Lauren Ramsey

Citrix's desktop virtualization customers are still using VMware's server hypervisor on the back end, but a Citrix executive claims a shift away from VMware is afoot. Best desktop virtualization software Recently, Burton Group analyst Chris Wolf said most Burton Group clients that have deployed Citrix's virtual desktop infrastructure are still using VMware ESX servers to host the desktops. Citrix is widely acknowledged as a major player in the desktop virtualization market, but faces an interesting competitive challenge in that many or most Citrix XenDesktop customers are using technology from rival VMware on the back end. That's primarily because VMware offers a memory overcommit feature that allows greater density and consolidation levels, he said.

In the most recent customer engagements, only about 40% to 50% of new XenDesktop customers are using VMware on the back end, according to Humphreys. Citrix's John Humphreys, senior director of marketing for virtualization and management, acknowledged this problem in an interview Wednesday, but said the trend is shifting. "A year ago, about 90% of our sales of XenDesktop were hosted on VMware [servers]," Humphreys said. "Through the second or third quarter, that percentage is down around 60% to 70%." That proportion is even lower with Citrix's latest round of sales. Citrix maintains an agnostic approach that lets customers use any server hypervisor on the back end, Humphreys notes. Future versions of XenServer will optimize use of memory, and work more closely with Citrix's HDX technology to provide a better user experience, Humphreys said. Still, Citrix would prefer that customers use the XenServer hypervisor to host virtual desktops, and is planning upgrades to make that option more appealing. Citrix also offers its basic hypervisor for free, a tactic aimed at getting XenServer into as many organizations as possible.

Just as businesses use numerous operating systems, customers are often choosing to use multiple hypervisors, he said. Humphreys acknowledged that VMware has a large install base for its server virtualization technology, but said it's not a one-horse race. Humphreys discussed several other desktop virtualization topics this week, giving a preview of Citrix's plans for 2010. In May of this year, Citrix unveiled Receiver for  iPhone, a lightweight software client that lets IT shops deliver virtual desktops and applications to the iPhone. Citrix is also working on XenClient, a bare-metal desktop hypervisor that will let users run multiple operating systems in complete isolation from one another. In December, Citrix plans to make Receiver available for the BlackBerry, and will do the same for Android-based smartphones early next year, Humphreys said. XenClient will go into beta in early 2010 and be available in the middle of the year, Citrix said.

Already, Citrix is seeing many virtual desktop deployments of several thousand seats. "The last few years, most organizations have been sitting on their hands when it comes to upgrading their desktop operating environment," Humphreys said. "They've taken a 'let's keep XP around as long as possible' approach." But Citrix is betting that companies will switch from physical to virtual desktops at the same time they upgrade to Windows 7. "We feel like Microsoft has gotten it right with Windows 7," Humphreys said. "It's a much faster, sleeker and more robust operating environment." Follow Jon Brodkin on Twitter: http://www.twitter.com/jbrodkin Fueled partly by Windows 7, desktop virtualization is on the verge of taking off with IT customers, Citrix believes.

PC makers looking to boost sales in recent years have increasingly zoned in on rural China, a vast and largely untapped source of new PC users. But other Chinese and foreign PC makers are also building their distribution networks in those regions in a bid to boost sales. "Most vendors have realized the importance of this market," said Simon Ye, a Gartner analyst. Lenovo and Hewlett-Packard are the major PC makers that have made the most progress in rural China, a term often used to describe everything from mountaintop villages to cities of a few hundred thousand people.

But not all PC makers are ready to tackle rural China, said Ye. The HP and Lenovo cases suggest that catered marketing tactics and a major investment in expanding a company's retail outlets are required for a rural sales push to succeed. The vendor further extends its reach by selling PCs out of vans that it sends around the country. HP this year has partners running 7,000 retail stores for its PCs in China, and it aims to expand that network to cover 10,000 Chinese towns next year. HP also has a van that visits universities, clients and IT expos to show off PCs and teach people how to use them. HP staff gave talks and showed the animated movie "Kung Fu Panda" as they displayed the company's PCs to students.

In June the bus visited a rural elementary school near Chongqing, an inland Chinese metropolis. Lenovo has also used movies to promote its PCs in rural areas. HP has grown to become the second-largest PC vendor in China, where it took 14.2 percent of the market in the second quarter, according to IDC. Lenovo, a Chinese brand, led the market with a share of 28.5 percent. The company arranges screenings of current films that it precedes with Lenovo ads. Many potential PC buyers remain untapped in rural China. Chinese authorities launched a subsidy scheme for rural residents early this year that grants a 13 percent rebate on the purchase of PCs and other electronics.

Just over one in four PCs sold in China in the same quarter were sold in tier-one and tier-two cities, a category that includes cities such as Beijing, Shanghai and some provincial capitals, according to IDC. "The remainder obviously shows you the big opportunity in the lower-tier cities," said Bryan Ma, an IDC analyst. The scheme, an effort to drive domestic economic growth amid the global recession, sold nearly 580,000 computers by the end of September, according to China's commerce ministry. More than 40 percent of the PCs sold in the scheme were from Lenovo in September. But those sales have been dominated by Chinese companies like Lenovo and Founder, another PC maker that has targeted the rural market. HP took just 3 percent of the sales, while Dell and Acer both had less than 1 percent. Both companies equip the PCs to function through the electric voltage fluctuations common in rural areas.

Both HP and Lenovo tweak PCs for rural buyers. They also load the machines with programs such as agricultural databases for farmers - and the companies' own entertainment suites. Lenovo is pitching its PCs as wedding gifts with slogans like, "Lenovo wedding computers, one step to a happy life." The marketing makes use of a traditional preference in China to give gifts that appear prestigious. Lenovo has tailored its ads for the rural market, where the company is building nearly 8,000 new sales outlets. Another slogan targeting businesspeople calls Lenovo PCs the "golden key to information wealth." Dell is another PC maker that hopes to crack China's rural market, but the company has only recently begun seeking the distribution partners it will need to do so, said Ye of Gartner. HP's success has largely been driven by its use of different resellers in each region of China, he said. "It will take two to three years to see if Dell can reproduce HP's success," said Ye.

Attendees packed into a presentation by Salesforce.com Chairman and CEO Marc Benioff at Oracle's OpenWorld conference Tuesday, but those hoping the executive would deliver some of his trademark trash talk toward Oracle left the room disappointed. But Benioff made no response to Ellison's jibes on Tuesday, instead referring to the companies' "fantastic relationship" and thanking Oracle for being "magnanimous" enough to let Salesforce.com appear at OpenWorld. Some sort of throwdown seemed possible, even likely, given that during a shareholder meeting last week, Oracle CEO Larry Ellison mocked Salesforce.com's offering as a "little itty-bitty application" that is dependent on Oracle's own technology.

Salesforce.com is a sponsor of the show. Since then, the two executives have repeatedly slammed each other's business model, with Benioff declaring on-premise software a dying model and Ellison famously mocking cloud computing on a number of occasions, even as his own company tests those waters. Ellison was an early investor in Salesforce.com, but left the vendor's board after he and Benioff had a falling out. Their history caused surprise and curiosity among some observers, who questioned why Oracle would allow such a direct rival to tout its products at OpenWorld. And during the shareholder meeting, Ellison said he could provide a long list of customers who once used Salesforce.com but "chucked it out" in favor of Oracle's own on-demand CRM (customer relationship management) software.

Indeed, beyond slamming Salesforce.com's technological achievements, Ellison has made it a point during recent earnings conference calls to cite deals it won against the on-demand vendor. But in the end, Benioff seemed more intent Tuesday on building bridges than burning them. The two companies announced a partnership on Monday for selling Salesforce.com CRM and related services to small and medium-sized businesses. At one point, he was joined onstage by Dell CEO Michael Dell. Salesforce.com and Dell already had close ties, having used each other's products for some time. Dell said its experience running Salesforce.com will give it an edge when working with new customers.

Reports that Apple will produce a $2,000 tablet next year fit the company's historical pattern of going for the luxury end of the technology market, an analyst agreed today. Component manufacturers in Taiwan and China told the publication that Apple will launch a pair of tablets in the latter half of 2010, one sporting a 10.6-in. According to reports from Asian component makers, Apple will push back the release of its long-rumored tablet into the second half of the year, in part because it plans to introduce a 9.7-in. model featuring an OLED (organic light emitting diode) display, Taiwan-based DigiTimes said today.

