I’m back on ZDNet

After a hiatus of over 10 years I’m back on ZDNet, writing mostly about security.

Some of my initial blogs there:

Rank the Classic Doctors

We’ve got a new Doctor (Who), Peter Capaldi. I believe the only thing I’ve seen him in was the 5 part Torchwood: Children of Earth, in which he played the heartless British Civil Servant John Frobisher. There was nothing extraordinary about his acting there, but the role called for a cold, businesslike bureaucrat, so it’s not really the best basis for judging him. Little of his work seems to have had an American audience.

I still prefer the Classic Dr. Who and I’ve been watching whatever episodes are available on Amazon Instant Video. I can’t find a poll widget that can do ranking, but please use the comments to rank the classic Doctors from 1 (best) to 7 (worst). Here they are chronologically:

William Hartnell
Patrick Troughton
Jon Pertwee
Tom Baker
Peter Davison
Colin Baker
Sylvester McCoy

and here is my ranking:

1. Tom Baker
2. Sylvester McCoy
3. Patrick Troughton
4. Jon Pertwee
5. William Hartnell
6. Peter Davison
7. Colin Baker

I’ve developed a real appreciation for McCoy.

Time to Drop Dropbox?

Nothing has changed the way I use computers in the last few years more than Dropbox. The ability to get at my files from anywhere has made a huge difference. But it’s the cloud – not Dropbox specifically – that has made the difference. Any cloud storage service that also supported all the platforms I need would do as well… wouldn’t it?

There are a few biggies in the market, but Dropbox is the biggest, best-known name. My opinion is that they got this good reputation for a simple reason: They have the best software. I’ve tried a bunch of these services in the past: Box, Google Drive and Microsoft SkyDrive. There are others, like SugarSync, but I’ve never paid much attention to them.

About a year ago I gave Box and Google Drive serious attempts. I thought Box’s software was awful. Google Drive was OK as was SkyDrive, but at the time Dropbox seemed the best deal because the software was drop-dead simple and many of the people I was working with already used it. I have a 200GB Dropbox account, the subscription for which expires in October, so I thought I would re-evaluate things.

Out of the alternatives I’ve had my eye mostly on SkyDrive. I’ve been using more Microsoft services lately; Office 365 and Windows 8.1 make it easy to use SkyDrive, although with any service that maps to the file system it’s not especially hard.

This, by the way, is the real key to these services. I know a lot of people use them only through the web interface, but that’s lame. To use these services effectively you have to install their client software (Windows, Mac, various mobile operating systems). The program creates a subfolder in your user folder (e.g. on my Windows system I have c:\users\larry\dropbox and c:\users\larry\skydrive). Each of these maps to the remote storage and the client software replicates changes between the client and server. There can be time delays, maybe a few minutes for small files, but it’s a small price to pay.

I have been keeping all my working files on my Dropbox. That way, no matter what computer I go to, I have the same access to those files. I even install certain programs there, like the Sysinternals utilities, so that I only have to keep one location up to date.

But the basics of all these systems are such that all of them meet my basic needs. That leaves other features and pricing as the big factors (assuming they are all as reliable as each other; I don’t know if they are, but I don’t have any data on it or a way to test, so I can’t pass judgment.)

It’s also worth mentioning that many people instinctively think of Apple’s iCloud for such comparisons, but iCloud isn’t really a cloud service in the same way as this. Think of iCloud more as a set of synchronization protocols, along with some specialized feature backup, and you’ll understand it better.

Let’s go to the pricing. I’m not going to include Box because a) I hated their software that much and b) while they do have a free 5GB account, they seem to be targeting their services purely for business users.

Here are some pricing tables and links to where I got them:

SkyDrive (*not* SkyDrive Pro)
Storage (GB) $ monthly $/GB monthly $ annual $/GB annual





















Dropbox (ignoring their business plans)
Storage (GB) $ monthly $/GB monthly $ annual $/GB annual
2GB, 500MB/referral up to 18GB




















“Packrat” unlimited undo history +$39.00/year (you’d think Packrat cost should go up with storage, but it’s fixed)
Google Drive
Storage (GB) $ monthly $/GB monthly $ annual $/GB annual














































Storage (GB) $ monthly $/GB monthly $ annual $/GB annual


























1000GB (1TB) plan is a “business” plan for 3 to 10 users

SugarSync and Dropbox both sell to consumers at what seems to be the premium market price of $1/GB/year. Is Dropbox really worth that much more? Is SugarSync? As I’ll explain below, the differences which may have justified a premium price for Dropbox in the past just aren’t there anymore. SugarSync, on the other hand, is definitely a premium service.

