US ISP Verio has refused to remove a Website which allegedly shows DVD-cracking techniques. The Motion Picture Association of America (MPAA) sent a letter to Verio in November claiming the site Cyptome.org had illegally posted DeCSS. IT demanded the ISP remove the offending code, citing the Digital Millennium Copyright Act (DMCA). Instead, Verio yesterday sent John Young, the administrator of free speech site Cryptome, a letter of its own and asked him to answer the charges. The company, a subsidiary of NTT Communications, told Young that if he agreed to its demands, and as long as the MPAA didn't try and sue him, it would not make him take the material down or block access to his site. Young did as Verio asked and sent the company a letter saying he had not broken the law - he claimed he posted a now-sealed document containing the code for CSS, the system DeCSS is designed to crack, CNET reports. But Verio may have a fight on its hands - the MPAA has already sued several sites for putting the DVD cracking code on the Net. DeCSS was designed by a Norwegian teenager simply as a means to let people play DVDs on Linux-powered machines. But the solution busts the code protecting copyrighted DVDs and so has obvious piracy. implications. ® Related Stories France says 'non' to US DVD imports Clothing company hit by anti-DeCSS suit DeCSS injunction challenged DeCSS temporarily banned from the Net
Yesterday evening testers of Whistler received an e-mail concerning substantial changes being made to the UI, allowing users to change the look and feel of it.
During his election campaign, Dubya got great mileage out of Clinton's "troubles" - most notably over Monica Lewinsky - saying that when he was President he would give the Oval Office a darned good cleaning. It seems like that cleaning extended to the servers that hold the White House Web site, as Bush has had it scrubbed of all traces of the Clinton family, the old layout ditched in favour of a rather staid and uninspired boxy design. The only things left on the site from the Clinton era are pictures of Clinton's dog, Buddy, and Sox the cat. Incidentally, Bush was as good his word about cleaning the Oval Office and has had the whole thing refurbished in light bright colours. We at El Reg would like to offer our congratulations to the Bush Web designers who managed to put the new site together despite all the W keys being missing from the White House computers. All that typing on the hard plastic underneath must have really hurt. We salute you. ® Related Story White House Ws go Walkabout
LinuxPPC, inc. is no longer in it for the money. The organisation, which became a company in 1997, is to become a non-profit operation. We'd like to say that LinuxPPC, one of the pioneers of the open source operating system on the PowerPC platform, has made the move for philanthropic reasons, but the reason appear entirely pragmatic. The switch to incorporated status in 1997 was made primarily because, as LinuxPPC puts it, "it was less difficult and less expensive" than going non-profit straight away. And then there was the burgeoning dotcom and Linux IPO arena, and it's hard to imagine LinuxPPC's founders didn't have such an opportunity in mind - who, working in such an environment, wouldn't? Now, though, such times are long past, and LinuxPPC's principals reckon they're better off becoming a non-profit operation. They're probably right. LinuxPPC's argument is that the organisation was formed to support and steer the development of Linux on PowerPC, and this new operational change will allow it to focus more closely on that role. Then there's the imminent arrival of MacOS X. Like Linux, it's a Unix-based OS and provides the key features - SMP support, multitasking, memory protection, etc - but with a rather nicer interface (pace all you Gnome and KDE fans). Given the majority of LinuxPPC's users are running the OS on Macs, many of them many prefer the peace of mind of a product from Apple now it has one that meets their needs. We hope many of them don't. As LinuxPPC makes the change over the next few months, it should allow it to concentrate more on rallying developers for more frequent upgrades, ensuring its OS evolves more quickly. And while everyone waits patiently for Adobe to deliver a MacOS X-native version of Photoshop, LinuxPPC users can get on with Gimp right now. ®
STMicroelectronics said Q4 profits more than doubled thanks to demand from mobile phone makers. Net profit for the quarter rose to $462 million, up from $184 million for the period a year earlier. Sales rose 48 per cent to $2.19 billion but the company expects an eight per cent drop in the first quarter due to slowing demand. ® Related Stories Texas Instruments misses Q4 targets Chip champs chomp bitter pill
Microsoft has blamed a lowly technician for a cock-up which almost completely blocked access to its Web sites for most users yesterday. From the early hours of yesterday morning until late evening www.microsoft.com, msn.com, expedia.co.uk and msnbc.com were all unavailable. The software giant's Hotmail service was also inaccessible for many. The problem, whose final resolution came some six hours after Microsoft promised a fix would be in place yesterday, was due to changes in Microsoft's domain name server network caused requests to access its Web sites to fail. A fix was eventually put in place when Microsoft removed the changes made to the configuration that were behind the problem. In a statement, Microsoft admitted: "At 6:30 p.m. Tuesday (PST), a Microsoft technician made a configuration change to the routers on the edge of Microsoft's Domain Name Server network. The DNS servers are used to connect domain names with numeric IP addresses (eg. 188.8.131.52) of the various servers and networks that make up Microsoft's Web presence. "The mistaken configuration change limited communication between DNS servers on the Internet and Microsoft's DNS servers. This limited communication caused many of Microsoft's sites to be unreachable (although they were actually still operational) to a large number of customers." Microsoft has apologised to customers for the problem, which it denies is down to either a technology failure with its or anybody else's products nor down to lax security of its networks. This leaves as lowly techie, who we'd be most interesting in talking to, carrying the can for the whole sorry debacle, which hardly inspires much confidence in Microsoft's .Net vision for delivering software as a service over the Internet. As Register readers pointed out, all four of Microsoft's domain name servers appear to be located on the same subnet - effectively putting all its eggs in one basket. Russ Cooper, editor of security mailing list NTBugtraq, has laid into Microsoft's explanation and said "stupid people do make mistakes, but for a company the size of MS there's really no excuse for such a blunder." Cooper said: "It seems the corporation [Microsoft] is not sufficiently aware of the importance of DNS, despite its role in both .NET. You think you might have a disaster recovery plan that gets invoked within an hour of confirmation that DNS is out... one that includes checking the router configuration for your DNS 'network'." He added that the debacle showed that there was no vetting or management sign-off to changes in production networks at Redmond. ® Related Stories Microsoft brings web sites back into play Microsoft confirms Web site blackout DNS trouble made Microsoft, Yahoo! unavailable
