New life for dead Tempe network? Another firm has expressed interest in buying the pennies on the dollar assets that remain of the former Kite Networks installation in Tempe from the firm that financed the venture as long as they can negotiate a new, more favorable deal with the city for mounting and removal rights. CTC, Inc., which the East Valley Tribune reports runs networks in the Kansas City, Mo., area, thinks there's an opportunity. The article notes that reception problems were due in part to the prevalence of stucco in Tempe, common in the southwest. Stucco walls layer plaster or other materials on a wire mesh for strength that turns a house into a bit of an accidental Faraday cage, partially shielding the home from electromagnetic radiation. (Could I go so far to say that Tempe's network could be a phoenix? Ouch.)

Wake up, you darn computer: Intel's new Remote Wake motherboards won't work with Wi-Fi, it's important to note. The feature, announced today, will let an incoming VoIP call (the articles all say "phone call over the Internet") to wake a computer, as long as the call comes from a particular source. Of course, the standard SIP protocol for VoIP doesn't have the kind of security and integrity that would allow this; Intel has to overcome the problem with network address translation that renders most computer unreachable from outside the local network without a separate service like GoToMyPC or LogMeIn; and it will only work for computers connected via Ethernet to a local network, because Wi-Fi is off when a computer sleeps, while Ethernet can remain lightly active. I don't have the protocol details yet, but there's long been a Wake on LAN protocol that required support in a router, operating system, and Ethernet card; Intel may be leveraging this.

“I know for a fact that every major CEP vendor has several dozen paying customers.”

Somehow Mark, I don’t find a dozen paying customers by the top CEP vendors very impressive.

Then, as to somehow justify the lack of public reference clients, Mark takes the position of a Coral8 customer and says,

“We believe that the use of Coral8 gives us a strategic advantage over our competitors. Why would we want to clue them in?”

Naturally, the same thing could have been said about the first desktop computer, or the first back-office banking system, or the first calculator, or the first telephone, frankly speaking.

Of course, when the technology is mature, then it is “Hey we have lots of computers!” “Hey, look at my fully functional sexy iPhone!” “We have the best back office banking systems on the planet by <insert your favorite big vendor here>!”

Well, all this CEP Solution Secrecy (CEPSS) might just be similar to why the government keeps many IT projects a secret;  the main reason is so we don’t know how much taxpayer money they are spending!

So, folks, the debate counterpoint that there is some “Secret Life of CEP” and that the CEP solutions today are somehow changing the way C-Level executives, and corporate America, thinks is just wishful thinking.

Companies don’t need to keep their strong technical solutions a secret. Like, Wow! I am using Coral8 and it is so impressive that I have to keep it TOP SECRET.  (Sorry Mark, nothing personal, you simply gave me a big red target and painted “fire when ready” on it)

Note:  I happen to like Coral8, and Coral8 Studio, as an event stream processing platform.

Back on point, I consider my laptop and cellphone more indispensable than most of the first generation rule-based stream processing engines out there today, and I am sure most CEOs agree.

The Secret Life of CEP….   you just have to just love it

Sierra Wireless buys Junxion: Sierra is one of the leading makers of mobile broadband adapters, like ExpressCards and USB modems; Junxion is the leading business-focused mobile broadband bridge maker. Junxion has plenty of competitors on the low end, where products are being sold to small business or individuals, but I'm not aware of another firm whose products have the feature list for centralized IT management and deployment. They bundle the cost of this central management into the products, which can accept any kind of PC Card. Well, perhaps not any kind in the future, though Sierra Wireless is likely to have little interest in making Junxion's box less compatible with rivals. But they'll certainly be a lot of good synergy in developing new hardware for the same market that's cheaper or has a different set of features. How about four adapters in one box that can bond connections together for specialized markets, like railroad Wi-Fi?

Delta's competitors with broadband interest, like Alaska, Southwest, and American, each have a different plan of attack. Alaska will test service soon with Row 44, which uses Ku-band satellite access, albeit with higher speeds and far lower costs, the company says, than Boeing's doomed Connexion service. Row 44 touts their over-water ability, critical for Alaska, which flies plenty of routes to the great northern state and to Mexico. A test is what's scheduled; not deployment.

