About 38 percent of U.S. consumers are watching TV shows online, 36 percent use their cell phones as entertainment devices and 45 percent are creating online content like Web sites, music, videos and blogs for others, according to a new-media survey from Deloitte %26 Touche. The findings of the online survey of 2,081 Americans, conducted Oct. 25-31, were provided to The Hollywood Reporter before their official release next month. The "State of the Media Democracy" notes that in Deloitte's first edition of the survey just eight months earlier, 24 percent of consumers used their cell phones as entertainment devices, meaning that usage has soared 50 percent. About 62 percent of "millennials" (consumers 13-to-24-years-old) are using their cell phones as entertainment devices, up from 46 percent in the previous study conducted Feb. 23-March 6, 2007. And among Generation X consumers (25-to-41-year-olds), the number grew to 47 percent from 29 percent in the earlier survey. About 20 percent of consumers said they are viewing video content on their cell phones daily or almost daily. The percentage of consumers watching TV online jumped from the 23 percent figure reported in the previous study. Roughly 54 percent of those surveyed said they are making their own entertainment content through editing photos, videos or music, 45 percent said they are producing that content for others to see, and 32 percent said they consider themselves to be "broadcasters" of their own media. "I think for advertisers one of the conclusions is you don't make decisions to advertise either on television or the Internet when you want to hit all the demographics, but rather you need to have a multi-platform strategy," said Ken August, vice chairman and national sector leader for Deloitte %26 Touche's media and entertainment practice, which commissioned the study. "It shouldn't be an either/or proposition." Among the study's other findings:

• 54 percent of consumers said they socialize via social networking sites, chat rooms or message boards, and 45 percent said they maintain a profile on a social networking site.
• 85 percent of consumers still find TV advertising to have the most impact on their buying habits, but online ads are second best, with 65 percent of consumers saying they have the most impact, beating out magazines at 63 percent.

NEW YORK, Dec 20 (Reuters) - Cisco Systems' Chief Development Officer, Charles Giancarlo, widely seen as a top candidate for CEO, announced he was quitting the company on Thursday, leaving the race for leadership wide open. Giancarlo, 50, said he would leave the network equipment maker at the end of the month and start working at private equity firm Silver Lake as a managing director in January. "It's been a very difficult decision for me to leave Cisco," Giancarlo told reporters on a conference call, reflecting on the past 14 years at the company, which is now the top maker of routers and other network equipment. Giancarlo, who goes by "Charlie," said he made the decision with his next 10 years in mind. His resignation comes after Mike Volpi, who was also seen as a potential successor to Chief Executive John Chambers, quit to join Internet video service Joost earlier this year. Volpi's departure was seen as clearing the way for Giancarlo to take on the top job. Chambers said the company had plenty of talent left to ensure a smooth transition. The company also announced a management reorganization and said it would not replace the CDO position. Giancarlo oversaw technology development for the overall company, including routing and switching, as well as digital video and other emerging technologies. Earlier in his career, he led acquisitions and helped organize alliances with companies such as IBM and Microsoft. NEXT CEO Chambers said he would likely decide who would be the next CEO in around 3 years to 5 years. He denied the company was losing leadership talent, saying the CEO post would "most likely be filled from someone within." Analysts have mentioned Robert Lloyd, who heads operations in the United States, Canada and Japan, and Richard Justice, in charge of worldwide sales, as possible CEO candidates. JP Morgan analyst Ehud Gelblum said the next CEO was likely to come from the sales side and that Giancarlo, while highly capable, was not necessarily the heir-apparent. "As far as next CEO, the natural progression is from sales, so Charlie was not really in that line, even though people outside of the company thought so," he said. He has an "overweight" recommendation on the shares. Cisco shares were little changed in after-hours trading, inching up to $28.30 each compared with the close at $28.28.

Our company has Japan TOCOS potentiometer RV24YN 20S B502 now to supply. .
http://miede.109876543210.cn/n/Supply-TOCOS-potentiometer-RV24YN-B502-TaleVF1q/

NEW YORK, Dec 19 (Reuters) - NetSuite, a software company controlled by Oracle Chief Executive Larry Ellison, on Wednesday raised $161 million with an initial public offering that priced far higher than expectations. About 6.2 million shares sold for $26 apiece, according to an underwriter. That price was double the low end of an initial forecast range of $13 to $16, and $4 a share higher than the top of the final forecast of $19 to $22 on Wednesday. Underwriters, led by Credit Suisse and with W.R. Hambrecht as co-manager, have the option to purchase an additional 930,000 shares to cover overallotments. If the "greenshoe" option is exercised, NetSuite will have raised about $185 million. Its market capitalization is about $1.5 billion, based on its IPO price. About 10 percent of the company's outstanding shares are being floated in the public offering. NetSuite, which will remain majority-owned by Ellison after the offering, plans to use the proceeds to pay down a line of credit from an Ellison-controlled company, which had a balance of $8 million as of Sept. 30, and for capital expenditures, including a second data center. The San Mateo, California-based company, which targets its Web-based software products at small and mid-sized businesses, has been approved to list its shares on the New York Stock Exchange under the symbol "N". Trading is expected to begin on Thursday.

By Phil Berardelli
ScienceNOW Daily News
3 December 2007 Scientists have detected signs that the planet's tropics may have expanded much farther north in the past 3 decades than climate models had predicted for the next century. If the findings are confirmed and the trend continues, it could place major strains on subtropical ecosystems, hasten the spread of tropical diseases, and generally make life less pleasant for populations living with the zones of change.

