After several weeks of multiple outages a day, he says, the firm solved the puzzle: the files were named for the Swedish town of Falun, where the client was working. Mr. Bergman says his firm thinks the name triggered the filters China’s online censors use to block discussion of Falun Gong, a religious group long banned in China.

Read the rest of this post on the original site »

The company sells a firewall that provides security while at the same time allowing the constantly growing number of new applications to run on corporate networks. For the year ended 2011, it reported a net loss of $12.5 million on sales of $118.6 million. But it’s been profitable this year so far: For the first nine months of 2012, Palo Alto reported a $5.3 million profit on $180 million in sales. That would work out to a per-share profit of 10 cents, or nine cents on a fully diluted basis.

Morgan Stanley, Goldman Sachs and Citigroup are the lead underwriters on the offering. Major shareholders include Greylock Partners and Sequoia Capital, both of which own equal stakes of 13.8 million shares, worth $510 million, assuming a $37 share price. Their shares in the company amount to a combined 41.4 percent of the equity in the company. Globespan Capital Partners has a stake of 4.9 million shares, worth $182 million. Founder and CTO Nir Zuk has 3.8 million shares, worth almost $142 million.

Palo Alto will trade under the ticker symbol PANW on the New York Stock Exchange.

How can I burn a slideshow that I made in iPhoto on my MacBook Pro onto a CD?

A:

You can export the slideshow as a video (a QuickTime movie in Apple parlance) and then burn that video to your CD.

Here’s how: In iPhoto, after you’ve created the photo slideshow, with titles, music and so forth, click on the “Export” button at the bottom of the slideshow-creation window. Choose an option for the resolution of your movie and click “Export.”

Then, choose a destination on your hard disk where you’ll temporarily store the movie. Next, insert the recordable CD, and copy the movie into the window representing the CD. Finally, click on the “Burn” button at the upper right of that CD window.

Q:

I have recently gone almost all Google: I moved my business email to Google, am using Google Docs, etc. I am in need of a new laptop and am considering a Google Chromebook. My question / concern is: What about programs I may need, such as iTunes, or some printer / scanner software, or an accounting suite? Will there be room for some of these programs and if so, will they operate on Chrome OS?

A:

Google’s Chromebook doesn’t run traditional programs. It is designed to only run so-called Web apps—app-like Web sites, from Google and others, that operate inside the Chrome browser. Also, it has very little local storage and depends on the Cloud—remote Internet servers—for most storage of apps and data. So, the bad news is you can’t install iTunes or your favorite Windows or Mac accounting suite on a Chromebook.

The good news is Google and others are churning out more and more Web apps for Chromebooks. For instance, there are a variety of music and accounting apps that might meet your needs. You can check these out at chrome.google.com/webstore.

Q:

I recently switched from BlackBerry to an Android-based phone. Do I need to install any anti-virus or firewall apps on an Android smartphone like what we do on a PC?

A:

It all depends on your tolerance for risk, your tolerance for running security software, how adventurous you are at downloading apps—and who you believe. Various reports have claimed that Android malware is surging, but last week Google disclosed a fairly new technology called “bouncer” that it has been using internally to weed out harmful apps. And the company claims there has been a big drop in malware in its app market in recent months.

My recommendation would be that if you are a safety-first person, or someone who experiments with lots of apps from companies you don’t know, you should consider using security software on Android.

Email Walt at mossberg@wsj.com.

Yesterday, in a major policy speech in Washington, D.C., Secretary of State Hillary Clinton jumped on the Internet bandwagon again, unveiling a $25 million government investment for entrepreneurs to allow dissidents to thwart “thugs, hackers and censors.”

Since that’s about the amount a third-string social photo-sharing site gets while walking down University Avenue in Palo Alto, Calif., from venture capitalists with bags of money to spend, let me just say the money is, well, underwhelming.

Luckily, Clinton’s speech–the latest chapter of the Obama administration’s “Internet Freedom Agenda”–was much better.

In fact, it was a sobering look at the situation, replete with all its conflicts and compromises, including some related to the State Department of late (hello, WikiLeaks!).

While more of a gimmick, Clinton outlined what she called a “venture capital-style approach” to stopping governments from closing down digital communications platforms.

In Egypt, that has included the whole dang Internet after times got tough and protesters tweeted too much.

Even still, said Clinton, such efforts–however effective now–were ultimately useless.

“Those who clamp down on Internet freedom may be able to hold back the full expression of their people’s yearnings for a while, but not forever,” she said.

Still, even though Facebook and Twitter have been lauded as critical tools in the reform protests in the Mideast, those Luddite strongmen did manage to put up a very good fight in shutting them down.

But Clinton advocated pressing on. Along with the seed funding for firewall-piercing and evading technologies, she also announced the creation of a new coordinator for cyber issues and the fact that the State Department had just begun to tweet in Arabic and Farsi and would soon be doing so in Chinese, Hindi and Russian.

All very nice steps, but the overall arrival of the long-promised global “strategy for cyberspace,” which has gotten bogged down in politics, is still to come.

In fact, a GOP-fueled criticism of the State Department was also released yesterday, designed to muck up Clinton’s speech, about how another $30 million in digital investments was being spent or, more precisely, being spent badly.

Clinton answered critics:

“Some have criticized us for not pouring funding into a single technology–but there is no silver bullet in the struggle against Internet repression. There’s no ‘app’ for that.”

Well, actually, since there is an app that turns your Apple iPhone into a hand massager, there certainly should be.

Speaking of that, Clinton was deft at dealing with the obvious delta between pressing for Internet freedom, even as U.S. government lawyers were whacking away at WikiLeaks–and, by association, Twitter itself.

Clinton noted the release of a mass of classified State Department documents “began with an act of theft,” arguing that this was the real issue.

She went on to further argue:

“I said that the WikiLeaks incident began with a theft, just as if it had been executed by smuggling papers in a briefcase. The fact that WikiLeaks used the Internet is not the reason we criticized its actions. WikiLeaks does not challenge our commitment to Internet freedom.”

Actually, the issue is that the Internet, once it really gets going, doesn’t really want to be controlled by anyone.

Kind of like humanity.

Or as Clinton so correctly noted about the various protests taking place abroad:

“In each case, people protested because of deep frustrations with the political and economic conditions of their lives. They stood and marched and chanted and the authorities tracked and blocked and arrested them. The Internet did not do any of those things; people did.”

In any case, judge for yourself: Here’s the video of the speech at George Washington University from the State Department’s Web site, as well as the full text below:

Thank you all very much and good afternoon. It is a pleasure, once again, to be back on the campus of the George Washington University, a place that I have spent quite a bit of time in all different settings over the last now nearly 20 years. I’d like especially to thank President Knapp and Provost Lerman, because this is a great opportunity for me to address such a significant issue, and one which deserves the attention of citizens, governments, and I know is drawing that attention. And perhaps today in my remarks, we can begin a much more vigorous debate that will respond to the needs that we have been watching in real time on our television sets.

A few minutes after midnight on January 28th, the Internet went dark across Egypt. During the previous four days, hundreds of thousands of Egyptians had marched to demand a new government. And the world, on TVs, laptops, cell phones, and smart phones, had followed every single step. Pictures and videos from Egypt flooded the web. On Facebook and Twitter, journalists posted on-the-spot reports. Protestors coordinated their next moves. And citizens of all stripes shared their hopes and fears about this pivotal moment in the history of their country.

