Windows 7 May Spur Virtual Desktops, On and Off the iPhone

Predictions from analysts and virtualization vendors that desktop virtualization will take off during 2010 may be off the mark. VMware, Citrix and a range of other companies are putting clients on smart phones, minimalist thin-client hardware and USB keys in an effort to find something about Virtual Desktop Infrastructures (VDI) that will hook a customer's imagination, says Andi Mann, head of systems and storage-management research at Enterprise Management Associates. "VMware and Citrix both announced support for the iPhone, which is sexier, even though Blackberries have a greater penetration in business," Mann says. "Virtualization on handhelds is a kind of halo project -like the Chevy Corvette that dazzles customers who come in and end up buying a Chevette." The Chevette, in this case, is the aging desktop PC or laptop used by any one of millions of corporate workers stuck with Windows XP and looking to upgrade to Windows 7 when it comes out later this year, says Chris Wolf, virtualization and infrastructure specialist at The Burton Group. "Windows 7 is going to drive a lot of the activity around desktop virtualization for companies that want or need to upgrade to Windows 7," Wolf says. Sales may take off, but the desktop PC may not have much to do with it.

Bulk migrations will take a long time, but many companies will at least begin moving users to the new OS within weeks or months, Wolf says, and will try to avoid spending the money it would take to upgrade every PC while they do it. [ For timely virtualization news and expert advice on strategy, see CIO.com's Virtualization Drilldown section. ] "Strategically, both Citrix and VMware have been planning that Windows 7 would be a major catalyst for desktop virtualization, and have been working toward it for a long time," Wolf says. Citrix Systems demonstrated its iPhone client in May. "Right now, it's a race to produce client-side hypervisors," according to Wes Wasson, chief marketing officer of Citrix Systems. "With that, [enterprise applications] are just a URL to the user. VMware announced more than a year ago that its VMware Infrastructure (VI) Client would run on the iPhone. You could be using a home-office PC or a Mac or a smartphone; as long as the client is there, you have secure access." Racing to an Anywhere Virtual Client Other software and hardware developers are also racing to build add-ons to make virtualization usable, and devices to make it easy to acquire. AppSense, whose code is part of both VMware and Citrix's VDI offerings, stores all that data and code on the server and reloads it all every time that user logs on, no matter through what device the access comes, according to Martin Ingraham, VP of strategy for the company. "We have to make it transparent across all the delivery technologies, so a user can set preferences on one, and go home and sign on using a different one, and have it exactly as they left it," he says.

The User Environment Manager from AppSense, for example, is designed to make a virtual desktop mimic the real thing by allowing end users to make changes, install software add photos, store cookies and do all the other things they'd do on an actual "personal" computer. Competitor Moka Five's desktop suite offers similar functionality adding the ability to personalize PCs and Macs without disturbing the "golden" PC image on which the company relies. It's just a hub to connect a keyboard, mouse, monitor and other peripherals to a Windows desktop image running in the data center. Thin-client manufacturer Pano Logic sells what it calls a "zero client" that has no CPU no operating system, drivers or moving parts. A starter kit of five, plus one remote USB key that can turn any computer into an authenticated thin client, starts at $1,989. LG Electronics is trying to streamline the hardware by building a thin client from NComputing a Pano Logic competitor directly into its SmartVine line of LCD monitors.

NComputing sells a range of mini- to micro thin computers. The 19-inch version retails for $199, can save 70 percent on maintenance, 60 percent on hardware and 90 percent on electricity compared to a PC, the company says. Big VDI Question: Management Tools "The hardware can really be anything, which is the great thing," according to Steve Bonney, vice president of business development at Bayscribe, a software developer that builds high-volume, server-based dictation systems for medical facilities. But questions about how to manage those assets, protect intellectual property, and even measure the amount of risk involved are holding many companies back. "The fundamental problem is not getting access to the application from a phone," Mann says. "We can do that with a Web application. Bonney is hoping VMware will push its client out on all the major phone operating systems to save his company development costs and show that even heavy duty applications work on very thin clients if the client is ubiquitous enough. "This will completely reshape the way enterprise IT is done," Wasson says of Citrix' client-side hypervisor. "It shifts the information flow model back to pull-so you're not pushing things at users they don't want, and it simplifies things for IT." Even without the fancy hardware, VDI can save a ton of money for IT in support, capital costs and licensing, Mann says. It's all about the manageability, without that, there's no question it's cool, but no one is really sure if it's practical." Follow everything from CIO.com on Twitter @CIOonline.

