DEMOfall ’09 product spotlight: HP Skyroom

SAN DIEGO - One of the most striking enterprise products on display at this year's DEMOfall show has been HP's Skyroom videoconferencing software that combines instant messaging capabilities with high-definition video streaming. Even more interesting was the software's ability to create windows on their desktops where they can drag and drop pictures, audio files and video files that the person on the other end of the videoconference will then see on their own screen. During the product's demonstration at DEMOfall Tuesday, HP workstation global business unit vice president and general manager Jim Zafarana showed how users can simply click on names displayed on their Skyroom buddy lists to start impromptu HD videoconferences.

During the demonstration, Zafarana received a streaming trailer for the film "Monsters, Inc." after his friend dropped it into the Skyroom conference window. So when I purchase HP Skyroom, I'm not paying for any additional equipment? Slideshow: 13 hot products from DEMOfall '09 After his presentation, Zafarana sat down with Network World to discuss Skyroom's system and bandwidth requirements, its security features and its ability to integrate with existing enterprise chat protocols. I'm only paying for software? You have to meet the minimum system requirements of having a 2.3 GHz Intel Core Duo processor, and your machine has to run on Windows XP or Vista.

Yes. We're planning on having a version that runs on Windows 7 out in November. One of my colleagues in Boston, for instance, has fiber-to-the-home and he uses a VPN to hook onto the HP network and conference with us using Skyroom. We're targeting business customers and this software can really be optimized through company networks, whether it's an onsite network or a VPN with a good network connection. How fast of a data connection do you need to make Skyroom effective? If you have a one-on-one conference, then it's a 1Mbps requirement for high-quality video and you can dial down the quality to make it work at around 500Kbps.

It depends on what you're doing. If you do things such as video and picture sharing it'll take up more bandwidth. Is this designed for people who want to talk to people in other companies, or is it just for coworkers who want to collaborate? With the Monsters, Inc. video clip I shared today during the demonstration, for instance, I was probably adding 5Mbps to the requirements. At this point it only allows for intra-company conferencing.

The bits traveling over the network are encrypted at 256Kbps and they can only go through a VPN or a secure corporate network, so it's pretty secure. What are its security features? How much does Skyroom cost? Additionally, every new HP desktop workstation will ship with Skyroom as a complementary part of the entire package. The pricing model we have now is $149 per user for a license to use the software and there's no subscription fee.

How do I add "buddies" to my Skyroom videoconferencing list? If you have corporate Microsoft infrastructure with Office Communicator, for instance, it will pull your Office Communicator buddy list into Skyroom and all your colleagues on that list will show up as available for you to connect to as long as they have Skyroom installed. There are multiple ways for you to populate your buddy list. You can also use other communication software products such as Jabber Server, to leverage you buddy list into HP Skyroom. Any plans on expanding that? And finally, Skyroom currently limits that number of people who can participate in an HD videoconference to four.

Obviously we could do that in the future but we're not talking about that at this point.

Salesforce.com announces 'Chatter' social-networking app

Salesforce.com opened up its annual Dreamforce conference in San Francisco on Wednesday by previewing Salesforce Chatter, a social-networking application the vendor dubbed a "Facebook for the Enterprise." The upcoming release bundles a variety of now-familiar features, such as personal profiles, real-time feeds from contacts and applications, groups and alerts. Salesforce.com is also providing a set of APIs (application programming interfaces) for tying other applications to Chatter. It can also integrate with Google Apps, the popular Twitter microblogging service and Facebook. It will also be available on Windows Mobile devices, iPhones and Blackberries.

Chatter will be available "early next year," CEO Marc Benioff said during a keynote address. The system will employ the same underlying security and sharing model as other applications built with the company's Force.com development platform. It will be included in paid editions of Salesforce CRM and Force.com, and also available as a Chatter Edition that also includes Salesforce Content and Force.com for US$50 per user per month. But Benioff reserved the final and brightest spotlight for Chatter, calling it the company's "biggest breakthrough ever." He praised earlier-generation collaboration technologies, such as Lotus Notes and online meeting software, but said one "has to stop in awe" at "phenomenons" like Facebook and Twitter. Much of Wednesday's marathon, three-hour opening keynote was devoted to recapping various announcements from earlier this year. Meanwhile, Twitter users expressed mixed reactions to the announcement.

