Slow down!

Do you get the feeling that the pace of life is accelerating too quickly for you? I do. I think it all started with instant coffee and TV dinners. In the tech world, there was email because we couldn't wait for telephone calls, or snail mail to be returned. (Don't you just love that term? Talk about slow!) But that wasn't fast enough, so we went to Instant Messages. But even those that take more than a few minutes to answer aren't acceptable, and so now people text each other from their cell phones because they can't wait until they are sitting in front of a computer.

We say that Web pages are called slow to load if they don't appear onscreen in 20 seconds or so before we hit the reload key. And it was too hard to build Web sites from scratch, so we have Wordpress et al. to make building blogs a snap. But even blogs are too much work, so we now have Twitter to send short bursts of information out to the world. Soon we will have nanoblogs, one-word missives that we can transmit to millions of people. Pity that we have become so pithy. The devil is in the details.

Videos that are longer than three minutes are too long to watch. We have Tivo and DVRs that can fast-forward automatically through commercials, because no one wants to watch them in real time anymore anyway – who has the time to wait for a program to start at the top of the hour? It seems so quaint now that was the only way we could all see "must-see TV" back in the day on our black and white sets that were encased in our cherrywood furniture.

We have video Skype calls for instant conferencing and impromptu meetings, even with people that are in the same office, because we can't spend the time to get up from our cubicles and walk down the hall. Software "builds" used to be created weekly, then daily, now they are done hourly, and even that isn't fast enough for the always-connected, hyper-broadband generation. It used to be enough to carry around a few megabytes on a flash drive, now we can take our entire digital repository and listen to music and videos too.

And don't even get me started about social networks, or online dating, or even online breakups (I don't need to know anything more about Jimmy Wales, puh-leeze!).

Maybe it is time to start slowing down. Take a few minutes to re-read that email before hitting the send key and regretting what you said in haste. Call someone on the phone in real time, and turn away from your screen when you are talking to him or her so they have your undivided, single-tasking attention. Interact with someone in your office by getting up out of your chair and visiting with them, not to waste time or shoot the breeze, but to get a reaction and some face-to-face feedback.

Have a nice holiday break, if you are reading this this week. And a great New Year's!

SecurePC may be too costly for what it delivers

Is $600 for a "netbook" too much to spend these days? Apparently so. I tried out the SecurePC from 01com.com and while a nice package, the price is a bit steep considering the competition.

The idea behind the SecurePC is a nifty one: put together a stripped-down version of Windows XP that just can connect to the Web and do nothing else. You do not have access to any local storage, so your PC can't get infected from malicious Web sites or emails. You can't download any programs. If it lives out on the Internet, you can run it – the usual Flash and Java add-ons come with the machine. Otherwise, forget it.

The notebook runs Intel's Atom processor, so it is quiet, cool, and compact. The screen is bright but isn't going to win an awards for size – it is a 10 inch diagonal and can run an external video monitor in the odd resolution of 1280x960 because of its form factor, I guess. And it comes with a solid state hard drive so there is one less moving part and heat source to worry about.

I liked the design and feel of the machine's hard plastic case and they way it boots up almost instantly – it takes longer to find your wireless network than it does to bring up the overall system. The keyboard is a bit cramped for me, particularly the comma and period keys that are somewhat squished together. And it comes with three USB ports, although I am not sure what you would connect to them other than an external mouse. If you try to plug in a thumb drive, you aren't going to get any files off it. The SecurePC does support USB 3G broadband modems, but I didn't test any.

You can access network shares via the wired or wireless interfaces, but again, I am not sure what you would do with the files when you see them, unless you could run a auto-executing virtual machine session across the network. To get an idea of how stripped-down this OS is, you open up a rather sparse Control Panel. There isn't much you can do, which I guess is good if you are getting this PC for grandma.

The disk storage is limited, and I had to play some games adjusting the virtual memory settings that would also allow enough room for temporary files: InTouch could spend some more time tweaking these setings. Another drawback is that you can't upgrade your OS when Microsoft issues the inevitable patches since you have to wait for InTouch to release a new image of the machine's innards.

If you are paranoid and can live without any applications – other than IE – than this is worth a look. It could be the perfect kitchen computer, or a second machine to do a lot of Web searching or Webmail on. The only real issue I have is the price. For $350, I can get a Dell, Acer, HP mini (or others here) that has a 10 inch screen and a full version of Windows and larger hard drives, and for the price of the Secure PC I can get a full-strength laptop with a 15 inch screen. And to make things more complicated, Radio Shack is selling netbooks for $99, plus the cost of a 3G broadband wireless plan from AT&T for $60 a month for a two-year contract.

How to stop leaking data

One of the great things about the Internets is that it provides universal connectivity between your desktop and the world. But that is also a tremendous weakness and security professionals often lose sleep over how easy it is for a rogue employee to email a friend – or even his private Webmail account – their entire customer list or other confidential information.

There have been a number of products to try to track or block leaking data, and this week I was testing one of them for my WebInformant.tv video screencast series -- TrueDLP from Code Green Networks. The idea is fairly simple: you install their appliance on your network, point out your most sensitive data, and then it watches over your packets and sees what is leaving the premises. It doesn't take that long to setup and install, once you figure out what it is doing and what you are doing.

The tricky part is figuring out exactly what is your most sensitive data, and being able to focus in on it in a way that the product can identify. It comes with dozens of various templates to be able to recognize social security numbers, or names and addresses, or stock symbols, or other kinds of well-formatted data. But the real plus is being able to handle unformatted data, such as a memo about a customer's preferences that is just a Word document, for example. Code Green can connect to a SQL database and directly handle the query syntax to select particular data types, and it can also connect via WebDAV to Sharepoint servers or other document repositories too. Once you find your data, you create protection policies and tell the appliance what to do – whether to just log the violation or actually block the activity.

You also need to make sure that you are matching everything properly, because the last thing you want to have on your hands is a series of false positives that you have to chase down. You can also set up fancier things, such as automatically requiring emails between two places (such as your office and a partner) to go out encrypted. Speaking of encryption, they work with the Blue Coat Web proxies so that even if someone is using SSL connections to talk to their Webmail accounts they can take those packets apart and see what someone is doing. That is pretty spooky, but hey, you have been warned!

There are other things that the product does, such as being able to detect content on removable USB thumb drives, or even block their usage entirely. This is the way of the world: as these drives get beyond 64 GB (yes, gigabytes), they are more of a threat for someone to just literally take an entire database out the door in their pocket. I recently ran up against this when I was in my bank trying to provide documentation for a loan. I had brought a CD, a USB thumb drive, and had saved the documents on my Google account just for good measure. Because of the bank's endpoint security lockdown policies, I was 0 for 3 and had to send them the old fashioned way, by making paper copies, once I got home. At least it was nice to know that they had protected their employee's PCs.

The interesting thing is what happens after customers get their hands on this Code Green product. Lawsuits typically ensue, so to speak, because often the network administrator finds someone is doing something that they aren't supposed to be doing. One of the product managers I was working with told me that this usually happens within the first week of the product being put into production. Given that the basic price of the product is ten grand, I figure that is as close to instant ROI as you are going to get these days, considering the cost of most litigation.

So take a gander over at WebInformant.tv and watch the four-minute video of the Code Green appliance. It is a very innovative way to detect and prevent data leaks and well worth a closer look.

Has TinyURL gotten too big?

If you use a service to shorten Web links such as TinyURL, you might want to rethink your strategy and perhaps look to another service provider. Why? Because lately, TinyURL has gotten too popular, thanks to Twitter using the service to condense long links into more manageable lengths that can fit into their 140 character limits, among other users. As with many things on the Interwebs, the price of popularity is outages, what some would call being Slashdotted, after the Web site that can direct thousands of readers towards an article in a click of a mouse. And apparently TinyURL has suffered from a regular series of outages, whether due to popularity or poor IT planning, I can’t say.

TinyURL isn’t the only URL shortener, but perhaps the oldest and most well known. In an informal survey of people on my LinkedIn group, it was by far the one of choice. Most people were not aware of any downtime with the service, which isn’t surprising because unlike IM or email services that we pretty much depend on throughout the day, URL shorteners don’t report their status immediately, and usually not to the people who have created and posted the shorter links. The only way someone would find out if they weren’t working was to click on all of their shortened links and make sure that they are directed to the appropriate page.

So there are several issues here. First is the usage of these services from a general sense: they can obscure malware or exploits and they create a dependency that can increase link rot if they break. One of my correspondents alternates his shortened links with two different services, to at least cover the possibility of a single point of failure.

But the second issue is that why should anyone continue using an unreliable service, and one that will continue to get more popular as more people get comfortable with Twitter and similar services? It seems like now is a good time to consider alternatives to TinyURL, which is the subject of an article last week in by Marshall Kirkpatrtick in the ReadWriteWeb. There are probably thousands of such services, and Chris Messina has screen shots of them here.

The service notlong has a list of others, along with a more detailed comparison of their own (at notlong.com/links). What is interesting about their service is that you can have a subdomain, such as webinformant.notlong.com, that will point to your link.

Marshall recommends the bit.ly service, which was also mentioned by some of my correspondents. The only issue I have with it is the dot “ly” domain belongs to Libya, and while the relationship between any domain owner and the Libyan government is small to none, it still makes me somewhat uncomfortable. Another service that has come highly recommended is SNURL.com, which is also easy to remember and has some nice features. Google has a service call shortur that you can load on your own Web site, provided you have php support.

