Wednesday, December 27, 2006

Attention security specialists

NCC AIIM Monthly Meeting, Thursday, January 11, 2006

Can ECM Help Prevent Another 9/11?
Speaker: Paul Garrett, Special Assistant to the CIO, U.S. Department of Justice

The events of September 11, 2001 demonstrated to the nation that a terrorist attack could, in fact, happen on US soil. One of the major lessons learned from that disaster was the need for a centralized repository of up-to-date critical information immediately accessible to Law Enforcement agencies across the nation. NIEM, the National Information Exchange Model, is a partnership of the U.S. Department of Justice and the Department of Homeland Security. It is designed to develop, disseminate and support enterprise-wide information exchange standards and processes that can enable jurisdictions to effectively share critical information in emergency situations, as well as support the day-to-day operations of agencies throughout the nation. NIEM enables information sharing, focusing on information exchanged among organizations as part of their current or intended business practices. Information that is exchanged between agencies can be separated into individual components—for example, information about people, places, material things, and events.

The National Capitol Chapter of AIIM (NCC-AIIM) is proud to welcome Paul Garrett, Special Assistant to the CIO, U.S. Department of Justice, for our January meeting. Mr. Garrett coordinates initiatives to improve information sharing among the nation’s security and law enforcement agencies. Join us to learn how Enterprise Content Management plays a significant role in keeping over 18,000 law enforcement agencies connected and informed.

Nominate your customer

The Federal 100

he Federal 100 recognizes individuals from government, industry and academia who significantly influenced how the federal government buys, uses or manages information technology. Federal 100 winners are recognized for their risk-taking, vision and pioneering spirit in the federal IT community. As always, this program is not about popularity but impact.


The Monticello Award

The Monticello Award recognizes an agency information system that had a direct and positive impact on human lives in 2006. The type of information system is immaterial -- what matters is impact.

In 2006, Federal Computer Week chose not to give a Monticello Award. Instead, we recognized the many systems that helped in the response to Hurricane Katrina.


If your customer looks good you look good.

Systemic risk

Cracks start to appear in credit pipe

Two words you have not heard for a while, save in boring central bank seminars: systemic risk. A couple of weeks ago, there was an indication that it was back. The dollar interest rate 10-year swaps spread widened out by 2.5 basis points on December 7. That may not sound like much but in what has been a very complacent market for the past year it was a five standard deviation daily move, and it tells us that there could be trouble in paradise.


A bad sign. A very bad sign.

2006 tech trends

Government Computer News has 11 trends from 2006. I think they get it about right. My guess is that next year we will be hearing more about collaboration.

Tuesday, December 26, 2006

On a sad anniversary

The South-East Asia Earthquake and Tsunami Blog

Another reason to use text email

DOD bars use of HTML e-mail, Outlook Web Access

Due to an increased network threat condition, the Defense Department is blocking all HTML-based e-mail messages and has banned the use of Outlook Web Access e-mail applications, according to a spokesman for the Joint Task Force for Global Network Operations.


The sudden nature of this has got to be a problem for some offices, but it is a wonder anyone still uses Outlook.

Fix your email

Well done SEC

SEC Freezes Russian Stock Hacker's Assets

What Motown Records can teach 1105 Media

The biggest competition at Motown records was the competition between Motown artists. For example, Smokey Robinson & The Miracles competed directly with The Temptations.

If 1105 Media decides that rather than directly compete, Federal Computer Week and Government Computer News would divide up the work and cover more stories it would be a loss. Superficially it sounds good, but the reality for newsmakers would play out along the lines of “oh Government Computer News did a story last week on the FEA TRM so Federal Computer Week doesn’t want to do another one”. From the newsmaker’s point of view it is better if these two publications remain competitive even if they owned by the same company.

Friday, December 22, 2006

Holiday fun

Dog Hates Tickle Me Elmo Extreme

Shizzu vs Elmo

Tickle Me Elmo and Tatum

Merry Christmas everyone, see you next week.

Five things about me

Tom Murphy has tagged me. I have been fearing this, because I can’t toss off witty remarks on something like this. So this will be a little more clumsy than the others. So that is the first thing, I have no skill for this sort of blog game.

I am a music lover. I studied violin, viola, piano, guitar, and voice. I sang alto in my high school chorus and from time to time in church choir. My favorite composer is Beethoven; that sounds like I never got any farther, but Beethoven is my all time favorite.

My favorite books on business are Think, the Soul of a New Machine, and Money of the Mind. Indeed I like anything written by James Grant. The Levy Institute is my favorite think tank.

My favorite PR blogger is Jim Horton, even though he makes me writhe with envy at his polished writing style. Almost every morning he produces one single elegant pearl of a post.

The dogs I have owned have included a medium sized fluffy black mutt, a rough collie, a black labrador retriever, a pomeranian mix, and the current incumbent, another rough collie. My great regret is that I have never lived where I could have several dogs. If I could, I would live like Squire Western, decorating my home in straw and dogs.

As revenge for making me envious every single morning, I am tagging Jim Horton. And just because they are local boys I am tagging Chris Abraham and Steve at D-Ring.

Thursday, December 21, 2006

Gartner’s blunder

Shel Holtz is much too nice. Gartner’s prediction that the growth of blogosphere will level off is just plain laughable. I try to stay away from predictions because that is the fast and easy way to make a fool of yourself, but this is so obvious.

As Jim Horton often reminds us, we need to watch politicians because they are the innovators in PR. It was the 2004 American presidential election that propelled blogging from early adapter to early mainstream. In 2007 politics will once again be the driver for the exponential growth of blogosphere.

Starting next year, Washington, DC is going to be subpoena city. Representatives John Conyers and Henry Waxman and Senator Patrick Leahy have already announced that they plan to hold investigations. You can be sure that the other chairmen will make, how shall we say, liberal use of their subpoena power.

It is safe to predict that Conyers will use his personal blog to build support for his inquiries, and that thousands will link him. An entire community of blogging will spring up around the House Judiciary committee.

Nor is the power of YouTube lost on anyone, given its role in the recent Virginia Senate election. You can be sure that all these new blogs will follow the proceedings on C-SPAN and quickly upload critical moments to YouTube, embed the link in their blogs, which will then spread virally across blogosphere.

Each of these investigations will attract its own community of bloggers, both supporters and critics. Beyond that, there will those like Adam Kovacevich who will comment on the proceedings from a PR point of view.

There will be bloggers such as your humble servant who will watch the proceedings with an eye for searching out how the concepts of political blogging can be applied to the commercial world. We have already seen some of this with the Motoral Developer Network and the Federal XML Collaborative Wiki. Clearly there will be more group sites of this nature.

One of the readers of the Eschaton blog created an RSS reader consisting of all the blogs kept by Eschaton commenters. It is just a matter of time before technology user groups establish RSS readers consisting of member blogs, or groups of complementary small businesses build RSS readers consisting of their blogs, in an effort to drive traffic and business to their corporate sites.

Aggregators such as BlogNetNews will offer small blogs a platform to build audience, thus increasing the incentive to blog. Tools such as Blogdigger offer individuals the opportunity to their own communities.

All of these factors will drive the continued exponential growth of blogosphere, YouTube, podcasting, and related social software.

Technorati rank

My inbound links are way down, maybe I should bait the blogosphere.

Second life

I haven’t followed Second Life because frankly, it sounds like too much trouble. There also seems to be a problem with act first, think later.

The humble tool that just won’t die

Contrary to what B.L. Ochman and Tom Foremski tell us, the press release is alive and well. Today’s Bull Dog Reporters brings us a useful tip sheet:

ACES Charter Member and Baltimore Sun Copy Desk Chief McIntyre Shares Five Fundamentals Designed to Earn Your Release a Second Look

McIntyre makes five points:
1. Get it right—failure to fact check destroys future credibility.
2. Simplify the approval process—write tight from the outset.
3. Eschew jargon and technical language—write conversationally.
4. Don't oversell or overstate your news—journalists are watching for that.
5. Revisit headlines—be direct and don't fall for "headline-ese."


