Alright, enough about Korea; much as I love Samsung, for the sake of journalistic integrity let's discuss something else. Web 2.0 has cropped up again in my work this week, in two very different guises. First a postscript to my earlier post about security issues arising in sites that rely on user-generated content. Finjan also added their weight to the debate in their latest quarterly threat report, and McAfee have highlighted the popularity of video sharing as on the web as a potential goldmine for hackers to exploit, whether embedding their evil code in Mpeg files or using web browser exploits which will hit a poor unsuspecting user as soon as they visit the page.

Piczo, a social networking site for teens, seem happy they are doing enough to mitigate the risk of these threats, with automated systems and a dedicated team monitoring activity on the site. But MySpace and Wikipedia have both been victims in recent weeks and the consensus seems to be either don't let your employees use these sites at work, or make sure you have some form of real time, behaviour-based content security in place.

The next Web 2.0 threat I've been working on is a survey by E-consultancy and cScape that highlights just how much traction it's now gaining among firms eager to exploit the potential business benefits in blogs, podcasts, video casts, user-generated content and all that stuff. But it also tellingly points out that there are still many barriers to its wide-scale adoption, such as lack of boardroom buy-in, lack of skills to make it happen, and lack of financial resources.

Lots of "lacks" then, but actually most of these barriers can be overcome if only the order comes from the top to go ahead with a blog or a podcast. We've certainly embraced this new media here at IT Week; well, you're reading part of it now, and then there are our weekly podcasts – a healthy bite-sized chunk of information technology for your listening pleasure – and of course our redesigned web site now allows visitors to leave their comments on stories. Keep it clean though please people, we're trying our best.

November 30, 2006 | Permalink | Comments (0)

My favourite part of my trip to Korea last week has got to be the tour of the printing labs at Samsung Electronics’ HQ in Suwon, hosted by the amiable Brian and Eunbin. Forget the grand strategy announcements and sexy home entertainment systems, the demonstration of the durability of its cardboard boxes was the gem. For five minutes we stood transfixed as a single box was loaded onto an impossibly large metal machine and then dropped, and dropped again, and yet again. But you can never see a cardboard box being dropped from a great height too many times in my book.

And I bet you’ve never been in a pulverised toner pilot lab. How about a chemical toner synthesis lab? No? Jealous yet? Alright, it may not float your particular boat, but I could go on for hours about the fascinating, labour-intensive processes that go into making this kit. Actually I couldn't - it's during these tours that the nine hour time difference really starts to kick in.

Suffice as to say we witnessed the men and women in white coats, yes literally, doing important looking things with test tubes and pipettes. Actually I reckoned some of them were students – you can tell by the ill-fitting clothes (beneath the white coats), bad haircuts and vacant expressions, god bless ‘em. Either way, the next time I run off a few hundred copies from the IT Week printer, I’ll certainly not be taking for granted the man hours and meticulous testing that goes into the production of these unremarkable looking lumps of plastic and metal.

November 28, 2006 | Permalink | Comments (0)

The electronics giant Samsung has a lot of catching up to do with the more established players in the enterprise IT market, in terms of its notebooks and printers, for example, but this trip has shown me it certainly means business here; there is a ruthless streak running through the company that maintains “if we can’t dominate an area, we won’t get into it”. This desire to be the best also makes great demands on staff, some of which, I was told, regularly put in 12-plus hour days and six-day weeks for the cause. We heard lots of grand statements and fighting talk then, but little in the way of answers and concrete product roadmaps, which is a bit of a nightmare for a news reporter.

You can always tell us apart from the other journalists on a trip like this; the freelancers will be relaxed but attentive; the feature writers laid back to the point of being horizontal; and we will be rushing around in a state of near-panic, checking and rechecking facts, sourcing pictures and generally getting very stressed and frustrated. There’s always one tiny detail on which hangs the entire story that can’t be verified until the last minute, but on the positive side, when all is done and filed, we’ll be the ones in the bar on the last night drinking soju (Korean vodka) until the sun comes up. Cheers.

