Friday, April 18, 2014

(0) comments

What does Chelsea Clinton's pregnancy mean for IAM?









Nothing.


Sunday, April 06, 2014

(2) comments

It's a dangerous world, learn about it

Tim Bray recently posted an article ("Ethical Privacy Choices") in which he asked, well no, demanded that:

 "the on­ly sane eth­i­cal po­si­tion [for web site operators] is to op­er­ate in a mode that is pri­vate by de­fault..."

He does offer this strawman codicil:
"​Yes, it is cer­tain­ly de­sir­able that for those who are in the
un­usu­al po­si­tion of be­ing con­fi­dent that they un­der­stand the
tech­ni­cal and pol­i­cy is­sues, they be giv­en the op­tion of
choos­ing to op­er­ate in plain-text anyone-can-MITM
anyone-can-eavesdrop mod­e.
"  
Catch the subtle sarcasm? I beg to differ.


A site operator should set the default to what the mojority of the site visitors would prefer. That's not as difficult as it sounds. When designing the site you target a specific demographic. Set defaults to what hat demographic has shown they like. If that's full privacy/security then so be it. If not, then do that.


What is imperative, though, is that the options to fine-tune that default are easily available and the explanation for the settings is succinct but easily understandable.


The world should not be designed to save the self-naive at the expense of those who have chosen to know its dangers.

Saturday, March 15, 2014

(0) comments

Onenameio - a new ID layer for the internet.

Onenameio /onename is it's name, described as "the decentralized identity system built on Bitcoin". Yeah, already sounds bad, doesn't it? But wait, there's more. The introduction states (in part):



"Nobody owns or controls OneName and users are in complete control of their data.



With Bitcoin, private keys provide us with complete control over our
funds - nobody can move it without our permission. In the same way,
OneName private keys provide us with complete control over our
identities - no individual or entity can usurp our usernames or modify
our public data or control the release of our private data without our
permission.
"


 Better tell that to the folks who stored their wealth on Mt Gox!



And this suffers another problem in common with Bitcoin - when it goes bad (and it will) who is responsible? Even without a bad event, who is vouching for my identity? Or any of the values associated with it? Why should I believe your self-assertion even if it is signed?



This one is going nowhere.







Tuesday, December 17, 2013

(0) comments

This Christmas, walk a mile in someone else's shoes



It’s the time of year when we get together with those we know, love or just work with, to share the joy of the holiday season. If your holiday get-togethers include sessions with other network managers, helpdesk professionals, IT or IS personnel I’m sure the chat will eventually turn to “stupid user stories” – tales of the wondrous things that users say and do showing how clueless they are about technology.

You know the sort of stories I mean, they have punch lines like “…so he stuck the floppy in the fax machine!” We all chuckle, take another sip of some fermented or distilled beverage and attempt to top that story with one showing an even more egregious misunderstanding of tech stuff.

But did you ever stop to think that it really isn’t the marketing peoples’ responsibility to know the difference between Oauth and SAML or that salespeople don’t actually have to be able to debug a Windows error message?

It’s not a big stretch to imagine the telecom folks – at their holiday bash – guffawing over how you managed to screw-up the phone system. I don’t even want to think about what the auto mechanics have to say about me!

Every system, technology, discipline or area of activity has users and maintainers. Sometimes we’re the users, sometimes we’re the maintainers but it’s a sure bet that the users (in general) won’t have the same knowledge and expertise as the maintainers I don’t consider helpdesk personnel to be “maintainers”, by the way). Every single one of us is a user of some system, technology or discipline which we don’t fully comprehend – and needn’t fully comprehend. I know when and how to put gas in my car. My mechanic gives me reminders about oil changes and other maintenance requirements. Anything beyond that, I call the mechanic and describe what won’t work. I try not to attempt to demonstrate knowledge beyond my ability by diagnosing the problem, but occasionally I’ll try. I’m sure those stories make the rounds at the next ASE meeting (ASE is the certification program for auto mechanics – just like our MCSE).

So this year, as you gather at the local watering hole for a glass of holiday cheer, if you’re tempted to tell the one about the user and the “cup holder” think twice – remember some of the less-than-knowledgeable comments or activities you’ve perpetrated this year and remember the words of the old Christmas carol: “Peace on Earth, Good Will towards Men”. Make the world a kinder, gentler place – starting with your own organization.


Friday, September 06, 2013

(0) comments

How long has NSA been asking for back doors?



I wrote this in my Novell NetWare Tips newsletter back in August, 2001,  joking (I think) about the NSA and CIA. But, perhaps, it was prophetic - or I'd stumbled onto the truth!
*************************************************
What has been truly amazing during the recent flap about Novell’s “Padlock” patch for GroupWise (see “GroupWise Users Fight Mystery Bug”, http://www.nwfusion.com/news/2001/0820gwbug.html) is the large number of network managers who appear to trust Novell implicitly.

Let’s say some other software company, perhaps one with headquarters in the far northwestern part of the US, had done the following:

1)     Send email – often multiple emails – to people requesting they immediately download and install a so-called patch file.
2)    When asked what the patch is for, reply “We’re not giving out details of the problem or the fix”.
3)    Told you to patch all systems within hours, if possible – even though no system had ever been compromised by the so-called “security issue”.
4)    Refused, categorically, to discuss – even in general terms – the area of the security issue (server access, file access, denial or service attacks, etc.).

