Coop's Corner

Like a lot of green-technology companies, Tendril is waiting for the federal stimulus money to start flowing.

"I think it will act like a massive accelerator," said CEO Adrian Tuck, whose company makes sensors that consumers can use to monitor and control their consumption of energy.

But echoing a common concern, Tuck also hopes that Tendril and other green-tech start-ups will not need to wait too long before the spigots open.

You know the cliche about time being of the essence? It's a refrain I heard again and again during the course of interviewing CEOs as part of a CNET News special report examining the progress and prospects of green tech.

The paradox is that the most interesting companies in the field often happen to be the very ones who don't have access to capital because of the economic crisis.

How much will an immediate cash infusion help? Plenty, according to Tuck, who says the public will see a quick payback from the coming investment in this nascent industry. For example, he predicts that for every $100 the U.S. Department of Energy invests, Tendril can save $100 for the consumer within 18 months.

"What we and others like us bring to the table is speed," he says.

But despite the confident tone that Tuck and other CEOs working in the green-tech industry voice, one big uncertainty remains: Will the money get into the hands of smaller, entrepreneurial outfits in the beginning, or will Uncle Sam prefer to deal with the bigger, established companies? How that question gets answered may very well decide the fates of many of the companies whose ambition is to change the world.

Hackers were able to penetrate Spotify's computer network, potentially exposing the personal information and passwords of some of the music service's users.

In a company blog announcement, Spotify did not get specific about the extent of the breach. Here's part of the post:

Along with passwords, registration information such as your email address, birth date, gender, postal code and billing receipt details were potentially exposed. Credit card numbers are not stored by us and were not at risk. All payment data is handled by a secure 3rd party provider.

If you have an account that was created on or before December 19, 2008, we strongly suggest that you change your password and strongly encourage you to change your passwords for any other services where you use the same password.

The company, based in Europe, was not immediately available for comment so it was unclear how many of its users were affected or to what extent. But in an article published by Britain's Guardian, the newspaper's technology correspondent reported that "thousands of users' personal details may have been stolen by hackers."

In the 18th century, the epistolary novel was all the rage in France and England. Now, it seems, the tit-for-tat style of opposing letters has become a preferred method of dialogue between Iowa Senator Charles Grassley and Microsoft.

In late February, Grassley urged Microsoft to rethink the use of "H-1B or other work visa program employees over qualified American workers." Grassley issued his letter after Microsoft announced its first across-the-board layoffs.

"I encourage Microsoft to ensure that Americans are given priority in job retention. Microsoft has a moral obligation to protect these American workers by putting them first during these difficult economic times," Grassley wrote.

Microsoft responded with an anodyne statement at the time but declined to engage the Senator.

Until now.

In a detailed response, the company's general counsel, Brad Smith, said there would not be a "significant change in the proportion" of employees working at Microsoft with H-1B visas.

Here are the key excerpts from Smith's letter to Grassley:

H-1B employees have always accounted for less than 15 percent of Microsoft's U.S. workforce, the level that is used in immigration law to determine whether a company is "H-1B dependent." Nonetheless, the ability to tap into the world's best minds has long been essential to our success. Although they are a small percentage of our workforce, H-1B workers have long made crucial contributions to Microsoft's innovation successes and to our ability to help create jobs in this country. We are confident this will continue to be true in the future.

We focus our recruiting for core technology jobs at U.S. universities, which continue to be among the best in the world for computer science and engineering graduates. However, as one recent study found, in 2005 temporary residents earned more than 40 percent of the engineering and computer science degrees at U.S. higher education institutions. For doctoral degrees, that number was even higher, as temporary residents accounted for 59 percent of the degrees awarded in these fields that year.

The substantial majority of H-1B petitions filed by Microsoft are for core technology positions, and technology and engineering positions account for about 90 percent of Microsoft's H-1B workforce. Many of these H-1B employees have been seeking permanent resident status for many years and would no longer be dependent on their H-1B visas but for multi-year delays in the green card process.

With these factors taken together, we do not expect to see a significant change in the proportion of H-1B employees in our workforce following the job reductions.

Microsoft declined to comment beyond the text of the letter.

Update:
After publication, Grassley's office sent me the following statement from the senator.

