code that may have already found their way inside voting machines.
"I am sorry to say that I find the approach of the so-called Top-to-Bottom Review to be more to do with headlines than with definitive science or the pursuit of legitimate public policy," Weir wrote. "We have been told that no malicious code was found during the source code examination. Unfortunately, while this issue is a matter of public debate nationwide, no such comprehensive review was even attempted. If true, this is a tragic missed opportunity and a public policy blunder."
Despite that pronouncement, Sec. Bowen's proclamations state, "The expert reviewers reported that all of the voting systems studied contain serious design flaws that have led directly to specific vulnerabilities, which attackers could exploit to affect election outcomes."
Among the findings Sec. of State Debra Bowen cited in her proclamations this morning was this: "The Diebold Red Team members [from UC Davis], with access only to the Windows operating system on the Diebold GEMS election management server supplied to Diebold and without requiring access to Diebold source code, were able to access the Diebold voting system server software and to corrupt the election management system database, which could result in manipulated voter totals or the inability to read election results, rendering an election impossible to complete electronically."
Officially dis-approved and uncertified for use in next year's primaries were the Diebold/AccuVote TS system to which Sec. Bowen referred above, plus the Hart InterCivic system 6.2.1 (the manufacturer voluntarily withdrew version 6.1) and a Sequoia WinEDS system that Bowen mentioned was found to contain "a shell-like scripting language in the firmware of the Edge direct recording electronic voting machine that could be coerced into performing malicious actions, in apparent violation of 2002 Voting System Standards that prohibit 'self-modifying, dynamically loaded or interpreted code."' One of its shell commands easily reset the machine's protective vote counter.
Bowen revoked the certification for the ES&S InkaVote Plus system after its manufacturer only complied with requests to participate in the testing program just five days prior to the release of test results during last week's public hearing. ES&S won't get a chance to resubmit.
Responding to this morning's decision, Diebold Election Systems (DESI) President Dave Byrd took issue with the way the testing was conducted. "Secretary Bowen's top-to-bottom review was designed to ignore security procedures and protocols that are used during every election," Byrd said. "Her team of hackers was given unfettered access to the equipment, the source code, and all other information on security features provided by DESI to the Secretary of State's office. And she refused to include in the review the current version of DESI's touch screen software with enhanced security features."
Byrd's characterization of UC Davis' researchers lends credence to the argument that manufacturers didn't feel obliged to cooperate with the research effort, on the basis that manufacturers would not be obliged or expected to cooperate with real malicious users to the same extent. However, California's refusal not to test the latest version of Diebold's software has to do with the fact that the state has not yet certified that version, and chose to only test machines already certified.
Sequoia Voting Systems issued a similar statement: "The California Top-to-Bottom Review was not a security risk evaluation but an unrealistic worst case scenario evaluation limited to malicious tests, studies and analysis performed in a laboratory environment by computer security experts with unfettered access to the voting machines and software over several weeks. This is not a real-world scenario and does not reflect the diligence, hard work and dedication to the stewardship of our nation's democracy that Sequoia's customers - and election officials everywhere - carry out every day in their very important jobs of conducting elections in California and throughout the United States."
Last week, in an attempt to pre-empt possible criticism, UC Davis principal investigator Matt Bishop defended the methodology used by his and one other "Red Team." "The threats were taken to be both insiders (those with complete knowledge of the system and various degrees of access to the system) and outsiders (those with limited access to the systems)," Bishop wrote.
"As a result, all information available to the Secretary of State was made available to the testers. The testers were told to assume that the environments in which the systems were used would vary, and that the testers could do whatever they thought necessary to test the machines. The testers therefore assumed the attackers would include anyone coming in contact with the voting systems at some point in the process - voters, poll workers, election officials, vendor employees, and others with varying degrees of access."
Bishop added that his teams chose not to presume that hackers on the outside wouldn't know or be able to ascertain everything they could about the technology they were working to compromise. This way, he said, the teams could concentrate on the integrity of the technology rather than the mindsets of hackers or the efficacy of manufacturers' policies.
But criticism of the Red Teams' methods has not been restricted to outside of state government. In a statement prior to last week's public hearing, the president of the California Association of Clerks and Election Officials, Steve Weir, expressed his regret that researchers didn't appear to be conducting searches for malicious code that may have already found their way inside voting machines.
"I am sorry to say that I find the approach of the so-called Top-to-Bottom Review to be more to do with headlines than with definitive science or the pursuit of legitimate public policy," Weir wrote. "We have been told that no malicious code was found during the source code examination. Unfortunately, while this issue is a matter of public debate nationwide, no such comprehensive review was even attempted. If true, this is a tragic missed opportunity and a public policy blunder."
Despite that pronouncement, Sec. Bowen's proclamations state, "The expert reviewers reported that all of the voting systems studied contain serious design flaws that have led directly to specific vulnerabilities, which attackers could exploit to affect election outcomes."
Subscribe to:
Posts (Atom)