The tilt of Earth's axis creates the tropical zones, which form a 47%26deg;-latitude belt around the planet's midsection. Also helping form these warm-weather regions are the distribution of water, land, winds, and currents. These processes take warm, moist air from the equator and send it toward the poles, where it raises temperatures in regions such as most of Central and South America, central and southern Africa, Southeast Asia, and a good bit of Australia. Climate models predict that global warming could be causing the tropics to expand. So far, they have suggested a creep of 2%26deg; of latitude north and south, but only over the next century.

To find out what has happened so far, a team led by climate scientist Dian Seidel of the National Oceanic and Atmospheric Administration in Silver Spring, Maryland, examined the stratosphere for signs of change in the tropics. She and colleagues surveyed five sets of data collected by satellites and weather balloons from 1979 to 2000. The data showed that tropical climate patterns, such as increased ozone concentrations and temperatures, in the stratosphere had expanded by up to 4.5%26deg; of latitude--depending on the observations--in the Northern Hemisphere during that short period.

Seidel says the reason for the difference between the model predictions and the observed data could be that the models tend to concentrate on the lower atmosphere and Earth's surface, not on the interactions with the stratosphere. Although the changes there are indeed occurring, "we don't know yet what that means for the surface," says Seidel, whose team reported the findings online 2 December in Nature Geoscience.

Atmospheric scientist John Wallace of the University of Washington, Seattle, says the survey "makes a compelling case that the tropical belt has widened substantially over the past 30 years," and if it continues at the same rate, "it will have major societal implications."

Security vendor Cenzic has issued an advisory warning against alleged vulnerabilities in Google's Gmail and Microsoft's Internet Explorer. The vulnerabilities involve potential Cross-site Request Forgery (CSRF) and Cross Site Scripting (define) attacks that could be used to take users' information. In the case of Gmail, Cenzic alleges that the CSRF exists for addresses that display attachments. With Microsoft's IE, the company said the problem is with how caching occurs which could lead to a XSS attack. Cenzic alleges that the user's cache could be exploited across shared accounts on the same PC. "Google takes security issues very seriously and will respond swiftly to fix verifiable security issues," Google responded in an e-mail reply to InternetNews.com about the report. "When properly notified of legitimate issues, we do our best to acknowledge every report, assign resources to investigate them, and fix potential problems as quickly as possible." The Google statement went on to downplay the issue that Cenzic described in its advisory. "In this case, a malicious user (even a non-administrator) using a shared computer could alter the environment (in this scenario, modify data in the local browser cache) to make it hostile for all subsequent users," Google stated. "But this is not specific to Gmail or Google products -- a malicious user could exploit a shared computer any number of more direct ways, e.g. by installing a user-mode keylogger." Mark Miller, director of security response for Microsoft, noted that Microsoft is investigating new public claims of a possible vulnerability in Internet Explorer. Microsoft similarly downplayed the severity of Cenzic's alleged vulnerability. "We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," Miller wrote. Miller did not directly name Cenzic in the e-mail though a Microsoft spokesperson confirmed that the statement was sent in reference to a query made by InternetNews.com about Cenzic's allegations. "Microsoft has thoroughly investigated the claim and found that this is not a product vulnerability. In the scenario in question an attacker would need authenticated access to the system in order to modify files located in the cache. With that level of access, an attacker could install malicious programs that would have more impact than the scenarios described." Mandeep Khera, VP of marketing at Cenzic explained to InternetNews.com that Cenzic followed its responsible vulnerable disclosure policy and notified both vendors over 4 weeks ago. In his opinion both vendors were very responsive and replied immediately. Khera noted that he was currently unaware of any exploits in the wild for the discovered issues. He admitted however that there might be many cases of this that have never been reported. "Google and Microsoft don't believe the problem is very serious since an attacker requires access to the physical machine," Khera said. "However, Cenzic believes that this problem can be serious for shared computers at Airport Kiosks, Internet Cafes, and other public places where the machines are shared." So what should end users do to protect themselves? According to Khera, Cenzic is advising all consumers who use shared machines to disable browser caching when they are accessing a public machine. "This will make the experience less user-friendly but at least it's safer."

Use:Can various block rubber;Arbitrarily cuts off.The adaptation is at various inclined glue tire;Steel wire tire;Rubber the cutting which wait a rubber piece. Texture and priniple:That machine from one paraquinones blades;2 decelerate dynamo;Bay and slew
http://zt.zhikediguo.com/r/Supply-220-rubber-cutters-lOu5xQai/

ten thousand on canal plant produce H41 ?? 1.6 patterns quickly the shut type noise elimination nonreturn valve quickly the shut type noise elimination nonreturn valve is a kind of installation the canal is at the water pump export up, exclusively used fo
http://zt.zhikediguo.com/n/Ten_thousand_on_canal_the_plant_produce_quickly_the_shut_type_noise_elimination_nonreturn_valve-9qkI2BWp/

