The naming of parts: Time for “Linux Inside”?

by Glyn Moody

Names matter in free software. Just think of the number of electrons that have been spilt arguing over whether it's “Linux” or “GNU/Linux”.

The naming of parts came up when I interviewed Linus back in 1996. I had asked him about his relations with Richard Stallman, and this is what Linus said:

I've had some, not very much. At first he wasn't too interested, because Linux was so PC-centric – just two years ago, it didn't run on anything else. And I suspect Richard really dislikes PCs. So he wasn't really interested in that sense. Lately, when it's become obvious how portable it is and how well it works on other architectures too, I think Richard in that sense looks at Linux in a different light.

One problem we've had, well, problem, kind of clash of personalities, is that Linux has gotten so much press and GNU has gotten so little. So for Richard, he's not pragmatic, he really has this idealistic world-view, he'd really like the system to be called GNU/Linux or something like this. Personally I don't think GNU Linux flies as a name, it should be catchy.

But is “Linux” catchy? The fact that few people have heard of it outside the rather specialised world of free software suggests not. Indeed, far more people have probably come across “Ubuntu”, which has taken on the role of the public face of GNU/Linux to a certain extent. That's good, in the sense that it has done valuable work promoting free software to the general public; but it's also unfortunate in that it has pushed the “Linux” name even further into the background.

Some might ask why that is even a problem. After all, does it really matter what the kernel is called? I'd argue yes, for the slightly counter-intuitive reason that Linux is becoming so successful, particularly in two areas: mobile phones and embedded systems.

The rise and rise of Android has made that particularly name a household word – well, in more affluent countries at least, although once cheap Android-based phones start appearing it will become a global brand. Embedded systems, by contrast, often run Linux without anyone being aware of the fact: one of its strengths is that it doesn't crash, so there are no tell-tale Blue Screens of Death (BSOD) to announce its presence to the world. Instead, it just carries on working reliably and invisibly.

The problem, then, is the fact that Linux can be powering more and more of the digital devices that fill our lives and also be behind the international success that is Android, and yet few outside the computer world are aware of the connection.

Imagine, now, a situation where all these growing successes were perceived as part of a single, larger movement: the rise of Linux, and with it the spread of free software. Once people start to realise that many of their most beloved and faithful gadgets have at their heart the same software, they might begin to look a little differently on this “Linux” thing; they might, for example, begin to seek it out in other devices...maybe even on the desktop.

That is, if we could make people aware of just how widely used Linux is in smartphones and consumer electronics, say, it might even kickstart the use of free software in other domains.

So, the question becomes: how might we do this?

The idea of some kind of “Linux Inside” campaign has been raised before, but the situation is rather different now, largely thanks to Android smartphones. These are probably the first mass-market devices running Linux that people in the street are passionate about; this offers a unique opportunity to tap into that goodwill and transfer some of it to Linux.

To do that, we need a neutral organisation to oversee the project – the Linux Foundation is the obvious candidate – not least because Linus is an employee. As well as being widely respected among the open source community, it already has many of the leading companies that use Linux in their products as members. More recently, it has become more active in the embedded sector, which could be invaluable in gaining support for the idea here too.

Those same companies could help fund advertising campaigns to raise people's awareness of “Linux Inside” or whatever brand were chosen. As well as the efficiency of banding together to promote something for their mutual benefit, there's also the fact that they have – and ought to feel – a moral obligation to support something that they use for free. A few judicious remarks by Linus along those lines ought to work wonders, since it would be a PR disaster for major companies to be seen snubbing his polite request for help in this way.

Of course, for the thousands of smaller manufacturers that use Linux in their consumer devices, that may not be such a convincing argument for them to contribute money to the campaign. But, at the very least, it's in their own interests to stick some “Linux Inside” logo on their boxes – after all, it lets them tap into the generic marketing that would be going on around it, as well as allowing them to claim that the software in their otherwise somewhat anonymous products was “official” (provided, of course, that they made available all their source code....).

In a way, the idea behind “Linux Inside” or equivalent is the same as one of the key advantages of open source: that by collaborating and pooling resources, more can be achieved than by working separately. At the moment, the marketing around devices using Linux is fragmented, each manufacturer pushing a proprietary brand that reveals nothing about its underlying connection to Linux. By creating a strong umbrella brand alongside them, manufacturers would be helping the Linux ecosystem of which they form part – and hence helping themselves.

(Reference - http://www.h-online.com)

UM hall damaged by fire

PETALING JAYA: Universiti Malaya's Balai Ungku Aziz caught fire yesterday, with an estimated 80 per cent of its roof destroyed. The fire was believed to have started on the roof of the dental faculty in the hall about 4.50pm and students had to be evacuated. Pantai Fire and Rescue Department chief Hamid Daud said they received a distress call at 4.54pm and arrived there within five minutes. “Three fire trucks with 19 personnel from the Pantai and Taman Desa fire stations took two hours to put out the fire," he said. The cause of the fire and losses are being investigated.

(Reference :http://mmail.com.my)

Sony's PlayStation Network Disaster: What Happens Next?

By Matt Peckham, PCWorld Apr 27, 2011 7:50 AM

It's been a full week since Sony's PlayStation Network went belly up. For five of those days, the outage appeared to be just what Sony said--an outage. Yesterday all that changed when Sony admitted the "external intruder(s)" that prompted them to take the PSN down on Wednesday, April 20th, had in fact grabbed reams of personal information, and possibly (though unconfirmed) financial data such as credit card info. With upwards of 75 million PSN users affected, some are calling it the largest breach of confidential user information in history. Where does Sony go from here?

Yahoo Sells Delicious To You Tube Founders

Yahoo's Delicious, which was reportedly slated to be shuttered, will live on thanks to YouTube co-founders Chad Hurley and Steve Chen, who have agreed to purchased the site.

“We’re excited to work with this fantastic community and take Delicious to the next level,” said Hurley said in a statement. “We see a tremendous opportunity to simplify the way users save and share content they discover anywhere on the web.”

Yahoo has finally found a buyer for long suffering Delicious. YouTube founders Chad Hurley and Steve Chen have acquired the company, says Yahoo, via a “new Internet company, AVOS.” We’re still gathering details, but here’s the official stuff:

Today YouTube founders Chad Hurley and Steve Chen announced they have acquired the Delicious technology from Yahoo!. They plan to continue the service that users have come to know and love and make the site even easier and more fun to save, share and discover the web’s “tastiest” content.

Providing a smooth transition for users is important to both companies. There will be a transition period where users can elect to sign up for a new account. Users’ public and private bookmarks will be maintained through the transition period and transferred as they are today when it is complete.

As we have said, part of our product strategy involves shifting our investment with off-strategy products to put better focus on our core strengths and fund new innovation. We believe this is the right move for the service, our users and our shareholders and look forward to watching the Delicious technology develop.

(Reference : http://techcrunch.com)

Asterisk powers

Asterisk is a complete PBX in software. It runs on Linux, BSD, Windows and OS X and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in four protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware.

Asterisk provides Voicemail services with Directory, Call Conferencing, Interactive Voice Response, Call Queuing. It has support for three-way calling, caller ID services, ADSI, IAX, SIP, H.323 (as both client and gateway), MGCP (call manager only) and SCCP/Skinny. Check the Features section for a more complete list.

