Archive for November, 2014
The Exchange Online Protection email security engine rates promotional messages on a scale of 1 to 9
In time for the holiday shopping season, Microsoft has refined how Office 365 handles bulk promotional emails from vendors like Amazon, eBay and Macy’s.
Those messages, which contain special offers, newsletters and other sales incentives, fall into a gray area between legitimate email and obvious spam. Depending on a variety of factors, recipients sometimes find them useful and other times annoying.
Now, Microsoft has added what it describes as a “simple, intuitive control” to the Exchange Online Protection (EOP) security engine in Exchange Online so that Office 365 admins can fine-tune the treatment of these messages for their domain.
EOP rates bulk messages on a scale of 1 to 9. The lower the rating, the less likely the message will be considered a nuisance by recipients. Criteria used to rate messages include whether recipients signed up for the mailings, whether the sender offers unsubscribe options and how many complaints the emails have generated.
Office 365 sets its default threshold at 7, meaning EOP will deliver bulk messages rated 6 and lower, and throw those rated 7 and above into the spam basket. However, admins can adjust the threshold to a different number.
“Bulk email can be a real nuisance for users. We hope that this feature will help you better manage the amount of bulk email your organization receives and look forward to continually improving our anti-spam service to meet your needs,” wrote Microsoft officials Shobhit Sahay and Chris Nguyen in a blog post Monday.
Microsoft is starting to roll out the improved email management capability now. Admins that want it activated right away on their domains can place a request with Microsoft via their account team.
You kids today are spoiled by your modern-day razor-thin ultrabooks. Come take a look portable technology that required some muscle.
Sure, it’s a bit unwieldy
In the first iteration of any technology, it’s amazing that you can do it. When the first Motorola mobile phone hit the market, it seemed miraculous to make phone calls unconnceted to the grid; only later did it become clear how unwieldy that first phone was.
The same is true for PCs. Early “portable” computers would make you laugh, because of their size (large), price tag (high), capabilities (poor), or some combination of the three. But as you take this tour through the history of mobile computing, we urge you to remember the day when it was amazing that you could lug these things around at all.
What makes a computer “portable”? Well, at minimum, you have to be able to move it from place to place. By that standard, just about any computer made today is more portable than the earliest computers of the 1940s and 1950s, built from hundreds of vacuum tubes installed into row after row of cabinets and taking up entire rooms. In this sense, DYSEAC, built by the National Bureau of Standards for the US Army Signal Corps, was a real breakthrough: it could be easily fit into a tractor trailer and driven from place to place.
IBM 5100, 1975
Decades later, IBM looked to make a similar leap down in size from the half-ton behemoths it sold. With the IBM 5100, Big Blue was able to compress a lot of power into a package that, at 55 pounds, was relatively tiny: amazingly, the computer was able to emulate a version of the APL programming language that would run on an S/360 mainframe. Reasoning that anyone who would be opting for the 5100 over a real mainframe would put portability at a premium, IBM emphasized the suitcase-sized unit’s luggability and built a keyboard and tiny monitor directly into the all-in-one machine. Fully tricked out, the 5100 cost $19,975 — the equivalent of more than $85,000 today.
Osborne 1, 1981
Six years later, Osborne Computer introduced the Osborne 1, with a similar look and footprint but a much less cutting edge level of technology. Company founder Adam Osborne himself said that “It is not the fastest microcomputer, it doesn’t have huge amounts of disk storage space, and it is not especially expandable.” But it used the mass-market CP/M operating system, and it was cheap ($1,795, the equivalent of $4,500 today), and, at 22 pounds, relatively easy to fit into a suitcase for lugging to wherever you might need a computer. Osborne published a magazine specifically for users, The Portable Companion, and the first issue featured an amazing picture of journalist David Kline with Afghan mujahideen admiring his Osborne 1.
GRiD Compass, 1982
The GRiD Compass was an Osborne contemporary; it was smaller — at a scant 11 pounds, it’s almost getting to the same order of magnitude of modern-day laptops. It also used a unique operating system and rugged but slow bubble memory, and cost $8,150 (more than $19,000 today). The combination of its tough construction and high price tag meant that its chief customer was the U.S. federal government: the Compass went into orbit on the Space Shuttle, and was rumored to be part of the presidential “nuclear football,” which stored launch codes.