Akamai pitches Hollywood on its HD Network

Akamai Tuesday began pitching its new HD Network as the perfect solution for entertainment companies that want to deliver high-definition video streams over the Internet. During a live videoconference Tuesday, Akamai executives pitched the network to entertainment companies as a compliment for live TV and DVDs that would let content providers stream higher quality videos without the traditional problems of jitter and long buffer times that users regularly encounter. The CDN provider's new HD Network utilizes its HD EdgePlatform and combines it with digital video recorder technology and an adaptive bitrate streaming technology that adjusts users' delivery bitrates based on their network capacity. Separated at Birth: Tech Honchos and Their Famous Lookalikes "Our HD Network has been designed for large-scale broadcasters and studios," said Akamai CEO Paul Sagan. "Our goal is to meet and surpass the needs of the film and television industries… TV is now possible online at HD bitrates." Akamai cofounder and chief scientist Tom Leighton said that Akamai's HD Network had a unique advantage in delivering HD streams because it had roughly 1,000 servers located on networks' last miles in 750 cities around the world.

Users streaming content over the Akamai HD Network will be able to watch video using Flash, Silverlight and iPhone protocols. Leighton said that this access to the last mile has enabled Akamai to deliver content at a rate of 2Mbps or greater to two-thirds of users in the United States and at a rate of 5Mbps or greater to around a quarter of users in the United States. The network also features an HD content analytics that allow providers to monitor and understand who is accessing their content and an HD player based on the open source standard provider through the Open Video Player Framework.

Three-year-old Office patch stymies most attacks

Users running Microsoft Office can stump nearly three-fourths of all known attacks targeting the suite by applying just one three-year-old patch, according to recently published data. The flaw was fixed in the MS06-027 security update issued. Almost three-out-of four attacks - 71% of all those spotted in the first half of 2009 - exploited a vulnerability in Word that was patched in June 2006, Microsoft said in its bi-annual security intelligence report, released Monday.

The second-most popular exploit, with a 13% share, aimed at a bug that was quashed in March 2008, Microsoft said. The 2006 update patched Word 2000, Word 2002 and Word 2003, while the 2008 fix affected Excel 2000, Excel 2002, Excel 2003 and Excel 2007. Microsoft made the point that patching Office was as important as keeping Windows up-to-date with security fixes. "The majority of Office attacks observed in [the first half of 2009], 55.5%, affected Office program installations that had last been updated between July 2003 and June 2004," the company said in its report. "Most of these attacks affected Office 2003 users who had not applied a single service pack or other security update since the original release of Office 2003 in October 2003." Unfortunately, users are far less likely to update Office than they are to patch Windows. The flaw was one of seven patched by the MS08-014 update. According to Microsoft's data, the median amount of time since the last Office update was an amazing 5.6 years, compared to just 1.2 years since the last Windows update. "Users can keep Windows rigorously up to date and still face increased risk from exploits unless they also update their other programs regularly," Microsoft warned. They do what's required of them," he continued, hinting that they often do little more than that. "Windows' security has a high profile, and so they're patching Windows.

Wolfgang Kandek, the chief technology officer at security vendor Qualys, echoed Microsoft's take on Office patching patterns. "We see the same in our data," Kandek said. "People just don't patch Office, and when they do, they patch it much slower than Windows." That especially holds true in the enterprise. "This is a major security hole in the enterprise," Kandek said. "IT admins are not focusing on Office as they are on Windows. I don't think they're looking at Office, to tell you the truth." Qualys obtains its data from PCs that it manages for its clients, most of which are companies. Office 2007 SP2 hit the street in April 2009. Nine out of 10 Office exploits in the first half of 2009 involved a Trojan downloader, or backdoor malware. "These kinds of threats allow attackers to access compromised systems later to install more malware," Microsoft said. One way to stay up-to-date without patching every month is to apply the infrequent service packs that Microsoft issues for Office. "If the Office 2003 RTM users in the sample had installed SP3 [Service Pack 3] and no other security updates, they would have been protected against 98% of observed attacks," Microsoft said. "Likewise, Office 2007 RTM users would have been protected from 99% of attacks by installing SP2." Microsoft delivered Office 2003 SP3 in September 2007, fixing more than 450 bugs in the application suite, and adding other security measures, including file blocking of older formats, a move that confused users well into the following year. Microsoft urged Office customers to use the Microsoft Update service, a superset of the better-known Windows Update that pushes patches for Windows and Office.

Office was last patched Oct. 13 when Microsoft unveiled a record number of security updates and fixed flaws. Here, too, Kandek was stumped by Microsoft's practice of offering two separate update services. "I'm not sure why that's the way they do it," he said, speaking of Microsoft's providing Office updates to consumers and small businesses only through Microsoft Update. "I don't see why they simply can't replace Windows Update with Microsoft Update, and patch everything." Microsoft offers Office, as well as Windows patches, to businesses that use its Windows Server Update Services (WSUS) patch management system. The security intelligence report can be downloaded from Microsoft's site in PDF or XPS document formats.

