It’s not uncommon to be on conference calls these days. What with the economy making business trips for short meetings a thing of the past, and new technologies with video conferencing making talking to one another not in person more like you’re face to face, we have come to a time when conference calls have become an important, if not crucial, part of any organization or company, especially whilst conducting business globally.

Have you ever been on a conference call where someone was snoring? I have. Have you ever been on a call where someone’s kids were screaming in the background? I have. Have you ever been on a call where the other person’s accent was very difficult to understand, you couldn’t hear them properly, and there was so much background noise both on their line and in your office that you couldn’t concentrate? I have. And I don’t think I’m the only one.

It seems that even though, or perhaps because, conference calls are getting more and more common, people don’t take them as seriously as they should. In a “normal” meeting, do these things happen as often? When you’re face to face with someone, do you really speak like that?

Here are some simple tips to make sure you don’t push people’s buttons when you’re on the line (or how to be professional about conference calling): Read the rest of this entry »

After recently misplacing a USB drive (luckily already encrypted), I decided to put  together a quick guide for anyone interested in securing their data on USB/Local drives through encryption, using free tools available for download. 

These days everyone stores huge amounts of data on USB drives (be it small pen drives or larger hard drives reaching 1TB or more). We carry this information around in our pockets everywhere, sharing with co-workers and friends, at our clients and perhaps even in public locations.

The main question you should ask yourself from a security standpoint is “What stops somebody from connecting to your drive and viewing/stealing/destroying your data?  

Remember the old DOS command format L:\ /q (this one quickly deletes Gigabytes of data in seconds – of course we could use tools to recover at the expense of your administrator’s time and nerves..).

  Read the rest of this entry »

For those without Microsoft Project Server, here is a way to manage shared resources through various projects. Through the use of this method, the program manager or unit manager is able to check team member allocation and also plan projects.

 Firstly, you will need to create the resource pool by following the steps detailed below:

Read the rest of this entry »

Adobe has announced that they stopped Flash Player development on mobiles. I’ve been hearing so much noise around this that I think it needs some explanation.

Adobe has stopped Flash Player on mobiles. That’s all. Nothing more. It means that Flash Player won’t be updated for mobile plateforms but let’s face it: Nobody developed Flash Websites for mobiles…

On the contrary, Adobe bought phoneGap last month and clearly turned its strategy to focus on mobile apps (phoneGap AND Air) rather than Flash-based websites for mobiles.

However, this doesn’t mean that they have killed Flash for desktops!  Flash is going to turn into a “shockwave like” technology, more dedicated to 3D than to simple animations.

Mobile development is split in two different parts: Apps and Web.

• Applications are built either with native or hybrid technologies. Applications are very popular because they are fast, can be used offline. Pure HTML5 for example isn’t robust enough to handle the work for the time being.
• Web on mobile is built with HTML/javascript.  Again, HTML5 is the future but just can’t handle as many features as Flash or apps for the moment.

So what kind of technology choices do we have for mobile?

Firstly, we have agnostic technologies. By “agnostic”, I mean one source code for several mobile OS. Adobe Air is one of these technologies (just like SUP, Unity, etc), and a good one if you know how to work with it. And… Adobe Air is just a container for Flash/Flex!

Secondly there are hybrid apps, which are typically developed using HTML5/JQuery, with native extensions provided, for example, by Adobe’s phoneGap. Hybrid apps have been recommended by Forrester over native developments (see next point).

Thirdly we have native apps, which in my opinion kill the ability to make applications that work across devices and therefore are not great for the consumer.  It could be justified on rare occasions, for example when you need to use a feature that exists on the hardware, like NFC.

So Flash is dead on mobiles (and TVs), but long live Flash for mobile apps.

PS: You want to use your Flex/Flash talents to develop mobile? Hey, you know what? Adobe has an app for that!

Gartner has listed tablets and mobile-centric applications as the top two technology trends for 2012, stating that “The implications for IT is that the era of PC dominance with Windows as the single platform will be replaced with a post-PC era where Windows is one of a variety of environments IT will need to support.”

