With Intel's Otellini phasing out, new CEO may bring fresh mobile focus

Intel CEO Paul Otellini is getting ready to leave the company, and analysts say this could be a good change for the world's largest chip maker.

Intel announced on Monday that Otellini, 62, will retire in May after nearly four decades with the company. The company's board of directors will conduct a search for his replacement.

Intel CEO Paul Otellini gives a keynote address during the Consumer Electronics Show in Las Vegas in January 2012. (Photo: Steve Marcus / Reuters)

Whoever takes over as Intel's next CEO will face a daunting job. The company has been struggling to find its way into the burgeoning mobile market and faces tough competition from Arm Holdings, whose processors and technologies are widely used in mobile devices. The company has also been challenged by the depressed PC market.

While most industry analysts say Otellini is leaving the company of his own volition, Ken Dulaney, an analyst with Gartner, Inc., said other issues could have influenced his decision.

"Anytime this type of thing happens, it's a bit of a surprise, but he's been there a long time," Dulaney said. "And there are other factors that may be a 'slight' influence, such as the decline in PC shipments and the fact that Intel has missed the growth in mobility in categories such as smartphones."

However, Dulaney noted, Intel is a very strong company with top-of-class manufacturing and a particularly strong server business. With that strong base, new leadership could be a welcome change, he said.

Dan Olds, an analyst with The Gabriel Consulting Group, said he's waiting to see who's on Intel's short list for the CEO position before commenting on Otellini's departure.

"I don't think it's necessarily bad, or good, news," he said. "It definitely means change, and some uncertainty, which is disruptive, but, Intel is fighting on a number of fronts and could probably use the shot in the arm that a new leader can bring."

With about six months to prepare for the big leadership transition, Intel is in a good position, according to Charles King, an analyst with Pund-IT, Inc.

"Today's announcement begins an orderly preparation for his departure, with the Intel board having plenty of time to search, vet and choose a replacement," he added. "This is diametrically opposite from instances where CEOs are shown the door without warning or even a prospective replacement standing by."

It also means the company's board should have time to find a new leader who has a firm grasp of mobile technologies and the expanding mobile market.

However, a new leader, whether well-versed in mobile or not, may not change the company, or its future direction, all that much, said Patrick Moorhead, an analyst with Moor Insights & Strategy.

Intel is such a strong company with a new mobile strategy that the departure of one CEO and the entrance of another shouldn't alter its course much, Moorhead said.

Sharon Gaudin covers the Internet and Web 2.0, emerging technologies, and desktop and laptop chips for Computerworld. Follow Sharon on Twitter at @sgaudin, on Google+ or subscribe to Sharon's RSS feed. Her email address is sgaudin@computerworld.com.

See more by Sharon Gaudin on Computerworld.com.

Read more about it leadership in Computerworld's IT Leadership Topic Center.

Read more »

Meraki buy more than cloud Wi-Fi to Cisco

Even though Meraki made a name for itself in cloud-based WLANs, Cisco's long-term goals for its new acquisition go beyond just Wi-Fi.

Cisco acquired Meraki on Sunday for $1.2 billion. Meraki is a privately held company that specializes in cloud-based management of wireless LAN, security appliances, and mobile devices for midmarket companies.

HOT MARKET: Top Tech M&A deals in 2012

But analysts see Meraki's infrastructure playing a much broader role at Cisco over time. Indeed, Meraki becomes Cisco's new Cloud Networking Group.

"Meraki is to become the new 'Cloud Networking Group,' which would imply more than just Wi-Fi," says Mike Spanbauer of Current Analysis.

Mark Fabbi of Gartner agrees.

"It's pretty clear Cisco bought Meraki because of their ability to manage cloud infrastructure and Meraki has proven that the model works and is robust," Fabbi says. "I would expect that it will become the platform for Cisco to offer different delivery and management models to a much broader product and customer set."

Cisco Senior Vice President Rob Soderbery said Meraki will appeal to midsize companies that have the same IT needs as larger organizations, but without the resources to integrate complex IT systems. Meraki's infrastructure is already used by thousands of customers to manage hundreds of thousands of devices, he said.

