Thursday, May 25, 2006

What role does a certificate play in encryption?

Introduction

Encryption is a mechanism to deliver data without tampering over the network. It also ensures that the data is not accessed by an unauthorized eavesdropper over the network.

What role does a certificate play in encryption?

The primary objective of a certificate is to ensure that the data reaches the person for whom it is intended. Using commonly used technology, it is very easy for someone to impersonate someone else. Certificates prevents us from such eavesdroppers.

What is a certificate?

A certificate is a verification document which guarantees that you are the person whom you claim to be. Let’s take the example of a passport. Passport can be compared to certificate. The passport is one document which guarantees that you are the person whom you claim to be. Why does everyone trusts the passport? Because it is issued by a trusted authority, like the government of any country. The same trusted authority principle applies to the ‘Certificate Authority’ in computing. So a ‘Certificate Authority’ is a trusted entity which issues digital certificates. Many of us must have seen the sign ‘Verisign’ when we do credit card transactions on the web. By displaying Verisign logo, the owner of the site is telling us that the certificate is issued by an authority which is trusted by public in general. OK, so having understood this principle, how does the government ensures that you are the person you are claiming to be before issuing you a passport. In some countries, the governments requires that you provide some form of authentication like school certificates, birth certificates etc, before they can issue a passport. Similarly when you request for a certificate, the certificate authority needs to know the authentication credential before they can issue a certificate. The authentication credentials can be in the form of a user name and password.

How do I configure certificate on my computer?

So after you have provided a validation of your credentials, in the form of login information, the certificate is configured in the browser settings and you can see a small lock icon in the right hand side bottom of the Internet Explorer. When you double click on the lock, you see some information about the certificate, such as, who has issued this certificate, for whom is the certificate meant for, a unique identifier and information on how to encrypt and decrypt files.
Once the certificate is installed in your browser, you can then securely access the financial transactions sites or the emails by using the email client.

Wednesday, May 24, 2006

Telepresence

What is Telepresence?

Telepresence is an advanced form of teleconferencing which will provide for high resolution video and audio across high bandwidth IP based networks. According to John Chambers, CEO and President of Cisco Systems, Telepresence will become common within in year.
Telepresence will be a key collaboration tool for global companies, having operations in various part of the world to help collaborate better with employees in different part of the world and customers. Consider an example of a patient who can discuss his problems with the doctor sitting 2000 miles away from his desktop using a Webcam. This would be great if there is no physical examination involved and the quality of the video is good enough.
Telepresence will require a good broadband connectivity and an application running on the desktop which can provide voice and video to the user. Developing one secure application which can deliver both of these with good quality will be a challenge for the manufacturers.
The key message for Telepresence is Quality, which according to John Chambers will be as good as face-to-face conversation.

What are the benefits of Telepresence?

With Telepresence, home consumers can access high resolution content at any time and any place. Telepresence will also benefit business consumers by providing better collaborative functions. The biggest benefit for global companies will be the savings in costs since Telepresence will be utilizing the internet as a medium. When we talk of using the internet as a medium the obvious question arises for security. Telepresence will be designed to provide a proper level of security over the data transmitted on the internet. No company would like to have its internal board meeting hacked by an outsider and published publicly.

The challenge for Telepresence

Setting up an video or audio sharing over a shared network like the internet is in itself a daunting, considering a loss of a single packet would mean missed frames in videos and dropped words in audio adding up to end-user frustration.
The second challenge would be a cultural challenge, whereby asking people to change their existing habits to use the new technology. For example, how many people would be willing to use the computer to make a local phone call?

Where can I find more information on Telepresence?

The video of John Chambers talking about Telepresence can be seen here.

Tuesday, May 23, 2006

What is Spam (UCE)?

Spam is the slang word used to describe Unsolicited Commercial Email or UCE. When someone sends out an email to a very large audience for certain commercial reasons, without seeking their approval, it is called as Spam. For example, if you receive an email suggesting to buy a particular product or service, and you have never requested that information, the email qualifies as a spam. On the other hand, if you have requested a particular newsletter from a site and get it regularly, it is not called spam. In easiest terms, an email which is not intended for you and not asked for by you is called as spam.