Asterisk needs no additional hardware for Voice-over-IP, although it does expect a non-standard driver that implements dummy hardware as a non-portable timing mechanism. A single (or multiple) VOIP provider(s) can be used for outgoing and/or incoming calls (outgoing and incoming calls can be handled through entirely different VOIP and/or telco providers).

For interconnection with digital and analog telephony equipment, Asterisk supports a number of hardware devices, most notably all of the hardware manufactured by Asterisk's sponsors, Digium. Digium has single and quad span T1 and E1 interfaces for interconnection to PRI lines and channel banks. In addition, single to quad port analog FXO and FXS cards are available and are po***r for small installations. Other vendors' cards can be used for BRI (ISDN2) or quad- and octo- port BRI based upon CAPI compatible cards or HFC chipset cards.

Lastly, standalone devices are available to do a wide range of tasks including providing fxo and fxs ports that simply plug into the LAN and register to Asterisk as an available device.

Design Standards Brief Manual for Royal Melbourne Institute of Technology, Australia.

The Royal Melbourne Institute of Technology is one of Australia’s original and leading educational institutions, producing some of Australia’s most employable graduates. As an innovative, global university of technology, with its heart in the city of Melbourne, RMIT has an international reputation for excellence in work-relevant education and high quality research, and engagement with the needs of industry and community.

With more than 70,000 students studying at RMIT campuses in Melbourne, in Vietnam, online, and at partner institutions throughout the world, the University is one of the largest in the country. It has built a worldwide reputation for excellence in professional and vocational education and research. A vibrant alumni community now stretches across more than 100 countries. RMIT is a member of the Australian Technology Network.

The Design Standards Brief –Version 6, August, 2009 – contains the minimum design standards for RMIT University. The Design Standards Brief is the guiding document for building works at the University. The document able to be access at url http://www.rmit.edu.au

(Reference : http://www.rmit.edu.au)

Linux patent suit ruled against Google

A Texas jury has ruled against Google in a suit that alleged some of its use of open source Linux code amounted to patent infringement, something that could have big implications for other companies using Linux technology and other open source systems. In the verdict, delivered last week, the jury decided that Google should pay US$5 million for the infringement.

The suit was filed in June 2009 by a firm called Bedrock Computer Technologies, which also named the likes of Yahoo, MySpace, Amazon, PayPal, Match.com and AOL as defendants in the suit. Bedrock, as was reported when the suit was filed, was founded by a prominent patent reform advocate (the corporation has been accused of being a patent troll) and filed suit against the defendants in question for violation of Patent 5,893,120, detailing "methods and apparatus for information storage and retrieval using a hashing technique with external chaining and on-the-fly removal of expired data".

Since it's the Linux kernel itself, the core of the open source operating system, this could have implications well beyond Google--and even beyond the other defendants in the case, for whom court decisions have not yet been determined.

"Google can easily afford US$5 million if it has to, but this patent infringement case has major implications for the IT industry in general and for Linux in particular," patent and IP activist Florian Mueller wrote on his blog. "The plaintiff identified a portion of the Linux kernel as part of the 'Accused Instrumentalities.' Many companies using Linux have already been required by the patent holder to pay royalties, and many more will now, based on this jury verdict, elect to pay."

A potentially contested turf: the Android mobile operating system, which is Linux-based and continues to grow fast, evolving into many different mutations of a mobile (and now tablet) software architecture.

Mueller points out that not only did Google attempt to declare the patent invalid, but so did Linux software maker Red Hat, which counts several of its clients among the defendants.

"Google will continue to defend against attacks like this one on the open source community," a spokesperson for the company said. "The recent explosion in patent litigation is turning the world's information highway into a toll road, forcing companies to spend millions and millions of dollars defending old, questionable patent claims, and wasting resources that would be much better spent investing in new technologies for users and creating jobs."

(Reference : http://www.zdnetasia.com)

Skype unleashes VoIP calls over 3G for Android

The latest version of Skype for Android includes some security updates that make it more secure, however the "meat and potatoes" of the new version allows for greater VoIP (Voice over Internet Protocol) call functionality over a 3G connection should the contingency arise to WiFi in the U.S., no matter the network. Still no word on when Skype will let users make video-to-video calls.

However until at the time, Android users can now join in with other mobile devices and platforms in making Skype to Skype VoIP calls over 3G and eating up data usage on their mobile plans during conserving those precious calling minutes for

(Reference : http://www.appscout.com)

Momentum Around Asterisk Intensified by Digium in 2010

Strong growth in the use of Asterisk and substantial technical advances in the product has marked a successful end of the year for Digium, Inc, Diamond Sponsor of ITEXPO (News - Alert) East. Apart from releasing a major upgrade; the use of Asterisk has expanded to 170 countries. Asterisk is open source telephony software created by Digium. The company is also the primary sponsor of this software.

A new open source project, Asterisk (News - Alert) SCF has also been announced by the company in late October. Over the past year, contributions from the open source community have matched Digium’s investment in Asterisk. Asterisk has received code from over 9,800 people to date. This includes more than 200 people who worked on Asterisk 1.8 which was released in October. The increase in momentum is evident from the over two million downloads of the software in 2010. Users of Asterisk include developers, resellers, integrators and systems administrators.

An ordinary computer is converted into a communication server with Asterisk. IP PBX (News - Alert) systems, VoIP gateways, conference servers and other communication applications can be powered with this communication server. Asterisk is being used to create standards-based, feature-rich communications systems in more than 170 countries by small businesses, large enterprises, call centers, carriers and governments.

The communication systems are being created at a fraction of the cost of proprietary systems. According to Digium (News - Alert), billions of minutes of phone calls around the world are being handled by Asterisk running over one million servers.

In a press release, Bryan Johns, community director of Digium, said, “Asterisk has made an indelible impression on the voice communications industry in the 11 years since it was released. Its appeal keeps growing as businesses look for the value, flexibility, standards compliance and the technical superiority that result from the contributions of thousands of talented and visionary software developers.”

Johns added that the company is proud to sponsor Asterisk. The company is also proud of the Asterisk community, which currently has 73,000 registered members. The company has released Asterisk 1.8 this fall as it continues its focus on Asterisk development. A new open source project in Asterisk SCF has also been created by Digium, added Johns.

Enterprise WAN Router Buyer's Guide by Drew Robb

The router market is an interesting space. It is split into two broad categories: enterprise Wide Area Network (WAN) routers and branch routers. This article focuses on the former category. Enterprise WAN routers are used to communicate to and from head office to branches. Sitting in the main data center, WAN routers are part of the network backbone, dealing with transaction and processing oriented traffic. As such, they need high bandwidth capacity. "Enterprise WAN routers sit at the hub, while the branch offices are like the connecting spokes," said Dell'Oro Group routers analyst, Shin Umeda.

While generally separate from the switches that connect user devices to the network, some modern switches have also taken on some routing functions. However, they remain largely separate. Switches connect users to the Local Area Network (LAN) while routers transmit data across the WAN.

Primary features

What are the main features that users should be looking for in an enterprise WAN router? Umeda said that the most important point is to match user bandwidth requirements to the device. Some WAN routers, after all, can be relatively small with a few interfaces. The simplest come with two connections - one to the WAN and one to the LAN. This might be good enough for a small organization, but limits performance and lacks flexibility. Larger routers, of course, have far more ports and can deal with a wider range of services that are attempting to connect to the WAN? Such services might include a low-speed electrical circuit like a T1 line, a Fiber Optics circuit connecting to a carrier network, or Ethernet up to 10 Gigabit Ethernet (10GbE).

