Former Microsoft open-source chief joins cloud startup

Former Microsoft open-source chief Sam Ramji has joined cloud-computing startup Sonoa Systems, taking over product strategy and business development at the Santa Clara, California-based company. Last month he also took a position as interim president of the CodePlex Foundation, an open-source group formed out of his work at Microsoft. In his last job at Microsoft, Ramji was responsible for fostering more interoperability and collaboration with the open-source community as head of its Platform Strategy Group.

However, when the foundation and Ramji's role in it were unveiled, he said he was leaving Microsoft Sept. 25 to join a cloud-computing startup, though he did not specify which one. It also provides visibility, management and governance to make cloud services and the APIs (application programming interfaces) that connect to them as robust, policy-compliant and scalable as on-premise applications, according to the company's Web site. Sonoa offers technology called ServiceNet that helps companies manage their cloud-based services by setting policies for them, acting as a proxy server between service providers and the consumers of those services. In addition to ServiceNet, Sonoa also has released an analytics tool for API developers called Apigee as a free way to monitor and manage how their services are being accessed in the cloud. Sonoa's customers include MTV and Guardian Insurance. In an e-mail, a company spokesman compared the tool to Google Analytics.

Sonoa's CEO is a former BEA Systems executive, Chet Kapoor. The foundation also was formed by Microsoft to inspire other proprietary software companies to participate more in the open-source community, though eventually it is meant to be run as an independent group. Microsoft has not named anyone to take Ramji's role but said when the CodePlex Foundation was unveiled that the Platform Strategy Group will remain intact and will continue to promote collaboration with and participation in open-source projects.

Intel: Chips in brains will control computers by 2020

By the year 2020, you won't need a keyboard and mouse to control your computer, say Intel Corp. researchers. Scientists at Intel's research lab in Pittsburgh are working to find ways to read and harness human brain waves so they can be used to operate computers, television sets and cell phones. Instead, users will open documents and surf the Web using nothing more than their brain waves.

The brain waves would be harnessed with Intel-developed sensors implanted in people's brains. Researchers expect that consumers will want the freedom they will gain by using the implant. "I think human beings are remarkable adaptive," said Andrew Chien, vice president of research and director of future technologies research at Intel Labs. "If you told people 20 years ago that they would be carrying computers all the time, they would have said, 'I don't want that. The scientists say the plan is not a scene from a sci-fi movie - Big Brother won't be planting chips in your brain against your will. I don't need that.' Now you can't get them to stop [carrying devices]. There are a lot of things that have to be done first but I think [implanting chips into human brains] is well within the scope of possibility." Intel research scientist Dean Pomerleau told Computerworld that users will soon tire of depending on a computer interface, and having to fish a device out of their pocket or bag to access it. Instead, they'll simply manipulate their various devices with their brains. "We're trying to prove you can do interesting things with brain waves," said Pomerleau. "Eventually people may be willing to be more committed ... to brain implants.

He also predicted that users will tire of having to manipulate an interface with their fingers. Imagine being able to surf the Web with the power of your thoughts." To get to that point Pomerleau and his research teammates from Intel, Carnegie Mellon University and the University of Pittsburgh, are currently working on decoding human brain activity. People tend to show the same brain patterns for similar thoughts, he added. Pomerleau said the team has used Functional Magnetic Resonance Imaging (FMRI) machines to determine that blood flow changes in specific areas of the brain based on what word or image someone is thinking of. For instance, if two people think of the image of a bear or hear the word bear or even hear a bear growl, a neuroimage would show similar brain activity. Pomerleau said researchers are close to gaining the ability to build brain sensing technology into a head set that culd be used to manipulate a computer.

Basically, there are standard patterns that show up in the brain for different words or images. The next step is development of a tiny, far less cumbersome sensor that could be implanted inside the brain. Almost two years ago, scientists in the U.S. and Japan announced that a monkey's brain was used to to control a humanoid robot. Such brain research isn't limited to Intel and its university partners. Miguel Nicolelis, a professor of neurobiology at Duke University and lead researcher on the project, said that researchers were hoping its work would help paralyzed people walk again. Charles Higgins, an associate professor at the university, predicted that in 10 to 15 years people will be using "hybrid" computers running a combination of technology and living organic tissue.

And a month before that, a scientist at the University of Arizona reported that he had successfully built a robot that is guided by the brain and eyes of a moth. Today, Intel's Pomerleau said various research facilities are developing technologies to sense activity from inside the skull. "If we can get to the point where we can accurately detect specific words, you could mentally type," he added. "You could compose characters or words by thinking about letters flashing on the screen or typing whole words rather than their individual characters." Pomerleau also noted that the more scientists figure out about the brain, it will help them design better microprocessors. He said, "If we can see how the brain does it, then we could build smarter computers."

