Lisa Evans

One unmistakable trend at this year's DEMOfall show is the number of Web sites and applications that rely to some degree on crowdsourcing. 13 hot products from DEMOfall '09 Crowdsourcing – a buzzword loosely defined as giving large crowds of users the ability to collaboratively create or change content on Web sites or applications – was made popular by open-source encyclopedia Wikipedia and has since become a staple of Web 2.0 applications. So why does crowdsourcing have such an appeal for developers? "With all due respect it's because developers are lazy," laughs Micello founder and CEO Ankit Agarwal. "When I crowdsource it means that I don't have to do the work to get data myself." But crowdsourcing does have perks beyond getting other people to do your work for you. Among the new crowdsourcing technologies to debut at DEMO this fall are Article One Partners' AOP Patent Studies, an open-source enterprise service that employs an online community of patent advisors to research patent claims; Waze, a mobile application that can be used to update traffic conditions in real time; TrafficTalk, a mobile application that is similar to Waze but also lets users provide traffic updates simply using their voice rather than typing into their mobile phone; Micello, a mobile app that aims to be the Google Maps of indoor spaces; and Answers.com, a Web site that combines established reference resources and crowdsourcing to create a comprehensive information database.

Some crowdsourcing developers say if you can create an application that meets a common need and gives people a real stake for getting involved, then it can go a long way toward growing your product's popularity. It's a shared pain of being frustrated by traffic jams and the like, but our goal is to resolve that pain and to minimize the wait during commutes." Greenfield says that while larger crowds are obviously better for an application such as TrafficTalk, the application can be relatively successful even if only two people who trust each other are using it. TrafficTalk founder Larry Greenfield, whose product is still currently in its alpha testing phase, says that he has found fertile crowdsourcing ground in the form of frustrated commuters during tests he has run of his software. "For us, crowdsourcing has to create a sense of community among our users," he says. "There has to be something that binds people together. After all, he notes, if one friend who shares a commute route with another friend can notify that friend of a traffic accident using TrafficTalk, the application will have served its purpose. Demo's biggest stars of all time Answers.com, on the other hand, is a Web site that really does require massive participation if it is to meet its lofty goal of becoming a central hub for people seeking answers to their queries.

Even so, he says the application needs around a dozen or so people to really reach its potential. Right now, the Web site lets users ask questions whose answers are partially provided by information culled from licensed professional encyclopedias and dictionaries and partially provided by user-generated Wiki-style content. This past August, for instance, Answers.com got around 45 million unique visitors. "Crowdsourcing for us really starts to work when you get to a certain scale," he explains. "Right now we get 45,000 new questions asked each day and then about one third of those are answered every day. Answers Corp. founder and CEO Robert Rosenschein says that as the Wiki portion of the Web site has grown over the past year, participation has snowballed to the point where the company doesn't have to work as hard to promote itself. Those answers are the most valuable thing we have even though some are more detailed and some less so… When you start to get that sort of scale it just sort of happens.

As Rosenschein acknowledges, crowdsourced answers are far more likely to contain factual errors than are answers taken from professional sources. The more new questions you get, the more new answers you get." Of course, the paradox of success is that the more popular your crowdsourcing site is, the more likely it will become the target of vandals. This is why, he says, it's so important to foster a tight community that takes pride in keeping the site accurate and will work quickly to clean up any vandalism. Because the service uses its online community to research the validity of patent claims – a time-consuming task if there ever was one – it pays money to users who are the first to come up with a correct solution to whether a patent is valid or not. For AOP Patent Studies, developing a sense of community is also important, but it's not the only incentive it uses to push its users toward greater accuracy.

It basically works like this: a company comes to AOP Patent Studies and pays them to look into a patent claim. The first two people to get results get paid a portion of the money. The Web site then throws the case to its online community for research. Still, Article One Partners CEO Cheryl Milone thinks that monetary incentive can't help your crowdsourcing site if you don't first develop a strong sense of cooperation among users. "There really has to be a sense of camaraderie and loyalty," she says. "Whether people are brought to the site because they know a lot about a particular technology or because they feel strongly that the patent system needs to be strengthened, it's the feedback they get from the community that keeps them coming back and is in itself compensation for their efforts."

Microsoft still does not acknowledge a weakness in its Internet Explorer browser that was pointed out seven weeks ago and enables attackers to hijack what are supposed to be secure Web sessions. If Microsoft doesn't fix the problem, Apple can't fix it on its own, Apple says. The company says it is still evaluating whether the weakness exists, but Apple, which bases its Safari for Windows browser on Microsoft code, says Safari for Windows has the weakness and the Microsoft code is the reason.