Anyone who thinks the press release is dead, or that readers do not find such announcements interesting, should check out Potomac Tech Wire, a daily newsletter that consists entirely of press releases. I am reliably informed that its contents are the subject of lively discussion at NVTC events.

All gone

Constantin Basturea appears to have deleted his Headlines from PR weblogs and PR Newswire seems to have shut down their Media Insider blog.

I am sorry to see this because they were my chief source of news about PR.

Update-

Constantin assures me that the PR blogdigger is still up but is experiencing technical difficulties, and will be up again. Moreover it seems that Media Insider has a new URL.

New to me PR blog

Mike's Points

Wednesday, December 20, 2006

Old consulting adage

If you're not a part of the solution, there's good money to be made in prolonging the problem.

Adversarial Information Retrieval

Apparently that is the technical term for spam on the Web (as opposed to Unsolicited Commercial Email, the term for email spam). Matt Cutts alerts us to the Third International Workshop on Adversarial Information Retrieval on the Web. It’s nice to know the technical people are on top of this. The problem is that spam is not a technical problem and is not susceptible to a technical solution.

Spam is a credit problem. Without merchant accounts it would not be possible for spammers to operate. The financial services industry has completely failed to do their part in the fight against spam. As I have suggested before, were credit card providers merely to cancel the merchant accounts of only the most notorious spammers we could bring this down to manageable proportions.

Tuesday, December 19, 2006

Wanted: clarification from Google

Constantin Basturea points to this comment from Matt Cutts:

Google wants to do a good job of detecting paid links. Paid links that affect search engines (whether paid text links or a paid review) can cause a site to lose trust in Google.


What is meant by paid link? I advise clients to buy sponsorships with local tech groups that offer links and logos on their websites. Would that sort of sponsored link be penalized? Why would Google penalize that? I can see it is not the same as a spontaneous link from a blog, but I don’t understand why it should be penalized.

Monday, December 18, 2006

Local Drupal group

The Washington, DC Drupal Group meets tonight. I don't think I will be able to make it.

Why the sheriff's office and fire department need to share information

IEPD specifications can improve public-safety communications

During last year's wildfires in Southern California, San Diego-area residents received diametrically opposed directives from public-safety officials who apparently were working with contrasting information about the blazes.

“The sheriff's folks were running around telling everybody to stay in their homes, [saying] ‘Everything's fine, the fire's under control,’” said Paul Wormeli, executive director of the IJIS Institute, a not-for-profit corporation consisting of industry members. “Meanwhile, the fire guys were saying, ‘Get the hell out of here because your house is about to go up in flames.’”

As it turned out, the fire personnel's assessment of the blaze was accurate. For some heeding the advice from the sheriff's department, staying in their homes proved fatal — a harsh reality that reminds Wormeli of the important role the IJIS Institute's data-standards work can play during an incident.

“Eleven people died because of the misinformation,” he said. “If the dispatch centers had all been connected and were able to share that information from the fire guys accurately to the sheriff's deputies — through the dispatch system and onto their mobile computers — you might have been able to save lives.

NovaJUG bloggers

This is list of all the blogs by members of NovaJUG

Jonathan Lehr's Weblog

David Bock's Weblog

One Nomad’s Blog

Codebits

Jeet's world

Jayesh's Blog

Tom McQueeney Weblog

The Eclectic Technologist

Composibility

/dev/caffeine

Blog for Hugh Brien

Test Often

bdg's plumtree blog

Chris Bucchere's Blog

Tom Gullo's Blog

Glen Mazza's Weblog

and of course, your humble servant, Presto Vivace Blog

Sunday, December 17, 2006

Blogosphere and editorial judgment

One of the hardest things about pitching a story is persuading a reporter or editor of the newsworthiness of your client. Theoretically reporters understand the criminal justice system needs good technology, but they don’t think their readers will be interested.

Now that a high traffic blog has put it on their front page, perhaps reporters will reconsider.

Friday, December 15, 2006

Media mergers can be a good thing

Chris Dorobek in The FCW Insider:

I can tell you that we are not closing any of the publications down. To be honest, from a business side, it just wouldn't make sense. An advertiser buys in FCW and GCN. If we close GCN, does it mean they are going to say to themselves, 'Well, I'll just buy two pages in FCW.'

But from an editorial perspective, I'm not sure it makes sense either. For 20 years now, FCW and GCN have been going after one another -- sometimes viciously. There was a lot of competition out there -- and regular readers of this blog know that I am a fan of competition. But we were essentially fighting for the same stories -- working hard to get the latest Doan news up four minutes before they do. All that time, energy and effort meant that readers had different versions of that story, but it also means that all sorts of stories went untold and unreported because we just didn't have the time, energy or resources.

So there will be changes. Vitale put it well tonight. "Watch this space," referring to both FCW and GCN. We will need to create publications that are clearly distinguished from one another. Our hope is that, 18 months from now, people no longer refer to us as Government Computer Week of Federal Computer News.

Regarding competition, if we don't meet the needs of our readers and this community, I have faith that in this media market, there will be 15 blogs focusing on government IT, several Web sites. There is plenty of competition -- and the outstanding reporting teams at both FCW and GCN are going to ensure that we cover what people need to know to do their jobs.

So, give us a little bit of time to work this all out, but I think there is amazing potential.


That is very reassuring both from a reader and a flack prospective.

Thursday, December 14, 2006

New to me local tech blogs

/dev/caffeine

Composibility

IASA switches to Liferay 4.1,

IASA, the International Association of Software Architects, has launched a revamped web site at www.iasahome.org.

IASA switched its platform to Liferay 4.1, an open source portal and content management system.


The new website will facilitate virtual communities which is so important to this sort of community.

This is why I don't have instant messaging

Those annoying little IMs? They cost $588B

NEW YORK (Reuters) -- The chances of you finishing this article without getting interrupted or distracted are slim.

U.S. office workers get interrupted on the job as often as 11 times an hour, costing as much as $588 billion to U.S. business each year, according to research.
Video More video
A showdown between a daredevil and a rapper. CNN's Ali Velshi is 'Minding Your Business.' (December 13)
Play video

Add in the distracting lure of checking e-mails, surfing the Internet and chatting by computer, and workers interrupt themselves nearly as much as they are interrupted by others, experts say.

"With instant messaging on your desktop and alerts and e-mail notifications, you set yourself up for it," said John Putzier, founder of FirStep Inc. business strategists in Prospect, Pennsylvania.


I'd like to know how FirStep came up with that figure.

Tuesday, December 12, 2006

Why “leaking” should be shunned

Mike Manuel links to Valleywag’s amusing post on how to leak. It does offer good insight into this noxious process.

Unless you have evidence of serious wrong doing or a threat to public safety, speak on the record.

Too often leaking is just about showing off. It is degrading to our public discourse when no one will take responsibility for their words. This evil practice is reducing citizens and reporters to informers and secret police. Living in freedom means speaking openly. Maybe you have to live in greater Washington, DC and see the damage up close to comprehend its corrosive effect.

I had the same reaction

Job of the Week: Negroponte Needs Mouthpiece To Decline Comment

It was inevitable

FTC Moves to Unmask Word-of-Mouth Marketing

Marketing is an honorable profession, be proud of it.

Monday, December 11, 2006

Australian Defence Force blunder

From D-Ring PR we learn that the Australian Defense Force has shut down all soldier blogs. That is a real shame. The soldier blogs give readers a unique view of war that is available from no other source.

For the US the soldier blogs may be the best PR they have going, with all due respect for their public affairs officials. The soldier blogs give us a sympathetic view of their difficult situation.

During 2007 it is likely that congressional investigations will expose some very disturbing developments. The voices of the soldiers themselves are likely to be the most convincing counter to what is likely to unfold.

For serious techies only

Codebits

Important local tech blog

Code Snipers, I can't pesuade my Tech on the Potomac Blogdigger group to pick up the RSS feed.