Zeus Kerravala sees Meraki playing a key role in Cisco's Cisco ONE programmable networking strategy and its onePK API set.

"It's more cloud management than Wi-Fi," says Zeus Kerravala of ZK Research. "It's software control pushed into the cloud. It's a front-end to onePK on the back-end. Cloud networking is actually the long term value."

Jon Oltsik of Enterprise Strategy Group sees Meraki as a delivery model for some Cisco technologies that currently require on premise hardware.

"I see Meraki as the managed networking part of the cloud strategy," he says. "Think of Cisco technologies like TrustSec, ISE, QoS, WLAN, etc. Cisco makes these things work with its own hardware and software to offer solutions with central policies, reporting, etc. The problem is that not everyone wants to buy or operate this stuff. I can manage network policy in the cloud or on-premise and it's likely that Cisco will integrate the two for a common solution."

Fabbi says that even though Meraki will be anchoring the new Cloud Networking Group, it won't be Cisco's only cloud offering. They already have cloud-based WebEx conferencing, unified communications and IronPort security services.

But Meraki could very well become Cisco's biggest cloud offering, he says.

"They wouldn't have spent over $1 billion for some WLAN bits and pieces," Fabbi says.

Jim Duffy has been covering technology for over 25 years, 21 at Network World. He also writes The Cisco Connection blog and can be reached on Twitter @Jim_Duffy.

Read more about data center in Network World's Data Center section.

Read more »

Hottest Android news & rumors (in brief!) for the week of Thanksgiving

(Author's note: Since I'll be way too full of turkey and stuffing and all the rest of it to fill you in on the latestAndroid news on Thursday, here's a brief update on what's happening early in the week. Enjoy!)

Big screen? No big deal for Samsung, apparently -- last week's murmurs that the South Korean giant was maybe sort of going to think about a full HD screen on what may or may not be the Galaxy S 4 crescendoed into a remarkably unified chorus over the weekend, thanks to a Friday article from the Asia Economy Daily.

'TIS THE SEASON (ALREADY): Network World's holiday gift guide

The idea that Samsung is getting ready to release a 1080p Galaxy S 4 at CES in January makes a lot of sense -- I doubt they're happy about HTC having the only high-profile full HD Android phone on the U.S. market right now (in the form of the Droid DNA), so they'll be eager to get it out the door as quickly as possible. The interesting part will be to see how HTC responds.

*

Android Police has officially dubbed the problems many users have reported with Android 4.2 a "-gate," which is how you know it's serious business. Still, given the severity of some of the bugs -- including serious system instability, broken Bluetooth and battery life issues -- it's tough to argue that Google doesn't have some explaining to do.

What's more, the article doesn't even mention the weirdest glitch of them all -- the month of December, apparently, has gone completely missing, as far as the People app is concerned. Bad news for fans of the holiday season and temporal continuity alike, it seems. (The Post story notes that it'll still keep appointments for you and everything, though.)

*

Still, don't you fret, because Android 5.0 Key Lime Pie might be on the way! Well, OK, it's probably not, but Android Authority seems to have gotten hold of a benchmark showing what could be a Sony Xperia T with a new version of Android on it. AA itself, however, urges the consumption of a large grain of salt with this rumor, and I wholeheartedly concur -- it would be very strange indeed to have another new Android version in the offing at this point. Maybe in a few months.

Email Jon Gold at jgold@nww.com and follow him on Twitter at @NWWJonGold. Oh, and happy Thanksgiving.

Read more about software in Network World's Software section.

Read more »

SC2012: Top500 expects exascale computing by 2020

If the increase in supercomputer speeds continue at their current pace, we will see the first exascale machine by 2020, estimated the maintainers of the Top500 compilation of the world's fastest systems.

System architects of such large computers, however, will face a number of critical issues, a keeper of the list warns.

"The challenges will be substantial for delivering the machine," said Jack Dongarra, a University of Tennessee, Knoxville, researcher who is one of the principals behind the Top500. Dongarra spoke at the SC2012 conference, being held this week in Salt Lake City, during a presentation about the latest edition of the list, released Monday.