"Pay attention to the type of connectivity you require during the selection process," said Umeda. "Most decent routers are highly configurable based on the type of ports you need." Connecting to the LAN side, though, is relatively straightforward. That typically requires Ethernet ports in the range of 100 Mb or 1 Gb.

Voice only, data only or both is a question that has to be answered. The days of data only networks appear to be dwindling, but not everyone has jumped onto the Voice over IP (VoIP) bandwagon. It would be wise to check with the CIO to determine if VoIP is on the horizon. If so, plan ahead. It doesn't make any sense to buy a fresh set of data only networking products only to have to replace them a year later when the VoIP rollout commences.

Umeda calls attention to another factor in router selection: what kind of connection you have to the branch, which determines what features are needed in the WAN router. If many branches are present with slow connections, for instance, that influences the amount of bandwidth and type of WAN router that should be purchased. Take the case of an ATM-type financial transaction. This will probably need a high level of security via VPN capabilities. Not all WAN routers include such functionality. Further, if the WAN router connects to the public Internet, some kind of firewall and security features are a wise investment. Many routers fold these features into their routers for a little extra money.

As a rule of thumb, Umeda said to start with bandwidth. How much capacity do you need and how much can a specific router support? This determines how much you should pay. Huge expensive routers might give a tremendous amount of bandwidth but why buy them if you will never take advantage of it. Correct sizing, then, is key. Another decision is whether to opt for a single-vendor or multi-vendor set up.

"Some services work better when you utilize a single vendor at both ends, while with others there is no difference at all," said Omeda.

Finally, the Dell'Oro analyst mentions management. Some organizations require a high level of centralized management of devices, while others have a more distributed infrastructure. The kind of IT organization in place can determine whether a more expensive WAN router is needed at head office (replete with state-of-the-art management functions) or if a less expensive router will suffice.

Vendor Battle

While Cisco remains the major force in enterprise WAN routers, its dominance is less than in other areas. Cisco leads the field with a 60 percent share in 2010 followed by Juniper Networks with 22 percent, Chinese company Huawei with12 percent and Brocade with 4 percent according to Dell'Oro. While Huawei isn't that well known in North America, that will change over time. But for now, it mainly sells in China and even then primarily to service providers.

"We haven't seen much shift in market share numbers over the past three years," said Umeda.

However, the total size of the market has shrunk. It was $700 million each year from 2006 to 2008 and crashed to $400 million in 2009. This year it rebounded a little to half a billion. But Umeda doesn't expect it to top its 2008 total any time soon.

(Reference : http://www.enterprisenetworkingplanet.com)

Schools Begin Moving Unified Communications to the Cloud by David Nagel

Public K-12 school districts have begun shifting their unified communications solutions over to the cloud. In fact, according to new research released this week, a quarter of them either have done so already or are in the process of doing so.

The research is the latest installment in the annual CDW-G Unified Communications Tracking Poll. For the 2011 report, O'Keeffe & Co. surveyed 900 IT professionals across sectors, including higher education and K-12. All participants were involved in unified communications for their organizations at the decision-making level.

Cross-Sector Findings
The survey found that, on the whole, UC adoption has doubled since the previous year's poll. A full 16 percent of all organizations have "fully implemented" unified communications, up from 8 percent in 2010 and 6 percent in 2009 (with a margin of error of ±3.2 percent). The remainder are in the process of implementing UC (18 percent), planning a UC implementation (33 percent), or assessing a possible UC implementation (33 percent).

Among the specific technologies that had been deployed at the time of the survey were:

• VIdeoconferencing (69 percent);
• IP telephony (66 percent);
• Mass notifications (63 percent);
• Unified messaging (62 percent); and
• Presence (47 percent).

All were up from previous years except presence and mass notification, which were statistically flat (within the poll's 3.2-point margin of error) between 2010 and 2011.

The report also showed that 76 percent of those organizations that have completed their UC implementations have experienced a return on investment that "met or exceeded" their expectations, up 5 percent from the 2010 report.

"Across industries, organizations are embracing 'anytime, anyplace' access to information to boost productivity. They also continue to look for opportunities to use budget dollars more effectively," said Christine Holloway, vice president of converged infrastructure solutions at CDW, in a statement released to coincide with the report. "Unified communications delivers on both of those objectives."

Findings for K-12 Education
In K-12 public education specifically, 19 percent of respondents indicated their organizations had fully implemented unified communications. Owing to the large margin of error for sector-specific findings in the report (8 points), that's statistically flat from last year's 13 percent figure. The percentage of campuses in the process of implementing UC (26 percent) was also statistically flat from 2010's figure of 18 percent. Those districts that reported they were planning for an implementation (21 percent) was down significantly from the previous year (30 percent in 2010). The percentage of districts reporting they were still just assessing the benefits of unified communications, 34 percent, was statistically flat from last year.

Among K-12 public education institutions, 4 percent reported they've have deployed cloud-based UC solutions. Another 21 percent said they're in the process of deploying a cloud-based solution, and 46 percent reported they are at least evaluating a cloud-based UC solution.

According to the report, the top UC features cited by respondents in the K-12 public education sector included:

• Access to work e-mail and voicemail via smart phone;
• The ability to send mass notifications via phone and e-mail; and
• The ability to receive voicemail and e-mail.

The top benefits cited by K-12 participants included:

• Increased productivity;
• Reduction of operating costs; and
• Reliable communications.

The 2011 Unified Communications Tracking Poll was conducted in February 2011. Forty-three percent of respondents were top IT leaders, including CIOs and directors; 38 percent were IT supervisors, specialists, or engineers; 11 percent were telecom supervisors, specialists, or engineers; and 8 percent were telecom directors or managers.

In higher education, 44 percent came from institutions with fewer than 2,500 students; 27 percent represented institutions with 2,500 to 9,999 students; and 29 percent came from school districts with 10,000 or more students.

The full report is publicly available now. Further details can be found here.

How the University of ADELAIDE manage their ICT - something to learn from them

ICT Principles

These ICT governance principles were agreed at a joint meeting of the University Information and Communications Technology Committee, the University Information and Communications Technology Architecture Committee, and the University Information and Communications Technology Investment Committee held on 16 June 2009. The principles constitute a reference model by which new ICT initiatives can be assessed for their alignment with the University's ICT ethos. Principles are a tool to help make more informed decisions - they are meant to guide rather than mandate.There is a set of over-arching ICT guiding principles that provide guidance on the key motivators that influence IT decision making together with more detailed sets of IT architecture and investment principles.

ICT Guiding Principles

The strategic direction of, and the decisions made by, the University Information and Communications Technology Committee on behalf of The University of Adelaide will be guided by the following principles. Information and Communications Technology (ICT) at the University of Adelaide will;

G1. Enable the University's core business - excellence in research and teaching. G2. Deliver a rich, engaged student and staff ICT experience. G3. Promote operational efficiency. G4. Ensure systems are robust and agile. G5. Ensure information and systems are secure. G6. Manage ICT as an investment.

ICT Investment Principles

The Investment Principles are necessarily aligned with the guiding principles but provide more guidance on investment.