Moreover, social networking capabilities are a natural counterpart to CRM (customer relationship management) systems like Salesforce.com's, given the latter's emphasis on continuous communication with customers and suppliers. One termed Chatter "a bit Mickey Mouse" and another said she could picture "executives running away screaming." Others, though, were much more bullish: "Chatter is potentially huge - depends on how they open it to non-Salesforce customers." While Chatter's general premise isn't new, Salesforce.com's entry raises the competitive stakes for the many small, specialized vendors hoping to sell social networking platforms into enterprises. The announcement was also in many ways inevitable, said Ray Wang, a partner with the analyst firm Altimeter Group. "Customers have been expecting Salesforce.com to do something like this. The market is moving so fast in these areas. It's something that had to happen.

It's necessary for them to keep up." While it took a decade for e-mail to gain widespread adoption, Twitter and Facebook needed only a couple of years to get hot, Wang added. The company recently announced a joint venture with Unit 4 Agresso, FinancialForce.com, that will develop and sell on-demand financials software. Chatter is also just the latest example of Salesforce.com expanding beyond its core CRM roots. In addition, Salesforce.com's corporate performance has remained strong despite the global recession. As Salesforce.com continues to grow, a couple of possible scenarios emerge, Wang said.

In third-quarter results reportedTuesday, the vendor said revenue had increased 20 percent year-over-year to $331 million, and that it now has nearly 68,000 customers after adding 4,700 in the quarter. It could be acquired by a larger company, such as Cisco Systems, that wants to expand its presence in software, or face competition from a new on-demand CRM offering introduced by such a player, he said. But if Salesforce.com remains independent, it must decide what to build itself and what to leave to partners, he added. Meanwhile, Salesforce.com "learned a lesson" from the fate of CRM vendor Siebel, which was acquired by Oracle, by moving quickly to become a platform provider through its Force.com development platform and AppExchange marketplace, Wang said. In addition, Force.com will face competition from alternatives like Microsoft's nascent Azure cloud development platform. It recently announced a partnership with Adobe around the latter's RIA (rich Internet application) technology, which lets users create applications with off-line functionality.

It also remains to be seen how the vendor will counteract a growing trend toward hybrid deployment models involving both on-premise and on-demand software, said 451 Group analyst China Martens via e-mail. "How does Salesforce.com counter that, given it's a SaaS pure-play?" Salesforce.com may have already anticipated this need. Dreamforce will continue through Friday in San Francisco.

Apple seeks new sheriff to lock up iPhones

Just as a new hack, blacksn0w, promises to unlock iPhones with the latest Apple software from AT&T's wireless network, Apple is looking for a sheriff to lock the smartphones back up again, permanently. Apple iPhone 3GS: finally, a contender?  A job posting on Apple corporate Web site seeks a security manager for the iPhone platform to lead a team focused on secure booting and installation of the operating system, cryptographic services, partitioning and hardening its internal security domains, and risk analysis of security threats. Motorola Droid vs.

The "liberation movement" for iPhone poses special issues for enterprises that are adopting the iPhone in unprecedented numbers, despite the fact that Apple provides virtually no security or management infrastructure for the popular device. Unlocking the phone from AT&T's authorized network makes it hard to track, monitor and optimize wireless costs and could open the enterprise to legal problems. With jailbroken phones, enterprise users could load applications that might, even unintentionally, threaten corporate data or back-end Exchange servers, for example. It's not clear from the online job post whether this is a brand new position or Apple is seeking a replacement for an existing, or former, employee. The liberation movement comes to a peak this week with the release of Blacksn0w, a free program from ace iPhone hacker George Hotz, known as Geohot. Hardening the iPhone OS can address a whole range of potential issues, but almost surely involves preventing both jailbreaking – freeing the iPhone from dependence on the App Store (now at 100,000 apps) and thereby allowing users to load their own software programs – and unlocking – cutting the cord to exclusive carrier AT&T and letting the iPhone run on other GSM networks.

