Zentelligence

A Visit to the Palladium

With the first anniversary of 911 almost upon, I’ve been thinking about security, wondering if very much has really changed, at least in IT over the last year. Airlines have of course tightened-up their security and if you’re foolish enough to produce a pair of nail clippers on a transatlantic flight, and then you’re looking at a possible life sentence and quite right too. But quietly hack into a bank or wreak havoc with a new virus for Windows and chances are that you’ll get away with it.

Microsoft might have discovered ‘’Trustworthy Computing’ but we are unlikely to have it until 2004 when Longhorn, the next version of Windows XP and Palladium, Microsoft’s new technology of trust, collide in a single unit.
Palladium is fundamentally a secure and encrypted run-time environment for Windows and ‘other’ operating systems that allows the next generation of software applications and services to protect the user from every conceivable nasty that can be thrown at a PC. You name it, invasion of privacy, hacking, spam, viruses and more clever stuff than I have room to write about, Palladium will have the answer through its use of specially designed hardware security chips and microprocessors from Intel and AMD

Palladium" is not a separate operating system. It is based on architectural enhancements to the Windows kernel and to computer hardware, including the CPU, peripherals and chipsets, to create a new trusted execution subsystem. Palladium-based PCs will still look and feel much the same and will work happily with legacy operating systems and applications. But most importantly, unique ‘Palladium ‘aware’ applications and services will offer a range of features of functionality not found elsewhere and one day, all software, if Microsoft has its way; will be Palladium-based software.

It is important to grasp that while today's applications and devices will continue to work in "Palladium," they will gain little to no benefit from "Palladium" services. To take advantage of "Palladium," existing applications must be adapted to utilize the "Palladium" environment or new applications must be written. This software - whether it is a single component of a Microsoft Win32-based application or a new application - is called a "Trusted Agent."

“That’s nice” I hear you say. “No more offers of Herbal Viagra from Hotmail and an end to the constant fear of viruses”. Well if it sounds too good to be true it probably is and in Microsoft’s words:

“Palladium provides a trusted processing environment. Trusted code runs in memory that is physically isolated, protected, and inaccessible to the rest of the system, making it inherently impervious to viruses, spy-ware, or other software attacks”.
The company continues by saying: “With respect to viruses, the contribution from Palladium is fairly straightforward. Since Palladium does not interfere with the operation of any program running in the regular Windows environment, everything, including the native OS and viruses, runs there as it does today. So antivirus monitoring and detection software in Windows will still be needed. However, Palladium does provide antivirus software with a secure execution environment that cannot be corrupted by infected code, so an antivirus program built on top of a Palladium application could guarantee that it hasn't been corrupted. This grounding of the antivirus software allows it to bootstrap itself into a guaranteed execution state, something it can't do today”.

This sounds reassuring but you’d be forgiven, if like me, you find yourself struggling to really understand Palladium because even Microsoft might admit that these are early days and Palladium is still very much a blueprint where the finer details are still a little vague and open to consultation.

But wait a minute, won’t Palladium extend Microsoft’s existing stranglehold on the software industry even further? This is, after all a “Windows-only” technology? I asked Stuart Okin, Chief Security Officer for Microsoft UK if this was the case and as you might expect, his answer was “Certainly not, Palladium actually raises the bar in Operating Systems and should be portable to other environments, under license”, even Linux, if an application is written to take advantage of the Palladium environment. But to be honest, I’m not entirely clear on how this might work in practice and Stuart Okin struggled to find a suitable metaphor to describe the process. After all, this is still Windows, even if it represents a ‘Trusted Space’ within the Windows Operating System.

I asked Eddie Bleasdale of Net Project, the UK’s leading independent Linux applications expert and he commented:
“Microsoft and trusted computing are oxymoron’s but if MS is going to bring out a trusted OS it has to simultaneously change its file structure and get rid of macros and a whole number of APIs which aren’t secure, such as Active X. This represents a complete discontinuity, identical to that which IBM went through with OS2, when it failed to grab market share because of that discontinuity. Microsoft is coming up with a secure operating fifteen years too late”.

The prospect of a secure and trusted environment is good for us and bad news for the security and content management companies. It also “stops the rot” from Microsoft’s point of view, removing one of the largest objections to using Microsoft technology in the first place, it’s miserable record on security. Now Microsoft seems keen to share the Palladium technology among other Operating Systems vendors and you’ll recall that the last thing that Microsoft shared freely with everyone was Internet Explorer, just as Netscape was becoming a universal metaphor for the browser. Call me suspicious or even paranoid but where’s the catch? – Answers on a postcard or by email please!

Web Services - Knitting Internet Style

If you happen to follow what I write, then you’ll know that I’m a confirmed techno-cynic. After almost twenty years of following and researching almost every roller-coaster-like innovation in software since the good old days of DOS and CPM, experience tells me that if a new product or a new standard sounds too good to be true, then it probably is and business will have to pick-up the bill until such a time as the problems are ironed out. Only last week, one well-known industry figure told me, that in his opinion, UK business is wasting approximately £20 billion each year on IT project that fail or that are simply not fit for purpose.

Today, it’s time to take a hard look at the claims being made for Web Services. They are of course the next ‘Big Thing’ following on the heels of Linux and ASP (Applications Service Provision) and the potential market for this next wave in technology which will allow different websites to integrate their business processes in many different and intelligent ways, is valued in the hundreds of millions or billions, depending on which analyst group’s opinion you subscribe to. One of the largest, IDC predicts that the total software, services and hardware opportunity derived from Web services would climb from $1.6 billion in 2004 to $34 billion by 2007.

As we all know Web Services is a grander way of describing the knitting of applications and disparate systems together with Internet (IP) standards, relying on XML as a language for tagging data. "Web services are reusable software components, which rather than requiring programmers to write one start-to-finish set of instructions after another, the component-based model allows developers to reuse the building blocks of code created by others to assemble and extend them in new ways”.