So farewell, then, the EV6 system bus, dropped from AMD's Hammer family of 64-bit processors, but not forgotten. Instead, AMD will use a new, NUMA-based bus. NUMA (Non-Uniform Memory Access) is designed for multiprocessor system, primarily eight-way and up jobs, so the move - outlined by Bob Mitton, AMD's workstations and servers marketing manager, at the Platform Conference this week - shows what kind of systems AMD expects to see its chips installed in. NUMA provides each processor with its own memory bank alongside a chunk of shared RAM - specifically, all the other processors' local memory. Each CPU can access its own memory more quickly than the RAM shared with other processors, hence the 'non-uniform' label. It also gives each processor access to the full bandwidth of the system bus. Essentially, it's a technique that provides the simplicity of SMP with the scalability of massively-parallel multi-processing. AMD's adoption of it marks the chip maker's second appropriation (at least) of a third-party's bus technology, in this case Sequent, which introduced the technology back in 1996. SGI released NUMA-based systems around the same time. EV6 was designed for the Alpha processor. AMD's contribution to NUMA will be a combined Northbridge and Southbridge part called Lightning Data Transport and not BusNow! after all. The company's choice of a new bus technology also highlights the problems it has had developing multi-processor boards based on EV6. According to EBN, AMD has begun sampling a two-way Athlon-oriented chipset, the 760MP, but Mitton wouldn't or couldn't say when it would ship in volume. The 760MP will support DDR PC2100 RAM, up to 4GB of it. ®
EverQuest players who tried to sell characters or in-game items, only to have their online auctions cancelled, are being invited to join a class action law suit against publisher Sony, writes Andrew Smith. A web site set up to announce the suit, which also targets developers Verant, eBay and "any other service" which has cancelled auctions, says: "If you believe that any one of (these) parties have infringed on your rights to freely sell your time, please add your name to the growing list of those who wish to stop these unconstitutional actions." The selling of characters and items from the massive virtual world of EverQuest appears to be a violation of the game's license agreement, which states that Verant "shall retain ownership of all intellectual property rights". This has led to eBay cancelling a number of EverQuest auctions, and now banning them entirely. But the class action statement claims that people organising these sales are in fact "selling the time spent building the status of an Everquest character" or "selling the time spent obtaining the item". Due to this, would-be claimants are told, the sales are "protected by law" and Sony, Verant, eBay et al are "restricting your right to trade your time for money". There has been no official statement about the case from any of the targeted companies, and Verant did not respond yesterday to a request for comments. Whodunnit? Mystery surrounds the proposed class action, along with inevitable cynicism, as nobody seems to know who is organising it. The announcement page sits in a subdirectory of GravitySpot.com, a Washingon web design company with a lacklustre site and a somewhat unusual boast for a dotcom outfit: "We attribute our excellence directly to our Christian faith as well as our experienced and well trained staff." The company's contact e-mail address bounces, as does mail to the standard webmaster@ address. An e-mail sent yesterday morning to postmaster@ didn't bounce, but it hasn't been answered. E-mail sent to the site's admin contact listed by Whois, Chris Flanders, hasn't had any response either. Calls to Gravity Spot yesterday were picked up by an answer machine but there was no mention of a company name, just "the office of Dennis Flanders". Messages left on his voice mail haven't been returned. A quick search through the Washington phone listings turns up a Dennis Flanders living next door to Gravity Spot's office, but his home number "does not accept unidentified calls". There is no number listed for Gravity Spot itself. Even a request to sign up for the class action, and another to be kept up to date on how it's going, didn't receive any sort of acknowledgement or extra info. So quite who is behind all of this, or what their motives are, is anyone's guess. A number of theories are circulating, ranging from it being an elaborate hoax to collect e-mail addresses for spamming, to it being organised by someone who was making a tidy packet from EverQuest auctions and is angry about eBay stopping them. Born to be sold The auctioning of properties from EverQuest and other online games has become something of a cottage industry, with hundreds of dollars changing hands for experienced characters, powerful weapons or precious items. It is thought that some skilled players have been able to earn a decent living from the game, simply by building up characters and selling them -- get a new account for $9.89, play with it for a few weeks, sell at a huge profit, and repeat. But people's willingness to hand over real world money for instant success in the game world has provided another opportunity for con artists, and there is little that Verant can do when someone claims they have been ripped off. This has led to the company's current efforts to stop auctions entirely. "We don't allow account transfers, because we can't be responsible for all the fraud that goes on," explained Verant spokesman Gordon Wrinn in November last year. "Someone might look reputable on those auction sites, but it takes only a couple of days and costs a couple of dollars to work up a convincing profile. There is more fraud involved in account and item sales than you can possibly imagine." Despite this warning, some auction sites, such as Yahoo and Player Auctions, are allowing EverQuest properties to be sold. Player Auctions has even gone so far as to ban representatives of severalgames companies -- including Sony and Verant - from visiting the site, presumably to prevent them from spying on auctioneers and closing their game accounts. Here's an example of Yahoo character auction. "We fundamentally believe in a user's right to profit from their own time," said Shane Benson of Player Auctions. "That is what the free market is all about. Can you imagine if Microsoft took the same position? Users of Office would not be able to sell information or content that they had entered into Word or Excel. It is ridiculous." History of controversy Verant's banning of EverQuest auctions is the latest in a string of emotive issues that has seen the company both hailed for its strength and, in extreme cases, boycotted for its weakness. In October last year, a player was banned for writing an explicitly violent story based on an in-game character and posting it on an unofficial message board. Verant CEO John Smedley later admitted that the situation had been handled badly, but the player did not return. Software developer Ben Ziegler was ordered to end work on his EQ Macros program, which could record in-game keystrokes and play them back, allowing tedious tasks to be repeated easily. The cease and desist order, sent by Sony, accused Ziegler of "an unfair business act" and copyright infringement. This week, discussions of server problems posted on the game's official message board were reportedly being blocked or deleted entirely, just one of many censorship accusations levelled at Verant in recent months. Even way back in February 1999, on the day EverQuest 'went gold' (when it was sent off for duplication) the game's executive producer, Brad McQuaid, issued a statement which included this bewildering comment: "It doesn't mean that EverQuest is done. We are still fixing bugs on both the client and the server, and tuning and adjusting all the data that makes up the game." Not surprisingly, there has been controversy since the very beginning. ® Related stories Fantasy gamer banned in porno row Sony backpedals on privacy flap