It offers a baseband unlock of the latest iPhone OS Version, 3.1.2 and the current standard 05.11.07 cellular modem firmware. The Dev Team post notes that users with the older 04.26 baseband firmware have been able to unlock using other programs, such as ultrasn0w and purplesn0w. "Whether or not you choose to update your baseband solely to use the new unlock is a personal choice, but so far there are no advantages to doing so (and remember you can't come back to 04.26 after you've gone to 05.11)," the post cautions. One iPhone owner is even touting the new hacking utility as a value-added feature to attract bids for his used 16GB iPhone 3GS model on eBay.  According to another hacking site, iPhone Dev Team, Hotz exploits a known crash (manipulating the AT+XEMN command) to create a heap overflow, through which Hotz was able to inject code that results in a software unlock of the iPhone's SIM on the latest versions of the OS and baseband firmware loads. Twitter feeds show that users worldwide are making use of blacksn0w. Some are reporting a range of problems after jailbreaking and unlocking their iPhones: YouTube videos, Wi-Fi, and GPS are not working. Hotz, on his blog, says he hasn't run into Wi-Fi issues himself, but promises to investigate them if someone figures out a way to replicate the problem.

Taimur Asad, at Redmondpie.com, offers resetting the phone's "Network Settings" and installing the "Push Fix" app from Cydia, a replacement packing and installer program along with a catalog of apps for jailbroken phones. "I found out that installing this app also fixes all issues caused by blacksn0w related to WiFi, Youtube apps and GPS along with Push Notifications on hacktivated iPhones," Asad writes. One unlocker, #Xaliax_19 (Luis Figueroa), told the #blackn0w tweet stream that "wifi/youtube problems are due to bad hacktivation [an un-authorized phone activation], activate with an original sim.. Earlier today, #mephisto0666 (Ralf Jelinek), tweeted this plea: "Why can I access the internet on my #blacksn0w 'd #iphone with Data Roaming DISABLED !?!?! I have tried reset settings, doesnt work. THEN unlock, and you will not get the problems." Other users are still struggling. HELP!!!" As mentioned, one enterprising iPhone owner is selling his used but nearly new 16GB 3GS model on eBay and touting Hotz's programs as features: "This phone can be unlocked and jailbroken!" But as always, it pays to read the fine print: "We will not personally unlock or [jailbreak] the iPhone, but will give you the website upon finished auction (free website)."

Customers can gain from being a vendor reference

No IT vendor's news announcement is truly complete without a couple of glowing quotes from customers; nor is any vendor conference really a success unless the company has lined up a few satisfied CIOs to talk up their strategy and products. But linking arms with a vendor can provide honest, lasting advantages, which are ever more welcome in this age of slashed IT budgets and shrunken staffs, observers say. Cynics might say such arrangements constitute a Faustian bargain on the part of IT professionals.

The key is to take care and preserve your principles. One of the most basic initial steps is agreeing to appear on a vendor's "NASCAR slide," the collage of company brands found in PowerPoint decks everywhere, said Ray Wang, a partner with the analyst firm Altimeter Group. Customer reference programs tend to operate as a continuum. A second step might see a customer provide a quote for a press release. The deepest level of engagement is participating in a vendor's case study. Users could go further by agreeing to speak with media, analysts, or potential customers who are being approached by the vendor.

Serving as a customer reference generates a variety of benefits, such as better discounts at contract renewal time or free passes to annual customer conferences, Wang said. The company does a variety of endorsements but goes to the mat "only for our closest strategic partners," Rambus said. "We have an ongoing relationship with them and we're happy to go to bat for them in the marketplace to help them get customers." Doing so "absolutely" gives Forbes better bargaining power, as well as other benefits, such as additional services and expertise or insights into the vendor's road map, he added. Plus, "you'll get wined and dined for a year," he added jokingly. "But it's not always that cynical," Wang said. "You really have to believe in the stuff to be a reference." That's the philosophy held by Mykolas Rambus, CIO of Forbes Media. For "nominally positive" vendors, Forbes may agree to a press release quote, but won't take bigger steps, such as sending executives to speak at a conference, according to Rambus. But yes, they would still ask.

And Forbes has also turned down some requests, mostly from services providers who weren't up to snuff. "It's a rare situation, only one or two instances. I think that speaks to the cluelessness, in some cases, of the vendor's leadership," he said. If the implementation you glowingly praised in a press release or onstage ends up being a complete failure, "you'll be seen as a laughingstock," Wang said. "The vendor may have gotten 20 sales [out of your endorsement], but it's all downside for you." Indeed, a high-profile instance of this occurred in the past few years. Even if you have a solid relationship with a vendor, it's wise to proceed carefully with each endorsement, particularly when it involves a new implementation, according to Wang. "I wouldn't go public until you've worked out all the kinks [in the project]," he said. Waste Management put out a press release with SAP when it decided to implement the vendor's ERP (enterprise resource planning) software. The best way to avoid such scenarios is by participating with an implementation case study.