The outcry from users would be intense! Just look at the endless wrangling now going on over the new Windows Product Activation (WPA) scheme – which could require new activation codes should you modify hardware. Or Microsoft’s plan to require Microsoft Passport (its proprietary “wallet” technology for storing identity information) as part of the “Hailstorm” initiative for the new .NET technologies (and aren’t those a lot of weasel words!). Millions would be convinced that the “patch” was just a way for Microsoft to gain control of your computers, perhaps monitor all of your email! Conspiracy theorists might have them in league with the CIA or the NSA to create dossiers on everyone with an email client. [emphasis added]

Yet Novell does this, and most managers say “OK, we’ll apply the patch.” Even knowing Novell’s bad track record with patch files (think of how many patches or support packs you’ve downloaded, then had to go back to get the “a” revision), network managers and email administrators broke all records for downloads from the Novell web site to acquire and install the Padlock patch.

That’s a large amount of trust in a software vendor. Its been built up over almost 20 years of providing some of the finest products and services available, and it’s a wonder to behold. But just one word of warning, Novell – it only takes one or two small violations of that trust to undo everything you’ve built up over the years.

Friday, August 02, 2013

(0) comments

Properties necessary for an IdP and an AP



In reviewing some early Directory Service newsletters, I came across a series of three defining necessary qualities of a DS. But they're also necessary qualities of an Identity Service (as offered by an Identity Provider - IdP) and an Attribute Service (as offered by an Attribute Provider - AP). I've updated them a bit (mostly for terminology) but the originals are here, here, and here. Enjoy!



In traipsing around the country giving my "Unlocking Directory Services" seminar the past few weeks [fall of 2000], I was struck by the number of times someone challenged (or, perhaps, just asked) about my assertion that a well-designed directory service needs to be capable of being distributed, replicated and partitioned. If my live audience questioned this, perhaps you too have some reservations, so for the next few issues [consolidated here] I'll put forward my reasoning.
 
First, though two more basic concepts. To be useful, the service must be pervasive and ubiquitous. Pervasive, meaning its available anywhere and every time we want to use it; ubiquitous, meaning its available everywhere and any time we want to use it. For an application or device (or even a user, for that matter) to be identity-enabled it has to be able to rely on the information being present when, and where, needed.

It follows, then, that the service needs to be distributable, replicatable and partitionable. First, we'll look at replication.

The identity service needs to be replicated first and foremost for fault tolerance. If there's only one copy of the data, on one server, then the data is only available as long as that hardware is available. That's neither ubiquitous nor pervasive.

Replicating the data also helps balance the load on any particular hardware platform, but the mechanism of replication needs to be carefully drawn so that bandwidth is properly used. After replicas are initially moved to a platform, only data changes should be sent to the copies. The finer grained, the better - sending only a changed attribute is better than sending the entire object/attribute combination but that, in turn, is better than sending entire containers, branches or trees.

The ability to be replicated could be handled by a catalog service which periodically published a static listing of the identity data to other platforms, while maintaining a single, changeable version of that information. While this is less fault tolerant than having multiple copies of the information itself, it does maintain multiple copies of the data which allows for reconstruction of the identity service in case of disaster, a form of fault tolerance.

But because a static catalog of the data is only synchronized with the service at the moment the catalog is created, and immediately begins to become progressively less accurate as time goes by until the next synchronization, it does not satisfy the pervasive and ubiquitous criteria.

A distributed identity service, however, can be considered accurate because all of its replicas are synchronized as often as is needed to insure that whichever copy is read contains up-to-date information.

A distributed identity service should also allow (but not require) that all replicas could be written to as well as read and would synchronize information written to any writable replica with all other replicas - in other words, there should be no requirement to choose one copy of the service as a "master" or sole authoritative source of data.

If we're going to maintain multiple replicas of the identity service, and if we're going to allow changes from multiple replicas which must then be synchronized to all other replicas then we're going to create quite a bit of network traffic. Add to that the sheer quantity of data which today's (but especially tomorrow's) identity-enabled applications and devices will be placing in the service’s datastore and you can see that all this replication and distribution could take up a huge amount of bandwidth.

One solution is partitioning - breaking up the identity service into manageable parts. Then, by a well-designed placement of replicas of the partitions you can insure that data is both physically and logically stored near to the point it will be used while still minimizing the amount of traffic on the network necessary for synchronizing the data.

Also, because the identity service is distributed as well as partitioned, you can view the entire information tree as if it were stored in one place - even if there is no physical copy of the entire tree. And, of course, you can see this (and so can the identity-enabled apps and devices) from anywhere in the network because now your identity service is pervasive and ubiquitous.



Friday, June 21, 2013

(0) comments

When the Dept. of Justice took on Microsoft



The recent death of judge Thomas Penfield Jackson  brought back memories of the late 90's, early 2000's and the spectacle of the DOJ versus Microsoft trial, the appeals, the sideshows and the aftermath. So I went back to what I'd written at the time in both the Wired Windows column as well as the Windows Networking newsletter. It's interesting historically, I think, so I've reproduced all of the columns and newsletters (16 of them) here for your erudition and amusement (as you laugh at my predictions!).

Not everything was about the trial in the almost 4 years covered,  but the other stuff is also interesting, and can help set the context of the times.  Enjoy!
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
1/26/98 Wired Windows:          
Thomas Jefferson said the best government is that which governs least. It's a principle I agree with. Certainly I have no wish to see the government proclaim standards for computer operating systems. A casual read-through of the proceedings of the government-sponsored International Standards Organization, especially as they relate to computers, shows that this is an area governments should stay out of - except as a last resort.

But Jefferson also said that one of the fundamental reasons to have a government is to protect us from those more powerful than ourselves. In the computer industry, Microsoft is more powerful than any other entity.