Six months ago, Linux vendor Red Hat acquired the closed source Exadel Studio Pro IDE and pledged to turn it into a fully open source Red Hat product. On Monday, Red Hat officially released JBoss Developer Studio (JBDS), based on the Exadel product as a 100 percent open source IDE (define). The new Eclipse based IDE offering from Red Hat's JBoss division will provide a development environment that will work on both Windows and Linux for Java middleware solutions from JBoss. "Other commercial Eclipse-based offerings leverage open source technology like the Eclipse framework," Bryan Che, product manager at Red Hat told InternetNews.com. "But, they keep all their best stuff proprietary, and that is their incentive for developers to buy a license. Because JBoss Developer Studio is 100 percent open source, we offer developers a different and better value around integration and certification." Among the other vendors that use Eclipse as a base for their IDE is IBM, which uses Eclipse as a base for its Rational IDE products. An IBM spokesperson was not immediately available for comment. Che argued that unlike a pure Eclipse tooling product, when a developer installs JBDS, the developer gets an integrated environment that includes Eclipse, Eclipse Tooling and the JBoss Enterprise Application Platform. All of the included components are also certified to work together. "When new versions of technologies come out, the developer can upgrade via JBDS and know that all the new technologies and their dependencies will be certified to work together so that the developer's environment continues to work," Che explained. Though, historically, JBoss users have had other IDE's they could use, Che was optimistic about JBDS and noted that Red Hat has seen substantial interest from JBoss users in JBDS. The first beta of JBDS was released in August and since then, Red Hat claims the IDE has had over 100,000 downloads. Che said the beta process was great for providing feedback around bug reports and desired functionality in JBDS. "We did not make dramatic changes in functionality," Che noted. "However, we did bring in updated features and capabilities in existing tools like additional Seam Tooling options." Another interesting fact that emerged during the beta period was the platform that developers used for the IDE. "The majority of the beta users were on Windows," Che noted. While JBDS currently is available for both Windows and Linux, the plan, according to Che, is to add Mac OS support soon. JBDS is licensed under the GPL version 2 open source license. Developers can download source code from JBoss as well as purchase a subscription-based product. Initial pricing for JBDS is $99.

It's that time of year when the major search companies take a look back at what search terms and categories were popular this year. Yahoo released its list of the most popular search terms to date for this year earlier this week, headed by YouTube, Wikipedia, Facebook and iTunes. MySpace headed Ask.com's list as most popular search term, and now Google has released its own list, with a twist; it lists the top ten "fastest rising" search terms as opposed to the most popular. Google's complete top ten overall for fastest rising terms in the U.S is as follows:

• 1. iphone
• 2. Webkinz
• 3. tmz
• 4. Transformers
• 5. YouTube
• 6. Club Penguin
• 7. MySpace
• 8. Heroes
• 9. Facebook
• 10. Anna Nicole Smith

No surprise to see iPhone on the list (the Apple device also made Yahoo's list) for the year. Of course iPhone wouldn't have been anywhere near a top search term last year when only rumors of its release were being discussed. If you don't have little kids you might be scratching your head over Webkinz, a popular stuffed animal that also has a virtual online counterpart. Linux fans don't account for Club Penguin's placement on the list; in fact, it's a virtual world for kids acquired by Disney earlier this year. Google's vice president of search products %26 user experience, Marissa Mayer, said some terms shoot to the top based on events or movie treatment. For example, Transformers is a decades-old toy and TV series that shot back into public consciousness after the release of the movie by the same name. Google's list of "Fastest Falling" search terms includes: World Cup; Mozart; Fifa; Rebelde; Kazaa; Xanga; webdetente; sudoko; Shakira and MP3. At Ask.com, MySpace was the only social networking site to make its top ten list for the year which was otherwise made up of generic-sounding terms save for, all things, the term Google:

• 1. MySpace
• 2. Dictionary
• 3. Google
• 4. Themes
• 5. Area Codes
• 6. Cars
• 7. Weather
• 8. Games
• 9. Song Lyrics
• 10. Movies

Ask.com's Top Presidential Candidate Searches for 2007 was headed, in order, by Barack Obama, Hillary Clinton, Fred Thompson, John Edwards and Mitt Romney. No big surprises in the first part of the company's list of Top Sports Team Searches for the year: Boston Red Sox; Dallas Cowboys; New England Patriots and Colorado Rockies, but some fans might raise an eyebrow or two at the Chicago Bears at number five, edging out the New York Yankees. On the celebrity front Ask.com narrowed it's list to the "Top Celebrity Search of Pregnant Stars" with Jennifer Lopez; Salma Hayek; Christina Aguilera; Julia Roberts and Halle Berry in the top five.

Just as honeymoons end with new couples facing chores of cooking meals and hauling trash to the curb, global IT will similarly see its afterglow pale as it enters a "post-disruption marketplace" in 2008, according to a new report from research firm IDC. Citing an uncertain picture, IDC forecasts total global IT spending to grow in the range of 5.5 percent to 6 percent -- down from 6.9 percent this year. U.S. IT spending will drop off even more sharply, with the growth rate falling from 6.6 percent in 2007 to between 3 percent and 4 percent in 2008, IDC projects. IDC attributes the slowdown to disruptive forces that had for years been baying at the fringes of IT -- everything-as-a-service, Web 2.0 applications and open development communities -- and which burst into the mainstream during 2007. Through a market adjustment in the year to come, big tech companies will get serious about how to incorporate these changes into their business models, the report said. "These technologies have been creeping into everything from enterprise software and hardware to consumer gadgets and telecom services, forcing vendors to rethink their offerings," Frank Gens, IDC's senior vice president of research, said in a statement. "In 2008, the era of experimentation will end as industry leaders get serious about transforming their products and services to take advantage of -- and meet the challenges posed by -- these new technologies and business models," he said. "The status quo is about to change." The IDC report suggests software companies will focus more heavily on developing markets, redoubling their efforts in the so-called "BRIC" nations (Brazil, Russia, India and China), as well as nine other emerging areas with nascent tech economies. The "BRIC+9" markets will see the most dramatic growth in the coming year, IDC said. IDC also expects major IT companies increasingly to adopt online delivery models for storage, servers and other applications as they go after the SMB market. That market represents one of the U.S. market sectors poised for the most substantial growth, the report said. Following the much-hyped releases of Apple's iPod Touch and Amazon's Kindle e-book reader, IDC also said more companies will develop Web-enabled products that bridge the gap between PCs and smartphones. Location-based services, such as those that power personal navigation devices, are one area in particular where IDC expects the Internet to be extended via a new breed of more network-capable products. An early example bearing out this prediction came earlier this week, when Dutch navigation-device maker TomTom announced that its products would be able to link up to a PC to download business addresses from Google Maps. In response to the challenges posed by open-development mobile initiatives like Google's Androud and the Open Handset Alliance, reluctant network operators will give ground and start letting any device run on their networks, IDC also said. Additionally, the research firm said new software applications will appear in 2008 promising to organize, aggregate and interpret the oceans of data that are forming within online social communities. This "Eureka 2.0" software will offer better analytics, "sentiment extraction" and other techniques to identify mass opinion, according to the report. "One of the more profound consequences that will come out of this era of hyper-disruption is the opportunity -- and for some, the critical need -- for IT suppliers to move beyond their old, narrow identities and offerings," Gens said.

