Glen White

When you add up this week's top Google news, it paints a picture of a gargantuan, but immature, effort to make the Web faster. It released an experimental replacement for HTTP known as "SPDY." Plus rumors are swirling that Chrome OS will be seen next week at last. Google open sourced "Go" its experimental programming language that combines the speed of scripting languages with the speed and safety of compiled languages.

Baking an Add-On App: Google Web Toolkit, Data APIs and App EngineWhere To Get Assistance on Android App Development Here are a few more details:  Google Go is a newly announced programming language created by Google and released as an open source project. But it's an experimental language for all that. Some experts say that Go's syntax is friendly and easy like Python or Ruby on Rails while remaining familiar enough to those who know C-based languages. And it's a less-than-easy task to build a following for a new language. SPDY, pronounced "SPeeDY", is an another experiment.

Google needs to commit to Go for the long term, work hard at championing and strengthening it until other developers have some reason to take on the learning curve to work with it. SPDY would replace the HTTP protocol with a new application-layer protocol for transporting content over the web. It hasn't completely scrapped HTTP, but it's not a mere extension either. It's inventors say it is designed to minimize "latency through features such as multiplexed streams, request prioritization and HTTP header compression," according to the blog post announcing it. The protocol still uses HTTP headers, but it overrides other parts of the protocol, such as connection management and data transfer formats.

For starters, browser would need to support it. At least one thing stands in SPDY's way: Microsoft. While Google can do that with Chrome and still has lots of financial sway with Mozilla, how would Google would convince the mighty Microsoft to add it to Internet Explorer? There's another little issue, too. And IE is still the preferred browser for corporations and most Windows users.

Google is one company, a for-profit vendor at that. So says blog site TechCrunch citing unnamed sources. For SPDY, or any alternative to HTTP, to go anywhere it would need to be under the guidance of the standards organization that oversees the Internet, the IETF.  Word has it, too, that the much hyped, but as yet to be delivered, Chrome OS is about to be seen next week. Chrome OS, like the Chrome browser, is Google's attempt to make the Web faster, in this case by creating an operating system geared for cloud computing and taking much of the application the burden off the client. But the road to turn any of these efforts, much less all of them, into winners is long and cannot be conquered alone.

Google may have big plans for a faster Internet. Follow Julie Bort on Twitter.

Security certifications are the most sought-after area of specialty among information technology professionals, according to a new study from Computing Technology Industry Association (CompTIA). (Check out CSO's certification directory to see certification options.) The survey of more than 1,500 IT workers found that 37 percent intend to pursue a security certification over the next five years. The results are included in the CompTIA study 'IT Training and Certification: Insights and Opportunities.' "Given the growing reach of security, with threats becoming more pervasive and dangerous and with no business or industry immune to those threats, it makes sense that many IT professionals view this as a must-have for career advancement," said Terry Erdle, senior vice president, skills certifications, CompTIA. The results fall in line with a survey conducted by the same organization earlier this year that found more companies are requiring IT security certification. Another 18 percent of IT workers said they will seek ethical hacking certifications during the same time period, while 13 percent identified forensics as their next certification target.

In that research, the number of organizations where IT security certification is required has increased by half and is continuing to grow; 32 percent of employees were required to have certifications in 2008, compared to 20 percent in 2006. Other technology areas where survey respondents said they will seek new certifications over the next five years include green IT, healthcare IT, mobile and software-as-a-service. Eighty-eight percent of certification holders indicated they pursue a certification to enhance their resume. Economic advancement and personal growth are key drivers for seeking IT certifications, the CompTIA study also reveals. An identical 88 percent said personal growth is a major or minor reason in their decision to pursue a certification.

VMware's Site Recovery Manager is now supporting vSphere, eliminating one of the obstacles preventing customers from upgrading to the latest version of VMware's virtualization platform. VMware on Monday released SRM version 4, with support for vSphere and other upgrades including a "many-to-one failover [that] protects multiple production sites with automated failover into a single, shared recovery site." Because Site Recovery Manager did not immediately support vSphere, numerous customers have delayed upgrades from 3.5, acknowledges Jon Bock, product marketing manager for VMware's server business unit. vSphere 4, the successor to ESX Server 3.5, was unveiled in April but until now did not work with Site Recovery Manager, VMware's software for recovering virtual machines in case of disaster.

Now that SRM supports vSphere, adoption should accelerate, he said. "vSphere was a significant change that we had to update the add-on products for. But the months-long delay is similar to delays often seen between the release of a new operating system and add-on products, he said. "A customer who has important production applications on ESX 3.5 is probably not going to upgrade to vSphere 4 the day after it's released," Bock said. In a perfect world, we'd love to have all the new releases of products released on the same day as the platform," Bock said. vSphere is still not supported by VMware View, the vendor's desktop virtualization software. Lifecycle Manager just gained compatibility with vSphere in a new release a few weeks ago. VMware View will be compatible with vSphere in its next release, expected in 2010, according to a VMware spokeswoman.

In addition to support for vSphere, Site Recovery Manager now supports NFS storage, along with Fibre Channel and iSCSI, which were already supported. "We have a lot of interest in NFS from customers looking at using that in important applications," Bock says. VMware provides an integration module to partners, and most of the major storage companies have made their products compatible with Site Recovery Manager. SRM works by integrating tightly with storage array-based replication. Shared recovery sites, the other new feature, could be useful for companies with multiple branch offices, Bock said. The new version of SRM is available now and costs $1,750 per processor.

Overall, the new release is "focused on expanding the use cases for Site Recovery Manager," he said. SRM was first released in June 2008 and has been purchased by more than 2,000 customers, Bock says. Virtualization offers inherent advantages when it comes to disaster recovery, since it eliminates the need to recover the actual physical server an application was running on, Bock notes. That's still a small portion of VMware's 150,000 customers overall. Some customers have been using SRM not for disaster recovery but to move applications from one site to another when they are switching data centers, he said. SRM support for vSphere was a highly anticipated feature, says ITIC analyst Laura DiDio. "Disaster recovery and backup are in every customer's top five checklist of things you must have," she says.

Still, disaster recovery is the main purpose for the software. Follow Jon Brodkin on Twitter

Former Advanced Micro Devices CEO Hector Ruiz allegedly shared confidential information with a Wall Street trader connected to an insider-trading scandal, according to a news report on Tuesday. The AMD executive wasn't named in the court filing, but the Wall Street Journal said in a news report on Tuesday that it was Ruiz, citing unnamed sources. A criminal case filed by the U.S. Securities and Exchange Commission on Oct. 16 alleged that an AMD executive shared confidential information about the company's reorganization in 2008 with a Wall Street executive, Danielle Chiesi. Chiesi works for the hedge fund New Castle Funds.

The SEC filed a complaint in the U.S. District Court for the Southern District of New York. The SEC last week charged six individuals, including Wall Street and technology company executives, with involvement in an insider-trading scandal scheme that the agency said netted millions of U.S. dollars in illicit profits. Ruiz was AMD's CEO until July of last year, after which he was replaced by Dirk Meyer. Ruiz is now the chairman of GlobalFoundries, AMD's manufacturing spinoff. However, he continued as the company's chairman until he stepped down in March. AMD earlier this year spun off manufacturing assets to form GlobalFoundries in a joint venture with Advanced Technology Investment Company, which is owned by the Abu Dhabi government.

The executives charged included Robert Moffat, senior vice president and executive in IBM's systems and technology group, and Rajiv Goel, who is Intel treasury's managing director of investments. Ruiz is the latest in a list of technology executives who have allegedly shared information with the traders in the case. Intel and IBM have placed those executives on leave. McKinsey's Kumar was also charged with sharing information about AMD's reorganization in the case. Other individuals charged by the SEC include Raj Rajaratnam, a portfolio manager with hedge fund Galleon Group; Anil Kumar, a director at McKinsey; and Mark Kurland of New Castle Funds. Kumar allegedly tipped off Rajaratnam about pending transactions involving AMD and two Abu Dhabi-based "sovereign entities," the SEC said.

