The writing is on the wall. Despite a major push to sell the much-maligned Windows Vista, customers aren't buying. Nearly two years after Vista's release, Windows XP remains the standard desktop OS in business, and Microsoft has extended its availability three times (currently to August 2009) due to customer demand. Microsoft itself forecasts just 2 percent growth in Vista sales in early 2009, after lackluster sales in 2008. And that's after forcing customers to buy Vista to get XP "downgrades."

So all eyes were on Microsoft's Professional Developer Conference in Los Angeles last week as Microsoft finally took the wrap off Windows 7, the successor to Vista due in early 2010.

[ Is Windows 7 any good? InfoWorld's Randall C. Kennedy thinks Windows 7 is mere lipstick on a pig. But InfoWorld's Tom Yager says Windows 7 atones for Vista's sins. Decide for yourself who's right. ]

But early reaction is that Windows 7 is just a cleaned-up Vista. It's essentially the same kernel and the same OS, with a couple new technologies thrown in, such as the Surface-based multitouch capabilities and the ability for developers to ribbon-bar-enable their own apps for better consistency with Microsoft's new UI approach (one that people either seem to love or hate). "It's not anything radical," says Neil MacDonald, a Gartner analyst who follows Microsoft. "It's a polished version of Vista."

If Windows 7 is more of the same, then maybe it's time to conclude that Windows is a technology dead end. Last spring, Gartner warned that Microsoft had to radically change Windows or watch it fade into irrelevancy. Windows 7 is not that radical change.

A glimpse at the future of the PC So what comes after Windows? Already, there are signs of what that might be. Cloud-based delivery of services makes the browser, not the OS, the "kernel" of tomorrow's PC. Rich Internet application (RIA) technology gives those services the richness that the first generation of the Web could not even contemplate, despite early attempts with Sun's Java and Microsoft's ActiveX. Virtualization lets you mix OSes together, as VMware Fusion and Parallels Desktop have proven admirably on Mac OS X. The emergence of desktop virtualization and application streaming allows for even richer apps to be delivered without the weight of a fat OS on the client side.

Put these together, and you can see the future of the PC, says MacDonald. The client OS -- Windows, Mac OS X, Linux -- becomes irrelevant over time. Instead, the browser evolves into a thin client that lets PCs run services that stream from the datacenter or run in the cloud. The new breed of apps would be services that run through technologies such as Adobe's Flash and AIR or Microsoft's Silverlight -- it's no accident that both sets of technologies run on any browser and on the main three OSes of today (Windows, Mac OS, and Linux).

Legacy client apps could run in virtual machines that appear to the user to be part of the "OS," just as Mac users with VMware Fusion and Parallels Desktop can run Windows and Linux apps as if they were Mac OS X-native today. (VMware Workstation and Parallels Workstation likewise let Windows and Linux users run multiple OSes on their systems.) Using VMs to support today's fat client approach would allow the "OS" to evolve without breaking the legacy apps, and let everyone move more quickly away from the fat client world we live in today -- one where, in Microsoft's case at least, OSes get much fatter each rev.

In this world, Adobe and Microsoft may be the new OS providers, supplemented by virtualization engines from Citrix's Xen unit, EMC's VMware unit, or Microsoft. Today's browsers may not be necessary, except as perhaps containers for bookmarks and other file management activities.

The wild card is Apple, which appears to have no strategy for the cloud other than offering application stores for downloading to its desktop and mobile client OSes. But there are hints in its vague goals for Mac OS X Snow Leopard, due in summer 2009, that Apple is considering a scalable OS that could operate in a streamed or mixed client/Web environment. Apple says it will make the next Mac OS X consume fewer resources, and its iPhone OS is already a subset of its Mac OS. But Apple has done nothing public involving virtualization, streaming, or RIA technologies -- the apparent foundations for the new PC order.

Whether Apple is part of the new desktop order, PCs would be essentially network-optimized thin clients that have enough memory and storage to run local apps in VMs or cached streams when disconnected from the Internet, but they wouldn't need a traditional OS to function.

[ Everyone loves to predict the future. InfoWorld devised five possible scenarios for Microsoft after Bill Gates' retirement. Which do you believe in? ]

Think this is science fiction? A company called DeviceVM has an instant-on technology for Windows PCs that boots Linux first to run enable browsers to launch immediately.. Windows follows along in its own sweet time. Dell, Hewlett-Packard, and Lenovo are working on similar approaches -- marking a significant decoupling from the traditional client OS mentality. Microsoft says it is investigating a similar concept, using a subset of Windows to run browsers and so on before the whole OS loads. As more apps are browser-delivered, people may find they can get by without the full OS. By the same token, PC makers could make loading the whole OS an option at startup.

Of course, such a transition involves many pesky questions, notes Doug Dineley, Test Center executive editor at InfoWorld. For example, where do drivers live? Is there a universal set of drivers that all hardware makers write to? If the new PC is essentially an amalgamation of services, streamed apps, and virtual environments, there are still devices and peripherals to be managed. The hardware doesn't go away.

Microsoft's apparent strategy for a post-Windows world The question is whether that future will involve Microsoft. A look at Windows 7 may lead you to answer no, but MacDonald notes that Microsoft has its hand in all these areas and is making some moves that indicate it actually gets it: "They see these trends." But Microsoft can't suddenly shift, given the billions of dollars of revenue it gets from Windows. Plus, as the Vista release showed, users hate it when their applications stop working due to an OS upgrade, even when the reason is legitimate (such as fixing Vista's security model). That's why MacDonald sees a decade-long transition ahead, one that will become apparent to most people in 2011 as apps reach a tipping point away from the client OS-centric model we all have today to a services-centric model now emerging.

Of course, others see this trend as well, as evidenced by Google's Internet-delivered apps; Adobe's its multiplatform AIR and Flash RIA delivery technologies; and efforts by Amazon.com, Hewlett-Packard, IBM, and Sun to get into the cloud provisioning game.

While Microsoft is mum on its plans, there are several hints that at least its researchers see the coming shift way from the fat client OS and are investigating technologies to make the transition.

Perhaps the most significant is Silverlight 2, which will compete with Adobe's Flash and AIR. In the early days of the Internet, Microsoft created ActiveX, a technology that allowed apps to run in a browser and communicate with the client and the server. ActiveX runs only on Internet Explorer, which was fine when all PCs ran IE and the Apple Macintosh looked to be a dead platform. But the Mac is now ascendant, and in the Windows world, IE is facing stiff challenges from Firefox and Google Chrome. So an IE-dependent technology has become a liability, cutting out perhaps a quarter of a Web app's potential users. MacDonald expects ActiveX to fade away, another legacy technology made irrelevant by the new PC order.

In contrast to its proprietary ActiveX strategy, Microsoft plans to have Silverlight run on Windows, Mac OS X, and Linux -- and, notes Gartner's MacDonald, even on iPhone and Google Android devices. It will run in Internet Explorer, Safari, Firefox, and other browsers. Plus, like Adobe's AIR, Silverlight 2 won't even need to run in a browser. "Silverlight gives you 80 percent of .Net, at 20 percent of the footprint," MacDonald notes. All this means that Silverlight can be the RIA delivery method in almost any context: in a fat client OS, in a thin client, on a mobile device, and so on. "Microsoft can monetize non-Windows platforms if they do this right," MacDonald contends.

But Microsoft's toolkit to make the transition to the new PC order goes beyond Silverlight. Microsoft's entry into virtualization hypervisors with Hyper-V is an obvious tool. So is the application virtualization technology Microsoft got when it bought Softricity in 2006. And then there's Azure, the new cloud services platform Microsoft announced last week, which seems to be based on the popular SharePoint collaboration platform. The use of that platform could help tie the emerging cloud to the existing desktop world, giving both Microsoft and enterprises a transition point.

There are several projects within Microsoft to explore how to keep Microsoft technology central to a post-Windows world, notes MacDonald. One is the Midori effort to create a componentized OS freed of all the DOS and NT legacy that has a stranglehold on ?today's Windows. And Microsoft's Singularity project is another attempt to explore a reinvention of the OS in today's context.

The question remains whether Microsoft can take these pieces and put them together in a compelling way. Can Microsoft both break from the past and help enable the transition away from it? Or will Bill Gates' old vision of PCs being desktop mainframes -- or the need to keep selling bloatware every few years for the huge cash infusion it brings -- get in Microsoft's way?

In other words, is Windows 7 the last of the dinosaur Windows versions, or are there more to follow?

With the advent of multicore processors such as the Intel Core Duo, which is now commonplace in PCs, software developers must deal with a new wrinkle -- getting software to be processed across multiple cores -- in order to ensure the maximum performance from their software. But this is much easier said than done, with developers having to tackle issues with concurrency and potential performance bottlenecks. Already, 71 percent of organizations are developing multithreaded applications for multicore hardware, according to a recent IDC survey sponsored by tool vendor Coverity.