Good luck and let me know what your experience has been with these services.

Saving money inside your wiring closet

Here is a brief exercise in how to save some money for your company, and make yourself a hero at the same time. Do a quick census of the gear inside all of your wiring closets. You don’t have to be too anal here: just quickly estimate the number of ports, regardless of whether or not they are in use. Now use some fudge factors for the number of watts per port – if you have this information, fine, otherwise for the purposes of this tally, use 50 watts for unpowered Ethernet and 500 watts for powered ports, and add in the power consumption figures for anything else that is plugged into an electrical outlet.

Now add up the kilowatt hours and multiply by the cost of electricity in your area. If you don’t know, say 15 cents per kwh. Surprised at how big this is? Now here is where the hero part comes into play: suggest that you replace some of this gear with switches that can turn themselves off during off-hours.

Hunh? “Our networks have to operate 24x7” you say. “We can’t turn anything off. What about the people that come in on the weekends?”

Still, think about it. I got the idea after visiting Adtran this week, and they were showing me some of their switches that do just that. You can set up profiles for particular ports on the switch to shut off at certain times of the day, or to provide less power to those ports that are just running to ordinary PC endpoints. You wouldn’t think this would add up to a lot of saved juice, but if you have a lot of powered Ethernet ports – say supporting Wifi access points and VOIP phones – it can really add up quickly, into the tens of thousands of dollars a year. This could easily pay for part of the upgrade to your infrastructure.

Switches aren’t the only things that can cycle their power loads down these days. Intel’s latest multicore chips have the ability to turn off several of their cores to save on electricity, or to funnel processing to particular tasks to match their computing loads. There are virtualization provisioning products that will automatically spin up virtual servers to match increased loads, and then spin them down when the loads drop.

It is funny, when you think about it. Going green these days means getting a more powerful box and turning stuff off. Makes you stop and think, doesn’t it? Oh, and when you are done, ask your boss to give you at least a third of the savings as a bonus, and tell them I put you on to the idea. You can thank me later.

It takes a long-tailed village

You are by now no doubt familiar with the concept of the long tail, the ability of the Internet to support the most microcosmic segment, specifically targeting (say) yellow VW microbus owners or people that walk their cats on leashes or whatever oddities you can assemble. But I found myself in a conversation this week about a very different aspect of the long tail, with a deputy city manager of a small community outside of Columbus. As in Ohio.

I was in Columbus on behalf of their chamber of commerce, to visit with hi tech companies, old and new, big and small. I know, I get to go on some great junkets as a journalist. At least it wasn’t Yet Another Vegas Trip. And I actually had a good time, even got to visit a few data centers (and you know how much I love being on a raised floor, breathing in all that A/C) while I was there.

Columbus has a lot going for it as an IT destination. Cheap power, smart people, big college talent pool, and some high-profile companies that employ thousands of IT workers, including Nationwide, OCLC, and others. But it was my briefing with Dublin’s deputy city manager, Dana McDaniel, that stood out.

Dana was talking to us about how Dublin was trying to woo various hi tech companies there. It wasn’t anything I hadn’t heard before. Clean, white collar business, blah, blah, well educated, yada yada, high salaried this and that. But then he started talking about the long tail, and how he wasn’t focused on the Fortune 1000 or any other big-ticket company that could be wooed there with big tax breaks and other public give-backs. “I want the long tail,” he told us. “I want the two guys in their garage that will eventually expand and become the next big win.”

Those firms are a lot harder to find, and once you find them, they are a lot harder to keep in town. To demonstrate that what he was saying wasn’t just the usual politico hot air: he actually helped a 4-person firm stick around and now they are a 20-person firm, on the second floor above a Starbucks. (And they allow Starbucks in their town, too!)

You need to have a lot of different things that have to do with quality of life, such as a business district that has multiple eateries and bars (and with a town named Dublin, you can only imagine the choices), congestion-free travel to and from work, and mixed residential-business zones so people can live close by the office, once they move out of the garage and down the street.

Yes, you need great Internet infrastructure, and Dublin has their fiber rings, their connection to bandwidth hotels, and is even putting together muni WiFi that will cover not just the business parks but its subdivisions too. They even built a business “accelerator” that will rent out offices to up-and-coming businesses and has a full complement of services and IT support techs that are on premises. Those are the good things, the necessary things even, that today’s community needs if they are really going to make a go out of having IT people stick around, and attracting more of them from places that are high-cost, high-hassle like the coastal cities where we usually think all innovation happens in this country.

But there are more subtle things happening too. And this is where that whole long tail mumbo jumbo starts to be more meaningful. Dublin can piggy-back on the larger Columbus metro area that can fill in the gaps with people who have the right specialized knowledge that can help run companies. The area has begun a series of informal meetups and unconferences to bring together nerds of all walks of life. There is the benefit of having a big college and a federal research lab nearby but not too close, so that Dublin canpick up some of the crumbs of the attention, federal grants, and research projects that come into Columbus but not get bogged down into chasing the big ticket science that OSU and Battelle need to keep their lights on. And it helps to have a solid series of IT training classes, that are offered by TechColumbus, the downtown incubator and entrepreneurial engine that has established a branch office in Dublin.

So yes, it does take a village, to coin a phrase, one person at a time. But the next time you hear an economic development guy praise the long tail, stop and listen, because they so get what the next decade of employment opportunities is going to be.

The new real-time researcher

So hopefully you got some sleep last night after you voted, for those of you that live in America. But apart from the obvious result, our election had some other radical changes in how we consume information, and I wanted to share some thoughts. It was a historic night for these reasons, too.

The Internets have transformed those of us that are information junkies in a new way, to be our own real-time researchers, trend spotters and fact checkers. A combination of better search analytics, new technologies such as Twitter and live feeds, and even the relatively innocuous Facebook “I’ve voted” counter have put some very powerful tools in the hands of ordinary citizens.

It also helps that we had three relative rookies for our election-night network news anchors: while their talents (and take-home pay) are considerable, many of us haven’t had the relationship with Katie, Brian, and Charlie that we once had with Tom, Peter and Dan -- or even Walter, Chet and David. Part of this is the waning influence of network TV, part of it is the movement away from newspapers and newsmagazines. (US News and World Report going monthly? Who would have thought?)

But the real reason has to do with the fact that the technologies to enable our own exploration of the world have become easier and more powerful to use, and within our grasp, even if we don’t have exceptional search skills. Let’s examine each of the technologies that have contributed to this state of affairs.

First is the ability to keep on top of what people are Googling. In a post last month in the ReadWriteWeb.com, Marshall Kirkpatrick writes how listeners were doing their own fact checking by Googling certain terms during the VP debates. By looking at the aggregated searches, we see that many people learned exactly which article of the Constitution covers the powers of the Vice President and that Biden got it wrong.
http://www.readwriteweb.com/archives/google_has_changed_political_d.php

From the Google stats, we also see that Tina Fey has become a political personality, and indeed even more popular among searchers than Mr. Biden himself. Having watched many of the SNL skits, I found myself getting confused over who was the real Palin, and indeed didn’t do well on the Chicago Tribune’s photo quiz to distinguish the two women:
http://www.chicagotribune.com/entertainment/chi-palin-fey-quiz,0,5534058.triviaquiz

Speaking of those SNL skits, how many of you first watched them online versus on your living room TV? What was curious for me was that I first went to YouTube to find the videos, only to realize that NBC.com was posting them for the next-day audience on their own site. About time they figured out. How long did it take you to realize that as well? Maybe the networks finally understand the word-of-mouth day-after effects and can capture some of those page views for themselves. Do we really need an HD TV picture to see these videos when the postage-stamp a 320x240 portion of a Web browser can be just as satisfying?

In past elections, I was online most of the night, looking at the major network news Web sites, tracking the exit polls and ballots. Last night, I still did this, but there were other sites, such as Mahalo.com, that aggregated historical information so I could put this into context, and see how voting patterns from previous elections have compared with this year’s. As deep as I wanted to dive, I could easily find it with a few mouse clicks. It made the broadcast blather from the major networks even more irrelevant to me.

Having waited in line for about 70 minutes to vote yesterday morning, I was curious to see how many people voted early in the day by watching Facebook’s real-time vote counter, which passed a million votes early in the day and topped out at somewhere around 4 million by the time the polls closed in the West. Granted, this counter was more of a stunt than any analytical tool, but it gave me a very real indication that yes, we as Americans (or at least the Americans that are Facebook active users who are registered) are voting – to the rate of several hundred every second, all day long.

What about Twitter and other live feeds? We could actually follow “reports” from various self-styled correspondents and what they found during the day. The local St. Louis paper hired a few students to do just that and you could read their Tweets here:
http://www.stltoday.com/stltoday/news/stories.nsf/politics/story/5D9ADBEA5D93CCE6862574F70054E1B6?OpenDocument

One of the students, Ian Darnell, summed it up this way: “This is it. This is our time. This is how history has unfolded before us.” He could have said historicity, which was one of the hot search terms for yesterday.

Tales of the neighborhood nerd

When I was going to high school, somewhere back near the invention of electricity, being a nerd was more of a pejorative than positive. This was before movies glamorized us wearing taped-up glasses and calculators on our belt loops. Now lots of people wear their cell phones there, and we have reality shows that pair up nerds with beauty queens (I guess I was born in the wrong century). And Gates is conquering world diseases with all the dough he has collected from us, just to make it clear who has really won. Being a nerd means that I am often the go-to guy when something computerish breaks around here. Sometimes that responsibility is hard to bear, especially when word gets out around the neighborhood.