AMD has had multiple transactions involving the Abu Dhabi government in recent years. Rajaratnam then made trades on Galleon's behalf based on the insider information. In 2007, the Abu Dhabi government's Mubadala Development Company paid US$622 million to acquire an 8.1 percent stake in AMD. GlobalFoundries declined to comment on the report, saying the allegations predated the launch of the company. AMD did not immediately respond to requests for comment.

India's largest outsourcer, Tata Consultancy Services (TCS), reported on Friday a fall in revenue, but growth in profit, in U.S. dollar terms for the quarter ended Sept. 30, indicating that the outsourcing market is still difficult. Spending in some sectors like manufacturing, telecommunications and IT is recovering very slowly, said N. Chandrasekaran, the company's CEO and managing director at a webcast press briefing in Mumbai. "Don't expect a sudden bounce back in growth rates," Chandrasekaran said. The company said that there is an improvement in market conditions, but cautioned that discretionary spending on IT and related services is still tight. TCS' revenue for the quarter was US$1.54 billion, down by 2.3 percent from a year earlier in dollar terms.

The company was able to improve margins, despite pressure on billing rates for services, by moving more work offshore to India, improved utilization of staff and a continuous cost cutting program, Chandrasekaran said. Revenue grew higher by 6.9 percent in Indian rupees mainly because of currency fluctuations. As a result, profit in the quarter, at $336 million, was up 8 percent in U.S. dollars from a year earlier, and 29.2 percent in rupee terms. Infosys' revenue for the fiscal year ended March 31 is forecast to be in the range of $4.6 billion to $4.62 billion, down by 1.0 percent to 1.3 percent from a year ago. Infosys Technologies, India's second largest outsourcer, reported earlier this month a decline in revenue and profit in U.S. dollar terms for the quarter, but the results were better than was forecast by the company in July.

The decline is however smaller than the 3.1 percent to 4.6 percent decline the company forecast in July. TCS added 320 staff during the quarter. TCS does not provide guidance for the quarters ahead. The company said it would be adding 8,000 staff in this quarter, to prepare for an anticipated recovery. It added 30 clients in the quarter.

Cisco this week enhanced its IPv6 offerings for its carrier core and edge routers in an effort to ease the eventual migration from IPv4. The Carrier-Grade IP Version 6 Solution line includes a new hardware module for Cisco's CRS-1 router, and software for that system as well as for the ASR 9000 edge router. By 2015, there will be 15 billion IP endpoints on the Internet. Cisco also unveiled professional services offerings to assist customers in the transition from IPv4 to IPv6. The evolution of the Internet Cisco says there are 700 days left until the last block of IPv4 addresses are allocated.

The IPv6 enhancements rolled out this week are intended to provide a bridge from IPv4 to full IPv6 network while at the same time preserving existing IPv4 addresses to ease the migration. IPv6 has 340 undecillion unique addresses - or more than 50 billion billion billion - for each person on earth, more than enough to continue to support the demand for IP addresses, Cisco says. IPv4 has a finite set of unique addresses, numbering approximately 4 billion, which is rapidly depleting due to the growth of Internet-connected devices and smart devices. However, the protocols of IPv4 and IPv6 are not directly compatible, so migrating a network from IPv4 to IPv6 requires preservation of IPv4 while orchestrating a gradual and prudent transition to IPv6. This has been a chief reason why the industry has been procrastinating on this migration even though IPv6 was developed a decade ago. It's probably something to take seriously two to five years from now but (carriers) have to start to prepare." With that, Cisco unveiled the Carrier-Grade Services Engine for the CRS-1. Deployed deep in the core of service provider's network, this module supports large-scale, high-throughput network-address translation (NAT). At the edge, Cisco rolled out Carrier-Grade IPv6 Solution for its ASR series routers. But with IPv4 addresses facing imminent depletion, the time may have come to accelerate the adoption of IPv6. "I do think we've reached the point where we should be concerned about it," says Glen Hunt, an analyst at Current Analysis. "The biggets problem might be that we've been crying wolf about IPv6 and defining ways to get around attacking the problem.

This is software that helps enable NAT at the edge of a network for smaller or distributed IP networks. These are professional services designed to make the transition to IPv6 smooth and reduce the risk to network operations. The software is intended to first tunnel IPv6 addresses through IPv4; and then perform the inverse function as IPv6 addresses outnumber IPv4. Lastly, Cisco is offering services for the Carrier-Grade IPv6 Solution implementation. The services include initial planning and IPv6 readiness assessment to design and implementation. All products will be available in early 2010. Cisco did not disclose pricing.

Nemetschek North America released the 2010 versions of its Vectorworks line of design software. Building on the integration of the Parasolid 3D modeling core in version 2009, the 2010 edition adds bi-directional associativity features and an intuitive, 3-D modeling environment that features unified views and easy-to-use 3-D snapping for accurate modeling. Tuesday's announcement includes new versions of Designer, Architect, Landmark, Spotlight, Machine Design, Fundamentals, and Renderworks. Vectorworks 2010 also extends Nemetschek's relationship with Siemens PLM Software by integrating the D-Cubed 2D Dimensional Constraint Manager (2D DCM) into the software.

The major improvement in version 1.1 is the addition of Optical Character Recognition (OCR) technology, including support for ten different languages. The VectorWorks Web site lists all of the more than 80 new features in the new 2010 version as well pricing information.-Jackie Dove OCR technology added in Prizmo update Creaceed on Tuesday announced Prizmo 1.1, an update to its image-processing application that allows people to scan documents using a digital camera. Users can save the resulting file in a number of formats, including PDF, RTF, and text, and the contents are indexable by Spotlight. An Intel Mac or PowerMac G5 with at least 64MB of VRAM is required, with 128MB of VRAM recommended. Prizmo 1.1 requires Mac OS X 10.5.8 or later, and is compatible with Mac OS X Snow Leopard. A license for Prizmo costs $40.-Dan Moren Wolfram announces webMathematica 3 Wolfram Research updated webMathematica, adding new performance and development capabilities for its technology for adding dynamic content to the Web. webMathematica 3 integrates both Mathematica 6 and 7 with the latest Web server technology, making the tool ideal for creating Web sites where users compute and visualize the results directly in their browsers.

Pricing information for webMathematica 3 is available by contacting Wolfram.-Philip Michaels Black Ink update offers bug fixes Black Ink 1.1.7, the latest version of Red Sweater Software's crossword puzzle-solving application, was released on Thursday. Other changes in webMathematica 3 include expression language and custom tags that provide a more concise way to call to Mathematica from Web pages; a queuing system that executes long-running or asynchronous computation jobs; support for Wolfram Workbench; a new configurable logging system for tracking different types of errors; the ability for users to write REST and SOAP Web services; and improvements to the kernel monitor and kernel interaction. The update fixes problems with getting puzzles from the Chronicle of Higher Education, removes the now defunct Sydney Morning Herald source, and fixes a number of bugs, including one that could cause downloads to stop working until the app was relaunched. Black Ink requires Mac OS X 10.4 or later and costs $25 for a license.-DM There are also a number of improvements to multi-character answer support.

Microsoft Corp.marketed i4i Inc.'s XML software to potential customers at the same time it planned to drive the small company out of business by infringing on its patent for the technology, according to court documents filed last week. Federal Judge Leonard Davis issued the injunction in August, barring Microsoft from selling Word 2003 and Word 2007 after Oct. 10. The decision came about three months after a Texas jury found that Microsoft had illegally used patented i4i technology to build XML features into its word processing software. In a brief submitted to the U.S. Court of Appeals for the Federal District in Washington, Toronto-based i4i argued that an injunction blocking Microsoft from selling current versions of Word should stand. The jury had awarded i4i $200 million, but Davis increased the amount to just under $300 million when he issued the injunction.

Earlier this month, the three-judge appeals panel decided to stay the injunction while it weighs Microsoft's appeal . I4i filed the patent infringement lawsuit in 2007. The new i4i brief charges that in 1991, "at the same time Microsoft was praising the improved functionality that i4i's product brought to Word, and touting i4i as a 'Microsoft Partner,' Microsoft was working behind i4i's back to make i4i's product obsolete." According to the brief, just days after a 1991 meeting in which Microsoft had sought to find ways to work with i4i, Microsoft executives discussed XML plans for Word that would eventually "make obsolete any competitive attempts by third parties to conquer that market." Microsoft must file its rebuttal to i4i's brief by Sept. 14; the appeals court is slated to hear oral arguments from the two sides on Sept. 23. Asked to comment on i4i's briefs, a Microsoft spokesman said, "We're looking forward to the hearing on the merits of our appeal." This version of the story originally appeared in Computerworld 's print edition.

