Cyberoam Net-to-Net Connection

Cyberoam UTM device allows configuring IPSec VPN tunnels over ADSL link. The configuration based on DYN DNS service. Both the head office and branch office use ADSL link. Configure a DYN DNS address for both the sites. The configuration is very simple and straight forward.

The advantage of this type of connection is:-
a) Speed
b) Less expensive
c) Easy to get ADSL link
d) Easy of deployment
e) Good for branch office / small office connections
f) Easy to manage

Storage

As data keeps growing exponentially, the need for more advanced storage technologies has increased. We take a look at the upcoming technologies that will make storage simpler in future

Data growth in any organization is an irreversible process. You can control and manage data, but you can't reduce it. Hence, there will always be the need for efficient ways of storing and managing data. Since data is generated by umpteen types of applications in zillions of formats, some pretty innovative ways are required for storing it. That's why storage has always remained such a hot topic, and it will continue to remain so as long as there's growing data.

Market drivers
The ever increasing amount of data brings with it not only requirements for more storage capacity, but also issues of security, physical space for hosting more storage devices, concerns of managing them, the speed of accessing data, and much more. So much so that storage has become the driver for innovation across so many industries. It has provided an opportunity to the software development world for creating applications to store, back up, retrieve, index, and search data. It has given the security industry an opportunity to find new ways of securing the growing volumes of data. The storage industry itself is coping with the challenge of cramming higher storage capacity in smaller form factors. The growing volume of data is also creating opportunities in the storage management and virtualization space.


Even the consumer electronics industry is banking on storage, because most consumer appliances and even digital gadgets require lots of it.

MP3 players, smartphones, digital cameras and camcorders, Digital Video Recorders, are just a few examples that require storage.Plus, storage is also driving niche markets like IP Surveillance.

Glimpses 2007
1) Hard drive capacities hit the 1 Terabyte mark.
2) Tiny personal NAS boxes became ubiquitous this year. New security standards emerged for encrypting data at rest, like the IEEE 1619.3.
3) Email archival solutions became widespread
4) USB based flash drive capacities exceeded 4 GB.
5) NAS boxes, ILM, Continuous Data Protection, Document and Content Management Systems were on the purchase list.

Hot trends this year
We've had a pretty eventful year as far as storage goes. Several foundation stones have been laid this year that will set the tone for things to come in the future.

While the trend of increasing capacities and reducing costs in hard drives has been around for a long time now, this year they finally hit the 1 TB mark. In fact, the competition to bring out higher capacity drives has become very similar to the GHz wars of the past in microprocessors, which continued until they reached the limit. Thankfully, hard drive capacities have not yet reached their limits. We'll see capacities beyond 1 TB in a single hard drive in the coming years.

Solid State storage drives also hit the market this year, and many laptop vendors launched their models with them. So imagine a laptop with no magnetic hard drive-just a single solid state drive with flash memory inside and a SATA interface. The technology behind high capacity solid state drives is NAND, which stands for 'Not AND'. In the digital world, NAND is a kind of logic gate.

Jargon Buster
Storage Terms you should know for next year

1) ILM (Information Lifecycle Management): A comprehensive approach for administering Storage systems on computing devices. The information system's data and associated metadata are effectively managed right from its creation and initial storage, till the time it becomes obsolete and is deleted.
2) CDP (Continuous Data Protection): It is nothing in line with traditional back up or RAID/replication/mirroring. It refers to backup of data in such a manner that every change made to the data is automatically saved. Essentially it captures every version of the data that the user saves. You can restore data to any point in time.
3) Storage Virtualization: Commonly used in Storage Area Network, it is mainly the pooling of all physical storage from various network devices into what appears to be a single storage device which is managed from a central console.
4) VTL (Virtual Tape Library): It's mainly a virtualization technology for data storage used primarily for data backup and recovery purposes. It presents a storage component as a tape drive or library for use with existing backup software.
5) SSD (Solid State Drives): A data storage device which uses solid-state memory to store persistent data. SSDs comprise of NAND flash which is non-volatile or SDRAM which is volatile. They are already available as 32GB SSD and 64GB SSD from various vendors and 128GB will be available soon. Super Computers.