Unbelievable as it may seem, Letsbuyit has found someone daft enough to save it from bankruptcy for a coupla weeks. Head of the management team - described by the liquidators last week as "deplorable" - John Palmer has persuaded his friend and ex-hacker Kim Schultz to cough up the bulk of the £2.5 million to save the troubled bulk buyer. The rest will come from original backers. Kim's a big fella (6ft 4in; 19 stone), but you may know him as hacker Kimble who broke into the Pentagon, AT&T and famously reduced Helmut Kohl's credit rating to zero. Whether his business acumen is equivalent to his hacking skills is another matter. Letsbuyit's shares were re-opened for trading this week and swiftly plummeted to 0.18 euros. The news that the company had found money to stave off bankcruptcy pushed it to 0.24 euros. But then considering they floated at 3.50 euros, this isn't all that impressive. The managers still reckon that all they need is £25 million before they break even. We reckon they're deluded. But we can't be bothered to go into why yet again. The question is: now it has woken from its coma, will it take the opportunity to tell friends and family it loves them before slumping and passing away (like in the films) or will it just remain sick but alive and on a life-support machine? ® Related Link Kim Schultz's very flashy site Related Stories Letsbuyit safe! For three days Letsbuyit boardroom bickering to blame for collapse Letsbuyit.com very very nearly titsup.com
This is funny. Rob Woolley has come up with a funny visual gag regarding Windows' legendary ability to make OSes that crash - and we bet you that when you see it, you'll wonder why you never thought it. Of course, there will be the smart arses amongst you that will tell us they known about it for ages man and everyone used that gag in college like in 1995. But we like it. Come on then, click here. Update As a reader has just pointed out to me, Luis actually put this in his Windows Woundup yesterday. And, as such, I am a chump. ® Related Link Windows Woundup/Roundup
Computer Science professors have come out in support of the quarterly hackers magazine, 2600 Magazine, which is currently embroiled in a legal battle over DeCSS, a program that decrypts data on DVDs. The District Court in the Southern District of New York issued an injunction prohibiting 2600 Magazine from hosting or linking to the software. In all, 17 professors from MIT, Princeton, Stanford and Carnegie Mellon University, among others, have stated their opposition to the ruling in an "amicus" briefing. They claim that computer code is a form of free speech, and as such is protected by the First Amendment. "Copyright law already recognises that code, both source and object, may be copyrighted as a literary work or an original work of authorship. It does not take a leap of faith to say that a copyrightable literary work is a work entitled to full First Amendment protections, regardless of its functionality," they said. The academics are not the magazine's only allies. The Electronic Frontier Foundation filed an appeal on behalf of the magazine. It called the ruling "unconstitutional." Eight film studios sued 2600 Magazine and its publisher under the "anti-circumvention" rules of the Digital Millennium Copyright Act, passed in 1998. This is the act that has been used to such effect against free download sites like Napster. According to Newsbytes the Motion Picture Association of America (MPAA) had no comment beyond stating that its lawyers were looking at the brief. ® Releated Stories Verio stands firm in DeCSS row France says 'non' to US DVD imports Clothing company hit by anti-DeCSS suit DeCSS injunction challenged DeCSS temporarily banned from the Net
There are question marks today about the quality of services users can expect from Le Freeswerve's new 24/7 unmetered Net access service. According to its FAQs, Le Freeswerve will "instigate congestion control measures" if the network gets too busy with people using Freeserve AnyTime. No one was available at press time to say what those measures might be or what compensation users would get if access to the service were blocked by congestion. Critics could argue that Le Freeswerve shouldn’t sign-up new users if the service isn't robust enough to take them. Time will tell. In a bid to ease the problem, the ISP will automatically dump people off the AnyTime service after two hours connection regardless of whether they're using the service or not. "This is necessary to allow all members to access the service," Le Freeswerve says. It continues: "Freeserve Anytime is not intended to support continuous or unattended Internet access, and as a result there is a 2 hour cut-off time on each call." Users are free to reconnect immediately to the £12.99 a month service, apparently. However, this is hardly reassuring. AOL UK, which also runs a 24/7 unmetered Net access service, does not impose cut off times for people using the service, although it will boot off people if the service remains idle. Both AOL Flat Rate and Freeserve AnyTime are based on the wholesale unmetered access product, FRIACO, which caps telco costs for ISPs. The Freeserve FAQ Q Can I stay connected all the time? A Freeserve Anytime is not intended to support continuous or unattended Internet access, and as a result there is a 2 hour cut-off time on each call. This is necessary to allow all members to access the service. Freeserve monitors the network and takes measures to control congestion if there is evidence that this is occurring. If usage is such that it is significantly affecting service to other members of our network then Freeserve will instigate congestion control measures. Related Story Le Freeswerve says 'bonjour' to flat-rate Net access
We were so appalled to find that you gained sys admin rights by entering "test" and "test" in the username, password boxes for Atari.com's admin site that we fired off an email to tech staff telling them to fix it. Nearly 24 hours later, it is still wide open and we're left wondering whether Hasbro Interactive has just left the site to rot and die. It's not that there isn't something to be made out of Atari still. It may be dead and buried but it's still brings a nostalgic tear this reporter's eye and there are plenty of fans still out there. Sure, the PlayStation is a different world, but some of the old Atari games have terrific gameplay. In fact, we ran a story at the end of 1999 asking whether the P2 had aped Atari. ® Related Story PlayStation 2 apes ancient Atari?