How would someone benefit from spamming me?

Spamming is primarily done for advertising purpose of pornography, drugs etc or for other fraudulent purposes. It is a cheap way to reach a mass population where the only required element is the mailing list of individuals. Spamming provides advertisement at the cost of the service providers and the recipients.



Why should someone care about Spam?

How would you like to explain about an email containing adult content in your corporate mailbox to your boss? This is just one example of inconvenience caused due to spam. Other more grave concerns about spams are
1) They put up a huge toll on the network infrastructure. Let’s say a company receives a total volume of 1 GB of official mails per day. If they are not adequately equipped to handle spam, they will quickly see this volume grow to a very high number. I have seen organizations receive up to 200% spam mails. This means, when a company knows that the valid volume of mail received is 1 GB, why would anyone plan the network infrastructure to handle 3 GB? This takes its toll on the end user performance and messaging teams start getting calls about the delays in sending and receiving mails from the internet.
2) Depending on the number of spam mails received by a person, it can become very time consuming to flush out all those unwanted mails and focus on the relevant mails. There is always a chance of error when an authentic mail is deleted accidently when flushing out spam. This error is also possible by the publicly available spam filtering software.
3) Most spams carry phishing messages. This means, there will be a very interesting link for example, a link of a reputed bank which is offering an unbelievable interest rate. On closer inspection of the link, the address will seem pretty authentic. For example, let’s say the bank in question in http://goodbank.com. When someone sees a link like, http://goodbank.com/creditcards/offers/cust
id/yduuiisisur8898399@www.badlink.com they don’t see any reason why this could not be an authentic link. However, on closer observation, and clicking the link actually goes to a site called as badlink.com which will have a very similar interface as http://goodbank.com. They will ask for some details, like phone numbers and home addresses, which most of us will provide trusting the reputation of goodbank.com. Well now our personal information is in the hands of badlink.com and http://goodbank.com was never even involved in this entire activity.
Note: In any URL, the part before the @ sign is ignored. Hence on closer observation of the above URL, the badlink.com site is pretty evident.
4) Many spam messages contain worms or viruses.



How to prevent being Spammed?

1) Rule number one is, never reply to a spam. No matter how offending the mail might be, replying to a spam mail, confirms to the spammer about the validity of the email address.
2) For companies, get anti-spam software, and place it at the entry point of your internal network.
3) For individuals, there is little that can be done in terms of prevention. For a comprehensive list of prevention, please refer to this link.

Is spamming illegal?

Yes, spamming is illegal although the laws concerning spamming is not very stringent. Very recently there have been some pretty interesting prosecutions for spammers. One of them is below:

Kodak Pays Fine to FTC for Mass Spamming

Monday, May 22, 2006

iSCSI

What is iSCSI?

iSCSI (Internet SCSI) is a protocol which is used to link multiple storage devices like SANs, drive arrays or tape devices over regular IP based networks or the internet. It does this by encapsulating the data and SCSI commands between multiple devices.
iSCSI is supported over almost all platforms like Microsoft, Linux, Sun, IBM etc. iSCSI works at the transport layer of the OSI model.

Is iSCSI same as SAN?

Not exactly. In case of SANs, iSCSI is better aligned with IP SAN. IP SAN is an external storage box which can mount data from multiple servers on multiple volumes. So in general, if a company is not very sure about the growth of data in the coming times, it becomes very difficult for them to right size the servers in terms of storage. An IP SAN gives them the flexibility to invest once and mix and match storage requirements on any server as per requirement, without having to resize the server or move to a bigger box.
Some people believe that an IP SAN using iSCSI cannot deliver the same performance as a fiber based SAN. This is not quite true since iSCSI uses a technology called as TCP Offload Engine (TOE) to reduce the overhead of adding TCP/IP data to the data packet.
iSCSI is a completely different technology and should not be confused with a NAS device.

What is different in iSCSI than other related technologies?

1. iSCSI, a block based storage protocol, is superior in speed (up to 10 times faster) to NFS, CIFS file-based protocols. Therefore, iSCSI can be used with any application including databases.

2. The ease of use of iSCSI and the vast support from different OS’s enable the easy transfer of complete volumes from one host to the other as needed, without investing in additional infrastructure or complicated management schemes.

