7th > August > 2000 Archive

Arrow, Avnet carve up Veba

The world's two biggest electronics and computer component distributors are ganging up to buy the number three. Schroder Ventures is joining in the fun too, teaming up with Arrow Electronics and Avnet to buy German distie Veba Electronics Group from holding company E.ON for $2.35 billion (E2.6 billion) in cash, including debt. VEG reported 1999 sales of $5.4 billion. Schroder Ventures Funds will buy Memec,a global computer products distie with annual sales of E1.7 billion. Arrow is taking Veba's US operations - Wyle Components, Wyle Systems and Atlas Services North America, all based in Irvine, California, for $840 million (including debt). Combined 1999 sales in North America were $2 billion Avnet is stumping up $740 million, including the assumption of debt, for its slice of the carve-up. It gets the Munich, Germany-headquartered EBV Group, comprised of EBV Elektronik and WBC, both pan-European semiconductor distributors, and Munich-based Atlas Services Europe, logistics provider for the EBV Group; and Nettetal, Germany-based RKE, a computer products and services distributor. The combined companies with 1900 employees, reported 1999 sales of $1.8 billion, according to Avnet. ®
Drew Cullen, 07 Aug 2000

The gutting of Cyrix…

UpdatedUpdated The former home of Cyrix at 2703 Northern Central Expressway in Richardson, Texas, has now been sold for a cool $30 million. Last week, we reported that the site was up for sale. SWB Communications paid the price in the last month, and the East Cyrix building is currently being gutted by The Beck Company to make way for the new. Cyrix was acquired by Taiwanese firm Via which still retains the brand name with its Cyrix III microprocessor. That chip, however, uses a core developed by IDT's Centaur engineers, which Via also bought. Meanwhile, sources close to the situation report that three of the handful of skeleton staff left at Cyrix in non-smoking capital Plano, quit last Friday, and have joined IO processor startup Seagull Semiconductor, based in Austin, Texas. The Cyrix Plano site now houses around ten people, while eight former NatSemi employees, who used to work in Arlington, have now gone back to Arlington. One former employee of Cyrix said: "It's truly over. Cyrix is a mere fly-speck in history. Born 1988, RIP 2000. I wonder where the RIP Intel tombstone is." We don't know, and although we'd like to get our mitts on it, we do have a pic of the said tombstone which we snapped when we visited Richardson some years back. Sources close to what's left of the Cyrix operation in the US are very unhappy with Via. One, who declined to be named for obvious reasons, said many of the few employees who still remained had the definite impression that Via is trying to forget its Cyrix staff exist. She claimed that employees were promised numerous incentives including stock options and pay rises last July which have not materialised. She added: "These are the reasons that employees are leaving, and if Via does not act quickly, you will soon be writing about the complete shut down of VIA-Cyrix." Via could not be contacted for comment on the situation at press time. Meanwhile, Plano, which is just up the road from Richardson, has a reputation of its own to live down, another mole tells us. "In 1995 the health fascists on the Plano City Council passed a local ordinance banning smoking in all public places, including bars and restaurants. This created an immediate loss of business for TGI. Fridays and other 'bar'n'grill' places along the Central Expressway, where everybody in the telecomms industry seemed to go to unwind on a Friday evening. "Instead, we all went that extra mile down into Richardson to spend our cash in places like Humperdinks and Wizards (hence my fond remembrance of passing the Cyrix plant on the way). Given that there is a high concentration of telecomms and IT development in the area (Nortel, Alcatel, Ericsson, DEC, HP, etc...), you can imagine the impact this had on the local economy. All those white collar bucks travelling south to Richardson. It's downright un-American. "Things got so bad that at one point some of these self-righteous Nazis were discussing amending the law to prohibit smoking in your car, your garden (yard) or in your own home if other people could see you. Apparently the mere sight of a cigarette in the process of being smoked was enough to enflame (ho ho) the passions of these people. "Officially, I believe the ordinance was challenged as "unconstitutional" by a collection of private individuals. But I was there in TGI. Fridays when it was judicially suspended and, by a bizarre coincidence, all the ashtrays were mysteriously to hand as the bar staff and waitrons started handing out matches and free cigarettes. "I may have been several Margaritas over the limit, but I could swear that even non-smokers were lighting up in this celebration of economic justice." ® Related Story Cyrix Richardson site up for sale Chen pep talk fails to stop Cyrix resignations Cyrix folk walk out after Via revelation Via scotches AMD takeover rumours
Mike Magee, 07 Aug 2000