The U.S. House of Representatives this week passed a new bill putting ISPs on notice they face big penalties for not reporting child pornography and other illegal exploitation of children online. The Securing Adolescents From Exploitation Online (SAFE) Act carries a maximum fine of $150,000 for first-time offenders found guilty of "knowing and willful failure to make a report." Repeat offenders can fines of up to $300,000. The bill passed by a whopping 409-2 with Congressmen Ron Paul (R-Texas) and Paul Broun (R-Ga.) the only ones opposed. Under the legislation, service providers are required to report the illegal activity to the Washington D.C.-based National Center for Missing and Exploited Children (NCMEC) or to that organization's CyberTipLine. The general public is also encouraged to report any instances of online child abuse or exploitation to the CyberTipLine. The bill (H.R. 3791) refers broadly to entities "engaged in providing an electronic communication service or a remote computing service to the public.) as being liable for not reporting illegal content. This wide-ranging reference has raised concern about coffee shops and other local Wi-Fi providers being at risk for facilitating the display of illegal content they are generally not in a position to monitor. But Larry Magid, a board member with the NCMEC, said those fears are unfounded. "The point of these penalties is to provide a bigger stick to force compliance with existence laws," Magid told InternetNews.com. "The major ISPs, to the best of my knowledge, have all been compliant in reporting illegal activity, but some of the smaller ones have not." Earlier this year privacy groups argued against a predecessor to SAFE, the Internet Stopping Adults Facilitating the Exploitation of Today's Youth Act of 2007 (SAFETY Act) because it required ISPs to retain specific customer data. Under SAFETY, the U.S. Attorney General would have been required to issue ISP data retention requirements that privacy advocates feared could expand to include a user's most frequently visited Web sites, instant messages and e-mail correspondence. Meanwhile, language in the SAFE Act specifically states there is no requirement that "an electronic communication service provider or a remote computing service provider to monitor any user, subscriber, or customer of that provider." Magid said SAFE "isn't about additional surveillance, but about requirements that ISPs report illegal activities."

The problem with doing application vulnerability testing in a live production environment is just that -- it's a live production environment, and if you break something, it could cause a lot of harm. Yet there is a real need for live production server testing, since new attack vectors and vulnerabilities emerge on an almost-daily basis. The answer to the problem, according to application vulnerability testing vendor Cenzic, is virtualization. Not surprisingly, it's the cornerstone of Cenzic's new Hailstorm 5.5 software release. "Application security testing is not like running antivirus," John Weinschenk, president and CEO of Cenzic told InternetNews.com. "If you run antivirus, it warns you that you have a virus and you get rid of it. In application security, when you do attacks against an application, a successful attack could be very harmful to the system itself." "Virtualization gives you the ability to take a copy of the production app and test against it," he said. Cenzic worked closely with VMware to develop a deep integration between Cenzic's Hailstorm and two of the virtualization player's products: Lab Manager, which takes virtual snapshots of an application, and Virtual Center, a management application for virtual machine resources and deployment. As a result, Hailstorm can test production applications without impacting live performance or data. Weinschenk explained that Hailstorm 5.5 understands all the applications that are virtualized and knows what applications are available to be attacked. He added that during testing, a user doesn't have to log directly into the VMware console, either -- they can do the testing directly via the Hailstorm interface. "The real benefit is that now companies can test their application in a seamless virtual environment," Weinschenk said. "It's an automated solution, so once you set it up and set the recurrences up, you're up and running, getting real-time data." The catch, though, is that Cenzic's virtualization capabilities rely on VMware, which users will need to have in place. Weinschenk said Cenzic's go-to-market strategy is to approach VMware's installed customer base. He added that Cenzic and VMware already share customers in many cases. "We believe we should be able to pull additional VMware sales with our solution as well, " Weinschenk said. " People will want to be able to do this." Weinschenk declined to comment, however, on whether Cenzic plans to work with Citrix's XenSource division to integrate with the Xen virtualization solutions. The Hailstorm 5.5 release also adds new compliance reporting technology for application vulnerability testers. Weinschenk said the software now includes a summary report for an application test against multiple security compliance specifications, including PCI, GLBA, HIPAA and AB 1950. The report will identify what parts of the specification need to be tested and where the tested application fails compliance. The release comes as Cenzic faces increasingly deep-pocketed rivals. Its principal competitors in the application security space were both bought out this year by larger vendors, with IBM taking Watchfire and HP snapping up SPI Dynamics. The previous-generation offering from Cenzic, Hailstrom version 5, provided data integration from both competitors. Weinschenk said neither rival offers comparable virtualization integration yet. "This %26#91;virtualization%26#93; is a huge issue and I think this will open the market quite a bit," Weinschenk said. "I wouldn't be surprised if our competitors rethink their strategy and try to develop a solution like this." Watchfire released its latest software application, AppScan 7.7, in mid-November.

