Salesforce kids learn code, teacher is 10-year old

bridgwatera | No Comments
| More

Salesforce melted a few hearts yesterday at its World Tour 2015 London event in the ExCel exhibition centre.

Developer zones are ALWAYS fabulously 'awesome', but this one takes some beating.

Kids around the age of 7-9 years were using the 'simple' Scratch drag-and-drop programming tool to create a 'Pong' style game.

But the best bit?

The enthusiastic little girls I spoke to at the back were loving the whole event and were being taught by a Harry Potter-esque looking 10-year old, who got to play teacher for the day.

Scratch is a project of the Lifelong Kindergarten Group at the MIT Media Lab. It is provided free of charge.

How hard can it be?

"It's not as easy at it looks and there is quite a lot of complexity involved in terms of understanding that if that ball hits the paddle then it had to be engineered to bounce back the other way. Kids are able to grasp the need to bring in the logic controls needed from the drag-and-drop menu and it is wonderful to see this happening," said Guillaume Roques, Salesforce head of developer relations for the EMEA region.


Microsoft: goldfish beat humans, attention span now just 8 seconds

bridgwatera | No Comments
| More

Microsoft Corporation has 'suggested' that the human attention span is now just eight seconds long.


This 'news' comes as a result of a survey of 2000 Canadians over the age of 18.

Are you still reading?

"We are moving from a world where computing power was scarce to a place where it now is almost limitless, and where the true scarce commodity is increasingly human attention," said Microsoft CEO Satya Nadella.

Developers -- make your apps appealing within the 8-second window!

If there is any truth in these research report 'findings', then we humans now have an attention span less than that of a goldfish, which is thought be at around 9 seconds in your 'average goldfish'.

Blog ends, what did you expect?

F5 on working inside the 'dynamic cloud fabric', safely

bridgwatera | No Comments
| More

F5 Networks used its Agility 2015 conference in Edinburgh this week to launch a new 'cloud-delivered' managed service to defend against web application attacks.

The service also aims to "ensure compliance" across dynamic cloud and datacentre environments.

NOTE: F5 it's almost superfluous that F5 should use the term 'dynamic' there i.e. what cloud datacentre is NOT dynamic now? The firm's stance on application agility inside cloud environments with regard to its iRules product (keep reading down) is testament to this notion. Hence the saying, the cloud is a fabric, not a solid.

But back to the news, the Silverline Web Application Firewall service provides web application firewall (WAF) implementation and policy enforcement capabilities.

The service includes 24x7 support from F5 Security Operations Center (SOC) resources.

It is built on the company's BIG-IP Application Security Manager product and provides WAF services in both on-premises and subscription-based cloud offerings.

The company's WAF solutions incorporate cloud resources to protect apps and data from what F5 calls out as "increasingly sophisticated" security attacks, risks and vulnerabilities.

A lesson in web security history

Historically says F5, enforcing web application security and compliance policies across a variety of traditional and cloud environments has meant greater complexity, security gaps and higher costs.

As a result, a number of organisations choose to offload WAF administration and policy management, mitigating attacks that might otherwise lead to application downtime, revenue losses, and a damaged brand.

F5 insists that it is able to leverage its security efficacy to protect against advanced layer 7 attacks (such as those based on geolocation, DDoS, SQL injection, zero-day threats, AJAX applications, JSON payloads, OWASP Top Ten, and others) in this cloud-based service.

These WAF solutions offer automated, self-learning capabilities in a customizable framework that takes advantage of programmable iRules and iApps technologies to rapidly respond and adapt to evolving threats.

"With security needs outpacing the number of qualified WAF experts in the industry, many organisations find themselves under-protected. Silverline solutions expand F5's fabric-based Synthesis framework to include cloud-delivered services--giving customers the benefit of F5 experts proactively looking after WAF functionality. This approach effectively makes F5 the application security IT engineer for the customer, providing internal personnel the opportunity to focus on other priorities," said Mark Vondemkamp, VP of security and Silverline technologies, F5 Networks.

Consolidated security functions

With its integrated Silverline offerings, F5 provides a growing number of hybrid, on-premises, and cloud-delivered application security solutions, including focused solutions around WAF, DDoS Protection, IP Intelligence, and Secure Web Gateway Services.

Looking forward, F5 will offer additional services from its BIG-IP product portfolio through the Silverline platform, giving customers freedom and flexibility in how they combine owned, hosted, and managed IT resources.

In the context of broader infrastructures, customers will also be able to centralise policy control and orchestration capabilities through APIs and future integrations with F5 management solutions.


Disclosure: F5 paid for Adrian Bridgwater's travel costs to attend its EMEA Agility 2015 conference in Edinburgh, Scotland.

What developers should expect from Salesforce World Tour London 2015

bridgwatera | No Comments
| More

Some companies make software.

Some companies would rather say that they offer a whole 'suite' of software -- and then again, some companies insist that they offer a whole 'platform' of apps and tools.


Salesforce wants to go one better (Ed - obviously!) and says it offers an entire 'ecosystem'.

The Salesforce World Tour London is hosted in ExCeL next week to gives users the chance to "experience the Salesforce ecosystem" first hand, says the firm.

Benioff defers to his number #2 vice chairman & president Keith Block for the keynote duties here.

The event is free to register for, but attendees will have to get themselves to London's glittering ExCeL centre to indulge.

The programme itself features a full developer zone with plenty of Heroku and Visualforce content.

The firm describes the event as a chance for its product teams to convey the latest updates on the Salesforce1 platform and the various products built on top of it -- which include applications for:

  • sales,
  • marketing,
  • analytics,
  • services and,
  • community.

"Our customers will be on stage and at the breakout sessions, sharing their experiences using Salesforce while ISVs and SIs will be showcasing their apps/services built on top of our platform," said Guillaume Roques, Salesforce head of developer relations for the EMEA region.


As mentioned, developers and admins will have a dedicated zone for them to learn the Salesforce 1 platform through talks and hands-on activities.

Code Consultations

"The Developer and Admin Zone features: two theatres filled with talks on a range of subjects (Lightning, Heroku,, given by experts from the Salesforce community. There are deep dive sessions on Lightning and Heroku by the product teams -- plus, we also offer 'Code Consultations' with our experts for developers to get some help with projects they're working on," said Roques.