November 24, 2006 | Permalink | Comments (0)

When one is asked to visit an exotic foreign land as the guest of a multinational technology company, it would be rude to refuse, I always think, and so this week sees me in South Korea with, no, not LG; with Samsung Electronics. It’s always interesting to see just how deeply connected to their roots these global giants still are, and the ties between corporate behemoth and State are nowhere more closely visible than here. Samsung apparently contributes around 15 percent of the total Korean stock market value – a not insignificant sum – and has its fingers in all sorts of unusual pies.

One sector you might not have associated with the company is real estate; you can’t go more than a few hundred yards in Seoul without spotting the familiar blue and white logo emblazoned on the side of a drab-looking apartment block. Apparently the firm also had a dalliance with the automobile industry a while back, but offloaded it to Renault in the end; well, you can’t spread yourself too thinly these days I suppose. And last but not least; I am writing this entry from my executive room in the plush hotel Shilla; the hotel-that-Samsung-built. Certainly can’t accuse them of being a one-trick pony.

November 23, 2006 | Permalink | Comments (0)

Oh it’s a depressing job being a tech journalist sometimes; all doom, doom, doom…and gloom. But then again what do you expect from spending all day talking to security vendors? That said, who am I to disagree with companies of the size and bottomless resources as Symantec, McAfee et al? Their men-in-white-coats in labs and bunkers around the world surely know more about the threat landscape than any fresh-faced IT reporter could. Yes, there is obviously an element of the hyping-up of a problem in order to make the solution more attractive, but sometimes not much work is needed in the spin department.

Tom Newton of SmoothWall told me of a potential problem in many of the newer “Web 2.0 sites” like YouTube and Wikipedia, that have sprung up in recent years and basically rely heavily on user-generated content. Unfortunately, this reason for much of their success could also be their downfall – an irony I’m sure the multi-talented Canadian crooner Alanis Morissette would appreciate – in that malicious code writers are able to upload onto these sites html capable of generating known exploits for Internet Explorer, say, or so-called drive-by installations. Then they wait, and wait, and wait some more until an unsuspecting member of the public navigates to that particular page or clicks on that particular hyperlink and becomes infected with something rather unpleasant.

These “passive attacks” are growing in number, says Newton, because there is no way that the administrators of these sites can possible check out every single piece of content that has been uploaded. Well, it’s probably time they found out a way, pretty soon, or they may come to regret it. And in the meantime we may see acceptable usage policies at work getting a lot stricter.

November 21, 2006 | Permalink | Comments (0)

Tough on e-crime, tough on the causes of e-crime. That seems to be the attitude of the country's major internet service providers (ISPs), who apparently have all got plans now to bundle security services in with their broadband packages. Talking to Eldar Tuvey, founder and chief of managed security services provider ScanSafe, he reckoned it would only be a matter of time before the big service providers started rolling out these value-added services, forced by customer pressure and an increasing need to differentiate themselves in what is a very competitive market.

Not that this is going to come for free, but get a bit of competition going on and in time it could be, I reckon. And corporates should be pleased to see this development taking place; even if they have a dedicated IT team to ensure the security of their systems, clean traffic is a nice-to-have. On the other side, if consumers are given the option to buy a security package from their broadband provider, the security of the net could be upped a notch or two; good for the prosperity of e-commerce and consumer confidence.

November 18, 2006 | Permalink | Comments (0)

The registry for .uk domains Nominet is finally bowing to pressure from members and urging a widening of scope for the organisation. At an extraordinary general meeting, the truly extraordinary will take place, well, a few hundred people will get together and vote on this. As many have observed in the industry, Nominet does a grand job of managing .uk and many would like to see its safe pair of hands applied to things like introducing Enum in the UK. Enum, by the way, is the new-ish protocol which will finally see the worlds of telcomms and internet collide, as it provides a means for telephone numbers to be converted into IP addresses, and so will be particularly useful in strengthening Voip.

So, um, yeah, although this vote is for Nominet members only, it could have far-reaching implications on businesses…there'll be many who would rather see a not-for-profit org with a good track record – and did I mention those safe hands, both of them? – doing this sort of thing than a purely commercial entity.

