Trust too: Yahoo Interfaces

Last week Yahoo posted this blog.. They say:

“[It is] the companion blog for two libraries we’re proudly releasing today. The new Yahoo! Design Pattern Library offers our thinking on common interface design issues for traditional and rich Internet applications. The new Yahoo! User Interface Library is a collection of industrial-grade JavaScript utilities and widgets that enable you to efficiently get the most out of today’s powerful browsers. In both cases, these are the exact same things that power Yahoo! today.”

Kudos to them. They need to be more open than Google, more forthcoming on their APIs than Microsoft, and to start working more closely with Web developers. It is a good step.

An interesting URL, that of What is it all about? is showing you their internal server logs, what is up and what is down. I bet it won’t take long until someone creates a Google map mashup of the historical stats. (Right now you just get a summary page for each day’s performance, along with links to days that something went wrong with more explanation.)

Kudos to them for doing this, and showing their inner workings. I wish more Web sites were equally forthcoming.

New Trends in Search at the New Communications Fourm

I will be moderating a panel session at the Palo Alto Sheraton on March 2 with this title. You can go here and find out more about the conference.

We will look at various trends in the search area, including what is going on with searching blogs and podcasts, search engine optimization, the recent deal between BearingPoint and Google, and integrating search into the desktop. Here are the powerpoint slides for the session.

It should be a lot of fun and I am looking forward to the conference.

My panel will include:

  • John Cass is director of blogging strategies for Backbone Media (, a 10 year old search engine optimization company. His blog is called Blog Survey.
  • Rob Key is CEO of Converseon (, a search and communications management company.
  • Stephan Spencer is the founder and president of Netconcepts, a search engine optimization agency.
  • Ross Weinstein is Director of Business Development at Ingenio (, a pay-per-call Web to phone vendor.

Two new worthy Lexmark printers

With all the new printers on the market, it is hard to rise above the fray. Two from Lexmark caught my eye, and in my preliminary tests I give them both high marks. They do very different things, but both are worthy of mention here because of their connectivity options.

The first is one is the $200 P450 photo printer, and it is notable because of what it doesn’t have: a printer cable! Instead, it comes with plenty of other connection options: a CD-burner and various slots to put USB and card media in it. You can copy photos from the removable media and burn CDs, or make 4×6 prints. It takes about three minutes to get a photo-quality print out. It has a tiny LCD screen that has pretty simple menus to navigate around and make your prints.

My initial tests grabbing photos from a Mac were frustrating, and I am not sure that I solved the problem by upgrading to Tiger 10.4 OS. But it now works just fine, taking pictures from a camera directly or by transferring them from either a Mac or a Windows PC via a USB key drive. If you have a lot of digital photos and just want to make a batch of prints, this is the printer for you.

The second printer is the $150 E120n mono laser. What makes this printer noteworthy is that it includes a 10/100 Ethernet print server. I remember the days (and they weren’t all that long ago) when just the print server cost this much. Setup for the printer took all of about 10 minutes, and that included installing the drivers from the CD and unpacking the unit. I also remember when installing Lexmark network print server drivers took the better part of an afternoon, running back and forth from printer to PC, and grabbing different pieces of software to get everything working. Those days are gone: the E120n was a snap to run off either Mac or Windows.

If you aren’t using a mono laser printer at home because of inertia, and you are tired of switching the USB cable between a bunch of PCs and paying through the nose for ink jet cartridges, this is one to look at. It even comes with a built-in Web server to monitor its status and can email you messages when low on toner, something you can impress your friends and neighbors with.

Email systems I have known and discarded

Mike Krieger at Z-D and I have had a series of amusing emails recalling all the various email systems down through the years that we have known, used, and abused. He goes back to the dawn of connected email with IBM mainframe systems PROFS and DISOSS. When I was first living in LA, Mike was an SE for IBM midrange systems and we both used these beasts.

Here are a few other systems to jog your memories this morning:

Easymail (AT&T)
Radiomail (precursor to BlackBerries)
The Source

Not to mention all the various BBS’s that were floating around back then. And speaking of BBS, you might want to take a look at this movie here.

MP3Tunes Locker/Oboe Review

So you have ripped all your music CDs on your hard drive, and you might be worried about what will happen to all these files if disaster strikes. You can copy them onto an external hard drive, or you can make a copy to an Internet-based backup service. I did a review of MP3Tunes’ Locker music service here on NewsForge/OSTG. The nice thing about this service is that it works across Mac, Windows, and Linux platforms. The bad thing is that the first time you use the service, it will take several days to upload all your data.

Cranite SafeConnect Has A New Twist on VPNs

If you absolutely need total control over your remote users, and need to run the widest possible range of applications, then the Cranite Systems Inc. SafeConnect VPN software should be in your short list of products to consider. I recently did some tests for the company and found that SafeConnect is neither fish nor fowl, and sits squarely between SSL VPN and IPsec products, combining the ease of use of the SSL crowd with end-to-end applications interoperability of IPsec.