3. iSCSI delivers everything you can get from Fiber Channel protocol, at 1/2 to 1/5 the price, by deploying highly managed IP SAN infrastructures without building dedicated Fibre Channel infrastructures.

4. iSCSI protocol can deliver block based storage over any kind of IP network. So it can be used for advanced storage applications such as Disaster Recovery.

How to setup iSCSI?

iSCSI needs an iSCSI initiator. Many operating systems provide them built-in with their product. There are also hardware HBAs available for this. As you would notice in this article, the setup or operation of iSCSI does not requires the use of fiber channels at any point.

Sunday, May 21, 2006

SenseWeb

What is SenseWeb?

SenseWeb is a Microsoft Research project, in which real time data, such as traffic condition, movie tickets availability etc will be provided in a searchable online format. Microsoft plans to provide this information through the Windows Live Local service.


How will SenseWeb work?

SenseWeb will collect data from Sensors. Sensors can be cameras, thermometers, theatre booking computers etc. These devices may be either placed permanently at some locations or can be devices owned by people. For example, if I am stuck in a traffic and have a web cam, I can register myself in the SenseWeb program, and my web cam’s location will be tracked and the pictures captured by my webcam will be available to other users who are looking out for the traffic condition at my location.
The sensors will push the data (images and information) to a central database for indexing and making it search-worthy.
The third component would have to be the online mapping system from where a user can pick and choose the location for which he is looking for a particular information. I believe this will be provided by the Windows Live Local service.

How will it change my life?

With this service, I do not have to rely on luck or past experience when making a travel or planning to go out for dinner or a movie. I can get a precise information right on my hands, about the current status of traffic, parking space availability and more.
Let’s say I am visiting Seattle and am not aware about the best Indian restaurant in town. With earlier available technology, all I could find out is, which are the best Indian restaurants in Seattle and their location. With SenseWeb, I could also get the estimated time to reach my selected restaurant and also the wait time.

For more information visit here:
Microsoft Research
Technology Review

Saturday, May 20, 2006

Audit Collection Service

What is Audit Collection Service (ACS)?


Ever struggled to analyze security logs after a major event from all the servers manually? If, yes, Microsoft Audit Collection Service (ACS) is the right tool for you.
ACS can be deployed as part of MOMv3, which will collect the security events from all the servers and store it in a central database. It will then make those events available to the administrator or an IT Audit professional from a single interface to aid in more efficient analysis.
Point to note is, till date, only security events will be collected by ACS.

How does ACS works?


ACS works by installing an agent on the target server from which security events are to be collected. This agent collects all the security events and sends it to the collector server (ACS), which in turn stores all the security events in a SQL database. The security events stored in a central database are much easier to retrieve an analyze as compared to visiting every server for event checking.

Is it available now?


No. It will be available with MOMv3, now named as System Center Operations Manager 2007. MOMv3 is expected to RTM in end of year 2006

Is it a free product?

Yes and No. Yes, because it will come free with System Center Operations Manager 2007. No, because it is not a built-in part of Windows like DHCP.

The challenge

The Windows Event Viewer was never designed to be a collaborative product. Hence there are some open questions in the usage of ACS:
1) What will happen to the time stamp of the events?
2) Will it be the time stamp of the original server or the collector server?
3) What will happen to time stamps if the originating server and the collector server are in different time zones?
4) Will it only support Security Event logs?

IPSec

What exactly is IPSec?

IPSec is a set of protocols to facilitate secure transfer of data.

How does IPSec works?

IPSec secures data by encrypting the contents using the public key mechanism at the IP layer. IPSec works in two modes, transport and tunnel. In transport mode, only the content of the packet is encrypted, but the header is not. In tunnel mode, both content and header are encrypted. The receiving device should be IPSec complaint and must share the same public key as the sender in order to decrypt the data. Same public key is required only if the sender and receiving devices are in different non-trusting domains where Kerberos cannot be used. In case of a same or trusting domains, public key is not required as encryption algorithm is provided by Kerberos.