A federal cybersecurity law edged closer to reality late last week when the Senate Judiciary Committee approved a bill to protect the personal data of Americans. It's exactly what many security experts have been calling for - one federal law that would supersede the growing mountain of state data security laws and give enterprises a simplified, one-size-fits-all roadmap to work from. The bill is a bipartisan effort sponsored by Chairman Patrick Leahy, D-Vt., and co-sponsored by former Chairman Orrin Hatch, R-Utah, that would, among other things, force companies and data brokers to institute data privacy and security programs. Also see Mass 201 CMR 17: A Survival Guide for the Anxious And yet, when asked if a federal law is a good idea Tuesday during a panel discussion on the seventh-annual Global Information Security survey, which CSO and CIO magazines conducted with PricewaterhouseCoopers (see survey results here), one attendee who happens to work for the federal government deadpanned, "Careful what you wish for." That seems to be the consensus among IT security pros these days.

But in a recent, informal and unscientific poll CSOonline conducted on LinkedIn, a majority of respondents expressed doubt that a federal law would make their jobs easier. True, the patchwork of state laws can indeed be confusing to companies looking for a one-size-fits-all approach to security compliance. If anything, they said, the opposite would probably be the result. Here's what four respondents said: Gregory Anderson, desktop security SEPM lead manager and wise application packager at Qwest CommunicationsI have no faith in the U.S. government to implement useful strategies and security measures that don't fall completely apart when political cowards take the reins. The question we asked in various LinkedIn forums was if a federal cybersecurity law was the right way to proceed. James McGovern, Hartford, Conn., chapter leader for the Open Web Application Security Project (OWASP)One thing I believe is missing is that the government needs to acknowledge that while their security practice is probably more rigorous through the lens of process than their enterprise counterparts, they can learn something from enterprises in terms of community sharing of knowledge, ability to work under scenarios of smaller budgets and how to accomplish the job with less bureaucracy.

When was the last time a government CIO or enterprise architect ever traded notes with their enterprise peers? We don't need more enforcement, but collaboration. Good security requires understanding multiple perspectives and not thinking in such an insular manner. And, the Personal Data Privacy and Security Act isn't really about breaches but more about the legal and punishment aspects. Michael S. Black, manager of information security operations at Barclaycard U.S.Well, the Data Breach Notification Act has an exemption for data that "was rendered indecipherable through the use of best practices or methods, such as redaction, access controls, or other such mechanisms, that are widely accepted as an effective industry practice, or an effective industry standard." It doesn't really have any teeth, does it?

So we are left with PR and not a framework to increase security. David Robbins, director, systems development at the Taubman CompanyNo, it is not. It's something to let politicians thump their chest and say "We are working hard to help you," but it actually doesn't help the average person whose data gets stolen and resold, and has his credit destroyed. Powers not enumerated in the Constitution are relegated to the states or the citizenry. Assistance with oversight would probably be viewed in the same light - with frivolity. The feds have outsourced the production of many electronic components for our military, to the point where we may become crippled should an escalated conflict occur.

Breaches in security will have no consequences except when brought forth to a committee. How will this secure us? That's the Congress, the same people who vote on bills that they don't really read, or for that matter, bills that haven't been completely written. Will AT&T be under greater scrutiny, or will they buy off the politicians?

Apple's Mac sales in the U.S. last quarter were up between 7% and 12%, according to estimates published yesterday by research firms Gartner and IDC. Both companies said Apple will post third-quarter numbers significantly above the industry average, but disagreed on the Mac sales gains over the same period a year ago. In both cases, Apple's performance was higher than the industry average in the U.S., which IDC estimated was 2.5% and Gartner had at 3.9%. Apple will not release its official sales figures until Monday, when it will hold a conference call with Wall Street analysts. "Everyone is guessing at Apple's numbers," said Bob O'Donnell, IDC's vice president of clients and displays. "Here's the interesting thing. Gartner estimated that Apple sold 1.57 million Macs in the U.S. for the quarter ending Sept. 30, an increase of 6.8% over 2008. IDC, on the other hand, put Mac sales at 1.64 million, or 11.8% above last year. Last month we called Apple [sales] low, and we got it wrong.

A week later, however, Apple announced it had sold 1.64 million Macs in the Americas and at retail - the vast bulk of the latter also in U.S. stores - or nearly 2% more than the year before. I take full blame for that," O'Donnell admitted. "I thought, 'How can they possibly maintain share?' But they defy logic." In July, IDC estimated that Apple sold just 1.21 million Macs in the U.S. during the second quarter, which would have put the company down 12.4% year-to-year. Globally, Apple boosted Mac sales in the second quarter by 4%, to 2.6 million machines. "Their sales just seem to defy all logic," O'Donnell repeated. "There are obviously a certain number of people buying Macs even in the face of a recession." That's a refrain that most analysts have sung since September 2008, when PC sales began to slump. That was also the first time that Apple posted a year-over-year decline in sales since 2003. Burned last quarter, IDC gave Apple the benefit of the doubt this time, in part because of a turnaround in its analysts' thinking. "My sense now is that the same things that have driven them above industry average growth in the past are still there," O'Donnell said. In the last four quarters, Apple has had only one - the first calendar quarter of 2009 - when it sold fewer Macs than the year before.

According to IDC, Apple accounted for 9.4% of all U.S. computer sales in the third quarter, up from a 7.6% share of sales in the prior period. Both research firms had Apple in the No. 4 spot, behind Dell, Hewlett-Packard and Acer, and ahead of Toshiba. Gartner, meanwhile, pegged Apple's part of the pie at a slightly lower 8.8% in the third quarter. But Apple's year-over-year sales growth, although significantly better than in the last two quarters, lags far behind the numbers posted by Acer and Toshiba, which sported year-over-year gains of 48% and 37%, respectively, in IDC's estimates, and a whopping 61% and 46% in Gartner's. Apple could grab more market share if it lowered prices, but O'Donnell wasn't holding his breath. "The talk on the street is a $799 notebook," he said, referring to persistent rumors that Apple will introduce a lower-priced MacBook this year. "But I don't think they care about prices. They're all about making profit." Even so, Apple eventually will probably have to concede that the game has changed, especially in notebooks, where average prices overall have dropped 33% in the last two years. "There's been a total reset on prices," O'Donnell said, giving a nod to not only the inexpensive netbooks that increasingly dominate the U.S. laptop market, but also the falling prices of mainstream models.

Novell Tuesday released a Mono-based plug-in for Visual Studio that gives developers a debugger to help them use Windows to design applications that will run on Linux. Mono Tools for Visual Studio is a plug-in for Microsoft's integrated development environment (IDE). The plug-in lets developers use Visual Studio to write and maintain applications that can run on Windows, Linux, Mac and Unix platforms. In addition, Novell is integrating its Suse Studio Online, which lets users build custom distributions of Linux so they can package their applications on an appliance loaded with a Linux operating system. Mono Tools for Visual Studio runs with Mono 2.4, which is available now, and 2.6, which is slated for release in December or January.

Novell's Mono is a .Net-compatible set of tools that includes a Common Language Runtime environment that enables the cross-platform capabilities. Mono Tools for Visual Studio does not support Mono on the iPhone because it requires a Macintosh. Mono can be run on Linux, BSD, Unix, Mac OS X, Solaris and Windows. Now we have a full debugger that people can use from the comfort of their Windows machines with Visual Studio and deploy their applications on remote Linux machines." Mono Tools adds a pull-down menu within Visual Studio that gives access to the debugging capabilities and other coding and testing functionality contained in Mono. Novell officials said the most important part of the plug-in is a debugger that will make it easier for Visual Studio users to tap Linux as a deployment platform. "We did not have a debugger story," says Miguel de Icaza, vice president of the developer platform at Novell and the creator of Mono. "People had to fly by instruments when developing their applications with .Net and wanting to deploy them on a Linux server.