The professional networking site LinkedIn on Monday announced a sweeping redesign of its Web site and a new developer platform that allows partners to build companion applications on their sites. In reaching out to external sites, LinkedIn is hoping to expand the reach of its members' professional networks, and, in the process, further entrench its position as the top online community destination for working professionals. LinkedIn is one of the fastest-growing social networks today, boasting a 189 percent jump in membership this October compared last October, and attracting about 1.1 million new members a month. LinkedIn will launch the new platform with BusinessWeek as its inaugural partner. Future partnerships are not being announced but, Allen Blue, LinkedIn's co-founder and vice president of product strategy, said his company will be very selective. "LinkedIn is focused on enhancing the productivity of the professional world," Blue told InternetNews.com. "With that in mind, we will only work with select business partners who have already built high value, high productivity applications." The developer program, called the Intelligent Applications Platform, will have two components. The first is a set of APIs and widgets that LinkedIn will make available to its partners to integrate into their own sites. The second enables those partners to establish a branded presence in the LinkedIn community through Google's OpenSocial development model. Starting today, LinkedIn members reading an article on BusinessWeek's site will be able to mouse over an interactive link to a business mentioned in the story where a balloon will appear telling them how many people in their immediate and extended networks, and their area, are connected with the company. Clicking on one of the links will direct the reader to a page on LinkedIn where those people's profiles appear, making it possible for the networking to begin. The OpenSocial utility, which is still in development, will allow partner sites to build into the LinkedIn network by posting interactive bulletins on the site. For example, a calendar of events sponsored by a partner that would tell LinkedIn members who from their network will be attending. The idea of giving a preview of the attendance list is intended to help LinkedIn members make an informed decision of the business and networking value of the event. In the launch of its "network-wise" homepage, appearing in beta Monday, LinkedIn is adding several features in an effort to improve the business value of the information presented to its members. The redesign will give users access to several new modules, allowing them to create customized searches for jobs and people, as well as an Answers feature that enables them to track and participate in the conversations that their colleagues are having about the topics of the greatest relevance to their professional life. LinkedIn is also revamping its network updates feature, which will provide a target, better-organized, now archived news feed on the actions that the people in their circle taking. The final addition is LinkedIn's souped-up news section, which enables members to build a feed around what matters most to them, like their own company or its direct competitors. The articles are served up by Moreover Technologies, a VeriSign company that specializes in delivering customized real-time news. The twist is that LinkedIn will pack the articles with metadata to help its members gauge the value of an article at a glance. The articles most widely read by a member's network will appear at the top of the feed. By pairing news articles with an aggregate (and anonymous) number of in-network clicks, LinkedIn is aiming to virally spread relevant news articles without its members having to pass along a link to everyone in their network. LinkedIn reports that it has more than 16 million members, including executives from each of the Fortune 500 companies. Members have an average age of 41 years, and an average household income of $106,000.

Mass market CPUs have reached the four-core stage, and there are 64-core and 80-core processors in labs right now, but for IBM, that's still not enough. Big Blue has designs on a processor with a whopping 1,000 (or more) cores. But don't get any purchase orders ready; this is a long-term effort that might take as long as 15 years to complete. The breakthrough, published by a group of IBM researchers in the journal Optics Express, details how IBM used optical interconnects between CPU cores instead of copper wires to transmit data between the cores through pulses of light rather than electrical charges. Yurii A. Vlasov, a research scientist at IBM's T.J. Watson Research Center and co-author of the paper, said it's not so much how fast you transmit the data but the power you have to burn to transmit it. "When you transmit power over wires, there is some voltage, which causes chips to be hot. That is one of the problems with the ability of conventional CMOS (define) chips to scale performance without overheating. One of the ways to solve this problem is to use optics, where the power required to produce a pulse of light is less than it is to push a bit over a wire," Vlasov told InternetNews.com. The technology -- known as a silicon Mach-Zehnder electro-optic modulator -- is 100 to 1,000 times smaller in than any previously demonstrated modulators of its kind, which could allow for complete optical routing networks to be integrated onto a single chip. By replacing the copper wires that connect the cores with pulses of light, IBM estimates information can be transferred 100 times faster and use 10 times less power. The modulator converts the digital signal into a series of light pulses and then back to digital again on the other end of the transmission. The process is not unlike another IBM announcement in March, of a similar breakthrough in an optical-based networking chip, and for the same reasons: bandwidth, heat and power. Vlasov said there are some similarities, at least in what they are trying to accomplish, which is moving data around. Fred Zeiber, president of Pathfinder Research, believes IBM is on the right track in using optics for data connects. "One of the problems you have is not just throwing a lot of cores together but how you hook them up," he said. "Clearly you get rid of some of the parasitic problems you have with going through wires, so that gives you significant power savings as well as speed." Don't expect to see this technology any time soon, though. "This is definitely long term research, running five, ten, fifteen years," said Vlasov. "This is only one piece of the puzzle we are showing. We need a lot of different devices, not only the modulator to support it."