Millions worldwide answered in real time, “You are not alone and we are with you.” Then the government pulled the plug. Cell phone service was cut off, TV satellite signals were jammed, and Internet access was blocked for nearly the entire population. The government did not want the people to communicate with each other and it did not want the press to communicate with the public. It certainly did not want the world to watch.

The events in Egypt recalled another protest movement 18 months earlier in Iran, when thousands marched after disputed elections. Their protestors also used websites to organize. A video taken by cell phone showed a young woman named Neda killed by a member of the paramilitary forces, and within hours, that video was being watched by people everywhere.

The Iranian authorities used technology as well. The Revolutionary Guard stalked members of the Green Movement by tracking their online profiles. And like Egypt, for a time, the government shut down the internet and mobile networks altogether. After the authorities raided homes, attacked university dorms, made mass arrests, tortured and fired shots into crowds, the protests ended.

In Egypt, however, the story ended differently. The protests continued despite the internet shutdown. People organized marches through flyers and word of mouth and used dial-up modems and fax machines to communicate with the world. After five days, the government relented and Egypt came back online. The authorities then sought to use the Internet to control the protests by ordering mobile companies to send out pro-government text messages, and by arresting bloggers and those who organized the protests online. But 18 days after the protests began, the government failed and the president resigned.

What happened in Egypt and what happened in Iran, which this week is once again using violence against protestors seeking basic freedoms, was about a great deal more than the internet. In each case, people protested because of deep frustrations with the political and economic conditions of their lives. They stood and marched and chanted and the authorities tracked and blocked and arrested them. The Internet did not do any of those things; people did. In both of these countries, the ways that citizens and the authorities used the Internet reflected the power of connection technologies on the one hand as an accelerant of political, social, and economic change, and on the other hand as a means to stifle or extinguish that change.

There is a debate currently underway in some circles about whether the Internet is a force for liberation or repression. But I think that debate is largely beside the point. Egypt isn’t inspiring people because they communicated using Twitter. It is inspiring because people came together and persisted in demanding a better future. Iran isn’t awful because the authorities used Facebook to shadow and capture members of the opposition. Iran is awful because it is a government that routinely violates the rights of its people.

So it is our values that cause these actions to inspire or outrage us, our sense of human dignity, the rights that flow from it, and the principles that ground it. And it is these values that ought to drive us to think about the road ahead. Two billion people are now online, nearly a third of humankind. We hail from every corner of the world, live under every form of government, and subscribe to every system of beliefs. And increasingly, we are turning to the Internet to conduct important aspects of our lives.

The Internet has become the public space of the 21st century–the world’s town square, classroom, marketplace, coffeehouse, and nightclub. We all shape and are shaped by what happens there, all 2 billion of us and counting. And that presents a challenge. To maintain an Internet that delivers the greatest possible benefits to the world, we need to have a serious conversation about the principles that will guide us, what rules exist and should not exist and why, what behaviors should be encouraged or discouraged and how.

The goal is not to tell people how to use the Internet any more than we ought to tell people how to use any public square, whether it’s Tahrir Square or Times Square. The value of these spaces derives from the variety of activities people can pursue in them, from holding a rally to selling their vegetables, to having a private conversation. These spaces provide an open platform, and so does the Internet. It does not serve any particular agenda, and it never should. But if people around the world are going come together every day online and have a safe and productive experience, we need a shared vision to guide us.

One year ago, I offered a starting point for that vision by calling for a global commitment to Internet freedom, to protect human rights online as we do offline. The rights of individuals to express their views freely, petition their leaders, worship according to their beliefs–these rights are universal, whether they are exercised in a public square or on an individual blog. The freedoms to assemble and associate also apply in cyberspace. In our time, people are as likely to come together to pursue common interests online as in a church or a labor hall.

Together, the freedoms of expression, assembly, and association online comprise what I’ve called the freedom to connect. The United States supports this freedom for people everywhere, and we have called on other nations to do the same. Because we want people to have the chance to exercise this freedom. We also support expanding the number of people who have access to the Internet. And because the Internet must work evenly and reliably for it to have value, we support the multi-stakeholder system that governs the internet today, which has consistently kept it up and running through all manner of interruptions across networks, borders, and regions.

In the year since my speech, people worldwide have continued to use the Internet to solve shared problems and expose public corruption, from the people in Russia who tracked wildfires online and organized a volunteer firefighting squad, to the children in Syria who used Facebook to reveal abuse by their teachers, to the Internet campaign in China that helps parents find their missing children.

At the same time, the Internet continues to be restrained in a myriad of ways. In China, the government censors content and redirects search requests to error pages. In Burma, independent news sites have been taken down with distributed denial of service attacks. In Cuba, the government is trying to create a national intranet, while not allowing their citizens to access the global internet. In Vietnam, bloggers who criticize the government are arrested and abused. In Iran, the authorities block opposition and media websites, target social media, and steal identifying information about their own people in order to hunt them down.

These actions reflect a landscape that is complex and combustible, and sure to become more so in the coming years as billions of more people connect to the Internet. The choices we make today will determine what the Internet looks like in the future. Businesses have to choose whether and how to enter markets where internet freedom is limited. People have to choose how to act online, what information to share and with whom, which ideas to voice and how to voice them. Governments have to choose to live up to their commitments to protect free expression, assembly, and association.

For the United States, the choice is clear. On the spectrum of Internet freedom, we place ourselves on the side of openness. Now, we recognize that an open Internet comes with challenges. It calls for ground rules to protect against wrongdoing and harm. And Internet freedom raises tensions, like all freedoms do. But we believe the benefits far exceed the costs.

And today, I’d like to discuss several of the challenges we must confront as we seek to protect and defend a free and open Internet. Now, I’m the first to say that neither I nor the United States Government has all the answers. We’re not sure we have all the questions. But we are committed to asking the questions, to helping lead a conversation, and to defending not just universal principles but the interests of our people and our partners.

The first challenge is achieving both liberty and security. Liberty and security are often presented as equal and opposite; the more you have of one, the less you have of the other. In fact, I believe they make it each other possible. Without security, liberty is fragile. Without liberty, security is oppressive. The challenge is finding the proper measure: enough security to enable our freedoms, but not so much or so little as to endanger them.

Finding this proper measure for the Internet is critical because the qualities that make the internet a force for unprecedented progress–its openness, its leveling effect, its reach and speed–also enable wrongdoing on an unprecedented scale. Terrorists and extremist groups use the Internet to recruit members, and plot and carry out attacks. Human traffickers use the Internet to find and lure new victims into modern-day slavery. Child pornographers use the Internet to exploit children. Hackers break into financial institutions, cell phone networks, and personal email accounts.

So we need successful strategies for combating these threats and more without constricting the openness that is the Internet’s greatest attribute. The United States is aggressively tracking and deterring criminals and terrorists online. We are investing in our nation’s cyber-security, both to prevent cyber-incidents and to lessen their impact. We are cooperating with other countries to fight transnational crime in cyberspace. The United States Government invests in helping other nations build their own law enforcement capacity. We have also ratified the Budapest Cybercrime Convention, which sets out the steps countries must take to ensure that the internet is not misused by criminals and terrorists while still protecting the liberties of our own citizens.

