My recent review of Microsoft's Response Point awakened in me an interest in speech recognition technology. Microsoft's product utilized speech recognition to help users perform regular commands using only their voice -- to call contacts, check voicemail, or answer a few simple stock questions. I found the technology worked extraordinarily well -- requiring little to no voice training, making the entire experience very straightforward and easy to use.
I have been vaguely interested in speech recognition technology for the last few months as I have conducted many interviews with vendors, users, and analysts -- and have wasted many hours transcribing those interviews. My relatively slow typing speed makes transcription a tiring affair, and speech recognition technology seemed to be the perfect antidote -- saving me both time and effort. But inertia (ok, laziness) kept me from actually doing anything about it.
Fate finally handed me the perfect excuse this week, as I broke my left pinky finger while playing basketball. As it turns out, that finger is pretty important for the process of typing -- and typing is a rather large component of what I do. With the splint on my finger, my left hand has become functionally useless on a keyboard -- and I still need to write.
After performing next to no research at all, I decided to buy Nuance's Dragon NaturallySpeaking because 1) I had heard of it, and 2) the Preferred version promised transcription of MP3 files, which would allow me to transcribe those pesky interviews.
Thanks to Amazon Prime's discount on one-day delivery, I had the software in hand the next day. Installation and initial training of the software took under an hour, and now I am writing using (mostly) only my voice, as I am still working out streamlining a combination of voice and one-handed editing. First impression -- pretty cool.
So far, what I actually find the most difficult when using the software is knowing what I'm going to say far enough in advance to form together a cohesive sentences and paragraphs that the software can better understand and punctuate. I guess that will come with time.
I assume I will be using the software frequently over the next several weeks as the finger heals, so I am sure I will have more things to say about the software later. But right now, I think I've found a godsend.
With Windows Vista Service Pack 1 kinda, sorta ready for its public debut, I felt it was time to follow the time honored IT tradition and the make the leap to Vista on one of my primary use-PCs for good. While I've spent hundreds of hours with Windows Vista and its beta iterations over the last two years, reviewing various subsystems like BitLocker, User Account Controls, Group Policy, USB drive controls, and the wireless networking system, I've never really experienced the operating system for day to day computing. It's about time to change that.
This oversight is not out of character for me, as I've a history of slow migration. For instance, I did not move from Windows 2000 to Windows XP for good until late 2003 - a full two years after XP made the scene. Ultimately, as a user, I really don't want to incur the time or dollar expense to make a move that doesn't motivate me. I don't care - nor do I want to care - about what operating system I use. Rather, my concern is simply for the applications and devices I need and want.
Do my applications run right, and can I do what I need to do? For me, this means email, IM, word processing, web surfing, and maybe my taxes - need to work. Everything else, I will figure out as I go along.
I decided to burn one of my precious 32-bit Vista Business activations for the install, figuring this particular PC does not need the full media capabilities offered by Vista Ultimate, but I wanted to get more of the experience than is possible via the more basic versions. The PC itself is a laptop, a Lenovo T60p with a dual-core processor, 2 GB of RAM and 802.11n wireless. The Vista Experience score is 4.3, with the graphics subsystem being the most lagging component.
With resounding success, I threw the open source gamut of applications on Vista for my productivity software. OpenOffice, Thunderbird, Firefox, and Pidgin all installed perfectly. For testing and research, VMWare Workstation seems to work just fine. And for security, the latest iteration of Trend Micro Internet Security installed without a hitch.
In fact, the only thing that did not work was my printer drivers. I have an HP Laserjet 1000 attached to another PC in my network. While I could install the printer drivers offered from the share, I could not actually print any jobs. The HP website had a note from December 2006 saying Vista drivers were coming soon, but there has been no further news in the intervening 14 months. It's disappointing, but I can't blame Microsoft for HP dropping the ball.
