One of the small perks of my job is regularly being asked to eat lunch (and occasionally dinner) in nice restaurants; although the chore of scribbling down notes rapidly between mouthfuls doesn’t do wonders for the digestion. And it makes certain foodstuffs definite no-no’s; think long pasta, anything which needs to be manhandled such as a crab or a bowl of mussels, and anything involving chopsticks. Not that this rule can’t be bent from time to time by the lure of some Michelin-starred dim sum, though.

The other day I enjoyed lunch in Mayfair with unified threat management specialist SonicWall. Although we spent a fair amount of our time star-gazing (Anna Friel and her bloke, since you ask) and discussing a certain episode of Brookside, there was also an opportunity to talk shop for a bit. The firm’s European MD Keith Bird told me interestingly that he didn’t believe in forcing ISPs to control the amount of spam that hits our inboxes, although many experts have done so. Instead he said service providers could easily do something similar to SonicWall, which invites feedback from customers on inappropriate or potentially dangerous web sites. This information then helps them to build up a fairly extensive list of bad URLs which is used in the firm’s Content Security Manager solutions. ISPs, Bird said, could easily provide a similar service to their customers.

I reckon it’s only a matter of time before online service providers start to do more of this kind of thing; they are already rolling out packages with built-in security (Talk Talk and Barclays, to name but two). Adding in extras which make their service more attractive to customers is a bit of a no-brainer, and with competition for users getting fiercer, security is an obvious area where there is room for clear blue water between ISPs to appear. Definitely food for thought there.

October 31, 2006 | Permalink | Comments (0)

Just how much information do you reckon you have "out there"? Probably more than you think, according to Tom Ilube, erstwhile CIO of pioneering internet bank Egg who is now starting up a new company with a simple aim. Garlik, which launches this week, hopes to educate, inform and help users protect themselves online, by enabling them to find out more about the personal information that organisations have collated and stored, and are sharing about them at this very minute.

From an online retailer or service provider's perspective, anything which makes the customer feel more at ease with interacting online is probably a positive thing, although many might have to change their attitude when it comes to handing out information on request. Despite the Freedom of Information Act firms are woefully inefficient at responding to FOI requests, but if Garlik is right, and consumers begin to assert their rights, this will have to change. In the end those who see this as an opportunity to build closer relationships with their customers will no doubt be rewarded with loyalty, and those who don't, may find themselves losing friends very quickly.

Taking a look at one search with Garlik founder Ilube, we saw how marketing organisations assign us all massively inaccurate profiles, which they then sell no doubt for a tidy sum. Ilube was categorised as an "Accomplished Single" – basically a Yuppie. No mind he's actually married with children. Whether I want to sign up to the Garlik service and find out what I've been classifed as is another matter; a "Young Optimist" perhaps? Let's hope it's not a "Thrifty Grey", another category which I can only assume means a stingy pensioner.

October 30, 2006 | Permalink | Comments (0)

IBM's decision to sue Amazon.com for "willfully" violating some of its patents has got the whole e-commerce world talking, or it soon will. Despite apparently being in conversation for the past four years to iron out their differences, which presumably involved IBM trying to extract some kind of recompense from the e-commerce giant, the two have failed to find agreement. So Big Blue has decided, rather cynically some would say, to make its move in the courts at a time guaranteed to cause maximum disruption. After all, it's not quite the eleventh hour before the busy Christmas retail period, but let's say five to 11 – I've already seen the electric cables dangling above Oxford Street, portending the arrival of garish neon Santas.

The fact that IBM's patents pertain to things as fundamental to the industry as online advertising and ordering items using an electric catalogue, will surely mean the repercussions will be felt by countless other online retailers. It would be fair to assume IBM is hoping to leverage its stand-off with the grand daddy of e-commerce to scare some smaller online retailers into coughing-up some readies.

So there will no doubt be many firms watching how this one develops with a mixture of fear and dread, but to give Big Blue its due, you've got to admire the kind of foresight that leads a firm to patent technology – apparently dating from the late 80s in some cases – years before e-commerce was even a twinkle in its daddy's eye.

October 26, 2006 | Permalink | Comments (0)

News might have reached you that web search behemoth Google is setting up its own political action committee (PAC) - a strangely Orwellian sounding name for what is basically a kind of political pressure group. The fact that Google is growing itself a pair of political cahunas should come as no surprise really; the search giant has been dipping its toe in these waters for some time now, courting both the Tories and Team Blair in almost equal measure. For the record, its netPAC organisation will in due course (reportedly) be backing political candidates who share the same objectives as Google, such as net neutrality. In this regard, Google's political affiliations will lie with no one party, on either side of the Pond, but with any individual who, basically, agrees with it.

