Skip the Crowds: Online Shopping Tips for Black Friday

You probably already know that many Black Friday bargains are available online too. Save the Kevlar vest for another day. Rather than brave the elements or risk being trampled at 5 a.m., it's much more pleasant to shop from the comfort of home. We asked a few expert bargain-hunters how online shoppers can score the best deals on Black Friday.

Retailers often say they won't sell doorbusters online, but that's not always true. Here's their advice: Dan de Grandpre, editor in chief of dealnews: Doorbusters, those incredibly cheap deals designed to get people in the door, may be available online too. Last year, for instance, Wal-Mart offered all of its doorbusters online-but not until later in the day on Friday. Many Black Friday deals aren't in fact great deals. Don't give up the savvy shopping techniques you'd use all year just because it's Black Friday.

You'll find better prices online. Michael Brim, president of Black Friday deal site BFAds : Some retailers jump the gun and start their online sales as early as midday Thanksgiving. Use price-comparison sites like PriceGrabber and Shopping.com to be sure you're getting the best deal. Yes, while you're eating. (You could always excuse yourself from the table to nab that $78 Blu-ray player.) Then again, many sales start between midnight and 3 a.m. (Eastern) on Friday. Be aggressive.

If you have trouble staying up, try a quick nap after dinner. You can't wake up at noon Friday and expect everything to be in stock. Well, you could reload a retailer's page for hours. How do you know when online sale goes live? Another option is to monitor Black Friday sites like BFAds. John Dunkin, founder of iBlackFriday.com: Plan ahead.

They'll let you know when sales are live. Go to a retailer's site early, pick out everything you want, and add it to your shopping cart. You can get pretty much everything you want online. Next, log into your account on Thanksgiving Day to see if your products are available at Black Friday prices. If you don't need a doorbuster item, don't bother going to the brick-and-mortar store. Contact Jeff Bertolucci via Twitter (@jbertolucci) or at jbertolucci.blogspot.com.

AMF bowls for customers with video sharing over managed IP

AMF Bowling Centers Inc. is wrapping up the roll-out of a $2 million nationwide network equipment upgrade that supports Voice over IP (VoIP) and video streaming, and includes turning over all network management to Verizon Business for three more years. As part of a contract with Verizon, the company is now relying on Verizon for an IP network that supports VoIP, point of sale devices and credit card transactions, and web hosting. AMF has 300 bowling centers in 38 states with more than 9,000 employees. The IP network also supports a centralized video surveillance system that is now being launched, as well as a centralized energy management system being tested in several bowling centers.

The contract with Verizon, signed early this year, will cost AMF about $800,000 a year, in addition to the $2 million equipment cost for Adtran routers in each center and cabling installations, he said. Additionally, because bowling has become a multimedia experience for customers, video and audio streaming of music videos is piped to most of the bowling centers using the IP network, said Harsha Bellur, vice president of IT at AMF. "We have extreme sound and light shows over projection screens in most locations with music videos that play while people are bowling," Bellur said. AMF's annual network services cost has gone up slightly with the Verizon managed service, but the number of IP applications and network reliability have far exceeded what was previously available, Bellur said. "The ROI was on the wall, but we had to do this and it made a lot of sense to invest, even with the recession," Bellur said in an interview. With cable modems and DSL there was not consistent bandwidth, while demanding applications like video were not possible. Before hiring Verizon for the managed IP service, AMF was using Verizon to provide a site-to-site VPN service, which relied on cable modems and DSL, and required AMF to work with 36 different ISPs. One of the biggest advantages of using a managed service from a nationwide provider like Verizon is having Service Level Agreements (SLAs) to guarantee service, Bellur said.

The SLAs have already come in handy, resulting in a credit from Verizon because VoIP service in Atlanta and Virginia Beach, Va., was knocked out recently more than 3.5 hours - a provision of the SLA - due to regional flooding, Bellur said. "Verizon has kept up with its SLAs and offered a financial remedy," he said. Because of the recent flood-related outages, AMF is planning to provision at least one analog phone line in each center to provide an automatic failover for voice services. "It's back to the future with the analog failover," he said, noting that AMF is now testing existing analog lines that were not being used to see which are resilient enough for failover duty. "The voice outages were a challenge and we learned the hard way with the floods," he said. "It caused some heartburn and was not something we anticipated, but we have options." The managed services contract with Verizon has not led to layoffs in the 29-person IT staff, although Verizon is managing all circuits, routers and cloud computing services. While the Verizon VoIP quality is generally good, one downside is that voice service goes down whenever there is a data network outage. The added Verizon support has meant AMF can strengthen its end-user computer support desk, which now is staffed by seven of the 29 in IT, Bellur said. AT&T Inc. and regional service provider Paetec also bid.

