Posts tagged ‘Microsoft’
There is a battle going on now among technology companies. They all want to be the online entry point for consumers, the operating system for everything we do digitally. I’ve written previously on this topic, calling it an updated version of the old portal strategy from early Web days.
I think that comparison is accurate conceptually. But today’s fierce competition has many more facets, and the ammunition is non stop innovation. John Battelle wrote an excellent piece last week breaking down this competition into product lines. He looked at five companies — Apple, Microsoft, Google, Amazon and Facebook – and their strengths/weaknesses in each area:
Even if you don’t agree with every ranking, this way of visualizing the struggle is very useful. At the very least, it can help make you a more educated purchaser of these services, either consumer or enterprise. As Battelle points out in his post, this representation also hints at the acquisition strategies that would make sense for the Big Five.
The overall quality of technology coverage has declined due to the decimation of the tech trades. So this type of strategic perspective is very refreshing, and probably why Battelle is a successful author and businessman. Too often these companies are portrayed as behemoths owning their respective niches.
By portraying the Big Five’s product lines, Battelle brings into sharp relief the cage match going on right now for Internet supremacy.
At my firm Strategic Communications Group more and more of our client work is in the social media arena. Usually a piece of the strategy involves helping the client launch a company blog. This can be a very valuable tool for thought leadership, spurring conversation and awareness and eventually for producing leads that support revenue generation. My colleague and Strategic founder Marc Hausman wrote recently about what he calls the three stages of social media maturation here: http://tinyurl.com/cmg4xf
Over the past 12-18 months we’ve stood up blogs for clients such as BT, Microsoft, Sun Microsystems, Inmarsat and GovDelivery. These implementations have led to a short list of best practices and issues to address prior to launch. The technology platform is the simple part. There are more fundamental questions to answer before launching a corporate blog — you can’t just “throw it up” and hope for the best.
Here are the issues most of our clients have grappled with (successfully) as they launched their corporate blogs.
- Are you willing to take a stance? Many companies tend to be very careful with public statements, which is often a smart course. But middle of the road, consensus driven content doesn’t attract a strong readership. A company needs to be ready to take a clear position and welcome differing opinions.
- Response time needs to be swift. Responding to breaking news can be a very productive source of timely blog content. But if the marketing content must track down a subject matter expert, who then has to get his or her comment cleared, that’s not going to happen fast enough. Companies need to designate approved commentators, and they need to be accessible.
- Is everyone internally on the same page? Sometimes ownership of the corporate blog becomes a bone of contention between the IT department and the marketing/communications staff. Lines of responsibility need to be clear and agreed to prior to launch.
- Reasonable and clear metrics of success. These can vary greatly depending on the nature of the content and the audiences targeted. Consistent growth in traffic is usually the best indicator. Sometimes clients focus on the number of comments, which are harder to garner due to the increased effort required of readers.
- Finally, respect the time investment. At Strategic we have weekly calls with clients totally devoted the blog editorial calendar, and direct access the senior executive contributors as needed. If a company isn’t ready to dedicate the time and access required for quality content, they should reconsider launching a blog.
Here’s an interesting graphic courtesy of Matt Dickman at Technomarketer that illustrates some of these points well:
As communication professionals it is our responsibility to bring these issues to our clients early on and make sure they are successfully addressed. Companies that truly make the culture shift consider themselves as publishers, and bring that sort of serious consideration to their content.
With the decline of the technology trade media, quality corporate blogs can fill an important vacancy in technology coverage and become a trusted source of information in their specific market.
Got a story about a great company blog, or want to add to the list above? Please drop a comment or contact me directly.
Tuesday a big story broke that could have impacted millions of web users. A researcher discovered a major security flaw involving the Domain Name System (DNS), and instead of selling the information or using it to market himself he went to major internet vendors and discussed the vulnerability with them. Today Microsoft, Cisco, Sun and BIND (via the Internet Software Consortium) issued patches to this problem, before the bad guys could exploit. Good report from Rob Vamosi of CNET:
Dan Kaminsky, director of penetration testing services for IO Active, found the DNS flaw earlier this year. Rather than sell the vulnerability, as some researchers have done, Kaminsky decided instead to gather the affected parties and discuss it with them first. Without disclosing any technical details, he said, “the severity is shown by the number of people who’ve gotten onboard with this patch.”
He declined to name the flaw as that would give away details.
On March 31, Kaminsky said 16 researchers gathered at Microsoft to see whether they understood what was going on, as well as what would be a fix to affect the greatest number of people worldwide, and when they would issue this fix.