He further enthuses that developers can get some hands on time with the firm's platform through what they call 'Quick Starts' and 'Mini Hacks'.

"We connect developers and admins to their local user groups. All the UK developer groups will be onsite with us in the DevZone on the day," said Roques.

Finally he says, Salesforce is running a Coder Dojo session with 30 children from East Bergholt Primary School during the afternoon, sponsored by Wind River.

CWDN opinion

The Computer Weekly Developer Network often runs preview tasters for shows that it will attend, but this is the first time a major vendor has specifically called out its developer track with some dedicated pre-show commentary from the relevant developer lead -- so all credit to Salesforce for a) having the tracks and sessions available in the first place and b) doing the (PR) math(s) and getting this info to us.

What to expect from F5 Networks Agility 2015

bridgwatera | No Comments
| More

F5 Networks holds its Agility 2015 conference next week in the bright and shiny Scottish capital city of Edinburgh.

There's a bit of urban myth surrounding why F5 is called F5, but popular agreement (and, shamefully, Wikipedia) seems to have settled upon the firm having taken its name from the Fujita Scale damage rating for a tornado, where F5 is quite a lot.

F5 is all about protection and control in the face of a data vortex, this does make sense.


The company is now known for its Application Delivery Controllers (ADC), which work to optimise the delivery and security of network-based applications.

More specifically, an ADC is a network device that manages client connections to complex web and enterprise applications -- in general, a controller is a hardware device or a software program that manages or directs the flow of data between two entities.

This event has already called in at stops in Tokyo, Beijing, Shanghai, Singapore and Jakarta -- after the exotic climbs of Scotland the team moves on -- to Washington DC, Melbourne and Sydney.

Deep-fried Mars Bars?

Aside from the epicurean treats that Scotland will no doubt have to offer the attendees, what else will the event contain?

The firm says that Agility 2015 is a chance to hear F5 "leaders" as well as customers and partners share how the latest solutions are transforming what's possible for today's organisations.

Nice platitudes there, but what does F5 really mean?

The firm insists that that it will host dedicated press roundtables with its CEO Manny Rivelo to examine F5's industry outlook and take on key topics including hybrid cloud, security and online fraud.


1 mannnggfff.jpg

According to the flyers, "[We can] learn how F5 is bringing the power of cloud, datacentres, converged systems, and as-a-Service together to enable fast, efficient, and secure application delivery in today's challenging hybrid environments. Agility also means networking with industry peers, connecting with decision-makers, and building new business relationships."

Senior VP Dean Darwin will spend some time detailing F5's vision for the future with regard to its technology base.

As a point of interest, this is in fact CEO Manny Rivelo's (pictured) first public appearance in the UK (or indeed Europe) since being announced as F5's chief.

He is expected to talk about the company's vision of the future of application delivery, especially the need to architect for hybrid clouds and software-defined data centres.

Other news at the event should include detail of F5's next foray into security services delivery from the cloud and related new business models customers expect.

The company is also expected to lead on newer areas of the business, with web fraud a front-and-centre concern in the financial sector especially.

Scotland the brave... let's see 'Silicon Glen' shine please.

1 F5 oihowihdq.png

Image -- keynote session at #F5Agility Asia-Pacific: "Yes, we have a logo."

Slam it to the left, Spiceworks ups developer beat

bridgwatera | No Comments
| More

Spiceworks has announced a new developer toolkit, transaction processing capabilities and apps for its App Center.

What is Spiceworks?

1 iudiuwgdiugwd.png

The company describes itself as a (professional) vertical network for IT users that connects more than 5 million IT users with over 3,000 technology brands -- it's mission is to simplify the way we buy and manage technology products and services.

The new developer toolkit includes new platform APIs, the 'Developer Edition' of Spiceworks' IT management application and some associated documentation.

The company also introduced transaction processing for its own App Center -- and this is said to enable independent developers and technology brands to sell apps to IT professionals.

Does it work?

Spiceworks insists that its users collectively spend over £400 billion on IT products and services every year.

"The Spiceworks App Center is a opportunity for the development community to reach a professional audience with enormous purchasing power," said Michael Maw, an independent developer and creator of the Pepper Pack app.

The platform is said to be easy enough to build on and is supposed to developers a new audience to reach with premium apps.

"Millions of IT professionals rely on Spiceworks for the applications, technical information, peer feedback, and vendor connections they need to be more productive," said Ed Shelton, App Center program manager at Spiceworks. "We're accelerating our App Center efforts in ways that add value to IT professionals' days and provide independent developers and technology brands with a unique way to connect with IT professionals around the world."

New platform apps require Spiceworks 7.4 and include:

Pepper Pack - A service to troubleshoot support tickets faster. It enables Spiceworks users to instantly view all devices assigned to an end-user and link those devices to a help desk ticket in a single click.

Hatch Project Management - Hatch is a project management app designed to help IT professionals organise and collaborate with team members on IT projects across their IT department.

linkIT - The linkIT app enables IT professionals to connect their barcoding system with Spiceworks inventory application.

Network Map - The Network Map app helps IT professionals understand and visualise their network by showing connected devices that have been scanned by Spiceworks' inventory application.

Pip-Pip - Pip-Pip is a chat app that connects to an IT department's existing XMPP chat server. With Pip-Pip, IT professionals can chat with their IT colleagues as well as end-users requesting support.

Secure e-voting: 20 to 30 years away

bridgwatera | No Comments
| More

Jeremy Epstein, senior computer scientist at non-profit research institute SRI International spoke to the Computer Weekly Developer Network blog this week to share his views on the possibility of electronic voting security.

Epstein says that although some e-voting is happening in the US, Estonia and other countries -- this is not *secure* e-voting, it's just e-voting.

Every system developed so far has been found to be insecure.

20 to 30 years

"From a technical perspective, we're at least 10 years away from secure e-voting, and many experts think we're 20 or 30 years away," he said.

The following text is attributed to Epstein...