There will be many souls, however, who get ever so slightly nervous when a multi-billion dollar conglomerate decides to flex its rather large muscles in the corridors of power. It's not a given but, for the most part, what Google wants, Google gets.

October 24, 2006 | Permalink | Comments (0)

As I have reported previously on these pages, the internet can be a wonderful place for like-minded weirdos to meet, get to grips with the pressing issues of the time, network, solve problems and discuss whether Dr Who is in fact better than Star Trek. And even gain advice on their love life, should they happen to have one. But it can also be a place of danger, where like-minded nasty types can get together and share malicious code, buy and sell keylogging software and learn how to build bombs.

One of the arguments commonly made in defence of those dimwits who get fired from their jobs after slagging of their employer or doing something similarly controversial in their blogs, is that they underestimated the power of the world wide interweb. Hit the "post now" button and you are effectively broadcasting your opinion to the world, and don't think it will be lost in the ether. There are always people out there with far too much time on their hands and the power of search engines at their disposal to locate your words of wisdom: a publish and be damned attitude is likely to get you into a lot of trouble.

Unfortunately for John Jones, the dark side of the internet was revealed in all its seedy glory the other day when he was allegedly attacked by a bloke he met in a chat room. The two discussed Islam for a bit, exchanged insults and that was that, or so he thought. Oh no, one Peter Gibbons took offence, did his research (wonderful research tool the internet) and reportedly drove 70 miles to Jones's house to do him over with a pickaxe handle, as you do. Would have thought he'd have had time to cool down a bit during the several hours it took to get there, or indeed the several days it may have taken to locate Jones' address.

If you're wondering about the above picture by the way, that's what came up when I entered "internet chat room" into Google Images. Think they need to tweak their algorithms a bit.

October 19, 2006 | Permalink | Comments (2)

National Identity Fraud Prevention Week is well underway now with a mission to drill into consumers and businesses why it is important not to throw away seemingly innocuous documents containing vital personal details. Of course the link between paper-based and online crime is a very real one; crims happily using banking or other details gleaned from real documents in order to set up phony accounts etc etc. But this campaign also raises broader issues about id fraud and the education work being done to try and prevent it.

Those questions of course include why does the public still not GET IT? And the answer, according to some including Detica's head of security and risk, David Porter, is that these campaigns don't really get to the hub of the problem. Mass media campaigns are happy to report when the latest celeb has fallen victim to massive online fraud, but a serious exploration of the issues and what you should be doing to prevent it are usually confined to "shred everything, don't write your passwords down and be vigilant". Which is fine, if you know what to be vigilant about. As Porter told me, if people knew what identity really means in the online world – that the details they enter on MySpace are fair game for example – then we might go some way to surmounting the problem, and addressing that tricky conundrum; how to educate consumers without scaring them off shopping and using services online.

One of the most common methods of online fraud is the phishing attack, as I'm sure you're all aware. Although some of these are now getting more sophisticated, targeting specific customers with information gleaned from other sources and keyloggers to make the fake messages appear genuine, most still leave a lot to be desired, with poor English and easily spottable mistakes. Without being too condescending, it seems amazing that the good ol' British public is still so gullible, but as Porter told me, up to 24 percent of UK adults are functionally illiterate, depending on which figures you look at, and so easy prey for the phishing industry. That epxlains tinhgs.

October 17, 2006 | Permalink | Comments (0)

As a footnote to my Roman holiday, sorry, press trip, it was interesting to hear the Italian government's various initiatives to educate its civil service in matters of IT security. Yes, we've got Get Safe Online over here in the UK, but I'm not aware of any similar schemes for UK civil servants. At ISSE we heard of a new internet portal which provides the 200,000-odd Italian public sector workers with educational resources; the meetings running throughout spring this year to raise awareness specifically among managers; and the 200 hours of education for technical staff in the public sector. Bravo.

October 13, 2006 | Permalink | Comments (0)

Have been away in sunny Rome for the last couple of days, covering the annual Information Security Solutions Europe (ISSE) event for IT security professionals. A definite improvement on Budapest last year, for several reasons, which I probably can’t go into here, but let’s just say I was very sorry to leave the Eternal City (even if, as usual, we were staying and working in actual fact somewhere closer to the Roma north circular).

After gorging on semi-freddo and red wine, there was just about time to listen to some IT experts do their thang.

