August 25th, 2009
In a classic case of ‘two steps forward, one step back’, it seems that just after Microsoft gave 22,000 lines of source code and somewhat ‘validated’ the open source community, a couple of researchers found a serious security hole that has been present in the Linux kernel for get this, wait for it… 8 YEARS.
This latest vulnerability bug involves the way kernel-level routines react when left unimplemented. Since these are unimplemented, it leads to the kernel executing code at NULL and leaves the Operating System open to local privilege escalation and completely compromises the system.
This is the second time in less than a month that a serious security vulnerability has been reported in the Linux kernel. The first, in mid-July, described a similar bug regarding NULL reference pointers that put newer versions at risk of complete compromise.
The scope of systems affected by this latest bug are all 2.4 and 2.6 versions since May 2001 running on the Intel platform.
I feel these two occurrences should prompt questions from users of Open Source software. For example:
1) What is the current testing process? It seems regression testing back in May 2001 was not completed at all or not thorough enough.
2) Going forward, how can we feel safer regarding kernel updates?
3) Since SELinux did not catch it, is there a problem with Security-Enhanced Linux?
4) Is there any way we can get a report on the number of systems that were affected? And at what level?
I think there are two upsides to these vulnerabilities, and that is that this should be a wakeup call for the testing process as well as pointing out the fact that even though it is open source and free, utilizing a professional and proactive vendor will help in mitigating your risk.
Talk to you later,
TASCer
Tags: bugs, compromise, open source, Red Hat, RHEL, SELinux, vulnerabilities
Posted in Uncategorized | No Comments »
July 23rd, 2009
Microsoft on Monday, the 20th of July, submitted 22,000 lines of source code under a GPLv2 license which will allow four (4) drivers to be added to the Linux kernel. These drivers will enable any Linux distribution to run on Windows Server 2008 and its Hyper-V technology.
While this may seem like a decisive victory for the Open Source community, one may ask themselves: “Why would Microsoft do such a thing?”
This is a very valid question because historically, Microsoft and the Open Source community have been at odds, to say the least.
My reasoning for Microsoft to make such a bold move is as follows:
- Ensures Microsoft is still an important piece of the virtualization and infrastructure equation
- Shows that they, as a company, are willing to adapt and help companies utilizing hybrid solutions, dare I say altruism?
- A strategic move to help cut into VMWare’s market share
- Assist in maintaining server revenue streams
I personally feel that this a good move and one that should have happened a while ago. I guess ‘better late than never’ is an appropriate adage.
It should be interesting to see how it all pans out and I hope the 22,000 lines of code were meticulously tested and re-tested.
‘Til next time…
Tags: GPLv2, microsoft, open source, virtualization
Posted in General Musings | No Comments »
June 24th, 2009
Is it me, or has the IT industry recently been afflicted with an extremely bad case Product Rename-itis?
Product Rename-itis. (Noun)
Def: An affliction that causes companies to constantly rename their products.
Don’t get me wrong, there are some valid reasons why a company should rename their products/services/offerings etc… For example, the release date of the product (Windows 95, 98), M&A activity, product consolidations/integrations, key functional changes, etc…
With that said, it seems to me that recently IT companies in particular are renaming products at an accelerated pace, with vastly different names, and for the wrong reasons.
Reasons NOT to rename your products:
- Pressure from Marketing, where I assume revenues have not been great the last 4-8 quarters. The economy, not the name, is more likely the reason for slower sales.
- Knee-jerk reactions to competitors actions/offerings. Keep an eye on your competition, but do not try to align and force-fit your company offerings and strategies with them.
- Attempting to keep up with ever-changing technologies. You can try. Good luck with that, let me know your CAGR for marketing costs.
- To position products as a panacea via the popular keywords of the day. “Now introducing the Clouded Virtual Green eWidget 3.0!”
I believe the law of diminishing returns can be used in the case of product renaming. After a certain point consumers will, in the end, become both confused and frustrated. There is information overload already in society, why put the onus on us to keep up to date on your ever-changing product names?
Case in point for me is VMWare. It would be very interesting to find out how many products and how many times in the last 2 years have they changed names. How and why did the proven version/number system become so obsolete?