In our vigorous effort to prevent attacks or apprehend criminals, we retain a commitment to human rights and fundamental freedoms. The United States is determined to stop terrorism and criminal activity online and offline, and in both spheres we are committed to pursuing these goals in accordance with our laws and values.

Now, others have taken a different approach. Security is often invoked as a justification for harsh crackdowns on freedom. Now, this tactic is not new to the digital age, but it has new resonance as the internet has given governments new capacities for tracking and punishing human rights advocates and political dissidents. Governments that arrest bloggers, pry into the peaceful activities of their citizens, and limit their access to the Internet may claim to be seeking security. In fact, they may even mean it as they define it. But they are taking the wrong path. Those who clamp down on Internet freedom may be able to hold back the full expression of their people’s yearnings for a while, but not forever.

The second challenge is protecting both transparency and confidentiality. The Internet’s strong culture of transparency derives from its power to make information of all kinds available instantly. But in addition to being a public space, the Internet is also a channel for private communications. And for that to continue, there must be protection for confidential communication online. Think of all the ways in which people and organizations rely on confidential communications to do their jobs. Businesses hold confidential conversations when they’re developing new products to stay ahead of their competitors. Journalists keep the details of some sources confidential to protect them from exposure or retribution. And governments also rely on confidential communication online as well as offline. The existence of connection technologies may make it harder to maintain confidentiality, but it does not alter the need for it.

Now, I know that government confidentiality has been a topic of debate during the past few months because of WikiLeaks, but it’s been a false debate in many ways. Fundamentally, the WikiLeaks incident began with an act of theft. Government documents were stolen, just the same as if they had been smuggled out in a briefcase. Some have suggested that this theft was justified because governments have a responsibility to conduct all of our work out in the open in the full view of our citizens. I respectfully disagree. The United States could neither provide for our citizens’ security nor promote the cause of human rights and democracy around the world if we had to make public every step of our efforts. Confidential communication gives our government the opportunity to do work that could not be done otherwise.

Consider our work with former Soviet states to secure loose nuclear material. By keeping the details confidential, we make it less likely that terrorists or criminals will find the nuclear material and steal it for their own purposes. Or consider the content of the documents that WikiLeaks made public. Without commenting on the authenticity of any particular documents, we can observe that many of the cables released by WikiLeaks relate to human rights work carried on around the world. Our diplomats closely collaborate with activists, journalists, and citizens to challenge the misdeeds of oppressive governments. It is dangerous work. By publishing diplomatic cables, WikiLeaks exposed people to even greater risk.

For operations like these, confidentiality is essential, especially in the Internet age when dangerous information can be sent around the world with the click of a keystroke. But of course, governments also have a duty to be transparent. We govern with the consent of the people, and that consent must be informed to be meaningful. So we must be judicious about when we close off our work to the public, and we must review our standards frequently to make sure they are rigorous. In the United States, we have laws designed to ensure that the government makes its work open to the people, and the Obama Administration has also launched an unprecedented initiative to put government data online, to encourage citizen participation, and to generally increase the openness of government.

The U.S. Government’s ability to protect America, to secure the liberties of our people, and to support the rights and freedoms of others around the world depends on maintaining a balance between what’s public and what should and must remain out of the public domain. The scale should and will always be tipped in favor of openness, but tipping the scale over completely serves no one’s interests. Let me be clear. I said that the WikiLeaks incident began with a theft, just as if it had been executed by smuggling papers in a briefcase. The fact that WikiLeaks used the Internet is not the reason we criticized its actions. WikiLeaks does not challenge our commitment to Internet freedom.

And one final word on this matter: There were reports in the days following these leaks that the United States Government intervened to coerce private companies to deny service to WikiLeaks. That is not the case. Now, some politicians and pundits publicly called for companies to disassociate from WikiLeaks, while others criticized them for doing so. Public officials are part of our country’s public debates, but there is a line between expressing views and coercing conduct. Business decisions that private companies may have taken to enforce their own values or policies regarding WikiLeaks were not at the direction of the Obama Administration.

A third challenge is protecting free expression while fostering tolerance and civility. I don’t need to tell this audience that the Internet is home to every kind of speech–false, offensive, incendiary, innovative, truthful, and beautiful.

The multitude of opinions and ideas that crowd the Internet is both a result of its openness and a reflection of our human diversity. Online, everyone has a voice. And the Universal Declaration of Human Rights protects the freedom of expression for all. But what we say has consequences. Hateful or defamatory words can inflame hostilities, deepen divisions, and provoke violence. On the Internet, this power is heightened. Intolerant speech is often amplified and impossible to retract. Of course, the Internet also provides a unique space for people to bridge their differences and build trust and understanding.

Some take the view that, to encourage tolerance, some hateful ideas must be silenced by governments. We believe that efforts to curb the content of speech rarely succeed and often become an excuse to violate freedom of expression. Instead, as it has historically been proven time and time again, the better answer to offensive speech is more speech. People can and should speak out against intolerance and hatred. By exposing ideas to debate, those with merit tend to be strengthened, while weak and false ideas tend to fade away; perhaps not instantly, but eventually.

Now, this approach does not immediately discredit every hateful idea or convince every bigot to reverse his thinking. But we have determined as a society that it is far more effective than any other alternative approach. Deleting writing, blocking content, arresting speakers–these actions suppress words, but they do not touch the underlying ideas. They simply drive people with those ideas to the fringes, where their convictions can deepen, unchallenged.

Last summer, Hannah Rosenthal, the U.S. Special Envoy to Monitor and Combat Anti-Semitism, made a trip to Dachau and Auschwitz with a delegation of American imams and Muslim leaders. Many of them had previously denied the Holocaust, and none of them had ever denounced Holocaust denial. But by visiting the concentration camps, they displayed a willingness to consider a different view. And the trip had a real impact. They prayed together, and they signed messages of peace, and many of those messages in the visitors books were written in Arabic. At the end of the trip, they read a statement that they wrote and signed together condemning without reservation Holocaust denial and all other forms of anti-Semitism.

The marketplace of ideas worked. Now, these leaders had not been arrested for their previous stance or ordered to remain silent. Their mosques were not shut down. The state did not compel them with force. Others appealed to them with facts. And their speech was dealt with through the speech of others.

The United States does restrict certain kinds of speech in accordance with the rule of law and our international obligations. We have rules about libel and slander, defamation, and speech that incites imminent violence. But we enforce these rules transparently, and citizens have the right to appeal how they are applied. And we don’t restrict speech even if the majority of people find it offensive. History, after all, is full of examples of ideas that were banned for reasons that we now see as wrong. People were punished for denying the divine right of kings, or suggesting that people should be treated equally regardless of race, gender, or religion. These restrictions might have reflected the dominant view at the time, and variations on these restrictions are still in force in places around the world.