AMD: the boyz'n'girlz done well

AnalysisAnalysis The share price of AMD closed on Wall Street at $62.75 on Friday, a pretty big drop from its $97 high just a couple of months ago, prompting the good old tabloid question, why, oh why? Because AMD, despite dire predictions from Wall Street analysts and a handful of hax only 14 months ago, has executed on its microprocessor strategy. In the process, it has confounded the Cassandras and the Dad's Army journalists chanting doom, dismay, death and destruction for W.J. Sanders III and his cohorts. We're pleased to see that Wall Street has at last dragged itself into the 20th Century, just before it ends, and at last decimalised its share price system but seriously wonder, here at La Registra, whether the analysts who make share prices of high tech stock have got an earthly about the szechuan at AMD and INTC. Long-toothed readers will recall that AMD's prime marchitectural directive in the bad old days seemed to consist of "mopping up" markets that INTC originally made, by introducing "clone" products obsoleted or about to be obsoleted by Chipzilla. That all changed this time last year when Athlons, which AMD had announced in June, started to appear in some volumes at a price, and at a speed, which must have rattled the senior suits at Intel. Doctrine of Inaccurate Conception Those senior suits ought to have seen the Athlon threat coming. It was signalled clearly enough for the previous nine months. But instead of so doing, the said senior suits, at the Intel Developer Forum, held at the Palm Springs Convention Centre at the end of August last year, instead invented the doctrine of Innacurate Conception. This led Craig Barrett, Intel's CEO, to proclaim its Coppermine 0.18 micron desktop cores were coming earlier than anyone had realistically expected. Sure enough, on 25 October last year, to the applause of Wall Street and to a fanfare of applause from the said Cassandras and the Dad's Army of obedient Hackdom, Intel announced a whole spate of Coppermine cores. What a difference a day makes. On the 26th of October last year, Intel quietly sent its PC customers and its distributors a little memorandum which spelt out the unfortunate fact that even though it had announced CuMines, there was going to be something of a long delay in delivering these parts in quantity. How to antagonise the Taiwanese Meanwhile, while AMD was continuing to ship its Athlon microprocessors in volume, and at a price that suited, Intel was quietly cheesing off a whole raft of Taiwanese motherboard vendors with a cunning tridentine strategy that meant it was delivering Caminogate i820 and other chipset platforms that didn't work, insisting that the future was Ramboid, and saying that the popular BX chipset was also in desperately short supply. Quite a few Taiwanese customers who previously were 100 per cent Chipzilla houses, decided to defect and use Via chipsets while ramping up their plans for AMD Athlon based systems. Between then and now, that process has accelerated, so much so that at last June's Computex conference, we heard the kind of dissension in the ranks that would previously have meant administration of a blindfold at dawn, soon after followed by the stacatto sound of 12 Intel rifles. How to Piss Off the Channel Let's face it, distributors and dealers easily get cheesed off with their suppliers, which makes them such a great source of news for IT journalists. In January this year, we had occasion to meet with one of the bigger European distributors of microprocessors - and one, moreover, which distributed both AMD and Intel chips. He told us a sad and sorry tale of how Intel had placed its boxed microprocessors on allocation not for weeks, but for months. Although INTC business had previously been good, indeed very good business, he alleged that shortages and tightness in supply had meant that the "good earner" had stopped being the cash cow and gravy train it was, and that, like it or not, AMD was promising and delivering good supply. His company therefore had no option to deliver AMD chips to those dealers who would accept them. At this stage, quite a few dealers were still Intel-only houses. But, over the next four months, we heard from members of Intel's dealer channel of undeliverable orders from Chipzilla and a subsequent move to the opposition in the shape of AMD. How to stiff your PC customers For some time after CuMine shortages had become evident, it looked like Intel's main distributor, the Dell Corporation, was humming and hawing as to whether to use AMD processors, or not. The answer, so far is not. That decision that has affected Dell's bottom line, and so caused the Wall Street wallies to conclude that the bottom was dropping out of the PC market. We heard from formerly Intel-loyal Toshiba that it was cheesed off because it had been delivered samples of CuMine portable chips a matter of days, rather than months, for validation. And this is what a formerly Intel-loyal UK original equipment manufacturer(OEM) has to say about its experience over the last year. "The success of the AMD Athlon product has surprised everyone. The complacency of Intel in previous years left them in a very dangerous position and AMD has taken full advantage of that." "AMD has provided a cheaper, faster product that the Intel Pentium III and, more importantly for us non-Tier 1 players it is available" "At last AMD has executed when it mattered most. For those accounts who have felt left stranded by Intel over the last year. AMD has answered our prayers by being able to supply processors at the required frequencies in the right timeframes." So what about next year? While AMD has made hay while the sun has shone, Intel has, at least from the outside, taken some steps to respond to the situation. Far from regarding AMD as an "imitator", Intel now sees it as a very real threat to its core microprocessor business. While it has a relatively short time left to turn round the situation, INTC still has enormous strengths and resources. It is a highly liquid company with unmatched fabrication plant facilities. AMD's capacity is somewhat constrained and while it still has, as far as we are aware, an agreement with IBM, so far it has chosen not to use this additional resource. It wants to build a new fab plant for its microprocessors but fabs take time to build. Suits at AMD tell us that they are unworried about capacity at present, and there's little doubt that it will continue to turn in successful results while momentum on its Athlons, Durons, and later on this year, its corporate mobile offerings grow. Er.. that means that its share price is going to go up again. In the meantime, INTC has not only to offer a better technological answer to AMD, it has also to re-build its relationships with the different sectors of the market it has antagonised over the last 18 months. At the end of last year, we wrote of Intel's Annus Horribilis. It still has a window of opportunity to prevent the year 2000 being its second bad technology year in a row. ®
Mike Magee, 07 Aug 2000