A decade ago, business embraced clunky, client-server technology and tomorrow, we’re promised a geographically dispersed mix of Applications Servers and Web clients, which will seamlessly and transparently move business processes around the Internet, in a manner that will address every conceivable transactional relationship. Hiding under the bonnet this has the Simple Object Access Protocol (SOAP) as a standard for transferring the data and something called the Web Services Description Language (WSDL) for describing what the services are. Finally, we have (UDDI), the Universal Description, Discovery, and Integration standard which describes where these services are located. If this all sounds rather like Microsoft’s .Net then you’re right and the industry is split broadly into two camps, Microsoft and its partners with .NET a technology based on its new development language, C# ; using Passport as an authentication engine and everyone else, like Sun Microsystems with its SunOne working around an environment running Java on cheap application servers.

Most recently, middleware heavyweight, BEA systems and Microsoft have cooperated on the development of three new specifications to address transacted communications and a new language to describe business processes. One of these, named, ‘BPEL4WS’, is designed to allow companies to describe complex business processes that can span multiple companies, such as order processing, lead management and claims handling.

The key expressions that lie behind the evangelical ‘Hype’ of the Web Services industry are ‘integration’ and ‘streamlining’. Two years into the 21st century, applications still take too long and cost too much to integrate into legacy systems and high-profile government failures are an excellent example of the many promises falling short of the harsher realities in this business. As more companies attempt to integrate their supply chain, through linking their own infrastructure with those of clients or partners outside the firewall, they discover that conflicting standards get in the way. As a consequence, the ‘dynamic’ streamlining of middleware integration, promised on behalf of Web services is supposed to eliminate any requirement for the customized coding and re-coding of business processes or an understanding of another company’s infrastructure, looks very much like the Holy Grail of IT.

In theory, Web Services are all about the vendors cooperating on a common set of standards and this implies that the proprietary evils which have locked business into one vendor or another will become a thing of the past. But don’t be so sure about this, as it’s rather like this government living up to the ‘Freedom of Information Act’ in its manifesto.

At this time, the Web Services industry is immature and many potential customers will have learned a great deal from the overblown promises of the ASP industry two years ago. Most analysts would agree that Web Services are not yet ready for mission critical projects and larger companies should think of throwing out their traditional EDI (Electronic Data Interchange) systems for a while yet. In fact, IDC doesn’t see the movement reaching its full potential before 2008 and one analyst from the Aberdeen Group has said that: “I think it's important to realize that these standards are fresh, not fully cooked and there are needs for more standards”.

The biggest problem of all still remains that of security when large amounts of sensitive data are being shared between companies over the Internet. Microsoft was taken to task in August by the FTC over inflated claims involving Passport and the privacy/security dilemma is still a very long way from being solved to everyone’s satisfaction. Without this, the industry remains constrained in what it can achieve.

One example of the relatively unsophisticated nature of the market can be seen in the release of Amazon's new web services APIs (AWS) permit third party developers to access its business using either SOAP or XML over HTTP protocols but it remains very limited. Developers can't use the API to add content to Amazon.com in the form of reviews or lists and are limited to one call per second, or transactions no greater than 20k.

It is however important, not be dazzled by evidence of cooperation between vendors in the support of the ‘common’ standards mentioned earlier. Web Services represent the lower level detail, the DNA of IP connectivity but building and integrating a complex business process, rather like creating a dinosaur in Jurassic Park, requires rather more than joining strands of DNA together. While the industry can’t evolve without agreement over the middleware detail, there’s no real evidence that by simply exposing one’s data and business process to a Web Services architecture, it will result in the magical appearance of much bigger business applications, such as financial services portals, without the assistance of very specialized and arguably, very expensive applications integration software.

According to Simon Holloway, the Business Solutions Manager at Sun Microsystems, the potential of Web Services lies in solving: “Self service applications, rather like home banking where a customer might manage some part of his personal details and the bank provides the transactional element of the relationship”. At Sun, we are now starting to explore the second layer of Web Services, which are identity management, security, business process management and the developer set, so we are now trying to understand how to develop and exchange business processes using these standards”.

If the vendors are working on the lower level details, as reflected by the appearance of standards, then where do they make their money and will Web Service really open-up an industry that constantly strives to lock its customers in to proprietary solutions or services? Simon Holloway believes that in Sun’s case, “It will drive its future revenue from the products that it has and will create to support the Web Services standards. Customers won’t be locked in and will still have the same choice, as you might have in buying a portal product, from a particular vendor, which, in turn, will sit on top of the standards that are now appearing. If you don’t like the portal solution then you should be able to move to another from a different vendor but in certain circumstances, which will of course be determined by the manner in which the organization in question has implemented those standards”.

The catch of course lies with those “certain circumstances”, because it implies that Web Services are rather more than plug and play and that the implementation process can lock you in to a vendor or solution in a repeat of the Client-server experience of the past. Portability, vendor independence and interoperability might be promised but like freedom of information, we may have to wait a long time before we see it Déjà vu as I’m sure you’ll agree?

But being cynical shouldn’t stand in the way of progress. Like Java in the past, Web Services will have an enormous impact on this industry and what one shouldn’t do is ignore the inevitable. It may not be ready for distributed mission critical applications but it’s appropriate to experiment with smaller pilot projects inside the firewall to see how the technology ‘Knits’ the services and applications together. Just remember that we are in the middle of an IT recession and that the larger vendors need new sources of revenue to boost disappointing quarterly results. As a consequence, business should be wary of this new technology being oversold prematurely and while continuing to observe emerging Web Services industry with interest, shouldn’t rush to be a first mover until it becomes less of a magic wand and more of a solid proposition.

