2nd > May > 2001 Archive

DVD decoding-as-speech fails to impress court

The Digital Millennium Copyright Act (DMCA) is "a kind of digital straight-jacket" violating the rights of individuals to make fair use of copyrighted materials, Stanford University Law School Dean Kathleen Sullivan argued to the Second Circuit US Court of Appeals in Manhattan Tuesday. Sullivan was arguing on behalf of Eric Corely aka Emmanuel Goldstein, publisher of hacker zine 2600, who was barred by a lower court from posting or linking to a utility called DeCSS which descrambles DVD content. US District Judge Lewis Kaplan ruled last August that distributing DeCSS by any means, which he meant to include publishing links to other Web sites where it might be found, was illegal under the DMCA. Lawyer Sullivan compared the ban with preventing someone from posting the blueprint of a photocopy machine, because it, like the DeCSS utility, might be used to infringe copyrights. According to wire reports, the court showed little indication of being persuaded by Sullivan's appeal to free speech, and even questioned that program code contains any 'expressive content'. However, Judge Alvin Thompson may have indicated a belief that prohibiting hyperlinks is an excessive burden on First Amendment rights when he asked if Sullivan would accept a 'modification' of Judge Kaplan's injunction. The court agreed to accept supplemental briefs from both sides, due by 10 May, which it will entertain before ruling. ® Related Stories Public interest cited in DVD descrambler appeal DoJ sticks its nose in 2600.com DeCSS appeal Hollywood 1: Hackers 0 Mythology dominates MPAA strategy in DVD trial MPAA's Valenti testifies in 2600 suit, claims to know nothing
Thomas C Greene, 02 May 2001

Ingram Micro toughs out downturn

IT distribution is a stressful business at the best of times. In bad times, it's a pretty horrible place to be, with reseller customers going titsup all over the place, inventory going off more quickly than pears, suppliers squeezing co-operative marketing funds, the constant grind to shave operating expenses. And what for? A measly seven or eight per cent gross margin, if you're lucky, or niche. And more like three or four per cent, if you're big. But someone's got to do it. And Ingram Micro, the world's biggest distie, does it better than most. The company's sales and profits fell in Q1, but it reckons its done a pretty good job, considering soft market conditions, especially in the US. Net sales were $7.2bn (Q1 200O: $7.8bn) and operating income was $70.5m. This is the same as Q1 last year , buy Ingram notes the profit margin is better by "eight basis points". This kind of calculation matters when you're dealing with such razor-thin margins. Ingram reports that its gross margin wass 5.34 per cent of sales, up from 4.7 per cent in Q1 last year. Net income was $26.4m, seven per cent up on $24.7 million in Q1, 2000 Oone you take away last year's gains from the sale of shares). Group sales were down 8 per cent, with sales tumbling 15 per cent in the US ($3.92 bn), and sales up one per cent in Europe ($2.05bn - but 15 per cent up in local currencies) and five pre cent for the rest of the world ($1.22bn). In its statement accompanying its results, Ingram stresses again and again its financial disciplines - operating expenses down, inventory turnaround up, debt reduced by $120m etc. The distie also says that it has the lowest debt-to-capitalisation ratio in the industry. In other words, it's fighting fit, while others flounder. Disties with weak balance sheets tend to go bust, or get sold for peanuts in a downturn, as they have no margin (literally) for error. Ingram has seen off the competition time and time again. Worldwide, only Tech Data is a credible rival. And it is inevitable that these two will pick up market share this year. Their big struggle will be if and when the major logistics companies decide to take IT product distribution seriously. Broadline distribution is logistics plus finance, a bit of tech advice, and sometimes, some new product or technology promotion. Decouple the sales and tech push from the logistics, and the likes of UPS could outgun the tech-only players. Even the huge ones. ® Hop over to Channel Flannel, our new section for resellers.
Drew Cullen, 02 May 2001

BT gets £4.8 billion for telecoms stakes

BT announced this morning that it is to get £4.8 billion for its shares in Japan Telecom, J-Phone and Airtel. The sale to Vodafone will make more money than expected and help take a chunk out of BT's £30 billion debt. The shares in Japan Telecom and J-Phone (its wireless arm) will go for £3.7 billion and the Airtel shares for the remaining £1.1 billion. BT CEO Sir Peter Bonfield said: "This deal gives us fantastic returns. In Japan [we have received] three times our original investment, making a profit of £2 billion in less than five years and Spain five times the original investment in six years. This is a very, very good return for our shareholders." The City agrees and BT shares have jumped 2.3 per cent this morning to 599.50p (at one point hitting 608p). Bonfield refused to talk about the beleaguered company's future strategy however, including the widely anticipated £5 billion to £10 billion rights issue. To pay for the shares, Vodafone has asked the markets for £3 billion. This may make it harder for BT to ask for a larger sum in the immediate future. New chairman Sir Christopher Bland took over as chairman yesterday. Sir Bland is due to get £500,000 a year for a three-day week at BT. With share options and perks added in, he could be looking at £4.5 million over three years. Nice work if you can get it. ® Related Story BT to sell Japan Telecom stake to Vodafone
Kieren McCarthy, 02 May 2001

VIA C3 roadmap extended to 1.2GHz+

VIA has updated its processor roadmap to confirm the arrival of the successor to Ezra, itself the follow-up to the current C3 - aka Samuel II. The new chip will take the C3 beyond 1GHz by debuting at 1.2GHz. The early details of Ezra suggested that it would be the chip to take the C3 line to speeds of over 1GHz. Ezra is due to ship next quarter at 850MHz, rising quickly to 950MHz and 1GHz. Ezra will contain 128KB of L1 cache and 64KB of on-die L2 cache. It will be fabbed at 0.13 micron. Its successor will not only offer higher clock speeds, but will ship with 256KB of on-die L2 and support for Intel's SSE instructions. It's scheduled to ship at the end of the year or early 2002. Details of the new part - also known as the C5X - emerged earlier this year. VIA's updated roadmap confirms most of the initial information, but as yet we've seen no mention of the chip's support for AMD's 3D Now! instruction set, which was rumoured to be part of the processor's make-up. ® Related Story VIA confirms March launch for Samuel II
Tony Smith, 02 May 2001

Apple unveils 'iBook 2.0'