Challenges await head of new SAP user group

The Americas' SAP Users' Group announced its new CEO on Tuesday, nearly one year after parting ways with its previous chief. Chambers assumes the role previously held by Steve Strout, who was ousted by ASUG's board in November 2008 for undisclosed reasons. Interim CEO Bridgette Chambers will take leadership of ASUG, which represents about 70,000 individuals at 2,000 member companies.

Like Strout before her, a key issue before Chambers is SAP's controversial decision to move all customers to a fuller-featured but pricier Enterprise Support service. Following months of debate, SAP and the SAP User Group Executive Network (SUGEN), an organization made up of representatives from SAP user groups around the world, agreed to develop a set of KPIs (key performance indicators) meant to prove the value of Enterprise Support. While some European user groups were especially vocal about SAP's move, ASUG officials adopted a more moderate tone in public remarks. SAP has agreed to hold off on its incremental price increase schedule for Enterprise Support "until the targeted improvements measured by the SUGEN KPI Index are met." There will be an announcement regarding the KPIs later this year, said SAP spokesman Saswato Das. However, she added, "quite frankly, SAP can drop in every value-add they can, but at the end of the day the proof is in the KPIs. This adds value or it does not.

Some customers are more accepting than others of SAP's Enterprise Support decision, given that the company had held maintenance rates steady for many years, according to Chambers. If it does not, they need to understand the customer base is not open to this. Despite these ties, ASUG has retained its independence and objectivity, Chambers said. "I believe that is the clear differentiator for ASUG," she said. "Yes, we have close relationships with SAP. Yes, there is sharing of expenses for events ... [But] I don't really think you've got another organization that possesses the level of objectivity we do." Not all ASUG members are convinced, according to one observer. "The underlying concern that many ASUG members have expressed to us in the past has been that board members' organizations may have special relationships with SAP that could be jeopardized if they were to privately or publicly confront SAP on issues," said Ray Wang, a partner with the analyst firm Altimeter Group. "It would help usher in an era of transparency if members understood what those relationships are." Chambers declined to address the issues raised by Wang, saying it is not her position to speak for ASUG's board members. "I will say that I am pleased and proud to work for a board that is so interested in all the issues that impact the SAP ecosystem," she said. "I have watched board members work tirelessly to ensure that the mission of ASUG is supported." To that end, Chambers has a number of organizational goals and challenges on her plate, including plans to refocus ASUG around "education, influence and networking," she said. If it does, both SAP and customers win. ... We will help our customers make sure they get an answer." Even as it lobbies for members' interests, ASUG has had an intimate relationship with SAP, going as far as co-locating its annual user conference with the vendor's Sapphire show. Chambers has also been conducting a series of "town hall" meetings in recent weeks to gather feedback from ASUG members. You'll be able to verify the value is approximately 'X.' Right now, the answer [to that question] is softer."

In addition, by the end of 2010, ASUG members should be able to better determine how much return they've received on their investment in a membership, Chambers said. "What I will be able to do is make it measurable.

SMBs unprepared for disasters, Symantec finds

Small and midsize businesses are confident in their disaster recovery capabilities, but their actual performance preventing outages shows they are "remarkably unprepared," according to survey results released Monday by Symantec. But that confidence is unwarranted. Four out of five SMBs are satisfied with their disaste-recovery plans, and two-thirds believe their customers would be willing to "wait patiently until our systems were back in place" in the event of an outage, Symantec found.

Three out of four SMBs report that they are based in a region susceptible to natural disasters. The report is a follow-up to Symantec's annual Disaster Recovery Research Report released last summer,  which found that the average cost of executing and implementing a recovery plan amounted to $287,600 for each downtime incident. The average respondent suffered three outages in the past 12 months, either from natural disasters, power outages, or virus and hacker attacks. "With this kind of exposure, and with the confidence SMBs display about their disaster preparedness, one would think SMBs have solid disaster-recovery plans in place," Symantec writes in the SMB Disaster Preparedness report. "However this is not universally soothe case - almost half (47 percent) report they do not yet have a plan to deal with such disruptions." Survey respondents included 1,657 companies worldwide, including both SMBs (companies with 10 to 499 employees) and their customers. This week's SMB study found that in some areas, respondents showed "an alarming lack of readiness," according to Symantec. "First, the average SMB backs up only 60 percent of its company and customer data," Symantec writes. "Second, they do so infrequently. This inattention to data backup is echoed by the fact that more than half (55 percent) of the SMBs feel they would lose 40 percent of their company data if their computing systems were wiped out in a fire." This lack of preparedness puts SMBs at risk of losing customers.

Only one in five (23 percent) back up on a daily basis and 40 percent back up monthly or less. Two out of five SMB customers surveyed by Symantec have switched vendors because they decided their vendor's technology was unreliable. Forty-two percent of outages reported by SMB customers lasted eight hours or more, and 26% of customers reported losing data because of a vendor's outage. More than a quarter of customers had suffered outages, many of which were significant. Customers said the estimated cost of outages averaged $15,000 per day.