On the free (as in beer) front, the best deal is either Google (15GB), unless you come close to maxing out your Dropbox referrals (as much as 18GB).  Microsoft offers 7GB and SugarSync 5GB, and if you don’t get with the referral program you only get 2GB from Dropbox; you’d need 32 referrals to get to the max. (If you want to be a cheap jerk you can create 32 Gmail accounts and accept Dropbox referrals from all of them.)

Overall, Microsoft is the cheapest per GB, but their plans and pricing are also the most inflexible: they offer only annual payment and only 3 amounts of storage: 20 GB, 50 GB and 100 GB. Beyond that, presumably they refer you to SkyDrive Pro, but this is not a reasonable alternative. Unlike the other services which have a “business” plan, SkyDrive Pro is really a completely separate service, part of Office 365. It uses different client software, different servers, and you can’t even use the same login credentials!  This is because the Windows Live and Office 365 authentication databases are separate and incompatible. It’s the source of many problems unrelated to the ones discussed here.

The disconnect between SkyDrive and SkyDrive Pro, especially in light of the low maximum storage in SkyDrive, has to be the biggest weakness in SkyDrive. As I wrote in an article in InfoWorld on my migration to Office 365, SkyDrive Pro is actually a relabeling of the old SharePoint MySites service. This isn’t the first time Microsoft has confused things by using the same name for two different, incompatible products or services. All sorts of little problems emerge from this dichotomy; for instance, the mobile OneNote app can read from the consumer SkyDrive, but not from SkyDrive Pro. Go figure.

If you know you can keep yourself within 107GB then it’s not a problem. I’m pretty sure I’ve never gone up that high on my Dropbox account, but if you wanted to use the service as a photo or video archive, SkyDrive could easily be inadequate.

On an annual basis, the next-cheapest service is Google Drive which, in terms of plan flexibility, is definitely the un-SkyDrive. Including the free plan they have 9 levels of service, moving up in pseudo-powers of 2 from 100 GB to 16 TB. When you round to the penny, these plans are all the same price per GB: 5 cents/month or 60 cents/year.

In fact, I was surprised to see that the cost per GB generally stays the same as you buy larger blocks of storage. SkyDrive priced actually increase, from $0.37 to $0.44 to $0.47 for their plans. The only exception is SugarSync’s Pro/Business plan which has 1 TB of storage and is designed for 3 to 10 users, so the comparison to consumer plans is not a very good one.

Another pricing point worth mentioning: Dropbox, Google Drive and SugarSync have versioning and the ability to restore deleted files. Dropbox charges an extra $39 per year for this service (which they call Packrat) which makes them more expensive than SugarSync if you use this feature. SkyDrive doesn’t have versioning or backup at all.

You’d think the cost of the service would vary with the amount of storage you buy, but it appears to be a fixed cost on any plan. Something about that doesn’t make sense to me.

A final point about pricing is that if you’re also using Google Apps, i.e. Docs, Sheets or Slides, your files in those services don’t count against your Google Drive budget.

I must confess I had never even tried SugarSync prior to writing this. I heard good things about it some time back and, from a features standpoint, it compares very favorably to the field.  Here’s SugarSync’s feature chart comparison of them vs. the competition in this story, plus Box and iCloud (iCloud barely registers on the chart). The only features they claim that none of the others in this story have are:

  • The ability to set any folder on the hard disk – and any number of them – for cloud-replication
  • Upload and sync files via e-mail (Box also does this)
  • Microsoft Outlook for Windows Plugin

That last bullet may seem a little strange – what would an Outlook plugin do? Turns out it’s a really cool feature. It allows Outlook users who send attachments to send links to a file on SugarSync instead. Here’s a video of how it works.

For a business concerned with conserving bandwidth from remote users this could be a cool feature. It also takes some attachment scanning burden off the email gateway (and puts it on some other gateway or the client scanner, but that still may be desirable). It’s sort of like Hightail (formerly YouSendIt), but I like the synergy with the cloud service.

