Last Sunday, Terry Childs, a network administrator employed by the City of San Francisco, was arrested and taken into custody, charged with four counts of computer tampering. He remains in jail, held on $5 million bail. News reports have depicted a rogue admin taking a network hostage for reasons unknown, but new information from a source close to the situation presents a different picture.

In posts to my blog, I postulated about what might have occurred. Based on the small amount of public information, I guessed that the situation revolved around the network itself, not the data or the servers. A quote from a city official that Cisco was getting involved seemed to back that up, so I assumed that Childs must have locked down the routers and switches that form the FiberWAN network, and nobody but Childs knew the logins. If this were true, then regaining control over those network components would cause some service disruption, but would hardly constitute the "millions of dollars in damages" that city representatives feared.

Apparently, I wasn?t far off the mark. In response to one of by blog posts, a source with direct knowledge of the City of San Francisco?s IT infrastructure and of Childs himself offered to tell me everything he knew about the situation, under condition that he remain anonymous. I agreed, and within an hour, a long e-mail arrived in my in box, painting a very detailed picture of the events. Based on this information, the case of Terry Childs appears to be much more ? and much less ? than previously reported.

A man and his network It seems that Terry Childs is a very intelligent man. According to my source, Childs holds a Cisco Certified Internetwork Expert certification, the highest level of certification offered by Cisco. He has worked in the city?s IT department for five years, and during that time has become simply indispensable.

Although Childs was not the head architect for the city?s FiberWAN network, he is the one -- and only one -- that built the network, and was tasked with handling most of the implementation, including the acquisition, configuration, and installation of all the routers and switches that comprise the network. According to my source's e-mail, his purview extended only to the network and had nothing to do with servers, databases, or applications:

?Terry's area of responsibility was purely network. As far as I know (which admittedly is not very far), he did not work on servers, except maybe VoIP servers, AAA servers, and similar things directly related to the administration of the network. My suspicion is that you are right about how he was 'monitoring e-mail'; it was probably via a sniffer, IPS, or possibly a spam-filtering/antivirus appliance. But that's just conjecture on my part.?

Like many network administrators who work in the rarified air of enterprise network architecture and administration, Childs apparently trusted no one but himself with the details of the network, including routing configuration and login information. Again, from the source's e-mail:

?The routing configuration of the FiberWAN is extremely complex. Probably more so than it ought to be; I sometimes got the feeling that, in order to maintain more centralized control over the routing structure, [Childs] bent some of the rules of MPLS networks and caused problems for himself in terms of maintaining the routing.

?Because the system was so complex (and also because he didn't involve any of the other network engineers in his unit), Terry was the only person who fully understood the FiberWAN configuration. Therefore, to prevent inadvertent disruption of this admittedly critical network, he locked everyone else out. I know most of the networking equipment ? does use centralized AAA, but I get the impression he may have configured the FiberWAN equipment for local authentication only.?

Childs' attitude toward other administrators is by no means unusual in the IT industry. This is generally due to the fact that admins who are tasked with constructing and maintaining networks of this size and scope care for them like children, and eventually come to believe that no one else could have the knowledge and skills to touch the delicate configurations that form the heart of the network.

Sole administrator A key point made in the e-mail is that Childs' managers and coworkers all knew that he was the only person with administrative access to the network. In fact, it was apparently known and accepted in many levels of the San Francisco IT department. Again, quoting from the e-mail:

?This is where it gets tricky for the prosecution, IMO, because the localized authentication, with Terry as sole administrator, has been in place for months, if not years. His coworkers knew it (my coworkers and I were told many times by Terry's coworkers, 'If your request has anything to do with the FiberWAN, it'll have to wait for Terry. He's the only one with access to those routers'). His managers knew it.

"Other network engineers for the other departments of the City knew it. And everyone more or less accepted it.

"No one wanted the thing to come crashing down because some other network admin put a static route in there and caused a black hole; on the other hand, some of us did ask ourselves, 'What if Terry gets hit by a truck?' If a configuration is known and accepted, is that 'tampering'??

