FAA streamlines experimental space flight access

The Federal Aviation Administration today said it would streamline the environmental review part of permit applications for the launch and/or reentry of reusable suborbital rockets to help bolster a fledgling commercial space market. The PEIS would eliminate repetitive discussions of recurring issues and focus on issues that are ready for decision…specific to a particular launch. At the heart of the ruling is a document used to outline and determine the potential environmental consequences of issuing experimental permits known as the Processing of Experimental Permit Applications (PEIS). NetworkWorld Extra: Top 10 cool satellite projects The idea as the FAA explains it: Because the PEIS presents information and analysis common to reusable, suborbital rockets, the FAA could choose to tier environmental documents from the PEIS to focus on environmental impacts specific to an applicant's proposed experimental operations.

Individual launch operators would be required to coordinate with site operators to gain access to a site. From the FAA ruling: "The PEIS considers activities associated with the launch and reentry of reusable suborbital rockets, including pre-flight activities, flight profile (takeoff, flight, and landing), and post-flight activities. In addition, the launch operators would be required to apply to the FAA for an experimental permit, which would require an individual safety and environmental review. The general suborbital rocket designs addressed in the PEIS include vehicles resembling conventional aircraft-30 to 140 feet long with unfueled weight of up to 9,921 pounds; vehicles resembling conventional rockets-6 to 33 feet long with unfueled weight of up to 5,500 pounds; and vehicles that hover—up to 20 feet in length or diameter with unfueled weight of up to 4,400 pounds. The PEIS examines the potential environmental impacts of issuing an experimental permit for the operation of reusable suborbital rockets anywhere in the U.S. and abroad, and the potential site-specific impacts of permitted launches from seven FAA-licensed commercial launch sites: California Spaceport, California; Mojave Air and Space Port, California; Kodiak Launch Complex, Alaska; Mid-Atlantic Regional Spaceport, Virginia; and Space Florida." NetworkWorld Extra: 10 NASA space technologies that may never see the cosmos The FAA said it prepared the PEIS with cooperation from the National Aeronautics and Space Administration (NASA) and the US Air Force and said that its ruling does not propose site- specific environmental mitigation measures. "Rather, launch operators would be expected to implement site-specific mitigation measures that are consistent with those currently employed by the eight launch facilities addressed in the PEIS. Additional site-specific mitigation measures could be developed and presented in the site-specific documents that would tier from the PEIS." Reusable launch vehicles or rockets are one of the key technologies for the future of commercial space flight.

The FAA also assumes the total rocket fuel capacity of a reusable suborbital rocket not to exceed 11,00lbs. The Review of United States Human Space Flight Plan Committee report said that commercial services to deliver crew to low-Earth orbit are within reach. "While this presents some risk, it could provide an earlier capability at lower initial and life-cycle costs than government could achieve. The study of reusable launch vehicle or RLVs will focus on identifying technologies and assessing their potential use to accelerate the development of commercial reusable launch vehicles that have improved reliability, availability, launch turn-time, robustness and significantly lower costs than current launch systems, NASA stated. A new competition with adequate incentives to perform this service should be open to all US aerospace companies." NASA recently said it would partner with the US Air Force Research Laboratory to develop a technology roadmap for use of reusable commercial spaceships. The study results will provide roadmaps with recommended government technology tasks and milestones for different vehicle categories.

NASA said its Commercial Crew and Cargo Program looks to develop and demonstrate safe, reliable, and cost-effective capabilities to transport cargo and eventually crew to low-Earth orbit and the International Space Station. NASA also recently said it would offer $50 million in stimulus money to further develop private commercial spacecraft. The aerospace consultancy Futron recently said that as much as $1.5 billion may be up for grabs for commercial space operation in the next ten years.

Microsoft Betrayed i4i, Say Court Documents

Microsoft Corp.marketed i4i Inc.'s XML software to potential customers at the same time it planned to drive the small company out of business by infringing on its patent for the technology, according to court documents filed last week. Federal Judge Leonard Davis issued the injunction in August, barring Microsoft from selling Word 2003 and Word 2007 after Oct. 10. The decision came about three months after a Texas jury found that Microsoft had illegally used patented i4i technology to build XML features into its word processing software. In a brief submitted to the U.S. Court of Appeals for the Federal District in Washington, Toronto-based i4i argued that an injunction blocking Microsoft from selling current versions of Word should stand.