But when it comes to online speech, the United States has chosen not to depart from our time-tested principles. We urge our people to speak with civility, to recognize the power and reach that their words can have online. We’ve seen in our own country tragic examples of how online bullying can have terrible consequences. Those of us in government should lead by example, in the tone we set and the ideas we champion. But leadership also means empowering people to make their own choices, rather than intervening and taking those choices away. We protect free speech with the force of law, and we appeal to the force of reason to win out over hate.

Now, these three large principles are not always easy to advance at once. They raise tensions, and they pose challenges. But we do not have to choose among them. Liberty and security, transparency and confidentiality, freedom of expression and tolerance–these all make up the foundation of a free, open, and secure society as well as a free, open, and secure internet where universal human rights are respected, and which provides a space for greater progress and prosperity over the long run.

Now, some countries are trying a different approach, abridging rights online and working to erect permanent walls between different activities–economic exchanges, political discussions, religious expressions, and social interactions. They want to keep what they like and suppress what they don’t. But this is no easy task. Search engines connect businesses to new customers, and they also attract users because they deliver and organize news and information. Social networking sites aren’t only places where friends share photos; they also share political views and build support for social causes or reach out to professional contacts to collaborate on new business opportunities.

Walls that divide the Internet, that block political content, or ban broad categories of expression, or allow certain forms of peaceful assembly but prohibit others, or intimidate people from expressing their ideas are far easier to erect than to maintain. Not just because people using human ingenuity find ways around them and through them but because there isn’t an economic Internet and a social Internet and a political Internet; there’s just the Internet. And maintaining barriers that attempt to change this reality entails a variety of costs–moral, political, and economic. Countries may be able to absorb these costs for a time, but we believe they are unsustainable in the long run. There are opportunity costs for trying to be open for business but closed for free expression–costs to a nation’s education system, its political stability, its social mobility, and its economic potential.

When countries curtail Internet freedom, they place limits on their economic future. Their young people don’t have full access to the conversations and debates happening in the world or exposure to the kind of free inquiry that spurs people to question old ways of doing and invent new ones. And barring criticism of officials makes governments more susceptible to corruption, which create economic distortions with long-term effects. Freedom of thought and the level playing field made possible by the rule of law are part of what fuels innovation economies.

So it;s not surprising that the European-American Business Council, a group of more than 70 companies, made a strong public support statement last week for Internet freedom. If you invest in countries with aggressive censorship and surveillance policies, your website could be shut down without warning, your servers hacked by the government, your designs stolen, or your staff threatened with arrest or expulsion for failing to comply with a politically motivated order. The risks to your bottom line and to your integrity will at some point outweigh the potential rewards, especially if there are market opportunities elsewhere.

Now, some have pointed to a few countries, particularly China, that appears to stand out as an exception, a place where Internet censorship is high and economic growth is strong. Clearly, many businesses are willing to endure restrictive internet policies to gain access to those markets, and in the short term, even perhaps in the medium term, those governments may succeed in maintaining a segmented internet. But those restrictions will have long-term costs that threaten one day to become a noose that restrains growth and development.

There are political costs as well. Consider Tunisia, where online economic activity was an important part of the country’s ties with Europe while online censorship was on par with China and Iran, the effort to divide the economic internet from the “everything else” Internet in Tunisia could not be sustained. People, especially young people, found ways to use connection technologies to organize and share grievances, which, as we know, helped fuel a movement that led to revolutionary change. In Syria, too, the government is trying to negotiate a non-negotiable contradiction. Just last week, it lifted a ban on Facebook and YouTube for the first time in three years, and yesterday they convicted a teenage girl of espionage and sentenced her to five years in prison for the political opinions she expressed on her blog.

This, too, is unsustainable. The demand for access to platforms of expression cannot be satisfied when using them lands you in prison. We believe that governments who have erected barriers to Internet freedom, whether they’re technical filters or censorship regimes or attacks on those who exercise their rights to expression and assembly online, will eventually find themselves boxed in. They will face a dictator’s dilemma and will have to choose between letting the walls fall or paying the price to keep them standing, which means both doubling down on a losing hand by resorting to greater oppression and enduring the escalating opportunity cost of missing out on the ideas that have been blocked and people who have been disappeared.

I urge countries everywhere instead to join us in the bet we have made, a bet that an open internet will lead to stronger, more prosperous countries. At its core, it’s an extension of the bet that the United States has been making for more than 200 years, that open societies give rise to the most lasting progress, that the rule of law is the firmest foundation for justice and peace, and that innovation thrives where ideas of all kinds are aired and explored. This is not a bet on computers or mobile phones. It’s a bet on people. We’re confident that together with those partners in government and people around the world who are making the same bet by hewing to universal rights that underpin open societies, we’ll preserve the internet as an open space for all. And that will pay long-term gains for our shared progress and prosperity. The United States will continue to promote an Internet where people’s rights are protected and that it is open to innovation, interoperable all over the world, secure enough to hold people’s trust, and reliable enough to support their work.

In the past year, we have welcomed the emergence of a global coalition of countries, businesses, civil society groups, and digital activists seeking to advance these goals. We have found strong partners in several governments worldwide, and we’ve been encouraged by the work of the Global Network Initiative, which brings together companies, academics, and NGOs to work together to solve the challenges we are facing, like how to handle government requests for censorship or how to decide whether to sell technologies that could be used to violate rights or how to handle privacy issues in the context of cloud computing. We need strong corporate partners that have made principled, meaningful commitments to internet freedom as we work together to advance this common cause.

We realize that in order to be meaningful, online freedoms must carry over into real-world activism. That’s why we are working through our Civil Society 2.0 initiative to connect NGOs and advocates with technology and training that will magnify their impact. We are also committed to continuing our conversation with people everywhere around the world. Last week, you may have heard, we launched Twitter feeds in Arabic and Farsi, adding to the ones we already have in French and Spanish. We’ll start similar ones in Chinese, Russian, and Hindi. This is enabling us to have real-time, two-way conversations with people wherever there is a connection that governments do not block.

Our commitment to internet freedom is a commitment to the rights of people, and we are matching that with our actions. Monitoring and responding to threats to internet freedom has become part of the daily work of our diplomats and development experts. They are working to advance internet freedom on the ground at our embassies and missions around the world. The United States continues to help people in oppressive internet environments get around filters, stay one step ahead of the censors, the hackers, and the thugs who beat them up or imprison them for what they say online.

While the rights we seek to protect and support are clear, the various ways that these rights are violated are increasingly complex. I know some have criticized us for not pouring funding into a single technology, but we believe there is no silver bullet in the struggle against internet repression. There’s no app for that. Start working, those of you out there. And accordingly, we are taking a comprehensive and innovative approach, one that matches our diplomacy with technology, secure distribution networks for tools, and direct support for those on the front lines.

In the last three years, we have awarded more than $20 million in competitive grants through an open process, including interagency evaluation by technical and policy experts to support a burgeoning group of technologists and activists working at the cutting edge of the fight against internet repression. This year, we will award more than $25 million in additional funding. We are taking a venture capital-style approach, supporting a portfolio of technologies, tools, and training, and adapting as more users shift to mobile devices. We have our ear to the ground, talking to digital activists about where they need help, and our diversified approach means we’re able to adapt the range of threats that they face. We support multiple tools, so if repressive governments figure out how to target one, others are available. And we invest in the cutting edge because we know that repressive governments are constantly innovating their methods of oppression and we intend to stay ahead of them.