So in effect, storage has become even more ubiquitous than before. Just about every industry demands it today for different applications. In enterprises, branch office automation led to the need for anytime anywhere access to data, which made the concept of Wide Area File Services more popular. Data center consolidation and infrastructure centralization led to greater demands for more storage and backup. The need to standardize and comply led to the popularity of email archival solutions, and even new data encryption technologies.

Network Attached Storage, or NAS for short, saw terrific growth this year. In fact, the interesting thing about this market was that NAS boxes became available for everyone, right from personal users to data centers. Interestingly, 1 TB NAS for personal use or for small offices became commonplace this year.

Information Lifecycle Management solutions were also on top of the storage purchase chart for many enterprises. Likewise, several other storage terms were pretty common place this year. There was a lot of interest in Continuous Data Protection or CDP for instance. With growing amount of content, organizations started considering content and document management solutions.

Key Predictions for the future
Now we come to the exciting part. What all can you expect in the storage arena next year. So here's our list of predictions to help you be prepared for next year:

Storage Virtualization implementations will rise
This is one of the most talked about areas in storage for a long time, and has not been able to take off as well as its cousin in the server world. This year saw some traction in storage virtualization, with vendors introducing many new products and early bird implementations. So the momentum has just started, and we're likely to see a lot more action in storage virtualization next year. While considering storage virtualization, don't get blinded by its benefits. Look at the other side as well. That's because it's not as easy as adding an abstraction layer on top of your existing heterogeneous storage infrastructure and have a virtualized storage environment. Be prepared to add more storage equipment to manage your existing ones. Likewise, there are many different ways of doing storage virtualization, and choosing the right one requires a discussion in itself.
Solid State drives will become more commonplace
We all know that solid state memory is much faster than magnetic memory. It has no moving parts, runs at much higher speed, and is not affected by wear and tear. That's why RAM is faster than a hard drive. However, solid state memory is also much more expensive, which is why we don't see everyone rushing to replace all magnetic storage with it. But there are quite a few interesting developments in this area. Many notebooks vendors this year started shipping their products with solid state drives inside. A race has started amongst memory manufacturers to introduce higher capacity solid state drives, with the latest being A-Data's 128 GB SSD.

Currently, if you were to buy a laptop with a SSD inside, then you have to shell out at least 40-50K extra for it. But the growing competition amongst flash drive manufacturers and economies of scale will eventually bring down prices, and you might find lots of SSD based notebooks in the market next year. The advantages are many. SSDs are thinner, lighter, and faster, which should improve system performance, make notebooks lighter and perhaps more power friendly as well.

A peek into the future
1) Storage virtualization will become widespread.
2) Solid State drives in notebooks will become common place.
3) Hard drive capacities will reach 2 TB+ range for desktops.
4) Virtual Tape Libraries will become more common.
5) Full Disk Encryption or FDE based drives will hit the market for data centers.

Full disk encryption based drives will emerge for storage security
One of the biggest challenges most organizations are facing today is securing their ever growing volumes of data. This is becoming even a bigger concern with so many laptops being used amongst organizations. Plus of course there's all the data being backed up to tape drives. All this data in computers, which is not travelling across a network is known as data at rest. The answer to doing this is to encrypt it. There are many ways of doing this, and we've seen many attempts at it over the past few years with vendors introducing various types of solutions for doing so. There are software programs that encrypt data on the fly, and even appliances that encrypt data before backing it up. This year however, another technology has started gaining ground, which aims to build encryption capabilities within the hard drive itself, a concept known as Full-Disk Encryption or FDE. This is currently being backed up by Seagate, IBM, and LSI, and even IEEE is creating a management standard, called 1619.3, to ensure interoperability.

If everything goes well, then you should see FDE based drives shipping next year. The logic behind having FDE based drives is also quite strong. If the logic of encrypting all data lies within the hard drive controller itself, it will improve performance. Moreover, even as more drives get added, the performance won't degrade because each drive will be handling its own encryption.

