IT WEEK: February 2015

Virtual Reality: Still Goofy After All These Years

Reality is free, yet it can often leave you feeling shortchanged. Virtual Reality (VR) is expensive, and may leave you feeling exhilarated, if it hasn't made you motion-sick.

Facebook paid $2 billion last year for Oculus, maker of the Oculus Rift VR headset, because it sees a future in which virtual reality becomes an accepted form of mass entertainment. To judge by the exhibition floor at the 2015 Game Developers Conference (GDC) in San Francisco this week, many companies share that vision. (Full disclosure: GDC is produced by InformationWeek's parent company, UBM Americas.)

It's a vision that goes beyond games, as Oculus CTO John Carmack suggested in his keynote address at GDC on Wednesday. As an example, he cited the fact that his grandmother views panoramic pictures she's taken with her mobile phone through a Gear VR headset.

Businesses are already experimenting with VR. Carmaker Audi plans to make the Audi Virtual Reality Experienceavailable to a limited number of dealerships later this year. The VR car marketing program has been in pilot testing in Brazil for more than a year.

In January, Oculus announced the formation of Story Studio, an in-house group focused on the production of virtual reality movies.

To understand the commercial appeal of VR, consider what it lacks: Distractions. When you're participating in virtual reality, you're all in. You're as engaged as you can be, and engagement matters to artists and advertisers alike. An audience that doesn't pay attention doesn't pay off.

This may explain, in part, why interest in VR among technology companies has surged recently. It's also about how smartphones can work with VR headsets to make VR more affordable. And it's about incremental improvements in a variety of motion and graphics technologies that make VR systems more practical to implement.

[ VR was a hit at Mobile World Congress 2015. Read VR, Smartwatches, Wearables: 8 Cool Gadgets From MWCl. ]

Here's a quick recap of recent VR news:

Sony's VR headset, Project Morpheus, which debuted at last year's GDC 2014, is now slated to ship in 2016.
Microsoft HoloLens goggles were unveiled in January.
Samsung and Oculus have announced a new version of Samsung's Gear VR goggles designed to accommodate its new Galaxy S6 smartphone.
Razer is developing the OSVR headset. Google offers Cardboard, cardboard goggles that rely on a smartphone display to present stereoscopic images.
HTC and Valve are working on a VR headset called Vive.
A handful of other companies, including Fove, GameFace Labs, Magic Leap, Sulon Technologie, Vrvana, and Zeiss are developing similar technology.

VR has been a long time coming. Back in the 1990s, VRML -- virtual reality modelling language -- was all the rage. The focus then was on making 3D graphics interactive and browser-friendly. Everquest, Second Life, World of Warcraft, and various other virtual worlds showed that 3D graphics could be captivating and sometimes profitable. Now, Second Life founder Philip Rosedale is back with High Fidelity, flush with venture funding, to make a 3D ecosystem fitted to VR headsets.

We can speculate whether or not there's a VR bubble that's about to pop. But what fun is that? What we do know is that the technology will evolve and become more commonplace as companies figure out how to reach beyond hardcore gamers. Eventually, Magic Leap or some company like it will figure out how to make VR work without having to strap a bulky device to your face. Until then, enjoy the fantastical fakery before your eyes, and try not to think about the way you really look.

Who Should Sell Your Data? You Should!

Internet users of America, it's time to rethink our relationship with the companies that pimp us out for ad dollars.

15 Hot Skill Sets For IT Pros In 2015

(Click image for larger view and slideshow.)

It's time to create an online marketplace that lets Internet users sell their data directly to companies that want it.

We all know our online activity is valuable. Google and Facebook, among others, make a fortune by trading services such as search or social networking in exchange for knowledge of our online activity, which they gather and resell to advertisers.

Now AT&T is getting in on the act, charging Gigapower customers as much as $66 a month to opt out of having their Web activity tracked and sold.

It's clear there’s a market for user data -- for our data. And where there's a market, there's opportunity. Instead of being pimped out by broadband providers, search engines, and social networks, it's time to start pimping out ourselves -- and getting a cut of that cold, hard cash.