Ownership shuffle

Today’s Washington Post carries the news that the Post Newsweek Tech Group has been sold to 1105 Media. 1105 Media recently purchased 101 Communications Group, publisher of Federal Computer Week.

This means that Government Computer News and Federal Computer Week will be owned by the same company. Will they fold the magazines into one? Or keep them separate? Either way this is worrisome. It will only make it harder to place stories.

Friday, December 08, 2006

Great names for blogs

Drunken Data

The Spy Who Billed Me

Google's page rank

From the indispensable Argyn we learn about this description of Google's page rank.

Implementing IPv6 at the Federal level

Shawn McCarthy has a piece in Government Computer News suggestion that IPv6 if more of a configuration management and IT services issue, rather than a pure deadline issue. That may very well be the case. Does it make any difference if a citizen using an old protocol, say dial up, is trying to access a federal website? I don't know. This is the kind of issue civil service IT personnel must consider all the time.

The new Congress and the Homeland Security industry

David Silverberg has an excellent editorial on what the new Democratic controlled Congress is likely to do about Homeland Security. Silverberg shares my view that this is likely to be a good thing for security vendors as Democrats have promised to implement the recommendations of the 9/11 Commission.

Adobe plunges PDF into XML

From Joab Jackson's Tech Blog we learn that the new PDF will be entirely in XML format.

What are the migration issues of this? Will you need two PDF readers? One for the old format and one for the new?

The beta version is available for review. I encourage interested parties to check it out and comment as appropriate.

Tone deaf about sums it up

Music Industry Wants to Cut Artist Royalties

So, let's get this straight: My buddy Brooks Boliek at the Hollywood Reporter writes that the Recording Industry Association of America (RIAA) -- the music industry's lobby and cop, responsible for suing music pirates, including the occasional 12-year-old -- now wants the federal government to slash how much money musicians get when their songs are played.

Okaaaaay.

The RIAA has asked the fedgov's Copyright Royalty Judges to lower the rate, which hasn't been changed since 1981.

I'm not quite sure I understand the RIAA's argument, which seems to have something to do with selling ringtones, but I do know that, from a public-relations standpoint, the request to lower songwriters' royalties is tone deaf.


Piracy hurts artists as much as record labels, so I don't see the justice of this. I suspect the new Democratic controlled congress will be very unsympathetic.

Requiem for classical music on the radio

Redskins Owner Set to Buy Last Classical Station

Washington Redskins owner Daniel Snyder has reached a preliminary agreement to buy classical music station WGMS-FM in a deal that would expand his budding sports-talk radio empire and likely be the swan song for the area's only classical outlet.


This would be a terrible blow to the cultural life of our community.

Thursday, December 07, 2006

James Kim

CNET Senior Editor, 1971-2006

James Kim was a respected expert on cutting-edge digital devices, an owner of a trendy clothing store and a lover of the futuristic-sounding music known as electronica.

Yet, according to friends, most of Kim's life revolved around old-fashioned values: sacrifice, friendship and family. Those who knew him say they aren't surprised that Kim, in the last act of his life, demonstrated the ultimate expression of devotion to his wife and daughters.

The body of the 35-year-old Kim was discovered Wednesday in a rugged wilderness area in southern Oregon. He had set out across snow and ice with only tennis shoes to protect his feet. He had eaten little in the seven days since his car got stuck.

"Anyone that knows James will tell you that he would do anything to protect his family," said Jason Zemlicka, a friend of 10 years and former co-worker. "I know him, and he must have believed he was going to get somewhere."

Friends and co-workers now mourn Kim but say they will celebrate his success at helping to accomplish his most important goal during that desperate week in the woods: the rescue of his wife, Kati Kim, and the couple's two daughters, Penelope, 4, and Sabine, seven months.

"I have had the privilege of knowing James since our days together at TechTV," said Joe Gillespie, executive vice president at CNET Networks and a former co-worker of Kim's while the two were at the now-defunct cable channel. "And while I have many fond memories, I will honor forever what he set out to do last Saturday. He is true a hero to all here at CNET."


He will be missed.

Wednesday, December 06, 2006

From Debrett's

techno-politeness

Here's one reporters will like:

Avoid Writing A Pointless Subject Field

The subject line is a summary of the content of the e-mail, and should alert the recipient. A well-written subject line will ensure that the e-mail gets the appropriate attention. It is also used for filing and retrieval purposes, so it is important that it accurately reflects the topic of the e-mail.

Tuesday, December 05, 2006

Advertising costs

CNET has an interesting article about gaming social media. From the article:

Companies charge as much as $15,000 to get content up on Digg, said Neil Patel, chief technology officer at the Internet marketing firm ACS. If a story becomes popular on Digg and generates links back to a marketer's Web site, that site may rise in search engine results and will not have to spend money on search advertising, he said.


For that amount of money you could buy numerous sponsorships at professional societies, user groups, and trade associations, thus generating good will along with website traffic.

Hat tip to Chris Abraham, who has a very funny comment.

About astroturfing

Chris Abrahm has written one of the best warnings against this noxious practice that I have seen.

See also the anti-astroturfing campaign.

Viral Marketing

I was talking to Chris Abraham the other day and said I didn’t really do viral marketing. I then described my work publicizing the work of the Federal XML Work Group and how my work had been linked from the official minutes. I observed that this was an illustration of how you can use your corporate blog to build relationships and generate publicity that is otherwise not available at any price. A more recent example was the post I wrote about the local IEEE meeting; they were kind enough to link it from their website.

Chris pointed out that this was what viral marketing was all about and I had been doing it without even thinking about it. Sometimes we put a bit if mystery to marketing terms that is not warranted.

Monday, December 04, 2006

December DC SPIN meeting

Wednesday, December 6, 2006

Skills/Experience Needed for a Chief Software Engineer for a DoD Acquisition, and The Proper Specification of Requirements
Speaker: Al Florence


I'm sorry I won't be able to go.

Well done corporate blog

Developer Testing is so lively, so engaging, you can hardly believe it is a corporate blog. Yet it is totally professional and inspires confidence. Very well done indeed.

Wednesday, November 29, 2006

Software as a Service

Last night Hugh Brien gave an interesting presentation on An Introduction to Tenant Based Software. By this he meant that applications live as a “tenant” in a larger infrastructure. He used Salesforce to illustrate how Software as a Service could be offered in such a way that individual users could use it to build their own custom applets. (Or at least that is how I understood him.) I will be writing more about his presentation next week.

In the meantime, here is one gentleman who is greatly underwhelmed by all the talk about SaaS.

About the author

My LinkedIn profile.

Presto Vivace del.icio.us tags

Presto Vivace Diggs

Tuesday, November 28, 2006

Pitching bloggers

Blogger Relations 410 and Pitching Blogs have aggergated a collection of terrific links on this important part of our work.

I am pleased to say that my own classic post on the topic is included on both blogs.

Some observations regarding SOA security

IASA meeting, November 17, 2006

Dr. Craig Miller spoke about Service Oriented Architecture (SOA) and software security. He began by making some general observations, pointing out that the distributed applications in the eighties, were similar to SOA.

Miller said he had been an early advocate of web services, having persuaded his previous employer, Proxicom, to offer web services.

Miller emphasized that security is a fundamental attribute of an application, not something you add on to an application software after you have finished building it.

He said that SOA can be defined in terms of technology or in terms of architecture. Currently, Gartner has a chart that shows SOA at its the height of its curve of adoption, suggesting that a crash is imminent. Miller said that this was probably true of SOA as a technology, but that SOA as an architectural topology is inevitable.

Here, Miller gave an outline of the history of IT architecture:
1) unconnected systems
2) spaghetti architecture -- point to point connectivity
3) hub and spoke -- data warehouse at the center
4) data bus -- moving data around with technologies like EAI
5) application bus -- SOA: robust standards

Miller described SOA as a continuing initiative; no one builds an organization around it.

SOA can be understood as a bunch of web services with a bus providing connectivity. Each web service does something small (such as extract the balance of an account); the application orchestrates the services through business logic.