Eidos issued a profit warning today, ahead of its results, due on February 28. The company said it would revise its sales and profits forecast downward "significantly" after poor sales in the US and delays to the release of three games. Meanwhile, Sony has halved its own forecasts, blaming production delays and higher than expected development costs of the PS2 console. The company's results for the third fiscal quarter fell to $620 million, compared to $800 million in the same period the year before. The trouble in the games sector does not stop there. Yesterday Rage, the games developer, admitted that its sales were also suffering after the delays to the launch of the PS2. It said it had stopped development on five new games because they were unlikely to sell very well. Rage's chief executive, Paul Finnegan commented: "We are probably at the bottom of the greatest cycle this industry has ever seen." ® Related Stories PS2 glitches may pummel Sony profits
Totalise has thrown off 900 Net users from its Ultimate Surf 24/7 unmetered service claiming they've abused the service. The cull - a third of all users on this particular tariff - comes into force on Saturday less than six months after the service was launched. The British ISP claims it suspended the users because they used the service too much. However, this is yet further evidence of ISPs getting their sums wrong and getting customers to pay for the mistakes. In a statement, Peter Gregory, CEO of Totalise, said: "Because of the state of the ISP industry it is not financially viable to carry on offering this service to some of the users and as a business, we have had to make the unfortunate decision to cancel the service to them. "The majority of our users will still be able to carry on using The Ultimate Surf as they have been and we apologise to those affected users that we cannot continue to offer this service." This will come as small comfort to those who paid £235 for two years' access. The tariff has been available only since August last year. Totalise is not the first ISP to kick financially unviable users off its service. Breathe and Le Freeswerve are famous for it. ®
UK Linux users fed up of waiting for Alcatel to get its act together and ship drivers that will let the open source OS talk to the SpeedTouch USB modem BT bundles with its home ADSL offering will soon have some alternatives to choose from. First, UK ISP Tele2 offers a wireless DSL via its (growing) CDMA network. The service works with Linux and seems relatively cheap - its tarriffs start at £9.99 per month plus a ¤49.99 for 150Kbps home access and range up to £1500 per month for unlimited 1Mbps (installation: £1000). The system connects to you computer via an Ethernet port. The snag is Tele2's rather limited geographical coverage - if you live outside Leeds, Nottingham, Leicester or Reading, you're probably not going to be able to get it. You also need to have a microwave dish bolted on to the side of your house. If that doesn't appeal - or you're geographically challenged, in Tele2 terms - US DSL specialist LinkSys is working on a USB-to-RJ45 adaptor, allowing Linux users to connect USB modems to their Ethernet cards, thus negating the need for drivers. The snag here is that Linksys reckons the adaptor is around three months away from release. ® Related Link Tele2's Web site Related Story Linux people petition Alcatel for USB ADSL drivers
US buyers spent more than $1 billion on palmtops last year, more than twice the $436 million they forked out in 1999. According to market researcher NPD Intelect, around 3.5 million PDAs and electronic organisers were shipped in the US during 2000, a 271 per cent increase on the 1.3 units shipped the year before. Of course, the fact the units shipments grew more than sales shows that manufacturers are making less per unit than before, but given the way the PC market has gone, Palm, Compaq, Casio, Handspring and co. shouldn't be too upset. Palm, in particular, since it entered 2001 with a 72 per cent marketshare, down from 87 per cent in 1999. Handspring came from nowhere to take 14 per cent of the market. The remaining 14 per cent is dominated by Windows CE-based PocketPC machines. Casio took six per cent of the market, down from 11 per cent. Compaq achieved 2.3 per cent, up from next to nothing. Hewlett-Packard and NEC took most of what was left. NPD Intelect focuses on the retail and mail order markets, so pricey, corporate-oriented machines like Compaq's CE-based iPaq will get a poorer showing than you might expect since NPD doesn't factor in sales through more business-centric channels. Still, it's hard to see those 'missing' sales cutting too far into Palm's lead. ®
You readers are a resourceful bunch. And so imagine our joy and surprise when Andrew Darling sent us one of his holiday snaps, featuring a lovely young blonde lady with a famous name. Andrew was at Synergy on New Year's Eve - a huge rave in Cape Town, South Africa when he met the lady. The beauty of the pic though is her garb. While Madonna sporting a "Britney Spears" emblazoned top was funny, when Britney returned the favour we cringed. Then, when the medja whore wannabes did the same, we were thrown into a terrible rage and started throwing stones at old ladies. However, we are deeply impressed by our blonde's "Claire Swires" T-shirt. In fact, nothing would have stopped us from talking to any young girl with a Claire Swires T-shirt. And Andrew, you'll be pleased to hear, didn't let the side down. Bearing in mind this was a rave and New Year's Eve though, things get a little blurry from here. Andrew seems convinced that she is the real Claire Swire (don't worry, Andrew, I met Naomi Campbell once on a big night out :-) ) - she's not, cause the Claire of swallowing fame doesn't have an "s" at the end of her surname. She may be called Claire but then who knows? She may even be called Claire Swires. Andrew, we suspect, is not without a sense of humour. He says that "Claire" explained the T-shirt was a "a bit tongue in cheek". He continues: "I couldn't resist the temptation to probe her further so I asked her if she wanted to come back to my apartment later. She replied, somewhat ambiguously, 'Sorry, I'm off my head right now'." You're a funny man Andrew. You can be Reg reader for the next decade (this decade's already be given to Ed Ross). Here then is the pic: Related Stories Claire Swire: wanna know who she is? Reader of the decade (until next week)
