Twitter developer manager Alex Payne has updated the Twitter FAQ with the actual, real, honest story on the return of Track to its users. First, the relevant text:
When will the firehose be ready?
By late January, early February 2009. For at least Q1 2009, the “firehose” (the near-realtime stream of all public status updates on Twitter) will only be available to a small group of trusted partners. The firehose is a stream HTTP solution; a client connects to it and the stream begins, ceasing only when the client disconnects. Once we’re confident in the stability of the service, we’ll add partners on a case-by-case basis. We may allow a wider selection of clients to consume subsets of the public stream (that is, updates from a collection of user IDs or matching specific search terms). We do not intend to allow anonymous, unregulated public access to this stream for any number of legal, financial, and technical reasons.
Now, the translation:
Real soon now, especially now that FriendFeed has a quarter of our page views with a stunningly familar hockeystick of growth, we will release the firehose to trusted partners. Trusted means those vendors who will agree not to allow access to… see below. The firehose is the full stream of our data that has been blocked from its contributors since May, 2008. Once we’re sure it is stable, we’ll continue to make it available while adding what must be semi-trusted cases. It’s also possible we’ll deliver a subset of the firehose (analogous to somewhat pregnant) defined as Track on identities and keywords. The keyword here is “may”. Finally, we won’t allow anonymous unregulated access, period. That is, even though we have numerous partners and untrusted startups currently recording Twitter notices and storing them for unregulated anonymous access since Twitter began.
FriendFeed co-founder Bret Taylor appeared on NewsGang Live Friday, and told me relationships with Twitter continue to be good. The two companies are working through some problems with the rate limiting curbs introduced by Twitter several weeks ago, but Taylor anticipates a resolution shortly. Several third party Track projects, most notably including Dustin Sallings’ TwitterSpy, have been disabled due to the 20,000 API call limit imposed. Sallings is blunt in this FriendFeed thread:
They’re going to offer a friendfeed-style HTTP firehose to a limited group. My suspicion is that that group will be limited more by how threatening a business is than even by how much twitter’s traffic may be reduced by such a partnership. I might be wrong, but the only ideas they seem to have for making money from their business involve removing value their customers want.
Meanwhile, Taylor says FriendFeed is moving forward with enhanced realtime tools to help model Twitter and other data. Rooms will gain new controls for aggregating multiple streams, a major search-related announcement is coming later this week, broader filtering and track functionality awaits a several-month rewrite of some parts of the core architecture, and most importantly, FriendFeed will continue to employ an open, inward and outward-facing data strategy. This is in sharp contrast to both Twitter and Facebook, who allow ingress but limit outbound flow.
There are several efforts underway to work around or via the back channel with Twitter to reengage track services. Services such as Twhirl that have released betas with “track” support may fall into both categories, but eventually Twitter will find a happy medium where monetization will begin to flow. In the meantime, FriendFeed continues to offer a more conversational and flexible model, making it a significant competitor for user contributions. Even now, it’s trivial to maintain a Twitter presence via FriendFeed that would require a fundamental change in developer relations to undermine.
Now that Twitter has achieved a certain stability and clarity in its rate-limiting strategy, the next phase will focus on identifying and rationalizing its trusted partners. The fundamental value proposition of track – the filtering of micromessages based on a combination of identity and conversational context – can now be achieved in FriendFeed with greater fidelity and, soon, realtime alert mechanisms that allow more personalized and affinity-powered flow regulation. The result: time-efficient information at the center of the user experience.
Over time, Twitter’s huge audience size and mainstream media acceptance will become less significant, forcing Twitter to name its price for its unique value even as it is watered down by more flexible tools and micro-community adoption of its competitors. Regardless of the anger in the community, which clearly has been discounted as a small minority in Twitter’s game plan, the clarity of Twitter’s rate limiting and brute force approach in managing its developer community now stand in sharp contrast to FriendFeed’s approach.
Read the rest of this entry »
Posted in Internet, Programming, Web 2.0 | No Comments »
Experts are warning that hackers have yet to activate the payload of the Conficker virus.
The worm is spreading through low security networks, memory sticks, and PCs without current security updates.
The malicious program – also known as Downadup or Kido – was first discovered in October 2008.
Although the spread of the worm appears to be levelling off, there are fears someone could easily take control of any and all of the 9.5m infected PCs.
Speaking to the BBC, F-Secure’s chief research officer, Mikko Hypponen, said there was still a real risk to users.
“Total infections appear to be peaking. That said, a full count is hard, because we also don’t know how many machines are being cleaned. But we estimate there are still more than 9m infected PCs world wide.
“It is scary thinking about how much control they [a hacker] could have over all these computers. They would have access to millions of machines with full administrator rights.
“But they haven’t done that yet, maybe they’re scared. That’s good news. But there is also the scenario that someone else figures out how to activate this worm. That is a worrying prospect.”
Experts say users should have up-to-date anti-virus software and install Microsoft’s MS08-067 patch. The patch is known as KB958644.
Speaking to the BBC, Graham Cluley, senior technology consultant with anti-virus firm Sophos, said the outbreak was of a scale they had not seen for some time.
“Microsoft did a good job of updating people’s home computers, but the virus continues to infect business who have ignored the patch update.
