What an interesting time to hold a technology conference. The DLA Piper Global Technology Leaders Summit last week brought together CXOs from Amazon, Walmart.com, Stanford, Safeway, Microsoft, Sun, Cisco and others to discuss the state of IT in general and how the economy is impacting it. Some highlights:

“Cloud computing for large enterprises is a dead duck, in the opinion of several venture capital firms.”

“The current slowdown in the U.S. macroeconomy is definitely going to hurt the IT industry, as it will most of the nation’s businesses, for at least the next year and most likely into the next two years.”

NetApp cancelled its first user conference slated for 2009 citing economy-driven restrictions on business travel.

We recently wrote about the possible upside for MSPs in this economic downtown. A survey from EquaTerra of more than 200 outsourcing service suppliers announced that “more than 40 percent of those polled had seen increased demand levels, despite the economic downturn.” The survey suggests that outsourcing projects are changing, with a strong focus on quick return on investment replacing longer-term initiatives to improve end-to-end business processes, according to InfoWorld. So as we saw during our own surveys this year, it looks like IT will spend time and money against the practical projects that should and could get done and not taking on ITIL and CMDB projects.

Jonathan Schwartz as a puppet talking about open source and his ponytail. The driest Sesame Street take-off you’ll ever see. Check out the video here. For those of you playing a drinking game at home, “ponytail”.

Denise Dubie posted a follow up to her article Novell’s Managed Objects buy, and shared insights from different commenters, including yours truly.

One of our favorites, the IT Skeptic was featured on John Willis’ blog this week, answering some questions about CMDB, ITSMF and more. He also provided his insight into IBM Tivoli, although he “tries to stay non-partisan”.

Inexplicable. HP posted Halloween-themed videos about datacenters on YouTube this week. Unlike the great IBM videos about the mainframe, these videos speak techno-babble without tempering the lingo with being funny or tongue-in-cheek. Various frightening creatures share information on service management processes and discuss virtualization techniques to help consolidate hardware. Scary.

The best security program is at the business with the happiest customers.

There's a fine line between happy customers and playing piano in a bordello.

Sees a lot
Can tell the king he has no clothes
Can tell the king he really is ugly
Does not get killed by the king
Nice to have around but…how much security improvement comes from this ?

Changes happened faster that he was able to move
Did not read the signs
Good intentions went unfulfilled
A brutal way to ending a promising career
Sad to have around but…how much security improvement comes from this ?

Obviously these models of CISOs are not solving our information security problems. Instead Dr. Garigue points us to Charlemagne as a better model

King of the Franks and Holy Roman Emperor; conqueror of the Lombards and Saxons (742-814) - reunited much of Europe after the Dark Ages.

He set up other schools, opening them to peasant boys as well as nobles. Charlemagne never stopped studying. He brought an English monk, Alcuin, and other scholars to his court - encouraging the development of a standard script.

He set up money standards to encourage commerce, tried to build a Rhine-Danube canal, and urged better farming methods. He especially worked to spread education and Christianity in every class of people.

He relied on Counts, Margraves and Missi Domini to help him.

Margraves - Guard the frontier districts of the empire. Margraves retained, within their own jurisdictions, the authority of dukes in the feudal arm of the empire.

Missi Domini - Messengers of the King.

This is the way forward! Find software security champions in the architecture and development groups,help them understand the real security issues. They will find solutions you have not thought of. Same for DBAs, same for business analysts even. Its all about beating the bushes, education, and decentralizing security services. Specifically, he points out this important mandate for IT security

Knowledge of risky things is of strategic value

How to know today tomorrow’s unknown ?
How to structure information security processes in an organization so as to identify and address the NEXT categories of risks ?

To me this is our mandate and measure of effectiveness. Empower our customers, educate, and create business value. If I am a CISO  I don't want 20 people reporting to me who do firewall ruleset changes. I want one champion in 20 different groups - development teams, architects, DBAs, business analysts.

A concrete example, infosec can continue to go along with the herd and follow the "what everyone else is doing architecture" meanwhile developers are connecting every single thing in your business to the Web. I have been doing integration and new technology projects for a long time, and let me tell you - Change does not always create happy customers in the short run. But the chart below shows that information security is maybe more concerned with not causing waves rather than adapting.

