Meet Nook, Barnes & Noble's e-book reader

On Tuesday, Barnes & Noble announced that the Nook, the company's e-book reader that aims to compete with Amazon's Kindle, is available for pre-order. That ancillary screen is used to navigate books via a Cover Flow-like interface, display an on-screen keyboard, and generally operate the device. It's a very interesting device: the first dedicated e-book reader that is powered by Google's Android operating system (it runs Android 1.5). The Nook should ship at the end of November and it'll cost you $259. That's the same price as the Kindle 2, though an international Kindle 2 that allows wireless access outside of the U.S. costs $279. (The nook doesn't include an International option at the moment.) Barnes & Noble's reader has a 6-inch diagonal E Ink display, just like the Kindle 2, but the clever folks at B&N have also added a 3.5-inch color LCD screen below the E Ink screen. The Nook comes with 2GB of internal memory, which Barnes & Noble says will hold about 1500 e-books, though that can be expanded by using the included Micro SD slot.

And should you wish, you can remove the Nook's battery, for fun and profit-and B&N will sell you an extra battery if the 10-day charge without using wireless isn't enough for you. You can even listen to MP3s on the nook, either through the built-in mono speaker or by plugging in headphones. The Nook, again much like the Kindle, comes bundles with wireless 3G access-via AT&T, while the Kindle uses Sprint's network-so you can download content wirelessly. Free samples of all titles will be available and users will be able to access special content when using their nook at a Barnes & Noble store. The Nook ups the wireless ante by also including Wi-Fi connectivity (802.11 b/g) and access to free Wi-Fi in all of Barnes & Noble's stores (which is a very good idea, though it doesn't appear that the Nook has a Web browser, as the Kindle does). An e-reader isn't of much interest without something to read on it, and Barnes & Noble boasts more than a million titles, though many of those are through a partnership with Google to distribute public domain titles; there are newspapers and magazines available as well. You can also read your own PDFs on the Nook, something you can't do with a Kindle 2 without converting the PDF first.

They will be able to read it on their Nook, or using the Barnes & Noble e-reader available for PCs, Macs, the iPhone, some Motorola smartphones, and the BlackBerry. One of the biggest differences between the Nook and Amazon's Kindle is that you can let your friends borrow a Nook book for up to 14 days. You can also start reading a book on your Nook, and then keep reading where you left off on your Mac or PC thanks to Barnes & Noble's Reading Now technology, which sounds very much like Amazon's WhisperSync feature. If you want to play around with a Nook in person, you'll be able to do so at any of Barnes & Noble's physical stores, thanks to special Nook displays that should be popping up in the coming weeks.

The other iPhone lie: VPN policy support

It turns out that Apple's iPhone 3.1 OS fix of a serious security issue - falsely reporting to Exchange servers that pre-3G S iPhones and iPod Touches had on-device encryption - wasn't the first such policy falsehood that Apple has quietly fixed in an OS upgrade. Before that update, the iPhone falsely reported its adherence to VPN policies, specifically those that confirm the device is not saving the VPN password (so users are forced to enter it manually). Until the iPhone 3.0 OS update, users could save VPN passwords on their Apple devices, yet the iPhone OS would report to the VPN server that the passwords were not being saved. It fixed a similar lie in its June iPhone OS 3.0 update.

The fact of the iPhones' false reporting of their adherence to Exchange and VPN policies has caused some organizations to revoke or suspend plans for iPhone support, several readers who did not want their names or agencies identified told InfoWorld. Worse, it revealed that Apple's iconic devices have been unknowingly violating such policies for more than a year. "My guess is the original decision to emulate hardware encryption was made at a level where there wasn't much awareness of enterprise IT standards. One reader at a large government agency describes the IT leader there as "being bitten by the change," after taking a risk to support the popular devices. "I guess we will all have to start distrusting Apple," said another reader at a different agency. [ Apple's snafu on the iPhone OS's policy adherence could kill the iPhone's chances of ever being trusted again by IT, argues InfoWorld's Galen Gruman. ] Last week's iPhone OS 3.1 update began correctly reporting the on-device encryption and VPN password-saving status when queried by Exchange and VPN policy servers, which made thousands of iPhones noncompliant with those policies and thus blocked from their networks. (Only the new iPhone 3G S has on-device encryption.) Apple's document on the iPhone OS 3.1 update's security changes neglected to mention this fix, catching users and IT administrators off-guard. After all, this is a foreign language for Apple," says Ezra Gottheil, an analyst at Technology Business Research. "However, once the company realized the problem, it made a spectacularly dumb choice. Instead, it allowed itself to be seen in the worst possible light.