We still have a way to go before exascale performance is possible. An exascale machine would be capable of one quintillion FLOPS (floating point operations per second), or 10 to the 18th FLOPS. Even today's fastest supercomputers offer less than 20 percent of the capability of an exascale machine.

In the most recent edition of the Top500 list of supercomputers, released Monday, the fastest computer on the list was the Oak Ridge National Laboratory Titan system, a machine capable of executing 17.59 petaflops. A petaflop is a quadrillion floating point calculations per second, or 10 to the 15th FLOPS.

But each new Top500 -- the list that is compiled twice a year -- shows how quickly the speeds of supercomputers grow. Judging from the list, supercomputers seem to gain tenfold in power every 10 years or so. In 1996, the first teraflop computer appeared on the Top500, and in 2008, the first petaflop computer appeared on the list. Extrapolating from this rate of progress, Dongarra estimates that exascale computing should arrive around 2020.

The High Performance Computing (HPC) community has taken on exascale computing as a major milestone. Intel has created a line of massively multicore processors, called Phi, that the company hopes could serve as the basis of exascale computers that could be running by 2018.

In his talk, Dongarra sketched out the characteristics of an exascale machine. Such a machine will likely have somewhere between 100,000 and 1,000,000 nodes and will be able to execute up to a billion threads at any given time. Individual node performance should be between 1.5 and 15 teraflops and interconnects will need to have throughputs of 200 to 400 gigabytes per second.

Supercomputer makers will have to construct their machines so that their cost and power consumption do not increase in a linear fashion along with performance, lest they grow too expensive to purchase and run, Dongarra said. An exascale machine should cost about $200 million, and use only about 20 megawatts, or about 50 gigaflops per watt.

Dongarra expects that half the cost of building such a computer would be earmarked for buying memory for the system. Judging from the roadmaps of memory manufacturers, Dongarra estimated that $100 million would purchase between 32 petabytes to 64 petabytes of memory by 2020.

In addition to challenges in hardware, designers of exascale supercomputers must also grapple with software issues. One issue will be synchronization, Dongarra said. Today's machines pass tasks among many different nodes, though this approach needs to be streamlined as the number of nodes increases.

"Today, our model for parallel processing is a fork/join model, but you can't do that at [the exascale] level of a parallelism. We have to change our model. We have to be more synchronous," Dongarra said. Along the same lines, algorithms need to be developed that reduce the amount of overall communication among nodes.

Other factors must be considered as well. The software must come with built-in routines for optimization. "We can't rely on the user setting the right knobs and dials to get the software to run anywhere near peak performance," Dongarra said. Fault resilience will be another important feature, as will reproducibility of results, or the guarantee that a complex calculation will produce the exact same answer when run more than once.

Reproducibility may seem like an obvious trait for a computer. But in fact, it can be a challenge for huge calculations on multinode supercomputers.

"From the standpoint of numerical methods, it is hard to guarantee bit-wise reproducibility," Dongarra said. "The primary problem is in doing a reduction -- a summing up of numbers in parallel. If I can't guarantee the order in which those numbers come together, I'll have different round-off errors. That small difference can be magnified in a way that can cause answers to diverge catastrophically," he said.

"We have to come up with a scenario in which we can guarantee the order in which those operations are done, so we can guarantee we have the same results," Dongarra said.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com

Read more »

Logitech introduces Mac-based video surveillance

Logitech on Wednesday introduced new software that turns Mac computers into video surveillance command centers.

Once installed, the Logitech Alert system can be viewed on a variety of devices.

Logitech Alert Commander for Mac allows users to tie six Logitech Alert security cameras into a single HD dashboard, viewed live or in playback, giving them full surveillance over households and small offices. (Users can also set up motion alerts that send text or images to your phone or email.) And once set up, the feed can be viewed privately but remotely at Alert.Logitech.com or via the company's iPad app.

It works with systems including the $350 Logitech Alert 750e Outdoor Master System and the Logitech Alert 700i Indoor Add-On Camera, for either external or internal views of the premises.