IPSec scenarios

IPSec is generally used in transport mode within the internal network of the company such as from traffic between server-client, server-server and client-client. This mitigates the risk of an external visitor to the company who may use his laptop connected to the company network and use a sniffer tool to capture the packets flowing through the network. If you are using IPSec, although the visitor will successfully capture the packets, he would not be able to open it. Hence the data remains secure.
IPSec in tunnel mode is generally used in conjunction with the Layer 2 Tunneling Protocol (L2TP) to provide data encryption between two locations connected by a WAN. This scenario is valid in case of both a dedicated WAN and a shared VPN. Many would argue, on the requirement of encryption in case of a dedicated WAN. The only reason behind this protection is, although, the WAN is dedicated, the data still flows through the ISPs infrastructure cloud, where it might be compromised.
You can choose to secure communications only which involve a server and let the client-client communication happen over the unsecured network. This can be accomplished by only enabling IPSec on the servers and configuring the clients for ‘respond only’ mode. This means that the server will accept the clear text message from the client and then will create and negotiate an IPSec session with the client. The session will be alive for 1 hour and if the client wants to initiate a session after 1 hour, the entire process will be repeated.



How to configure IPSec?

In Windows 2003, IPSec can be configured using Group Policy. The computers need to be a part of the same or trusted Windows 2000 or higher domain. In this scenario, let’s say we have two client computers running Windows 2000 Professional which are in the same domain, named Client1 and Client2. We have a domain controller in the same domain named DC1. Following are the steps to configure IPSec:

1) On Client1 and Client2, enable local auditing, by selecting ‘Success’ and ‘Failure’ for ‘Audit Logon Events’ and ‘Audit Object Access’


2) On Client1, right click ‘Secure Server’ and click ‘Assign’


3) On Client2, right click ‘Client (Respond Only)’ and click ‘Assign’

4) Client2, ping client1. You will notice that the request is negotiating IP security.


5) Ping again after a couple of minutes and you will notice that the ping goes through.


6) From Client2, check out the security log to see an event proving that the communication happened over IPSec. Look for ‘Encapsulation Transport Mode’ in the body of the event.

This is all it takes to configure a simple implementation of IPSec between a client and a server in Transport Mode. In this case the encryption was handled due to the presence of Kerberos and all systems being in the same domain. In case of systems in multiple and non-trusted domains, you need a common public key and a certificate server to provide the algorithm for encryption.

On what platforms can IPSec work?

IPSec is platform independent and can run on any platform. However, in this article, the emphasis is on the usage of IPSec using Windows.

Friday, May 19, 2006

Second Life

What is Second Life?

This is the most interesting thing that I have heard of recently. This is in existence since 2003, but I came to know about it only recently.

So what is Second Life?

Second life is a virtual society on the web. More specifically, it is a huge multiplayer game and is subscription based. It was released for the public in 2003 by Linden Lab. All players of the game are residents and they can take part in the economy of the virtual world. This is made possible by the creators of this game, who have mandated that all digital property created by the residents of the virtual world remains the residents property. Below are some screenshots of the second life.



What does this means?

When you decide to enter this society, you can create your own virtual representative. Let’s say your name is John in real world and you create a virtual person named as Richard in the virtual world. Richard will live a life very similar to that of the real world and do things like we do to survive, entertain build relationships, earn money etc. Hence the name second life.

So what?

Richard can live and interact with hundreds of thousands of virtual people in this virtual world. What else, he can own a house or land in this digital world. He can trade in this world, the currencies of which are convertible to our real world currencies. So, Richard can earn and John can get the money. The valid currency in the virtual world in Linden Dollars and each resident of the virtual world receives a weekly stipend to keep him going though his daily routine. Additionally the virtual resident can also buy or sell products and services to and from other residents of the virtual world. As mentioned earlier Linden Dollars is convertible to US Dollars. The conversion rate between Linden Dollars and USD is in the ratio of 200:1. However, this rate fluctuates a lot like real currencies.
One interesting incident happened recently in which a second life resident had sued the makers of the game over a cyber land dispute. This suit was filed in the real world though. Look here for more details.

So what can you do in the second life?

You can customize the appearance of your virtual 3D representative (Richard). You can use lots of tools provided by the manufacturers of the game. You can create structures like buildings and other products which you can sell to other second life residents. You can attend events and visit brothels (only if you are of 18 years and above). For residents younger than 18 years there is a Second Life for teens.

