Time traces

Google has agreed to license imagery for their mapping products from a satellite due to launch on September 4th. This new satellite can take detailed imagery for an area the size of Delaware in one day. What does that mean? Well, you could get high resolution pan-sharpened imagery for the entire country in around 30 days. Impressive.

The level of detail will be approximately 50cm per pixel — that’s just under 20 inches. If you want to see what that looks like, take a look at this. Imagine having a Google Maps/Earth content that is this detailed, 100% complete and updated once a month — that’s powerful stuff.

“The GeoEye-1 satellite has the highest ground resolution color imagery available in the commercial marketplace and will produce high-quality imagery with a very accurate geolocation. It is our goal to display high-resolution imagery for as much of the world as possible, and GeoEye-1 will help further that goal.” — Kate Hurowitz (Google)

And for bragging rights, Google’s even got their logo on the side of the rocket as pictured above.

Open Health Tools, the open source project launched this spring by Eclipse founder Skip McGaughey, has gotten its first big code donation.

It’s called Open HIE, or Open Health Information Exchange. It consists of modules to link a master record to personal information, and to retrieve records from known locations.

The donor is the California Healthcare Foundation, and the donation was midwifed by two important open source companies, CollabNet and Palamida.

CollabNet provided its development platform to the project, and Palamida has already done a code review on the donated code base.

The software itself is descended from code used to create the failed Santa Barbara County Care Data Exchange in 2006. The idea of Regional Health Information Organizations (RHIOs) has since spread nationwide.

Most enterprises, and most individuals, use a small number of open source projects.

LAMP stacks are big. CRM and ERP systems, based on databases, are also big. Applications like Firefox, Open Office and The Gimp are very, very big.

But there are many, many smaller projects, with specialty capabilities used by only a few. How do you get support on them?

The simple answer is to contact the developer and offer to write a check. But the skills of a good developer and a good support person are different. Few good developers have patience for stupid people with questions.

Roberto Galoppini and I chatted about this yesterday. I smelled an opportunity. He expressed reservations.

The context of this was an OSCON meeting which Roberto attended where the Open Solutions Alliance indicated that most open source customers use at least one product from this “open source long tail.”

Dominic Sartoro called this the “open source mediation conundrum” and it bears watching. Because, as Roberto notes, software has to work together or the whole system crashes. It’s not like books or music where long tail products just need shelf space.

Proprietary companies have a simple solution to this problem. They limit their product lines. Open source does not have that luxury.

So how do we support the long tail of open source?

The beta of Firefox 3.1 has been pushed back to mid September.

At the Mozilla group’s weekly meeting Tuesday, one developer said “there is a big gap between the features planned for 3.1 and what will make it if we freeze on the 19th.”

Some of the features planned for 3.1 — including bulk tagging, Javascript enhancements, cross-site XHR and workers threads — are not going to be ready by the end of the month.

Since the team is pushing back the beta code freeze for three weeks, users won’t have it in hand until mid next month.

The Firefox team originally planned to freeze the beta code on August 19th but have now set the date for beta freeze on September 9. In the interim, the team will freeze the code for alpha 2 on the 19th.

Alpha 1 was released on July 28th.  Beta 1 is now tentatively scheduled for September 9th.  Based on the input during the 75 minute meeting, the pushback has more to do with the heaver summer vacation period than technical difficulties.

Things aren’t getting better for Microsoft’s oft-maligned Vista OS - released nearly one year and half ago. Last month, just days after Microsoft’s PR machine began bragging nearly 180 million licenses of Vista have been sold, the tech site APC diminished those bragging rights reporting Hewlett-Packard (number one in PC sales worldwide) is still “overwhelmingly” shipping system pre-loaded with XP over Vista.

Dan Warne, of APC, reports HP is indeed selling Vista licenses but preloading almost all its machines with XP. That wasn’t a talking point in Microsoft’s Vista PR campaign.

On June 30, Microsoft officially killed XP in favor of Vista, but left a loophole for customers to be able to buy a Vista license and then downgrade to XP until 2009. Reacting to customer demand, HP has taken full advantage of this technicality, which begs the question of how many other computer makers are doing the same thing?