CIO magazine says: “Mobile applications must be as effective as their desktop and notebook counterparts. “Getting mobile right requires a broad range of device support, a central point of control, a wide security net that ensures corporate data is never compromised, and the ability to shield end users from integration complexities.”

The term “mobile” now encompasses such a broad range of facets that it has become a subject related to the underlying IT architecture of a company, thus representing challenges for both IT and business, who need to work together to maximise efficiency, adoption and return.

The following are three common and basic challenges explained in simple terms:

• The choice of mobile devices for employees
• The management of the mobile fleet
• The choice of application development tools

1.      Choice of mobile devices – data security

Implementing a coherent policy for mobile phones and tablets is a major concern, as the choice has a direct impact on data security.

Should employees be allowed access to systems using their personal smartphones? Should the company provide separate smartphones to its employees for business purposes? If so, can we and should we allow employees to use these smartphones for personal use as well, without compromising data security?

Several factors need to be analysed in order to make such decisions, such as:

What type of smartphones/platforms can the IT department manage? iOS? Android?  Windows Phone? Blackberry? Even though other mobile platforms exist, the trend leans clearly to these market leaders. Even if Microsoft is a little behind at the moment, the teams in Richmond are working hard to catch up.

What kind of devices are your employees using already? Adoption is a key factor. The mobile trend is completely driven by consumer behaviour.

The choice of a mobile fleet management tool also has a huge impact on the choice of devices. I’ve gone into more details in the next point..

2.      Mobile Device Management

Commonly known as MDM, this is the corner stone of a corporate mobile policy. It’s through this solution that we can manage users, access to application, configuration, loss, theft, etc.

How to make the choice?

Go through a proper analysis phase. There are a few major players in this domain, as well as some very interesting niche solutions (refer to Gartner’s Magic Quadrant). In seeing the numbers of big players who are racing to offer these solutions, there is no doubt that the future of MDM is looking bright, and choices will open up even more.

 3.      Developing Applications

The move to mobile in the enterprise will be boosted by the use of tablets,  and users will want an increasing number of business applications to run on these devices. Will you develop web applications or native applications?

How will you develop a corporate strategy that dictates the choice of development tools?

From my perspective, companies should be pragmatic:

• What kind of resources do you have internally to manage the development life-cycle? How will you train them?
• How do you choose suppliers who have mastered this domain?
• How to deal with the pro/perso concern?

  In conclusion, defining a mobile policy should be taken seriously, as it will have a real daily impact on life within your company. Enterprise mobility is the biggest single trend across tech industry investment and innovation, even outpacing the cloud computing trend, states the Forrester report entitled, “Another Year of Outperformance for the Tech Industry — Forrester’s 2011 Tech Industry Predictions.” Analysts predict that by 2014, the primary method of accessing the internet will be through mobile devices, which will increasingly replace the traditional desktop.

The risk of not having a solid corporate strategy could be costly:

• Disruption of business processes: The functional failure of  IT systems—of which mobile apps are now solidly included.
• High cost: An ad hoc approach to building out the mobile application architecture will eventually result in time-consuming, manual intervention to maintain.
• Lack of business agility: A poorly planned mobile architecture that cannot support dynamic business strategy shifts can hold the entire business back.

Insights for Java developers

In July this year Oracle announced the availability of Java 7. More than 4 years have passed since the previous release, so what sort of improvements can we expect? Programmers will find several kinds of new features, from cosmetic ones to essential development APIs. Discover more here…

Read the rest of this entry »

Last week Adobe developers pushed out  release candidate versions of the new AIR SDK and Flash Player 11. 
These two major developments contain an unsurprisingly exhaustive list of new enhanced features and performance improvements, across mobile, desktop and TV; but here I’ll focus on what I consider to be the most exciting developments.

One of the key features of AIR 3 is the Native Extensions (for mobile), which now allows developers to extend runtime with ActionScript libraries and native code, taking advantage of the built-in features of each platform and device specific capabilities. Whilst it’s a big step in terms of the previous limitations, one code won’t fit them all, and the native portions of an extension are written with the corresponding development tool.”

