Why?

More and more coverage on Bring Your Own ' whatever' in the media made be think. Why do people want to bring their own devices? Is that because the like to become IT administrator, just because the want a sexy device or something else?

There are many valid use cases for bring your own, but mainly for knowledge workers, that know how to do basic computer management.

But what about task workers (still the majority of the users)? Why do they also want BYO. The only reason for them is the freedom that BYO will bring them. This wish for freedom has grown over years of restrictions on their corporate desktops. With BYO they can finally do, what they also can do at home. They do not expect more than that.

So, if IT departments starts focusing on the actual needs of end users and fulfilling those needs, perhaps the need for BYO will decrease.

Unfortunately many technologies are developed to overcome problems instead of preventing the problems.

How?

As already mentioned in the previous paragraph, it is all about the cause, not the resulting problem. So, just provide freedom to prevent the need for freedom. By selecting the appropriate software solutions that actually take care of the cause instead of the problem, users will be able to install additional software, change the appearance of the desktop, but in a controlled way.

Introducing VDI, BYO, client hypervisors absolutely is fun, but will it bring the freedom users want in the most efficient way? Think about it.

 

This morning during breakfast I read about Bdrive. A personal cloud solution that allows you to share files from you PC with Windows, MacOS, iOS and Android devices. The general idea is that a Bdrive Server component is sharing files with Bdrive Client components.

Bdrive Server installation & configuration

On the sharing-side, you need to install a Bdrive Server. This component can be installed on Windows or MacOS. Although the component is called Server, it runs in the user context and not as a service.

For client to communicate with the Bdrive Server, you will need to open 45454 (default, but configurable) on your firewall. In my case, I had to forward this port to my virtual server on the router. A [Test Connection] button validates the connection to the Internet.

Once connected, you can point to folders on your system and share them with a unique Bdrive Server ID (BID) and a password (optional).

Additionally you can setup some sharing identities that are used to notify people about a folder you wish to share. Email, Facebook and Twitter are supported.

Bdrive Clients installation & configuration

The client installation is even simpler than the server component. On Windows and MacOS just run the setup. Once installed, one Bdrive is pre-configured that holds Bdrive documents and sample files.

You can now add your own Bdrive(s) with the unique BID that was created during the creation of a Bdrive on the Bdrive Server. Optionally you have to provide a password. If you have forgotten your BIDs, you can request them from the client and all BIDs will be sent to your personal email address, supplied during Bdrive Server installation.

Now you can [Connect] the Bdrive and it will automatically appear in your Explorer or or Finder. On Windows, a B: will be mounted to the Bdrive. That is probably where the name comes from.

The mobile clients only require a definition of the Bdrive. A [Connect] is not even necessary. From the mobile clients, you can just browse to the files and access, download or share them.

Verdict

Bdrive is very usefull for personal use. The fact that the Bdrive Server is running in user context, forces you not to log off. The simplicity is really nice.

Bdrive is not as feature rich as other solutions such as Dropbox or SugarSync, but if you just want to share a few files with your mobile devices, it might be just good enough.

On the other hand, if you have 2GB of Dropbox storage for free, including automatic synchronization, why would you want to open up a firewall port, have your 'server' turned on all the time and cope with limited functionality.

Want to give it a try? Download Bdrive today.

 

Love at first sight, when I read about the Asus Eee Pad Transformer on the internet.

When I first heard about the Eee Pad, I searched the local internet stores for a version w/ dock. For some reason, the versions w/ dock were more difficult to get. Finally I was able to get 32GB version w/ dock.

This post will share my experiences with this Android Honeycomb tablet.

First impressions

Unboxing the tablet uncovered a fine wide screen tablet and a keyboard. Moving the device around, I discovered a lot of external connectors:

• Tablet: MicroSD, Mini HDMI, headphones and power/ dock connector
• Keyboard: 2 USB, SD and power

Both devices have their own battery with about 8 hours of energy. If the Tablet is docked in the keyboard, the tablet will recharge itself. Together you can take flights that last up to 16 hours. Pretty impressive.

The charger is a USB adapter that has 15v output. Other USB adapters I had, do not have 15v output and therefore do not charge the Eee Pad, so do not forget to bring your Asus charger with you.

Software

The Eee Pad came with Android 3.1 out-of-the-box. On August 3, I got a notification that Android 3.2 was available for my device. The update went smooth and FOTA (Firmware Over The Air). Big advantage over the iPad, because this device still needs iTunes to update.

The stick software is quite OK. The Gallery application that plays photos and videos does not support all video formats. I tried a few popular video players from the Market (Vplayer, Moboplayer and RockPlayer), but at the end I removed them all and converted the videos I wanted to watch to MP4 video format with HandBrake.