Until Wednesday, Logitech's security products had been compatible only with PCs running Windows software.

Logitech Alert Commander for Mac is free; it is compatible for users running Mac OS 10.6.8 and later.

Read more »

Skype disables password reset after security flaw exposed

Microsoft has disabled the option for users to reset their Skype passwords after security experts uncovered a serious flaw in the software that allowed anyone who knows your email address to hack your Skype account.

The vulnerability allowed people to sign up to Skype with email addresses already in use by others and then force password resets for accounts associated with that address in order to gain access to your account. Basically, anyone who knew your email address could sign up for a new Skype account with it and then reset the password for your current account, thus hacking in.

The exploit first appeared on several Russian forums, and has been actively exploited since, Costin Raiu, a senior security researcher at Kaspersky Lab, said in a blog post. To protect against this vulnerability, Raiu advises that users change the email address associated with their Skype account to a new, never-before-used address.

Rik Ferguson, director of security research & communication at Trend Micro, explainedhow easy it was to hack into someone's Skype account: "In essence the procedure is so simple it could be carried out by even the most inexperienced of computer users. [...]This would lock the victim out of their Skype account and allow the hacker to receive and respond to all messages destined for that victim until further notice. I tested the vulnerability and the entire process took only a matter of minutes."

Skype also said in a statement that it is aware of the new security vulnerability issue. "As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority," the statement said.

Read more »

Nine security controls to look for in cloud contracts

To help ease the concerns of cloud security, which Gartner says is still a chief inhibitor to enterprise public cloud adoption, buyers are looking to contracts and service-level agreements to mitigate their risks.

But Gartner cloud security analyst Jay Heiser says SLAs are still "weak" and "unsatisfying" in terms of addressing security, business continuity and assessment of security controls.

RELATED: Gartner's state of cloud security: Outages are bigger risk

"A lot of these things are getting a lot of attention, but we're seeing little consistency in the contracts," he says, especially in the infrastructure-as-a-service (IaaS) market. Software-as-a-service (SaaS) controls are "primitive, but improving."

Below are some of the common and recommended security provisions in cloud contracts and how common and effective they are.

Customer audits on demand

These clauses allow customers to audit vendors.

Effectiveness: Partial, depending on how much the vendor allows the customer to inspect

How common? Sometimes

Data deletion certificate

Proof that data is deleted when service expires.

Effectiveness: High, legally defensible

How common? Never

Disaster Recovery

Many vendors claim cloud services, by their nature, equate to disaster recovery, but that cannot always be the case. If, for example, data is only stored in a single location of a cloud provider without an offline backup, that creates a single point of failure.

Effectiveness: High, but difficult to verify. While vendors may claim they have robust systems, they are often reticent to provide evidence, citing security concerns.

How common? Not typically in contract clauses.

Downtime credits

These provide the user credits or some sort of reimbursement in case of downtime.

Effectiveness: Partial. While a credit may be helpful, it is a post-factor remedy and does not prevent an outage from happening in the first place

How common? Often found in contracts

Encryption

Effectiveness: Varies. There are multiple encryption methods. If encryption is done by the vendor when the data reaches the provider's cloud, it is less expensive and less secure compared to if the user encrypts the data before sending it to the cloud. Important factor is who stores and has access to the encryption keys. The more copies of the keys, the less secure it is. Beware of vulnerabilities related to losing keys.

How common? Varies by provider. Third-party tools can also be used to provide encryption as a service

Evaluations

Many buyers use third-party security services to verify their providers' security controls, such as ISO27001 or SOC1 and SOC2 audits. But, a vendor simply reporting that it complies with these audits in many cases does not provide end users with the information they need to evaluate the provider's system for their specific security needs.

Effectiveness: Believed insufficient

How common: Common

Full indemnification for security failure impact

In this situation, a contract would outline that if there is a security breach that the provider would be responsible for losses of the customer.

Effectiveness: Theoretically high

How common? Never

Hacking insurance

Insurance by a third party, or by the vendor could help displace costs resulting from a security or data loss issue.