The Mother of All Parliaments

I see that that concerns about growing plague of pornographic spam are finally reaching Westminster. I very much doubt that Parliament will show more than a passing interest in what is very clearly a growing problem, reflected in the many emails from CW360 readers on the subject.

Labour MP, Derek Wyatt MP, Chair of the Parliamentary Internet Committee, believes that very few MPs understand the Internet industry and is seeking an amendment to the Communications Bill making ISPs responsible to OFCOM for content in much the same way as television companies are regulated.

Apparently, Mr Wyatt sent the Speaker of the House: “At least four pages of truly disgusting colour photos that had found their way into my in-box and have asked four times for an adjournment debate in the House of Commons but it still hasn't been discussed”.

Of course, In May the European Parliament voted to ban spam but as the great majority starts life outside the EU, it’s almost impossible to regulate without cooperation from the United States. According to research from Nexor, the really unpleasant stuff, explicit pornographic spam is growing by 20 per cent a year. In addition, messaging company, Brightmail, which took a snapshot of all the spam it intercepted over a 24 hour period from 20-21 August, found that approximately 55 per cent of this related to money, as you might expect, debt reduction, money laundering offers from the alleged relatives of deceased Nigerian dictator Sani Abacha and much more.
ISPs, through their association the ISPA, vigorously oppose any such move, arguing they are merely “Providing the infrastructure and not the content” and that "ISPs are mere conduits for information - a point recognised in law”. They have a point and many ISPs are already working hard to control the spam problem, which after all, chews-up their bandwidth.

Historically, there has always been an uncomfortable relationship between the ISPs and pornography. Back in the early days of Internet access in the late nineties, I was a Director of two ISPs and several of us, on the board, had a moral problem with some of the nastier and more offensive alt.binary newsgroups, so we switched of access through our servers. The result was a 40 per cent drop in traffic and the loss of subscribers. For the board it became an economic decision very quickly, restricting access would have put us out of business and the decision was reluctantly reversed.

Spam is different but not so very different, other than its ‘Push’ rather than ‘Pull’ on the part of the subscribers, who have no choice in the matter. Attempting to regulate UK ISPs won’t really achieve the goal that Mr Wyatt has in mind unless every piece of email traffic is filtered, which would give us something akin to the RIP legislation by another means and through the back door.

What did interest me this weekend was an email from MSN encouraging me to upgrade to the paid Hotmail alternative to avoid my mailbox filling-up over the summer weeks and the service being suspended. You may recall that I have asked Microsoft, repeatedly to comment on the spam problem and have received nothing but silence in return. Given that Hotmail is used by millions upon millions of people and that it presents arguably one of the largest spam channels, you might have thought that Microsoft would be playing the good citizen and joining the debate. But consider for a moment. Microsoft wants to encourage users to pay for Hotmail and has restricted the size of the inbox. Given that I receive at least fifteen junk mails each day, even with my filters turned on, my mailbox will fill-up very quickly if I don’t manage it ruthlessly. So one has to ask whether it’s in Microsoft’s interest to take a moral position on spam, if spam, after all, is likely to be the single most likely reason that people would pay to expand the size of their Hotmail inbox?

To be honest, I don’t know what the answer is and I’m not sure whether sending “disgusting photos” to the Speaker of The House of Commons, Michael Martin MP, is the best solution to the problem but it’s an original idea, if only I could find his email address if he has one!

The Big Issue

He was visibly shocked, my friend, a long-standing Director of a well-known IT company. The previous day, we had been discussing the expected wave of redundancies that was about to wash over the UK and he had thought his own job was safe. Instead, he and several other members of senior management had been given their marching orders, leading me to comment that it was all rather looking like an episode of ‘Band of Brothers; it’s quite hard to find anyone I know over the age of 48 who is left in this business over the last twelve months.

Another person, a ‘Knowledge Worker’ in the IS department of a name we all know, told me:

“It’s all getting rather silly. All the plants have been removed and there’s no coffee for meetings either. There are very few Indians left to do the real and a disproportionate number of chiefs with grand titles hanging on by their fingernails, it’s all rather sad and is actually creating more inefficiency rather than achieving the streamlining that the US had in mind”.

Earlier this month, I wrote about the silent recession and I’m wondering how much longer we can ignore what’s happening in the industry around us. This week, I learned that Unisys, a company that made savage cuts last November, is about to prune its European workforce back even further and it’s not alone.

What appears to be happening in many examples, is that the US headquarters of these large and well known companies, worried by declining sales, poor forecasts or even prospects of a visit from the FTC, conduct a workforce reduction exercise on a spreadsheet, which in some regions, ignores the successful operations and collectively axes entire programmes or departments, such as an ASP programme, in the interest of reducing costs globally.

What I see occurring here in the UK, is that other than friends and people I know in the industry losing their jobs, there’s a vague and sinister sense of ageism a work. Of course, senior management are expensive but I can’t help but wonder, as an Observer, whether ‘the recession’ is also being used as a convenient excuse to remove the geriatrics in larger organisations; that’s anyone like me, over the age of 45 and who admits to owning a cardigan and a Volvo.

Forget then the glossy television and web site advertising, because where can all these IT people go? The answer is that I don’t know. What I do believe is that too many big companies are too under-resourced to offer their customers the service they deserve and that a great many talented individuals are suddenly finding themselves holding P45s with little or no immediate prospect of finding work in the foreseeable future.

I can recall two previous recessions in this industry and both were painful and more like sudden contractions compared to what I have witnessed in the last eighteen months. While IT companies peddle the benefits of technology, they forget that any dream of eBusiness and even a Knowledge Economy, have to be built by people and that the gravitational effect of downsizing can only go so far before this industry slowly collapses into a black hole of its own creation.