Bellur and others picked Verizon partly because of its nationwide network, he said. The centralized energy management system for AMF is undergoing trial runs now, to test the IP network automatically turning on and off heating and air conditioning according to hours of each bowling center. While AMF centers are actively using the network to support video and audio, Bellur said his team is contemplating using video displays as digital signs that would show pricing and examples of products on sale, including food and alcohol. The video surveillance system is designed to prevent theft and is just being installed to use the IP network, Bellur said. In addition, training videos could be piped over the IP network, Bellur said. Potentially, self-service kiosks for ordering food are possible, and online posting of scores could take place, shared over the nationwide network. "Teams between two cities could host a tournament sharing tournament brackets," he said. "We're brainstorming, but it all comes down to costs."

A longer term conceptual project has been discussed to stream videos of bowlers or birthday parties being held at bowling centers to relatives in other cities.

EU wants safe volume settings on portable music players

The European Commission has ordered all makers of portable music players to add a default volume setting of around 80 decibels (dB) and a health warning to all new devices within the next two years. The current maximum volume level permitted for portable devices of 100 dB in the European Union remains unchanged, the Commission said in a statement. It is also calling on standards bodies to change industrywide technical safety standards for mobile devices to include the 80 dB default setting. An estimated 10 percent of music player owners in Europe (up to 25 million people) risk going deaf by listening to music at volumes of up to 120 dB - - roughly the volume of a jet airliner taking off - for an hour or more each day on a regular basis, consumer rights commissioner Meglana Kuneva said in a press conference Monday.

Eighty dB is roughly the volume of road traffic."It's easy to push up the volume on your MP3 player to damagingly loud levels, especially on busy streets or public transport," Kuneva said, adding that young people especially "have no idea they can be putting their hearing at risk."The new standard default setting on devices won't prevent users from overriding the default settings and pumping up the volume, but there will be clear warnings so they know the risks they are taking, Kuneva said. You can safely listen to music at 80 dB for up to 40 hours a week without harming your ears, a study conducted for the Commission concluded. The industry said it supported the move but it warned the Commission not to try to prescribe universal volume levels for all users. Bridget Cosgrave, director general of the trade group Digital Europe, added that music players are only one part of the problem of hearing loss, but the industry would cooperate in the European initiative, "to best serve consumer interests" she said. It urged the Commission and standardization bodies to match the wishes of users with safety considerations when they set the default level.

Digital Europe called for global harmonization of the standards to be applied in Europe. "Unharmonised requirements would undermine credibility and confuse users, potentially exposing themselves to inappropriate volume of noise," the trade group said in a statement. Kuneva warned firms that she won't tolerate their failure to observe the new standards. "Regardless how big the company, no matter how reputable, I will take action," the commissioner said. And it warned the Commission against setting "overly stringent regulations", pointing out that this would drive sales of products to countries with more relaxed regulation.

H4ck3rs are people too: Film review

My friend and colleague Alan Freedman, author of the distinguished Computer Desktop Encyclopedia, defines hacker as follows in Version 22.4: "Hacker: A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes. The association is understandable. Hackers have a bad name During the 1990s, the term "hacker" became synonymous with "cracker," which is a person who performs some form of computer sabotage.

In order to be an effective cracker, you had to be a good hacker, thus the terms got intertwined, and hacker won out in the popular press. Today, a lot of malicious acts are performed by people with limited knowledge who gain unauthorized entrance into computers to steal data or perform mischief (see script kiddie)." "HACKERS ARE PEOPLE TOO," a 2008 documentary directed by Ashley Schwartau and produced by Winn Schwartau, is a refreshing look at intelligent, healthy, original people who are far from the twisted misfits portrayed in the notorious 1992 propaganda film "Unauthorized Access" by Annaliza Savage. Why criminal hackers must not be rewarded However, sometimes, hackers are not even worthy of the original meaning of the term. It's a counterblow against the unfortunate hijacking of the term "hacker" by an uninformed press over the last 30 years. Yes, that exists, and yes, it's out there, but people in this community who call themselves hackers are incredibly talented people who are independent thinkers, who come up with incredibly creative and innovative ways of solving problems that other people just don't think of solving in a certain way. Steven Levy tried his best to fight the misuse of the term in his entertaining and informative book, Hackers: Heroes of the Computer Revolution (Penguin, Updated edition, Jan. 2, 2001; ISBN 978-0141000510; AMAZON). The film opens with some authentic perspectives from several simpatico non-criminal hackers on their enthusiasm for learning and tinkering: "When you think of hackers, forget the criminal aspect of it.