Miller predicted that the web services part of this will be outsourced, with the bus and process logic done locally, because that is the more agile approach.

In a SOA system, the points of connectivity are points of vulnerability. Here, Miller said that software breaks more than anything else, that “crap” is the technical term.

Miller outlined the principles of network architecture as opposed to application software:
- componentization
- standardization - interface is rigid
- management (monitoring)

Here, a member of the audience pointed out that network software is simpler than application software. Miller agreed that this is true, but that network software offers lessons for applications software.

Miller said currently we don’t manage monitoring well in application software and that SOA facilitates monitoring by watching how often the bus calls for which web service and how the web service is used.

He said the industry has gotten over the point where everybody thought they could own the universe; we are now getting vendor independent standards. Here, he showed a diagram representing SOA structure:

client
presentation
logic
infrastructure
service

Miller said SOA succeeds because of the business imperative. With the Internet we already have ubiquitous connectivity. The Internet has also pushed us towards vendor independent standards.

The essential vulnerability in SOA is all the points of connection (between the individual web services, the bus, and the application).

Here, Miller offered a brief survey of the different approaches to security by the two standards organizations: W3C and OASIS.

W3C key web services security standards:

infrastructure:
XKMS
XML

requirements:
multipole security token format
trust format
signature formats
encryption technologies
end to end messaging

XML access control markup language:
encode XML rules for access
chief standards issue is many
tree of entities -> rules for access

Miller said XRML syntax has been described, but that he has not seen it implemented.

Individual web services can put limits on the way that they are invoked by means of message tokens.

Miller was enthusiastic about the SAML tool kit, saying that it allows you to do virtually anything.

The OASIS view of security: identification & authentication, data integrity, and data confidentiality.

Miller said that message uniqueness is profound in SOA; how do you know you haven’t seen this message before? For example, you could send a message, “give me $100” and then keep repeating that message. The software has to know it has already received the message. The insertion of a nonce is one way to address this.

Miller was emphatic that SOA does not obviate the need for software security. Here, he offered another slide illustrating the reality of SOA architecture:

client
presentation
osc bss orchestrate bs
the bus
web service/ web service/ BULA (big ugly legacy application)

He made the point that most SOA systems involve Big Ugly Legacy Applications. Loops that go past the bus, usually tying Big Ugly Legacy Applications to the system, are vulnerabilities. I asked if the value of web services is not precisely because they glue together big ugly legacy applications. Miller agreed that this was so.

Miller said that the things that make code ugly are bug fixes; clean code is code that has not been debugged

Miller listed the factors driving emerging technology as bandwidth, processor speed, memory (RAM), and storage media. He pointed out that his digital camera has a 128 MB flash card. He also said that distributed storage technology was the most unexploited technology.

Note - in an email sent after the presentation, Miller said, “Web service security can be enforced in two ways -- the infrastructure can enforce rules for publication and subscription, or individual services can enforce security based on message tokens. Both can be useful. From the perspective of elegant design, I like to embed the security in the infrastructure / messaging layer rather than leaving it to the author of the individual service. It is easier to monitor it there, and I firmly believe that monitoring is a fundamental aspect of web service security.”

Wednesday, November 22, 2006

Simulation and Virtual Reality

Notes from the November 15 Nova IEEE Meeting

Dr. Jim X. Chen offered a survey of the research projects at the computer graphics laboratory at George Mason University. I have read a great deal about virtual reality, but this was the first time I had heard from someone actively working in the field.

Chen opened his presentation with a description of his work on the simulation of fluids. He explained that fluid dynamics is too complicated to simulate, but a simplified model achieves the same effect. With his model he was able simulate the waves created by the back of a boat. Similar concepts were employed in simulating the dispersal of dust created by a car driving across the desert.

Next, Chen described his work in what he called edutainment - learning through playing. Chen builds systems that use virtual reality to teach real world concepts. For example, students see a visual representation of a magnetic field to understand how magnetic fields work. Animations create physical representations of physics equations, helping students retain knowledge. Multi-User Virtual Environments (MUVEs) allow students to explore digital museums.

Chen has built a system for creating custom models for knee surgery visualization. First, a virtual model is built from MRI images. This is important, because MRI images are in black and white. Then, calculations are made for the forces on the joint. Then, a virtual model can be created for surgery visualization. This allows a surgeon to visualize the surgery before it is done on the actual patient.

Building a virtual ear surgery system, including temporal bone construction, is more complicated. Because of the fine detail, it is not practical to use MRI images. An actual specimen was used to create a virtual model. A haptic device allows surgeons to train in a virtual environment.

Chen described his virtual human anatomy and surgery system. Students can see cross sections of entire systems (skeleton, nerves, etc.) in natural color. There is a human parts browser to assist study.

Adapting the business model

Newspaper Firms Join With Yahoo in Advertising Partnership

Let's hope this is successful. We need prosperous newspapers.

Tuesday, November 21, 2006

What is a nounce?

Nonce: A randomly chosen value, different from previous choices, inserted in a message to protect against replays.


Now you know.

SOA adoption

At last week’s IASA meeting the chapter president asked the audience how many of them were using service oriented architecture (SOA) in their work. Only five raised their hands. This surprised me because I have been hearing about SOA for years. When asked about enterprise service bus, only three raised their hands.

Clearly we are still in the early adopter stage.

Contracting humor

Fun with acronyms.

The ESP Game

Image Labeling for Blind Helps Machines 'Think'

For the blind, the only solution is for each image to be labeled with an accurate description for the screen reader to say aloud. But few Web site designers do that.

That is why researchers are studying ways to tap the powers of the Web to have ordinary users label great numbers of images. Asking people to label image after image, however, is asking them to become bored quickly. To make it less tedious and more fun, Luis von Ahn, a computer science professor at Carnegie Mellon University, has created the ESP Game.

Two random visitors to ESPGame.org are matched up and shown a random image, which they are asked to label. They cannot communicate. When both provide the same label, they win points. At the same time, computers are associating words with images, a valuable service for the blind.


This is just brilliant and moves us closer to the semantic web.

During the Clinton administration the federal government required all federal websites to be handicapped accessible. It is just a question of time before all American businesses are required to have accessible websites. Don’t wait for the government to hit you over the head. Be a good guy, adapt your website so it is accessible.

Note - I know Blogger blogs are not accessible. It is one of the many reasons I don’t like Blogger.

Wednesday, November 15, 2006

Notes from the November 14 NovaJUG meeting

Enterprise-class Java applications by clustering the JVM with Terracotta

Of all tech meetings I attend, NovaJUG’s are the most difficult for me to follow. I have decided just to reproduce my notes from the presentation. I hope my programmer readers will find them useful.

Ari Zilka presented on Terracotta’s clustering technology. Some highlights:

- Zilka said he believes Terracotta is the first to use transparent clustering at a high level.

- Clustering is not about shared memory

- Terracotta’s code is free, it is supported by a subscription service.

- cluster is above Java Virtual Machine and below the application

- clustering in runtime offers more control

- Terracotta 2.2 is due for release on December 4

Here Zilka made a demonstration of Terracotta with two Macs where two users moved images/objects on the screen simultaneously.

Zilka made some general observations about Java technology:

- Java specification is good; Java uses a strict & valuable set of semantics

Concerning Java serialization:
- language should work the way we were taught in the book
- object identity and pass-by reference
- coordination between threads

- return same reference to same object: map dot put = map dot get

- with serialization objects are moved across applications, you lose trust

- Terracotta clusters at runtime

- stateless programming - because operators can shut down neatly

- load balancing is good; but balancing at application level consistently is best

- with Terracotta you can write to stateful and run in statelessness

- managed runtimes relieve developers (example, memory management)

- Why runtime management is better, you can see patterns of activity, example, who accesses what information and how often they access it

- Terracotta put (serialization) get (deserialization)

- serialization perturbs the domain model

How API based clustering impacts simplicity
-scale out solutions relay on Java serialization
- perturbs the domain model
- adds new coding rules

Locality of reference
- database object not local for processor
- if an object can move then one must map
- must be able to lock object

Terracotta
- handles the getting and putting in the map
- you can trust equality
- no API
- almost no code

Terracotta instrumentation
- map level memory, read/write operations
- network based clustering with consistency
- transparent to business logic

- Bytecode instrumentation

AOP style control; does anyone have this object before I create it and if so, what is the address?