Apple has fixed the problem for Safari for Macs. Once our investigation is complete, we will take appropriate action to help protect customers," a Microsoft spokesperson said via e-mail. "We will not have any more to share at this time." The weakness can be exploited by man-in-the-middle attackers who trick the browser into making SSL sessions with malicious servers rather than the legitimate servers users intend to connect to. Black Hat's most notorious incidents: a quiz "Microsoft is currently investigating a possible vulnerability in Microsoft Windows. Current versions of Safari for Mac, Firefox and Opera address the problem, which is linked to how browsers read the x.509 certificates that are used to authenticate machines involved in setting up SSL/TLS sessions. The attacks involve getting certificate authorities to sign certificates for domain names assigned to legitimate domain-name holders and making vulnerable browsers interpret the certificates as being authorized for different domain-name holders.

In July two separate talks presented by researchers Dan Kaminski and Moxie Marlinspike at the Black Hat Conference warned about how the vulnerability could be exploited by using what they call null-prefix attacks. For instance, someone might register www.hacker.com. In that case, the authority would sign a certificate for bestbank.hacker.com, ignoring the sub-domain bestbank and signing based on the root domain hacker.com, Marlinspike says. In many x.509 implementations the certificate authority will sign certificates for any request from the hacker.com root domain, regardless of any sub-domain prefixes that might be appended. At the same time, browsers with the flaw he describes read x.509 certificates until they reach a null character, such as 0. If such a browser reads bestbank.com\0hacker.com, it would stop reading at the 0 and interpret the certificate as authenticating the root domain bestbank.com, the researcher says. An attacker could exploit the weakness by setting up a man-in-the-middle attack and intercepting requests from vulnerable browsers to set up SSL connections.

Browsers without the flaw correctly identify the root domain and sign or don't sign based on it. If the attacking server picks off a request to bestbank.com, it could respond with an authenticated x.509 certificate from bestbank.com\0hacker.com. The user who has requested a session with bestbank would naturally assume the connection established was to bestbank. The vulnerable browser would interpret the certificate as being authorized for bestbank.com and set up a secure session with the attacking server. Once the link is made, the malicious server can ask for passwords and user identifications that the attackers can exploit to break into users' bestbank accounts and manipulate funds, for example, Marlinspike says. These certificates use an asterisk as the sub-domain followed by a null character followed by a registered root domain.

In some cases attackers can create what Marlinspike calls wildcard certificates that will authenticate any domain name. A vulnerable browser that initiated an SSL session with bestbank.com would interpret a certificate marked *\0hacker.com as coming from bestbank.com because it would automatically accept the * as legitimate for any root domain. Such a wildcard will match any domain, he says. This is due to "an idiosyncrasy in the way Network Security Services (NSS) matches wildcards," Marlinspike says in a paper detailing the attack. The differences between what users see on their screens when they hit the site they are aiming for and when they hit an attacker's mock site can be subtle.

A Microsoft spokesperson says Internet Explorer 8 highlights domains to make them more visually obvious, printed in black while the rest of the URL is gray. "Internet Explorer 8's improved address bar helps users more easily ensure that they provide personal information only to sites they trust," a Microsoft spokesperson said in an e-mail. The URLs in the browser would reveal that the wrong site has been reached, but many users don't check for that, Marlinspike says. Marlinspike says the null character vulnerability is not limited to browsers. "[P]lenty of non-Web browsers are also vulnerable. Outlook, for example, uses SSL to protect your login/password when communicating over SMTP and POP3/IMAP. There are probably countless other Windows-based SSL VPNs, chat clients, etc. that are all vulnerable as well" he said in an e-mail.

MediaTek has started shipping a new generation of its widely used mobile phone chips with support for an application download store that will first target China's masses of mobile subscribers, the store developer said Tuesday. The download store, now available only with the new MediaTek chips, is planned to launch outside China later as well, said Luo Tianbo, vice president of business development at Vogins, the middleware vendor that developed the platform. Chips from Taiwan-based MediaTek already power most mobile phones in China.