HWRoundupHWRoundup Dr Tom has taken a look at the latest instalment in the DDR Saga, DDR for the PIII in the form of the VIA Apollo Pro 266 mobo. Marketing nonsense or a sensible move? I don't want to spoil it, so just click here if this caught your attention. HardOCP's done a cooler roundup. They slapped a bunch of heatsinks on the new SOYO board (the K7VTA Pro) and periodically checked the temperature. Want to know which one did best? Combatants included kit from Alpha, Global Win, Vantec, and Taisol. Tech-Report came over all interrogative and fired off a bunch of questions to Tim Sweeny, the lead programmer at Epic about the P4 architecture and how it fits in to the world as it is. You can read the Q&A session here, and their review of the P4 itself here. Amdmb.com has posted the pictures of the recently spotted Tyan Dual Athlon motherboard. For those as is interested, you can find 'em here. If you got an email that said this: Matt killed my voodoo 3! AHHHHHH! After kicking it around my desk for a few days I felt that old urge coming up from deep within. You know that one that just says BUURRRRRRNNNN ...you'd probably want to know what it was all about. I'll pass on that curiosity. Click here to find out what the Hardware OC boys are on about. The boys at Tweaktown have braved the hot weather to bring you this review of the Gigabyte 60XE i815EP motherboard. We should all tip our hat to them for risking sunstroke in the name of silicon based shit. ® We at El Reg know that some of you like your hardware so much that even a roundup isn't enough. Specially for you, we recommend you browse our Hardware Archives.
The head of the SDMI - the music and IT industries' joint attempt to create a secure digital music distribution platform - has quit. Leonardo Chiariglione is off to run the multimedia division of Telecom Italia's research centre, Telecom Italia Lab. He will be leaving the Secure Digital Music Initiative in a few months, the organisation said. You can see why he's off - he probably wants a quieter life. As one of the brains behind the original MPEG-1 standard, Chiariglione was hired not only for his expertise but his independence from the vested interests behind the SDMI. The organisation was formed to seek an alternative to the MP3 music format, at least as far as the latter's lack of copyright protection technology went. MP3 is, of course, part of the MPEG-1 spec. Chiariglione helped define. Indeed, he remains head of the Motion Picture Experts Group after which the compression technology was named. However, after an initial specification for portable digital music players, the SDMI has almost nothing to show for its efforts but broken deadlines. And it hasn't been free from controversy. Last year, it unveiled a series of watermark technologies it hoped would form the basis for its proposed copyright protection mechanism. It brashly offered $10,000 to anyone who could break them in the hope that no one could. Unfortunately, when they did, the SDMI made rather a fool of itself by blundering around denying the success of the crack on the grounds that while it zapped the watermark, it also had an audible impact on the music so encoded. The Princeton University team behind the crack, led by Professor Edward Felten. Since then Prof. Felten has gone back on a pledge to reveal how the team did it because of a potential infringement of the Digital Millennium Copyright Act. The DCMA makes illegal any attempt to crack a copyright protection mechanism, and Felten's lawyers have advised him to keep quiet about it. The only reason they would say that is if the guy has been threatened with the Act if he goes public. And who's most likely to make that threat? That's right, the SDMI. All this has tarred the SDMI's name somewhat - quite apart from allegations that it was always the music industry's puppet - so it's no wonder that Chiariglione might have had enough. The organisation is apparently meeting this week to discuss work on Phase II of its copyright protection framework roll-out. SDMI members will also discuss finding a replacement for the departing head. ® Related Stories Prof hushes SDMI crack on DMCA terror Hacker research team disputes 'hack SDMI' results Uni team claims SDMI cracked, and 'inherently vulnerable' SDMI hack: the 'golden ears' ride to the rescue SDMI says hack stuff for money
A college student has set up his own online survey to see what punters really think of ISPs. The poll is only up for two weeks so users need to be quick if they want to take part. We haven't got a clue why it's being done or for what purpose (we reckon it's got something to do with a school assignment, or homework, or something) but we thought we'd give it our blessing anyway. When El Reg visited the poll today only 14 other people had visited the site. And one person had voted. Which was unlucky for BTInternet. Even though the ISP from the monster telco only received the one vote (so far) the result was a resounding "below average". No matter. You can check out the poll here. ®
TVT Records, home to Snoop Doggy Dogg and Nine Inch Nails, has dropped its estimated $1.5 million infringement lawsuit against Napster. In an about-turn, the Los Angeles, California-based independent label today lauded Napster as the music industry's messiah. It cited Napster's new online business model, which it is developing with Bertelsmann, as the reason behind the decision to drop the legal action. TVT will allow its copyrighted recordings to be used on the online file sharing service, but financial terms of the settlement were not disclosed. Steve Gottlieb, president of the independent label, will also be an advisor to Napster. TVT, which filed the suit in New York in June, is the second major US record label to back down over infringement claims against Napster. Bertelsmann, parent of BMG Music - one of five labels suing the dotcom, broke ranks with rivals in October and said it would drop its suit once Napster became a fee-based service. At the time it urged others to follow its lead. The two companies are currently banging out a business model that will pay royalties to artists. "I am afraid that copyright owner's resistance to finding workable solutions with Internet music providers may result in consumers, artists and the industry itself ultimately being harmed," said Gottlieb. "The future Napster offers the opportunity to reach music fans in unprecedented and as yet unimagined ways. Word-of-mouth has always been critical to breaking our artists - now we have harnessed the power of the fastest growing 'word-of-net' vehicle in existence. It is high time that the industry embraces a service that the public has so emphatically said they want." Napster has 45 million users. ® Related Stories Napster makes sweet music with Bertelsmann BMG to bring music downloads to Europe Napster on lots of PCs, claims stealth-research firm German police in Napster child porn probe Microsoft preps Napster clone