Apple launched a new iBook consumer notebook - codenamed P29, incidentally - yesterday, as expected. The machine's spec. closely matches the rumoured details, but interestingly it won't ship with a metal enclosure like its high-end sibling, the Titanium PowerBook G4. Instead, it just looks like one - the iBooks' "impact resistant" plastic case is styled and coloured to give it a brushed metal look, but that's as far as it goes. Still, you can see why casual observers might have thought the machine they'd seen was a true junior Titanium G4. Internally, the new iBook contains a 500MHz G3-class PowerPC 750Cxe processor with 256KB on-die L2 cache. Alas, we're not yet getting the anticipated 100MHz system bus - we'll have to put up with 66MHz for a little while yet. The unit's display is a 1024x768 12.1in TFT LCD, driven by an ATI Rage 128 Mobility AGP 2x chipset - no Nvidia at the low-end just yet - with 8MB of video RAM. The unit ships with a base 64MB of RAM (expandable to 640MB), 10GB hard drive, and five-hour battery. The machine ships with either a 24x CD-ROM, DVD-ROM, CD-RW or combo DVD/CD-RW unit, though the latter is only available from the AppleStore. There's a full complement of USB (two of 'em), FireWire (aka IEEE-1394), Ethernet and internal 56Kbps modem ports. There's something Apple calls an AV port, a composite video connector so you can hook the iBook up to a TV - though it "requires optional Apple AV cable" - and a VGA port. Oh, and it's AirPort-ready too. In both senses of the word, since this one's plastic shell isn't likely to cause airport security alerts... IBook 2.0 weighs in at 4.9lbs (2.2kg). The base model costs £1099 (inc. VAT) in the UK. The US price is $1299. ® Related Story Apple iBook famine feeds upgrade rumours
Tony Smith, 02 May 2001

Linuxcare, TurboLinux decide to hang separately

Linuxcare and TurboLinux look ripe candidates for acquisition after a planned merger between the two companies collapsed on Monday. Both CEOs warned that further job losses were now likely. The two had planned to join forces in what looked like an ideal consolidation in January: Linuxcare is primarily a support company, and TurboLinux a distro. Linuxgram continued its excellent coverage of the Valley's angstiest Linux saga by cornering CEOs Paul Thomas and Art Tyde. The TurboLinux boss blamed the economic downturn, and said that TurboLinux (which is nigh invisible outside the US and Asia), would major on being a systems management business. "It won't just be an operating systems company," he said. Linuxcare cancelled its IPO a year ago, and bumps along with around a third of the staff it employed then. Tyde told Linuxgram further deep cuts could be expected. Today ousted co-founder, Dave Sifry, had the ignomy of being called 'Dave Sifty' in CNet and ZDNet accounts of the bust-up. Now that's adding insult to injury... ® Related Link Linuxgram report Related Stories Turbolinux looks to buy LinuxCare Jobs blow hits Linuxcare as IPO put on hold
Andrew Orlowski, 02 May 2001

Fulham FC wins cybersquatting case

UpdatedUpdated First division and soon-to-be Premiership football club Fulham has won a WIPO case over the domain name www.fulhamfc.com. The domain was owned by a company called Belize Domain Services, based unsurprisingly on tax-haven Belize. It registered the domain in May 1998 and said it intended to make the site a "fun club". It hasn't actually done anything with the site however and the single judge unsurprisingly exclaimed "bad faith!" and ruled for Fulham FC. Fulham had gone for the "common law and registered rights" defence for the words "Fulham FC" and the judge agreed. Football clubs (and associations) are getting increasingly forceful with their trademarks on the Internet. Recently, Bayern Munchen, Juventus and the UK Football Association have all won WIPO decisions. Fulham football club is owned by notorious businessman Mohammed Al-Fayed who owns the Harrods store in London and is renowned for being refused a British passport on several occasions and having a son, Dodi, that died in a car crash along with Diana, the Princess of Wales in Paris in 1997. He won a case last year over www.dodialfayed.com. Mr Al-Fayed had trademarked his son's name two years after his death and the WIPO judge ruled that the US owner has no legitimate interest in the domain. ® Related Links FulhamFC.com WIPO case DodiAlFayed.com WIPO case FC Bayern.com WIPO case Juvestore.com WIPO case
Kieren McCarthy, 02 May 2001

Connectix previews virtual Windows, Linux even OS/2 tech.

Emulation specialist Connectix - the company that ran into so much trouble by daring to allow Mac and PC users to run PlayStation games - has released a preview version of its upcoming Virtual PC for Windows software. An x86 emulator for an x86 platform? No, it didn't seem to make much sense to us either. Virtual PC began life some years back on the Mac to allow users to run Windows apps. It's essentially a virtual machine that fools x86 apps and operating systems into thinking they're running on a native CPU. But if you are running on an x86 processor, what's the point? According to Connectix, it's all because you want to run multiple operating systems simultaneously without having to reboot from one to another. Virtual PC lets you run an extra x86 OS, which thinks it's running on a PC all of its own; Connectix's code simply relays all the relevant hardware calls directly or via Windows. "Virtual PC simulates in software an array of hardware devices, including the interrupt controller, DMA controller, IDE/ATA controller, non-volatile RAM, real-time clock, PCI and ISA buses, I/O controller, keyboard controller, memory controller, programmable timers and power management hardware," Connectix says. "Some devices are partially implemented in software, but rely on one or more real hardware components - the keyboard, mouse, video controller, floppy, game port and joystick, Ethernet controller, sound hardware, CD-ROM drive, hard drive, and serial and parallel ports." Users can install Windows 3.x, Windows 95, Windows 98, Windows Millennium Edition, Windows NT, Windows 2000, MS-DOS, Red Hat Linux, TurboLinux, Free BSD, OS/2 Warp, Novell NetWare or others, the developer promises. All this without repartitioning hard drives. Virtual PC for Windows is set to ship mid-June for around $199. The first preview release will expire on 1 July. Connectix says you can run it on a 266MHz box, but recommends a 500MHz processor. Virtual PC is a quick emulator, but it's still something of a CPU hog, so the more the better. The same goes with RAM, though the specific requirements depend on which 'guest' operating system(s) you're going to run. ® Related Links Connectix's Virtual PC Whitepaper can be found here You can download the Virtual PC technology preview here Related Stories: Sony vs Connectix Sony buys PlayStation emulator Supreme Court refuses to rule on Sony vs Connectix Sony back on Connectix's case Sony hits PlayStation emulator developer with patent suit PlayStation emulator creator defeats Sony - almost Sony wins second victory against PlayStation emulator PlayStation emulator wins first round against Sony Sony to sue Connectix over PlayStation emulator
Tony Smith, 02 May 2001

Is Microsoft's WMP8 merely viral marketing?

