Articles in “December 2005” from Datamation Blog

Collaboration is, in most cases, a good thing. But when it's done poorly, it can be an expensive proposition. Let's look at the positives. Collaboration can save time and money. It can keep travel and telecommunications costs down. It allows an easy exchange of ideas. It makes it easier for people in different time zones to work together. Good examples of collaboration surround us: we have multiple authors of this blog; no two editors in this EarthWeb channel are in the same physical space; Lennon and McCartney. As for the negatives: people weren't designed to collaborate and share information. Many enterprises make collaboration investments a departmental decision, which not only means there can be numerous collaboration platforms, but restricts who can collaborate. Many people collaborate via e-mail, which is a horrible collaboration tool. Bad examples of collaboration also surround us. Hall and Oates, to name just one. There are more collaboration options than ever. There are collaborative workspaces, blogs, wikis, audio and video conferences, and whiteboards. But this doesn't even begin to touch on how many choices there are, as explained in this article on how to select collaboration tools from IT World Canada.

There are close to 1,000 vendors in the collaboration market, according to David Coleman, managing director of Collaborative Strategies LLC in San Francisco. "There are way too many vendors," he says. Coleman projects that sales of collaboration software, services and related hardware will reach $40 billion in 2008, with an average annual growth rate of 13 percent.

Thanks to Michael Sampson for the link.

Last week I wrote about a study that found compliance initiatives are distracting CFOs from growing their companies and expanding shareholder value. This week, Tony Byrne of CMS Watch has a pair of links about electronic records management (ERM) and how all of this time and money spent on compliance projects isn't rubbing off on ERM. Colman Murphy of Xerox writes in Line56:

Amidst all this spending, funding for electronic records management (ERM) initiatives has lagged. Even when funding is committed, there are still significant hurdles to overcome that can sometimes cause the entire project to grind to a halt.

Among the hurdles Murphy mentions are unforeseen costs, slow adoption, and the lack of a champion within the organization. Writing in CMS Watch, Priscilla Emery tries to sort through the perplexity of ERM certifications and how they relate (or don't relate) to compliance. Enterprises that need to store their records according to a standard such as DoD 5015.2 have it pretty straight forward; not so when it comes to Sarbanes-Oxley.

Just about every vendor will tout its ability to support everything from Sarbanes-Oxley to HIPAA regulations. However, there are no certification specifications or procedures for any of these compliance activities at this point.

Sarbanes-Oxley isn't a records management issue. Or maybe more accurately, it isn't just a records management issue.

...although records management can play a significant role in Sarbanes-Oxley compliance most of this activity is associated with financial reporting and monitoring financial processes making workflow activities and process monitoring more important features to focus on than just records retention.

John Diebold, the man who pushed businesses to computerize as far back as the 1950s, died yesterday at the age of 79.

He died at his home in Bedford Hills, N.Y. from esophageal cancer, according to a report in the New York Times.

To say that Mr. Diebold was a man ahead of his time would be a gross understatement. Remember back when computers weighed not pounds, but tons? Well, even back then he tried to tell the world how programmable devices could change the way business was done. He authored the book Automation to evangelize about opportunities that computers would bring.

Mr. Diebold went on to create an international consulting firm and explained technological advances to the likes of Boeing, Xerox and AT&T. The New York Times raves that he ''persuaded major corporations to automate their assembly lines, store their records electronically and install interoffice computer networks''. That's high praise from a cynical industry.

Mr. Diebold saw how computers could change business and society. He saw the benefits that technology could bring to this world. And he worked for decade after decade to educate the rest of us about it.

For that kind of vision and passion, he will be missed.

There's an interesting discussion online about whether the new network-centric social software applications that have come to be known as Web 2.0 will eventually evolve into enterprise applications. Phil Wainewright calls this shift Web 3.0. According to Wainewright's initial post:

I'd like to make one thing is absolutely clear right from the outset: Web 3.0 isn't just about shopping, entertainment and search. It's also going to deliver a new generation of business applications that will see business computing converge on the same fundamental on-demand architecture as consumer applications. So this is not something that's of merely passing interest to those who work in enterprise IT. It will radically change the organizations where they work and their own career paths.

I don't know if I'm sold on this, but I've heard stranger things. My biggest issue at this point is that most office workers are too comfortable in the world of Windows applications for this to happen right now, but no one is saying this will happen overnight. John Hagel has his own opinions on how Web 2.0 will or will not morph into Web 3.0.

Phil is focusing on two related changes. First, the emergence of the traditional enterprise as a significant new customer set for the technologies that are shaping Web 2.0. Second, and related to the first, an urgent need to define and deploy more sustainable business models. In particular, he has been hammering appropriately on the need to define other revenue models beyond advertising for the enterprise market. But these are not profound technology shifts. These are marketing opportunities and business challenges created by Web 2.0 technology.

Whenever Web 2.0 fans talk about their favorite applications getting traction on the enterprise level, they point to Dresdner Kleinwort Wasserstein, which implemented wikis to replace its intranet. As a journalist, one thing I've noticed is that the Dresdner example has been kicked around for some time now. If Web 3.0 is coming, we'd better see some more examples soon.

Firefox fans are going to love this. Bruce Schneier wrote yesterday about a browser study from August that measured the number of days browsers were known to be unsafe.

The researchers tracked three browsers (MSIE, Firefox, Opera) in 2004 and counted which days they were "known unsafe." Their definition of "known unsafe": a remotely exploitable security vulnerability had been publicly announced and no patch was yet available.

Microsoft's Internet Explorer was 98 percent unsafe; meaning there were only 7 days in 2004 that didn't have an unpatched publicly known security hole. And that's only publicly known holes. Firefox was 15 percent (56 days); Opera was 17 percent (65 days).

I expect next week to be a slow week, but I'll be in the office for two days anyway. One of my projects will be updating Intranet Journal's Spyware Guide. I'll have to find a place to add a link to this post by Suzi Turner on ZDNet's Spyware Confidential blog. Suzi enumerates the top 10 tricks causing the spyware epidemic; everything from adware, AIM worms, to Sony's rootkit (of course). Not only is there a list of methods used to spread spyware over the past year, but there's citations and links so you can read more about the exploits. If spyware has been a problem in your organization this year, you may want to publicize these among your users. That's all for me this week. Have a Merry Christmas, a Happy Chanukah, a splendid Kwanzaa, or just a nice weekend. Whatever floats your boat.

The FTC has told Congress that the CAN SPAM act is working. When I first saw this news on Thursday, I thought maybe there was something to it. I only had about 70 spams waiting for me in the morning. Today it was back up to about 130. That's pretty normal.

The FTC cited two studies in its report. One, by e-mail filtering company MX Logic, said spam accounted for 67 percent of the e-mail passing through its system in the first eight months of this year. That's down 9 percentage points from the same period a year earlier. The second report by MessageLabs, another e-mail filtering company, said spam rates rose for much of last year but have since declined and hover near the levels they were at in December 2003 — when Congress passed the anti-spam legislation.

There are several problems with CAN SPAM, the most obvious being that it's a law for an online activity that only applies in the United States. Let's just say those Nigerians aren't shaking in their boots. As with most pieces of superficial legislation, the law was more about politicians backing a bill that everyone supports in theory. But this morning I realized another reason spam rates may be dropping. I have been deleting spam comments from this blog all morning. (Why do people even bother? We delete them before they see the light of day.) This makes me think that while e-mail spam may be down, it's likely spammers are just spamming blogs, because that's what superficial legislation does, it makes the bad guys change tactics. It's not just comment and trackback spam that's threatening to do to blogs what spam did to e-mail. AdWeek quotes research saying one in five new blogs is pure spam.