My source appears to believe that Childs' motivation was the antithesis of tampering, and that Childs did everything possible to maintain the integrity of the network, perhaps to a fault:

?He's very controlling of his networks -- especially the FiberWAN. In an MPLS setup, you have 'provider edge' (PE) routers and 'customer edge' (CE) routers. He controlled both PE and CE, even though our department was the customer; we were only allowed to connect our routers to his CE routers, so we had to extend our routing tables into his equipment and vice versa, rather than tunneling our routing through the MPLS system.?

Dedicated engineer Like so many other high-level network administrators, Childs seems to have taken his job extremely seriously, to the point of arrogance and, perhaps, burnout.

?Terry was very dedicated to his career as an engineer. He is a CCIE (probably the only one in the City government), and spent much of his free time studying and learning more -- the MPLS for the FiberWAN, VoIP some of the departments are rolling out, other new technologies for our 311 and E911 systems, etc. He worked very hard, evenings and weekends in addition to full-time 8-5 work, and rarely took vacations. His classification is 'professional,' so he doesn't earn overtime pay, only comp time -- which like many of us he never really had the opportunity to use. He was on standby more or less 24-7-365; whereas in the private sector, in a company of 20,000 or more employees, you'd expect to find multiple engineers rotating that standby status, I'm pretty sure he was always the guy on call.?

This attitude is, again, not uncommon among high-level IT administrators. Neither is the fact that they tend to eschew what they perceive to be unnecessary questioning and bureaucratic ?nonsense.?

?Terry also, obviously, had a terrible relationship with his superiors. I should point out that he's not just a network engineer -- he was the lead network engineer for the entire City. His bosses were all managerial rather than technical, and while the other engineers did not actually report to Terry, they did defer to him in any technical matters. Even the network architect left it to Terry to actually figure out implementation. Terry felt that his direct superior was intrusive, incompetent, and obstructive, and that the managers above him had no real idea of what was going on, and were more interested in office politics than in getting anything done.

"[Childs] complained that they spent more time doing paperwork -- change requests, documentation, etc. -- than actually implementing or fixing anything (a common complaint among engineers, I know). He complained about being overworked (which he was, and which his colleagues are even more now) and that many of his colleagues were incompetent freeloaders (also not entirely without basis).

"You could see him getting red in the face whenever he started talking about his department. And once you were on Terry's bad side (which thankfully I never was), that's where you stayed, and you'd get only the most grudging assistance from him from then on. Whether any of his complaints were valid or not, I can't really say, but I don't think that's as relevant as how Terry felt.?

Keys to the kingdom If Childs' sole proprietorship of the FiberWAN network was normal operating procedure, how did the tensions between Childs and his managers come to a head? Why was Childs arrested on Sunday? There have been reports that the city?s newly hired head of security may have pushed for Childs to open the FiberWAN doors to other admins. My source doesn?t know for sure, but offers some insight:

?I don't know much about his actions in the last few weeks. It's been a couple of months, at least, since I've even spoken to him, and even then it was probably only in reference to some specific request or ticket. But I can imagine that being the subject of disciplinary action by his supervisors for 'performance' issues would be absolutely infuriating to him. I can imagine that his response would be, 'How can you say my performance is poor when I've been doing what no one else here was willing or able enough to do?'"

If Childs was pressured to give up the keys to the network that he had built and tended for so long, would he go so far as to explicitly prevent anyone else from tinkering with his charge?

?I can imagine that [Childs'] response to a demand to open up authentication to the FiberWAN would be, 'Why? So you can screw it up and bring the City network crashing to a halt?' I can even imagine that, under so much pressure, he'd take steps (deleting or hiding config backups, for instance) to make sure he was the only one in control.?

These tales offer significant insight into what may have occurred between Childs and the FiberWAN network hostage situation. Rather than a case of a rogue administrator attempting to cause damage to the network by locking out other administrators, this may be a case of an overprotective admin who believed he was protecting the network ? and by extension, the city ? from other administrators whom he considered inferior, and perhaps even dangerous. One important fact seems to be in Childs' favor, if reports that the network has continued to run smoothly since his arrest are true. My source corroborates this.