We're beginning to wonder if Microsoft's strategy for its Windows Media Player 8 beta is a canny piece of viral marketing, and no more. What's certain is that in making a standalone Media Player contraband, Microsoft has gained far more publicity for WMP8 than it would have if it had pursued its usual beta download strategy. WMP8 now has the thrilling allure of being 'illegal' software... Wind0ws M3di4 P14y0r is k3w1 w4r3z! Our cynicism is prompted by a couple of facts. Despite overnight reports that Microsoft had issued writs on Monday against sites hosting the standalone beta, most of the download sites seem to be hosting the software as before. And secondly, a clutch of reports from Reg readers report no more than trivial problems getting the "XP-only" player to work with existing versions of Windows. "Any version of Media Player above 6.4 can download and use t[WMP8] codecs, and hence can be used to view content designed for wmp7 or 8. This can prove useful, as when you want to quickly view media files, 6.4 loads much quicker than either 7 or 8." notes one correspondent. "The main point is that the wmp8 technologies - the encoders and decoders, and such, *do* work under previous OSes, and even under previous versions of wmp," he concludes. Reports that the standalone beta breaks file associations (particularly for wave files) are common, but this is not too surprising - the tug of war that WMP, and Real Player engage in for ownership of these is one of the more annoying features of using a PC. (Interestingly, WMP7 for the Mac is impeccably well behaved in this respect). So let's recap the sequence of events. First Microsoft lets slip that "certain features" of WMP8 will only be available with XP. It doesn't actually say it's tying WMP8 to XP, but it gets construed as tying, and anti-Microsoft lobby group ProComp steams in, describing it as a replay of the browser wars. Canny developers then extract the beta player and it becomes the hot download of the week. There's a report of legal threats that have yet to materialise. Result: a publicity windfall, and not many dead. It's one of these shaggy stories that's we're beginning to think never actually happened at all. Pinch us, somebody. ® Related Stories Standalone Windows Media Player 8 hits the web ProComp fires duds in MS Media Player broadside
Andrew Orlowski, 02 May 2001