Few consumers want to buy computer systems in a piecemeal fashion. Gateway 2000's recent TV ads tout the fact that its computers include everything you need, as opposed to those companies who make you purchase the monitor separately. Yet even those unnamed companies include an operating system with their PCs, and that operating system is invariably Microsoft's Windows 95.

You'll also find Internet Explorer, Channels and the Active Desktop on that computer - whether you want them or not. And most of you don't want them. You spend an inordinate amount of time removing them from the computers you give to your users. But even if you buy from the largest computer manufacturers, such as Compaq or Dell, you cannot specify a Windows 95 OS without the clutter and claptrap that's turning your desktops into so many televisions complete with 24-hour-a-day advertising.

You can't get what you want, because Microsoft won't let you. Microsoft won't let Compaq or Dell or even Pete's PC and Storm Door Company install Windows 95 without Internet Explorer and its baggage. When you can't get what you want because the world's biggest computer makers are powerless to give it to you, then it's time for the last resort of government action.

At first my thoughts on the Department of Justice vs. Microsoft were guided by the principle of least government. But the sheer arrogance of Microsoft in the face of Judge Jackson's order to remove Internet Explorer from the license agreements it has with computer manufacturers gave me pause. When Microsoft baldly stated that the only way it could comply with the court order would be to give the manufacturers the choice between Windows 95 with Internet Explorer and Windows 95 that would not boot, it showed a contempt for the court and the law far beyond anything Al Capone had ever done.

I knew that Microsoft had no concern for my opinion as a consumer. I suspected the company had little concern for the needs and desires of hardware manufacturers and applications vendors. But to stand up and defy a federal court, to lie boldly to a federal judge, is to step over a line which should not be crossed.

Hold Microsoft in contempt, Judge Jackson. Fine the company a million dollars a day, as the Department of Justice requests. Even put the officers of the corporation in jail until they are ready to submit to the law of the land. Heed the words of our third president, who wrote: "I hope we shall... crush in its birth the aristocracy of our moneyed corporations, which dare already to challenge our government to a trial of strength and bid defiance to the laws of our country." (Thomas Jefferson to George Logan, 1816)

All contents copyright 1995-2002 Network World, Inc. http://www.nwfusion.com
=================================================
11/22/1999 Wired Windows
A lot has been written in the aftermath of Judge Jackson's release of his Findings of Fact in the Microsoft anti-trust case. Today, we'll look at what Microsoft has said. Remember, though, that it’s a tenet of propaganda that if you repeat something often enough people will accept it as fact, without questioning its truth or falsity.

Microsoft president Steve Ballmer said in an op-ed piece in the 11/9 edition of the Wall Street Journal, "…we cannot compromise on the government's demands that Microsoft essentially stop listening to the marketplace and cease innovating its products.''

Vice president of Microsoft's Developer Group Paul Maritz, in the San Jose Mercury 11/10, wrote: "Our company is built on very clear values: innovation, integrity, service to customers, partnership, quality, and giving to the community."

On the Microsoft web site, Bill Gates is quoted as saying: " we have a responsibility to protect the principle that has made America a leader in technology - the freedom to innovate on behalf of our consumers."

The only thing wrong with these quotes is that Microsoft has never innovated anything - with the possible exception of Microsoft Bob. To lay claim to innovation you have to be able to demonstrate that you thought up a new way of doing things and then implemented it.

From its very beginning, Microsoft has grown on the back of other, non-Microsoft developers and software companies. The road from DOS 1.0 through to Windows 2000 is paved over failed or diminished software vendors who did create innovative applications only to see them stolen, co-opted or bought out by the behemoth of Redmond.

There are a number of principles at issue in the anti-trust trial, but the ability of Microsoft to innovate is not one of them. Rather, the ability of other, non-Microsoft companies to innovate and profit from their innovation in the software industry is central to the case. Microsoft has, time and time again, trampled on the right to innovate of thousands of smaller software vendors. It is not simply disingenuous; it is propaganda of an order which even Joseph Goebbels would have blanched to consider, for Microsoft to claim the banner of innovation as its defense against the overwhelming facts in the anti-trust case.

Many are urging that Microsoft and the Department of justice reach a settlement, but the arrogance shown by Bill Gates and his henchmen not only during the trial, but in their reaction to the Findings of Fact lead me to hope that there is no settlement and that Microsoft is found guilty and receives the punishment they so richly deserve.

TIP OF THE WEEK:
While you might think of Bill Gates as "Mr. Monopoly", that moniker really belongs to the dapper, mustachioed gentleman who is the icon of the board game from Hasbro.  Over 200 million copies of the game have been sold since its invention in 1934. Visit http://www.monopoly.com/ to learn other fascinating facts (such as the length of the longest Monopoly game played in a bathtub) about the best selling board game in the world.
=====================================================
12/6/99 Wired Windows:
In my last column, I suggested that Microsoft deserved whatever punishment Judge Jackson might pronounce on them in winding up the Department of Justice's anti-trust case against Bill Gates and his cronies. Today, I want to go on record against one form of punishment, though.

In the African veldt, you can tell when a large animal is injured by the number of vultures and hyenas circling the still breathing body waiting for a chance to pounce. In a more civilized society, you can tell when a corporation is injured by the number of lawyers circling the still warm body ready to file class action suits.

The theory of a class action suit is commendable - a large group of people band together to join their claims against a corporate entity in hopes that their joint efforts will prevail where individual actions would be cost prohibitive. This holds for the proposed suits against Microsoft where the group of people seeking to be certified as a "class" are those who bought Windows 98 at retail. This is a small percentage, otherwise unorganized, of the group of Windows 98 users most of whom purchased the OS as part of a hardware/software package.