In one town where lived for many years, it was fun to solve computer problems at first. This was back in the 1990s, when people were just getting started with broadband Internet. Soon it seemed that everyone had a problem, and I was glad when I moved to the Midwest that I didn't have to play the neighborhood support tech and could live in relative obscurity.

But then I have truly passed the nerdship mantle on to my children, and it is interesting to see how the younger generation has stepped up to the plate and taken over as the new front line of support.

Both my stepson and my daughter have risen to the challenge, each in their own way. My stepson Jeremy has been supporting a friend of his whom we'll call Pete. Pete never really had a PC before and Jeremy helped guide him to upgrade an old computer lurking around his basement. He patiently spent hours on the phone talking him through some issues, helping him get a DSL connection once Pete realized that dial-up wasn't going to cut it, and then through at least three re-installs of Windows because of the various spyware and other garbage that Pete managed to collect in his surfing of questionable Web sites to build up a substantial image and video collection, if you get my drift. Pete and Jeremy both don't like going to movie theaters and have managed to download many DVDs, most of them of questionable provenance. They can find just about any video online, showing me how useless DRM is. But that will be for another column.

Jeremy is a natural PC support technician because he does telesales and has to listen to people complain and ask stupid questions – my hat is off to him, believe me I wouldn't last more than ten minutes listening to some of his callers. To help Pete out, he installed VNC to do remote diagnosis and control because he lives about 30 miles away. Then last week Pete called in a panic. He thought that Jeremy had connected to his PC and was wondering what was going on. Jeremy wasn't online, but he quickly dialed into Pete's PC and saw that someone else had found the open VNC port. Naturally, Pete didn't have a password to protect the connection, and was using the default ports of 5800/5900. The hacker was opening command windows, installing all sorts of spyware, and generally having a good time with Pete's wide-open machine. Pete had installed anti-virus and a firewall, but because he had re-installed XP so many times he had blown through his allowed licenses.

Of course, he was about to re-install XP for another time, once he disconnected from the Internet and could take control of his machine again. Perhaps now Pete has learned his lesson, although I think another re-install is in his near future.

My daughter Maia is also called upon from her college friends to help with their computer problems, and sadly had her own disaster this week with a hard drive that went south, without any backups. She is more of a Mac person because of her dedication to iPods and her own extensive collection of audio downloads. She even taught me a few things, such as the $15 iGadget tool that will allow you to copy music back to your Mac from your iPod. Maia, like Jeremy, is also adept at using the Web to find stuff, and was the first in the family to do video Skype chats. I think she was responsible for converting about a dozen of her friends to Macs.

One of the reasons that I did tech support for the 'hood was that I always learned something out of the encounters. When you poke around someone's computer, you get to see a lot of interesting stuff, sometimes things that you would rather not know about your neighbors. (Oh, the stories I could tell!) I even wrote a book about how to survive your home network (now hopelessly outdated, otherwise you know I would link to Amazon and nag you into buying a copy). So it is nice to see both kids learning new things from their experiences, and becoming the good kind of nerds.

Whether they will have their own reality TV shows remains to be seen. But at least they are now doing backups and running firewalls.

How not to steal a laptop

I have had my own laptop stolen just once, from the trunk of a locked car parked in a shopping mall, several years ago. I was putting some packages that I purchased in the trunk, and I guess someone decided to remove not only my purchases but my laptop as well. There are some happier laptop stories, and this one is just so funny, I had to share with you.

Those of you that aren't Mac users, by way of introduction all of their laptops come with built-in cameras and software that allows you to take pictures of yourself, or anyone else sitting in front of the thing, called PhotoBooth. Earlier this summer, a Michigan-based headhunter by the name of Damian Zikakis had his laptop stolen when someone broke into his offices. He replaced it a few days later and because he had used Mozy's online backup service, thought that he was covered at least in terms of being able to bring back his files from the Internet backup. This took some time to recreate all of his files.

When Zikakis had a moment to examine the layout of his new machine, he "found several incriminating files. The individuals who had my computer did not realize that the Mozy client was installed and running in the background. They had also used PhotoBooth to take pictures of themselves and had downloaded a cell phone bill that had their name on it." Zikakis did a bit of head hunting on his own and contacted the appropriate police department with this information. They were able to recover his computer, and now have the task of figuring out who actually took the laptop originally and what law enforcement options to pursue.

This is similar to another case reported earlier this year when built-in Mac remote desktop software was used to recover another laptop from a thief who happened to boot the machine up and not notice that he was automatically connected via an IM session.

Note to potential thieves: wipe your stolen laptop's disk before use.

And for those of you that want to do something more, there are a variety of software tools for both Mac and Windows that can aid in the recovery of a stolen laptop, here are the ones that I know about:

Oribicule's Undercover for Macs
MyLaptopGPS just for Windows
Computrace LoJack for Laptops has versions for both Mac and Windows
Adeona is a free open source product for both Mac and Windows

Fundraising on the Internet

You would think that in this day and age of online everywhere and social media all the time, using the Internet to help raise funds for charities would be a big business. Nevertheless, it still is in its infancy, and while there are a number of applications that can help ordinary people collect money for various causes, none are close to being anywhere as good as they should be. And none of these tools can compare with a well-maintained email list for ease of use and to actually deliver results.

I should know: for the past several years, I do an annual bike or walking charity event where I raise several thousand dollars. Some of you have graciously donated regularly, year after year. Some of you have turned into becoming your own fundraisers, and I gladly support your efforts so in effect we are just passing back and forth a donation. And one of my side efforts is the site accidentalfundraiser.com, where I do podcasts with Carol Weisman, a professional speaker who consults to non-profits on fundraising, among other things.

So here is a brief lay of the Internet fundraising landscape. I welcome your comments; please post to my Strominator blog if you don't mind, so that others can see them.

First off you may not know what cause to support. You can start with change.org, which will search more than a million non-profits, or at least so they say on their site. Another site, Idealist.org, has volunteer opportunities, internships, and other programs that you can search too.

Once you find a cause, you want to start to build your network. There are a number of tools to do this, such as fundable.com and chipin.com. You type in some details, what your goal is and when you need it by, and they will collect funds and send to your PayPal account.

What you really need at this point is a list of email addresses of potential marks, I mean, donors. All of these tools can take just a plain text list, or if you want to get fancy and personalize with the names you can create a CSV file that matches their format.

In some cases, your charity may have already made arrangements and set up their own backoffice software donation system. This is the route that the majority of events that I have been part of, such as the Komen and Avon walkathons and the MS and JDRF bikeathons. The two bigger vendors in this space are: Kintera (which is owned by BlackBaud, a vendor with a lot of other donation management products that are used by professional fundraisers) and Convio. The latter is the better of the two tools, but both are cumbersome to import your address list and manage the emails that you send out and replies that you get. And once you get your donors imported in one system, you can't easily extract this information if you have to use another one for another cause.

I use a combination of an email list with an Excel spreadsheet that tracks the donations. It is easy to see who has donated when, and while it takes some work to maintain, it is quickly portable from one event to another.

Now you might ask what about social networks? If you search Facebook for the keywords charity, donation, or social cause, you will find hundreds of apps that can be used for this purpose. Most just have a few members, which doesn't inspire confidence. The two most well known are Facebook Causes and MySpace Impact. Both are more akin to portals that connect you to various causes and non-profits. If you are a big user of either network, you can start here and see where they take you.

Outside of these efforts, there are others that are rather offbeat, such as Save the Earth, with 35,000 members. They donate money to save rainforests for everyone that installs and plays their game. Another is SocialVibe.com, which allows users of various social networks to put a "badge" on their profile pages, where they can be sponsors and collect points that go towards charitable efforts. The more profile views you have, the more money gets donated to the charity of your choice. This summer they donated $100,000 to various causes. And a company called DankApps.com has developed several social cause apps for Facebook. These apps donate two cents for every new member that installs their app, along with a revenue sharing agreement to support charities to prevent child abuse and other causes. Another idea is care2.com, with close to 10 million members on its own social network and where you click on various causes to donate.

You would think the social networks are an ideal place to raise money. After all, you have developed a nice network of your 5,000 closest "friends" and why not start here soliciting donations from them? While the social networks should be all over this, the hard reality is it is still difficult to develop applications and harder still to manage your contacts, replies and donations. The net result is that most social network apps are clunky and hard to use, and this negates any of their potential viral effects.

What I have found is that the events that I participate in have their own viral nature: people hear about what you are doing and want to do more than just send you a check, so they get involved in an event in their town. Or they get drafted into joining a team, which has its own secondary effect. If you already support various charities, you are drawn to these efforts because a) you were already giving something anyway and b) you might as well support your friends and causes that you have some personal connection to.

What about some other efforts? I have been part of Kiva.org, which collects your money and uses it to make microloans to various people around the world. The money is gradually repaid, and then you can loan it out again, a sort of miniature version of Freddie Mac (well, maybe that isn't the best example, but you get the idea). You pick the project to loan to, and you can track their progress in terms of raising what they need and the repayments.

Then there is trusera.com, run by friends of friends of mine, where you
post videos supporting various charitable efforts and plus3network.com, where you can claim sponsors per mile of various personal athletic efforts to raise money for charities.

I have just hit the highlights here. Some other good suggestions for tools can be found here:
http://www.readwriteweb.com/archives/non-profits_web_tool_kit.php

Good luck with your own social causes, and you'll be hearing from me next spring when I start up my fundraising effort for 2009.

