News flash: Google can still track you

Yesterday Google announced that they will completely eliminate third-party browser cookies. Calling it a move towards a more privacy-first web, as their director of product management who wrote the post claimed, is a bit of a misnomer. Yes, they will phase out tracking these cookies on their Chrome browser. But they will still track what you do on your mobile phone, especially an Android phone, and track what you do on their own websites, including YouTube and its main search page. And they will still target the ads that you see from these activities.

The announcement was expected: last year they announced their plan to de-cookiefy their browser. They basically had to — Safari and Firefox have blocked these cookies for years, so it was high time Google got on board this train. They have come up with a variety of technologies and tools that sound good at first blush, but I am not sure that these replacements are better, especially for preserving privacy. One of them is called the Privacy Sandbox. Now, sandboxes have certain implications, especially for security researchers.  The goal is to limit who can view what is going on inside the sandbox, and more importantly, who can’t. It seems that smaller advertisers will have to find some other place to play, but the big guys will still have the means to figure out who you are and more importantly, what you are interested in, to target their advertising. Vox’s Recode says that “Google will still technically deliver targeted ads to you, but it will do so in a more anonymous and less creepy way.”

Firefox has a better idea: to limit the reach of cookies to just the website that places them on your hard drive. They call it Total Cookie Protection and you can follow the links on their blog to understand more of the details. It does seem to eliminate web tracking cookies, but we’ll see as they roll it out across their browsers.

In the meantime, if you use any Google products, go to your Google Account and review the numerous personalization settings you have at your disposal to rid yourself of tracking, including their activity controls, ad personalization, and recorded activity history. And if you are using an iOS phone or tablet, make sure you update to iOS v14 and enable the ability to block cross-app tracking.

Network Solutions blog: The Best IT Certifications to Maximize Your Personal ROI

As teaching methods advance and especially during the pandemic, online learning is starting to approach a physical classroom experience, and it’s great for conceptual learning. A good online learning experience should include not only content, but should also feature practice drills, integrate with real-world case studies, and contain a social component to make learning more effective. I cover some of the things to look for in selecting the right professional IT certifications to increase your potential value to your company.

You can read my blog for Network Solutions here for more about this topic.

Network Solutions blog: What is Identity and Access Management and How Does It Protect High-Profile Users?

Microsoft AccountGuard banner Image

My latest blog for Network Solutions is about identity and access management. Our email accounts have become our identity, for better and worse. Hackers exploit this dependency by using more clever phishing lures. Until recently, enterprises have employed very complex and sophisticated mechanisms to manage and protect our corporate identities and control access to our files and other network resources. What has changed recently are two programs from Microsoft and Google that are designed to help combat phishing. They are aimed at helping higher-risk users who want enterprise-grade identity and access management security without the added extra cost and effort to maintain it. The two programs are called AccountGuard (Microsoft) and Advanced Security (Google). In my blog post, I explain what these two programs are all about.

The evolution of the network protocol sniffer

Last month I caught this news item about Microsoft building in a new command-line feature that is commonly called a network protocol sniffer. It is now freely available in Windows 10 and the post documents how to use it. Let’s talk about the evolution of the sniffer and how we come to this present-day development.

If we turn back the clock to the middle 1980s, there was a company called Network General that made the first Sniffer Network Analyzer. The company was founded by Len Shustek and Harry Saal. It went through a series of corporate acquisitions, spin outs and now its IP is owned by NetScout Systems.

The Sniffer was the first machine you could put on a network and trace what packets were being transmitted. It was a custom-built luggable PC that was typical of the “portable” PCs of that era — it weighed about 30 pounds and had a tiny screen by today’s standards. It cost more than $10,000 to purchase, but then you needed to be trained how to use it. You would connect the Sniffer to your network, record the traffic into its hard drives, and then spend hours figuring out what was going on across your network. (Here is a typical information-dense display.) Decoding all the protocols and tracking down the individual endpoints and what they were doing was part art, part science, and a great deal of learning about the various different layers of the network and understanding how applications worked. Many times Sniffer analysts would find bugs in these applications, or in implementations of particular protocols, or fix thorny network configuration issues.

My first brush with the Sniffer was in 1988 when I was an editor at PC Week (now eWeek). Barry Gerber and I were working on one of the first “network topology shootouts” where we pit a network of PCs running on three different wiring schemes against each other. In addition to Ethernet there was also Token Ring (an IBM standard) and Arcnet. We took over one of the networked classrooms at UCLA during spring break and hooked everything up to a Novell network file server that ran the tests. We needed a Sniffer because we had to ensure that we were doing the tests properly and make sure it was a fair contest.