Codebreaker II A helping hand…

Ok, you've convinced us. We're going to give you a helping hand with our fiendish Codebreaker II competition. Let's face it, you need it, if Jeffrey Kane is anything to go by: I feel that I am very close to breaking the code... I've been using a rather unorthodox methodology. You see, I've replicated the code verbatim on a wall in my living room, and have been using the process of random selection to figure out what letter comes when. I've been doing this by swinging my cat by the tail until he's good and wound up, then tossing him at the wall. Whatever letter he hits is then the next letter in the sequence. Of course if he hits a letter he's already hit, I have to toss him again. He's doing very well, but he's started exhibiting the funniest habit of walking sideways instead of forwards and he won't stop licking himself. Anyway... cheers. Happily, several readers have been applying rather more scientific methods. A quick round-up might prove illuminating. Jeremy Ardley writes: I've analysed the data and figure it is a digraphic encryption of some sort. I am pretty sure I have eliminated playfair and variants as possibilites, so it must be some unknown method of combining two letters to produce two other letters. I've developed 'coarse' and 'fine' kasiski analysis software to extract a key length and have got a useful set of stats out of it. The 'fine kasiski' approach looks at letter repeats over different intervals and finds weighted peaks in the distribution. Peaks at particular intervals (and multiples thereof) give a strong indication of key-length. There is distinct structure visible using this approach, and I guess it is only a matter of time to fix the key length and apply stat analysis at key-length intervals to try and break it. And what about Pierre Vandevenne?: It's hard to say how close the solution is but... there is an anomaly in the cipher, the letters of the second half of the alphabet make roughly 52% of the total (48% for the letters of the first half). This is the exact opposite of how a plain text should split and therefore suggestive of a Porta algorithm, or a variant. Two ways to attack this, probable words (but what is a probable word) and their inverse patterns matches or the heavy handed dictionnary+trigraph attack... Last up we have Freek Brysse, whose hard work may help eliminate a few possible red herrings: I haven't found a solution yet. My final attempt is based on the assumption that we're dealing with a substitution cipher, probably polyalphabetic; I'm implementing an algorithm to brute-force frequency-match it. If it's not, well,.. Here's my analysis up until now. Analysis of The Register's crypto II challenge. 1. MonoAlpabetic substitution & simple transposition These are the frequency count statistics of the ciphertext message Total letter count = 586 Letter use frequencies: E: 28 4.7% I: 28 4.7% N: 28 4.7% O: 28 4.7% T: 28 4.7% A: 27 4.6% S: 27 4.6% L: 25 4.2% R: 25 4.2% D: 23 3.9% U: 23 3.9% C: 22 3.7% H: 22 3.7% M: 22 3.7% F: 21 3.5% G: 21 3.5% P: 21 3.5% Y: 21 3.5% B: 20 3.4% K: 20 3.4% V: 20 3.4% J: 19 3.2% W: 19 3.2% Q: 18 3.0% X: 17 2.9% Z: 13 2.2% This pattern does not match at all the pattern of English, as demonstrated below: [count based on Project Gutenberg Etext of Allan Quatermain, by H. Rider Haggard] Total letter count = 460432 E: 56265 12.2% T: 42259 9.1% A: 38746 8.4% O: 34910 7.5% N: 31232 6.7% I: 30014 6.5% H: 29759 6.4% S: 28091 6.1% R: 25741 5.5% D: 20824 4.5% L: 18752 4.0% U: 13395 2.9% W: 12257 2.6% F: 10857 2.3% M: 10738 2.3% G: 9965 2.1% C: 9963 2.1% Y: 8185 1.7% P: 7525 1.6% B: 6515 1.4% V: 4334 0.9% K: 3757 0.8% ': 2376 0.5% -: 1746 0.3% X: 728 0.1% Z: 565 0.1% Q: 541 0.1% J: 392 0.0% This will rule out any simple transposition cipher, as a transposition will not alter the frequency of occurrence of a character, only its position. However, note the fairly similar high-to-low frequency sequence of the alphabet.... Cipher EINOTASLRDUCHMFGPYBKV JWQXZ [High to Low] English ETAONIHSRDLUWFMGCYPBV KXZQJ The frequency count may be very distorted and off, but my gut feeling tells me that something is going on. If we regroup this alphabet a bit based on the equi-frequency counts Cipher EINOTA SLRDUC HMFG PYBKV JWQXZ [High to Low] English ETAONI HSRDLU WFMG CYPBV KXZQJ The high frequency cipher letter groups map almost directly onto the same letters in plain English. This is odd, and I don't quite get it; apparently there is a process going on that will flatten the frequency count, but not in such a way that it will significantly alter the order of the alphabet, I feel that this presents an angle of attack I can't quite see yet; Also, the grouping is around 4-6 characters. Does this represent a polyalphabetic system with a period around 5? I'll delve into that later... 2. Is ElReg sending us off on a wild goose chase? The folks of ElReg are very capable of sending their readers off on a wild goose chase; so let's see if they are taking the piss? Friedman has developed a set of tables to figure out if you're dealing with random text or something which is actually valid. In the cipher text we count the following: Digrams: occurring 2x: 117 3x: 28 4x: 5 5x: 1 Friedman expects for a message of 600 characters (our's is 586) the counts 110, 32.3, 7.11 and 1.25; on average.... I could bother with figuring out the standard deviation, etc etc to see if this matches; but it looks pretty much on track. Trigrams: occurring 2x: 7 Friedman expects 9.81 for 600 characters and 6.85 for 500 characters; that looks about right too. So, I'd argue that ElReg is doing a proper crypto contest. 3. Polyalphabetic cipher. LANAKI observes that solving poly-alpha ciphers boils down to figuring out the period (let's call it P) of the repeating key, and subsequently breaking up the message into P messages; each which can be broken as a monoalphabetic cipher. Let's see if that's going to work. [Am still working on that approach... still need to implement (in Java) Jakobsen's Fast Polyalpha-cracker] Jakobsen, A Fast Method for Cryptanalysis of Substitution Ciphers from www.mat.dtu.dk/persons/Jakobsen_Thomas/pub. 4. Computer automated analysis - Vigenere & Variant and Beaufort cipher Using Mizra's VigSolve Index of Coincidence and Periodic Key Find 586 Characters read, 586 Alphas Len Index Vigenere Var. Beaufort Beaufort --- ------ c = p+k c = p-k c = k-p p = c-k p = c+k p = k-c k = c-p k = p-c k = p+c 2 0.038524 .. .. .. 3 0.038815 ... ... ... 4 0.038309 .... .... .... 5 0.037273 ..... ..... ..... 6 0.038476 ...... ...... ...... 7 0.035978 ....... ....... ....... 8 0.039101 ........ ........ ........ 9 0.039107 ......... ......... ......... 10 0.037692 .......... .......... .......... 11 0.038105 ........... ........... ........... 12 0.038537 ............ ............ ............ 13 0.037796 .x........... .d........... ............. 14 0.036154 .......o...... .......m...... .............. This yields nothing really, also note the low index of coincidence. [English has 1.73; that's way off] - Playfair cipher cracker. Using Gunnar Andersson's implementation of the shotgun hill-climbing algorithm, no result was found after 87 minutes of computation on a 700Mhz P3. [results are normally yielded within seconds to minutes. OK, that's the state of play. Well, not quite. We had a few emails that convinced us that several people were on the right track, albeit stumbling along it with a white stick. This might help you find your way: I-IV-V 23-6-12 (B) R-E-G But then, you'll need these as well: S = A H = B O = C W = D U = E T = F N = I Y = J Right, see how you get on with that little lot. Be warned that even if you understand how to impliment the above, that doesn't mean you're home and dry. Have a look at our original Codebreaker competition. And, just as an added bonus, here's an additional piece of encrypted text for your perusal: CQBMQ NYDXL XIWKP HOVOL HXBPZ UHJLQ MUZRG WFZID DXWTL ZOQAT FILBL SJMYA DKVEF UTJZF KFXHH TRTRD PMJVF KFASV ZAXYP DAOYE KPWVW KKXKH YTFYM QCNZM WRLPN IVAHN ZMAKY WHSIT DCDDS UMCQR IKIMT BHPKB ICDCX JDMCO XTOLR PMDJD OWRRC NKBUB XREQG NPSNH YGLAS CHDJR HNWTU LBVBO ITBYN ZLGKS YDOZR IKYOW ZWZJU HGZND VRCLC PQHBG PZJMN NVKYN HHSPI DSFQP LUQVQ LEPDA JKYGN ZJUHD MYUWV LBPXP ODEWL HDFWZ RPLMI OSVNE ICKKS KVVKQ AAEUS FAKDT YTQGH GLWHG ANBLD YNFVV SZQUI AMZEV GJEBY QBUCM HRHAG SAKKD ZNYKJ ODILJ MSKUN UFCLZ QXVZH MZQHI ZYTCA MHQRA WXFVQ JLNKS AZGIB FSNLB KFNKX KMDUN DNWVK EVKHR WYGJS WTLLR OYFKE OZHER YMTFG ZMCYV PSLYX UFCPJ VWAQA YPNTU JSMDL WSNPN UPGVW JYBZO PMUYY EMTWO OYJSP DFZNP DFCKV AUSBK JK Carry on. We've given you an extra three weeks, so we'll be expecting some results soon. You can find the competition here. The closing date is now 5.00pm BST on Friday, 25th May. Codebreaker II updates All quiet on the Western front Oh dear, oh dear... The original Codebreaker competition: Boffin brainteaser book bonanza Codebreaker conundrum confounds crypto-cretins Codebreaker crybabies call for clues Codebreakers concours crypto climax Four triumph in Codebreaker comp Codebreaker crypto correspondence
Lester Haines, 02 May 2001

Microsoft tells US Air Force to bug off

Microsoft's security patch for Outlook, which is designed to protect users from the effects of another Love Bug-style virus, has come under fire from no less a body than the US Air Force. In a paper to be presented at a security workshop in June, an assistant professor of computer science at the US Air Force Academy will deliver a devastating critique of Microsoft's approach to security in general and Outlook in particular. Martin Carlisle will tell an audience of security experts that a security patch to Outlook, which is designed to stop viruses spreading via automated messages through requiring user's authorisation via a dialog box, can be easily circumvented. This "Object Model Guard" prompts a user with a dialogue box when an external program tries to access a user's Outlook address book, a trick used by the Love Bug and other similar viruses. Carlisle said this idea has promise but Microsoft's implementation is flawed. "It is possible, with a small amount of code, to create a program that hides and answers the dialog box automatically," said Carlisle. In a paper to be presented at the workshop Carlisle explains how Microsoft dismissed the significance of the potential vulnerability. Its security team argues that to get around the dialog box they would have to get executable code running on a victims machine, and if an attacker could do that getting around the dialog box would be "the least of your worries". This, frankly astonishingly arrogant response, is given short shrift by Carlisle: "The Microsoft Security Team seem to have missed the significance of their own security patch because their view neglects the ability of viruses of this class to replicate." Carlisle and colleague (and co-author) Scott Studer have produced a detailed rebuttal of Microsoft's argument and suggestions of improvement to the dialogue box security, which involve protecting the lowest level of an application. In a statement we find hard to disagree with the researchers state that reinforcing dialogs based security in Windows can only go so far. "Given the current limitations of the Windows operating system, this [improving dialogue box security] turns to be similar to trying to secure a parked car at an airport. You can make it harder to break in but you can never make you car totally secure." The researchers said that Microsoft should consider modifying its operating system in order to verify that messages received come from users rather than other programs. Carlisle and Studer also cover a variety of other ideas for dealing with Love Bug-style viruses (such as blocking Visual Basic Scripting) and their paper is well worth a read. ® External links USAF paper: Reinforcing Dialog-Based Security Related Stories Reports of death of email viruses greatly exaggerated? No more I Love You viruses Rise in viruses within emails outpacing growth of email Users haven't learned any lessons from the Love Bug
John Leyden, 02 May 2001