The real motivational speaker in the family

As many of you know, one of the things that I do is professional speaking on IT-related topics. I thought you would enjoy hearing from my sister's perspective about a part of the speaking business that I didn't even think about before now. My sister was diagnosed with breast cancer in 2002 and has been healthy since her treatment. Since then we have both become advocates for various charity fundraisers that we have done annually. We were part of one of the two-day Avon events last weekend. (She walked, I served dinner and breakfast to about 5,000 people involved in the event.) We were part of a team that she had assembled of 18 people that were connected to her husband's family and friends. Most were walking the route for the first time, and at the end of the first day the majority of the walkers on our team had finished the entire 26-mile route. It was an inspiring moment, especially since most of the team were first-timers. I am very proud of Carrie: she got the team together, got them excited about the event, even got one of them to drop 50 pounds! As a friend of mine said, this would be the equivalent of me climbing to the top of K2. So here are some of her thoughts about the weekend:

This year the Avon Walk was different. It was much more of an emotional challenge and not so much of a physical challenge.

I have always thought that I wanted to be a motivational speaker. Their life seems so idyllic – they speak about their passions and encourage others to be the best they can be. Many of them have a shtick, a 45-minute formulaic talk and a three-hour workshop. Their life is organized into packets of conversation.

I tested out this career change this weekend.

Because I never do anything in a small way, I did it my usual big way. This weekend I walked with two of my sister-in-laws who have never walked more than five miles. For the twelve hours it took us to walk the entire 26-mile course, I delivered a continuous motivational speech. I drew from every workshop and speaker I have heard in the past three years. We tried chanting and visualizations, I recounted the inspiration and guides from The Spirited Walker (Carolyn Kortge) . I encouraged them that they could do anything they put their mind to, they could do so much more that they believed they could do, that when they legs grew tired, they should rely on their heart to carry them through, that passion would fuel them another mile., I recited poetry of the greatest Sufi mystic, Rumi, "Passion burns downs branch of exhaustion." I quoted Carolyn Myss, I Can Do It, creating a field of grace.

Well, we all made it to the finish line for the first day, and arrived at the camp area in time for dinner.

It feels good to make a difference, not in my completion of the 26 miles, but in showing them that they had the power, and the passion to do it too.

After twelve continuous hours of motivational speaking, I'm glad I have a job where I can sit behind a desk, type on my PC, and don't have to talk to anyone if I don't want to.

Thanks Carrie for being such an inspiration! And check out her website at survivorsretreat.com

Five things social networks can’t easily do

You know that a technology is maturing when articles such as these start appearing. First is the infatuation stage, where the iPhone or Facebook or whatever can do everything for everyone. So I thought I would lead the charge and talk about the various limitations of different social networks that I use. You are of course welcome to send in your other frustrations.

Be a truly useful publishing platform. I want something that is better than an email list server that you as my readers have to remember to update your address and opt out when you are tired of hearing from me (I hope that day never comes, but I promise not to take it personally). I want something that I can target what I write to different affinity groups, without having to set up separate sub-lists. I want something that doesn't cost an arm and a leg like iContact to track click-throughs on hot links that I so thoughtfully provide in the body of the message. I want something that the bad guys can't easily compromise and send out spurious messages to my loyal readers. I know, I am asking for a lot.

There are a lot of contenders, including RSS feed-like elements of Plaxo, Facebook, FriendFeed, Twitter, and others, but they don't deliver the goods, quite literally, aren't flexible enough to do more than send link notifications (which isn't as effective as email), and not everyone on my mailing list wants to use or even knows about these various technologies. Plus, none of these technologies really works as well as an email list for immediacy and response rates, which is why, when all is said and done, I am still using Mailman as my main distribution mechanism of my Web Informant newsletter and essays. (And hopefully will do a better job of backups, see last week's missive for that tale of woe.)

Workable LinkedIn Groups. With triple opt-in, these are cumbersome at best, and annoying at worst. Ideally, LinkedIn could be my publishing platform, if only they could get their groups act together. But again, these rely on email notifications and only recently did LinkedIn add the ability to do threaded discussions.

Search, I still say that getting search right is the hardest thing about the Web 2.0 stuff, and most of the social networks give it short shrift. They all have some kind of search function, but they are designed for searching for names of people and not much else. LinkedIn has the ability to search for job function and location, and that is probably the one search function that I use more often. Try doing this in other services is more an exercise in frustration. To be truly useful, a social network should be able to create saved searches (you have to pay for this on LinkedIn by installing their spam-tool bar) that you can return to, or search for more recent updates to your network other than the default listing that is provided by the operator of the network. As an example, how about telling me who on my contact list has joined the network since my last login like Plaxo does in its weekly email update? To accomplish this query elsewhere takes many steps and is cumbersome.

Synchronize and update my Gmail contacts. With 9000 contacts, I know that the vast majority of them are outdated, but what can anyone do? Wouldn't it be nice to synchronize all your social network contacts in the one place that you use them, which for me is Gmail? Sorry no can do kemosabe. Yes, Plaxo Pulse can import from Gmail but not the other way around. Cemaphore's Mail Shadow G can synch Gmail and Outlook contacts, but that doesn't really help me out. And while this is probably anecdotal, it seems that those people that update their contact info, the first place that they update it is in LinkedIn because this is the first step towards getting one's job search act together.

Separate my work and personal identities. So much has been written about this warning people about the commingling of your play and work activities, I won't add to it here. But, if you are concerned, you right now have not many choices: don't include any personal information in your social network profile, or set up an alias and be selective about whom you invite to connect with you. Neither really works.

Are these all showstoppers keeping me from doing real productive things on social networks? Nope. But it would be nice to do more. And speaking of doing more, my podcasting partner Paul Gillin has electronic pre-release copies of his book "Secrets of Social Media Marketing" available on his Web site here, and you can pre-order the book as well.
http://ssmmBook.com

The shoemakers children ...

You know the saying, about how the ones who supposedly should know better, well, don't. I was recently reminded of this after a couple of my own experiences. I was having lunch with a friend of mine who owns so many domains that she did a lookup on what she thought was a great name only to find out that she actually already registered it. So let me also come clean here, and tell you how I can also be like this friend and mess up too. I know it may hurt, but supposedly confession can be good.

So my first tale is about how I almost lost the subscriber list for this newsletter that you are reading in your comfy inbox right now. Yes, I have all sorts of backup routines that I have developed because of what happened many years when my office was above a music store (and a Subway, boy do I miss that convenience). The store had an electrical short that caused a small fire. Just before the fire started, I had ducked out for a few minutes to run an errand, and by the time I came back the fire department had roped off the building. Luckily, nothing was damaged in my office, other than the front door that the firemen broke down to make sure that the fire hadn't spread upstairs. Now, I had been doing my backups on tape. Where were those tapes you might ask? Sitting right next to my server. Since then I have gotten offsite backup religion big time and make sure that one copy of everything is always somewhere other than my office.

Or so I thought. The one thing – and I hope it is the only thing – that I didn't have a current backup for is the actual list of my subscribers. Well, I had done one in March, but I really didn't want to go through the process of trying to update that.

My mail list server used to be located in a friend of a friend's house. Granted, this person is one of the original Internet Wise Men. But still, even the wisest of wise men have server crashes from time to time, and his server crashed last week, taking my list down for a week. That was all the motivation that I needed to start a new list on a "real" provider (I am using EMWD.com, which offers Mailman hosting for $4 a month for low volume lists. They seem to know what they are doing, they are usually reachable via email queries, and I don't have to learn yet another list server's quirks since I have been using Mailman for several years now.) And it is relatively simple to make backup copies of the entire subscriber list: all it takes is sending a single email command to the server and storing the reply. Which I now will do on a regular basis.

What both of these experiences have taught me was that no matter how I analyze my data backup and procedures, there is always room for improvement. You can't think of everything. And the key to backups is doing them regularly. Sort of like flossing your teeth, which I need to do more often too. But not just relying on the guilt generated from not doing them (in the case of my teeth, by my hygenist) but a regular procedure that can easily and quickly be implemented so that it doesn't get postponed because something else of higher priority comes along.

Next I want to tell you about my new iPhone. Yes, I know, I am a little slow to embrace this baby, no need to abuse me about it. The story is within about an hour of getting the thing, I was on it talking to my daughter for tech support. The shame, I know. She thought it was funny. But then I had another question shortly after that. And this is after spending hours reading all sorts of stuff about all the 57 different analysts and tech bloggers that are in love with their iPhones and have done all sorts of cool stuff with theirs. Welcome to 2008, Strom.

Finally is my thoughts about WebInformant.tv, my new screencast product reviews site. After putting together the first bunch of videos, I realize that the content sits on four servers: one where the actual videos reside, one that hosts the Web site proper, another one that has the RSS feed, another server back in my office that has the original copies of the videos. And this doesn't count the numerous other servers that repurpose the videos, too.

Do I really need such a complex system to deploy this service? Not really, it just grew into this, because I wanted to use the best tools from a variety of places. Yes, I could eliminate the server that delivers the RSS, but the one that comes with the Web site is pretty lame. I know this is often how many of you end up with unsupported systems, but at least I have documented where all the files are kept and the process by which I post a new one (and this is of course backed up in a few places, too.)

So I hope you have enjoyed these tales of torment. Have a nice weekend, and keep those backups safe.