So how much does it costs?

Basic membership is free. Subscription is USD 6 to USD 9.95 per month depending on the type of membership you choose. The difference is, a basic member does not get land by default and receives less stipend than the paid member. Basic membership is a good place to start though.

So how to access Second Life?

You can access second life by clicking here. Second life is built completely on open source technology, but can be accessed by Windows and Mac. In fact, support for a Linux client is only recently introduced for second life.

Tuesday, May 16, 2006

Gigabeat

What is Gigabeat?

Gigabeat is the portable media player from Toshiba. In my opinion, it is not much different from an iPod with the only exception being that the audio component can be integrated with XBOX. The other cool feature is the 2.4 inch display.



What can Gigabeat do?

Gigabeat can play music and videos. It can download music and full length movies. The music and video can be listened and watched while on the move or synchronized with the Media Center computer. I like the storage capacity of 40 GB which can easily accommodate around 700 mp3 files. Also the battery life is attractive at 12 hours for audio and 2.5 hours for video. The size of the device is so compact that it can be used as a portable had disk with 40 GB capacity.



How is it different from other devices available in the market?

This device is running a portable version of Windows Media Player unlike iPod and hence can play files which are supported and recognized by the Windows Media Player.

Saturday, May 13, 2006

Information on Windows Compute Cluster Server 2003 (CCS)

What is Compute Cluster Server?

Ever wanted to use the computing power of multiple servers to process the data in your database faster? If yes, Compute Cluster Server has the answer for you.
Unlike regular clusters, which share a common storage and provide availability in case of a node failure, CCS is designed to simultaneously use the computing power of multiple nodes (COMPUTE part of CCS). With this feature, high demanding applications like in financial and research domains, can use the computing power of multiple nodes and release the output faster.



This is a new product from Microsoft Windows server 2003 suite for high performance computing solutions. It works on a 64-bit platform and is currently available in beta and is expected to be available sometime soon (first half of 2006 as per Microsoft. It uses a core technology called as MS-MPI (Microsoft Message Passing Interface).

It can be deployed like any other Windows server deployment with the flexibility of adding more nodes to the existing cluster. The other cool feature is the built-in manageability which provides the administrator to build scripts and run scheduled jobs in a much easier way. The CCS server blends seamlessly with the existing Windows infrastructure and does not need any specialized skillset to manage it. The existing IT team can manage CCS with some amount of training and hands-on.

How is the cluster architected?

The cluster consists of a Head Node and a minimum of two attached compute nodes. The head node is the first node of the cluster from where the cluster administrator can add and manage the compute nodes. The head node manages the jobs and services to be run on the compute nodes like an interface between the users submitting processing requests and the compute nodes doing the processing. The head node can be configured to participate or not participate in the computing process.
The compute nodes can be of dissimilar hardware however, they will all need to be on 64-bit hardware and run the 64-bit editions of Windows 2003 or Windows 2003 R2 operating systems. There is no upper limit on the number of compute servers that can be added to the cluster. The head node will need the .Net Framework 2.0 for CCS to work. The cluster can also be managed remotely from a workstation which is running Windows XP. There is no fault tolerance built in for the head node, hence this is the machine that should have the most reliable hardware.
The following diagram from Microsoft.com helps understand the CCS architecture:



In addition to the public and the heartbeat networks for a regular data storage cluster, the CCS also supports an MPI network. This is a fast network connection which can transfer data between nodes for processing. The best advantage can be utilized by placing the MPI network on a Gigabit switch. In case you do not have a dedicated MPI network, the processing traffic between the nodes can also happen over the heartbeat or the public network. So, in CCS, you can have 3 different networks: Public, heartbeat and MPI.
The installation of the Head nodes and the compute nodes are pretty straight forward and screenshots and step-by-step guide is available here or here.
The sad part is, the applications will have to be re-written in the new CCS environment and Microsoft will provide a Software Development Kit (SDK) for it.
CCS comes integrated with Remote Installation Services (RIS) for automated deployment of compute nodes and Internet Connection Sharing (ICS) for enabling access over NAT.