The problem, in my view, is that the only ones making money off of class action suits are the lawyers. The plaintiffs - the "class" - will, if they prevail (most likely through a settlement agreement), receive no money. Instead they will most likely get coupons entitling them to some discount off a future purchase.

I've been part of a class in a similar suit - that brought against the major airlines for price-fixing. I did get some coupons out of the deal, coupons good for a discount off future airline ticket purchases. But there were so many restrictions on the coupons' use (e.g., $25 off a $200 ticket when purchased at "full fare") that I never used them. I haven't paid "full fare" in many years, its too easy to get discounted tickets. As an example, that $200 full fare ticket ($175 after using the coupon) would only cost me $150 or less by using various discount structures already in place.

One thing you can be sure of, though - the lawyers don't get paid in coupons. They'll get a percentage of the inflated, so-called, "value" of the settlement, typically 10-15%. Now, according to the findings of fact issued in the Microsoft case, the possible loss to the users buying Windows 98 at retail was $20. For the sake of argument, let's say that 1 million people are certified in the class. That's $20,000,000 plus triple "punitive" damages of $60,000,000. Settle at 50 cents on the dollar and its 40 million dollars. $6 million for the plaintiffs lawyers, and a number of $5 and $10 dollar coupons for the people who were purportedly harmed.

That's not good for Microsoft, the economy, you or I.

TIP OF THE WEEK:
Christmas is coming, the goose is getting fat, time to think about your plan to upgrade your users' desktops to Windows 2000 Professional. While you should hold off on W2K servers until at least the middle of the year, W2K Pro is something you should rollout as soon as you can. http://www.microsoft.com/windows/professional/ has all the information you need, but subscribing to the Network World Fusion Focus on Windows NT newsletter (http://www.nwfusion.com/focus/) will help you digest it.
====================================================
12/20/99 Wired Windows:
A year ago (Network World 12/21/98) in this space I predicted that 1999 would be "the year of the directory", and I think I got it right. Years from now, we'll look back at 1999 as the year the directory took over the network space.

The only thing I got wrong was the release schedule for Microsoft's Active Directory (part of Windows 2000), which was still scheduled for late this year and now has been put off until February. That doesn't change the accuracy of the prediction, though, since waiting for a solid, robust Active Directory would take us well into 2001 and the anticipation of Active Directory was enough impetus to get all the directory players moving quickly throughout 1999.

I also didn't foresee the rise of XML as a directory enabling technology, but the recently released version 1.0 specification for DSML (Directory Services Markup Language) will be the biggest boon to cross-directory synchronization and integration since LDAP. In fact, it will be even bigger than LDAP since it's designed from the ground up to support directory synchronization. I'll have a lot more to say about DSML in the next year, both here and in the Network World Fusion "Focus on Directory Services" newsletter.

Among the highlights of the year, directory wise, were: the consolidation of the Directory Enabled Networks specs with the DMTF's Common Information Model; the release of Novell's new version of NDS - now called eDirectory - for multiple platforms; Microsoft's purchase of Zoomit for its cross-directory synchronization expertise; the beginning of a new application category - possibly the "killer app" for directories - called eProvisionware; and the emergence of third-party directory-management vendors (Fastlane, Mission Critical, Netvision and others) as the only real contenders for venture capital (and market capitalization) against the ubiquitous "e" businesses or "dot coms".

What about next year?

New versions of so-called network operating systems from Microsoft (Windows 2000) and Novell (NetWare 5.1) strike the death-knell of Local Area Networks as they reach out to encompass a world of connected users. Directory services takes its rightful place as the plumbing which holds together the inter-networked world. Everything - from your computer to your toaster - becomes directory-enabled. WAP (Wireless Application Protocol) will bring network and server management to your cell phone. Supply chain management finally becomes realistic with the use of XML, DSML and Microsoft's well thought out BizTalk initiative.

In other news, ICANN (Internet Corporation for Assigned Names and Numbers) will continue to be a source of controversy and will become largely ignored as people figure out ways to get things done quickly and efficiently. And Judge Jackson will determine that Microsoft should be broken into at least two parts - operating systems and applications. This will lead to Wall Street becoming disenchanted with high tech, bursting the dot com bubble.

Happy New Year!

TIP OF THE WEEK:
I'm holding off on choosing the 1999 networking MVP until next column, but I want to point out that last year's co-winner, Cisco's John Strassner, has just published a book on Directory Enabled Networks (MacMillan Technical Publishing, ISBN: 1-57870-140-6) which every network manager, every network programmer and every network hardware manufacturer should read. Get it now.
=================================================
1/8/2000 Focus on Windows Networking:
Over the next few issues, we'll look back at the year 2000 and highlight the important developments in Windows Networking, then peer into the crystal ball and attempt to foretell 2001's major news events.

One of the biggest stories of the year was also the first big story of the year - there were virtually no Y2K bug disasters to report on January 1, 2000. Interestingly enough, though, January 1, 2001 brought date-related problems to 7-11's credit card acceptance system as well as Norway's national railroad system.

February brought the launch of Windows 2000 which, in retrospect, is probably the most robust operating system to come out of Redmond since DOS 3.1. Nevertheless, the year did end with most people just beginning to implement (or plan to implement) the server OS while stepping up rollouts of the desktop version, Windows 2000 Professional.