The jury had awarded i4i $200 million, but Davis increased the amount to just under $300 million when he issued the injunction. Earlier this month, the three-judge appeals panel decided to stay the injunction while it weighs Microsoft's appeal . I4i filed the patent infringement lawsuit in 2007. The new i4i brief charges that in 1991, "at the same time Microsoft was praising the improved functionality that i4i's product brought to Word, and touting i4i as a 'Microsoft Partner,' Microsoft was working behind i4i's back to make i4i's product obsolete." According to the brief, just days after a 1991 meeting in which Microsoft had sought to find ways to work with i4i, Microsoft executives discussed XML plans for Word that would eventually "make obsolete any competitive attempts by third parties to conquer that market." Microsoft must file its rebuttal to i4i's brief by Sept. 14; the appeals court is slated to hear oral arguments from the two sides on Sept. 23. Asked to comment on i4i's briefs, a Microsoft spokesman said, "We're looking forward to the hearing on the merits of our appeal." This version of the story originally appeared in Computerworld 's print edition.

Boise State ditches Cisco DNS

Boise State University, the largest university in Idaho, has replaced its aging Cisco Network Registrar software with appliances from BlueCat Networks that it says are easier to manage and less expensive to operate for Domain Name System  and Dynamic Host Configuration Protocol services. The fiber-optic backbone network is being upgraded to 10G Ethernet in December, with 100Mbps bandwidth to the desktop. Boise State's network links more than 170 buildings spread across its 175-acre campus in downtown Boise.

The network carries data and voice traffic, and it supports 2,300 IP-based phones. But when it comes to core network infrastructure services such as DNS and DHCP, the university decided Cisco's Network Registrar was too expensive to operate. Boise State is a Cisco shop; the university uses all Cisco switches, routers, IP phones, wireless access points and wireless controllers on its network, which supports 21,000 students, faculty and staff. Case study: The Google-ization of Bechtel   Boise State isn't the only organization to discover that it could save money by switching from DNS software to DNS appliances. Boise State had the same problem. The Nevada Department of Corrections recently bought DNS appliances from BlueCat rival Infoblox to replace DNS software from Novell that was requiring too much time from network administrators.

Until this summer, the university was running an old edition of Cisco Network Registrar - Version 5.5, which was at the end of its life - on a Windows server for its DNS and DHCP services. "It was very limited as far as what was actually in the database for DNS and DHCP, and what you could see through the [graphical user interface]," says Diane Dragone, network engineer at Boise State. "There was no easy way to see what was really in the database except through command line tools." In addition, Boise State had to do custom coding in order to make this older version of Cisco Network Registrar work with all the vendor tags needed for DHCP. Boise State needed to upgrade the Cisco Network Registrar software, but that option was too expensive, Dragone says. Dragone explored several alternatives, including DNS software from Novell, Microsoft and Men & Mice. Cisco ended support for Cisco Network Registrar Version 5.5 in May 2006, and it is now selling Version 7.0 of the software. "We didn't want to pay the price for upgrading the software; it became extremely expensive," Dragone says. But eventually she zeroed in on appliances, and ended up testing devices from BlueCat and Infoblox. The retail cost of the two appliances was $26,000. "It came down to cost," Dragone says. "Plus, there were a couple things in the [interface] of the management system that I liked better, but they were very small." Dragone said installation of the Adonis 1000s was easy. "I spent a few weeks on my own learning the interfaces on the Adonis system, the GUI interface and the command-line interface, until I had a good comfort level. Boise State bought two BlueCat Adonis 1000 appliances, which are set up to be redundant to each other.

Then I did a testbed of two small buildings…to roll them onto the system for DNS and DHCP so we could test our Active Directory integration and our VoIP to make sure we had no issues," she explains. She says she can patch the appliances in the middle of the work day, rather than scheduling off-hours maintenance. Dragone said it took three weeks to migrate the entire campus network to the DNS and DHCP services from the BlueCat appliances. "We had no helpdesk calls as a result of the conversion," she says. "People didn't really know it happened." Dragone's favorite features of the Adonis system are the search capabilities and the instantaneous replication between the master and slave systems. Boise State hasn't experienced any outages or other significant problems with the BlueCat appliances. "I have no complaints whatsoever," Dragone says. "I like all the reports that you can look at. That has really come in handy." Operating modern appliances is a lot easier than keeping aging software running, Dragone says. "There are savings headache wise," Dragone says. "I spent an entire week in December trying to figure something out that never got resolved. The other thing I really like is the tool for checking your DNS database before you deploy your configuration.

