Reports of the sentencing of a Virginia woman, Chun-Yu Zhao, convicted of leading a counterfeiting group that specialized in Cisco equipment are circulating today. Add money laundering and fraudulent citizenship practices, and what kind of punishment can you expect? Sixty months in prison, $2.7M, a $17,500 fine, and three years of supervised release after her term.

But Zhao won’t be returning to her various homes, condos, Porsches, Mercedes, bank accounts, or even her U.S. citizenship after her sentence is up, the majority of which will be seized by the federal government.

Cisco and the federal government are no strangers to counterfeit IT products, which spurred the heightened effort to target companies peddling these knock-off goods, usually in the form of Cisco resellers. In 2005, the Department of Justice, FBI, U.S. Immigration and Customs Enforcement (ICE), and U.S. Customers and Border Protection (CBP) reported over 700 separate instances of seizing counterfeit network equipment during Operation Network Raider. There have been over $143M in seizures, $3.6M in restitution ordered, five convictions, and over a decade in sentences being served for these crimes. As usual, what is actually lost — security where it’s needed most — can only be returned over time with continued efforts such as these.

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.

Despite Microsoft’s many stumbles along the way, VanRoekel has a much bigger job ahead of him than behind. With the private sector shaming the public sector with almost three times the productivity growth at 1.5 percent a year, it will most likely take more drastic decisions such as the ones Kundra has made in his two years in Washington.

VanRoekel is inheriting the progress that Kundra has made so far, such as the IT Dashboard, a public website that tracks federal technology projects’ spending. The data from IT Dashboard was implemented into reviews of the government’s most unwieldy technology projects called TechStat sessions, resulting in an estimated $3 billion in savings from cutbacks to these projects. As outlined by the New York Times, Kundra’s time in Washington also led to increased efficiency with an accelerated pace of tech projects: “The government estimates that the average time needed to deliver a software application or component has been trimmed to eight months, from 24 months.” With close to 390,000 data sets online and programmers creating over 230 applications with that data, the government has taken steps in the right direction, though an analyst at IDC told the Times, “probably not as much as Vivek Kundra had wanted.”

VanRoekel has a high order ahead of him, and critics worry that the shift in mindset necessary for significant cloud service adoption doesn’t come as naturally to the federal government. Kundra is moving on to a joint appointment at the Kennedy School of Government and the Berkman Center for Internet and Society at Harvard.

What do you hope to see from the new CIO?

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.

For years, companies have been using software that shares computing tasks across several machines in a data center. The task-juggling technology enables computers to run at far higher levels of efficiency and utilization than in the past, doing more computing chores with fewer computers and fewer data centers.

Well, enterprises that have embraced the cloud. The number of federal data centers has risen from 432 to upwards of 2,000 between 1998 and 2011, almost a direct inverse of the private sector’s data center usage. Federal government CIO Vivek Kundra has been talking about cloud computing adoption for a while now, and is looking to the savings possible in the cloud, whether it’s built and provided by the government or by a vendor. Kundra says the nationwide shutdowns are in the interest of the taxpayers, who pay for the costs of infrastructure, real estate and energy despite reports that facilities use on average 27% of computer power. He also cites increased security for government data as well as improved performance of government services.

As of now, the number of data centers slated to close by the end of this year is 195 (81 centers have already closed their doors), going up to 373 by the end of 2012. The centers on the chopping block range from a Department of Homeland Security, 195,000 square foot facility in Alabama to facilities smaller than 1,000 square feet. But more importantly than the breakdown of numbers (well, more important unless you’re one of the number in the tens of thousands whose jobs will most likely be eliminated by this process) is the shift in thinking; moving from traditional, clunky IT models loaded with redundancy to a streamlined process that can be managed from almost anywhere. The Times reports employees at the General Services Administration and Department of Agriculture are using cloud-based email, provided by Google and Microsoft respectively, for a savings of about $42M annually.

What are your thoughts on this major shift? Let us know in the comments section or email me directly.

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.

Photo via

Videos such as this one spark a certain amount of nostalgia, not only for the clunky monster of a PC on Roger Fiddler’s desk but for the days before the Internet made everything so much easier and, well, so much harder. While Knight-Ridder had a little too much faith in man’s continuing loyalty to the newspaper, they pinpointed the crossroads where many vendors find themselves: “We may still use computers to create information but we’ll use the tablet to interact with information.”

This might account for the changing numbers as outlined by Tom Nolle at the Uncommon Wisdom blog:

PCs are not seeing the growth they once did…Some of the slowing is due to tablet encroachment, but most is likely due to people just not upgrading as often.