Spreadsheets are a wonderful planning and financial analysis tool, but a simple mistake can throw off a budget or expense tally costing companies thousands or even millions of dollars. Also, without proper controls, spreadsheets can be manipulated for personal gain or other criminal behavior. A number of solutions have emerged to help keep spreadsheets under control so companies can track data entry and adhere to their own business rules as well as government regulations, such as Sarbanes-Oxley. One of those providers, ClusterSeven, has just introduced a version of its Enterprise Spreadsheet Manager solution, already available for Microsoft Excel, to Google's online spreadsheet application (Google Docs and Spreadsheets). The four-year old ClusterSeven is a Microsoft Gold Partner that has attracted a stable of blue chip clients, particularly in Europe, such as Dresdner and two pan-European utilities (RWE and EDF). As with Microsoft, ClusterSeven's relationship with Google is independent. The search giant recommends third party program's like Enterprise Spreadsheet Manager to corporate clients who want more features than Google's own integrated set of applications provide. "When we talk to corporate accounts about on-line spreadsheet collaboration, we often get asked about visibility and control over those collaborations," said Scott McMullan, Google Apps Partner Lead for Google Enterprise, in a statement. "ClusterSeven builds on our standard controls to provide a solution that has solved the additional demands of some of some of the world's premier financial institutions." Enterprise Spreadsheet Manager checks entries against business rules set by the company without any slow down or impact on the user, the company said. Business rules could include adherence to Sarbanes-Oxley compliance regulations and basic security measures to insure no one can benefit personally from what they enter. Depending on how Spreadsheet Manager is implemented, a designated manager(s) is alerted by e-mail or SMS text message when a rule is broken or conflict arises with a spreadsheet entry. For simple, less critical issues, the user is simply alerted when a mistake, conflict or something counter to company policy is entered. "We primarily adopt a detective mode like a security camera," Ralph Baxter, senior vice president for product development at ClusterSeven told InternetNews.com. "We don't stop anyone, but we do send alerts when there's an issue and provide companies with a fully auditdable view of each spreadsheet." Google has been beefing up security in the e-mail component of its Google Apps Premier Suite via Postini, a security company it purchased earlier this year. Postini actually lets companies set rules about what types of information can be transmitted, preventing, for example, social security or credit card numbers from being e-mailed. "We don't yet offer active resistance" to errors, said Baxter, hinting such capability may be in a future release. While it is important to safeguard against fraud, Baxter said a more common issue is simple user errors or spreadsheet rules not being updated, resulting in "stale information," such as an outdated foreign currency exchange rate. Google charges $50 per user annually for its integrated Google Apps Premier suite. ClusterSeven charges $1 per day per spreadsheet for its Service, regardless of how many users access the spreadsheet. "Right now the organizations we speak to are predominantly Excel-based, but now we're seeing an extension into the online world where companies are at shared applications like Google Spreadsheet," said Baxter. "We're looking to help those companies that are looking for the same level of control they have with their desktop." Currently, ClusterSeven pulls Google Spreadsheet data in behind the firewall and monitors it locally, but Baxter said a fully hosted solution is in the works.

Stocks are building nicely on last week's apparent bottom, with blue chip stocks looking particularly strong (see S%26amp;P and Dow charts below). That said, breadth hasn't been all that strong on this move, with the NYSE advance-decline line lagging and the Nasdaq A-D line doing even worse (charts three and four below). Unless the rally broadens, this could turn out to be a selective rally and make the market vulnerable to another large decline. It also raises the possibility of more backing and filling before a sustained advance can occur. The S%26amp;P cleared important resistance between 1493 and 1502 today, but its main downtrend line lies dead ahead at about 1511. To the downside, 1493-1502 and 1480 are support. The Dow cleared its main downtrend line today, making 13,540-13,565 an important first support level. The Nasdaq (fifth chart) also cleared a level that had given it some trouble %26#151; 2700 %26#151; but its 50-day average lies just ahead at 2718, with 2750 and 2770 above that. Support is 2700 and 2672. In short, it remains the toughest market environment in years, but the bulls have the advantage to build on their recent gains. Paul Shread is a Chartered Market Technician (CMT) and member of the Market Technicians Association.