TFT-based display, the second a smaller OLED screen. The retail price most often bandied was somewhere between the $200 of the iPhone and iPod touch, and the $1,000 of Apple's lowest-priced MacBook notebook, with an in-between price of $800 favored by many. Previously, talk about Apple and a tablet had centered around a ship date in the first half of next year, perhaps as early as February 2010 . Apple would probably use an iPhone-esque two-stage launch that pre-announced the hardware, a strategy that would give developers time to create applications or tweak existing iPhone software, said analysts. Ezra Gottheil, an analyst with Technology Business Research, admitted he's as uncertain as anyone about the validity of the DigiTimes report, but said both the delay and a high-priced model made sense, given Apple's history. "I don't think a delay would cost them much," Gottheil said today. "It's not like someone else is stepping in and snarfing up the tablet market. OLED screen.

And a delay fits a life-long pattern for the company, which likes to wait to get things right." So it goes with the talk of an OLED-based tablet, which DigiTimes ' sources estimated would cost Apple between $1,200 and $1,700 to make, with about a third of that going toward the 9.7-in. Those costs would put the retail price of the device at around $2,000, although by partnering with wireless carriers - which would bundle the tablet with long-term data plans, as they do currently with the iPhone - Apple could reduce consumer up-front costs somewhat. "Apple doing a luxury, top-end tablet is quite reasonable," said Gottheil. "They've done that many times before." In mid-2007, when Apple launched the original iPhone, it priced the smartphone at $599 , significantly above rivals' devices and triple what it now charges for its iPhone 3GS when customers sign up for a two-year data plan. "Coming up with a high-margin, high-priced tablet is something that Apple would love to do," Gottheil opined. "The quad-core iMacs, for example, have put a terrible hurt on the Mac Pro, just as the lower-end MacBook Pros have on the 17-in. Those moves have significantly reduced the sales of their top-end hardware." That's one reason why a $2,000 tablet, with a correspondingly high margin, has to look attractive to Cupertino, Gottheil added. MacBook Pro.

Data Robotics today released its first iSCSI SAN storage array that, like its other low-end arrays, manages itself and allows any capacity or brand of disk drive to be mixed, matched and exchanged without any downtime. The new system extends the number of Smart Volumes - Data Robotics' thin provisioning that pools capacity from all eight drives - so users can now create as many as 255 virtual storage volumes, up from 16 volumes in the current Drobo model. Data Robotics' DroboElite offers automated capacity expansion and one-click single- or dual-drive (RAID 5 or 6) redundancy for Windows, Mac and Linux machines.

The latest addition to the Drobo family of arrays is aimed at the small to mid-size business market and resellers selling into the virtual server space, according to Jim Sherhart, senior director of marketing for Data Robotics. "Virtual servers tend to use a lot of small LUNs (logical unit numbers)," said Jim Sherhart, senior director of marketing for Data Robotics. For example, if a user were to initially set up DroboElite for dual drive failure, he could switch to single-drive failure with one mouse click. The DroboElite is also able to drop from higher to lower levels of RAID with no manual intervention. Users can also change out drives, adding higher-capacity models, in 10 seconds - with no formatting required, according to Sherhart. Tarun Chachra, chief technology officer at marketing company KSL Media , has owned two Drobo USB arrays for about a year and a half. DroboElite can support VMware environments and advanced functionality including VMotion, Storage VMotion, snapshots, and high availability.

He purchased four DroboPro arrays in June for use in two offices for Microsoft Exchange replication and backups for about 16 servers. Chachra said he was impressed that he could simply go out and buy a 1TB, 7,200 RPM SATA drive for $69 and stick it in the DroboElite, saving him money on total cost of ownership on pricier SAS drives. He's also beta testing the DroboElite, which he plans to purchase for backing up his VMware servers because of its higher throughput with dual Gigabit Ethernet ports and greater number of creatable volumes. Chachra has been comparing his existing DroboPros, which can be configured with up to eight 2TB drives, to what he'd previously been using for backups: a Hewlett-Packard AiO400R array with four 500GB drives. The HP array runs the same iSCSI stack as the DroboPro, but it uses Windows 2003 Storage Server as a backup and replication application.

Chachra said the DroboPro cost about $3,500 compared with the AiO400, which cost $5,219. The HP array was set up for RAID 5 right out of the box and couldn't be changed; the DroboPro offers both RAID 5 and 6 interchangeably. The HP has forced Chachra to reboot his backup server every three days or so because it would hang up and couldn't handle bandwidth, he said. "We don't have huge IT teams looking at servers, so it's better for us to have something that can tolerate a higher driver failure rates," he said. "We also don't stock a lot of hard drives. The DroboElite also offers a non-automated thin provisioning feature called Smart Volumes that allows users to create new volumes in seconds and manage them over time by pulling storage from a common pool rather than a specific physical drive allocation. The main thing, though, is redundancy and having Exchange available all the time." "I don't know that an enterprise is going to run out and deploy this for 2,000 or 3,000 [users], but for small or mid-size shops, this is cost effective and it works as well as it should," Chachra added. Smart Volumes are also file system aware, which allows deleted data blocks to be immediately returned to the pool for future use.

Geoff Barrall, CEO and founder of Data Robotics, said the DroboElite can deliver cost savings of up to 90% compared to other iSCSI SANs "by combining cost-effective hardware with robust iSCSI features." The DroboElite is currently available starting at a price of $3,499, with multiple configurations selling for up to $5,899 for a 16TB configuration (using eight 2TB drives).

A global Internet governing body last month approved new languages for use in domain names, but at least in China some Web sites have hesitated to rebrand into Chinese from their well-known names written in Latin characters. China was one supporter of the recent move by the Internet Corporation for Assigned Names and Numbers (ICANN) to allow countries and territories to apply to show the country-code part of domain names in their native language. Chinese regulators have long promoted the use of Chinese-language domain names and forecast that their spread would boost Internet use in the country.

The change would, for instance, let a Web site owner register a domain ending in the two Chinese characters for "China" rather than .cn, the country code for China. Domains in Chinese script could appeal mainly to users who are elderly or live in rural Chinese areas, said Sam Flemming, founder and chairman of CIC, an Internet word-of-mouth research company in Shanghai. But local companies seem less excited than Chinese authorities about the change. Those are the main users that may not be used to typing Web addresses in English or in Pinyin, a phonetic spelling system often used online to replace Chinese characters with Latin ones. "For people that are currently online, they're much more used to it," said Flemming. Those domains can only be visited within China, or by computers using Chinese DNS (Domain Name System) servers.

The ICANN decision has not yet taken effect, but Chinese regulators have already allowed local companies to register domain names that have Chinese characters throughout their names, including at the country-code level. Local portal Tencent, for instance, can be visited by typing in the Chinese characters for "Tencent-dot-China". But the portal can also be reached at qq.com, which takes fewer strokes to type. Many Chinese companies use numbers in their domain names that are widely associated with their brands. A Chinese domain name might not make sense for some Web sites. Local portal NetEase keeps its Web site at 163.com.

The name of one local travel site, 51766.com, sounds similar to the phrase "I want to go travel" when the numbers are pronounced in Chinese. In some cases the numbers also have intentional second meanings. Internet users are also widely familiar with Latin-character domains, so big Chinese Internet companies may not need to change them. Baidu.com, China's leading search engine, declined to comment on questions about Chinese domain names. Taobao.com, a major retail and user auction Web site, has registered variations of its domain name in Chinese but has not decided yet if it will use them, a company spokeswoman said. But typing the Chinese script for "Baidu-dot-China" into a browser calls up a Web site that does not immediately appear to belong to the company.

The company has registered variations in Chinese including "Youku-dot-company". But perhaps the most important domain, "Youku-dot-China", is held by someone else who registered the name first, Liu said. Youku.com, the country's top video streaming Web site, will use Chinese versions of its domain but is not sure if they will help draw more users, said company chief financial officer Liu Dele in an e-mail. That may not matter. Still, Youku would like to buy the domain back for a reasonable price. "At least this will prevent confusion," Liu said. "But we don't think it's a big deal for our traffic and brand." Users who are not used to typing English often visit Youku via a search engine rather than directly typing its Web address, said Liu.

Apple's move to slash the price of one its Apple TV models and discontinue another lower capacity model have many scratching their heads. At the same time, the price of the 160GB version was slashed by one hundred dollars to $229 from $329. Fulfillment of a prophecy? Monday morning the 40GB model of the Apple TV disappeared from U.S. retail locations and online. In the days before Apple's September 9 media event, where the company unveiled new iPods and a revamped iTunes, many analysts believed the Apple TV was due for a refresh.

In light of Monday's development, however, it may be Piper Jaffray analyst Gene Munster who is the most prescient, according to MacRumors. Speculation revolved around the possibility that Apple TV could be overhauled, and earlier speculation wondered if the device might morph into a gaming machine. Munster earlier this month noticed the shipping window-the time it takes for a product to go from factory to sales floor-for the Apple TV had slipped to one to two weeks. At the time of this writing, a new model has not been introduced to the Apple TV lineup. This development prompted Munster to suggest Apple would cut the 40GB model from its inventory and slash the price of the 160GB version to make room for a new model.