The other big news for Microsoft was its spectacular lack of success in the various legal proceedings during the year. Besides Judge Jackson's ruling to split the company in two as a result of the Department of Justice's anti-trust suit there were settlements or loses in at least two other anti-competition suites - one brought by Caldera (settlement not announced) and the other by Bristol Technologies ($4.7 million). Additionally, Microsoft temporary employees successfully brought a class-action suit which gained them more equal standing with full-time employees. This also forced Microsoft to redefine the meaning of "temporary" as regards employment. As the new year dawned, Mr. Gates and friends were going back to court, this time for racial discrimination in employment practices.

All in all, it was not a great year for the software giant since even the technically superior Windows 2000 OS was selling much slower than it had been projected to sell.

But that wasn't all the news from the year 2000 - more in the next issue.
=================================================
1/31/2000 Wired Windows:
In a surprising move, Bill Gates, who has been Microsoft's only CEO, recently handed the title to Steve Ballmer, who has served as president since July 1998. Gates will remain chairman and become chief software architect. The new role, he said, will allow him to return to "what I love most - focusing on technologies for the future."

Does anyone really believe that installing Ballmer as CEO will actually change anything that happens in Redmond?

Ballmer has been president and chief operating officer for two years - essentially handling the day-to-day operations of the company and enforcing policy as laid down by the Chairman of the Board - Gates. Simply making Ballmer CEO doesn't change that.

All major decisions will still be made by the Chairman of the Board, and that's still Gates. Even the much ballyhooed reorganization that Ballmer announced after his coronation was - you can be sure - signed off on by Gates.

It wasn't the business responsibilities of CEO Gates that kept him from "focusing on technologies for the future," but his constant gallivanting from trade shows to government offices and every media circus in between. How many prime ministers will clear their schedules for Ballmer, and how many will insist that only the richest man in the world can get their attention?

And if Gates wasn't "focusing on technologies for the future," who was? Can it be true that Microsoft was limping along from day to day, with no strategic vision? Could that be how this whole antitrust thing happened - no one in Redmond was aware of (never mind planning for) Microsoft becoming a monopoly in the operating system arena?

Make no mistake about it, there's only one reason for all the changes happening at Microsoft. They're all intended to make splitting up the company as difficult as possible in the hope that the Department of Justice will settle for a fine and an agreement to "go forth and sin no more." By the time Gates and Ballmer are finished, and Judge Jackson is ready to rule, Microsoft's applications and operating systems will be hopelessly intertwined.

The Justice Department should be thinking of injunctive relief before that can happen.
========================================
4/10/2000 Network World Windows Networking Newsletter
I know you've been hard at work in the lab, running Windows 2000 through its paces, formulating a migration strategy to Active Directory and prepping a rollout schedule. But you must have heard that Judge Thomas Penfield Jackson handed down a hard ruling against Microsoft in the Department of Justice's antitrust case. So what should you do?

Go back to the lab. Keep your projects on schedule. This legal battle is far from over, and the eventual outcome is still impossible to tell. Anything from a slap on the wrist to the breakup of the company into smaller "baby Bills" is still possible.

What we can be reasonably sure of is that the eventual outcome will have little effect on Win 2000. Future versions of the server and business-desktop operating systems could be affected, but you need to be moving right now to get your enterprise up to speed. Compared to earlier Windows operating systems (NT 4 Workstation, Windows 9x), the business benefits of Win 2000 Professional on the desktop are so plentiful that you risk giving up a competitive advantage should you slack off in your upgrade planning now.

Win 2000 Server and Active Directory are such a major change from the way NT Server or NetWare servers operate that you need to spend as much time as possible understanding their every nuance.

All indications are that next year at this time Microsoft and the Justice Department will still be trying to determine the eventual outcome of the lawsuit, but you need to be delivering the latest services, applications and operating systems to your enterprises.

So, for now, ignore the legal news and get back into the testing lab. Forget the legal briefs, and read the deployment documents. Win 2000 isn't going away. You need to be ready.
========================================
5/10/2000 Network World Windows Networking Newsletter
The Department of Justice and 17 of the 19 state attorneys general involved in the Microsoft antitrust case have asked Judge Thomas Penfield Jackson to split Bill Gates' company into two separate entities as a remedy for its anticompetitive practices.

While the Justice Department describes this as a split into an operating system company and an applications company, the reality is that this division isn't nearly so cut and dried. Yes, there are clearly defined operating systems (Windows 98, Windows 2000, Windows CE, and the upcoming releases of Windows ME and the follow-on still only identified by the code name "Whistler"). And yes, there are clearly identified applications (Word, Excel, PowerPoint and so forth). But is it really that easy?

Take Exchange, the Microsoft groupware and e-mail product. There's Exchange server, various clients and, of course, the transport mechanism. Is Exchange server an application? What about Outlook Express, an Exchange client? It's part of Internet Explorer, which is now considered (even by the Justice Department) to be a part of the operating system. And what about the MAPI protocol? It's embedded in the operating system, but it's only used by applications (and maintained by the applications group). Which company gets it?

It's also estimated that the appeals process could take up to 3 years. What will the operating system and applications landscape look like 3 years from now? What's to keep Microsoft from declaring that Word is now part of the operating system (as they did with Internet Explorer)?

