Apple marginally improves App Store approval process

The App Store approval process appears to be improving in fits and starts. Wired was among the first to note that the Apple Dev Center site now features a table that displays whether a submitted application is "Waiting for Review," "In Review," or "Ready for Sale," along with a timestamp for each entry. Developer who submit their programs into Apple's black box can now get limited status updates on the state of the process.

But we've confirmed the update, which has also been mentioned by some iPhone developers on Twitter. Previously, the site gave only extremely impersonal statistical information about the overall approval rate, along the lines of Apple's claims last March that it approved 98 percent of applications within a week of submission. Of course, that's about the bare minimum information that the company should provide, and the system appears to be new enough that we don't yet know how it will handle the bizarre rejections that have plagued the approval process like crows stalking Tippi Hedren. This move is a step in the right direction, but it's also a little ridiculous given that the App Store has been open for well over a year-this is the kind of basic feedback that should have been in place from day one. The real problem here is that it seems that Apple doesn't treat developers-outside of the inner circle it parades around at events-with the same basic courtesy that it accords its customers. Meanwhile, prestigious developers continue to walk away from the platform, the latest being Facebook iPhone app developer Joe Hewitt, who has not shied away from expressing his disappointment with the App Store review process.

This, despite the fact that not only are pretty much all iPhone developers also Apple customers, but they pay to develop apps for the platform (and many have told me in the past that they'd gladly pay more if it were accompanied for a higher level of service). Imagine you, as a customer, bought a computer from Apple's online store. Should your order suddenly be canceled, wouldn't you want an explanation? Would you expect the ability to know the status of your order? And should you not be satisfied with that explanation, wouldn't you want some form of recourse, whether it be simply talking to a manager? And consider that not only are developers paying money directly to Apple, but they're investing in Apple, in the success of its platform-they're tying their own livelihood to Apple's product. These are all things we take for granted as part of the consumer experience, but they're elements woefully lacking from most developers' interactions with Apple.

They have a stake in Apple's prosperity so, despite being labelled as whiners and complainers, they want Apple to succeed. Sure, for every developer that decides to stop working on the iPhone there are a thousand that stay. You'd think that it would entitle them to a little respect. But you can bet Apple looks at data to figure out why people decide not to buy its products-I only hope it's being as vigilant about the developer side of the equation.

VMware ties disaster recovery to vSphere, lifting obstacle to adoption

VMware's Site Recovery Manager is now supporting vSphere, eliminating one of the obstacles preventing customers from upgrading to the latest version of VMware's virtualization platform. VMware on Monday released SRM version 4, with support for vSphere and other upgrades including a "many-to-one failover [that] protects multiple production sites with automated failover into a single, shared recovery site." Because Site Recovery Manager did not immediately support vSphere, numerous customers have delayed upgrades from 3.5, acknowledges Jon Bock, product marketing manager for VMware's server business unit. vSphere 4, the successor to ESX Server 3.5, was unveiled in April but until now did not work with Site Recovery Manager, VMware's software for recovering virtual machines in case of disaster.

Now that SRM supports vSphere, adoption should accelerate, he said. "vSphere was a significant change that we had to update the add-on products for. But the months-long delay is similar to delays often seen between the release of a new operating system and add-on products, he said. "A customer who has important production applications on ESX 3.5 is probably not going to upgrade to vSphere 4 the day after it's released," Bock said. In a perfect world, we'd love to have all the new releases of products released on the same day as the platform," Bock said. vSphere is still not supported by VMware View, the vendor's desktop virtualization software. Lifecycle Manager just gained compatibility with vSphere in a new release a few weeks ago. VMware View will be compatible with vSphere in its next release, expected in 2010, according to a VMware spokeswoman.

In addition to support for vSphere, Site Recovery Manager now supports NFS storage, along with Fibre Channel and iSCSI, which were already supported. "We have a lot of interest in NFS from customers looking at using that in important applications," Bock says. VMware provides an integration module to partners, and most of the major storage companies have made their products compatible with Site Recovery Manager. SRM works by integrating tightly with storage array-based replication. Shared recovery sites, the other new feature, could be useful for companies with multiple branch offices, Bock said. The new version of SRM is available now and costs $1,750 per processor.