Developers need to get an organization-wide commitment to accommodate multicore software development, advises IDC analyst Melinda Ballou. "They need to approach this with a level of commitment to better practices organizationally and from a project perspective for quality management [and] change management as well as development," she says.

[ Intel's Nehalem chip will push PCs further into a multicore world. InfoWorld's Tom Yager explains why Nehalem is such a game changer. ]

Multicore processors are becoming more prominent because single-core chips have maxed out on the heat and performance scale. Power-consumption issues also have driven development of multicore chips. Chipmakers such as Intel are adding cores to their CPUs. "Over the last 20 years of computing or longer, we've really been able to ride the wave of increased computing power through frequency scaling," says Lynne Hill, general manager of Microsoft's Parallel Computing Platform. But now, a wall (power consumption) has been hit, and hardware has to change if the processing capabilities of PCs are to increase, she says.

The hardware is in fact changing, which puts the burden on developers to adapt their applications to use it. Developers must learn new techniques and use new tools to maximize performance.

That's because multicore processors work differently than single-core ones, processing multiple instructions in parallel. That means software has to break apart its instructions to be able to be processed in parallel as well. "When you have multiple cores, your program has to take advantage of all those cores, and it has to run instructions [on those cores] simultaneously," says Ben Chelf, CTO at Coverity, which offers tools for multicore development. "The challenge is that software never had to be designed to be run in parallel on multiple cores. It always just ran on a single core," says Ray DePaul, CEO of RapidMind, another provider of multicore-development tools.

Cliff Click, a distinguished engineer at Azul Systems who has offered technical presentations on issues with large concurrent programs, stresses the difficulties of writing multithreaded programs. "It's very hard, [but] it doesn't look that hard to begin with," he says.

Companies such as Intel, Microsoft, and Sun Microsystems are providing assistance with the multicore challenge and parallel programming.

Intel's multicore app-dev aids "Absolutely, [multicore software development is] a challenge. It?s a pretty big challenge," says James Reinders, director of marketing for Intel's Developer Products Division. Concurrency is a major issue in development, he stresses. "When you write a parallel program, it's easy to make a program nondeterministic, meaning where different outcomes, or logic paths, are possible," Reinders says. Multicore app dev requires a much more complicated thought process about software design than most developers understand, he says. "By and large, the majority of programmers don't have experience with it and are in need of tools and training and so forth to help take advantage of it."

Intel is stepping in to assist developers who may not be able to deal with the paradigm shift on their own. The company offers its Threading Building Blocks template library to help C++ programmers with parallel programming. The Intel Thread Checker helps find nondeterministic programming errors, and the Intel Thread Profiler helps visualize a program to check what each core is doing. Also, Intel has a code library project called Ct, for C for Throughput, that looks at providing building blocks for common data parallelism cases.

Synchronization is important for parallel programming to avoid race conditions, Reinders notes. With a race condition, concurrent conditions aren't properly synchronized, so the order in which they complete affects the outcome. Program deadlocks also can occur: Instructions that execute in parallel each waits for the other to complete, so neither ends up completing.

Microsoft's multicore app-dev aids Microsoft also is working on parallel computing efforts. "We'll be integrating parallelism into our mainstream [app development] product," Hill says. For example, its Concurrency Runtime provides a common scheduling layer that will give applications to finer control over the resources allocated to them. The technology will be part of the planned Visual Studio 2010 platform and is included in the platform's Community Technology Preview prerelease edition.

Also on tap are extensions to languages, both in native and managed code, for parallelism. Microsoft will look at libraries and services for developers, plus it has developed PLinq, which adds parallelism to its Linq language-integrated query technology. Additionally, the company offers its parallel language extensions, which use the Concurrency Runtime.

Sun's multicore app-dev aids Sun Microsystems is considering multicore issues as potential improvements to the Java Virtual Machine. "There's a whole range of optimizations in the JVM that can be done," says Danny Coward, chief architect for client Java at Sun. "We've done some of them. We've got more that we want to [do]."

The Java application layer has supporting functions built into the programming model for applications to take advantage of multiple cores and multiple processors, Coward says. To address parallelism, Sun has taken a two-pronged approach: parallelizing the virtual machine and supporting applications with a concurrency model. This concurrency model is needed where applications do massively serial work, such as large data processing applications, Coward notes.

The 2004 release of Java Platform, Standard Edition (SE) included a concurrency framework that features APIs to let developers process a large amount of data. The framework also lets developers break up a task into smaller tasks to be executed on different threads in parallel, Coward notes.

With the planned Java Developer Kit 7, which is Sun's implementation of Java SE 7, Sun is pondering a new type of garbage collection -- for memory management -- that is more concurrent and parallel. The current Java garbage collector can't always be optimized on multiple cores, Coward says. The kit is planned for late 2009. Also planned for JDK 7 are concurrency APIs such as the fork/join framework.

Multicore app-dev tools are increasingly available Today, corporate developers typically accommodate multicore or multithreaded application development by using IDEs and some level of automated quality assurance, says IDC's Ballou. They tend to use frequent releases to add multicore support incrementally as they gain experience, she adds.

Azul's Click, who once worked on the development of the JVM while at Sun, says there are languages that attempt to address multicore issues. One is Clojure, which provides capabilities for multithreaded JVM programming. Another language in this vein is Scala, which is interoperable with Java, he notes. Click recommends using Java and JDK concurrency utilities and libraries, as well as reading best-practices books such as Brian Goetz's Java Concurrency in Practice.

Among specialty vendors with multicore-oriented tools are Cilk Arts, Coverity, Fortify, RapidMind, and SureLogic.

SOA adoption has hit a bump in the road, according to survey detailed by Gartner on Monday.

The number of organizations planning to adopt SOA for the first time decreased to 25 percent; it had been 53 percent in last year's survey. Also, the number of organizations with no plans to adopt SOA doubled from 7 percent in 2007 to 16 percent in 2008. This dramatic falloff has been happening since the beginning of 2008, Gartner said.

Gartner has been doing the survey for five years, and this is the first time the numbers dropped, said analyst Dan Sholler, research vice president at Gartner. "What we're seeing is that there are a bunch of organizations [that] for a variety of reasons don't expect to be doing anything specific about SOA next year," Sholler said.

This year's survey saw a decline in the growth rate for SOA, he stressed. Overall, organizations expect to be doing fewer projects next year, with the economy contributing to that to a degree, Sholler said. Organizations also may be doing fewer things for which SOA applies, he said.

A growing number of large organizations are deferring plans to utilize SOA, the study found. Fifty-three percent of respondents already were using SOA. Meanwhile, 20 percent of respondents were building event-driven architectures and 20 percent had plans to do so in the next 12 months.

Use of modern programming environments is closely associated with SOA, Gartner said. This suggests that more organizations are focusing on SOA in the context of new developments that use Java, Microsoft .Net, and dynamic languages like Perl, Python, PHP, and Ruby. Organizations must ponder options when applying SOA in legacy programming environments because skills in blending the two likely will be scarce, Gartner said.

Gartner also said the number of organizations already pursuing SOA shows a massive change in the future perception of SOA, from something that is essentially inevitable for all organizations in a short time to a situation where many organizations evaluated SOA and have chosen not to spend time and effort on it.

The two major reasons organizations choose for not pursuing SOA are lack of skills and expertise and no viable business case. There is confusion about constructing a business case for SOA, Gartner said.

Gartner conducted surveys between May and July 2008 about the adoption, use, benefits of, and practices for SOA. An initial sample of more than 200 companies worldwide with more than 1,000 employees was included. Three subsequent phases of the study involved surveying attendees at Gartner conferences related to SOA. A total of 119 respondents were involved in these subsequent surveys.

The survey found that adoption of SOA and plans for adoption vary widely by region. SOA adoption is nearly universal in Europe, moderate in North America, and lagging in Asia, Gartner said.

Dell will enter the data de-duplication business next year with products that are based on Quantum's software and compatible with EMC's gear.

The products, which will feature Quantum's software on dedicated hardware boxes, will start to come out in the first half of next year and eventually will span all of Dell's storage lines from small and medium-size business gear to large enterprises equipment. Along with Quantum and EMC, Dell will have a common software architecture that will make products from all three companies compatible, Dell said.

[ Get the latest on storage developments with InfoWorld's Storage Adviser blog and Storage Report newsletter. ]

Data de-duplication is designed to slash the requirement for storage capacity by finding identical files or bits of information in an organization's stored data and saving them just once. For example, if two versions of a presentation differ only in the details of one slide, de-duplication lets an enterprise save just one copy each of all the slides that are identical.