I1. ICT investments must positively contribute to the achievement of the University's vision and goals as outlined in the Strategic Plan. I2. When considering potential ICT investments, the full life cycle costs and implications including licencing, infrastructure, skills and resources will be considered. I3. ICT investments will be assessed on the basis of the return on investment they offer. It is recognised that the potential returns are not just financial, and in some cases qualitative assessment of non-financial benefits will be required. I4. Individual ICT investments must demonstrate alignment with the overall University ICT strategy. I5. The potential business risks associated with ICT investments must be assessed and appropriate mitigation strategies identified prior to investment approval.

ICT Architecture Principles

The Architectural Principles are necessarily aligned with the guiding principles but are more focussed/detailed on Business, Application, Data and Technology architectures.

Business Architecture Principles

B1. The Enterprise Architecture is based on a design of services which mirror real-world activities which comprise the University business processes. B2. A partnership will be cultivated between the various Faculties and business units and ITS, in order to work together towards the attainment of the University's strategic goals. B3. IT investments will be aligned with the strategic goals through a planning and architecture process to implement appropriate enterprise solutions. Hence the architecture, (i.e., the business, information, application, and technology models and principles) will guide the design, implementation, and management of technology assets based on business needs. B4. Business processes and associated IT solutions will be sufficiently modularised and flexible, allowing greater agility and rapid implementation of changes to business rules and processes to facilitate emerging opportunities and evolving needs. B5. Business processes, data and supporting applications will have documented owners, who will be responsible for defining the associated business requirements (e.g., access, validation, maintenance, etc.)

Data Architecture Principles

D1. Information is a corporate asset which should be captured, stored and managed in a way that will allow appropriate levels of sharing across the enterprise. All primary data will be captured once only at the point of creation, and stored and managed to enable appropriate levels of sharing and access. D2. Timely, accurate and complete decision support information will be made available to authorised users through standard tools. D3. Applications will access data through defined interfaces (i.e., through data service brokers rather than directly at the data storage interface) using standard data base and file management facilities.

Application Architecture Principles

A1. When deciding on architectures to implement, the preference will be to leverage and reuse existing solutions, second to purchase new package solutions, and thirdly to build custom solutions. A2. Implementation of applications used across the enterprise is preferred over the implementation of duplicate or similar applications for particular groups. A3. Future applications will be delivered via the Intranet and Internet as web based applications, preferably deployed through key Portals. A4. Application programs, whether purchased or developed internally, will be architected to separate business rules from application logic and provide modular, reusable functionality. A5. Implementation of applications will be managed through defined roadmaps which cover the full application lifecycle.

Technology Architecture Principles T1. The University will be agile, proactive and innovative in its use of technology to provide services T2. Technological diversity is controlled based on a defined set of standards and policies to ensure that IT services are efficient, sustainable, robust and secure.

(Ref : https://www.adelaide.edu.au/infrastructure/strategy/governance/principles)

Delivering high-performance networking to the mass market

From scientific research labs to petrochemical corporations, users of high-performance computing (HPC) clusters are constantly looking for ways to increase interconnect throughput in order to maximize cluster performance. Increasingly, Gigabit Ethernet (GbE) interconnect solutions offer a compelling option for many organizations. The potential for reducing infrastructure costs, converging network technologies and simplifying IT management has led organizations in a range of fields to adopt GbE solutions for their HPC environments. As network hardware vendors continue to improve throughput and reduce latency of these solutions, GbE could continue to attract more and more new customers.

For more than a decade, Force10 Networks has been working with IBM to deliver high-performance GbE networking solutions for HPC. Today, Force10 is collaborating with IBM to provide end-to-end 40 GbE solutions for HPC environments while bringing the benefits of high-performance networking to mass markets.

IBM AND FORCE10 HELP CREATE ONE OF EUROPE’S MOST POWERFUL SUPERCOMPUTERS 

Combining solutions from IBM and Force10 enabled Germany’s Jülich Supercomputing Centre (JSC) to build one of the most powerful supercomputers in Europe and the world. The organization operates a 294,912-core IBM® System Blue Gene®/P environment with Force10 ExaScale E1200i switches to help scientists and researchers solve complex problems and produce detailed models. The switches provide a transparent, high-speed interconnect with the storage system in a dense architecture. With this configuration, the supercomputer—named JUGENE—can provide a net storage capacity of 4.3 PB at an aggregated bandwidth of 66 GB per second.

“We needed a communication switch which was capable of taking over 200 10 GbE ports,” says Klaus Wolkersdorfer, head of the HPC systems division at JSC. “Only the Force10 switch was capable of doing this.” Since the initial deployment in 2007, JUGENE has expanded to more than 800 10 GbE ports.

With a peak performance of 1 petaFLOPS, JUGENE provides HPC users with substantially greater performance than the previous system, all while retaining a small footprint and controlling energy consumption. Given the performance of the system, it is not surprising that JUGENE is attracting new users to JSC from all across Europe.

FORCE10 OFFERS END-TO-END 40 GBE SOLUTIONS

Performance improvements in networking hardware are spurring continued adoption of GbE for HPC. Building on the success of 10 GbE, Force10 and other vendors are introducing products that can deliver even greater bandwidth. While the cost of 100 GbE products could put them out of reach for some organizations, 40 GbE solutions can help many organizations strike an optimum balance between performance and price.

To meet the rising demand for these high-bandwidth solutions, Force10 recently introduced the S-Series S4810 10/40 GbE top-of-rack switch, a high-density 48-port 10 GbE switch with four 40 GbE uplinks. The company also announced a new 40 GbE line card for its ExaScale core switch/router. These 40 GbE products will soon be offered for IBM System Blue Gene/P environments. In addition, a 40 GbE line card will be supported on IBM Intelligent Cluster™ integrated solutions and HPC clusters based on IBM System x® iDataPlex® servers.

“The new Force10 products enable organizations to achieve end-to-end, core-to-edge 40 GbE connectivity,” says Arpit Joshipura, chief marketing officer at Force10. “By combining these 40 GbE products with powerful IBM systems, organizations gain the performance and throughput they need for solving complex problems plus the density and energy-efficiency for controlling costs.”

Because the Force10 ExaScale switch remains at the core of the networking solution whether organizations are using 1, 10 or 40 GbE, organizations can migrate to 40 GbE solutions from earlier platforms while minimizing the upheaval to the network. Tools provided through the Force10 Open Automation Framework can help organizations simplify device management and switch provisioning so they can benefit from high-performance networking without added management complexity.

IBM AND FORCE10 OPEN HPC TO NEW USERS AND USE CASES

By pairing dense, high-performance, end-to-end GbE networking solutions with IBM System x servers, Force10 and IBM are helping to bring the power of HPC to a broader audience. Organizations that might not have used HPC in the past can assemble clusters of cost-effective industry-standard servers and capitalize on speeds of 10 Gbps—and now 40 Gbps—for a wide range of HPC applications.

High-performance GbE networking also creates opportunities that reach beyond traditional HPC use cases. Some organizations could take advantage of 40 GbE throughput to integrate resources from multiple data centers and build high-performance private clouds, opening a new world of possibilities for HPC.