?As for the impact of [Childs'] actions to the rest of the City, the mayor's statement basically has it right. The network is completely up and running. No servers that I'm aware of are affected. No one has had any downtime (yet). But until they get back into those routers, they can't make any changes. I don't know yet if Terry's lockout applies only to the FiberWAN or also to the other routers, firewalls, switches, etc. in the City network.?

Laying the blame My source doesn?t appear to harbor any ill will toward Childs for this situation, and even believes that the city may be worse off with Childs out of the picture and that some of the blame should be shouldered by Childs' superiors.

?It's a real shame. The city is losing a good network engineer -- probably the best, technically, that they've ever had. Ultimately he has no one to blame but himself, but it's too bad his superiors weren't better about establishing and enforcing policies about authentication, backups, auditing, cross-training, and separation/rotation of duties.

"You'll note the papers have referred to the new information security manager. It's only been a month or so since the City even had an information security policy, and even that is a bare, unmodified template from CCISDA that's awaiting discussion and alteration by a committee that hasn't been formed yet. (When I asked Terry if we could get a copy of the City's network security policy some months ago, he told me, 'I've been trying to get them to approve one for years. I've written ones up and submitted them, but they don't want to do it, because they don't want to be held to it.')?

He also points out that by forcing the issue, the city may have significantly reduced its ability to use and control its own network.

?The one impact they haven't mentioned is that Terry was one of only two engineers assigned to special projects and to do major routing changes and perimeter firewall configuration. The service level, even after they regain control of the network, is going to be way down, until they can fill his mighty big shoes.?

My source had many good things to say about Childs, but did not shy from negative comments, noting that Childs has a bad temper and can be very defensive.

?As for Terry's character, I can imagine this happening. He takes great personal and professional pride in his work -- to a fault. He can be very defensive if someone suggests there's something wrong with the way his network is set up, and that's been a problem for us (as his customer) a couple of times. Terry has a bad temper.

"He's the sort of person who, while his bile is up, won't budge an inch ? and then will call you a couple of hours later and acknowledge that maybe your suggestion was right, after all, or maybe here's an even better way to handle things.?

The inner sanctum Later in the e-mail, my source offered some insight into what may be at the core of the issue: Childs was so paranoid about the security of the network that he even refused to write router and switch configs to flash, which would mean that if the device was powered off, all configurations would be lost.

?At one point he was concerned about the security of the FiberWAN routers in remote offices, so he had them set up without saving the config to flash. 'If they go down, I'll get alerted, and connect up to them and reload the config.' Great, except we have power outages all the time in this city, some of those devices aren't on UPSes, and what happens if you're on vacation? And what about the 15 to 60 minutes it might take you to connect up and reload? He eventually conceded and (ahem) decided that disabling password recovery was sufficient security.?

If Childs did this with some or all of the switches and routers comprising the FiberWAN network, then password recovery without significant network disruption becomes a bigger problem. Without firsthand knowledge of the state of those routers and switches, there?s no good way to know, unfortunately.

If the details given to me in this e-mail are accurate, it would appear that this case is not nearly what it seemed originally. Perhaps it comes with the pressure and responsibility of the job, or the belief that the network they?ve built is simply too complex for mere mortals to comprehend, but it?s not uncommon for highly skilled network administrators to become overprotective of their networks, or for networks of significant size to become an extension of the person who built them.

It certainly appears that Terry Childs believed San Francisco?s FiberWAN network was his baby, and that by refusing to allow others to access the inner sanctum was in the best interests of the city, the citizens, and perhaps most importantly, himself.

Most computer industry companies would feel satisfied with ruling the highly lucrative and technically complex search engine advertising market -- but not Google.

As the search giant celebrates its 10th anniversary of incorporation this month, riding a years-long bonanza from its search business, it is also a scrappy underdog with lofty aspirations in the world of software for workplaces.

As such, Google, the unmatched consumer search engine champion, must compete against seasoned and formidable IT providers like Cisco, Microsoft, and IBM. This is no small undertaking, requiring a long-term commitment and heavy investments, while facing real risks.

The jury is still out on whether it's wise for Google to invest significant resources in providing software for enterprise search, office productivity, mapping, collaboration and communication.