Meanwhile, the expression ‘Buddy can you spare a dime’ springs to mind and for those readers who have recently received or are about to receive bad news, I can only wish you luck and a more profitable career outside the ungrateful world of IT.

Paradise Lost

“To you by lot this course is given, charge and strict watch over this happy place that no evil thing approach or enter in”.
John Milton – Pardise Lost

With good reason and a gathering sense of public outrage, there’s a call from many different quarters to tighten-up the Internet. More accurately, there’s a clamour from across a political spectrum which includes both the Sun and the BBC for greater controls on the Internet and to re-engineer the inadequate legislation which is quite incapable of protecting children from the perversity that has made a comfortable home in the anonymity of the World Wide Web.

Reading through the editorials of the last week, it is clear, that those responsible for framing or voting for any changes in legislation possess a dangerously limited understanding of both the Internet and the threat that it can represent.

Proposals for new legislation and suggestions for new safeguards have an almost ‘Dunblane’ like feeling to them. After Thomas Hamilton and the horror of Dunblane, you may remember, that government promised an end to gun crime. If you remove all the licensed firearms, the reasoning suggested, criminals will stop using guns too! Well not quite, because of course you can’t simply legislate social problems out of existence. Instead we now have record gun crime month in July and machine guns being used to resolve arguments in every major city.

The Internet thrives on anonymity and the vague nature of its jurisdictional geography encourages perversity to thrive. The Web empowers groups who would never have been to congregate in the real world and even the best written legislation can only have a minimal impact on the more dangerous, whether it be Al Qaeda or an international paedophile ring.

Most recently, the FBI, in a ‘Sting’, collected the credit card details of 7,000 men in this country who had accessed a bogus Russian paedophile site. These were passed over to the UK authorities but appear to represent a small drop in the ocean, leading one person I asked, to remark that “Paedophilia appears to be a very British perversion, in much the same way as the evidence suggests that many East German men prefer Czech prostitutes to be pregnant”.

If you are ever unfortunate enough to visit any of the thousands of sites operating from what was once the old Soviet Union, then the images of savage abuse they contain will remain with you for a very long time. And there’s the problem. The route that often leads to more dangerous fantasies is easily fuelled by by a £15.95 Internet access connection and a few pounds on a Visa card each month paid to the Russian Mafia. Better legislation, although well overdue, will do little more than catch and deter a small percentage of the less intelligent offenders, the Gary Glitters’ of this world, while the Internet will continue to protect the brutal fantasies of potential Hannibal Lecters.

But while politicians and judges continue to talk uninformed rubbish there’s very little chance of making any real progress. When we embraced the idea of the World Wide Web, we simultaneously opened a Pandora’s Box of enormous power and unless society is prepared to confront the darker side of the Internet, there’s a very real danger of being overwhelmed by its unrestricted content.

Can or indeed, should the darker side of the Internet be controlled or has it made any conventional sense of morality an irrelevance in the 21st century?

Observer Comment

The start of the new century may be remembered for the outrageous cost of The Millennium Dome and the political embarrassment that accompanied it. The project demonstrated just how easily this government could be dazzled by a large and expensive white elephant.

If the Dome was a momentary lapse of reason, then even as it was being built, a single Information and Communications Technology (ICT) project for the Post Office and Benefits Agency, named ‘Pathway’, was well on its way to wasting almost twice the £700 million of public money that was squandered on a large tent in Docklands. But Pathway, which was supposed to tackle the annual £1.3 billion cost of identity fraud, was only one drop in an ocean of failure and leads me to ask whether the first casualty of a so-called, “Knowledge Economy’ is judgment?

Recalling the last year’s Passport Agency fiasco and this summer’s problems with the Air Traffic Control System, there are rather more high-profile examples of the technology failing than there are successes and every reason to believe that Government, in pursuit of a grand experiment, is wasting taxpayers’ money in the most outrageous manner.

Today, with the manufacturing sector increasingly decimated by the forces of the global economy, government increasingly views information technology and the Internet as a magic wand for a new kind of Britain. Electronic government (eGovernment) it believes, will, if enough money is thrown at it, quickly transform the public sector into a smoothly efficient 24*7 machine, one promising a cash-point vision of both central and local government services which will allow you to pay your taxes or buy a fishing license at any time of the night or day.

Downing Street’s objective is that by 2005, the transformative impact of joined-up-government and with it, the availability of cheap and universal broadband Internet access, will swiftly create the climate for a knowledge economy as a by-product. But before it can deliver this dream, it needs to have in place the basics and the first of these is an irrefutable and totally secure means of proving one’s identity over the Internet; cheap, available digital identification for every citizen and every business. It may come as no surprise then that millions of pounds may have been wasted, following the promises of several of the world’s best known software companies towards a technology dead-end.

Last month the Chancellor allocated £2.4 billion for the further development of electronic government a dramatic jump from the £1billion spending review of 2000. To understand the size of this increase and why it might be necessary, it’s important to grasp the scale of the failures swallowing public money. In August, it was reported that the £200 million computer system, managed by EDS and designed to speed up the operation of the Child Support Agency (CSA) is months behind schedule and £50 million over budget. Meanwhile, children in the poorest families receiving income support are reportedly losing £10 for every week this project is delayed.

I’m never entirely sure these days whether the monumental failures that constantly plague the Public Sector are the result of technology being cynically oversold by big corporations or are the responsibility of senior civil servants who still believe in fairies. History offers clear evidence that the massive infrastructure plans so favoured by socialist governments rarely if ever deliver against expectations. The so-called ‘competitive bidding’ for public sector projects, is farcical and an “unholy trinity” of ‘approved’ contractors for the most lucrative of large infrastructure projects, is milking the Treasury in a manner which would be inconceivable within the private sector.