Yahoo! hires Beavis and Butthead for porn clampdown

Yahoo's much-publicised new clampdown on porn has left Web users laughing due to its Beavis and Butthead approach to filtering. The company has been under heavy pressure to remove and/or limit adult egroups on its servers. Last week it decided to remove adult videos from its e-commerce site and it says it has been working on hiding adult message boards as well as adding filters to cut out unsuitable content. However a group of Reg readers gave the filtering system a quick test and were amazed at the results. In the same way that juvenile cartoon characters Beavis and Butthead snigger at dirty-sounding words, Yahoo has decided a blind-leading-the-blind approach is best. Hence you won't find such devastating words like "cucumber" or even "documentation" making their way through the filters, because they include the word "cum". A little over the top, you'd think. But hang on. While cucumbers could theoretically be used in a sexual content, this over-nannying approach seems to have missed out on some genuinely dodgy words. In what context do you think "ramrod", "rimming", "beastiality", "boner" and "blowjob" could be used if not sexual? But none of them will be picked up by Yahoo's filters. We suggest a rethink. ®
Kieren McCarthy, 02 May 2001

BT to vacate corporate HQ

BT is to move out of its cathedral-like offices opposite St Paul's to help reduce overheads and raise cash. The decision to sell and move out of the prestigious BT Centre is in addition to an earlier announcement to sell and leaseback the majority of its property portfolio. The sale of property to the joint venture partnership between Land Securities Trillium and William Pears Group, confirmed last month, will reportedly raise £2 billion towards paying-off BT's £30 billion debt. At this stage it's not known where BT's HQ staff will set up shop once they become homeless. ®
Tim Richardson, 02 May 2001

PC World slow to advertise actual screen sizes

PC World is carrying on with old style misleading monitor advertising until the last possible second. The Advertising Standards Authority (ASA) has ruled it will no longer accept standard industry practice of giving CRT (cathode ray tube) sizes in adverts, without explaining how much of that the user can actually see. All PC adverts placed after 1 May will have to comply with this decision. Today PC World is advertising PIII eMachines and 1GHz Packard Bell Athlon systems with 17-inch monitors. Now PC World may have placed the adverts a week ago (we're waiting to hear if that's the case) and so felt it didn't need to comply with the ruling just yet. (You can see 15.9 inches of screen with the 17-inch monitors that come with the Packard Bells by the way.) PC World seems to be the only PC seller still using CRT sizes, without explanations, in national newspaper adverts. The ASA got on the monitor case after complaints were made against Evesham.com, Time Computers and Tiny Computers and the sizes of monitors in their adverts. All three companies said they were just following industry practice. Tiny is already complying with the ASA ruling. Well, its not saying how much of the screen you can see, but in newspaper adverts for a system with a 17 inch CRT monitor it points out in brackets that this is 'Not viewable size'. The ASA was very careful to point out that there would be no get out by burying the screen size explanations in microprint. "Explaining industry practice in small print and footnotes is not prominent enough. It has to say it prominently," said the ASA spokesman at the time. Dell is complying too, and says its been giving viewable screen sizes for three years. Its advertising copy for a 17 inch display says '17in Colour Monitor (15.9"v.i.s, 0.28 dot pitch)'. V.i.s stands for 'viewable in screen' and Dell reckons any consumer could figure out what it means. Hmmmm. Jungle.com is being super conscientious. Though the advertising issue was concerning CRT sizes, it is advertising a Relisys 15.1 inch colour TFT screen today, and is giving its viewable screen size as 15 inches. While we're talking about PC World we should point out its knocked £10 on its super value PC Healthcheck. Its now £29.99 for a PC valet; one-to-one consultation with warranty/memory upgrade/software salesman, sorry, technical expert; full diagnostic and virus check etc. Click here to read what we thought about the service. It seems keen to get machines made by Dell, Tiny and Time on the operating table. ® Related Stories Advertising clampdown on monitor sizes PC World in-store virus check a bit of a scan?
Robert Blincoe, 02 May 2001

How MS might vape invalidated WinXP systems

Microsoft's product activation process doesn't know who you are, and is, says the company, entirely anonymous. So if you try to activate with an invalid product key, or after you've done a little cracking you're using an invalid key, there isn't actually anything Microsoft can do about you - or is there? But it's been pointed out to us that Microsoft has a mechanism for getting you to zero your own key, and that it has used it in the past. We refer you to Microsoft support article Q255503, "OFF2000: Program Quits Immediately After Starting When SR-1/SR-1a Update Is Applied". The symptoms? "When you start one of the Microsoft Office programs listed at the beginning of this article after you apply the Microsoft Office SR-1/SR-1a Update, the program quits immediately after it starts." The cause? "Office was installed by using a CD key that begins with GC6J3." The article further explains: "If the product CD Key begins with GC6J3, the Product Key is not valid in Microsoft Office 2000 SR-1/SR-1a. Contact the reseller of your Office product to obtain a valid product CD key, or purchase a valid Microsoft Office 2000 product." That, plain and simple, is Microsoft telling you that you installed Office 2000 with a product key that has been compromised, and that as part of the service pack update Microsoft has invalidated the key. Microsoft has therefore used product updates at least this once to plant a bomb in installations that may or may not have been warezed. As it happens, our informant's installation was genuine - a review copy of O2K issued by Microsoft itself. Suspicious characters, reviewers, and indubitably any special reviewers' series of product keys would generate a sizable number of 'casually copied' installations using the same key. But zeroing the range also zaps the people who didn't pass the software around, and means they have to go argue the toss with their reseller and Microsoft to get a new key. How would this work with product activation? Because the XP system validates individual keys online, Microsoft shouldn't find it necessary either to assign specific classes of key to specific sales channels, or to zero whole ranges of keys. In that sense it could be implemented so that it was fairer than the O2K bomb, because your stuff would only stop working if you'd been careless with your key, somebody had stolen you key, or you yourself had used a dodgy key you found on the web. Microsoft would still want to keep track of the channels and territories compromised keys went into, if only to confirm what everybody already knows about journalists, students, tech support people... almost everybody, actually. But it wouldn't be necessary, from an invalidation point of view. Next we have to consider who Microsoft would go for, and how hard it would go for them. Both of these would seem to us to be on a sliding scale - if you take the office copy home and run it there, you're possibly licensed as a second installation anyway, but Microsoft isn't likely to dump on you if you've got four copies going at once because the rest of your family is also using the software. The claim published in HardOCP last week that "it is only when a PID is trying to be cleared on several hundred/thousand configurations that Microsoft would even care" isn't plausible, however. One of the areas where Microsoft perceives major revenue loss is small business. Here, there are plenty of companies running, say, 20 installations on a single product key. The "several hundred/thousand" level would miss these people entirely, and would certainly miss all "casual copying." So it seems more probable that even if Microsoft doesn't set the level at 20 or below, it will crank it down towards this once it's sure the system is running properly. And how pervasive will the mechanism be? That's a tough one. Microsoft has specifically stated that there will be no 'phone home,' and that once your product is activated, that's it, the end of the process. But to what extent would that apply if your product was activated with a key which later became compromised? Would Microsoft zero it, as it did with O2K? And if it were prepared to do that, how far beyond major service releases would it go? The automated check for updates system in WinXP certainly provides a ready mechanism for Microsoft to distribute validation updates along with other updates, but how often might it do that? And how often would it have to happen before you'd call it a 'phone home'? Again, if Microsoft intends to use Windows Update as a mechanism for zeroing invalidated licences, it's unlikely to do so extensively at the start. It'll need to test the system out carefully, making sure it doesn't whack great swathes of innocents, and it also isn't going to want to scare people away from Windows Update - it wants them to like this, desperately. But in the long term, there's an inevitable logic to the screws being tightened. It's in the spirit of .NET and the rental model, and regular invalidation of compromised licences is already a stated component of Microsoft's secure digital music model. ® Related links: MS on how you managed to vape O2K WinXP product activation: is MS only kidding?
John Lettice, 02 May 2001