Southwest did some deal with Row 44, but nothing further has been forthcoming. Summer's almost over, and we haven't heard more about the "four aircraft" mentioned in the linked press release.

American has the most fully formed plan, but they, too, are testing Aircell's service, and will shortly launch service on 15 trans-continental 767-200s, flying largely routes among SFO, LAX, JFK, and Miami. The company said in the past that they would decide on fleet deployment after the pilot stage.

I shouldn't forget Virgin America, which planned Internet access as part of a set of already-deployed in-flight networked services, but they have under a couple dozen planes at the moment, so they're not a real competitor except on a few routes. Their launch date hasn't been set.

Delta's announcement makes it clear that air-Fi is coming soon, and will likely change how business travelers plan trips. If you can get productive work done during a flight, that changes the financial equation of the trip's cost, and your time out of the office. Pair in-flight Wi-Fi with a cell data card, and you may curse the fact that you're always connected.

Without putting out misleading press releases, I do want to mention a review that came out today that I was pretty proud of. The folks at Channel Web and CRN put out a review today of StillSecure Safe Access baked off against two well known competitors, Symantec and Sophos. You can go read the review for yourself for the entire story, but here are the final two paragraphs:

After evaluating each of these products, the Test Center found that StillSecure's Safe Access 5.0 slightly outpaced the others, followed by Symantec (NSDQ:SYMC)'s solution and then Sophos'.

Safe Access 5.0 is robust and customizable, justifying adding a NAC as an extra layer of security. Symantec offers a nice solution, but finds itself more limited than Safe Access 5.0 without deploying agents. Sophos, too, is good, but we were left wanting more. While all the solutions could be fine in particular deployments, functionality led us to choose Safe Access 5.0 first, Symantec second and Sophos third in this comparative review.

???Nuff said on that one!  In other NAC news today, Mike Fratto and the Information Week folks have released their 2008 NAC survey and Mike will be doing a follow up webcast on this on Wed, July 23rd.  Check out the site for all the details. This report is chock full of great stuff about NAC including vendor profiles.  There is a ton of great information there for anyone interested in NAC.

Without putting out misleading press releases, I do want to mention a review that came out today that I was pretty proud of. The folks at Channel Web and CRN put out a review today of StillSecure Safe Access baked off against two well known competitors, Symantec and Sophos. You can go read the review for yourself for the entire story, but here are the final two paragraphs:

After evaluating each of these products, the Test Center found that StillSecure's Safe Access 5.0 slightly outpaced the others, followed by Symantec (NSDQ:SYMC)'s solution and then Sophos'.

Safe Access 5.0 is robust and customizable, justifying adding a NAC as an extra layer of security. Symantec offers a nice solution, but finds itself more limited than Safe Access 5.0 without deploying agents. Sophos, too, is good, but we were left wanting more. While all the solutions could be fine in particular deployments, functionality led us to choose Safe Access 5.0 first, Symantec second and Sophos third in this comparative review.

‘Nuff said on that one!  In other NAC news today, Mike Fratto and the Information Week folks have released their 2008 NAC survey and Mike will be doing a follow up webcast on this on Wed, July 23rd.  Check out the site for all the details. This report is chock full of great stuff about NAC including vendor profiles.  There is a ton of great information there for anyone interested in NAC.

Their competition, tantalizingly called a “digital combat exercise,” was supposed to give onlookers a rare opportunity to watch a computer hacking job in progress, complete with play-by-play.

It didn’t work out that way, though, thanks to — what else? — some sort of technical glitch that obstructed efforts to monitor what the competitors were doing. So for the few non-techie spectators who showed up, the business of hacking was still as opaque and mysterious at the end of the 1 1/2-hour exercise as it was in the beginning.

A technical glitch? They always happen at the worst possible time, don’t they? Read on.

The commentary was to come from Peter Stephenson, a member of the program’s faculty, who sat at his own terminal and displayed on a big screen something he called a “sniffer trace,” a multi-colored table with columns of numbers and letters — the first in what was to be a series of tableaus that held the promise of monitoring all the traffic on the network next door.

The minutes passed, and not much happened. The sniffer trace stayed the same, and from time to time, when Stephenson tried to check on what individual teams were up to, the screen went blank. Could it be that the hackers weren’t getting anywhere?