“A shortage of IT staff during the holiday break didn’t help and rolling out a patch over a large number of computers isn’t easy.
“What’s more, if your users are using weak passwords – 12345, QWERTY, etc – then the virus can crack them in short order,” he added.
“But as the virus can be spread with USB memory sticks, even having the Windows patch won’t keep you safe. You need anti-virus software for that.”
Method
According to Microsoft, the worm works by searching for a Windows executable file called “services.exe” and then becomes part of that code.
It then copies itself into the Windows system folder as a random file of a type known as a “dll”. It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.
Once the worm is up and running, it creates an HTTP server, resets a machine’s System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker’s web site.
Most malware uses one of a handful of sites to download files from, making them fairly easy to locate, target, and shut down.
But Conficker does things differently.
Anti-virus firm F-Secure says that the worm uses a complicated algorithm to generate hundreds of different domain names every day, such as mphtfrxs.net, imctaef.cc, and hcweu.org. Only one of these will actually be the site used to download the hackers’ files. On the face of it, tracing this one site is almost impossible.
Variant
Speaking to the BBC, Kaspersky Lab’s security analyst Eddy Willems said that a new strain of the worm was complicating matters.
“There was a new variant released less than two weeks ago and that’s the one causing most of the problems,” said Mr Willems
“The replication methods are quite good. It’s using multiple mechanisms, including USB sticks, so if someone got an infection from one company and then takes his USB stick to another firm, it could infect that network too. It also downloads lots of content and creating new variants though this mechanism.
“Of course, the real problem is that people haven’t patched their software,” he added.
Microsoft says that the malware has infected computers in many different parts of the world, with machines in China, Brazil, Russia, and India having the highest number of victims.
Read the rest of this entry »
Posted in Hardware, Internet, Security | 1 Comment »
What does it cost to host an e-mail account? It seems like a simple question, but a remarkable number of enterprises surveyed by Forrester had no idea of how to answer that question. A new report by the research company has taken a look under the hood of both in-house and commercial e-mail services, and put some numbers on the per-user costs associated with a variety of options. The surprise result was not so much that Google’s corporate services come out ahead, but rather how large a lead it has on every other option.
The title of the report, “Should Your e-mail Live In The Cloud? A Comparative Cost Analysis,” is actually somewhat misleading. The cloud implies a diffuse network of servers that hold partially redundant copies of information. Some of the services examined by the report don’t necessarily offer that sort of setup, although the report frequently refers to any off-site service as “the cloud.”
Semantics aside, Forrester surveyed over 50 IT workers at major enterprise companies to see how they handle e-mail, contacts, and calendaring services. They also discussed options and costs with 21 vendors of these services, and created some rough estimates of how much each portion of the various services cost.
One of the things they discovered is that the business community is largely unaware of the costs of running an e-mail account. Many of those surveyed gave guesses from $2 to $11 per user, although a detailed accounting showed that the costs were often several times that (Forrester came up with $25.18 per month, compared with $8.47 for Gmail). Part of the problem is that costs are often split among several cost centers, with software licenses part of a different department’s budget from the salaries of the people that support it. In some cases, the e-mail system was running on older hardware that had initially been bought for a different purpose and had been depreciated.
Despite the confusion, a lot of companies realize that e-mail has become expensive for two simple reasons: spam and malware. Nearly half of those surveyed were evaluating off-site solutions because e-mail costs had risen, while another 30 percent were performing the evaluation as part of an upgrade or service consolidation process. Fully 85 percent of these companies were leaning towards moving some of the services off-site.
The biggest reason for doing this seemed to be so that someone else could deal with staying on top of spam and malware; over half of those surveyed were planning on implementing a hybrid system where an external service filtered mail on its way into and/or out of the company’s internal servers. Reasons cited include the challenges of staying on top of the threats and up-to-date with the software, as well as the resource-intensive nature of combating mal-mail. Another 30 percent were leaning towards a complete outsourcing of the service, presumably in part because of these costs.
The author of the report calculated the monthly costs for the components of various systems, such as storage and client software. The biggest cost was clearly archiving, which is often legally required for a lot of positions. Beyond that, the software and filtering costs all came in at roughly 10 to 15 percent of the costs when they’re needed—off-site services, for example, eliminate separate purchases of server and filtering software, and lower staff costs in exchange for a monthly subscription. The overall conclusion is that any company with an employee count of under 15,000 would probably benefit from using off-site services.
The two examples of actual cloud services, Microsoft’s Exchange Online and Google Apps for Business, came out significantly ahead. Exchange Online provided significantly lower costs until somewhere above 30,000 seats, while Google Apps’ monthly cost consistently came in at half the cost of others, in part because its subscription cost is so low, and in part because the “client software” is a free web browser.
The author of the report cautions that there are a lot of variables to consider, such as how often the company adds and removes users, the frequency of large attachments, and the archiving requirements. Still, the results make it clear that Microsoft is now undercutting most of other services available, including those that rely on Exchange itself. But Google has managed to significantly undercut Microsoft. Although its solution is nowhere near as integrated as Exchange, an increasing percentage of the workforce is getting comfortable with managing their life and e-mail through a web browser.
Read the rest of this entry »
Posted in Google, Internet, Microsoft | No Comments »