Microsoft has spent a lot of time and money working on damage control for its Vista OS since its debut last year. Redmond recently started a mammoth $500 million advertising campaign to battle back Apple’s growing market share and to defend Vista. Microsoft’s first phase of this new campaign is its own version of the Pepsi challenge called the Mojave Experiment.

This just in from the Black Hat security confab currently taking place in Las Vegas: Dan Kaminsky, a well-known IT security researcher, disclosed his findings around the Domain Name Server flaw, (or DNS cache poisoning vulnerability), and where it can bite. Tim Wilson of Dark Reading reported on Kaminsky’s presentation, who said the flaw enables attackers “to exploit the DNS design to quickly guess the transaction ID of an address query and potentially re-route the user to an unexpected domain.”

(For more details, ZDNet colleague Ryan Nariane provides an interesting behind-the-scenes look at the politics and posturing that took place behind the vulnerability, and ensuing July 8th patch release to help mitigate the threat.)

As Kaminsky put it, there are apparently implications for companies SOA-enabling their applications. As relayed by Tim Wilson, Kaminsky said the problem extends far and wide across the enterprise:

“While most early discussions focused on Web surfing and the potential hijacking of users’ browser sessions, Kaminsky today pointed out that DNS address queries are embedded in a wide variety of applications and services that had not entered the conversation previously.

“The Internet is more than just the Web,” Kaminsky said. “HTTP is used in more than just the browser.”

Most email systems, for example, contain DNS lookup capabilities and even their own name servers, Kaminsky observed. “Email servers are awesome at doing DNS lookups,” he said. “They will do a DNS lookup for any reason at all. And your spam filter will not stop this problem.”

Many enterprises also believe that their internal DNS environments will not be vulnerable, Kaminsky observed. But many internal environments also work with external DNS servers, and even if they didn’t, most internal environments are also connected to DNS servers used by customers or suppliers, he noted.

The DNS flaw can affect any system that uses the Internet, including older applications such as FTP that are still widely used, Kaminsky noted. Back-end IT systems such as Telnet, SNMP, authentication servers (such as Radius), backup and restoral systems, and even service-oriented architecture (SOA) environments all use DNS, and could be subject to attack via the newly discovered flaw.”

Interesting stuff, and a reminder that SOA means security needs to be a holistic enterprise commitment. Especially since organizations will be relying more on services that not only come from other parts of the organization, but from outside the firewall, too. Be sure to practice “Safe SOA…”

PCWorld is reporting that US buyers won’t get a chance to purchase Lenovo’s least expensive netbooks slated for release this fall. While higher-end models of their new S10 IdeaPads with 10.2 inch screens and Windows XP will be selling in the States, buyers in every other major market will have access to 8.9″ screen models running Linux.

While we can only speculate regarding what the cost would be for the smaller model here in the US, according to Lenovo’s press release,

Without the Windows tax and using a smaller LCD, a $300 price tag is not out of the question on a machine that weighs only 2 pounds and is an inch thick. Having reviewed the 8.9 inch screens on Intel’s second-generation Classmates extensively, I can say with great assurance that LCDs of this size would be highly usable for students K-12.

Even with a more conservative estimate of $350 per machine (and the ability to ditch XP Home, which really has no place in an educational enterprise), these savings add up quickly.

When are folks going to learn? Linux is your friend on a netbook. Save the cash, buy more computers, get more kids online, and don’t waste money on anti-malware products. Come on, Lenovo…even here in the States, we still like a bargain.

McAfee claimed the technology helps define what information needs to be protected without prior investigations into data stores across the network. The company will spend US$46 million on the acquisition.

“Today’s DLP solutions take too long to deploy and obtain results,” said Dave DeWalt, CEO and president of McAfee said in a statement. “With the pending acquisition of Reconnex, McAfee expects to redefine the entire data protection market.”

McAfee’s first segue into the DLP market occurred in February 2007 when it bought Onigma, now called DLP Host, which acts as a server log to monitor data activity, centrally control security policies, and block sensitive data transfers

Regardless of whether NIS deserves it, customers are in fact blaming security suites for sluggish performance. In fact, Symantec has been citing an August 2007 NPD Group market study of customers who switched security suites. It found that of those who switched, 39% blamed performance, 28% blamed functionality, and only 23% pointed to price.