In what situations is it useful for me?

One situation I can think of is, if your cluster is running out of computing power and you do not have the right estimate for the amount of load that would be generated on the cluster in the near future, you might want to consider CCS. This situation might arise due to exponentially growing business, or an un estimated increase in the user base. This could arise after you open up a service or a new application for your customers over the internet adding more CPU cycles. Of course, this will need the application to be re-written for CCS.

Thursday, May 11, 2006

Data Protection Manager (DPM)

What is DPM?

DPM is Microsoft’s solution to data recovery and archiving. It plans to achieve this with two offerings:

1) System Center Data Protection Manager 2006
2) Windows Server 2003 R2 Distributed File System (DFS)

The idea in nutshell is, DFS will replicate files from the branch offices to the centralized data center and DPM will backup the data on the disk. The backups would be faster on disk rather than tape. The cool feature of DPM is, it empowers the users to restore their own data without depending on the IT personnel, thereby saving enormous costs on IT support calls.
DPM will backup changed files to the disk, which should then be backed up on tape for offline storage. So we get the benefit of easier data restores by end users, but it is at the cost of additional storage on the server. Some people feel that companies always have additional storage capacity on their servers which they can easily leverage for disk based backups. Besides storage is getting cheaper by the day.

What are the requirements for DPM?

DPM can backup data centrally for Windows 2003 R2, Windows 2003 and Windows 2000 with Service Pack 4. It looks like DPM uses the underlying technology of Volume Shadow Copy (VSC). Remember, the user empowerment to restore files was first introduced in VSC.
DPM requires a minimum of two disks on the server for system files and backup files each. The backup files disk cannot be used for storing any other data. I have tested running DPM on a 2 GHz processor and 1 GB RAM machine and it runs fine.
The DPM server cannot be a Domain Controller and cannot have any other application like Exchange or SQL installed on it. However, it has to be a member of a domain.
DFS is a built-in feature of the Windows Server 2003 R2 operating system and has a new component called as Remote Differential Compression (RDC). As the name suggests the job of this function is to compress the files which have changed and synchronize them over a WAN. DFS is required only if you want to synchronize data from multiple locations over the WAN. If you have a single file server on which you want to run DPM, DFS is not required.

How does DPM works?

DPM will install an agent on the server from where the data will need to be backed up centrally. This agent can be installed only on the operating systems mentioned in the requirements section. Thus it leaves out older and non-Microsoft operating systems.
Interestingly, DPM makes copies of the changes made to a file at the byte level and does not create a whole new copy. For example, a change made to a single cell of a 2 MB Excel file, will not lead DPM to create another 2 MB file. It will just change add another file equivalent to size of the data inputted in the Excel file. This leads to DPM capable of providing multiple versions of the files for restore without taking the equivalent amount of storage space in multiple to the number of versions stored of a file.
DPM can take a maximum of 8 snapshots of a file server per day. Interestingly, if you have multiple DPM servers, in order to manage them you have to access the console from those servers and cannot manage multiple servers from the same window.
Understandably, DPM cannot backup encrypted files and folders.

Why should I care for DPM?

If you are a part of the company which has multiple branch offices with local data, chances are you will want to know more about DPM. As we all know, data in branch offices with lack of equipments and trained personnel, backups are never reliable.
Exchange and SQL backups are currently not supported by DRM, but will be in the future according to Microsoft.

How is DPM different from competing products?

There are other disk backup products in the market like TimeSpring and Veritas. Apparently Veritas can perform similar backups across operating systems from different manufacturers and is not restricted to Windows.

Is it worth it?

I will let you answer this question in the comments. However, in my testing and opinion, the product is definitely worth it for two reasons that I found best:

1) The product allows you to take a continuous backup as the contents of the files changes. It can also backup open files.
2) The other feature I liked was the ease with which the data can be restored by the end-user or the IT Administrator if the end-user is not comfortable performing the restore.

Sunday, May 07, 2006

Croquet

What is Croquet?
Croquet is an open source Operating System supporting 3D. The product is open licensed. This is a peer-to-peer product and does not require a server.
It relies on a platform called as TeaTime which facilitates peer-to-peer communication and resource synchronization between multiple computers.
It has a virtual machine system by the name Squeak which helps the operating system talk to the processor.

