Qualcomm's FLO puts a TV in your hand

MediaFLO, the Qualcomm subsidiary that broadcasts digital TV to mobile phones, introduced its first device on Wednesday by taking the phone out of the TV. The FLO TV Personal Television has a 3.5-inch (8.9 centimeter) diagonal LCD screen and a touchscreen interface that lets viewers change the channel just by swiping a finger across it. MediaFLO can broadcast as many as 20 channels of live and prerecorded TV on a dedicated network that complements mobile operators' infrastructure rather than consuming more of their mobile data capacity. The TV is set to go on sale during the year-end holiday season in retail stores at a suggested retail price of US$249.99. Service will be priced as low as $8.99 per month. Verizon Wireless launched MediaFLO on select handsets in 2007, and AT&T followed in 2008. The U.S. network operates on MediaFLO's own frequencies, former analog TV channels.

The handheld TV is one part of MediaFLO's expansion beyond selling TV on phones. MediaFLO has also tested the service in other countries, including Japan and the U.K. By promoting its FLO (Forward Link Only) technology, Qualcomm has set itself up against the widely espoused DVB-H (Digital Video Broadcast-Handheld) standard, a familiar role for the pioneer of CDMA (Code-Division Multiple Access) cellular technology. Last month, the company announced a partnership with automotive electronics manufacturer Audiovox to offer live in-car TV. That service will be sold through auto dealers as an added feature on new cars, typically with prepaid pricing for a year or more of initial service. Up until now, through the mobile operators, the service has been charged on a monthly basis on phone bills. The company did not detail monthly pricing for service on the Personal Television, but the $8.99 per month rate will come with a three-year prepaid subscription.

For example, Verizon sells a service with 10 channels for $15 per month. The Personal Television weighs just over 5 ounces (142 grams) and measures 4.4 inches by 3 inches by 0.5 inch. Consumers won't have to sign up for a contract to buy the Personal TV, but it can't be used for anything but watching MediaFLO's broadcasts. MediaFLO estimates its battery life at five hours of TV watching or 300 hours of standby. It has a software feature for users to set reminders of shows they want to watch, according to MediaFLO. Like other outlets for FLO TV, the Personal Television will get a unique set of channels, but the major brands MediaFLO offers will be represented, according to a company representative.

The device includes built-in stereo speakers and a stand to prop up the screen. ESPN, Fox, MTV, CNBC and MSNBC are represented among channels offered on FLO TV now.

HHS guts health-care breach notification law, groups warn

Privacy and civil rights advocates accused the U.S. Department of Health and Human Services of trying to neuter a landmark data breach notification law for health care organizations that is scheduled to go into effect next week. Companies that used encryption and data destruction methodologies to render sensitive health information unusable and unreadable to unauthorized individuals were exempt from the breach notification requirement. The law would require any organization covered under the Health Insurance Portability and Accountability Act (HIPAA) to notify patients of a data breach involving their personal health information. However, in an interim final rule published late last month, the HHS introduced a new "harm threshold" for breach notification which critics say completely guts the original intent of the bill.

The change allows health-care companies to do a self-assessment of the potential privacy and fraud risks stemming from a data breach and leaves it up to them to decide if a notification is justified. Under the change, health-care entities will be required to publicly disclose breaches involving health-care data only if they think the breach will cause financial or reputational harm to those whose data was compromised. If a breached company decides there is no harm, it will have no obligation to disclose the breach to anyone - even if it had taken no measures previously to protect the data. "The harm standard completely undermines the purpose of mandatory notification, which is that covered entities protect their patient data with strong safeguards," said Harley Geigel, legal counsel at the Center for Democracy and Technology (CDT), a Washington-based think tank. "Now an entity can avoid both encryption and notification because they can decide that any information that was released poses no risk," he said. The health-care breach notification law is part of the $20 billion Health Information Technology for Economic and Clinical Health Act (HITECH) that was passed by Congress earlier this year as part of President Obama's economic stimulus plan. The HHS did not respond immediately to a request for comment. The act requires HHS to develop rules for breach notification in the health-care industry.

In justifying the change, the HHS said a harm threshold was necessary to prevent needless breach notifications. The interim final rule, which contains the harm standard, was released late last month. It argued that the impact of notifications would be diminished if individuals got "flooded" with notices of breaches that posed no risk to their protected health information. But the comments are unlikely to be acted upon until the first HHS update to the rule in April 2010, according to the CDT. Meanwhile, the statute is scheduled to go into effect next week. The public has about 40 days to comment on the interim final rule before it becomes final.