There were a lot of band-aid fixes on the old system to the point where we were shuffling around where the DHCP was coming from." Cisco declined to comment for this article. Among BlueCat's higher ed customers are UC Berkeley, UCLA, the University of Michigan and the University of Calgary. Branko Miskov, director of product management at BlueCat Networks, says more universities like Boise State are migrating to appliances for DNS and DHCP services. This segment now represents more than 10% of BlueCat's sales. "We've actually had some pretty significant traction in the higher ed market…in the last 18 months," Miskov says. "They're a little more diverse in terms of the feature sets they use, whereas a lot of enterprises are pretty much uniform. The dorms have different requirements than the university buildings, so they really use the full extent of our gear." Miskov says universities are upgrading their core network services in response to the explosion of IP devices in dorm rooms, such as computers, PDAs and gaming consoles. "Each dorm room might require three or four IP addresses, and that's not even thinking about the faculty requirements," Miskov says. "For those that are rolling out VoIP, that introduces a whole slew of new IP addresses into the mix and makes it harder to manage."

Acresso who? Macrovision spinoff changes name, again

Under a legal threat from another software firm with a similar name, Acresso Software Inc. is changing its name to Flexera Software after just 19 months. Acresso sells software such as software its installation utility, InstallShield, and software license manager, FLEXnet, to software vendors and enterprises. The company will officially announce the change next Tuesday, but had already notified partners and customers on Thursday. It was spun out of Macrovision Corp. after the unit was acquired by venture capital firm Thoma Brava Cressley in April 2008. Macrovision retained the digital rights management (DRM) apps for which it is best-known.

Acresso, which the company said was derived from the Latin word "Cresco" for "to grow, increase" faced a "challenge" on its name from ERP software maker Agresso Software , said Randy Littleson, senior vice-president of marketing for Acresso. "Our executive team decided that there were better ways to invest our time and money, and that we didn't need this distraction," Littleson said. "The action we're taking will let us avoid a potential lawsuit." Acresso did not immediately return an e-mailed request for comment. It changed its company name in July to Rovi Corporation. Acresso was founded in 1980 and has annual revenue of about $475 million. That dwarfs Acresso, which has 375 employees and annual revenues of $115 million. It also has 3,500 employees at 16 offices globally.

Flexera will be the fourth name in five years facing long-time users of InstallShield, which was bought by Macrovision in 2004. Perhaps predictably, early public reaction to the new name tended towards the sarcastic. "As if the makers of InstallShield hadn't already done enough damage to their brand, let's just go change names yet again!" wrote Christopher Painter, an InstallShield consultant, on his blog yesterday. "Acresso Software is becoming Flexera Software for no apparent reason. Littleson said the company considered changing its name to Installshield, being that it is its best-known product, but ultimately came to the conclusion that it didn't represent the breadth of its application stable. Go ahead. #ScrambleMyBrands," another tweet said. He dismissed the notion, brought up by some bloggers , that the new name will cause legal trouble or just confusion with a solar and wind power company Flexera. "We're quite aware of it. We think this is very different, compared to when it was two software companies." That's one of the reasons why it's Flexera Software," he said. "How similar are we to an energy company?

IBM green city lab aims for Chinese government deals

IBM will develop green city planning applications with a Chinese municipality that it could sell in other government deals in China, the company said Wednesday. Shenyang, in Liaoning province, will pay IBM 275 million yuan (US$40 million) initially and invest further funds in the lab, IBM said. IBM and the northeastern city of Shenyang will launch a joint development lab for computer applications that help forecast water pollution trends, plot efficient traffic plans and devise caps on industrial carbon output, said Thomas Li, director of the IBM China Research Lab, in an interview.