Compaq Portable, 1982
The Compaq Portable was roughly the same size (28 pounds) and form factor as the Osborne: barely portable, in other words, despite the name, though it did come with a nifty suitcase. What made it really special wasn’t related to its portability: it was the first ever IBM clone of any sort, with reverse engineered BIOS and Microsoft’s MS-DOS, making it the ancestor of every Windows laptop ever made. Its luggable design was an added bonus; it was popular enough that IBM had to answer with its own portable version, the IBM 5155 model 68.
Epson HX-20, 1983
Having read about what passed for portable computing in the early 1980s, you can now understand how shocking and revolutionary the Epson HX-20 was. At three and half pounds, its lighter than a modern-day 15-inch MacBook Pro, and at $795 (the equivalent of $1,800 today), it’s cheaper, too.
What was the catch? While the other luggables we’ve seen had monochrome monitors on the order of 8 or 9 inches, the HX-20 sported a tiny LCD that could only show four lines of text, 20 characters wide. There was also very little software available for its proprietary OS, and the machine was distinctly underpowered.
Classic Mac form factor, 1984
Even as this spate of what we’d now recognize as the ancestors of modern notebook computers was being released, the idea of just what might make a computer count as “portable” was still in flux. For instance, nobody would’ve mistaken the original Macintosh for a laptop, with its near-cubical form factor — but at 16.5 pounds, it was lighter than many computers specifically billed as portable. The case came with a built-in handle on top so you could carry it around your house or office, and, as this page from the original owner’s manual demonstrates, custom-made carrying satchels were available.
Macintosh Portable, 1989/PowerBook 100, 1991
Five years later, Apple’s first portable Mac looked like the early ’80s dinosaurs we’ve already seen: huge, clunky, and awkwardly designed. The Portable was a bit lighter than its predecessors at 16 pounds, and of course ran a more modern OS, but at $6,500 ($12,000 in today’s money) it was difficult to justify.
The truly amazing thing was that just two years later, Apple released the PowerBook 100 series. These machines started at a third the weight and a third the price of the Portable; more importantly, their design, with wrist rests and a trackball below the keyboard, set the standard for all laptops, Mac and PC, that followed. The modern portable era had arrived.
Apple Newton, 1993
Of course, around the same time the world was launching into a whole new world of portable computing: the PDA, direct ancestor to the modern-day smartphone. We leave you with this picture that shows how far we’ve come in the “handheld computing devices much smaller than personal computers” department: the orignal Apple Newton, that prophetic flop, seemed miraculously small at the time, and yet dwarfs the original iPhone. (Though with the advent of the huge iPhone 6 Plus, perhaps this is going full circle.)
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
Everyone used to hire mobile app developers to build custom programs, but that often resulted in shoddy, insecure programs that sometimes didn’t even work. And even when the software suited the need, chances are it was a colossal waste of money.
Today you can program without programming. Even business people can define and build apps that suit their needs – in just hours or days, depending on the complexity. Or have them built for you for as a low as $500 from a provider harnessing the same automated software creation tools.
Either way you go, it is a far cry from shelling out $50,000 or more, which is what you typically pay a mobile developer for just one piece of software for just one mobile platform.
We are not talking about overly simplistic, do nothing bits of software. With today’s new visual approach to designing and generating mobile software, you can create sophisticated custom business apps. These apps can work with data from the Web, cloud or your own internal systems – or all three, and can include pre-built features such as: forms, lists, database services, web services, location services, and strong security and encryption.
It is particularly easy to create apps for companies in these vertical industries: real estate, health care, construction, job estimating, insurance and more.
New tech to the rescue
For decades the Holy Grail of programming was to get there without programming. Many stabs have been taken, such as Fourth Generation Languages (4GL), object oriented programming where objects could be reused and stitched together to create new programs, and code generation, where you define what you need and the system creates the code for you.
All this work laid the foundation where we are finally achieving the promise of programming without programming. In the mobile space in particular a number of new companies are making all this work.
The key is visual development. By leveraging myriad pieces of software that have been written and fully vetted, the end user, even a non-technical person, visually designs the app they need and the system assembles the app based on what we used to call objects. And because all these components have been used in thousands of apps, they are secure and the bugs long since worked out.
Some vendors offering this new approach focus on easing creation of mobile applications that replace paper forms, letting IT customize or build apps that are then run as Software as a Service (SaaS).