Likewise, we are leading the push to strengthen cyber security and online innovation, building capacity in developing countries, championing open and interoperable standards and enhancing international cooperation to respond to cyber threats. Deputy Secretary of Defense Lynn gave a speech on this issue just yesterday. All these efforts build on a decade of work to sustain an Internet that is open, secure, and reliable. And in the coming year, the Administration will complete an international strategy for cyberspace, charting the course to continue this work into the future.

This is a foreign policy priority for us, one that will only increase in importance in the coming years. That’s why I’ve created the Office of the Coordinator for Cyber Issues, to enhance our work on cyber security and other issues and facilitate cooperation across the State Department and with other government agencies. I’ve named Christopher Painter, formerly senior director for cyber security at the National Security Council and a leader in the field for 20 years, to head this new office.

The dramatic increase in internet users during the past 10 years has been remarkable to witness. But that was just the opening act. In the next 20 years, nearly 5 billion people will join the network. It is those users who will decide the future.

So we are playing for the long game. Unlike much of what happens online, progress on this front will be measured in years, not seconds. The course we chart today will determine whether those who follow us will get the chance to experience the freedom, security, and prosperity of an open Internet.

As we look ahead, let us remember that Internet freedom isn’t about any one particular activity online. It’s about ensuring that the Internet remains a space where activities of all kinds can take place, from grand, ground-breaking, historic campaigns to the small, ordinary acts that people engage in every day.

We want to keep the Iternet open for the protestor using social media to organize a march in Egypt; the college student emailing her family photos of her semester abroad; the lawyer in Vietnam blogging to expose corruption; the teenager in the United States who is bullied and finds words of support online; for the small business owner in Kenya using mobile banking to manage her profits; the philosopher in China reading academic journals for her dissertation; the scientist in Brazil sharing data in real time with colleagues overseas; and the billions and billions of interactions with the Internet every single day as people communicate with loved ones, follow the news, do their jobs, and participate in the debates shaping their world.

Internet freedom is about defending the space in which all these things occur so that it remains not just for the students here today, but your successors and all who come after you. This is one of the grand challenges of our time. We are engaged in a vigorous effort against those who we have always stood against, who wish to stifle and repress, to come forward with their version of reality and to accept none other. We enlist your help on behalf of this struggle. It’s a struggle for human rights, it’s a struggle for human freedom, and it’s a struggle for human dignity.

Thank you all very much.

Often they’ll turn to public cloud providers like Amazon or Google or Microsoft. Those are the three names that usually get mentioned in the same breath whenever enterprise cloud services come up. But what about IT giant IBM? It turns out it’s a significant player in the cloud game, offering both public and private cloud services. Last week I sat down with Ric Telford, IBM’s VP of Cloud Services to talk about how Big Blue’s cloud business is going and what its priorities are in the year just started.

NewEnterprise: Ric, let’s start at the top. Tell me how IBM sees the cloud business right now?

Telford: Initially the cloud is all about doing more with less. Suddenly you could deliver the same IT services for less. Fast-forward to today, and it’s not all about saving money. People are realizing they can do things they never could before with the cloud. I was recently met with a small aircraft engineering company, and the guy running it described how he competes with much larger companies for defense contracts. It used to be that doing all the modeling and simulations he needed required buying hardware and software and running it all on premise. Now he can go out to the cloud, pay for what he uses and be done with it. He can now compete for contracts he wouldn’t have been able to go after before. And we’re seeing a lot of examples like that in industry after industry.

Someone said to me the other day that the cloud is going to have to have all the parts of the mainframe. Do you agree with that?

There’s a lot of parallels between the cloud and the mainframe. IBM’s view is that we have a single-reference architecture. It’s the same whether we’re delivering the service or if we build it for you. We did a deal recently with France Telecom where they are going to be a cloud services provider to their clients. They already have the network connections. But they’re not a cloud company. So they’re using IBM’s cloud architecture to give them all the pieces in one easy-to-consume bite. So we have that architecture and we use the same blueprint in all the various permutations of the cloud. For some people it’s confusing, but for us it’s all the same whether you want to have it inside your firewall or outside.

Which do your customers tend to prefer–a private cloud or a public cloud?

We do surveys every year and right now we’re seeing about a two-to-one preference for private versus public. About 60 to 70 percent of respondents say they’re working on a private cloud, and about 30 to 40 say they’re working on the public cloud. To us it’s all the same. We offer a core set of services from the IBM cloud–development, test, compute, storage, collaborations, desktop. But we can also build the same thing inside your firewall.

How big is your public cloud business?

I can’t give you a revenue figure because different business units take advantage of it to deliver different things. We just opened up a delivery center in Research Triangle Park. It’s probably one of the most advanced data centers in the world. And now we’re rolling out a model that we are cloning around the world. We just opened one in Germany and another in Canada. And then we’ll just keep adding them. We manage about eight million square feet of data centers around the world.

How does a company typically get started with the cloud?

Usually I suggest they start with their develop-and-test operations. It’s usually not mission-critical, and there’s usually a lot of hardware that’s not being used. Usually that’s the group that buys hardware long before it’s needed and it ends up sitting idle 90 percent of the time. At IBM we put our whole research division on the cloud because they were the worst hardware hoarders, putting servers under desks and whatnot. They knew that if they needed a new server it would take weeks to get it. Now they go out to the research and compute cloud, and the services they need are usually ready to use in minutes or at most an hour. It just makes a huge difference in people’s ability to get going.

So what you are your priorities for this year?

One of the big things we started seeing last year was an uptake of cloud delivery in industry-specific ways. We’re working not just on the generic things like email and collaboration, but on the specific applications that are used in various industries. Health care, banking and government are a few that have complicated regulatory needs that vary state by state and country by country, and we have the deep understanding required to work with them. We also built a private cloud to help the 29 countries involved in NATO share data on logistics and troop deployments. We also have an initiative with the consumer electronics industry. Utilities is another, and it gets tied in with our Smarter Planet initiatives.

Will IBM be making deals in the cloud this year?

IBM will make a few billion in acquisitions. Cloud is one of the four key growth areas we’re focused on. The others are Smarter Planet, analytics and the growth markets. We’ve said that in those four growth initiatives we’re going for $20 billion in additional revenue by 2014. Four initiatives, five years and $20 billion dollars. That’s certainly not all going to happen organically.

All the security attention paid in recent years to securing the Windows desktop and the applications running on it have paid off a little, Cisco found, making it harder for computer scammers to successfully carry off their intended crimes on that platform. The trouble is they’re now starting to focus more attention on mobile devices, including Apple’s iPhone and iPad, and devices running Google’s Android operating system, Cisco said.

Meanwhile, the overall global volume of spam, which often contains troublemaking links that are used to deliver attacks, decreased for the first time ever in 2010. Even so, spam still increased in some developed countries where broadband connections are multiplying. In the United Kingdom, spam volume nearly doubled, while the volume in France went up 115 percent. The U.S. saw a slight decline–11.1 trillion messages down from 11.3 trillion in 2009. Spam in Brazil, China and Turkey also declined. Some of the decline can be attributed to last year’s arrest by FBI agents in Milwaukee of a Russian accused of being the “king of spam,” and to the shutdown of a few botnets used by scammers to send spam.