Apple makes OS X ad-compliant

Apple has quietly added the ability to burn CD recordable media to Mac OS X. The feature is part of the 10.0.2 patch which slipped out yesterday. Apple was widely criticised for omitting the capability from the initial OS X release in March - particularly as it meant that Apple could only fulfill two thirds of the promise it makes made in its global ad campaign - 'Rip. Mix. Burn' - in its new OS. It's the second patch to OS X in six weeks and near enough fulfills Steve Jobs' promise to add CD burning by the end of April. Apple also offered an updated iTunes yesterday to take advantage of the capability. The OS X update is a 15MB download, considerably larger than the 3MB 10.0.1 update, and it's not cumulative: the first patch is required by the second. According to a release note, it also boasts "a number of improvements for overall application stability" and a more secure ftp server daemon. And according to some reports, the new patch contains considerable performance improvements over the first. We'd like to think this is true - it doesn't feel any slower - but after only a morning's work it's too early to say. OS X has taken some heat for being sluggish, but on our hardware it's clear that the Finder alone deserves most of the responsibility for this perception. The OS X shell simply isn't very responsive, blocking and queueing user operations so even experienced users can find themselves clicking at menus like proverbial demented monkeys. That probably isn't going to be fixed until the Finder application becomes a truly native Cocoa app. And we don't think that likely to happen before OS X is due to be shipped preloaded on Macs in July. ® Related Link The Register's Mac Channel
Andrew Orlowski, 02 May 2001

Adobe latest to enforce compulsory vacation

Come Independence Day, the hills of Silicon Valley will be particularly alive with holidaying tech workers. Adobe has become the latest employer in the region to give its staff a compulsory week off beginning 1 July. Around 2,000 staff will be affected as part of the cost-cutting measure, which Adobe hopes will save $4m. Sun Microsystems announced the same ploy for its 18,000 US staff last week, while both Compaq and Hewlett Packard are also using mandatory vacation as a way of staving off job cuts. But Adobe is the first large non-manufacturing company to adopt the tactic. "It may even help with the energy situation," an Adobe spokesperson told Associated Press. Quite possibly so, m'dear. Tech staff will be tooling around the peninsular in their huge SUVs, adding to global warming and the speeding up the depletion of fossil fuels, instead. ® Related Story Sun and HP to close
Andrew Orlowski, 02 May 2001

eToy's sarcastic send-off to bankrupt namesake

One of the early Net successes, which has since slipped into bankruptcy - eToys.com - has been given a sarcastic send-off by namesake eToy.com. "The etoy.CREW takes a respectful bow before eToys' corporate grave," says a statement on the eToy site. That is followed by several comments regarding eToys and the nature of Internet businesses by eToy owners. These include: "Burning capital for crazy business plans is a good thing to do and 'bricks-and-mortar' is just not the kick we are looking for", "These guys [eToys] went out to shake things up. Ok, their business plan needs to be scrapped and the way they tried to solve disputes was neither smart nor ethical. But business is hard and Mr Lenk [eToys founder] a young man" and "The Porsche that is parked in your garage is connected to the life you live and the cash you burn to the friends and enemies you have. If YOU don't connect those things yourself eToy will do it for you." The message ends with an offer for Mr Lenk to take a place on eToy's board. eToy.com has had some history with the toy-selling site: in 1999, eToys attempted to sue eToy - a European Internet artists group - for trademark infringement, even though eToy registered its site first. A year after this action was dropped (at the end of 1999), eToy fired back with its own lawsuit, claiming that it was actually eToys that was infringing its trademark. The online toy store - which was listed on Nasdaq and at one point worth $9 billion - went into bankruptcy in February this year, having tried to save itself through heavy job cuts in January. Just recently, US toy company KB said it was buying eToys' inventory for $5.4 million. It's worth about $40 million. ® Related Stories eToys death sentence confirmed eToys sees losses rise in Q3 eToys to shut doors in Europe eToys cuts 60 per cent of staff
Kieren McCarthy, 02 May 2001

Police caused more damage to IT firms than protestors

You may well have heard that the West End of London (where we are based incidentally) was all but shutdown yesterday thanks to a massive over-reaction by the Metropolitan Police towards Mayday protesters. Thousands of anti-capitalist supporters (aka anarchists, spikies, crusties, Uncle Tom Cobbleigh (and regular members of the public concerned about the increasing international power of corporations, the exploitation of workers, third world debt, etc. - ed)) were hemmed in by even more riot police in a bid to prevent widespread damage and disruption to companies. Ironically though it ended being the police that created more of a disturbance. Aside from shutting off huge sections of London, one Reg reader has been in touch to say that his company lost their entire network for the day. How come? Because the company was using 802.11 wireless gear and the huge quantity of police telecoms units brought into the area so officers could plan their strategy overrode the signal. Result? Endless network glitches and a pretty unproductive day. As soon as the police vans moved on, it was back to normal. ® Related Story Mayday! Reg offices under siege...
Kieren McCarthy, 02 May 2001