But the fruition of visions such as Knight-Ridder’s 1994 prediction about tablets marks another change, not only within the tech industry, but in the way the rest of the world interacts with the IT department. Interactions aren’t lassoed solely within a company’s in-house messaging or email system. Despite social networking services aimed at the enterprise such as Salesforce.com’s Chatter, users are still all over sites such as Facebook and Twitter, and not always for strictly business purposes. Sure, you could throw some policies at it and even make examples out of a few repeat offenders, but what happens when you’re the President or, more realistically, you work in a high-profile government office where quips on Facebook can have serious and reverberating effects?

Tuesday’s hearing on how the Presidential Records Act of 1978 applies to presidential record keeping of digital communications on the web brought up some of the gray areas facing enterprise IT departments everywhere. Philip Klein reports for the Washington Examiner:

Back in 1978, in the post-Watergate era, Congress passed the Presidential Records Act to preserve White House communications. But a lot has changed in the past 33 years, and on Tuesday the committee held a hearing about updating the law in an era of texting, instant messaging and social networking.

As House Oversight and Government Reform committee chairman Rep. Darrell Issa, R-Calif., noted that legislation did not foresee Facebook and Twitter. There are currently no restrictions on the personal items White House employees are allowed to bring into work, including tablets that would presumably allow them to send communication via personal accounts on outside cellular networks. While White House policy mandates that employees who conduct official business on personal email accounts forward those interactions to their work accounts, there are no firm policies on social networks such as Twitter, Facebook, IM, and mobile text messaging.

Updates to the law were suggested, but as David Ferriero, archivist of the U.S. at the National Archives and Records Administration (NARA), stated, “Ultimately, responsibility for records management will always rest to some degree with individual federal employees, no matter what systems are in place. That was true in an era of exclusively paper records, no matter what systems are in place.”

Sadly, this seems to be the fallback of most enterprise IT security programs as well.

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.

The partnership with the DoD comes directly from the higher-ups, with support from Obama’s government workforce development effort and Cyber Security Coordinator Howard Schmidt backing the deal. Part of the five-year contract, which includes five option periods, is TCS’s Art of Exploitation University program, launched in May. The Annapolis-based company’s AoE University has already enrolled 1,500 students since its launch, teaching the gamut from computer network security, information assurance, network defense, penetration testing, forensics analysis to cyber intelligence. Hopefully the hands-on learning and real-life simulations will include the proper response to burning Lady Gaga CDs?

TCS’s shares rose $0.07 following the deal on Friday, and the company has since purchased Trident Space & Defense LLC, a private producer of wireless communication systems. The purchase, the company’s fourth of 2010, is expected to expand TCS’s reach to foreign government and commercial companies, where Trident has business. The DoD contract is one on a list of contracts TCS has landed with the U.S. Navy – worth $315M, the Army – worth up to $9.6M, and the Marines – worth $269M.

But is the Department of Defense’s money well-spent? Frank Ohlhorst makes a great point about the hardest leak to plug in IT:

Most, if not all, of these requirements rely on technology to enforce compliance. WikiLeaks teaches us that it is the human factor and not technology that leads to the most damaging of breaches. All it takes is one disgruntled employee to destroy the security around intellectual property, private data or corporate secrets. But how can one build technology to prevent that?

There is no simple answer. Perhaps the only way to handle these situations is with the threat of severe penalties, and therein lays the secret to compliance technology. The enforcement of severe penalties requires incontrovertible evidence. In this particular case, technology that monitors activity and audit usage can become the key to plugging leaks.

If users are properly educated on the implications and penalties involved in disseminating unauthorized information, and are informed that access is tracked in numerous ways, perhaps technology can prevent the issues now plaguing the U.S. Defense and State Departments.

Though the government can’t be criticized for trying, it can be criticized for falling into the oldest pattern in information technology: Learning which vulnerabilities to secure after they’ve been compromised.

Do you think TCS’s reputation is enough to help secure what’s already proven pretty faulty? Let me know in the comments or send me an email at Melanie@ITKnowledgeExchange.com.

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.

The bill, slated for 2011, would require communication service providers to have the capability to intercept and decrypt messages. The proposal, as related to the Communications Assistance to Law Enforcement Act (CALEA), which requires telecom providers to provide interception capabilities for law enforcement, is an extension into the realm of the Internet. In the New York Times article on the bill, FBI’s Valerie Caproni said:

We’re not talking expanding authority. We’re talking about preserving our ability to execute our existing authority in order to protect the public safety and national security.

But does “public safety and national security” come at the cost of personal and enterprise security? Extending interception capabilities to the Internet could prove disastrous if not executed correctly. Computer science professor at Columbia University Steven Bellovin thinks “it’s a disaster waiting to happen. If they start building in all these back doors, they will be exploited.” Just like in 2005, he cites, when “hackers [took] advantage of a legally mandated wiretap function to spy on top officials’ phones, including the prime minister’s.”