Someone decided to check on them in the old-fashioned way — paying a visit in person. The report came back that they were, in fact, getting somewhere — finding holes and vulnerabilities of various kinds.

You’d think that somebody on the faculty, or one of the grad students, or even somebody in the audience would have realized the problem. The story implies that they never did figure out what those pesky hackers were up to.

There are also a lot of errors and misconceptions. With its aggressive advertising campaign and a CEO who publishes his Social Security number and dares people to steal his identity -- Todd Davis, 457-55-5462 -- LifeLock is a company that's easy to hate. But the company's story has some interesting security lessons, and it's worth understanding in some detail.

In December 2003, as part of the Fair and Accurate Credit Transactions Act, or Facta, credit bureaus were forced to allow you to put a fraud alert on their credit reports, requiring lenders to verify your identity before issuing a credit card in your name. This alert is temporary, and expires after 90 days. Several companies have sprung up -- LifeLock, Debix, LoudSiren, TrustedID -- that automatically renew these alerts and effectively make them permanent.

This service pisses off the credit bureaus and their financial customers. The reason lenders don't routinely verify your identity before issuing you credit is that it takes time, costs money and is one more hurdle between you and another credit card. (Buy, buy, buy -- it's the American way.) So in the eyes of credit bureaus, LifeLock's customers are inferior goods; selling their data isn't as valuable. LifeLock also opts its customers out of pre-approved credit card offers, further making them less valuable in the eyes of credit bureaus.

And, so began a smear campaign on the part of the credit bureaus. You can read their points of view in this New York Times article, written by a reporter who didn't do much more than regurgitate their talking points. And the class action lawsuits have piled on, accusing LifeLock of deceptive business practices, fraudulent advertising and so on. The biggest smear is that LifeLock didn't even protect Todd Davis, and that his identity was allegedly stolen.

It wasn't. Someone in Texas used Davis's SSN to get a $500 advance against his paycheck. It worked because the loan operation didn't check with any of the credit bureaus before approving the loan -- perfectly reasonable for an amount this small. The payday-loan operation called Davis to collect, and LifeLock cleared up the problem. His credit report remains spotless.

The Experian credit bureau's lawsuit basically claims that fraud alerts are only for people who have been victims of identity theft. This seems spurious; the text of the law states that anyone "who asserts a good faith suspicion that the consumer has been or is about to become a victim of fraud or related crime" can request a fraud alert. It seems to me that includes anybody who has ever received one of those notices about their financial details being lost or stolen, which is everybody.

As to deceptive business practices and fraudulent advertising -- those just seem like class action lawyers piling on. LifeLock's aggressive fear-based marketing doesn't seem any worse than a lot of other similar advertising campaigns. My guess is that the class action lawsuits won't go anywhere.

In reality, forcing lenders to verify identity before issuing credit is exactly the sort of thing we need to do to fight identity theft. Basically, there are two ways to deal with identity theft: Make personal information harder to steal, and make stolen personal information harder to use. We all know the former doesn't work, so that leaves the latter. If Congress wanted to solve the problem for real, one of the things it would do is make fraud alerts permanent for everybody. But the credit industry's lobbyists would never allow that.

LifeLock does a bunch of other clever things. They monitor the national address database, and alert you if your address changes. They look for your credit and debit card numbers on hacker and criminal websites and such, and assist you in getting a new number if they see it. They have a million-dollar service guarantee -- for complicated legal reasons, they can't call it insurance -- to help you recover if your identity is ever stolen.

But even with all of this, I am not a LifeLock customer. At $120 a year, it's just not worth it. You wouldn't know it from the press attention, but dealing with identity theft has become easier and more routine. Sure, it's a pervasive problem. The Federal Trade Commission reported that 8.3 million Americans were identity-theft victims in 2005. But that includes things like someone stealing your credit card and using it, something that rarely costs you any money and that LifeLock doesn't protect against. New account fraud is much less common, affecting 1.8 million Americans per year, or 0.8 percent of the adult population. The FTC hasn't published detailed numbers for 2006 or 2007, but the rate seems to be declining.