I did expect Facebook and Twitter kind of integration, as I am used to from my Android phone, but there were no applications of this kind. I installed theseadditional applications:

• Social: Plume for Twitter, Google+
• News/ Reference: Reader HD, Google Earth, IMDb Movies & TV and Catch Notes
• Games: AirAttack HD, AngryBirds, AngryBirds Rio, Cut the Rope, Cordy, Pinball HD for Tegra, Spirit HD and Fruit Ninja THD
• Music: Digitally Imported Radio and SKY.FM Internet Radio
• Other: Dropbox

The two HD games came from the TegraZone Games app, that was pre-installed on the device. These games are optimized for the NVIDIA TEGRA chip. Nice performance.

Another pre-installed application that I really like is Polaris Office. This application is a kind of Office lite that allows you to create documents, presentations and spreadsheets. Ideal for working on the road.

Applications that are Asus specific are: MyCloud, MyLibrary and MyNet. These applications come with one year free unlimited cloud storage from Asus. I will stick to Dropbox though. the MyNet application is a media streaming application, that can also play media from other DNLA streaming services on your network.

Kindle is a nice app for book purchasing and reading. Amazon offers a lot of Kindle eBooks. The app that comes with the Eee Pad gves a nice reading experience. Much better than the MyLibrary by Asus.

Zinio Reader is another app for reading. Zinio is more focused on magazines. A few magazines are available for free. I was impressed by the amount of subscriptions they offer, even local ones.

Usability

The device responds really well on the multi-touch screen.Same as the iPad. The Fruit Ninja game has been a good test.

The camera is OK, but not good. Quality of my phone is better. The front facing camera is fine, but I simple do not want to bother people with my face ;-). If only Skype would support Android Honeycomb 3.2 devices, than there was a good app that could make use of the front facing camera. The photo below was taken with the back camera.

There is not much more to tell about the usability. The device is light, works as expected. The OS is intuitive (for me) and the apps provide a lot of functionality. I do expect more tablet optimized apps in the Android Market. That is in my opinion the only real negative point about the Android 3.x tablet. The device itself is just great and I use it more often than my iPad. Also, because my wife claimed it ;-).

Thanks for reading and I hope you liked this review.

Thinking about moving to Posterous, but not sure yet.

Update July 17, 2011: I moved to Posterous.

Recently I started to use Getting Things Done for my Microsoft Outlook 2010 inbox. Due to the many emails I get, I had to do something.

In Microsoft Outlook 2010 I created several categories that I use as tags for email messages.

Based on these categories I have created Search Folder the are filtered on these categories. I added these Search Folder to my favorites for quick access.

I have created one folder under my Inbox named File. This folder is used to place all processed email. By automatically tagging email messages, I can always find them inside this single folder.

For email processing I have created several Quick Steps. This is a great feature by the way of Microsoft Outlook 2010.

The Quick Steps allow me to:

• Convert an email message into an action item with a flag and due date
• Forward the question to someone else (Delegate)
• Schedule an appointment to take care of a request (Defer)
• Store the email message for later (Someday)
• File without any action

The Quick Steps are configured with native Microsoft Outlook 2010 actions.

Last night I played around with a Windows Phone 7.

The Windows Phone 7 devices are quite big, but the graphics that you will get are really beautiful.

Microsoft did a really nice job in interaction design. I was not able to find any Windows Mobile traces. Finally the new mobile OS is made for big fingers.

The home screen with tiles is innovative. Microsoft did not copy competitors, but picked their own intuitive way of user interaction.

Installation and configuration

After unboxing the phone started with a getting started screen. Following the steps allowed me to add my Windows Live account and other settings. Setting up the WiFi cause some Bing activity. I needed to find the MAC address for wireless security, but is was not exposed in the About.

There is a 'maintenance mode' that can be activated by dialing ##634# followed by *#1234# for diagnostics. There are other inconveniences like this, that indicate a 1.0 version of the OS. I am sure that these inconveniences will be solved in the next release.

Marketplace

I linked to the Belgium Marketplace, because there was no Dutch Marketplace available. Changing the Marketplace is only possible through Zune software, just as software updates. I never had to install any software on my PC for my Android phone.

I installed Facebook, Twitter and a Impossible Shoota without any problems. Impossible Shoota is a addictive game though. Facebook and Twitter work as expected,

Windows Live

The integration with my Windows Live account is nice. Not all services are available by default. I cannot find my Windows Live Photo Album in Photo Sharing, while a lot of other photo services are. I guess that Microsoft will add these Windows Live services in the near future. That would really do the trick.