Need for two-factor (or more) authentication

Two-factor authentication is important to secure voting, but it is neither necessary nor sufficient (to use a term common in mathematics). Two factor systems still can be vulnerable to malware in the voter's computer, to attacks on the servers that receive the votes, to bugs in the software that erroneously record the wrong selections even if there is no malicious intent, and many other risks.

Additionally, the methods for distributing two-factor systems nationwide are expensive and complex - unless you already have smartcards distributed through government channels (as in Estonia), how do you securely distribute any two-factor system to an entire nation? And if the two-factor device is only used for elections, what happens to the device when people (inevitably) misplace it between elections that only happen every few years?

NOTE: (This isn't a problem in Estonia because the same smartcard is a driving license, bank card, etc. But a special purpose card or device for voting would have this problem.)

Who would hack a vote? foreign governments, criminal gangs, or petty fraudsters?

Election tampering has a long history, dating back thousands of years. The common use of paper ballots printed by the government is known as the Australian Ballot, and was developed over 100 years ago to prevent certain kinds of election tampering. There is no reason to believe that today's attackers are any less motivated or ingenious than those of 100 years ago.

Hackers could include bored teenagers, petty fraudsters, criminal gangs, foreign governments, and "hacking for hire" providers - perhaps all trying to hack the same election in different directions and for different reasons. What we've learned from the past 20 years of internet security is that it's very difficult to predict who will attack systems, why, and how - but the attacks inevitably occur. Perhaps it will be hackers in nations with lax criminal systems who offer online vote tampering services, just as they currently offer hacking for hire (e.g., a hacker in an eastern European country hacking British elections).

The free market will (ironically!) determine the value of such a service. If the ease of success is high and the probability of detection is low, the temptation will be irresistible for some. There is ample evidence that the free market works well in determining pricing for other forms of online mischief; there is no reason to believe that voting will be any different.

Where has online voting worked and what is still wrong with it?

Online voting has worked partially in Estonia. After 10 years, there is a slight uptick in overall turnout. But the systems have been shown to be vulnerable to attack, despite the use of smart cards that can be used to reduce some parts of the risk equation. Some of the source code has been released, but only a portion - and not the riskiest part (the software that runs in the voter's computer). Everywhere else, online voting has been a failure. It has not increased turnout (with the exception of Estonia, where the improvement is slight).

Every system looked at has had significant security flaws. See for example the recent New South Wales (Australia) election, where a serious security flaw was discovered after 66,000 votes had been cast, and there is no way to tell if any of them were tampered with.

Or Norway, where the system was discovered to have massive flaws that could allow unlimited vote tampering. In the United States, with one exception (District of Columbia), vendors and localities have refused to allow any independent security analysis of online voting systems, so only the criminals (and perhaps the vendors) know how bad they are. Every system has increased costs (as was noted in the UK's prior experiments with online voting), because they must be continuously improved and monitored as the threat environment changes - they can't simply be deployed and used year after year without change.

The best hope for the future is cryptographic end-to-end verifiable voting systems. However, even those vendors who claim to be using this technology have taken shortcuts that significantly weaken the security characteristics. And so far, the research systems built using this technology have failed key usability assessments. The Birmingham system has some potential, but the methods used are so far not described to the scientific community, and have only been vaguely sketched out in press releases. Hence, it is impossible to know whether they actually advance the state of the art, and what the tradeoffs are for other aspects of the voting problem (e.g., security, privacy, usability, cost).

Security is only part of the issue here, privacy is also a huge concern.

Privacy is a huge concern for online voting, as are issues of voter coercion. One of the values of having in-person voting is that an independent voting official can observe that the voter is able to cast his/her vote by him/herself, and no one else is able to see their selections. Online voting means that an employer, an abusive spouse, a caretaker in an old age home, or a criminal can force the voter to cast his/her vote in a particular way. The Estonian system attempts to limit this risk by allowing voters to vote as often as they like with only the last one counting, but the risk is that this means the voter's identity must be stored with each ballot to allow the system to know which ones should be discarded - thus increasing risks to the secret ballot.

NetSuite to developers: first... there was ERP, then came 'customized' ERP

bridgwatera | No Comments
| More

Apologies for the Z, but this is Silicon Valley and customisation becomes customization for the duration of this electronic missive.

NetSuite holds its annual SuiteWorld user, customer, partner, developer, practitioner (Ed - we get it, everyone is invited right?) conference and exhibition this week in San Jose.


The firm will no doubt present with its usual swagger and bravado taking potshots at its competition during the SuiteWorld keynotes.

NOTE: Is it a good idea to knock the competition? If we take a lesson from HP's refusal to do so in the past then perhaps NetSuite is playing the game correctly?

After the handshakes...

So what will NetSuite actually say to the practitioner/users who will implement ERP systems today?

The firm's message is to programmers centres around the proposition that developers can create customized vertical and industry-specific applications tailored to individual use cases.

The SuiteCloud Developer Network (SDN) is meant to represent a platform for on-demand business management software.

Platform solidity?

Everything is a so-called platform though isn't it?

The firm's developer portal details what appears to be a tangible enough set of cloud development tools, applications and infrastructure.

More specifically, SuiteCloud comprises a multi-tenant cloud platform with an Integrated Development Environment (IDE) and APIs to build applications on the platform.

We mean it, from the heart

Senior VP of business development Guido Haarmans insists that developers are "at the heart of" the SuiteWorld 2015 conference.

Starting with the event's own Hackathon 4Good, coders will have a chance to create solutions for two charities he explains.

"From there, we go into keynotes revealing our new functionality as well as workshops, product demonstrations, case studies and live lab sessions. These are supported by personal meetings with NetSuite product managers and SuiteGurus to discuss the NetSuite needs of individual customers. Developers working at both partners and customers are integral to the continued growth and evolution of NetSuite," said Haarmans.

"Whatever route NetSuite developers take around SuiteWorld's two hundred plus breakout sessions, it will be an opportunity to hear about and influence where we head next on our mission to transform business management software. I'd recommend all developers stop by the SUITEdemogrounds where we'll be sharing designs for future products and functionality and we are eager awaiting user and developer feedback."

CWDN opinion: Developer ERP may not quite be its own acronym just yet (DERP), but it should be and it should surely be down to a company like NetSuite to champion this.