Handset makers, mobile carriers and other companies have announced plans for similar download stores as a way to lure users and boost revenue. The MediaTek download platform will compete for phone buyers' attention with Apple's App Store and the three mobile carriers' stores. Apple's App Store may launch in China when the iPhone formally goes on sale in the country this year, and China's three mobile carriers are all developing download stores. While the App Store may face regulatory obstacles and China Mobile's store, launched last month, has yet to take off, phones that support the MediaTek store could pour quickly into the hands of Chinese users. The MediaTek store will not "absolutely" compete against the download stores from China's carriers, said Luo.

China has a huge market for mobile phones and services with over 700 million mobile subscribers, and MediaTek holds over a 50 percent share of China's handset chip market, according to BNP Paribas. MediaTek is in talks with China Mobile, China Unicom and China Telecom about altering the Vogins platform to support their stores as well, he said. The Vogins store currently has about 100 free or paid applications made by third-party developers, mostly games but also including other content such as e-books, he said. MediaTek began including support for the application download platform in its chipset packages for mobile phone manufacturers last month, and handsets that support it will go on sale in China around November, Luo said. Vogins, which is majority-held by MediaTek, aims to reach at least 400 to 500 applications by the end of next year.

The application store can be accessed from a software platform MediaTek modified from the Nucleus kernel, said Luo. One hugely popular program it may soon offer is a client for the QQ chat service, owned by Chinese portal Tencent, said Luo. Nucleus is a real-time operating system designed by Mentor Graphics for use mainly on embedded devices. A further boost for the store in China could come from its stock of local applications, JP Morgan said. "We think MediaTek is in a strong position to build a far bigger set of China-specific applications than any other vendor," the note said. The retail price for handsets that support the MediaTek store could reach as low as US$100, partly because the company is using its own OS, JP Morgan predicted in a recent research note.

MediaTek did not immediately reply to a request for comment.

CIOs are giving satellite communications a second look, as providers deliver faster, more affordable services and as more government agencies and large corporations focus on keeping networks up and running.

Slideshow: Top 10 cool satellite projects

One sign of this trend: The U.S. government has announced a joint military/civilian agency purchase for commercial satellite communications services worth an estimated $5 billion over 10 years. The feds plan to request bids from satellite communications providers next year and to award contracts in 2011.

Related story: Feds to spend $5B on satellite services

"We see the need for commercial satcom service to continue and to increase over the next couple of years," says Kevin Gallo, program manager for satcom services at the U.S. General Services Administration.

The U.S. government is interested in commercial satellite services for traditional uses - emergency response, remote locations, video broadcast and distance learning - as well as the emerging area of continuity of operations (COOP).

"We think every organization should consider using satcom for their COOP needs," Gallo says, pointing out that satellite offers excellent redundancy for terrestrial networks and can be used for voice and data. "Satellite-provided backup can really be cost-effective insurance for when your terrestrial network goes down. It's available at a low cost, and you can surge when you need it."

Among the companies that are buying satellite services to back up terrestrial networks are Republic National Distributing Co. (RNDC), a wine and liquor distributor, and Roundtree Automotive, an Alabama car dealership.

Companies with remote locations such as BP, ConocoPhillips and other gas station chains have traditionally used satellite communications for low-bandwidth applications such as credit card authorizations and inventory updates. But as the satellite capacity over the United States increases, more enterprises are considering satellite for broadband and mobile applications.

"There's always been demand for higher bandwidth satellite solutions from enterprises… The problem has been the supply," says Christopher Baugh, president of NSR, a market research firm specializing in satellite and wireless services.

Baugh says that the newest satellites from Hughes, ViaSat and WildBlue will change how CIOs view satellite services for broadband applications, particularly COOP.

COOP is "a no-brainer for a lot of enterprises that need 100% or near 100% uptime," Baugh says. "This has been talked about since 2005, after Hurricane Katrina. That's when disaster recovery and business continuity propelled itself to the forefront."

The new economics of Satcom

Enterprises are interested in satellite communications because it has gotten faster, less expensive and more reliable over the last five years.

"The cost of satellite service has come way down, and it will continue to come down," says Lisa Scalpone, senior vice president for business development at WildBlue, a residential satellite broadband service that is available to enterprise customers through resellers. "The newest satellites offer 10 times the capacity of older models but at the same cost."

For example, WildBlue provides a Ka-band satellite service with 1.5 megabit/sec download and 256 kilobit/sec upload for less than $80 a month. WildBlue has been selling its broadband satellite service to residential customers for four years, and it has attracted 400,000 customers.