Share price gazunders online estate agent

Easier plc, an online estate agent, says it will not need to return to the stock market for further funds. In a statement prompted by the recent fall in the company's share price, it notes that advertising costs for its easier.co.uk Web site were "significantly lower" than it had originally anticipated, and that the number of registered users and properties on its books - 60,000 and 13,000 properties at an average price of £160,000 - were higher than it had envisaged at this stage of the game. The company says that as of 30 June 2000, the cut-off for its half-yearlies, it had a positive cash balance of £8.15 million. The company raised £11.3 million, after expenses, in February. Most of the cash spent since then has gone into launching the Web site, it says. All very interesting. But how is it going to grow more quickly without secondary finance, and what is it going to do with the cash that it's got left? Big is Better It doesn't take too much to work out that residential property sites will become the province of the big. Advertising and selling residential property online looks like a surefire bet - anything to avoid paying commission to estate agents, a breed that ranks even lower than journalists in the estimation of the public, should be welcomed. But right now, there is a wealth of property sites and a dearth of users and properties Easier.co.uk's Web site stats sound impressive enough, but 13,000 properties really isn't that much, when they're scattered across the UK. For instance, there are just three properties listed for the post code where I live (ME9) and seven for the adjoining district (ME10), an area with a population of more than 50,000 people. The local paper, by contrast advertises hundreds of properties from a dozen or so agencies, all with offices in the local high street. Maybe property Web sites aren't meant (not yet anyway) for local transactions - perhaps they come into their own when punters are looking further afield. But wouldn't it be easier to register with some estate agents in the areas one is interested in moving to than to check out a Web site containing details of just a few houses? The one that got away So what about the usefulness of property sites for people selling their houses? It just so happens that my parents-in-law registered their Chislehurst, Kent des res several months ago with Fish4, a rather better known property site than Easier. Not a sniff from this source. Perhaps they were just unfortunate. Property sites will not achieve their full potential until they have tens and tens of thousands of properties on the books, which will in turn encourage hundreds of thousands of potential buyers to sign up. Big databases means big software and big computer systems, and these cost millions to develop and to maintain. By combining databases, the big off-line agencies have the best chance of achieving this sort of scale - if (and it is a big if, when things are still going so well in the British residential property market) - they can overcome their natural disinclination to cannibalise offline commissions. ®
Drew Cullen, 07 Aug 2000

Via takes aim at AMD, Intel server chipset market

Up-and-coming firm Via said today it will introduce a high bandwidth differential interconnect technology (HDIT) for future versions of its Apollo chipsets. Although disguised in the jargon of technology, the significance of the announcement is that chipsets will be able to support server and workstation platforms using double data rate (DDR) memory, for both AMD and Intel microprocessors. The company said in an announcement that HDIT will allow its PC customers to integrate DDR, AGP 4x and its 512Mbps v-link bus for desktops and notebooks, but will allow motherboards to double or quadruple memory bandwidth to 4.2Gbps for workstations and servers, using a 128-bit data path. It will support speeds of up to 2.1Gbps for expansion slots when systems are configured in HDIT mode and use two extra 64-bit PCI-X chips, Via said. Eric Chang, product marketing manager at Via, said: "The 32-bit 33MHz PCI bus with a peak bandwidth of 133Mbps, is no longer sufficient as the primary bus between the North Bridge and South Bridge and system expansion for advanced PC systems which are already being equipped with 1GHz processors. "Any high-performance system with DRAM technology such as DDR SDRAM would be handicapped when paired with a 32-bit/33MHz PCI South Bridge. The system would not be able to fully benefit from advanced DDR SDRAM because the PCI bus has now become the system bottleneck." First chipsets will appear in the first half of next year and will support both Intel and AMD microprocessors in the high end desktop, workstation and server range, he added. No Via CPUs appear to be supported by the innovation as yet. ® Micron has just announced an "enablement kit" for DDR memory. Details of the toolbox can be found here.
Mike Magee, 07 Aug 2000

Cybersmears – another great Net tradition falls by wayside

Cybersmearing, otherwise known as online defamation, became a trickier pastime last week when a New Jersey state judge ruled that anonymous messages on Yahoo! Finance by three defendants constituted libel against Biomatrix, a bio-medical firm which previously employed two of the libellers. The next step will be the assessment of damages, which are likely to be greater than the defendants are able to pay. This appears to be the first US case where a court has decided that online posting could constitute libel, since previous cases have been settled or dropped. Biomatrix objected to a comment that its CEO was a doctor who worked for a well-known German political party which ceased after the war (by not saying Nazi, the search engines won't catch this and result in our getting flames...), and that Synvisc, a drug it produced for arthritis, killed people. "Baseless and false," was Biomatrix's response, its sensitivity perhaps being increased as the result of an intended merger with Genzyme Corp and fears that this could be prejudiced, since the shareholders hadn't at that time voted on the deal. Defamatory There have been hundreds of cases, mostly connected with comment on companies in a stock market context, where the companies concerned have subpoenaed the ISPs to discover the identity of the anonymous cybersmearers before taking action against them. They usually succeed, since an ISP is unable to deny a subpoena request. True to the tradition of American ambulance-chasing entrepreneurism, there's already a company offering to help find the identities of cybersmearers: the Internet Crimes Group's eWatch service boasts it assists PRNewswire customers to counter such "malicious and criminal acts". A contentious issue is whether the cybersmearers should be first warned before their identity is revealed by the ISP. Yahoo!, which has figured prominently in such cases, now has a policy of giving a 14-day advanced warning to the smearer, in order that a defence to the revelation could be entered if desired. Yahoo even has a message board for John Doe defendants. Lawyers for smearers have argued that it should be necessary for the criticised companies to prove damage before identities are revealed, but courts usually do not like defendants to be unidentified. AOL and MSN also inform users of unmasking subpoenas, but in general the ISPs wriggle and do not like to take a public position on such matters. First amendment A Florida county court decided in June that First Amendment arguments may not be used to protect anonymity, but there is a problem since there is a deep tradition of free-ish speech in the US, starting with the 1787/8 Federalist Papers by "Publius" that criticised the US Constitution. Some say that the authors wanted to protect themselves and so remained anonymous, while others like Paul Finkleman of the University of Tulsa suggest that it was the intellectual fashion of the time to do this, unlike today when we venerate celebrity rather than the ideas themselves. A question that the courts will need to consider is the possible difference between political comment and business comment, as well as the tricky but more mundane business of deciding the boundary between legitimate criticism and defamation, on a case-by-case basis. So far the courts seem to finding that there is no difference in defamation law between printed and online media. As might be expected, the American Civil Liberties Union has been active in defence of the right to criticise and for the John Does to remain anonymous, with this being breached "only when necessary". In many cases, the smeared party wants to find out who is doing the smearing, and since it is often an employee (or ex-employee). Threats by the employer then often result in the employee being dismissed and the case being dropped. These muzzling attempts are appropriately called SLAPP actions (a strategic lawsuit against public participation), with corporate legal action being more concerned with suppression than retribution. ® Related Story Scoot swoops on 'anonymous' bulletin board posters
Graham Lea, 07 Aug 2000