Deborah Peel, founder and chairwoman of Patient Privacy Rights, a watchdog group in Austin, Texas, blasted the HHS' proposed harm threshold. It eliminates the consumer protection that Congress intended to be built into it," Peel said. The decision to include a harm threshold suggests that the HHS might have succumbed to pressure from the health-care industry, which has vehemently opposed a notification requirement, she said. "This harm requirement actually violates Congress' intent in the stimulus bill," she said. "This is essentially an industry rewrite of the law." Given the way the law is worded, health-care organizations will have little incentive to own up to a breach involving protected health care data, she said. "This is totally for the protection of the industry. She added that her organization will be part of a "giant response" to the proposed change by national consumer protection and privacy organizations. When making its original Request for Information on the notification rule, the HHS gave no indication that it planned on having a harm threshold, Geiger said. Given the manner in which the harm threshold requirement was introduced in the notification bill, it appears unlikely that the HHS will budge easily on the issue, Geiger said.

As a result, organizations such as the CDT and others had no chance to formally oppose or to have a public debate on the issue with the HHS, he said. "The way we read the statute, a harm standard should never have figured in the equation to begin with," Geiger said. Originally for notification purposes, a breach was simply defined as a compromise in which protected health information was exposed or accessed in an unauthorized fashion, he said. "How the HHS made the leap from the language in Congress to the interim final rule we don't know," he said.

Nobel Physics Winners Changed Our Lives

Like the Internet? If so, please take a moment to thank today's three Nobel prizewinners for their discoveries. Own a digital camera?

The three American scientists, honored today with the 2009 Physics prize, helped give us modern telecommunications-including the Internet-and digital photography. Sad it took 40 years to honor these great men-their work was done during the 1960's-but good health has smiled upon all three, now in their 70's and 80's. (Nobels are not awarded posthumously). Charles Kao, who also holds British citizenship, is being honored for his work helping to develop fiber optics, the oh-so-slender glass pipelines than carry digital data-converted into pulses of colored light-around the world. Fiber optic cable makes the high-speed communications possible, while charge-coupled devices (CCDs) are the cornerstone of digital photography. Born in 1933, Kao was in England when he invented a method to dramatically improve the purity of the glass used to construct the fibers. Dr. Boyle also holds Canadian citizenship. The other half of the $1.4 million prize was won by Willard Boyle, 85, and George Smith, 79, for their invention of the CCD, made at AT&T Bell Laboratories in 1969. CCDs are based on the photoelectric effect, which itself won a Nobel for Albert Einstein.

Read about the science being honored in this New York Times story. In honoring these three today, perhaps we can also honor all those who make our technology-based lives possible. Many other people played a part in making these Nobel-winning discoveries a part of daily life. Better, we can recommit ourselves to supporting basic science and research-hard thinking-that is so out-of-fashion in much of society today. You and I are direct beneficiaries of the work the Nobel committee has chosen to honor today. (The ceremony will be held Dec. 10 in Stockholm). Let's honor these scientists by supporting math and science education and, perhaps, in another 40 years we'll be honoring a new generation of American scientists for their life-changing achievements. At a time when we need more answers than ever before, we should be concerned about how many people are capable of asking the questions and putting what they discover to use for the good of everyone.

David Coursey tweets as @techinciter and can be contacted via his Web page.

Review: Kingston's new USB drive offers public and encrypted partitions

USB sticks have offered pretty much the same functionality over the past year or so. Kingston's new thumb drive offers the somewhat stand-out capability of allowing a user to set up an encrypted partition to safeguard some of that data, while allowing the remaining drive space to remain open and accessible by anyone. So when Kingston announced a new DataTraveler Locker USB Flash Drive that offered partitioning capability, I took notice.

I find this useful because I'm often lending my USB drive to friends who want a simple way to transfer files or temporarily save some data. However, it's possible that solution could render your drive unusable. You can trick a Windows system into creating partitions on a USB stick by flipping Removable Media Bit, making it appear as a permanent or fixed drive. So I liked the idea that I could quickly set up a partition on my USB stick to protect sensitive data while still being able to lend the drive to someone. Kingston makes two versions of its encryptable DataTraveler, dubbed the Locker and the Locker+. The Locker+ automatically encrypts everything stored on the drive using 256-bit hardware-based AES encryption. Or I could simply plug it into another computer without having to log in.

The Locker allows a user to partition space. You type in a password and reminder; your name and company; and then select "OK". That's it. Like most other USB sticks with encryption features, the DataTraveler Locker+ drive set up is as simple as one, two, three. Everything you save to the drive is now automatically encrypted. Once plugging it into your USB port, it will show up as a drive and you double click on "DTencryptor". Setting up the partition is intuitive and fast.