So what does this mean? It's possible, but since Apple TV is not a particularly high selling product, the move could be meant to boost sales. Will there be a new model coming soon? A price cut could entice people to pick up the set-top box for a relatively cheap price, thereby encouraging more video downloads and rentals from Apple's iTunes Store. Is this just a price cut to boost sales across North America or has Apple got something big planned for the Apple TV up its sleeve?

So what do you say?

Business intelligence software may have been around for several decades, but it remains an esoteric niche in most companies, according to an analyst. It's the people that often get in the way," said Dan Vessett, an analyst with IDC Corp. Unfriendly corporate cultures, not the BI tools or apps themselves, are preventing BI from becoming pervasive. "The technology has been around for a long time. IDC recently conducted a study of 1,100 organizations in 11 countries measuring how pervasive BI is in companies, what factors helped make it more pervasive, and what "triggers" data warehousing architects and IT managers can use to the further the spread of BI in their companies.

According to IDC, that was between 48% to 50%. Degree of external use, or how much it shared data with vendors or customers. In a speech Tuesday at Computerworld's Business Intelligence Perspectives conference in Chicago, Vessett said IDC measured BI's pervasiveness via six factors: Degree of internal use. Sharing BI data keeps customers loyal, Vesset said. Percentage of power users in a company. And canny BI users in industries such as retail can sell that data to generate non-trivial revenue, he said.

The mean was 20% in surveyed companies. Over five years, the average at surveyed companies grew to 28 from 11. Data update frequency. Number of domains, or subject areas, inside the data warehouse. While real-time updates can be indicative of heavy dependence upon BI, "right-time data updates" is more important. "Daily, weekly or monthly could be sufficient," he said. They still rely more on experience rather than analytics," Vesset said. Analytical orientation, or how much the BI crunching helped large groups or the entire organization make decisions, rather than isolated individuals. "The fact is that most individuals and companies are not data driven.

According to Vesset, these factors in descending order had the most impact on BI pervasiveness: Degree of training, not in the BI tools - "the vendors do a pretty good job" - but in the meaning of the data, what the key performance indicators (KPIs) mean, etc. Satisfied users will talk up the BI software, creating "BI envy" in other employees, helping spread the software's use. Design quality,or the extent to which IT-deployed performance dashboards are able to satisfy user needs. Unsatisfied users will go around IT and use Excel or some SaaS applications. Involvement of non-executive employees. Prominence of the data governance group.

Prominence of a performance management methodology. Vesset also listed a number of potential "triggers" for BI projects that IT should take advantage of:

NASA's space shuttle Atlantis is loaded and ready for takeoff from the Kennedy Space Center in Florida this afternoon. They're scheduled to deliver equipment, including two gyroscopes, to the International Space Station . NASA is focused on building up a reserve of spare parts on the space station in anticipation of the retirement of the space shuttle fleet. "You'll see this theme in some of the flights that are going to come after ours as well," said Brian Smith, the lead space station flight director for the mission, in a statement. "This flight is all about spares. The six-man crew is set to launch at 2:28 p.m. EST today. Basically, we're getting them up there while we still can." The equipment is considered highly critical to the operation of the space station, according to NASA. At this point, there are only six flights left for the space shuttles before they're scheduled to be retired.

Since this is the first mission to deliver what scientists hope will turn into a trove of spare parts, they're taking up the most important pieces. The equipment that needs to go up is being delivered in order of highest priority. The astronauts are expected to make three space walks during the 11-day mission. The equipment being delivered includes two pump modules, two gyroscopes, two nitrogen tank assemblies, an ammonia tank assembly and a high-pressure gas tank. The astronauts will work with the robotic arms onboard the shuttle and the space station to move two platforms loaded with spare parts out of the shuttle's cargo bay to where they'll be attached on either side of the station's truss or backbone. Parts going up for the robotic systems onboard the station include a latching end effector for the station's robotic arm and a trailing umbilical system reel assembly for the railroad cart that allows the arm to move along the station's truss system.

As of 10:30 a.m., a NASA inspection team was studying the exterior of Atlantis , its solid rocket boosters and the external tank for ice or other debris. NASA reports there are 27,250 pounds worth of parts being delivered in this mission. Space agency crews also have loaded the shuttle's external tank with about 535,000 gallons of liquid hydrogen and liquid oxygen, which will power the shuttle's three main engines during launch. NASA forecasts a 70% chance of weather good enough for a launch this afternoon.

Microsoft Corp. may have ditched the three application limit on the Windows 7 Starter Edition, but other restrictions on the netbook-only version of the operating system will be an unwelcome surprise for many netbook buyers, according to a survey published Monday. Other higher-end features Windows 7 Starter lacks include the advanced Aero interface, multi-touch, Windows Media Center, and XP Mode virtualization. Sixty-one percent of consumers do not know that Windows 7 Starter lacks some features standard in any version of Windows XP, such as support for multiple monitors, DVD playback - even the ability to change the desktop image from the Microsoft logo, according to a survey by electronics shopping site,Retrevo.com.

Informed of these missing features, 56% of the 1,100 randomly surveyed respondents (95% likely to fall within plus or minus 6.5% of the overall population results, says Retrevo) said that they would not be satisfied with Windows 7 Starter. Microsoft may be counting on upselling users to to an $80 upgrade to Windows 7 Home Premium. The problem, according to Retrevo, is that 23 out of 28 netbooks available today on Amazon.com are installed with Windows 7 Starter. That is done via the Anytime Upgrade program on Microsoft's e-commerce Web site. It could also boost demand for Linux netbooks, which are expected to grab nearly one-third of the booming worldwide market this year for netbooks.

But it could also create ill will toward Microsoft, said Andrew Eisner, director of content for Retrevo. "I think most users will feel angry with having to pay the $80 for an upgrade to get those features," he said. Microsoft declined to comment specifically on Retrevo's survey. Rather, it pointed to a statement it made back in February when it announced the six versions of Windows 7. "Small notebook PCs can run any version of Windows 7. For OEMs that build lower-cost small notebook PCs, Windows 7 Starter will now be available in developed markets," it said. "For the most enhanced, full-functioning Windows experience on small notebook PCs, however, consumers will want to go with Windows 7 Home Premium, which lets you get the most out of your digital media and easily connect with other PCs."

A look back at the week's biggest Google-related news stories:   Apple severs board ties with Google  The final ties have been cut between Apple's and Google's board, with Arthur Levinson (he had been serving as an independent member on both the Apple and Google board of directors) resigning from the Google board. Not to be confused with the Google Books project, but possibly a threat to Amazon.com and other online booksellers.   Google bullish on economy The company posted increases in Q3 revenue and earnings, beating Wall Street expectations. This follows the departure of Google CEO Eric Schmidt from Apple's board in August shortly after Google announced it would be competing head on with Apple in the operating system market with Chrome OS just as it was competing with the iPhone with Android.   Amazon, meet Google Google revealed plans for Google Editions, an online store offering digital books to users of various devices, from e-book readers to laptops and cellphones. Google CEO Eric Schmidt said in a statement. "While there is a lot of uncertainty about the pace of economic recovery, we believe the worst of the recession is behind us and now feel confident about investing heavily in our future."   Google's cloud security double talk  Computerworld reported that a group called Consumer Watchdog fired off a letter to the head of the Los Angeles City Council's Budget and Finance Committee, claiming that Google was talking out of both sides of its mouth in pitching its Google Apps to the city.

Unfortunately, Google didn't get all the bugs out first.   Google on the prowl for website malware  Google on Monday rolled out a service to help Webmasters identify malware that may have been slipped into their sites. The watchdog group said Google assured the city its cloud-based apps were safe, but separately acknowledged risks in a financial filing with the federal government.   Google Docs get upgraded, but bugs surface  Google pleased users of its Docs offerings by introducing folder sharing, an ability to upload multiple items to Docs simultaneously and by improving the interface. The new tool uses automated scanners to show Webmasters of sites flagged as "unsafe" just what the offending code is.   Google Voice gets friendly Google has started allowing early adopters of Google Voice  to invite friends to join them.   Google's Postini goes on the fritz  Users of the messaging security and archiving service were festering when service problems emerged during the week. For more on Google, visit Network World's independent Google community, Google Subnet. By week's end, Google had fixed the delayed e-mail delivery issues, but some customers were unhappy with a lack of communication on Google's part, Computerworld reports.   Also, here's a look back at the previous week in Google news.