The best security program is at the business with sustainable competitive advantage.

This is a quick and dirty video documentary of the things that when on around the talks and event at Phreaknic 12 (2008). Don't watch if you get sick at shaky cam movies like Blair Witch or Cloverfield. A rough timeline of the content in the video is as follows:

        Intro and leaving Louisville with Brian. Morgellon talks about hacking the Arduino micro controller platform. Sorteal talks about the LiVes Open Source video editor. AT&T Batman building by night. Mojo-JoJo soldering some stuff for the shooting range. The patron gods of hackerdom. Registration. Con swag overview. Morgellon  gets his discreet logic on. AK-47 building with HandGrip and Buttstock. Froggy talks up Notacon, which I plan to go to next year. Skydog explains the Jware chair toss event, and then we compete. Rootwars hacker wargames. I ask Int80 about using his nerdcore music in some of my videos. NotLarry explains rootwars. Some iPhone hacking with Lee Baird and John Skinner. I do a little Bluecaseing/Warnibbling with the Bluetooth on my Nokia n810. John, Lee, Brian and I go to the German restaurant. I blind DOSman with the light from my camera and check out what folks are doing with the Arduinos Droops brought for folks to play with. I check back in on R00tW4rz. I blind Droops. I talk Ettercap filters with operat0r. USB door key fun with the Arduino. More breadboard fun. Nokia n810 + Ettercap Filter + Lemon-part = win. Int80 gets down with his own bad self, and the rest of Phreaknic. I find an energy drink with protein. Folks play with the hardware keyloggers I brought, and we have some epic fail with the IBM Model M + USB adapter + Mac OS 10.5. Winn Schwartau joins in on the keylogger fun. DOSman and Zack use a directional antenna from the 9th floor to search downtown Nashville for WiFi access points. Zoom in on Al. John and Lee eat jerky. Daren and Shannon from Hak5 blind me this time. :) Then they do a quick interview. I interview TRiP about the legalities of wardriving, sniffing and leaving your access point open so you have plausible deniability of copyright infringement (most likely it won't hold water in court if you are a computer geek). I give Hak5 Daren beef jerky. Ziplock had more con badges than God. I meet up with Iridium. I talk with Nightcarnage about the audio/video setup at Phreaknic. As I predicted, the Potters won the WiFi Race. I say why this was the best Phreaknic ever. Using green lasers on crack dealers. Techno in the dark, the Aiptek action HD does not do well in low light. Nicodemius shows off his Minority Report like multi-touch table. Hula hoop contest. I check back in with Jeff Cotton and his USB keyed door. I strap on my gear to leave the con. Brian and I do a wrap up of our thoughts on Phreaknic 2008.

Information Week’s new blog, Plug Into the Cloud, is already in the thick of the controversy on the emerging cloud computing trend. A recent post lists a bunch of highly opinionated comments on the topic by site visitors, running the gamut from “Cloud computing is kind of like the Emperor’s New Clothes” to “cloud software can actually be more expensive than the software I load onto my hard drive.”

Jeff Doyle writes an interesting post about resistance to IPv6 adoption (what, you think we forgot?). Instead of the usual focus on IPv6 as an application issue, he points out that it’s actually an infrastructure thing. Would you wait to upgrade routers, switches, software, or servers until you can find a way to make the newer systems profitable? Would you wait to increase bandwidth only after you have customers waiting to use it? If you’ve answered these questions “no”, then why are you waiting to upgrade to IPv6?

We posted about whether or not there were recession proof products in IT yesterday. Network World Management Maven Denise Dubie also writes about readers weighing in on IT and the economy – from having to do even more with less to seeing the economic downtown as an opportunity to highlight IT’s true value to the business.

And finally, on the lighter side: What would we do without crazy billionaires and their crazy purchases? According to a New York Times article, a company controlled by Google’s top execs just added a fighter jet to their roster. “Presumably no attacks on Microsoft are planned at this time.” (image from Wikipedia)

The New York Times rounds up using cell phones as hotspots: Though the reporter, Bob Tedeschi, mentions the issue of having to have an unlimited data plan to avoid unpleasant charges, and worries about bad drains and malicious users, he doesn't note that many carriers don't allow this kind of sharing or routing without a separate "tethering" plan, that can run $20 or more per month. Also, U.S. carriers have now all imposed a 5 GB per month reasonable use cap; some will cut you off, some charge you more, some cancel your service based on exceeding this use.