A study commissioned by McAfee in Europe puts some numbers to the danger that systems and networks face from within. Here's some of the findings:

• 21% let family and friends use company laptops and PCs to access the Internet
• 60% admit to storing personal content on their work PC
• 10% admit downloading content at work they shouldn't
• 51% have no idea how to update the anti-virus protection on their company PC

You can read more of the results from The Register. You can protect all you want against attacks from the outside, but those insiders, especially those laptops and devices that leave the office, can kill you. Of course, if you were part of the audience for our Enterprise Security Challenges for 2006 webcasts, you heard all of this. If you weren't, you can still catch them on demand. Thanks to Bruce Schneier for the link.

There's a chance someone in your organization is using an IM screen name like CrazySexyKewl. Sure, they'd have to be missing a common sense chip or be totally deaf to social norms, but the IM screen names in your organization may need a review, according to Ferris Research.

If you're an IT manager and your users employ instant messaging as part of their jobs, you need to ensure their screen names present an appropriate image of your company.

There's a good idea in the comments to that post too. Not the one that tries to sell IBM software, but the one that suggests your employees use their company e-mail address as their IM screen name. Thanks to the Computerworld IT Management Blog for the link.

I don't know why this took so long, but it appears election officials around the nation are awakening to the fact that electronic voting machines are easily susceptible to tampering. Brian Livingston wrote in this week's Executive Tech column (Fixing Elections for Fun and Profit) that two counties in Florida scrapped their e-voting machines made by Diebold Elections Systems "after computer experts showed that vote totals could be changed by a single individual in a way that would be undetectable later." Now I read in SiliconValley.com, via Techdirt , that the secretary of state in California has refused to certify Diebold voting machines in 17 counties. In a letter to Diebold, an aide to the secretary of state cited "unresolved significant security concerns" about the memory cards used to store votes in each machine. According to SiliconValley.com:

The Secretary of State's office is asking Diebold to submit the machine's source code for review by the federal Independent Testing Authorities before resubmitting the company's application for certification in California.

Diebold, which has a history of refusing to share source code and then providing lame reasons for not doing so, says it will review the state's request. Why do I get the feeling the state's "request" will be rejected?

I clicked on the Wall Street Journal link in Mike Pastore's post below about telecommuting and stumbled upon a short article that job hunters may find very helpful. It's about using discretion in the workplace when looking for another job. Among the tips offered:

Keep your big mouth shut. Even if one of your co-workers is your bestest friend in the whole world, if you tell just one person in your office that you're looking for a job, you may as well distribute a podcast announcing your employment plans. Don't leave tracks. You have to assume your employer (or these days, your government) is monitoring what you do on the job. So avoid using the office fax, telephone, computer and email account. Dress up more. If you normally dress as if you're headed to a techno-rave, and then show up looking like a Brooks Brothers mannequin, it may (rightfully) arouse suspicion that you have a job interview elsewhere.

Observe these basic rules and you should be able to fly safely under the radar. Happy job hunting. Not that I think you're looking or anything.

Working at home requires discipline. Anyone who has tried to do it, even from time to time when it snows, knows this. Telecommuting has gotten a lot of press lately. When it works, it makes life easier for employers and employees. When it doesn't, you get a story in the Wall Street Journal. (A free story too; it must be Christmas.)

Conditions at home can be more dungeon than castle, and in contrast to turf wars at the office, you can't escape the enemy at night. Contract manager Bill Hall started working from home in mid-August, setting up shop in his basement, which has two small casement windows stingy with light. His son, a high-school senior, gets frustrated that he can't blast his music or the enemies in his videogames the way he used to. And while Mr. Hall squeezes in tasks like doing the laundry, loading the dishwasher and reorganizing the refrigerator, that 110% effort isn't always appreciated.

There's other tales too, of nosy neighbors and family members, annoying pets, and co-workers and supervisors who don't give people who work from home credit for the work they do. Like a lot of things, telecommuting depends quite a bit on corporate culture. If it's going to lead to suspicions you aren't pulling your weight, then maybe you work for an organization that should keep people in cozy little cubes. If you aren't pulling your weight because... I don't know... your cat slept on your laptop and hit a bunch of buttons while dreaming about the Manx next door (as did one cat in the article; Manx excluded) then perhaps you're not cut out for working from home. That's all from this cozy little cube.

This isn't really a shock, but I thought I'd follow the lead of the folks at ABI Research and buck the trend by predicting things that won't happen when the calendar turns. ABI's whitepaper, "What ISN'T Going to Happen in 2006," (free registration required) focuses mainly on RFID, wireless and cellular networks, and related non-predictions. I like this approach, actually. We see enough predictions about the next great thing, it's about time someone temper the enthusiasm with a more realistic look. And as a PR move for ABI, well I wrote about it, didn't I? Among the things you won't see in 2006, according to ABI: successful video products from the satellite radio companies; successful broadcast mobile video products; cellular communications on airplanes; 802.11n products on the market; and widespread adoption of e-passports. Give it a read.

As Mike Pastore pointed out yesterday, we've made little headway in our battle to rid the Internet of spam. And while some remain hopeful that we really can defeat the spam monster, others -- in this case David Clark of MIT -- fear for the very future of the Internet itself. Clark, quoted in a multipart article in MIT's Technology Review, argues that its lack of built-in security, along with its increasing inability to easily accommodate emerging technologies, could make the Internet not worth the hassle:

"We might just be at the point where the utility of the Internet stalls -- and perhaps turns downward."

I like this description of the contemporary 'Net experience by article author David Talbot:

[F]or the average user, the Internet these days all too often resembles New York's Times Square in the 1980s. It was exciting and vibrant, but you made sure to keep your head down, lest you be offered drugs, robbed, or harangued by the insane.

All of that happened to me when I visited Times Square in the '80s. And the same thing is happening on the Internet today, only now the insane are called bloggers. According to the article, "Clark argues that it's time to rethink the Internet's basic architecture, to potentially start over with a fresh design," rather than trying to make do with the current flawed architecture cobbled together over many years. It's pretty fascinating, high-level stuff. And while the notion of rebuilding the Internet from scratch to make it less vulnerable to spam, viruses and other cyber-scum seems daunting, the alternative is to let this Times Square get worse. Put me down as in favor of a do-over.

IT professionals don't have to join the GTD cult to become more efficient, effective and productive. I mean, if it works for you, go right ahead. Followers of productivity coach David Allen's Getting Things Done credit the time-management book with transforming their jobs and lives. It's just that there's a good column over at CIO Update which also offers advice on managing your time, but takes a different tack than Allen's process- and detail-driven approach. Rajesh Setty says CIOs should put aside their "to do" lists and begin thinking strategically:

What you really need to focus on is leverage  how to get the most out of your time rather than how many things you can get done within a specified time.

Accomplishing that, Setty says, requires thoughtful planning and utilizing the resources at your disposal, not getting all frenetic and list-happy. He also offers this insight:

The genesis of time management problems is the commitments you make to others.

So the reason you never have time to get everything done is those damned other people! I knew it! Actually, what this really means is you have a hard time saying "no" and, like a sap, are prone to overcommitting. All is not lost, though. You can learn to negotiate and re-prioritize in order to get the important things done. Now go do that.

There is no bigger waste of time for IT professionals than Sarbanes-Oxley compliance, and that's not just me saying that. That was one of the findings of a survey this past summer of Share members; Share being the oldest independent IBM user group in the land.