(Reference : http://www-148.ibm.com/bin/newsletter/tool/landingPage.cgi?lpId=3844)

Konvensyen Kebangsaan Gerakan Paralimpik Negara Sedekad 2011-2020 (GPN2010-2020)

Majlis Paralimpik Malaysia (MPM) dengan kerjasama Kementerian Belia dan Sukan (KBS)dan Universiti Teknologi MARA (UiTM) telahpun menganjurkan satu Konvensyen Gerakan Paralimpik Negara Sedekad (GPN2010)di Hotel World Youth, Ayer Keroh, Melaka pada 25 hingga 27 Mac 2011 yang lalu. Tujuan konvensyen ini ialah untuk meneruskan perjuangan Orang Kurang Upaya (OKU) untuk sedekad lagi dengan mendapatkan pandangan orang ramai agar program Gerakan Paralimpik Negara Sedekad Kedua (GPN2020) menemui sasarannya. Buat pertama kalinya saya menjadi peserta konvensyen ini.

GPN2020 adalah satu program Majlis Paralimpik Malaysia untuk menentukan atlet OKU akan mencapai status atlet cemerlang setanding dengan atlit negara maju yang lain. Untuk menjadi negara maju kerajaan seharusnya memberikan hak sama rata antara atlet biasa dengan hak atlet OKU.Perkara-perkara seperti kejayaan atlet OKU tidak mendapat liputan media cetak dan elektronik sepertimana liputan yang diberikan kepada atlet biasa adalah contoh dimana atlet OKU masih terpinggir berbanding atlet biasa. Skim Kemenagan untuk atlet OKU juga tidak setimpal dengan atlet biasa. Ada atlet OKU yang menjadi juara dunia tidak diberi liputan dan ganjaran sewajarnya. Inilah yang akan diperjuangkan oleh MPM untuk sedekad yang akan datang.

MPM juga akan memperjuangkan supaya satu Akta dibuat untuk MPM sepertimana yang telah diperuntukkan kepada Majlis Olimpik Malaysia (MOM) dan Majlis Sukan Negara Malaysia (MSN). MPM juga akan cuba membina Akademi Paralimpik bukan hanya untuk atlet Malaysia sahaja tetapi diiktiraf oleh International Paralympic Committee (IPC) bagi atlet luar negara berlatih atau belajar disini. Blue Print GPN2020 adalah sasaran utama konvensyen ini.

Berdasarkan pemerhatian saya, saya berpendapat konvensyen ini berjaya dan semua resolusi yang diputuskan dalam konvensyen ini perlu dikemukakan kepada pemimpin negara dan perlu diberikan perhatian satu per satu. Tahniah kepada Dekan Fakulti Sains Sukan, UiTM dan Rekreasi kerana menjadi pengerak utama menjadi moderator dan fisilitator sepanjang konvensyen berlangsung.

(Gambar sepanjang konvensyen0 GPN2010/20)

Pengajian tinggi ke arah transformasi negara - Datuk Seri Hj.. Mohamed Khaled Nordin

DALAM konteks negara kita Malaysia, sektor pengajian tinggi merupakan faktor kritikal dalam mentransformasi negara melalui sumbangan pengeluaran modal insan yang berkualiti. Kita perlu bersama menjayakan transformasi kerajaan, transformasi ekonomi dan seterusnya menggalas amanah Rancangan Malaysia Kesepuluh (RMKe-10) dan Model Baharu Ekonomi (MBE) dengan meningkatkan keupayaan pengetahuan dan inovasi negara.

Bagi menentukan agar Malaysia berjaya menjadi negara maju berpendapatan tinggi dan mempunyai peranan penting dalam ekonomi global, satu-satunya pilihan kita ialah menggerak aktifkan semua potensi, kemahiran dan bakat seluruh rakyat Malaysia. Apabila kita sedar bahawa negara China dan India mampu melahirkan empat juta graduan setahun, negara kita yang kecil ini tidak mungkin dapat meminggirkan potensi setiap seorang anak Malaysia dan mengabaikan bakat anak-anak muda kita.

Kita mesti memastikan setiap orang, tidak kira latar belakang etnik, agama, ekonomi dan daerah mendapat peluang bukan sahaja dalam menguasai ilmu di bidang pendidikan, tetapi juga melibatkan diri dalam program-program yang mengetengahkan bakat dan potensi mereka di mana ianya selari dengan konsep keterangkuman.

Universiti pada dekad ini, arah tujunya banyak dipengaruhi dan ditentukan oleh proses globalisasi dan kuasa pasaran. Semua ini menuntut pengorbanan dan pembaharuan malah keberanian melakukan rejuvenasi, mengembali dan menyuburkan semula budaya akademia sebenar dalam universiti.

Sebagai sebuah organisasi yang berteraskan pendidikan, universiti harus menjadi medan di mana semua idea dan pemikiran dapat diperdebatkan secara ilimiah dan terbuka, dan juga memberi ruang kepada idealisme positif berkembang memandangkan komitmen mencari kebenaran sememangnya mendasari kewujudan sesebuah universiti.

Selain itu, komitmen yang tinggi terhadap kecemerlangan dan kepelbagaian juga perlu diperkukuhkan. Tiada kejayaan yang bermakna jika sesuatu itu tidak mencapai tahap kecemerlangan.

Oleh itu, kecemerlangan harus membudaya dan dibudaya terutamanya dalam kalangan masyarakat universiti. Pengurusan universiti mesti peka yang mereka adalah institusi yang mengurus pekerja berilmu dan pendekatan pengurusan perlulah memenuhi aspirasi ini.

Mereka mesti membangunkan budaya bekerja secara berkumpulan, mampu menguruskan bakat yang ada dan bersedia serta terbuka dalam soal peralihan kuasa kepemimpinan. Dalam menjayakan hasrat kerajaan agar ada nilai dalam perbelanjaan (value for money), semua peruntukan yang diberikan kepada universiti mesti diuruskan sebaik mungkin, telus dan impaknya mesti dirasakan.

Pimpinan utama universiti perlu mempunyai visi dan misi yang jelas, memahami budaya dan kehendak universiti masing-masing, mempunyai kesungguhan dan semangat, dan berlumba-lumba untuk meningkatkan kemajuan prestasi dan kreadibiliti universitinya. Kesemua pemimpin terutama Naib Canselor mestilah mampu menonjolkan kepemimpinan akademik yang berupaya mendapat penghormatan, menjadi rujukan, dan mendapat sanjungan ahli akademik yang lain.

Dalam masa yang sama, Naib-naib Canselor mesti mampu membangun dan menjalinkan jaringan dan hubungan intelektual termasuk di peringkat antarabangsa terutamanya dalam usaha mengumpul dana bagi mengukuhkan pendapatan dan kedudukan kewangan universiti.

Pendek kata, Naib Canselor dan kepemimpinannya mesti berani melagang perubahan untuk memastikan universiti mereka mampu bersaing dalam mendapatkan pelajar paling berbakat, menjadi fakulti paling tersohor dan mendapat geran penyelidikan paling ternama.

Sudah sampai masanya pemimpin utama di universiti memainkan peranan yang lebih luas dari lingkungan universiti masing-masing terutamanya bagi universiti penyelidikan untuk menjayakan peranan yang lebih global sifatnya.

