Salesforce.com CEO Marc Benioff will be giving a big speech in New York today that will essentially set the table for the company’s agenda in 2013.

As Benioff keynotes go, this one has been described to me as “understated.” Rather than occupy a huge venue like the Jacob K. Javits Convention Center, Salesforce is holding this event at the Waldorf Astoria Hotel. Rather than a three-hour revival meeting, it will be a simpler one-hour address. It’s as though a big-name rock singer known for big stadium concert blowouts has shifted to the coffeehouse circuit.

Expect to hear the words “service” and “mobile” a lot. Salesforce made an announcement overnight about what it calls its Service Cloud. It has been adapted to run natively on mobile devices like the iPhone and iPad. The idea is that customer service reps or any other customer-facing employee can use a mobile device to help customers get the help they need or buy the stuff they want, regardless of how and when they present themselves.

One feature due later this year is called co-browsing. It allows customer-facing reps to engage in what Salesforce describes as a “shared Web experience,” basically browsing together. That pair of shoes you want but can’t seem to find, or that pair of slacks in your size? Sales or service reps can help you find it, and can see what you see on whatever screen you happen to be using.

A big theme of Salesforce’s assumptions and positioning will be around customer expectations. All of us are so used to having access to everything within seconds; when we’re customers we get impatient when we have to wait for someone else to track down whatever it is we need.

A couple of other new additions to the Service Cloud are aimed at addressing that. Mobile Service Cloud Communities give companies a way to build a single place where customers can get answers, either by way of self-help, other people or via company experts.

Another is an instant chat capability. The example I was given here is a clothing store. Say you’re waiting for an alteration. You check with the store, and the sales rep who takes your call is able to contact the tailor working on it directly, who tells you it will be ready in a few hours and you can pick it up on your way home from work.

What you won’t hear Benioff talking about is how the social enterprise is going to change the world. That message is so 2012, and has more or less played itself out.

But you can’t argue with the performance of Salesforce shares. They’re up by more than 34 percent since hitting a recent low in August. They closed Monday at $163.51. And the company looks on track to deliver its planned four-for-one share split. That, at least, is a message most shareholders can get behind.

Read more great articles at AllThingsD.

You know this whole idea about smartphones and tablets at the office might be going places when you see IBM showing interest in it.

Big Blue took a serious plunge into the mobile business today by teaming up with AT&T, launching new services for its clients and making it easier for its customers to develop software for mobile platforms. The initiative has been dubbed MobileFirst, and brings what IBM does best, including analytics, application development and cloud services, into a batch of services that make it easier for customers manage and secure the devices that employees use on the job, and to more easily develop applications they use to reach out to their own customers.

It’s a strong signal about IBM’s priorities going forward that, among other things, could indicate a preference for making acquisitions of companies in the mobile space in the future: It has already bought 10 mobile companies in the last four years. Prior strategic bets like this include Web commerce and data analytics. It’s also something IBM has been quietly doing for some time: It said it has already helped 1,000 companies get their mobile act together.

As for AT&T, the two are now partners on the mobile software development front. AT&T uses IBM’s Worklight mobile application development platform — Worklight was one of those 10 mobile acquisitions — to access AT&T APIs in the cloud, speeding up development of apps. Expect IBM to say more about this at the Mobile World Congress in Barcelona next week.

Read more great articles at AllThingsD

“Love your Enemies, for they tell you your Faults.” Benjamin Franklin wrote that.

“The supreme art of war is to subdue the enemy without fighting.” The Chinese philosopher Sun Tzu wrote that.

Both come to mind as the world is waking up a newly disclosed body of evidence from the Internet security firm Mandiant, publicly illustrating, in the starkest terms yet, how wide, deep and pervasive computer hacking attacks from China have become. As reported on the front page of today’s New York Times, numerous attacks on American, Canadian and British companies, dating as far back as 2006, have been carried out by a single unit of the China’s People’s Liberation Army. Mandiant, a firm based in Alexandria, Va., has identified it as Unit 61398, operating out of a single building just walking distance from the point in outer Shanghai where the Huangpu and Yangtze Rivers meet.