Who is making Croquet?
Croquet is made by a group of developers funded by Alan Kay. Not sure if they have support from a front line company.

How will Croquet change my life?
Gaming will no longer be the same with the kind of 3D graphics provided by Croquet. Just have a look at the images below to visualize the potential.
Also if applications like spreadsheet and presentation decks can be made 3D; what will be the impact on us? There are some people who feel that the better chart visualization in 3D would make analyzing the content better, whereas some prefer Office 2007 with its 2D but improved graphics. Please post comments about your opinion.
The developers of Croquet claim that the new operating system can run on very low bandwidths for their network related activities, like peer-to-peer communications.

Why do we need Croquet?
In case you are a small business and users need to collaborate and share information and resources, this could be a handy peer-to-peer and GUI based platform, which does not require a server and complicated architecture for functioning. Not sure how much this will impact the market acceptance of Vista, Microsoft’s upcoming desktop operating system.

Below are some of the screenshots of Croquet in action taken from various web sites





Podcasting

What is Podcasting?
In the simplest terms, Podcasting is the mechanism of providing online audio or video files to iPods or any MP3 players. Podcasts can be used to watch missed TV programs while traveling in a car. You can watch your favorite game recoded and published as a podcast while waiting for your flight. Basically you can better use your free time to catch up on leisure activities while being on the move.

How is Podcasting different from a radio or a webcast?
In case of a radio, although you can choose different channels, there is no choice to be made in programs. On podcast, you can selectively choose to listen to any one program which is channel independent. It is similar to a webcast with the only difference that podcasts can be listened to and viewed from anywhere without sitting in front of the computer.

Why is it called Podcasting when I do not necessarily need an iPod?
Well, although the technology used in the background (RSS and ATOM) were in use from much before Apple made iPods, the whole culture of podcasting started after people began using iPods. Hence it kind of naturally took over the name by popular demand.

What has RSS / ATOM got to do with podcasting?
The podcasts are downloaded or synchronized in an iPod or mp3 player using the RSS or ATOM feeds. RSS version 2.0 is required for podcasting. The podcast provider will store the multimedia file to a specific location and feed the URL in the RSS / ATOM format. The list of files will be made available to the user using RSS aggregator software. The job of this software is to receive the list of files provided by the podcast provider with some more information like episode number, date, name and maybe some description to the users device.

How can I access a podcast?
You can access podcast either from an iPod (most popular) or any mp3 player. Podcasts can also be accessed from computers and in the future from mobile phones.
You need to subscribe to the podcast provider (typically a web site). Based on your subscription the podcast provider will ‘push’ the list of files / programs available in your channel to your device. You can selectively pick and choose which program you want to listen to or watch. Although you can access a podcast from a computer, an iPod, any other online mp3 player, or maybe your mobile phone, in my personal opinion the best advantage of podcast is the power of mobility. It gives you an option to use your time in a better way than looking out of the window while traveling. Please provide your comment on this thought.

How can I podcast?
If you want to publish an audio or video file for people to view, you need to follow a few simple steps:
1) You will need to create an audio or video file. You can do this by using a camcorder or a microphone system.
2) Send this file to a web site which accepts podcasts from individuals (some examples provided below)
3) You can now start telling your target audience about your podcast and where to find it from.

What are the sites that will accept my podcasts?
You can submit your podcasts to many sites, prominent among them being
iTunes, Podcasts Yahoo, Podcast Shuffle, etc

Can I provide the visitors of my website with podcasts?
Yes, you can provide your web site visitors with podcasts. For achieving this, you need to have a site supporting RSS 2.0 and a script which can be found here.

Anything new I need to know about podcasting?
Waxxi, a web startup company is organizing an event to help develop more interaction in the podcasting community. Refer here for more information about the event.

Saturday, May 06, 2006

WinFX

What is WinFX?
WinFX is a set of APIs to be released by Microsoft with its upcoming release of Vista and Longhorn. This API runs on top of the .NET Framework and will work alongside Win32 based API. It will work as the subsystem of the Operating System which will communicate with the low level services. The Win32 based API was used till Windows 2003 and Windows XP and will continue to be supported in Longhorn and Vista.
WinFX will include a new File System called WinFS and new GUI code named Avalon. Avalon is now called Windows Presentation Foundation.