Editorial disclosure: Adrian Bridgwater has worked on blog materials for NetSuite's own blog portal, he does not endorse NetSuite products and is not an employee of the company.

Microsoft Build 2015: notes from the keynote

bridgwatera | No Comments
| More

Microsoft held its Build 2015 developer conference and exhibition at San Francisco's Moscone center this April.


Company CEO Satya Nadella kicked off with a bit of nostalgia; Microsoft is now a 40-year old company. But that was the full extent of the reminiscing, this event is nothing but forward-looking.

Innovation inside?

Refreshingly, as far as Microsoft used its stage time to talk about new innovations all the way through Office, Azure, Windows 10 and onward to HoloLens, not one of the firm's spokespeople really used the term "innovation" over-and-over again... as is so often seen.

Maybe this really is the 'newly changed-spots' Microsoft with a more humble, more dedicated and altogether more sincere proposition for software application developers of every discipline.

Nadella: we're a platform company

So despite all the years that have passed, Nadella insists that technologies have come and gone, but Microsoft is a still a "platform company", just in case you were wondering what the firm thinks of itself today.

This of course means not just Windows, as a platform, but also Office as a platform, Azure as a platform and the full scope of Microsoft's product set for that matter.

"It is the mobility of the experience that matters, not the mobility of the device," said Nadella.

So perhaps think of the world according to Microsoft's platform mantra like this:

1. architecture and logic
2. platform
3. application
4. endpoint device

Enter Scott Guthrie, exec VP of cloud and enterprise... Guthrie's division of course looks after Azure.

1 Azure momemtum.jpg

The firm's Azure compute region now manages more than 1 million servers and sits over more world regions than Google and AWS combined - a total of 19 by virtue of the firm's current data centre footprint around the globe.

There were more than 500 new Azure features developed over the last year and...

... and Microsoft's cloud is developing fast and some commentators have said that the firm is even better placed than both "cloud natives" Amazon and Google in terms of winning the next wave of industry development, momentum and kudos.

Microsoft is also well advanced in its support for Docker now. Ben Golub CEO of Docker was also invited to the stage for this event's keynote.

Golub talked about his firm has always set out to remove the need for developers to worry about the amount of rework they would typically have to focus on us... and the associated amount of dependencies that typically slowed then down.

Docker has not only addressed coding efficiency says Golub, but the firm has also been focused on content and collaboration with its DockerHub offering - and there are open orchestration efficiencies too.

"One of the best and most appealing surprises that we have had while working with Microsoft is that all our integration has happened so quickly," said Golub.

NOTE: Did you get that? An inherently open source company saying that it has integrated well with Microsoft and been surprised how fast things have happened.

Guthrie returned to the stage to talk about Azure Apps Service - this new product works to provide elements such as continuous integration, there are automatic building and auto-scaling capabilities (apps can be structured around rules that allow the app to intelligently scale upwards in terms of the amount of Azure juice they use based upon what they need only when they need it) -- and, of course, more besides.

3.5 hours keynote

This somewhat 'stream of conscientiousness' level summary can not cover the entire first morning keynote and there were some massive news blocks which we will analyse separately.

Visual Studio Code is a code-optimised editor with IntelliSense, debugging and GIT... and it's free.

Azure Data Lake is a hyper-scale data repository for big data analytic workloads and integrated with machine learning and big data services from Microsoft, and partners like Cloudera and Hortonworks.

... and there were development details for Microsoft HoloLens, using one codebase and one store, with what the firm promises to be a 'consistent experience' across Windows 10 devices.

Last(ing) first impressions

Microsoft didn't do everything right here by every developer; you only need to scan down the Microsoft owned Windows Central Build blog keynote comments to see that some programmers feel disquieted and disenfranchised by some of the new moves to embrace Android and Java on Windows 10.

But Windows is going back to its roots, it's going to be pushed forward by a platform company in a world of new endpoints and new application delivery structures.

Windows 8 might have been a bit of sore point, but it just might have been the pain point that Microsoft needed to go through to really get its house in order.

As Endgadet put it, "When did Apple become the boring one?"


Box Dev: 4.5 billion API calls can't be wrong

bridgwatera | No Comments
| More

Box has hosted its Box Dev event, for developers, by Box - called Box Dev.

1 Box dewdweqdCapture.JPG

Following through its logical naming convention, Box used Box Dev to launch Box Developer Edition, an edition of Box for developers.

This software release includes a new user and authentication model for building apps on Box.

Box wants us to call Box a 'platform', but then so does every firm.

You may still know Box as the online file sharing and personal cloud content management service for businesses - not quite as catchy, but just a little more Ronseal.

So what happens here?

In short, Box Developer Edition provides developers with their own complete Box instance.

What would that give them?

Basically that "complete instance" goodness (and there are new modular SDKs here too) is supposed to allow programmers to really draw Box functionality INTO AND INSIDE the applications they develop to bring new data sharing and collaboration options to the fore.

Or as marketing and PR would put it:

--- to build apps with "reimagined workflows" for any industry.

"The opportunity to build transformative enterprise applications is greater than ever, because today's digital enterprises are using technology as a competitive advantage to create more productive workforces and more powerful customer experiences," said Aaron Levie, co-founder and CEO of Box.

Billions and billions served

247 Mcdonalds sign.jpg

The firm says that there are now nearly 50,000 third-party developers building their applications on Box and making 4.5 billion API calls each month through the Box platform ecosystem.

"Today, Box gives developers the opportunity to create meaningful applications on the enterprise content platform trusted by half of the Fortune 500. We've gone way beyond commodity cloud storage by constantly investing in new technology to support our more than 45,000 customers globally, and making those innovations available to developers," said Chris Yeh, senior vice president of product and platform at Box.

Image credit:

How the IT universe moves to software-defined data warehouse life, and everything

bridgwatera | No Comments
| More

Teradata has launched what it calls its 'Software-Defined Warehouse' as an enhancement to the firms own-brand Teradata Database.

As we move to a world of software-defined everything, this is clearly a play to enable firms to consolidate multiple data warehouses into one system without sacrificing service level performance.


What is a data warehouse?