Even experienced developers can run into problems developing and deploying custom applications for software-as-a-service  platforms because SaaS vendors don't always embrace the accepted corporate processes for build, test and release. SaaS is popular in part because applications can be made available without the long deployment cycle typical of on-premise development. The trick is to adapt your configuration management processes to meet SaaS challenges. So a new report can be delivered immediately or a new field can be added to a data entry form on the fly.

A salesforce.com application may have features such as real-time Web service integration, automated e-mail and Web feeds, and batch integration to operational systems. But as SaaS offerings such as Salesforce.com have matured into full-fledged development platforms, the complexity of applications has grown dramatically. This increases the risk that a minor change could impact critical business processes or break the application. Consider the development of a Salesforce.com application from a traditional developer point of view, with the goal being to manage development in the most controlled fashion to ensure reliability. It is often challenging to apply best practices for configuration management in SaaS environments because: * The application may be supported by business, not IT. * SaaS administrators may not be familiar with configuration and release management practices. * SaaS deployment tools are still maturing. * Deploying an application often requires both manual and automated steps. * SaaS integrations require synching releases with legacy systems. * Code, configuration, deployment scripts and manual checklists all need to be checked into the source code repository. The Force.com platform, Saleforce.com's custom development platform, is based upon the Model-View-Controller paradigm.

This is configured via the salesforce.com setup menu that allows administrators to add custom fields to standard CRM data objects, like leads and accounts, or create new data objects with their own custom fields. This paradigm can be defined as: * Model represents the database structure. As soon as a field is defined or modified it can be queried via SOQL, the Salesforce. Salesforce.com has a built in forms editor for "page layouts" that are associated with data objects. Com Object Query Language, or SOSL, the Salesforce Object Search Language used for free form text searches. * View represents the user interface.

Pages can also be developed in Visualforce, salesforce.com's markup language that is tightly integrated with Apex code, Force.com's programming language that is based on Java. * Controller represents business and application logic. Custom business logic is developed as Apex code associated with triggers, Salesforce.com's version of stored procedures, Visualforce controllers, or as shared class libraries. Rules for field validation, workflow and button actions are configured via the setup menu. Force.com development uses practices that should be familiar to most Web developers. A sandbox can house a full copy of production data, code and configuration, or just configuration.

Salesforce.com allows copying the production environment or "org" to a "sandbox" just as you would copy the production data model and code to a development server. Development is done using the Force.com integrated development environment (IDE), an add-in for Eclipse that lets developers  create a project linked to a development org, production org or sandbox. Apex has a built in unit test framework that requires 75% coverage for all Apex code before it can be deployed. A project can be synched to a code repository, allowing check-in and check-out of code. The Force IDE deploys code from a project to a production org. Ensuring reliability for the enterprise involves: * Limiting which users have a system administrator profile and defining their configuration management responsibilities. * Putting procedures in place to insure that code, configuration and data for production are checked into the code repository and archived (this may require taking manual snap shots of sharing rules, the role hierarchy and so on). * Creating manual or automated installation scripts. * Making sure that there is a plan for backing out production changes if needed. * Deploying to a sandbox for testing and QA. * Repeating the deployment to production. * Validating the deployment in production.

How to address audit, security and business continuity upfront Configuration management traditionally looks at production configuration and code as a "baseline," identifies changes that will be released, and incorporates them into a new, auditable baseline once the release is validated. The gotchas Even senior developers can get lost in the weeds trying to figure out how a feature can be, or might have been implemented, in Force.com. Configuration experts and developers run the risk of reinventing the wheel if they do not collaborate closely on solution design. * Force.com deployment tools do not currently support critical items such as data sharing rules, picklist fields on standard data objects, lead and sales processes, and the management role hierarchy. * Apex unit tests are impacted by actual org data, so code that passes unit test requirements in the sandbox may not deploy. Typical "gotchas" include: * With numerous configuration options and powerful programming tools there are many ways to implement the same features. For example, data queries on objects with more than 100K of data require querying an external ID field.

Success is all in the plan Getting configuration management under control is much easier if the development and testing teams are on the same page from day one. Unit tests that pass in a sandbox can fail in production, killing your deployment. While typical build/release cycle looks like this: * Check in code. * Compile code. * Run database scripts and deploy code to test. * Run tests/inspections. * Deploy to pre-production/production. * Validate deployment. SaaS software development platforms such as Salesforce.com require a mix of configuration and custom development that can confuse developers and be difficult to deploy. The following tasks need to be adapted for Salesforce.com development: * Check in code and configuration from development. * Check in task list for manual changes to the code repository. * Deploy manual code/configuration changes to test. * Run Eclipse/Ant automated deployment to test. * Run tests inspections. * Deploy using same process to pre-production/production. * Validate deployment. This can be addressed by adapting your configuration management processes for SaaS projects.

Once you understand how standard programming and configuration management practices apply to a SaaS application it becomes easier to tackle with the traditional approach. Although SaaS offerings are designed to limit the time spent on traditional development, some tweaking is required in order to fully integrate them with enterprise systems. Hamilton is a CRM technical architect at Acumen Solutions, a business and technology consulting firm. Contact him at ghamilton@acumensolutions.com.

Nearly four months after deadly ethnic riots in China's Muslim region led authorities to shut off the Internet there, local residents are still barred from sending text messages and getting online. The rioting between Uighurs, a mostly Muslim minority group native to Xinjiang, and Chinese Han, the country's ethnic majority, also led China to block various social networking Web sites nationwide. The clampdown on telecommunication in China's western Xinjiang province, where rioting claimed nearly 200 lives in early July, has hurt local businesses and cut residents off from many nongovernment sources of news and other information. Twitter, similar Chinese services and Facebook all remain inaccessible in the country.

Observers have cited a series of sensitive anniversaries this year as a reason for the blockages, but those dates, including China's 60th anniversary of communist rule on Oct. 1, have passed. "The unfortunate truth is that the Chinese government can impose and sustain this kind of Internet service disruption ... for as long as it feels it's necessary," said Phelim Kine, a researcher in Hong Kong for New York-based Human Rights Watch. "The government is impervious to concerns from the business sector and certainly those of ordinary citizens." Some companies have been allowed to communicate via a regional network in Xinjiang, said the marketing manager for one local company when reached by phone. China has blamed communication on such Web sites for helping lead to the riots, which were sparked by an ethnic brawl in far-away southern China. The manager predicted that regular Internet access could return in around one month. "It's relatively calm on the streets of Xinjiang now," he said. The owner of another online store, which sells dried fruits, nuts and other snacks, said she did not know of any regional network in Xinjiang. The manager's company, which sells make-up and other cosmetic products online, is one of many that have had to relocate staff outside of Xinjiang to continue operations, he said. Most of the store owner's staff remain in neighboring Gansu province, she said.

China has given little sign of when it will lift the Internet restrictions but said it will gradually do so as Xinjiang stabilizes.

The Advanced Television Systems Committee (ATSC), which oversees TV standards for the U.S., said Friday it has approved a standard for mobile digital broadcasts. Consumers may be able to pick up the broadcasts on laptops, handheld TVs and in-vehicle entertainment systems as well as mobile phones. The ATSC Mobile DTV Standard will allow local TV stations to broadcast to mobile devices on the frequencies they already have.

Mobile TV has been more successful in some other countries, such as Japan and South Korea, than in the U.S. Handset makers Samsung Electronics and LG Electronics were promoting two different specifications to the ATSC until last May, when they joined forces on a unified proposal. However, the FLO service is paid and is focused on national rather than local offerings. Consumers can already watch TV broadcasts on some Verizon Wireless and AT&T handsets, via the FLO TV network backed by Qualcomm. ATSC Mobile DTV is carried alongside the regular over-the-air DTV broadcasts that U.S. stations have been delivering exclusively since analog TV was discontinued across the country in June. It can support interactive services, subscription-based TV and downloading of content for later viewing, the group said. It uses a system called Vestigial Side Band modulation, with an IP (Internet Protocol) transport system, according to the ATSC. The technology can send H.264 video and HE AAC v2 (High-Efficiency Advanced Audio Coding, Version 2) audio.

LG will unveil its first ATSC Mobile DTV device, a portable DVD player with built-in TV, at the International Consumer Electronics Show in Las Vegas in January, said John Taylor, vice president of public affairs for LG Electronics USA. The device will probably cost less than US$250. He believes the addition of TV to a phone would increase the cost by only a small amount. The Open Mobile Video Coalition has said a total of 70 broadcasters in the U.S. have announced plans to use the technology by the end of this year. Unlike with some standards, there is already an ecosystem in place for ATSC Mobile DTV, with 30 broadcasters already using it, Taylor said. "This is ready for deployment now," he said. It costs less than $100,000 for a broadcaster to add the mobile capability, Taylor said. For one thing, the three largest U.S. carriers may not want to embrace a technology that could compete with their existing mobile TV products.