Overall, the new release is "focused on expanding the use cases for Site Recovery Manager," he said. SRM was first released in June 2008 and has been purchased by more than 2,000 customers, Bock says. Virtualization offers inherent advantages when it comes to disaster recovery, since it eliminates the need to recover the actual physical server an application was running on, Bock notes. That's still a small portion of VMware's 150,000 customers overall. Some customers have been using SRM not for disaster recovery but to move applications from one site to another when they are switching data centers, he said.

SRM support for vSphere was a highly anticipated feature, says ITIC analyst Laura DiDio. "Disaster recovery and backup are in every customer's top five checklist of things you must have," she says. Still, disaster recovery is the main purpose for the software. Follow Jon Brodkin on Twitter

ITU Telecom World expo shifts in response to economic crisis

The ITU Telecom World exhibition has returned to Geneva after a visit to Hong Kong in 2006 - and has brought many Asian exhibitors back with it. The booths of China Mobile, ZTE and Datang Telecom Group loom over the entrance to the main hall, alongside those of NTT DoCoMo and Fujitsu, while upstairs Huawei Technologies and Samsung Electronics booths dwarf that of Cisco Systems, which has more meeting rooms than products on display. "Ten months ago, people were urging us to cancel the event," said Hamadoun Touré, secretary-general of the International Telecommunication Union, which organizes the exhibition and the policy forum that runs alongside it. There are also signs that the way some companies are using the show is shifting. The pessimists feared that the show would attract neither exhibitors nor visitors, as companies slashed marketing budgets and cut back on business travel in the midst of the economic downturn.

The ITU still expects 40,000 visitors at this year's show; 82,000 turned up at the last Geneva event, in 2003. This year, around half the show is occupied by national pavilions: Saudi Arabia has the biggest, followed by those of Spain and Russia. While the show is noticeably smaller than previous editions - it only occupies Halls 2, 4 and 5 of the sprawling seven-hall Palexpo exhibition center, with some yawning gaps between stands, Touré is satisfied. "It's a good show, despite the crisis," he said. Other European nations, including Belgium, France and the U.K., also have pavilions, but by far the most numerous are those of the African nations: Burundi, Egypt, Ghana, Kenya, Malawi, Nigeria, Rwanda, Tanzania and Uganda. The biggest company stands are those of the Asian network operators and equipment manufacturers, with the U.S. and Western European countries keeping a low profile. Microsoft and IBM have booths, but you'd barely notice. This domination of the show floor is not down to size alone: It's also about tactics.

There were actually only three of them, but their effect was magnified by loud music and the multiple video walls on the booth. Russia deployed what looked like an army of violinists dressed mostly in sequins on its stand on Monday. China Mobile has taken a similar route, with the logo of its 3G mobile brand, Wo, swirling and pulsing hypnotically across the walls and even the ceiling of its booth. Similar exhibits fill the stands at NTT DoCoMo and Samsung. ZTE has taken a more traditional route, with glass cases full of mobile phones, modems and cellular base stations. On the Cisco booth, there are almost no products to be seen - unless you count the looming bulk of one of its TelePresence systems, linking the booth in high resolution to similar systems around the world.

This shows images of the products that can be rotated on screen to examine them from different angles - and even measured or dismantled so that prospective buyers can figure out whether they would fit in their data center. Other elements of the Cisco product range are present virtually thanks to another screen, supplied by Massachusetts-based Kaon Interactive. Like Secretary-General Touré, Cisco faced a crucial decision last year about whether to maintain a show presence in Geneva. "One year ago, it wasn't clear how many customers were going to make this trip," said Suraj Shetty, the company's vice president of worldwide service provider marketing. That's why the rest of the stand is given over to meeting rooms. "Our focus is on customer intimacy," Shetty said. However, the company realized that "this could be used as an opportunity to shift how we get contact with customers," he said. Carrier Ethernet specialist Ciena has taken a similar approach.