After three weeks of frequent usage, Windows Vista somehow seems like less than the sum of its parts. I know there are a lot of compelling features under the covers (I've reviewed them ad-naseum), but their impact is hidden by a few glaring features that are constantly in your face, making you forget - or never notice - all the interesting stuff under the hood. Unfortunately, this is the level of experience that most people will have with Vista -intruded upon by the three features and characteristics that dominate the Vista experience.
One, everything has moved. I'll never understand why Microsoft feels the need to re-architect the interface for every iteration of Windows. The company is looking for an intuitive interface, presumably to make it easier for new or novice users. But for most people, navigating an OS is a rote affair - find something, play with it awhile, try to remember where it is for next time. Yet every iteration, Microsoft moves stuff around to make it "easier," but destroys everyone's rote memories. And Vista changes things a lot more than previous iterations, so I am constantly looking for that which I used to know where to find it.
Two, Aero Glass is an uninteresting resource pig, completely unworthy of all the resources it consumes. 40 percent of my system memory is consumed out of the box right now, and Aero Glass is the largest consumer. For what exactly? A 3-D ALT-TAB screen selection screen, translucent window edges, and a handful of Sidebar widgets. This feature singlehandedly hamstrings Vista installations with only 1 GB of RAM, making slower computers swap memory with just one or two applications open.
Third is UAC, and it does not bother me at all. I've been a big proponent of Least User Privilege computing in the enterprise for a long time, and I have tried with varying success to practice it at home as often as possible. Frankly, Least User Privilege is much, much easier to accomplish in Vista than in any other Windows operating system. I can live with it, and actually appreciate it.
Save for the printer drivers, everything works, and I can safely say that so far, I am fine with Vista. I wouldn't say it impresses me, but it does (almost) everything I need it to. The operating system certainly does not live down to the reputation it has garnered out in the field. I can see how it has frustrated many, but not to the level that would cause me to petition to keep Windows XP alive for longer.
I wouldn't spend money on an upgrade necessarily, but I would definitely go with Vista on any new PCs that I buy. It makes absolutely no sense to waste money on a 6 year old operating system that is winding down its shelf and support life. In this case, newer may not be significantly better, but because it is newer, it will last longer. And has history has shown, Microsoft will make it better over time.
Unified Communications products like Microsoft Office Communications Server 2007 make it pretty simple to integrate the video experience into a user's daily routine, requiring only off-the-shelf Web cameras to layer on the new communications channel.
But what quality of video are you really getting with this kind of integrated solution? Will it meet your needs and expectations?
In my tests of Office Communications Server, I learned from Microsoft's Quality of Experience Monitoring Server that video calls use Microsoft's RT Video codec. By default, I found person-to-person calls had a 352-by-288 resolution at a frame rate of 14 frames per second--when the call is placed over a LAN.
Qualitatively, the video picture looks fine in the small Office Communicator box that is normally shown on the screen. But when blown up to full screen size, I could see some slow transitions and artifacts, and I could definitely tell that the lip synchronization of video and audio was not that great.
The video quality is certainly not up to the standard of high-definition audio we get from Office Communications Server, which uses a wideband RT Audio codec on fast network connections--and sounds excellent and clean. But again, the video quality is not too bad on a small screen, especially if you don't come to the game expecting the best quality.
On the other end of the spectrum, there are some really fabulous high-definition video alternatives out there that also rely on software rendering--not hugely expensive dedicated A/V rendering hardware. But these software solutions come with their own kind of costs.
Take for example the HD video experience offered by GIPS (Global IP Solutions)--which has HD video capabilities in both its two-way VoiceEngine products and multiparty ConferenceEngine line--and uses both its own proprietary LSVX codec as well as standard codecs like H.264. Global IP Solutions first demoed at the Fall VON conference in 2007, and I got to see it up close in person last week at the company's offices in San Francisco.