The mobile part of the SDK also includes the Stage Video Hardware Acceleration, which improves the high definition video playback experience - something which I thought was pretty poor on iOS with AIR2.7. Security has also been improved, with Encrypted Local Storage now available when storing sensitive data on the phone. In regards to iOS support, Background Audio Playback has been added, and we also have at last the Front-facing Camera Support on Android!

Adobe didn’t forget about desktops and T.V., with Stage 3D offering a brand new architecture for 2D/3D accelerated graphics rendering – this exciting new feature is also a part of the Flash Player 11 release note.

Others key benefits of the 11th version of Flash Player are the Native 64-bit support (Windows, Mac & Linux), a new JPEG-XR compression format and support for the efficient H.264 video standard.

The release notes containing the full list of new features can be viewed here. 

If you would like to give AIR3 a try, it can be downloaded from Adobe Labs, whereas Flash Player 11 can be found here.

Programming without code? Well…

Five months after releasing Wallaby, an experimental tool designed to convert Flash animations to HTML5, Adobe has once again established it’s position as a major player in Web technologies with Edge.

Adobe Edge allows you to create rich animation directly in HTML5 (using CSS and Javascript) without a line of code.  

It reminds me of Flash in the late 90′s, but can be run on mobile devices which do not currently support Adobe’s Flash player.
 

Basically it’s pretty much the same; creating a new project will open a blank “stage” in which you can import image files (JPG, GIF, PNG or SVG) and add basic shapes and texts. The properties of each type of asset can be modified (transparency, size, position, colour etc.) and animated using “keyframes” within the timeline. The animation preview is rendered using Webkit, and Adobe claim the animations have been tested on Android, iOS, and other Webkit-based browers along with Firefox, Chrome and Internet Explorer 9. 

Publishing your animation will result in a bundle of files: HTML, CSS and Javascript; and it appears that it can be easily integrated into an existing HTML file without change. Its currently a preview version and is far from being perfect, but what we are seeing at will release another preview or (fingers-crossed!) a final release.

With the technology only in the preview stage, industry voices are expressing mixed opinions about Edge. According to netmagazine.com, there are concerns regarding the absence of SVG and canvas, which many would expect from a HMTL5 tool. Adobe have responded by reassuring developers that this is by no means a complete product, and that Edge will be evolving rapidly. We will have to wait and see what happens; in the meantime, this discussion can be followed over at the Edge forum.

Adobe offers an overview of Edge in the video they released in late June (below), however you can now also download the preview version from Adobe Labs and give it a try – let us know your thoughts!

The competition

Jurackerfest.ch, which took place on August 27th, was part of the first edition of Jura Security Days. This event was organized by BIMO (www.bimo.ch), whose aim is to promote quality software development, and featured conferences running throughout Friday and Saturday. The white-hat hacking competition was organized by SCRT (www.scrt.ch) who are the organizers of the renowned Insomni’Hack.

In the morning we practiced on specially crafted websites designed with specific errors to give participants an idea of what they would be facing during the contest. After a brief lunch break, we were given two hours to solve a set of 10 varied problems, ranging from a (fairly simple) protocol hack, to an exercise in steganography which no team managed to solve in the timeframe given.

The atmosphere

Arriving early, the competition room was fairly empty and quiet, but as the starting time neared, it quickly becamecrowded and lively. Participants came from an array of different backgrounds; there was a technical school teacher with about fifteen of his pupils, quite a few qualified and experienced developers, a few security experts and lambda citizens interested to pick up a few things along the way…

The buzzing of laptop fans and the smell of energy drinks was overpowering!

The funniest part of it all was that in order to prove that one had indeed found a solution; one had to explain how it was found. And as the solutions themselves usually consisted of random characters, people were constantly running to the referee table with their laptops in their hands, to be able to show both the solution and how they had found it!