Major storage vendors, including Hewlett-Packard and NetApp as well as EMC and Quantum, already sell de-duplication products. Dell believes its entry now will allow it to start out with more mature products, said Brett Roscoe, senior manager of Dell's storage division.

The alliance with Quantum and EMC is a natural move, given that EMC already uses Quantum software for data de-duplication and is also an OEM partner of Dell. But it creates a compatibility that may allow customers to implement de-duplication widely with less cost and trouble. Users will be able to replicate data to and from products from the three vendors, at multiple sites, while taking advantage of the storage efficiency of de-duplication, Roscoe said.

The technology will also help make disk storage competitive with tape. Organizations typically use tape for disaster recovery, which at a dollar per gigabyte is much less expensive than disks, but it's usually harder to get data back off tapes when needed, Roscoe said. With the compression that data de-duplication brings, the cost per byte comes down. Customers may use disk storage for recently created data, such as material from the past 90 days, that end-users most frequently need, he said.

Dell's gear will use "variable block" de-duplication, which can examine data within both files and smaller blocks of data and find duplicated bits, Roscoe said. It is the most processing-intensive form of de-duplication but can achieve the highest levels of compression, he said.

"You're slicing it finer and finer, and the finer you slice it, the more you're going to find in terms of redundancies," Roscoe said.

A mainframe version of the OpenSolaris operating system is now available for download, IBM and Sun announced Monday.

Both Solaris and the System z mainframe have a huge footprint in the financial services sector, and many customers will be interested in consolidating Solaris-based applications onto mainframe servers, says Forrester Research analyst Brad Day.

[ Track the latest trends in open source with InfoWorld's Open Sources blog. ]

Mainframes are already attractive for Linux consolidation projects and now IT shops are likely to say "I can take one big mainframe and virtualize it into a bunch of little Solaris servers," Day says. IBM and Sun say the initiative will allow custom C/C++ applications based on Solaris to be migrated from Sun hardware to System z.

IBM and Sun call the mainframe port a prototype and urge open source developers to participate in the project and help improve the software. The prototype was designed by Sine Nomine Associates, a research and engineering firm, with financial and technical support from IBM and Sun.

Sine Nomine also is developing a Java software port for the mainframe, which should be available in late 2009 or early 2010, Day says. While many mainframe users will be interested in testing out the OpenSolaris download, they'll wait for the Java port before putting anything into production, he says.

"For this to be compelling it can't just be the Solaris kernel," Day says. "It has to be the entire Java environment. This is a work in progress."

Sun's Solaris operating system is used for many client-facing Internet-based applications as well as mission-critical applications like SAP and Oracle. Solaris has gained popularity by being flexible to enough to run on a variety of servers, both Sun and non-Sun platforms and both Sparc and x86 servers, Day says.

IBM and Sun demonstrated an early version of the OpenSolaris code base running on the mainframe in November 2007. The IBM/Sun partnership also includes an agreement for Solaris to run on x86 servers and blades, and an IBM endorsement of Sun's xVM virtualization initiative.  

OpenSolaris runs within the mainframe's virtualization technology, known as z/VM, which allows the creation of thousands of virtual images on a single hypervisor.

A worm that exploits the bug Microsoft patched in an emergency update 11 days ago is actively attacking systems, several security companies and researchers said Monday.

The worm, which Symantec Corp. labeled " Wecorl " but was dubbed "MS08-067.g" by Kaspersky Lab and Microsoft itself, likely originated in China, said Kevin Haley, a director with Symantec's security response team. "It may have come out of China," said Haley, who added that it appeared to target Chinese language versions of Windows 2000.

Haley confirmed that the worm is both different from the information-stealing Trojan horse that prompted Microsoft to issue the out-of-cycle patch on Oct. 23, and circulating in the wild.

Other researchers echoed Symantec's take that the worm installs multiple components on victimized PCs, including a Trojan downloader and rootkit code to mask it from security software. Helsinki-based F-Secure Corp ., for example, identified the former as "Trojan-Dropper.Win32.Agent.yhi" and the rootkit bits as "Rootkit.Win32.KernelBot.dg."

According to Haley, if the worm manages to infect a Windows PC, it also tries to attack all the machines on the same subnet. "If it can get behind the [fire]wall, then it can infect other systems," Haley said.

"That circumvents the firewall mitigation that Microsoft noted," said Andrew Storms, director of security operations at nCircle Network Security Inc. "Enterprises typically have laptops configured to be location aware so when they're on the company network, parts of the firewall are disabled, or port 139 is allowed from known IP addresses."

In the security bulletin it released two weeks ago, Microsoft said that "standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter."

Within days of the emergency patch , hackers had published working attack code on the Internet.

F-Secure said that the just-released worm is based on the exploit code that had been posted online last week. nCircle's Storms agreed that's likely.

Symantec rated the worm as a "Very Low" threat, although it maintained its ThreatCon, an all-around indicator of Internet security, at "2" because Microsoft issued an emergency patch. "It doesn't appear to be very widespread, although that could change, of course," said Haley.

As counter-intuitive as it sounds, Storms said that the appearance of a worm is actually a good thing. "Evidence that we're finding and detecting it means we're in a better situation than we were earlier," he argued. "If it had gone undetected and unfound [it would have meant] that enterprises didn't have any defense-in-depth. But because we're finding it, that means we have signatures for it."

Storms urged users who had not installed the MS08-067 update to do so immediately. "The worm may not have many legs, but you should get ahead of the game and deploy now," he said.

While most of us are caught up in a historic U.S. presidential election tomorrow, the Federal Communications Commission will be creating its own drama when it votes on the future of unfettered wireless Internet access.

Before the FCC is the controversial idea to open up the wireless spectrum in the 700 MHz range for wireless devices. Called white spaces, these airwaves have acted as a buffer between TV channels to prevent overlap and interference from other signals. With television stations abandoning the airwaves as they switch to federally mandated digital service, white spaces have become a hot commodity because of their ability to pass easily through walls and travel long distances. This makes the spectrum ideal for Wi-Fi, but is extremely contentious, and pits major tech companies like Google, Microsoft, Intel, and Dell against broadcasters, sports leagues , and even mega-churches.

[ Keep up on the latest networking news with our Networking Report newsletter. And discover the top-rated IT products as rated by the InfoWorld Test Center. ]

Opponents of the plan say that use of white space will interfere with other devices, like wireless microphones, and also still interfere with clear television broadcasts despite the move to digital. On the other side, major tech companies, operating under the lobbying group The White Spaces Coalition say their devices can be designed to avoid interference with other signals in the 700MHz spectrum. Earlier this month the FCC issued a report on the reliability of these devices, and while results look promising for the tech companies, opponents were not convinced.

Everyone from Bill Gates to Dolly Parton has begun lobbying the FCC as the vote closes in. In a letter to congress, Parton said "the importance of clear, consistent wireless microphone technology cannot be overstated."

Gates has been meeting with FCC commissioners face to face as he tries to seal the deal. White spaces have the potential to revolutionize Internet access, and could make it much easier for America's millions of rural internet users who still rely on dial-up access to obtain wireless broadband service.

Whatever the outcome, tomorrow's decision by the FCC seems likely to impact the country's communication infrastructure for years to come.

PC World is an InfoWorld affiliate.

Your budget is about to be cut. Your IT shop faces a hiring freeze or layoffs . You can see a pep talk about "doing more with less" heading your way like an 18-wheeler barreling down a one-lane road. And you have no idea when things will start to get better. Does that about cover your situation?

Stop. Catch your breath. And get ready for the deluge.

[ Learn more about how the financial crisis is affecting IT and the high-tech industry, plus what IT can do to help, in InfoWorld's special report. Get sage advice on IT careers and management from Bob Lewis in InfoWorld's Advice Line blog and newsletter. ]

You already know your IT shop needs to become more visible to the rest of the business. You know you'll have to work faster and be a closer and more valued partner than ever to your users.

What else should be on your to-do list -- and the to-do lists of each person in your IT shop? Glad you asked.

Dive into a new technologyCloud computing is hot this week. So is virtualization . Linux, agile programming , encryption -- face it, there are lots of technologies you don't know. Choose one and jump in. It doesn't have to be something job-related, just something to stretch your brain. Remind yourself of why you got into this game in the first place. It may be a while before you have time for much variety again.

Find a corner you can cutLook for efficiencies. Rethink your procedures. Streamline your habits. Remember, you're about to have less time to do more work. Either you find ways to work faster, or your days will get longer.

Choose an escape valveYou know you'll need one or your head will explode sometime before June. Maybe it's a game, a blog, a hobby, a meditation position. Whatever it is, have it ready so that when you just can't take it anymore, you'll be able to spend a few minutes escaping -- and then go back to taking it.