The SugarSync feature chart does have some self-serving elements in it; for instance, in the platform support section they list everything they support, but not the platforms they don’t (like Windows Phone). As for the rest of feature chart, the other differences that matter (to me at least) revolve around more flexibility in choosing which files to sync with the cloud. I suppose this is nice and I’d like to have it, but it’s not a deal-killer.

And the chart may be out of date to a degree. Microsoft recently announced a new and very useful feature in SkyDrive on Windows 8.1: placeholders and smart thumbnails, which allow you to keep alias versions of large files instead of the actual file, in order to save space on your mobile device. A smart thumbnail is a lower-resolution version of an image; Windows pre-fetches smart thumbnails so scrolling will be fast. With these, you can keep easy access to all your files on your mobile device without using up all the space. You can perform some file operations (like move or delete) on the small versions and the full copy is only retrieved if you need it, such as to edit.

Speaking of storing your images in the cloud, SugarSync and Dropbox can be set up to backup photos you take on a device automatically to your cloud storage. Of course iCloud does this too. Personally, to me this sounds like a bad idea. I treat the storage constraints of my phone as a tool to force me to manage my photo collection now and then. And if you use this feature, make sure to configure it only to use Wi-Fi.

I haven’t talked much about Google Drive, but it would seem to be the winner based purely on specs and price, the dot in the top-right if this were a Gartner Magic Quadrant. I’m especially impressed that they have a very high free storage number and very high ends for storage purchase. Their feature set is good, if not tops. It seems a given that if you’re a user of the Google ecosystem, particularly of those (like Apps and Picasa) which require cloud storage, that Google Drive is the way to go.

If not, Google Drive is still a good choice. If your storage needs are modest meaning 107 GB or less, and that’s a lot of storage for most people, then you can save money on SkyDrive and it works well enough.

Microsoft is attempting to put SkyDrive in your face with their new generation of products. As I said, Windows 8.1 has some new features for it. In fact, it’s pre-installed on Windows 8.1 and for Metro/Modern UI apps it will likely always be easy to access, whereas other services will need to be accessed through the file system. The conventional Windows programs in Office 2013 make SkyDrive or SkyDrive Pro an easy option for file access.

I’ve been falling in love with OneNote 2013 lately, shifting over to it after losing patience with all the bugs in Evernote (another story at another time). The mobile app versions of OneNote, or at least the Android and iOS versions, can only access notebooks on the consumer SkyDrive. This is a bizarre set of circumstances for Office 365 users who would normally put their notebooks on SkyDrive Pro. It’s another sign that Microsoft is confused about the distinction between the two services. Perhaps the recent reorg at the company will help straighten some of this nonsense out.

One implication of it is that I’ll have to hold on to SkyDrive if I want to keep using OneNote. I can keep notebooks elsewhere, SkyDrive Pro included, but they won’t be visible on mobile devices.

The one I definitely want to buy is SugarSync. I’ve only used the free service so far, but I’m impressed. Unfortunately, compared to SkyDrive and Google Drive, the prices kind of steep, especially north of 100GB. I’ll have to see how free I feel about money when my Dropbox account expires.

But the one thing I’m sure I’ll do is to move from Dropbox. For the top dollar that they charge, they don’t offer much that’s special. Their software is still really good, but all the others are at least close now. It’s time to move on.

Mobility management and security getting a little less messy

Security and management in the mobility space, at least since the dawn of  the iPhone, has always had a “figuring it out as we go along” quality to it. So far we’ve gotten away with it; even though the potential for significant security breaches via mobile devices has always been there, and even though compliance with best practices in mobility is a rare thing, I’ve seen no evidence that they are a significant source of actual breaches. The real problems are what they always have been: SQL injection, weak passwords, social engineering, etc.

In the meantime, the market for products to manage and secure mobile devices has been maturing. Of course management and security should be closely-intertwined, if not run by the same products. That can be difficult when the major products don’t include more than trivial management capabilities and very little is compatible cross-platform.

This has created an opening for third parties, and those third parties have flooded into that opening. Several large and important companies have emerged, such as AirWatch, Good and MobileIron. They have all been on acquisition sprees and are attempting to fill out the gaps in their management capabilities.