Sehubungan dengan itu, sebahagian universiti kita juga mesti memiliki pengiktirafan antarabangsa jika kita ingin mengekalkan daya saing Malaysia. Sektor pengajian tinggi terutamanya di peringkat universiti, sudah menjadi perkara universal. Bila kita bercakap mengenai Universiti Oxford atau Harvard, kita tidak melihatnya sebagai sebuah universiti milik negara atau bertaraf kebangsaan semata-mata tetapi mereka dilihat sebagai universiti milik antarabangsa yang diiktiraf dunia.

Oleh itu, universiti kita harus berani mengambil cabaran untuk meningkatkan kedudukan masing-masing di peringkat antarabangsa. Naib-naib Canselor dan pasukan kepemimpinannya mestilah bersedia mengorak langkah untuk meletakkan universiti mereka sebagai entiti yang memiliki pengiktirafan antarabangsa melangkaui lingkungan kebangsaan atau negara.

Justeru, saya ingin menyeru agar kedudukan dan pencapaian universiti diukur berasaskan kepada sama ada mereka kekal 'Relevant' (relevan), 'Referred' (dirujuk) dan 'Respected' (dihormati). Dan ukuran 3R ini mestilah diasaskan kepada tiga (3) peringkat persekitaran yang mengelilinginya iaitu di peringkat kebangsaan, serantau dan juga global.

Setiap universiti perlu berusaha membangun dan mencapai kedudukan itu secara berperingkat. Dan ukuran tersebut pula perlu diasaskan kepada hubungan dan peranan setiap universiti dengan semua pemegang taruhnya iaitu kerajaan, pelajar, industri dan masyarakat, di mana setiap pemegang taruh akan melihat dan menilai setiap institusi kita sama ada ia kekal relevan, dirujuk dan dihormati.

Mungkin bagi memenuhi keperluan ini, maka setiap universiti perlu untuk membangunkan niche area mereka masing-masing lantaran terus menjadikannya sebagai satu kekuatan. Kalau bidang tujahan kita adalah dalam pengurusan atau keusahawanan atau pengurusan dalam kewangan Islam atau perubatan tropikal, kita mesti yakin dan tahu di tahap manakah kita berada dalam jangkauan status universiti kita, adakah kita telah diterima dan diiktiraf di peringkat kebangsaan, serantau dan global, atau universiti kita masih tidak mencapai mana-mana peringkat yang diikitiraf.

Ruang lingkup dan sumber persediaan kita tidak harus bersifat terlalu kecil sebaliknya mestilah melangkaui ruang lingkup yang besar agar kita dapat bergerak dan bertindak dengan berkesan di kesemua peringkat.

Tidak dinafikan, universiti pada hari ini, bukanlah semata-mata menjadi menara gading dan gedung ilmu tetapi ia juga sepatutnya menjadi tempat penjana tenaga masyarakat yang dinamik, sentiasa membangun dan maju. Bagi memperkukuhkan lagi peranan dan kedudukan universiti untuk memimpin masyarakat dan negara, kementerian akan memperkenalkan satu lagi Projek Agenda Kritikal (Critical Agenda Project-CAP) iaitu Program Pemindahan Ilmu (Knowledge Transfer Programme, KTP), menjadikan jumlah CAP di bawah Pelan Strategik Pengajian Tinggi Negara (PSPTN) kepada 23 kesemuanya.

Selain dari menjayakan usaha pemindahan ilmu, bersesuaian dengan kesejagatan kerjaya ahli akademik, mereka perlu digalakkan untuk terlibat dengan mobiliti untuk menyumbang kepakaran kepada sektor-sektor perkhidmatan awam yang lain sama ada melalui kaedah peminjaman, berkhidmat secara pentadbiran dan sebagainya.

Bagi menjayakan mobiliti akademik ini, beberapa perkara perlu diberikan penekanan, antaranya pengurusan universiti perlu membina dasar baharu yang mendukung "peranan ahli akademik untuk pembangunan negara".

Kepimpinan universiti perlu mempunyai pemikiran terbuka serta mempercayai bahawa sumber akademik yang bernilai universal, perlu dimanfaatkan untuk pembangunan negara dalam kerangka pelan mobiliti akademik yang baharu.

Walaupun penting bagi ahli akademik untuk menjalankan tugas asas di institusinya, mereka perlu digalakkan menyumbang merentasi fakulti/institusi, universiti atau agensi luar (kerajaan mahupun swasta) berasaskan kepakaran dan keupayaan mereka. Justeru, konsep pelantikan bersama (double-triple, multi appointment) boleh dikaji dan dipertimbangkan.

Selain itu juga, bagi mengiktiraf tenaga akademik yang terlibat dalam mobiliti akademik ini, penilaian tahunan, penghormatan, kenaikan pangkat dan penilaian pencapaian perlu mengambil kira keseluruhan sumbangan mereka di semua peringkat di luar fakulti selain universitinya.

Hari ini misalnya, terdapat ramai tenaga akademik daripada IPTA khususnya, dipinjamkan untuk mengisi jawatan-jawatan terbuka atau open post di pelbagai kementerian dan jabatan, sama ada di dalam atau di luar negara. Peminjaman mereka pastinya berasaskan kepada kemampuan dan kepakaran yang dimiliki oleh mereka, justeru itu, kementerian dan jabatan-jabatan yang terlibat amat menghargai kesediaan dan komitmen mereka untuk bersama-sama menggembleng tenaga membantu negara dalam kapasiti yang berbeza.

Kepulangan mereka nanti ke IPTA masing-masing iaitu selepas tempoh peminjaman tamat, diharapkan pengiktirafan dan kedudukan yang bersesuaian wajarlah diberikan kepada mereka dengan mengambil semangat kerangka mobiliti akademik yang akan kita perkenalkan ini.

Seperti yang kita semua sedia maklum, kerajaan telah memperkenalkan konsep cross-fertilization di mana beberapa ahli akademik boleh dilantik berkhidmat di pelbagai kementerian dan agensi dan saya berhasrat untuk melihat pengalaman mereka dapat dimanfaatkan oleh kerajaan dan swasta dan pengalaman baharu itu pula dapat di bawa pulang semula ke universiti masing-masing. Universiti hendaklah bersedia menerima mereka dalam kapasiti baharu sesuai dengan pengalaman dan pengiktirafan yang telah diberikan.

Justeru, universiti diminta meneliti semula perkara ini agar bakat mereka dapat dimanfaat di pelbagai peringkat untuk membantu negara, serta dalam masa yang sama dapat mengekalkannya untuk kembali berkhidmat dengan universiti apabila kemudiaan kelak.Jika ini gagal dilaksanakan, saya bimbang universiti akan kehilangan lebih ramai bakat pada masa hadapan dan hasrat negara untuk perkongsian ilmu tidak akan tercapai.

The Twelve Principles of Agile Software

• Our highest priority is to satisfy the customer through early and continuous delivery of valuable software.
• Welcome changing requirements, even late in development. Agile processes harness change for the customer's competitive advantage.
• Deliver working software frequently, from a couple of weeks to a couple of months, with a preference to the shorter timescale.
• Business people and developers must work together daily throughout the project.
• Build projects around motivated individuals. Give them the environment and support they need, and trust them to get the job done.
• The most efficient and effective method of conveying information to and within a development team is face-to-face conversation.
• Working software is the primary measure of progress.
• Agile processes promote sustainable development. The sponsors, developers, and users should be able to maintain a constant pace indefinitely.
• Continuous attention to technical excellence and good design enhances agility.
• Simplicity--the art of maximizing the amount of work not done--is essential.
• The best architectures, requirements, and designs emerge from self-organizing teams.
• At regular intervals, the team reflects on how to become more effective, then tunes and adjusts its behavior accordingly.