Like Cisco, it prefers to show products virtually, rather than physically. "Computer graphics and touch screens are more effective in these cases. Its stand, close to Cisco's and even more discreet, consists entirely of meeting rooms. That's the trend," said Ciena CTO Stephen Alexander. If you're buying bulky network or data center infrastructure, then don't expect to kick the tires at a trade show next year - although you might be able to click on them, on the booth's screen or your own.

Intel/AMD deal could help solve virtualization compatibility problems

The $1.25 billion Intel/AMD settlement announced Thursday could improve competition in the server hardware market and solve some lingering problems related to server virtualization, analysts say. 50 greatest arguments in networking: AMD vs. But a new five-year cross-license agreement between the companies raises the possibility that Intel and AMD will share information on their instruction sets and enable live migration across servers with different processors, he says. Intel Today, a virtualization technology known as live migration lets customers move workloads from one physical server to another, but only if both servers contain processors from the same chip maker, according to Forrester analyst James Staten. "If you look at the virtualization instruction sets that have been implemented by AMD and Intel, they are incompatible with each other," Staten says. "If you build a virtualization pool and do live migration from one system to another, it has to be all Intel, or it has to be all AMD." The Intel/AMD settlement, which ends various antitrust and patent cross-license disputes, doesn't explicitly talk about virtualization, Staten notes.

Gartner analyst Martin Reynolds agrees the Intel/AMD settlement could be good news for virtualization customers. "If they were to integrate virtualization more deeply into the processors as a single standard that companies use, it's possible virtualization could become less expensive," Reynolds says. In the wake of the settlement, there are several other potential areas for new levels of compatibility between Intel and AMD processors, Staten says, including memory and power management, and security. The virtualization incompatibility has mainly harmed AMD, because the issue forces customers to standardize on one type of server and Intel has a dominant market share, according to Staten. Broad collaborations between the rivals should not be expected, though. "These are two fighters who just took a lot of bruises over the last two years," Staten says. "They're not about to run to the center of the ring and shake hands." In lawsuits filed against Intel, AMD claimed that Intel illegally forces customers into exclusive deals with cash payments, discriminatory pricing, marketing subsidies and other practices. I think that's beneficial for all." AMD benefits from the settlement more than Intel does, because it eliminates many concerns customers have about purchasing AMD-based servers, according to Staten.

The settlement prohibits Intel from "offering inducements to customers in exchange for their agreement to buy all of their microprocessor needs from Intel," and other anticompetitive practices such as inducing customers to limit or delay sales of AMD products. "Intel agreed to a set of rules of the road for how they will conduct business going forward," says AMD spokesman Drew Prairie. "It should help create a fair and open competitive environment where products compete on their merits, and where innovation is rewarded by the marketplace. Even if customers like AMD technology, they might have chosen Intel-based servers instead because of concerns about AMD's viability. The time and money allocated to fighting Intel in court may also have distracted AMD from product development. "Having those hindrances gone will definitely help AMD because their CPUs are quire competitive at this point," Staten says. Moreover, if AMD's allegations were correct, that means Intel's business practices were preventing OEM vendors from embracing AMD processors to the extent they would have liked. The settlement also makes AMD more attractive to outside investors, Reynolds says.

While both companies are embracing multi-core processors, Intel is taking a homogenous approach in which every core is the same and AMD is using different types of cores in the same CPU for different workloads, according to Staten. AMD is taking a different approach than Intel to the server market. AMD is also trying to go down the multi-core path faster than Intel, with attempts to get 16- and 24-core processors on the market before its rival. Generally, AMD is about a year behind Intel's technology, but turns a profit by making products that are cheaper and cost less to build, Reynolds said. "Generally the server vendors use the product that most meets their needs," he says. "They know their customers are smart and will buy the product that delivers the best value." Follow Jon Brodkin on Twitter. Reynolds said he doesn't expect the settlement to cause any major shifts in how OEM vendors approach Intel and AMD, however.