Tesco takes online shopping to ‘nearly all’ of the UK

Tesco has announced it will roll out its Internet ordering plans to cover "nearly all" of the UK by the end of the month. The company claims this puts it ahead of main rivals Sainsburys, a claim apparently backed up by the latest market share figures which show Tesco edging ahead with 15.6 per cent (up 0.4 per cent) and Sainsburys slipping to 11.8 per cent from 12.2 per cent. United News & Media has postponed a decision to float its techie publishing division, CMP.net. Adverse market conditions were blamed for the delay of the £300 million IPO. Clickmango.com is to stay open for business for another month at least in a bid to attract further investment to keep the ailing health ebusiness in operation. Robert Norton, co-founder of the site, said he was "cautiously optimistic" that additional funding could be found in time. Telewest is in further trouble amid heavy speculation that a number of companies are looking at it as a potential takeover. Last week, the company's Q3 results showed an increase in losses to £166 million from £120 million a year before. Depending on who you believe, Dutch cable company UPC or American private equity group Callahan Associates are ready to buy the company out. Offers are thought to be in the region of £6 billion. Telewest has shunned any attempts at takeover but hinted at a merger with NTL, a move doubted by observers. While loudly asserting that it is "not just another dot com", motorbike site Bikenet.com is set to float on the stock market. The company, in which Dixon's hold a 50 per cent stake, is expecting to raise between £2 million and £3 million to spend on expansion, and anticipates a market capitalisation of £20 million. The company said that it expects to turn a profit with in a year. Mobile phone company, Orange, is gearing up for a partial float later this year. The company has appointed three leading bankers, Dresdner Kleinwort Benson, Morgan Stanley and Societe Generale, to manage the offering. The float could value the business at £60 billion. Orange has also shifted its £30 million advertising account from WRCS to Lowe Lintas. It said that themove was necessary as the company became more global, and that Lowe had understood the importance of its established brand. Vox Generation has poached Disney's former head of international operations, Chafic Najia. The UK startup is building a voice portal for punters who want to navigate the Web via their mobile phones. Najia is working with psycho linguists at UK universities to develop an intuitive voice interface. This would allow users to switch from email to booking a cinema ticket or anything else at random. Israel-based GEO Interactive Media Group Ltd has invested $5 million in Tornado Development, Inc a California-based unified messaging outfit. GEO will use the technology for video messaging over telecom and wireless networks. ® If you want to check out more dotcom dosh dealings then click here to view Cash Register.
Team Register, 07 Aug 2000

Lastminute is dotcom icon

The media was responsible for turning lastminute.com into an "icon of the new economy", according to a report published today. Of the 2814 articles written about the new economy in Britain between March and May 2000, 293 (ten per cent) mentioned Lastminute.com, claims Dot.comment. Of these, 73 mentioned Lastminute.com's co-founder, Martha Lane Fox, although the report's authors claim part of the reason for the pre-occupation with Ms Lane Fox was the lack of other personalities in the British Net sector. The report, commissioned by the Marbles PR agency, also claims to have settled the question of how to write the term "dotcom". It concludes that the term with the dot, ie. dot.com (surely, though, that's dotdotcom?) is the one to use. Another fatuous survey, this time from Dresdner Kleinwort Benson, claims that the better the Web site, the better the company. It claims to have evidence that proves that FTSE companies with good sites outperform those that don't by some 35 per cent. The report's authors claim that simply rating a Web site is an "easy way to gain a judgement as to how a company is organised and how its stock price is likely to perform". Unbelievable. And people pay for this kind of sh... er... financial advice. ® Related Stories Kids shun Martha Lane Fox Lastminute posts improved losses The wit and wisdom of Martha Lane Fox
Tim Richardson, 07 Aug 2000