On the flipside, there may be side-effects to adding to the already overwhelming honey-do lists of enterprise IT. Former Sun Microsystems engineer Susan Landau worries that the mandate would hinder the progress of small startups. Engineers would be dedicated to incorporating wiretapping capabilities rather than innovation and product release dates.

Federal response to the privacy community’s uproar is hardly comforting: Service providers would be the sole carriers of the decryption capabilities, for which the agency would need a court order to utilize. Ira Winkler, president of the Internet Security Advisors Group told Computerworld that his main concern isn’t the “government’s ability to intercept communications for legitimate law enforcement purposes, the real concern should be over continued compromise of personal data online.”

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.

Lest things get too weird, at least the promotional YouTube video is full of dull, comforting marketing drivel:

[kml_flashembed movie="http://www.youtube.com/v/uhefaGKRAkA" width="425" height="350" wmode="transparent" /]

As it turns out, there are a lot of open source enthusiasts within our nation’s military-industrial complex, and just like in big business, open source is starting to find its own profitable, sustainable niche within military suppliers and the nation’s military itself. For proof, just look at the upcoming 2nd annual Mil-OSS Working Group conference (suits and ties strongly discouraged), which will feature almost 50 speakers on topics ranging from “Using Git to Overcome Traditional VCS Limitations” to “OZONE & OWF: A Community-wide GOTS initiative and its transition to GOSS.”

Not surprisingly, there’s some skepticism. Dana Blankhorn writes:

To what do we owe the honor? Have the people sworn to protect us from fanatics in caves suddenly gained open source religion? Are they trying to ingratiate themselves with a new Administration which looks favorably on open source? Or are they trying to take it over, infiltrate it?

The answers to these questions are important, as is your speculation, because the welcome these projects get from the open source community will likely determine how much help they get. Reputation is vital in open source, and government often has a poor one.

Then there’s the quality of the offering itself. I don’t see anything in Eureka Streams I can’t do in Drupal, or a number of other high-quality open source projects that have existed for years. Lockheed has reinvented the wheel — why? And why should I help them push it up the hill?

Skepticism: Constructive. Unfounded speculation: Less so. Cheap potshots: Grow up.

Let’s look at the facts:

To what do we owe the honor? The national security industry has been making serious contributions to open source software in one way or another for a long time, and Dana’s reaction isn’t atypical. As Gunnar Hellekson recalled, the same skepticism greeted the NSA’s contributions to SE-Linux, many of which were later vetted and pulled into the kernel.

Reputation is vital in open source, and government often has a poor one. Recently I’d say it’s the opposite, and we’re finally starting to see the fruits of what people have suggested for years: That government and OSS should go hand-in-hand. See Whitehouse.gov. Or better yet, check out this post by Sun’s Bill Vass, written two years ago, pre-Obama:

Just recently, the House released The National Defense Authorization Act for Fiscal Year 2009 (H.R. 5658) which includes language that calls for all DoD agencies to consider open source software when procuring manned or unmanned aerial vehicles. Including such language is a milestone for the open source movement and just the beginning!

Joab Jackson of Government Computer News wrote this in his blog, “The Defense Department has traditionally been somewhat wary of OSS, at least for official duties. So some feel the language could pave the way for greater acceptance within the Defense community.”

I don’t see anything in Eureka Streams I can’t do in Drupal. Coming from an affirmed Drupal enthusiast (and proud member of the Wicked Pissah Usah Group), yes, you can do that in Drupal, just like you can build pretty much anything with it, but that doesn’t mean you can build it well, or easily, or without more re-inventing the wheel than makes it worth your while. That’s why we have Joomla, WordPress, Open Atrium and now … Eureka Streams, which actually appears to do a lot that none of those other platforms can do without a lot of work.

But at the end of the day, what this story comes down to is that the economics of open source are the same for Red Hat as they are for IBM as they are for Lockheed. Lockheed isn’t open sourcing Eureka Streams because Bildenbring and the Illuminati are planning on stealing your SMB’s Intranet data. It’s open sourcing it because in today’s worlds, there are plenty of great business reasons to open source your software, particularly if your primary product is hardware (like missiles!) and not corporate Intranet platforms.

The same economics apply to the government and the military, too: Every wheel not re-invented because of forge.mil means more money, time and energy spent focused on protecting the country or reducing taxes (Well, that might be taking it a bit too far).

Let’s cut the open source polemics, just like the enterprise has. Open source projects require backing; sometimes that will be an active community, but just as often it will be the IBMs, federal governments, and even, yes, Lockheed Martins of the world.

Michael Morisy is the community editor for ITKnowledgeExchange. He can be followed on Twitter or you can reach him at Michael@ITKnowledgeExchange.com.