The team

Competing with me was Nicolas Heiniger, currently working in IT security for the Hôpital du Jura. We studied at the EPFL together and spent many exercise sessions tuning our brains to work together (along with three more classmates, who could unfortunately not make it). Knowing each other’s strengths allowed us to split the challenges efficiently.

Nicolas was running a Linux Backtrack distribution (a dedicated penetration testing OS), while I was running Ubuntu Natty almost out-of-the-box (with zsh and vim added to it).

A sample challenge

Out of the ten challenges:

• One was a cypher to decode (a variation on a Cesar cypher)
• Two were oriented towards reverse engineering
• Two were so-called “trivia” challenges (steganography concepts actually)
• And the last five were web oriented (e.g. hacking a JavaScript authentication, overriding a htaccess authentication, a SQLi hack for a database authentication…)

One of the reverse engineering challenges consisted of finding the password verified by a python function.

The source file, which we were given, wasn’t too complex (remember we only had two hours to solve ten challenges):

• When run, it checked that the number of arguments was correct and if so, started verifying the user input – if not, it printed usage instructions.
• The verification consisted of a series of tests, based (amongst others) on comparisons between the value of an internal variable and the position of one character of the input string in the ASCII table (i.e. the value of the corresponding byte).

One of the tests (the last one) checked that the length of the input was exactly seven. Working backwards from there (and with the help of an ASCII table), we were able to work out that the code was Jc4HAcK.

My conclusion

All in all, a very fun day and a thrilling experience (more in my league than extreme sports, admittedly). And a surprisingly satisfying outcome, since Nicolas and I were first-timers in an ethical hacking contest. Next time though (andyes, there WILL be a next time), I’ll make sure I have all the necessary tools installed before going, rather than lamenting not having Internet access from there!

 PS: How did we fare?

Well, we were proud 3^rd place winners… and got our pictures in the local papers! View the article (in French).

Real Mobility.

The ‘Cloud’ is the buzz word in technology circles right now, but how can it really help me and my business in our daily activities?

Our e-life revolves around communication, content and collaboration. In the past, most of the tools/data related to these activities were hosted on a single computer,whereas now you have multiple electronic handles, and synchronization can turn into a nightmare: there is always missing data, because it is hosted êlsewhere.

Google Apps solves this problem simply..

Read the rest of this entry »

Recently, I was asked if it was possible to create a task which would last the entire duration of a project (e.g. Project Management task, or weekly meeting) and set it to auto-extend should the project be delayed. Here is the solution:

Read the rest of this entry »

With Microsoft Project Professional, it is possible to synchronise your tasks between Project and Microsoft SharePoint. This allows project managers to take advantage of the advanced scheduling capabilities of Project Professional, whilst enjoying the collaborative capabilities of SharePoint.

In the attached PDF, I will explain the steps that will allow you to exploit this extremely useful capability.

Please click here to view the PDF

A great time-saving feature of Internet Explorer 9/Windows 7 is the capability to ‘pin’ sites to the taskbar. In doing this, not only will the user have their favourite sites close to hand, but they will also be able to use the pinned site as they do other desktop applications, as it has its own Jumplist and icons.

The good news for website owners is that the Jumplist can be customised. In the attached PDF, I will show you how you can add the pinned site functionality to your website, as well as customize the Jumplist.

Click here to view the PDF

From now on, every company with an online presence can be the target of attacks

This article was written by Fabrice Perrin, a Practice Manager at blue-infinity, and was published in the April/May edition of Market magazine. The original French version can be viewed here.

Recently, the world saw a rise in the power of social networks in Middle Eastern countries, where the sites played a role in the coordination of demonstrators and the dissemination of information on the activities of the authorities. But this progression was also felt in Western countries, with a key example being the group ‘Anonymous’.

Read the rest of this entry »

If you don’t know what video mapping is, or haven’t experienced it live at events such as the Mapping Festival in Geneva or the Fête des lumières in Lyon, then I hope this post will help you to discover this art form through some impressive video examples.