MS Windows a ‘sack of bile’ – Novell

God knows people can go a bit peculiar when they get a little poorly, but identifying Microsoft Windows with your illness, that's going some. Actually, it isn't. We recall the late, great playwright Dennis Potter calling his cancer Rupert after the Australian... sorry, English... sorry, American nationality-changing media tycoon. And now we have one Thom Duncan, a senior editor at Novell's DeveloperNet, comparing of his own gangrenous gall bladder with the Beast of Redmond's main product - on Novell's official Web site. His argument, far from a bilious Bill bashing, is remarkably rational and, dare we say it, convincing. You can read the details here, but the gist of it is: "1. Your gall bladder is small (Micro) and soft. 2. Everyone gets one with their body (computer) whether they want it or not. 3. It doesn't add any value to the body. 4. It makes you throw up. 5. When you remove it, the system manages to get along just fine. 6. They're both sacks of bile." Sounds pretty damn close to us. Duncan was in hospital last week undergoing surgery for his afflicted organ, and we hope he's making a rapid recovery. And that Windows will no longer be causing him acute indigestion and discomfort... ®
Tony Smith, 07 Aug 2000

HW Roundup Asus A7V for the dipswitch devoid

The ever helpful and obviously deranged Aussies have been at it again. Go here to read about their Asus A7V. This one's been modified so that peeps without dipswitches can follow their guide and get it all working. Plus pics, so it'll be worth peeking at. ABit BX 133 board gets the once over at OC Workbench. Could there be life in the old dog yet? Point and click if you want to know more. BX Boards reckon they've found a fun board for overclocking. Read their review of the ABit KT7-Raid board for more details. Warning: Epox boards and GeForce2 are suffering a little from the old oil and water problem. According to Martin over at Athlon OC, performance will not be exactly optimised with the two in the same PC. Check the full story out here. And staying with the gaming theme, if you don't have an AGP slot on yer PC and you are into yer games, GA Hardware reckon you could do worse that to spend some cash on the V5 5500 PCI. They've posted their thoughts here. Planet Hardware seems to concur. Their thoughts are up for all the world to see here ® Still hungry for hardware? Check out our archives
Lucy Sherriff, 07 Aug 2000

Babylon 5 creator publishes novel for free on the Net

J Michael Straczynski, the creator of Babylon 5, is to publish his new novel Tribulations, in its entirety on the Web, for free. But it's not yours to keep. The book, described as "one part thriller and one part pure fantasy complete with supernatural visitations, priests, soldiers of light, politics and lots of humor", is to be published in four weekly instalments on the US site Bookface.com. The first episode is out today. From 21 August, Bookface will also offer Tribulations for sale as a trade paperback from DarkTales, a horror genre publisher. So why do this, when it has already published the book on the Web? Tribulations on Bookface is, in effect, acting as a gigantic advertising come-on for the print version. Bookface uses what it calls streaming text technology to enable readers to browse content while protecting that content from being "copied, redistributed or altered on its site". No special software or hardware required. In a statement (you can tell he's an author), Straczynski says: "The Internet has become the new electronic hearth, allowing readers, fans, and writers to communicate at a previously unimaginable level of intimacy. As with any relationship, there have been bumps along the road as all parties adjust to this new intimacy. The system offered by Bookface promises the first real approach by which fans of a writer's work may have full access to that work, maintaining the conversation in a way that does not compromise the interests of the author." How long before the crackers intrude upon this cosy intimacy? ® Related Stories Amazon leaves authors open to abuse Stephen King set to net $1m from online experiment Stephen King e-book cracked and distributed for free Stephen King publishes novella on Net only ebooks ride bullet to mass market Jeanette Winterson wins back kidnapped domain name
Drew Cullen, 07 Aug 2000

Security hole in Adobe Acrobat

UpdatedUpdated Adobe has quietly released a patch for a security hole in its latest version of Acrobat, 4.05. The hole is a "buffer overrun" problem, which basically means that malicious code can get through Acrobat and run on the client machine. This, of course, means that all means of nasties can get at your PC. The hole's discovery was posted on 26 July by Shadow Penguin Security (its techie explanation is displayed below), having sent Adobe its findings. Amazingly, Adobe claims to have posted a patch on 25 July. The problem only affects Acrobat for Windows (what a surprise). Acrobat, the Acrobat reader, Acrobat Business Tools and Acrobat Fill In are all affected. A spokesman for the company advised that everyone download the patch (most of you will probably have Acrobat 4). He also said that downloads from now on will advise people on the situation. Adobe's explanation and patch can be found here. This is the techie explanation from Shadow Penguin Security: "We found the exploitable buffer overflow problem in Acrobat series for windows. Acrobat overflows when reading the PDF file which has long Registry or Ordering. They are one of the font CDI system information, you can see them in the PDF file which is generated by Acrobat. This buffer overflow overwrites the local buffer, the codes which are written in the specified string can be executed in the target host. If the PDF file which contains the cracking code in CID system information is opened by Acrobat series or Internet Explorer, the cracking code will be executed on the client host. This overflow contains the possibility of the virus and trojans infection, sytsem destruction, intrusion, and so on." Update: A slew of emails from readers who have tried to install this patch has forced us to go back to Adobe to confirm some details. It was unwilling, however, to do anything but repeat ad nauseam what was written on Adobe's information page (given above). We came off none the wiser. Requests to speak to technical staff amounted to nothing. We finally managed to elicit a tech support phone number. It got worse from here. The queries we had were: Is there any risk to any versions apart from Acrobat 4.05? How do you get the patch to work with Acrobat if the application doesn't sit on your default drive? We were advised yesterday to tell all readers with Acrobat version 4.0 upwards to download the patch, but the patch does not work with 4.0. Acrobat 4.05 - it would appear - is the only version affected and so the majority of users should be fine. You need to buy Acrobat 4.05 the application, but this version of the reader is free. If you do have the free reader version 4.05 (or the bought products of this version), the patch does not work if it is not on the default drive. After negotiating the automated phone maze, we spent 10 minutes on hold, a further five minutes explaining that we were journalists and had been told by Adobe headquarters to call them to obtain technical information. The next five minutes was spent explaining the same thing to another person. The next five we were back on hold. And then a final three-minute flourish which ended with us remarking: There must be someone in Adobe who knows how Acrobat works. "Um, no," was the response. So there we have it. We don't know and neither does Adobe. Our advice would be to not upgrade at all or dig out that old copy if you have already done so. Apparently though, the very latest version - 4.05c - is free from all problems. Don't say we didn't try. If you fancy a go yourself, tech support can be reached on 0131 451 6888. The automated message gives eur-custserv@adobe.com as a contact email. ®
Kieren McCarthy, 07 Aug 2000