A glitch in many systems for order fulfilment on the Web has been reported which allows the fraudulent to create their own online prices for goods. The loophole in many ecommerce Web sites was discovered by ebusiness services company Alphakinetic.net during the course of developing ecommerce Web sites for its clients. Alphakinetic founder Sam Chowdhury estimated that between 10 to 20 per cent of sites were vulnerable to the issue, which involves how payment information is passed between a merchant's site and a secure payment gateway. The root cause of the problem is that when an Internet shopper passes through a checkout on a merchant's site, a click on the right mouse button might allow a shopper to edit the contents of the page - including the price of goods paid for. Mark Rowlands, chief technical officer of Alphakinetic, said the problem was not with shopping basket software itself but rather with the lack of checks between a merchant site and a payment site that data had not been altered. He added that the vulnerability was easy to exploit. A story in today's Telegraph identifies a number of smaller Web sites that were vulnerable to the breach. These included Aloud.com, CheapNames.co.uk, and Welsh internet shop Wales Direct. ® External links Security hole threatens UK etailers Alphakinetic's take on the problem Related Stories Travelocity drops customers' pants in public Egghead doubts hackers got the goods
We've been sent the URL of this incredible contraption and just couldn't wait to tell you all about it. Yes, that's right folks, for only $19.99 (plus $4.99 p&p) you can have the "revolutionary new patent-pending device which allows you to listen to all of your computer audio through your home stereo while also maintaining the ability to listen through your computer speakers." Gasp! There's more: "This simple to install "all-in-one" device is a must have for anyone with an MP3 collection who wants to enjoy the full sound of their songs the way they were meant to be heard through a true home stereo." Stop salivating and order one. Now! Or perhaps you're wondering why such a simple bit of kit that you could knock up in your shed in about 10 minutes and would cost you about $2 is being sold for $20. Because it's revolutionary, we tell you! It's incredible that no one has thought of piecing different shaped connectors together with a piece of wire before. That's probably why this is such a good deal. In fact, FXSound flags up its "incredibly low price". And it comes with a one-year warranty! We'd be interested in hearing if you can find any more super-bargain electronic equipment out there. ® Related Link The revolutionary MP3 connector
Irish chip designer, Parthus, is nearly ready to give second generation mobile Internet a boot up the jacksie, with new technology that will dissipate up to 100 times as much power as currently possible. While the big four phone companies have predicted that phones will be on the market by Christmas 2001, Parthus said that battery life problems and overheating handsets could delay mass adoption of Internet devices by at least a year. Brian Long, the chief executive of Parthus, commented: "Current prototypes are only running at 10Kbps. When the data rate is wound up, they use too much power and become too hot." More details were not forthcoming, however, as Parthus refuses to say more until the launch, some time in the next three months. It did hint that any launch would be accompanied by the announcement of a customer for the chip. The company also announced its first year results, showing £22 million revenues -a rise of 68 per cent according to the company figures. ®
Well, it was bound to happen. Something becomes popular. Then it becomes fashionable. And then the people who have more money than you feel the need to rub it in everyone else's face. Hence the arrival of jewel-encrusted mobile phones from London jeweller De Grisogono. The jewellers will take a top-of-the-range phone and then set whatever jewels you fancy in whatever pattern you like (zodiac signs are particularly popular apparently). The most expensive so far has cost £62,000. Which is a really good idea. Unsurprisingly, "celebrities", actresses, models and the like have been "queuing up for them". I gotta have one! ®
Ramen, the Red Hat Linux-based Internet worm, has spread into the wild and defaced the Web sites of several different organisation, including a National Aeronautics and Space Administration (Nasa) lab. Russian anti-virus expert Kaspersky Labs said that Ramen is the first malicious code for Linux to be detected in the wild. Web sites run by Nasa, Texas A&M University, and Taiwan-based computer hardware maker Supermicro have fallen victim to the worm, causing their sites to become sprayed with electronic graffiti. On each Web server Ramen infects, the main page is replaced with the message: "Hackers looooooooooooove noodles," signed by the "RameN Crew." The worm's defacement of the site of Nasa's Jet Propulsion Laboratory is mirrored on attrition and can be seen here. Susan Reichley, a spokeswoman at the Jet Propulsion Laboratory, told The Register that the site had been broken into, but stressed that the problem was fixed in the same day. She said she was unable to answer other questions on the matter for security reasons. As previously reported, Ramen is a combination of pre-existing scripts which has the ability to spread via the Internet. It penetrates systems running Red Hat Linux versions 6.2 and 7.0. In order to gain access to a computer, the worm exploits three known security loopholes in these particular operating systems. These breaches enable Ramen to take over the root access rights and thereafter execute code on target systems. These security holes were discovered more than a year ago and Red Hat issued patches. Affected sites had failed to apply the patches - leaving them vulnerable. Information on the patches is available here. Denis Zenkin, a spokesperson for Kaspersky, said: "The fact that Ramen penetrated into several respected organisations, including Nasa, shows that even the most professional network engineers don't pay enough attention to timely installation of security patches in order to protect their systems. This worries us most, as neglecting basic enterprise security rules can stimulate hackers to develop malicious code for Linux." Jack Clark, of Network Associates, agreed with this advice but downplayed the overall serious of the worm; his anti-virus firm had received few calls about Ramen infections, he said. During the eight years or so since Linux was first developed, only around 50 malicious programs affecting the operating system have been discovered, and, until Ramen, none of them spread to damage users' systems. ®