According to Babak Khakpour, of specialist publication, eGov monitor, “The wholesale departure of reasonable judgment has been the hallmark of large government technology projects; this technology which was feted as the great enabling and equalizing tool of the 21st century”, and with so many examples of costs run amok, it’s no wonder that there is evidence of real alarm both from the National Audit Office and the Treasury.

Of course, a valid reason for using IT in the first place is to reduce the overall cost of the public sector or more accurately, “Spend Avoidance”, where investing money in IT now will show a reduction in costs later. With a public sector IT budget of £10 billion annually, the goal is to use the promised efficiencies of information technology – and there is plenty of good work happening the mid-range project level - to save the equivalent of 2% on GDP but as yet, with 19 million households and over 40% of the population ‘On-line’, there is little or no solid evidence of eGovernment services making a difference or attracting wider public acceptance.

The Inland Revenue is a leader in the development of public services that can be accessed by PC or over the telephone but in February the National Audit Office revealed how a disappointing the acceptance of the online self-assessment service was. According to research released by the Liberal Democrats, The Inland Revenue's online tax return system costs the public nearly four times more than the original postal method and has only 80,000 people registered for a service, which by itself, cost £17 million to implement. Edward Davey, the Liberal Democrat’s shadow chief secretary to the Treasury, accuses the government of failing the taxpayer and claims that." The £212 cost per person is nearly four times higher than the £60 per person cost of the existing system”.

Because of its size, complexity and the demand for tight security, the Inland Revenue has more problems than most other agencies and in another twist, the powerful all-party House of Commons Public Accounts Committee (PAC) has warned that the Inland Revenue might have to buy the rights to secure one of its most essential systems. These are expected to have exceeded the original valuation of £100m, on a project that is already over budget.

Babak Khakpour believes that the present cycle of failure will persist without direct and urgent intervention at the highest level of government.

“What is essential”, he says, “Is that the enormous current and future government IT expenditure be managed – central, local, education, health, police and justice and other areas – joined-up. There is no organisation that keeps an eye on the entirety of public sector IT and has a role of hands-on guidance and communication. The Office of the e-Envoy (OeE) has its hands full with policy and devising some guidance rather than monitoring, feedback and communication The Office of Government Commerce has also gone some way in addressing the challenges but what is required to control the huge fragmentation, is a team five times the size of the OeE that acts as in-house government consultants. For a structure that is supposed to be joined-up this is a huge oversight and the public management targets of the Chancellor and Prime Minister will never be met unless this is implemented”.

It now appears that when Labour lost one Dome, it found another more expensive project to replace it, a ‘Virtual Dome’ in which all the expensive failures of an unrestrained enthusiasm for the Internet and new technology are kept hidden until they leak reluctantly into the public domain. There are more expensive disasters now waiting in the shadows and millions upon millions of taxpayers money will continue to be wasted on projects that at times, are little more than public sector experiments with unproven technologies.

Prime Minister, can Britain afford your vision of joined-up government as it exists today? The continued risk of expensive failure threatens the credibility of the entire programme and with it, any hope of building a knowledge economy. It’s action. That’s needed, not advertising.

Lose the Beard – Buy the Operating System

Linux again. And once more it’s time has come.

For me, Linux has always had a certain “Life of Brian” type of appeal and sitting around the dinner table with Sun Microsystems the other evening, I wondered how much longer it will take before we stop talking about ‘Distributions’, ours or theirs or Red Hat’s or IBM’s and start talking about solutions, allowing the subject of the Operating System to fade into a state of transparency.

For Sun, Linux is small and fast and ideal “for the edge of the Enterprise”, whatever that means to you. Asked whether Linux could ever evolve to a point to compete with Solaris, Sun’s Mike Avis thinks not and imagines a cosy type of co-existence into the foreseeable future.

Now in many ways, this makes sense. Big boxes and equally big Enterprise applications require a pumped-up version of Unix and Sun have this already in the shape of Solaris, so why expand Linux any further? Do a deal with Red Hat, which they have done with Sun’s own Linux 5.0 (AKA Red Hat 7.0) and you have a solution that runs neatly across a range of different processors, including those from Intel.

But there’s a nagging concern I have which won’t go away. You see IBM believes, with equal fervour that Linux can be big, very big and scalable indeed and so you have two of the largest players who appear unable to agree on what Linux will look like two or three years from now.

For many people and particularly those who vaguely resemble ZZ-Top fans, this isn’t a problem as Linux will continue to grow and evolve with Zen-like indifference to the forces around it. However, if you happen to be a government, like Germany or indeed China and you would like a compelling and cheaper alternative to someone else’s Operating System, then a rough consensus over Linux future is an attractive feature and mitigates any potential risks involved in migrating from Windows.

In my mind, Linux needs to become almost invisible. When you buy a PC or a Macintosh, do you really worry too much over the Operating System or is it the features or the solutions that really count in the end? Sun and IBM and all the other Linux evangelists need to sit down and ask themselves how they would sell Linux, not to a man with a leather jacket, a pony-tail and a beard but to an attractive twenty-something woman with a Renault Clio. This is of course an exaggerated analogy but I firmly believe that for Linux to succeed, something radical needs to be done with both the message and the marketing.

Linux needs to be something more than a “Not Microsoft” vote for the IT Director and it needs to be able to attract the small businessman too, who will always be vaguely distrustful of anything that has an ‘X’ in it.

For Linux to progress as a really viable Windows rival, it needs rather more than financial muscle and IBM and Sun declaring that it tastes like chocolate and cures cancer. Instead Linux needs some kind of re-invention, as the processor equivalent of Viagra perhaps but certainly more imagination than the dull Calvinism that surrounds it today.

So once again Sun and IBM, Linux has great promise but in needs imagination and a place in the popular consciousness as much as it needs market share and investment. Shooting anyone seen with a beard and a pony-tail might be a good first step.