Expert provides more proof hackers hijacked Hotmail accounts

It's almost certain that hackers obtained the Hotmail passwords that leaked to the Internet through a botnet-based attack, a researcher said today as she provided more proof that Microsoft's explanation was probably off-base. "When I look at the infamous list of 10,000 Hotmail accounts, it just does not appear to be cataloged in the way you would normally expect from a phishing attack," said Mary Landesman, a senior security researcher at San Francisco-based ScanSafe. Microsoft acknowledged that "several thousand" Windows Live Hotmail usernames and passwords had been acquired by criminals, and that it believed the list was the result of a massive phishing attack. Landesman based her opinion on further analysis of the list that was posted to the Web two weeks ago. Google later said the same thing after another list surfaced with Gmail account details . "There are just too many inconsistencies in the list," Landesman said, ticking off several characteristics of the Hotmail list that didn't fit with phishing results researchers have uncovered in the past, ranging from relatively strong passwords to typos. "There were many misspellings of 'hotmail,' and other typos that you wouldn't expect people to make when they were logging in live to their accounts," Landesman said, noting that those kinds of errors are inconsistent with phishing attack lists.

Some researchers who analyzed the leaked list said that it was dominated by weak passwords , with the simple "123456" and "123456789" as the most popular. She also disputed the notion that a large number of the accounts used very weak passwords, another clue that the users were unsophisticated and thus more likely to fall for a phishing scam. While true, that doesn't tell the whole story, Landesman countered. "123456 was the most frequently used password, but it appeared only 63 times out of the +10,000 records," she said. Landesman first refuted Microsoft's contention that the Hotmail passwords had been obtained by phishers last week. That would represent just over 6/10ths of 1%. "I'd call most of the passwords certainly strong, respectable passwords, and not the type of passwords from someone naive," Landesman said. "That doesn't fit the profile of people who you might think would be susceptible to phishing scams." In fact, the treasure trove of Windows Live ID usernames and passwords that Landesman uncovered in August, which she believes is related to the leaked Hotmail list, contained a large number of accounts owned by corporate and government users, who typically relied on what she called "very strong" passwords. "A [malware-based] keylogger attack turns all the advice about strong passwords on its side," Landesman said, speculating that users with stronger passwords were less likely to succumb to the deceit of a phishing attack. "In cases where you see very strong passwords, it's almost certain that data theft was involved," she added. She added more to her list of proof points last Wednesday in a follow-up entry to the ScanSafe threat alert team's blog.

Native iPhone support ready for Lotus Domino

IBM/Lotus said next week it will ship the long-anticipated real-time access support for the iPhone on its Domino messaging platform. In January, IBM announced that it would add support for ActiveSync to its Lotus Notes Traveler, a server add-on that provides real-time replication between mobile devices and Notes. Lotus Domino support for the iPhone uses the Apple device's mail, calendar and contact application and synchronizes data between the two platforms in real time using Microsoft's ActiveSync protocol. It is the updated Traveler software in Domino 8.5.1, which was released Tuesday, that provides the iPhone support.

Updates to Traveler in Domino 8.1.5 add remote wipe, device lock, password management, and external calendar integration to the Symbian platform. Traveler already works with devices based on Windows Mobile and Symbian. Lotus is playing a bit of catch-up as Microsoft and other vendors such as Kerio who offer push e-mail for the iPhone. Also from Network World: Lotus goes after Microsoft's 'ridiculous and fabricated' figures The only thing iPhone users have to add to their device is a configuration file that tells the iPhone how to find the user's mailbox on the Domino server. Motorola, Nokia, Palm, Sony Ericsson, Symbian also support ActiveSync on their mobile devices.

For initial set-up, the iPhone's Safari browser is used to access the Domino server and download the configuration file. Those credentials are stored on the device so the iPhone and Domino can trade data without further user intervention. When the user signs onto Domino to get the configuration file, the user's sign-on credentials are captured by the iPhone. Lotus Notes users have had to suffer with e-mail access via the iPhone's Safari browser and the Notes Web Access client. We want to support all the devices out there and this is the next one we have added." The Domino iPhone support also features limited management capabilities, including the ability to remotely wipe data if the device is lost or stolen.  Follow John on Twitter

With that configuration, users have to manually connect to the Domino server and go through each individual e-mail via the browser. "It has rich email, attachment support and calendaring capability and is the same user experience a user would get using the iPhone against Exchange or Google," said Ed Brill, director of product management for Lotus Software. "Clearly the iPhone is increasingly a component of an enterprise strategy.