One of the survey's questions asked respondents to imagine themselves being transported to 2015 and then looking back at 2005 and what they thought in retrospect would prove to be either an ineffective or wasteful use of their IT time. Twenty-eight percent of those polled cited Sarbanes-Oxley compliance, followed by deployment of unproven technologies (23 percent), purchase of unneeded technologies (19 percent), and continuing support for outdated technologies (17 percent). The fifth-rated bugbear cited by 10 percent of respondents was external consultants, with software upgrades only distressing one percent of those polled.

And there's this from Robert Rosen, president of Share:

"[Sarbanes-Oxley compliance] is occupying a lot of people's time and they can't figure out what the return on investment is there..."

There's avoiding fines and staying out of the pokey, just to name a couple off the top of my head. Thanks to Paul Chin, a regular contributor to Intranet Journal, for bringing the survey to my attention.

You know what drives me nuts? When you make some ridiculous prediction and a couple of years later someone calls you on it. So let's say you lead the top software company in the world — that you're one of Time magazine's people of the year even — and a couple years back you said we'd be done with spam in two years. And now you're down to just a couple of weeks. Not only is spam still a problem, but it's one that Ray Everett-Church says is fixable. Unfortunately, it's become a way of life and most of us just try our best to ignore it.

If there has been any major difference for spam this year, it's been that in 2005 the anger toward spam has been replaced by a kind of grudging acceptance that it's just one of those annoyances that isn't going to change anytime soon.

And that leads to spam becoming a back-of-mind issue.

We didn't hear too much this year about spam. Aside from a few successful lawsuits against a handful of spammers, and a handful more being sent to jail under various federal and state anti-spam laws, there has been precious little groundbreaking news in the world of spam.

Maybe our software leader became obsessed with a certain search engine in the past two years and lost his spam focus. That's what drives me nuts; that, and the 169 spams I had waiting for me this morning.

Certain things are guaranteed to test one's holiday cheer: Mall gridlock, losing a bid for immortality, and hackers. An article published today at Sys-con-Brasil offers some interesting info on cyber-extortion:

The newest ransom caper in real life involves hackers taking over an individual's or company's computer, scrambling or encrypting documents, videos, spreadsheets, databases, and other crucial files, and then demanding a ransom to unlock the files and make them usable again. Called "ransom-ware," this new malicious code combines the worst of spyware and Trojan horses.

Not exactly script kiddies testing their chops. The article cites a Carnegie Mellon study which "found that 17% of businesses had been the target of cyber-extortion." And the stakes could get higher:

Professional criminals can command legions of vulnerable computers to send denial of service attacks. Adding ransom-ware to their arsenal would pose a formidable threat that could have serious security and economic ramifications.

Just what IT security pros -- and the rest of us -- need.

Get used to reading about studies this week because no one's going to be releasing much in the way of news. That includes a study that found your next CIO might be wearing a suit.

"It's funny because there's been some talk about this happening for the last three or four years," says Phil Bloodworth, a partner in Advisory Services at PriceWaterhouseCoopers. "Now we're finding that it's being put into practice. It's actually happening. Companies put someone over technology who isn't necessarily a technologist. They're more of a strategist or a business person."

This is one way to align IT with business. I think in the future you'll see more people who are adept at both; technologists with MBAs, for example. As for how the geeks are handling this change in CIO background:

"It's going over pretty well," he says. "Let me tell you why. If you get an IT organization that's not viewed as just driving the bus, but it's viewed as someone who's tactical and strategic, then technology is elevated. IT is becoming elevated. There will be the crusties who don't like that. But the enlightened IT professional, who wants a broader perspective, will like this move. It's elevating their status in the company and it's allowing them to help the company achieve its strategic goals."

I'm waiting for the remake of A Christmas Carol where Bob Cratchit is a CFO stuck in the office working on Sarbanes-Oxley paperwork for Christmas. OK, I'm not. I actually like the original. But the more I read about compliance regulations and the impact they have on business, the more I think they were the government's gift to the professional services industry. As someone who follows the enterprise content management market, I saw that sector jump on the compliance bandwagon early. Then it was the security sector. Funny thing is, the word "software" isn't mentioned anywhere in Sarbanes-Oxley. We're probably going to keep hearing that software is the answer to compliance questions because word came down last week in a survey from IBM and The Economist that CFOs will likely be working through the coming holidays.

Chief financial officers are so swamped with earnings reports and compliance work that they are not able to focus on expanding their companies and driving shareholder value, according to a global study released Friday.

I wonder what the CEO is doing while the CFO is buried in compliance hell...

CFOs who are bogged down with operational and financial details may have trouble focusing on strategy, but a CFO who focuses only on strategy may not have enough operational information to make the best decisions

Better get him some IBM software.

Publicly accessible files on your Web site may be leaking sensitive information in the form of meta data, user names, and file locations, according to a study. The study was conducted for Bitform, which is in the content security business — so the findings are, shall we say, anticlimactic. But the list of things that are hidden in the meta data of Microsoft Office files can be extensive, and they can be embarrassing if not dangerous. Among the information left exposed in online documents, according to the study:

• Author histories
• File paths
• Printer information
• Outlook properties
• PowerPoint speaker notes

Biform CEO Joe Keslin explains the problem:

"You don't have to expose your trade secrets to open your organization to potential harm. For instance, what we call Outlook Properties is a great example of information that you probably don't want to expose to the world. This includes a user's email display name, the subject line of the email that contained the file attachment, and the sender's email address. As an executive, I don't want my employee's display names and email addresses made available to competitors, recruiters, social engineers, hackers or anyone else that we don't explicitly want to share this information with."

If buying software isn't your thing, Microsoft does have instructions for removing meta data if you know where to look. Not to pick on Microsoft, the meta data in Adobe's PDF files has been an issue too.

With media reports on the traffic the day before Thanksgiving and shopping on the day after Thanksgiving, the holidays can sometimes seem like an annual repeat. Lists of predictions, reviews, and resolutions are no different. We're not ignoring the ubiquitous lists of predictions for the IT world here at the Datamation blog (I wrote about one for Microsoft last week), we're just waiting for a list of predictions that makes us think. Let's take Bruce Perens' Forecasts for 2006 as an example. Among the predictions I found interesting:

• Java begins its decline as an enterprise platform
• Trouble ahead for PHP
• Cellular carriers are just carriers

Details on that last one:

...remember the first generation of internet providers? Compuserve, Prodigy, Genie, GNN, and AOL all worked hard to provide unique content and enhance the user experience. They lost out to a second generation of internet providers that were just high-speed data pipes, while content moved to carrier-independent entities like Google and the user experience was engineered by software application providers like Netsape, Microsoft, and eventually the Mozilla project.

PHP's problems, Perens says, have to do with multiprocessing and security. Thanks to Stephen O'Grady for the link.

Those crazy Terrapins at the University of Maryland have been setting out the honeypots and gathering quantitative data on how hackers break into computers, and what they found could change the way you think about secuing your computers. Assumption: port scans precede actual attempts to hack into computers. Reality: More than 50 percent of attacks are not preceded by a scan of any kind.

This means that security administrators may be using flawed assumptions to prevent attacks. Many IT administrators try first to detect scans and then take preventive measures to secure their networks. The research shows they may be acting too late to prevent the bulk of hacking attempts.

The researchers also measured the time separating scans from attacks, conducted a longitudinal study of malicious activity recorded over one year, as well as a comparison between malicious activity from inside the university with malicious activity from outside. There's a PDF of the findings available. Enjoy.