If it worked for Lenin it might for Linux too!

What Lies Beneath

It was called Lotus ‘Agenda” and I doubt many of you can remember it.

One of their more interesting products of the eighties, it wasn’t a popular product and in many way, it anticipated Lotus Notes as a free text database in the days when dBase and Paradox was really all you had to choose from.

What was good about Agenda was that you could take pieces of information such as “Bob drives a green car” and place it in a database. You could the create ‘Views’ for almost anything; “Green Cars’ perhaps or ‘Green Cars& Cambridge’ and Agenda would retrieve any and all information that matched such criteria. On reflection, it’s the kind of feature we take for granted on the Internet today, with Search Engines such as Google, “Simon Moores+Harley Davidson” perhaps but it was years ahead of its time in 1989 and a tragedy when Lotus Development killed it off after version 2.0, because it really was one of the first good examples of a real Knowledge Management product.

Watching the news today also reminds me that I once showed Agenda to the Police, who became really quite excited by the idea. No more yellow ‘Post it Notes’, somebody calls with information and you type a summary into the Agenda database. The trick after this is of course to construct a view that makes some sense and distills the good information from the background noise, which is of course a human talent or should be. After all, the Police have had ‘Collaters’ for years.

A good twelve years on and the Police are surrounded by sophisticated software and the heart-rending tragedy of the two missing ten year olds and the eyewitness account of a taxi driver illustrates technology’s greatest weakness, the surrender of common sense when information is processed directly into a computer.

Human beings can intuitively ‘perceive’ what piece of information is likely to be more relevant than another and products, such as Agenda in its early days, help make sense of apparently random items or accounts. Where it all goes wrong is when a human operator is given a vital piece of information, such as “I saw two children struggling in a green car” and instead of faithfully recording the details and then perhaps walking up to a detective and tapping him on the shoulder, with what should be a significant report, the operator simply moves on to the next call without comment, surrendering any true sense of responsibility and intuition to the invisible intelligence of the software behind the keyboard.

Increasingly, law enforcement agencies are turning to computing as a more efficient means of achieving results. Huge amounts of data are passed through systems and government would rather like the Police and the Intelligence agencies to have even more access to data to crunch in the search for evidence and patterns of unsocial and criminal behavior.

Sadly though, what seems to be happening is that the Police are unable to see “The wood for the trees” at times and detection rates are at their lowest in living memory. Clever software might be a remarkably efficient tool in the support of Police work but the presence of more Policemen with the very human tools of personal initiative and intelligence still seems to remain the key to the conclusion of any successful investigation

Boys from the Black Stuff

I counted six men standing by the Police car on the hard shoulder. Whether there were anymore unexpected passengers inside the French truck I couldn’t tell, as my Harley Davidson, with noisy indifference, thundered past the little group on the way down to my home in North Kent.

Four hundred yards from my window overlooking the sea there’s a long patch of rough grass under the cliff. At the moment, living in three cheap ‘bell’ tents, surrounded by cardboard boxes, there’s a family with two children. Whether they know about the £3 billion that the Chancellor is making available for Government IT projects is irrelevant because, I would guess that as a group, they lie as far as its possible to go on the wrong side of the ‘Digital Divide’ without actually falling into the sea in front of their pathetic home.

On Friday last, one of our readers telephoned me to ask if I might be hiring IT people. “Sorry” I said, “I can’t think of anyone who is at the moment, quite the opposite in fact”.

He replied: “Well I survived the recession of 1991 and with luck, I’ll survive this one but it’s strange that it seems to be kept so quiet, the recession that is”.

So what’s my point? The men in the back of that truck want work and I’m sure that the father of the two small children on the seafront does as well. And our reader? Well he’s had it, lost it and is looking for it again.

If you listen to Government, then IT skills are the way to guarantee your future. Certainly, we all need to know how to use a PC and the Internet and VCR and Sky Television remote but those aren’t true IT skills and even if you have ‘real’ technology skills, finding and keeping a job isn’t as easy as it was ten years ago.

What will the result be, I wonder when the £3 billion has been spent and perhaps another £3 billion is granted on top before the next election – public sector projects invariably overrun - . We will have built our IT equivalent of the Dome and then what? As a nation, – and I don’t just mean Greater London - will we suddenly become a knowledge economy where the trains run on time? When the efficiencies promised by Oracle or Microsoft or Sun, finally transform the public sector, where will all the people go and where will all the jobs be? In IT? Somehow, I don’t think so.

From where I sit, as cynical as you might expect, I see an IT sector which is thinning out dramatically and a manufacturing sector which is dying on its feet. Somewhere in between lies the grand promise of a future place in the evolving knowledge economy and throwing money at huge public-sector IT projects is supposed to jump-start the process.

But like the child in the fairytale of “The King’s New Clothes’, I have an awkward question. Has anyone given any sensible thought to what happens, if like the Dome, the great plan swallows the money and the result is an expensive disappointment? And what is a job in the Knowledge Economy anyway and how well does it translate into Albanian?

More Damned than Indicted

They might call it a new chapter in the ‘Trusted Computing’ story but it appears that Microsoft has been rather more than economical with the truth, the US Federal Trade Commission revealed on Friday.

Of course, I don’t know anyone over the age of seven, who really believed – hand on heart – that the company were being 100% truthful when they made security promises around Passport but it took a complaint from complaint from a consortium of consumer groups led Electronic Privacy Information Center (EPIC) to reveal the true extent of the ‘porkies’ that the company was prepared to feed its customers.