Finally, Greg Donovan can say he's a Dell reseller. The president and CEO of Alpheon, a managed services provider in Morrisville, NC, has been an unofficial Dell reseller through its "super secret direct program," as he called it, Solution Provider Direct. Now, however, Dell has made it official with the launch of PartnerDirect, a global reseller program that formalizes such efforts. For Donovan, that means he can finally put a Dell logo on his sales materials. "Up until yesterday, I could tell people I was a Dell partner over and over again and they would not believe it," he told InternetNews.com. Greg Davis, vice president and general manager of Americas channel group at Dell, said in a video blog posting that the company knew it had to embrace the channel. "We have to change a culture within the company," he said. "We have a great opportunity to expand our model and provide even more value to our partners and help them be more efficient in their endeavor to be the outsourced IT department for their customer." Tim Hebert, CEO of Atrion Networking, a managed services provider in Warwick, R.I., was glad to hear that. "What inspired me from this week's announcement is the obvious commitment Dell is making to the channel," he told InternetNews.com. "It makes me believe that a channel is important to them and they want to balance both the channel and building this managed provider space out." PartnerDirect is now available to channel partners in the United States and will roll out to additional countries and partner groups starting in early 2008. Dell will offer everything from build-to-order systems to custom factory integration to best-in-class online support. The program will be managed through a Salesforce.com portal and will require deals with a minimum of $75,000 in equipment. The partner program will offer an online support community to channel partners, partner logos and guidelines for certain marketing activities, dedicated sales and customer care, certification paths and training, credit options and deal registration via the SalesForce relationship management tool. There will be two levels of partner support: Registered Partner, with the basic benefits of logo usage, access to Dell's partner Web site for online ordering, access to Dell materials and post-sale support and financing options, and Certified Partner, for more in-depth support with options like field-based account management and enhanced financing options, deal registration and support. Donovan said his primary business is services, not selling hardware, so having Dell is a convenience more than a must-have. Still, he's glad to have it. "I've always wondered why they didn't get into a more formalized direct program earlier," he said. "We've had customers go direct because they weren't comfortable buying from an "unauthorized" reseller, because there was no formal program." Like Donovan, Hebert was interested in selling services and the hardware was a just means to the end, but he's happy to have Dell along. "Hardware doesn't mean much. If I can make it a bigger solution, that's a plus for my client. They don't have to worry about buying the hardware and software. They can buy it all from Atrion and don't have to deal with multiple providers," he said. Retail Moves On the consumer front, Dell made another move that was unthinkable just a year ago; it has entered the retail channel in a big way by signing on to sell its Inspiron notebooks and a variety of desktop computers through retail giant Best Buy. The hardware will be in 900 stores in the U.S., which is essentially all of Best Buy's U.S. outlets. Unlike its foray into Wal-Mart with a single, low-end system, the Best Buy effort will be involve multiple systems aimed at a higher price point. The list of systems includes the XPS M1330, Inspiron 1521 and Inspiron 1420 notebooks and the XPS One and Inspiron 530, 531, and 531s desktops. Additional models and colors will be available in coming months. Stephen Baker, vice president of industry analysis for NPD Techworld, said this deal confirms Best Buy's dominance in retail. "Best Buy is the number one retail seller of PCs, and in a lot of ways this is just as important for Best Buy as it is for Dell," he said. "What it says is there's only one place to go if you want a choice of a PC, and that's Best Buy. They have HP, Acer, Gateway, Apple, Toshiba, Sony and now they have Dell." As far as Dell goes, he said it now has a wide range of retail options, between Wal-Mart for the mass market, Staples for the SOHO market and now Best Buy for the well-heeled buyer. "The real recognition of how important Best Buy is that Dell isn't selling the entry-level stuff. Dell is selling their very best stuff, the stuff that will change the game for them. It says they recognize they can't change the game at just dell.com," said Baker.

The TJX security breach is threatening to rank as one of the most expensive lessons in corporate data security policies. With the retailer facing anywhere from $500 million to nearly $1 billion in expenses, not to mention a black eye with the public over how their credit card data is secured, this experience should serve as a lesson to other retail outlets on securing their networks. How well they are learning is the question. The latest chapter in this still-unfinished book is a settlement between TJX Companies and Visa U.S.A. Under the agreement, TJX will pay a maximum of $40.9 million to fund an alternative recovery payments program for customers affected by the breach. TJX has already taken the charge for the settlement, and by settling with Visa holders, staves of potential lawsuits. Additionally, Visa will suspend and rescind a portion of the data breach fines it levied on TJX's U.S. acquirer that remain eligible for appeal. Visa and TJX agreed to the suspended and rescinded fines in part because it would increase the funds available in the alternative recovery program. Not that the company is in the clear. According to a report from Merchant Link, which provides secure systems for retail outlets, the breach has cost the company more than $130 million to secure its infrastructure, there have been 19 lawsuits filed and there are investigations underway by the Federal Trade Commission and 37 state Attorneys General. All this seems to have driven the message home to retailers, including TJX itself. "TJX accelerated their security program and implemented the improvements needed to become PCI (Payment Card Industry)-compliant, including upgrading their wireless security and eliminating the storage of sensitive authentication data. In fact there is some discussion about TJX becoming a 'spokescompany' for PCI security," said Avivah Litan, senior security analyst for Gartner. Perhaps, but TJX was not keen on discussing its new security plans in detail, as it did not respond to repeated requests for an interview. TJX is the parent company of T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the U.S., as well as Winners and HomeSense in Canada. Revenue for its most recent fiscal year ended January 2007 was $17.4 billion. For so large a company, though, the breach started small, with crackers hacking into wireless networks at two U.S. stores. The stores were using the relatively weak Wired Equivalent Privacy (WEP) protocol instead of the stronger Wi-Fi Protected Access (WAP) protocol, but what really hurt is that the intruders were able to access the TJX internal systems and move around freely for almost two years. The breaches occurred from mid-2005 and ran through December 2006. It is estimated 47.5 million records were stolen. That was TJX's bigger problem, letting the intruders roam freely for 18 months. Dr. Anton Chuvakin, a security expert with LogLogic, said TJX didn't have decent traffic logs. "What took TJX months was looking at all their systems and determining who took what data, from where, where it was sent, etc. The investigation took them months. They likely didn't have any logs, because they had to do system forensics rather than log analysis to arrive at their conclusions about who stole the data and how. If they had collected and analyzed log data centrally, the investigation would have been a piece of cake," he said in an e-mailed comment to InternetNews.com. Brian Cleary, vice president of marketing for the enterprise access governance firm Aveksa, concurred. "They didn't have good access controls, they were not auditing access on a regular basis and not checking log files and access. It was really poor security governance," he said. TJX's second mistake was storing vital credit card information, such as the data hidden in the card's magnetic strip, on local machines. This is particularly frustrating to banks, according to Litan, because it allows counterfeiters to make perfect duplicate cards. Merchant Link's report specifically recommends to all clients that they eliminate the storage of sensitive personal data wherever possible by using secure third party services to keep the point of sale clean, and "certainly" do not store the data collected from a credit card's magnetic stripe. Litan said TJX was certainly at fault for storing the magnetic stripe information but she also think banks have a bigger role to play in the design of the payment systems. "They rolled %26#91;payment systems%26#93; out before there were cybertheives and no one thought about security," she said. "The payment system architecture is legacy, outdated. They could update the arch and make them more secure or just require a PIN on every transaction. Instead, they'd rather keep it as business as usual and keep collecting revenue streams." She explained that banks make more money on standard credit card transactions instead of PIN-based transactions, such as with a debit card. PINs are always encrypted and never stored when used, and would eliminate a majority of the potential problems because without a PIN, a card is useless. John Livingston, chairman and CEO of asset management firm Absolute, concurred that companies need to smarten up about business in the Internet era. "As we adopt new technologies, there's a whole set of new procedures, policies and practices that need to take place," he told InternetNews.com. "The companies that are doing these transactions need to be educated. But there are solutions to all these things. It's not impossible to transmit secure data, it just takes dollars and a commitment from the company to make it happen." Absolute recommends a layered approach of technologies and policies. "You want to identify and control all the sensitive data. You need to make sure it's stored in a secure facility, you need to put the policy and procedure in place to make sure it's safe," said Livingstone. Litan said some companies have not learned the lesson of TJX's experience and have been reluctant to make significant investments in such security measures because they see no return on investment. "It's a calculated risk, I guess. They just don't want to spend time on boring security projects. There's no ROI in security, it's basically cost avoidance," she said. But Cleary said some firms got the message. "The ones that value their brand and are a bit more forward thinking are willing to do what it takes," he said. "When you look at cost containment, you wouldn't make decisions on your home insurance that way. Why you would risk the business to that degree makes no sense and is not in the shareholder's best interests." He added "I think there were a lot of pages of publications %26#91;covering the story%26#93; that were ripped out and handed to CIOs and Chief Security Officers and asked 'This won't happen to us, right?' This has elevated the concerns about having good security governance in place all the way to the board level."