Gigabit Wi-Fi? Someday: TechWorld considers the IEEE's Very High Throughput (VHT) study group, which wants to start work on 1 Gbps or faster Wi-Fi standard for completion in 2012. With 802.11n offering raw symbol rates up to 600 Mbps--even though no devices have shipped with the radios and antennas to offer that optional high speed yet--there's interest in other frequencies that would allow faster encodings, as well as aggregating multiple links to achieve high speed rates. My experience in testing and using 2.4 GHz with Draft N would show that wide or aggregated channels doesn't work very well. The article's writer, Peter Judge, notes that ultrawideband had potential (over short distances) to approach the gigabit mark, but that UWB hasn't really reached the market in any substantive way years after it was promised to be a big technology.

Flight attendants express concerns about in-flight broadband porn: When I've spoken to airlines, industry experts, and service providers, I find that they all have stories about how porn is viewed on computers, through DVD players, and in convenient magazine form on planes today. Adding the Internet may provide new salacious imagery, but the problem predates Internet access, and filtering Internet service is never as good a solution as a social one. Someone idiotic enough to view porn on a plane over the Internet is also stupid enough to bring along inappropriate DVDs they watch while seated next to children. Flight attendants already have the power vested in them to take care of this. The flight attendants for American might be expressing this concern as part of a bargaining issue, where their responsibilities but not commensurate pay have increased.

Spokane ends free Wi-Fi: Remember Vivato? Boy, I sure do. A company with a reach far exceeding its grasp, Vivato initially powered Spokane's downtown network. The network has continued to run on some basis--I'm not sure using what equipment--and now will move from free to fee. OneEighty Networks will charge about $10 per month to cover the costs of the network, for which local businesses at one point chipped in.

Brazilian TAM airline signs up for in-flight calling, messaging: OnAir has signed up the Brazilian carrier TAM, which will deploy the service on its Airbus A320 craft. Brazil hasn't yet provided regulatory approval, so no launch date is noted. TAM is the largest domestic and international carrier for Brazil.

1-meter simulated resolution from aerial imagery of Colorado Capitol and Downtown Denver

.5-meter simulated resolution from GeoEye

You'll have to pardon me this morning if the round-up seems a bit off. I'm still a little stunned at the spectacle of an arena full of (seemingly sober and sane) adults chanting, "Drill, baby, drill".

So let's see, what's in the news? Well, last night Republicans trotted out a Massachusetts venture capitalist and governor, the former mayor of New York City, former executives of eBay and HP, and an Alaskan neophyte pol who as mayor of a small town delivered $4,000 in federal pork for every man, woman, and child, in railing against coastal elites and Washington politics, while supporting a candidate who's been in the Senate for 26 years.

Fourth US airline to go Wi-Fi: Aircell says they have a fourth airline--after American, Delta, and Virgin America--on board for its in-flight Wi-Fi service. The aerial broadband provider's latest partner will be announced soon. Aircell's service went live in 15 American Airlines planes two weeks ago, and there's been a surprising lack of reporting from regular travelers or journalists since the big splash at the launch.

Microsoft, two universities research methods for better Wi-Fi handoff for vehicles: The researchers developed a method they call Vi-Fi, writes the Seattle Post-Intelligencer's Todd Bishop, which allows a system to maintain connections with several base stations at once, using a primary access point for traffic until a discontinuity is predicted or encountered. This allows seamless handoffs and continuous voice conversations.

Speaking of autos and Wi-Fi, concerns raised about Chrysler's in-car Wi-Fi option: Randall Stross wrote nearly two weeks ago in The New York Times about the problem of distraction. With the Internet at your fingertips, can you restrain yourself? The only problem with the humorous and accurate analysis is that millions of business travelers have 3G access via laptop cards already, so you'd think we'd already be seeing the bad effects of automotive area networks.