"I appreciate Microsoft's response and while I'm happy to learn of the company's efforts to boost science and technology initiatives in both American secondary and post-secondary schools, I'm still left without much information about how Microsoft is ensuring American workers are being protected or specifics of its H-1B hiring practices. I'm interested in learning more details."

Add Hewlett-Packard to the list of companies reining in the number of corporate perquisites that once defined the high life in Silicon Valley. In a Monday filing with the Securities and Exchange Commission, the company said it had changed its policy covering personal use of corporate aircraft.

Here's the fine print:

HP will no longer provide its executive officers with a gross-up to cover the individual income tax incurred when corporate aircraft are used for personal purposes (including spousal travel on business trips).

Previously, the policy provided that the chief executive officer would receive a gross-up for the tax associated with the value of the first 25 hours of personal usage (which usage could have included his spouse and other guests) during each fiscal year. The policy also provided that other executives would receive a gross-up for the tax associated with the value of spousal travel on business trips if the spousal travel was requested by HP.

The company made its announcement in supplement to its annual proxy statement, The "gross-ups" refer to additional pay that goes to compensate what an exec might pay Uncle Sam in taxes for the use of corporate aircraft.

On the surface, it sounds like an odd couple: Facebook, one of the most recognizable successes in the Web 2.0 firmament, and Zuora, a start-up with a suite of subscription commerce products based on the software as a service model.

But Zuora is betting on a computing trend: that as more applications move to the cloud in coming years, the natural corollary is that developers will follow the money and necessarily move in the same direction.

Even on Facebook.

"There are 140 new applications a day on Facebook because it's so easy and so viral a platform," Zuora CEO Tien Tzuo said. "But is anyone making money on Facebook?"

Probably not many. While developers have built profitable businesses on cloud-based platforms, such as Amazon Web Services, Salesforce.com's Force.com, and Google AppEngine, the same can't be said of Facebook. That's a source of no small amount of frustration for developers hemmed in by Facebook's restrictions on placing ads on the service (not to mention the relatively low advertising rates for in-application ads on the service.)

That does not preclude the possibility that someone will find a way to unlock the potential of the so-called Facebook Economy. But so far, it's more of a scenario than a reality. Tzuo, who is about to give it a shot, argues that if each active user on the service had a $1 monthly subscription, that scenario could turn into a reality with more than $1 billion in annual subscription revenue.

So it is that on Monday, Zuora is debuting a cloud-based service at the Demo conference. The product, called Z-Commerce, consists of different modules that a developer can use to set up and manage a subscription service on Facebook. Z-Commerce also comes with pre-built widgets that can get plugged into existing Facebook apps without the need for additional code work.

For its part, Zuora assumes responsibility for the back-end arrangements, including billing and payments. The ambition is large: to attract enough Facebook developers to the idea and transform their applications into subscription services. If enough of them conclude that this is an idea whose time has come, Tzuo believes that Facebook can actually evolve into an enterprise cloud computing platform.

A tall order, to be sure. Still, I'm sure Mark Zuckerberg wouldn't have any issues if that came even halfway true.

Updated at 3 p.m. PST: An earlier version of this report misidentified Sam Hopkins' position at the company. He is chief technology officer and a co-founder.

Earlier this weekend, I pointed to a report that a Pittsburgh area Internet security firm had discovered a file containing government blueprints and avionics for President Obama's helicopter on an IP address in Tehran.

During a traffic analysis, the company, Tiversa, headquartered in Cranberry Township, found that one particular file was actively being shared via a P2P protocol. On Sunday, I spoke by phone with the company's co-founder and chief technology officer, Sam Hopkins. Here's what he had to say.

Question: What tipped your team off to the possibility of classified information being leaked to outsiders?
Hopkins: Let me first back up and offer some perspective. There are millions of people who in the last couple years have installed P2P software to share their hard drives...You may go to a hospital and give me your Social Security number and your name and address. That hospital may have the best information protections in the universe, but then they give that information to a billing company and that company accidentally leaks it. This happens all the time. In this case, we weren't actively looking for this, but (the information) came back to our data center and matched one of our signatures which we then analyzed.