I propose the creation of an online marketplace that allows us to sell the rights to our Web activity to the highest bidders.

I’m not sure of the technical specifications for how to pull this off. Maybe some kind of super-cookie that sits on my devices and hoovers up everything I do. This super-cookie could then link to an online market or markets where buyers bid for the data.

This super-cookie would have to be encrypted so that only authorized sources could get access to the data, and we'd need a mechanism to stop other cookies from collecting what we do online.

As for the marketplace, the seller could set preferences for how much or how little he or she is willing to share based on monetary return.

For instance, buyers may pay a base price for information such as age, annual income, and searches related to jogging. But if users included a feed from an activity tracker, they could charge a premium for buyers that want additional data.

Sellers could also link in other data sources, such as location data from smartphones or smartwatches, mobile payment information, and other feeds.

And every time our data is purchased, we get a cut.

Companies like Facebook, Google, and now AT&T act like they're doing us a favor by giving us a free or discounted service in exchange for our data. But if our online activity generates billions in profits for these companies, shouldn’t they be paying us?

Clearly there are technical barriers to such a system, but those barriers can be surmounted.

More important is that the time has come to upend the current economic relationship between consumers and Internet services.

[Read about hot cities for IT pros.]

There's a lucrative market for our data. If we're going to get sold anyway, why shouldn't we get a piece of the action?

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization's IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

Salesforce Service Cloud Intelligence: Leader Or Laggard?

Salesforce Intelligence Engine promises to route service calls to the right agents, balance case workloads, and ease service across channels. On some counts, Oracle has it beat.

7 Emerging Technologies IT Should Study Now

(Click image for larger view and slideshow.)

Salesforce on Monday announced the Service Cloud Intelligence Engine, with new capabilities that the company says will support skills-based routing of service cases, automatic balancing of case workloads, and the ability to transfer a service case from one channel to another (like from Twitter to chat or phone) without forcing customers to explain their problem over and over again.

If much of that functionality sounds familiar, it should, since some of these capabilities have been around for years. Nonetheless, Salesforce insists that it's innovating -- or at least will be innovating -- when the Service Cloud Intelligence Engine becomes generally available sometime in the second half of 2015. Here's a closer look at what it's describing as original.

The ability to route service cases to specific agents based on their knowledge of particular service issues is known as skills-based routing. Unified communications and workforce-management vendors like Genesys, Avaya, and Cisco have supported skills-based routing for many years. Where Salesforce says its "layer of intelligence" will differ is in being tied into the CRM system and all channels of interaction, whether they are email, social, mobile, chat, or phone.

[Want more on this topic? Read Oracle Service Cloud Upgraded, Explained.]

"Salesforce is also an integration platform, so we're seeing a lot of customers integrating with the back-office applications," said Michael Ramsey, vice president of Service Cloud product management, in a phone interview with InformationWeek. "We're taking any business event, whether that's part of a [service] case record, a qualified lead or opportunity [in CRM], or a custom, non-Salesforce-native process exposed through back-office integration, and we're routing that where it needs to go."

So the routing capability goes beyond just service issues, and it can be tied to alerts, rules, SLAs, and other conditions. That goes beyond what a workforce-management system for contact centers can do, but it sounds like an evolution of workflow capabilities that Salesforce introduced in 2010.

In another area where Salesforce says its intelligence layer will be state of the art, Ramsey says it will base its determinations of the "right" person to route things to on the array of live data in the Salesforce platform, not just on static profiles or LinkedIn recommendations.

This screen shot of Salesforce Service Cloud Intelligence shows a service case handed off from Twitter to email to support a detailed response.

"We know who resolved particular types of issues, we know whether they did it within a defined service-level-agreement, and we know who authored the knowledge article that was used to close the case," said Ramsey. "Obviously the concept of skills-based routing has been around for decades, but we're deriving our knowledge of the work that people can handle from the Salesforce platform rather than manually updated profiles."