Identify a needWhat's not being done that would help users or IT? What's the cheapest way to make that happen? Is there any way to measure the benefit? And how many people will want to, um, help take credit?

Spot a way to save moneyIt doesn't have to be big or ongoing, though that's a nice plus. But anything that will consume less manpower, attention, electricity, cooling or maintenance without reducing what IT delivers to users -- that's likely to be well received.

Bury a hatchetMaybe it's a user you can't stand. Or a peer who nurses an old grudge. Now's the time to clear the decks with an enemy. You don't want the distraction of a needle match when the going gets tough. And if you can't actually resolve the problem, maybe you can cut a deal: For six months, you'll both pretend it's in the past. You can always go back to hating each other when happy days are back again.

Inventory your skillsIf your current job suddenly becomes obsolete in an IT shop reorganization, you'll want to know in advance what you're good at. Don't just refresh your résumé -- think about all of the things you can do. That's your guide to what you may be doing next.

Cross a disciplineA smaller staff means each staffer may have to do more things. If you're working in a silo, it's about to be demolished. Look around. What's the logical line for you to cross? And when the time comes, how will you cross it?

Learn something new about your businessNot IT -- the business your company is in. The more you know about how its products and services are conceived, engineered, produced, marketed, sold, accounted for and regulated, the more you can contribute to making the business work better with technology.

Stop to smell some rosesIt really is going to get ugly. You'll have less time for the people, places and things you love. Don't wait. Enjoy them today.

Frank Hayes is Computerworld 's senior news columnist. Contact him at frank_hayes@computerworld.com. Computerworld is an InfoWorld affiliate.

This version of the story originally appeared in Computerworld's print edition. Got something to add? Let us know in the article comments .

Seeking to beef up the capabilities of its recently launched Beehive collaboration platform, Oracle said Monday it has bought the intellectual property of Tacit Software and hired all of its software engineers. Terms of the deal were not disclosed.

Tacit is the Palo Alto, California, company behind illumio, a SaaS (software as a service) collaboration and "expertise location" platform, and ActiveNet, an on-premises product with a similar purpose.

[ Discover the top-rated IT products as rated by the InfoWorld Test Center. ]

The system doesn't require users to maintain profiles; instead, a plug-in that is installed locally tracks their activity and builds a "dynamic, highly accurate profile of their expertise," according to the illumio Web site.

This approach provides additional privacy over other systems, the company said. Users do not have to add data about their expertise to a common, searchable database; instead, the plug-in matches questions or calls for help from the community with users, who decide whether they wish to answer.

Auto-profiling can also address a common challenge with enterprise social networking deployments -- the fact that many users do not maintain their profiles.

It was not immediately clear Monday how Oracle's deal would affect existing Tacit Software customers , which include Lockheed Martin and Morgan Stanley. Representatives for both companies did not immediately respond to requests for comment.

Oracle announced Beehive at its OpenWorld conference in September with much fanfare, but into a market which has become saturated with options for enterprise-grade social networking.

Beehive combines features like conferencing, e-mail, calendaring, instant messaging, and workspaces, and is available either on premises or in a SaaS version.

On Sunday Sprint Nextel reconnected its network with Cogent Communications after severing it earlier last week. The reconnection is only temporary, as the core issues in this dispute have not changed, Sprint said in a statement to its customers.

As a result, it is again possible for Sprint customers and Cogent customers to directly communicate across the Internet. Data supplied by Keynote Systems confirms that the two networks are again communicating with each other.

[ Keep up on the latest networking news with our Networking Report newsletter. And discover the top-rated IT products as rated by the InfoWorld Test Center. ]

Sprint's view of what led up to its disconnecting from Cogent Communications on Oct. 30 differs substantially from what Cogent has stated.

In shutting down the peering between the two, Sprint violated a contractual obligation to exchange Internet traffic with Cogent on a settlement-free peering basis, according to Cogent. But that's just fiction, according to Sprint, because at no time did the two enter into an actual contract.

In 2006, Sprint and Cogent formed a trial agreement that ended in September last year. A three-month commercial trial indicated that Cogent didn't meet the minimum traffic exchange criteria agreed to by both parties, according to Sprint. As a result, settlement-free peering was not established, Sprint said.

Instead, Sprint wants Cogent to pay for its ongoing connection to the Sprint network. But despite repeated collection attempts by Sprint, Cogent has not done that. Nonpayment on Cogent's part is the reason Sprint decided to disconnect from Cogent last week, a process that had started on Oct. 7, and shouldn't have come as a surprise for Cogent, Sprint said in its customer statement.

What happens next remains to be seen. The two operators are involved in litigation over the matter. Sprint filed a lawsuit against Cogent on Sept. 2 in Fairfax County Circuit Court in Virginia for breach of contract.

On its part, Cogent said it wants settlement-free peering with Sprint.

Microsoft's latest security report shows that the number of new vulnerabilities found in its software was lower in first half of the year than the last half of 2007, with the Windows Vista OS proving more resistant to exploits than XP.

Microsoft reported 77 vulnerabilities from January to June compared to 116 for the last six months of 2007, according to the company's fifth Security Intelligence Report .

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

The decline is in line with the software industry as a whole, which saw a 19 percent decrease in vulnerability disclosures compared to the first half of 2007, Microsoft said. However, those vulnerabilities considered highly severe rose 13 percent.

Exploit code was available for about a third of the 77 vulnerabilities; however, reliable exploit code is available for only eight of those 77.

Other data shows that XP is attacked more frequently than Vista. In XP machines, Microsoft's own software contained 42 percent of the vulnerabilities attacked, while 58 percent were in third party software. For Vista machines, Microsoft's software had 6 percent of the vulnerabilities attacked, with third-party software containing 94 percent of the flaws.

New security technologies such as address space randomization have led to fewer successful attacks against Vista, said Vinny Gullotto, general manager of Microsoft's malware protection center.

"Moving onto Vista is clearly a safe bet," Gullotto said. "For us, it's a clear indicator that attacking Vista or trying to exploit Vista specifically is becoming much more difficult."

The highest number of exploits were released for Windows 2000 and Windows Server 2003 operating systems, Microsoft said.

Hackers appear to be increasingly targeting Internet surfers who speak Chinese. Microsoft found that 47 percent of browser-based exploits were executed against systems with Chinese set as the system language.

The most popular browser-based exploit is for the MDAC (Microsoft Data Access Components) bug that was patched (MS06-014) by Microsoft in April 2006.Some 12.1 percent of all exploits encountered on the Internet targeted that flaw. The second most encountered exploit is one aimed at a vulnerability in the RealPlayer multimedia software, CVE-2007-5601.

The two most commonly exploited vulnerabilities in Windows Vista concerned ActiveX controls that are commonly installed in China, Microsoft said.

Gullotto said Microsoft is continuing to improve the Malicious Software Removal Tool (MSRT), a free but very basic security application that can remove some of the most common malware families.

Last month, Microsoft added detection for "Antivirus XP," one of several questionable programs that warn users their PC is infected with malware, Gullotto said. The program badgers users to buy the software, which is of questionable utility. "Antivirus XP" is also very difficult to remove.

Microsoft fielded some 1,000 calls a month about Antivirus XP on its PC Safety line, where users can call and ask security questions. Since the MSRT started automatically removing the program, calls concerning Antivirus XP dropped by half the first week, Gullotto said.

Ready for election day ? The Web is brimming with interactive tools -- everything from widgets to mobile alerts -- that can help you stay on top of the presidential vote and keep you informed, no matter where you go. We've compiled some of the best resources to take you through the election's end, whether you're seeking polling info, real-time results, or just a few laughs. Bookmark this page now, and you'll have all that you need, every step of the way.

[ For more on how technology is reshaping the race for the U.S. presidency, see InfoWorld's special report. ]

Voting information-- Google Voter Info : This site offers an easy way to find your polling place. Type in your home address, and you'll get an interactive map in seconds. A mobile version is available too.

-- ACLU Voting Rights Guide : Stop by this site before voting and snag a printable card specific to your state. It'll give you polling hours, policies, and numbers to call in case you encounter a problem.

-- CNN Voter Hotline : At this site you can see an interactive state-by-state breakdown of polling problems as they occur. See how many calls are coming in from each county and what kinds of complaints are being lodged.

-- Ballotpedia : Get a simple breakdown of all the measures and initiatives on the ballot where you live. Click on your location, and you can see what the propositions are really about.

-- Glassbooth or USA Today Candidate Match Game : If you're still on the fence in regard to the presidential candidates, both of these sites can help you figure out which side better matches your beliefs.