VTLs will grow in popularity
This is one area that's becoming strong competitor to tape based backup. Virtual Tape Libraries will become more popular next year, as vendors gear up with more offerings.

Storage has become so ubiquitous and there have been so many developments around it that one can go on and on talking about them. But we'll end the discussion here and bring you more news on it in our forthcoming issues.

Laptop Security Basics

Laptop security basics

There are some rudimentary steps that you can take to prevent your laptop from being stolen.

Use the features of your operating system

If you have chosen an operating system that has in-built security features (Windows 2000 Professional and Windows XP Professional are examples) then do not be afraid to use them. Features may include secure logon, file level security, and the ability to encrypt data.

Use the BIOS password

It would be unwise not to protect the BIOS. Find out whether the BIOS will also protect the hard disk drive to stop it from being used in another machine. Another tip is to find out what the procedure is for resetting the BIOS password. If it has to be sent back to the manufacturer, so much the better, as that will afford some protection, as a thief is unlikely to do that. Some will offer an in-the-field work around, which might make it attractive to a thief.

Your laptop's serial numbers

It is written down, right? And stored in a safe place? Good. That will help the police return it to you should it ever be recovered by them.

Use some form of permanent marking on the laptop

Engraving your company name on the case of the laptop with an address or contact number, or both, may increase the likelihood of getting the laptop returned to you if it is stolen and recovered (or, if by some accident, you forget it). Commercial asset tags are also a great aid to the police to return the laptop to you. It may also serve as a deterrent to the casual thief if the choice is between stealing a marked laptop or an unmarked laptop. Why? They cannot sell it using an online auction so easily. Also, travelling through airport security means that someone is also less likely to pick up your laptop accidentally. Information freely available on the Web suggests that 97% of stolen laptops are never recovered.

Use the manufacturer's registration scheme

Most people ignore registration because they think that it is likely to lead to spam. However, remembering that thieves are usually not smart, one might be unintelligent enough to send it in for service or to reset the BIOS, so having it registered with the manufacturer might prove valuable if you alert them to the fact that it is stolen.

Cable lock

Most laptops have a Universal Security Slot (USS), also known as a Kensington Security Slot (sometimes referred to as a K-slot or Kensington Slot). Will it stop bolt cutters? Unlikely. Will it stop a casual thief that just happened to be walking past your hotel room while room service had propped the door open, and then gone off to get more towels? Probably. And make sure to secure it around a strong, immovable, indestructible object. Also use it in the office. What percentage of laptop thefts occur in the office? (See below for answer).

Docking station

Use a docking station that is securely fastened to your desk. If it also allows you to lock the laptop in place, so much the better. This is especially important if you are leaving the laptop overnight, or longer. Better still, lock it in a strong cabinet if at all possible.

Personal firewall

Use a third-party firewall to prevent hackers from hacking into your laptop, and maybe into the company network. If you do disable it for any reason, do not forget to turn it back on.

Biometrics

If your laptop has this capability, then familiarize yourself with them and then use them. Your fingerprint can be your logon ID in place of a password.

Tracking software

There are companies that offer tracking software, allowing your laptop to regularly ping a tracking center with a signal that allows it to be traced. If the laptop is stolen the company will work with law enforcement to trace your laptop.

Laptop case

It might look chic to have the latest designer laptop case or manufacturers case, but nothing sends out a better signal to a thief than an ostentatious display, which may include your company logo, elite looking luggage tags, your business card embossed in plastic that gives a thief a clue as to the likely worth of the contents. There are nondescript backpacks that have padded sleeves to hold a laptop safely. A backpack is useful for going to the restroom without having to put your case down. For the ultra-security conscious, buy little padlocks to lock the zips so that no-one can get into the backpack quickly, steal the laptop, and then zip it back up again.


Passwords

Make them a combination of numbers and letters so that they are harder to crack. Do not leave the password on a Post-It on the laptop (it does happen).

Encryption

Always encrypt sensitive, personal, confidential data and leave the password with a trusted source if you need to. If you do not know how to encrypt files, then learn.