Oracle announced in January that the latest release of its Oracle Customer Experience Service cloud is also tied into CRM. Claiming it delivers today what Salesforce is now promising, Oracle says it can tap data within its CX Cloud to power smart routing of service cases. Acknowledging that many companies don't want to throw out workforce management systems they've spent years tuning, Oracle also offers a pass-through mode that enables CRM data to be used for skills-based routing in third-party workforce management systems (something Ramsey said Salesforce can also do).

As for that ability to pass service cases from one channel to the next without forcing customers to explain their situation over and over again, that too is a known problem, but few companies seem to have overcome it.

"How many times have you had to repeat who you are over and over again because your call was pushed to a separate agent, even though you already explained your problem to the first agent you talked to?" Sarah Patterson, VP of marketing, Service Cloud, told InformationWeek. "[Sales Cloud Intelligence] looks at what is already happening on your case, so we can preserve that context across channels. We'll also be able to route to the best channel for handling the interaction."

Twitter, for example, only handles 140 characters, while email is asynchronous and not ideal for rapid interaction and problem resolution. Salesforce says the agents who start working on a case in email or Twitter will be able to move it to chat or phone without handing off to a new agent.

Salesforce executives said the Intelligence Engine will be standard functionality exposed in Service Cloud Enterprise Edition and above. It's not clear whether the upgrades will be available as early as July or will have to wait until later in the year, but count on more CRM vendors' competitors matching these claims.

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization’s IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

Samsung Galaxy S6, S6 Edge Preorders Hit 20 Million, Reports Claim

In South Korea, reports claim that Samsung has already taken 20 million preorders for its new Galaxy S6 and S6 Edge smartphones.

Samsung, BlackBerry, Microsoft: 10 Killer Business Devices At MWC

(Click image for larger view and slideshow.)

Samsung plans to launch the Galaxy S6 and S6 Edgesmartphones globally on April 10.

In order to assure availability for their customers, wireless network operators around the world are placing huge orders for the two devices, according to published reports coming from South Korea. The fervent channel-filling activity suggests consumers may be interested in the Galaxy S6 and S6 Edge, too.

"Samsung received some 20 million pre-orders for the S6 and S6 Edge," said a top executive at a leading mobile network operator in Europe to The Korea Times. Samsung has taken orders for "15 million of [the] S6 and 5 million [of the] S6 Edge from mobile carriers worldwide. This is a record," claimed the unnamed exec. The source said his own employer had a favorable opinion of the device following its debut at Mobile World Congress in Barcelona on March 1.

These are not orders placed by individuals. Rather, they are orders placed by the companies that will eventually sell the devices to people at wireless retail stores. The large number of orders won't necessarily reflect sales to end consumers, but it is a helpful gauge of the impact the device may have. Unfortunately, similar preorder numbers for the Galaxy S5 or S4, which might be used for comparison, aren't available.

Apple typically places massive orders for its devices ahead of launch. Consider the iPhone 6 and 6 Plus, which racked up consumer pre-orders of 4 million in the first 24 hours and actually sold 10 million over the first weekend. In order to meet those numbers, Apple itself ordered in excess of 20 million devices from suppliers.

[Read about the coolest gadgets from MWC 2015.]

In the US, Verizon Wireless is the only company that has said when it will start taking orders for the Galaxy S6 and S6 Edge. Verizon is opening the virtual door on April 1, but did not say when orders for the two smartphones might ship. AT&T, Sprint, T-Mobile, and other carriers have so far remained silent about when to expect the devices. Moreover, there's no word at all on US pricing. Retailers in Europe have priced the S6 and S6 Edge at 700 and 850 euros, respectively, which amounts to about $760 and $925. Samsung's Galaxy S4 and S5 had full retail prices in the US of $649. Wireless network operators will sell the S6/S6 Edge with and without contracts, as well as through monthly payment plans.