The 140-character attention span

Call it GenT, the Twitter and texting generation. We are all becoming ADD, to the point where we can't spend large blocks of time concentrating anymore. We are so over-stimulated, what with 10,000 Web sites (or is 10 million, I can't accurately say) a minute being added to the collective cosmos, and updating all of our social network feeds, and whatnot.

Twitter, for those of you stuck back in the old school world where you still use your computer for communication, is the "micro-blogging" service that sends a 140 character line of text to your friends and followers who subscribe to your postings. You can use your mobile phone or a traditional Web page, and the information is sent almost instantaneously, at least when the service is running. I am not yet a fan. Texting I don't think I have to explain anymore.

But with texting and Twitter, what has happened is that we have created the first entirely post-email generation. Look at both of our presidential candidates: one doesn't use it personally, and the other has gone so GenT that he doesn't need email to get the word out to his supporters. (An aside: the current issue of Technology Review has an interesting article about Obama's use of social networks here:)
https://www.technologyreview.com/Infotech/21222

Those of us that grew up on email back in the quaint text-only, pre-Web days all know the reasons why we went with email: no phone tag, near-time responses, planet-wide connectivity, flattening organizations, micro-targeted responses. Yada yada.

Well, those same reasons are being used by the GenT'ers: in the time it would take me to compose a reasonably simple email message, I could have texted someone and gotten a response, posted it on my Twitter feed and had thousands of my closest "friends" tell me what they think, and moved on to my next activity. Email is so five minutes ago.

And email tag is just as much of a productivity drag – in some cases worse than voice mail hell. We have all gotten those endless threaded messages where we don't even remember what the original question that started the whole shooting match was about. Even exchanging Instant Messages is not fast enough, especially if your correspondents forget to turn on their "Away message" when they by chance get up from their chair for a few moments off-screen. You wonder what has become of them, and why aren't they not answering your IM?

When my daughter was in her early teens, it was IM that kept us connected. Now if I really need to find my kids, it is via text. Email is usually the worse way to try to get their attention None of them have Twitter feeds yet. I consider myself lucky.

Another trendlet: Thanks to all of these GenT services, now having a single monitor attached to your PC isn't enough screen real estate. You need at least two, and sometimes three LCDs to show all your scrolling feeds, IM buddy lists, and up-to-the-moment "tweets" in addition to the normal email and word processing windows. (I keep calling them "twits," that must be a Freudian slip.)

When was the last time you sat down for a couple of hours and got into a book? You know, those funny things that you buy from Amazon that don't have any electronic interface that you actually have to turn pages, and read every word? Talk about quaint, grandpaw. Back in my day, we used to walk five miles in deep snow to school, carrying these objects, too.

Nicholas Carr talks about this in his article in Atlantic this month entitled, "Is Google making us stupid?" Don't be misled by the hed. He talks about how his concentration wanes after reading a few pages, and "deep reading has become a struggle. The more they use the Web, the more they have to fight to stay focused on long pieces of writing." Indeed, I was fighting just getting to the end of his story, and that was only 4,000 words. Try tweeting all of that!
http://www.theatlantic.com/doc/200807/google

But we aren't stupider, I mean less smart, because of Google or all the GenT tech: we are just more impatient. One network manager at a small college told me how he deals with peer file stealing: rather than turn it off, he just adds a few seconds delay into the connection during the work day, so that the students bail out of the connection and come back at night when he turns off the delays. If he just shut it off, they would be motivated to figure out a way around the block, but most of the students are too ADD to abide by the delays and move on to something else, knowing they can come back at night to grab their files.

This post-email GenT stuff is ironic for me to say the least, especially to someone who wrote a book on Internet email, let alone reads lot of them still. Years from now we will look back on this period much like we examine other accidents of history, like the Truman Doctrine and the Dred Scott decision: things that seemed important at the time, but now are mostly the subjects of junior high research papers. Yes, email is still around for us old fogies that insist on using all of our hard-learned touch-typing fingers to communicate, but it won't be long now. In the meantime, you can subscribe to my feed here and keep up with all the important moments in my life:
http://friendfeed.com/davidstrom

Yeah, but is it art?

Many of you know that I am a big museumgoer. And this weekend was no exception: I managed to visit three excellent ones. One of them, the Nelson-Atkins Museum in Kansas City, had a flyer about their upcoming video programming and that got me thinking about how we consume works of art in today's online world.

First off, I should tell you that I am not a very possessive and materialistic kind of guy. I don't like to have lots of things, other than books, and for the most part enjoy art for art's sake, for the opportunity to look at something unusual, beautiful, provocative, whatever. I haven't owned a lot of art works either: most of the time I enjoy seeing a picture or sculpture in a museum or gallery that I have seen a reproduction or read about, sort of like coming across an old friend that you haven't seen in a long time.

The museum's flyer mentioned a few works of art that are rather intriguing because they combine data visualization, virtual reality, 3D gaming environments and the Web into a new medium that leverages all of these but goes in a completely new direction. Most of the Web-based art that I have seen over the years is very static, drawing pretty pictures or using computer code to generate a series of images.

One show that I went to at New York's PS1 five years ago had some interesting uses of physics with art, but wasn't really about online works:
http://strom.com/awards/338.html

But when it comes to art that can only be viewed online, what is our role as art consumers? Should we want to "own" a copy, whatever that means? It is enough to have a URL that we can link to it, and hope that the link doesn't break over time? Should an artist maintain a server of his works, or encourage visitors to freely copy them? What happens when the software that supports the work becomes obsolete, or the hardware platform is no longer being manufactured? Should an artist attempt to use open source tools and methods so that others can modify, mashup, or extract his works? And what is really art, anyway? Dada dot com, here we go again.

As you can see, I had lots of questions, and not many answers. The notion about what are these new art forms started me to do some Web research about how visual artists are using the Internet today. Some of the early efforts involved using video games as a medium: the art form, as it were, was the artist as a director for the games' characters and creating new situations that were captured digitally.

But the really interesting stuff happens when you get an artist who knows how to program. An example of this is Sheldon Brown's Scalable City, which was shown earlier this year at San Francisco's Exploratorium (a truly wonderful place in its own right) and can be seen in this video online:
http://www.experimentalgamelab.net/movies/moca_documentation_large.mov

Jon Phillips, who is another artist-cum-programmer, talks about using the Creative Commons license to allow the public to freely modify his works. You gotta love an artist that on his blog (rejon.org) publishes code to tweak his memory registers. He has begun an effort called openclipart.org, which sadly doesn't allow one to preview the clips very easily.

Not everything is about the visual arts either. John Keston's Audiocookbook.org posts a new sound clip every day that will "inspire you, give you an idea or simply entertain" and the material is also CC licensed.

If you are in Kansas City on September 26, check out the evening lectures (Phillips will be there) at the Nelson-Atkins. I think you will find them interesting.
http://www.nelson-atkins.org/calendar/EventDetail.cfm?id=9431

Announcing WebInformant.tv, sponsored screencast reviews

Web Informant Announcing WebInformant.tv, sponsored screencast reviews

We have officially crossed over from the TV generation to the Internet generation: a recent study from Doubleclick Performics shows that more teens now spend more time in front of their PCs than their TVs. Call it the YouTube generation, blame it on last fall’s writer’s strike or too many channels and Nothing Is On, but let’s face it, the days of watching TV on our TVs seem so quaint now. And Google just came out with a new browser optimized for videos today.

I have decided to join the You Tube generation myself, and this summer I have begun to create a new kind of content for you, my beloved and loyal audience. Let me take a moment to indulge in some shameless self promotion, and also tell you a bit more about what you can see on my new venture called WebInformant.tv.

Most of my professional life has been spent explaining technologies that I use to various corporate IT audiences: first writing reports for the US government and then Megalopolis Insurance in their early attempts at supporting end-user computing. Later on I worked for Ziff, CMP, IDG, JupiterMedia and TechTarget in various capacities – starting magazines and editing Web sites and writing thousands of magazine articles and two books. It is a body of work that I am proud of, and still enjoy freelance work for all five of the major tech publishers. As cartoonist Lynda Barry said in a lecture last week, “A friend told me: You have managed to make a pretty decent living by just being yourself -- well, I have tried and failed at everything else." I know exactly how she feels.

For several years I have been saying that missing from this corpus is video tutorials that show IT people how technology is actually being used, putting it through the typical paces that they would want and being able to see the screens and the logic flow of the product. I try to do this in all of my product reviews, and one of the reasons why I feel I have been successful is that I can capture this ethic and point of view very accurately in my articles.

So what is this new venture? WebInformant.tv is a series of sponsored video screencast product reviews. Sponsored means that the product’s vendor pays me to produce them. Right now it is just a one-person operation: I do everything from pick the products to write the scripts to produce the videos and promote and post them online. While this is a lot of work, it is very invigorating and thrilling too. I am looking at licensing, if that is the right word, this operation with other tech journalists whose work I respect, but ultimately this is my show. The vendors get simple up or down script approval, so the words you hear on these videos are really my own thoughts and opinions. Each video is about five minutes, and has things that I liked and didn’t like about each product.

The word screencast has been used by TechSmith’s Camtasia to describe PC screen recordings – what you are watching is not a movie of my mug, but as if the video camera was focused on the PC’s monitor and watching what I was doing with my mouse and menu clicks. You hear my voice narrating the video and giving context to what you are watching. I try to pack a lot of information into the five minutes, so you get a feel for the product and why you would or wouldn’t want to use it.