Although WildBlue doesn't offer COOP services to enterprises directly, the company says it has excellent growth potential.

"Satellite is such a tremendous resource for continuity of operations because you cannot take out the core infrastructure. The satellite is 22,000 miles in space. Even if you have a terrorist attack or a massive fire, you have a satellite in the sky that can't be taken out," Scalpone says. "Even if the end user site is destroyed, you can simply bring in a managed gateway. All you need is a power supply. You can run it on battery."

Internet Technology Solutions (ITS), a WildBlue reseller in Centennial, Colo., is pitching T-1 backup services to telecom, energy and utilities companies for less than $2,000 a year.

"These companies have two things in common: they have to have connectivity 24-by-7, and they are in underserved areas," says Randy Thompson, president of ITS. "Right now, satellite is not competitive with cable modem. But it's very, very inexpensive compared to what it used to be. It's a very inexpensive security blanket for backup applications."

Next-generation satellites due for launch in the next two years will be an even better fit for COOP.

The ViaSat-1 satellite, due for launch in the first half of 2011, will have another 10 times the capacity of today's Ka-band satellites for the same cost. ViaSat calls this satellite a third-generation satellite, following in the footsteps of Ku- and C-band satellites and Ka-band satellites.

"These third-generation satellites don't cost that much more to design, build and launch than the second or the first but they have 10 times the capacity of the second and 100 times the capacity of the first," says Kristi Jaska, vice president of strategy and marketing for commercial satellite networks at ViaSat. "They become much more cost-competitive with other technologies."

Jaska says ViaSat's new satellite will provide up to 20 megabits/sec download speeds for enterprise customers.

"Right now companies are using DSL or EVDO to backup T-1s," Jaska says. "The third-generation satellites bring us squarely into the mix of being a better choice than DSL for backup."

The latest satellites eliminate the problem of latency, too, by adding application acceleration and WAN optimization features. ViaSat, for example, offers application acceleration that's built into its satellite ground equipment.

DISA promotes satellite backup

One organization that's embracing satellite communications for network redundancy is the Defense Information Systems Agency (DISA).

Bruce Bennett, DISA's director and procurement executive officer for satellite communications, teleports and services, says the newest communications satellites offer more capacity and more of them are being launched at a time, bringing down the cost for broadband service.

"This new generation of satellite communications is going to have a significant amount of bandwidth and is very economical," Bennett says. "It will be a third of the cost you see today, and you can buy it on the spot. You can get guaranteed, variable or best-effort kind of bandwidth so it becomes very economical to have everything backed up."

In the United States, DISA is looking at a satellite/wireless combination that would serve as a backup to its terrestrial networks

"We're also doing a lot of work in the area of using satellite as a front end for major wireless nodes so that we don't have to hook up to the terrestrial infrastructure," Bennett says. "We're going to use broadband from small VSAT terminals and then feed that into WiMAX or LTE for backup."

DISA encourages other enterprises to consider satcom to improve network diversity and reliability.

"People tend to only think about … adding more fiber and adding more routers. They don't think about adding different layers of transport. Instead of more terrestrial, they could have satellite or wireless," Bennett says.

Hughes Network Systems has been promoting business continuity applications for broadband satellite since 2005, after Hurricane Katrina wiped out New Orleans and surrounding areas.

"After 9/11, federal agencies started to recognize the need for redundant communications, and where all of them went was down the path of awarding contracts to two terrestrial carriers," says Tony Bardo, assistant vice president for government solutions at Hughes. "What Katrina taught us is that nothing could be further from the truth. Those terrestrial lines came to a screeching halt…The only thing that worked was satellite."

Bardo says it's been easier to pitch back-up satellite services since spring 2008, when Hughes started selling services from its newest satellite dubbed SPACEWAY 3. That's because the SPACEWAY 3 services are a better fit for backing up MPLS networks, which feature differentiated classes of service.

"Our story is better. It's one of speed, and it's a lot less expensive," Bardo says. "Now these services have the ability to match up well with terrestrial services in most parts of the country."

Hughes offers a part-time broadband service that companies can buy for less than $150 a month. This service is like an insurance plan that companies can call up if they suffer a natural disaster or a fiber cut that eliminates their Internet access.

"If you have terrestrial communications, you do have single points of failure, and it's often in that last mile," Bardo says. "Even if you're buying from two carriers, you're not as diverse as you think you are. Our service is really insurance… The key attribute of satellite is that it's going to get you a long ways away from the disaster."