The Galaxy S6 and S6 Edge trade in plastic materials for metal and glass. They sport 5.1-inch 2K screens, Exynos processors, 16-megapixel cameras with optical image stabilization, 3 GB of RAM, and 32, 64, or 128 GB of internal storage. The phones don't have removable batteries or expandable memory, but support QuickCharge technology and multiple wireless charging standards.

The smartphones will run Android 5.0 Lollipop out of the box with Samsung's TouchWiz user interface.

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization’s IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

Docker Adds SDN Capabilities Via SocketPlane

Docker acquired startup SocketPlane to enhance the networking capabilities of its containers.

7 Linux Facts That Will Surprise You

(Click image for larger view and slideshow.)

Docker has acquired startup SocketPlane, which is developing technology to bring software-defined networking to Docker containers.

"We had a simple, first-generation network stack," said Scott Johnston, senior vice president of product at Docker, in an interview with InformationWeek. This was sufficient for developers running a few containers on a laptop or in a test environment.

But as Docker’s popularity has grown, applications can run on hundreds or thousands of containers across multiple hosts in a data center.

"We need the open source network DNA inside the company to guide the community to a next-generation API to address the scaling challenges and ephemeral nature of containers," said Johnston.

SocketPlane sets up network overlays to create a virtual network by using Open vSwitch to build VXLAN tunnels to connect Docker containers. Each container gets an IP address that stays with the container regardless of where it migrates.

[ Learn more about containers. Read Containers Explained: 9 Essentials You Need To Know. ]

According to Johnston, each physical host will have a container that runs Open vSwitch and will serve as a distributed controller for the virtual network.

Johnston noted that SocketPlane won't be the exclusive mechanism for linking Docker containers. Networking companies such as Cisco and VMware, and other open source projects such as Weave, can use an API developed by SocketPlane to link in their own networking stacks.

"We're not buying SocketPlane to compete with others in the community," said Johnston. "We want the expertise to guide the community in the development of this open networking API."

(Image: Stux via Pixabay)

We asked Johnston why the company didn't go with a project such as Neutron, which provides an API for networking in OpenStack. He said the scale and dynamic nature of containers and microservices creates new networking challenges. The design point for OpenStack is a virtual machine. Applications running on VMs may only need tens or a few hundred VMs to interconnect.

"In the world of containers, we see hundreds or thousands of containers making up an application," said Johnston. "When you stand up a VM, you stand it up for weeks or months. Containers may live for a minute, or move to a new host. The ephemeral nature of containers in a distributed app [is] different."

For more information on SocketPlane, Ryan Waller's blog Au Courant Technology has a detailed post on setting up a simple SocketPlane network connection.

SocketPlane will appear on a live panel at Interop Las Vegas, David Vs. Goliath: New Startups Driving Innovation, hosted by Alex Benik, a partner at Battery Ventures.

Johnston declined to provide financial details of the deal, but did say that the company will bring all of SocketPlane's six-person team on board. SocketPlane was founded in October 2014 and is backed by LightSpeed Ventures.

DroppedIn Vuln Links Victims' Androids To Attackers' DropBoxes

DropBox released a patch quick, but unpatched vulnerable Android apps that use the DropBox SDK may let attackers open up a two-way highway between victim Droids and their own Boxes.

Researchers at IBM X-Force have discovered a vulnerability in the DropBox software development kit (SDK) for Android that allows attackers to connect a victim's Android apps to an attacker's own DropBox account. The "DroppedIn" vulnerability affects any Android app developed with the DropBox SDK versions 1.5.4 through 1.6.1.

The flaw is in the implementation of the authentication mechanism used to give the app access to DropBox. It's supposed to work like this: while the user is providing their username-password combo to log in, the SDK is generating a large random number (a cryptographic nonce) to authenticate the device to DropBox. The trouble is, the proof-of-concept exploit the researchers have created "lets attackers insert an arbitrary access token into the SDK, completely bypassing the nonce protection," as they explain.

A victim could either be tricked into downloading a malicious app or infected via drive-by download. Either way, once the device is infected, the attacker has an open path from the victim's Droid to the attacker's DropBox -- through which the attacker could steal sensitive personal data and files from the device. This access would also go in the opposite direction -- the attacker could push out their own DropBox files, including malware.