Kingston's DataTraveler Locker (sans +) setup isn't much more difficult. Pop up boxes guide you along asking to first pick a language, then to pick whether or not you want a "privary zone" - as it calls the encrypted partition. The slide scale on my 16GB capacity drive allowed me to partition up to 13.7GB of secure space. The software asks you to choose a password for the encrypted partition and then allows you to choose the size of the partition with an easy-to-use sliding scale. The DataTraveler Locker+ comes in capacities of up to 32GB, and the Locker comes with capacities of up to 16GB. The drive's size is pretty standard: 2.58-in x 0.71-in x 0.41-in. The DataTraveler Locker+ drive locks down and reformats after 10 incorrect password attempts, deleting all your data and protecting it from prying eyes.

One of the features I liked right off the bat is the ability of the two drives to protect themselves against brute-force attacks, or from someone attempting to guess the password. While other drives have this feature, they often tend to be the higher end, pricey models. Instead of a cap that can be lost, the drive swings out on a hinge - a relatively common form factor today, but still one of the best designs out there. Another attribute is the DataTraveler's cover. I'm a big fan of non-removable caps for obvious reasons.

The drive showed an average read speed of 28.3MB/sec and an impressive random access time of 1.7 milliseconds, but CPU utilization was a disappointing 24%. When you're running more than one application on your computer, that can definitely impact performance. I tested the DataTraveler Locker+ drive's I/O speed with Simpli Software's HD Tach 3.0 benchmarking softare. For my next performance test, I transferred a 2GB size document containing 544 files made up of photos, video and text documents to the encrypted partition, which took 5 minutes, 37 seconds. A 4GB model of the DataTraveler Locker+ retails for $36.00, an 8GB $50.00, a 16GB $100.00, and a 32GB DataTraveler Locker+ retails for $200.00. A 4GB model of the DataTraveler Locker retails for $30; an 8GB for $44; and a 16GB for $93. For comparison, you can purchase a 32GB SanDisk Extreme Contour USB Flash Drive with 256-bit AES encryption for $166.99 retail or a 16GB model of the same for $108.99. The DataTraveler drives are compatable with Windows 7, Vista, XP, 2000 and Mac OS X v.10.4 - v.10.6. While this drive is a little more affordable than others with similar encryption features, it mainly stands out for one thing: its partitioning capability. Not bad at all. Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld . Follow Lucas on Twitter at @lucasmearian , send e-mail to lmearian@computerworld.com or subscribe to Lucas's RSS feed .

The Richest CIOs: Our Annual List of Top Earners

Which CIOs are earning the most? The below chart details 2008 earnings for the top money-makers at public companies. What does a top CIO's total compensation look like? Methodology note: This list is based on publicly-filed SEC documents.