A data warehouse itself is defined by TechTarget as a central federated repository for all (or significant parts of) the data that an enterprise's various business systems collect - it may be both physical and logical.

"Today, many organisations maintain multiple, separate data warehouses to meet unique business unit requirements or to comply with data privacy regulations across countries," said the firm's Hermann Wimmer.

Here then we see Teradata moving to try and provide simpler data warehouse management and consistent performance.

The company also now tables an additional Teradata Database feature called Secure Zones, which separates data and groups of users for each entity, with secure boundaries between them.

This, says Teradata, enables organisations to comply with security and privacy laws that restrict the movement of personally identifiable information or co-location of data from multiple business entities or countries within a single data warehouse.

The Software-Defined Warehouse capability usesTeradata Workload Management, Teradata Data Labs and the Secure Zones feature of the Teradata Database.

These combined capabilities offer organisations the following functions:

• Multi-Tenant Deployment: to separately manage data and users from multiple business units or organisations -- and the Software-Defined Warehouse shields system administrators from viewing the tenants' data, if required for security or privacy purposes.

• Business-to-Business Analytic Services: to simplify the hosting and managing of business-to-business analytic services for partners of Teradata customers.

• Data Mart Consolidation: to consolidate multiple data marts into a single system, which reduces the total cost of ownership and carbon footprint.

NOTE: This also provides a simpler way for users to gain an enterprise view of the data, while continuing to segregate the data, users, applications, and workloads from each data mart.

• Production Analytic Sandboxes to set up user-focused, self-service data labs, enabling new levels of data-driven insights and agility, without data duplication or creation of new silos.

"'Software-defined anything' has become a hot industry topic for organisations looking to speed provisioning and better utilise infrastructure resources," said John L Myers, managing research director for business intelligence at Enterprise Management Associates.

"Teradata's delivery of a software-defined warehouse provides a level of agility and 'push-button' simplicity that empower organisations to quickly deploy their data warehouse and data mart resources and effectively manage security across environments."

Mini case study

For example, a European-based multi-national company is currently required to dedicate a separate, stand-alone system within its data centre for each of the countries served. The employees within each country have access to their own secured data, but this model is not cost-effective. With deployment of the Software-Defined Warehouse, the data from all countries can be brought into a single system while offering the same security controls and access restrictions. This consolidation saves both time and money, while also guaranteeing consistent performance across workloads based on business priorities.

Neo Technology CEO: What is a graph database... and why big data needs one

bridgwatera | 2 Comments
| More

CEO of Neo Technology Emil Eifrem guest blogs below for the Computer Weekly Developer Network to explain what, really, we mean by the notion of the graph database.

TechTarget's own definition states that a graph database (also called a graph-oriented database) is a type of NoSQL database that uses graph theory to store, map and query relationships -- but is it worth hearing a definition laid down by industry too?

1Emil Eifrem_Neo Technology_2.jpg

A brief history of (database) time

Back in the mainframe era there were a huge number of different types of databases - all with different ways of organising the data on disk. But by the time we got into the 1980s, one model became dominant.

Enter SQL: with data organised into tables - think Excel - it was initially very successful, mapping very well with the majority of business applications available at the time.

They might be (data) giants

This was a time when the tech giants ruled. With Oracle, IBM and Microsoft in the game you could choose your vendor but the method of structuring the data was not up for debate...

... it was the SQL way, or the highway.

So why are we moving away from this trusted model?

Put simply, data no longer works as part of a one-size-fits-all strategy. With the arrival of big data we are no longer talking in Mb or Gb and we're certainly not talking about structured information.

Businesses are collecting vast streams of data about anything and everything, often without much thought on how it will be managed, analysed or even stored. Trying to push these huge, irregularly-shaped data sets into the traditional SQL model is painful.

Not Only SQL

Hence we have the 'Not Only SQL' movement (also known as NoSQL).

Within NoSQL we have real choice over how data is structured, each model offering various strengths and weaknesses.

Ed -- exactly ! .. as recently explained on Forbes: "NoSQL is argued to be shaping our future because, as a database type, it depends on data structures that can (for certain use cases) operate faster than traditional relational databases. The NoSQL data structure taxonomy is defined by key-value stores, documents or graph databases. In other words, the database design can be structured around what can be a more custom-aligned DNA for the use case in hand."

Eifrem continues...

Graph databases are part of this movement. Focusing on the relationships between data-points, rather than on the values themselves, graphs are perfect for those big, messy and connected data sets. This is something that SQL databases simply can't do - at least without spending significant effort creating complicated join tables.

With the graph you can ask complex and abstract questions that look beyond the first data connection.

They can uncover patterns that are difficult to detect using traditional representations such as tables. It may be a social graph; it may be going from point A to point B; or it may be product recommendations, where you want to know what else was bought by the people who bought similar things to you.

Importantly, understanding the connections between data, and the meaning of these links, doesn't need new data. You can pull new insights existing data, simply by reframing the problem and looking at it in a graph.

CWDN notes: about the author's firm

Neo Technology is the creator of the Neo4j graph database that brings data relationships to the fore -- the firm recently announced Neo4j 2.2, with major updates to derive maximum value from the data relationships. Enhancements in Neo4j 2.2 include a new Cypher cost-based optimizer and the addition of a new in-memory page cache to improve application read performance and scalability.


Image courtesy of Neo Technology.

Varnish buffs up glossy new API engine

bridgwatera | No Comments
| More

A sub-editor headline writer's dream, the highly-lacquered and beautifully-polished Varnish Software (Ed - did we use 'lacquered' yet?) has released its new Varnish API Engine.


The software helps developers manage what the firm calls the "proliferation of API calls" in the modern age of apps and the Internet of Things (IoT).

Early customer trials suggest that the Varnish API Engine can handle up to 20,000 API calls per second, that's quite a lot.

As the Internet of Things nexus expands, APIs gain significance as the 'glue' that connects and enables all the 'things' to communicate.

What is an API?

As defined on Forbes, "Application Programming Interfaces (APIs) establish a vital communications bond between different software program elements and data streams. APIs define the route for a programmer to code a program (or program component) that will be capable of requesting services from an operating system (OS) or other application."

ABI Research forecasts that the installed base of active wireless connected devices will more than double to reach 40.9 billion by 2020.