Q: Talk about the chronology. When did your team first pick up on the leak?
Hopkins: Around the October to November (2008) time frame. We get about 100,000 or 200,000 confidential files that we bring back and if we find something really bad, we will contact that company and say that your information is out there on a peer-to-peer network. In this case, it was over in Iran, where they were actively trolling for information. We notified the defense contractor and they went through their steps to notify the Department of Defense.

Q: And it was a P2P connection that led to the leak?
Hopkins: It was on the Gnutella network. Someone installed it and it may have been a buggy client. All it takes is for someone to say, "Hey, do you have anything on this client?" and it gets downloaded. We see 50 of those a day. There was a large publicly traded company which accidentally just disclosed all their forecasts and M&A plans throughout 2009. A person leaked all his files and all his internal e-mail conversations as well as his calendar and all his contact information.

Q: In this case your company is reporting, what information was breached?
Hopkins: The entire avionics system of the president's helicopter, and various upgrades by contractors.

Q: So your team concluded that the materials fell into the hands of Iran. Is it possible that other actors also are trying to take advantage of similar openings in the system?
Hopkins: Heck yeah. Every nation does that. We see information flying out there to Iran, China, Syria, Qatar--you name it. There's so much out there that sometimes we can't keep up with it.

Q: I would have assumed military contractors would use more secure networks to communicate.
Hopkins: Everybody uses (P2P). Everybody. We see classified information leaking all the time. When the Iraq war got started, we knew what U.S. troops were doing because G.I.'s who wanted to listen to music would install software on secure computers and it got compromised.

Q: This is what your company specializes in, obviously, but what's your professional opinion about the extent of this sort of thing?
Hopkins: This is the biggest security problem of all time. Coming from me, it sounds biased. But you can get 40,000 Social Security numbers out there at the drop of a hat. We've had people come into our data center and we've shown them things that are out there on P2P and they go away with their minds blown.

Did Missouri's U.S. senator, Claire McCaskill, just use Twitter to blab the timing of President Barack Obama's choice to run the Department of Health and Human Services?

On Saturday afternoon, McCaskill left this post on the microblogging site: "A little anxious about the announcement of HHS Sec. Hopeful that my pal Gov of Kansas will get the call. It should happen today or tomorrow."

Obama's initial choice for the post, former Senate Majority Leader Tom Daschle, withdrew his candidacy after he acknowledged failing to pay $140,000 in taxes and interest.

Actually, the announcement--whenever it gets made--comes as a bit of an anticlimax. Kansas Governor Kathleen Sebelius has, indeed, been widely reported to be Obama's choice for the post, according to press leaks over the last couple of days. Still, there is that small matter of presidential prerogative to consider.

Oh well. I'm sure that McCaskill can "tweet" her apologies to the Twitter-in-chief, and all will be forgotten.

Besides, McCaskill has carved out a reputation as one of the most avid Twitter users in the Senate. When she noticed that Supreme Court Justice Ruth Bader Ginsberg showed up for President Obama's speech to Congress Tuesday night, following an operation related to her pancreatic cancer, McCaskill posted the following: "I did big wooohoo for Justice Ginsberg (sic). She looks good."

Last week, much was written after several members of Congress were found to have twittered during the president's nationally televised speech.

I'm spending Saturday in an auditorium somewhere in the bowels of Microsoft's Mountain View, Calif., campus. The occasion: a series of panels co-sponsored by Microsoft, Google, the Computer History Museum, and the American Academy of Arts & Sciences, probing "the impact of information technology on society."

That's quite a mouthful, not to mention quite an ambitious subject to tackle, but a very timely conclave. To their credit, the hosts have assembled a collection of very big brains up for the task.

The day started off with a rocking presentation by Joshua Cohen, a Stanford professor of political science. Alluding to the accelerating collapse of newspapers, he cautioned that the still-to-be-determined impact on the American polity will be anything but good.

"Here's where there is a big problem," he said, arguing that a "successful democratic sphere" is impossible without the information that newspapers supply. He added that "the damage is growing, and the consequences, potentially, are severe."

"Call me old-fashioned," Cohen continued, but blogging will not offer "a viable alternative" to investigative journalism. He faulted arguments that an increasingly decentralized blogosphere can fill that vacuum, a contention that he dismissed as "cyberutopianism."