If you're reading this blog via an RSS feed, know that you're one of the elite. Most studies seem to put the number of people using RSS at about 5 percent of Internet users. This, of course, means that mainstream users have yet to catch on. RSS remains a toy of the tech world. But all of that could change with the upcoming versions of Windows Vista and Internet Explorer 7.0, we can presume. Once Windows starts integrating things, the masses tend to catch on. One problem, however, has been finding an icon to alert users an RSS feed is available in the upcoming version of IE. Those of us who do this for a living know the orange XML icon and blue RSS icon, as well as any number of icons (or chiclets as some like to call them) from Bloglines, FeedBurner, and My Yahoo, let us know we can subscribe to the content. Casual Internet users click on the links, see a page of XML code, and hit the Back button. The people at Microsoft have put a lot of time into how they will communicate the availability of a feed. Microsoft's RSS blog has been publishing example icons and looking for comments for quite sometime. And the winner is... The same icon that Mozilla uses for RSS feeds in the Firefox browser. Microsoft will be using the icon, with the permission, agreement, and cooperation of Mozilla of course, in the IE 7.0 command bar whenever a page has a feed associated with it, and in other places in the browser when it needs a visual to represent RSS.

This kind of takes the Ho Ho out of the holidays.

It seems that a lot of IT professionals won't be home opening presents on Christmas morning or celebrating Hanukkah with their families. And plans for ringing in the New Year? Don't mark that down in your PDA just yet.

Nearly 50 percent of email administrators will be working this Christmas and New Year's because of email problems, according to a new Osterman Survey, which was sponsored by Zenprise. And 42 percent of IT managers and email administrators said they worked on Christmas at least once in the last two years because of an email problem. Forty-four percent said they worked on New Year's Day because of email problems.

Maybe letters to Santa should have included a request for the holiday at home... or trouble-free email.

When it comes to garnering admiration in the world of business, the captains of technology are second to none. Well, technically, I guess only Bill Gates is second to none. The Microsoft founder has been named the world's most admired business leader in a survey by PR firm Burson-Marsteller and the Economist Intelligence Unit, based in London. But three of the top four were technology titans. Finishing as runner-up, or second to one, was Apple founder Steve Jobs, while Dell Computer's Michael Dell was fourth. Which must make him "second to three" because "fourth to three" strikes me as redundant. Survey respondents included CEOs, senior executives, financial analysts, business media and government officials in North America, Europe, Asia and Latin America.

A new study from Harvard Medical School concludes there is no link between excessive computer use and carpal tunnel syndrome. Since I'm not about to plunk down $24 for the report (which you can do here, if you want), I have no details other than what I get from news stories and Harvard's press release. But here's a summary of what the study concludes:

Heavy computer use -- up to seven hours a day -- does not increase risk for carpal tunnel syndrome. However, improper computer use and other workplace conditions can contribute to a type of disorder known as repetitive stress injury.

OK, I'll buy that. Now here's my unscientific, anecdotal 2 cents: I've been sitting in front of computers, typing words for a living, for more than 20 years. The only time I've ever experienced pain in my wrists was in 1996, when one of my jobs was to help create links for my publication's new web page. It involved an intensive amount of mousework -- I was clicking, dragging and dropping up a storm. Whatever the official affliction, it was killing my right wrist, and soon I felt sharp pains shooting from my little finger toward my elbow. I tried alternating hands as I moused away, with the predictable result that both wrists hurt. Fortunately that gig lasted only about six months or so. Once I stopped the crazy mousework, the pain slowly went away. Ever since then I've been pretty convinced that excessive mouse use -- yes, along with poor posture, etc. -- is bad for you. And while I can't dismiss the Harvard study merely based on my own experiences, it's drawing fire elsewhere on the Internet. I think this guy may be onto something, though.

Will actually come tomorrow during the last Webcast in our Enterprise Security Challenges for 2006 series. This one has been a challenge to put together because the topic is continually evolving, and my inbox gets more potential information every day. It's online shopping season and people insist on reminding people about online fraud and identity theft. Just yesterday I was preparing the part of my presentation that talked about two-factor authentication, and why some experts think it won't work for, say, online banking customers. The Federal Financial Institutions Examination Council expects banks to adopt some form of two-factor authentication by the end of 2006. Some experts say two-factor authentication will just make the bad guys change their tactics, which really accomplishes nothing. They'd like to see banks and other financial institutions held liable for fraud and identity theft. That, they say, is what will really get people serious about the problem. Word comes today, via Bruce Schneier's blog, that South Korea is going to do just that.

The new laws will require financial firms in the country to compensate customers for virtually all financial losses resulting from online identity theft and account hacking, even if the banks are not directly responsible.

We'll see how well it works. In the meantime, I've had my fill of online fraud and will put the topic to bed for the remainder of 2005 after tomorrow's Webcast.

If online content really wants to be free, it's slowly getting its chance. The Toronto Star has removed the registration requirement from its Web site, the star.com. By my unofficial tally that's two major newspapers that have dropped the registration requirement in the past two months. The Houston Chronicle dropped registration in November. Both the Star and the Chronicle had free registration for readers.

"We believe that in order to be competitive in the online news and information space, growth of both audience and page impressions will be the cornerstone of our success. Further, we believe that the key to that growth is through the removal of all barriers, including registration," said Michael Goldbloom, Publisher, Toronto Star. "Our online readers have told us that registration is an inconvenience. We listened to our readers, and we've removed mandatory registration from our site."

It seems the Star has realized that even if you are the largest daily newspaper in Canada, the way to make money in online publishing is to get eyeballs to your ads. Standard & Poor's latest look at the media industry panned pretty much every sub-sector (especially those God-awful movies they keep releasing and the disaster called radio) with the exception of online advertising.

Even assuming that growth decelerates somewhat, Internet advertising is likely to exceed magazine advertising in 2006. Spending on Internet ads could potentially surpass spending on radio in 2008, assuming 1% to 2% growth in radio ad spending and a minimal contribution from satellite radio.

Even with the Winter Olympics coming up in 2006 and what figures to be a pretty eventful midterm election next November, advertising is going to have problems because it seems slow to move where the consumers are.

The broad shift of viewers and advertising dollars to the Internet is deeply troubling to many media companies, TV networks are grappling with the implications of ad-skipping technologies, and key advertisers like automakers and retailers are rethinking their ad budgets.

There's a battle shaping up now in Washington between telecoms and online content providers that could determine how the Internet is used -- and what it will cost. Under the proposal being pitched to lawmakers, telcos and cable companies could create a higher-speed Internet and charge both consumers and online content providers to use it. As explained in this Boston Globe article:

AT&T and other telecoms want to charge consumers a premium fee to connect to the higher-speed Internet. The companies could also charge websites a premium to offer their video to consumers on the higher-speed Internet. That could mean that a company like Yahoo might have to pay AT&T to send high-quality video to AT&T subscribers.

Needless to say, online content providers such as Yahoo, Google and Time Warner are adamently against the proposal. This story reports that Vint Cerf, Internet pioneer and now a vice president at Google, argued against the plan in a letter to a House Energy and Commerce subcommittee:

"This bill would do great damage to the Internet as we know it. Telephone companies cannot tell consumers who they can call; network operators should not dictate what people can do online."

Admittedly I'm biased as a consumer, but I favor the status quo, and thus hope the content providers' lobbyists are more effective than the telco lobbyists.