The product itself takes the average developer less than 60 minutes to deploy.

Features include:

• Authentication - verifies the identity of the client. Varnish API engine supports a broad set for authentication drivers and can be easily customized
• Authorization - grants the client access to a specific API or API call
• Metering - counts the number of API calls towards a specific API or API call and can track e.g. the usage of a specific client or subscriber
• Throttling - places limits on usage such as number of calls from a certain client or subscriber or usage from a certain API
• Caching - caches read-only API calls to reduce call overload

"With Varnish Cache, we boosted website performance, making it possible to cope with high traffic and changing content," explains Per Buer, CTO and Founder of Varnish Software. "We observed in the market and learned from our customers that APIs are going down the same route as websites, with a proliferation of users, devices and applications causing serious performance problems for legacy and home-grown tools. With Varnish API Engine we have created a simple and easy to use API management tool designed to give digital businesses a truly competitive edge."

The next version coming in Autumn 2015 will include a graphical web interface and will also be available through the cloud.

Preparing campuses for Bring-Your-Own-Behaviour

bridgwatera | No Comments
| More

This is a guest post on the Computer Weekly Developer Network by Andy Butcher, higher education evangelist at Extreme Networks.

A new definition for BYOB


The traditional education model of lecture-based learning and exams is changing as more distributive approaches hit our educational institutes.

With both colleges and universities requiring students to increase tuition fees in order to keep up with administration and other costs, both are now looking to new innovative ways of teaching to increase student enrollment whilst keeping costs down.

Simultaneously, new technology is also disrupting the traditional model. As new smart device technology is developed, its adoption rate continues to grow and fuel the proliferation of devices being brought into the learning environment.

Research from Gartner predicts that mobile data traffic will grow 59 percent in 2015, driven mainly by an increase in the use of mobile apps.

Such technology is supporting the creation of new ways of learning online and with students contributing to rising tuition fees, they now demand access to knowledge as and when they need to, anytime and anywhere, from technology that they are already familiar with. These financial and technology challenges are coming to a head as students demand more from their education, commonly termed as 'Bring-Your-own-Behaviour.'

Now, educational institutes must not only keep pace with this change but find a way to embrace it to keep students engaged in an affordable way.

Keeping pace with modern technology regardless of what technology may have already been implemented can be achieved by adding a high-speed and high performing WLAN solution that enables control and management of bandwidth so that students can learn at a time that suits them best.

The trend towards BYOB can help keep students engaged in learning but must work on the premise of familiarity - that means on the devices of their choice with anywhere access to learning material. Understanding student usage through a smart network application analytics tool can further better inform higher education of the best ways in which to keep students connected whilst on the move for competitive advantage and success.

Extreme Networks is a company specialising in high-performance switching and routing products for datacentre and core-to-edge networks, wired/wireless LAN access and unified network management and control.

To boldy code... IBM builds 'space apps' with NASA

bridgwatera | No Comments
| More

IBM is offering its Bluemix platform up for the NASA Space App Challenge virtual event to help developers build applications that contribute to space exploration.

Bluemix is a Platform-as-a-Service (PaaS) -- it is an implementation of IBM's Open Cloud Architecture (OCA), based on the Cloud Foundry open PaaS project for cloud-centric software application development -- it taps into an ecosystem of other services and runtime frameworks.

The NASA Space App Challenge virtual event is a two day 'hackathon' for scientists, educators, artists, students and - software application developers.

IBM will offer mentorship, guidance and tutorials for challenge participants; the firm says it will grant free access to over a hundred cloud-based services such as Watson analytics and Internet of Things (IoT) tools through Bluemix.


The NASA Space Apps Challenge exists to build applications, software, hardware, data visualisation and platform solutions to bolster space exploration missions and improve life on Earth.

This year, more than 10,000 developers are expected to participate across 136 cities and online through the virtual challenge.

Some examples of specific challenges include:

• Visualising Asteroids in the Sky: Participants are challenged to leverage data aggregators and analytics to create a system that can help NASA tracks asteroids.

• Sensor Yourself: Participants are challenged to put together a stream of senor data to guide movement for robots.

• Crop Alert - Learning from the Growers: Participants are challenged to develop a mobile/web app/SMS capability to help growers create more creative methods of growing crops.

Microsoft previews future Visual Studio 2015 product line up

bridgwatera | No Comments
| More

Microsoft has announced the Visual Studio 2015 product lineup that will be available when the version(s) ultimately release this summer.

While the Computer Weekly Developer Network does not cover 'projected releases' generally, the size of this forthcoming product does warrant some detail.

NOTE: Let's also remember that last November Microsoft made Visual Studio Community 2013 available for free - this of course is a 'full featured extensible' IDE for non-enterprise application development.

But a development environment is a development environment, isn't it?

Well... not so much.

The focus revolves around three principal offerings so that programmers can, "Select the tooling solution that best meets their needs," as they say.

This 'product diversification' (if you will) should make it easier to ensure all team members have access to the same tool set.

Microsoft's Mitra Azizirad explains that the firm is bringing Visual Studio Premium and Visual Studio Ultimate into one single offering called Visual Studio Enterprise with MSDN.

"[This offering] includes all the high value features you're already familiar with in Visual Studio Ultimate, along with new innovation that's coming with the 2015 release. So, in addition to Visual Studio Community and Visual Studio Professional with MSDN, our new Visual Studio Enterprise with MSDN rounds out the three primary Visual Studio 2015 offerings," blogs Azizirad.


The product breakdown is as follows:

Visual Studio 2015 Enterprise with MSDN: As quoted above, this 'coming together' of Visual Studio Premium and Visual Studio Ultimate is optimised for teams delivering high-scale applications and services.

Visual Studio Professional with MSDN: Slightly lower calorie than the above high-scale turbo charged product, this is a collection of tools and services for individual developers and development teams building professional-grade applications.

Visual Studio Community 2015: will give developers free access to the Visual Studio toolset for non-enterprise and open source development.

But here's the really interesting part, Microsoft tells us that key features of Visual Studio will be more broadly available across the 2015 product set.

