Our first event in Dallas this week went really well. My content was well-received; it was obvious to the attendees that we're not suggesting they rip-and-replace their existing infrastructures (well, maybe if you're using OCS). Instead, we're making a solid case for extending their business systems with Microsoft's collaboration and communications platform. Next stop: Waltham! (Personal to Ed Brill: the Chicago show got moved to 4/21, so please adjust your calendar!)

Thanks for putting this article together. I just wanted to let you know we are just about to implement a NetApp solution for Exchange 2003 and without NetApp's Single Mailbox Recovery product, not mentioned as needed in this article, it is impossible to Backup and Recover Individual Mailboxes, Recover Individual Items or Search and Query for Items to be Recovered. I wanted to let you know because their software is expensive and this product is an extra cost.

Yikes! My apologies for that. When I do a buyers' guide, I write the article itself that accompanies the guide, and I work with the magazine's editors to come up with a list of criteria, plus a list of products that meet those criteria. In this case, the selection criteria included the ability to do brick-level backups, the ability to search and query, and the ability to recover individual items. We don't usually ask vendors to list out all the products, submodules, agents, or other components that have to be installed to meet the criteria. For example, for backup solutions we don't ask whether there's a separate Exchange agent or not. Mail like this makes me think that maybe we should, though, because it's frustrating to buy what you think is a complete solution, only to find out that you have to lay out even more money to get the whole package.

The folks at Google Blogoscoped toss this off with "talk about the Google OS taking over our lives", but you know what? Microsoft tried something similar with their IE support for smart tags. Smart tags are exceptionally useful in Office, because you can easily write your own smart tag code to recognize objects unique to your business (like chemical compound names for a pharmaceutical company). I wrote one that recognizes scripture verses (you know, like "John 3:16"). When MS proposed extending this feature to IE, the furor was incredible. Walt Mossberg, Dave Winer, Dan Gillmor, and a host of other influencers immediately started screaming that Microsoft was taking control over web content and generally acting like an 800-lb gorilla. The EFF even opined that the MS smart tag implementation might be illegal. In fact, here's what Chris Kaminski had to say:

Even if smart tags don’t violate copyright or deceptive trade laws, they still violate the integrity of the web. Part of the appeal of the web is that it allows anyone to publish anything, to take their thoughts, feelings and opinions and put them before the world with no censors or marketroids in the way. By adding smart tags to web pages, Microsoft is interposing itself between authors and their audience. Microsoft told Walter Mossberg “the feature will spare users from ‘under-linked’ sites.” Microsoft is in effect deciding how authors should write, and how developers should build, websites.

Worse, Microsoft’s decisions may be at odds with the intent of the site’s author or developer. If an Internet Explorer 6 user visits Travelocity and looks at a page with information on visiting Nice, France, the smart tag that aggravated Thurrott will link the word “Nice” to Microsoft’s Expedia site. With smart tags, Microsoft is able to insert their ads right into competitors’ sites.

Microsoft is crossing the Rubicon of journalistic and artistic integrity. Editors and authors no longer have final authority over what their sites say; Microsoft and its partners do. For a preview of what the web may look like for Internet Explorer 6 users who also have Office XP or Windows XP installed, take a look at InteractiveWeek’s Connie Guglielmo’s preview. With smart tags, Microsoft is effectively extending its role from being a supplier of tools people use to view content to being the executive editor and creative director of every site on the web.

So, check that out: Kaminski accuses Microsoft of "deciding how authors should write", "insert[ing] their ads right into competitors' sites", and becoming "the executive editor and creative director of every site on the web". He left out barratry and mopery and dopery in the spaceways, but that's still a pretty damning list.

Now Google's doing the same thing. Will we see the same reaction?

My guess is "no". Google's widely publicized mantra of "don't be evil" is increasingly often being used to excuse behavior for which Microsoft, Oracle, or IBM would be roundly condemned. This is just the latest such instance. Don't get me wrong: as a user, I think Autolink could potentially be a useful feature (but then I thought the same thing about smart tag support in IE). As a web content provider, I'm not comfortable with the idea that another entity (which may not have my best interests at heart) is modifying my content before someone else sees it. If Microsoft was wrong then, so Google is wrong now.