The total compensation figure combines value of stock and options awards, incentive payouts, perks, pension contributions and other compensation. It represents only CIOs from public companies among the Fortune 1000, where the CIO is one of the company's 5 highest-paid officers. For more background on CIO salaries, see our related story, "Richest CIOs: What's Behind Smaller Bonuses." CIO Earnings Top Technology Executive Title Company Total 2008 Compensation Salary Randall Mott EVP, CIO Hewlett-Packard $28,293,134 $690,000 Larry Kittelberger SVP Technology and Operations Honeywell International $8,030,866 $712,788 Sam Leno EVP Finance and Information Systems, CFO Boston Scientific $6,321,255 $621,721 Steve Squeri EVP Corporate Development and CIO American Express $6,252,701 $600,000 Bill Chenevich Vice Chairman, Technology and Operations Services US Bancorp $5,384,509 $537,521 Franck Moison President Global Marketing, Supply Chain and Technology Colgate-Palmolive $5,058,159 $641,667 Bob DeRodes former EVP, CIO Home Depot $4,836,618 $462,769 Tim Shack former EVP, CIO PNC Financial Services Group $4,577,332 $510,000 Glen Salow EVP Service Delivery and Technology Ameriprise Financial $4,071,987 $475,000 Randy Darcy* EVP Worldwide Technology and Operations General Mills $3,476,976 $489,895 Robert Willett* CIO Best Buy; CEO Best Buy International Best Buy $3,468,486 $821,157 Anil Kottoor SVP, CIO WellCare Health Plans $3,079,961 $305,000 Anna Ewing EVP, Global Software Development and CIO NASDAQ OMG Group $2,791,709 $400,000 Patrick McNamee EVP Operations and Technology Express Scripts $2,769,387 $464,981 Deborah Butler EVP Planning and CIO Norfolk Southern $2,723,561 $435,000 Michael Maslowski SVP, CIO CenturyTel $2,672,770 $353,712 Greg Framke EVP, Chief Information and Operations Officer Etrade Financial $2,059,718 $421,731 Kenneth Tye Sr. Exec. CIO magazine assistant editor Simone Levien contributed research support to this project. VP, CIO Total System Services $2,047,126 $440,013 David Johns SVP, Supply Chain and IT Officer Owens Corning $1,816,368 $367,500 David Kelley EVP, CIO TD Ameritrade $1,792,653 $300,000 Thomas Frank EVP, CIO Interactive Brokers Group $1,778,179 $312,000 Jenny Bolt EVP Operations and Technology Franklin Resources $1,768,722 $506,250 Michael Cheles VP IT MEMC Electronic Materials $1,745,238 $237,000 Rob Autor former EVP, CIO SLM $1,741,720 $350,000 Tim Sullivan Corporate EVP, CIO SunTrust Banks $1,698,634 $484,067 Bruce Goodman SVP, Chief Service and Information Officer Humana $1,588,048 $489,385 Lisa Bachmann SVP Merchandise Planning/Allocation and CIO Big Lots $1,572,566 $436,222 John Alexander Du Plessis Currie EVP, CIO Brightpoint $1,400,797 $475,000 Richard Flaks SVP, Planning, Allocation and IT The Children's Place $1,382,189 $494,497 Mahvash Yazdi SVP, CIO Edison International $1,228,790 $394,947 Calvin Sihilling EVP, CIO Nash-Finch $1,189,392 $378,866 Jeanne Moreno VP, CIO Snap-On $1,177,949 $319,340 Raymond Voelker CIO Progressive $1,170,457 $377,307 Scott Arvidson EVP, CIO Kansas City Southern $1,141,863 $336,386 Joseph Osbourn* EVP, CIO Tech Data $1,127,556 $498,001 Pierre Samec CTO Expedia $1,070,060 $350,000 Keith Morrow SVP, CIO Blockbuster $1,054,104 $350,000 Michael Relich SVP, CIO Guess? $977,590 $386,154 Gregory Tranter SVP, CIO The Hanover Insurance Group $948,736 $369,231 Richard White Former SVP, CIO MPS Group $916,176 $250,000 Richard Smith* SVP, CIO CarMax $864,800 $338,308 Lawrence DelGatto EVP, CIO Radian Group $845,018 $300,000 Kenneth Smith SVP, CIO and Human Resources Officer PolyOne $840,753 $333,308 Jon Kerner SVP, CIO MPS Group $837,517 $250,000 Larry Thomas VP, CIO Landstar Systems $808,482 $206,000 Dudley Sondeno SVP, Chief Knowledge and Technology Officer Southwest Gas $792,009 $272,377 Paul G.P. Hoogenboom* SVP, Manufacturing and Operations, CIO RPM International $727,055 $346,000 Bruce Marcus EVP, CIO McGraw-Hill $651,861 $420,000 Allan Lubitz SVP, CIO Mercury General $604,708 $325,000 Laurie Douglas SVP, CIO Publix Super Markets $540,093 $505,600 Richard George VP, Controller and CIO The Andersons $504,100 $210,885 Kenneth DeWitt VP, CIO United Rentals $459,486 $205,077 Source: SEC documents. *2009 figures were used when 2008 figures were not available. Follow senior editor Kim S. Nash on Twitter @knash99. Follow everything from CIO.com on Twitter @CIOonline.

Satyam faces claims of about US$267 million

Indian outsourcer Satyam Computer Services has received legal notices from 37 companies, demanding the return of 12.3 billion Indian rupees (US$267 million) they claim were paid to the company as temporary advances, Satyam said in a filing on Tuesday to the Bombay Stock Exchange. Satyam first mentioned these claims in June, but said that the matter was still under investigation by various authorities. The demand comes as Satyam, now managed by Indian outsourcer Tech Mahindra, has been trying to turn the corner after the company was plunged into a financial crisis in January. In January company founder B. Ramalinga Raju said that Satyam had inflated revenue and profit figures for several years.

Satyam informed the stock exchange that the companies want the money back to repay their creditors. His confession letter also referred to the advances arranged by Satyam from the 37 companies, Satyam said in the filing to the stock exchange. Among the creditors are Maytas Properties and Maytas Infra, both construction companies promoted by Raju's family. Tech Mahindra was selected in the bid, and acquired a dominant stake of 43 percent in the company. The Indian government, after taking over the board and management of Satyam in January, decided to invite bids to select a strategic investor in the company. The move by Tech Mahindra and its investment subsidiary Venturbay Consultants was seen as risky, as the results of Satyam had been ordered to be restated by the government.