Back up your hard drive

At the very least, back up your hard disk drive before you travel.

Web 3.0

Just in case you missed it, the web now has version numbers. Nearly three years ago, amid continued hand-wringing over the dot-com crash, a man named Dale Dougherty dreamed up something called Web 2.0, and the idea soon took on a life of its own. In the beginning, it was little more than a rallying cry, a belief that the Internet would rise again. But as Dougherty's O'Reilly Media put together the first Web 2.0 Conference in late 2005, the term seemed to trumpet a particular kind of online revolution, a World Wide Web of the people.

Web 2.0 came to describe almost any site, service, or technology that promoted sharing and collaboration right down to the Net's grass roots. That includes blogs and wikis, tags and RSS feeds, del.icio.us and Flickr, MySpace and YouTube. Because the concept blankets so many disparate ideas, some have questioned how meaningful—and how useful—it really is, but there's little doubt it owns a spot in our collective consciousness. Whether or not it makes sense, we now break the history of the Web into two distinct stages: Today we have Web 2.0, and before that there was Web 1.0.
Which raises the question: What will Web 3.0 look like?
Yes, it's too early to say for sure. In many ways, even Web 2.0 is a work in progress. But it goes without saying that new Net technologies are always under development—inside universities, think tanks, and big corporations, as much as Silicon Valley start-ups—and blogs are already abuzz with talk of the Web's next generation.

The problem is that a complete reannotation of the Web is a massive undertaking. "The Semantic Web is a good-news, bad-news thing," says R. David Lankes, an associate professor at Syracuse University's School of Information Studies. "You get the ability to do all these very complex queries, but it takes a tremendous amount of time and metadata to make that happen."
To many, Web 3.0 is something called the Semantic Web, a term coined by Tim Berners-Lee, the man who invented the (first) World Wide Web. In essence, the Semantic Web is a place where machines can read Web pages much as we humans read them, a place where search engines and software agents can better troll the Net and find what we're looking for. "It's a set of standards that turns the Web into one big database," says Nova Spivack, CEO of Radar Networks, one of the leading voices of this new-age Internet.
But some are skeptical about whether the Semantic Web—or at least, Berners-Lee's view of it—will actually take hold. They point to other technologies capable of reinventing the online world as we know it, from 3D virtual worlds to Web-connected bathroom mirrors. Web 3.0 could mean many things, and for Netheads, every single one is a breathtaking proposition.

Tim, Lucy, and The Semantic Web The Semantic Web isn't a new idea. This notion of a Web where machines can better read, understand, and process all that data floating through cyberspace—a concept many refer to as Web 3.0—first entered the public consciousness in 2001, when a story appeared in Scientific American. Coauthored by Berners-Lee, the article describes a world in which software "agents" perform Web-based tasks we often struggle to complete on our own.

The article begins with an imaginary girl named Lucy, whose mother has just been told by her doctor that she needs to see a specialist. "At the doctor's office, Lucy instructed her Semantic Web agent through her handheld Web browser," we read. "The agent promptly retrieved information about Mom's prescribed treatment from the doctor's agent, looked up several lists of providers, and checked for the ones in-plan for Mom's insurance within a 20-mile radius of her home and with a rating of excellent on trusted rating services."
That's quite a mouthful, but it only begins to describe Berners-Lee's vision of a future Web. Lucy's Semantic Web agent can also check potential appointment times against her mother's busy schedule, reschedule other appointments if need be, and more—all on its own, without help from Lucy. And Lucy is just one example. A Semantic Web agent could be programmed to do almost anything, from automatically booking your next vacation to researching a term paper.
How will this actually work? In Berners-Lee's view, it involves a reannotation of the Web, adding all sorts of machine-readable metadata to the human-readable Web pages we use today (see "Questions of Semantics," opposite). Six years after the Scientific American article, official standards describing this metadata are in place—including the Recourse Description Framework (RDF) and the Web Ontology Language (OWL)—and they're already trickling into real-world sites, services, and other tools. -Semantic Web metadata underpins Yahoo!'s new food site. Spivack's Radar Networks is building a kind of Semantic Web portal. A development platform, Jena, is in the works at HP. And you'll find Semantic Web structures in Oracle's Spatial database tool.