I am not the first person to do screencasts in a big way – Jon Udell was doing them for several years when he worked at Infoworld, and I appreciate his skills and leadership here. And there are other products that do this – Screenflow for the Mac and Adobe's Captivate are just two of them. There are free services also at screencast-o-matic.com, uTIPu.com and freescreencast.com too. (You see, I just can't help myself, have to go and compare tech.) I like Camtasia and have figured out most of its quirks to make it work for me.

The products that I review lend themselves to visual explanations: the first series that I have produced include SkyRecon’s StormShield and eEye’s Blink – both of which are endpoint security products that protect a Windows desktop from a series of attacks. There is also Secure Computing’s TrustedSource.org service, where you can look up the reputation of a particular domain and see what email servers have been sending messages on that domain’s behalf. And the products range from the free Timedriver.com appointment scheduling service to ones that cost several thousand dollars.

There are also very complex products that I have posted reviews: Servoy Developer is useful for building rapid Java applications that can run unchanged on both desktop and inside a Web browser. Altiris Workflow Solution from Symantec is great for automating just about any computing task and can leverage some very powerful data mining techniques.

One of the interesting things that I am doing with WebInformant.tv is turning the model of content creation on its head. In the past, I wrote articles that were copyrighted by the publishers and posted on their Web sites only. With the screencasts, I want to distribute the content as widely as possible, as long as my branding and message remains intact. Once the video is posted on my site, it is also cross-posted on many other video sharing sites, including You Tube, Google Video, and others that specialize in how-to information. The vendors get their own copy that they can distribute as well as part of their marketing materials, or to augment their own Web sites, or whatever. Some of the vendors that I have begun to work with have created their own screencasts, so they clearly understand the power of this brave new world. By the way, the site Veoh.com does a nice job of cross-posting videos, definitely worth a closer look.

There are other reviews in the works, and I hope to be able to continue to enrich the site with new products for a long time to come, and grow my own video “channel” into a more vibrant place. And don't worry: I'll still be writing and editing, blogging and podcasting, and speaking around the world as always. This is just another arrow in my quiver, another way to enhance my brand, and something new to keep it fun.

Those of you that work or do PR for a vendor and want to sponsor me to review your products, send me a quick note and I can provide more specifics. And I welcome your feedback as always on how to improve the videos and make them more useful for your own situation. Enjoy watching Webinformant.tv! If you want to subscribe via RSS to keep updated when I add new ones, add this URL to your reader:
http://www.dailymotion.com/rss/videos/davidstrom/1

Leave off the last s for (in)security

Those of us that grew up in the Big Apple remember those obnoxious ads for 1-800-Mattress where the announcer told us to "leave off the last s for savings." The company is still selling bedding and still preying on the general public for its lack of spelling prowess. (They actually purchased the 800 numbers with the misspelled names because so many customers dialed them, but that is a story for another time.)

My point today is about that ending 's' but in another place that might have you losing sleep. I am reminded of their little ditty with an email from a reader who asks if there are many eCommerce sites that still don't use secure Web pages (where they use https: instead of just plain http:) for their shopping carts.

Sadly, they do still exist. I ask you all if you come across examples, to email them to me and I will add them to my strominator.com blog post and publicly shun them. It is time we put a stop to this shoddy practice. Come on people, this is the new millennium, we have better things to worry about, and this is not new technology or hard to do. Why just this week I purchased an SSL certificate – what you need to turn your Web server from http into https -- and it took all of about 10 minutes and less than $50. Godaddy makes it relatively easy to get one and get it setup, and if you don't want to use theirs, there are dozens of others who will take even more of your money for one.

Even Google's Gmail has gotten on board the https cluetrain: last week they turned on a very nice option that forces your browser to open a secure session when you are reading your Gmail account (go to Settings and scroll down to the "browser connection" choice and click the button to "always use https" and then click on save, it is that easy. If you use Gmail, go and do this now and you can thank me later.

Why is this important? Because someone can hijack your browser session and obtain personal information if you leave off the last 's'. This is especially the case when you are using a shared public computer, such as at an airport or library. But it can happen even if you are at work, if your work network has a wireless segment that anyone can see your traffic on just by sitting outside your building, or if someone brought an infected laptop into the office that is recording your sessions.

My correspondent wrote to the eCommerce vendor (in this case, it was the photo printing and sharing site Fotki.com) and asked why they did leave off the last 's.' This is what he got in a reply:

Please don't worry about missing padlock, we no longer use HTTPS on our payment page, because web browsers tend to send warning messages about web page security and some users get confused with that. All credit card transactions are going through the secure network and properly encrypted by means of Java Scripting.

Yeah, and some users are still misspelling "mattress" too and dialing the wrong numbers. Steer clear of these Web sites that are trying to make it easier for others to steal your personal information. And don't leave off that last 's' unless you plan on spending some sleepless nights when your identity is compromised.

Managing contacts

Last week's thoughts about the past ten years of email have got me thinking about how we collect, maintain, and use our digital contacts. And really, when you think about what and how you use email, it is all about staying in touch with people that we have met, and answering and asking their questions.

To do this right, you need a decent contact manager. And over the years I have used dozens of products, starting with a venerable rolodex card file back in the pre-computer days. There was a great and simple program called Dynodex that ran on Macs that I used for many years: it was fast, it didn't take up tons of screen or computer real estate, and it didn't have a lot of fields to mess with. Right now I use Gmail's contact manager, and while it is cumbersome to have all my contacts online, it isn't fatal, even when (as what happened earlier this week) when Gmail goes down.

I tell you up front that I am not a big fan of Microsoft Outlook. Outlook standalone, without Exchange, is overkill for me, and besides, it ties me too closely to Windows. But there are some people that swear by it (and sometimes swear at it). My sister's company uses Outlook in standalone mode, which is probably the worst choice for any enterprise contact system.

Some people love ACT for keeping track of contacts: I think it is also overkill, and the latest versions have suffered from feature bloat. Really, all I need besides a person's name and email address is a phone number and maybe a short description or job title. I can search through my Gmail archive and see all of my correspondence with that individual, so I don't need to replicate that in ACT. I realize that many people want a lot more out of their contact managers, and that is why ACT and Outlook are so popular.

There are several things that I look for in a contact manager. One is the ability to put a single contact in multiple groups: for example, I could have a client who is a CIO that also is someone that lives in Boston. This person would be in three different contact groups: clients, CIOs, and Bostonians. I have about 50 different groups in Gmail, and one of the reasons I like the service is because I can have this kind of structure – and also for my emails too. Outlook and other desktop emailers only allow messages to be placed in a single "folder." Gmail uses labels, and you can have an almost unlimited number of them, but more importantly, each message can have multiple labels attached. Why is this important? You want to be able to sort through similar collections of people, or find out who on your list meets particular criteria, just to name two actions. Once you start using labels and groups, you wonder how you ever got along without them.

Another test is what happens when the contacts aren't personal, and need to be shared around your enterprise. Then you might want to consider one of several hosted contact management services. I actually wrote something about this for the New York Times last year:
http://www.nytimes.com/2007/11/14/business/smallbusiness/14contact.html

And then there is the issue of what happens when you want to migrate from one contact manager to another, and that is usually hard to do. While most products support some kind of import and export feature, the devil is in the details: for example, Gmail doesn't allow you to export your group memberships of each contact, so you have to re-create that even if you export from one account and import to another Gmail account. Others don't fare well with the free-form text fields: if you have commas or other punctuation inside them, they will mess up the particular contact record.

There are other online services that are somewhat useful for managing contacts, such as Plaxo's Pulse and LinkedIn. Neither works well enough for me to use them exclusively, but are helpful to keep track of when someone has moved to a new job (or in the case of LinkedIn, about to consider such a change). There are also other synchronizing services, such as Glide, but it didn't like to deal with 9,000 addresses and took a while to catch up.

Stepping into this space are the various social networks that try to enumerate all your "friends" but again they are flawed: not everyone you know is a member of one particular social network, and not everyone wants to use the social network as a means to keep up with their business contacts (seeing people's sexual or religious preferences for my business contacts comes under the heading of Too Much Information, for example).

Ideally, I would like one system to use for maintaining my contacts that could also be used as a publishing platform for this newsletter, so you could subscribe to various other editorial products of mine for example, or change the way you hear from me. Most of you like these weekly emails, but not everyone – some people want RSS feeds, for example, which is why I cross post the Web Informant on my Strominator blog too. (I know, brand confusion: I probably should fix this sometime soon.) The social network that understands that will get my immediate attention, for sure.

Ten years of email

This week Google's Gmail crossed the 7 GB storage threshold – meaning
that anyone can get a mailbox with at least that much storage, and for
free, too. (The size continues to increase slightly each day, wonder
of wonders.) It made me stop and think about how much my email habits
have changed in the past ten years, when Marshall Rose and I sat down
to write a book about Internet emails. Back then, 7 GB was a lot of
room for your mailbox, and I don't think anyone imagined that we would
have it free of charge, either.

Of course, one thing that is very odd is that Gmail has been in beta
like, forever it seems. (We are coming up on close to 5 years.) I
wonder when Google will consider it good enough for a release
candidate? If this had been Microsoft, we would be on v 3.1 or
something by now, for sure. One wag suggested that the real product
name is "Gmail Beta." Har har.

Ten years ago, I was using desktop email software to store my
messages. If memory serves me, I used a succession of products,
including Eudora, Thunderbird, and Lotus Notes. When I had problems
with T-bird corrupting my messages about two and a half years ago, I
switched to Gmail, and have been a pretty happy camper for the most
part. What is interesting is that Google hosts the email for my
strom.com domain, again, completely free of charge and with a very
capable user interface as well. I don't need to store my emails on any
desktop, because it lives in the cloud.