Agile Manifesto

In February 2001, 17 software developers met at a ski resort in Snowbird, Utah, to discuss lightweight development methods. They published the "Manifesto for Agile Software Development" to define the approach now known as agile software development. Some of the manifesto's authors formed the Agile Alliance, a nonprofit organization that promotes software development according to the manifesto's principles.

Agile Manifesto reads, in its entirety, as follows:

We are uncovering better ways of developing software by doing it and helping others do it. Through this work we have come to value:

Individuals and interactions over processes and tools

Working software over comprehensive documentation

Customer collaboration over contract negotiation

Responding to change over following a plan

That is, while there is value in the items on the right, we value the items on the left more.

Twelve principles underlie the Agile Manifesto, including:

• Customer satisfaction by rapid delivery of useful software
• Welcome changing requirements, even late in development
• Working software is delivered frequently (weeks rather than months)
• Working software is the principal measure of progress
• Sustainable development, able to maintain a constant pace
• Close, daily co-operation between business people and developers
• Face-to-face conversation is the best form of communication (co-location)
• Projects are built around motivated individuals, who should be trusted
• Continuous attention to technical excellence and good design
• Simplicity
• Self-organizing teams
• Regular adaptation to changing circumstances

In 2005, a group headed by Alistair Cockburn and Jim Highsmith wrote an addendum of project management principles, the Declaration of Interdependence to guide software project management according to agile development methods.

Practical cost saving benefits of cloud-based email management

Thinking about cutting costs by switching to email archiving and management in the cloud, but not sure how it all adds up? Understand the different ways Mimecast saves you time and money and put figures on what your own cost savings will be.

Can using Software-as-a-Service be cheaper than running the equivalent software in-house? Yes, especially when one service can replace multiple software tools for you. But will it actually be cheaper for your business and how can you work out the savings? Check out how Mimecast could bring down your email management bills, step by step.

1. Consolidate your email environment

2. Reduce help desk queries

3. Eliminate technology gaps & overlaps

4. Save on staff costs

5. Reduce ongoing costs

6. No unexpected costs

7. Cut the cost of downtime

8. Don’t pay extra for performance

9. Pay for what you use

10. Immediate value

(Reference: http://www.mimecast.com)

Five Best Practices for Unified Communications

Background

To meet today’s increasing demands, businesses need to communicate and collaborate more efficiently. Communication needs to be timely and effective, reaching people where and when they want to be reached, at the office, at home or on the go. Collaboration needs to include a broad sweep of individuals, cross geographic and organizational boundaries and be integrated with business processes.

One way to address these needs is with Unified Communications (UC), which brings together the tools of voice, email, messaging and conferencing and integrates them with business applications such as enterprise resource planning (ERP) and customer relationship management (CRM). UC can improve organizational efficiencies, while simultaneously empowering knowledge workers.

The efficiency gains come from the integration and optimization of communication silos, supported by enterprise-wide standards and shared services. Productivity gains are harder to measure, but there’s a clear intuitive benefit that could be realized by reducing human latency. It might be hard to quantify, but we’ve all experienced the frustration of “telephone tag.” With a UC platform, employees can see who’s available at a glance, before placing the call.

Characteristics of Successful UC Projects

Enterprises that have begun migrating toward UC have been experiencing some challenges. For UC to be effective, the entire network must be prepared to manage the applications. The more complex the network, the more difficult it is to roll out UC. Limited platform choices and inflexible pricing models are making choices more challenging for network managers. Return on Investment (ROI) for UC is also hard to provide in dollars and cents, as much of the value comes from improved communications among employees and customers. Early Adopters of UC indicate that successful UC programs share the following characteristics:

• They are often inspired by IT, but are always driven by clear business needs – it’s not just a matter of rolling out the infrastructure.

• They are well supported by existing architectures, and their complexity is acknowledged – programs succeed when they’re supported by detailed plans to manage both technical and organizational change.

• They focus on the smallest practical set of technology choices to minimize interoperability issues

Five Best Practices

Enterprises that are realizing value from their UC programs are succeeding because they’ve followed some basic, common-sense practices. If your organization is considering a move in this direction, here are five best practices to consider:

1. Define a Guiding Vision that will Lead Toward Increased ROI UC depends on network readiness, network and application convergence and integrated wired and wireless access. It also involves a blending of software and platform capabilities, leaving most enterprises with a multi-vendor solution. Managing the integration of disparate communications tools and dealing with the associated re-training programs also makes for a complex transition. Developing the right strategy requires a long-term view, as well as an understanding of the short-term challenges.

2. Include Sufficient Up-Front Planning.

A clear roadmap for a UC implementation can help businesses manage expectations and be sure that time frames are realized. It should recognize that UC is not a software-only concept, and include initiatives aimed at ensuring end-user acceptance. The plan should also consider whether some commodity services might need to be outsourced, so corporate knowledge resources can focus on strategic UC applications.

3. Clearly Align Business and Technical Requirements

Phased migration plans can maximize the value of existing investments in applications, messaging, voice and other supporting infrastructures. Vendor-agnostic product recommendations can help ensure that the design meets an organization’s specific requirements, and UC migration planning should also consider next generation service architectures, such as IP Multimedia Subsystem (IMS).

4. Find the Right Champion for the UC Program

Some programs emerge from IT and seek to introduce new capabilities. Programs may also emerge from business units seeking to establish UC capabilities to support a new product, service or business initiative. Regardless of the champion, there must be a well-developed integration plan and a realistic level of funding.

5. Establish Cross-Functional

Teams to Help Manage the Implementation. These teams can help deal with the complexity of a “meta-technology” environment that includes many different parts, and can develop a single methodology for planning implementation and introduction. Cross-functional teams can also be invaluable when it comes to communicating the benefits across the organization, as well as to customers, partners and suppliers.

Seeing Benefits

Once a UC program is under way, reaping the benefits is ultimately up to the users. An enterprise can make all the right decisions and deliver on a well-thought-out strategy and still not benefit from UC. Employees must be willing to make changes in the way they conduct business and communicate. UC can increase the efficiency of virtual teams, while reducing travel time and expenses, and can

also eliminate some communication barriers, reduce cycle times and improve the quality of day-to-day communication. UC can support the re-engineering of business processes and accelerate process improvement, but only if process owners are willing to evolve. If not addressed, user resistance to change can be a deal-breaker for an otherwise well-planned UC program.

Despite the great promise of UC, it remains a challenging prospect. Standards are still emerging and different vendors offer different approaches. Independent advice can help companies select the strategies, architectures and deployment plans that make sense for them.

(Reference : AT&T)

THINGS YOU SHOULD KNOW ABOUT - DNSSEC

Scenario

When Laura returns to campus after the holiday break, she is shocked to hear that she has been de-registered from classes due to nonpayment of tuition. She calls her parents, who confirm that they paid her bill online in early December. They tell her that when they went to the bursar’s website, the page looked a bit different and asked for information they had previously entered, but the browser displayed the padlock icon indicating a secure connection, so they paid the bill as usual. They assure her that the funds have already been transferred from their bank account. Laura heads over to the bursar’s office, only to find a crowd of students in the same boat. As they talk about their predicament, they discover that they all paid their tuition online and that they all use the same regional ISP.