Who should read this article?
IT Infrastructure Professionals – This article is primarily meant to provide insight about WinFX to the non-developer community.
Developers – Please comment on the accuracy of the article and if you wish you can provide some value add.

Why should I care about WinFX?
Very likely, the applications which are developed using WinFX will be incompatible with the older API of Win32. Effectively this means that companies may be forced to upgrade their existing infrastructure to the latest versions in order to reap full benefit of the new platform.
This will be a whole new platform with greatly enhanced graphics and application experience.

When will I see WinFX in action?
WinFX will work primarily with Vista and Longhorn. However, WinFX can also work with Windows XP and 2003 with the .Net Framework 2.0

How can I benefit from WinFX?
Not sure about the direct benefit derived from WinFX, but using Avalon (WPF) you can expect some real cool and clear graphics with better text display. I hear that WPF will also be supported on UMPC. Here is more information on UMPC.
I hear that WinFS takes on the relational part of the SQL database and embeds it with the File System, making it easier for client side applications to access data.

Anything else I need to know about WinFX?
WinFX is a great development; however the action lies solely with the Dev guys. The infrastructure guys will sit alongside the fence and wait for the applications to come out so that they can use it
There is a great video available about Windows Presentation Framework (Avalon) here

Origami / UMPC

What is Origami?

Origami is the code name for the project to make Ultra-Mobile PC (UMPC). UPMC is designed to be the next best product coming out for mobile computing. Interestingly, Origami is a Japanese word for paper folding. This art involves folding the paper in a skilled way and giving it a meaningful shape. Wonder how this technology got the name from an art of Japanese history. Does it mean that the device will be able to perform any feature with human interaction, just as how a paper can be given any shape by skillful human actions?

Does any company own this project?

This project is owned by Microsoft, which will create the operating system for the platform. Others also involved in this project are the OEM partners of Microsoft who will create the hardware. Notable among them is Samsung.

What is an Ultra Mobile PC?

Ultra-Mobile PC is a very compact device including a maximum of 7 inches screen size diagonally. It can support display settings of 800x480, 800x600, and 1024x600. This is not a limitation but will depend from Manufacturer to Manufacturer. This device will have features like touch screens and blue tooth for inputs and connectivity respectively. It will run the Microsoft XP Tablet PC Edition and support most applications running on Windows XP. The battery life of the device is expected to be 2.5 hours (may differ between manufacturers).

How is this going to change my life?

Life will no longer be the same after Origami / UMPC. It will give a whole new meaning to mobile computing. Although PCs embedded in mobile phones help to a certain extent, but application access on such phones is still challenging. In my opinion, UPMC will enable an average laptop user to do more than 95% of his work on the new device. And the size of the new device is just too convenient to carry along in small packages. Special benefit for ladies who can carry it in their handbags. Men may need bigger pockets if they need to keep their hands free J. It can possibly be used as a portable media player. I love the thought of being able to access my data at all times from wherever I am. A UMPC with a high speed wireless network encompassing towns and cities, like Google did it for San Francisco, will be a dream come true. Will this device make us lazier?

How can I get it?

The hardware manufacturers will start shipping the first UPMCs by second quarter of 2006. I understand that the OS has also have been tested and ready to use. The price of a UPMC is expected to be in the range of $800 to $1200.
In fact as I write this article Samsung has already announced its first UPMC by the name Q1, which will be available at Best Buy. They are in the pre-order mode and will start shipping in June. The configuration of this device would be a Celeron M ULV processor, 512 MB RAM, 40 GB Hard Disk, USB and Bluetooth. This device will be priced at around $1100. There are some who believe that the processing power provided in this device of 900 MHz is not good enough and Samsung could have opted for a faster processor.



Another UMPC maker TabletKiosk is also expected to ship their product called eo v7110 by June. It would be interesting to review more models as they release to check out the new features being offered by them.

Free Website Counter
Free Web Counter Technology Blogs by Indian Bloggers Technology Blog Top Sites