We are an incredibly creative… intuitive bunch; we latch onto technology and find new ways of using it and have been doing this … for fifty years." – Nick Farr, Co-Founder, Hacker Foundation. "A hacker is someone who wants to know how things work, take them apart, look at the components, see if there's a way to make them better, and put it back together and share that information openly without motivation of profit or fame or anything like that." – Scott Davidson, security professional "For any individual item… [or] raw material that can be forged into a product, there is the expected uses of it and then there is other. They see a fork and they go, 'Aha! Most people look at the expected uses. This is an object that has one purpose: to eat food.' And a hacker looks at the fork and says, 'Aha! Aha! This is metal: it will conduct electricity.

This has sharp points: it can make holes in clay for … making a sculpture." – Dan Kaminsky, penetration tester. As Kaminsky says, labeling an object by its primary function should not stop us from recognizing its manifold reality. I was particularly struck by Davidson's comment, since I've been strongly influenced by the work of Alfred Korzybski on his General Semantics since I was 13 years old (believe me, it didn't get me any dates in high school). One of the most important principles of General Semantics is often summarized by the aphorism "The map is not the territory" which is taken to mean that symbols are abstractions, not reality. Good problem-solvers – hackers in the context of this discussion – are good at seeing novel uses for all manner of tools. I loved it!

Ashley Schwartau's movie really moved me. On a personal note, I started programming in assembler using an ancient teach-yourself textbook in 1965 and quickly moved on to FORTRAN IV G at McGill University (whew!). But I still used assembler coding to program HP65 programmable calculator, which had no alphabetical characters on its display. That's hacking. To create my own space-war game, complete with limited orbital and ballistic calculations, I turned the device upside down to interpret the reversed numerals as a limited set of alphanumerics for status reports. In 1980, while being trained on HP's VPLUS/3000 forms-design software, I realized that the software's parser (the "MATCH" function and its wild cards) allowed one to branch from one form to another by parsing a user's inputs.

As a result of that insight, HP sent me to its Cupertino facilities on a six-month research assignment during which I worked with HP programmer Simon Cintz to create a SYSDUMP training simulation – HP's first computer-based training. In other words, the software was not simply a "forms-design package" as it was labeled: it could justifiably be called a programming language. And that's hacking! The documentary will show youngsters that non-criminal hackers are not sociopathic law-breakers – they're often immensely likeable people with tremendously creative intelligence and originality. So as a proud hacker – but never a criminal – let me urge you to enjoy the Schwartau's charming film, which can be used in schools to fight propaganda from criminal hackers and their sympathizers. Good one, Ashley & Winn! * * * For more materials you can give to children and teachers to oppose hackers, see the Ethics section of my Web site.

For interviews with Ashley Schwartau in which she talks about her motivations for making the documentary, the process, and the response, see:

Microsoft targets Google Apps, cuts Exchange Online price

Microsoft has cut in half its per user per month list price for Exchange Online services and cut by 33 percent the price of its Business Productivity Online Services suite of online productivity applications. In addition, Microsoft said allowable mailbox sizes would go from 5GB to 25GB, a move that ups Microsoft's stake in the so-called "bottomless" inbox war with other online providers. "For many companies, GAPE vs. The drop from US$10 per user per month to $5 for Exchange Online is significant because it brings Microsoft much closer to the price Google charges for its Google Apps Premier Edition (GAPE) suite that is anchored by Gmail. Exchange Online is a valid comparison - and Microsoft just got a lot closer to Google's pricing," said Guy Creese, an analyst with the Burton Group.