Effectiveness: Potentially helpful, but like the downtime credits, does not necessarily create incentive for provider to avoid a breach

How common? Rare, but growing

Negotiate security clauses

These allow customers to negotiate higher levels of security for certain programs or data.

Effectiveness: Potentially high

How common? Mostly for large customers only

Network World staff writer Brandon Butler covers cloud computing and social collaboration. He can be reached at BButler@nww.com and found on Twitter at @BButlerNWW.

Read more »

Online tool 'PlagSpotter ' allows for plagiarism checks

A Ukraine-based startup, Devellar, has launched an online plagiarism tool that checks online content to see whether it has been duplicated.

The beta version of PlagSpotter features an algorithm that "enables bloggers, journalists, writers, priests, politicians, or any type of public figure to track if someone posts any of their material online," the company said in a statement.

PlagSpotter offers free unlimited individual URL checks as well as three paid subscription plans for automated scanning and monitoring of web content for plagiarism.

For $49.95, the "Guru" plan allows up to 50 URLs to be checked for plagiarism daily, offers email notifications and day-by-day weekly reports. For $10.95, the "Master" plan offers 25 URL checks and email notifications, and for $7.95, the beginner plan offers 10 URL checks and email notifications.

Currently, the beta version of PlagSpotter offers free unlimited individual URL checks.

Devellar, which was originally founded in 2004 to develop products for its own use, is pitching its duplicate content checker as an important tool for preventing Internet copyright infringement, avoiding Google ranking penalties and improving search engine optimization.

Devellar said the tool can also be used by websites to ensure that they use only original content, thus avoiding any problems by easily identifying whether their content is truly original. Additionally, anyone who has written any original material can find out whether their material has been duplicated online without permission.

"Google constantly tries to provide the most relevant websites a searcher is looking for. If a website has too much duplicate content, then its SEO is compromised and can be put last in a Google search or removed entirely," Devellar said.

Computerworld tested PlagSpotter on one of its stories and the tool found 21 other sources that had quoted sections of the story.

"Duplicate content is becoming more important and relevant for websites as a result of Google's latest penalties and algorithm updates," Devellar said. "This means that websites that copy and paste stolen content unto their website risk not only poor SEO but copyright infringement as well."

Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian or subscribe to Lucas's RSS feed. His e-mail address is lmearian@computerworld.com.

See more by Lucas Mearian on Computerworld.com.

Read more about internet in Computerworld's Internet Topic Center.

Read more »

Google adds intelligent voice search to Google TV

Google added intelligent voice search to Google TV Wednesday. Not only can you jump to a channel by saying its name, but the software can also intelligently respond to statements.

For example, if you say, "how to tie a bow tie," you will be taken to an instructional video on YouTube explaining how to do that.

"Just speak to watch TV shows and movies, start playing a YouTube video, open applications, go to websites, do a Google search and much more," the company said in a blog.

You can also do voice searches with the product. So if you say, "Search movies with John Wayne," a search page with movies with The Duke in the cast will appear on your TV.

The new voice feature makes finding what you want on Google TV faster and easier than ever, the company said.

TV & Movies app updated

This latest edition of Google TV also updates its TV & Movies app introduced last year that allowed users of the product to browse and watch more than 100,000 movies and TV episodes. The new version is called PrimeTime, and it allows you to browse and watch TV simultaneously.

Google recently addedGoogle TV support to its Google Play store, so that Google TV users could buy or engage with movies, TV shows, and music from the online outlet.

PrimeTime is available from anywhere inside Google TV, and it allows you to coast through the best stuff on live TV, check out your favorite channels, see what you've watched recently, and get suggestions about what to watch based on what you've watched in the past.

Google also updated its YouTube app for Android and Google TV. The update allows a device to automatically pair itself with a TV so anything being watched on the device can be mirrored on the TV with the activation of a single button, along the lines of Apple AirPlay.

Google said that the updates for its TV product will first appear on LG products that support Google TV, followed by updates to second-generation hardware in the coming months.