A Wi-Fi booster can't post availability signs on highway: The Nebraska town of Louisville has free Wi-Fi downtown, and wanted to post "Visitor Wi-Fi" on a highway sign as another amenity. The state highway department has a policy that doesn't allow the promotion of Wi-Fi, because they believe they'd be inundated. A resident who runs a local Internet firm installed his own signs on the highway; the roads department removed them; he remounted them; they were removed again. The idea of zoning and mounting a billboard apparently hasn't come to the city officials' minds (or perhaps they're prohibited).

The folks spreading misinformation about Wi-Fi health effects cause Ulster school to disable network: I can understand why non-technical folks might think that Wi-Fi has been proven to be unsafe, given the kind of information that's available on the Internet about wireless safety. While there are ongoing studies about the safety of cellular signals--and I'm convinced at this point there's no increased risk to an adult's health by using a cell phone--there is no specific and credible research linked to Wi-Fi, which broadcasts signals at a far lower level than a cell phone, most of the time in most uses.

Washington state shuts down rest-area Wi-Fi: The $3 for 15 minutes, $7 per day, or $30 per month Wi-Fi service at 28 of Washington's 42 rest areas has been turned off after a year for lack of use. Figures. The fees charged by Parsons and Road Connect aren't unreasonable for a nationally scoped plan, but are ridiculous for limited use. States should either bite the bullet and offer these service for free, partner with national roaming operators who can resell service into large networks of business travelers, or use ads to support the service. Highways in remote areas can typically pick up cell data networks, and ongoing costs should be minimal to operate such networks.

IEEE approves fast-roaming standard, 802.11r: This new standard is designed to improve the handoff of devices between base stations. This is accomplished in part by allowing base stations to communicate security and quality of service information so that a VoIP over WLAN phone can immediately reassociate without the delay of authentication and other handshaking.

Denver airport sees 7,000 connections on a single day last week due to Democratic National Convention: FreeFi released the usage figures recently to show how their service is operating. The network started with about 600 daily users when the switchover from fee to free happened 10 months ago, and now carries about 3,500 daily connections.

Coffee Bean & Tea Leaf goes free: The chain of about 700 cafes will have free Wi-Fi installed by now in all its company-owned stores (about 300).

That's ASCII, not hex: An article on wardriving raises security hackles by repeating some slightly overheated statements about Wi-Fi security. The article opens with a 63-character ASCII WPA passphrase, which is later described as "hex." (ASCII passphrases in WPA can be up to 63 "printable" characters - ASCII 32 to 127 - while a hex version of a 256-bit TKIP or AES password is 64 hexadecimal digits long.) The article tries to conflate Wi-Fi attacks that led to the largest set of breaches in retail credit-card systems and wardriving, a hobbyist activity that's never been looked on very favorably by law enforcement. The sense of ennui of wardriving pioneers is pretty clear; when Wi-Fi is everywhere and generally secured, it's far less interesting. The wardriver in the article convinced the reporter that a maximum-length WPA passphrase stored on a USB drive for automatic use was the best way to go. But, really, 20 characters containing letters and punctuation and no words found in a dictionary along with changing your network's SSID (network name) provides all the security you'll ever need for a home or small business. (If you need more, deploy WPA/WPA2 Personal.)

Green Wi-Fi's Senegal efforts hit snags: The folks at Green Wi-Fi are well motivated, and they're running up against all forms of security theater and bureaucracy both here and in Senegal, where they have an active project. The San Francisco Chronicle notes the group's effort to build solar-powered, self-sustaining Internet access via mesh networked nodes. Getting devices out of the country, clearing customs in Senegal, and hooking up their solar system all hit problems they're working through. As with the One Laptop Per Child program, I see a "build it and they will come" mentality in Green Wi-Fi's mission statement: the notion that providing computing power and Internet access will result in good things, rather than an effort to figure out what good things need to be achieved, and whether computers and the Internet will assist.

Portfolio critiques crazy hotel Wi-Fi pricing: The travel guru that is Joe Brancatelli turns a steely eye to $15 per night charges at fancy hotels for Internet access, noting that cheaper hotels include such service at no cost. The higher-end hotels won't talk for attribution, but they say that a "fraction" of guests use Internet, so why bundle it into the room rate? Pshaw. At $15 per night, four to six users pay the entire cost, while the hotel or its operator accepts a fraction of that rate as settlement from Boingo and iPass and other aggregators. So it's nonsense. They charge because business travelers will expense it and be reimbursed.