In my demo, the video stream--at 30 frames per second--had a resolution of 960 by 720. This translated to a truly stunning picture--so clear that I was literally able to count the bricks in the side of a building half a block away when we pointed the HD video camera (a pretty high-end Sony HD camera, by the way--not some Webcam) out the window. And the lip synch between audio and video was practically perfect, making it much easier to carry on a conversation without getting distracted by slightly out-of-sync behavior.
The company claims it can scale up to a full HD picture as well.
Of course, the tax in this case is computational. During the demonstration, the quad-core server doing the rendering on my end of the call was clocking in at a hefty 55 percent overall utilization--something that would be even higher for full HD. The company claims to have done significant work to optimize its rendering for Intel processors, and it claims testing on AMD platforms will also be done in the coming weeks, with the expectation that rendering performance will at least be in the same ballpark.
GIPS sells its own products, or you might find its technology in other products. For instance, I know that Toktumi is working on integration with GIPS' REX softphone (which I will be reviewing soon), and yesterday, RADVision announced that it will be using GIPS codecs and features from the VoiceEngine platform as well.
Last week, I attended the San Francisco premiere of a new short documentary, "The New Face of CyberCrime." Directed by Frederic Golding and brought to fruition by the folks at Fortify Software, the film was screened for select members of the media as well as IT executives from around the Bay Area and was followed by a panel discussion moderated by Fortify founder and Chief Technology Officer Roger Thornton.
The panel featured:
Howard Schmidt, president and CEO of R&H Security Consulting and former White House cyber-security advisor
Ted Schlein, managing partner of Kleiner, Perkins, Caufield and Byers
Grant Bourzikas, director of Information Security for Scottrade
Frederic Golding - director of the film
The 20-or-so-minute film talked at a high level about the cyber-crime landscape, focusing on the role organized crime now plays because there is money to be made out there. Discussions with a few grey-hat hacker types, some IT folks and analysts around the industry, and Schmidt himself hammered home the point that this is a dangerous time on the Internet, and people need to be aware of how they and their information can be tricked, captured and compromised online. However, there really wasn't any prescriptive advice to be gleaned from the movie, which left me (and, I felt, many in the audience as well) wanting more.
Given Fortify's niche in the industry (code scanners), it is unsurprising that the film concentrated on how poor development practices and shoddy code open doors for thieves in the current threat landscape. As far as I can recall, cross-site scripting was really the only type of vulnerability that was discussed at length, as we got to see a grey-hat hacker type sit in an outdoor cafe, talking about the things that he could do from there over the Wi-Fi network. Hardly compelling visually, and probably hard to grasp for those unfamiliar with the ins and outs of coding best practices.
In fact, the whole film seemed to suffer from a bit of a lack of focus. In the panel discussion, an audience member asked what I was thinking, "Who is this film aimed at?" The quick-cutting visual style, featuring a lot of talking heads interspersed with jerky shots of racks of servers and network cables, and the high-level gloss-over of the problem with no real prescriptions, kind of indicated that film was directed towards a very mainstream audience. Like something you might catch on Nova on Saturday afternoon.
Yet cross-site scripting seems like a poor choice of angle for a mainstream audience, which would probably benefit more from a more endpoint-focused perspective, or better yet a look at how to actually protect and monitor your digital assets.
Golding made very clear that he did not intend the film to be a call to action, but rather an opportunity to initiate a dialog and help people in the industry build awareness of cyber-security. Something with recommendations or deeper discussion of the issues would be more of a corporate film rather than a documentary.
Thornton indicated that the filmmakers and producers needed to weigh the balance, keeping the audience engaged while still providing some meat. Apparently, they had initially planned to reach out to more criminal elements to show that side of the equation, but were warned off that course by law-enforcement advisors who told them they could get killed if they weren't careful with what was shown or who they talked to.
Golding consistently expressed surprise at the things he learned during the filmmaking process, and clearly showed his unfamiliarity with the technical matters at the heart of his film (honestly, why would any Joe User know about coding best practices and PCI compliance?) And I fear his unfamiliarity with the subject matter gave Fortify's folks a chance to steer the subject matter toward their own bread and butter -- a rather unfortunate, but unsurprising development.