First SMBs should determine what critical information should be secured and protected, giving priority to customer, financial and business information, and trade secrets. Symantec offered several recommendations to SMBs looking to bolster their disaster-recovery preparedness. SMBs should also automate the backup process to minimize human error, and test systems annually to ensure that data can be recovered and downtime minimized during a disaster.

Personal Finance: Manage Your Money Better Online

Let's be honest. When times are good, we probably spend too much. Most of us could do a better job handling our money. When times are bad, too many of us stick our heads in the sand.

The Web has a wealth, indeed a surfeit, of tools and information to help you manage your personal finances. Both, of course, are bad ideas. To get an idea of just how much, simply take a look at Google's personal finance directory. So I've culled the list to find Web sites and tools that you'll find helpful and I find trustworthy. It's overwhelming.

This is by no means "a best of the Web" list. Swiss Army Knives of Personal FinanceKiplinger.com is a very deep site, ranging from short, newsy pieces like "A new ban on overdraft fees" to extensively reported features like this month's "Making the most of your benefits." The site tries hard to be helpful; for example a recent piece called "My Wallet was Stolen" gives bullet points about what to do right away and ends with the phone numbers of three major credit reporting agencies. It's too difficult to make that call, and I've avoided sites that have no free information. The Web site is free, but the eighty-year-old company offers a variety of newsletters and magazines at various prices. SmartMoney also has a well-deserved reputation for excellence and is notable for its wide-ranging information.

One big benefit as outlined on the site: "Kiplinger answers the queries of its readers as a regular feature of their subscriptions, filling requests for additional information on any subject its publications cover, by phone, mail or email. Clicking on "personal finance," for example, brings up sections devoted to 13 different topics, including bank notes, debt, elder care, marriage and divorce. College and Retirement Planning With the price of tuition at even public universities moving into the five-figure range, it's never been more important to develop a plan to afford a college education. SmartMoney also offers a wealth of investment tools, including real-time quotes, analysis and stock screening, but those features are behind a pay wall. Even if the heir apparent is very close to graduating high school there are steps you can take to mitigate the financial pain.

Indeed, the site has an entire section devoted to financial planning for college filled with actionable tips, newsy items and generally helpful stuff. SmartMoney, for example, has an informative story about early decision students and financial aid. Not to be outdone, Kiplinger has very meaty college-focused special report that includes pieces on comparing student loan packages and how best to use 529 (college savings) plans. By entering your personal information, you'll get back an estimate of your (teensy) monthly benefits at various retirement ages. It may be somewhat early for you to file for Social Security, but if nothing else, this government site provides a great reality check. The site has a good deal of related information, including application forms.

Best Rates on CDs Finding a financial advisor is not easy and is a decision that has real consequences. There is a also a wealth of information for people approaching retirement on the Web site of the AARP. One feature I really liked that has use for a consumer of any age was called "The All Cash Challenge." As you'd expect it underlines something we all know, but probably don't put to use often enough: People who pay with cash spend less than those who pay with credit cards, because pulling those greenbacks out of your wallet hurts. One place to start: The National Association of Personal Financial Advisors. NAPFA insists that its members be " fee only," which means the financial advisor is compensated "solely by the client with neither the advisor nor any related party receiving compensation that is contingent on the purchase or sale of a financial product." CDs don't pay much these days, but they are a secure place to park your money until better opportunities arise. Its Web site lets you search for advisors by area and by specialty.

If that works for you, bankrate.com is a good place to shop. A similar tool on the site allows you to check fixed and adjustable mortgage rates for different durations and localities. Its simple search tool includes clickable links, so if you see a deal you like, it's to take the next step. Any number of online sites help with basic financial chores, including budgets and expense tracking. After all, you'll be entrusting credit card numbers, bank account and maybe investment account information to a company you don't know much about. But I have to say that security is a real concern.

That's not to cast aspersions on anyone; I'm just careful, and I hope you are as well. Mint.com, which has garnered some good reviews, is now owned by Intuit, so the combined site is worth a look. Certainly Quicken Online, owned by Intuit, is long established, and its Web site is now free. Here's a final tip that I figured out after wasting too much money. When I had a misunderstanding with a credit card company, my account was temporarily suspended.

My online life includes many services and publications that renew automatically. Suddenly a number of those automatic renewals bounced and I was prompted to update. My credit account was quickly restored, and as a result of that little mishap I saved hundreds of dollars. (Thanks to Kathleen Pender, the long-time personal finance columnist for the San Francisco Chronicle, for her helpful suggestions.) San Francisco journalist Bill Snyder writes frequently about business and technology. I realized that I wasn't using some of those services and cancelled. He welcomes your comments and suggestions.