So ten years ago, we had the following email programs popular enough
that we included them in our book: Lotus cc:Mail (extinct), Netscape
Messenger (extinct but replaced by Thunderbird you could say), Eudora
Pro (still very much alive, although no longer under the thumb of a
phone handset maker thankfully), Compuserve (not extinct but should
be), AOL (ditto and back then it was on v3), and Microsoft's Outlook
Express (v4 that came with IE v4, and replaced with the Mail app in
Vista).

Curiously, CS and cc:Mail were proprietary software that didn't start
out using Internet protocols and standards, and had their basis in
local area networks (cc:Mail) and closed online systems (Compuserve).
The ones that are still among us are Internet-savvy. Indeed, you could
say that AOL had one of the first popular gateways to Internet emails
(although MCIMail beat it by several years, it wasn't very popular).
Compuserve was also very popular in its day, despite having email
addresses that only a geek could love like 73234,5869. Trying saying
that string often to your friends.

Back ten years ago, we didn't have Web-based emailers that were worth
much of anything. They had few features, couldn't really interoperate
with all that many browsers, and had lots of other quirks. Outlook's
Web interface was dog slow and required all sorts of tricks to work
across a public Internet connection. We wrote in our book: "Either the
market will enforce adult supervision … whereby IMAP technology is …
standardized or a huge opportunity will open up for Web-based email
readers." Gmail has tried to play both ends here, with its support of
the IMAP protocols as part of its service.

In our book, we introduced the concept of having 100% pure Internet
for your email – having products that faithfully implement Internet
standards natively if possible. And yes, Notes/Domino, Groupwise, and
Exchange are all far from 100% pure, which is why they are in decline.

Back ten years ago, email was still a relatively new concept for
corporate communications. You could still find pockets of people who
weren't accessible via a "dot com" email address, and not that many
people put their email address on their business card. It was rare to
find a corporation that would be diligent about answering their emails
from their customers in a timely fashion. Well, some things don't ever
change.

Back then we didn't have the broadband penetration that we do now, and
certainly not the Wifi penetration that we have now. It is perhaps
harder to resist the urge to check your email because it is so
available. With Blackberries, iPhones, and Internet kiosks everywhere
you don't even need a laptop to stay connected. And the US is even far
behind other countries now, sad to say. Ten years ago we still had
dial up modems that we used to get connected. I haven't touched a
modem in so long that I can't remember when, but it was probably
around ten years ago when I started tossing them and not carrying them
on business trips anymore.

One thing that hasn't changed much in ten years is secure email usage:
almost no one does this, despite some major advances in encryption
ease of use. In our book, we called the state of secure email
standards "a sucking chest wound" saying that no one has a solution
that is multivendor, interoperable, and Internet standards based. That
is mostly true today, although there are some solutions that do a
better job at hiding the certificate management and automatically
decrypt and encrypt message traffic. And several multivendor attempts
in the past decade to standardize on approaches have mostly met with
failure. Still, despite the many well-publicized breaches, secure
email remains out of reach of ordinary humans.

I hope you enjoyed my trip down email memory lane. Certainly, email
has become the glue that binds together so much of our communications.

When good companies make bad products

What do Zimbra, Knol and MobileMe have in common? All three have come out in the past month, all from companies that have loyal customers and solid revenues, and all three are dogs. Yahoo, Google, and Apple should know better: don't push something out the door before it is baked. I've tried them all, and while I haven't spent tons of time to review them, I have seen enough to know that none of them are ready for real customers.

Zimbra is Yahoo's answer to a desktop email client, like Thunderbird, Microsoft Outlook, or something similar. It allows you to combine a variety of Web-based emailers like Yahoo Mail, Gmail, and AOL (remember them? I know, there are still a few people in my life that insist on using AOL, try to be kind to them and not sneer) into one unified inbox. The trouble is, it is a product that would have been innovative say back in 1997 or 1998. But today? Nope. Gmail does a terrific job organizing my email, and can collect emails from other systems, too.

Yahoo's email software has always been a day late and a dollar short, sorry guys. Icahn doesn't love you for your email – indeed, if he ever did use a computer, that would probably be the last email product he would pick up. It is clunky, the user interface (both the classic one and the current one) are used in classes on bad design principles, and when you have to manage multiple accounts it bogs down like quicksand. Into this environment we have a solution: let's develop a client emailer! Well, at least give them points for diversity training: it comes in Mac, Windows, and Linux flavors. But a dressed up pig still stinks.

I also don't want to go back to a desktop email client for several reasons: First, because I use several computers during the course of my average day, and when I am on the road I don't want to have to bring my laptop and fight through the TSA screening lines and cart it up and down concourses and escalators ad infinitum. Second, because I have forgotten how to set up POP and IMAP mail servers and don't want to have to dig out my book (which I wrote with Marshall Rose back in 1998) to remember how to do it. Finally, I don't want to have to backup my desktop email archive: having it sorted out by Google's Gmail means I don't have to deal with this chore. Scratch Zimbra.

MobileMe is Apple's latest incarnation to its dot Mac service. It's failures have been well documented, and it has been amusing to watch Apple stumble on this one. Again, give them some points for having both a Windows and Mac versions, but they didn't quite get it right: the Windows version doesn't run on Internet Explorer. Hunh? What reality distortion field were you living in, Steve baby? I mean, what do you expect all those Windows users to do, move over to Safari or Firefox just to run your nifty software? I even said Apple's choice of nomenclature was prophetic: remember Windows Me, the version that lasted all of a few months before Microsoft realized what a dog it was? MobileMe is the Apple version for the rest of us.

And now we have Google's attempt at creating another Wikipedia with Knol. Isn't one Wiki-tiki-web site enough for our universe? And I mean the good folks over there all due respect. I like Wikipedia, it is responsible for endless hours of amusement and resolving pivotal factual arguments in my life. Granted, Knol has some nifty name verification features, so that you can at least have some clue who is writing all that free content and whether you want to trust them when you have to cut and paste it into your next term paper. But I couldn't verify my name using either with a credit card or phone number, probably because I have just moved and the addresses aren't on file. Oh well.

But more importantly, why oh why would Google get into the content creation business just to piss off every one of their advertising partners? It doesn't make any AdSense. Some have already claimed that Google IS in the content business already, we just haven't been paying attention. I will leave that argument for another day.

Knol, MobileMe, and Zimbra are all cases of bad products coming from otherwise good companies. Notice I didn't draw any parallels to any number of past Microsoft products, like Bob, Vista, DOS 4, or even MSN for that matter. Remember those?

If you have your favorite bad-product-from-good-company story, please share.

Using OpenDNS to protect your network

This week we had another Internet security exploit revealed. And while I don't want to get into the details, let's just say that if you aren't using OpenDNS.com for your home network, now is the time to take the five minutes and get it done. It is simple (well, as these things go), it is free, and it will protect you from any number of issues in the future. And you might get better browsing performance as a result.

Before I tell you how to do this, let's have a brief explanation of what the Domain Name System is for those of you that really want to know. Think of what a phone book (remember them, before we used online searches to look up a friend's number, seems so quaint now) does – it allows you if you know someone's name to look up their phone number. The names are in alphabetical order, so if you know the alphabet, you can quickly page through and find the person, if they are listed.

The DNS does something similar, except for computers: if you type in "google.com" it translates that name into a sequence of four numbers, called an IP address, which in this case for google.com is 72.14.207.99. Paul Mockapetris, a gentleman I have spent some time with and one of the Internet bright lights, put the thing together in the early 1980s, which is enshrined in RFC 882, even before Al Gore had invented the Internet itself.
http://tools.ietf.org/html/rfc882

The overall Internet infrastructure has a series of master phone books, or DNS root servers, located at strategic places around the world and maintained by a collection of public, semi-public, and private providers. They talk to each other on a regular basis, to make sure that as we add new domains they are in synch. As you can imagine, if someone wants to "poison" one of the entries, or misdirect Internet traffic to a phony domain, it can be done with the right amount of subterfuge.

Here is where OpenDNS comes into play. When you set up your home network, typically you don't give your DNS settings any further thought. If you have a cable or DSL modem, you hook it up and it automatically gets its DNS settings from the cable or phone company's DNS servers.

What I am suggesting is that you change these settings, to reflect the DNS servers at OpenDNS. There are instructions on their Web site, but basically you specify the two (one is used for backup) DNS IP addresses for your router or DSL/cable modem. If you have a wireless gateway from Netgear or someone similar, you make the entries there. You need to know the router's IP address, and how to access it via its Web interface.

There are a few nice things about using OpenDNS. First, you can set it up to block objectionable domains, so that you might be able to get around your kids seeing something that you would rather they didn't. They also spend time to block known exploit domains, so you have a better chance of not getting trapped by some hacker. You also get better DNS service, because they have servers that will return the domains supposedly faster than the ones for the general Internet. They also catch common typos, so if you are like me and make mistakes typing in names in your browser, they can usually direct you to the place you intended.

How do they make money? If you type in an unknown domain name, you are directed to their search page where they show ads, just like the Google search pages.

OpenDNS is not the answer for everyone, and businesses should go a step further and protect their DNS servers on their networks. While I don't want to get into that here, you can find out more about the explot from the experts, start with this blog post here:
http://www.circleid.com/posts/87143_dns_not_a_guessing_game/

It is sad that the Internet is at risk: this exploit is serious, and goes at the core protocol that everyone uses all day long. Hopefully, the engineers will find a fix soon.