To clarify, this exploit would not be a problem for the DropBox documents a user adds from their desktop machine, just files and data residing on their Android device.

Fortunately, DropBox has already released a patch -- just four days after they learned of the vulnerability. Plus, if the DropBox app is installed on the user's Android device, then the SDK vulnerability cannot be exploited anyway.

The trouble, of course, is that average users who don't use the DropBox app might assume they're not vulnerable. According to IBM X-Force, 1.4 percent of the top 500 Android apps use the DropBox SDK, including Microsoft Office Mobile and Agile Bits 1Password.

Mobile malware is a growing problem, especially for Android. In a separate report released this week, Veracode found that the average global enterprise has approximately 2,400 unsafe applications in its mobile environment.

Of the unsafe apps Veracode studied, 85 percent expose sensitive device data, 35 percent obtain or share personal information about the user, and 37 perform suspicious security actions, such as "checking to see if the device is rooted or jailbroken, allowing applications to perform superuser actions such as recording conversations, disabling anti-malware, replacing firmware or viewing cached credentials such as banking passwords."

“On average, 3 percent of apps on employee devices are malicious," says Veracode vice-president of mobile Theodora Titonis. She is a bit surprised to find that 35 percent of apps were sharing personal information of the user. “That number is increasing.”

Google's London Store Signals Retail Push

Google's London store isn't a freestanding structure, but a shop-within-a-shop. The search engine giant is also showing off its new Chromebook Pixel.

8 Google Projects To Watch in 2015

(Click image for larger view and slideshow.)

Google's timid entry into the retail business advanced another step on Wednesday with the opening of the first Google-branded shop.

It's not quite a free-standing, logo-bearing structure along the lines of an Apple Store; rather, it's a "shop in shop," called "the Google shop," that sits within the confines of Currys PC World, located on Tottenham Court Road in London.

Nonetheless, customers can experiment with Google's Android, Chromebook, and Chromecast devices, and can actually purchase in-stock items with the help of a Google specialist.

"This is the first Google shop experience Google has opened anywhere in the world," Google said in a statement.

(Image: Google)

The company has, however, operated temporary outlets before the London experiment. In 2013, it opened pop-up product showrooms called Winter Wonderlabs in six US cities, where visitors could order Google products but could not actually obtain merchandise.

[Read about Android security concerns.]

That same year, Google tried to open a showroom built atop a barge on San Francisco's waterfront, but failed to find a way to operate its floating technology gallery within California law.

Apple has made the appeal of retail stores apparent to its competitors.

At its media event on March 9, Apple CEO Tim Cook said that 120 million people visited Apple Stores in the fourth quarter of 2014. Apple has over 450 stores. While it earns only about 12% of its annual revenue from its retail locations, it derives benefits beyond sales: marketing, customer relations, and customer support.

Google undoubtedly wants to sell products -- it just revised its online Google Store to promote its newly updated Chromebook Pixel ($999-$1,299) -- but the company also recognizes that a retail presence can provide value through interactions as well as through transactions.

"With the Google shop, we want to offer people a place where they can play, experiment and learn about all of what Google has to offer; from an incredible range of devices to a totally-connected, seamless online life," said James Elias, the UK marketing director for Google, in a March 11 statement.

(Image: Google)

Toward that end, the Google shop offers an immersive surround screen installation, dubbed "Portal," that simulates flying around in Google Earth. There's also a Doodle Wall on which customers can digitally revise Google's logo and then share the results through social media, if they feel like advertising for Google. And there's a Chromecast Pod for viewing videos from Google Play, YouTube, and other sources.

Google is also planning to host classes and events in its Google shop that combine education with platform evangelism. The company says these may include "Virtual Space Camps," to teach basic programming skills to kids, and teacher training sessions focused on Google's free educational tools.

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization’s IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

Google Nearline Cloud Service Targets Microsoft, Amazon

Google is helping businesses store cold data on the cheap with Google Cloud Storage Nearline. The service, announced March 11, could change how companies feel about online storage.