Ultimately, the question of target audience was never answered during the panel, so I posed the question to the PR representative who invited me to the screening in the first place. His answer surprised me:
"The documentary will not be made publicly available, but I can send you a copy of the DVD if you like. I just need you to agree that the DVD will be for your own personal use and will not be made public."
So really, this film is only going to be shown to prospective Fortify customers. It's a marketing film. Super (I feel used). Some full disclosure up front would have been great, as it turns out that the panel itself was peppered with Fortify board members as well. Five minutes of research turned up the fact that both Schmidt and Schlein are on Fortify's board of directors.
Nonetheless, the panel discussion was a little more interesting, as the audience let loose some of its unrest regarding the film. Since the director intended the film to provoke a dialogue, in this one sense, it was successful.
An impromptu poll taken of the audience indicated that the majority of those in attendance thought of themselves as information security workers, while a handful of people were in software development, and almost no one considered themselves to be both. And if I may generalize a bit, the security-oriented audience had the reaction of, "We know all this. Now what are we supposed to do about it?"
Of course, Fortify's answer was an unspoken but quite evident, "Buy our products."
Scottrade's Bourzikas ultimately was the most interesting speaker as he weighed in on subjects like the biometrics and the efficacy of PCI compliance mandates.
Bourzikas called PCI compliance "Uh, interesting." He intimated that that kind of security doesn't really make you more secure. In the end, authorized users query a database and get a response. How do you ensure that that user is who he purports to be? Ultimately, these are business decisions and at some point security becomes a hindrance. The company first of all needs to make money, and can't tell users how to behave.
When two-factor authentication was mentioned as a solution, Bourzikas made it clear that his customers did not want it, and weren't willing to bear the additional expense to institute it.
TJ Maxx was used frequently as a case in point during the film and the panel discussion -- highlighting the real financial consequences for a business cleaning up a data theft mess, while hinting at what it means for end users as well -- the latter described basically with two words, "identity theft." But counter to the PCI discussion above, it seems the TJ Maxx example actually could have been prevented by conforming to PCI regulations, as evidence has pointed to wardrivers cracking WEP (Wired Equivalent Privacy) encryption on TJ Maxx's wireless network and culling customer information that way -- a situation clearly addressed in PCI.
The film is scheduled to be shown again on Jan. 24 in New York and Jan. 29 in London. For those who can't wrangle an invite, you'll have to make do with the preview.
While neither network has gained citywide popularity by any means, networks powered by Meraki and FON have come tantalizing close to being interesting, particularly in a few localized neighborhoods. The Meraki network seems to have the strongest presence in the Mission and in the Haight, and Meraki currently claims almost 50,000 users across the city. Meanwhile, the FON network is far less centralized, featuring a smattering of hot-spot locations deployed thinly throughout many areas of the city.
The differences in coverage can be directly attributed to the underlying technological approaches -- and the marketing campaigns built to support them.
Meraki's network is a mesh -- users can host either an access location that has a broadband backhaul connection or an outdoor repeater for those who wish to extend the network without adding any bandwidth to it. Since Meraki is offering free repeaters to those willing to host them, neighborhoods with a couple backhauls can quickly grow in size as others add free repeaters to broaden and saturate the network's reach.
Back in 2006, FON kick-started its San Francisco network with a free router giveaway in Union Square, but in part because the marketing focus wasn't localized to a particular neighborhood, the network grew up in smatterings spread throughout the city. Technologically, this doesn't matter -- the FON hot spots really don't have anything to do with one another (other than sharing an authentication system). But from the perspective of the user, a diffuse network like this doesn't have a lot of value because there is no predictability about where it will appear.
Likely in response to this perception, FON this week announced a new router giveaway targeting businesses and residents in a single neighborhood -- the Castro.