A grown-up's guide to legal music downloads

The reason for the title is simple: we all know that a world of music is available for the stealing from any number of sites. But if you want to download music legally – and if you are going to pay for it you might as well get it without any DRM copy protection restrictions -- what are your choices?

Before embarking on this project, I asked my kids if they have ever heard of any of these services. Other than iTunes, I got blank stares. Of course, none of them pay for their digital music, and don't care. Here are the five sites that I spent time with:

eMusic.com offers several different monthly subscription plans for what they claim are from two million DRM-free songs. The cheapest is for 30 song downloads at $12 per month, up to the most expensive at $20 for 75 songs a month. No matter which plan, you get 50 free downloads and you can cancel your subscription at any time. If you want to be really mercenary about the whole deal, you can sign up, take your 50 songs, and cancel within the same day, without spending a dime. You have to sign up before you can browse their store, however.

Rhapsody.com from Real Networks claims more than four million songs, and you can just listen to the full length of up to 25 tracks a month for free, provided you sign up and give them the right to send you unlimited email solicitations. (They are a bix obnoxious in that regard.) If you want to download them, you pay 99 cents per most songs or $10 per most albums. You can only download a song once, and if you use their Windows software, it will automatically add the songs to iTunes (but not Windows Media, they are still a bit huffy after the lawsuits). Mac or Linux users can download a zip file with multiple songs included, and then you have to manually import them into your music library.

Amazon.com has "millions" of songs, but unlike Rhapsody you can only listen to a 30 second sample and not the entire song. They have optional downloading software for Windows, Linux and Mac that will add them automatically to iTunes (or Windows Media) and makes buying multiple tracks simple. If you don't use the downloader, you have to download one track at a time. Each song is 89 or 99 cents, albums range from $6 to $10. The ones I purchased had fairly high encoding rates of 256 kbps. You can only download them once like Rhapsody.

iTunes Music Store (who claims a catalog of five million songs) is beginning to experiment with DRM-free music from some of its publishers. The songs are 256 kbps encoded and cost the same as the copy protected songs. If you have bought a DRM'ed version previously you can upgrade for an additional 30 cents a track or a third of the price of the original album purchase. To do this (not that you want to give Apple any more dough), you go to the iTunes Store within the latest version of the software, click on the link for "iTunes Plus," and then click on the upgrade button. It will show you which of your tracks can be upgraded and what it will cost. Unlike the other services, you are buying an AAC file rather than an MP3, but most portable and PC-based players will be okay with this format.

Finally, there is SpiralFrog.com, an interesting site run by a friend of mine that doesn't charge for its downloads, but only gives you music that contains DRM. They claim 800,000 tracks and have a large music video selection as well. You need to be running a recent version of Windows, Windows Media Player and dot Net Framework. Unlike eMusic, you don't need to register and Install their download manager to browse the site, so you can get an Idea of what they have to offer. But once you install their software, you can download whatever you desire. And one other limitation: you can't copy their tracks to more than two portable players, and you can't play them of course on iPods. You also can't play them on Zunes, which shows you how messed up Microsoft's DRM Is.

So there you have it. There are some choices, other than stealing your music. If you want to do a lot of downloads, I would go with eMusic, especially if you go beyond 15 or so songs a month, but it is a subscription service and right now you might feel as I do that you are paying enough between monthly charges for premium cable, premium DSL, and premium unleaded gas.

If you are the occasional downloader, as I am, then Amazon makes the most sense, especially as I have my music on my Mac and it has a nice client for that OS. You can turn on the one-click ordering and it is effortless. I don't like Rhapsody's corporate culture, and if you use the iTunes player the imports into your library is cumbersome. And while the iTunes Plus Music Store is trying to get more DRM-free tunes, most of its music is still copy-protected, so best to steer clear until that changes. Finally, SpiralFrog has an Interesting twist on the music download, but since I am Mac and iPod-based it Isn't for me.

The changing nature of pop culture distribution

My wife and I watched the movie Juno last night, and I highly recommend it for your own viewing. But this isn't a review of the movie, what sparked today's essay is how (depressingly) little of its dialogue I didn't understand. This was because of the quick cultural references spoken by the teenagers portrayed in the movie. I guess I am getting to that generation where words like cool and hep cat are no longer part of the lexicon. I know, this isn't a news flash.

It occurred to me that years from now we will watch this movie and need on-screen annotations to explain what they are talking about.

But the movie is a static, finished entity. What is more interesting to watch is how pop culture references are being incorporated into various online media, and how they are passed around, consumed, and transformed as part of the media itself. As the online world becomes more a fixture in our lives, we are seeing a much more complex evolution. It isn't just the insertion of a bunch of slang words, but an almost complete encoding or translation of pop culture itself. Witness leet-speak, the gamer lingo that results from substituting numbers for letters that luckily (for me, at least) peaked a few years ago. The more cynical of us could look upon leet as just a substitution cipher, but it really is more than that, embodying a way of life and world view. (The best example is the Pure Pwnage videos available here:
http://www.purepwnage.com)

The most recent evidence of pop culture is this music video by Weezer (for those of you that don't know, they are a pop music group):
http://www.youtube.com/user/weezer?ob=1

The video contains visual references to a wide variety of topics. The difference is that these are mostly other Internet videos and online personality references. It is a very clever collection too, and like the Juno dialogue I doubt that I got more than a few of them even after repeated viewings.

Back in my misspent youth, we didn't have online videos. (Well, duh!) We were lucky to have black and white TV, and we had to contend with decoding rebus puzzles, and playing Sgt. Pepper backwards on our turntables to hear "Paul is dead" and figuring out Mad magazine's parodies. When we did get computers, we thought the ultimate in geek coolness (sorry, I will try to think of another word that doesn't date me) were Easter Eggs, bits of hidden code that required you to hit five different keys to bring them up.

Now we have fake news that contains some truth and is broadcast every night on the comedy channel, serious news that contains some fake information that is broadcast on the news channels, and music videos that contain sly references to other videos. The mind boggles at the whole interconnectedness of it all. We have invented words used by the fake anchors like "truthiness" that are included in dictionaries, and script writers for reality shows.

Yes, we are at new levels of how pop culture is being incorporated, parodied, and encoded by teens, and others too cool for school, even some noobs (maybe). It will be interesting to look back on this moment in time and see if anyone in the future can figure any of it out, or maybe they'll say, "Wassup with that?"

Cheap tech is often unusable tech

While gas prices continue to climb, it is helpful to see how much technology is a bargain these days. In doing some research for one of my speeches, I poured over some old computer magazines that I have, especially their ads, in a walk down memory lane. (I have been doing a lot of public speaking: today I am in Vegas, next week I am off to do a speech at my alma mater Union College.)
As short as ten years ago, a typical base price for a 16 MHz PC was $5,500, with 40 MB of disk storage. I think greeting card CPUs have more disk and clock speed than that old school PC. By the time you got a monitor, all of 12 inches in diagonal (try to find something that small today!), and some more RAM (2 MB sold for about $1,700), you were closing in on 10 large. Today, you would be hard pressed to pay more than $2,000, and you can get a decent laptop for less than half that.
When I first started doing IT work for Monolithic Insurance, I had to buy memory boards that were just the boards, devoid of any memory chips on them. This was back in the Jurassic era of computing, when 640 kilobytes was the maximum RAM we could use. We had to then “stuff” them with the little RAM chips, and make sure we didn’t bend their numerous pins as we were doing so. Those were the days. Now, a one gigabyte memory “stick” is about the size of my finger and no assembly is required, and can be had for less than $100. Just to put this in perspective, my daughter’s iPod has more storage than any of the PCs that I have owned up until a few years ago.
But it isn’t just that prices have come down. Lest we forget how important Internet connectivity is, two recent stories from the news show you why you wouldn’t want to leave home without it. After a woman’s Mac was stolen, its owner was notified that the thief was online and using her IM account. She then used the built-in camera and remote control software to capture a picture of its thief – who turned out to be two people she knew. The police were able to capture them and return the computer to the owner. And an Eye-Fi equipped camera, stolen in Florida, automatically uploaded the photos taken by the thieves to the owner’s Web site. Too bad the photos didn’t reveal the location or the identity of the criminals.
I am not making this up. What this says to me is that Internet connectivity has become so intrinsic to the PC that we forget not too long ago you had to jump through all sorts of protocol hoops to install it and configure it. Now we just open up our laptops no matter where we are and usually can get a connection, and a free one at that.
But as I stumble down memory lane, I am beginning to feel my age. Some of these tech gadgets can be downright annoying, and I am starting to see how some of these thieves mentioned above feel when I go into the average public bathroom. Even though I am surrounded by technology during my business day, I don’t want to have to rely on my engineering degree to do my business. With all of its electronic sensors and other technological wonders that are part of Bathroom 2.0, it can be frustrating even for the uber geeks among us. How about the soap dish that so nicely dispenses just two drops of soap, or the automatic faucet that splashes an inadequate amount of water on my hands? The final touch is the automatic paper towel (or air dryer), neither of which can deliver the goods. The former often presents me with a square of paper that could barely be used to dry one finger, let alone both hands, while the later either blows just enough air to move the water around your hands or shuts off after a few seconds, leaving you wet and frustrated.
So it is great that you can get a 32 GB USB thumb drive for less than $200, about half of what it went for a couple of months ago. But it sure would be nice if we could spend a little more time on making all this stuff more usable too.