However, a lot of pieces have to come together for the new technology to succeed, according to analyst Avi Greengart of Current Analysis. While AT&T and Verizon sell FLO TV, Sprint offers a TV service that goes over its 3G network. Taylor said LG has had discussions with its carrier partners but none has publicly agreed to use ATSC Mobile DTV. Broadcasters may have their own qualms about investing in the technology without a guarantee that it will help them make money, Greengart said. Because mobile operators sell most of the handsets in the U.S., and in many cases dictate what's in those devices, their support will be key, Greengart said. There may be a chicken-and-egg problem between availability of handsets and of broadcasting stations, with each side hesitating to move first, he said. Content rights may also be an issue, noted Bill Stone, president of FLO TV. "Many pieces of content today have mobile rights associated with them," Stone said.

However, with growing competition from cable channels, Web sites and other sources of video, mobile over-the-air TV could be an opportunity for local broadcasters to grab back some viewers, he said. For example, if a carrier has the right to show a local sports event through a national relationship with the league, a local broadcaster may not be allowed to show it to phones even though it has the traditional TV rights, he said. Though FLO TV doesn't disclose subscriber numbers, Stone said the average viewer on Verizon and AT&T watches the service more than 30 minutes per day. Over the five-year process of building its network, which now can reach about 200 million people in the top 100 U.S. cities, FLO TV has learned it takes a lot of work to get the coverage, devices and content in place for a successful service, Stone said. However, the ATSC standard may help to solve the biggest barrier FLO TV faces: Most consumers don't know they can watch TV on a phone, Stone said. "If there's a way for us to partner and work together to help build that awareness, that's a positive," Stone said.

Microsoft still does not acknowledge a weakness in its Internet Explorer browser that was pointed out seven weeks ago and enables attackers to hijack what are supposed to be secure Web sessions. If Microsoft doesn't fix the problem, Apple can't fix it on its own, Apple says. The company says it is still evaluating whether the weakness exists, but Apple, which bases its Safari for Windows browser on Microsoft code, says Safari for Windows has the weakness and the Microsoft code is the reason. Apple has fixed the problem for Safari for Macs.

Once our investigation is complete, we will take appropriate action to help protect customers," a Microsoft spokesperson said via e-mail. "We will not have any more to share at this time." The weakness can be exploited by man-in-the-middle attackers who trick the browser into making SSL sessions with malicious servers rather than the legitimate servers users intend to connect to. Black Hat's most notorious incidents: a quiz "Microsoft is currently investigating a possible vulnerability in Microsoft Windows. Current versions of Safari for Mac, Firefox and Opera address the problem, which is linked to how browsers read the x.509 certificates that are used to authenticate machines involved in setting up SSL/TLS sessions. The attacks involve getting certificate authorities to sign certificates for domain names assigned to legitimate domain-name holders and making vulnerable browsers interpret the certificates as being authorized for different domain-name holders. In July two separate talks presented by researchers Dan Kaminski and Moxie Marlinspike at the Black Hat Conference warned about how the vulnerability could be exploited by using what they call null-prefix attacks. For instance, someone might register www.hacker.com.

In that case, the authority would sign a certificate for bestbank.hacker.com, ignoring the sub-domain bestbank and signing based on the root domain hacker.com, Marlinspike says. In many x.509 implementations the certificate authority will sign certificates for any request from the hacker.com root domain, regardless of any sub-domain prefixes that might be appended. At the same time, browsers with the flaw he describes read x.509 certificates until they reach a null character, such as 0. If such a browser reads bestbank.com\0hacker.com, it would stop reading at the 0 and interpret the certificate as authenticating the root domain bestbank.com, the researcher says. An attacker could exploit the weakness by setting up a man-in-the-middle attack and intercepting requests from vulnerable browsers to set up SSL connections. Browsers without the flaw correctly identify the root domain and sign or don't sign based on it.

If the attacking server picks off a request to bestbank.com, it could respond with an authenticated x.509 certificate from bestbank.com\0hacker.com. The user who has requested a session with bestbank would naturally assume the connection established was to bestbank. The vulnerable browser would interpret the certificate as being authorized for bestbank.com and set up a secure session with the attacking server. Once the link is made, the malicious server can ask for passwords and user identifications that the attackers can exploit to break into users' bestbank accounts and manipulate funds, for example, Marlinspike says. These certificates use an asterisk as the sub-domain followed by a null character followed by a registered root domain.

In some cases attackers can create what Marlinspike calls wildcard certificates that will authenticate any domain name. A vulnerable browser that initiated an SSL session with bestbank.com would interpret a certificate marked *\0hacker.com as coming from bestbank.com because it would automatically accept the * as legitimate for any root domain. Such a wildcard will match any domain, he says. This is due to "an idiosyncrasy in the way Network Security Services (NSS) matches wildcards," Marlinspike says in a paper detailing the attack. The differences between what users see on their screens when they hit the site they are aiming for and when they hit an attacker's mock site can be subtle. A Microsoft spokesperson says Internet Explorer 8 highlights domains to make them more visually obvious, printed in black while the rest of the URL is gray. "Internet Explorer 8's improved address bar helps users more easily ensure that they provide personal information only to sites they trust," a Microsoft spokesperson said in an e-mail.

The URLs in the browser would reveal that the wrong site has been reached, but many users don't check for that, Marlinspike says. Marlinspike says the null character vulnerability is not limited to browsers. "[P]lenty of non-Web browsers are also vulnerable. Outlook, for example, uses SSL to protect your login/password when communicating over SMTP and POP3/IMAP. There are probably countless other Windows-based SSL VPNs, chat clients, etc. that are all vulnerable as well" he said in an e-mail.

Several U.S. lawmakers urged the Internet Corporation for Assigned Names and Numbers (ICANN) to back off on a plan to offer an unlimited number of new generic top-level domains until concerns about trademark protections and other issues can be addressed. You guys made us come here today." The board at ICANN, the nonprofit organization created in 1998 to oversee the Internet's domain name system, voted in June 2008 to move toward unlimited gTLDs, in addition to the 21 gTLDs available now, including .com, .biz, and .info. Members of a subcommittee of the U.S. House of Representatives Judiciary Committee on Wednesday questioned ICANN Chief Operating Officer Doug Brent about why the organization continues to move forward with its plan to sell new generic top-level domains, or gTLDs. Judiciary Committee Chairman John Conyers, a Michigan Democrat, complained that ICANN hasn't been able to resolve complaints about its plan to sell new gTLDs to compete with .com, .org and other current TLDs. "This is a hearing we shouldn't have had to call," Conyers said. "If the parties had come together, I doubt if we'd be here this morning.

Under the ICANN plan, anyone could apply for a new gTLD - some suggested have been .food, .basketball and .eco - at a cost of about US$100,000. Asked by lawmakers how soon ICANN planned to offer new gTLDs, Brent said he wasn't sure. Critics of the TLD expansion, including Hewlett-Packard and Dell, have complained that a huge expansion of gTLDs would force trademark owners to buy multiple domains on each new gTLD, potentially costing them and their customers billions of dollars. ICANN had originally planned to offer them this year, but the latest estimate is February, and Brent said he expects that deadline to slip as ICANN works with critics to resolve issues. This week, the Coalition Against Domain Name Abuse (CADNA), an organization with 19 large-business members, called on the U.S. government to conduct a "full-scale" audit of ICANN. "ICANN has not properly vetted this decision in an objective fashion," CADNA said. "This rollout expands the size of the Internet exponentially without first performing a sound cost/benefit and security and risk analysis to determine both desirability among and risk to Internet users." At the Wednesday hearing, Conyers seemed to connect the gTLD disagreements with the end of an oversight agreement ICANN has with the U.S. Department of Commerce. A spokesman for Conyers wasn't immediately available to clarify his comment. ICANN's long-standing formal relationship with the U.S. government ends Sept. 30. "If you don't meet the 30th deadline, you're going to all be sorry that you didn't make it," Conyers said.

ICANN's Brent defended the organization's decision to move forward with new gTLDs. Internet users, including the U.S. government, have long called for new TLDs, he said. Winners of new gTLDs will have to abide by a lengthy set of rules, he said. "ICANN did not casually think this plan up," Brent added. "This will not be an unbridled expansion. In addition, the expansion of TLDs would allow Internet users who don't use the Roman alphabet to have domain names in their native languages, he noted. It is the work of many hands from a bottom-up process." Representative Bob Goodlatte, a Virginia Republican, questioned whether ICANN had enough resources to enforce strong trademark protections and other rules in the new gTLDs. He asked if ICANN saw that there were still "a lot of things that need to be worked out here." "We might question 'a lot,' but I think, absolutely we have more work to do," Brent answered. Instead, we should address these concerns." But Steve DelBianco, executive director of e-commerce trade group NetChoice, suggested the new gTLDs are little more than an effort to create new labels, when ICANN has more important issues to work on. "Every day our industry and my members create new applications, Web sites and services," he said. "Labels are just one of the ways people find these new services. Despite the continued concerns, Paul Stahura, CEO and president of domain-name registrar eNom, said the ICANN plan will lead to more competition among domain-name registries. "There is high consumer demand for many new gTLDs," he said. "There currently is little or no competition to satisfy this demand, and ... we shouldn't prohibit competition because of trademark concerns.