- no peer to peer in Terracotta

- Control cluster server knows who has the lock

- clustering to the heap

Capabilities
- heap level replication - share object
- ACID Replicators - no new exception or error scenarios
- central storage - keeps application state across restarts
- communications hub - manage shared objects
- virtual memory
- coordination

- stateful applications/stateless server

- Terracotta saves each field of each object

- JBoss is not ACID compliant; Terracotta is

- Terracotta shell servlets invoke Java for you

- stateless - kill any node - and still pick up where I left off

- logical extension of your heap

- Hub & Spoke -> scale the hub
- field level changes -> batched
- network overload -> runtime optimized

- Terracotta should be used with Hotspot 1.4 or 1.5, it works with Tomcat, WebLogic, Spring, and Weflow

Monday, November 13, 2006

Taking credit for success

There is such a thing as overdoing it.

The American election

Among the winners were those who specialize in preparing clients for congressional hearings, crisis communications, and corporate reputation repair. Get ready for subpoenas!

New home for D-Ring PR

The D-Ring has a snazzy new WordPress blog. For some reason I can't persuade my Tech on the Potomac blogdigger group to grab the RSS feed.

Thursday, November 09, 2006

It is a little like speech writers

Jim Horton asks why few care that politicians are paying bloggers openly.

It is precisely because politicians are doing this openly. Not only is this reported on an American politician’s FEC disclosure form, hiring bloggers is publicly announced. Bloggers write for the campaign’s official blog or disclose their relationship on their blog; sometimes a disclaimer statement appears at the end of each post. There is no question of sailing under false colors.

Protecting your data

Web 2.0 Confab Takes Aim At Closed Platforms

The Talis Community License aims to describe a more flexible, Web-friendly set of database rights than the current legal default, just as the Creative Commons License offers an alternative to traditional copyright protection and the GPL offers an alternative to restrictive software licenses. Talis is the brainchild of Ian Davis, a developer and technical lead of the research group at library software vendor Talis; he released a draft of the license in April.


As companies and individuals wake up to the implications of who controls their data, the importance of this issue will continue to grow.

Wednesday, November 08, 2006

New to me PR blog

the hubbub

Needless anxiety

When blogs put brands at risk

For companies worried about how consumers and activists view their business practices, these new media channels present a fresh challenge, undermining a traditional command-and-control approach to corporate communication and reputation management.


If you are running a profitable company you must have happy customers. Some of them are probably blogging about their positive experiences. A check of Technorati may reveal pleasent surprises.

Firefox and GMail are two examples of products that benefited from blogger evangelism. PR shouldn’t be so afraid of the big bad blogosphere.

Tuesday, November 07, 2006

It's election day in the United States

Today the Board of Elections in all fifty states is coordinating statewide network of election officers, voting machines, and all the logistics of democracy. They will be doing so in an atmosphere of unprecedented suspicion. This is long and difficult work. In Virginia election officers must arrive at the polls by 6:00 AM and stay until the votes are counted.

Though out the day local boards will field questions and deal with the inevitable controversies of what after all is a contest of power. The level of tension is very high.

After the polls close their website's site traffic will spike. Civil service IT personnel having working hard, testing their systems to prepare for the flood of traffic.

It is a remarkable process.

New Communications Forum 2007

March 7-9, 2007 • The Venetian Hotel • Las Vegas

They're going to offer workshops on podcasting and video casting along with everything else. I am going to try to go this year.

Monday, November 06, 2006

The voting machine PR debacle

Ever since the 2002 election serious questions have been raised about the reliability and security of the e-voting machines. Last Thursday HBO ran a documentary about the problems with Diebold. Now Hacking Democracy is available online.

This week’s issue of Federal Computer Week has a long detailed article about the continuing problems with the voting machines.

These companies have consistently failed to address the concerns raised by their critics. Indeed they could not have conducted themselves worse were it their purpose to dirty their reputation. Whatever profit they derive from the sales of these systems cannot possibly be worth the damage to their corporate reputations.

Friday, November 03, 2006

IASA Meeting on Securing SOA

IASA Mid-Atlantic Chapter

Thursday November 16th, 6-8 pm

Topic: "Securing SOA"

Abstract:

Integration has been the Holy Grail in information technology from the time the second program was written. Over time we have explored several different architectural models for integration and many different technologies. The scrap heap of IT history is littered with approaches that failed technically and technically brilliant approaches that did not capture the market. Despite a long history of failure, we have doggedly pursued the objective, because the imperative for integration in compelling and the cost of a failing to integrate is overwhelming.

We are now driving to integration through SOA. Through the evolution of ubiquitous connectivity based on internet protocols and vendor-independent standards with integration we are seeing much greater success than in prior efforts. SOA works, the case is compelling, and the rush is on. There are challenges, however. First, there are degrees of SOA, with huge implications in terms of cost, performance, and risk. Second, building SOA requires fundamental changes in organizations and processes. Focusing only on the technology is a prescription for failure. Finally, SOA is a very
different animal from a technical perspective. The standard point of attack on a system is at the interfaces, and SOA is all about interfaces. SOA is a target-rich environment.

Craig Miller will talk about his experiences in building SOA at the enterprise scale. He will talk about his personal experience with a small pharmaceutical company (Cubist), a large health insurance company (Wellpoint) and ongoing work with large internet security brokerage. All defined and approached SOA in their own way.

The Troubling Trends of Federal Procurement

ll R. Aitoro , VARBusiness

"The Troubling Trends of Federal Procurement." That title for the procurement policy survey published by the trade association Professional Services Council (PSC) and accounting firm Grant Thornton says it all. Thanks to conflicting strategic procurement initiatives, an insufficient workforce and skepticism from government agencies about collaboration with the private sector, federal procurement faces challenging times.

For the third time since 2002, PSC and Grant Thornton surveyed federal officials about their views on procurement policies and practices. Respondents included 37 representatives from myriad civilian and defense agencies. ...

... According to the Federal Procurement Data System, government purchased more than $374 million in goods and services in 2005, which equals about 45 percent of the annual discretionary budget. That's compared to $200 billion five years earlier. Such a market swell has left the acquisition community scrambling to adjust, often without necessary resources or support from those on Capitol Hill. The number of acquisition professionals in 2005 was 125,779, a 10 percent decrease from 1996, despite a 108 percent increase in dollars spent on purchases and 2 million more transactions completed.


This is an execellent article which explains how one goal can conflict with another.

A bad combination

Meth, Classified Docs and Nukes

Thursday, October 26, 2006

Blogs: a writer’s store window

Notes for the National Writers Union, DC Chapter
Thursday, October 26
Alice Marshall
Presto Vivace, Inc.
http://www.prestovivace.biz/


I am Alice Marshall, founder of Presto Vivace, Inc., a PR firm specializing in small and medium size technology firms. My blog is called Presto Vivace Blog.

I am not much of a believer in presentation software, so I will just speak from my notes.

How many here have their own blogs?
How many here read blogs?
How many here are doubtful about the whole proposition?


The Internet and social software (blogs, wikis, podcasting, YouTube, etc.) will change our society as profoundly as the Gutenberg press changed Europe. Nobody knows where this is all going. This presentation is not about blogging, the meaning of it all, it is simply about how writers can use their blogs as a showcase for their work and a loss leader for their marketing.

I started blogging because I thought it would be fun. If you don’t think you would enjoy it, you probably would not be a good blogger. Since my clients are local technology companies my blog focuses on the local technology scene.

Your blog is a free sample of your writing. By reading your blog potential clients and employers will get a sense of your work and how you would write for them. So a professional blog should focus on your field.

Choose you subject and stay focused.
A narrow focus will help you to build and audience by attracting readers in that field.

