Timely Topics for IT Professionals
About ACM TechNews
ACM TechNews is published every week on Monday, Wednesday, and Friday.
ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either Gateway Inc. or ACM.
To send comments, please write to email@example.com.
Volume 2, Issue 32: Monday, March 20, 2000
- "Online Exchanges Open Door Wider for Tech Firms"
Los Angeles Times (03/20/00) P. C1; Dunn, Ashley
The B2B e-commerce market is awakening as companies begin to understand the enormous potential online marketplaces have to cut administrative costs, save time, increase employee productivity, and generate huge profits. Forrester Research estimates the B2B market will total $2.7 trillion in 2004, nearly 10 times the value of the consumer retail e-commerce market. Companies that specialize in high-tech applications are well positioned to profit enormously from developing the technology needed to power the different B2B e-commerce operations and providing the services and support to build the online exchanges and ensure they function smoothly. Oracle and Microsoft are the leaders in creating computer databases that store and track information on online exchange products, services, and sales. Ariba and Commerce One create the software programs for online marketplace transactions. WebMethods specializes in creating XML software that enables computer databases to recognize the meaning of entries and know that a certain number is a price and a certain word is a company name. Companies that specialize in protecting the security of online transactions, such as Entrust Technologies, are also key players in the new B2B industry. Although only a few of these companies cashing in on the developing B2B market have gone public, e-commerce analyst Gavin Mlinar says 2000 "is going to be the B2B IPO year."
- "Furor Over Virginia E-Biz Law"
Wired News (03/15/00); McCullagh, Declan
Virginia Governor James Gilmore signed the Uniform Computer Information Transaction Act (UCITA) into law on March 14--though it will not take effect until mid 2001--and consumer activists, computer scientists, and librarians are protesting the new legislation. UCITA, which regulates e-commerce and "shrink wrap" software licenses, was drafted by software and hardware companies that have been lobbying states to adopt it. Virginia is the first state to accept UCITA; Gilmore says its increase in electronic transactions will perpetuate the Internet revolution and promote e-commerce, as well as strengthening the growth of the state's technology and manufacturing economies. So far, those opposed to UCITA are fragmented, but their protests seem to be gaining momentum--the Consumer Project on Technology has condemned the act for allegedly giving businesses more rights at consumers' expense, and the Linux community is afraid that UCITA will increase open-source software developers' legal liability. GNU Project founder Richard Stallman says the commercial software companies that make proprietary software will avoid liability through shrink-wrap licenses, while self-employed contractors and amateurs will be hit hard. UCITA has been introduced in a number of states and is supported by Microsoft and the Business Software Alliance, among others.
- "Netscape Browser Faces a Changed World"
New York Times (03/20/00) P. C4; Hansell, Saul
The newest version of the Netscape browser, Netscape 6.0, is scheduled for release in April 2000 and is the first major update to the browser since Netscape Communications was acquired by AOL in November 1998. AOL has reshaped the business strategy of the independent Netscape into one that focuses on consumers rather than businesses. AOL sees the new browser as an opportunity to build a network of interactive consumer services, and has incorporated into Netscape 6.0 many AOL features, including instant messaging, email, and various buttons that users can click on to enter AOL's shopping area and Netcenter portal. Despite rumors circulating in Silicon Valley that Netscape is on shaky ground, AOL CEO Michael Kelly says the investment is well on its way to paying off. Traffic on Netscape.com has increased 26 percent over the past year, and Sun Microsystems, which oversees the Netscape corporate server business known as iPlanet, has guaranteed AOL $1.3 billion in payments from the joint venture during the next three years. Following its merger with Time Warner, AOL plans to create versions of Netscape for use with major Time Warner brands, such as CNN and Money.com, that would perhaps resemble the individual brand sites in appearance and service features.
- "Web Firms Have Sorry Record on Public's Privacy"
Los Angeles Times (03/20/00) P. C1; Piller, Charles
- "Spam Strikes Back"
E-Commerce Times (03/16/00); Enos, Lori
Internet and legal experts are questioning a judge's dismissal of a case brought by the Attorney General of Washington against an Oregon man who was accused of spamming. Among them is Alan Schwartz, who co-authored the book "Stopping Spam." In an interview with E-Commerce Times, Schwartz addressed the interpretation of King County Superior Court Judge Palmer Robinson, who ruled that the Washington anti-spam law violates the interstate commerce clause of the U.S. Constitution. Schwartz suggests that Robinson should not have equated sending spam with interstate commerce because spamming does not involve a commercial transaction. Meanwhile, Ian Oxman, president of ChooseYourMail.com, took issue with Robinson's interpretation that Washington's law was "unduly restrictive and burdensome" to Jason Heckel, the man accused of spamming Washington residents. Oxman argues that if that burden is not placed on the spammer, then it will be placed on consumers and ISPs. Spam is not the same as traditional junk mail, anti-spam advocates note, because the financial burden is placed on the consumers and ISPs that receive the spam. Although Schwartz says legislation should remain at the state level, Oxman says Robinson's ruling shows that there is a need for federal legislation with the varying and conflicting anti-spamming laws that states have enacted. Four federal laws have been proposed thus far. However, Jerry Cerasale, senior vice president of the Direct Marketing Association, believes it would be best if technology companies policed themselves. Even with Robinson's ruling, computer users will not be inundated with spam because ISPs across the country make spamming illegal for their customers.