Security guru Bruce Schneier was on form, telling us all what we kind of knew already but in a typically refreshing no-nonsense way; economics are the root cause of most every problem or gripe IT security chiefs are likely to have with their suppliers. Actually Bruce short-changed us a bit – the 10 security trends outlined in the ISSE programme actually became four economic principles when he came down to it, but we didn’t hold it against him. You can’t hate a man with such an endearing beard and ponytail combo for long.

Despite Eema’s worries (they’re the publicity-shy e-business industry association that runs ISSE by the way) the event was pretty successful I reckon, even if I did have to leave before drinking my own weight in Frascati at the gala dinner event on Wednesday night, instead spending it in the departure lounge of Ciampino airport – very rock and roll.

Various other experts told us how important it is to regulate the vendors, although EC uber-commissioner Viviane Reding was more laissez-faire, saying simply that "the EC invites private industry to be proactive" in creating better products etc. To an extent those calling for legislation are right – the economic incentive for security vendors to build better products clearly is not there, and it will probably always remain this way unless state intervention forces their hand, or IT buyers become more discerning and demanding. But I’m sure there’ll be many infosec bosses and vendors alike who will wince at the prospect of more heavy-handed legislation. Lightness of touch is not something governments are known for, least of all in such a fast-changing industry – how can a minimum standard for security products be drawn up in this environment? Any law risks being out of date before it even hits the statute books.

Also good value was Michael Howard (no, not that one) of Microsoft, who put his hands up and admitted his firm’s past mistakes with security – well not all of them, we only had three days. And then there was Enisa; star of the show last time around when it was a newly-formed organisation brimming with ideas and plans. Seemed a bit sidelined this time around as there were no major announcements, just a heads-up as to its continuing work on the EU-wide internet portal as part of the plan for an EU information sharing and alert system.

October 12, 2006 | Permalink | Comments (0)

Apologies for the dull-sounding headlines to my blog entries of late. Apparently it's what you've got to do if you want to drive traffic to your blog/web site, although I don't think it's going to make too much difference in my case. This week the big story so far has been everyone's favourite supermarket Tesco moving into another sector it hopes to dominate, although it might find a little bit more competition in this one from the resident incumbents; Microsoft, Symantec et al.

It's difficult to see where the retail giant is going to get all its customers from here, I mean there might be some technology-averse consumers who think it would be a good idea to buy their computer software here because they've been eating Tesco canned tuna for years and it's never given them food poisoning. But anyone wanting a bargain would surely choose the free open source out there, of which there is plenty. It's a bit worrying to see software so cheap that isn't open source; there may be question marks over the support package (online only apparently) and the quality…have you tasted Tesco Value bread recently?

That said it would be foolish to write them off, and I approve of what they're doing with internet delivery. After my tirade at Parcelforce, it seems Tesco Direct, its new non-food catalogue-based online service (or Argos-killer), features two-hour slots for home deliveries, short lead times for some orders and the option to pick-up deliveries from some stores, which are, after all, more plentiful than Post Offices these days.

October 3, 2006 | Permalink | Comments (1)

Right, the gloves are off. It’s time to name and shame the poor excuse for a delivery firm that has made my simple online purchase of a TV turn into an ordeal of disappointment and frustration. It’s Parcelforce, or Parcelfarce as I believe they’re known in the business. No wonder this firm has no feedback or user-rating system on its site, there would have to be a special minus point satisfaction scale invented to allow for a truly representative view. On arriving at the Post Office  bright and breezy Saturday morning, standing in a queue that stretched out of the door with Southwark’s finest array of misfits and obese single parents, I came to the counter, dutifully handed in my card and ID, and waited for the appearance of my beloved TV. And waited, and waited. And then was told to call Parcelforce again, “cos there ain’t been nuffink that big come in this week, sorry”. Yes, and so am I. Turns out the package was too big to be delivered to a post office, although I had to personally find that out by continuously calling the "help"line - love those channels of communication.

In Japan, where I had the pleasure of living for three surreal, life-changing years, they have customer-service thing off pat. Yes, part of it is cultural, firms would go out of business if they didn’t bend over backwards to meet their customers’ needs, but should it be? Isn’t it just good business practice not to p*** off the customer? In the land of the rising sun you can specify a time of day, not 9 to 6, but a TWO HOUR window, and if you miss them, the number on the calling card will be the van driver’s number, so he can come back if he’s just missed you. Plus the latest delivery of the day is from 8-10pm, giving the salaryman enough time to get home from his 9-5 in the office, and they do Sundays too. Practical, efficient, and no extra cost. I think it’s time our online retailers started to look around them; because it certainly isn’t working at the moment.

October 2, 2006 | Permalink | Comments (1)