Presto Vivace Blog averages 100 hits a day. I have 95 subscribers on Bloglines RSS feeder and another six on Feedburner. Most RSS readers do not publish subscriber numbers for blogs, so I have no way to know how many readers I have. Blogging software makes it possible to limit the amount of your post available to RSS readers. I strongly advise you not to do this. Almost all your regular readers will never visit your blog. They won’t subscribe to feeds that cut off posts.

Joshua Micah Marshall’s blog, Talking Points Memo, started as a loss leader. He wanted a place for opinion columns and stories he could not sell to editors. It just blossomed into an online news organization. He was early to market, I don’t think it is likely anyone could duplicate his business model.

Ideally your blog should be part of your corporate website. Otherwise you should incorporate your or your company’s name into the blog URL. For example, it would have been better had I chosen PrestoVivace.blogspot.com. That way, it would have reinforced the brand both with readers and search engines. I originally called it Technoflak blog because the humor of it appealed to me. Blogs should not be too serious. Readers like light hearted blogs.

Your sidebar will tell your readers what sort of blog you are writing. Most sidebars consist of the other blogs the writer recommends or news publications they like. My sidebar starts with professional and trade associations that are likely to appeal to my clientele.

Your sidebar should not be your reading list, either blog or news organization, but reading matter directly related to your blog. You want to keep a professional image, I don’t recommend Fark or The Onion.

Don’t confuse the world with people who care about your personal life (unless you are striving to be the next Erma Bombeck). Keep your subject matter professional. It’s OK to publish the occasional picture of your pet or mention a movie you saw. Just keep in mind why your reader reads your blog. I try to inform my readers about things that would help them make money. That is why I publish Call for Participation for conferences and related information.

Push as Well as Pull
Cultivate relationships with other bloggers in your field. The best way to get inbound links (according to Technorati I have 49 links from 33 blogs, it used to be twice that) is to link to other blogs in your or related fields. High traffic blogs are unlikely to reciprocate your link, but lower traffic blogs are likely to appreciate inbound links. It is no longer considered good taste to ask for link exchanges, although that was common in 2004.

I created a blogdigger group of local tech blogs as a way of cultivating a relationship with the local tech community. Constantin Basturea became a leader in the PR community by creating the blogdigger PR list and the NewPR wiki. More recently he created CrispyPR New, which is a kind of social tagging site.

Use Blogging Software Meant for Professionals Right from the Start
Don’t make my mistake. Don’t use Blogger. Use Six Apart’s Typepad or Moveable Type software, or WordPress, or software that has categories and tagging. By incorporating tags (those little symbols you see at the end of posts) . These tools make it easier for readers to search your blog and more likely that it will be tagged in social software sites like del.icio.us and Digg.

Post regularly and carefully
Regular posts (ideally daily) will encourage readers to regularly check your blog. Remember that this is your showcase. Think before you press the publish button.

Pay a copy editor for long pieces.
Occasional I write long pieces. For these posts I pay a copy editor. A second pair of eyes is very useful, especially if your grammar is a tad uncertain.

Original Content Makes for Well-Read Posts
One to the things I do with my blog is write account of the meetings I attend. Links to these posts can then be sent to members of the group, or even posted on their discussion list. It is way of building your audience in a way that builds your relationship with a community. Do not spam links to your posts. Carefully select your recipients. When I did an interview the Fred Thomas of MHz Networks, I sent the link out to the DC Pubs Yahoo discussion list. I assumed, correctly, that many on the list would be interested.

I wrote a series of accounts of meetings of the Federal XML Work Group which I sent to many federal contractors I know.

These are examples of how individual posts can be used as a substitute for direct mail. I wrote a post about my view of strategic PR and sent it around. It was linked on Bulldog Reporter’s BlogRun feature. Posts with original content are the most likely to be linked by other blogs.

Blogs are A marketing tool, not THE marketing tool
Blogs offer a way to showcase your work. They offer a way for readers to get to know you before they hire you. They are a useful tool and I recommend them.

Related reading
What's Next Blog's Successful Bloggers Interviews: Alice Marshall on How to Use a Blog to Get Clients
How to pitch bloggers

Monday, October 23, 2006

11th Annual NCC-AIIM Educational Seminar

Collaboration that Works: Creating, Sharing and Utilizing Your Information Assets

Thursday, November 9, 2006
7:30 AM – 3:00 PM
Key Bridge Marriott in Rosslyn, VA

Federal XML work group

XML Community of Practice

Since the xmlCoP's charter expired on September 30, no further meetings have been scheduled pending determination of whether new co-chairs can be identified. However, the XML Schema Interoperability Work Group (XSI WG) and the Strategy Markup Language Community of Practice (StratML CoP) are now meeting regularly.


This is very important work, for our government and our industry. I trust it can be continued.

Government Printing Office's XML plans

Transcipt, online discussion at Government Computer News.

Transparent whether we like it or not

Poor William Kennard wrote an editorial in the New York Times opposing net neutrality. While he disclosed that he sits on the board of directors at the New York Times he neglected to mention that he also sits on the board of directors of Sprint Nextel Corporation, Hawaiian Telcom and Insight Communications. Naturally a high traffic political blog pick it up and ran with it.

Selective disclosure is just as bad as no disclosure. We need to teach our clients that they have to disclose all relevant facts; because if they don’t their adversaries will.

At the first New Communications Forum Andrew Lark said “We are all walking around without our clothes.” I think that just about sums it up.

Circling the Statehouse

As Federal Spending Tightens, Contractors Seek Out New Clients

At a time when federal spending is slowing , state and local governments -- flush with cash from rising property-tax revenue and a generally healthy national economy -- are an increasingly juicy target for government contractors. Many have flocked to the state and local market after years on the sidelines, following the money being poured into information-technology projects ranging from humdrum computer system upgrades to innovative wireless networks.


It is rare for states to outspend the feds and with the housing crash upon us it is naive to suppose localities will be flush. This is a very bad sign for government contractors.

Wednesday, October 18, 2006

Taming the email monster

Craig Ball

E-mail should be easy. It's got those handy subject lines. It's electronically searchable. The circulation list's right up front. It's a cinch to file.

In reality, e-mail conversations veer off topic, search is hit-or-miss (CUL8R), addresses are cryptic (HotBob11@yahoo.com) and only the most organized among us file e-mail with anything like the effort once accorded paper correspondence. Personal messages rub elbows with privileged communications, spam and key business intelligence.

During WWII, everyone knew, "Loose lips sink ships." But does every employee appreciate the risk and cost of slipshod e-mail? Get tough on e-mail through policy -- then train, audit and enforce. Train to manage e-mail, appreciate that messages never die and know that hasty words are eaten under oath. Tame the e-mail beast and the rest is easy.


Lotus Notes used to have a handy feature that after you sent every email it would ask you if you wanted to save it, where you wanted to file it, or if you just wanted to delete your copy. Almost always you wanted to delete it. Lotus had the same feature every time you opened an email, did you want to file it, delete it, or just leave it in your inbox. It is much easier to do this as you go rather than go back and decide what to do with each note and it puzzles me that this feature is not standard on email software.

Most important principle of records management

If you don't need it, get rid of it.

Tuesday, October 17, 2006

From opposition research to your newspaper

How it's done.

Collaborative PR

I am in the middle of a collaborative project where different companies have to sign off on the same release. This is shaping up to be the most boring release I will have ever sent out. Fortunately long suffering business and trade reporters take a philosophical view of this sort of thing and will understand why these releases are written in such a bland manner. Nevertheless, it is a pity so many companies want to control all the news out of a release.

Monday, October 16, 2006

Online style guides

College and University Style Guides

Indiana University

IT’s dirty little secret

Tech Disasters Are Just Waiting To Strike Your Organization

8 Expensive IT Blunders

Our hall of shame of tech failures includes McDonald's $170 million ERP fiasco, an electric-company software bug that wiped out power to much of the northeastern U.S. and Canada, and more. Get the sordid details and find out how you can avoid a disaster of your own.