One thing about Cisco’s report that’s likely to draw some attention is its finding that the raw number of vulnerabilities on Apple products appear to be growing. Apple users are usually pretty sensitive about this topic, and any comparison of the Mac to Windows on the security front tends to make them grind their teeth and pound out annoyed comments on tech blogs. I know because I’ve done the same teeth-grinding and have in the past criticized other reports for similar findings.

Here Cisco is addressing vulnerabilities that Apple has itself documented and patched in software updates. One thing that’s not clear to me–though it sure looks like it–is whether Cisco is combining vulnerabilities found on both iOS (iPhone and iPad) and OS X (the Mac). The data it’s using is from its IntelliShield service, which tracks vulnerabilities and security incidents, and shows that over five years Apple’s vulnerabilities rose, from less than 200 in 2006 to more than 350 in 2010. That rate was higher than Microsoft and Hewlett-Packard and Cisco itself, the report found, though it goes on to say that Apple has worked harder than most other vendors to protect its users. Security is one of the reasons Apple imposes such strict rules on what’s available in the App store, though people still jailbreak their phones.

Another trend Cisco found is something called “money muling.” Tom Gillis, VP and general manager of Cisco’s Security business unit, describes money muling as using unsuspecting people who are attracted by “work at home” spam messages and Web ads to participate in money laundering by moving small amounts of money into bank accounts, just a few thousand dollars at a time. He says the operations around this are becoming increasingly elaborate, and criminals will devote a lot of effort to developing it this year.

I talked with Gillis about the report and other security trends that Cisco found. Here are a few highlights from our conversation:

NewEnterprise: So you’re seeing fewer attacks on Windows and more on mobile devices. Is that simply because there are more of them?

Tom Gillis: It’s the simple fact that there’s this new class of mobile device coming into the enterprise that used to be a phone and now it’s a computer, and it can access enterprise information. So what we’re seeing is that the raw number, but not the severity, is down on Windows. Part of this is that Windows 7 was a very good release on Microsoft’s part from a security standpoint. And we’ve got these new devices coming into the enterprise, and so we’re seeing a shift in focus of attacks on these mobile devices. They’re vulnerable to attack and they’re relevant in the enterprise. Two years ago this would have been too small a population to be meaningful.

What kind of attacks are you seeing?

It varies. In some cases there’s a little “phone home” code in a free gaming app. Pretty gentle stuff so far. But as people start using smartphones to access sensitive information we need to start thinking about security considerations on these devices. There’s a larger theme here that the whole nature of attacks is changing dramatically. The fact that spam volumes dropped at all is a big tell. For 10 years this has only gone up. We’re not forecasting a steady decline in spam, but the fact that it slowed down at all is an indicator of the shift in the way that attackers are using email. The attacks are more targeted and personal, for one thing.

Can’t some of this decrease be attributed to some of the arrests that happened last year?

It can. There’s been a handful of arrests. And they went after not only the botnet operators but other parts of the spam value chain. There are firms and entities that build botnets of compromised machines that relay the spam, and then there are other firms and entities that rent time on those botnets that do the merchandising. The biggest category is selling fake pharmaceuticals. Some of these fake pharma operations were shut down and the people associated with them arrested. It’s not an easy thing to do, because they’re global, they move around, and so to make an arrest in this space is a huge accomplishment.

So what is the thinking now about securing the mobile device?

We think there are two ways to make mobile devices work in the enterprise. The flood of devices into the enterprise is huge, and everyone wants to use them to check their email and access corporate directories and other fundamental things. There needs to be some kind of software on the end point–the phone or device. It will have to be light. You can’t have some kind of antivirus suite running on the phone. It would be a little piece of software that’s on all the time that knows when you’re behind the corporate firewall and when you’re not, and manages your connection accordingly. We bought a company called ScanSafe that has 40 data centers around the world. When you’re outside the firewall it connects to you the nearest data center and enforces your corporate policies, but all you as the user know is that it just works. This notion of being on or off the corporate network goes away. And we can do all kinds of scanning for security, independent of the device that’s being used.

This year we also saw the Stuxnet attacks, which we now know for certain were carried out against the Iranian nuclear program. Clearly this is a new kind of attack that can be mounted against industrial control systems via computer networks. Is Cisco researching this?

Massively. Often these types of attacks are targeted against Cisco’s biggest enterprise customers. Who buys Cisco’s infrastructure? The biggest banks in the world, the defense contractors. If the goal of an attacker is to disrupt an economy, their targets will be our customers, and they’re demanding a response from us. I like to call it global threat correlation, but it comes down to taking huge samples of network traffic and picking out good traffic from the bad. Cisco has a good advantage here because our equipment is so widely deployed around the world. As we start measuring traffic we can develop reputation data on every publicly routable IP address on the Internet. As we start putting telemetry info into that equipment–and the customer can choose to enable it or not, and it’s turned off by default. But people turn it on because it helps them against the unknown kind of attacks that are popping up. If a Web server says its a Web server, but you just saw it sending spam three minutes ago, there’s a pretty good chance it’s part of a botnet. Once you know that you know that, you can start to mount a pretty good defense. We’re putting a lot of energy into developing that, and it’s proven to be pretty robust.

I can’t remember a year during which computer security stories jumped so readily from the tech and business pages to the front page.

The year 2010 was bookended by two such cases. It opened with Google’s disclosure that it had come under attack in China, an apparent attempt to penetrate the Gmail accounts of certain activists and journalists.

It ended with the WikiLeaks affair, which stemmed from the alleged theft by an Army private of classified documents stored on a government network.

And let’s not forget in mid-year came the story, as fascinating as it was sobering, of Stuxnet, a computer worm developed by parties unknown–although the smart money is on Israel–that penetrated and ultimately damaged equipment used in the Iranian nuclear program.

Computer hacking–which has for too long evoked images in the public mind-set of teenagers in basements taking digital joyrides–has finally revealed itself to everyone for what it has long been for those in the know: The domain of espionage, sabotage and possibly warfare.

In Google’s case, the attacks upon its systems raised questions about where it draws the line with authorities in Beijing about such matters as freedom of speech. When the attack was first disclosed, Google publicly mulled shutting down its operations in China.

Then in protest, it stopped censoring its search results, giving mainland Chinese access to the same search results available to residents of Hong Kong. Beijing responded by blocking access to Google’s site.

Finally, Google and China came to a new agreement, and Google appeared the loser in the battle of wills.

Computer security is one of those things that companies and governments say they take seriously, but never really seem to get a grip on, judging by the results.

In any case, there is no firewall or software in existence that could have prevented Bradley Manning from stealing the documents that he is alleged to have given to WikiLeaks. As a low-level Army intelligence analyst, he was a trusted insider who had access to this material in the course of his day-to-day job.

So, it was not technology that failed. The failure was one of internal policies that allowed him access to data not relevant to his position.

Any employee of a midsize company can see how wrong that is. Human-resources documents are limited only to those who work in that department. The same is true of people who work in the legal office, business development department and so on.

But it apparently didn’t occur to anyone in government to limit the access to what became the WikiLeaks cache to people who worked only for or closely with the State Department.

