Late night humour
Whilst relocating a Jive SBS system I noticed a little something caused by forgetting to set the time zone on the destination server.

Whilst relocating a Jive SBS system I noticed a little something caused by forgetting to set the time zone on the destination server.

There’s a lot of conversation about social media in the enterprise at the moment, whether it’s a good or bad thing, Craig Scroggies (VP at Symantec) article here is a good read. Like any web bases resource it’s probably good in moderation as long as the main use is business related.
For example, if your sales people are on LinkedIn building their network and following that activity up with face to face meetings then I’d say that’s a good use of social media. On the other hand you probably do want to be limiting FaceBook access to lunch times.
One part of the online social scene is micro-blogging, with Twitter leading the charge followed by similar sites like identi.ca and Jaiku.com. These service are born out the ‘what am I doing now’ idea that kicked off with instant messaging status messages.
This creates an interesting compliance issue that is well understood and addressed by a myriad of solutions in the email world, how do you fit this micro-blogging activity into you company security and compliance policy?
I asked this question at Cleartext a year or so ago and we’ve been working ever since to bring a new SaaS platform to market that answers some of these questions. The end result is a platform that is part SaaS and part desktop (optional) that applies archiving to not only IM but micro-blogging services like Twitter and identi.ca.
This platform is targeted at two markets initially, the first being organisations that need to archive email and by extension IM, this now means the IT guy can give employees access to Twitter while recording the tweets in case they need to run a discovery process at a later date.
The second market is the power user that could be in any IT, marketing or media role and has multiple apps open to access many IM and micro-blogging services concurrently. This is where the desktop compoenent comes in, it acts as an end point for this messaging feed from the SaaS component.
So if you’re serious about making the most out of social networking in business, particularly as it pertains to services like Twitter and you have compliance or data management component to your IT strategy then we can deliver a solution.
News on Twitter Verified Accounts from Mashable.
Twitter Launches Verified Accounts.
This is great news, many people are trying hard to block identity theft on the net so it’s important that new mediums take this seriously as soon as possible, preferably at the design stage!
Look at the difference between XMPP and SMTP(lack of) anti-spoofing features, the ease with which SMTP senders (email) can be spoofed has caused many problems.
On the other hand it’s also spawned a huge IT security industry… hmm.
Another XMPP based platform.
From TechCrunch
Exclusive: BBC leads the next wave of web experience with Hemlock.
I just read an article on The Register about Ray Ozzie and why he thinks Google Wave is “anti-web”.
It’s a bizarre read because if it’s accurate he’s saying that the web relies on open standards, this coming from a Microsoft man, the worlds largest closed OS/Application stack vendor!
He’s probably confused between open standards and open source, but Microsoft has never embraced either of these anyway. How many thousands of hours have developers spent reverse engineering Microsoft protocols and file formats?
But to be fair to Ray he’s probably not the man to be commenting on agile real time web technologies, he’s built his reputation by understanding how large corporates work and building platforms they will use, like Lotus Notes and Groove (now part of Sharepoint).
I think he’s actually defending Mesh, which is built on RSS and Atom payloads, how quaint, good old fashioned poll and pull tech, at least Mesh is using Atom. Maybe someone will put up a Mesh<->Wave gateway.
There’s room for both HTTP polling (Comet, long polling, AJAX etc) and XMPP push on the net. In fact you can do XMPP over HTTP (BOSH). I wonder if Ray realises that the client-server part of Wave is HTTP?
The crux of it is that Wave isn’t “anti-web”, all the end user interaction is via a web browser and HTTP, it’s only the server to server component that uses Google Wave Federation Protocol (which is XMPP’ish).
Perhaps Ray has a new web (HTTP) server to server protocol he’d rather use?
I thought I should go and take a look at Bing. So, what test should I set, I know, search for ‘managed email security’ with ’show all’ selected.
Surprise! ClearEmail comes out on top as the first non sponsored link, well done Microsoft, now all I need is everyone looking for managed email security to click on it