‘Til next time…
Tags: branding, IT, marketing, product naming, vmware
Posted in General Musings | No Comments »
June 5th, 2009
I attended a Webcast yesterday that was jointly performed by global IT solutions organization and a global IT hardware and software vendor. During this hour plus long presentation I kept asking myself: “Is this another IT buzzword or can this platform really change the game?”
I can honestly say that at the end of the presentation I am a firm believer that it is currently a mere buzzword and not the panacea that many companies are pitching it as.
You may ask yourself why did I come to that conclusion, and I would answer that with the following:
- Gartner’s Hype Cycle clearly shows this platform is still in its infancy
- Too many unknowns on how it actually works, how it is billed, legal ramifications
The last point was made clearly obvious to me when I asked the presenters the question: “In your experience, has organization’s legal departments modified the way in which this platform and method of delivery affects their vendor contracts? And if not, do you have any insights on what key modifications need to be made to ensure business continuity and service?”
Their answer? There wasn’t one.
To me, this is the key reason why Cloud Computing is still a hype-enriched buzzword at this point. Granted, it does provide some great benefits to a company, but until there are some concrete vendor management processes and policies in place, I feel that it is a can of worms waiting to be cracked open.
Tags: cloud computing, IT
Posted in Uncategorized | No Comments »
May 7th, 2009
It seems the company behind the FBI’s cutting-edge data search engine wants to provide the same services to the private sector. Chiliad, with corporate headquarters in Herndon Virginia, has been providing a distributed data search engine for the FBI ’s counter terrorism datawarehouse for many years now. This distributed and parallel processing architecture was conceived primarily to get around the need for a central storage area/site and the need to gather data from disparate sources; much like the key data warehousing issue currently facing many organizations. Another benefit of this technology that organizations could reap is the ability to more easily and effectively ‘connect-the-dots’ with an ever-increasing amount of structured and un-structured corporate data .
With their architecture, no centralized storage is necessary. They have what are called Discovery/Alert nodes which are placed wherever information is managed and are part of a secure peer-to-peer network which allows a query to be processed in parallel, decreasing the amount of time needed to get a result.
It should be interesting to see how they will market to businesses. Off-hand I’m thinking they will pitch to corporations that are close to the same size as the FBI in terms of data, data sources, complexity, etc… This way they can pretty much turn-key their existing production solution. After getting some big players on board and replenishing their coffers, I think they will then look at scaling for a wider variety and size of clients.
I wonder why it took ~6 years for them to make the foray into the corporate world. I’m thinking it may have been an exclusive deal with the government, but maybe they wanted a solid, long term, and respectable government client first to increase credibility and ease their marketing efforts? Anyone have any insight here?
Tags: Chiliad, data store, data warehouse, distributed, FBI
Posted in General Musings | No Comments »
February 27th, 2009
I recently read an article which contains quotes from Tony Scott, CIO of Microsoft; which, to me, speaks volumes regarding the current state of the IT / business relationships.
In this article, Mr. Scott not only alludes to the fact that CIO’s are separate from other ‘C-level Colleagues’, but he also has the gall to posit that IT has historically been the focal point for ‘first-line’ cost and other operational savings, and that IT should be ‘used to it’ because they have been in this situation for 8+ years.
My position is that this view is the exact opposite of what the view should be. To me, IT should be viewed as a trusted partner for all business units and C-level leadership should be viewed as a whole, not by function alone.
ALL lines of business rely on IT, and this is NOT the time for IT to once again maintain the status quo of being the de facto department for quick and easy cost savings initiatives. This is, however, the time for IT to step out of the cost-center stigma and rise to the occasion.
With proper leadership and vision, this can be readily achieved.
With that said, I also feel that there is an immediate need for a ‘refresh’ of IT leadership and management talent and it is imperative that this happens sooner than later.
Today’s dynamic nature of business and technology ‘should’ force existing IT leaders to either acclimate or step away; both of which are not currently occurring; to the detriment of both IT and business.
Due to this fact, the onus falls on the other C-level individuals to force this issue…
Posted in Uncategorized | No Comments »
January 31st, 2009
Bill Gates’ recent retirement could possibly not have occurred at a more opportune time. With past anti-trust sanctions regarding product documentation fresh in their memory, the Technical Committee (TC) has vowed to be even more thorough in their examinations for the upcoming Windows 7 release.