I tested the product on a series of laptops and compared how it worked with SSL VPNs from Juniper, Nokia, and other major manufacturers. Overall, the product stood up well in these tests. SafeConnect will prevent eavesdropping over the remote connection no matter where and how your users connect, and it is easily setup in a few hours. It will support a wider range of applications and do so without any additional configuration required. It delivers extremely high file transfer throughput, way beyond any of the SSL VPN products. Finally, it is priced attractively at about a third to a half of what competitive SSL VPN products with equivalent feature sets would cost.

There are several other things the product doesn’t do. It can’t and doesn’t try to compete with the SSL products for unmanaged remote users, since its client must be installed on each remote desktop or laptop. It doesn’t provide the level of client endpoint integrity checking that a Nokia, Juniper or F5 SSL product provides. It also has three major deficiencies: First, it doesn’t prevent users with duplicate credentials from concurrently connecting to the network, and it doesn’t report on these circumstances either. This puts a burden on your IT department to keep track of their client credentials. Second, there is no auditing ability, which we discuss more completely below. Finally, while the product comes with its own LDAP and RADIUS servers, if you do decide to use these pieces you will have to configure them via their separate command line interfaces. Cranite should integrate these into its own graphic configuration screens.

We liked the fact that once you were connected, your remote connection was solid and bullet-proof from man-in-the-middle attacks. We tried to break the connection by sending malformed packets with a bad MAC address – something that would bring down any SSL VPN connection – but SafeConnect kept on going without any problems. About the only way to tear down the connection would be to fill the pipe with a denial of service attack or if we lost the line entirely from our ISP.

You can read my full report on Cranite’s Web site here.

Trusted Dating

Okay, there is a lot going in the next week, with the RSA conference, Valentine’s Day and the release of Firewall, the movie. I couldn’t resist the temptation to draw your attention to the confluence of these events. I was pretty excited back when Beauty and the Geek hit the airwaves, but that’s nothing compared to having Harrison Ford playing a computer security expert. This movie has got to be the hottest thing to happen to computer security since Robert Morris unleashed his worm back in 1988, and he certainly wasn’t as cute as Ford.

I haven’t yet seen the movie, but I can just imagine Ford battling the bad guys by bashing them over the head with a Sniffer or some big Catalyst switch, or better yet, something involving a wiring closet filled with snakes and a long whip to taunt the villains. Wait a minute, wrong movie franchise. Still, I can see the excitement building in the scene where he gains root access to his Linux server, and John Williams score swelling as the hacker is doing a SQL injection to obtain his bank’s customer records. And of course, we all can’t wait for Firewall 2.0, where Ford is fighting zero-day exploits on peer-to-peer viruses created by a bunch of Estonian high school kids during their lunch break. Really, the opportunities are so endless, it makes me want to start writing that script now.

Alright, you hopefully can tell that I am kidding. And that is the problem with computer security experts in a nutshell — how does it translate to something that a movie star can grasp and portray that has some physical manifestation? It doesn’t, really.

The problem with a lot of computer security is whom do you trust, and how do you establish a trusted relationship? I will have more to say about this in my dispatch next week, when I take my eyes off Indy and give you a look at a nifty new VPN product. But while you are waiting for that, you might remember that next Tuesday is Valentine’s Day, and that brings me to how we tie this all together.

Apropos of V-Day, there were a couple of stories in today’s LA Times about online dating, including an examination of when you are in a relationship and at what point you delete your Jdate account. Or at least no longer check to see who has replied to your posts, indicating that I guess you are no longer in the market. Talk about trust. Thankfully, I have a wonderful wife and I hope I never have to face the whole online (or even offline) dating scene again: I wasn’t a great dater in my 20s, and in my (mumble) later years most recently I wasn’t much of a dater either. But this isn’t about me.

What caught my eye this week was a site called This is a site where you can post information about various people on other online services, including the major ones such as, eharmony, Yahoo Personals and MySpace. The idea is to combine the Netflix ratings system for videos with the online dating world. If someone represents themselves as a tall thin Caucasian and when you meet f2f you see that he is a short, balding black dude, you can quickly exit stage left and rush to your nearest Starbucks and post the truth about this person’s credentials.

I haven’t tried the site, but the theory sounds terrific. Daters can send emails to each other and communicate their findings. And one of the things that you should know is the majority of people on their site are female (not that I am going to act on this information!). You can also post positive reviews in addition to the negative ones.

Finally, a mechanism for trusted dating. It is so clever, it should be a Microsoft API. Or maybe the concept for the next Harrison Ford movie.

Web Conferencing Compendeum

For close to ten years I have maintained a page on my site that has links to numerous Web-based voice and data conferencing products. If you know of something that I have omitted, please drop me an email with the details.

Lately, I came across a great blog maintained by Ken Molay. He has tips and tricks on how to do better Webinars, and plenty of insider information that is only from someone who really uses the stuff. It is definitely worth a closer look.

Want to start up a meeting over the Web and share your presentation out to desktops in real time? There are a number of companies providing this service. Here I track down what they cost and where they are located. Most of these products regrettably now only support Internet Explorer and Windows configurations, although the more enlightened are finally embracing Firefox and other Mozilla browsers. I used to track community discussion software products but David Woolley does such a great job and keeps better up to date information.