For example, CodeLens - a feature previously available only in Visual Studio Ultimate - will now be provided as part of Visual Studio Professional and Enterprise. PowerPoint storyboarding will be provided for free to Community, Professional, and Enterprise users.

More colour will no doubt be provided at the forthcoming 'Build' Microsoft developer event next month.

What is a block chain?

bridgwatera | No Comments
| More

Software application development professionals working on security related technologies touching so-called cryptocurrencies will be aware of the block chain (or blockchain).


This is a network-based 'inviolable ledger' that, in terms of form and function, is fully public and is constantly being updated and confirmed by autonomous computers.

In line with this technology, a sequential transaction database technique is used to keep a ledger of cryptocurrency monies.

Completing the picture here (or at least adding another layer of colour) is the fact that transmission of 'bits' of data can performed using Cipher Block Chaining (CBC) where a sequence of bits are encrypted with a cipher key applied to a single block.

Notable cryptocurrencies include Bitcoin, Ripple, Litecoin, Peercoin and NXT/Nextcoin -- these are the brands with the highest current levels of market capitalisation.

Computaris: dialling into the ugly truth on SS7

bridgwatera | No Comments
| More

Telecommunications is rife for hacking, or at least that's what people say.

The problem is, many of our telco-level communications protocols, systems, subsystems and substrates have been around a long time -- and that's what makes them vulnerable.

Razvan Rusu, Computaris presales manager says that, as of now, a massive security flaw exists in the way all mobile networks operate and communicate with each other.

As firm, Computaris specialises in system integration, BSS technical consultancy and software development for software vendors and communication services providers (CSPs) -- basically, this is stuff like mobile broadband data policy management and provisioning etc.

Computaris says that there is an ugly truth at the heart of mobile networks and its not confined to a small, unused part of the network -- it's down to SS7.

According to, "On the public switched telephone network (PSTN), Signaling System 7 (SS7) is a system that puts the information required to set up and manage telephone calls in a separate network rather than within the same network that the telephone call is made on."

Basically it is a set of telephony signal protocols that handles almost every function in a mobile network, including voice calls and text messages.

The problem is (says Rusu) that SS7 was developed over 30 years ago without including any security mechanisms.

At the time of its design, SS7 network was considered a trusted network offering as it was designed with the possibility for a Network Element to pretend to be and to respond on behalf of any other Network Element.

The problem is (says Rusu), these design features are actually the flaws that can be exploited by hackers. The suggestion here is that SS7 was conceived at a time before hacking was even called hacking.

1 computrariefwe234r.png

Rusu writes as follows:

"To make matters worse, because of roaming agreements, SS7 messages flow freely between mobile operators. This means that an on-net call (calling and called part from the same network) that should never leave that mobile operator can be controlled by or redirected to any other mobile network operator. This allows hackers to target a mobile subscriber from anywhere in the world."

"Hackers use messages normally exchanged between mobile operators, which make SS7 attacks very difficult to detect. By sending seemingly normal requests they can obtain the International Mobile Subscriber Identity (IMSI), a unique number associated to every SIM card. Using the IMSI, the hackers can target their attack on a single mobile phone, sending only a couple of SS7 messages per targeted IMSI."

"Every mobile network is potentially at risk and consequently, every mobile user is as well. Mobile operators can secure the access to their own core network but do not have control over what happens with other mobile operators. The challenge for mobile operators is to block attacks while allowing normal messages exchange between operators."

"The current equipment used for routing SS7 (STP) are not capable of detecting and blocking these types of attacks. A solution is not easy, but nonetheless, it exists. First, mobile operators can hide the subscriber's real IMSI and MSC/VLR address. By home routing SMS messages, the real IMSI can be hidden while the SMS messages are still delivered. Hiding the IMSIs is a great step towards network security, since all the attacks need the subscriber's real IMSI. However, this first step is not enough, as hackers may already know the IMSIs of their targets from previous attacks. The IMSI is linked to the SIM card, so it changes very rarely. In addition to hiding the real IMSIs, mobile operators could enhance their STPs routing features. Messages received from other mobile operators can be sent to an external application that can decide, based on the data carried in that message, if the request is a genuine request or an attack."

The zeitgeist for the Internet of Things: 'thingalytics'

bridgwatera | 1 Comment
| More

The Internet of Things, The Internet of Everything, The Internet of Connected & Embedded Things and The Internet of Data...

... take your pick, they all mean (mostly) the same thing.


The notion of connected devices and the IoT is now becoming quite familiar to us and many users have started to adopt these technologies already.

In 2015 in the UK it is not uncommon to have British Gas Hive electronic heating controls, a home video monitoring system such as Piper or others and perhaps most obviously of all, a FitBit as a personal health tracker.

Time for thingalytics

The IT world is of course fond of a jazzy acronym or buzzword, so why not a buzzword title for a book about the Internet of Things?

Written by Software AG's Dr. John Bates, thingalytics is intended to show businesses how to take advantage of the fast big data that flows from the digital planet.

But how?

Thingalytics describes how to use real-time analytics and algorithms to seize the opportunities that flow from IoT while simultaneously minimising threats.

According to the book's promotional notes, "As each device from tractors to refrigerators to ships is digitized and connected to the Internet, it presents an opportunity for innovative businesses to learn from (and take advantage of) the digital data it creates."

IoT simples?

But it's not all going to be easy... the book warns us what happens when algorithms go wrong and cites a famous stock trading debacle thrown up by erroneous software code.

Bates also insists that this stuff is all new, "Because the volume and complexity of data have expanded exponentially in recent years, a thingalytics platform needs to be based upon completely new software architecture," he writes.

Digital Darwinism, digital disruption

"Digital Darwinism is unkind to those who wait," says R Ray Wang, who has written the forward to the book before listing a nicely complete description of what his firm Constellation Research does.

Using real stories from some of the most tech-savvy retailers, banks, transportation and soft drink providers, thingalytics delves into the world of analytics and algorithms to show the reader how to seize the opportunities buried within IoT.