According to the Commission's complaint, Microsoft “falsely represented” that:

- It employs reasonable and appropriate measures under the circumstances to maintain and protect the privacy and confidentiality of consumers' personal information collected through its Passport and Passport Wallet services, including credit card numbers and billing information stored in Passport Wallet;

- Purchases made with Passport Wallet are generally safer or more secure than purchases made at the same site without Passport Wallet when, in fact, most consumers received identical security at those sites regardless of whether they used Passport Wallet to complete their transactions;

- Passport did not collect any personally identifiable information other than that described in its privacy policy when, in fact, Passport collected and held, for a limited time, a personally identifiable sign-in history for each user; and

- The Kids Passport program provided parents control over what information participating Web sites could collect from their children

There’s more of course and the proposed consent order prohibits any misrepresentation of information practices in connection with Passport and other similar services. The order also requires Microsoft to implement and maintain a comprehensive information security program, which would really be quite funny to read if it wasn’t so sad to see in print. In addition, Microsoft must have its security program certified as meeting or exceeding the standards in the consent order by an independent professional every two years.

Once again, the vexing question of ‘Corporate Responsibility’ rears its ugly head and that Microsoft is involved comes a s no great surprise to many people. Does anyone really expect large corporations to tell the truth anymore? Yes and No. In reality, I believe the best intention of honesty in business certainly exists but that the Directors, particularly where security is concerned, simply don’t know if they are telling the truth or not and the same argument applies to Government as well.

Information security and the question of its integrity is invariably a delegated and highly technical responsibility. While the CEO of a company might make a promise that your information is safe in his hands, his software technology or information security policy might not be up to the task. Further down the ladder of responsibility, nobody dares contradict the Blairs, Elllisons and Balmers of this world and they hear only what they want to hear until the FTC arrives at the door. It’s ‘Reality Vertigo’ in every sense.

Meanwhile, rumours are circulating that another big name in the industry might be receiving a visit from the Federal authorities in what could be another huge scandal in the making. If you listen carefully, you might even be able to hear the sound of the shredders hard at work over the sounds of aircraft taking off at Heathrow.

The Aggregated Man

We are, it appears, leading an increasingly aggregated existence. It wasn’t so long ago that searching for an item of interest, a mortgage offer, insurance, a book, a holiday, involved a visit to one Website after another in an effort to compare prices and options. Today aggregation is the name of the game and if your consumer-facing business isn’t listed on one of the better known portal sites, then your opportunity for business is limited and your claim to commercial existence is dubious.

Two months ago, my own fixed-rate mortgage expired and promptly ballooned into a higher percentage figure. This week, I finally came around to doing something about it. I visited the JohnCharcol website, spotted a chart-topping offer from a leading Scottish bank and having filled in the application on-line, I paused briefly to call my own mortgage lender.

“I would of course love to stay with you”, I told the representative on the other end of the phone “But if I press the ‘Accept’ button on the screen in front of me I can get an immediate 4.75% with no strings and only have to pay a £150 transfer fee”.

With amazing speed, I was passed to another person, who quickly advised me of my rights as regards the provision of financial advice. And then, like a magician pulling a rabbit from his hat, he produced a mortgage rate of 4.85%. Mine if I chose to stay put.

Now, for the extra time and paperwork involved, 0.10% isn’t a bad deal and simply demonstrates the power of the Web and how haggling or should I say ‘flexibility’, seems to have become a feature of today’s High Street banking experience.

Of course, it’s not just mortgages, its cars and in fact, just about anything you can think of, if you know where to go on the Web. Even news is aggregated and collated through different portals like the one here at CW360.com. You want aggregated news headlines in Reuters-like style from a huge number of sources, then there’s NewsNow.co.uk. If it’s IT White Papers you’re looking for, then there’s The ITPortal and if you’re interest is really vertical and includes eGovernment in the Arab world, there’s even ArabGov.com.

If there’s one good thing that can be said of the Internet today in Europe, then it’s that it’s a powerful force for competition and driving prices down. Naturally, there’s one problem for us in Britain, it’s the Euro and it must present Government with a dilemma. On the one hand, we are being encouraged to go on-line as a nation at dizzying speed and on the other; it’s clearly obvious that most of our European neighbors aren’t squeezed as badly as we are where the cost of living is concerned.

Sign up to the single currency and aggregate the European shopping experience and you have to wonder how much of our spending money will stay in the UK as digital-savvy citizens decide that mail ordering toasters from Belgium is cheaper and no slower in terms of delivery, than ordering the same model from Birmingham over the Internet.

Will it really make a difference, it’s hard to say but perhaps, party politics aside, the Internet and aggregated eCommerce, could be strong a factor in pushing Britain towards the single currency as any other.

Hotmail – Not Quite The Big Bang

Corporate Responsibility today, means rather more than promising not to ‘cook the books’ or the President standing in front of a large sign that promises corporate America’s future good behaviour. There’s a new ethical dimension to consider which may be just as important as Teflon accounting.

One hundred and sixty four. That was the total number of junk emails waiting for me in my Hotmail inbox on my return from sunny Spain. Roughly ten pieces of junk a day for each day I was away on holiday and it doesn’t include the thirty or so items of Spam which found a temporary home in my conventional office inbox.

Nothing remarkable of course. Only the normal bag of rubbish, ‘Come Visit the Bang Bus’ or “Best Buy Epson Ink Cartridges for Office or Home”. Mind you, the challenge of deleting twelve consecutive “Sex Pics of the Day” with the preview pane open, is rather more than I expected or even deserve at my age.

Perhaps the only solution is to block all email from any domain or address that one doesn’t know. At least this would reduce the load on my in-box, as filters and especially Hotmail’s own ‘Spam Trap’, are even less effective than channel tunnel security.

So why didn’t I use my Hotmail account while I was abroad? Cost. I’m using my mobile phone/Compaq IPAQ combination with GPRS enabled. Downloading lurid emails and loan offers, one hundred and sixty-four of them could prove very expensive over a wireless connection, so better to delete the lot, en masse, over the office Ethernet.