Nearline offers a means of storing corporate data that is not frequently accessed by employees or customers -- so-called cold data -- but that should be available when needed. The amount of global data, especially the data that business need to store for legal or regulatory reasons, is growing at an exponential rate.

Businesses need easy access to frequently used data and cold data when necessary, but they also need to move easily between the two.

"Organizations can no longer afford to throw data away, as it's critical to conducting analysis and gaining market intelligence," wrote Avtandil Garakanidze, product manager for the Google Cloud team, in a blog post on the news. "But they also can't afford to overpay for growing volumes of storage."

[More on Cloud: Microsoft, Cisco expand partnership.]

Google doesn't want companies to feel that they have to delete data or move files to cold storage. The company has created a fast-response service that backs up data and provides easy access to data for a cost of one cent per month for each gigabyte of data at rest. Nearline automatically spreads copies of data throughout multiple data centers, where it is reportedly retrievable within three seconds.

Nearline has the same durability and comparable availability to its Standard storage service, according to Google, but at a lower price. The competitive price is possible because Nearline uses the same system as Google's other storage offerings and offers the same security features. It also shares APIs with Google's Standard storage.

Cold-storage services for non-essential data are nothing new. More businesses have been growing used to the idea of storing data in tiers depending on how often it's needed. Cold storage is usually ideal for data that can't be thrown away, but doesn't always need to be readily available.

(Image: Google)

Google's Nearline is the latest indication that more businesses are trusing their data in the cloud. The service, which is now available in beta, could prove a competitive threat to Amazon's Glacier and Microsoft's Azure cloud service.

To broaden its reach, Google has partnered with multiple storage companies as Nearline is introduced. Participants include NetApp, Geminare, Veritas/Symantec, and Iron Mountain, which will accept disks of data and directly upload them into Nearline.

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization’s IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

NTP's Fate Hinges On 'Father Time'

In April, one of the open source code movement's first and biggest success stories, the Network Time Protocol, will reach a decision point. At 30 years old, will NTP continue as the preeminent time synchronization system for Macs, Windows, and Linux computers and most servers on networks?

Or will this protocol go into a decline marked by drastically slowed development, fewer bug fixes, and greater security risks for the computers that use it? The question hinges to a surprising degree on the personal finances of a 59-year-old technologist in Talent, Ore., named Harlan Stenn.

The Network Time Protocol is important enough that the likes of Google and Apple speak up if they find a bug in the protocol that needs fixing, or a modification they think is needed. But NTP has worked so well for so long that few people think there's any problem.

Not all is well within the NTP open source project. The number of volunteer contributors -- those who submit code for periodic updates, examine bug reports, and write fixes -- has shrunk over its long lifespan, even as its importance has increased. Its ongoing development and maintenance now rest mostly on the shoulders of Stenn, and that's why NTP faces a turning point. Stenn, who also works sporadically on his own consulting business, has given himself a deadline: Garner more financial support by April, "or look for regular work.”

(Image: Margaret Clark)

Stenn's shaky personal finances illustrate one very real risk to the future of the Internet. A number of widely used foundations of the Internet -- such as OpenSSL, the Domain Name System, and NTP -- are based on open source code. Open source means no one owns the software, anyone can use it, and it's maintained through a collaborative process of people submitting changes to a central governing group. Some open source projects, such as the Android mobile OS, have a rich uncle like Google that pays people who maintain the code as a side job. Or, the project is trendy enough that working on it helps to spur consulting work. But a project like NTP, which is buried deep in the infrastructure, doesn't have a clear-cut financial backer. That leaves support up to people like Stenn.

For the last three-and-a-half years, Stenn said he's worked 100-plus hours a week answering emails, accepting patches, rewriting patches to work across multiple operating systems, piecing together new releases, and administering the NTP mailing list. If NTP should get hacked or for some reason stop functioning, hundreds of thousands of systems would feel the consequences. "If that happened, all the critics would say, 'See, you can't trust open source code,'" said Stenn.