The label is not the creation, it's just something we stick on it." One proposed gTLD is .food, he said. "Dot-food won't create a single new restaurant," DelBianco said. "It won't create a new Web page, it won't create new restaurant reviews or online reservation sites."

Apple's move to slash the price of one its Apple TV models and discontinue another lower capacity model have many scratching their heads. At the same time, the price of the 160GB version was slashed by one hundred dollars to $229 from $329. Fulfillment of a prophecy? Monday morning the 40GB model of the Apple TV disappeared from U.S. retail locations and online. In the days before Apple's September 9 media event, where the company unveiled new iPods and a revamped iTunes, many analysts believed the Apple TV was due for a refresh.

In light of Monday's development, however, it may be Piper Jaffray analyst Gene Munster who is the most prescient, according to MacRumors. Speculation revolved around the possibility that Apple TV could be overhauled, and earlier speculation wondered if the device might morph into a gaming machine. Munster earlier this month noticed the shipping window-the time it takes for a product to go from factory to sales floor-for the Apple TV had slipped to one to two weeks. At the time of this writing, a new model has not been introduced to the Apple TV lineup. This development prompted Munster to suggest Apple would cut the 40GB model from its inventory and slash the price of the 160GB version to make room for a new model.

So what does this mean? It's possible, but since Apple TV is not a particularly high selling product, the move could be meant to boost sales. Will there be a new model coming soon? A price cut could entice people to pick up the set-top box for a relatively cheap price, thereby encouraging more video downloads and rentals from Apple's iTunes Store. Is this just a price cut to boost sales across North America or has Apple got something big planned for the Apple TV up its sleeve? So what do you say?

Three data storage start-ups have landed more than $28 million in first-round funding from venture capitalists, a rare feat in an economy that has punished new vendors looking to obtain financing. 10 biggest network venture capital deals from Q2 The multi-million dollar financing rounds went to Avere Systems, a Pittsburgh-based network-attached storage (NAS)  company; GreenBytes, a de-duplication vendor in Ashaway, R.I.; and Sonian of Needham, Mass., maker of a cloud-based e-mail archiving and disaster-recovery service. Early stage vendors have suffered as much as anyone, because a lack of successful IPOs and acquisitions has forced investors to put resources into existing companies longer than expected, leaving little left over for true start-ups. Venture capitalists have dramatically reduced spending on computer networking companies in the past couple years.

There seems to be good reason to lower investments in storage companies: Storage software revenue is down worldwide compared to last year and storage hardware revenue is down 18%. But Avere, GreenBytes and Sonian were able to secure Series A financing in funding rounds announced this week: $15 million went to Avere, $8 million went to GreenBytes and $5.6 million went to Sonian. "In the current economy, the bar on new investments is extremely high," says John Jarve, Menlo Ventures managing director, in the Avere announcement. Avere was founded in January 2008 and is led by CEO Ronald Bianchini, a former senior vice president at NetApp and co-founder of Spinnaker Networks, a storage grid company acquired by NetApp. All three start-ups are focused on making storage use more efficient, a key concern for enterprises grappling with expanding data volumes. Avere calls its technology "Demand-Driven Storage" and says it will consist of NAS products that let customers "scale storage network performance independently of capacity," reducing costs and space and power requirements. GreenBytes, featured in Network World's Companies to Watch series last year, makes de-duplication storage appliances designed for both primary and secondary storage tiers.

Avere, which received its funding from Menlo and Norwest Venture Partners, says it will release its technology in the fall of this year. The company, founded by CEO Robert Petrocelli in 2007, says its GB-X Series appliances allow "real-time, on-the-fly de-duplication of file blocks as they are stored, expanding the scope of applications into primary storage, as well as backup." GreenBytes' funding round was led by Battery Ventures. The company offers a 99.99% data retention service-level agreement. Sonian, founded in 2007 by CTO Greg Arnette, built its hosted e-mail archive platform with a grid computing architecture designed to eliminate single points of failure. Sonian, which received funding from Prism VentureWorks and Summerhill Venture Partners, was named a "cool vendor" in archiving by Gartner this year.

Follow Jon Brodkin on Twitter: www.twitter.com/jbrodkin

A company providing online payment-processing services for U.S. Rep. The attack on Piryx began Friday afternoon and lasted into the early hours of Saturday morning and temporarily disrupted a Wilson fundraising effort that was underway at that time. Joe Wilson (R-S.C) is back online after being disrupted by a distributed denial-of service attack over the weekend.

Piryx CEO Tom Serres said. Piryx is a nonpartisan Austin, Texas, based start-up that provides services to help political candidates and nonprofits manage online campaigns and fundraising. It also knocked out services for about 150 other Piryx clients, Serres said. Serres said the company was contacted by Wilson's office last week and asked to manage online donations from supporters rallying behind the congressman after he shouted "You lie!" during President Obama's address to Congress on health care reform Wednesday. Such attacks are designed to render servers and networks inaccessible by flooding them with useless traffic.

Hours after the company began hosting Wilson's homepage on its servers, Piryx found itself the target of a distributed denial of service attack, Serres said. The attacks appear to have been directed at the joewilsonforcongress.com site, Serres said. Initially, the traffic generated by the DDoS attack was manageable but soon Piryx began noticing "massive bandwidth spikes" that knocked its servers offline, Serres said. At the time the attacks started, the site was handling about 100 transactions per minute and had already collected more than $100,000 from people who wanted to contribute to Wilson's campaign, he said. The data center hosting Piryx's servers confirmed that it was the victim of a DDoS attack.

After several failed attempts at mitigating the attacks, filters to block the traffic went into place early Saturday morning. At its peak, the DDoS flood generated about 1 gigabit of traffic per second, which is about 1,000 times the normal traffic on Piryx, Serres said. Service has been normal since then, he said. The incident appears to be one of the rare instances of a politically motivated attack against a Web site in the U.S. said Kirsten Dennesen, an intelligence analyst with Verisign Inc.'s iDefense Labs. It's not known from where the attacks originated, but Serres said it appears to have been initiated by those opposed to Wilson's comments, he said. "It was clearly politically motivated to take down Wilson's ability to raise funds online," Serres said. The attention attracted by Wilson's comments, especially through social media tools such as Facebook and Twitter, appears to have contributed to the attack, she said. "One question is whether there are going to be any response attacks," she said.

In a last promotional run-up to the Windows 7 release next month, Microsoft is urging business customers to start their upgrades now with examples of customers already using the software, and another acknowledgement that the company learned lessons from how it handled Vista's release three years ago. Additionally, many customers, as has been typical with a major Windows release, opted to wait for the release of the first service pack for Vista to even consider upgrading, and then many others did not move to the OS at all. Microsoft has devoted an unprecedented level of time and attention to making sure business customers will have a smooth migration and reap financial benefits from the new OS, said Microsoft Senior Director of Product Management Gavriella Schuster, in what is likely to be the last of a series of interviews with reporters as the company prepares to release Windows 7 worldwide on Oct. 23. "The real difference that I think people are seeing with Windows 7 is a different level of quality," Schuster said. "We've never reached this level of quality before in terms of performance, reliability, ease of deployment, the tools around it." As she has in previous interviews, Schuster reiterated Microsoft's mea culpa about how the company handled preparing its business customers, ISVs (independent software vendors) and other partners for the release of Vista, which was made available to them in November 2006. At the time, drivers for key hardware and peripherals were not available, and major applications were not compatible.

Schuster assured customers that moving to Windows 7 will be a far smoother process and will set a precedent for how the company will handle desktop OS releases in the future. We have put a lot of effort in really resolving the customer friction point before we come to them [with the OS]. We are being much more proactive and we're saying to customers, 'You don't have to wait.'" Microsoft introduced case studies Monday showing that some customers have taken this advice - among them, Starwood Hotels and Resorts, the city of Miami and Dutch IT services firm Getronics - and are reporting cost-saving benefits because of this decision, Schuster said. In fact, with a release-to-manufacturing version of Windows 7 already in the hands of many business customers, they can begin to move to the OS now. "In the past customers have had to wait for ISV support, they've needed to wait for a service pack release [to deploy Windows]," she said. "Shame on us, we've learned our lesson. Microsoft has a lot riding on Windows 7 after the overall disappointment of Windows Vista and is hoping the OS will jump-start business spending on desktop software. But analysts have said that many companies still using Windows XP don't really have a choice when it comes to migrating to Windows 7 - the question is more of when they will move than if they will.