What surprises me is the heavy silence from Microsoft. Following earlier comments on the Spam problem, I did ask the company for some kind of comment. After all, isn’t Microsoft at least morally accountable to its customers? Hotmail might be a free service – well almost – used by millions of people across the world and yet the company, aware that the volume of Spam and inappropriate content is running out of control, chooses to remain silent over the problem, other than offering a feeble filtering option which collapses within the month.

So, why no official comment? Off the record, people will admit that Hotmail is a complete mess that presents a convenient and high profile conduit. One that introduces many of the worst examples of content-driven corruption to a global audience. While I’m not suggesting that Microsoft acts as a censor, I am suggesting that the company sets an example by offering some kind of filtering which can be enabled as an option, to screen out the daily diet of Viagra and teenage webcam offers.
Hotmail is simply an example. The tip of a much larger problem that confronts a world intent on abusing the Internet to its still yet unexplored limits.

So, does corporate responsibility stretch to include an ethical dimension? One associated perhaps with the provision of an on-line service or is the concept of corporate ethics as dated and as laughable as the principle of honesty in politics?

El Gismo Fantastico

Writ large on the white sign ahead was the word 'Espanha" and thinking that it might offer a more direct route out of Portugal, back across the Spanish border, I ignored the directions on the motocycle tank-bag in front of me and left the main road.

Fifty miles of winding country road later, we found ourselves on the Spanish side of the border in an oven-like expanse of plain. No cars, no people and a shaky idea of where we were on the map. I guessed that my big BMW 'Adventurer' had around fifty miles of fuel left in its tank and my wife was dreaming happily of a divorce.

"Don't worry", I said, "Although we seem to have fallen off the GPS map", there's a town 30kms ahead of us and if we get there, we can rejoin the main road at Ciduad Rodriguo".

I had resolved to leave all my gadgets behind on this trip, with my only luxury being my phone but when the time came, I failed the character test and smuggled my IPAQ and its foldaway keyboard into my luggage, which is how I can type this column in my room at the five hundred year old Parador set in the cathederal square at Santo Domingo De La Calzada.

Not thinking that GPRS coverage would be anywhere near extensive on my trip through Spain and Portugal, I left my Blackberry behind, which was a mistake, because GPRS appears to be active in the strangest places and the Vodafone service reaches into the medieval heart of Spain.

It's incongruous though to think that in some of the places that we passed though today, the Internet is a meaningless concept to all but a very few. And yet, with all the talk of 'Information Societies" and 'Digital Divides' in the EEC government conferences I have taken part in, the reality is that the Internet doesn't appear to matter greatly to most people on the continent and you can't blame them either!

Lunch still takes two hours, email, if you have such a thing can wait and the population lacks the overworked and stressed appearance of English tourists, separated from their in-boxes and worrying over the hundreds of unanswered messages, piling-up in their absence.

Jeremy Clarkson touched upon the problem in his documentary on our European neighbours. The British are in love with speed. Fast cars, fast food and one more vice, instant communications, much like the instant hot water of the 21st century. Much like the presence of the TV License fee and the Health Service we don't really have a choice in the matter and in contrast with the more laid-back Spanish, our growing national passion for email and the Internet leaves us looking very like Eric, my daughter's Hamster, as hopelessly addicted to running on his wheel as I am to my keyboard.

Can there be such a thing as a compromise, a co-existence between the insistent and intrusive digital world of the GPRS connected IPAQ in front of me and the contemplative medieval scene outside my window?

If you worry about your email while your'e on holiday, then you already know the answer.

The Global Village

I had to visit my nearest Post Office the other day. Invariably, this is an experience I try to avoid; as I’m sure do other people. The dull monotony of waiting for the person in front to finish buying a book of stamps before one’s hope is dashed, as she reveals a large brown paper parcel and asks: “How many stamps do I need to send a ten kilo package to my aunt in Abyssinia”?

The Post Office is of course, a wonderful example of how much time wasting is involved with simple beaurocracy and how great swathes of paperwork and rubber-stamping could be replaced by kiosks and eGovernment, such as the form that entitles us, as UK citizens, to medical treatment in other EEC states. Why on earth isn’t this available on-line I wonder or does the Post Office cashier’s little rubber stamp on top of my National Insurance number represent the equivalent of the digital signatures that we still don’t have?

What was really interesting in my local Post Office on this occasion was the sudden appearance of nine PC’s propped along the back wall. UK Online had arrived in SW19 and there was little doubt that the availability of Internet was a big hit but not with the locals as you might have thought.

Each workstation, from what I could see, as I moved slowly down the queue was being used for mail, predominantly Hotmail, by what were very obviously young people visiting from elsewhere in the global village. No silver surfers, no single mothers, no minorities and in fact, nobody even faintly close to the group that I thought the initiative had in mind.

What’s just as interesting from my point of view is the choice of PC’s on an Ethernet, over some kind of hardened kiosk-style environment protected by Robocop. Call me a cynic if you like, but how long are these machines going to last I wonder, in what is, after all, one of the harshest environments known to computing, unrestricted public access.

So while on the one hand, I’m in favour of making the Internet available to anyone in Post Offices, libraries, churches and mosques, I’m concerned, like anyone else in IT, that you can’t simply throw thousands of units into the public domain and expect them to survive longer than a year, in the process, delivering for the general population what was expected of them in the first place.

Now, having been involved with the idea since the day that Professor Jim Norton and I discussed its pros and cons on television, I should understand why we’re doing this and what we expect the end result of this huge national investment to be. Three years on and SW19 has a ‘Wired’ Post Office but do nine PCs make a difference and if so, where and to who? I’m not sure I know the answer and I’m not sure that those who should know are certain either!