It's estimated that about 98 percent of the company's revenue comes from consumer search advertising, making the company's Enterprise unit a small side business currently, at least from a dollar perspective.

Industry observers recommend that IT and business managers keep this in mind as a risk factor when considering buying enterprise products from Google.

Although Google maintains it is committed long term to its enterprise products, it isn't unheard of for large companies to change course and pull out of non-core businesses with little advanced notice.

The warning should be heeded particularly by CIOs in large companies contemplating a major investment in products such as the Google Apps Premier hosted communication and collaboration suite.

"I would absolutely ask that question," said Forrester analyst Rob Koplowitz. "As long as 98 percent of Google's revenue comes from other sources, this question of whether they're in [enterprise software] for the long term will always come up. This isn't their core business."

Burton Group analyst Guy Creese concurs. "In its heart of hearts, Google wants to succeed as a provider of software to large enterprises, but they haven't yet signaled that it's a do-or-die kind of thing," Creese said.

The highest-profile product in Google's Enterprise unit is Apps, whose free versions have proven very popular with individuals, small and medium-size businesses and educational institutions.

Google could have opted to just target universities and SMBs with the Standard and Education editions of Apps, generating revenue from advertising. It could also have been content to lure SMBs to the Premier version, which is a very affordable option at $50 per user per year, when compared to Microsoft Office and Exchange.

"The things preventing Google from being attractive to enterprises aren't necessarily big issues for SMBs," Creese said.

Google could rake in robust revenue from SMBs, which are often underserved by major vendors and hold off on purchasing IT products that they need but aren't priced right for them, Koplowitz said. "There's a lot of money to be made there," he said.

This accounts for much of the success Google has had with its Search Appliance and Google Mini, which have disrupted the enterprise search market, where systems have traditionally been pricey and complicated to install, manage, and use. Priced aggressively and built with a low-maintenance, plug-and-play design, those products have hit a sweet spot with SMBs and schools.

The University of Florida in Gainsville has been using the Search Appliance since 2002 and currently has two of them to index its entire public Web presence -- from its main site to individual college and department sites and Web servers from specific research teams.

"The appliance has always been easy to set up and maintain. The administrative interface gives a very clear overview of how the appliance sees your Web sites, and makes it easy to update the index," said Daniel Westermann-Clark, Web developer at the university.

According to Google, more than 500,000 organizations have signed up for Google Apps, totaling more than 10 million end users, of which "hundreds of thousands" are using Premier.

However, Google has made it clear it has its sights set on large companies as well, recently releasing a newly architected version of the Search Appliance that can index more than three times as many documents as the current model and improves the product's IT management functions.

But it's the Apps Premier expectations that are riding particularly high. As CIOs warm up to the SaaS (software-as-a-service) approach of application delivery as an option to the traditional on-premise model, Google sees a big opportunity to take business away from Microsoft's Office/Exchange and from IBM's Notes/Domino and rake in big bucks.

In fact, a big motivation behind Google's development of Chrome, a major two-year project involving significant investment, was to create a browser optimized for next-generation Web applications like the ones in Apps Premier.

Google is far from alone, as Yahoo's Zimbra, Cisco's WebEx, Zoho, and others beef up their own hosted collaboration and communication suites, while Microsoft and IBM are taking steps to protect their turf.

In its enterprise aspirations, Google has other disadvantages. Unlike Cisco, Microsoft, IBM, and Salesforce.com, Google doesn't have a large list of enterprise clients, nor does it have as much experience courting CIOs and catering to their requirements, including prompt, individual attention throughout a product's lifecycle.

While Google has strengthened Apps Premier's IT control features, particularly with its purchase of e-mail security and management expert Postini, the suite still lacks features that large enterprises often require. For example, Google only offers an uptime guarantee for Gmail, not for the other components, and the company admits that the feature set of its applications lags behind Office's Word, Excel, and PowerPoint, while Apps' calendaring and contact management features are often cited as weak. Apps has only partial support for offline access to its applications, a popular request.

"Google hasn't been able to put together a set of features that are important enough to enterprises to make them shift," Creese says.