More Blunders: An IT Rogue's Gallery

This is great reporting and really gutsy coming from a trade magazine. Well done Information Week. What they need to do now is to show their readers working models of coopreration that avoid this sort of disaster.

Wednesday, October 11, 2006

Presto Vivace, live in concert!

National Writers Union, DC Chapter

Are you trying to advance your career? Do you want to get more writing assignments? Are you looking for effective marketing tools? Perhaps you should consider blogging.

Join us Thursday, October 26, at 1.00 p.m., to hear Alice Marshall talk on the ins and outs of blogging. Learn how blogging can help you promote your services. Learn how to make your blog effective (and what to avoid). And learn how blogging is transforming our culture.


I'm looking foward to meeting some of my local readers.

Monday, October 09, 2006

Something to keep in mind

Intellectual Property Issues HeatingUp in Social Media and Virtual Reality

The intellectual property question of ownership of material submitted to social media sites is heating up as corporate acquisition talks for YouTube and other startups catch fire. Interestingly, you don't own the rights to material you submit to video contests, or to YouTube, but you do own the rights to coding you do at Second Life.


BL is so good at catching stuff like this.

More shoes to drop?

HP Not Alone With 'Rogue' Investigations

"Corporate America is worried and should be worried," said Jamie Wareham, global chairman of the litigation department at law firm Paul, Hastings, Janofsky & Walker LLP. "Do you think these guys in the business of pretexting only have one client and that's HP? I don't think so."


Does that sort of atmosphere of mutual suspicion sound conducive to innovation or customer service?

Your Call Is Not Particularly Important To Us

What happens when bad corporate planning collides with a too-effective call center? Could be a PR disaster.

Not a proud moment for the sisterhood

Dunn, Fiorina use '60 Minutes' to attack H-P

Saturday, October 07, 2006

You only get one chance to make a first impression

Cover Letters from Hell

Verizon privacy litigation shuffle

Verizon sues alleged HP fraudsters

The muck continues to thicken around HP's spy scandal. Verizon has filed a lawsuit against 20 unnamed data brokers, accusing them of helping out with the phone fraud used in HP's investigation.


'Don't spy on Verizon chair' - warned HP spooks

Documents released this week by the House Energy and Commerce Committee show that - pretexting or not - HP's investigators knew they were in murky territory.

HP's investigators, for example, knew enough about the touchy practice of securing phone records to stay away from board member and Verizon vice-chairman Lawrence Babbio.

"Babbio was report (sic) as a strong supporter of the former CEO (Carly Fiorina), however, due to Babbio's position with Verizon no attempts to obtain calls made from his cell phone were attempted," wrote Security Outsourcing Solutions, in a June 14, 2005 report to HP's investigative team.


Verizon sued for alleged NSA cooperation

Verizon Communications is the latest big phone company to be sued for allegedly violating privacy laws by handing over phone records to the National Security Agency for a secretive government surveillance program.

Why journalism matters, Anna Politkovskaya

Chechen war reporter found dead

Anna Politkovskaya, a prominent Russian journalist known as a fierce critic of the Kremlin's actions in Chechnya, has been found dead in Moscow.

The 48-year-old mother of two was found shot dead in a lift at her apartment block in the capital.

Friday, October 06, 2006

HP miscellany

Steven Silvers has three lessons form the HP debacle including:
The response to a crisis often becomes the bigger crisis.


Paul Holmes quotes Kent Perkins on the right way to plug a leak (Perkins has a much tougher approach than Toby Zeigler and probably more realistic).

Hyde Park reminds us of David Packard, the HP way and how far the company has fallen.

Wednesday, October 04, 2006

When you lose your sense of perspective

Five to Face Charges in HP Scandal

California's attorney general is preparing to file criminal complaints today against ousted Hewlett-Packard Co. chairman Patricia C. Dunn and four others for their roles in the Hewlett-Packard Co. spying operation that surfaced last month, according to sources close to the case.


Consider the article that started it all. Pretty innocuous words about improving technology, managing channel sales and possible acquisitions, nothing earth shaking. There was no need to leak this, no urgent public interest that could not have been as well served as waiting for official announcements. On the other hand, other than tipping the company’s hand on acquisitions, there is nothing here damaging to HP.

Now in an attempt to discover the identity of the leaker HP has associated its previously good name with spyware, private investigators shadowing reporters, congressional hearings, and now indictments. For what? For a leak?

Their attorney should have counseled them to take the Toby Zieglar approach to leaks. Indeed, the PR officer and corporate counsel should have made common cause in restoring a sense of proportion to the Chair and CEO. Instead the corporate counsel seems to have encouraged it and the role of the PR officer remains unclear. There are many lessons here, one of which is that there are worse things than leaks.

Tuesday, October 03, 2006

Nasty bloggers

Sometimes it’s worth suing.

But most of the time they should be ignored.

Call for Papers for the 16th USENIX Security Symposium

Security '07 Call for Papers

The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks. The 16th USENIX Security Symposium will be held August 6–10, 2007, in Boston, Massachusetts.

All researchers are encouraged to submit papers covering novel and scientifically significant practical works in security or applied cryptography. Submissions are due on February 1, 2007, 11:59 p.m. PST.

Friday, September 29, 2006

Friday fun

Bosch Aerospace Theater

Great headlines

Playing dumb is no pretext in HP testimony

When control gets out of control, HP edition

Lawmakers Scold HP as Top Lawyer Resigns

WASHINGTON (Reuters) - Hewlett-Packard Co.'s top lawyer resigned on Thursday as U.S. House of Representatives lawmakers scolded current and former top executives for invading individuals' privacy to find the source of boardroom leaks.


It is more than a little ironic that this hearing was held the same day the US Senate effectively abolished the right of habeas corpus.

I wanted to go to the hearing for myself, but was unable to because of the press of end of the month business. I plan to write much more about this, but not until I have had a chance to do a little research into the chain of events.

There are many things that went wrong at HP, but one of the problems was the leaks. Members of the board of directors should be willing to speak on the record. One of my all time favorite West Wing shows dealt with leaks and the atmosphere of distrust they leave in their wake. I think this is a good time to quote it:

[TOBY ZIEGLER, ADDRESSING STAFF]

There's an old saying: "Those who speak, don't know; and those who know, don't speak." I don't know if that's true or not, but I know that by and large the press doesn't care who really knows what as long as they've got a quote.

Last Friday, we had our Week Ahead meeting in the Roosevelt Room. Some of you were there, most of you weren't, but I'm talking to all of you now.

Bruno Gianelli and I were leading a discussion about whether or not the President should stop in Kansas on his way back from the West Coast, and I remarked that the Vice President is polling better than the President right now in the Plains states... and that if the President is re-elected, it's gonna be on the Vice President's coattails. That remark made its way to a White House reporter.

We're a group. [chuckles cheerlessly] We're a team. From the President and Leo on through, we're a team...We win together, we lose together, we celebrate and we mourn together. And defeats are softened and victories sweetened because we did them together.

And if you don't like this team... then, there's the door. It's great to be in the know. It's great to have the scoop, to have the skinny, to be able to go to a reporter and say, "I know something you don't know." And so the press becomes your constituents and you sell out the team.

So, an item will appear in the paper tomorrow, and it'll be embarrassing to me and embarrassing to the President. I'm not gonna have a witch hunt. I'm not gonna huff and puff. I'm not gonna take anyone's head off. I'm simply gonna say this: you're my guys. And I'm yours... and there's nothing I wouldn't do for you.

Thursday, September 28, 2006

Corporate citizenship

Advanced Data Tools (not a client) links to user groups from its website. It is a little thing, but such an easy way for corporations to promote their industry.

Monday, September 25, 2006

Tom Murphy has a new home

Murphy's Law

A strategic approach to public relations

What niche does your company occupy? Do you do web services projects or content management? Do you cater to the medical market or the financial services market? These may sound like obvious questions, but it is amazing how easily they are overlooked. The answers to these questions will provide the basis for your PR strategy.