The software also includes an integrated porting analysis tools that directs users onto non-Windows platforms without needing to know any of the development nuances for those platforms. The Professional Edition for individuals is $99, while the Enterprise Edition (one developer per organization) is $249, and the Ultimate Edition is $2,499. The Ultimate Edition includes a limited commercial license to redistribute Mono on Windows, Linux and Mac OS X. It also provides five enterprise developer licenses. Mono Tools for Visual Studio is available in three editions. Follow John on Twitter: http://twitter.com/johnfontana

They aren't selling personal supercomputers at Best Buy just yet. Silicon Graphics International Corp. But that day probably isn't too far off, as the costs fall and they become easier to use.

Monday released its first so-called personal supercomputer. The system can be expanded to an 80 core system with a capacity of up to 960GB of memory. The new Octane III system is priced from $7,995 with one Xeon 5500 processor. SGI said multiple configurations are available, which can include use of Nvidia graphics processing unit card as well as Intel's low powered Atom chip. An Octane III with a 10 dual socket, four cores, Xeon L5520 processors nodes, for 80 cores, 240GB of memory and integrated Gigabit Ethernet networking is priced at about $53,000. This new supercomputer's peak performance of about 726 floating point operations per second (FLOPS) won't put it on the Top 500 supercomputer list, but that's not the point of the machine, SGI says. SGI says that Atom chips are being used for application development and testing scale-out application code.

A key feature instead is the system's ease of use. Other major vendors already have products that fit into this category. Steve Conway, an analyst IDC, says the new SGI system joins a $2 billion worldwide market of HPC category of systems that cost less than $100,000. That market is expected to grow to $2.7 billion by 2013 or nearly 6% a year, which is a good rate of growth considering the server sales generally cratered this year, he said. Among them is Nvidia Corp., which last fall unveiled a desktop supercomputer, the Tesla Personal Supercomputer , that relies heavily on graphics processing unit cards. He said SGI has a good history of producing systems that work well out-of-the-box. This market is mostly "made up of people who typically don't have HPC experience, and so the transition to these systems has to be easy," said Conway.

But Conway questioned the personal supercomputer label on the system. It can come preconfigured with Windows Server or its HPC Server 2008 as well as Red Hat and Suse Linux servers, and includes a list of some 50 HPC compatible applications used in engineering, life sciences, oil and gas exploration and other uses. Although some users may run this system as truly their own personal HPC system, it supports workgroups as well. The customer installs the application. Rackable subsequently changed its name of the combined companies to Silicon Graphics International Corp. Silicon Graphics was an independent company until May of last year, when it was acquired for $42.5 million by Rackable Systems Inc.

New tweaks to the Facebook homepage have been spotted in the wild that may make it easier to see what's going on within your network. Screenshots of the new homepage first appeared on The Next Web, and Inside Facebook. New features include improved filters for the newsfeed, a revised right-hand column and a new Publisher box reminiscent of Facebook Lite. A Facebook spokesperson has confirmed the social network is currently testing a new homepage designs.

Facebook Publisher The most obvious change of the proposed redesign is the disappearance of the "Publisher" box where you post status updates, Web links, photos, videos and events. Still, without explicit confirmation the new features should be considered rumor. Instead, you would simply have an "Update Status" button on the far right side of the news feed. News Feed Filter Where the Publisher typically sits, Facebook has placed a filter for your News Feed called 'View Top News.' The new filter looks like it functions similarly to the 'Comments' link now sitting in the left-hand column of your Facebook homepage. There are no screen shots showing how this button works or if it contains the same functionality as the Publisher, but I would assume it would do the same job. Next to the top news filters is a title that looks like it alternates between headlines like 'Evening News' and 'Recent Stories' depending on the time of day you're viewing it.

Although the new filter is just a minor tweak, this may be the first visible sign of FriendFeed-like features on Facebook. The central placement of the top news filter may make it a more popular feature by helping users keep tabs on any Facebook activity they may have missed. As Mashable points out, the new filter is similar to FriendFeed's Best of Day feature. This brings the 'Events' feature closer to the top of the page making it easier to see upcoming birthdays, parties and other events within your network. Right-Hand Column Another interesting tweak is the removal of the 'Highlights' section in the right hand column. This is a welcome change since it moves more useful information to a place where you might actually see it.

Facebook's Dark Past with Redesigns Until Facebook makes an announcement about new features, it's hard to know what new redesigns users will see. It's interesting to note that this tweak would make the Facebook home page closer to the failed redesign that Facebook users revolted against back in March. It should also be noted that the rumored tweaks look similar to features found in Facebook Lite, which makes me wonder if this just isn't a revision of that format. When Facebook caved to its user base earlier this year over a significant homepage redesign, I thought the social network made a huge mistake. Of course, even if Facebook rolls out some new homepage features, there's no guarantee they'll stick around.

I, for one, actually like the failed redesign, and the hodgepodge revision we ended up with had some serious flaws, like the poor placement of the 'Events' section. If users revolt once more, which I'm sure they will, Facebook should grow a pair and stick to its redesign plans.

Federal Communications Commission Chairman Julius Genachowski announced Monday, that the FCC would prevent broadband carriers from limiting your access to high speed Internet for things like Internet-based voice calls, video streaming, and legal file sharing (that carriers might wish to block or at least charge extra for). In a speech to the Brookings Institution in Washington, D.C. on Monday, Genachowski said the FCC will begin to formalize net neutrality rules in the United States. This is particularly important with the emergence of data-intensive smartphone handsets, 3G netbooks, and wireless broadband cards. Genachowski also wants to have a public discussion about how net neutrality regulations would apply to mobile broadband providers. As expected, not everyone is happy with Genachowski's concept of what a free and open Internet should be.

To keep the Internet neutral, Genachowski wants the FCC to formally adopt six principles, four of which have been employed by the FCC on a case-by-case basis since 2005. 1. Consumers are entitled to access the lawful Internet content of their choice. 2. Consumers are entitled to run applications and use services of their choice, subject to the needs of law enforcement. 3. Consumers are entitled to connect their choice of legal devices that do not harm the network. 4. Consumers are entitled to competition among network providers, application and service providers, and content providers. Here's what's going on: The FCC's Four Freedoms Grow to Six On Monday, Genachowski described the Internet as a "blank canvas" that has inspired "innovation and ubiquitous entrepreneurship." He cited online success stories like Netscape, Facebook, and eBay, arguing that businesses like these could not have been successful without a free and open Internet. The two additions: 5. Broadband providers cannot block or degrade lawful traffic over their networks, favor certain content or applications over others and cannot "disfavor an Internet service just because it competes with a similar service offered by that broadband provider." 6.Broadband providers must be transparent about the service they are providing and how they are running their networks. In a blog post entitled "Does the Internet Need More Regulation? Don't force us to be free While the principle of net neutrality has been embraced for years by many Internet advocates including Craig Newmark of Craig's List, Google, and Microsoft; broadband providers and mobile operators aren't so sure about Genachowski's plan. FCC to Decide," David L. Cohen, executive vice president of broadband for Comcast - one of the largest broadband providers in the United States - points out that net neutrality debates have been going on for years.

Wired's Dylan F. Tweney has an interesting take on the FCC's net neutrality moves, arguing that intervention will actually stifle your Internet access. During that time, however, the "Internet has enjoyed immense growth... [and the] Internet in America has been a phenomenal success." With that in mind, says Cohen, it is "fair to ask whether increased regulation of the Internet is a solution in search of a problem." Despite Cohen's questions about government intervention, he says Comcast is committed to working with the FCC on this issue. Tweney's three-point argument suggests that broadband providers may be forced to give up on flat-rate Internet service in favor of bandwidth caps. Tweney believes formal net neutrality will cause problems in broadband that we've already seen with iPhone users' inconsistent service from AT&T. Enforcement may also be difficult for the FCC to carry out, according to Tweney, because it will be hard to prove when a service provider has run afoul of neutrality regulations. Bandwidth, Tweney argues, is not unlimited - especially for mobile providers - and therefore must be managed. Tweney also says an open and free Internet has already won out over closed networks, and points to the failures of services like AOL and CompuServe as examples.