My executive editor, Jason Brooks, is always scrounging around looking for more and better connectivity to feed his baby (a new iPod Touch), and had been investigating all the different Wi-Fi options within the city. He has expressed particular interest in both of these networks as ways to stay connected affordably (he is also weighing the pros and cons of the T-Mobile hot-spot network). Together, we decided that eWEEK Labs could (nay, should) share some of our test network bandwidth so we could take part in both of these networks (and let him wander around the city with more more Wi-Fi power).
However, our first steps have been a little rocky in both cases.
In Meraki's case, the problem is simple. We wanted to install a Meraki repeater as the first step of our deployment, but we cannot detect any other Meraki nodes from our building. The Meraki map shows the nearest nodes are between three and five blocks away -- which standard Wi-Fi clients are unable to detect, despite our location on the 9th floor of our building. Meraki may be offering repeaters for free to those willing to host them, but with the caveat that you have to be able to detect another Meraki device before they will send it to you. So instead, we'll have to acquire an indoor router or wait until someone closer to us adds to the network.
As for FON, I actually picked up a La Fonera router at the Union Square giveaway, but the device found its way into a desk drawer where it sat neglected until last week when I finally got around to registering for a FON user account. As I was installing the router, I noticed that the device firmware was several versions behind the build available on the FON Web site, so I decided to upgrade it to the latest and greatest before linking the device to my account.
As the upgrade was underway, the network cable attached to the device tangled with the wheels of my chair, which I discovered only as I rolled backwards and wrenched the patch cable from the device. End result? A dead router. The device never can seem to register for an IP address on my network, nor will it broadcast any Wi-Fi signals.
FON support confirmed my suspicions. The router is dead. However, I was surprised to learn that I was not supposed to upgrade the device at all, at least not without talking to a support representative first.
"I am afraid to tell you that your Fonera is dead. Regardless of the Internet cable coming out of the unit, the firmware update would have killed your La Fonera either way. That's why when you visit the Firmware update page and manually download it, we warn you that you should only download the firmware after consulting a FON customer care member or technician. This is because any perfectly functional Fonera will immediately become nonfunctional after the download, unless you have a Fonera+ which automatically downloads the upgraded firmwares. Manual firmware updates are one of the major contributors to nonfunctional Foneras."
I don't actually recall seeing that warning message when I did the install, but when I went back to double-check after support chastised me, indeed there was the warning. Obviously, I blew it off as the boilerplate that usually comes with firmware upgrades. But FON really, really means it. I have to say I really question the wisdom of placing the firmware so prominently on the Web site, since it is so dangerous. It seems like an unnecessary invitation for trouble. Nonetheless, I can't deny it -- I was warned.
Thankfully, FON support agreed to replace the device under warranty, so hopefully our little Wi-Fi project can get underway for real this time.
The news that most caught my attention during Steve Jobs' Apple keynote today was not the MacBook Air, but rather the announcement that the new iPhone firmware—Version 1.1.3—includes location-based tracking for Google Maps that use not only cell phone triangulation, but Wi-Fi-based locationing services as well.
The Wi-Fi location tracking is apparently being provided by Skyhook Wireless, a company that has spent the last few years building and (constantly) updating a massive database of Wi-Fi access point positions in major cities across the United States. Unlike traditional GPS services, Skyhook's technology could and should work indoors—depending on whether a Skyhook-enhanced Wi-Fi client can see access points that are already in their database.
According to Skyhook's Web site:
"To pinpoint location, WPS (Wi-Fi Positioning System) uses a massive reference network comprised of the known locations of over 18 million Wi-Fi access points. To develop this database, Skyhook has deployed specialized vehicles to survey every single street, highway and alley in 2500 U.S. cities, scanning for Wi-Fi access points and plotting their precise geographic locations."
and
"Skyhook's Wi-Fi Positioning System's subsecond time-to-fix, +99% indoor availability and 10-20m accuracy in urban areas is the perfect compliment to GPS' known limitations."