In fact, in NIS 2009, Symantec is covering its butt when it comes to getting blamed for performance drag. Instead of just assuming that your security suite is causing performance degradation, you should be able to check NIS 2009’s version of the Task Manager’s CPU Meter, which should spell out whether Norton or other system components are to blame.

I say “should” because I couldn’t find this feature, even though other reviewers have cited it as being on the main home screen. Ultimately, a support technician told me that the CPU usage meter is found only in the NIS 2009 .61 build but is missing from the later .69 build that I tested. When the final product ships, you should be able to find the meter under Settings –> Auto Protect –> Configure –> Miscellaneous.

So I couldn’t drill down into CPU Meter, but I’m looking forward to seeing it in the final product. I question why Symantec is so thoroughly hiding it away from easy access, however. After all, if security companies are tired of being blamed for poor CPU performance, shouldn’t a don’t-blame-me feature be front and center?

One particularly big performance boost in NIS 2009 comes from what Symantec claims is an industry first: Norton Insight, a technology that identifies trusted files that don’t require a scan, thus drastically whittling down the number of files that require scanning in the first place.

Leveraging data from millions of Norton Community members, Norton Insight lets Norton security products avoid scanning files that are found on most computers and statistically determined to be trusted. Symantec estimates that more than 65% of files will never need to be scanned, but I lucked out: The Norton Process Trust page graphically rendered the pleasing fact that 77% of the files on my system are trusted, leaving a mere 23% that required scanning. NIS 2009 also promises to avoid redundant multiple scans, such as those that occur before, during and after a file is copied.

Symantec has also introduced features such as silent mode, which automatically suspends alerts and updates to avoid interrupting or slowing down games, movies or other presentations.

All in all, performance has improved drastically. After a week of running the beta, I’m no longer interrupted by updates and scans, some of which managed to crash my poky system under NIS 2008. What I’m seeing instead is that after I return from leaving the system idle for any appreciable time, I find a message telling me that updates are being done — updates that stop until I wander off again.

Security software customers are speaking with their feet: They want security updates and other security interruptions out of their faces, and they won’t hesitate to dump their security suites because of performance drag — whether or not it’s actually the security software that’s to blame.

That’s why Symantec is working on the next iteration of Norton Internet Security, NIS 2009, with the mantra of what it’s calling Zero Impact Performance: “Security so light and fast you never even know it’s there — until you need it.”

We’re talking about more than 300 major overhauls that the company asserts will affect almost every aspect of the security suite, from scanning engines to user interface. Symantec says that NIS 2009, released to public beta on July 14 and due to ship in the fall, will include the industry’s fastest protection updates, half the memory usage of its next-most-memory-stingy competitor (Bit Defender IS 08) and a blink-of-an-eye install time of one minute.

Interestingly, Symantec says that underpowered systems with pre-existing performance problems are the root cause of the majority of complaints it receives in its support center every month. A Symantec representative stated that of some 1 million people who contact Norton technical support monthly, 40% are running PCs with 512MB or less of RAM and 75% memory utilization, and another 31% are running with 1GB of RAM and 57% memory utilization.

So in order to test Symantec’s Zero Impact Performance promise, the system I chose to run the beta on was a sputtering lemon — an older, underpowered Windows XP machine with performance problems.

The results? After having suffered far too long under the tyranny of NIS 2008’s constant intrusions and the near-comatose reaction time of an outdated system, I found that the beta actually delivered the goods.

Ready, Set, Go
I installed the NIS 2009 beta and found the security suite already clocking in at impressive speeds. The install time has vastly improved over that of NIS 2008, which takes 30 minutes to install. It took me between three to four minutes, which doesn’t quite hit Symantec’s claimed one-minute install, but I’m not going to quibble over two or three minutes with such a quantum leap in install speed.

The process itself was painless except for a script-loading error, which didn’t interfere with the beta install. The initial, full-system scan took 2 hours, 9 minutes, picking up only two tracking cookies out of 195,176 items scanned.

NIS 2009’s user interface has been overhauled into a sharp, high-contrast and semitransparent screen stripped down to the bare essentials of what most users want to see: computer stats, network stats and a way to quickly access all of the user’s log-in data (featuring a link to a new Identity Safe technology that will lift the hassle of passwords and log-ins off of users’ shoulders).