The company maintains that the unit has compromised the networks of at least 141 companies or organizations, and probably more than that, spending an average of 356 days perusing their networks. In one case, the attackers had unfettered access to a target’s computers and networks for a grand total of four years and 10 months.

Who do they attack? None of the companies are named. But, if you think back, you can remember some names that have disclosed attacks blamed on China, that might fit the bill: Google and Intel have over the years complained in public of attacks carried out by China. The Times says the army unit was the one responsible for the attacks carried out in 2011 against RSA, the security unit of the technology company EMC, which were described at the time as “extremely sophisticated.”

More recently, a series of attacks against media organizations have been attributed to China: The New York Times, The Wall Street Journal (which, like this website, is owned by News Corp.), Bloomberg News, the Washington Post and the Associated Press are among them.

Other targeted industries include information technology, defense and aerospace, energy, transportation, satellites and communications, navigation, chemicals, health care and mining, to name a few.

What do the attackers take? Here’s a list taken directly from Mandiant’s report:

• product development and use, including information on test results, system designs, product manuals, parts lists, and simulation technologies;
• manufacturing procedures, such as descriptions of proprietary processes, standards, and waste management processes;
• business plans, such as information on contract negotiation positions and product pricing, legal events, mergers, joint ventures, and acquisitions;
• policy positions and analysis, such as white papers, and agendas and minutes from meetings involving high-ranking personnel;
• emails of high-ranking employees; and user credentials and network architecture information.

Most of the time, the victim company doesn’t even know that its information has been stolen until it is far too late to do anything about it.

Who gets the information in the end? It’s unclear, exactly, and so Mandiant engages in educated conjecture and looks at the available evidence. In one case in 2008, a targeted company suffered an intrusion lasting two and a half years, during which emails and attachments of the CEO and general counsel were stolen. During the same time period, news reports showed that a Chinese company had managed to negotiate a significant increase in the price of a certain commodity component with an unnamed victim company. It may be a coincidence, Mandiant concedes, but then again, it may not.

How do they attack? Usually by sending innocent-looking attachments in email messages. An employee at the target company opens it, triggering software embedded within it that gives attackers remote access to that employee’s machine, which then serves as a beachhead for more attacks. You can see a short video showing some of the attacks actually taking place in the video below.

Certainly, suspicions about China and its intentions, capabilities and actions in this area have pervaded for months. Knowledge about all this has probably circulated within the classified community for years, and no doubt plays a part in the concern among lawmakers and U.S. federal government agencies about the growth of the Chinese networking company Huawei.

Mandiant points to another: Unit 61398, it says, carried out a series of attacks against a unit of a Canadian company called Schneider Electric. The incident was first reported by security blogger Brian Krebs, and was carried out when the unit was an independent company called Telvent. What does the company make? Remote access tools, basically software that lets you control one computer from another computer far away.

The part that should scare you is what kinds of computers this software is intended to control: They’re known generally as SCADA systems, or supervisory control and data acquisition systems. They’re the stripped-down machines that sit between large industrial machinery like generators or pumps, or any other kind of big, automated equipment, and regular computers.

In a series of letters to customers in September of last year, Telvent disclosed that attackers traced to China had installed malicious software on its network, and had stolen files related to a key product called OASyS SCADA, which is designed to connect older IT assets to certain “smart grid” systems running on electrical power networks.

Attacks on SCADA systems can be very effective, in part because the machines involved are older and have tended to be less well-secured. How effective? Remember Stuxnet? The malware attack carried out by American and Israeli intelligence agencies against the Iranian nuclear research program? In that attack, nuclear centrifuges were caused to spin out of control, and ultimately explode. That was an attack against SCADA systems. We already know how easily attacks like it might be carried out here.

Stealing intellectual property and trying to gain an edge in business negotiations is one thing. Penetrating the systems that run critical infrastructure is rather more serious, bordering on sabotage. Now that the government officially considers cyberspace a theater of warfare, similar to land, sea, and sky, this is starting to look serious.

Read more great articles at AllThingsD

Crashlytics, the mobile crash-reporting and analysis platform that was acquired by Twitter last month, said today that it will make its enterprise-level features available for free. In a company blog post, the company’s co-founder, Wayne Chang, said, “The features and usage we used to charge for based on limits are now unlimited across the board.”

Read more great articles on All Things D