The problem is that a complete reannotation of the Web is a massive undertaking. "The Semantic Web is a good-news, bad-news thing," says R. David Lankes, an associate professor at Syracuse University's School of Information Studies. "You get the ability to do all these very complex queries, but it takes a tremendous amount of time and metadata to make that happen."

The Vista brute force keygen

The Vista brute force keygen - Updated by ZDNet's Adrian Kingsley-Hughes -- UPDATED Over on KezNews.com a brute force method for acquiring a usable product key for Microsoft's Vista platform has been released. I can confirm that this method works (for now at any rate), but I don't think that Microsoft has much to worry about.

Firefox 2, Internet Explorer 7

OK, it's official: With today's release of Firefox 2, we have final shipping versions of the two biggest browsers for Windows. My colleague Erik Larkin's extensive review of both Firefox 2 and Internet Explorer 7 has been one of the most popular stories on our site over the past week, and I'm not going to duplicate it here. But after having spent months running beta versions of both--when it comes to browsers, I've always been pretty transient--I do feel like thinking out loud briefly about where the browser war stands.
(I apologize, Opera fans, for leaving Opera 9 out of this discussion-and promise I'll come back to it before too long.)
For the first time since the bygone days when IE 4 battled with Firefox granddaddy Netscape Navigator 4, we have a real battle. (For years, IE didn't face truly serious competition--then Firefox 1.0 came along, and suddenly there was no question that it was the best browser for most people.)
In Internet Explorer 7, we have a Microsoft browser that has no glaring deficiencies--which doesn't sound like much of a compliment, but it's more than you could say about IE 6. But here's a compliment that really is complimentary: It's inched ahead of Firefox in a few respects. It's got a better printing engine. Its zoom feature lets you resize Web pages onscreen, while Firefox can only resize text, not graphics. And I like how IE now lets you see thumbnails of all the pages in all your open tabs at once. I wish Firefox 2 had all these items built in.
But the funny thing is, Firefox 1.5 already has some of these features--and dozens more that neither Microsoft nor Mozilla has gotten around to implementing--courtesy of the array of amazing extensions that let you customize the browser to a fare-thee-well. (My current fave: Google Browser Sync, which lets you turn all your copies of Firefox on all your computers into clones of each other with the same bookmarks, cookies, and other settings. It alone is a compelling argument for choosing Firefox over IE 7.)
While some extensions aren't yet compatible with Firefox 2, they're the single biggest reason to opt for Firefox over IE 7. There are IE 7 add-ins out there, too, and Microsoft is cultivating the development of more. But for now, Firefox is easily the more vibrant development platform, and it does all its good stuff not only in Windows, but in OS X and Linux, too.
As my Computerworld colleague Scot Finnie says in his Firefox 2 first look, the Mozilla upgrade is no giant step beyond Firefox 1.5. Is it a must for 1.5 users? Yeah, as long as you're not dependent on any extensions that don't work yet. Features like search suggestions that appear as you type in the search box, spell checking, better RSS support, and additional tab-related conveniences aren't life-changing, but I use most of 'em almost every day, and they all make my time online more productive and happy.