November 15, 2006 | Permalink | Comments (0)

Have just finished interviewing the shortlisted nominees for Young Practitioner of the Year at the British Computer Society’s annual IT Professional Awards; four young pups living the IT dream. Covering skills, offshoring, training and career development issues regularly in these pages, it’s good to get some anecdotal evidence from the horses’ mouths especially from those keenly registering every detail of their (relatively) newly found careers.

And a fairly good cross-section it is too; one guy from Microsoft – well there had to be, didn’t there – a helpdesk analyst from HR software specialist TeamSpirit Software, and two nominees from contact centre software provider Graham Technology, which must be doing something right. As you might expect, all had rather unusual reasons for getting into IT which make them more the exception than the rule, meaning it's difficult to use them as a vague yardstick with which to assess the industry. One had a hardware specialist for a dad, another's interest in computers stemmed in part from being blind. And most seemed to have had good support at an early age from their respective schools – food for thought for education tsars everywhere.

I also heard our nominees talk about the skills shortages they've seen first hand in their careers so far; a dearth of really quality candidates coming through from university that has certainly been apparent to IT watchers for years now. Another common thread was the double-edged sword of certifications; one nominee complained that course descriptions were poorly worded and significant extra study off-syllabus was needed to pass exams. Another said university course frustratingly lacked enough practical elements and although certs are a good indicator of formal training for recruiters, “many certifications are very costly and time-consuming”. I’m not going to bate my news editor by lingering on this point, but, perhaps unsurprisingly given the dearth of potential candidates, there were no women shortlisted for the award.

November 14, 2006 | Permalink | Comments (0)

Went to the swanky central London offices of IT consultancy ThoughtWorks the other day to receive wisdom and insight from chief scientist there Martin Fowler, and UK MD Cyndi Mitchell. The first piece of insight I got was that clearly I'm working in the wrong industry; the offices occupy the ninth floor of a modern airy building with stunning views over London and a large bowl full of chocolates for visitors. Resolving to 'ave words with facilities management on my return to the office, I went on to hear about Martin's work at the cutting edge of domain specific languages and Agile development methods, some of which I understood, and some I didn't.

The communication barrier between business users and developers has long been a problem for firms; a brick wall which diagrammatic techniques for conveying information fails in most cases to break down, he told me. But Agile software development techniques involve the breaking down of projects into small chunks and regular reviews, which effectively forces both sides to the table and encourages new ideas to come out of the collaboration. Sounds smashing I think you'll agree, and combined with domain specific languages – a way of describing the most technical aspects of a system in a way non-tecchies can understand – there is real potential for technologists to prove their worth by developing stuff that the business actually needs.

November 9, 2006 | Permalink | Comments (0)

Last week you may have noticed some of the news coming out of the inaugural Internet Governance Forum, a "forum for multi-stakeholder policy dialogue" set up at last year's UN-sponsored World Summit on the Information Society (WSIS). As always with these events, nothing concrete can really be decided because it is, after all, just a forum for knowledge transfer, best practice dissemination and other terrible marketing synonyms for "discussion". But a few proposals grabbed the headlines, none more so that the Internet Bill of Rights which, I seem to remember being bandied around before.

According to Emily Taylor of .uk registry Nominet and on the IGF Advisory Group, the event was pretty darn successful thanks very much, not least because it helped less (internet)-developed nations learn best practice in certain areas and generally encouraged free and open discussion. And because there was no pressure to make policy decisions, she added, government representatives could be less diplomatic and political in their views, which has got to be a good thing. There were hints that it was slightly a victim of its own success though – only 800 participants were expected but nearly double that turned up, and some taking part in the larger panel discussions felt that the scale was just too great to get meaningful dialogue between all parties.

But for a first time out, the general concensus seems to have been positive, and with the formation of Dynamic Coalitions of various stakeholders to undertake various projects, the momentum should be carried on to the next event in Rio de Janeiro next year. Now I just need to work out how I'm going to expense that one…

November 7, 2006 | Permalink | Comments (0)