First-generation devices won't get the new Google TV update, but they can have the PrimeTime and YouTube apps from the Google Play store downloaded to them.

Read more »

Use Facebook's new Social Jobs app to find work

Looking for a job? Now you can leverage one of the sites that you use the most, Facebook, to help in your hunt.

Facebook on Wednesday rolled out its long-awaited Social Jobs app for U.S. users, which has aggregated more than 1.7 million job listings from job search sites that were already using Facebook to reach recruits, including Jobvite, BranchOut, Work4Labs, and Monster.com.

The social network first announced plans for a jobs app last October as a joint venture with the Labor Department. The two launched the Social Jobs Partnership, a group that includes the National Association of Colleges and Employers, the National Association of State Workforce Agencies, and the Direct Employers Association.

U.S. Secretary of Labor Hilda Solis in a statement said "the foundation of an industry-supported open-source job-posting schema" is "helping America get back to work."

The national unemployment rate in October dipped below 8 percent for the first time since January 2009.

Facebook says the app is a natural progression in social networking. NACE research indicates that 50 percent of employers already use Facebook to find new hires. Those employers said potential recruits can better use Facebook to find jobs by liking company pages and networking with contacts.

"Facebook is all about connecting people, and we're thrilled to see developers leveraging our platform to connect job seekers and prospective employers," Marne Levine, Facebook's vice president for global public policy, said in a statement. "By allowing job seekers to view and share job openings based on personalized criteria, like location and industry, the Social Jobs Application builds on our broader effort to help people use social media to find jobs in the U.S."

LinkedIn competitor?

It's unclear whether Facebook intends to ramp up competition with professional networking site LinkedIn, which has 175 million users compared to Facebook's 1 billion. LinkedIn offers paid accounts for both job hunters and recruiters. For now, Facebook's jobs app serves as a marketplace of other sites' listings.

LinkedIn recently revamped its user profiles to make the site more visually appealing in an effort to compete with other social networks.

Read more »

Samsung releases smaller, faster 64GB smartphone memory

Samsung on Thursday announced a new 64GB memory chip for smartphones and tablets, which it says is 20 percent smaller and a third faster than current technology.

The company said its new 64GB eMMC (embedded multimedia card) reads data sequentially at up to 260 megabytes per second and writes at up to 50 megabytes per second, 10 times faster than Class-10 rated external memory cards.

The chips are made using Samsung's 10-nanometer class fabrication, and the company said it began production late last month. Shrinking the size of components allows for more efficient manufacturing and parts that draw less power.

Smartphones with 64GB of memory are still relatively rare, and most phones have an external memory slot for more storage. High-speed data networks are also allowing more data to be stored online, although most high-definition content is still downloaded and viewed locally.

For phone manufacturers, adding more memory is a way to increase margins. Apple's top-end iPhone has 64GB of memory, and in the U.S. costs US$200 more than its 16GB version. Samsung recently released a version of its flagship Galaxy S3 with 64GB of built-in memory.

Samsung said the latest memory chip is called the "64GB eMMC Pro Class 2000," a level up from the current "Pro Class 1500" chips. The slower class reads data at up to 140 megabytes per second and writes it at up to 50 megabytes per second.

The new memory chip measures 11.5mm by 13mm, compared to 12mm by 16mm for previous iterations.

In September, Samsung announced a massive 128GB eMMC chip for smartphones and other mobile devices, which is expected to begin appearing in phones for next year. That chips is part of its Pro Class 1500 lineup.

The company said it can manufacture the latest chips on its existing factory lines used for previous generations of chips, making its operations more efficient.

Read more »

Microsoft moves to relegate Windows 7 to second-class status

As Microsoft goes full speed ahead on Windows 8, a number of signs suggest that Windows 7 is fading fast in Redmonds rear view mirror.

On Monday, Microsoft program manager Daniel Moth confirmed in a support forum that DirectX 11.1 will only work with Windows 8. The company has no plan to bring DirectX to earlier versions of Windowsincluding Windows 7.