Or at least they will be if they take the advice of Jon Oltsik, a senior analyst at the Enterprise Strategy Group. Oltsik says his early advice for 2006 is to outsource security because it's cheaper, better, and it makes good business sense. After all, we outsource just about everything else. What's that you say? Security is rarely outsourced because it's like trusting someone else with the keys to the place? That has been the conventional wisdom in the past, but Oltsik says outsourced security is better.

Here's another controversial but true statement; most security folks aren't big picture guys. They may kick butt at managing a Check Point firewall but do they really have the technical or business skills to protect a critical business process? Nope. Security outsourcers certainly can match your folks on basic security skills and since they work with 100s of customers, they simply gain more worldly experience than you can. This is a big plus when you change the discussion from firewall settings to securing your e-commerce applications.

What Oltsik doesn't mention is that many large organizations are starting to outsource their security as part of their moves to outsource compliance. Security alone didn't seem to warrant outsourcing, but according to the IT Compliance Institute, combining it with compliance was apparently getting too far away from the core business for many enterprises.

Greg Gianforte, CEO of RightNow Technologies, accuses the major software vendors of selling platforms with no tangible value in BusinessWeek this week. He compares the way major vendors sell software these days to your mechanic giving you a set of tools instead of fixing your car. According to Gianforte, whose piece is called "The Great Software Platform Hoax," platforms aren't platforms anyway; they're "marketectures" that exist to rationalize bad acquistions, and they exist as smokescreens to hide that the fact that the vendors haven't delivered good software.

Corporate customers, however, aren't out shopping for new computing platforms. They need business solutions that actually help them compete and succeed in the real world. They also want something that no platform-obsessed vendor seems able to provide: a technology partner that can actually be held accountable for promised business results — such as increased revenue, reduced expenses, faster time-to-market, or improved customer satisfaction.

As an alternative, Gianforte suggests an on-demand delivery model, which eliminates the need to create a proprietary technology platform as a competitive differentiator. He also suggests open source, which commoditizes the software stack.

So Microsoft is launching a contest in India to find new programmer talent, with the top prize being a yearlong internship with Bill Gates' technical team. If Wag-Ed isn't packaging this as an "Apprentice"-style television show, Redmond should dump them and get a new PR firm. This concept is a winner. After all, "The Apprentice" has done miracles for Donald Trump, thrusting him back into the spotlight just when it seemed he was fading from public view, if not the New York Post. And, PR-wise, Gates is starting from a better position: He's much richer than The Donald and has (marginally) better hair. Now that I think of it, Steve Ballmer does too. Most important of all, it would steal Google's "mindshare," at least for one hour of prime-time a week. Sure, there would be challenges. Coding showdowns tend not to make for the most riveting viewing, no matter how many quick-cuts, zooms and other camera tricks are used. And, truthfully, it might take some doing to "tease out" the nascent star quality in your average dorky programmer. But there's a solution to those problems that's as old as silent film: Eye candy. Teach some HTML to a couple of Bollywood babes and you can start booking advertisers. As for the "catch-phrase" Gates utters when he "fires" an unfortunate programmer, how about: -- "Fatal error!" -- "I'd offshore you if we weren't already in India!" -- "I hear Google's hiring." Or simply have Ballmer hurl a chair. Now that would be good television.

Nearly anyone who has ever written anything remotely negative about Apple (or even quoted someone else saying anything remotely negative about Apple) knows the drill: Publish your piece and await the arrows of indignation let fly by outraged Apple blowdiehards. It's usually a short wait. A journalist named Harris Collingwood knows well this phenomenon, and has authored an interesting piece here explaining how Apple has acquired such fanatical devotion:

The general perception of Apple as an exceptional entity rather than a profit-making enterprise is no accident. Apple's leaders have assiduously cultivated the image of a corporation that is hip, stylish, humane...

This, Collingwood argues, has led to a double-standard:

Despite some hooting and hollering on weblogs, the majority of the business press and the buying public don't seem to object when Apple, say, takes legal action against some of the biggest fans of its products. ... It's as if the entire company has ingested some magical elixir that immunises it against bad publicity.

So what's Apple's secret? According to Collingwood, it "can be boiled down to five simple rules that apply not just to Apple but to other companies as well." They are:

1. Excellence trumps everything
2. Decide on your story, then stick to it
3. Choose your friends well
4. Choose your enemies better
5. Let your allies play bad cop

I know some of the above items seem vague out of context, so I urge you to read Collingwood's entire article, which also includes this all-important caveat: "Of course, your products had better be as good as Apple's too." Fire away.

I've been trying to keep tabs on the latest methods being used to commit fraud online for my upcoming Webcast on Thursday. This one seems almost far-fetched. It comes from Fleet Owner, a publication for people in the trucking industry. Now, remember something: the trucking industry has been at the forefront of a lot of technology movements. Admit it, long before you knew what a Blackberry was, UPS drivers were using handheld computers. Electronic manifests cut down on the paperwork for truckers. Telematics are used to monitor truck performance and location. But these electronic innovations put physical loads at risk the same way that software with holes can put electronic data at risk. And there usually comes a time when your sensitive is shipped via a truck. At a trucking safety and security seminar in Washington, D.C., Stephen Spoonamore, CEO of data security consulting firm Cybrinth, talked about e-hijacking.

He pointed to the supposed loss of 3.9-million banking records stored on computer backup tapes that were being shipped by UPS from New York-based Citigroup to an Experian credit bureau in Texas. "These tapes were not lost — they were stolen," Spoonamore said. "Not only were they stolen, the theft occurred by altering the electronic manifest in transit so it would be delivered right to the thieves." He added that UPS, Citigroup, and Experian spent four days blaming each other for losing the shipment before realizing it had actually been stolen.

This isn't an easy thing to do. Spoonamore said upwards of 15 to 20 people were needed to hack five different computer systems simultaneously to breach the electronic safeguards on the electronic manifest. Thanks to Bruce Schneier for the link.

In an effort to milk one news item for two blog posts provide readers with more fascinating data, I want to return to the security survey I wrote about earlier today. The (ISC)? survey of information security professionals confirms what often has been said about the IT jobs market: In the enterprise field, security is a pretty good place to be. There are 1.4 million information security professionals in the world today, an increase of 9 percent over 2004. That's impressive growth, and IDC expects it to continue, predicting there will be 1.9 million IT security pros worldwide by 2009. Most of the rest of the study is an advertisement for certification, but demographic charts on company size and revenue make it clear that a large number of IT pros still aren't tuned in to their organization's business. Only 2.3 percent of respondents were unable to tell IDC how many employees were in their organizations. In other words, almost all of them knew how many people were hooked into the enterprise. But when asked how much revenue their companies generate, 16.4 percent of respondents said they didn't know. I'd say the IT/Business alignment advocates still have some work to do.

IT professionals long have fought a frustrating, sometimes futile battle to persuade cost-conscious C-level executives to make security a higher priority. That may be changing, based on a recent survey of more than 4,300 information security pros in more than 80 countries. According to the second annual Global Information Security Workforce Study, conducted by global analyst firm IDC and sponsored by the International Information Systems Security Certification Consortium (ISC)?:

...ultimate responsibility for information security moved up the management hierarchy, with more respondents (than last year) identifying the board of directors and CEO, or a CISO/CSO, as being accountable for their company's information security.

Specifically, nearly 21 percent of survey respondents said their CEO ultimately is responsible for security, up from 12 percent last year. Those saying the board of directors bears ultimate responsibility for enterprise security neared 6 percent, more than double last year's 2.5 percent. For IT pros, that's good news. It means more high-level executives are paying attention to security and taking it seriously. IDC says this trend is fueled by the need for effective risk management and IT governance strategies. Sounds about right. Further, nearly three-quarters of respondents expect "their influence with executives and the board of directors to increase in the coming 12 months." It's a lovefest, I'm telling you.