The service is reliable enough that one laptop recovery service, CyberAngel Security Solutions, last year added a Wi-Fi-based tracking service to their portfolio based on Skyhook technology. CyberAngel's product provides an authentication and encryption layer to standard laptops. Users (or administrators) define a secured partition, where confidential data and applications are stored encrypted. When a user authenticates, the store is decrypted automatically for use. Conversely, a bad log-in attempt triggers alert to CyberAngel's servers (via LAN, WAN or modem connection) that the computer could be in a compromised state. Obviously, there needs to be an escalation process to avoid false positives for every failed log-in.
With the WiTrac service layered on, the alerting laptop can also report home any Wi-Fi access points it can see, sending to the service the MAC addresses of the access points detected, as well as the relative signal strengths of each detected device. This information can then be compared with Skyhook's database to return longitude and latitude coordinates of where the laptop is located. CyberAngel claims the service is accurate to around 10 meters.
When we spoke with CyberAngel's CEO Bradley Lide over the summer, the service cost $69.95 per laptop for a 1-year license, $129.90 for 3-year license, with volume discounts available as well. The Skyhook service was included in that price.
What will be interesting is, with the new iPhone SDK on target for delivery in late February, whether we may see CyberAngel (or someone else using Skyhook) provide recovery services for the iPhone as well—and perhaps authentication and encryption capabilities. These capabilities would suddenly make the iPhone—and its industry-leading mobile browser—a much more compelling solution for businesses exploring a Web application-oriented mobile solution.
For end users, it may not make fiscal sense at the prices listed above, but if such a service were offered as part of an extended AppleCare warranty service for the iPhone with a small premium (depending on the levels of functionality available from the service), many of us may actually consider it for a device that has fast become a centerpiece in our lives for both work and play.
RIM has dominated enterprise-class mobility deployments to date because they have an end-to-end solution, providing an evolving and attractive mix of devices, a development platform for customized applications and a central management component that addresses ongoing provisioning, updating and reporting needs. While Microsoft has for awhile been able to emulate the first two criteria, only with their recently announced System Center Mobile Device Manager 2008 (expected to ship in Q2), has the company been able to hint at closing the management gap. In beta right now, System Center MDM 2008, promises to hook Windows Mobile devices into the corporate Active Directory, providing administrators the ability to centrally control security, connectivity and application provisioning of mobile devices through constructs well familiar to Windows administrators.
In a recent conversation with Enterprise Mobile (a Microsoft partner that's providing MDM 2008 planning, installation and support services), CEO Mort Rosenthal told me that many (more than 50 percent of early adopters) beta adopters have leveraged Enterprise Mobile's services to kick start their System Center MDM 2008 testing programs.
Rosenthal sees MDM 2008 as a very different animal than many software solutions because the server component (available now in beta) is out before the client piece necessary to bring the devices into management is complete. MDM 2008 requires Windows Mobile 6.1 be installed on the client devices (this version includes the MDM client), but 6.1 is not available to the public at this time.
While this could be a sticking point in the beta program, Rosenthal argues this currently incomplete beta program confers benefits nonetheless. "In an enterprise, they [administrators] need to be familiar with the management console and platform, and they need to be comfortable with the level of security and device management that is available before deployment," said Rosenthal.
Of course, this condition is also a benefit for Enterprise Mobile during the beta trials, as the company can help get their customers' devices up to speed as well. According to Rosenthal, Enterprise Mobile has created 6.1-enabled devices from 6.0 versions on behalf of both their customers and OEMs.
Obviously, it is very early in the lifecycle of MDM 2008, but it seems like the client upgrade issue will be a problem ongoing with Windows Mobile devices, particularly for companies considering whether it is feasible to pull their end-users' devices into the management mix.
Devices purchased directly from carriers are generally subject to a drastically different upgrade path from those purchased from the device manufacturer directly. Carriers are notoriously slow at approving system-level updates to consumer devices - for instance, in December Palm announced its upgrade from Windows Mobile 5 to Windows Mobile Professional 6 for the Treo 750 (Update 2.25) on AT&T's network, many months after the first native WM 6 devices started appearing.