But there are many, many smaller companies, and some of them have clever people and useful solutions. The only road open to them – short of getting bought by some larger mobility company – is to start to form alliances with each other to create more useful and complete solutions. An example of this came about recently when Notify Technology and MobileOps agreed to create WorkSecure, a combination of their products complete enough to compete at a high level.  Appthority, Boxtone, Appcelerator, Apperian, and Happtique have all made similar moves.

No doubt, when large companies evaluate mobile security solutions, or any product, a big part of it is counting the checkboxes that matter to them. WorkSecure checks a lot of boxes. This has a better chance of getting them in the door when Faceless National Bank conducts their bake-off of mobility solutions.

In the bigger picture, there are two solutions to the lack of standards, assuming you see it as a problem: agreed-upon standards and de-facto standards. There actually is an organization working on industry standards in this space: The Open Mobile Alliance (OMA). They have some backing from Microsoft in Windows 8.1 and RIM is also a member, as are most of the major carriers and many large Android OEMs (including Samsung), but neither Apple nor Google are.

I see more of a future for de-facto standards. Apple has begun to include MAM (Mobile Application Management) capabilities iOS with version 7. RIM (for what it’s worth) already includes these features in BES 10, and attempts to do what they can with iOS and Android. Samsung is attempting some of the same with their SAFE initiative. I haven’t heard that Samsung or RIM are going to conform to OMA in their products or share their technology with the Alliance.

But clearly Apple, Samsung and RIM are on to something. The basics of security and management, if not the more cutting edge stuff, should be in the operating system. It would be better and more logical for them all to agree on some standard interfaces for it, but sadly that seems to be limited to the basic MDM API created by RIM back when they were the pretty much the whole smartphone market.

And allow me a moment here to express disappointment with Microsoft. Even though it’s good they seem to be on the OMA bandwagon, their own mobile products (other than Windows 8 on tablets) have only the crudest management capabilities, and their management tools are uninspiring. I expected more from them.

So even if a certain amount of basic security becomes included with the product it appears that the overall market will still be a mess, and that should leave open plenty of opportunities for competitors, large and small. I don’t see any consolidation happening sufficient enough to lead the overall market in one clear direction.

If you’re a buyer, this means that you should have an increasing selection of options, from large and small companies, that can provide workable solutions. It won’t, however, translate into that one safe choice you can make. You still have a lot of work to do, figuring out which works best for your organization’s needs.

USB-powered cat

USB-powered cat

NOTE: The green eye lights indicate that the cat is fully charged.

[credit: Pet Pix Pillow]

The Curator: Why Microsoft is forcing us on to modern apps

I’ve been struggling for a good year now with Microsoft’s decision to push users as hard as they are pushing them to use the new, modern user interface, what was once code-named Metro. Even in Windows 8.1, a.k.a. Windows Blue, it is the primary user interface. Why is Microsoft forcing us to use the new modern UI?

“Forcing” is perhaps too strong a word I suppose (although it’s a good one for a headline). You can continue to use conventional Windows programs – hell, even text-mode console programs – and keep using a con

ventional keyboard/mouse computer, but they’re all legacy now, at least for programs with significant user interface.

Moreover, and Microsoft’s protestations notwithstanding, Windows 8 is far less usable on a conventional computer without a touch display. You need to get used to a few gestures and then things are not as bad, but they are still markedly inferior to Windows 7, particularly in desktop mode.

Why would Microsoft make the old interface so undesirable? In order to make the new one desirable. Why? There are a lot of reasons for that, but one very big one is security.

Complain all you want about Apple’s curated app store and the fascist police state that underlies its management, but they have pretty much licked the malware problem. Malware on iOS is still theoretically a problem, and perhaps it is used for high-value, targeted attacks that get hushed up, but the sort of bread and butter attacks that plague Windows users and which exist to some degree on almost all other platforms are virtually non-existent on iOS. Why? Because, unless you’ve jailbroken the device, you can only install software that Apple has approved for sale in their app store.

Microsoft has replicated this experience for modern apps on Windows 8. In fact, because that’s all that runs on Windows RT, it’s completely replicated there. To the extent that you use only apps and stay in the modern UI you are going to be very safe from malware.


Before an app can go in the store, you have to submit it to Microsoft, who will test it against their certification requirements. The certification process supposedly involves actual testing by humans (“Our certification testers install and review your app to test it for content compliance”). It’s not clear to me whether the certification standards are quite as burdensome as Apple’s; I suspect they are not, if only because I know certain application types, like soft keyboard replacements, can be certified on Windows but not on iOS. But the important point is that there is a strong level of oversight there.