DirectX 11.1, Microsofts API for 3D graphics, isnt a major update from DirectX 11, but it adds features to take advantage of high-end graphics processors. It also includes native support for Stereoscopic 3D. The news will mainly affect gamers who want to keep upgrading their rigs but would rather not move to Windows 8.

Thats not the only indication that Microsoft is starting to leave Windows 7 behind. Reportedly, Microsoft wont release a second service pack for Windows 7, unnamed sources told The Register last month, and the company does not plan to offer an Xbox Music app for its older operating systems. For Windows Phone 8 users, Windows 8 has a slick modern-style app for syncing and viewing media, whereas Windows 7 only has a more bare-bones Windows Phone app for the desktop.

To be clear, Microsoft will support Windows 7 through 2015, meaning that itll offer both security and non-security updates for free. Extended support, which provides free security updates but requires a subscription for other hotfixes, will continue through 2020.

But when it comes to individual applications and services, Microsoft is starting to move on. Even Internet Explorer 10, which is already available on Windows 8, is only getting a preview version for Windows 7 this month, with no word on final availability.

Its not unprecedented that Microsoft would start treating its older operating systems as second-class software. After all, Office 2013 wont support Windows Vista or XP, and neither will Internet Explorer 10. Still, the Microsofts willingness to leave Windows 7 behind in some areas shows just how eager the company is to push Windows 8, lest we forget how big of a bet this new operating system is for Microsoft.

Read more »

DHS aims to hire 600 cybersecurity pros -- if it can find them

The Obama administration is hoping to make good on its promise to create new jobs -- in this case, 600 of them in cybersecurity.

Department of Homeland Security (DHS) Secretary Janet Napolitano, acting on the recommendation of the Homeland Security Advisory Council's Task Force on Cyberskills, said at a Washington Postcybersecurity forum that DHS wants to hire at least 600 cyber experts, analysts, IT specialists and people who are familiar with coding.

As a number of cyber experts have noted, however, while this may be a new initiative, it is not a new goal. James Lewis, senior fellow and program director at the Center for Strategic and International Studies, said on a different panel at the same forum that similar hiring efforts have been under way for several years, with limited success.

Federal News Radio's Jason Miller reported that the Government Accountability Office (GAO) "found in November 2011 that nearly every agency experienced difficulty in defining and hiring cyber workers."

There are several reasons for the difficulty, experts say, but none of them have to do with a lack of supply. They say there are talented candidates out there, but DHS has not learned how to attract them. One problem is that DHS still hasn't been able to define the skills needed and job descriptions clearly.

U.S. Army Maj. Gen. John Davis, senior military adviser for cyber to the undersecretary of defense, said recently at the Center for Strategic and International Studies (CSIS) in Washington, "We don't have all the capacity and the right sets of skills that we need to do all that's required. In the department we are still struggling to fully define and empower the cyber workforce."

Beyond that, experts say DHS is likely to continue to have problems recruiting the best and the brightest in cybersecurity until it learns that many do not fit into the standard bureaucratic hiring profile.

[See also: DHS eyes kindergarten for next generation of cybersecurity pros]

In response to a call from Napolitano several weeks ago to begin training the next generation of cyber pros in kindergarten, several experts said there is no need to wait 14 years for those kindergarteners to get out of school. But the talent available now would be unlikely to make it past standard government screening.

As the security consultant Winn Schwartau put it recently at the Hacker Halted conference in Miami, human resources departments "frown on conditions such as attention deficit disorder and autism, or obsessive-compulsive personalities, which are typical of computer geeks willing to focus on an issue through the night."

Government also lacks the so-called "cool factor." Paul Rosenzweig, founder of Red Branch Law & Consulting and a former DHS assistant secretary for policy, said at the time, "It is much more interesting and cool to build new stuff in Silicon Valley than it is to toil doing cybersecurity for DHS."

Bill Pennington, chief strategy officer at WhiteHat Security said that while defending the free world from cyber threats may be pretty cool job description, "sadly I am sure there are a thousand regulations that make the government put out descriptions like Security Analyst Level 1."