But in 2008, the trash hauler sued SAP, alleging the project was a disaster. While this will require the most time and resources, vendors want very badly for the case study to succeed, and therefore may provide a wealth of additional consulting services and customization work to ensure that it does, Wang said. The result was "an extreme positive" for the city, as Miami received an early look at the new operating system and a wealth of technical assistance, Osteen said. The city of Miami, Florida, has worked with Microsoft on a number of case studies and recently took part in the vendor's early adopter program for Windows 7, said James Osteen Jr. assistant director in the city's information technology department. However, Miami's relationship with Microsoft doesn't give the city any direct negotiating leverage, according to Osteen. "We buy off the state of Florida's contract, so the terms are predefined for us." But overall, it's worthwhile for Miami to work with Microsoft because the vendor's technical support "gives us value back," he said. You need to make sure your integrity is intact."

That attitude is key to any endorsement, he added. "If I don't believe in the product, I'm not going to endorse it.

Privacy advocate has ally in Social Security numbers fight

A fight by the Virginia government to stop a privacy advocate from republishing Social Security numbers obtained legally from public records on government sites on her Web site is attracting the attention of some privacy heavyweights. In its brief, EPIC noted that Ostegren's advocacy work is focused on getting state and local governments around the country to stop posting unredacted public records containing Social Security numbers and other private data on their Web sites. The Electronic Privacy Information Center filed a friend of the court brief asking the U.S. Court of Appeals for the Fourth Circuit to uphold privacy advocate Betty Ostergren's First Amendment right to publish the numbers.

As part of an effort to highlight the problem, Ostergren has taken the Social Security numbers of prominent people she has found in public records and republished them on her Web site. Over the past seven years, she has chronicled dozens of cases where local and state governments have inadvertently exposed thousands of Social Security numbers and other personal data on their Web sites, making them attractive targets for identity thieves. When a person publishes lawfully obtained and truthful information, that action is "pure free speech," said John Verdi, senior counsel at the Washington-based EPIC. "It is exactly the type of speech that is protected by the First Amendment." Ostergren runs the Virginia Watchdog Web site, which she has used to highlight identity theft risks that can result from the posting of unredacted public documents, such as land and tax-lien records posted on government Web sites. As part of the campaign, Ostergren routinely posted the Social Security numbers of high-profile individuals that she obtained from county and state government Web sites. Jeb Bush, former U.S. Secretary of State Colin Powell, former U.S. House Majority Leader Tom DeLay, former Missouri Sen. The list includes former Florida Gov.

Jean Carnahan and several county clerks in Virginia. In August, Ostergren provided links to an image of a mortgage document containing the Social Security number of Iowa Secretary of State Mike Mauro. Over the years, her campaign has succeeded in forcing state and county governments to revise images of public records that were posted online or to break online links to document images containing Social Security numbers. She removed the link only after Mauro agreed to take down images of corporate documents that contained Social Security numbers from the state's Web site. Violators are subject to fines of up to $2,500 plus $1,000 in court costs for each Social Security number posted.

Largely in response to her campaign, Virginia lawmakers passed legislation in 2008 that prohibits the dissemination of any records that contain Social Security numbers, no matter how the records were obtained. Lawmakers said the law was needed to prevent even wider dissemination of the numbers obtained from public records. The Virginia chapter of the American Civil Liberites Union promptly filed a lawsuit on behalf of Ostergren challenging the constitutionality of the law. The law would have required Ostergren to remove Social Security numbers from her Web site or face punitive fines. Last August, the U.S. District Court for the Eastern District of Virginia ruled that it would be unconstitutional for the commonwealth of Virginia to force Ostergren to remove the numbers from her site.

That ruling in turn was appealed to the Fourth Circuit court by Virginia's attorney general. While the court did not say the law itself was unconstitutional, it ruled that it would be an unconstitutional application of the law in Ostergren's case. In it, the government said that the case raised the issue of "crime facilitating speech." The Social Security numbers posted by Ostergren on her Web site exposed the individuals assigned those numbers to a serious risk of identity theft, the appeal claimed. EPIC's Verdi, however, said that Ostergren was simply republishing information that was already made public by the state, and even then, only in a highly targeted manner. First Amendment rights do not protect speech that exposes public officials to the "the very real prospect of devastating criminal predation," the appeal read.