It sounds like a real mess is coming, and it's going to affect your life and your work. Stay on top of it as much as you can, and count on this newsletter to let you know about the steps you'll need to take to ensure your networks and enterprises continue to run smoothly.
=============================================
6/19/2000 Wired Windows:
One of the major arguments being promulgated by the pundits urging that Judge Jackson's penalties against Microsoft in the recent anti-trust trial be overturned is that they will lead to higher prices being paid for software. The argument goes something like this, according to Richard Schmalensee, Dean of the Sloan School of Business at MIT:

"Today, Microsoft has a strong incentive to price Windows low because Windows sales often lead to lucrative orders for Office and other Microsoft products. But after divestiture, the owner of Windows would no longer earn these ancillary revenues and would thus have very good reasons to charge more for its sole product." (L.A. Times, Thursday, June 8, 2000)

There are two fallacies here. The first is that the baby Bill OS company would have only one product. Since, today, Microsoft sells 5 operating systems (Windows 98, Windows 2000 Professional, Windows 2000 Server, Windows CE and embedded Windows NT) with more on the horizon there's nothing to indicate that even more operating systems would not be forthcoming. Also, Microsoft has previously shown that it can develop Windows for non-Intel platforms. Doing so again could allow for even greater computing choices for users and increased revenue for the company. On the other hand, with the possibility of competing operating systems gaining a foothold on the Intel platform as a counterweight, there's strong incentive to keep the Windows price as low as possible.

The second fallacy is the baby Bill applications company would be able to continue to charge such "lucrative" prices in the future. Almost alone among software applications, the Microsoft Office suite has increased in price dramatically over the past seven years. Besides an absolute increase in the suggested retail price, license changes removing, among other things, the ability to license by concurrent usage meant that more copies needed to be purchased to service the same number of users. Without the inside knowledge of the OS that both sides in the case admit the apps programmers at Microsoft have, the playing field for performance is leveled and apps such as Office will also need to compete on price.

So even if the price of Windows should double this is easily offset by the halving of the applications prices resulting in a lower total price for the OS plus apps combination. Seems like a good thing to me, but then I'm not dean of MIT's business school.

TIP OF THE WEEK:
The first geek cruise (http://www.geekcruises.com) happened over the Memorial Day weekend, and O'Reilly & Associates author, XML guru, and Perl aficionado Tim Bray has posted a review (http://www.oreillynet.com/pub/a/network/2000/06/06/geekcruise.html) of both the cruise and the educational content. It’s a good, fairly quick read and just might give you a vacation idea or two.
=========================================
6/24/2000 Network World Windows Networking newsletter:
It was the best of times, it was the worst of times, the spring of hope and the winter of despair. Well, no it wasn’t as bad as the French Revolution which Dickens was writing about in “a Tale of Two Cities” when he penned those immortal lines, but I do have two stories to tell today. This might take a while, so settle back with a nice refreshing beverage.

I’d hoped that Microsoft, in appearing before judge Kollar-Kotelly could soft-pedal the seeming arrogance they showed in the earlier trial before Judge Jackson. Right up until the final day, last Wednesday, they appeared to be doing fairly well. But then they implied, in their closing arguments that the judge wasn’t technically-savvy enough to inderstand the intricacies of an operating system. And, of course, they still refuse to concede that they were found guilty of anti-trust activities. That conviction isn’t going away. There are no courts left to appeal to. If only they could bite the bullet, admit that they are guilty, apologize and get on with life we might all be able to get back to simply managing our networks. But this action, seen in the light of the licensing and upgrade issues we talked about in the last issue, could actually end up costing us money – if we buy the Software Assurance and if the next version of Windows server is further delayed. Micrtosoft gets found guilty, but we pay the price. That could definitely lead to a winter of despair.

Still, there is a spring of hope. Some time ago I recommended Configuresoft’s Enterprise Configuration Manager (ECM) (see http://www.nwfusion.com/newsletters/nt/2002/01329546.html) but complained about the company’s website which required you install a Flash Plug-in before you could access anything.

One reader, though, took it as a challenge. He wrote:

“I am interested in the ECM product you recently featured, but was so ‘put off’ by the Configuresoft web site that I wrote a  letter to them expressing my displeasure they require FLASH to even read about the product.”

That’s not abnormal behavior, but the follow-up I received from the reader certainly was:

“within 2 hours of sending my ‘nastygram’ to ConfigureSoft I received a nice phone call from their sales rep for Minnesota and an email reply from the VP-Marketing explaining they are about to release a non-Flash website and that the Flash version was an expediency dictated by time and an outside consultant's terms.  It seems like they are good people and made a mistake in haste which they are admitting. “

It is so refreshing to find a software company that responds to a potential customer’s concerns so quickly and openly. A simple admission that they made a mistake in their haste to get the site up, but that it was being corrected as quickly as possible.

And it has been corrected. Go to http://www.configuresoft.com/ now and you’re presented a choice – you can pick either a straight HTML rendering or choose the Flash Presentation. You still need the plug-in if you want to register at the site or download anything, but you can make that decision after browsing. You can make an informed decision.

There’s still a lot of the website that’s only available to Flash Users, but it is a step in the right direction. Now if only we could get vendors to offer us a choice between HTML and PDF formats for documents we want to read on screen, that would be a triumph.

So there’s today’s homily, a tale of two companies – one responding quickly to a potential client’s desires while the other seemingly looks to squeeze every penny it can from its existing client base. And unfortunately, unlike Dickens, my writing isn’t fiction.
===============================================
9/11/2000 Wired Windows:
Today, September 8, 2000 may be the day that the Supreme Court decides whether it will take on the review of Judge Jackson's District Court decision to break up Microsoft. The court could also decide to have the review done by the Court of Appeals first, before the Supreme Court rules. But the Supreme Court will rule. Even if the Court of Appeals hears the case, whoever loses that review will appeal back to the Supreme Court.

It’s also remotely possible that the Supreme Court may instruct Judge Jackson to re-open the District Court session for some reason, but that's unlikely. So - instant prognostication - what will the Supreme Court do?