Verdict

Microsoft did a great job with this redesigned mobile OS. Windows Phone 7 GUI is beautiful, easy to operate and fast. I am sure that the ease of use will increase over time.

I am looking forward to v2 ;-).

Today I have received an email from ScriptLogic with the announcement of Privilege Authority 2.0 that includes a free community edition. There are many solutions that support the principle of least privilege. Some solutions are only dealing with this challenge and others offer this feature as part of a broader solution. The idea is that administrators can manage processes to launch with elevated privileges, without elevating the user account.

Installation

The installation of Privilege Authority is pretty easy. A simple server setup on the server side installs the management console.

Once the console is installed, you can install an client on the console machine from the menu. Remote clients can be installed with a Windows Installer package that can be found under ' Client\Open file location'.

I have installed the server component on Windows Server 2003 R2 and the client component on Windows 7. Both installations did not require a reboot.

Configuration

Once the clients are installed, configuration is done through Group Policy Objects (GPO). The Community section provides many pre-defined rules created by the community.

Let's create a rule on a newly created GPO to elevate the Command Prompt process with the BUILTIN\Administrators group and an additional DEMO\Cheese group. The DEMO\Cheese group has no members.

Additionally you can add other groups to the security token of the process. Advanced options allow you to manage the actual privileges.

A test button allows you to test the rule from within the console.

Now, simply link the newly created GPO to the appropriate Organizational Units (OU) where the end points reside and off you go.

To validate the actual elevation of the process, you can use Process Explorer to check the security of the process.

As you can see, the security group DEMO\Cheese has been added to the cmd.exe process.

Conclusion

ScriptLogic Privilege Authority is a nice point solution for process elevation. If you want to design your environment with the principle of least privilege in mind, process elevation is essential. But, process elevation is just a little piece of the puzzle.

Besides providing the appropriate privileges for those processes that do not run without, you also need to take care of providing the appropriate applications, data and personalization to your end users. Taking control over these pieces of the puzzle as well, will really support the principle of least privilege.

I have just discovered, and played with Cameyo. Cameyo is a free application virtualization product that works a little like VMware ThinApp.

Installation

The download is less than 2MB and the installation is next, next, finish. After installation, Cameyo offers two programs. One program to capture and build packages. The other application can be used to modify packages.

Capture & Build

Upon first launch of the capture program, an Internet activation is performed in the background, so you need Internet connection. After activation a pre-capture snapshot of the reference machine is taken. A next dialog tells you to start the installation process.

During the installation process, you can add any component and configure the application to your needs. When the application is installed and configured, simply click [Install done] to take a post-capture snapshot.

Once the post-capture is performed, the only thing left to do, is select the .exe that represents the actual application and a build is performed. The build results in a directory with some shortcuts and an <appname><version>.<appname>.virtual.exe. The last is the isolated application that can run on any Windows system.

Opinion

Looks simple? It is that simple. I have packaged Team Viewer and Opera without any problems. The packages ran fine on my Windows 7 x64 system.

Cameyo is not as enhanced as VMware ThinApp, but for simple application virtualization it is great. I would place it in the same category as Symantec Workspace Virtualization Personal Edition (download under Trialware) that is good code to simple isolate individual applications.

Try it yourself and download Cameyo.

Hello everybody. It is been a long time. Sorry for that.

Yesterday I made a big switch from Microsoft Windows 7 Home to Ubuntu Netbook 10.04 LTS. With the Long Term Support (LTS) version you get 3 years support on Ubuntu Desktop, and 5 years on Ubuntu Server.

In this post I want to share my experiences with Ubuntu Netbook.

I replaced Windows with Ubuntu on my Netbook. I use my netbook mainly for surfing and multi media purposes.

Due to the lack of CD-ROM, I first had to make an USB drive installation. Just download the .iso from the Ubuntu website and follow the instructions for Windows, Mac or Ubuntu how to create a USB drive. In my case, I had to download a simple Windows application that simple needed to know the distribution and location of the .iso.

The installation also contains a Try it! mode, which allowed me to run Ubuntu without touching the system. This is ideal for finding out if all hardware is supported.

All hardware on my Samsung NC10 was detected and worked out of the box. Also most of the functionality I used on Windows appeared to be part of Ubuntu Netbook default software set. The only difference is that Ubuntu required 715MB for the operating system including applications, compared to Windows that requires 3GB excluding applications.

Some applications that are installed by default:

• Firefox Web Browser
• OpenOffice.org 3.2
• Evolution Mail and Calendar
• F-Spot Photo Manager
• Gwibber Social Client
• Empathy IM Client

The few applications that were not part of the default installation that I installed additionally from the Ubuntu Software Center or developer website are:

• Google Chrome
• Adobe Flash plugin
• Touchpad
• Dropbox
• FFmpeg plugin for GStreamer

I was really surprised that all these applications were available as .deb. In the earlier days, I always has to search for repositories that held experimental sources. But apparently Ubuntu became an important Linux distribution, that software developers want to support.