Pennington added that standard education requirements might be blocking some of the best talent out there. "What they are teaching at some universities is at least two to three years behind the curve. Why would I go to college and spend $100,000 to $200,000 to learn three-year-old technology?" he asked.

So far, DHS is only getting part of that message. One of the recommendations of the Task Force on Cyberskills is to, "make the hiring process smooth and supportive and make mission critical cybersecurity jobs for the federal civilian workforce enticing in every dimension: in mission and service, skills, growth potential, and 'total value proposition.'"

Mark Weatherford, undersecretary of cybersecurity for DHS, said in September that a lack of a college degree shouldn't be a deal-breaker for a job candidate.

Still, the task force believes in the conventional education approach. Another recommendation calls for "[establishing] a two-year, community-college-based program that identifies and trains large numbers of talented men and women to prepare them for mission-critical jobs in cybersecurity."

Not necessary, says Pennington. "Apprenticeship is a concept that fits this area well," he said. "Once you hire based on attitude the aptitude can come quickly with the proper environment and hands-on training."

He said the WhiteHat hiring process involves giving candidates a week to answer questions about cybersecurity. "It is surprising how many people this process weeds out,"Ã'Â he said.Ã'Â "Those who pass then come in for interviews, mostly around team chemistry. Our retention rate is about 95% over the past four years."

Read more about security career/staffing in CSOonline's Security Career/Staffing section.

Read more »

SAP cozies up to Windows 8 with mobile apps, platform support

SAP said Tuesday that it plans to roll out a series of mobile applications for Windows 8, a move that underscores the companies' deep partnership at a time when many observers believe Microsoft's new OS is in for a tough ride.

In addition, SAP is planning to add support for Windows 8 mobile application development for Windows 8 and Windows Phone 8 through its SAP Mobile Platform, which has been renamed from Sybase Unwired Platform, according to the announcement, which was made at the Sapphire and Tech Ed conferences in Madrid.

SAP has also renamed the Sybase Afaria mobile device management platform. It is now called SAP Afaria and will also support Windows 8. Intel-based Windows 8 tablets are now certified for SAP Afaria as well.

The six Windows 8 mobile applications SAP plans to roll out will be "for use on devices of various form factors," according to a statement.

These include WorkDeck, a "persona-centric app that offers contextual integration of various information sources and processes into a role-based view," SAP said.

Other applications include Manager Insight, which provides employee profile information; Learning Assistant, a training application; Interview Assistant, for coordinating employee searches and hiring processes; Customer Financial Fact Sheet, which provides data about clients' finances and order activity to sales representatives; and GRC Policy Survey, with which employees can "review and acknowledge relevant policy changes and fill in surveys to ensure they understand the policies," SAP said.

Trial versions of all the products will be available for download.

In addition, developers will be able to create HTML5 and JavaScript-based mobile applications inside Microsoft's Visual Studio, then deploy them through SAP's mobile platform, which provides advanced security, authentication and high availability, according to a statement. SAP intends to give partners the ability to develop Windows 8 applications on the platform and is also making a free developer trial of it available.

Wednesday's announcement also noted that SAP will develop Windows RT and Windows Phone 8 applications, but didn't provide any specifics. Nor did SAP give availability and pricing dates for its Windows 8 applications.

Still, SAP's move should provide a significant albeit not entirely surprising endorsement of Windows 8, which has been dogged by reports of slow initial sales.

SAP and Microsoft, while competitors in some areas, have engaged in many high-profile co-development efforts over the years, such as Duet, an integration between SAP's business software and Microsoft SharePoint.

Critics such as Salesforce.com CEO Marc Benioff have even predicted that Windows 8 will be the "end of Windows."

Such talk, however, doesn't reflect the reality of how deeply ingrained Windows and other Microsoft technologies, such as Office and Active Directory, remain inside corporate IT environments. Should SAP fail to support Windows 8, it could face some blowback from its customers that decide to upgrade to the new OS.

Chris Kanaracus covers enterprise software and general technology breaking news for The IDG News Service. Chris' email address is Chris_Kanaracus@idg.com

Read more »