Creese says the cost reduction in notable for corporate users who typically focus on GAPE as an email replacement. "The hidden story here is that most large GAPE installations are Gmail-focused. Microsoft's per year cost per user for Exchange Online is now $60. Google charges $50 per user per year for GAPE, which also includes other productivity applications. SMBs are using Google Apps as a replacement for Microsoft Office, but large enterprises aren't. So while enterprises buying GAPE may be paying for e-mail, a word processor, a spreadsheet, and a presentation package, what they're really using is the e-mail portion." Microsoft also cut the list price on its entire Business Productivity Online Services (BPOS) suite, saying it would drop from $15 per user per month to $10. Users have to buy a minimum of 5 seats. There are also slimmed down online versions of Exchange and SharePoint for "deskless" workers, or those who use the services infrequently. "I think the price decrease is a combination of Microsoft tuning its infrastructure and continued competition in the space," said Creese. "If the competition weren't there, given Microsoft's financial fine tuning over the past year, I'm sure the company would be pocketing the increased profit." Major vendors such as IBM, Cisco, Novell, and Google are hot to build online service businesses around e-mail and other collaboration software. BPOS includes Exchange Online with Hosted Filtering, SharePoint Online, Office Communications Online and Microsoft Office Live Meeting.

Last week, the Los Angeles City Council approved a $7.25 million five-year deal to adopt Gmail and other Google Apps. A year ago, IBM launched Lotus Notes Hosted Messaging. Last year, Cisco spent $215 million to buy PostPath, which supplies e-mail and calendaring. Microsoft's Ron Markezich, corporate vice president for Microsoft Online, said the price reduction was a reflection of the popularity and maturation of BPOS, which he says now has more than 1 million paying customers. "Since we came to market with general availability we have seen a large increase in scale of the service which allows us to drive efficiencies," he said. "And we have made a number of software investments including Exchange 2010 that allow us to drive additional efficiencies." He said Microsoft is passing on the benefits of those efficiencies and would continue to do so as a hallmark of BPOS. Exchange 2010 is expected to ship in next week and Markezich said once the server is commercially available that BPOS would offer that platform to customers. In addition, Microsoft said BPOS will be commercially available today in Singapore with commercial availability in India available later this year. He said new customers signing up after today would all be using 2010. But existing customers could cut over when they wanted.

In addition, Monday marked the launch of BPOS trials in Brazil, Chile, Colombia, Czech Republic, Greece, Hong Kong, Hungary, Israel, Malaysia, Mexico, Poland, Puerto Rico, Romania and Taiwan. BPOS is now available or in-trial in 36 counties. Microsoft did not disclose dates for general availability of the service in those areas but said trials can run from 2-6 months.

Microsoft links malware rates to pirated Windows

Microsoft today said computers in countries with high rates of software piracy are more likely to be infected by malicious code because users are leery of applying security patches. "There is a direct correlation between piracy and the malware infection rate," said Jeff Williams, the principal group program manager for the Microsoft Malware Protection Center. But the company's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate - as defined by the number of computers cleaned for each 1,000 executions of the MSRT - of just 6.7, significantly lower than the global average of 8.7 or the U.S.'s rate of 8.2 per thousand. Williams was touting the newest edition of his company's biannual security intelligence report . According to Williams, the link between PC infection rates - the percentage of computers that have been cleaned by the updated monthly Malicious Software Removal Tool, or MSRT - and piracy is due to the hesitancy of users in countries where counterfeit copies abound to use Windows Update, the service that pushes patches to PCs. China's piracy rate is more than four times that of the U.S., according to Microsoft's report, published today, but the use of Windows Update in China is significantly below that in the U.S. Brazil and France also have a higher piracy rate, and lower Windows Update usage, than the U.S., Microsoft maintained. France's infection rate of 7.9 in the first half of 2009 was also under the worldwide average.

Other countries with higher-than-average infection rates, however, also have high piracy rates, according to data published last May by the Business Software Alliance (BSA), an industry-backed anti-piracy organization, and research firm IDC. Microsoft is a member of the BSA. By Microsoft's tally, Serbia and Montenegro had the highest infection rate in the world, with 97.2 PCs out of every 1,000, nearly 10%, plagued by malware. Of the three countries Microsoft called out as examples of nations whose users are reluctant to run Windows Update because of high piracy rates, only Brazil fit William's argument: Brazil's infection rate was 25.4, nearly three times the global average. Turkey was No. 2, with 32.3, while Brazil, Spain and South Korea were third through fifth, with infection rates of 25.4, 21.6 and 21.3, respectively. By comparison, the U.S.'s piracy rate was pegged at 20%, and the worldwide average at 41%. Although Microsoft wants users to patch vulnerabilities with Windows Update, people running counterfeit copies of Windows have traditionally been less-than-eager to apply fixes, believing that Windows Update will recognize their software as illegal and mark it as such with nagging on-screen messages. The BSA put Serbia's piracy rate, the percentage of the in-use software that's not licensed, at 74% in 2008, while Turkey, Brazil, Spain and Korea had estimated piracy rates of 64%, 58%, 42% and 43%, respectively. Microsoft's anti-piracy efforts, particularly the technology it pushes to users that sniffs out unlicensed copies of Windows, have met with resistance.