SearchEngineWatch says "the commercial possibilities are massive"-- I'd have to agree. My somewhat cynical guess, though, is that , and that raises the question of whether it's OK for Google to make money by modifying other people's web content. My guess would be "not so much"-- look back at the Kaminski quote and see the part about ad insertion again. On the other hand, I see that Dave Winer is labeling this as "a line they must not cross"-- an encouraging early sign.

Update: Adam Gaffin points to this article, pointing out that I have Google ads enabled. True. One prominent difference, of course, is that I get to choose whether ads appear on my page or not; I have some reasonable control over the ads' appearance, and I could filter out competitors if I wanted to. Autolink doesn't provide any of these features, except that it allows you to disable it. If I'm an Amazon affiliate, let's say, how do I stop Autolink from doing something nasty to Amazon links on my page? Sure, it might not do that now, but as any competitive strategist knows, you judge competitors by their capabilities, not by their intentions.

The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper describing their results:

• collisions in the the full SHA-1 in 2**69 hash operations, much less than the brute-force attack of 2**80 operations based on the hash length.
• collisions in SHA-0 in 2**39 operations.
• collisions in 58-round SHA-1 in 2**33 operations.

This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result. It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn't affect applications such as HMAC where collisions aren't important).

Update: it turns out that Nokia is also licensing a bunch of Windows Media technologies, including Windows Media DRM and the Media Transfer Protocol. Take that, Apple and your not-yet-shipping Motorola iTunes phone!

The Adomo system has three parts: an appliance (running their own *NIX variant, I forget which-- maybe FreeBSD?) that handles up to 36 ports from the PBX, a connector that ties the appliance to the Exchange message store, and a really slick speech-based auto-attendant. You can chain appliances to use more than 36 ports, and Adomo's literature shows smaller 12- and 24-port appliances being used in remote offices. Adomo claims that a single 36-port appliance is enough to serve between 1800 and 3600 users, depending on usage; they're purposefully targeting organizations with more than 500 users. The appliance compresses incoming messages using the GSM codec (which means that you can listen to messages on pretty much any Windows, Mac OS X, or Linux machine-- the codec is ubiquitous, unlike Cisco's ACELP implementation) and sends them to the Exchange connector.

The Exchange connector is where the action happens: incoming messages are directed to the user's mailbox, where they appear as regular email messages. This is particularly important because it allows you to deploy their solution without any desktop changes: there are no required plugins or Outlook bits to add, and VM attachments are available on any device that can handle email attachments (including handhelds, OWA, and so on). Messages are delivered using an Exchange form that includes buttons that let you play your VM on your phone, call the sender, and take other appropriate actions; Adomo has promised tighter integration with Outlook for future versions, but the existing integration is pretty darn good.

One of Adomo's big selling points is that you don't have to touch the Exchange server or Active Directory to implement their product. You only need one connector per Exchange organization. The connector doesn't have to be on an Exchange server, and there are no AD schema changes required. You provision user accounts for voicemail by specifying the associated phone numbers, so there's no need for a separate user management tool. Adomo hasn't said which AD attributes they use, but their literature does claim that you can do all the provisioning through AD Users and Computers or through scripts.

Messages appear with Caller ID data, and the connector is smart enough to match that data against the user's Contacts folder so that messages appear with the correct sender information. That makes it easy to prioritize and handle VMs (either manually or with rules) in the same way you would any other email. In addition to the ubiquitous "message waiting" light, the connector can send SMS messages to a mobile phone or alerts (including the Caller ID number in the subject line) to BlackBerry or other non-audio-capable devices.

It's hard to do the auto-attendant justice in this form, but I'll try. When you call in, the attendant answers and plays its recorded greeting. You can speak a name at any time, and their speech recognizer will attempt to find the name in the GAL (with conflict resolution, so it can ask the user which John Smith ("John Smith in Sales, or John Smith in Engineering?") to connect to based on OU, domain, or group membership. This in itself is very cool; the cooler part is that the attendant has access to a wealth of user-specific data, including your schedule and presence data from LCS. Imagine being able to set a rule that says "if my wife calls on her cell phone, IM me to tell me; otherwise, dump all incoming calls to voicemail". From a user perspective, imagine calling a contact and having the attendant tell you "Jane's in a meeting until 3pm Central; do you want me to notify her that you're calling?" (based, of course, on Jane's decision to trust you with that information as a contact in her Contacts folder). There are almost limitless possibilities for future expansion here, particularly given that the Adomo solution can be used with SIP products (conveniently including LCS 2005).