Results monitoring-- MSNBC Results Widget : This tool delivers real-time results to your blog or social-network profile. Just set the options--you can choose to see specific states or a nationwide view--and you'll receive up-to-the-second returns where you want them.

-- CNN YourRaces : Customize your own tracking tool with any number of races, then watch the results in real time through CNN's site. The service is also available via CNN's mobile interface.

-- AOL Election Toolbar : Set up a toolbar at the top of your browser to see all the latest election headlines scrolling across your screen. It's available for both Internet Explorer and Firefox.

-- iDashboards : Starting Nov. 4, this live dashboard will show real-time results from across the country. Hover your mouse over any state to see its returns.

-- NYT SMS Results : The New York Times is offering free text-based alerts for election night. Text NEWSALERTS to 698698 to get national results, or text ELECTIONS followed by your zip code (e.g., ELECTIONS 90210) to 698698 to obtain state-specific updates. (Standard text-messaging rates from your carrier will apply.)

Interactive analysis-- YouTube VideoYourVote : Send in a video clip of your voting experience, and see what's happening to other voters across the country, too. You can sort clips to watch videos showing voter intimidation, polling-place problems, or just the general excitement of the day.

-- We Op-Ed : At this open community of political discussion and debate, you can see what citizens are saying on both sides, and add your voice to the mix.

-- SocialMedian : Get all sorts of election-focused social content in one central location. SocialMedian aggregates conversations from blogs, Twitter posts, and YouTube videos to create a single space for finding and filtering the Internet's hottest election topics at any moment.

-- Microsoft Political Streams : Using this slightly more mainstream news aggregation service, you can see separated news and blog posts related to politics, updated in real time.

-- Twitter Election : See unfiltered updates from Twitter users worldwide. Watch your screen fill up with short summaries and rants tapped out by poll watchers from coast to coast.

Election humor-- Indecision 2008 : Turn to Jon Stewart, Stephen Colbert, and your other favorite Comedy Central stars for humorous election coverage. Interactive chat rooms await, along with live blogs by comedians such as Patton Oswalt, scheduled to start posting at 7:30 Eastern on Tuesday night.

-- The Onion : The always-amusing satire site promises live election coverage November 4 and 5, presumably from its "War for the White House Bunker." Be sure to see what these crazy correspondents have come up with.

-- SNL Elections 2008 : The crew of Saturday Night Live has plenty to keep you busy at its online headquarters. You'll find news stories, games, and--of course--all of your favorite moments from the show's political spoofs.

-- Campaign Humor Roundup : Here you'll find an extensive compilation of everything related to campaign humor. Browse through the funniest cartoons, viral videos, candidate gaffes, and late-night moments, all on one page.

PC World is an InfoWorld affiliate.

On-demand ERP (enterprise resource planning) vendor NetSuite is trying to lure SAP R/3 customers with a new migration program.

NetSuite serves as an "antidote" to "the ridiculously high costs associated with SAP implementation, complexity and ongoing maintenance," NetSuite CEO Zach Nelson said in a statement.

[ Discover the top-rated IT products as rated by the InfoWorld Test Center. ]

Under the deal, NetSuite will charge an SAP R/3 customer 50 percent of whatever their R/3 maintenance costs are for an equivalent number of NetSuite seats, along with support.

NetSuite's campaign is not targeting SAP's SMB offerings, such as Business All-in-One, because "the customers that are coming to us are R/3 folks," said Mini Peiris, NetSuite's vice president of product marketing.

Nor is NetSuite portraying its software as a complete replacement for an R/3 backbone. Instead, the vendor is targeting new or existing divisions of companies running R/3.

"If you're starting off a new division or breaking off a new subsidiary, R/3 is almost definitely overkill," Peiris said. "Those organizations should be looking to NetSuite to get them up and running quicker."

In targeting SAP, NetSuite is undoubtedly hoping to capitalize on discontent regarding SAP's recent move to transition all customers to a fuller-featured but more expensive Enterprise Support offering.

But there's no sign that NetSuite will make a similar challenge to Oracle, the other giant in the ERP space. Oracle CEO Larry Ellison is a major NetSuite investor, and NetSuite even held a 10th anniversary party at one of Ellison's homes recently.

"We're basing this on what our customers and prospects are saying, and so far we haven't seen Oracle customers wanting to do a swap," Peiris said.

As for any possibility of an Oracle customer migration campaign, "that might be something we'll look at down the road," she said.

NetSuite is offering 100 hours of professional services to assist customers with the switch. It is also partnering with three data integration vendors -- Boomi, Cast Iron Systems and Pervasive Software -- for companies that would want to continuously exchange NetSuite data with their main SAP system.

NetSuite's move comes about a week after it made a similar announcement aimed at Salesforce users.

One industry observer expressed a measured view of NetSuite's move against SAP.

"This is in line with NetSuite's continued attempts to gain more visibility in the market and to appeal not just to its SMB base but to raise its sights to higher-end mid-market customers," said China Martens, an analyst with The 451 Group. "However, we'd question how many R/3 replacements NetSuite has been involved in so far, given that the company tends to compete more with SAP's SMB apps."

"We do see all this saber-rattling as a tad dangerous, given that the vendors it's going after are still better placed to make deep price cuts," Martens added.

For example, Salesforce might be planning to announce a big price break at its annual Dreamforce conference next week, she said.

Voting machines of all stripes have remarkably similar flaws and though geographically scattered, inaccurate tallies of votes are not likely to flip a whole presidential election, there is a "nightmare scenario" that could. Meanwhile on the state level, security issues have already popped up in the wake of various states' deployments of direct-recording electronic (DRE) voting machines.

Edward Felten, a go-to expert witness on some of the major security and software issues of our time, tackles these and other e-voting topics in the following interview.

[ For more on how technology is reshaping the race for the U.S. presidency, see InfoWorld's special report. ]

Felten is professor of computer science and director of the Center for Information Technology Policy at Princeton University in New Jersey, a state where he has given testimony in a class-action lawsuit involving voting machines. The suit, Gusciora v. McGreevy, was filed in 2004 and charges that DREs are illegal. It cites state law concerning accurate vote counting, but will not be resolved before the November elections.

Felten has been actively involved in a variety of major security and software cases and issues. In 2006, he and several students were able to hack into a Diebold Election Systems (now Premier Election Solutions) voting machine, and reported on the results. Felten was also involved in the U.S. government's antitrust case against Microsoft.

The IDG News Service interviewed Felten in his Princeton office a week before the 2008 presidential election. A Sequoia AVC Advantage voting machine, bought on the Internet and studied by his colleagues, was parked in a conference room around the corner. An edited transcript of the interview follows:

IDGNS: The New Jersey voting machine case revolves around Sequoia machines; you also hacked into a Diebold machine a few years ago and reported your findings. Are there different types of problems to expect depending on the machine manufacturer?

Felten: It's actually been remarkable how similar the problems have been from one manufacturer to another. There have been quite a few machines studied now by independent computer scientists. You see a lot of the same problems across the board.

IDGNS: What are those problems?

Felten: You see issues with the security and reliability of the machines, and that basically all comes down to the fact that the machines are computers and store the records of votes only in electronic memories that the voter can't see. And so there's a problem of how you can be sure that the software is recording correctly, in the way that the voter wanted them to be.

IDGNS: How hard was it to hack into the Diebold machine?

Felten: It's something that anybody who has technical skill could do, something that say, any of our computer science majors here would have the technical skill to do. What we showed was all that someone would need is physical access to a machine or to one of the removable memory cards that it uses for about a minute, and then the machines were susceptible to computer viruses of the same general type you see on PCs.

IDGNS : I'd be curious to know what poll observers can do in those states where there is e-voting with no paper audit trail, for example right here in New Jersey, to find out if voters are experiencing problems?

Felten: One thing to do obviously is to just be alert and look for behaviors that aren't supposed to happen: To check the records that the machines do make at the beginning and the end of the day and make sure that everything is as it should be, and that the numbers add up and are consistent and so on, but especially just watching to see if anything unusual happens and then recording what does happen. There's one more thing actually that is important to do, and that is to make sure the machines are guarded, that the machines are not left unprotected so that someone could get access to them.

IDGNS: The Democrats apparently have an army of lawyers fanning out across the country. What, if anything, can they do if there are claims of e-voting problems in those states where there is no paper trail?

Felten: It depends on the nature of the problems. Some kinds of problems might be evident, if there are votes that are missing, that are garbled in the electronic records: That would be something that is evident, and then you would have a fight about what would be done to remedy the problem. Other kinds of potential problems might take more technical investigation to get to the bottom of, and you could imagine scenarios then when there has to be some kind of investigation to figure out, as best you can, what actually happened.

IDGNS: How widely do you expect post-election audits to be conducted in states where there is e-voting with a paper trail?