"It is not only misplaced," Cohen said. "It's dangerous."

Talk about waking up with a strong cup of coffee.

Cohen's argument has been made by many others in different forums. But for the sake of perspective, however, keep in mind that it not universally shared. You'll find investigative reporting by agencies or individuals who don't belong to the ranks of professional journalists. But as the discussion broadened out to the political impact technology was having on public discourse, electoral politics, and governance, Cohen maintained that investigative journalism was "an important source" of information for the nation's political discourse.

"I think you have to talk about investigative journalism...It's not about weather or reporting sports. A world in which investigative journalism disappears is not a world in which democracy works very well," he said.

"The situation is getting urgent. Big newspapers are laying of about 20 percent of their investigative journalists," he said. "This is a profession where people learn how to do it. There are standards. It would really be a disaster if this investigative profession went out of business, a disaster for democracy. There's absolutely no reason to think that there's a fundamental hostility between the future of investigative journalism and technology, but nobody's figured it out yet."

He was right about that. Nobody did provide a conclusive answer to the question. Another panelist, Edward Felten, who teaches computer science at Princeton University, said that by 2020, the current disruptions taking down so many newspapers will lead to a reshaped landscape with more emphasis on what's taking place in peoples' backyards.

"There will be many fewer newspapers...partly due to fact that people can read newspapers from far away. We'll see smaller outlets which focus on the local and operate in a low-budget way, more like a community paper than a big city newspaper. And we'll see a lot of non-profit or low-profit punditry."

MOUNTAIN VIEW, Calif.--George Zachary, a partner with Charles River Ventures, offered an apercu that may wind up getting quoted quite a lot over the coming year. Cloud computing, he said, "is the new dot-com."

I have the feeling that he's right. I spent Friday afternoon listening to executives representing several of the top companies in their respective spheres, singing hosannas to the power of the cloud. This was a serious gathering of technologists, and their enthusiasm for cloud computing's potential hearkened back to an earlier time.

In fact, after the tech industry began rebuilding following the dot-com bust in the early part of the decade, many of these folks were similarly waxing enthusiastic about a new generation of Web-based consumer applications. So it was that they approached the growth of Web-based infrastructure to host storage and applications as a promising harbinger.

"It's the biggest shift we've had in computing in two decades," said Salesforce.com CEO Marc Benioff.

Benioff, who made his comments at a roundtable discussion on cloud computing organized by TechCrunch, also offered up an anecdote to underscore the speed with which peoples' computing habits are changing.

After closing the company's fiscal quarter, Benioff was scheduled to fly off to Davos, Switzerland, to attend the World Economic Forum. He was supposed to schlep along his laptop for the trip, but ultimately opted to leave his personal computer at home. Instead, he relied on his BlackBerry smart phone, which accessed all of Benioff's applications over the conferences Wi-Fi service.

"Everything ran in the cloud," he said.

Vic Gundrota, the vice president of engineering at Google, said the shift had essentially retired the importance of platform lockup, a debate which he said mattered more than a decade ago. Nowadays, he said, regardless of the platform, "through magic of the Web, we've built a platform that's available through the browser."

But there's still a lot to be settled, not the least being the challenge of how to bring to enterprise computing more of the user-friendly software interfaces that people have become accustomed to in the personal computing realm.

"We need to have protocols that are open and accessible for anyone to use," said Werner Vogels, the chief technology officer at Amazon. He added that "in many ways, we are still at Day 1."

Paul Buchheit, the founder of Friendfreed, echoed that sentiment. ""We talk a lot about back-end infrastructure, but if you look at this from a user perspective, it's about how all this will interoperate," he noted. "There has to be a user experience that makes it simple."

How long this shift is likely to take to complete was a subject that got batted around without conclusion. Interestingly, Lew Tucker, the CTO at Sun Microsystems, suggested that "start-ups are already there" but that enterprises were relatively lagging behind.

Some, like Benioff, noted the irony of holding a roundtable discussion about cloud computing on Microsoft's premises. That was not lost on the participants. Before the meeting, one of them said privately, "They realize that the world's changed. They're smart but they also know they need to evolve with the times."