Satyam said that it had replied to the legal notices from the 37 companies, describing their claims as "legally untenable." The financial scandal at Satyam is still under investigation by the Central Bureau of Investigation, a federal agency, and the Serious Fraud Investigation Office of the country's corporate affairs ministry. The accounts have as yet to be restated. Raju and others accused in the case are in custody, but have not been tried or sentenced.

Cloud computing inevitable? Not so fast, educator says

DENVER - Is cloud computing inevitable? FAQ: Cloud computing demystified Michael Dieckmann, CIO at the University of West Florida, thinks otherwise and the two spent Wednesday at the annual Educause conference debating the hype vs. the hope around commercial cloud computing that promises to cut IT costs and provide efficiencies. Maybe, but IT still has a lot of questions to ask before floating away on its promises, according to Melissa Woo, director of cyberinfrastructure and network and operations services at the University of Wisconsin-Milwaukee.

Woo's contention isn't so much that the cloud won't emerge as an option, but that IT still has a lot of questions to ask before floating away on its promises. "Why is the conversation always when, why are we not asking why," she said to a packed Educause session that with a raising of hands showed the audience of higher-ed IT pros are on the fence over cloud computing. "Gartner has cloud computing at the peak of inflated expectations on its hype cycle," she said. This week, cloud provider Rackspace reported its third outage since June. Woo noted recent reports of outages by large providers should grab attention. Last month, Microsoft reported it lost the data stored by users of T-Mobile's Sidekick service before eventually recovering most of the data. Where is that data being stored?

And Google, which provides e-mail services for students, faculty and staff on Dieckmann's campus, has had numerous outages that have frustrated users so much that Google developed a Google Apps Status Dashboard and pumps updates to users via RSS. "And what about the privacy risks, security risks? Where is research data being stored? Dieckmann countered that the cloud question is most relevant for commodity services, but the tricky part is that the definition of commodity services is constantly changing. "To many people e-mail is e-mail," he said. "Storage is becoming more of a commodity. How do you handle identity and access management, what happens if the cloud service falls out from under you?" Woo said. When that service can come externally just are reliably and with the same service levels we can provide why do we need to spend significant resources to run it in-house?" But on the cost issue, Woo's contention is that most universities don't have a true handle on costs and therefore can't determine if the cloud is saving money. "Another thing to think about is are we just cost shifting. But Dieckmann compared the cloud with what has been happening internally in IT over the past few years in terms of centralizing servers into data centers and adding virtualization for added efficiencies and benefits.

Are we throwing things over the wall for others to worry about," said Woo, who wonders about the burden put on legal and purchasing departments. "We are not just looking at saving IT costs but costs across the institution." Dieckmann, in part, conceded Woo's point, saying he spends more time now with UWF's general counsel than he did before venturing out into the cloud. He said many of the same arguments IT made for centralization are now being turned against them via the cloud debate. "Part of what is uncomfortable here is that it is our apple cart that is now being upset," he said. "But we need not approach this as a poison pill. What if the cloud provider breaks the SLA, do we know how to measure harm if our storage disappears," she said. "We need to come to grips with the inevitability of the cloud," Dieckmann says. There are many advantages and we should be leading here rather than following." Woo contends the transfer to centralized IT has been based on trust, but questioned whether that same trust exists in the cloud. "Can we negotiate good service-level agreements (SLA). We don't have the maturity to negotiate those. The massive economy of scale involved in cloud computing can make it the most cost effective way to provide services for higher education, he contends. "Cost is not a minor concern today." When evaluating cloud services, he says users must focus on how the cloud alters the parameters on the old notion of outsourcing, an idea that was hot nearly a decade years ago but lost its sizzle for technological and other reasons.

He concedes the debate has many layers, but he points out that end-users have their own cloud choices now and that could eventually mean less IT control. "Our clients are voting with their feet," he said, in reference to students and faculty who go out on their own to online services. "Our challenge will be to combat the choices users make and to keep coherent IT enforcement," he said. "The next evolution of this is academic departments deciding to using the cloud and they are not doing that with IT or general counsel input. The cloud has benefits that can't be ignored, Dieckmann says, such as delivering infrastructure as a service, support for massive sharing, flexibility and a pay-as-you-go model. In some cases we have no control. We need to show some leadership." Follow John on Twitter.