Ethernet ended up wining the shootout, but we did find implementation bugs in the Novell Token Ring drivers. Eventually Ethernet became ubiquitous and today you use it every time you bring up a Wifi connection on your laptop or phone.

Since the early Sniffer days, protocol analysis has moved into the open source realm and WireShark is now the standard application software tool used. It doesn’t require a great deal of training, although you still need to know your seven layer network protocol model. I have used Sniffers on several occasions doing product reviews, and one time helped to debug a particularly thorny network problem for an office of the American Red Cross. We tracked the problem to a faulty network card in one user’s PC which was just flaky enough to operate correctly most of the time.

Today, sniffers can be found in a number of hacking tools, as this article in ComputerWorld documents. And now inside of WIndows 10 itself. How about that?

I asked Saal what he thought about the Microsoft Windows sniffer feature. “It is now almost 35 years since its creation. Seeing that some similar functionality is now hard wired into the guts of Windows 10 is amusing. Microsoft makes a first class Windows GUI tool, NetMon, available for free and of course there is WireShark. Why Microsoft would invest design, programming and test resources into creating a text-based command line tool is beyond me. What unfilled need does it satisfy? Regardless, more is better, so I say good luck to Redmond and the future of Windows.”

Fast Track blog: Signs you should replace Access with an online database

Many of us started out with database software with something like Microsoft Access. It came included as part of the Office suite, was fairly easy to get started and infinitely customizable for light database programming. But with all these advantages, it might be time to look elsewhere for alternatives, especially for citizen developers who want to build more sophisticated online database applications.

You can read my post here about ways to recognize when your Access is running out of steam.

Fast and furious under the sea


When the Internet was first getting used by ordinary commercial businesses back in the early 1990s, those businesses didn’t own any of the underlying infrastructure besides their own connection to the nearest peering point. My how times have changed. This week, Microsoft and Facebook announced they are building the next transatlantic cable to exclusively carry their own Internet traffic between their American and European data centers.

When you think about this, it isn’t that surprising. After all, it represents the next step in the evolution of how private companies have built their computing systems on top of the public Internet. It isn’t the first such private cable: Google has been partnering with telcos for years to share their bandwidth, and a new connection from the US to Japan went online earlier this year. Facebook (and others) are even building their own servers, routers and racks out of specialized spare parts, since they need so many of them to run their online businesses.

Another result of this is how many businesses are running without any data centers at all, using private clouds and co-locating their servers at peering points. What used to be all about the connection to the Internet is now about owning the entire stack, down under the sea if you are big enough to afford it.

Certainly, the cost of Internet bandwidth has plummeted in the 25 or so years that a business could buy it. In the early 1990s, if your business was big enough, you purchased a T-1 digital line that topped out at the then amazing speed of 1.5 Mb/s. If you had a lot of demand, you could get a T-3 line that was 30 times as fast.

Of course, when you tell folks today about these early speeds, they look at you strangely and start thinking you date back to the days when there were payphones with actual dials. Given that today the worst DSL speed you can get from your local phone company still gives you a better connection than that old T-1 line it is pretty amazing how fast and far we have come. Today a cable Internet connection can deliver at least 10 Gb/s rates (at least in the download direction). Google and other fiber providers are talking about 100 and 1000 GB/s speeds in both directions, and there are cities (such as Chattanooga) where you can get a gigabit connection at every address. These places have realized that supplying a ultra-fast Internet is an essential part of their municipal services, just like supplying water and staffing the fire and police departments.

And that Microsoft/Facebook undersea cable? It will start out carrying 160 Tb/s, which is at least twice as fast as older cables. I can’t even think at those speeds.

Microsoft, the uber ISV

KL_InApiWeTrust-1000This week several thousand IT managers, developers ISVs, and others who work with Microsoft’s operating systems, tools, and software products are gathered in Houston for the annual TechEd conference. I couldn’t make it, but I have been talking to a number of independent software vendors and Microsoft channel partners for a custom consulting research project.

In the course of doing the research, I was reminded of why Microsoft is such a powerhouse when it comes to understanding developers and having such a rich ecosystem that continues to be self-sustaining and an expanding universe. When you look behind the scenes, there is usually a Microsoft API that is lurking about, and that people are using to build something, which is being used as the basis of some other software developer who is building there thing, which continues on and on.