It’s interesting to read Microsoft's brief to the Supreme Court which outlines its reasons for asking that the Court of Appeals first be allowed to rule. Remember that it’s fairly widely believed that Microsoft's arrogance in Judge Jackson's court affected the outcome of the trial. Microsoft continued, in their Supreme Court brief, to impugn Judge Jackson's abilities but - more importantly, I think - seemed to also impugn the abilities of the Supreme Court Justices. Microsoft suggests that the Supreme Court should allow the Court of Appeals to winnow both the legal and technical aspects of the case in order not to tax the higher court's time or intellect.

You'd think that Microsoft might have learned in Judge Jackson's court that the Judiciary doesn't take kindly to the stated opinion that it might be incompetent - very few people would take kindly to that. Next time your boss takes you to task for some wrong you've supposedly done, try telling the boss that he/she isn't competent to judge your guilt or innocence and see how far that gets you (all the way to the unemployment line, I'd wager).

This case will eventually be decided in the Supreme Court. There's no way either side will throw in the towel before that. So why insult the court and the judges who will have the final say?

Actually, if I were handling this case for the Department of Justice, I'd be willing to go to the Court of Appeals and ask that they instruct Judge Jackson to re-open argument. Then, I'd start bringing in Microsoft's current statements and practices to bolster the case already made (and won) before going on to the Supreme Court in the spring. That would be fun.

Tip of the week:
Join me in early October for a free seminar called "Unlock the Value of the Directory in your Enterprise", sponsored by Business Layers. Sessions will be held in Dallas, Atlanta, Los Angeles, Chicago and New York. Details and registration at http://www.businesslayers.com/events/
========================================
10/23/2000 Wired Windows:
Is anyone else as confused as I am by the Microsoft-Corel deal announced a couple of weeks ago? The two software competitors are best known for their word processors, Microsoft Word and Corel's WordPerfect, but compete also in office suites and graphics applications. So it raised an eyebrow or two when Corel announced support for Microsoft's .NET initiative while Microsoft purchased $135 million in non-voting stock.

The stock Microsoft got was not convertible to regular voting stock by Microsoft, but can be sold to third parties who can convert it to common stock. At the time of the announcement, this would have amounted to about 25% of the outstanding shares in Corel.

Corel has also been making a lot of noise in the Linux/Open Source community (without actually delivering very much) about a new version of Linux or an open source version of WordPerfect. Its also significant that former interim CEO Derek Burney was named president and CEO - replacing long-time chief Michael Cowpland who departed in August - just days before the announcement with Microsoft.

Some have been comparing the investment to the deal Microsoft made with Apple last year and see both as attempts to shore up some vestige of competition in the operating system (Apple) and business application (Corel) markets as evidence of the non-monopoly status Microsoft wants a court of appeals to see while reviewing the Dept. of Justice win over Redmond in the recent case before Judge Jackson.

Others feel that the money was the price Microsoft was willing to pay to remove Cowpland - one of Bill Gates' biggest critics - from a position which he was using to more and more frequently call into question the business tactics used by Redmond. Of course, Cowpland was hardly in the same league as Oracle's Larry Ellison or Sun's Bill Joy in the publicity they can generate castigating Gates - but he was cheaper to silence.

In the wake of the deal, I expect Corel will stop flirting with Linux and open source but will maintain the traditional WordPerfect markets, such as the legal community. That should keep everybody (well, except for Justice's trust busters) happy in the short term without leading to any major problems in the long run.

Wondering who's next on Bill Gates' shopping list? Look for traditional Microsoft competitors who've fallen on hard times and have their stockholders in an uproar. "Provo? Redmond's calling."

TIP OF THE WEEK:
Whistler, the codename for Microsoft's next operating system, a follow-on to both Windows 2000 and Windows 9x (including Windows ME) should be out by this time next year. No big changes from Windows 2000, so don't delay your rollout plans waiting to see what the differences are.
=============================================
12/4/2000 Wired Windows:
All along we've thought of Microsoft as one of the world's greatest marketing companies, is it possible we were wrong? Or is it just their legal team which doesn't understand how to market a product?

We've commented in the past about how Microsoft appeared to go out of their way to irritate Judge Thomas Penfield Jackson  (http://www.nwfusion.com/archive/1999b/0118kearns.html and http://www.nwfusion.com/columnists/2000/0911kearns.html are just two examples). Now, in their brief to the Court of Appeals, Bill Gates' lawyers have once again egregiously insulted Judge Jackson by, in essence, calling him incompetent and unethical.

There are four possible outcomes to the appeal: a.) Microsoft will win all points (and the government will appeal to the Supreme Court); b.) the appeal will be thrown out (and Microsoft will appeal to the Supreme Court); c.) the Appeals Court will remand the case to judge Jackson's District Court; d.) the Appeals Court will remand to another District Court. In 2 out of 4 ( b and d) possibilities, Microsoft will have to convince a judge or panel of justices that both the appeals court and the district court were wrong. In another instance (c) they'll have to go back before the judge they've insulted. In only one case (a) will they be able to defend a court's action. Good marketing practice says you try to make the judge look good at the same time you attack the outcome - similar to telling a child, "oh look, the milk spilled. Let's clean it up." Rather than, "idiot, you spilled the milk!"

Add to this the shotgun approach Microsoft took in the points raised in the appeal, which most lawyers found odd since one normally tries to narrow the issues to be looked at, limiting it to those you feel make the strongest case for you. Microsoft's brief (look at it yourself, at http://www.microsoft.com/presspass/trial/appeals/11-27brief.asp) brings up the judge's actions, the manner the trial was conducted, the witnesses testimony only stopping short, seemingly, of blaming global warming for the outcome. Again, bad marketing where you try to focus comments on your strengths while avoiding your weaknesses.