I skipped through the Google Wave video again today and I must say that what they are showing us is a cool(ish) web app that’s really only looking good because of the near real time updates, which are driven by an XMPP back end with some smart HTTP connectivity, BOSH maybe?
So to be more critical than I have been to date, what’s new?
XMPP has been able to do this for years, look at the ‘… is typing a message’ indicator on Jabber clients, those updates come via small XMPP stanzas (XML snippets) on the wire.
I’d guess that the pages we saw are an HTML rendering of the XMPP (XML) data stream and the real time updates are IQ stanzas, probably defined in Googles extension, I need to take a look.
So to answer my own question, “What’s new?”. What’s new is a large high profile brand with deep pockets has seen the light and decided to put some R&D and marketing dollars into a project that really does show off the power of XMPP and HTTP combined, that’s the news and it’s good news.
So Wave is a good end point to aim for but it looks like an ‘all or nothing’ platform. It would be years before everyone replaced the mass of corporate email, IM and other collaboration platforms.
I expect we’ll see it as a Google only service for a while, maybe with some other players taking part, but even then they’ll need gateways to regular IM services and email for some time to come.
For now I’ll carry on coding xIMpp and very soon now Cleartext will have something to release that offers some of the messaging features Wave offers over XMPP by aggregating existing email, IM and micro-blogging services. I’m happy with a one step at a time approach.
You know one of the small features off xIMpp that I like is that the tweet’ length display changes colour and goes orange if you’re getting close to the max characters, red when you’re REALLY close to 140 chars and then just gives up if you hit 160 when it realises you’re going to send an email not Tweet
I just noticed Twitter.com does something similar now, using red to flag the length counter.
This reminded me of a feature we had in our 1999 CipherIM IM software installer which showed, using a progress meter type gadget, the strength of a password the user was creating.
You see these things all over the place now giving users feedback on the quality off their password.
There’s another, CipherIM also had chat state notifications, in 1999, the little message that says ‘… is composing a message’, I’m not sure if we were first with all of these but we were certainly close.
Of course the main things CipherIM had which nothing else had at the time was peer to peer crypto, public/private key with signed symmetric keys for each session, something even XMPP still lacks.
So perhaps I’m in the wrong business, instead of building SaaS systems maybe I should just be patenting ideas to license to other people. Food for thought.
Google announced Google Wave yesterday, described as ‘what would email look like if it was invented today’
Here’s my own bullet point summary;
You’ve all heard me bash on about XMPP, well Google Waves underlying transport protocol is XMPP with an open extension.
- http://www.waveprotocol.org/whitepapers/google-wave-architecture
In my opinion this will probably replace GMail. Wave’s addressing syntax is probably XMPP so GMail users will already have an account on the GMail domain.
In fact if the whole planet moved to Wave we’d just use our current email addresses, eg I’m already dbanes@cleartext.com on email and XMPP IM so I’d be the same on our corporate Wave server.
Main concern I have is bandwidth and message overhead, there was a lot of realtime data transfer going on in the demo, apparently at a character level, which is madness really.
We’ll have to hoppe that as the dev team is based here in Sydney (the Google Maps guys) that they’ve factored in poorly connected communities.
‘Wave’ is an extension of XMPP.
- http://www.waveprotocol.org/whitepapers/google-wave-architecture
The core of XMPP is ratified by the IETF and the XSF (XMPP Standards Foundation) manages the process of adding new functionality via XMPP Extension Protocols (XEPs)
- http://xmpp.org/extensions/
Hopefully Google will get Wave into the XSF process as a XEP.
I jumped onto OneRiot the beta real time search engine and decided to search for XMPP as there’s a lot of real time chat about using XMPP as a real time web protocol, the following was the result of the search…

Apple’s always had an XMPP (Jabber) solution within it’s OSX based XServe platform and supported it on the desktop with iChat so it’s nice to see that they’ve now used it in their new iPhone push notification service.
The source for this post is here;
Apple begins stress testing iPhone 3.0 push notifications
By Prince McLean
We’re a SaaS company, filtering email and web traffic. It makes sense to do this as a service because the traffic is coming from the net anyway.
But whilst taking another look at CRM’s, primarily because some friends of mine have just launched ‘Total Enterprise CRM‘, it occurred to me that using a SaaS CRM may not be such a good idea if your organisation is particularly caring of your valuable sales and marketing related data.
For many years I seen companies pour large sums of money into security systems to protect companies networks and data. If your core business data is stolen or deleted the consequences range from some very bad PR to closure of your business if the backups won’t restore (you do test your backups don’t you?).
The question I’m asking here is having justified spend on IT security systems, often by presenting a business case based on avoiding the nightmares described above, how does the business (often the same CIO or Director) justify outsourcing the businesses CRM, which probably contains the very data the business is trying to protect?
So here are the alternative IT strategies;
OR
Maybe I’ve had one too many coffee’s this morning, or I’ve missed something here, comments anyone?
I’m hoping to get some Australian XMPP meetups happening, Sydney first then Melbourne. Anyone interested please register here;
http://www.meetup.com/Sydney-XMPP-Meetup/
Recent Comments