UPDATED: Xsigo Systems on Monday released a study that it says identifies a major complication in the deployment of virtualization servers: the data bottleneck from all of the I/O that takes place in a virtualized world. The current I/O (define) infrastructure in servers was designed for traditional usage, which is typically one application or use per server. If a machine was acting as a Web server, it would connect to a database or e-commerce system, while a mail server would connect to a storage system. This allowed for servers to run in a 1U "pizza box"-style server with a single gigabit network connection. But in a virtualized system, multiple application servers require multiple connections and multiple Ethernet ports to handle several gigabits of data going in and out of the server. "Think about this: The race to virtualization is all about density," Greg Schulz, founder and senior analyst with The StorageIO Group told InternetNews.com. "You can squeeze multiple servers onto a virtual machine, but as you put more and more of those servers, you have to do something about the connectivity." "If you put the equivalent of eight servers on one machine and each needed one gigabit of bandwidth, that's eight gigabits," he said. "A one-gigabit Ethernet port isn't enough." Xsigo Systems is a startup, launched in September specifically to address the I/O connection bottlenecks. Not surprisingly, its report suggests there's indeed a need for its products. Its flagship offering, the 780 I/O Director, provides a single interface into a 1U server for all virtualized connections. Using one or two InfiniBand connections instead of multiple Ethernet connections, the Director can reduce the amount of cabling required by up to 70 percent, according to Jon Toor, vice president of marketing at Xsigo. At the same time, it can provide a full 10-gigabit bandwidth for all virtual applications. A dual-rate InfiniBand port can hit 20 gigabits. To accommodate virtualization I/O, servers require six to 10 ports, which means a 4U box to handle all those cards and ports. The Xsigo survey found that 75 percent of virtualized servers have seven or more I/O connections per server, compared to two to four connections for a server running without virtualization software. So while virtualization may allow a datacenter to consolidate from 500 servers to 100 servers, you end up with a spider web of cabling. "What ends up happening is you end up connecting everything to everything," Toor told InternetNews.com. "People can overrun traditional I/O with services they have in a virtualized environment, unless you put a lot of the load in the same physical box." Managing the physical cabling is as important as managing the I/O and the adapters, Schulz said. "For users looking to save money, it's about an ease of management and reducing the amount of adapter cards and cabling," he said. In a standard virtual server, each port runs at 1 gigabit and the ports are separated. With the Director, the full 10 gigabits are available to any application that needs it. So if one application requires several gigabits and the others don't require it, that app can have full access to all of the bandwidth. Adding to the problem is the fact that ports are often being assigned to applications by MAC address, so it's difficult and time-consuming to move an application to a new physical server because the networking has to be reconfigured on top of moving the application. Xsigo found that 35 percent of virtualization users had to reconfigure I/O connections six or more times in the past year, usually when they moved a virtual server to new physical hardware. The survey also found that 58 percent of virtualization users had to add connectivity to a server specifically for virtualization requirements, and because of this, had to use larger hardware -- 4U instead of 1U -- which consumes more power. Privately-held Xsigo features some heavyweight venture backing from the likes of Kleiner Perkins, Khosla Ventures and Greylock Partners. Update adds comments from Schulz.