Chip sales slip 7% in March

Worldwide semiconductor sales slipped seven per cent in March as the industry waited for oversupply to dry up. Chip sales were $14.4 billion for the month, compared to $15.48 billion in February, according to a report from the Semiconductor Industry Association. In March 2000 worldwide sales were $15.07 billion. "Since last November, we have witnessed worldwide semiconductor sales continually decline due to an inventory overhang and macroeconomic factors," stated SIA president, George Scalise. Compared to the previous March, chip sales fell in all geographical areas except Japan. Revenues dropped 10.6 per cent to $4.1 billion in the Americas, 10.4 per cent to $3.4 billion in Asia Pacific, and 0.7 per cent to $3.3 billion in Europe. In Japan sales grew seven per cent to $3.6 billion. The SIA expects semiconductor sales to grow 17 per cent in 2001, around half of last year's figure. "We continue to believe that the industry will complete the inventory correction in the third quarter and the recovery will commence in the fourth quarter," said Scalise. ® Related Stories World chip sales down 7% in February Chip industry faces almost zero growth in 2001 SIA admits 2001 chip growth forecasts won't be met
Linda Harrison, 02 May 2001

IBM extends PowerPC roadmap to 2GHz+

IBM has updated its PowerPC roadmap with plans to take its G3-class processors to 2GHz and beyond - a move that will see the company finally re-seal the breach with PowerPC partner Motorola and incorporate AltiVec technology into its microprocessors. Alas, Big Blue's timeframe for all this is decidedly vague - the company appears to have taken another leaf out of Motorola's book here - but the basic plan calls for a shift up from the current 700MHz peak speed of the PowerPC 750CXe to 1GHz and up, followed by a later shift up to 2GHz and beyond. The initial move centres on the incorporation of some key processor technologies, most of which stem from IBM and Motorola's attempt to re-align their embedded processor development efforts a couple of years back, the 'Book E' initiative. So, the next generation of PowerPCs from IBM will be based on a multi-core architecture designed for symmetrical multiprocessing (SMP). IBM's 32- to 256-bit Crossbar CoreConnect bus will be used to tie these multiple processor cores - all on a single CPU die - together. In addition, these 1GHz+ chips will support the RapidIO bus, which brings to chip-to-chip communication a data throughput of 10Gbps, and, as IBM's roadmap puts it, an "integrated SIMD engine". That has to be a reference to Motorola's AltiVec vector processing system, called Velocity Engine by Apple. Long-time PowerPC watchers will appreciate the irony. AltiVec was the cause of IBM and Motorola's first spat over the direction of PowerPC development. Motorola wanted it, IBM didn't, which is why Big Blue has never developed a version of the PowerPC 74xx family - aka the G4 - of its own. We suspect its attitude changed when it won the contract to develop a PowerPC chip for Nintendo's next-generation Gamecube 3D games console - a perfect application for AltiVec if there ever was one. We speculated at the time that IBM might come nosing around AltiVec, and it looks like we were right. Whatever, IBM's next-generation architecture sounds suspiciously like Motorola's own evolution of the technology, codenamed Apollo and G5. IBM's version is planned to be produced at 0.13-0.10 micron, using low-k dielectric and silicon-on-insulator technology. IBM already uses SOI, and while Motorola doesn't, it is expected to with Apollo. RapidIO, meanwhile, appears to be a replacement for Motorola's 128-bit MaxBus, originally designed for the G4 but never implemented to its fullest degree. MaxBus may simply be Motorola's name for RapidIO, or it may be the basis for the standard, we're not sure - perhaps someone from the chip company would care to put us in the picture. For its part, IBM seems a recent convert - it only joined the RapidIO Trade Association at the end of April. Looking beyond this generation, to the 2GHz+ parts, IBM talks about an "ultrascalar... Enhanced PowerPC Architecture", which extends the multi-core approach to a complex system in which cores operate in parallel on a switched version of CoreConnect and talk to the outside world via a "new high-speed interface". It's a tad pie-in-the-sky, but it doesn't sound all that far off IBM's Cell project, announced recently with Sony and Toshiba. Whether Motorola's own roadmap will move this way isn't known, but given both companies will be starting again from the same base - call it Apollo - they may not diverge too far this time. Some of the blurb associated with the roadmap claims this "Enhanced PowerPC Architecture" is Book E, but the roadmap itself notes that IBM's sub-500MHz PowerPCs were based on Book E architecture, so clearly Book E is something of a moving target. We suspect that Book E is simply a baseline description of a PowerPC processor that, like the chip itself, has evolved as new technologies have emerged. Early Book E parts were 32-bit, for example, but next-generation ones will be 64-bit. Despite that difference, they'll still both be Book E processors - provided they retain backward compatibility. IBM's roadmap covers parts for networking, storage, consumer and server applications. The latter suggests some alignment with Big Blue's server-oriented POWER family of processors, the main stem from which PowerPC originally branched off. ®
Tony Smith, 02 May 2001

Woolworths blocked e-mail during anti-capitalist demos

High Street retailer Woolworths blocked the receipt of external email yesterday amid fears that it might be targeted by virus writers during Mayday anti-capitalist protests. A spokesman for Woolworths confirmed that its system admins decided to block external emails on its Exchange server after protestors congregated near its London headquarters. The restriction, which didn't affect internal emails, was put in place only for the duration of the protest and has since been lifted. "This was a precaution put in place for security purposes because we were concerned about the possibility of viruses being sent to us," he said. "In the event nothing happened but the measures weren't too dramatic and were sensible in the circumstances." The decision by Woolworths to restrict the use of email during a period of heightened risk isn't unprecedented (though Woolworths' spokesman was reluctant to discuss whether it had used the tactic before). During the initial spread of the Anna Kournikova virus last February a number of firms turned off their email servers as a precaution against infection. Bruce Walton, UK managing director of antivirus firm Command, said Woolworths action would make sense if it had reason to believe it might come under attack by "capable" virus authors in order to prevent the spread of anything serious. "If Woolworths had intelligence that it might be targeted in this way than what it did was sensible, otherwise what it did was making something of a leap," said Walton, who added turning off email servers had ecommerce implications. Early yesterday morning 600 bicyclists congregated around London's Marylebone station, where Woolworths is based, and Liverpool Street train station. This slow speed cycling ride to protest environmental concerns passed off peacefully but later May Day demonstrations turned violent as 3,000 anti-capitalist protestors faced off against police. Many shops in London's Oxford Street, the focal point of protests, was closed for the day despite which there was damage to property and around 50 arrests were made. One protestor received serious head injuries. We quiet understand how Woolworths might have become paranoid in the circumstances. A black helicopter circled over Vulture Central all day, creating a hell of a din. When protestors led by people wearing boiler suits and gas masks paraded past our offices the more excitable Reg staffers believed we were under siege from militant Intel bunnypersons. In the circumstances there was only one possible response and we all disappeared down the pub to seek refuge...except the Masons Arms was shut, and the Monk called time at 9pm, because of the demos. ® Related Stories Mayday! Reg offices under siege... Anna Kournikova bug drops harmlessly onto the Net No more I Love You viruses Rise in viruses within emails outpacing growth of email Users haven't learned any lessons from the Love Bug
John Leyden, 02 May 2001

Codebreaker II Cracked it!