Thus, CIOs aren't rushing to adopt Apps Premier, and those who decide to deploy it are opting to do so for a limited set of users and for operations that aren't critical to the business. This is true even among CIOs who have embraced SaaS applications as viable alternatives to on-premise software.

Health-care company The Schumacher Group has used hosted applications successfully for well over two years from vendors such as Salesforce.com and Oracle's PeopleSoft, and is now about to deploy Apps Premier, but not as a replacement to its Exchange/Office environment, which its about 750 full-time employees use.

Instead, The Schumacher Group, which provides management services for hospital emergency rooms, plans to buy Apps Premier licenses for the about 2,400 physicians and nurses that it works with as independent contractors.

"We'll use Apps Premier to create an environment that doesn't exist now, but as far as replacing Exchange and Office, we're not at that level yet," said The Schumacher Group CIO Douglas Menefee.

Part of the problem is that Apps Premier can't meet the company's regulatory compliance requirements for handling patient data, Menefee said. However, it looks like a good option to provide e-mail, calendar and office collaboration software at a low cost and in a convenient hosted manner to these doctors and nurses, he said.

The decision to go with Apps Premier, as opposed to another hosted option, is 99 percent certain, barring any architectural problems that might prevent the users from accessing the software through the hospitals' networks. A pilot phase with portion of the doctors may start in about a month, he said.

And so as Google celebrates its 10th birthday and its unquestionable dominance of the search engine ad market, which has propelled it to stratospheric financial success, it looks at a major challenge and unanswered questions in enterprise software.

"It's hard to break into the enterprise business," Koplowitz said. "Will Google sign those big customers that represent big revenue and continued investment in this area? Google certainly can afford it, but that doesn't mean they won't decide to refocus their resources in their core business. That's definitely a fair question to ask of Google. I don't think Google is having cold feet yet but time will tell if they're in this for the long term."

Adobe Systems in October plans to launch a private pilot program for its "Genesis" mashup technology, which provides a desktop client uniting multiple tasks in a single workspace.

The pilot project will provide Genesis to selected customers and partners, with 100 to 200 people set to test it, said Matthias Zeller, group product manager for corporate development at Adobe, in an interview at the Office 2.0 conference in San Francisco on Friday. A more widespread beta program is eyed for some point in the future.

With Genesis, Adobe is aiming to save users from having to open up multiple windows to access various applications; Genesis, which is just a code name, provides a unified user experience for each specific project. Serving as an alternative to portals, Genesis offers business users links to enterprise applications, business intelligence, documents, and Web applications. Content can be shared with other users. Instant messaging, VoIP, and video collaboration are supported as well.

"It's a mashup on the client," Zeller said. Users can make a "mini-portals on the desktop," he said.

Genesis is built with Adobe's Flex technology and deployed on the desktop via Adobe AIR (Adobe Integrated Runtime). Supported on Windows, Macintosh, and Linux, the client is developed with Flex and compiles into Adobe's Flash software.

Users, for example, could bring together a Salesforce.com application with PowerPoint materials and Google searches. "Today, you do all that separately," requiring many windows, said Zeller.

"The idea in Genesis is bring all these windows into a workspace, which is persistent on your desktop," he said. The desktop leverages drag-and-drop capabilities. The Genesis user experience takes cues from products such as Adobe Photoshop Express for assembling content.

Also featured in Genesis is the notion of content catalogs, to be provided by enterprise users themselves or Adobe partners. The company plans to work with other vendors to develop these catalogs. Adobe already is working with Business Objects regarding development of BI dashboards.

"The whole concept of Genesis relies on an ecosystem of partners and end-users to provide content for it," Zeller said.

Adobe has not set precise product release plans for Genesis. But plans call for users to access the client for free and subscribe to Adobe's Acrobat.com hosted service to handle collaboration.

The disk storage industry defied economic gloom in the second quarter with strong increases in both capacity sold and revenue, according to two research companies.