If it turns out that thousands of companies are better at protecting their business secrets than the U.S. government is, then it’s not for nothing that the Central Intelligence Agency task force investigating the WikiLeaks affair bears the initials “WTF.”

Something similar was true of Stuxnet. One of the reasons the attackers, whoever they are, succeeded was that they used several so-called “zero day” vulnerabilities in Windows.

These are undocumented weaknesses that hackers save up for special occasions as a way to open a back door into a computer and then insert a troublemaking payload, like a worm. Zero day exploits are a fact of life, and once spotted in the world, they’re usually patched.

The Stuxnet attackers used as many as four zero day exploits as a way to get their worm into targeted computers. Microsoft, to its credit, made short work of fixing them once they came to light.

Even so, the Stuxnet worm burrowed its way from Windows machines into industrial control computers known as SCADA systems, which are widely used to run factories, power plants, pipelines and all sorts of other infrastructure essential to modern life.

The worm was designed to find a specific target: The systems controlling a set of as many as 1,000 centrifuges at the uranium enrichment facility in Natanz, and make them spin faster than they were supposed to.

The ability to attack industrial computers and cause them to do things they’re not supposed to do has been a lingering fear among security experts for years. Researchers at the U.S. Department of Energy in 2007 looked at the potential for attacks on SCADA systems and proved that it was possible to seize control of an electrical generator and then make it destroy itself.

They also found that many of these systems are connected to the Internet for what seem like good reasons: Convenience and cost savings. But these connections have also opened them up to the same kind of attacks that rattled the Iranian facility in Natanz.

Another Stuxnet-like worm, the thinking goes, could be used to bring down a power grid, or poison drinking water, or shut down an oil or gas pipeline. The good news is that such an attack is expensive–Stuxnet, by one estimate, cost $10 million to create–and requires a lot of specialized insider knowledge.

The bad news is that the Stuxnet source code is circulating in the wild for anyone to study. And as the WikiLeaks case shows, there are often insiders willing to take part in criminal schemes.

The other bad news? Securing these systems won’t come cheap.

If history is any judge, there will likely be a barrage of computer security companies that try to spin these incidents into opportunities to make a sales pitch. That’s what security companies do, after all.

But they usually miss the point. How can you plan for a vulnerability you’ve never seen? How can you stop an otherwise trusted insider from abusing their access to sensitive information? Both are fundamentally difficult problems for which there are no easy answers.

Spending money on last year’s security vulnerabilities is like preparing to fight the last war: Circumstances inevitably change, and they certainly will in 2011. New kinds of attacks will arise, and they will catch their targets by surprise.

And the public, like the CIA, will reasonably ask, “WTF?”

The unvarnished fact is that the networked society to which we’ve become accustomed in the last several years has a soft, vulnerable underbelly.

And the more we rely upon it, the more people with a combination of advanced technical skills and repugnant motivations are going to look for ways to turn it against us.

Some will do so as a means of making a personal profit. Others may see it as a way of advancing a political or ideological agenda.

But others will want to use theirs skills to do serious harm to innocent people on a large scale.

And the events of 2010 point the way to a world where that’s a more realistic scenario than it ever was before.

Over time, CIOs everywhere got over their skepticism of the cloud, and Salesforce.com went on to become a billion-dollar company that is widely used in numerous industries.

But he knew there was more to it. Lots of other small companies where adapting the Salesforce software-as-a-service model to other job functions besides tracking sales relationships. There’s SuccessFactors, which tracks employee performance, and Workday, which manages basic company operations like payroll and benefits.

For companies large and small that are embracing the cloud, that’s a lot to manage. McKinnon’s plan with Okta, a start-up company that’s received investments from Andreessen Horowitz, Floodgate and SV Angel, is to make it easy for companies to take advantage of cloud applications and services by giving them a single place from which to manage it all.

I caught up with McKinnon last week in Menlo Park, Calif., at the Sand Hill Road offices of Andreessen Horowtiz, which in July invested $10 million in Okta, its first cloud investment. The company is planning a big launch in January.

NewEnterprise: So your last job was at Salesforce.com, but it led directly to you starting Okta. Tell me about that.

Todd McKinnon: I went to Salesforce at the time their engineering team was really small. Their engineering team was only about 10 or 15 people. They brought me in to be the first non-founder VP of engineering. They wanted me to scale the company and scale the group.

NE: So you got into Salesforce early, and things look pretty good over there now. Why did you leave?

TM: We had a booth at Dreamforce, and I saw a lot of my old friends there, and they asked me the same thing. I was at the tip of the spear in terms of seeing this transition in the industry. When I first started at Salesforce, companies were first starting to adopt the cloud and the software-as-service approach, but they were really skeptical. They had to scrutinize everything about it before they would buy it. One time I spent an entire weekend–I remember because it was my birthday–reviewing the code line by line with a big bank, for security. Over the years, that attitude changed. Rather than view it as something risky, they viewed it as beneficial, and they got more comfortable with the risk.

That to me was an important moment. When the industry shifts, that creates an opportunity, the kind of opportunity that small companies can take advantage of. I couldn’t sit there knowing there was so much opportunity and so much disruption going on and watch someone else go out and do it.

NE: Clearly we’re seeing Salesforce broadening out from its original offering. We’ve seen it launch Database.com and acquire Heroku in recent days. It didn’t occur to you to try and build this within Salesforce?

TM: It did. But there’s challenges there in terms of what the company is going to focus on and how long to focus on the primary mission before it branches out. I wanted to build a company. I wanted to have an impact, but I also wanted to build a company.

NE: So explain how you got from there to starting Okta.

TM: I had been thinking about building a monitoring system for big companies rolling out their mission-critical cloud services, like call centers. The idea was to monitor performance and gather compliance data in a way that was similar to what companies were already doing with the systems they had in-house.

I called a bunch of people who said that monitoring was a good idea. But one thing I heard was that it would only make sense to large companies. The other thing was that there were a lot of companies, some big, some small, that were deploying cloud applications. I started to see companies who were running most of their IT infrastructure outside the firewall. Once you think about a world where the center of gravity is outside the firewall you have to solve a lot of problems in the cloud that have already been solved inside the firewall.

I kept running into a simple example: If you have a Windows network, you have file servers and print servers and email. Microsoft has made that work well. But if you’re trying to build your corporate IT in the cloud, there’s a bunch of unsolved problems. You have some file utility, and email from Google or a hosted Microsoft Exchange, and maybe a print driver on your copy machine. What I learned is, before anyone needs monitoring, there were all these basic problems that needed solving.

NE: What kind of basic problems?

TM: There’s the the most basic problem of identity. How do you get users authenticated in a consistent way across all these cloud services? How do I make sure that when someone joins the company they get access to what they need to do their job? And more importantly when someone leaves the company, how do I make sure that they don’t have access to all the things they did when they were an employee?

When you run your corporate IT in the cloud, all your files and services are out there on the Internet and so you have to make sure you de-provision that user’s access. There’s a great bonus with the cloud that files are accessible from everywhere, on your PC or your phone. The downside is that they’re available everywhere and so you have to manage that. If you’re truly going to reap all the benefits of the cloud, like lower costs, in the next five to 10 years, companies are going to have to rethink how they build their networks.