Many companies put a freeze on IT spending in general in the past year during the recession, and while conditions have improved, companies remain cautious about where they put their money. Overall, customers who have moved already are saving on the time of IT labor devoted to PC management in the range of US$89-$160 per year because of new features in Windows 7, according to the findings of case studies Microsoft released Monday. The OS allows administrators to set policies across multiple desktops for updating software and other features through back-end connections to Microsoft server software that manage these processes, Schuster said. In particular, the city of Miami said it would save $54 per PC per year on power management because of new features in Windows 7 for setting group policies. Microsoft also has changed its plans for a software package that helps customers deploy Windows across multiple desktops, she said.

Originally, Microsoft had planned to release a beta of MED-V 2 sometime in the first quarter of 2010, but decided to add Windows 7 support earlier due to customer demand for it, she said. Microsoft plans to release Microsoft Desktop Optimization Pack (MDOP) 2009 R2 in late October 2009, adding Windows 7 support for all components of the suite except for Microsoft Enterprise Desktop Virtualization (MED-V). That support will come in the first quarter of 2010 with MED-V 1.1 Service Pack 1, Schuster said.

Free isn't all it's cracked up to be. The idea that the best price is zero is gaining popularity, thanks to the high-tech tome "Free: The Future of a Radical Price." Author Chris Anderson makes a compelling argument that freebies and giveaways attract customers, especially on the Internet. At least according to free DNS service provider OpenDNS, which is unveiling on Monday a suite of paid services targeted at enterprise customers. But with its announcement Monday, OpenDNS makes clear that its plan is to migrate from free consumer-oriented DNS services toward paid, profit-making products used on enterprise networks. "Our plan is to transition into the enterprise following the Google model," says David Ulevitch, founder and CTO of OpenDNS. "Google did this with Gmail.

Our evolution is similar. First they had Gmail, then they had Gmail for pay, and now they have a complete office suite Google Apps. We have a free consumer service.. Now we're turning that into a paid enterprise service." OpenDNS is a venture-funded start-up with 15 million users of its free recursive DNS service. We invented and pioneered the idea of DNS with integrated security.

These users include consumers, schools and some businesses, which use OpenDNS to allow their employees to browse the Web. One advantage of OpenDNS is that it bundles Web content filtering with its DNS service. OpenDNS says it is handling more than 17 billion DNS queries per day with this service. OpenDNS also operates PhishTank.com, a community site that fights phishing. OpenDNS makes money by selling ads for its re-direction service.

Users of the free OpenDNS service view advertisements when they type in the wrong Web address. Now OpenDNS is selling an ad-free version called OpenDNS Deluxe, which is geared toward small businesses. Ulevitch says OpenDNS Deluxe and OpenDNS Enterprise are more cost-effective for companies than running separate DNS and Web content filtering software from vendors such as Websense. OpenDNS also is announcing OpenDNS Enterprise, which provides more comprehensive Web filtering, auditing and reporting features, 24/7 support and service-level agreements. Another advantage is that these premium services don't require customers to purchase or install appliances, as some rival DNS and Web filtering companies do. "We don't do everything that Websense does," Ulevitch admits. Ulevitch says OpenDNS has 25 businesses using its premium paid services.

But he says that OpenDNS offers the most popular features of a product like Websense, including the ability to block adult content and 50 other categories of Web sites. "We do 70% of the things that Websense does that people care about," he adds. These paying customers include The Coffee Bean & Tea Leaf, a retail chain that offers in-store Wi-Fi and uses OpenDNS to support Web browsing and to block adult content. "These retail chains want to monitor sites, but it's not reasonable for them to put a security device in every store," Ulevitch says. "They are growing fast, and they want to have one Web-based dashboard so they can block certain sites to all their stores. They don't want to show ads, and they are willing to pay for professional support." OpenDNS says the new premium paid services for enterprise customers are available under an early access program, with general availability expected in the fourth quarter of 2009. Free recursive DNS services such as OpenDNS and DNS Advantage Service from rival Neustar UltraDNS are gaining in popularity among corporate customers. Now they have granular control, and they don't have appliances which is a huge savings. Neustar UltraDNS says it is handling between 3 billion and 5 billion DNS queries a day through its free DNS Advantage service. DNS Advantage "does obviously generate additional business for our managed DNS service," says Rodney Joffe, senior vice president and senior technologist at Neustar. "But companies are looking for a DNS solution that deals with phishing and pharming and malware…Some of our customers want DNS Advantage, and some of our customers already have DNS appliances in their network." Joffe says DNS is so critical to corporate networks these days that customers care more about performance than about price, be it free or paid. "The kinds of customers we have had for 10 years don't come to us because they are trying to save a buck.

However, Neustar UltraDNS derives most of its revenue from selling managed external DNS services to enterprises and e-commerce sites such as J.Jill and Diamond.com. They may in the beginning, but they are staying with us because we run an enterprise-level service infrastructure," Joffe adds. "These tend to be customers for whom DNS is critical." DNS Advantage doesn't include Web filtering like OpenDNS Enterprise, but Joffe says this feature will be available in the first half of next year. Joffe says having companies like OpenDNS enter the enterprise space with outsourced DNS services helps validate the niche. "We've been the major provider for quite awhile," Joffe says. "There's definitely a market."

Juniper Networks has invested in Blade Network Technologies, maker and supplier of switches for data center blade servers.

The amount Juniper invested in Blade's $10 million B round of funding was not disclosed. Privately held Blade has  accumulated $230 million in funding since being spun off from Nortel in 2006.  

Juniper is a new investor in Blade, as is NEC and a third "technology powerhouse" as a silent investor, said Blade CEO Vikram Mehta. Garnett & Helfrich Capital, Blade's founding investor, completed the round with its reinvestment.

Hajime Fukuzawa, chief manager of NEC's client and server division, will join Blade's board.

Blade is an OEM supplier to both NEC and Juniper; Juniper's EX2500 top-of-rack 10G Ethernet data center switch is supplied by Blade. 

"Blade is well aligned with Juniper Networks in our commitment to reduce the total cost of network ownership while providing the high performance, scalability and virtualization required by today's dynamic data center environments," said David Yen, executive vice president and general manager of Juniper's fabric and switching technologies business group, in a prepared statement. "We are delighted to invest in Blade Network Technologies to address some of the most challenging connectivity needs for next-generation networks."

Juniper is working with IBM - also a BLADE customer - and other companies on its Project Stratus cloud computing architecture. 

Blade will use the investment to ramp up R&D and sales and marketing. The company plans to develop a 64-port 10G top-of-rack switch and management products for virtualized data centers, and it plans to be the first vendor in the industry to unveil 10G switches at less than $100 per port, Mehta says.

Blade just wrapped a second quarter, which grew 30% from last year and saw the firm ship its 6 millionth Ethernet switch port. That port was shipped to Baidu, the largest search engine in China.

Citing data from Dell'Oro Group, Blade said it ended 2008 as the third-leading vendor of fixed, managed 10G Ethernet switch ports and fifth in fixed, managed 1G Ethernet port shipments.

Separately, Juniper unveiled enhancements to its E Series Broadband Service Router. New features include a line module and multiple IPv6 extensions for scaling subscribers, supporting in-service software upgrades, and dynamically assigning addresses over Ethernet.

The new module, called the Advanced LM10A, doubles the per-slot subscriber density of the E320 while reducing the number of line modules required in the network, Juniper says. The new IPv6 features support dynamic subscriber interfaces and DHCPv6 local pools for dynamic address assignment over Ethernet.

The Advanced LM10A line module and the IPv6 enhancements are available now. Pricing was not disclosed.

The Twitter micro-blogging and social networking service was hit with a denial-of-service attack Thursday morning that has rendered the site unavailable for users.

Twitter reported the attack in a post on its blog at about 11 a.m. EDT and is continuing to deal with the problem.

"We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate," the company said in a blog posting by Twitter cofounder Biz Stone.

In a status report about an hour following its acknowledgement of the attack, Twitter reported that the site was back up, but users still were having trouble reaching it. The site itself was down for about two hours before it resumed service, although Twitter remained under attack and warned users in another status update that as it recovered, users would experience "some longer load times and slowness," as well as network timeouts.

A DoS attack is an attempt to make a Web site or service unavailable to intended users by flooding the service or site with incoming data requests, such as e-mails. Motives for DoS attacks vary, but perpetrators mostly target companies with high-profile, highly trafficked Web sites, and usually there is some kind of financial motivation for the attack.