New card fraud is also not very damaging. The median amount of fraud the thief commits is $1,350, but you're not liable for that. Some spectacularly horrible identity-theft stories notwithstanding, the financial industry is pretty good at quickly cleaning up the mess. The victim's median out-of-pocket cost for new account fraud is only $40, plus ten hours of grief to clean up the problem. Even assuming your time is worth $100 an hour, LifeLock isn't worth more than $8 a year.

And it's hard to get any data on how effective LifeLock really is. They've been in business three years and have about a million customers, but most of them have joined up in the last year. They've paid out on their service guarantee 113 times, but a lot of those were for things that happened before their customers became customers. (It was easier to pay than argue, I assume.) But they don't know how often the fraud alerts actually catch an identity thief in the act. My guess is that it's less than the 0.8 percent fraud rate above.

LifeLock's business model is based more on the fear of identity theft than the actual risk.

It's pretty ironic of the credit bureaus to attack LifeLock on its marketing practices, since they know all about profiting from the fear of identity theft. Facta also forced the credit bureaus to give Americans a free credit report once a year upon request. Through deceptive marketing techniques, they've turned this requirement into a multimillion-dollar business.

Get LifeLock if you want, or one of its competitors if you prefer. But remember that you can do most of what these companies do yourself. You can put a fraud alert on your own account, but you have to remember to renew it every three months. You can also put a credit freeze on your account, which is more work for the average consumer but more effective if you're a privacy wonk -- and the rules differ by state. And maybe someday Congress will do the right thing and put LifeLock out of business by forcing lenders to verify identity every time they issue credit in someone's name.

This essay originally appeared in Wired.com.

The writer says that air-to-ground service is like Wi-Fi in the sky, but it's using cellular data standards, and so it's much more like mobile broadband in the sky. He also writes that there's 3 Mbps, which is the combined up-and-down estimated throughput of AirCell, the only firm that can operate such service in the U.S. for commercial flights. The next graf mentions that satellite-based Internet access is coupled with, uh, 802.11b (yes, B) access points. I think that's an error, innit?

And the analysis of JetBlue's move is incorrect. The purchase of Verizon's Airfone network is about positioning equipment, not using out-of-date gear that can't be employed for phone calls on commercial airliners.

I'd suggest a more appropriate metaphor be used than the one in this sentence: "[Lufthansa] hopes the experience is more fruitful than its ill-fated 2004 deal with Boeing's Connexion service, which crashed and burned when Boeing shut it down two years later." Beyond the distasteful reference, Connexion was shut down in an orderly fashion, and Lufthansa was one carrier that loved it, and tried to get it to stay in operation, and, failing that, to build a consortium to revive it.

The article finishes with a set of incorrect conclusions:

"There hasn't been much news about how airlines plan to charge for these services." In fact, we know pretty much that it will cost roughly $6 an hour, $10 for a 3-hour flight or less, and $13 for a flight longer than 3 hours. That's from Aircell in various statements, and it appears to be roughly the charges expected from its competitors in the US. In Europe, mobile calls and texting prices are also known: about US$2.50 per minute for calls, and something like 25 to 50 cents for text messages, not much more than the egregious ground pricing.

"If the industry's cash crunch gets much worse, in-flight broadband might be mothballed before it even gets off the ground." It's unclear what part of the expense the airlines are bearing. In my discussions with firms over the last five years, it's clear to me that this round involves the providers bearing more of the cost--and hence the lower installation cost involved--but also retaining more of the revenue.

Wi-Fi a-go-go onboard buses: The New York Daily News checks in on the trend to put Internet access via Wi-Fi on board East Coast buses. The article notes that Greyhound's new sidewalk-pickup BoltBus service among corridor cities has provoked the long-running Chinatown buses to bolt on Wi-Fi as well. The Chinatown Bus Association says here that their bus tickets are cheaper and thus more competitive--but one of their members has already added Wi-Fi, and others are considering it. MegaBus also serves the coast and has Internet access, as well as DC2NY. The biggest problem, though? Passengers demand AC outlets, and only BoltBus has them on every bus. LimoLiner (New York to Boston) isn't mentioned here, but is one of the earliest firms I'm aware of with on-board Internet, starting in 2004, and they also have power to every seat.