However, the FCC Chairman did say he wanted the regulatory body to "analyze fully the implications of the principles for mobile network architectures and practice." Cell phone companies were not too thrilled to hear about this. "We are concerned the FCC appears ready to extend the entire array of net neutrality requirements to what is perhaps the most competitive consumer market in America , wireless services," AT&T said in a statement. Mobile Provider Backlash In his speech, Genachowski didn't lay out any specifics for how net neutrality would apply to mobile providers. Verizon also spoke up, saying the FCC should not start regulating the Internet and arguing net neutrality would "limit customer choices and affect content providers, application developers, device manufacturers and network builders," according to the BBC. Republicans Move Against Net Neutrality Reacting to the FCC's announcement, Senator Kay Bailey Hutchinson from Texas, who is the ranking Republican on the Senate Commerce Committee, attached an amendment to an appropriations bill that would deny the FCC any funding for "developing or implementing new Internet regulations," according to Eweek. The amendment was co-sponsored by four other Republicans. Republican objections to the FCC proposal include concerns that government intervention would stifle innovation.

What's next for the FCC Genachowski said he wants to initiate a public discussion about net neutrality that is "fair, transparent, fact-based, and data-driven." The FCC Chairman says nothing is predetermined, and will schedule public workshops as well as online discussion. Watch Julius Genachowski's Introduction to OpenInternet.gov: To that end, the FCC has launched a new Website called OpenInternet.gov, where, you can submit comments, view Genachowski's speech, and connect with the FCC through social networks and new media like Twitter, Facebook and YouTube.

Research firm Gartner is projecting that 20% of households worldwide will be connected to the Internet through a broadband connection by year-end. Following behind South Korea in broadband penetration rate are the Netherlands (80%), Denmark (75%), Hong Kong (72%), Canada (69%) and Switzerland (69%). Gartner says that the United States lags behind many developed countries with a 60% broadband penetration rate, although this still ranks the United States ahead of countries such as Japan (58%), Germany (55%), Australia (55%) and Sweden (54%). Over the next four years, however, Gartner expects broadband penetration in the United States to rise rapidly, as it is projected to add 27 million new connections and hit a penetration rate 78% by 2013. If the United States is successful in adding these new connections, Gartner projects that it will leapfrog several countries that it now trails in terms of broadband penetration rate, including New Zealand, the United Kingdom and Norway. WiMAX changes lives in rural Thailand In all, Gartner projects that 422 million households worldwide will have a fixed broadband connection by the end of this year, an increase of 10.5% from the 382 million households that had a fixed broadband connection at the end of 2008. Looking further down the road, Gartner projects that 580 million households worldwide will have a fixed broadband connection, an increase of 37% over the number projected to have broadband by the end of 2009. South Korea is currently the leader in household broadband penetration, Gartner reports, as 86% of South Korean households have broadband connections.

South Korea is still projected to be the king of broadband penetration, however, as Gartner predicts that 93% of South Korean households will be connected to the Web via broadband in 2013. Gartner also predicts that developing countries will add 135 million new broadband connections over the next four years, with Brazil, Russia, India and China accounting for more than two-thirds of new connections in the developing world and nearly half of all new connections worldwide.

Criminals have poisoned major search engines for terms related to the new MMS capability of Apple's iPhone, and are using the results to steer users to fake Windows security software downloads, a researcher said today. "Up to the top six results for search phrases about iPhone and SMS are poisoned," said Stephan Chenette, the manager of security research at Websense. "This obviously has to do with the iPhone's new MMS feature," he added, referring to the launch last Friday by AT&T of its Multimedia Message Service for the popular iPhone. "The hosts involved were registered just three or four days ago," Chenette said. When users click on one of the poisoned search results, they're redirected to a malicious site promoting "scareware," the term used to describe phony security software that claims a PC is heavily infected. Late Friday morning, Pacific time, AT&T fired up its MMS service , one of the most long-awaited features for the iPhone.

The software duns users with bogus pop-up warnings until they fork over up to $50 for the useless program. Attackers poison search results by creating massive numbers of useless Web sites on the bots they control, or by using previously-hijacked sites. It's all too easy for cyber criminals to poison search results with links to malware or other malicious content, said Chenette. "They have millions of bots at their fingertips," he said, "and with that control, they can sway the results of any search engine at any time." This campaign, however, was clearly aimed to coincide with AT&T's launch of MMS for the iPhone. "People want to know how to use [MMS], how to send multiple pictures at the same time, things like that," said Chenette. Those sites are all packed with credible content, news and headlines in many cases, that has been copied from legitimate sites. When the search engines' spiders crawl the Internet, and index the fake and real sites that have the landing page URL, their algorithms are essentially tricked into pushing it to the top of any search result for the key phrases in the stolen content. "The botnets give them much more power this way than if, say, they were just using them for spam," he added.

All such sites point to a single "landing page" URL, which in turn sends users to a number of different, and often shifting, servers hosting malware, in this case Windows scareware. The only defense is to be wary of what's clicked in a search result. "This isn't going away, it's too successful of a tactic," said Chenette. "[Attackers] are taking the way that engines are populating their results and using it to their advantage. In February, for example, they used Google's own Trends, a tool that highlights the most popular searches of the past hour, to dupe users into clicking on rogue security software downloads. There's nothing search engines can really do about it unless they redesigned how they create results from the ground up." As Chenette hinted, this is far from the first time that scareware makers have poisoned search results to shill their worthless software.

SAN DIEGO - One of the most striking enterprise products on display at this year's DEMOfall show has been HP's Skyroom videoconferencing software that combines instant messaging capabilities with high-definition video streaming. Even more interesting was the software's ability to create windows on their desktops where they can drag and drop pictures, audio files and video files that the person on the other end of the videoconference will then see on their own screen. During the product's demonstration at DEMOfall Tuesday, HP workstation global business unit vice president and general manager Jim Zafarana showed how users can simply click on names displayed on their Skyroom buddy lists to start impromptu HD videoconferences. During the demonstration, Zafarana received a streaming trailer for the film "Monsters, Inc." after his friend dropped it into the Skyroom conference window.

So when I purchase HP Skyroom, I'm not paying for any additional equipment? Slideshow: 13 hot products from DEMOfall '09 After his presentation, Zafarana sat down with Network World to discuss Skyroom's system and bandwidth requirements, its security features and its ability to integrate with existing enterprise chat protocols. I'm only paying for software? You have to meet the minimum system requirements of having a 2.3 GHz Intel Core Duo processor, and your machine has to run on Windows XP or Vista. Yes.

We're planning on having a version that runs on Windows 7 out in November. One of my colleagues in Boston, for instance, has fiber-to-the-home and he uses a VPN to hook onto the HP network and conference with us using Skyroom. We're targeting business customers and this software can really be optimized through company networks, whether it's an onsite network or a VPN with a good network connection. How fast of a data connection do you need to make Skyroom effective? If you have a one-on-one conference, then it's a 1Mbps requirement for high-quality video and you can dial down the quality to make it work at around 500Kbps. It depends on what you're doing.

If you do things such as video and picture sharing it'll take up more bandwidth. Is this designed for people who want to talk to people in other companies, or is it just for coworkers who want to collaborate? With the Monsters, Inc. video clip I shared today during the demonstration, for instance, I was probably adding 5Mbps to the requirements. At this point it only allows for intra-company conferencing. The bits traveling over the network are encrypted at 256Kbps and they can only go through a VPN or a secure corporate network, so it's pretty secure.

What are its security features? How much does Skyroom cost? Additionally, every new HP desktop workstation will ship with Skyroom as a complementary part of the entire package. The pricing model we have now is $149 per user for a license to use the software and there's no subscription fee. How do I add "buddies" to my Skyroom videoconferencing list? If you have corporate Microsoft infrastructure with Office Communicator, for instance, it will pull your Office Communicator buddy list into Skyroom and all your colleagues on that list will show up as available for you to connect to as long as they have Skyroom installed.

There are multiple ways for you to populate your buddy list. You can also use other communication software products such as Jabber Server, to leverage you buddy list into HP Skyroom. Any plans on expanding that? And finally, Skyroom currently limits that number of people who can participate in an HD videoconference to four. Obviously we could do that in the future but we're not talking about that at this point.