IBM will provide intellectual property in data modeling, analytics and high-speed computing to kick start the lab, which will customize current IBM applications for use by the local government. IBM will also provide services such as placement selection for sensors that track water quality in city mains. One application, which balances carbon emissions and industrial output when given targets for each, will help Shenyang assess the environmental state of various industries in case it is one day required to assign carbon caps. But the joint lab will also develop new applications, which will cover public opinion analysis and food production monitoring in addition to city planning. IBM itself will give the lab the equivalent of 20 to 25 full-time researchers. The products that come out of the lab could later be sold to other local Chinese governments looking for green projects, said Li. IBM will give a cut of the sales revenue to Shenyang and a local university, both of which will contribute researchers to the lab, he said.

The deal creates a new model for IBM's cooperation with local governments and other partners, said Li. IBM has similar joint labs in other countries and is in talks with three other local Chinese governments about labs like the one planned for Shenyang, he said. It has sought the deals partly to place itself in areas of future public and private investment, both of which often follow government agendas, said Li. IBM has worked, for instance, with China's railway ministry to deploy train monitoring and service stations nationwide, and with the Wuxi city technology park on an application hosting and development platform IBM hopes to deploy around the country. IBM does much of its business in China with government bodies.

New Firefox security technology blocks Web attacks, Mozilla claims

Mozilla has released a test build of Firefox that adds new technology designed to stymie most Web-based attacks, the browser maker said Sunday. That would block any script or malicious code that's been added by hackers who manage to compromise the site or app. The technology, dubbed "Content Security Policy" (CSP), is a Mozilla-initiated specification targeted at Web site and application developers, who will be able to define which content on the site or in the online application is legitimate. Such attacks are generally tagged with the label of cross-site scripting (XSS). Preview editions of Firefox are available for developers to try out, said Mozilla in an announcement last week . "This isn't a single trick that's meant to counter a single kind of attack," said Johnathan Nightingale, the manager of the Firefox front-end development team. "This helps sites solve cross-site scripting, but it's more than that.

With CSP in place, Firefox will allow the former but will automatically block the latter. "It is in some ways similar to NoScript," said Brandon Sterne, Mozilla's security program manager, referring to the popular Firefox add-on that blocks JavaScript, Java, Flash and other plug-ins often abused by hackers. "The main difference is that the Web site itself is determining the policy. They now have a way to shut everything dynamic off, so that no matter what content gets added to a site, if it's on the page and they've sent us policy instructions in its header, we shut it down." Firefox is passing the baton to site and application developers, who will be able to separate the legitimate from the illicit content. NoScript is a great tool, but a large number of Web users are not sophisticated enough to manage the kind of decisions it requires." Nightingale and Sterne have pinned high hopes on CSP, which grew out of an idea first put forward by security researcher Robert "rsnake" Hansen in 2005. Last year, Hansen, the CEO of SecTheory, and Jeremiah Grossman, chief technology officer at WhiteHat Security, made headlines when they revealed details about how browsers were vulnerable to so-called "clickjacking" attacks . "Absolutely, this will drive a stake through the heart of cross-site scripting attacks," argued Sterne. "An attacker injects some script that harms the users of that site, that encompasses content injection. Google , the maker of Chrome, was not available over the weekend, but the company has previously said it generally doesn't comment on future product development. Out of the box, CSP [lets sites send] signals to the browser that says, 'We're gonna turn off everything by default.' Cross-site scripting will be neutered at that point." But Nightingale and Sterne realize that, even with nearly a quarter of the world's Internet users running Firefox, Mozilla faces a tough road if it's the only browser maker pushing CSP. "Both the Internet Explorer and Chrome teams have contributed to the design discussions of the specification," said Sterne. "They have some tentative interest in implementing it at some point in the future." Earlier this year, Eric Lawrence, a program manager on Microsoft 's Internet Explorer (IE) team, called CSP "a good idea" and "a promising approach" in a pair of entries on the official IE blog, but did not commit Microsoft to supporting the technology. "It's great to see that others are taking this threat seriously, as well," said Sterne.

Mozilla must also convince site and application developers that it's worth their while to use CSP. Nightingale and Sterne declined to name the sites that have expressed interest in using the technology. "The first step is for us to use it," said Nightingale, adding that Mozilla would turn one of its online properties into a guinea pig to show others that CSP is possible, and to iron out problems. The one thing they did say was that it wouldn't show up in the minor upgrade, Firefox 3.6 , that's to ship in November. The pair was also vague about when CSP would debut in a production version of Firefox. The first, and likely only, beta of Firefox 3.6 is slated to ship Oct. 13. "Whatever comes after 3.6, that's the earliest," said Sterne. Microsoft, for example, added a cross-site scripting filter to IE8 that the company said would block most attacks. Mozilla isn't the only browser maker trying to protect users from cross-site scripting attacks.