Telewest cuts cost of broadband Net access

Telewest has slashed the cost of its broadband service, blueyonder, The Register can confirm. The service will now be available for £33 (including VAT) a month - down from £50 a month. In a statement, Gavin Patterson, Director of Marketing for Internet and Telephony at Telewest, said: "blueyonder is now the most competitively priced high-speed Internet service in the UK and represents exceptional value." Telewest's new offer undercuts BT's single-user ADSL offering by £84 a year. No one at BT was available for comment by press time to say whether the telco would respond and cut prices for its broadband products. ® Related Story Telewest's blueyonder price to fall
Tim Richardson, 07 Aug 2000

Reg Lonely Hearts

Shy but inquisitive journalist, GSOH, would like to meet M/F who is actually using AltaVista's heavily hyped British flat-fee unmetered Net access service. Intentions wholly dishonourable. Don't usually resort to placing a personal ad but this time I'm desperate. Problem is, AltaVista has failed to provide any evidence that anyone has actually been invited to use the service despite repeated requests for proof. Appreciate a million people registered for the service, but only want to meet genuine users, people who actually coughed up their £60 and are using the service now. No time wasters please. ® Related Story AltaVista ISP in pointless queue-jumping exercise
Tim Richardson, 07 Aug 2000

Netscape's SmartDownload court case hots up

The complaint lodged against AOL/Netscape that its SmartDownload feature was abusing users' privacy is gathering momentum. The initial complaint by photographer Christopher Specht has been expanded to include three others: John Gibson, Michael Fagan and Sean Kelly*. We don't know why yet but we have been in touch with the four's lawyer and Specht, so we'll keep you informed. Meanwhile, AOL, while claiming it has done nothing wrong, has said it will remove the feature that allows details of users' IP and file download names to be sent to Netscape in the next version of Navigator. Whether this is an admission of guilt or just recognition of the growing awareness of privacy issues is something that is likely to be played put in court. Regarding the addition of three more complainants, an AOL spokesman said: "This is just a rehash of an old story on a lawsuit without merit." He continued that the supposed privacy-invading feature in Navigator was "included in the software in part for technology support purposes," but AOL had "never used or accessed any information about SmartDownload users or files." Again, something that is impossible to prove either way at the moment but will no doubt come to light if the case runs the full gamut of the US legal system. Our take on this is that AOL simply decided that while the feature (which was born before privacy became a hot topic - and please remember that Netscape was the darling of the IT world before it was bought by AOL) was in Navigator, it would keep hold of it. Whether it is guilty of prying is therefore dependent on two things: whether it knowingly abused the feature; and the ever-present intangible - what society thinks of its actions in retrospect. * After some blind research, we believe the other complainants may be: John Gibson: a musician with a heavy interest in computer software Michael Fagan: an expert on monitoring and improving software Sean Kelly: a systems analyst who writes open source software All are based on the West coast of the US. Update: The lawyer behind amendments to the case, Joshua Rubin, has replied to our questions. Being a lawyer, he naturally sidestepped most of our questions but did draw attention to additions to the case. Picking up on evidence that has subsequently been discovered by the Web community, the complaint has refined its criticism of Netscape's SmartDownload to build the argument that the returned information allows for individual recognition. It also adds an extra dimension by claiming that, by following downloads, AOL is capable of observing activity on its competitors' servers. The case is clearly building an anti-trust case on top of the privacy issue. ® Related stories Netscape complainant speaks to The Reg So just how guilty is Netscape? AOL faces snooping court case
Kieren McCarthy, 07 Aug 2000