- "E-Business Task Force Unveils Security Guidelines"
Newsbytes (03/14/00); Featherly, Kevin
The Internet Security Task Force on Tuesday introduced a number of recommendations that are designed to identify the risks of doing business on the Internet. Broad in scope, the recommendations cover authentication, privacy of information, detection of security events, defense of corporate perimeters, intrusion detection, malicious content, access control, administration, and incident response. The recommendations come after last month's denial-of-service attacks that brought down the Web sites of major Internet players such as Yahoo!, E-Trade, and Amazon. Current industry studies show between 50 percent and 75 percent of all Web sites are vulnerable to at least one of 20 known security holes that hackers take advantage of. The task force, consisting of representatives from such major companies as Cisco, eToys, Sabre, Travelocity, Verio, and Computer Associates, is trying to stress the importance of e-commerce security to medium-sized businesses. For example, Kayne Grau, senior director of information technology at eToys, says that although many companies have invested in software products that will protect their systems from attacks, they also need to invest in the expertise needed to make sure that their firewalls and filters are working correctly. Grau suggested that many companies do not have a full-time security officer; eToys, which has 500 employees, has just one full-time security worker, and one part-timer. Inadequate clean-up and mishandling of credentials is another reason for e-commerce vulnerability. Companies often do not adequately clean-up the user IDs and passwords of former employees. Authentication was also a theme of the conference. Companies that are doing business online may not realize that they are opening up their core systems in a way that may give customers direct access to their systems.
(Access for paying subscribers only.)
- "Firestorm in Cyberspace"
Washington Post (03/19/00) P. B7; Ignatius, David
Software developers last month launched a large-scale protest against a patent law that developers say could stifle innovation and harm the entire Internet community. The law in question resulted from a federal appeals court ruling two years ago that allows companies to obtain broad patents for business methods. Amazon holds two controversial patents, including a patent for one-click ordering, which allows consumers to buy an item just by clicking on it, and another patent for its "Associates" program, which lets other sites direct business to Amazon in exchange for part for of the revenue. The rebellion against such patents gained speed on Feb. 28, when software expert Tim O'Reilly posted an open letter on his Web site asking Amazon CEO Jeff Bezos to stop enforcing the one-click patent. Thousands of Internet activists supported O'Reilly's letter, while another group began pushing for a boycott on Amazon. After speaking with O'Reilly on March 1, Bezos joined the protestors, saying current patent laws could damage everyone, including Amazon. Bezos suggested that patents for software and business methods should have a shorter duration than other patents, and that a public comment period should be held before a patent is granted to determine whether the potential patent is a true innovation. The protesters, supported by Harvard law professor Lawrence Lessig, are now arguing for the creation of a "prior art" database that would make it difficult to patent general ideas. In addition, the protestors favor a "public Internet patent pool," which would provide companies that promised not to aggressively enforce their patents with free access to a pool of patents.
Click Here to View Full Article
- "Clicks & Bricks"
CIO (03/15/00) Vol. 13, No. 11, P. 77; Stuart, Anne
Retailers are starting to believe that the most effective business model is a combination of online and brick-and-mortar efforts, or click-and-mortar. In the past, many retailers have separated their online and offline efforts or chosen between the two. Now many companies, including hat specialty store Lids, are trying to create a seamless experience for customers regardless of whether they shop in real-world stores or on the Internet. Lids lets customers redeem gift certificates or return merchandise online or offline no matter where the original transaction took place. Meanwhile, some pure Internet companies are making an effort to build a physical presence. Egghead Software withdrew from brick-and-mortar sales in 1998 to become Egghead.com, but now the Internet-only firm is considering building physical stores. Egghead.com CEO George Orban believes that brick-and-mortar companies are the largest threat to online firms. Click-and-mortar companies are finding that Web sites bring traffic to their real-world stores. Many visitors at Sears.com use the site to research a product before purchasing it at one of the company's traditional stores. Conversely, some physical stores are directing traffic to Web sites, such as the real-world Gateway Country stores that allow customers to try out Gateway systems online. Some traditional companies such as Levi Strauss & Co. halted direct sales over the Internet after retailers became angry that the online efforts would detract from brick-and-mortar sales. Analyst Patricia Seybold says, "That's pre-Web mentality, that there's a scarcity of customers out there." To be successful, companies will ultimately sell merchandise online and offline, both directly and through retailers, Seybold says. Following the click-and-mortar model, companies need to ensure that information flows seamlessly among all channels.