Sam Ramji, CEO of the Cloud Foundry Foundation, cited Stenn’s work in an address at the Open Compute Summit 2015 in San Jose Mar. 11. He dubbed him "Father Time," and said he was "scraping by" as he continued to work on NTP.

Stenn is hardly the only open source coder living in such straits. Ramji also mentioned Werner Koch in Germany, the author and maintainer of Gnu Privacy Guard, which is used in three popular email encryption programs. In a Feb. 5 article, Koch told ProPublica that he was "going broke" on $25,000 a year since 2001. Chet Ramey, part of the networking infrastructure team at Case Western Reserve, has been the primary maintainer of the Bash shell for Unix since 1990 with minimal support.

Ramji noted that OpenSSL developers had been receiving less than $2,000 a year in donations when the Heartbleed exploit of OpenSSL broke out last April. "Secure code is hard to write and maintain," Ramji noted. Users have to decide whether they want to leave these projects to survive as best they can.

Juniper Regroups, Debuts New Spine Switches & Silicon

After a tough year, the networking company launches a barrage of new hardware and software.

Since the abrupt resignation of its CEO in November, Juniper Networks seemed to be keeping something of a low profile, perhaps regrouping after a year of upheaval that included restructuring and layoffs. On Wednesday, it came out swinging with a slew of new products, including a line of spine switches, silicon, and new security functionality.

At Juniper's headquarters in Sunnyvale, Calif., CEO Rami Rahim, who replaced Shaygan Kheradpir, appeared with Jonathan Davidson, the newly appointed EVP and general manager of Juniper development and innovation, to unveil the new products.

"We've streamlined, we've reorganized, we’ve made it far easier to make decisions and innovate," Rahim said. "It certainly feels like a startup. It feels like we're innovating like a startup."

The last year was one of significant change for the company, he said later during a Q&A session. "It wasn't an easy year. It was a year of aligning our strategy, restructuring, and extracting inefficiencies," Rahim said, adding that the company feels confident in its position in the industry now.

New spine switches

Juniper's new QFX10000 spine switch line targets cloud providers and enterprise data centers. It features new custom silicon, the Q5, and comes in three models. Juniper touted the QFX10002, which comes in a fixed 2-rack unit, as the most compact 100 Gigabit Ethernet spine switch. The other two models are chassis-based; the eight-slot chassis provides up to 48 Tbps of capacity while 16-slot chassis has capacity up to 96 Tbps.

Juniper said the Q5 ASIC provides reliability for the switches and an architecture to support demanding applications. Juniper also debuted new silicon for its core routing platform, which it claimed is the "world's most advanced silicon," capable of 500 Gbps of throughput in one direction.

Davidson said the company isn't against merchant silicon, but that it doesn't always meet customer requirements. "If we could have gotten merchant silicon to do what we needed to do, we would have used it," he said.

With so much new hardware, Juniper seems to be bucking the trend in networking where software reigns supreme with the rise of software-defined networking and disaggregated networking based on commodity hardware.

"I joked to myself, 'Someone forgot to tell Juniper everything is software now'," networking expert Tom Hollingsworth of Gestalt IT told me in an email.

"I think these are great releases. It makes you remember that the underlay is still important no matter how much software you put on top of it," he added. "They are really planning ahead with their ASICs."

Ethan Banks, a senior network architect and editor at Packet Pushers, said in an email interview, "Hardware still matters. The industry is seeing not only the need for ease of operation and flexible network configuration, but also the need for outstanding forwarding capacity. Traffic volumes never seem to fall."

The QFX10000 fills a hole in Juniper's switching line that its QFX5100 wasn't quite able to fill by itself, Banks said. "Since QFabric has not taken the market by storm, this was a needed play. I see this box as putting Juniper back into the conversation customers needing massive data center scale might be having with Arista or Cisco," he said.

The smallest spine switch will be available in the second quarter with the other two available in the second half, Davidson said.