Which isn't, sad to say, true of every change in IE 7. Why did Microsoft turn off menus by default (without replicating all of their functions with toolbars), put the menu bar under the address window even when you do turn it on, and move the refresh button from its traditional location to the left of the address bar over to the right? I've asked multiple Microsoft executives about these changes, and the answers, which have ranged from, essentially, "I can't remember" to "For consistency with Windows Vista," have never been entirely satisfactory.
Change for the sake of change is par for the course with a Microsoft upgrade. And there's a fair amount of it in IE 7, while things that cry out for fixing, like the browser's convoluted configuration settings, haven't gotten the attention they deserve.
(Side note: If you use IE 6 and decide that you'd prefer for menus to live under the address bar, it's easy to drag them there. But this customization feature, along with other interface-tweaking options, is gone in IE 7; there's no way to move the menus back to where they sit in 99.9% of the planet's other applications.)
So do I have a personal answer to the question "What's the best browser?" Ultimately, I agree with Erik's take: Overall, Firefox maintains a lead, even though it's not gigantic and isn't there in every aspect of the browser. Like Erik, I think it's a good idea for anyone who's moving from IE 6 to try both IE 7 and Firefox 2.
And I'm still fascinated by one question: If Firefox had never cut sharply into IE’s market share, would Microsoft ever have gotten around to bringing its browser into the modern age?
Comments
You talk about how IE is for the user, but Nothing about if Microsoft has finally decided to follow internet standards of Cascading Style Sheets, HTML or just continue to bully the webdesigners to design for IE.
Firefox follows standards and for that reason alone I chose FF. I truly despise Internet Explorer for the vulnerabilities and for it's interpretations of webpages.
You say IE has a fighting chance? I doubt it. I'm installing Firefox on every client PC I'm selling and removing all traces of IE. When I tell my clients it's because IE causes too much problems (spyware etc) they are more then happy enough. And they also love the Tabbed browsing.
Bye bye IE.
Fable
October 24, 2006
10:42 PM PT
I can think of one huge reason not to use IE 7: It has the worst implementation of tabs of ANY of the major browsers available (for any OS).
1) They are huge in size (is MS officially endorsed by Fisher Price?). I use a browser to view web pages, not to view chrome.2) The bar is too small, not only are the tabs huge but the annoying buttons steal a quarter of the tab bar.3) You can not open multiple tabs from the tab tool bar (and I am not using the left panel and arrow).
All in all, I feel that IE 7 has the worst user interface of any software that I have seen in years. I think that a lot of users will be mad when Windows Update automatically pulls this one down. I have recommended that my office hold off to deploy this so that we are prepared for the training issues. This GUI is just bad.
jdawgnoonan
October 24, 2006
10:43 PM PT
I think one of the key differences is that you can use IE7 ONLY on the most recent releases of Windows (XP Service pack 2, and some releases of Windows 2003). Surprisingly, Windows 2000 is not supported. As usual, if you want to use the latest Microsoft software, you need to upgrade your operating system (ie: spend some $$).
pmundkur
October 25, 2006
2:11 AM PT
I have abandoned IE on my entire network in favor of Firefox for about a year now with no regrets. My clients, after minimal training, appreciate the customization that Firefox provides them. I appreciate not having to logging in to find yet another IE vulnerability needing another patch. Slowly, Microsoft is losing it’s desirability as users become more technically savvy.