NE: And that’s where Okta comes in?

TM: Right. We set out to build a domain controller for this new type of network–we call it a Cloud Area Network.

NE: At most companies there’s a mixture of infrastructure that’s in the building or in a managed data center, mixed with some cloud services. What you’re saying is that if I want to manage my infrastructure on things like Amazon Cloud Services or Microsoft Azure or Google Apps, some combination like that, then you’ve got to have a way to control who can access what.

TM: Exactly. Okta sits in the middle of your services, and knows what you use. Right now it’s focused on applications: Workday, Taleo, Success Factors, GoToMeeting, Salesforce. We have hundreds of prepackaged combinations. You tell it which ones you have, and you get three very concrete benefits right out of the box. The first is that your users get a single dashboard to access them all, with a single sign-on. Administration staff gets a single point to create accounts across all of your services. And then, most importantly, when someone leaves you can automatically de-provision them, so you can cut them off from the services all at once.

NE: So what are your launch plans?

TM: We’ve been selling in the marketplace for a while now, and the main thing we’re going to talk about is customers.

NE: That was my next question. What kind of companies are you going to be talking about?

TM: These are known companies. They’re not huge. Our biggest installation is about 1,500 seats. But when companies deploy it they want to give it to every employee because it manages so many applications. One customer has 21 applications in there, and one had 15. It crosses all the job functions, and touches all employees.

NE: So if you counted up all the active seats in use right now, how many would it be?

TM: We’re going to be announcing that in January too! (Laughs.)

NE: So what’s the business model?

TM: It’s a subscription model just like all the other software-as-service companies out there. It’s based on per user, per month. The default is that they choose to license for the whole company so we get a lot of broad deployments.

NE: So where do you want to be a year from now?

TM: The big thing a year from now, we need to start to position ourselves toward our bigger vision of becoming a platform. The initial product is easy to understand. Over time we need to turn it into something bigger. We want to get beyond the applications and turn it into a platform-as-service. We’re starting with applications, because that’s where the adoption is right now. Ultimately we want to be the controlling layer for a lot more: Programming tools like Heroku and Force.com and Google App Engine, and then there’s the infrastructure-as-service layer like Amazon. Our ambition is to be a domain controller for all of it.

Intel announced its largest acquisition to date this morning, and it has little to do with the chipset market it has dominated for decades.

The chipmaker said it has agreed to buy antivirus software company McAfee (MFE) in a $7.7 billion acquisition that will expand its security offerings. Under the terms of the deal, Intel will pay $48 a share in cash, a hefty 60 percent premium over McAfee’s Wednesday closing stock price of $29.93. Both companies’ boards have approved the deal, though it still requires approval from McAfee shareholders and regulators.

What does Intel (INTC) want with McAfee, a vendor of oft-maligned antivirus software? To embed some of the company’s security tools directly into Intel chips for “hardware enhanced security.” And secure another, steadier revenue stream, perhaps.

Anyway, the acquisition is Intel’s largest ever, easily surpassing its 1999 takeover of Level One for $2.2 billion. Once it closes, McAfee will be a wholly owned subsidiary of Intel, reporting to its software and services group.

“With the rapid expansion of growth across a vast array of Internet-connected devices, more and more of the elements of our lives have moved online,” said Intel President and Chief Executive Paul Otellini. “In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences.”

And just like that Intel is a player in the security software and services market.

SANTA CLARA, Calif.–Intel Corporation has entered into a definitive agreement to acquire McAfee, Inc., through the purchase of all of the company’s common stock at $48 per share in cash, for approximately $7.68 billion. Both boards of directors have unanimously approved the deal, which is expected to close after McAfee shareholder approval, regulatory clearances and other customary conditions specified in the agreement.

“We believe this acquisition will result in our ability to deliver a safer, more secure and trusted Internet-enabled device experience.”
The acquisition reflects that security is now a fundamental component of online computing. Today’s security approach does not fully address the billions of new Internet-ready devices connecting, including mobile and wireless devices, TVs, cars, medical devices and ATM machines as well as the accompanying surge in cyber threats. Providing protection to a diverse online world requires a fundamentally new approach involving software, hardware and services.

Inside Intel, the company has elevated the priority of security to be on par with its strategic focus areas in energy-efficient performance and Internet connectivity.

McAfee, which has enjoyed double-digit, year-over-year growth and nearly 80 percent gross margins last year, will become a wholly-owned subsidiary of Intel, reporting into Intel’s Software and Services Group. The group is managed by Renée James, Intel senior vice president, and general manager of the group.

“With the rapid expansion of growth across a vast array of Internet-connected devices, more and more of the elements of our lives have moved online,” said Paul Otellini, Intel president and CEO. “In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences.

“The addition of McAfee products and technologies into the Intel computing portfolio brings us incredibly talented people with a track record of delivering security innovations, products and services that the industry and consumers trust to make connecting to the Internet safer and more secure,” Otellini added.

“Hardware-enhanced security will lead to breakthroughs in effectively countering the increasingly sophisticated threats of today and tomorrow,” said James. “This acquisition is consistent with our software and services strategy to deliver an outstanding computing experience in fast-growing business areas, especially around the move to wireless mobility.”

“McAfee is the next step in this strategy, and the right security partner for us,” she added. “Our current work together has impressive prospects, and we look forward to introducing a product from our strategic partnership next year.”

“The cyber threat landscape has changed dramatically over the past few years, with millions of new threats appearing every month,” said Dave DeWalt, president and CEO of McAfee. “We believe this acquisition will result in our ability to deliver a safer, more secure and trusted Internet-enabled device experience.”

McAfee, based in Santa Clara and founded in 1987, is the world’s largest dedicated security technology company with approximately $2 billion in revenue in 2009. With approximately 6,100 employees, McAfee’s products and technologies deliver secure solutions and services to consumers, enterprises and governments around the world and include a strong sales force that works with a variety of customers.

The company has a suite of software-related security solutions, including end-point and networking products and services that are focused on helping to ensure Internet-connected devices and networks are protected from malicious content, phony requests and unsecured transactions and communications. Among others, products include McAfee Total Protection™, McAfee Antivirus, McAfee Internet Security, McAfee Firewall, McAfee IPS as well as an expanding line of products targeting mobile devices such as smartphones.

Intel has made a series of recent and successful software acquisitions to pursue a deliberate strategy focused on leading companies in their industry delivering software that takes advantage of silicon. These include gaming, visual computing, embedded device and machine software and now security.

Home to two of the most innovative labs and research in the high-tech industry, Intel and McAfee will also jointly explore future product concepts to further strengthen security in the cloud network and myriad of computers and devices people use in their everyday lives.

On a GAAP basis, Intel expects the combination to be slightly dilutive to earnings in the first year of operations and approximately flat in the second year. On a non-GAAP basis, excluding a one-time write down of deferred revenue when the transaction closes and amortization of acquired intangibles, Intel expects the combination to be slightly accretive in the first year and improve beyond that.

Intel was advised by Goldman Sachs & Co. and Morrison & Foerster LLP. McAfee was advised by Morgan Stanley & Co. Inc. and Wilson Sonsini Goodrich & Rosati, P.C.