- "Which Key Fits?"
InfoWorld (03/13/00) Vol. 22, No. 11, P. 34; Scannell, Ed
Although many companies recognize the advantages of Web-enabling their legacy applications, few firms have actually done so, according to a recent Cutter Consortium survey. Only 15 percent of 134 companies that responded to the survey have enabled their core applications for e-business. However, companies are increasingly moving to revamp their host systems because of the benefits of the Web and new methods of enabling host systems that simplify the process. Many companies begin Web-enabling their systems by tapping into their mainframes or other high-end host systems. Since companies have invested millions in these host systems, some are reluctant to modify the hosts. However, many companies are turning to middle-tier application servers that allow users to leave data and business logic on the mainframe and still access the information. When RLI Insurance decided to move its data to the Web, the company decided it did not need to redevelop its AS/400-based application. The company selected Seagull's J Walk as a front-end solution to provide systems with Web access without affecting the back-end system. J Walk, which includes developer's tools, server software, and thin-client technology, lets RLI merge application access to host functions for integration with Java and HTML. Meanwhile, oil-drilling service B.J. Services began its Web-enabling project after replacing 30 Banyan servers with a 10-server MetaFrame 1.8 server farm from Citrix as part of its Y2K remediation efforts. The company says MetaFrame allowed it to switch to thin clients, which cut costs on desktop hardware. After installing MetaFrame, B.J. Services Web-enabled the system by implementing Citrix' Nfuse, which lets MetaFrame-based applications be posted to the Web.
- "Government E-Commerce Data to Come Out at a Crawl"
Interactive Week (03/13/00) Vol. 7, No. 10, P. 22; Trager, Louis
The Department of Commerce (DOC) is planning to release its figures for the 1998/1999 e-commerce market in Spring 2001, claiming such a lengthy time frame is needed to gather and analyze the massive amount of data involved. Many retailers and consumers are frustrated at such a long delay and believe the fast pace of technology will mean numbers for 1998/1999 will be virtually obsolete by their scheduled release date. Also, some private researchers claim the DOC analysis is based on a narrow definition of retailing that excludes many online transactions from the study. Prior government surveys included data for manufacturing, wholesaling, food services, and business and professional services but neglected consumer sales by manufacturers and distributors, consumer-to-consumer auctions, online brokerages, and online ticket sales. The government has promised to revise its definitions for online retailing. Analysts say that once the operational differences are accounted for, government e-commerce figures are increasingly comparable to those released by private research firms.
- "Dot-Coms Wary of Privacy Bills"
Computerworld (03/13/00) Vol. 34, No. 11, P. 1; Thibodeau, Patrick
Congress is considering implementing Internet privacy legislation that has the potential to radically alter online business practices, including the collection and use of customer data, direct marketing techniques, and even Web site design. Of the 50 states, 44 are likely to consider similar legislation this year. Critics of proposed privacy laws say such regulations will place too much control in the hands of consumers, create a tangle of competing state laws that will unduly burden companies, and eliminate the ability of businesses to gather information that allows them to tailor their advertising and marketing efforts toward consumers. Ensuring that companies adhere to their stated privacy policies is a better solution than imposing new legal restrictions, the critics claim. However, such arguments do little to quell the growing public clamor for Internet privacy, fueled most recently by the discovery that DoubleClick had intended to link its users' personally identifiable data with their Web surfing activities. The company has since apologized and abandoned the plan, but many view the situation as solid evidence of the need for legislation that protects and guarantees consumers' rights to privacy.
- "Welcome to the One Gigahertz Processing Era"
Electronic News (03/13/00) Vol. 46, No. 11, P. 1; Hesseldahl, Arik
Competition between rival chip suppliers Intel and Advanced Micro Devices to create quicker, more powerful processors reached a new plateau following recent announcements that each had created a 1 GHz processing chip. Intel had planned to be the first to release a 1 GHz processor--its Pentium III Coppermine processor developed months earlier than originally scheduled--and intended to publicly announce the event March 8. However, AMD managed to unveil its 1 GHz Athlon chip first, on March 6. Intel does have an advantage in that its Pentium III includes an L2 cache while the AMD Athlon does not, although AMD says it intends to incorporate the L2 cache into its future Thunderbird and Spitfire chips. However, all of this hype may be a bit premature, since both Intel and AMD are not yet mass-producing their new products. It is highly unlikely consumers will be able to purchase computers operating on either a Pentium III Coppermine or an Athlon until April, and even then buyers must be willing to pay between $999 and $1,299 to buy such technology. News of the 1 GHz chips has not resulted in the typically seen decrease in the cost of less advanced products in each company's line, notes analyst Linley Gwennap.