American users have complained about the technology, too. Last year, for example, Chinese users raised a ruckus when Microsoft updated its Windows Genuine Advantage (WGA) anticounterfeit validation and notification technology. In June 2006, Microsoft infuriated users by pushing a version of WGA to XP users via Windows Update, tagging it as a "high-priority" update that was automatically downloaded and installed to most machines. The 2006 incident sparked a lawsuit that accused Microsoft of misleading customers when it used Windows Update to serve up WGA. Last month, Microsoft filed a motion opposing a move by the plaintiffs to turn the case into a class-action lawsuit . Microsoft's security intelligence report can be downloaded from its Web site in PDF or XPS document formats. A year later, a day-long server outage riled thousands of users who were mistakenly fingered for running counterfeit copies of Windows.

Data Robotics ships Drobo iSCSI SAN

Data Robotics today released its first iSCSI SAN storage array that, like its other low-end arrays, manages itself and allows any capacity or brand of disk drive to be mixed, matched and exchanged without any downtime. The new system extends the number of Smart Volumes - Data Robotics' thin provisioning that pools capacity from all eight drives - so users can now create as many as 255 virtual storage volumes, up from 16 volumes in the current Drobo model. Data Robotics' DroboElite offers automated capacity expansion and one-click single- or dual-drive (RAID 5 or 6) redundancy for Windows, Mac and Linux machines.

The latest addition to the Drobo family of arrays is aimed at the small to mid-size business market and resellers selling into the virtual server space, according to Jim Sherhart, senior director of marketing for Data Robotics. "Virtual servers tend to use a lot of small LUNs (logical unit numbers)," said Jim Sherhart, senior director of marketing for Data Robotics. For example, if a user were to initially set up DroboElite for dual drive failure, he could switch to single-drive failure with one mouse click. The DroboElite is also able to drop from higher to lower levels of RAID with no manual intervention. Users can also change out drives, adding higher-capacity models, in 10 seconds - with no formatting required, according to Sherhart. Tarun Chachra, chief technology officer at marketing company KSL Media , has owned two Drobo USB arrays for about a year and a half.

DroboElite can support VMware environments and advanced functionality including VMotion, Storage VMotion, snapshots, and high availability. He purchased four DroboPro arrays in June for use in two offices for Microsoft Exchange replication and backups for about 16 servers. Chachra said he was impressed that he could simply go out and buy a 1TB, 7,200 RPM SATA drive for $69 and stick it in the DroboElite, saving him money on total cost of ownership on pricier SAS drives. He's also beta testing the DroboElite, which he plans to purchase for backing up his VMware servers because of its higher throughput with dual Gigabit Ethernet ports and greater number of creatable volumes. Chachra has been comparing his existing DroboPros, which can be configured with up to eight 2TB drives, to what he'd previously been using for backups: a Hewlett-Packard AiO400R array with four 500GB drives. The HP array runs the same iSCSI stack as the DroboPro, but it uses Windows 2003 Storage Server as a backup and replication application.

Chachra said the DroboPro cost about $3,500 compared with the AiO400, which cost $5,219. The HP array was set up for RAID 5 right out of the box and couldn't be changed; the DroboPro offers both RAID 5 and 6 interchangeably. The HP has forced Chachra to reboot his backup server every three days or so because it would hang up and couldn't handle bandwidth, he said. "We don't have huge IT teams looking at servers, so it's better for us to have something that can tolerate a higher driver failure rates," he said. "We also don't stock a lot of hard drives. The DroboElite also offers a non-automated thin provisioning feature called Smart Volumes that allows users to create new volumes in seconds and manage them over time by pulling storage from a common pool rather than a specific physical drive allocation. The main thing, though, is redundancy and having Exchange available all the time." "I don't know that an enterprise is going to run out and deploy this for 2,000 or 3,000 [users], but for small or mid-size shops, this is cost effective and it works as well as it should," Chachra added. Smart Volumes are also file system aware, which allows deleted data blocks to be immediately returned to the pool for future use.

Geoff Barrall, CEO and founder of Data Robotics, said the DroboElite can deliver cost savings of up to 90% compared to other iSCSI SANs "by combining cost-effective hardware with robust iSCSI features." The DroboElite is currently available starting at a price of $3,499, with multiple configurations selling for up to $5,899 for a 16TB configuration (using eight 2TB drives).