The change was necessary and inevitable, but Apple could have earned some points by coming clean at the earliest opportunity. This is the result of a colossal clash of cultures. Even when it is trying, Apple cannot force itself to think like an enterprise vendor." Apple's advice to users on addressing the Exchange encryption policy issue is to either remove that policy requirement for iPhone users or replace users' devices with the iPhone 3G S. IT organizations can also consider using third-party mobile management tools that enforce security and compliance policies; several now support the iPhone to varying degrees, including those from Good Technology, MobileIron, and Zenprise.

CIA endorses cloud computing, but only internally

WASHINGTON - One of the U.S. government's strongest advocates of cloud computing is also one of its most secretive operations: the Central Intelligence Agency. Jill Tummler Singer, the CIA's deputy CIO, says that she sees enormous benefits to a cloud approach. But the CIA has adopted cloud computing in a big way, and the agency believes that the cloud approach makes IT environments more flexible and secure.

And while the CIA has been moving steadily to build a cloud-friendly infrastructure - it has adopted virtualization, among other things - cloud computing is still a relatively new idea among federal agencies. "Cloud computing as a term really didn't hit our vocabulary until a year ago," said Singer. For example, a cloud approach could bolster security , in part, because it entails the use of a standards-based environment that reduces complexity and allows faster deployment of patches. "By keeping the cloud inside your firewalls, you can focus your strongest intrusion-detection and -prevention sensors on your perimeter, thus gaining significant advantage over the most common attack vector, the Internet," said Singer. But now that the CIA is building an internal cloud, Singer sees numerous benefits. Moreover, everything in a cloud environment is built on common approaches. But there are limits.

That includes security, meaning there's a "consistent approach to assuring the identity, the access and the audit of individuals and systems," said Singer. The agency isn't using a Google model and "striking" data across all its servers; instead, data is kept in private enclaves protected by encryption, security and audits. And it has virtualized storage, protecting itself "against a physical intruder that might be intent on taking your server or your equipment out of the data center," said Singer. The CIA uses mostly Web-based applications and thin clients , reducing the need to administer and secure individual workstations. Speaking at Sys-Con Media's GovIT Expo conference today, Singer not only provided a rare glimpse into the IT approaches used by the agency, but also talked about one of its greatest challenges: the cultural change cloud environments bring to IT. A move to cloud environments "does engender and produce very real human fear that 'I'm going to lose my job,'" she said.

Barry Lynn, the chairman and CEO of cloud computing provider 3tera Inc. in Aliso Viejo, Calif., said a typical environment may have one systems administrator for every 75 physical servers. In practice, highly virtualized environments reduce the need for hardware administration and, consequently, for system administrators. In contrast, a cloud-based environment may have just one administrator for every 500 servers or more. Federal CIO Vivek Kundra is encouraging agencies to adopt cloud computing, and he recently opened an online apps store that enables federal agencies to buy cloud-based services from Google, Salesforce.com and other vendors. The CIA has "seen a significant amount of pushback, slow-rolling [and] big-process engineering efforts to try to build another human-intensive process on top of enterprise cloud computing," said Singer. "It will take us a good long while to break that." One thing the agency will do to address resistance will be to base contract competitions on performance, not head count, "where it's to [a service provider's] benefit to do the work with fewer bodies and make more profit for their company," said Singer.

That's something the CIA will not do; its data will remain within the agency's firewalls, said Singer. Obstacles to the adoption of cloud computing, including concerns about security and loss of data control, may slow momentum, but "I think we'll see broader adoption and higher spending after the administration makes progress in some of the pilot programs it has planned," said Peterson. Government market research firm Input has revised its forecast for federal cloud-related spending upward; it now expects the government's cloud expenditures to grow from $363 million this year to $1.2 billion by 2014. "I think this is probably a conservative estimate, considering the push from the administration," said Deniece Peterson, an analyst at Reston, Va.-based Input. Singer said the CIA's IT department was moving in the direction of cloud computing, even if it wasn't using that term, when it widely deployed virtualization technology. Abstracting the operating system and software from the hardware "is the foundation of the cloud," Singer said. "We were headed to an enterprise cloud all along."