This is where we’re headed. At the Windows 8 rollout, and effectively on his way out the door, Microsoft’s Steve Sinofsky said that Microsoft believes that all computers should have touch capabilities. By this holiday season you can expect that to be the case to a large degree. All computers from the major companies, at least in the developed world, will have some sort of touch display – even the notebooks. As Microsoft sees it, within a few years, most of us will be using apps all the time.

I  can see getting used to this, as long as I can *also* use a keyboard and mouse – this, by the way, is the real differentiator with iOS. I can also see why this curated experience is so appealing to Microsoft. The history of DOS and Windows has shown that there really is no other  – or at least no better – way to prevent malware.

It’s always been possible to do a very good job in securing systems by giving significant authority to administrators and locking down users. The problems come from the fact that users resist these restrictions. The BYOD phenomenon is an outgrowth of user impatience with IT restrictions. But somehow users are OK with restrictions when they come from Apple.

So perhaps people will be happy with the restrictions coming from Microsoft too. The problem with this arrangement is the problem with the Apple arrangement: An app in the Microsoft store gives Microsoft a significant cut of the proceeds. Large software companies – Adobe for instance – aren’t going to be willing to pay that much commission to Microsoft, and it’s not really fair for them to. But of course, on Windows (as opposed to Windows RT) you can install whatever software you want, so while the security can only go so far, so do the restrictions.

In the longer run they’ll think of some solution. In the shorter run, it’s an old story: We’re going to be surrendering some freedom in exchange for some security. I think this is a reasonable move, especially on Windows where we do have the option to bypass it if necessary.

Security and the “If it Ain’t Broke Don’t Fix it” Mentality

(Originally posted Thursday, June 27, 2013)
“Why should have to replace a computer that’s working even if it’s 10 years old?” 
That’s not me speaking, it’s a relative whose identity I’ll protect (not that he would really care). There’s a foundation of solid logic behind this argument, at least at first glance. The things I bought this computer for 10 years ago are things I do with it still, and it works. So why should I change it? It’s possible – not likely, but possible – that this argument makes sense. But only if you’re cut off from the world.
Security is the problem which makes your computer broken whether you know it or not. Your old computer is far more likely to be running old software. There’s a decent chance it may not be capable of running current versions of software. So what do you do when someone sends you a .docx file and there’s no way to read it in Office XP (2002)?
Just yesterday Adobe announced the end of life – meaning the end of support – for Reader version 9.x. This is a happy event, because Reader was, at one point, one of the most targeted programs on the planet and, with version 10, it became far more resistant to attack by running the most vulnerable parts of of the program in a sandboxed architecture. Web browsers and parts of currrent Microsoft Office versions have adopted these sandboxing techniques too (in fact, Adobe got the techniques from Microsoft; they had their origins in IE7). Sandboxing uses CPU features which are common now, but which were once cutting edge. It also increases the processing and memory needs of the application. The end result: Your old computer is less able to run the more secure program.
And yet, we still find people running old computers and old programs all the time. A recent Microsoft security report described how there has been a rise in the exploit of vulnerabilities for old versions of Reader and Acrobat. These people are helpless against attack – as long as they use Reader. Of course, if they were all that concerned with updates they might have updated to Reader X or XI by now. I don’t pretend to understand the mentality.
Office is a little easier to understand because it costs cash money. It’s easy to make the case that the copy of Microsoft office you bought back in 2003 still does every thing you need, even if it’s a major security target and hasn’t had an update in years. And then there’s Windows XP itself, which (along with Office 2003) will receive its last security update next April. Running a version of Office prior to 2007 is unsafe and irresponsible. Tick tock….. Your computer is broken and it’s not getting any better.​
There’s a case to make that the cloud and the app store model are the eventual solution to this problem. Updates are forced on us and, in the case of the cloud, it’s impossible to run anything but the current version. Some people lament the loss of user control, but not me. User control has brought us far more trouble than it has been worth.

Do Not Track Standards Do Not Coalesce

(Originally posted Monday, June 24, 2013)

The advertising industry is in a huff over Mozilla’s plans to support “The Cookie Clearinghouse” at the Center for Internet and Society (CIS) at Stanford Law School. The Cookie Clearinghouse starts with some browser behavior changes and adds what Mozilla’s Brendan Eich describes as both block- and allow-lists of sites and a mechanism for managing exceptions to them. What would be blocked? 3rd-party tracking cookies.