As an example, take a gander at the Azure Store (it is under the “Add-os” tab at the top level menu for Microsoft’s cloud computing site. It has add-on tools that range widely across the SaaS and IaaS spectrum, and can be used to manage Azure VM collections, setup and provision Azure servers, or access particular datasets. The store is still very much a work in progress, and its search function is somewhat limited. And sure, Amazon’s Web Services has more activity, because it has been around longer. But the idea is catching on, and the ISVs are coming to sell their stuff, and others are taking notice. The extensibility of Azure will be untouchable in a few years.

We saw this movie already with the first wisps of .Net and Visual Studio: there was a time that people used those tools to just build standalone apps that had nothing to do with the Internet or Web services. Those universes were eventually mind-melded together, and now no one thinks it odd when someone builds a Web app with .Net.

Look at what you can do with using Excel as a query tool for all sorts of databases, some that aren’t even on your own hard drive. Again, it is all about extending the things we know and love (or at least tolerate) well. The same thing happened when Windows Explorer became Internet Explorer, even if IE is now a malware distribution mechanism of the first order.

I realize that you could make the same claims about building-on-top-of-the-builders with the open source movement: just look at the 57 different Hadoop-oriented projects (if not 1057 by now) that have been spawned by that Big Data database. And yes, there are other claims to the uber-ISV throne too.

But it is what Microsoft is best at doing and you would be wrong to sell them short in this area. Yes, their actual software dev tools aren’t the best on the block. And there may be better desktop environments better than Windows. And yes, more people are buying Apple’s iThings because they are just cooler, no doubt. No one is going to ooh and aah over a Windows Phone anymore, no matter how honking many megapixels its camera can consume. But that is missing the point.

With Microsoft, it is all about the API-enabled ISV, who can sell to other API-enabled ISVs, who can use all these interfaces to build powerful apps with just a few lines of actual code. There are lots of other things wrong with the company, but this is one they continue to get right.

How Microsoft can become a center for innovation

With its new CEO Satya Nadella, there has been a lot of focus on the I word in Redmond. Many of you might scoff at the notion that the software giant can innovate. The company does have a rich history of being late to many tech parties over the years. But I want to remind you that there have been some glimmers of innovative thinking in several products down through the ages.
For example, back in 1989 Microsoft introduced Office on the Mac OS, a year before it came out for Windows PCs. Indeed, Word was available on the first 1984-vintage Macs and one of the main reasons people bought Macs back then, when Multimate and Word Perfect were the major DOS word processors. It wasn’t the first to have a way to create documents on a graphical OS but it did become the standard, largely through the integration of Powerpoint and Excel. You would be hard pressed to find anyone that hasn’t used these products today.
Several years later, they released a new version 6 of DOS that included the ability to compress data in software before it was written to a hard drive. Now that desktop and laptop PCs have terabyte drives, it is hard to imagine that anyone cares about disk compression. But back then saving a few megabytes of disk space was a big deal. The problem was that this disk compression was already being done by Stac Electronics in a product called DoubleSpace. Lawsuits and counter-suits followed, and Stac was able to win and receive a large investment and royalty from Microsoft as a result. Was this innovative or more combative? Still, a memorable Microsoft moment.
And in 1995, Microsoft wasn’t the first to integrate the desktop with the Internet browser, but they helped to blur the lines on how you stored your files. Remember Netscape? They failed miserably at the task with the same browser code base. Today most of us switch between the desktop and online pretty much effortlessly, and we even have Chromebooks that have almost no local storage for our files.
Then there is Kinect, Microsoft’s innovative motion sensor peripheral to its Xbox game console. While it still hasn’t taken off for business computing, there are lots of people trying to incorporate it into their products. I just saw a demo from a new company a few weeks ago that is trying to use Kinect for physical therapy exercises.
So what is my wish list for future innovation for Satya? I feel like we should be on a first name basis, with all the press videos that have been posted this week. Here goes:
1. How about making Windows the most secure desktop OS in history, rather than the most exploited? Enough with making it more Metro-sexual.There is a reason why a lot of folks have stuck with XP all these years: it works just well enough.  Let’s lock it down and get rid of the world’s botnets once and for all. While they are at it, do the same for its IIS web server security too.
2. How about finishing off the half-hearted integration of Hyper-V and Azure so that Windows can be the VM Switzerland and be used to run virtual machines from either VMware or Amazon’s Web Services? Let’s take another look at the lessons learned from Netscape.
3. Let’s give up the ghost on Windows Phone: it is time to realize that the world has moved on. Maybe that few billion for Nokia is largely an academic exercise. Is there still a mobile play that Microsoft could benefit with combining forces with Apple’s iOS? Like making Office work really well on that platform? Think about what Word did for the new Macintoshes back in 1984.