IBM goes public to collect ideas

Company narrows 37,000 concepts from global brainstorming session to 30 marketable plansBY JON VANPublished October 1, 2006
YORKTOWN HEIGHTS, N.Y. -- Don't tell Sam Palmisano that old saw about too many cooks spoiling the broth.Last spring, after having seen an array of IBM's cutting edge research, IBM's top executive ordered a high-tech brainstorming session stretching across 77 countries and involving 53,000 people.IBM employees are still analyzing the fruit of Palmisano's session, 37,000 ideas. But by November, they expect to launch some new products, businesses or services stemming from the exercise, which Palmisano dubbed InnovationJam.Over the next two years IBM expects to spend as much as $100 million taking InnovationJam ideas to market."Innovation today is changing radically," said Palmisano, who noted that using conventional methods IBM regularly wins more new patents than any other U.S.-based company. But even so, the company probably isn't keeping up with competitive pressures, Palmisano decided."So, I thought, let's expose these advanced projects to all of our employees around the world, and some clients and business partners, too--even our own families--and see what they come up with."IBM managers, scrambling to come up with a context for the discussion, built several Web sites to give participants information about technologies in the company's pipeline--things like supercomputing, real-time foreign language translation and advanced water filtration based on nanotechnology.Here they comeBy July, the jam's first phase was on. Ideas flowed in online from around the globe as well as from employees at 67 companies allied with IBM and some spouses and offspring of IBM employees.IBM managers then used automation to winnow the 37,000 offerings down to 300 defined ideas. Finally, more than 50 employees came to IBM's Watson Research Center to work in teams for most of a week to further combine and trim ideas to around 30."The majority of ideas contributed in any brainstorming situation aren't all that good," said Edward Bevan, IBM communications vice president and a jam leader. "They're either naive or misinformed or they failed before with good reason."Without advanced technology to help toss out bad ideas, a global-scale project such as this would be impossible, said Cathy Lasser, IBM vice president for industry solutions and emerging technologies. "Especially working in this time frame required automation," she said.In mid-September, the jam's second phase commenced. Participants scrutinized the 30 proposals, wrote business plans and suggested market strategies."It won't take long for them to declare this a success," said Marc Knez, a clinical professor of strategic management at the University of Chicago's graduate business school. "How many products do you need to get to market to call it a success?"IBM isn't alone in seeking to tap knowledge from workers throughout its sphere, said Knez. "It's a common problem for large tech companies," he said. "They want to leverage knowledge within and at the edge of the organization."Still, IBM's effort is unprecedented in its scope and scale, Knez said, and it has the support necessary to succeed since the firm's chief executive initiated it.A key part of the jam was that ideas came from people working at all levels and that the ideas stood on their own merits."There's no hierarchy to this kind of creative collaboration," said Palmisano. "Whether you're a senior executive, a scientist, a business consultant or even a 13-year-old child of an IBMer, everyone gets to be heard."A veteran of corporate brainstorming agrees."Our experience is that good ideas can come from just about anywhere within the organization," said Charles Holland, president of QualPro, a business consultancy based in Knoxville, Tenn., that regularly employs brainstorming. "We keep coming up with instances where the best ideas come from people low in an organization, the ones doing the actual work."This can offend the graduate-level engineers and technical people, but we've seen it again and again."`Great morale builder'Another upside, Holland said, is that "it's a great morale builder. People feel part of the team and support the work, even when their ideas don't get adopted, because they got to supply their ideas."There may be some downside to IBM's project, said Scott Stern an associate professor of management and strategy at Northwestern University's Kellogg School of Management."You can't get 53,000 people to sign nondisclosure agreements," Stern said. "So there's a danger that by revealing your emerging technologies and possible applications to so many people, someone else could take the ideas and develop them.

Press your lips to your cellphone, send your lover a kiss

Touch screen developer Synaptics and industrial design house Pilotfish have teamed up to demonstrate a new touch-sensitive cellphone user interface able to recognise pointing, tapping, complex gestures and proximity to the user's cheek.This, they say "creates new possibilities such as assigning functions to two-finger taps, closing tasks by swiping an 'X' over them, sending messages by swiping them off the screen, or answering a phone by holding it up to your cheek."They suggest that their 'concept device', dubbed Onyx, will enable cellphone manufacturers to "visualise a fundamentally new form of user interface for mobile phones."For example, a phone using the technology could, they say, recognise rough shapes and be capable of sending "an emoticon style kiss message" in which the recipient would see an image of the sender's lips kissing the phone!The key to Onyx is Synaptics' ClearPad, an optically clear, capacitive touch screen 0.5 m thick that would be overlaid above the display screen of the phone. This would completely replace mechanical input keys and, the developers claim, be "more intelligent than conventional touch screens." According to Clark Foy, vice president of Synaptics, "The Onyx phone is a breakthrough illustration of how advances in interface technology and collaborative design will drive the future of mobile interactions and services."