Once you identify your niche, you can start planning how best to communicate to your audience. What are your customers’ preferred sources of information? The easiest way to find out is simply to ask them. Once a year Presto Vivace sends out an email to our customers, present and former, asking what are their preferred news sources. More recently we have begun to ask which, if any, blogs they read.

It is also necessary to ask what your customer’s customer reads. That is why I attend so many meetings of local tech groups. This is the audience my clients are trying to reach.

Participating in IT standards discussions offers a great opportunity to meet the players, both competitors and customers. A good standards committee will prevent any single vendor from dominating the standard; but participation will enable you to both keep abreast of emerging trends and ensure that your product is not blocked. Participation in a standards committee is also an opportunity to advance your industry. If that isn’t part of your PR plan, then you don’t have one. Wanting to do the right thing for your industry is part of what separates PR from snake oil.

It is not only useful to participate in your industry’s trade associations, but also to follow your customer's market. For example, if your company provides litigation support software, not only should you be a member of AIIM, you should also buy advertising in your local bar association’s newsletter and even attend an occasional meeting.

Of course, the best PR is to make your customer look good. Almost all the trade magazines have annual “Best of” issues. Resist the temptation to nominate your company; nominate your customer. Nothing is more likely to cement your relationship. If you learn of a “Call for Participation” in a trade conference or seminar, forward it to your customer and encourage them to apply. What do you think would be more persuasive? Giving a presentation on your view of your industry? Or your customer explaining how your company solved their problem? Understanding this is the difference between simple promotion and strategic public relations.

Thursday, September 21, 2006

Torpark

Free anonymous browsing

A modified version of Mozilla Firefox that lets users browse the web anonymously has been released.

The Torpark browser can be stored on and run from a flash USB memory stick, which can effectively turn a PC into an anonymous terminal.


Hacktivismo Press Release

I would be very interested in reviews from security experts.

Wednesday, September 20, 2006

Have a question about SBI-Net?

SBI-Net: Make or buy could be make or break

Staff writer Alice Lipowicz will take your questions about SBI-Net during an online forum Thursday, Sept. 21, from 11 a.m. to 12 p.m. ET.

Federal call for comment, Health IT

HRSA ponders changes to foster health IT in safety-net clinics

The Health Resources and Services Administration is seeking comments from the public on how it can best encourage health information technology adoption in the community clinics it helps to support. ...

... The deadline to send comments to the agency is Oct. 10.


If you have an opinion about this now now is the time to speak out.

She will be missed

Anita Brown, 63; Pushed Internet Use In Black Community

Sunday, September 17, 2006

Thursday, September 14, 2006

Companies clueless about software architecture

ZDNet Asia

SINGAPORE--Many companies still do not understand the role of software architects, with some even throwing the job at junior programmers, according to the Asian branch of the International Association of Software Architects (IASA).

IASA Asia-Pacific Chairman Aaron Tan said most IT projects fail because little emphasis is placed on software architecture in most organizations.

Tuesday, September 12, 2006

Society for New Communications Research Inaugural Awards Gala & Research Symposium

Society for New Communications Research

The Inaugural SNCR Research Symposium, Awards & 1st Anniversary Celebration will be held November 1 - 2 at the Colonnade Hotel in Boston, Mass. Don’t miss this special event featuring the presentation of our first research projects and the unveiling of the first issue of the Journal of New Communications Research.


Unfortunately I will not be able to go; but it sounds like it is going to be a lot of fun.

Monday, September 11, 2006

The wrong way to handle negative press

Tension Escalates Over HP Scandal

Hewlett-Packard Co.'s board of directors yesterday called an emergency meeting for Sunday as a scandal involving spying on board members and journalists escalated and prompted Chairman Patricia C. Dunn to say she would step down if asked.

California Attorney General Bill Lockyer, meanwhile, said the case was wider than previously reported and hinted it that it could go grow beyond the Silicon Valley technology pioneer. In an interview yesterday, Lockyer said the investigation stretches back to 2005 and involves an internal investigation that HP conducted of leaks to the media.

Lockyer is conducting a criminal investigation of how contractors hired by HP obtained personal records by posing as someone else, a practice known as "pretexting," to determine who leaked confidential company information to the media.


She hired professional phishers to deal with a leak???????????

Jeffrey Treem sums it up best.

Sigh

Government Slows Tech Spending

Friday, September 08, 2006

Glorious News

Appeals court upholds state anti-spam law

RICHMOND--The Virginia Court of Appeals yesterday upheld the nation's first conviction under an anti-spam law.

The court rejected an appeal by Jeremy Jaynes, who was convicted in 2004 in Loudoun County of violating Virginia's anti-spam law, the nation's most restrictive law against Internet spam e-mails.


It's a great day for Virginia.

Tuesday, September 05, 2006

No, we are not making this up

Google developing eavesdropping software

The idea is to use the existing PC microphone to listen to whatever is heard in the background, be it music, your phone going off or the TV turned down. The PC then identifies it, using fingerprinting, and then shows you relevant content, whether that's adverts or search results, or a chat room on the subject.


Time to start thinking about using another search engine.

Friday, September 01, 2006

Dundee at one

Today my collie dog turned one. I’ve had him since January. Collies are celebrated for their sweet, placid, affectionate personalities and Dundee is no exception. My previous dog was a pomeranian mix, a very vivacious dog. It is quite a contrast. Both breeds have their charms; but I am really enjoying the collie.

I want to know how to leverage the IASA to help grow my company’s business.

That is the question Nicole Tedesco asked my client, Paul Priess, the founder of IASA. She wrote a very entertaining description of their meeting and it captures the spirit of technology associations.

“But if my company is going to spend money on me doing ‘architecty’ things, then they have every right to know what return they will receive on their investment.”

Paul rose, ostensibly to worm his way to the parking lot where he could grab a quick cigarette hit, but he couldn’t resist making some points while standing up, just before he left. (What a showman!) “How much would it cost to spin up internal education for your architects? How long would it take? How likely will it be that you will be successful? Now, if you could borrow a pre-packaged curriculum from the IASA, how much would that be worth to you?”


It is a very important part of technology and one that is not sufficiently reported in my opinion.

Thursday, August 31, 2006

BOBs 2006

Deutsche Welle Best of the Blogs

We need you to head over to the suggestion form and give us the lowdown on all the blogs that glue your eyes to the screen and the podcasts that make you keep your headphones on. You can choose from the following categories:

Best Weblog, Best Corporate Blog, Best Podcast, the Blogwurst Award, Best Weblog /(Insert contest language here) and the Reporters Without Borders Award. In addition to the overall world's Best Weblog, another award will be given to the Best Weblog in each of the BOBs' 10 official languages making for 15 different prizes.

Who gets to play along?

The Deutsche Welle's Best of the Blogs awards are open to any blog, podcast or videocast in Arabic, Chinese, Dutch, English, French, German, Persian, Portuguese, Russian or Spanish and meet the criteria. Read through the Road Map to find out more of the competition's details.

The people making the decisions

First and foremost, the BOBs are about the Weblogs (and 'casts) you submit, a blog you that is never entered into the contest can never win -- so get to work. When the submission window closes on Sept. 3, the BOBs jury of bloggers, podcasters, journalists and media experts will begin their work.

If your not impressed with the jury members' biographies, then keep an eye on the BOBs Blog, where they will have a chance to stun you with their insight and analysis. And please also check out the sponsors and media partners who are helping make the third annual Best of the Blogs possible.


This is a very clever way for Deutsche Welle to discover which blogs their viewers are reading. If you want to nominate Presto Vivace Blog for best Enlish language corporate blog, you can do so here.

This might not be such a great idea

Plan for Enhanced Federal IDs Could Open Door to a Biometrics Boom

In the coming months, a wave of government initiatives could start making such high-tech methods of identification commonplace -- beginning with the replacement this fall of federal employee IDs. Similar cards are planned for transportation workers, first responders and visitors to the United States.


If someone steals your identity you can persuade the Social Security Administration to give you a new number. What do you do if someone steals your fingerprint?