With the release of Vista and it’s many shortcomings, Microsoft has made an obvious effort in trying to re-polish their brand with some clever (albeit non-effective) ad campaigns. It seems their second phase is to roll-out a new product ASAP to try to wipe the Vista stigma from our memories.
Even though Microsoft has made strides in their documentation efforts of late, the laser-like focus of the TC on Windows 7 could very easily delay shipping by many months, if not years, which would aide in the continued tarnishing of the brand.
Either way you look at it, Microsoft needs to ‘replace’ Vista posthaste and dealing with anything regarding the federal government and compliance can, and often is, a VERY sticky proposition.
This is one headache I personally would not want to be a part of and I’m sure it isn’t even on Bill’s mind as he sits on the beach, counting his $$.
Tags: bill gates, microsoft, regulations, technical committee, windows 7
Posted in Uncategorized | No Comments »
January 19th, 2009
This subject has been debated for as long as there has been electronics. Recently, due to the current economy and other external factors, this topic has been pushed to the forefront and with good reason.
We should not let this discussion slip away without action and we (IT) should take this opportunity to point the spotlight on ourselves and show the organization what true value IT brings to the table.
The path to IT value enlightenment is, as this article aptly states, riddled with barriers such as: Business-IT Misalignment, lack of IT empowerment, and perception of IT as a pure cost center.
These barriers may seem unavoidable to most, but I truly feel that they can be overcome with some planning and a paradigm shift.
Planning needs to be tailored around customer-relationship building endeavors. A simple newsletter and/or PC Tips articles can go a long way in building proper business relationships. Also, some simple training lessons on the applications LOB users use can and usually does assist in piercing the IT veil that is so prevalent in companies today.
The paradigm shift MUST be made from a ‘utility and support’ function to a ‘trusted business partner’ function. Instead of viewing yourself as a problem solver and provider of technology, think of yourself as an enabler in business strategies and line of business functions. This mind-set will plant the seeds for the department to start thinking in terms of the business holistically, which benefits all.
Granted, what I have mentioned may seem hard to accomplish to most, but I feel that a visionary and strong leader and manager can initiate and execute these actions to the betterment of IT and the business.
The time is NOW.
Tags: cost center, IT, paradigm, value
Posted in General Musings | No Comments »
January 12th, 2009
Wow, now there is a surprise! Say it ain’t so, what’s next? Is the sun is going to rise in the East?….
Each year, CIO Insight provides a Vendor Value survey and once again in 2008, the good ‘ol telecom vendors are sitting in the basement.
The survey asks U.S. based IT executives to rate vendors on three criteria: value, reliability, and loyalty, and the results once again show that telecom providers are lacking in these 3 critical areas.
This posits an interesting question: Why aren’t these vendors doing anything to increase their reviews, especially in a time where competition is heavy and the economic climate is dour?
I think the answer must be due to a latent and super-secret telecom cartel! Yes, instead of just fixing prices like the old days, these guys are also fixing sub-par reliability and value so as to offer no alternative for the consumer. Ah, what a brilliant move! These guys are smart.
I have got to hand to these guys, they do come up with some innovative and memorable advertisements, but since they are all colluding anyway, I say they 86 their marketing budgets and use it to invest in their infrastructures so at least they can all be somewhat reliable and add a smidgen of value…
Posted in General Musings | No Comments »
December 18th, 2008
I do not know about you guys, but I’m getting tired of hearing about this topic ad nauseam. The fact of the matter is that the per unit rate will be cheaper for most services by outsourcing said services overseas (ceteris paribus), but the soft (re: collateral) costs/damages for these off-shored services will quickly erase the per unit savings and then dig further into revenues.
So, for companies that are hurting badly, it may be quick ‘solution’ for them to outsource some services to keep their bottom line intact through these tough economic times. This is a knee-jerk and extremely myopic reaction and vision as the damages to quality, customer support, brand, and service etc… will continue long after our economy gets back on track.
Everyone knows it costs more to gain new customers than to keep them, and after a company saves some coin for a quarter or two by outsourcing to offshore providers, they will no doubt be seeking new customers as their existing ones are long gone.
This has been going on for years and is still CONSTANTLY being discussed. It’s very simple accounting; companies are willing save some short-term cash flow now to keep things going to meet guidance and have Wall Street happy with them at the expense of long term viability, profitability, quality, and customer satisfaction.
There, we can finally put this tired subject out to pasture…
Posted in General Musings | No Comments »