Chapters include:

• It's all about me - the birth of personalised marketing
• Machines with feelings - smart industrialised and retail machines
• Home is where the smart is - yes, there is such a thing as a 'smart meal' - and yes, your TV might start only advertising to your exact demographic if you sign up within agreed privacy terms
• Take two smart pills and call me in the morning - your pancreas controls your endocrine system which acts as your body monitoring control, so why give it some help with an electronic monitoring sensor, in a pill
• Planes, trains and automobiles - yes, it's about those things
• The technology behind thingalytics - think big data, think streaming analytics, think cloud

CWDN opinion

Add thingalytics to your spellchecker now, this is the kind of phrase that sticks.

This book describes the zeitgeist of information technology today at the intersection of big data analytics and the change to a new information-empowered dynamism for consumers and businesses at all levels.

Dr. John writes with a cadence and spirit that reflects his real life persona; he is a techie original who just happens to hold a doctorate in software engineering and a C-level board position at Software AG.

This is an easy and enjoyable read and one that you can dip into randomly page by page if you don't want to start on page one.

About the author

Dr. John Bates is a forerunner in the fields of the Internet of Things and big data streaming analytics -- he holds a custom-engineered napkin neck attachment device and a PhD from Cambridge University.

Software AG: Vorsprung durch cloud-Technik

bridgwatera | No Comments
| More

As already reported on the Computer Weekly Developer Network, the team at Software AG is using this year's CeBit 2015 exhibition and conference in Hannover Germany to talk cloud.

2 pic.png

Specifically, the firm has launched a "Transformation to the Cloud" initiative.

Software AG has made the decision to deploy its entire cloud portfolio on the AWS cloud over the course of 2015.

Already running on Amazon Web Services (AWS) are the company's Alfabet Cloud and ARIS Cloud.

Alfabet is for IT planning and portfolio management as well as business process analysis.

Cloud-by-cloud breakdown

The Alfabet Cloud

Alfabet Cloud combines portfolio management with cloud technology to put IT portfolio management expertise in two editions i.e. it lets teams decide which option best fits their needs based on budget, portfolio management maturity, program goals and stakeholders.

The ARIS Cloud

This technology exists to design, analyse, share and collaboratively improve processes in the cloud with integrated social collaboration. The firm insists that it comes in three editions -- basic, advanced and enterprise -- to support the widest implementation of BPA projects...

... it's BPA cloud (Business Process Analytics)-as-a-Service, if you like.

So to this year's main event and the firm's international main press conference held on a Sunday afternoon.

At a gathering entitled Stand out in the Digital World - with the first Digital
Business Platform, chief technology officer Dr. Wolfram Jost chaired the proceedings together with CEO Karl-Heinz Streibich and Eric Duffaut, who is Software AG's chief customer officer -- the assembled collective wanted to show how their technology platform enables organisations to master digitisation.

Software AG now positively names and brands its latest offering as The Digital Business Platform - bus is this just a brand name for some cloud application services, or is Software AG doing anything tangibly different?

NOTE: The European Commission estimates that the digital economy will reach €3.2 trillion (in the G20 countries alone) by 2016 and already accounts for 8 percent of GDP.

Why old software is "broken"...?

The suggestion here is that old software doesn't work - it is:

• standard,
• conventional,
• packaged
• based upon old business logic

... and, very crucially, it is designed for relatively stable and predictable business situations.

This is the old world of software and it can not provide the flexibility needed for today's world of real-time business and rapidly changing market requirements.

NOTE: By way of clarification, Software AG is NOT contending that all old software should be "ripped and replaced" -- we know very well that a lot of legacy software exists because it is software that STILL WORKS. So rather then, the firm is talking about new digitisation programmes and new software developments for the most part.

"Today's enterprises must become digital to have maximum visibility into changing market behaviour, individual customer requirements, its own business operations across the entire supply chain as well as changing external parameters such as new government regulations or even weather conditions", said Software AG CTO, Wolfram Jost.

"The Digital Business Platform provides the foundation necessary to develop and deploy differentiating business applications, developed together with the business departments, in short and easily foreseeable release cycles," added Jostr.

He underlines that traditional packaged applications are not designed for this type of development approach.

"The benefits of analysing data from the Internet of Things, from the social end of the spectrum to machine to machine communication (M2M), making in-depth business decisions based on the information provided and dynamically adapting business processes and models to react to 'live' events are enormous", continued Jost.

"Providing a holistic approach that can manage and govern IT assets and automated business processes, on-premise and cloud integration and advanced
analytics, based on an in-memory and event driven architecture, is the only way that enterprises can fully utilize digitization. This is our philosophy behind the Digital Business Platform".

It's a question of PRODUCTS vs PLATFORMS ... with products, you have a piece of software and it will go out of date... but is you run a platform, you have the option to pull things in and out.

If we ask whether Software AG doing anything tangibly different - and the answer is yes, but it's a subtle yes.

The company has brought together its own recipe for combined IT in its own special way, this is the difference.

• It has core cloud functions such as Alfabet and ARIS.
• It has systems integration technology from its WebMethods products.
• It also draws upon WebMethods for its Agile software application development and process intelligence.
• It has capabilities to manage big data in-memory with its Terracotta line.
• It has real-time insight technology with Apama.

Now Software AG would tell us that this ingredient list makes the firm "unique", but we all know that only snowflakes and John Lennon are unique.

The company has also said that with this week's news it has launched the first ever digital business platform, but headlines like that on press releases don't help much to be honest, it's just PR showboating isn't it?

What we need to ask is whether there is real substance here behind the use of the term PLATFORM.

Jost further states that a "platform beats a product every time" - and what Jost means by this is firms should approach software applications that they may only end up using for say a couple of years in their initial form.

Software application development must move to reach a new level of ADAPTIVE APPLICATIONS that can be changed and tuned (often rapidly) says the firm.

This is because no software vendor can foresee the business logic of a company for more than a couple of years -- this is a good point.

So what we have here is a focused set of tools and technologies delivered in an efficient and logically packaged package.

Software AG has thought about how it has put these component ingredients together... it's a layer of advancement through intelligent cloud design.

Or perhaps Vorsprung durch cloud-Technik, yah?

Editorial disclosure: Software AG paid for most of Adrian Bridgwater's travel expenses to attend CeBit 2015.

Subscribe to blog feed

Find recent content on the main index or look in the archives to find all content.