Felten: In a lot of places we won't have post-election audits unless there's some recount declared or some other reason to suspect something is wrong, and I think that's unfortunate, because I think that if you're going to keep the paper and electronic records of each vote you ought to do at least some checking to make sure that they're consistent. A paper record that you never look at doesn't do much as a quality control mechanism.

IDGNS: Do you think random checks are necessary?

Felten: Random checks, random audits for sure are valuable. Most of the plausible post-election audit systems involve some kind of randomness. Just because it's super-expensive to recount all of the ballots by hand, it's something you only want to do when it's absolutely necessary. But if you pick randomly and pick randomly in the right way, you can still have high confidence that if there is a problem that's big enough to affect an election result, you could find it.

IDGNS: Whats your concept of an ideal, "crack-proof" voting system?

Felten: There's a lot of things that could be done better than today's systems to protect systems against tampering. Ultimately the protections have to be out of the voting machine itself, and the whole voting process has to be designed so that human processes of oversight and observation can help to secure the system. You won't be able to necessarily prevent the machine from being tampered with, but you can hope to notice the tampering and hope to be able to figure out what the voters really wanted to do regardless of tampering.

IDGNS: What's the biggest concern with e-voting -- is it the sort of undetectable hacking you and your students demonstrated, voter error like touching the wrong button, flat-out attempts by one side or the other to steal elections? What's the most likely problem to crop up?

Felten: The most likely problem due to e-voting is likely just to be an engineering error or a bug or a misconfiguration of something that leads to votes either being lost or being put in the wrong column by mistake. So, not malice but just the kind of garden-variety computer problems that we all are used to cropping up on the voting machines.

IDGNS: There are some accounts of e-voting problems making the rounds of the blogs, with some of the more hysterical accounts talking about potential stealing of the election. Does that sort of paranoia diminish legitimate concerns about the everyday problems you're talking about?

Felten: I think that they may if people go too far in claiming that there have been problems. But we don't want to lose sight of the fact that tampering with an election is a technical possibility today. It's something that is feasible, so we can't just rule it out, out of hand. We need to, while remembering that unintentional error is far more likely, that this is a problem we need to fix, and that it's not really acceptable I think, going forward, to have a whole chain of elections that are vulnerable to tampering.

IDGNS: So how worried should people really be, ultimately, about all this?

Felten: I think it's important for people to keep their eyes open and recognize that things may go wrong, but I think the most important thing for the typical citizen is to work toward having a better system next time. As we come up on the current election it's too late to change much of anything. But there are a lot of elections down the road that are equally as important to get right, and this is the time to start working to get your public official to adopt a better system.

IDGNS: Keeping in mind that the presidential election in 2000 actually was ultimately won by about 500 votes in Florida, how likely do you think it is that a voting machine malfunction could throw the election?

Felten: As you said, the first prerequisite for this has to be an election that's really close to start with. Close enough that a relatively small error might potentially flip it. But that kind of is the nightmare scenario: that you have an election that's extremely close and decided by a relatively small margin in one or two states, and that there are e-voting irregularities in those places so that there is genuine doubt about what the voters actually meant to do.

IDGNS: So you'd need a perfect storm of things coming together for a machine malfunction to actually throw an election.

Felten: For a machine malfunction to throw a presidential election you would have to have circumstances like this. But of course there are a lot of elections going on at the state and local level as well. We've seen instances in the past where elections were ruined by electronic voting errors or almost ruined, and only a paper trail was able to determine who actually won the election. So it wouldn't be too surprising to see some problem like that somewhere in this election. Although the chances of it happening in the presidential election seem relatively small, still.

IDGNS: There have been reports that voters in Charleston saw votes flip from the Democratic to the Republican side -- they pressed on the button for Democrats and saw the X light up on the Republican side. What do you make of that?

Felten: One possibility is the calibration of the touch-screen voting machine. Basically a touch-screen device needs to be set up so that it accurately detects what position on the screen is being touched. If you have a cell phone that has a touch screen on it, often there is this process you go through at the beginning where it shows crosshairs and you have to touch those so that it can learn which electrical signals correspond to which positions on the screen. And if you don't get that right then it will feel a touch in a different place than where the touch actually happened. That's one explanation for these vote flips that are recorded, but of course there could be other things causing it too -- you can't really tell without more of an examination.

The global financial crisis prompted market researcher Gartner on Monday to lower its preliminary chip industry revenue projections for the next few years, including a $25.5 billion reduction for next year.

Although Gartner's formal report on the chip industry won't be finalized until the end of November, the researcher said it revised down its preliminary 2008 chip industry revenue growth forecast to just 2 percent to $279.4 billion, from a previous estimate of 4.2 percent growth.

[ Learn more about how the financial crisis is affecting IT and the high-tech industry, plus what IT can do to help, in InfoWorld's special report. ]

As job losses mount and business and consumer spending tightens next year, the chip industry will face even tougher pressures. Gartner predicts 2009 semiconductor industry revenue will rise only 1 percent year-on-year to $282.2 billion. Previously, Gartner had forecast growth of 7.8 percent to $307.7 billion.

In a worst-case scenario, chip industry revenue could decline 10.3 percent next year, Gartner said.

"In a recession, it is important to remember that there will not only be a potential reduction in the number of systems sold, but also a move to lower-cost systems with less semiconductor content," said Gartner analyst Bryan Lewis, in the Semiconductor DQ Monday Report.

The chip sector will likely rebound in 2010, posting 10.5 percent growth on revenue of $311.8 billion, Gartner said.

On-demand business software vendor Salesforce is expected on Monday to announce Force.com Sites, an offering that lets customers create and run Web sites on Salesforce's cloud infrastructure.

"Customers have been telling us they want to run their entire business in our cloud," said Kendall Collins, senior vice president of product marketing for Salesforce.

[ Confused by cloud computing hype? Get the facts from InfoWorld's cloud computing primer. | And find out more on cloud computing's risks. ]

Salesforce is also wagering that customers who have already created custom applications with its Force.com development platform might want to repurpose the programs for external use.

For example, a company could use an internal recruiting application for a public jobs portal by building a new Web front end for it with Salesforce's Visualforce tools. Customers would then register a Force.com domain name and publish the site on Salesforce's system.

"We think the primary target is our existing customers. They are going to love this," Collins said.

Force.com Sites is now in developer preview and will be generally available in 2009 -- but Salesforce isn't saying what time of year.

Salesforce believes it is prepared to handle the demands of even large-scale e-commerce Web sites, should customers build them, and is not planning to expand its infrastructure at this time, according to Collins.

"Our architecture is extremely solid for this level of scale," he said. "We think it can handle the capacity, and we're very, very confident on that front."

However, Salesforce is "going to learn a lot" in the next months as the developer preview unfolds, he said. "We're going to turn the faucet on slowly and look at that data."

Salesforce is using page views to determine developer preview pricing. A Group Edition Salesforce subscription includes up to 50,000 monthly page views for a Force.com Site, while on the high end, an Unlimited Edition subscription comes with 1 million monthly views.

When those levels are exceeded, charges kick in at $1,000 per month for up to 1 million more monthly views, or $3,000 a month for up to 5 million additional views per month, no matter which Salesforce edition a customer has.

But don't expect to launch the next YouTube on Salesforce's system. "I expect that we would do some level of limiting on bandwidth and storage," Collins said. Those details remain to be worked out, he said.

Pamela Smith, a longtime critic of electronic voting machines, is worried more about long lines on Tuesday, election day in the U.S.

Any kind of equipment breakdown in places like Pennsylvania and Virginia could cause problems, said Smith, president of Verified Voting, an advocacy group focused on improving voting systems. Those two states don't have polls open for early voting, and there has been a record number of new voter registrations in many parts of the country, particularly among Democrats energized by presidential candidate Barack Obama's campaign.

[ For more on how technology is reshaping the race for the U.S. presidency, see InfoWorld's special report. ]

Several states have already reported long lines during early voting. "This is an election that will sort of stress-test the [election] systems," Smith said. "Any problem that's going to come up is going to be amplified."

Several states do not have adequate numbers of voting machines in place to back up malfunctioning equipment, Smith said. The problem will be most acute in states with touch-screen machines; in places with optical scan machines, voters can continue to cast ballots on paper if the scanning machine goes down.

In addition to having no early voting, Pennsylvania and Virginia do not require paper-trail backups with touch-screen electronic voting machines. Critics of e-voting say that without a paper trail, there's no way to audit the results of a touch-screen machine, often called DREs, or direct recording electronic machines.

Professor Alec Yasinsac, dean of the School of Computer and Information Sciences at the University of South Alabama, is keeping an eye on two states: Florida and Ohio. Both states have had tight elections for president in past years, and this year promises more of the same.