What happens when a bunch of analysts who once worked for Microsoft make a list of things Microsoft needs to do in the New Year? Well, most likely, nothing. But that doesn't mean Susan Kuchinskas' piece in InternetNews this week wasn't an interesting read. The list comes from Directions on Microsoft, where many of the analysts are former Microsoft product managers. It reads like this:

1. Get Vista into the boardroom
2. Application security and reliability
3. More information about plans for its "managed solutions" hosted software initiative
4. Developer tools for Windows Vista
5. Extreme Makeover: Online Strategy Edition
6. Clarify the solutions line of business, which has been re-named Dymanics
7. Turn Microsoft's Dynamic Systems Initiative (DSI) for managing software from vision to reality
8. If not roadmaps, then clear policies
9. A killer game for XBox so it turns a profit
10. Resolve the disconnect between software assurance plans and the actual product release cycles

And once you're done with that, Microsoft, track down an XBox 360 for Ballmer's kids.

Given the legal issues that Blackberry developer RIM is fighting these days, Gartner is advising its clients to halt Blackberry deployments until the lawyers can figure it all out. Here's the short of it: RIM is in a patent dispute with a Virginia firm called NTP.

According to a statement issued by NTP, the ruling allows the company to continue moving forward in the case, including re-confirmation of an injunction that "prohibits RIM from selling, using or importing into the United States infringing BlackBerry hardware and software until the last of the litigated patents expires in 2012."

You can see why Gartner recommends putting the brakes on. While Gartner thinks it's possible the legal issues will be settled within a month, the firm is advising clients to halt all Blackberry deployments until it's settled. Gartner also wants clients to pressure RIM into making information about a workaround plan publicly available. Up to now, RIM says it has a plan, but hasn't shared. Finally, Gartner thinks clients can look for alternatives to the Blackberry, with the warning that similar devices may also have legal issues with NTP. A laptop with a wireless card might be the best solution.

So says a GAO study that found that tracking down phishers, scammers, and online swindlers is next to impossible because the WHOIS database is apparently run by that Iraqi Information Minister. There are roughly 2.31 million Web addresses where no one knows who the owner of the site is or how to contact them.

A November report by the U.S. Government Accountability Office (GAO), published Wednesday, shows 5 percent of all domain names ending in .com, .net and .org have "patently false" data in the fields where contact information is stored, such as e-mail addresses, phone numbers, names and mailing addresses.

You don't say? Last month in a post about marketing, I commended the people behind Lost for the Web site for the show's fictional airline. It's a nice guerilla marketing touch. Clearly the people behind that idea knew the WHOIS database wasn't an issue, because the site isn't registered to ABC or the producers of the show. It's registered to Oceanic Airlines, an airline that exists solely to be used in fictional television shows and movies (Executive Decision is a movie that used the same airline), at a fictional address in Los Angeles, with telephone numbers that use the 555 exchange used for movies and TV. Is there no better way to get a handle on this?

It figures that on the day I have a Webcast to do about spyware, which will touch on the different "zones" in Internet Explorer, Microsoft goes and re-defines its zones for version 7.0 of Internet Explorer. The changes seem to be spurred on by the continuing problems that home Internet users seem to have with security. The Intranet zone on IE 6.0 was leaving home users open for attack, and Microsoft has decided they don't really need it anyway. So it's been done away with. Sort of. Intranet sites will be automatically detected in a corporate setting. There were also problems with the so-called "Trusted Sites" in IE 6.0.

With the Trusted Sites zone in IE6, we find that many users don't understand how powerful a site becomes when they make it a Trusted Site. For example, a Trusted Site in IE6 can automatically install signed ActiveX controls on the user's machine. As a safety precaution in IE7, we have set the default for the Trusted Sites zone to Medium, the same level as the Internet zone in IE6. Customers who depend on the IE6 level of the Trusted Sites zone will be able lower settings back to IE6 levels with the slider on the "Security" tab of "Internet Options" or through policy settings.

It's been clear to me that IE 6.0 gave too much control to home Internet users who didn't understand how the zones worked. This time, Microsoft wants to err on the side of caution. There will be a beta version of IE 7.0 that will run on XP available in the first quarter of 2006.

There's a decent article on Microsoft's site about buying a computer for your parents. Since it's that time of year, there's some good advice here for those buying PCs for the not-so-technically inclined. And it's not an outright ad for Microsoft either. The six steps when buying your parents a computer are:

1. Ask your parent what they would like to do with the computer
2. Buy the right system that fits your parent
3. Set up their desktop with software that you are familiar with
4. Set up the computer system in a good location
5. Set up your parents for security
6. Give them the right training tools to start with

Here's a word of caution:

Like it or not, by setting up your parent's new system you may have also volunteered to be their technical support staff. Do yourself a favor and set up the system in a familiar fashion to yours. For example, make sure your software is the same version. This way you won't have to guess how to work with a desktop screen you can't see over the phone. If you can, set them up with the same Internet Service Provider (ISP) that you have.

And of course, let's not forget: security, security, security. Thanks to Ed Bott, who's quoted in the story giving security advice, for the link.

If they took a poll of Americans and asked them to name the greediest, most heartless industry of all, many today might point to Big Oil, or perhaps the mendacious Bonsai tree cartel. But my vote goes to the recording industry, that long-time dispenser of payola, criminally one-sided artist contracts, predatory pricing practices, thuggish legal actions and, yes, the timeless tunes that keep our memories fresh and our hearts light! This post, though, is about the thuggish legal actions. Two months ago I wrote about the Recording Industry Association of America (RIAA) suing a single mom in Oregon based on dubious allegations that she had downloaded thousands of dollars worth of rap songs. That mom filed a counter-suit, one of the few to stand up to the RIAA, which has launched nearly 15,000 lawsuits in a hyper-aggressive legal war to eradicate free music downloads. With its kennel of legal attack dogs and its deep pockets, the recording industry has so intimidated plaintiffs that not one lawsuit has come to trial. But now a New York mother of five has decided to take the RIAA's case against her to the courtroom. The RIAA is suing Patricia Santangelo for $7,500, alleging she used Kazaa to download songs from the Internet. Santangelo says she never heard of Kazaa and that any copyrighted files downloaded onto her computer were done so by her daughter's friend. Fortunately for Santangelo, her lawyers are confident that the RIAA suit is frivolous. Unfortunately for her, she apparently no longer can afford to retain legal counsel and is now representing herself against the courtroom cutthroats of the RIAA. This might not be pretty. Hat tip to techdirt, which also has a related item, this one about the recording industry's fight against sites that post lyrics. Lyrics. What is wrong with these people?

However the competition eventually plays out, I have my money on Microsoft winning the AOL advertising deal over Google. And not because Tuesday's Wall Street Journal reported that Microsoft has the inside track. My prediction is based on the belief that Redmond will not -- indeed, cannot -- allow itself to lose such a high-profile showdown with Google. Even if the agreement no longer includes an equity stake in AOL, as has been reported, I say Microsoft needs this more than Google, if only to stall the search-engine giant's considerable mindshare momentum, which seems to feed on itself. Whatever it takes to top Google's proposal to Time Warner's online unit, I expect Microsoft will do it, short of trading that clever Gates fellow. We should know by Christmas.

I haven't been following the series that Forbes.com has been doing on Communicating, so I wasn't aware of its E-Mail Time Capsule project. It's interesting. The E-Mail Time Capsule is an experiment that allowed people to have e-mails sent to themselves in the future.