Click Here to View Full Article
- "CERT Tries to Reassert Itself"
Interactive Week (03/13/00) Vol. 7, No. 10, P. 77; Brown, Doug
CERT is a consortium of high-tech organizations and computer security experts headquartered at Pittsburgh's Carnegie Mellon University. The organization was created in 1998 with aid from the Defense Department as a type of watchdog and response team for technological security issues, an information broker that allows companies to quickly discuss hacker attacks and solutions for those attacks. However, CERT has come under fire recently by critics who say its techniques are obsolete, and that it failed to warn companies about the recent denial-of-service attacks that shut down some of the Web's biggest commercial sites. Security expert Bruce Schneier, chief technology officer of Counterpane Internet Security, claims that CERT is too slow and unresponsive to make a difference in the fight against cyberattacks. "Right now, they are largely irrelevant. The Internet is becoming too big and moving too quickly, " says Schneier. CERT contends that it became aware of denial-of-service attacks several years ago, and even held a workshop on the issue last fall, publishing the results in December 1999. The group says it is restructuring in order to become more responsive and proactive, rather than simply analyzing attacks after they happen. CERT says it wants to increase its dialogue with the high-tech industry and other groups interested in security. CERT also wants to be involved in any type of "information sharing mechanism" created by the Internet industry, and wants to become more involved with the Information Technology Association of America.
- "Security: The Next Frontier"
Government Computer News (03/06/00) Vol. 19, No. 5, P. 44; Miles, J.B.
Several important standards are emerging as network security becomes of crucial importance in the global marketplace. Security technologies such as firewalls, IPSec, public key infrastructure (PKI), and smart cards are all being promoted by major industry players. Firewalls, which can be either software or hardware technologies, control access to private networks using special codes, called proxy services. Smart cards are another type of security device, used to control user access and authentication. Compatible with PKI and other emerging standards, smart cards are often used to supplement other security measures. IPSec is a promising set of specifications backed by such industry players as IBM, Intel, Compaq, and Microsoft. IPSec is becoming a popular choice among network users because it supports a variety of encryption algorithms and authentication technologies. Also gaining momentum is PKI, an emerging set of standards for encrypting, authenticating, and validating network transactions. PKI relies on digital certificates and digital signatures, as well as third-party user authentication, to ensure secure network transactions. PKI is backed by companies such as IBM, Entrust, and RSA Security, which recently allied in a group called the PKI Forum to ensure interoperability among PKI technologies.
- "Accuracy Wins"
Intelligent Enterprise (03/20/00) Vol. 3, No. 5, P. 45; Nachtwey, Don
- "The Enterprise Knowledge Portal"
DM Review (03/00) Vol. 10, No. 3, P. 20; Grammer, Jeff
Although many organizations are turning to enterprise information portals (EIPs) and knowledge management to try to keep pace with continuous dynamic information needs, they are finding these solutions to be limited--EIP in its application capabilities, and KM in its reliance on business discipline. The enterprise knowledge portal (EKP) is an attempt to synthesize the best elements of its predecessors--the ability of EIP to provide information access and the ability of KM to let users link information with their collective knowledge--to speed innovation and reduce the amount of rework in an organization. EKP can provide users with active computing--that is, computing capable of offering real answers rather than simple storage of data--through a convergence of expert systems, business intelligence, collaboration, enterprise application integration, and computer-based training. To make EKP available to all aspects of an enterprise object-oriented computing, which allows users to interact with objects to develop a network of organizational and personal knowledge, standards must be adopted, and XML would be well-used as a means of moving objects in and out of EKP sources. EKP can be an invaluable tool in supply chain management, customer relationship management, and intellectual property management. Deployment of EKP requires an organizational strategy that addresses an inventory of systems and information, how disparate divisions, customers, and vendors will interact with it, a review of business processes that may conflict with a knowledge-sharing culture, and the incentives that might be offered to encourage EKP use. An EKP should be selected based on it framework for a solution, its ability to allow users to participate in collaboration and knowledge building, and its flexibility to adapt to the needs of the entire organization. Finally, rather than try to implement EKP across an enterprise all at once, users should focus on incrementally adding communities.