Florida, with its hanging chads on punch-card ballots during the 2000 election, was the inspiration for the U.S. Congress to pass legislation encouraging states to move to more modern voting technologies. Then, in 2006, in a tight race for Florida's 13th congressional seat, touch-screen voting machines didn't record a vote from more than 18,000 people who voted in other races.

Florida has since scrapped most of its touch-screen e-voting machines in favor of an optical scan system, in which voters mark paper ballots that are then scanned electronically. The state still has touch-screen machines for voters with disabilities, and it doesn't require paper-trail backups on those machines.

Ohio has also faced problems with e-voting machines, both during the 2004 presidential election and during a primary election earlier this year, when e-voting machines dropped hundreds of votes in several counties.

Since the 2006 general election, four Ohio counties have switched from touch-screen machines to optical scan systems. Voters in Cuyahoga County, the state's most populous county, will be casting ballots on their third voting system in the past three general elections, going from punch cards in 2004 to touch-screen machines in 2006 to optical-scan systems this year. During pre-voting, some voting locations have changed as well.

Yasinsac, who serves the voting subcommittee of the U.S. Association for Computing Machinery, sees the potential for trouble when voting jurisdictions switch voting systems suddenly, without having time to train workers and test the systems.

"It's difficult to get voting procedures to change in a short period of time," Yasinsac said. "There have been issues ... already of not having the procedures in place and not having experienced people who've run that type of system before."

Still, Yasinsac generally believes voting officials have worked hard to minimize problems. Since 2004, more than 20 states have moved toward requiring backup paper records with touch-screen e-voting machines. "My understanding and experience is that elections officials are ready for this election, and folks should go to the polls with confidence that they will be able to vote in a timely and efficient manner," he said.

When they're using electronic voting machines, voters should look out for problems, such as vote-flipping that some voters have reported in West Virginia, Yasinsac said.

State officials defended their efforts, saying they expect elections to run smoothly. Ohio, with about 660,000 new voter registrations since the 2006 election, has taken several steps to ensure a smooth election, said Jeff Ortega, a spokesman for the secretary of state. In the 53 Ohio counties that use touch-screen machines, voters will have the option of voting on paper ballots, and paper ballots will be available if machines malfunction, he said.

In Pennsylvania, where nearly 400,000 people have registered as new voters since late April, the Department of State has been urging counties to increase the number of voting machines, said Rebecca Halton, a spokeswoman. Pennsylvania uses a mix of touch-screen and optical scan machines.

The state doesn't have early voting or no-excuse absentee voting, but voting officials are ready for high turnouts, Halton said. "We're confident in everyone's level of preparation for Tuesday," Halton said. "We're really looking forward to Tuesday."

Still, Halton advised Pennsylvania voters to go to the polls during off-peak times, not when polls open in the morning, at lunch or after work. "Come prepared for a line -- bring a book," she said.

Virginia, which uses a combination of optical scan and touch-screen machines, is also ready for record numbers of voters, said Jessica Lane, a spokeswoman for the Virginia State Board of Elections. Virginia does not allow early voting other than absentee voting, which voters need to qualify for.

As of Thursday, more than 429,000 Virginia voters had applied for an absentee ballot, and more than 312,000 had returned a voted ballot. In 2004, 222,059 absentee ballots were cast in Virginia.

"We have the most registered voters in Virginia history," Lane said. "We are prepared for lines and we feel we have done the best we can with the resources we have available."

Virginia had nearly 6,000 voting machines in 2004 and will have 10,600 voting machines this year, Lane said.

E-voting vendors expect a smooth election as well, said David Beirne, executive director of the Election Technology Council, a trade group. The council "will be monitoring activities for the misreporting of facts, and we will engage in rumor control should it become necessary," he said. "Other than that, the stage is set for the local election officials, and the leading voting system providers will take a supporting role to see that the election runs as smoothly as possible. The vast majority of our local election officials have been through elections with this equipment before ... and have trained their pollworkers extensively."

In addition to Virginia, Pennsylvania, Ohio and Florida, there are several other states to watch on Tuesday. Ohio and Florida continue to be toss-up states in the presidential election, although recent polls have Virginia and Pennsylvania, once toss-up states, leaning toward Obama over Republican presidential candidate John McCain.

-- New Jersey, Delaware, Maryland, South Carolina, Georgia, and Louisiana all use touch-screen voting machines exclusively, without paper-trail backups that voters can see. However, Louisiana has paper printouts that election officials can use to check the accuracy of e-voting machines, said Jacques Berry, press secretary for the Louisiana Secretary of State.

A report , issued by Verified Voting and two other organizations in mid-October, called Louisiana one of the least-prepared states for potential voting problems. The report was "utter, utter bull," Berry said. "I will put our election system against any other in the country for security."

None of those states is likely to have close votes for U.S. president, but there could be close congressional races in those states.

-- In addition to Pennsylvania, Virginia, and Florida, four other states that use a combination of optical scan and touch-screen machines do not require paper backups for the touch-screens. Those states are Texas, Indiana, Kentucky, and Tennessee. Indiana is a toss-up state in the race for president.

-- Four more states, Colorado, Kansas, Arkansas, and Mississippi, use a combination of touch-screen machines and other voting methods. In some jurisdictions, the touch-screen machines have a paper trail, and in other jurisdictions, they don't.

Microsoft's PDC was the source of the biggest news this week as the copany unveiled its Windows Azure cloud-computing platform. The company also let out some more details about the forthcoming Windows 7 OS and talked up its ambitions with Silverlight. Meanwhile, Google proposed settling lawsuits related to its book-scanning and indexing project, and word also seeped out through The Wall Street Journal that the company's search advertising deal with Yahoo could be scrapped because of regulatory issues.

[ Video: Catch up on the week in tech news with the World Tech Update ]

1. Microsoft launches Windows Azure for the cloud : Microsoft unveiled its Azure Service Platform, marking its entry into cloud computing, with Chief Software Architect Ray Ozzie saying that the platform will form the core of the company's services platform and be an online delivery option for all current Microsoft software. The company has been revealing bits of the strategy over the past three years and this week at its Professional Developers Conference set forth more details of how those parts fit within the Azure concept.

[ Get the inside scoop on Microsoft's cloud strategy straight from the project lead | For more news from Microsoft's Professional Developers Conference, check out InfoWorld's special report. ]

2. WSJ: Google and Yahoo may call the whole thing off: Google and Yahoo might back out of a proposed search advertising pact that the U.S. Department of Justice has not yet approved, The Wall Street Journal reported Friday. The companies signed the deal in June, agreeing that Yahoo would run Google's search ads and they would split the revenue. The DOJ has been reviewing the proposal for antitrust issues, and the companies voluntarily agreed to delay implementing the plan while that review is conducted. But the DOJ wants the companies to sign a consent decree and allow judicial oversight of the ad deal, according to the Journal.

3. Microsoft previews Windows 7 client OS: Microsoft's PDC wasn't all about Windows Azure; the company also showed off Windows 7, the next iteration of the Windows OS. The company discussed the five themes of the upcoming OS (mobile computing, services design, personalization, entertainment optimization, and compatability and stability) and further vowed that Windows 7 will fix the mistakes in Windows Vista .

[ Will the new Microsoft OS be better than Vista? Join the Windows 7 conversation in Randall C. Kennedy's Windows Sentinel blog. | See Tom Yager's first look at Windows 7. ]

4. HP, Dell, Toshiba recall Sony laptop batteries again: Dell, Hewlett-Packard and Toshiba have recalled 100,000 Sony laptop batteries that were made between October 2004 and June 2005 after reports of about 40 incidents of them overheating. The reasons for the recall are the same as a recall a couple of years ago, but the number of batteries involved is much smaller than the 9.6 million recalled then.

5. Are design issues to blame for vote 'flipping' in touch-screen machines?: E-voting machine vendors defend how their hardware is designed and emphasize that voters who find that touch-screen machines are "flipping" their votes -- changing them to a candidate they say they didn't vote for -- or who experience other glitches should immediately contact poll workers to let them know of the miscue. The issue of vote flipping has arisen during early voting in some states and has left some voting watchdog organizations concerned that such technical difficulties combined with expected high turnouts could cause big problems on Election Day next Tuesday.

6. IT slashes budgets, starts layoffs: Exclusive CIO survey: The IT blood-letting is beginning -- an exclusive CIO survey finds that 40 percent of CIOs expect to cut budgets because of the faltering economy, with contractors and discretionary tech projects among the first areas to be slashed. An additional 34 percent of CIOs aim to keep their IT budgets the same as a year ago, the October survey of 243 CIOs found. The percentages of CIOs who expect cuts or spending freezes has steadily increased across a series of studies done by the magazine in March, July and October.