We can likely assume that in most cases, the upgrade to version 6.1 will also take a fair amount of time - and may not become available at all to the current generation of Windows Mobile devices, as product lifecycles are similar to that of a fruit fly. A company thinking of letting users bring their own devices will then have to deal with (or wait out) the upgrade cycles of an undetermined number of devices - a practice that few if any administrators will have the time, patience or inclination for.
Securitywatch's Ryan Naraine notes that new Secunia users are finding their computers insecure, as applications have fallen out of date. As a Secunia user, I can say there are a lot of causes for my inability to keep my primary system up to date (by Secunia's standards.)
For instance, on my work PC at this moment, Secunia's PSI is telling me that I currently have 4 insecure applications, 1 End-of-life application, with 76 up-to-date apps. Better than most, but hardly perfect. 5 of 81 are not secure - a 6.2% failure rate.
Basically, I can be hacked via known vulnerabilities.
Of the four vulnerable applications, 2 are Adobe Flash. I've tried upgrading to the latest version. I've tried uninstalling, then reinstalling. I've tried uninstalling completely. None of these steps have gotten PSI to recognize any difference. I guess I can figure out how to manually remove Flash for good - but it may be a lot of work.
One is my anti-virus program. Work provides and manages this software, so there's not much I can do (other than badgering IT, and I am sure they are sick of my badgering), unless I decide to fully manage my own AV solution. Looking through the release notes of the current and recent iterations of the software, there are no mentions of patched vulnerabilities are jumping out at me. Lots of bug fixes and improvements, but maybe not any plugged security holes. But the free version of PSI does not make that distinction.
The other vulnerable application is QuickTime. I've got Quicktime Player installed because I need iTunes to sync my iPhone to my Outlook calendar. I've covered my dismay with this setup plenty in the past, but it is the only reliable way I've been able to sync the data I need.
When I upgraded to iTunes 7.5, the install package included Quicktime 7.3. Since then, Quicktime moved to 7.3.1, but iTunes stayed at 7.5 So the Apple Software Update application tells me I am up to date, but a check of the Quicktime website tells me I am ever so slightly behind.
Essentially, one of the many tools I am forced to rely on to keep my system up to date is lying to me.
The end of life program is a prior version of Winzip. I guess my company actually paid for the Winzip license (I never see that annoying Expiration notice on this PC). I can see why the company may not want to pay for the new version, since the old one does everything that our users want it to do, presumably. But to get security updates, we're beholden to pay for licensing upgrades to get the new version, chock full of features we don't need?
Yes, of course. This is one of the costs of security that everyone must face. But personally, this case is out of my hands. Or I suppose I could install the latest WinRAR.
Secunia's PSI is a means to an end. People downloading these kind of tools are presumably wanting to check their status, likely knowing something is out of date. So they can fix it - if they are allowed to and it is relatively easy.
Given the Apple and Winzip anecdotes above, I'd say perhaps the numbers Ryan notes are really a larger indictment of the software makers - their crappy update applications and their upsell tactics used in the name of security.
The first day of CES saw some cool wireless developments (new chip sets, more 802.11n), and a major reawakening of the personal NAS space (everyone under the sun seems to have an appliance coming soon). The day was also marred by bad shoes and some unfortunate static discharge.
Of the non-visual accounts, SanDisk showed me its technology preview of a 12GB MicroSD card. Yes, it works. However, SanDisk isn't going to sell it. The company is just proving it can, and will wait until the next step up (16GB) to release a product.
And now for some pictures:
I've got a review of the Syspine version of Microsoft's Response Point coming online any day now. Here's the D-Link iteration: DVX-2000MS Appliance (top), DPH-124MS (middle) and DVG-3104MS Analog Trunk Gateway (bottom).
Mio was showing its concept design of integrated GPS and Tri-band phone. Big deal, you say? This one is two-faced, hence the name Dual-Sided NAV Phone.