Internet-enabled TV sets could see wider adoption in the next few years as viewers get comfortable with the idea of running widgets on TV screens, according to a study released by Ernst & Young on Thursday. TV widgets are designed to pull selective content from the Internet to complement TV watching. Widgets - or mini-applications - are already being used in devices like mobile phones and computers to run light applications, and those applications could reach TV sets, the analyst firm said in the study. For example, users can view weather information on TV or buy products advertised on TV from online stores.

Web-connected TV shipments could total less than 500,000 in 2009, but top 6 million by 2013, E&Y said in the study, citing statistics from Parks Associates. Many consumers consider it an "appealing" idea to mesh TV with information from the Internet, according to the study. Widgets could also be the glue that brings together Internet and TV content. Many Web sites and technology companies are developing an ecosystem to bring content from the Internet and TV together. Broadcast TV is already competing with the Web for viewership, and widgets could facilitate content searches through both mediums, giving more entertainment options to viewers.

Myspace.com, for example, has developed a widget that blends TV with its social-networking offerings. Users don't need to rely on a browser to access MySpace content. TV watchers could exchange e-mail messages or browse photos on MySpace by activating a widget at the bottom of the TV screen. TVs and chips, for instance, are also being developed to build Web-enabled TVs. Sony, Samsung and LG have said select flat-panel high-definition TV models would be able to run widgets or download movies from online entertainment services like Netflix. Intel is also working with companies like CBS and Cinemanow to bring widgets to TVs. Web-enabled TV has struggled over the past 15 years since Time Warner Cable launched the iTV service in Orlando, E&Y said. Intel last week announced the CE4100 media processor, which enables the use of Internet and multimedia applications on TVs, Intel said.

Ever since, it has seen many iterations, with companies like AOL, BSkyB, RespondTV, Hewlett-Packard and Apple trying to bring the Internet to TV through devices like set-top boxes or adapters. Widgets for TV use also need to be adopted by television programming and cable operators. The success of widgets depends on applications that users will want to have on their TVs. For example, one-click access to on-demand content from online movie stores is well-suited for widgets. The operators will look to monetize widgets by developing an ad sales model around it, which could face some challenges, the study found. Conflicting advertising could also appear on a TV screen and widget at the same time, which could affect ad sales models.

For example, viewers could migrate their attention from TV shows to widgets, which could affect the ratings of a program.

Many major social networking sites are leaking information that allows third party advertising and tracking companies to associate the Web browsing habits of users with a specific person, researchers warn. The findings (PDF document) , which appears to have received scant public attention so far, was presented by the study's two researchers at a conference in Barcelona more than a month ago. That's the conclusion of a study on the leakage of personally identifiable information on social networks done at AT&T Labs and the Worcester Polytechnic Institute.

Earlier this week, civil liberties group Electronic Frontier Foundation (EFF) referred to the study in a blog post. Wills told Computerworld that he and Krishnamurthy surveyed 12 of the biggest social networks for the study. The research, by Craig Wills of Worcester Polytechnic and Balachander Krishnamurthy of ATT, presents "some interesting technical details" on how social networking sites are leaking personal data, the EFF blog post said . "In some cases, the leakage may be unintentional, but in others, there is clever and surreptitious anti-privacy engineering at work," the EFF said. They discovered that 11 of them were leaking personal identity information to third-parties including data aggregators, which track and aggregate user viewing habits for targeted ad-serving purposes. The information allows aggregators to relatively easily scoop up personal data from a user's social network page and to track that user's movement's across multiple Web sites across the Internet. What the study shows is that most users on social networking sites are vulnerable to having their identity information from their profiles, associated with tracking cookies used by data aggregators, he said.

While aggregators have typically claimed that a person's movement on the Internet is tracked just as an anonymous IP address, the information from social networking sites allows them to attach a unique identity to each profile, Wills said. He said personal identity data or unique identifiers that point to a person's real identity are often relayed by social networking sites to third parties via so-called HTPP referrer headers. What is not known, however, is if data aggregators are actually recording any of the personal identity information being relayed to them from social media sites, Wills said. HTTP headers basically identity to a Web page the URL of any resources that link to it. When a user's page is being loaded on such sites, third-party tracking and advertising services that have a relationship with the site get not only the data from their tracking cookies but also the data containing the users unique identifier from the HTTP header, he said.

In the case of the social networks surveyed, all of the URLs being relayed via such HTTP headers included the user's unique identifier, he said. Another way in which identity data is leaked to third-party providers is when a social networking site contains objects from a server that appears to be part of the site, but in reality belongs to the third-party. Also, five of the 12 social networks surveyed were also leaking unique user identifiers via so-called Request-URIs, which identify pages or objects on a Web site. "We don't know what the specific practice of a third-party tracking site," when it comes to using the information, Wills said. "But this information is available to them. At least two of the social networks surveyed were relaying personal identity data to such hidden third-party servers, the report said. It is particularly worrisome because third party aggregators are creeping into a lot of sites that you and I visit." EFF staff technologist Peter Eckersley noted in the blog post that there appears to be no easy way for users of such sites to avoid being tracked in this fashion.

Certain Firefox extensions are also available that allow users to control when third-party sites can include content or run code on their browsers and plug-ins are available to help them opt out of targeted advertising cookies, he wrote. To mitigate the risk, users of social networking sites need to disable flash cookies and ensure that all other cookies are deleted when the browser is closed, Eckersley wrote. But the steps can be hard to follow and can limit browser functionality. "We're fearful that the vast majority of Internet users will continue to be tracked by dozens of companies - companies they've never heard of, companies they have no relationship with, companies they would never choose to trust with their most private thoughts and reading habits," he wrote.

The European Union is not the only one antsy about Oracle taking possession of the open source MySQL database should the commercial database giant's merger with Sun Microsystems get final approval. On its Web site, Oracle merely notes that "MySQL will be an addition to Oracle's existing suite of database products." "I wish that Oracle would broadcast its intentions a little bit more" on the Sun acquisition, says Duane Kimble, a Linux technologist who works in the banking industry. So are MySQL users. (The E.U.'s executive arm has held up approval of the merger, fearing that Oracle's acquisition of MySQL could reduce competition in the database market, as well as harm the open source nature of MySQL. Sun's stockholders and the U.S. Justice Department have approved Oracle's $7.4 billion acquisition of Sun.) "We've got a fair number of databases and Web applications that use those databases in MySQL. If Oracle does something that sort of makes it look like MySQL's days are numbered or something is going to change that we don't like, we'll probably look at alternatives," says Ernest Joynt, a contractor for the National Oceanic and Atmospheric Administration. [ Relive Sun's storied history in InfoWorld's slideshow "The rise and fall of Sun Microsystems." | Learn why attendees at the JavaOne conference were skeptical of Oracle's buyout of Sun. ] Anand Babu Periasamy, CTO of clustered storage technology company Gluster, expresses doubts that Oracle would add enterprise capabilities to MySQL. "I hope that they will retain MySQL. [But] I am doubtful [that] they will ever improve MySQL to take it mid-enterprise level, but at least it will help them compete with Microsoft SQL Server on the low end," he says. (Gluster uses MySQL for its Web site operations.) Thus far, Oracle has said little about its intentions for MySQL and declined to discuss the issue with InfoWorld.

For him, Oracle's ownership of MySQL is a specific cause for caution. His firm has begun looking at other enterprise-scale open source databases such as EnterpriseDB's Postgres database in case it has to replace MySQL. Standing to reap a harvest from unease about the Oracle-MySQL pairing are open source database vendors EnterpriseDB and Ingres. MySQL users start looking at alternatives A key issue is that Oracle is a main competitor to MySQL, notes Timothy Dion, CTO of mobile and Web apps builder Sensei. "I'm very concerned about what that means," he says. EnterpriseDB, which builds its products on the PostgreSQL open source database, has been hearing from concerned MySQL users, says Larry Alston, EnterpriseDB's vice president of product management and marketing. "They're telling us that they're nervous" about the future of MySQL, he says. Doubts remain over the fate of other Sun technologies Users remain concerned over the fate of other Sun technologies such as Java and Solaris, not just of MySQL. "We are rethinking our Solaris deployments," says Linux technologist Kimble. "We are moving swiftly toward more of an AIX and Linux environment, depending on the size or the scale of the project." Although Kimble notes it is "too early to say whether we'll move off [Solaris] or not," he does say his employer is rethinking its Solaris commitment: "Certainly, we're not going full-bore with Solaris as we were before the merger." Kimble does see a positive side to the Sun acquisition: "I think it kind of simplifies the platform offering somewhat.