It appears that one of the reasons Bill Gates stepped down as CEO was to spend more time with the legal issues. If that's the case, the board of directors should take every step necessary to see that someone with marketing savvy is quickly put in charge of legal strategy.

Tip of the Week:
While election.com wasn't in charge of the Florida balloting, maybe they should have been. Find out more about on-line voting, the experience of ICANN, the Democratic National Committee and the state of Arizona at http://www.election.com/ and find out about election.com's use of Windows 2000 at http://www.microsoft.com/windows2000/guide/datacenter/news/electionscom.asp
================================================
12/18/2000 Wired Windows:
The happiest of holiday wishes to you all! Due to the vagaries of the publishing schedule, it will be a few weeks into the new millennium before I can talk to you again (except, of course, if you subscribe to my Fusion Focus newsletters - http://www.nwfusion.com/focus/).

In keeping with tradition, let's look back to what I said in the final column for 1999:

"Judge Jackson will determine that Microsoft should be broken into at least two parts - operating systems and applications. This will lead to Wall Street becoming disenchanted with high tech, bursting the .com bubble."
(http://www.nwfusion.com/archive/1999b/1220kearns.html)

I'd say I got that pretty much on target.

I was a bit premature in my enthusiasm for DSML (Directory Services Markup Language) which - after a fast beginning - appears to have bogged down as we await a possible version 2.0. Certainly DSML isn't "bigger than LDAP" just yet!

I mentioned Fastlane, Mission Critical, and Netvision as three "hot" companies in directory management and - sure enough - two were snapped up by bigger management companies during the year.

I did comment on the release of Netware 5.1 and Windows 2000 being "the death knell of LANs". While the LAN is still with us, its very nature has undergone fundamental change. Each of those formerly independent networks is now (or soon will be) part of the global interconnected network.

All in all, I think I did pretty well as a prognosticator. (Of course, if I hadn't, I'd probably not even be mentioning it here.) But what about the year to come?

First, by this time next year the courts will not yet have finally decided Microsoft's fate (although it’s possible that a settlement could end the litigation). This shows promise of being an annual prediction for the next few years.

Novell's sales will continue to stagnate or fall, and by this time next year Eric Schmidt will be back at Sun Microsystems - in charge of the NetWare division.

We won't talk about Directory Services as some sort of add-on any more. Rather, new applications will expect that you have a directory in place (either LDAP- or XML-enabled) and use it to store personalization information as a matter of course. "Personal directories" for stand-alone machines will emerge which can be integrated with an enterprise or ISP directory when the person joins an organization.

See you next millennium!

TIP OF THE WEEK:
If this is the " slow season" for your organization, and you're continuing the time-honored practice of using this time to do maintenance and upgrades, don't forget the equally time-honored practice of playing practical jokes on your users. See The Free Site (http://www.thefreesite.com/Fun_Freebies/) for lots of possibilities.
====================================
11/5/2001 Wired Windows:
I watched Bill Gates at the Windows XP launch and started having flashbacks to the Windows 95 launch as well as the taped testimony before Judge Jackson in the anti-trust trial. I sometimes wonder if Bill Gates has some genetic pre-disposition which causes him to believe that history doesn’t exist – or, perhaps, it’s whatever he says it is.  We saw during the anti-trust trial that Mr. Gates, his executives and his lawyers appeared to believe that the judge (and the prosecutor, mirabile dictu!) had no access to previous documents which contradicted their statements – although they should have wondered why the Justice Department read all of their email.

In August 1995, Bill Gates told us that the era of DOS was over. That while Windows 3.1 sat on top of DOS, Windows 95 banished MS-DOS to the scrap heap of history. No matter how many analysts and commentators said otherwise, we were assured that DOS was gone.

Then came Windows 98, which – we were assured – further buried DOS. Not that it needed to be buried, you understand, but still – just in case you were worried, it was really gone now.

Once again when Windows ME was launched, as expected, we were told that finally DOS was gone. Redmond admitted that it had played a small part in Win 9x (like, the OS couldn’t exist without it), but ME had finally done away with DOS – you couldn’t boot it to DOS, there wasn’t even an “MSDOS Mode” listed! Wasn’t that proof enough?

Now Microsoft has launched Windows XP. Evidently Gates is re-cycling his launch speeches, because he does say “…so today it really is actually the end of the MS-DOS era…” and, oddly enough, he really expects us to believe him. That is, believe him now and ignore what he’d said before (after all, it worked in court – didn’t it?)

In a few years we’ll be seeing the next version of Microsoft’s operating system, the one that’s currently called “Blackcomb”. I’ll wager my dollars against your doughnuts that sometime during the launch event we’ll hear Bill Gates tell us that – once and for all – DOS is dead.

DOS – the Freddie Krueger of operating systems/environments – may be dead, but all these little utilities I’ve gathered over the years still want to run in that command line space so we’ll keep breathing new life into the old OS, and Bill Gates will keep trying to bury it.

TIP OF THE WEEK:
Everyone preaches SCSI disk drives are necessary for network servers – but IDE drives are cheap, so the bean-counters want you to use them. What can you do? Check http://www.acard.com/eng/ and check out their add-on daughterboard which adds a SCSI interface to standard IDE drives. You could save a bunch of money!

© 2003-2006 The Virtual Quill, All Rights Reserved

Home

[Powered by Blogger]

-->