Verisign scraps padlocks and Larry storms into Linux

To subscribe to The Register's weekly newsletter - seven days of IT in a single hit - click here

Free as in...bier

Larry Ellison used Oracle's Openworld show in San Francisco to kneecap leading enterprise Linux distro Red Hat. Oracle will resell Red Hat's Linux - with the latter's trademarks removed - and offer three tier support starting at $99 per year, a third or more below Red Hat's rates. Support contracts are Red Hat's main income source. Oracle's rival program is called the Unbreakable Linux Network.

But it could be a headache for the database giant. Oracle has vowed to add its own enhancements to "current, back and future" releases of Red Hat's distro - a daunting undertaking. But, the database giant does have deep pockets. So with an operating system in his pocket, Oracle now has a "full stack".

Ellison denied trying to kill the open source vendor - but the markets didn't agree. Red Hat shares crashed 26 per cent.

Oracle also unveiled a beta of the latest version of its eponymous database, and updated both its SOA suite the free developer product for its Application Server, and gave its portal a voguish, Web 2.0 makeover. That doesn't come cheap - the price of admission for Oracle WebCenter Suite is $50,000 per CPU.

"So can I expense these make-up fees?"

Cisco made a splash by unveiling a high-end video conferencing system. Its new TelePresense Meeting System delivers ultra high definition video "twice as good as HD", claims Cisco - so you can see every sweaty pore. HD TV, it has been suggested, will make several of today's Hollywood stars unmarketable, by revealing new levels of unsightly facial detail. Will it do the same for execs, or will they be obliged to hire make-up and wardrobe technicians?

Either way, at $299,000 per conference room, it doesn't come cheap.

Roaming in the gloaming

A major mobile operator is biting the hand that regulates it - or trying to. In 2004, O2 was accused of abusing its market position by overcharging for roaming calls. The company, now owned by Spain's Telefonica, says the decision wasn't fair and didn't give O2 enough time to prepare a defence. O2's counterclaim of maladministration was taken up by European Ombusdman Nikiforos Diamandouros.

BT snapped up security expert Bruce Scheier's company Counterpane for an undisclosed sum. Cisco went shopping too, paying $31m for 33 person Orative, which has a presence client for mobile phones. So you can maximise the inconvenience of your messages for when they're most busy.

And if you can't buy 'em, hire 'em. Dell has snatched one of Hewlett Packard's key blade server executives. Rick Becker, VP and GM of blade systems in HP's software group, a Compaq veteran.

All the gurus you want?

Snapping up a security guru is one thing. Snapping up local loop unbundling engineers, now that is tricky. BT has had to ask Ofcom for permission to shift engineers from other units to its Openreach arm. Some of you may have noticed that LLU has not been plain sailing. Seems the engineers at Openreach, responsible for hooking up other providers' kit in BT Exchanges have been flat out. The telco giant is also recruiting 400 apprentices. But moving across staff from other divisions was a no no under telco competition laws. Go figure.

It's nearly bonfire night...

Worried the CEO's collection of old laptops is a fire hazard? You should be. Luckily, a trial scheme for recycling batteries is being expanded. The Waste and Resources Action Programme (WRAP) is to widen its battery collection programme. Big chains, including branches of PC World and Currys, will set up drop off points, with the firebricks, sorry, old batteries being recycled via a firm in the Midlands.

First they came for the terrorists, then they came for the drinkers

The United States is pushing to lay the groundwork for a global border database, we revealed this week.

"It's about keeping out folks from countries, to have more of a global border per se," said the Department of Homeland Security's biometrics program manager. "Shouldn't like-minded countries be told when someone's been kept out of the US? That's a necessary next step [because] immigration has become a worldwide issue," said database program manager Troy Potter. Potter denied that the intention was to fingerprint "Joe Public".

That isn't an option for boozers in Yeovil, however. The Somerset town is piloting a scheme which requires drinkers to surrender their pawprints before they can get a pint. The Register revealed that other towns, including the city of Liverpool, are keen try the scheme, but the Home Office disputes that funding is being made available. After the introduction of the Yeovil scheme, pub violence fell, but domestic violence increased.

ID burglars use the back door

Personal data on more than 8,000 customers of banks, and users of ecommerce sites such as eBay and Amazon, was snared by using a key-logging Trojan, police revealed this week.

Meanwhile, a gang of ID thieves scammed US brokerages houses for $22m by creating dummy accounts. The goal of the sophisticated attack was to inflate the value of rarely-traded equities and then dump the stock.

The Bank of Scotland is changing its online banking website in response to widely-publicised security flaws exposed last month. German tech publication Heise reported that six banks were vulnerable to a frame spoofing exploit, which enables malicious hackers to divert the login page to a site of their own, without the customer realising.

The response from banks has been tardy and inadequate, says Heise.

"Of the six banks found to be vulnerable to frame spoofing only two have been able to implement proper protective measurements during the last month. Four are still vulnerable to phishing attacks."

And you don't need to go online to have your ID swiped. A Massachussetts professor has demonstrated how to read RFID-based credit cards through a purse or handbag - using cheap, off-the-shelf electronic equipment. The attack doesn't obtain the PIN, but it does divulge the holder's name and account details.

No one writes to the kernel

The war of attrition between Microsoft and the two biggest security client software security vendors continues. Symantec and McAfee claim that kernel security features in Windows Vista prevent them from doing their job. Microsoft promised to disclose more kernel details to the vendors, but McAfee rubbished the promise. Microsoft maintains that McAfee is making "inaccurate and inflammatory" statements. Smaller software vendors have stayed out of the scrap.

And the perils of modifying the kernel were illustrated by a security researcher this week. Microsoft has plugged a potential vector first brought to light by Coseinc researcher Joanna Rutkowska at DefCon in August. The fix disables raw disk writes by certain processes - which may cause problems with disk maintenance utilities and recovery tools, Rutkowska says.

After the padlock

Mark the date: the successor to the web browser security padlock, extended validation, will be unveiled by Verisign on 24 January. An odd date, since IE7 has already been formally released. It promises wide ranging repercussions for ecommerce providers, who will need to fork out a premium for the green flash.

Litigation Corner

Who's suing who this week? GPS maker TomTom has appealed to a Dutch court to prevent the sale of two StreetPilot GPS models from US rival Garmin in Europe. TomTom claims Garmin copied its design at CeBIT in 2004; Garmin had earlier sued TomTom for patent infringement.

Former Silicon Valley superstar SGI clambered out of bankruptcy last week, and immediately slapped a patent infringement lawsuit on ATI. SGI has already licensed the patent, which it was granted in 2003, and hinted more litigation was to come.

The move raised eyebrows. In its glory years, SGI was notoriously lax about protecting its IP, settling key disputes with Nvidia and Microsoft. ATI is in the process of being acquired by AMD.

That's all for this week. Thanks for reading. ®

Sponsored: 10 ways wire data helps conquer IT complexity