Meanwhile, Ostergren, who has temporarily removed documents containing the Social Security numbers of Virginia public figures from her Web site, plans to put the documents back up after she removes any data that might belong to the individuals' spouses or children. Any time she finds such documents, she will post them, she said. "It's amazing that I still have to be at this after seven years," she said. Speaking with Computerworld today, Ostergren said that local governments in Virginia and elsewhere are continuing to post documents containing sensitive data on their Web sites.

US lawmakers question ICANN gTLD plan

Several U.S. lawmakers urged the Internet Corporation for Assigned Names and Numbers (ICANN) to back off on a plan to offer an unlimited number of new generic top-level domains until concerns about trademark protections and other issues can be addressed. You guys made us come here today." The board at ICANN, the nonprofit organization created in 1998 to oversee the Internet's domain name system, voted in June 2008 to move toward unlimited gTLDs, in addition to the 21 gTLDs available now, including .com, .biz, and .info. Members of a subcommittee of the U.S. House of Representatives Judiciary Committee on Wednesday questioned ICANN Chief Operating Officer Doug Brent about why the organization continues to move forward with its plan to sell new generic top-level domains, or gTLDs. Judiciary Committee Chairman John Conyers, a Michigan Democrat, complained that ICANN hasn't been able to resolve complaints about its plan to sell new gTLDs to compete with .com, .org and other current TLDs. "This is a hearing we shouldn't have had to call," Conyers said. "If the parties had come together, I doubt if we'd be here this morning. Under the ICANN plan, anyone could apply for a new gTLD - some suggested have been .food, .basketball and .eco - at a cost of about US$100,000. Asked by lawmakers how soon ICANN planned to offer new gTLDs, Brent said he wasn't sure.

Critics of the TLD expansion, including Hewlett-Packard and Dell, have complained that a huge expansion of gTLDs would force trademark owners to buy multiple domains on each new gTLD, potentially costing them and their customers billions of dollars. ICANN had originally planned to offer them this year, but the latest estimate is February, and Brent said he expects that deadline to slip as ICANN works with critics to resolve issues. This week, the Coalition Against Domain Name Abuse (CADNA), an organization with 19 large-business members, called on the U.S. government to conduct a "full-scale" audit of ICANN. "ICANN has not properly vetted this decision in an objective fashion," CADNA said. "This rollout expands the size of the Internet exponentially without first performing a sound cost/benefit and security and risk analysis to determine both desirability among and risk to Internet users." At the Wednesday hearing, Conyers seemed to connect the gTLD disagreements with the end of an oversight agreement ICANN has with the U.S. Department of Commerce. A spokesman for Conyers wasn't immediately available to clarify his comment. ICANN's long-standing formal relationship with the U.S. government ends Sept. 30. "If you don't meet the 30th deadline, you're going to all be sorry that you didn't make it," Conyers said. ICANN's Brent defended the organization's decision to move forward with new gTLDs. Internet users, including the U.S. government, have long called for new TLDs, he said.

Winners of new gTLDs will have to abide by a lengthy set of rules, he said. "ICANN did not casually think this plan up," Brent added. "This will not be an unbridled expansion. In addition, the expansion of TLDs would allow Internet users who don't use the Roman alphabet to have domain names in their native languages, he noted. It is the work of many hands from a bottom-up process." Representative Bob Goodlatte, a Virginia Republican, questioned whether ICANN had enough resources to enforce strong trademark protections and other rules in the new gTLDs. He asked if ICANN saw that there were still "a lot of things that need to be worked out here." "We might question 'a lot,' but I think, absolutely we have more work to do," Brent answered. Instead, we should address these concerns." But Steve DelBianco, executive director of e-commerce trade group NetChoice, suggested the new gTLDs are little more than an effort to create new labels, when ICANN has more important issues to work on. "Every day our industry and my members create new applications, Web sites and services," he said. "Labels are just one of the ways people find these new services. Despite the continued concerns, Paul Stahura, CEO and president of domain-name registrar eNom, said the ICANN plan will lead to more competition among domain-name registries. "There is high consumer demand for many new gTLDs," he said. "There currently is little or no competition to satisfy this demand, and ... we shouldn't prohibit competition because of trademark concerns.

The label is not the creation, it's just something we stick on it." One proposed gTLD is .food, he said. "Dot-food won't create a single new restaurant," DelBianco said. "It won't create a new Web page, it won't create new restaurant reviews or online reservation sites."