Nearly a third (32%) of the messages submitted are scheduled to be delivered just one year from now. But many of our readers hope to communicate over much longer time frames: 15% chose three years, 18% chose five years, 16% chose ten years, and 19% will wait two decades to get their message.

The really interesting part is that Forbes had to come up with a way to store the messages for an extended period of time. It had to choose partners to handle the storage and delivery. It had to choose a storage medium. It needed software that could work in 20 years. It need partners that would be around in 20 years, or enough partners to cover the bases if one partner wasn't. In short, Forbes had to deal with all of the things that IT managers need to think about when it comes to finding a home for and delivering critical data. Thanks to A.J. for the link.

As you probably know by now, Google's Eric Schmidt had a byline in Newsweek this week (well, co-byline) that discussed Google's 10 rules for making knowledge workers more productive. Scott Berkun read the rules and compared them to Microsoft's approach.

I know many people that work at both Google and Microsoft, and I'm sure this will be upsetting to all of them: the spirit of nearly all these rules are shared by both companies.

Of course, everyone is familiar with Google, and it's a media and Wall Street darling, so it rates a story in Newsweek about how the company works. People in the tech industry, of course, will notice a comment in the article that takes a subtle dig at Microsoft.

Much has been written about Google's slogan, but we really try to live by it, particularly in the ranks of management. As in every organization, people are passionate about their views. But nobody throws chairs at Google, unlike management practices used at some other well-known technology companies. We foster to create an atmosphere of tolerance and respect, not a company full of yes men.

Hmmmm. What could he be referring to there...? Berkun's other good point is that practically everything enumerated in the orginal piece is common sense.

An article over at Certification Magazine looks at the hot sectors for IT jobs in the coming months. There's not a whole lot new on the list, but I did think the inclusion of gaming was a nice touch. It doesn't seem to get the same attention in these articles as other forms of IT work. But consider the following:

The $31 billion computer and video gaming business is the fastest-growing entertainment medium in the world, with the potential to surpass both the movie and recorded music businesses. More than 200 million computer and video games are sold to the 140 million gamers in America every year. U.S. gamers spent $7.3 billion in 2004.

Security, RFID, and verticals make up the rest of the list. If you are looking for a job this season, there's advice from Challenger, Gray and Christmas (appropriately enough) over on EarthWebNews about being persistent over the holidays.

Around 20 percent of job seekers take a break during the holidays, Challenger said, figuring that they'll begin another full-court press on Jan. 2. Those who do will miss out on what the company estimates at 300,000 managerial and professional jobs that may be added in the closing months of the year.

And don't forget — there's networking to be done in those holiday parties and Christmas cards.

The 2005 Corporate Reputation Survey is out, and lo and behold at No. 6 sits Sony. In any other year I would neither notice or care, but 2005 will not be remembered as a great year for Sony. I understand that the whole rootkit fiasco developed late in the year, so next year could be the year Sony pays the price in reputation. Then again, maybe not. Who outside of the tech world even knows about the rootkit/DRM disaster? The story did get some mainstream media play eventually, but given the attention span of most people, how much does that matter? Sony is a big company involved in a lot of stuff. Thomas Hesse, president of Sony's Global Digital Business was quoted as saying "Most people, I think, don't even know what a rootkit is, so why should they care about it?" in an NPR interview. That doesn't make what Sony did, and the shoddy way it was handled afterwards, right. But it says a lot about why computer security is in the state it's in. [Insert joke about Microsoft being No. 7 here.] The entire list:

1. Johnson & Johnson
2. Coca-Cola
3. Google
4. UPS
5. 3M
6. Sony
7. Microsoft
8. General Mills
9. FedEx
10. Intel

The not-so-reputable companies read like a perp walk review: Enron, Halliburton, MCI, Adelphia Communications, and Martha Stewart Omnimedia. Thanks to Gary Stein for the link.

I have never been in a position to buy a server, so I don't think about them all that much. But the banners advertising today's server launch from Sun got my attention. Perhaps you've seen them: a green banner (I saw it on InternetNews) for the Sun Fire T1000 server that claims "The average datacenter burns 80 barrels of oil a day." Sun is marketing the T1000 as the world's first eco-friendly server, which is the point of the ad and I'll assume the choice of green for the color. So that got me thinking. We all know how bad the oil situation is and the gasoline prices stink. And we've been told that it's simple supply and demand, exacerbated by a growing Chinese appetite for oil, which is driving up the prices. I went to Google in search of data on how much energy PCs consume and found... well, it depends who you ask. My own personal observations, however, tell me that residential PCs are more likely to be left on since the mass adoption of broadband. In the end, an always-on PC seems roughly equivalent to having another refrigerator in your home. You can imagine what it does to the electric bill at the office. With that in mind, here are some handy tips from the University of Colorado on configuring your PCs to save energy. As for Sun, while saving some energy is a noble cause, this is business. The energy efficiency of the new servers didn't even rate a mention on the first page of CNET's story on the launch. Nor does HP seem too concerned. Its page disputing many of Sun's claims about its new servers doesn't mention energy efficiency at all.

Tony Byrne over at CMSWatch has a lot of useful information today to help with the technology selection process. Today, Tony issues a warning about canned RFIs and RFPs. But he also links to a pair of more in-depth pieces. He enumerates five technology selection pitfalls in one piece.

1. Creating a one-dimensional selection team
2. Becoming slaves to spreadsheets
3. Failing to test the proposed solutions
4. Focusing too much attention on the product — and not enough on the vendor
5. Negotiating a win-lose deal

In the other, Alan Pelz-Sharpe lists seven paths to a better RFI. The focus is, naturally, on Web or enterprise content management, but the suggestions are useful regardless of what kind of technology you're interested in buying.

Not to pat myself on the back, but I saw this one coming. Back in September I mentioned a Washington Post story on the possibility of building a model telecommunications infrastructure in New Orleans. The original Washington Post piece from Sept. 16 is still online if you're registered. What struck me was the lack of big ideas coming from BellSouth, the most important telecom player in the region. This weekend, the Washington Post reported on BellSouth's response to the plan for citywide wireless access in the Newer Orleans.

Hours after New Orleans officials announced Tuesday that they would deploy a city-owned, wireless Internet network in the wake of Hurricane Katrina, regional phone giant BellSouth Corp. withdrew an offer to donate one of its damaged buildings that would have housed new police headquarters, city officials said yesterday.

BellSouth denies the version of events in the story. Am I the only one who sees a lesson here about adapting your business with things change?

Some people are born to be presenters. Some people are born to be public speakers. Some people are not. It's that latter group that Arpan Shah is talking to (because he considers himself a member) with some presentation tips in his blog this weekend. I took notice because I have two Webcasts to do in the next two weeks. The challenge there isn't so much the public speaking (I've done that) it's the speaking to a crowd you can't see that will be different. My biggest concern at the moment, with the first Webcast coming up this Thursday, is that I have what appears to be the beginnings of a cold this morning.

If your life-long dream is to become a system administrator, or you've already achieved your goal, you'll want to check out a list of the Top 10 System Administrator Truths, written by Evan Erwin of Oak Ridge, Tenn.

I figure with enough time and effort, anyone could be a System Administrator. Really, it's not hard, it just takes practice, methodology, and trial and error. A lot of trial and error. These truths will certainly get you on your way.

One of Evan's truths (No. 10 to be exact) is that the good old reboot is the Holy Grail of Tech Support.