Here’s a description straight from Dan himself off his DoxPara Research blog:
I’m pretty proud of what we accomplished here. We got Windows. We got Cisco IOS. We got Nominum. We got BIND 9, and when we couldn’t get BIND 8, we got Yahoo, the biggest BIND 8 deployment we knew of, to publicly commit to abandoning it entirely.
It was a good day.
For the most technical, here’s the US Computer Emergency Readiness Team (US-CERT) Vulnerability Note, which includes a long list of the vendors affected:
I spoke with a DNS expert I know well for some context around the announcement. He confirmed the magnitude of the potential problem, saying that it puts the majority of web nameservers at risk for DNS cache poisoning. He also noted that the initial reporting portrayed the problem as being with the DNS itself, which is true to some extent.
But BIND and Microsoft nameservers are particularly susceptible to cache poisoning, due to a weakness in how the query response number is randomized when the recursive server responds with the proper IP address. Other name servers, like PowerDNS, are much less at risk.
Here’s how he tried to describe the attacks to me in layman terms. The attack sends repeated queries for the same resource record (IP address) to the recursive server, which causes multiple open queries to be opened. Think of these as tickets started but not completed.
Then the attack also sends a number of answers using spoofed addresses to make it appear they are coming from the legitimate nameserver for that resource record. What the attacker is trying to do is “guess” the socket number and transaction ID of the actual, correct response. So the machine asks a server for an IP number, but then floods the server with false answers to that same query, racing to see which answer gets accepted first by the resolver.
Because of weak randomization in many nameservers, the attacker was highly likely to eventually hit on a correct transaction address, which means the resolver would give an answer the attacker assigned, not the correct IP address. That false answer would then be cached by the server, and every request for that IP address would be given the new, fraudulent destination. And users might never know the difference.
This description makes sense, based on this from the CNET story that refers to beefed up randomization:
Kaminsky said he will release details in time for Black Hat 2008, on August 7 and 8 in Las Vegas. However, Microsoft in its security bulletin said its patch uses strongly random DNS transaction IDs, random sockets for UDP (User Datagram Protocol) queries, and updates the logic used to manage the DNS cache.”
Kaminsky did confirm that the patches released today will increase DNS randomness: “Where we had 16-bit before, we now have 32 bits.”
Beyond the technology, this is a very heartening story of collaboration and discretion in the name of the greater good. By waiting until Microsoft, BIND and others could issue a patch for this problem before making any public statements, a great deal of online harm was avoided. I’m sure Kaminsky will get the royal treatment at Black Hat, and it sure sounds like he deserves it. Dan, here’s a big thank you from this Internet user.
Fierce competition is back on the web browser front. After Microsoft crushed the Netscape challenge in the mid to late 90’s, Microsoft Explorer cruised for years as the overwhelming leader in the web browser market. It still is, with approximately 75% market share. But out of the Netscape defeat rose the Mozilla Foundation, a non-profit that launched the open source Firefox browser and has been refining it since. Here’s a good overview from Brad Stone of the NY Times:
Yesterday Microsoft struck back announcing a deal with Hewlett-Packard. Starting in January 2009 Microsoft’s Live Search will be the default search engine on all HP computers, taking that spot away from Yahoo. The deal is for North America only — Microsoft probably decided it has enough anti-trust issues right now with the European Union. Danny Sullivan of SearchEngineLand has a typically good piece, highlighting the US market share numbers of the various PC manufacturer/search engine alliances. I also like the idea he floats — why not cut consumers in with lower PC prices when the manufacturer gets big $$ from the search companies?
It fails to mention that HP will gain cash through the deal for effectively selling out their users. That’s not to single out Microsoft. The Google-Dell deal is exactly the same situation. Yes, in both cases, the computer owners are getting access to good search resources. But maybe the vendors should charge less for computer where they benefit by choosing for the consumer? Or maybe they need to disclose more fully why the defaults are the way they are?
But the struggle isn’t over when the default is set. Users can of course change their search option. Or they can be cajoled/coerced into doing so. Here’s a piece from Danny last year on that mostly behind-the-scenes battle:
There is one element of the HP/MS deal Danny doesn’t focus on, maybe because its not related to search. In addition to Live Search being the default on HP computers, Microsoft’s Silverlight animation software will be built in as well. This is the MS product that competes with Flash, and having millions of computers on the market that can view Silverlight without needing any plug-ins should be a big market advantage. Ars Technica thinks that will end up being more significant than the default search element:
Personally I prefer Firefox. It seems faster than Explorer, and useful add-ons like the Alexa traffic reader are easy to implement. I don’t mind that Firefox has decided for me that Google should be my default choice for search — at least not yet. We users need to remember we can always make up our own minds.