Of course, given Adomo's target market focus, their solution won't work for everyone. First, it requires Exchange 2003. Second, they haven't released pricing data (at least to me) but since their focus is on 500-plus seat organizations, it likely won't be cheap. (One interesting note: Adomo's pitch talks about the benefits of their product for organizations that sell hosted Exchange services-- this could potentially be a nice revenue sweetener for hosting companies). However, in terms of functionality, their nearest competitor is the Wildfire service, which (last I checked) was $70-150/month/user-- so they've definitely got some pricing maneuvering room. I think their product will be successful, but I'm sure it will be interesting to see how Microsoft's announced UM support in Exchange 12 plays against Adomo's solution, which now has a year or two to get traction before E12 ships.

Windows IT Pro is now accepting session proposals for the Oct-Nov. 2005 Windows Connections conference. We're heading to San Diego October 30 to November 2, 2005, for the premier Windows technical conference, and we'd like to hear from you!

If you're interested in speaking on Exchange-related topics at the show, send your abstracts to paul@robichaux.net by February 18. We want proposals for regular 75-minute sessions, as well as 1/2 day and full day pre-conference and post-conference sessions.

Note that we have a limited number of speaking slots, and all participants must be able to present a minimum of three 75-minute sessions. There are three basic requirements:

• Send a minimum of 3 session proposals (4 or 5 is ideal for discussion purposes)
• Include a biographical statement with your session proposals
• Include any additional pre- or post-con session proposals, if applicable

Please adhere to the February 18 deadline as we need to make speaker and session selections right away. (We plan to have a conference brochure ready to distribute at TechEd in June.)

Jim explained that WCT is a client middleware platform, which  includes a wide range of technologies (including a managed client container, access technologies such as messaging, distributed business logic, data synchronization, and interaction technologies such as Embedded ViaVoice, and other presentation services including browser based and widget based interfaces from Eclipse).  These technologies can be used to build applications on various types of embedded, mobile, desktop, laptop, and server devices. The underlying technology has been in development for about 7 years; and  has been deployed in a wide range of solutions such as cars from Honda, Nokia mobile phones, laptops and tablets with Nissay,  and a wide range of line-of-business apps.

WCT is currently available to customers in a variety of forms. It's already built into a number of other products, and the WCT Micro Edition SDK offers a freely downloadable set of WCT components that can be used to evaluate WCT as an app dev platform. (To be perfectly unambiguous: the SDK is for production use, but you can download it to play with.)

WCT supports building deployable assemblies of components-- think of them as packaged runtimes-- to support particular applications. The Enterprise Offering (more properly, the Workplace Client Technology, Micro Edition Enterprise Offering, or WCTME-EO) bundles the most commonly required components and middleware services for desktop and laptop-class devices into a single deployable bundle. So, mea culpa: WCTME-EO and the WCT SDK are both generally available and widely used, my earlier claims notwithstanding.  Thanks Jim!

Still with me? OK, back to my previous post. Among other WCT customers, Lotus is using the WCT platform to build their own client, the Workplace Client Technology, Rich Edition. This is the actual client middle platform that I've been trying to get, and it is not generally available-- at least according to my IBM sales rep and the Lotus WCT Project Office. That's supposed to change with the release of Lotus Workplace Messaging 2.5 and Lotus Workplace Documents 2.5.

To put this in more familiar terms, my earlier post was roughly equivalent to complaining that Microsoft wouldn't let me have the .NET Framework (which is freely available and widely deployed, and for which beta/preview versions exist) when what I really wanted was Office. You can argue over whether Lotus is being forthright about exactly who can get  their WCT-based clients, and under what circumstances, but the bottom line is that WCT itself is available, and that's what Jim was trying to help me understand. Now I know what specific term to use next time I complain to Ed Brill.