Rebooting can cure ailments of all sorts, can stop network troubles, crashing computers, find missing documents, and rescue cats in trees. System admins all over the world have, by en large, trained their users to reboot before even calling support. I mean, when's the last time you didn't reboot to see if it cured a problem? If you're not, then youre either stubborn or you're an admin who knows better. Rebooting doesn't cure all ailments, but it cures so many of them it's hard to not throw out a "Can you reboot for me?" to the end user when they call with some off-the-wall issue. Use and abuse as necessary.

I don't think anyone can argue with that, but Ed Bott wrote about a new feature in Windows Vista may make the trusty reboot a thing of the past.

Employment experts always advise companies to check references and verify resumes before hiring a job candidate. Yet too often these basic procedures are ignored in the rush to get someone on board and contributing. This is a dangerous practice, especially when you're hiring a network security professional. An unqualified or unscrupulous person can quickly undermine your enterprise's security and threaten your organization's well-being. A good article over at Enterprise IT Planet offers some timely reminders about things you should do (as opposed to "thinking of doing" or "thinking they're really good ideas") before taking on a new IT hire.

When asking for references, actually perform a check.

This goes double for anyone listing "Vandalay Industries" in their job history.

Perform the appropriate background checks, but don't expect absolute perfection.

While speeding tickets are OK, I would look askance at embezzlement convictions and armed robberies. But maybe that's just me.

Verify where they have worked and that the position they worked is as they described.

Admittedly, this can be tricky if the candidate doesn't want their current employer to know they're job-hunting. A good HR person can help with this.

Verify certification standings as well as ensure that degrees are valid.

These definitely are doable. Have the candidate present his certificates and confirm with the certifying body. And checking for academic degrees is easy; it's just that few organizations do it.

Or, Stop Treating IT as a Fiefdom and Make It Part of the Company. Ted Stephens of Intellilink Solutions stated the case in CIO Update this week that CEOs have to stop leaving IT to its own devices and get involved. I think a lot of CEOs shunned IT early on because they weren't tech people; they weren't raised or educated in a technology world. You rarely see an article about upper management and IT that fails to mention the infamous IT-business strategy disconnect. This one is no exception. Stephens points out that this is where the CEO is at his or her most useful because they know the business strategy.

This does not mean that IT should stop working to understand the business and revert to being a reactive department responding to directives from above. Rather, by better understanding the strategy of the organization, IT should be in a better position to proactively identify initiatives that solve business problems.

The other idea I liked was the CEO as the person who could kill a project that wasn't working. We all know tech people can become very attached to a project, and it takes an outside observer to "call it" as they say on television hospital dramas. It's going to be interesting to see how the next generation of CEOs, who we'll assume will be more technically inclined, will handle their relationship with IT. Get ready for articles on Getting the CEO to Back Off.

Here's a sampling of some the best tech humor online this week. From The Onion: I.T. Guy Has Long Dark Night of Self-Doubt From McSweeney's: The iPod Zepto: Inconceivably Small

Q: The engraving on the back of the iPod Zepto I ordered was supposed to say "We love you, Cody," but instead it says "We love Cod!" A: Due to the incredibly small size of the iPod Zepto, personalized engravings had to be condensed. We apologize for any inconvenience this may have caused.

I am a proud Firefox user. Well, maybe not proud -- it's not like I developed the code or created that cute little fox icon or anything. But Firefox is my browser of choice on two laptops and a desktop computer. Since I started using Firefox last year, I have been a vocal supporter of the open-source browser, especially after having spent $180 to have my desktop purged of a rat's nest of malware escorted onto my machine by Internet Explorer. I have lobbied numerous friends and family members to make the "painless switch" from IE to Firefox, emphasizing the security benefits and assuring them that the browser's "look and feel" would be instantly familiar. So far I've persuaded one person to download Firefox. Yet he still uses IE. Maybe this means I would have no future on K Street. But I suspect many other satisfied Firefox users out there can report similarly unsuccessful conversion efforts. And that's why I have my doubts about the Mozilla Foundation's marketing strategy for Firefox, announced in conjunction with the release Tuesday of Firefox 1.5:

According to Paul Kim, director of product marketing for Mozilla, the first elements of the promotional campaign will kick off over the next several weeks and rely heavily on existing users of Firefox to help convince other people to try out the browser. The first stage of the initiative will consist of a program known as the Firefox Flicks campaign, which will consist of 30-second video testimonials from existing users of the browser about why they prefer the technology.

While the Flicks campaign is creative, the fundamental challenge remains: Getting people to alter their online habits. That's hard to do, especially when a person isn't particularly motivated to change (i.e., they don't hate Microsoft as much as you do). Which is the main reason Firefox has struggled to reach 10 percent market share, despite strong word-of-mouth marketing.

Harvard historian Richard Tedlow says in Fortune magazine that former Intel CEO Andy Grove is the best example one can find if they want to know how to lead a company in the 21st century. As a writer I love the anecdote Tedlow starts his story with: Grove is teaching a class at Stanford's Graduate School of Business, and he gives his students a task. There's a CEO who can give one of three speeches at an upcoming at a major industry gathering, which speech should he give? Grove was the CEO and he was having trouble making up his mind about which speech to give. As a manager, the article tells us, Grove is self-educated. His Ph.D. is in chemical engineering and he was with Fairchild Semiconductor before Intel.

What can others learn from Grove's odyssey? As we face a future where change is not only constant but accelerating, reality will transform itself more swiftly than most humansor most companiesare hard-wired to handle. Even startups that overturn one reality are easily overturned by the next big change. Grove has escaped natural selection by doing the evolving himself. Forcibly adapting himself to a succession of new realities, he has left a trail of discarded assumptions in his wake. When reality has changed, he has found the will to let go and embrace the new.

Natural selection isn't all he's avoided. He dodged the Nazis, Communists, and cancer too. Fascinating story. And it's nine pages long, so bring lunch.

It's a search engine, it's a portal, it's a media company. It's all of the above. With much of the tech world focused on Google and Microsoft these days, I think Yahoo! is actually the most interesting of the big Internet players. (I compared Yahoo! to the Oakland A's back in September.) An article on the Knowledge@Wharton Web site examines what Yahoo! is, and what it may be. Some quick takeaways from the article:

• Yahoo! competes with just about everyone
• Yahoo! doesn't compete with anyone enough to really get in their crosshairs
• Yahoo! has so far avoided getting on the wrong side of Microsoft
• Companies that get on the wrong side of Microsoft historically feel it

I find Yahoo!'s media business most interesting. That's the background of CEO Terry Semel, the company has a growing presence in Santa Monica, and there's an impressive roster of content creators joining the Yahoo! team. I told a friend of mine a few weeks ago that, in our lifetime, there's a chance her favorite show may be on Yahoo!, where she could watch it whenever she wanted, easily catch up on past episodes, and it won't be available on TV. She didn't really buy it.

"The continued migration of Internet users from dial-up to broadband bodes extremely well for Yahoo's content oriented sites," said Clayton Moran, an analyst at the Stanford Group, in a November 16 report. "As opposed to Google, which is still essentially a search site and is known as such, Yahoo provides information and entertainment content, including interactive content. Yahoo is positioned to benefit from the proliferation of high speed Internet services like interactive gaming, streaming video, video and music downloads, and real-time media events."

Yahoo! seems to be investing in news, which is something consumers already look for online. NBC News says that making its Nightly News broadcast available on the Internet every night at 10 p.m. Eastern has been well-received. You can bet Yahoo! took notice. Thanks to John Blossom at Shore Communications for the link.