Top 10 highs and lows of 2009

To say that 2009 was a wild year would be an understatement. It was a year in which the industry fought through an unprecedented crisis and struggled to see some rays of light at the end of the tunnel.

It was, however, a better year for some companies than others. While virtually every area of the industry felt the impact from the economic crisis, a few sectors were able to thrive amid the chaos.

This week we look back on the year and count down both the best and worst things about 2009.

HIGHS

5. Software-as-a-service
Iain Thomson: Few industries have weathered the recession quite as well as software-as-a-service (SaaS).

There are a number of reasons for this. First, SaaS is primarily being sold as a cost saver, something that always goes down well in a recession. Second, the marginal cost of new clients is relatively low.

But when you come down to it, SaaS has been rather lucky. Just as the industry was coming to maturity, a recession kicked in and it found it had a selling point that few can resist.

One of the biggest losers in the SaaS space is Microsoft. Google and others are steadily eating into Redmond's lucrative applications market and the software giant has been slow to react. Nevertheless, we are now seeing concrete evidence that Microsoft is taking the threat from SaaS seriously.

However, one potential stumbling block for the SaaS industry remains, and that is security. Leaving key corporate data in the hands of third parties is a security minefield and I suspect that in the next year we will see some security breaches that make people doubt the wisdom of moving to a service platform.

Shaun Nichols: Despite what Salesforce chief executive Marc Benioff will tell you, SaaS was very much a concept that happened to hit in the right place at the right time.

Virtualisation and datacentre consolidation had come to maturity, then the recession hit and nobody wanted to have a major purchase on the balance sheet. This created a near perfect storm for SaaS, which required no hardware investment and a monthly subscription cost that looked very good on the budget.

Granted, because it had the 'hot new technology' spotlight largely to itself we have all become a bit sick of the cloud computing label, but the concept is still strong and it makes a lot of sense.

I can understand the security concerns associated with SaaS, but I don't entirely agree with them. As Bruce Schneier noted, no new attack vector is opened up by cloud computing, and many companies already outsource some degree of infrastructure to a third party.

Aside from that, the virtualisation platforms used by many cloud systems have 'sandbox' protections that can isolate systems and, in some cases, make them as - or more - secure than an on-premise systems.

4. Spam host shutdowns
Shaun Nichols: It started in late 2008 with the shutdowns of estDomains and McColo, but in 2009 law enforcement and web authorities continued the push to take down shady hosting firms.

In June hosting firm 3FN was shut down amid charges of hosting spam and botnet control centres, and two months later authorities were able to take down notorious hosting service RealHost.

However, the efforts were not entirely fruitful. Just months after McColo's shutdown devastated the market, spammers had recovered and pushed junk mail levels back up to record numbers. Security experts are also worried that the shutdowns have led cyber criminals to wise up and make efforts to distribute their command centres and attack systems rather than rely on a single host or system.

Still, it's great to see an effort to finally put some pressure on not only the malware writers and botnet operators, but the hosting companies that harbour and protect cryber crime.

Iain Thomson: Botnets are like dragon's teeth: kill one and another springs up in its place.

While it has taken a while for the internet industry to get around to shutting down ISPs that run malware systems on their servers, the result has been less than effective. Spamming is such a profitable concern that malware operators have got wise quickly and now have backup servers ready to continue deluging our inboxes with junk.

We are seeing a rapidly evolving criminal underworld reacting to the pressure of the legitimate computing industry trying to win back the high ground. I fear it will lose in the short term. It will take nothing less than a rewriting of the internet protocols to beat this problem.