7. Microsoft lays out Silverlight ambitions: Also at the Microsoft PDC, the company laid out its plans to continue improving the Silverlight platform, its competitor to Adobe's Flash. The company says a major update is due next year that will include offline capabilities and richer graphics support, among other upgrades.

8. Google settles copyright lawsuits with publishers, authors and Google agreement with publishers prompts a partial Harvard pullout: Google settled lawsuits filed by major publishers and authors contending that the company's scanning and indexing of copyright books without permission was tantamount to violating copyright on a massive scale. Google had claimed it was protected by the principle of fair use because only snippets of text for such books were displayed to match search queries. The Authors Guild and the Association of American Publishers strongly disputed that argument. The settlement came after two years of negotiations, and its terms involve Google paying $125 million in exchange for the right to display more of in-copyright books. Harvard University responded to the settlement by saying it is partially withdrawing from its book-scanning deal with Google while it evaluates the settlement terms.

9. New Android apps a mixed bag, should improve: Some of the first applications for the Android mobile OS market crash the G1 phone and otherwise don't work so well. One application uses commands written in Chinese. But analysts expect that better applications will soon be out as developers work on more of them and as the Android open-source developer community matures. Android is Google's mobile OS and so far is available on just the G1 phone, which T-Mobile USA started selling last week.

[ Special report: All about Google Android ]

10. 'Ruthless' Trojan horse steals 500K bank, credit card log-ons: A Russian cybercrime group has for almost three years maintained the Sinowal Trojan horse, which has stolen log-ons for more than 300,000 online bank accounts and about as many credit cards, RSA Security said. "The sheer enormity of this makes this unique," said Sean Brady of RSA. "And the scale is very unusual."

Deceptive advertising may be illegal in the U.S., but Yahoo's ad network appears to offer it to publishers on a menu of choices when they're deciding what ads to run on their Web sites.

Yahoo Right Media's Direct Media Exchange gives publishers the option of running or blocking several different types of ads, based on their "deceptiveness."

[ Keep up on the latest tech news headlines at InfoWorld News, or subscribe to the Today's Headlines newsletter. ]

These ads include graphical advertisements that are designed to look like fake error or download messages or look like genuine Windows dialog boxes. Also included are ads that have phony "close window" buttons or pull-down menus that actually take the user to a Web site instead of closing the window or producing a pull-down menu. Direct Media Exchange also categorizes deceptive ads by language, letting publishers filter out "deceptive or questionably realistic offers," or "free" offers that do not disclose what a consumer might have to do to qualify for this free offer, according to the company's Web site.

According to data on the Direct Media Exchange Web site, viewed by the IDG News Service, these "Free with no disclosure language" ads can make up close to 18 percent of Right Media's ad inventory at certain times.

Advertisers like these types of ads because they are effective. Last month, researchers at North Carolina State University found that computer users have a hard time distinguishing between fake Windows warning messages and the real thing. In an experiment that tested the responses of 42 Web-browsing university students, they found that almost two-thirds of them would click "OK" whenever they saw a popup warning, whether it was fake or not.

Right Media argues that it is simply a technology offering, designed to create an open marketplace for advertisers and publishers. "The Exchange doesn't make a judgment on that type of ad category," said Yahoo spokeswoman Kristen Wareham. "It's up to the publisher to select the type of ad that works on their page."

Yahoo should refuse to run deceptive ads on its network, said Ben Edelman, an assistant professor at the Harvard Business School who studies Internet marketing practices. "It's hard to defend these ads' tactics. They intend to deceive, and by all indications they succeed," he said. "They have no proper place in Yahoo's ad network."

Yahoo bought Right Media for about $700 million last year, looking to strengthen its position in its fight with Google for online advertising dollars. The network provides a marketplace for Web publishers who have been unable to fill all of their advertising spots, allowing unused ad inventory to be sold at auction to advertisers.

Government officials charged with enforcing deceptive advertising say that while the ads on Direct Media Exchange ads may be dubious, they may not be bad enough to warrant an enforcement action.

"Any type of advertisement that is likely to deceive consumers acting reasonably under the circumstances could be deceptive," said Rick Quaresima, an assistant director in the U.S. FTC's Division of Advertising Practices.

But the FTC looks at individual ads on a case-by-case basis, he said. And while ads that trick a consumer into visiting a Web site may be annoying, the ones that deceive in order to sell a bogus or harmful product, such as malicious antispyware software, are a top concern. "We're certainly more concerned with the cases of deceptive advertising that could cause tangible consumer harm or consumer injury. That would be where we would prioritize our enforcement efforts."

These deceptive ads present a dilemma for Right Media, said Washington State Assistant Attorney General Katherine Tassi.

On one hand, Right Media is providing a service to publishers by giving them a way to exclude these ads, on the other, the services do expose "Right Media to some liability for essentially facilitating the transmission of deceptive advertisements," she said.

If Right Media simply dropped this type of filtering, it could make things worse for consumers by inadvertently encouraging unscrupulous advertisers to sneak their deceptive ads into the marketplace.

And enforcement agencies like the Washington State Attorney General are unlikely to hold ad networks, rather than advertisers themselves, accountable for deceptive ads, Tassi said.

One Web publisher said that while he thought that deceptive ads should be banned outright, he appreciated what Right Media is trying to do. "They are very forward when it comes to the kind of filters they allow you to use," said Sanford Liu, director of Interactive with Supernova.com, a music community Web site. "This is something that most other sites do not have."

This story was updated on October 31, 2008

Users of the G1 Android phone on Friday have begun receiving a software update that fixes a flaw that security researchers found earlier in the week.

The update included the fix to the browser vulnerability and a couple of other minor changes as well, said Michael Kirkland, a Google spokesman. Every user of the G1 may not have gotten the update yet but should within a short time frame, he said.

[ Special report: All about Google Android | Take a tour of the T-Mobile G1 via InfoWorld's slideshow ]

Google worked with T-Mobile USA, the only operator selling the device, to push the update out to users. The G1 went on sale last week, and T-Mobile has not disclosed how many have sold so far.

Researchers at Independent Security Evaluators revealed earlier this week that they discovered that Android, Google's open-source software that is currently only running on HTC's G1 handset, is based on outdated open-source components that do not include a fix to a previously known vulnerability.

On a Web page for ISE, Charlie Miller, Mark Daniel and Jake Honoroff wrote that they wouldn't say much about the vulnerability until Google fixes it. However, they said that Android users who visit malicious Web sites may find their sensitive information stolen. That's because an attacker could access any information the site uses, including saved passwords, information entered into a Web application form, and cookies.

The researchers also said, however, that the impact of the attack is limited because of Android's security architecture. An attacker can't, for example, control functions of the phone like the dialer.

On Friday, Miller was not available to talk about whether he had received and tested the update.

As the U.S. economy melts down, so are technology budgets and staff counts.

Forty percent of CIOs plan to cut their budgets from last year's level, with contractors and discretionary technology projects two of the first items to get the knife, according to CIO's exclusive survey of 243 technology leaders in October. Another 34 percent have jammed on the brakes, planning to keep budgets the same as they were 12 months ago.

[ Learn more about how the financial crisis is affecting IT and the high-tech industry, plus what IT can do to help, in InfoWorld's special report. ]

The road to cost cutting has been clear, as documented in a series of CIO magazine studies conducted in March, July, and October. On budgets, for example, 17 percent said in March that they would make cuts in the coming year. In July, that number jumped to 26 percent, then leapt to this month's 40 percent figure.

For more detail on what CIOs had to say on budgets and related matters such as financing and contingency plans, see our related story on the survey results.

"Until September, we thought the economy would recover in the back half of 2009. Now, not a prayer," says Rick Belmonte, CIO at Lowe Enterprises, a real estate development firm. Belmonte has deferred all new technology development projects until 2010, including a Hyperion forecasting application and an Oracle project management system. He also cut outside consultants as well as 20 percent of his full-time staff, now down to 60 to 65 people.

"I might lose more people I don't want to lose because good people want to do new projects, not just maintain older systems," he says.

Seventy-two percent of IT leaders in our survey have postponed or will postpone discretionary projects. Of the 51 percent who had a financial contingency plan in place, 35 percent have already launched it and another 17percent plan to do so within six months.

Conseco, a $4.6 billion insurance company, has pushed a few projects planned for 2008 to 2009, says EVP and CIO Russ Bostick. But despite losing $180 million in 2007, Conseco hasn't cancelled any projects under way, he says.

James Sutter, senior partner at IT management firm The Peer Consulting Group, says emergency measures are par for the course. Sutter, a former technology executive at Rockwell and Xerox, notes: "A financial crisis will wash out initiatives that really don't stand the n