The advertising industry is indignant, as they have been in the past when their abilities to track users are impeded.

As Eich says, it will be months before this hits the release versions of Firefox but there certainly seems to be a lot of indignation out there at how much business would be lost by the Doubleclicks of the world and other sites that people don’t visit, but which visit them. That’s how 3rd party cookies work.

And yet, something seems so familiar to me about the whole “Cookie Clearinghouse” thing… It sounds so much like…. Like Internet Explorer 9.

[cue harp strum…]

Take yourself back to March, 2011 and the release of IE9. Microsoft says they will support the silly and pointless Do Not Track header, but they also announce support for Tracking Protection Lists, which are pretty much the same thing. Not exactly the same thing, but they have the same goal and share much of the same methodology.

In IE9 or IE10 (or, presumably, IE11) hit the gear icon then “Safety” and then “Tracking Protection…”.

Tracking Protection Lists (TPLs) are lists, provided perhaps by Microsoft but mainly by 3rd parties, of domains which should not be allowed to send tracking cookies. Here is a sample section from the TRUSTe TPL:

​-d where.com
-d widgetbox.com
-d widgetserver.com
-d wildtangent.com
-d woopra.com
-d wootmedia.net
-d wordpress.org
-d worldnow.com

(Yes, wordpress.org. I guess people use it to store malicious cookies.)

Like The Cookie Clearinghouse, TPLs can also whitelist a domain (with a “+d” instead of “-d”). There are several in the TRUSTe list.

Incidentally, Microsoft submitted TPLs as a standard to the W3C in early 2011. They resubmitted it to the W3C Tracking Protection Working Group, which owns the Do Not Track HTTP header

Unlike TPLs, the Cookie Clearinghouse has no implementation definition at all. The group is leaving all that up to the browser vendors. But TPL would be one way to do it, which means that Internet Explorer is pretty much set up for it already.

The Cookie Clearinghouse starts with a series of behavioral rules for user agents before black or whitelists are applied:

  1. If a user visits a website, set the cookies from that site.
  2. If a user does not visit a website, do not set the cookies from that site.
  3. If a site is trying to save a DAA opt out cookie, set the opt out cookie from that site.
  4. If a user consents to setting a cookie, set the cookie.

The first two rules are how Apple’s Safari behaves now, which is to say that it blocks third-party cookies. Rule 3 is a Google Chrome behavior and I can make a vague guess at what it is, but I’m not sure. Rule 4, they say, “is in keeping with requirements under European laws.”

I spoke to Andy Sudbury, Chief Technical Officer at Abine, a privacy services company that was one of the first out of the gate with a TPL.

He told me: “Fundamentally, what the Cookie Clearinghouse is doing is a good thing. It’s very important to have groups working on different ways for people to protect their privacy.”

Sudbury is certainly right about this. The Stanford people are obviously smart and true believers and it’s entirely possible something useful could come out of it.

“Unfortunately, cookies are just one part of the privacy problem and, in fact, declining part of it.” As Sudbury explains, cookies – especially 3rd party tracking cookies – have such high profile and such a bad name, they’re starting to get blocked more broadly – such as Safari’s 3rd party cookie blocking behavior, soon to be followed by Mozilla, and hopefully even more so through implementations of the Cookie Clearinghouse’s lists. Even Tony Soprano was scared of cookies.

Tracking nowadays goes far beyond cookies and extricating yourself from it is no simple matter. For instance, you may not want all the implications of every “Like” button you click on Facebook, but does that mean you should block all requests to facebook.com?

There are products and services which attempt to block tracking in a more comprehensive and intelligent way, including Abine’s own DoNotTrackMe.

Now of course it’s fair to say that nothing became of TPLs when Microsoft released them. They may be an excellent technique, but nobody would know about it because Microsoft barely gets any interest from the press for Internet Explorer in spite of retaining huge market share.

Why not? Why didn’t the advertising industry scream to AdAge that their business models were threatened? Because Internet Explorer, popular as it is, is also uncool. I’ll wager if you took a survey of “industry influencers” perhaps 10% of them use IE on a regular basis. (I use it, but only as a secondary or tertiary browser; my main browser is still Chrome.)