Palm unveils Handspring hounding consumer PDA

Palm today announced its rumoured m100 consumer-oriented palmtop designed to regain the retail lead taken from it by PalmOS-licensee Handspring. The company also unveiled an updated version of its Palm VII wireless-enabled organiser, the VIIx. The m100 - Palm's first to break its roman-numeral naming scheme - is aimed squarely at Handspring's Visor. Handspring was founded by Palm's own founders after leaving the company a couple of years back. Handspring released Visor last year, but since the PDA's retail debut in April, it has gone on to take over 25 per cent of the US retail PDA market. The m100's pricing - $149 in the US; international priceing has yet to be described - is just the same as the standard Visor, as is its colour casing. Taking a lead from mobile phone company Nokia, Palm has given the m100 - which is the kind of designation you'd expect from a cellphone; a sign of Palm's increasing focus on the mobile data market, we wonder - exchangeable face-plates. Palm is also stressing the m100's other customisation options, just as Handspring did when it announced the Visor's Springboard add-in technology. Palm's m100 announcement noted the upcoming availability of plug-in cameras, MP3 players and exta storage options (the m100 ships with just 2MB of RAM). The m100 can tak 'digital ink' handwritten notes, as per the early rumours that anticipated today's launch. However, contrary to previous reports, the new machine doesn't appear to have handwriting recognition on board. No great surprise this, since the Palm's Dragonball CPU arguably isn't up to the task (though what will happen when Palm switches to faster ARM CPUs, remains to be seen). The upgrade to the wireless Palm VII, meanwhile, will ship for $449 and ups the memory to 8MB. Some 40 Web site modules are bundled with the machine, which isn't much of an upgrade, but saves users from having to download them if they wish to view the sites they link to. Both machines will ship this autumn, by which time Palm should have the European version of its Palm.net service up and running too. ® Related Stories Apple Newton tech to power next Palm? Handspring PDA revenues up 51 per cent Handspring grabs quarter of US PDA market Palm to bring wireless Net to its PDAs
Tony Smith, 07 Aug 2000

Hackers sink Paid-to-Surf Web site

FreeWebStuff.com Inc., a Paid-to-Surf company, has put itself up for sale, after finding out that hackers had undermined its entire business model. The San Jose, California-based firm says it will also consider a partnership with an Internet security firm. FreeWebStuff, which launched only on July 5 this year, cites growth "far in excess of projections, complicated by excessive 'fake' signups by hackers" as the reason for its early foray into the world of Mergers & Acquisitions. "We were getting too many sign-ups, too quickly -- many of them from the same group of sophisticated hackers," press spokesman Bill Johnson said, in a statement. "The whole point of FreeWebStuff is to offer honest, affordable, targeted Internet advertising. If we 'looked the other way' and allowed multiple accounts from one person, it would appear to our advertisers that we had more users on our service than we actually had." FreeWebStuff recently put its service on hold in an attempt to beef up security. The company plans to relaunch with stricter verification of member identification, a change in payout structure, and elimination of the multi-level referral structure. "What attracted the large number of sign-ups and members, also attracted the cheaters. Eliminating multi-levels reduces the incentive to cheat and the ability to conceal it," Johnson said. "Hopefully we can re-channel the hackers' energies into making honest commissions by helping us sell our advertising instead of trying to cheat the system." Show me the money FreeWebStuff operates in probably the riskiest B2C Internet sector of all - and that's without the security headaches. Vast sums are being turfed into Paid-to-urf, mostly through its best known exponent, AllAdvantage. The model is entirely unproven, but already, if AllAdvantage is anything to go by, Paid-to-Surf looks financially unsustainable. Paid-to-Surf purports to be a form of permission marketing. In other words, punters "earn" money or credits for expressly allowing companies to interrupt their surfing with adverts taking up the bottom of the screen. However, in our book, this is not an authentic example of permission selling. Money-conscious bargain hunters will put up with the interruptions because they want the money, and not because they are interested in all that extra advertising shunted their way. Usually with Paid-to-Surf businesses there is a multi-level marketing (MLM)element, with commissions offered for referrals. FreeWebStuff deploys MLM and offers credits redeemable for merchandise and what it calls "online gift currency". The company promises to deliver laser targeting at knockdown prices, and it offers the following example: "A dot-com that sells clothes can show their ads only when a surfer visits a competing site (such as Gap.com)." But how targeted is that - waving an offer in front of someone when they are already in the store? This is, at very best, bad manners. ® You can find out more about FreeWebStuff at www.extremetargeting.com.
Drew Cullen, 07 Aug 2000

Teacher details exposed on Govt Web site

Personal details of hundreds of education professionals, such as teachers and governors have been available to view on a public portion of the National Grid for Learning's Web site. Surfers who register on the site are assured that their information is being held by the NGFL for the NGFL, and will not be passed on to a third party. But it is available to any third party out there who knows about the following vulnerability on Security Focus. The NGFL Web site runs on a Netscape Enterprise Server 3.6. This version has a directory indexing feature which allows remote users to view the directory by appending various tags to the URL. The software is shipped with the feature enabled by default, and since it is not well-publicised, it is not often switched off. This problem is easily fixed, all that needs to be done is the feature needs to be turned off in the Administration Interface. More details can be found here. However, in this particular instance it is not the lapsed security that is the issue. More it is an ongoing struggle to get people security literate. If information is being stored online, it must be made secure. Leaving software on the default installation settings is akin to buying a safe and not changing the combination on the lock from the factory settings. Once one cracker knows the settings for one site, s/he knows it for all the sites hosted using that application. And in all likelihood, all her/his friends also know the details. We asked the Department for Education and Employment for a comment, but no-one could be reached by the time of writing. We did however email them the link in the story to Security Focus' site, so that they could fix the hole. ®
Lucy Sherriff, 07 Aug 2000