Netgear announced 18 new products at CES this year. I'm going to talk about the wireless stuff in a separate post later, but Netgear also had some new NAS appliances. Lots of protocol support (Samba, NFS, Bonjour), and xRaid technology to autoconfigure the RAID, allowing online volume expansion. At top, the four-bay RND4000 ReadyNAS NV+. At bottom, the two-bay RND2150 ReadyNAS Duo.
The Nokia booth was bustling with activity every time I passed, as the booth had many display units available for hands-on play (very Apple Store). However, all that traffic was really messing with the carpet in Nokia's booth, which was shedding like long-haired cat. After scooting across the carpet to try out a phone, I got a huge static shock as I picked up the device -- causing me to scurry away before I could find out whether I had killed it.
During a chat with folks from the Wi-Fi Alliance, I was shown this sample of a new 802.11n chip set meant for mobile phones. Atheros and Broadcom aren't showing any mobile-N chips (I talked with them), but RedPine is.
Otterbox has some new ruggedized cases for the iPhone. This one, which has a hardened shell under a separate rubber skin, took me almost 10 minutes to crack open. There's also a waterproof one.
Zyxel was showing the new version of its WiMax base station for Sprint (top, middle). The booth people didn't seem wild about the fact that I kept calling it "the coffee maker." Zyxel also has a new version of its SIP phone (bottom).
At Showstoppers, I ran into Yoggie -- whose original device I quite liked last year. Now Yoggie has announced a slimmed-down, firewall-only device called the FireStick Pico.
Before my day really got started, my shoe completely fell apart even though I've only worn that pair four or five times so far. Thankfully, the good folks at Broadcom were handy with the duct tape.
I went from the keynote directly to the Digital Experience show over at Caesar's Palace. Pepcom, who put on the show, offered us media types a ride from the Keynote to the Palace in a fleet of red Suburbans they had on hand, or they suggested we could simply walk across the street.
Now, as any normal red-blooded American male with hearty appetites and a mediocre football team representing my alma mater - I've been to Vegas a bunch of times. And I know that a recommendation to simply "walk across the street" when that street is the Strip- that's a fool's errand. Yet I fell for it anyway.
Also of note, the Augustus Ballroom is not in the Augustus Tower at Caesar's Palace. Matter of fact, its clear on the other side of the building. And in Vegas, that means trouble.
Here's some photos from the show, mostly of the coming tidal wave of internet connected mobile devices.
This is actually not a mobile internet device, but rather a wireless keyboard. Logitech's DiNovo Mini looks a little like a makeup compact, but will be pretty handy for Media Center PC's when you don't want a full keyboard cluttering up the living room.
HTC's Shift. WiFi and HSDSPA enabled, it weighs about 1.5 pounds, although it seems heavier. First impression? Not wild about it.
OQO's O2. A full Windows Vista PC in a tiny form factor. They've got a 64 GB solid state drive coming, or you can get a regular disk up to 120 GB. The device has Bluetooth 2.0, ABG Wi-Fi, and EVDO-Rev A. This one is actually mounted on a docking station, which includes a DVD writer. It's the first Vista-based computer I've used that made me go "Wow." Of course, so did the price. OQO is also working on a Mobile WiMAX demo with Sprint, which I feel may be the first positive news I've heard about WiMAX in quite some time.
Lenovo's Mobile Internet Device. Intel Inside, Linux based, pretty cool and different to use. Also, won't be available in the US any time soon.
Another Intel-based system. USI's MID-100.
The smallest of Lenovo's new Ideapads, the F11. Very small and light, with a solid state design on the way. Interestingly, the guy manning the Ideapad table totally talked smack about Solid State disks, saying they aren't ready for prime time. 64 GB disks might be ok, but stay away from the 30 GB ones. You've been warned.
The next evolution of Linksys' home 802.11n routers. This one, the WRT310N is gigabit Ethernet-enabled and has embedded antennae.