Satellite television behemoth DirecTV struck a decisive blow against signal pirates Sunday night, when it transmitted a carefully-crafted electronic signal from its orbiting satellites and destroyed thousands of hacked smart cards, which for the last four years allowed pirates to gain free access to hundreds of channels of programming. According to sources in the satellite TV underground, the vast majority of illicitly reprogrammed DirecTV access cards, which once had a street value of several hundred dollars each, were wiped out on what hackers are calling "Black Sunday." "It turned all these cards into ice scrapers," says a California pirate. A spokesman for California-based DirecTV says company policy prevents him from confirming a specific cyber-strike. "But I will tell you that we do, from time to time, use electronic countermeasures," says spokesman Robert Mercer. "Obviously, we want only authorized people to receive our service." DirecTV has been grist for pirates almost since inception, primarily due to well-funded research efforts in Canada, where the company is not licensed to provide service, and selling hacked access cards and equipment is not a crime. "It's certainly a problem," says Mercer. "But we have an Office of Signal Integrity, a group of former FBI agents, dedicated to this issue." The company reportedly acquired the ability to launch the electronic countermeasure (ECM) against pirates in November of last year, but held off on using it until Sunday. The massive counter-hack comes amid negotiations between DirecTV's parent company, General Motors, and media mogul Rupert Murdoch, who's considered acquiring DirecTV for an estimated $40 billion. Logic Bomb DirecTV controls access to their signal through smart cards shipped with every system. Each plastic card resembles a credit card, but is in fact a completely self contained microcomputer with its own embedded software and memory. In normal operation, a subscriber inserts the card into a slot in the DirectTV receiver, and a satellite signal from the company tells the receiver which channels, if any, the subscriber is allowed to watch, based on the unique identification number coded into each card. Sunday's ECM was aimed at hacked 'H' series smart cards. The H cards were shipped with receivers sold from late 1996 to early 1999, and later became valuable commodities among TV pirates as the technology to hack them plummeted in price, and the techniques became publicly known online. Card programming devices were sold through Canadian dealers, and hacker-authored software for the H card that allowed complete access to all programming -- including movie channels, sports and pay-per-view events -- was easily found on the Internet. By most estimates, thousands of hacked H cards are circulating in the US alone. They all became useless Sunday night, when DirecTV detonated a devilishly clever logic bomb the company planted in the access cards last year. According to sources in the TV piracy underground, the counter strike was the capstone to four years of electronic warfare over the H card. DirecTV's system gives them the ability to reprogram smart cards remotely, through the set top receivers. In the 90's, the company used that capability in their initial response to the proliferation of hacked cards by broadcasting a search-and-destroy program to all the H cards that would look for hacked code, and damage the software in any cards that had it. To counter that technique, hackers developed a method of making the cards "read only" after hacking them, so that DirecTV could no longer put their search-and-destroy programs onto the cards. But DirecTV reacted to that wrinkle over a year ago, by taking advantage of their ability to remotely reprogram the set top satellite receivers, as well as the cards. The company sent a few specific bytes of data to all the H cards, while simultaneously reprogramming the satellite receivers to reject cards that didn't reflect the change. This forced hackers to update the cards manually with the new data, or to make the cards writable again. Through the following months, DirecTV continued to add more data using this tactic. By the time they stopped in November, the company had made a total of sixty-three updates to the H cards. By then, the hackers realized that the data was not arbitrarily chosen: DirecTV was actually sending a computer program to the H cards, a few bytes at a time. After analysis, the hackers predicted that the program would make it possible for the company to permanently disable the pirated cards on command. DirecTV finally issued that command on Sunday, and used it to inject an endless loop into a "write once" section of the H cards' memory, which cannot be modified a second time, according to an analysis on one satellite TV hacking site. "Why they didn't do it back in November is a big mystery," says the California pirate. While "Black Sunday" was a devastating blow to pirates, it's not likely to end the electronic arms race between DirecTV and hackers. The company's current generation of smart cards, the so-called 'HU' card, has proven more resistant to tampering than its predecessor, but hacked versions are now turning up on the commercial grey market. Another technique, in which a pirate uses a PC to emulate an access card, was reportedly unaffected by the Sunday blast. Smart cards are used for a variety of applications, including electronic customer identification for wireless GSM phones in Europe, and as new credit card offerings from Visa and American Express. "Smart cards are considered highly tamper resistant," says Don Davis, editor of Card Technology magazine. "There have been incidents where people have been able to attack them and tamper with them, but not very many that have proven to have commercial impact, like the problem DirectTV has had." © 2001 SecurityFocus.com, all rights reserved.