Further investigation by the university’s IT staff confirms that the students fell victim to DNS cache poisoning—a kind of computer attack in which hackers insert bad data into an ISP’s name server cache, which, as a result, directs Internet traffic from an intended site (in this case, the bursar’s website) to another location. The hackers even purchased an SSL certificate so that the bogus site would have the padlock icon.

The university has to let several hundred students re-register without having yet paid tuition, and the students and their families spend months getting their banks to refund the money that was fraudulently transferred from their accounts.

In the future, as administrators of domains and websites implement DNSSEC, such attacks will be prevented. DNSSEC adds a set of security provisions to the way Internet traffic is routed through name servers, protecting users from the kind of attack Laura suffered. When DNSSEC is implemented, if a user’s computer is redirected to a bogus version of a website, software that manages web traffic will encounter security keys that should match but do not, indicating a problem. In this way, DNSSEC will plug a fundamental weakness of the Internet.

What is it?

Internet-connected devices are identified by IP addresses, though users typically only know web addresses—people can remember “example.edu,” for instance, more easily than “192.168.7.13.” The Domain Name System (DNS) uses a distributed network of name servers to translate text-based web addresses into IP addresses, directing Internet traffic to proper servers. Though invisible to end users, DNS is a basic element of how the Internet functions.

DNS was built without security, however, leaving Internet traffic exposed to forged DNS data, which, among other things, allows the spoofing of addresses to redirect traffic to malicious websites. DNS Security Extensions (DNSSEC) adds security provisions to DNS so that computers can verify that they have been directed to proper servers. DNSSEC authenticates lookups of DNS data (including the mapping of website names to IP addresses) for DNSSEC-enabled domains so that outgoing Internet traffic (including e-mail) is always sent to the correct servers, without the risk of being misdirected to fraudulent sites.

Who’s doing it?

VeriSign administers the “root,” which supports all top-level domains (TLDs) (.com, .net, .info, and so forth), and is expected to implement DNSSEC for the root (“sign the root”) in 2010. Once that happens, DNSSEC traffic can be validated at its highest level—the root. Several nations—including Sweden (.se domain), Brazil (.br), Bulgaria (.bg), and the Czech Republic (.cz)—have implemented the technology for their country-code domains, and the Public Interest Registry has enabled DNSSEC validation for the .org domain. As part of its compliance with the Federal Information Security Management Act of 2002, which requires increased security for the nation’s cyberinfrastructure, the U.S. federal government has implemented DNSSEC for the .gov domain. Until the root is signed, these domains will use a surrogate authority to validate their DNSSEC-enabled web traffic, but all TLDs will eventually use DNSSEC. EDUCAUSE is working with VeriSign to implement DNSSEC for the .edu domain, also in 2010, and this effort is expected to provide guidance about best practices to smooth the transitions of the much-larger .com and .net domains in 2010 and 2011.

How does it work?

As data packets travel over the Internet, DNS provides the “maps” that correlate web addresses with IP addresses and route traffic to proper destinations. Because DNS does not provide a mechanism to authenticate the data in name servers, forged or corrupt data in a name server can direct traffic to the wrong server—a weakness that malicious parties use to their advantage. DNSSEC adds digital signatures that ensure the accuracy of lookup data, guaranteeing that computers can connect to legitimate servers.

With DNSSEC, a series of encryption keys are handed off and authenticated—the second-level domain (SLD) key (from example. edu) is authenticated by the TLD (.edu), and the TLD key is authenticated by the root. In this way, when an SLD, its parent TLD, and the root are all signed, a chain of trust is created. (Holders of SLDs can implement DNSSEC before their TLD or the root is signed, creating so-called “islands of trust” that rely on intermediate measures to validate their encryption keys.) If the encryption keys don’t match, DNSSEC will fail, but because the system is backwards-compatible, the transaction will simply follow standard DNS protocols.

The value of the system will come when the root, the TLDs, and SLDs are signed, allowing DNSSEC to be used for all Internet traffic. At that point, when DNSSEC fails, users will not be routed to bogus servers, and they might also be notified that nonmatching DNSSEC keys prevented their transaction from going through.

Why is it significant?

Hackers continue to exploit the security weakness of DNS to their advantage. By caching address information, name servers don’t have to look up the IP address every time a frequently visited site is accessed, and this speeds up the experience for end users. If hackers are able to insert a bogus IP address into a cache, however, all users of that name server will be directed to the wrong site (until the cache expires and is refreshed). Corrupting the operation of DNS in this way can lead to many kinds of fraud and other malicious activity. By plugging some of the largest security holes in the Internet, DNSSEC has the potential to significantly expand the trustworthiness—and thus the usefulness—of the Internet as a whole.

What are the downsides?

Fully implementing DNSSEC will require an enormous amount of work across every quarter of the Internet—signing the root and the TLDs is simply the tip of the iceberg. Participation is voluntary at this time, and the benefit that DNSSEC ultimately provides will be a reflection of the willingness of domain holders to do that work—that is, the value of DNSSEC will be in direct proportion to the number of sites that implement it. Even after the root and the TLDs are signed, the advantage of DNSSEC will be qualified by uneven rates of adoption. Adding encryption keys to Internet lookups introduces complex logistical problems of managing those keys, such as how to periodically update keys without breaking the way name servers (and their caches) work, and how to accommodate the differing keys and protocols of different TLDs. Name server software is still evolving to support DNSSEC; many organizations will need to update their DNS software, and, in some cases, hardware upgrades will also be required. In addition, DNSSEC might degrade the speed of Internet lookups, resulting in a slower experience for end users. On top of the technical and resource-based challenges are policy issues that will need to be resolved at an international level. The effort to implement DNSSEC for the root has renewed a longstanding debate about where “control of the Internet” resides.

Where is it going?

Having the root and TLDs signed will provide some incentive for domain holders to implement DNSSEC because the chain of trust can be established, but until a critical mass of domains incorporate the technology, the benefits might not seem to justify the effort. Administrators of most TLDs are expected to develop resources to help ease the implementation of DNSSEC for domain holders, but many of the thorniest technical issues—about not only the transition to but also the maintenance of DNSSEC in practice—still need to be sorted out. Presumably, as domains begin implementing DNSSEC in large numbers, momentum will grow and sustain the transition, but it remains to be seen how long the process might take or at what point a mandate to implement DNSSEC will be required for full adoption.

What are the implications for higher education?

The risks posed by DNS and the benefits of implementing DNSSEC have special significance for higher education. Colleges and universities are expected to be “good Internet citizens” and to lead by example in efforts to improve the public good. Because users tend to trust certain domains, including the .edu domain, more than others, expectations for the reliability of college and university websites are high. To the extent that institutions of higher education depend on their reputations, DNSSEC is an avenue to avoid some of the kinds of incidents that can damage a university’s stature.

In more tangible terms, higher education institutions store enormous amounts of sensitive information (including personal and financial information for students and others, medical information, and research data), and they maintain valuable online assets to which access must be effectively restricted. DNS attacks result in stolen passwords, disrupted e-mail (which often is the channel for official communications), exposure to malware, and other problems. DNSSEC can be an important part of a broad-based cybersecurity strategy.

(Reference : http://www.educause.edu)