Microsoft Fixes 23 Security Flaws

Microsoft Corp. today released free software updates to fix nearly two dozen security holes in its Windows operating system and Microsoft Office products. At least 17 of the 23 flaws could be exploited by attackers to hijack vulnerable systems or to install malicious code, the company warned.
Dig through the details of the advisories and you will see that instructions showing would-be attackers how to exploit at least nine of the flaws have already been posted online. Microsoft also said it has seen at least three of the flaws being actively exploited in the wild. As usual, updates are available via Microsoft Update (Internet Explorer required) or through automatic updates.
Microsoft typically lists its security advisories each month in the order of most to least severe, and the first flaw detailed in today's patch bundle fixes a problem in the Windows "server service," which facilitates file-sharing among Windows systems that reside on the same network. This highly "wormable" bug is mainly a big deal for businesses, since it is most severe on Windows 2000 systems (most common in corporate environments). Also, many Internet service providers filter file-sharing requests between customers, but file-sharing is almost always turned on inside corporate networks.
The SANS Internet Storm Center, which was credited in part with the discovery of this flaw, reported evidence of it being exploited publicly as early as June 30. According to SANS, Microsoft replied that it was already aware of the flaw at that time. I understand the Department of Homeland Security's Computer Emergency Readiness Team (US-CERT) is set to release more information about this flaw later today. Of course, Security Fix will update this blog in the event that the DHS advisory adds any new wrinkles.
The next most serious advisory details two very dangerous vulnerabilities resident in Windows 2000, Windows XP and Windows Server 2003 that attackers could exploit merely by inducing a user to visit a malicious Web site. Microsoft said these flaws also could be exploited when a user opens a specially crafted e-mail or views one in the e-mail preview pane.
It wouldn't be a Patch Tuesday without a huge rollup for Microsoft's default Web browser. The IE patch fixes a total of eight vulnerabilities, five of which are especially serious -- depending on which version of the browser you're using and which version of Windows. One of the IE glitches, a problem with the way file transfers work, was originally reported to Microsoft in 2004.
Microsoft also fixed three critical vulnerabilities in versions of its Office software, including two that are actively being exploited to break into and steal information from vulnerable computers. One fixes Office 2000, Office XP and Office 2003, as well Microsoft Office and Powerpoint versions for Mac OS X (see the advisory for Mac Office download links). The second update addresses flaws in Office 2000 and XP, as well as Microsoft Project, Visio, Works and Visual Basic (see the advisory for links to those individual products).
Keep in mind that if you are using Office 2000 you will not be able to get those fixes through Microsoft Updates or through automatic updates. Office 2000 users will need to visit Microsoft's Office site and click on the "check for updates" link in the upper right corner of the screen. Office 2000 users who do not have their installation CD handy should be able to install the updates by choosing "no" at the "Do you have your Office product CD?" prompt.

Microsoft Patches Newest 'Dirty Dozen'

Microsoft (Quote, Chart)released 12 patches aimed at resolving multiple security risks discovered in its operating system and popular Office suite.
Nine of the 12 security updates were deemed "critical," affecting various Windows components, as well as two Office applications previously known to be vulnerable.
The remaining three patches involved "important" security issues, such as remote code execution or elevated user privileges.
Several critical patches revisited flaws previously discovered in applications, such as PowerPoint, Outlook Express and Internet Explorer.
Another patch addressed flaws in a core Windows component already exploited in the "wild," according to a security researcher.
Steve Manzuik, research manager of eEye Digital Security, called MS06-40 important because the flaw in the Windows Services could allow attackers to take control of systems running Windows XP, Windows Server 2003 and Windows 2000.
Internet Explorer was the subject of a cumulative update answering eight critical flaws affecting IE 5.01 and IE 6 for Windows XP, Windows 2003 and Windows 2000.
The vulnerabilities include remote code execution, raised user privileges and information disclosure.
Today's patch MS06-42 replaces the MS06-021 security bulletin issued April 11.
The new patch re-enables ActiveX control handling disabled by the previous security bulletin.
A fix for a previously reported PowerPoint vulnerability was also part of the dozen patches released today.
Today's patch, MS06-048, replaces MS06-38, a security bulletin released in July.
The new patch is of critical importance for PowerPoint 2000 users, as well as for XP and 2003 PowerPoint systems.
Those using PowerPoint for the Mac should also download the patch, according to Microsoft.
A flaw in Outlook Express 6 for XP Pro and XP Service Pack 2, as well as Server 2003, could allow a remote attacker to run malicious code.
The MS06-043 critical patch resolves the problem, according to the software maker.
Rounding out Microsoft's "Patch Tuesday" event were two security updates ranked "important" for Windows users.
This month's dozen patches follows seven patches released in July to fix more than 10 security problems