Ingres also sees opportunities. "The phones ring a lot," says Ingres CEO Roger Burkhardt. Oracle is a strong company and if they keep Sun Java, which I'm sure is what they bought [Sun] for, I think it will make Java a better product." But Bryce Pier is not so sure. Another large company buying another large company reduces competition," he says. The senior systems engineer at Target sees no benefits of the buyout - at least not yet. "I'm not really certain that it's going to be good for anybody. Pier expects the acquisition to cause Target to move away from Solaris to Red Hat's Linux over time. Oracle, said Craig Muzilla, Red Hat's vice president for middleware, was very active in the Java Community Process for updating Java and has strived for openness in Java. "We don't see anything from Oracle that [would indicate that] they would do anything" that would differ with the past, he said.

One reason is the uncertainty: "We're just not sure what Oracle's commitment is going to be to the Java stack and to maintaining it as an open source project." Another is Oracle's reputation for extracting revenues from customers: "We certainly fear that all of the subscription fees are going to change for everything from Sun." At its recent conference, Red Hat sought to reassure customers about the continued openness of Java-based JBoss technology, which Red Hat owns, now that Oracle is buying Java founder Sun.

Oracle Corp. ended it silence Thursday on its post-merger plans for Sun Microsystems Inc.'s Unix systems in an advertisement aimed at Sun customers to keep them from leaving the Sparc and Solaris platforms. Ever since Oracle announced in April its plans to acquire Sun, its competitors - notably IBM and Hewlett-Packard Co. - have been relentlessly pursuing Sun's core customer base, its Sparc and Solaris users. Oracle's ad to "Sun customers," makes a number of promises that includes spending more "than Sun does now," on developing Sparc and Solaris, as well as boosting service and support by having "more than twice as many hardware specialists than Sun does now." Analysts see Oracle's ad as a defensive move that doesn't answer some of the big questions ahead of the $7.4 billion merger with Sun . In fact, there may be a lot of room for skepticism and parsing of Oracle's claims, despite their apparent black and white assertions.

Among the top hardware makers, Sun registered the biggest decline in server revenue in the second quarter, offering evidence that this protracted merger may be eroding Sun's value. Europe is allowing until mid-January to sort this out, which keeps the merger in limbo for another quarter. Oracle wanted the acquisition completed by now but the European Commission this month said it would delay its antitrust review because of "serious concerns" about its impact on the database market. Analysts point out that Oracle's plans to spend more "than Sun does now," may be a little hallow because Sun's spending on developing Sparc and Solaris is probably at a low. "The ad sounds convincing - but perhaps being a word nitpicker, the Sun does now' might not mean much if Sun has drastically cut back due to plummeting sales," Rich Partridge, an analyst at Ideas International Ltd., said in an e-mail. "I think someone at Oracle suddenly realized that Sun was bleeding so badly that what would be left when Oracle finally got control would be worth a small fraction of what they paid and no one would buy the hardware unit," Rob Enderle, an independent analyst, said in an e-mail. But Enderle said the ad's claims do not preclude Oracle from selling its hardware division, and says the company "will have to support the unit for a short time after taking control; during that short time they can easily outspend Sun's nearly non-existent budgets." Gordon Haff, an analyst at Illuminata Inc., said if it was Oracle's plan to start on day one of the merger to shop the Sparc processor around, "would they have put this ad out? Taken at face value, the ad seems to indicate that Oracle will keep Sun's hardware and microprocessor capability and not spin it off, as some analysts believe possible.

Probably not," he said. "Does it preclude Oracle from changing their mind? Indeed, Oracle's major competitive concern was indicated in the ad in a quote by Oracle CEO Larry Ellison: "IBM, we're looking forward to competing with you in the hardware business." No. Companies change their mind all the time." An erosion of Sun's customer also hurts Oracle, because a lot of Sun customers are also Oracle customers, and Oracle doesn't want its existing customer to go to IBM and move away from Oracle's platform, Haff said.

A group of Linux proponents will purchase patents formerly held by Microsoft in an effort to defend distributors of the open-source OS against the ongoing threat of patent litigation from the software giant.

The Open Invention Network (OIN), whose members include IBM and Red Hat, is set to purchase a set of 22 patents once held by Microsoft from Allied Security Trust, (AST) sources close to the OIN confirmed Tuesday following a report in The Wall Street Journal. According to the newspaper, the patents are said to pertain to technologies found in Linux.

AST was founded by a group of technology companies to purchase patents to protect interested parties from patent litigation. Its members include Hewlett-Packard, IBM and Verizon. The Journal said that AST acquired the patents in a private auction held by Microsoft.

OIN is expected to release a statement and more details about the purchase Tuesday afternoon, a spokesman from its public relations firm said.

Microsoft has a storied rivalry with Linux and has been quietly striking deals with companies that distribute Linux or components of it to license technology in the OS for which Microsoft claims to hold patents. Microsoft executives have said that Linux violates more than 235 patents the company holds, a claim open-source proponents have refuted.

Microsoft usually strikes patent deals with companies before bringing cases to court, but a case earlier this year against GPS navigation device vendor TomTom, which uses Linux in its devices, was a notable exception.

TomTom eventually agreed to pay Microsoft to settle the case, which Microsoft insisted was a mere patent disagreement rather than an attack against Linux.

Not all Linux and open-source proponents felt the same way about it, however, though most open-source companies - which are much smaller players than Microsoft - would rather pay the proprietary software company to protect themselves against litigation than try to fight its deep pockets in court.

"With the current patent system in place, it is to be expected that various parties with competing interests will continue to acquire patents and patent portfolios for defensive purposes, if nothing else," said Stephen O'Grady, an analyst with Red Monk.

O'Grady said that until more is known about what is covered in the patents OIN is purchasing, it's "impossible to assess the implications" of Tuesday's move. However, if the group is going through the trouble to acquire them, "presumably they at least believe they will be useful to Linux, either offensively or defensively," he said.

Popular social-networking site Facebook was hit with a DoS (denial-of-service) attack Thursday, but the attack did not appear to be as severe as one that crippled Twitter the same day.

Facebook reported on its own Facebook profile Thursday that users may have had trouble accessing the site or its services because of the attack, but that the situation seemed well in hand by late morning in California, where the company is located.

"We have restored full access for most people," the company reported. "We'll keep monitoring the situation to make sure you have the reliable experience you expect from us."

Users reported that Facebook was not loading properly or could not be accessed early Thursday, but the site seemed to be working properly by late morning.

Facebook did not provide specifics about the attack or how it was handled, only providing a link to a Wikipedia entry with information about DoS attacks in its posting.

It's unknown if the attacks on Twitter and Facebook are linked. However, a source with knowledge of the situation said that the company is working with Google and Twitter to investigate the matter further. A portion of the service that redirects third-party-owned URLs to Google Sites or the Google Blogspot service also was affected for about an hour by a DoS attack this morning, another source familiar with the situation said. It's also unknown at this time if that is related to the Facebook and Twitter attacks, the source said.

A DoS attack is an attempt to make a Web site or service unavailable to intended users by flooding the service or site with incoming data requests, such as e-mails. Motives for DoS attacks vary, but perpetrators mostly target companies with high-profile, highly trafficked Web sites. Hackers often have a financial or political motivation for such attacks.

Confidential online connections like banking transactions made from public wireless hotspots remain vulnerable to attacks despite improved security that was supposed to fix the problem, researchers will demonstrate at the Black Hat security conference.

The vulnerability means that attackers can lurk in the middle of what victims think are secure SSL sessions with banks, retailers and other secure Web sites, picking off passwords and other information that can be used later to steal account funds or compromise confidential business data, say the researchers, Mark Zusman, a consultant with Intrepidus, and Alexander Sotirov, an independent researcher.

An improved method of qualifying businesses for SSL certificates – called extended validation (EV) SSL turns the address bar in browsers green to assure users that the connection is in fact being made using EV SSL certificates. It is supposed to indicate that end users are connecting with a legitimate business, not an attacker. To do so, the entity obtaining the SSL certificate has undergone prescribed scrutiny and qualified for the certificate.