Microsoft pulls covers off Project 2010

Calling it the "most significant" upgrade in a decade, Microsoft Corp. today revealed details for its project management application, Project 2010. The new version will include tighter integration with Microsoft Outlook e-mail and new collaboration features for buyers of the mid-range Project Professional version. Final release is due by the first half of next year, about the same time Microsoft Office 2010 is released, according to Chris Capossela, senior vice president of the Microsoft Business Division. "This is the most significant release in more than 10 years," he said. Project 2010 will also be the latest Microsoft application to adopt the Office "Fluent" user interface, better-known as the controversial "Ribbon." Finally, Microsoft is cutting the number of versions of Project from four to three, injecting portfolio management capabilities from the short-lived Project Portfolio Server into Project Server 2010. Microsoft is making the public beta of Project 2010 available later this fall, though it is taking sign-ups today.

Microsoft made the announcement during its Microsoft Project conference, which is taking place in Phoenix this week. Though relatively unknown, Project is used by about 20 million workers, according to Microsoft. Capossela, who was general manager for the Project product earlier this decade, is giving a keynote speech at the conference. It is one of the company's 10 largest revenue generators, Capossela said. "It's a wonderful, quieter business," he said. One new feature is user-controlled scheduling, which is aimed at users who don't require rigid, automatically generated deadlines.

For 2010, Microsoft will offer Project Desktop, Project Professional and Project Server. Another feature lets managers whose companies have Project Server assign tasks to employees and then lets them respond and provide updates, fill out timesheets, all through their Outlook e-mail client. Another example are collaboration abilities, such as viewing task lists for groups and timeline views of multi-worker projects that are part of the Project Professional application. Those workers must be covered by Client Access Licenses (CALs) for Project Server, but do not need to have purchased Project Desktop. "We're trying to widen the funnel down to team participants," Capossela said. This data is hosted on any version of SharePoint, including the free version known as SharePoint Foundation. Microsoft is also changing the Project user interface to Office 2007's "Ribbon." Capossela said the move was necessary because of the many Project commands, which he said "numbered in the thousands."

Previoulsy, such features required users to buy the higher-end Project Server.

HP upgrades Unix platform with data protection

HP this week unveiled updates to its HP-UX Unix OS and Serviceguard high-availability software, offering capabilities in data protection, data privacy, and business continuity. The software packages run on HP Integrity and HP 900 servers. [ Check out InfoWorld's report on how HP has been looking to lure Sun Solaris Unix users to HP-UX. ] The Unix upgrade offers automated features to reduce maintenance requirements, improve availability, and enhance security, the company said. Update 5 of HP-UX 11i v3 and Serviceguard restore application services in the event of hardware or software failure, HP said.

Users can lower operational costs and increase efficiency in such demanding applications as online transaction processing or business intelligence, according to HP. "Comprehensive" data protection is provided through encryption for data in transit and at rest, HP said. Update 5 provides as much as 99 percent of raw disk performance, enabling reduction in operational costs for large databases and accelerated access to business-critical information. Enhanced data privacy is provided through Bastille, an automated system-hardening tool that configures a system to protect against unauthorized access. Administrator productivity is improved with expanded security bulletin analysis and patch maintenance. Business continuity is improved through minimization of downtime in the OS's Logical Volume Manager. Security issues are identified for as many as 100 systems in a single view when integrated with HP System Insight Manager.

Simplified standards compliance is offered through PCI (Payment Card Industry) and Sarbanes-Oxley Act report templates HP Serviceguard, which is part of the HP Virtual Server Environment software suite, is integrated with HP-UX 11i to protect applications from down time, HP said. Another improvement is elimination of business interruptions with Online Package Maintenance capabilities that run routine maintenance and upgrades while the system is active. Business connectivity is enabled during Serviceguard upgrades through a Dynamic Root Disk tool that reduces server network down time by 75 percent, the company said. Management of server connections is improved with a graphical cluster topology map for administration and configuration.  Also, traffic is coordinated between clustered servers and storage arrays.