Graham Cluley, a senior technology consultant with security software vendor Sophos, said it's unlikely money is the motive here, since Twitter does not have much of its own to part with because the business is not yet profitable.

DoS attacks also can be politically motivated, he said, and while some countries' governments don't like Twitter - notably, Iran - he doubts the attack is politically motivated. "It's most likely to be a teenager in a back bedroom somewhere showing off," Cluley said.

When a site is hit with a DoS attack, administrators will try to distinguish between valid requests to access the site and malicious ones, and redirect the malicious ones to another domain if possible, he said. As Twitter's site was up and running a couple of hours after the attack, it's likely the company was able to do this, or the hacker may have simply ended the DoS attack, Clulely said.

Twitter had not yet provided an update on where it thought the attack was coming from or how it was handling the attack as of Thursday afternoon on the U.S. East Coast. The company's public relations team did not immediately respond to a request for comment Thursday.

In just three years, Twitter has become an enormously popular Internet service with about 30 million unique users and counting. In addition to being a social tool for people to share constant status updates about their activities, it also has become a tool for journalists, public relations specialists, businesses and public figures to share information with millions of users.

Like Facebook and Google, Twitter also has become an integral part of U.S. popular culture, with the slang word for posting something on Twitter, "tweet," becoming part of U.S. English vernacular.

Twitter is no stranger to outage problems, although it had been starting to improve its availability level in the past year. According to a report by Pingdom released in February, Twitter recorded 84 hours of downtime in 2008, but 84 percent of that was in the first half of the year. The site finished 2008 with uptime of 99.04 percent, which still lagged behind other popular social-networking sites like Facebook and MySpace.

Mozilla late yesterday issued the first patch for Firefox 3.5, fixing a flaw that went public Monday. One noted contributor had called the flaw a "self-inflicted" vulnerability.

Firefox 3.5.1 patches a critical flaw in the new TraceMonkey JavaScript engine's Just-in-Time (JIT) compiler. "This could be exploited by an attacker to run arbitrary code such as installing malware," the accompanying security advisory warned.

Exploit code for the vulnerability was posted to the milw0rm.com malware site Monday, four days after Mozilla developers had discovered the bug and began working on a fix.

Andreas Gal, a project scientist at the University of California, Irvine - and a key contributor to the TraceMonkey engine that Mozilla added to Firefox with Version 3.5 - said that it appeared the hacker had created the attack code after spotting discussions and test cases on Bugzilla, Mozilla's bug- and change-tracking database. "Looking at the exploit code and our test cases, I think this is self-inflicted and we should have hidden the bug earlier," said Gal in one of several comments appended to the vulnerability's Bugzilla entry.

Although Mozilla had originally slated Firefox 3.5.1 for release later in the month, developers accelerated the schedule to plug the hole.

Thursday's update also addressed several unspecified stability issues and fixed a long-loading problem for some Windows users, according to Firefox 3.5.1's release notes.

Firefox 3.5.1 can be downloaded in Windows, Mac and Linux editions from Mozilla's site; current users can update by choosing "Check for Updates" under the "Help" menu.

While Mozilla rushed out a fix, rival Microsoft has yet to patch a bug that was publicly disclosed the same day - Monday, July 13 - that the attack code exploiting Firefox 3.5 hit the Web.

Hackers have been using a vulnerability in an ActiveX control used to publish Excel spreadsheets online and to display those in Internet Explorer, Microsoft's browser.

Microsoft has provided a tool that users can download, install and run that disables the ActiveX control - and has provided instructions and tools for enterprises to do the same on a massive scale - but it did not deliver a patch for the underlying problem Tuesday, its regularly-scheduled monthly patch day.

Exploits of the bug have been reported by several security organizations, including SANS' Internet Storm Center (ISC), which Thursday said that it had spotted SQL injection attacks against several Web sites. The SQL-based attacks try to inject script code into the site; the code points to a known hacker domain, which in turn links to other sites that serve up malicious JavaScript that launches an exploit for the ActiveX bug.

"If you haven't set those kill bits yet, be sure that you do now because the number of sites exploiting this vulnerability will probably rise exponentially soon," said Bojan Zdrnja, an ISC analyst in a warning posted to the center's site. The "kill bits" reference is to the downloadable tool that Microsoft had created, which disables the ActiveX control by modifying the Windows registry.

After postponing the development of one data center and losing a couple of high-level managers in its data center group, Microsoft said it will soon open new facilities in Dublin, Ireland, and Chicago.

The data centers will support Microsoft services such as its new search offering, Bing, and Azure, its cloud computing platform.

The Dublin facility, to open on Wednesday, will be the largest for Microsoft outside of the U.S. It covers 303,000 square feet and uses outside air to cool the facility, for power consumption savings.

The Chicago facility, scheduled to open July 20, will be more than twice as large, covering 700,000 square feet. Two-thirds of the center will be able to accommodate servers in containers. In some data centers, Microsoft has started using standard shipping containers loaded with 1,800 to 2,500 servers, because it can save on electricity by cooling just the containers rather than the whole facility.

The openings come after Microsoft announced earlier this year that it would put a planned Iowa data center on hold. It also delayed the openings of the Chicago and Dublin facilities.

At the time, the company optimistically described the Iowa postponement as a result of successful efforts to improve efficiency of data center operations elsewhere.

But in fact Microsoft may have put off construction after discovering that growth in hosted services has been lower than it may have expected. Revenue in Microsoft's online services group during the quarter ending March 31 dropped to $721 million from $843 million in the same quarter last year.

Microsoft is not alone in reining back its data-center expansion plans during the recession. Google late last year decided to delay building a facility it planned in Oklahoma.

Microsoft has also lost a couple of well-known leaders in its data center group. In April, Michael Manos, the general manager of the data center services division, left to take a job at wholesale data-center provider Digital Realty Trust. Late last year, James Hamilton, another respected data center engineer, left Microsoft to join Amazon Web Services.

IBM pushed further into the market for railroad management systems as it opened a base in Beijing for work on train maintenance and surveillance products.

Products displayed at the event included applications that monitor aging train parts and set off alerts when they need repair, or that reduce traffic jams by tracking the positions and delays of all trains on a network.

The Beijing center will lead further development on those products and others, in cooperation with IBM bases in Dallas and La Gaude, France, a company representative said.

Other products the center will help carry forward include a surveillance system that can track multiple people on a camera screen and ring an alarm when it spots suspicious behavior, such as someone setting a bag down and walking away. Another product controls ticket sales according to how many seats in each class are open at each point along a route.

The system that monitors train parts like engines and brakes is now being expanded to cover the train tracks, which will let it log how fast trains are traveling in addition to watching for equipment problems, the IBM representative said.

China's extensive railroad system and growth plans made it the natural place for the new operation, said Keith Dierkx, director of the IBM center.

China aims to have more high-speed rail than the rest of the world combined within five years, he said.

The center will tailor products for the huge Chinese market, which IBM has tapped before. IBM worked with China's railway ministry to deploy train monitoring and service stations across 2,000 Chinese cities starting over 10 years ago.

Products developed at the center will also be marketed abroad, Dierkx said.

Dierkx declined to say how many staff would work at the center, but said it would integrate work by "hundreds, if not thousands" of people worldwide.

The price for Data Domain is going up fast, as NetApp Wednesday morning tried to outspend EMC by offering US$1.9 billion to purchase the storage company.

This could be the start of a contentious battle involving rivals EMC and NetApp, which have both publicly announced their interest in purchasing Data Domain and its de-duplication and backup technology.

On May 20, NetApp announced a $1.5 billion definitive agreement to purchase Data Domain, saying one of the goals of the acquisition was to provide backup for systems made by competitors such as EMC and HP.

EMC fired back on Monday this week with a $1.8 billion offer, saying that ownership of Data Domain could give EMC more than $1 billion in revenue next year from the sizable de-duplication market.

"We didn't just wake up one day and say maybe this is a good thing to do. We've had our eye on Data Domain and obviously somebody moved before we did," EMC CEO Joe Tucci said. "Even in stand-alone mode, you're seeing projection of this company doing $480 million in revenue next year. We think we can grow it faster."

NetApp did not back off, instead raising its offer Wednesday to $30 per share, or $1.9 billion.

"Our strategic rationale remains the same and we firmly believe that the combination of our two companies will provide a greater opportunity and risk-adjusted value for Data Domain shareholders, customers, and partners," NetApp Chairman and CEO Dan Warmenhoven said in an announcement. "The complementary nature of the Data Domain and NetApp product lines will result in higher aggregate growth compared to the redundancies that would result with the EMC product line."

NetApp claimed its offer is "superior" to EMC's because it offers an "opportunity for Data Domain shareholders to participate in the future success of the combined NetApp and Data Domain entity."