Worldwide revenue from external disk storage systems grew 16.7 percent in the quarter, the fastest year-over-year increase that market has seen in two years, IDC said on Friday. Meanwhile, total disk storage systems revenue grew 10.9 percent, according to IDC. Vendors shipped 1,777 petabytes of capacity in total, up 43.7 percent from a year earlier.

[ Get the latest on storage developments with InfoWorld's Storage Adviser blog and Storage Report newsletter. ]

Sales growth was remarkable especially because it occurred across several market segments, IDC said in a news release.

Despite economic slowdowns in some parts of the world, storage demand has been growing rapidly, driven in part by increased use of video and by regulations that force enterprises to preserve more data. IDC has estimated overall demand for storage capacity is growing by about 60 percent per year.

IDC defines a disk storage system as a set of storage elements associated with three or more disks. Some are located inside server cabinets and some are external. While the total disk storage system market hit $6.9 billion in revenue in the second quarter, the external market grew to $5.08 billion.

EMC kept its lead in external disk storage systems with 21.7 percent of the market, followed by IBM and Hewlett-Packard in a statistical tie with 13.1 percent and 12.9 percent, respectively. EMC's revenue grew fastest among the major vendors, up 19.7 percent to $1.101 billion from $920 billion a year earlier. HP's growth rate was lowest, at 8.2 percent, and the company lost a full percentage point in market share.

In the total disk storage systems market, HP fared even worse with a 1.2 percent drop in revenue, while all other major vendors gained. Though HP remained in the lead, it fell to an 18.1 percent market share, nearly tied with IBM at 17.7 percent. EMC was in third place and Dell in fourth. Sun Microsystems had the strongest rise in revenue, at 29.2 percent. Its revenue grew to $494 million and its market share to 7.1 percent.

According to figures from research company Gartner, the external controller-based disk storage market grew 18.8 percent in the second quarter, reaching $4.46 billion in revenue. EMC lost half a percentage point of market share but maintained a commanding lead at 24.3 percent, experiencing 16 percent revenue growth in the quarter. Next was IBM with 14.1 percent of the market, followed by HP, Dell, and Hitachi Data Systems. NetApp came in sixth but had a strong 22.9 percent revenue gain, Gartner said.

Sun's revenue shot up 34.7 percent in the quarter, according to Gartner, which attributed the gain to its StorageTek 2000-, 6000-, and 9000-series products. The relative newcomer to storage, which entered the market through StorageTek and other acquisitions, had 6.6 percent of the market.

Gartner found the Japanese market leading in growth, with revenue up 38.7 percent from a year earlier, followed by Latin America with 25.2 percent. Europe, the Middle East and Africa had growth of 22.3 percent, and the Asia-Pacific region grew 16.6 percent. North America trailed all other regions with 12.7 percent growth, according to Gartner.

Microsoft Friday renamed the next major release of BizTalk server and committed to releasing major updates to the business process management server line ever two years or less.

Burley Kawasaki, director of product management in Microsoft's connected systems division, said the company changed the name of the name of the next version from BizTalk Server 2006 R3 to BizTalk Server 2009 to indicate that its a major release. The new version is slated to ship during the first half of next year, he added.

[ Discover the top-rated IT products as rated by the InfoWorld Test Center. ]

BizTalk Server 2006 R2 was made generally available last September.

"[Users] want more transparency," Kawasaki said. "As they're doing more and more with our technology, they want to be able to plan for future releases. We're trying to provide much more transparency about where we're going with BizTalk."

Kawasaki went on to outline the major new features planned for the 2009 release and for the follow-on major release, now referred to as BizTalk Server 7.

The 2009 release, he said, will add support for Windows Server 2008, Visual Studio 2008 SP1, SQL Server 2008, and the .Net Framework 3.5 SP1 as well as bolstered connectivity and better developer productivity tools.

On the connectivity front, the server will include a new Web services registry, new business adapters, better host systems integration, and enhanced business activity monitoring, Microsoft said. It will also include improved support for EDI and AS2 protocols for business-to-business connectivity, Kawasaki added.

For developers, BizTalk 2009 adds support for Microsoft's Team Foundation Server and provides development teams with integrated source control, bug tracking, Project Server integration, and support for team development.