TPLs, by the way, do more than block cookies. They block all HTTP requests to the specified domain. This blocks cookies, but also images, other beacons, CSS, Javascript, etc. As a privacy spec, it’s more comprehensive than Cookie Clearinghouse, apart from the default behaviors.

It’s certainly far more comprehensive and effective than the Do Not Track HTTP header, the main focus of the W3C Tracking Protection Working Group. That was a simple request by the user’s browser to the web site not to track. The working group has been working on this seemingly simple task for over 2 years and is on the verge of giving up. This is why you’re seeing proposals like Cookie Clearinghouse now. It’s balkanization.

There is one major problem that the Cookie Clearinghouse just glosses over: The system requires maintenance of the white and blacklists. There is a section on their web page where they indicate that they will be taking this function on for themselves and providing for ad networks to file challenges and I have the feeling that they don’t know what they’re getting themselves into. The advertisers will be all over them like flies on….well, you know.

This is where Microsoft did it right. Allow 3rd parties to provide the lists, allow users to make their own (not that many people would actually do that), and open up the standard. Too bad nobody paid attention.​​

This article also appears on Betanews.

RIP Ed Iacobucci


(Originally posted Saturday, June 22, 2013)

Ed Iacobucci, best-known as co-founder of Citrix Systems, died Friday morning after a 16 month battle with pancreatic cancer, according to a press release from VirtualWorks Group, another company he co-founded and where he served as Chairman. Ed was 59.

Ed was the IBM executive who oversaw (from their side) the OS/2 project with Microsoft. He left in 1989 to co-found Citrix, which took a source license of OS/2 and build a true multi-user operating system out of it. The company eventually did the same with Windows NT and now they’re in a lot of things, but most of their business is still based on the original notion of remoting user interfaces.

I first met Ed back in the early 90′s when Citrix was brand new and awe-inspiring and Ed was always a big part of what made the company impressive. I would run into him over the years and it was always a pleasant experience. Long after he left I couldn’t help think of Citrix as anything but Ed’s company. I’m very sad that I won’t see him again.​

Office for iPhone; Probably No iPad or Android Versions Coming

(Originally posted Friday, June 14, 2013)

Early in this decade, rumors of an “Office for iPad” were endemically on low-burner. After all, it made sense to people who thought the iPad had taken over and was the irresistible force that Microsoft couldn’t stop. Then in early 2012 an outfit called The Daily claimed to have seen an early version of this app. Microsoft denied it emphatically.

My take on it at the time was that it made no sense; releasing a real office for iPad would be an abject surrender for Microsoft to Apple. Not only would it compromise any tablet strategy Microsoft had for Windows (remember, Windows 8 had not yet been released or even demonstrated), but Microsoft would have to give Apple 30% of any Office sales! There’s just no way Microsoft would this.

Assuming The Daily wasn’t just lying about seeing what they claimed they say, what explained it? Either they misconstrued what they saw or they saw a mock-up and were the butt of a practical joke. Either way they should be embarrassed.

office-iphone.jpgNow we have news to support the former hypothesis: Microsoft has released Office Mobile for iPhone, an app which accesses Office 365 accounts on the iPhone. It’s not standalone versions of the programs like the Daily stories claimed.

The Daily did say that they saw an iPad app, not an iPhone app. Like any iPhone app Office Mobile for iPhone works on an iPad – badly – at 1x and 2x, but Microsoft says “you’ll have a more satisfying experience using Office Web Apps.”

Will Microsoft make iPad versions? I suspect not, for a variety of reasons. For one, Office Web Apps on a tablet provides a pretty good experience. On that big a screen you don’t necessarily get much of a benefit from an app. Plus it gives Microsoft more room to showcase how much better Windows 8 is than the iPad at Office.

The other thing that makes sense about this offering is that Microsoft waited until they had all their solutions in place before releasing it.

Joe Wilcox at Betanews says that this version makes sense, but that Microsoft should avoid making an Android version. There’s some logic to what he says, and he doesn’t even get into the fact that developing for Android means dealing with 100 targets.

Whether Microsoft should or shouldn’t make such an Office version for Android, I think they won’t. This may make Android less of safe option for business (where iOS is already the default, safe option) and make Windows Phone and Windows 8 a safer one.


Get every new post delivered to your Inbox.