But a green bar may hide the fact that the browser is actually connecting using SSL certificates approved via the traditional, less secure version of certificate issuance called domain validation (DV), which has no guarantee that such validation criteria were met, Zusman says. Those DV connections can be compromised by attackers.

Fixing the vulnerability is complex and would require all Web sites to conform, so the best defense is to avoid using insecure public Wi-Fi networks, he says. "Use EVDO [broadband wireless service] or some other mobile broadband service that makes it more difficult to execute this type of attack," he says. "Keep yourself out of situations where attackers can get at you."To take advantage of this weakness, hackers would set up laptops in a public Wi-Fi zone and use well known methods for compromising the wireless access points such as ARP or DNS spoofing or hacking management platforms.

With control of the DNS for the access point, the attackers can establish their machines as men-in-the-middle, monitoring what victims logged into the access point are up to. They can let victims connect to EV SSL sites – turning the address bars green. Subsequently, they can redirect the connection to a DV SSL sessions under a certificates they have gotten illicitly, but the browser will still show the green bar.

"The scary part is that from the victim's side there's really no sign that anything went wrong unless they look at the EV SSL session on the certificate that is served," Zusman says, which is something most users don't do." After the fact they may see that someone accessed their account, but during the attack it's very difficult to detect."

Attackers could drop malware into victims' browsers that would grab passwords later when they access sensitive sites from secure networks that the attackers have not cracked, he says.

Many Web sites are hybrid in that EV SSL is required to log in, but elements of the pages are protected by DV SSL certificates. One example is Google Analytics service doesn't require EV SSL to access customer data, but that data could be part of a Web page that does require EV SSL certificates for entry.

"The fix requires pretty basic changes to the way browsers deal with EV certs," Sotirov says. If elements of the page use DV SSL certs, the browser would not display them, he says, which could break Web sites from the user's perspective. "It wouldn't invalidate the entire site just that part with content from third-party, non-EV SSL servers."

Web sites can fix the problem by adopting all EV SSL certs for all the elements of their sites, even those served by third parties. Bu that would require creators of Web sites to find out whether all the elements of their pages use EV SSL certificates. "It is not an upgrade process [Web designers] would likely go through. The Web is not good at these upgrades," Satirov says.

As the economy continues to languish, IT salary trends offer little hope to both working and unemployed IT professionals, as companies cut wages and fewer high-tech positions become available due to attrition.

Where the IT jobs are: 10 American cities

Janco Associates today released data from its 2009 Mid Year IT Salary Survey that proves compensation for high-tech workers isn't improving, but declining slightly as more companies prepare themselves for a long economic recovery.

"The current economic climate with its cost-cutting mindsets, business closures and extensive outsourcing has put such a great pressure on the IT job market that overall pay has been impacted," said Victor Janulaitis, CEO of Janco, in a statement. "Added to that, many baby-boomers who had planned on retiring in the next few years are not leaving the job market and you have more potential employees than positions available."

According to the survey of 215 large companies and 526 mid-size organizations, IT salaries fell an average of .19% overall, with midsize enterprise IT executives seeing a nearly 2% decline in total compensation between January 2008 and June 2009. Middle managers at large organizations saw total pay decline by close to .5% as well. The mean compensation, including bonuses, for all IT executive positions surveyed was $142,753 in large enterprises and $123,728 in midsize enterprise companies. Both figures represent a decrease in total compensation on average across some 73 positions surveyed.

"Since the fall of 2008, it has been a very 'poor' period for IT professionals' compensation. Not only has mean compensation decreased due to the lack of bonuses but the supply of IT professionals has exceeded the demand," Janco's report reads.

Not only are companies cutting pay or conducting layoffs, they are also reducing benefits, Janco reports, such as personal and company bonuses.

"Since 2006, there has been a continued reduction in the fringe benefits paid by companies of all sizes. In the case of 401Ks, many companies have stopped providing a contribution to those plans for their employees," according to the report.

Another factor impacting demand for IT professionals is the fact that many high-tech workers are delaying their retirement or re-entering the workforce post retirement.

"There is now a surplus of seasoned IT professionals available. For the second time in less than 10 years, retirements are being put off because of the downturn in the stock market and the resultant reduction in savings available to support IT professionals as they retire," Janco's report reads. "Added to this is an influx of retirees looking to get back into the job market due to the massive reduction in their investment portfolio."

Do you Tweet? Follow me on Twitter here.  

As the automobile industry sheds jobs, it comes as good news that over the last decade or so the Internet has created 1.2 million jobs, many paying higher salaries than average, a new study finds.

Internet business contributes 2.1%, or $300 billion, to the total GDP (gross domestic product) of the U.S. And IT and related online business may be faring better in this recession than they did in the dotcom bubble of 2000-2002, still growing revenue but at slower pace.

Consumers are now making 10% of their retail purchases online, with the exception of groceries, on the Internet, and Internet-based advertising has increased four-fold since 2002 to more than $20 billion, said John Deighton, a professor of business administration at Harvard Business School, and one of the authors of the study along with Hamilton Consultants Inc.

The study, considered independent, attempts to measure the so-called Internet economy. It was prepared for the Internet Advertising Bureau (IAB) in New York, which represents a variety of Internet and media companies.

It does not raise policy implications, but IAB officials said the data will help them make the case for self-regulation on issues such as privacy. Randall Rothenberg, president and CEO of IAB, said the report is the "first rigorous, comprehensive look at the size scope and impact of the interactive advertising ecosystem."

Deighton said the finding could help make the case for a move away from employer-based health care, which he called something out of the Middle Ages, to a system that makes it easier for people to start new businesses without having to provide health coverage.

The study's job estimate is based on people who work directly in building or maintaining the Internet's infrastructure, conduct advertising and commerce over it, and other direct uses. The number of indirect jobs supported by Internet-related activities may raise the total number of jobs by 1.54 million, or to slightly more than 3 million supported jobs.

E-commerce companies, as well as those that deliver the physical goods, were the major employers, with more than 500,000 of the 1.2 million jobs. Internet service providers followed at 181,000. Content-related employment was estimated at nearly 60,000, and software as a service, 31,500.

John Yaglenski, who runs the independent Walt Disney World travel information site Intercot.com, along with 35 volunteers, was at the announcement today and said that that regulation that imposes new requirements and restricts information collection could have a serious impact.

Yaglenski said he has privacy policies clearly outlined on his site and believes the industry is capable of regulating itself. "If the government steps in and regulates the industry to the degree that it has done in some other areas it could really affect our livelihood," he said.

Taiwan Semiconductor Manufacturing (TSMC) reported higher than expected sales for the first three months of the year on Friday, due in part to chip orders tied to part of China's economic stimulus plan aimed at building 3G networks across the nation.

The world's largest contract chip maker, considered a bellwether for the technology industry due to the wide range of products the chips it makes go into, posted sales of NT$39.5 billion (US$1.17 billion) in the first quarter.

The figure beat the high end of its guidance, which was NT$38 billion, but was still down 54.8 percent from the NT$87.48 billion it reported at the same time last year.

Stronger sales at TSMC came as little surprise to analysts because a number of other chip makers, many of them TSMC's customers, had raised their first quarter guidance due to stronger demand from China, including Texas Instruments, Altera and Xilinx of the U.S. and MediaTek of Taiwan.

TSMC manufactures chips designed by most of these companies.

The construction of China's 3G network is a priority alongside the government's 4 trillion Chinese yuan (US$585 billion) economic stimulus package. Beijing handed out 3G licenses to three companies last year, China Mobile, China Telecom and China Unicom.

China is the world's largest mobile phone market in the world, with over 641 million subscribers at the end of last year.

Stronger chip orders prompted TSMC to end unpaid leave for employees at the beginning of April. But the chip maker cautioned at the time that the economic fundamentals had not significantly improved and said it would continue to control costs.

TSMC did not comment on its first quarter sales figures Friday.

The company reported its monthly sales for March on Friday, and added up the first three months of the year to provide the first quarter figure. TSMC's formal first quarter investors' conference will not take place until the end of this month, according to its Web site.