Along with the QFX10000 switches, Juniper unveiled new Junos Fusion software designed to provide a single point of management inside the data center. Using Fusion with Ethernet VPN (EVPN) and VXLAN provides customers with the agility of SDN without deploying a controller, Davidson told me in an interview. If they decide to deploy a controller, they can use VMware NSX or Juniper Contrail overlay technologies, he said.

Juniper's new virtual buffer technology helps customers address performance problems when deploying burst-producing workloads like Hadoop, Davidson said. "Competitors say you need to rip out your top-of-rack switches," he said. "This technology lets you keep your physical investment."

Boosting network security

Security was a big part of Wednesday's event as Juniper announced several new network security functions, including positioning its SRX security gateways as a platform for open policy enforcement. This allows the SRX to act as a single policy enforcement platform across the entire environment, Davidson said. "You don't have to continue to chain devices together at the edge of your network," he said.

"Networking and security comes closer together," he told me.

Juniper also debuted Express Path for its SRX5000 gateways, which is designed to boost throughput to 1 Tbps and reduce latency. Another new security capability, AppSecure 2.0, provides next-generation firewall capabilities for its virtual firewall vSRX, which was previously called Firefly Perimeter.

AppSecure addresses the need for "micro-perimeterization," Davidson said, by protecting individual application instances as they are spun up.

10 Hyperconvergence Trendsetters

Hyperconverged infrastructure has quickly become one of the hottest trends in IT today. There are dozens of companies, from startups to established vendors, touting systems that integrate compute, storage, virtualization resources, networking and other software components.

Howard Marks, Network Computing contributor and Interopspeaker, noted that the term "hyperconverged" was coined in 2012 by former VMware CTO Steve Chambers. Storage consultants the Taneja Group also lay claim to the name, supposedly to describe Scale Computing's offering. Whatever the origin, it's used to differentiate new integrated appliances from startups like Nutanix from converged systems like VCE's Vblock. The introduction of VMware's EVO:RAIL platform in August brought hyperconverged systems into the mainstream lexicon.

Hyperconverged systems now make up a fast-growing part of the overall converged infrastructure market, which was estimated by Gartner (which refers to it as integrated systems) to exceed $6 billion in revenue last year.

So what makes a hyperconverged system different from a converged system? In an InformationWeek blog post, Bhargav Shukla, director of product research and innovation at KEMP Technologies, described converged systems as typically consisting of "separate components that are designed to work together" compared to hyperconverged systems, which he said "are truly modular, resulting in a scale-out approach as opposed to a scale-up one."

The first generation of converged infrastructure products integrate storage arrays with servers and networking, Wikibon Principal Research Contributor Stuart Miniman wrote in a January blog post. "While these solutions offer simplicity and better economics than traditional infrastructure, there has been an opportunity to take advantage of the latest technology (including flash storage, services in software and increased density of cores) to create a new architecture that both reduces the components of infrastructure while enabling distributed solutions."

These hyperconverged systems are usually delivered in an appliance form factor, he added.

According to SimpliVity, an early hyperconvergence player, there are a few defining features that distinguish truly hyperconverged systems, including a focus on the virtual machine, the ability to easily scale out resources by adding x86 nodes, native data protection, and a software-centric design. These systems are developed and supported by a single vendor, per SimpliVity's definition.

The ultimate goal of hyperconvergence is to enable IT departments to improve efficiency, reduce operational complexity, and quickly scale to meet growing requirements.

Lots of vendors are jumping on the hyperconvergence bandwagon. As part of our inaugural "Top in Tech" series, we've picked 10 that are leading the way and making their mark in this new hyperconverged world.

You can learn more about hyperconvergence at Interop Las Vegas this spring. Stuart Miniman will be speaking about Hyperconvergence & the Death of the Storage Array, and virtualization guru Chris Wahl will present the session A No-Nonsense Approach to Hyperconvergence. In addition, there are almost 100 other educational presentations, workshops, and discussions, covering the breadth of IT. Register now for Interop, taking place April 27 to May 1.