E-grocer Webvan.com has ditched plans to launch in three US markets after losses almost doubled for the fourth quarter. Net losses at the California company were $173.1 million for the period ended December 31 2000, compared with a loss of $89.7 billion for the same quarter the previous year. Sales grew to $84.2 million against $19.8 million a year ago (the previous year's figures included Webvan's acquisition of rival HomeGrocer). The company said today it cut 200 jobs in the quarter, and expects another 150 to be lost in the next five months. It indefinitely postponed plans to launch its online grocery service in Northern New Jersey, Baltimore and Washington DC. According to Webvan, which has outlived many online grocery competitors, it averaged 2,160 orders pay day in the San Francisco area during Q4 - around 800 short of what it needs to break even. Regarding funding, the dotcom now says it needs an extra $80 million to $100 million by the end of this year or start of 2002 to be cash-flow positive next year. It previously said it would need this cash in Q3 2001. Earlier this month Silicon Alley online delivery service Kozmo.com ditched its Houston and San Diego businesses and cut five per cent of staff. ® Related Stories Kozmo dumps Houston and San Diego Streamline.com turns into Thanksgiving turkey Urbanfetch and don't carry
Stock options for owners - who needs them? Obviously Michael Dell, who trousered a couple of hundred million bucks through the sale of optioned stock at the beginning of January. And now Larry Ellison, Oracle founder and gazillionare is getting in on the act, with plans to sell $150m worth of Oracle shares, bought through a "stock option exercise". Ellison announced the proposed sale through a filing with the Securities and Exchange Commission on January 22. He gave notice that he planned to flog five million shares, worth around $30 each. The stock's estimated date of sale was Monday. It is not known how much he'll will make off the sale. Ellison, who owns a quarter of the California-based company, has already sold more than 331,000 shares this month, valued at around $10.6 million. Last June he opted to be granted options for 20 million shares in lieu of salary and bonuses over the next few years. Drew Cullen writes The compensation committees that agree stock option deals on this scale with owner/operators are doing a poor job on behalf of other shareholders. They should be fired. Bill Gates, another multi-billionaire you may have heard off, does not take share options. Why? Because he is an owner. Stock options, as capitalist hero Warren Buffet argues so succinctly, are compensation for employees - no more, no less. But when you heare the names "Ellison" and "Dell", do you think "wage slave". Of course not, they are owners in part (or in lot) of their respective companies - not in the wishy-washy "we reserve 10 per cent of the company's share capital for staff who we love and respect deeply". No, Ellison and Dell are owners in the sense of owning huge amounts of stock and holding huge amounts of power in the companies that they founded and still run. Capital appreciation from their shareholdings and a salary commensurate with the job they do should be reward enough. And please don't tell me that they need the incentive to do their jobs. Ego simply does not work like this. ® Related Stories Oracle hires former Clinton spin doctor Ellison not dead and not leaving Oracle Ellison richer than Gates? Ellison: The ego has landed Ellison laughing all the way to the bank Oracle boss no cheat, jury rules
A bunch of angry New Yorkers are plotting a protest to air grievances against Verizon and its notoriously poor DSL service. The city's ISPs, lawyers, consultants and new media luvvies will congregate next month to try and push the phone company into improving its service. At the meeting entitled: "Infrastructure Held Hostage: Fixing New York's DSL problems and how you can help", they also plan to draw up a "Broadband Bill of Rights". Anyone who feels that either they or their business have been "unfairly harmed in the process of getting DSL" is invited to attend. "The anecdotal evidence is overwhelming - broadband delivery has lagged well behind the tremendous demand," the organisers state. They claim that there is general agreement that Verizon/Bell Atlantic "has been less than cooperative" in providing competitive DSL providers and ISPs "timely, accurate, and complete access to these facilities". "Verizon/Bell Atlantic has frequently missed install appointments, erroneously disqualified locations and inadvertently disabled working circuits," the Website states. It also alleges that all this has had a negative impact on the Big Apple's economic growth. This is not the first time New Yorkers have taken their collective anger out on the Verizon. In October the telecoms monster agreed to fork out $1.75 million to end an inquiry into customers mysteriously getting switched to its long distance service in the city. Meanwhile, Verizon faces a suit in Washington filed by Cohen, Milstein, Hausfeld & Toll on behalf of anyone stuck with the company's DSL service. Details of the New York meeting, taking place on February 5, can be found here. ® Related Stories Verizon sued for crap DSL service Long distance compensation get me Verizon on the phone US DSL market slows Verizon slashes DSL tariffs Flashcom trades DSL customers like chattels