With the additional software installations I am now able to do the same as with Windows, but more free space and all for free.

My experiences with Ubuntu Netbook so far are great. Fast boot time (30 sec. until desktop), nice netbook aware interface and kind for the battery. I love the Gwibber Social Client, that links to almost all social networks, including Twitter, Facebook. Evolution Mail Client works fine. I would like to have better Gmail integration though. Mail itself is fine, but Contacts and Calendar requires some tweaking.

Sound & Video applications Rythmbox Music Player and Movie Player play all the well knows formats. The Rythmbox Music Player is by default linked to two music stores (Jamendo, Magnatune and Ubuntu One Music Store). Something nice I discovered is the automatic playback of .mp3 as soon as you hover above a file in the Ubuntu File Browser.

Ubuntu has also a cloud service called Ubuntu One. From the default installation you can easily create an account and add the computer to the Ubuntu One cloud. All computers in the cloud can synchronize Notes, Contact, Bookmarks and Files. Unfortunately you can not yet link your Windows machines to Ubuntu One.

So far, I can really recommend Ubuntu Netbook on netbooks. I will continue my research to see if Ubuntu can be used as stable VDI client.

Recently I have been thinking about the a new wave called client hypervisor. After all major vendors have server virtualization on stock, the client will get focus. Citrix are already talking about Citrix Client Hypervisor, VMware named their new kid Client Virtualization Platform and probably Microsoft has some stuff in their kitchen as well. A nice startup company called Neocleus already has some cool technology supporting the client hypervisor.

A client hypervisor is a type 1 hypervisor that runs on bare metal instead of a host operating system. It allows direct use of the hardware. Depending on the technology used, the hardware can be shared or partitioned.

I have seen several projects where a second PC on a desk with a different meaning would be useful. Think about a high performance PC for graphics, or a less restrictive PC for development. These requirements are often valid in remote computing environments, where the 'task worker' workspace does not provide enough power or flexibility. But besides remote computing environments, the same challenges exist in well controlled client-server environments.

A client hypervisor might solve the challenges described above by providing a second operating system running on the same machine simultaneously. In case interoperability is required between the two operating systems, the underlying client hypervisor technology should support this. Both operating systems still have to be managed though. This will probably result in a happier user and a very stressed IT administrator that has to manage an extra operating system and the additional client hypervisor technology.

The real-life examples that I have seen (Europe), were applicable to only a small group of users throughout the enterprise. Most users were just happy with their 'task worker' workspace. From a commercial point of view it is more interesting, when  the solution is applicable to all users instead of a small group.

When looking a little bit more out of the box, other possibilities arise. What if I can give all by users a private operating system with all the flexibility and software they use at home. Having a private operating system by hand, users can keep up their social life at work. If this is adopted in a disciplined way, users might spend more hours at the office with a smile on their face. From a technical point of view the IT administrator can isolate the private operating system from the corporate one. As discussed earlier, introducing client hypervisor in the enterprise will require more administrative attention, but in this case it might pay off by more productive users. The concept of Bring Your Own PC also offers two computing environments in a box, but not on a corporate PC, but on your own PC.

Another totally different way to use client hypervisors in the enterprise is to enable distributed computing. Not the seti@home kind of distributed computing, but distributed services. The desktop computer has a lot of power that is not always used. For example when typing a letter in a word processor, I have a lot of memory and CPU cycles doing nothing. If only I could run an application server in the background, the user is not even aware of. Of course I have to break the power button to prevent power off ;-).

If using the client hypervisor for distributed computing, probably the current solutions have to be modified a bit, but cost wise I think it is interesting, because you might be able to empty out the datacenter.

The startup Neocleus has a great technology, that allows ISV to create software for the client virtualization framework. This allows ISV to perform out-of-band management with the use of Intel's vPro technology. Out-of-band management might improve security and manageability of operating systems.

Roundup

The client hypervisor is cool technology, but personally I would first do the math (ROI) on the server virtualization hype to see if that innovation already paid off. A thorough business case has to be made to decide if this new wave is profitable. Technical impact:

• More complexity by introducing an extra virtualization layer
• More operating systems to manage
• Exited IT administrators, because it is cool ;-)

Profitable use cases:

• Introduce private computing environments that might increase productivity
• Distributed computing
• Provide a second computing environment different from the corporate standard to those who have exceptional needs
• Improve security with out-of-band management

This article is just a personal opinion.