Others offer a Platform as a Service (PaaS) approach. Initially PaaS was simply a way of offering a software development stack in the cloud, so programmers needn’t worry about configuring, updating and maintaining development systems. Now the stack itself is richer with the advent of true visual-based and model-driven development, and the cloud is better able to host these developed apps as well.
There are multiple PaaS options today. One approach allows stakeholders to model what they want their app to do, and then have that interpreted by a runtime environment. While another allows business users to decide what they want, describe it by manipulating icons that represent a large catalog of fully tested services, objects, actions or lines of code, and then the system builds a full piece of software whose components are automatically integrated.
The savings are real
Research by AnyPresence, a Backend-as-a-Service (BaaS) provider, shows most companies spend at least $50,000 for an app. Close to 25% spend more than $100,000.
Using traditional methods, mobile apps aren’t just expensive to build, they take a tremendous amount of time to complete. Let’s say you just want a program that takes information from a database and puts it in a simple list, maybe to let salespeople check inventory. That could take one to two months to build and cost over $25,000, says AnyPresence. And that is for just one platform.
Want an enterprise app that integrates with your business processes? You’ll need an awfully big piggy bank because that will run you over $150,000.
What’s more, eventually you’ll need to update that app, which can cost serious bucks. Forrester says the initial cost of development is only 35% of the overall two-year cost. Part of this cost is updating and upgrading. This may be due to new feature requirements, changes in business processes, the need to run on or exploit new mobile environments or to port to currently unsupported operating systems. MGI Research says mobile apps have, on average, one major update ever six months.
With visual programming and application generation you can add new features or just freshen the interface with a few swipes of a WYSIWYG editor, then touch the screen to distribute the update. Programmers call this iteration, and they earn much of their livelihood this way.
To protect against POODLE attacks and other vulnerabilities in SSL 3.0, Google will remove support for the aging protocol in version 40 of its Chrome browser.
Google plans to remove support for the aging Secure Sockets Layer (SSL) version 3.0 protocol in Google Chrome 40, which is expected to ship in about two months.
The decision comes after Google security researchers recently discovered a dangerous design flaw in SSL 3.0. Dubbed “POODLE,” the vulnerability allows a man-in-the-middle attacker to recover sensitive, plain text information like authentication cookies, from a HTTPS (HTTP Secure) connection encrypted with SSLv3.
Even though POODLE is the biggest security issue found in SSL 3.0 so far, it is not the protocol’s only weakness. SSL version 3 was designed in the mid-1990s and supports outdated cipher suites that are now considered insecure from a cryptographic standpoint.
HTTPS connections today typically use TLS (Transport Layer Security) versions 1.0, 1.1 or 1.2. However, many browsers and servers have retained their support for SSL 3.0 over the years — browsers to support secure connections with old servers and servers to support secure connections with old browsers.
This compatibility-driven situation is one that security experts have long wanted to see change and thanks to POODLE it will finally happen. The flaw’s impact is significantly amplified by the fact that attackers who can intercept HTTPS connections can force a downgrade from TLS to SSL 3.0.
Based on an October survey by the SSL Pulse project, 98 percent of the world’s most popular 150,000 HTTPS-enabled sites supported SSLv3 in addition to one or more TLS versions. It’s therefore easier for browsers to remove their support for SSL 3.0 than to wait for hundred of thousands of web servers to be reconfigured.
On Oct.14, when the POODLE flaw was publicly revealed, Google said that it hopes to remove support for SSL 3.0 completely from its client products in the coming months. Google security engineer Adam Langley provided more details of what that means for Chrome in a post on the Chromium security mailing list Thursday.
According to Langley, Chrome 39, which is currently in beta and will be released in a couple of weeks, will no longer support the SSL 3.0 fallback mechanism, preventing attackers from downgrading TLS connections.
“In Chrome 40, we plan on disabling SSLv3 completely, although we are keeping an eye on compatibility issues that may arise,” Langley said. “In preparation for this, Chrome 39 will show a yellow badge over the lock icon for SSLv3 sites. These sites need to be updated to at least TLS 1.0 before Chrome 40 is released.”
Google Chrome typically follows a six-week release cycle for major versions. Chrome 38 stable was released on Oct. 7, meaning Chrome 40 will probably arrive towards the end of December.