FedTech: Review of Microsoft Office Pro Plus 2013

Microsoft Office has split into two distinct personalities, Office 2013 (which you get via a CD) and Office 365 (that comes via the browser and the cloud). The two share several common features and will make it easier for federal government users to collaborate without having to serially email documents back and forth. There is also tighter integration into your Microsoft account for reading emails and adding contacts and calendar entries.

For more on my review of MS Office Pro Plus 2013, read it in FedTech Magazine’s latest issue here.

The dark side of Google

In the past several years, Google has become more evil. Despite its goal of purity and widely-heralded philosophy at its founding, it has become just another corporation trying to make a buck. While it employs some of the best and brightest engineering talent, it has taken over the Internet in ways that even a monopolist such as Microsoft can only admire from the sidelines. What happened? It was a gradual evolution and just being better than its competitors, but also being such a big presence in so many places around the Internet too.

Let me count the Googles in my own life. First and foremost is email: Gmail is probably the best webmailer that I have ever used, and I have used many of them. I use Google to host all of my email now from my various domains. I first started using their email service because it was free, but it still offers better features than most for-fee services. Their group emailing list services still is substandard, something that Yahoo does much better after all these years (Yahoo bought eGroups long ago, one of my favorite services).

Then there is search. All my searching is done on Google, too. I have tried Bing and while it has some appealing features, I keep coming back to Google. Yahoo? Oh yeah, there is Yahoo too.

How about video streaming? Certainly the go-to place for that is You Tube. I have used them as one of my many places where I put my own videos online, and have noticed that as You Tube has become part of the Googleplex it has gotten harder to use and lags behind features of some of the smaller video streaming service providers.

SaaS-based storage? While Google Docs is not as good as many, it does work to share documents and other stuff online. They bought Etherpad and have tried to incorporate the real-time editing service, but it has been a botched effort to date.

Maps? Got that covered. I particularly like the walking/biking directions. The mobile maps could use some work, which is one of the reasons why Apple is moving to their own app for their iThings. And let’s not even go into the whole sad saga of how they collected this mapping data and recording the open Wifi hotspots along the way, or the scary future of what they intend to do with their 3D plans, outlined here.

Social networking? There is Google+. (And Orkut, if you live in Brazil. And Wave and Buzz, which thankfully never took hold.) I know folks who love it and use it and profit from it greatly. I am not one of them. Facebook and LinkedIn are fine by me and enough work to keep up with them.

Photos? Google bought Picasa and has been dismantling it over time, making their offering less compelling for sharing photos online and wanting folks to use Google+ for this purpose.

Phones? Android is now the dominant smartphone player in the world.

Browsers? There is Chrome. I still try to resist, using the other ones.

Are you sensing a trend? Google isn’t as good at incorporating a small development group into the ‘Plex. Their offerings often lag behind the competition, even when the small dev groups are ahead of the market. As James Whittaker, one former Googler has said:
“The Google I was passionate about was a technology company that empowered its employees to innovate. The Google I left was an advertising company with a single corporate-mandated focus.”

Google now competes in so many places that many of my colleagues are moving to de-Google their online lives. And they are finding that the effort is considerable. Mainly because Google is like the Borg: it wants to assimilate your online life.

It does this through the Google Account. Take a look for a moment at You can see an impressive amount of information about your online activities, if you allow Google to do so. If I choose to, all of my social media posts of Twitter are tied to my account. All of my searches are saved in their archives, if I turn that option on. And the number of options of what to reveal to the world and what not are as complex and ever changing as the equivalent Facebook choices.

There are options presented as a way to “improve my search experience” and accuracy, and I am sure that they do. Trouble is, I have no idea if they are also adding to the things that Google can track about my online life. My guess is that they do, which totally creeps me out.

Where do we go from here? I don’t honestly know. I am not prepared to entirely de-Google my life yet, although I do keep in mind some of the alternatives and watch what they are doing. I do think Google has gotten more evil over time, and is seeing some of their best and brightest engineering talent leave for other places as their own frustrations increase. It is too bad, because we all had such high hopes for them.