Preview builds of Firefox with CSP enabled can be downloaded for Windows, Windows Mobile, Mac and Linux from Mozilla's server . Sterne has also posted a demonstration page that graphically shows how various scripts are blocked by the technology.

Citrix desktop virtualization push: any device, any location

Citrix on Monday said its latest desktop virtualization software will give users access to high-definition desktops from any location and from just about any device, including PCs, Macs, thin clients, laptops, netbooks and smartphones. The latest version offers a range of server-and client-side virtualization options, including offline desktops hosted in local virtual machines; desktops hosted on blade PCs; hosted desktops based in virtualized servers; and hosted shared desktops. "Traditional PCs were designed for a very different world," Raj Dhingra, XenDesktop general manager, said during a press conference Monday. "Today, the world is flat and small. Citrix is betting that Windows 7 will drive a new wave of desktop virtualization adoption, and is releasing XenDesktop version 4 to take advantage of these expected new users.

We need to work in entirely different ways than before. Now it says XenDesktop with its accompanying FlexCast delivery technology is Citrix's first product "to support every major desktop virtualization model in a single, integrated solution." Citrix said XenDesktop will support high-definition graphics for all users with its HDX technology, which has been improved with support for flash multimedia, 3D graphics, webcams and VoIP, with optimized delivery to branch offices over WANs. Citrix claims that HDX requires 90% less bandwidth than competing technologies. A traditional PC that is locked to an office or a laptop is too confining." 13 desktop virtualization tools Citrix hinted at its all-devices strategy earlier this year when it brought virtual desktops and applications to the iPhone. XenDesktop 4 will be generally available Nov. 16 for prices ranging from $75 to $350 per user. The desktop virtualization market has lots of room for growth.

Customers using XenApp, Citrix's application virtualization technology, will be able to trade up to XenDesktop with discounts of up to 80%. Citrix is also enabling centralized management of virtual desktops and applications by integrating XenApp with XenDesktop, the company said. Fewer than 10% of data centers worldwide have virtualized desktops, according to ITIC lead analyst Laura DiDio. Citrix, Microsoft and VMware are all going after the virtual desktop markets, although surveys show mixed results when comparing the vendors. Thirty-one percent of customers plan to virtualize in 2010, according to an ITIC poll of 400 corporations. According to ITIC, 41% of companies using desktop virtualization went with Citrix, compared to 28% for Microsoft and 16% for VMware.

Citrix said XenDesktop 4 contains 70 new features to enhance performance and security. But when measuring by deployed seats, VMware has about a two-to-one lead over Citrix, according to Burton Group analyst Chris Wolf. But the key is delivering the right type of desktop based on users' varying needs, the company said. As many as 500 users can be accommodated by a single server in this model, according to Citrix. For example, task workers who share a similar set of applications may be best served by a shared, server-based virtual desktop, Citrix said. "This model gives each user a standardized, locked-down desktop ideally suited for jobs where user customization is not needed or desired," Citrix said.

By contrast, office workers who need more personalized desktops may be best served by a virtual desktop infrastructure model in which each desktop is a dedicated virtual machine. Blade PCs in the data center are ideal for delivering high-end applications to "power users," Citrix said. This model supports about 60 to 70 desktops per server, according to Citrix. Another option lets companies stream desktops to each user's device, which lets the user device run the desktop locally while letting administrators centrally manage the operating system, applications and data. The virtual applications can run offline, making them popular with mobile users, the company said. "By centralizing apps and delivering them as an on-demand service to existing desktops, this option offers many of the ROI and management benefits of a fully virtualized desktop with minimal setup costs, making it an ideal starting point for customers new to desktop virtualization," Citrix said in its XenDesktop announcement.

But for companies just starting out with virtualization, the simplest option may be to deliver virtual applications to traditional PCs, Citrix said. Follow Jon Brodkin on Twitter: www.twitter.com/jbrodkin