Video mapping, sometimes called projection mapping, is a technique that artists use to project light, sound, and videos on everyday objects, forms, or even large monuments. A creation of a video projection on a 3D surface, the technique challenges the belief that a screen must be flat and rectangular.

Here is a demonstration of video mapping by Envision. A very successful play on perspectives and dimensions, this video shows an abstract luminous animation :

Read the rest of this entry »

For the fourth consecutive year, blue-infinity had the pleasure of speaking at Microsoft TechDays 2011, the largest Microsoft event in Switzerland, which took place in Geneva on April 5th and 6^th.

The event, with almost 40 sessions, was attended by 440 people and presented the latest technological breakthroughs such as Windows Azure, Silverlight 5, HTML 5, Windows Phone 7, Office 365, SQL Server ‘Denali’ and System Center 2012 amongst others.

With blue-infinity as a Microsoft Gold Partner, we presented 2 sessions: Active Directory Federation Services Version 2, and Extending Search with SharePoint Server 2010.

Read the rest of this entry »

Whilst currently working on their next major release, Adobe Flash Player 11 (which will include the next generation of “Molehill” GPU-accelerated 3D APIs), Adobe Labs has made the first Release Candidate of the new version of Flash Player available for Windows, Mac and Linux (and mobile devices in the near future).
The main goal of the previous version (10.2) was video improvement and hardware acceleration, so it seems logical that Adobe has focused on audio - and by extension, video-conferencing  - in this latest version, concentrating on areas in which HTML5 cannot fulfil.

This update features enhanced user privacy protection and several Audio and Control Panel improvements:

• Control Panel: in previous versions the panel was a remote SWF hosted by macromedia.com. Now, it is native, and can be accessed directly from the system preferences or the control panel.
• Privacy Control: thanks to better integration with browsers, users will easily be able to clear the local flash storage. (Firefox 4, Internet Explorer 8+ and future versions of Safari and Chrome)
• Microphone Enhanced Options: to provide a better online experience (in-game voice chat, conferencing, telephony etc.), Adobe has added several new functions to the Microphone API – noise suppression, automatic gain control and voice activity detection.
• Video Analytics: 10.3 makes the implementation of Adobe SiteCatalyst easier. Providing media measurement for Flash, it allows companies to obtain real-time, aggregated reporting of how their video content is distributed, what the audience reach is, and how much video is played; with two lines of code.

You can download Flash Player 10.3 RC from Adobe Labs website if you feel like testing it before the official release.

For my last semester of studies in Fall 2009 / Winter 2010, I had the opportunity to spend a six month internship with CERN’s Computer Security Team.

The aim of the project assigned to me was to provide CERN developers with a set of simple tools to review their source code and improve the quality of their software, with a particular focus on security. To achieve this goal, I reviewed and compared a few dozen tools, using about 200 million lines of code retrieved from source controlling systems as a basis for the comparison.

Read the rest of this entry »

With Oracle acquiring Sun in April 2009, it also took control of Java’s future. Everyone agreed Java technology was more or less stalling before this buyout happened, however knowing differences between the cultures at Sun and Oracle, many people (analysts and developers especially) realized that for better or worse, the agreement would have massive consequences for the whole ecosystem.

This new era in Java ‘s history began badly, with Java creator James Gosling leaving the company in September 2009, followed by JRuby and Hudson creators amongst many others.  The problems continued, with the Apache Software Foundation leaving the Java Community Process, the underlying entity leading evolution and certification of Java. For developers like me who are daily users of Apache’s tools and libraries, this was not good news. Not to mention recent lawsuits against Google concerning the Android ecosystem…

Fortunately it is not all gloom and doom : Oracle made some important decisions since they abandoned uncertain technologies such as JavaFX Script and finally adopted a plan for the next release of the programming language. Many predicted the fall of the Java ecosystem last year, but it seems to me that there are far fewer voices expressing such opinions as of late, as TIOBE confirmed Java is still the most popular programming language.

It is interesting to wonder what might have happened had Java been less popular, although for now it looks like the Java community is strong and is set for a brighter future… at least I hope so!