Microsoft plans to focus on developer productivity and visibility in BizTalk Server 7, Kawasaki added. For example, Microsoft hopes to provide an easier way to do automated mapping between systems and protocols to speed connectivity. Release 7 will also focus on asset management to support remote devices beyond RFID readers, he added.

Computerworld is an InfoWorld affiliate.

Google garnered headlines all week with its new Chrome browser. Rival Microsoft announced it will release just four patches next Tuesday, but that may not be cause to think the day will be an easy one for those responsible for keeping systems patched. On the virtualization front, HP launched a product-and-services blitz this week, while VMware picked up a Microsoft certification. Otherwise, a warning was issued about new trickery from spammers, and in case we all weren't aware of it by now, social-networking sites could be ripe for malware.

1. Continuing coverage: Google's Chrome browser: Google offered up a Labor Day holiday surprise when it inadvertently posted a look at its new Chrome browser at an unofficial company blog. Google then made the news official later in the day and released the browser, which shifts the landscape of that market, in beta on Tuesday. Reviewers found the Chrome browser fast, functional, and, following the Google home-page pattern, with a stripped-down look. By week's end, though, the first security problems had surfaced.

2. Upcoming Microsoft patch lineup could be 'massive,' says researcher: A word of warning for next week -- don't assume that because Microsoft is releasing only four patches this month that it will be a snap to deal with them. "It's not going to be an easy month, what with all these different applications and different operating systems affected. Patching will be a lot more involved than you'd think with just four bulletins," said Andrew Storms, director of security operations at nCircle Network Security. The job of applying the patches could be "potentially massive," he said.

3. Researchers build malicious Facebook application: A research team built a malicious Facebook program to show the perils of social-networking applications. Their experiment shows how easy it could be for a miscreant to trick a big group of users into downloading an application that seems harmless, but that contains malicious code.

4. Should IT form a union?: Demands on IT workers keep piling up, and they have to labor under the constant threat of having their jobs outsourced. Is it time for IT workers to unionize in order to demand better working conditions? Perhaps, but the idea could also be a tough sell in the "lone gunman" ethos of IT work.

5. Sony recalls 73,000 Vaio laptops due to burn hazard: Sony recalled 73,000 Vaio TZ laptops because a manufacturing defect could cause them to overheat in some circumstances. Wiring near the hinge of the computer models could short circuit, Sony said. One person has suffered a minor burn and Sony has gotten 15 additional reports about computers overheating.

6. Spammers use free Web services to shield links: Spammers are using free Web services to try to make the spam links they send out look more legitimate, according to MessageLabs. Photo-hosting sites and the like are being used by spammers who are taking advantages of various features offered as part of free services, the e-mail security vendor has found.

7. HP launches product blitz for virtualization: Responding to survey findings that show most businesses aren't making the most of what virtualization has to offer, HP introduced several new products aimed at both desktop and server virtualization. Besides the hardware, including a new ProLiant server and desktop thin clients, HP is alos offering virtualization consulting services.

8. VMware's ESX certified for Microsoft support, deployment: Microsoft's Server Virtualization Validation Program has issued its first certification with VMware's ESX hypervisor receiving the honors. The certification means that VMware's product will work with Microsoft's Windows Server and other software. It also means that ESX users will be able to receive tech support from both companies.

9. Internet traffic growth slowing, research firm shows: Remember the alarming reports that the Internet is going to collapse under the weight of its own data, especially as more video goes online? Well ... for the second year in a row, international Internet capacity grew at a quicker pace than Internet traffic, according to TeleGeography. International Internet traffic grew 53 percent from the middle of last year to the middle of this year, compared to 61 percent in the prior year. Between 2007 and 2008, average traffic utilization levels on the Internet dropped to 29 percent from 31 percent, with peak utilization decreasing from 44 percent to 43 percent, the market-tracking firm found.

10. Cheaters: Inside the hidden world of IT certification fraud: A group of IT hardware and software vendors have joined with independent certifying agencies, test centers and some others to create the IT Certification Council in an effort to share information to keep certification fraud from occurring. Certification cheating is apparently a dirty little IT secret that the council seeks to bring into the open.