Follow everything from CIO.com on Twitter @CIOonline. Reach him at bill.snyder@sbcglobal.net.

Oracle: 11g Xpress Edition 'a year or two' away

It may be "a year or two" before Oracle releases a no-cost Express Edition (XE) of its 11g database, according to Andrew Mendelsohn, the company's senior vice president of database server technologies. Oracle took the same approach with the current 10g Express Edition, according to Mendelsohn, who oversees database development at the vendor. That's because Oracle is going to wait until after the first patch set ships for 11g Release 2, which was launched in July, Mendelsohn said in a brief interview following a speech at Oracle's OpenWorld conference in San Francisco on Monday.

Developers and ISVs (independent software vendors) prize XE because it includes many core features, and allows them to prototype, deploy and distribute applications without any licensing costs. Users with greater needs would need to upgrade to a paid database version such as Standard Edition. However, XE is limited to 4GB of user data, 1GB of memory and a single CPU, and is available on only 32-bit Windows or Linux systems. Some Oracle database administrators believe there is a deliberate reason for the protracted rollout. "It's an approach that ensures that adoption is nil," said Paul Vallée, founder of the Pythian Group, a database management outsourcing company in Ontario, Canada. "I don't think they're interested in adoption. ... I think they have to have it out there just for maybe a check box, just to maybe say they have a free edition." IBM and Microsoft also offer certain versions of databases at no cost. Oracle is attempting to buy Sun Microsystems for US$7.4 billion, but the deal is on hold while European officials conduct an antitrust review.

Oracle simply isn't "gunning for market share in the free database segment," Vallée added. "If they were, the strategy would be to release this exactly the way it is and then sell support and commit to patch sets for it." That is essentially the model Sun Microsystems has used for the open-source MySQL database. Instead, Oracle wants lower-end customers to use a paid version of the database, such as Standard Edition One, said Pythian Group CTO Alexander Gorbachev. It's unclear how the arrival of MySQL will affect XE, or any other aspect of Oracle's database strategy, Vallée said. A Standard Edition One processor license costs $5,800, according to Oracle's latest price list. Oracle plans to increase investment in MySQL, CEO Larry Ellison said during a keynote Sunday.

Gmail, Yahoo Mail join Hotmail; passwords exposed

Google's Gmail and Yahoo's Mail were also targeted by a large-scale phishing attack, perhaps the same one that harvested at least 10,000 passwords from Microsoft's Windows Live Hotmail, according to a report by the BBC. Microsoft , for its part, said late yesterday that it had blocked all hijacked Hotmail accounts, and offered tools to help users who had lost control of their e-mail. The BBC also said it has seen a list of some 20,000 hijacked e-mail accounts; the list included accounts from Gmail, Yahoo Mail, AOL, Comcast and EarthLink. Gmail was the target of what Google called a large-scale phishing campaign, the company told the BBC . "We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for Web-based mail accounts including Gmail accounts," a Google spokesperson told the news network. The latter two are major U.S. Internet service providers. "As soon as we learned of the attack, we forced password resets on the affected accounts," the Google spokesperson also told the BBC. "We will continue to force password resets on additional accounts when we become aware of them." Neither Google's or Yahoo's U.S. representatives responded to e-mails from Computerworld seeking confirmation that their Gmail and Yahoo Mail services were targeted by phishers, or answers to questions about how many accounts had been compromised and what the firms are doing to help users.

Late Monday, Microsoft said it was blocking access to all the accounts whose details had been posted on the Web last week. "We are taking measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts," the company said on its Windows Live blog . Microsoft posted an online form where users who have been locked out of their accounts can verify their identity and reclaim control, and also pointed users to a support page from October 2008 that spells out steps users can take if they think their accounts have been hijacked. Neowin.net, the site that first reported the Hotmail account hijacking early Monday, today added that it had seen the same list of compromised accounts as the BBC. "Neowin can today reveal that more lists are circulating with genuine account information and that over 20,000 accounts have now been compromised," said the Windows enthusiast site . "[The] new list contains e-mail accounts for Gmail, Yahoo, Comcast, EarthLink and other third-party popular Web mail services." Microsoft has acknowledged that log-on credentials for "several thousand" Hotmail accounts had been obtained by criminals, probably through a phishing attack that had duped users into divulging their usernames and passwords. After a slump earlier this year, phishing attacks are on the upswing, according to the Anti-Phishing Working Group (APWG). Its most recent data - for the first half of 2009 ( download PDF ) - noted that the number of unique phishing-oriented Web sites had surged to nearly 50,000 in June, the largest number since April 2007 and the second-highest total since the industry association started keeping records. Yesterday, Dave Jevans, the chairman of APWG, called the Hotmail phishing attack one of the largest ever, but cautioned that the usernames and passwords may have been harvested over several months, and not by a single, defined attack.