Reg exposes Amazon's poor security

Amazon.co.uk carries out no security checks on messages posted on its site by the authors of books it sells. So users are getting upto mischief and posing as writers of books they have nothing to do with. To test the situation The Reg set up a hotmail address using the name of an established author - we clicked on the link saying 'I am the author and I want to comment on my book' - and up came our message a day later. However in a fit of pique Amazon pulled the posting once we pointed out to them what we'd done. It wasn't even rude or abusive, we'd just used the words the actual author wanted to see online. Reg friend Matt Thorne let us post a message as the author of his book Dreaming of Strangers. We just set up a hotmail account Thorne_Matt@hotmail.com and pretended to be Matt. We posted the message on Friday 4 August, and it appeared on Saturday. There was actually no point in setting up the email address because Amazon didn't email back to check it until after The Reg pointed out what it had done. We got a blank email from Adrian Spence, operations manager of Amazon.co.uk's catalogue department. Last week Amazon's PR manager Lisa Ramshaw said the company had not suffered from any of these author spoofs because it runs security checks. These checks are so effective that Lisa couldn't say what they were because then we'd know how to get round them. Our author friend Matt Thorne is quite relaxed about the chance of fake authors pretending to be him and writing about his books. "I'm not at all worried about these bogus authors - they're saving me the trouble of doing it." ® Related Story Amazon leaves authors open to abuse
Robert Blincoe, 07 Aug 2000

Journalists get PR revenge

Online humour marketing site www.e-tractions.com has come up with a journalist-friendly form of publicity: a game in which you fire press releases at your least favourite PR company (and score points doing so). Yeah we know that it's all just cheap publicity, but this is e-tractions raison d'etre - providing the message through entertainment. That said, the Shockwave (yes, you'll have to download yet another upgrade) game is not bad. Not as good as the grouse-shooting game that is still installed on our hard drive, but certainly worth a quick go. What can you do? Select your least favourite (US) public relations firm, choose the reason why you don't like them and then fire press releases back at them (they're shaped into paper aeroplanes). If you hit any PRs that pop up behind their cubicles, you score. Hit a coffee cup and get rapid fire (apparently, but we didn't notice any difference). The game's scoring is haphazard and unnecessarily complicated - we just want to fire and maim, damn you - but it is reassuringly difficult. That's it really. If you have a spare five minutes this week give it a whirl. We'll try to find a different one for you next week. The game is here. According to the company's press release: "E-tractions.com is considering a host of similar games, including one called 'whack-a-hack', where PR flacks could vent their frustrations against high profile reporters and writers who never accept phone calls or press releases." We suggest with this game that rather than reporters popping up, there should be a whole room of reporters. Then when a reporter runs out of decent stories, he/she could turn a different colour - then you fire a nonsense-filled piece of paper at them. Let's keep it real, folks. ® Related story Tubbie Terror spreads like an epidemic
Kieren McCarthy, 07 Aug 2000

Competition Win Kay Buena's motherboard

UpdateUpdate All you would-be heirs to the shot-up Kay Buena motherboard: listen up. If I get one more email from someone claiming to be God or the Devil I think I may cry, or join a convent or something. Please, do not drive me to this tragic end. The best song suggested so far has been Monty Python's Sit on my face... Not because it is relevant, just because it is a top tune. And Elton John songs, however appropriate, are not, I repeat NOT going to win a T-shirt. They might win a one-way trip to the South Pole, but no T-shirt. I know I didn't say this before, so I'll give all those who suggested Funeral for a Friend another chance. You know who you are. So, come on. There is still loads of time. Entries must be in by Friday, 11 August. Finish the sentence: "I deserve to win the Kay Buena motherboard because...." And email it to me with the title Computers are the tools of the devil. ® Related Story Competition Win a bullet-riddled motherboard!
Lucy Sherriff, 07 Aug 2000

CallNet scraps unmetered access

CallNet 0800 has become the latest British ISP to ditch unmetered Net access. The service - launched some nine months ago - will be shut down on September 5 and be replaced with a metered service. No one at CallNet0800 was available for comment today to explain why the ISP has decided to call it a day. However, in a "Dear John" letter to customers, CallNet blamed "substantial changes in the telecommunications industry" which it said had "altered the fundamental economics of 0800 services". These "industry changes have now impacted upon the company's ability to offer [unmetered access]", it said. And in an attempt to fend off any criticism even before it raised its head, the company said: "Finally, we advise you that under the terms and conditions you agreed to on registration, the CallNet0800 service will be terminated and your existing account closed on 5th September 2000." CallNet's decision to scrap its unmetered package is the latest in a string of ISPs to pull back from unmetered Net access. LibertySurf had troubles, breathe chucked off 500 abusers, and last month LineOne pulled out of the unmetered market completely. ® Related Stories LineOne ditches free Net access Net exec takes lie detector test Heavy breathers winded by Net access rejection Virgin delays unmetered Net access promise
Tim Richardson, 07 Aug 2000

AMD pulls price drop forward

Sources close to AMD's plans have confirmed that we can expect big price drops on its microprocessors on the 14th of August. The cuts were originally slated for the end of this month, as revealed here some weeks back. Intel is taking aggressive action to push its newer flip chip processors into the market place, and we understand that AMD also wants to put some flotsam and jetsom ahead of Intel's Developer Forum, which will be held in San Jose a week later. As we reported on the 11th July (see link below), the price of its 1GHz Athlon is likely to hit the sub-$500 mark on that day. Intel is expected to reduce the price of its 1GHz Pentium III at the end of the month as quantities begin to appear. ® The Wall Street Journal is reporting that Silicon Spice, which ex-AMD and Intel employee Vinod Dham joined some little while back, has been sold for just under $2 billion to Broadcom. See Also AMD wins 1GHz price war AMD: The boyz'n'girlz done well
Mike Magee, 07 Aug 2000