AMD graphics chip shortage hitting PC vendors

An offshore Advanced Micro Devices Inc. foundry is having trouble ramping up on production of a new 40-nanometer graphics processing unit, forcing PC makers to delay shipments of desktop and laptop computers, AMD confirmed today. He added that the foundry is in full production but so far yields are below expectation. The Taiwan Semiconductor Manufacturing Company Ltd. (TSMC) is struggling to get up to speed manufacturing AMD's 5800 series, 40-nm GPUs (graphics processing units), according to Jim McGregor, an analyst at In-Stat.

Matt Davis, a spokesman for AMD, confirmed to Computerworld that TSMC is having issues in ramping up production of the chips. It's just a matter of trying to get TSMC to a point where they can yield. He added that it's not clear how far behind the foundry is on production expectations. "The design is sound. They're feeling the manufacturing crunch," said Davis. "We're a little bitter under yield but we're working back into a manufacturing schedule we want for these parts. They're getting a huge swing on this. TSMC can only kick them out so fast at this point." Davis said that PC vendors are being affected but declined to say how many vendors are feeling the pinch or which ones. "It's the end of the whip," he added. "[The vendors] are going to have a hard time." Davis also said AMD is working with TSMC on the issue and hopes to have production up to speed by year's end. "They haven't been producing these chips for long, so you'd expect some ramp issues," said McGregor. "AMD is being affected because these are great parts and they're getting a lot of demand.

When you have more demand for a product than expected and lower yields than expected, you get the perfect storm." McGregor said AMD has a little time to get manufacturing in line before PC vendors start looking for greener pastures and turn to a graphics chip from rival Nvidia . "It's not something you can move away from overnight," said McGregor. "They're set up for that GPU. They could switch over to Nvidia but it would take some effort. It will all depend on how bad the shortage gets." Dan Olds, principal analyst at Gabriel Consulting Group, said that if projections of slow tech sales, especially of high-end products, hold true, AMD should survive the production slowdown rather well. They could switch. If the economy was strong, and buyers were clamoring for desktops and laptops, a production slowdown would significantly hurt the struggling AMD . "If the problem goes on long enough, or gets worse, it may prompt system vendors to reexamine their decision or hedge with products using other suppliers," said Olds, who added that he expects AMD to rectify the problem soon. "It's not unusual to see low yields when a chip is shrunk to a smaller process. I would expect to see yields rise over time as the glitches get fixed, but that doesn't do AMD much good right now." But most of these problems are ironed out well before the product is introduced into the market, which ensures that there will be enough supply to handle demand.

NASA watching “perfect storm” of galactic cosmic rays

Astronauts and satellite integrated circuits are at most risk of an ongoing tempest of galactic cosmic rays that scientists say is at an all-time high. Cosmic rays cause showers of particles when they hit Earth's atmosphere but they pose their greatest health hazard, radiation, to astronauts in space. According to NASA's Goddard Space Flight Center, galactic cosmic rays come from outside the solar system and are made up of subatomic particles accelerated to almost light speed by distant supernova explosions.

They aren't too healthy for satellites either as a single cosmic ray can disable the unit if one hits an unlucky integrated circuit, NASA said. "In 2009, cosmic ray intensities have increased 19% beyond anything we've seen in the past 50 years," said Richard Mewaldt of Caltech in a release. "The increase is significant, and it could mean we need to re-think how much radiation shielding astronauts take with them on deep-space missions." Network World Extra:  Top 10 cool satellite projects 10 NASA space technologies that may never see the cosmos   NASA says the surge is being caused by what it calls a "solar minimum," a deep lull in solar activity that began around 2007 and continues today. Right now solar activity is as weak as it has been in modern times, setting the stage for what Mewaldt calls "a perfect storm of cosmic rays." Mewaldt also says the solar wind is flagging. "Measurements by the Ulysses spacecraft show that solar wind pressure is at a 50-year low, so the magnetic bubble that protects the solar system is not being inflated as much as usual." A smaller bubble gives cosmic rays a shorter-shot into the solar system. Researchers have long known that cosmic rays go up when solar activity goes down. Once a cosmic ray enters the solar system, it must "swim upstream" against the solar wind. Still the Earth is in no great danger from the cosmic bombardment. Solar wind speeds have dropped to very low levels in 2008 and 2009, making it easier than usual for a cosmic ray to proceed, he stated.

The planet's atmosphere and magnetic field combine to form a formidable shield against space radiation, NASA points out. The study, conducted by the National Academy of Sciences noted that besides emitting a continuous stream of plasma called the solar wind, the sun periodically releases billions of tons of matter called coronal mass ejections. Earlier this year a NASA-funded study looked to show some of the first clear economic data that quantifies the risk extreme weather conditions in space have on the Earth. These immense clouds of material, when directed toward Earth, can cause large magnetic storms in the magnetosphere and upper atmosphere, NASA said. One of the driving reasons for the study is that the sun, as we mentioned above, is currently near the minimum of its 11-year activity cycle but solar storms will increase in frequency and intensity toward the next solar maximum, expected to occur around 2012. Such space weather can impact the performance and reliability of space-borne and ground-based technological systems, NASA said.