Well, it's been quite an afternoon down here at the Vulture Central encryption department. Not two hours after we gave you an apparently much-needed leg up, we got an triumphant e-mail from one Mark Wutka. Mark has every right to be pleased with himself, having successfully cracked the code and supplied the original text. He also outlined several other details - which we will obviously not disclose now - indicating that he was right on the ball. Our hats are off to Mr Wutka, who has won himself a rack of goodies. Respect is also due to Jim Gillogly, who got his solution to us about three hours after Mark. Other potential codebreakers need not despair, however. There's still everything to play for - including, of course, the kudos of your name in lights on the Reg. To recap, we still have eight copies of Sarah Flannery's In Code: A Mathematical Journey. Stick with it! ®
Lester Haines, 02 May 2001

AMD's Sanders denies chip price war

Jerry Sanders today said AMD did not expect a chip price war, despite recent cuts from itself and rival. The AMD CEO said his company's systems were still cheaper than those of chief rival Intel, which recently chopped prices on Pentium 4s. He added that costs for RDRAM, used by the Pentium 4 chip, were higher than for DDR, used by AMD's Athlons, CRN reports. "We're not looking for a price war," Sanders told attendees of Merrill Lynch's Computer Hardware conference in New York. "We don't expect a price war." Sanders said he thought the PC sector was starting to recover, saying that he felt much better about the current quarter than he had two weeks ago. But the chip chief does not expect flash memory sales to pick up this quarter. He expects them to remain flat, at best hitting around $10 million. When asked about any future partnership between AMD and Dell, Sanders was even less optimistic, saying: "Our prospects of ever doing business with Dell are dim," according to BridgeNews. Sanders, who is due to step down as CEO next April, added that he was happy with analysts' expectations for AMD's second quarter results. The company is tipped to earn between 20 cents and 32 cents per share in Q2. ® Related Links BridgeNews article CRN article Related Stories AMD to guerilla becomes virtual gorilla AMD sales up on soft market AMD's Sanders to step down next April
Linda Harrison, 02 May 2001

CNET bathes in red ink

CNET, the world's biggest IT portal, blames "short-term pressure" in the technology marketplace for falling sales, and losses in Q1. On a pro-forma basis, (ie. aggregating ZDNet's sales in Q1 last year with its own to provide a meaningful comparison with Q1 this time around), sales fell to $75.2 million, compared to net revenues of $92.8 million in Q1 2000. This produced an EBITDA loss of $11.7 million compared with an EBITDA profit of $6.7m in Q1 2000. It's not so easy to see how well a company is doing on EBITDA - earnings before interest, tax, depreciation - as this does not tell you how much money the company is making, or losing, or has in the bank. CNET helpfully tells us that its adjusted loss, "excluding goodwill amortization, business integration expenses, realized gains (losses) on investments, and income taxes, was $18.2 million versus pro forma earnings of $2.5 million in Q1, 2000. Now we come to the most meaningful figure - net loss And this is huge - $316.6 million in Q1, against a net loss of $167.5 million in Q1, 2000. A major part of the loss is a non-cash write-off of $113.2m to reflect torpedoed valuations on some of the company's investments. There's also a relatively small charge of $4.7m to cover redundancy payments, post-ZDNET merger. CNET has cut operating costs by 15 per cent, post-merger. But there's probably plenty more savings to be had in consolidating what were two large companies. By sheer size and market position, CNET will be better placed to benefit from the technology market upturn than its rivals. The company punts out 40 million page views a day to a globabl audience estimated at 60 million people a month. It had 1,200 paying customers in Q1, it's got one of the biggest comparison shopping engines, and its customer reach means that plenty of referral deals with merchants. One thing the CNET/ZDNET model has lacked in the past, though, is finesse. Where Internet.com and newcomer TechTarget.com, or closer to home Silicon.com, promise their advertisers much better click-through rates through precision targeting, CZDNET is, or has been, a bit of a blunderbuss. CNET's $23m purchase of Techrepublic.com, a community site for MIS professionals owned briefly by Gartner, in Q1 shows that the company is working up its targeting capabilities too. ®
Drew Cullen, 02 May 2001

How secure is CA's security mailing list?

More than 60,000 subscribers to CA's anti-virus alert email list received a spam message this morning. Is this what media types call "viral marketing"? Or does it mark the failure of CA to implement content filtering software on its own supposedly moderated mailing list? CA is the developer of eTrust which is, it claims, the industry's most comprehensive security portfolio. ® Related stories Computer Associates shows its true colours CA accused of misstating sales
John Leyden, 02 May 2001

The Great VC Squeeze of 2001

Venture Capital investment tumbled 40 per cent in the first quarter of 2001, the biggest sequential drop on record. Venture-backed companies in the US raised $10.1 billion during the first three months of the year, compared with $16.8 billion in Q4 of 2000, according to a survey by PricewaterhouseCoopers and VentureOne. In Q1 last year, venture capital investment was almost $20 billion. The number of financing rounds fell 34 per cent to 692. Start-up companies got stuck with a thinner slice of the pie - they netted around a quarter of the cash, compared to 30 per cent in Q4 2000. The Q1 investment figure marked the fifth consecutive drop in venture capital cash. Virtually all IT sectors were affected during the period, including electronics and computer hardware, and semiconductors, which all saw investment fall by at least 50 per cent. "It's important to put this quarter in perspective," said Dave Witherow, VentureOne CEO. "There was a tremendous influx of capital between Q2 1999 and Q1 2000, and this has been followed by four quarters of decline - but the current level of investment in venture-backed companies is still about twice the amount being invested two years ago, before the Internet funding craze took off." But VCs still have faith in dotcoms - surprising, considering the current death rate (55 more shut their doors in April). Internet companies still account for around 75 per cent of investments, the survey found, but the amount of dollars ploughed into this sector fell 43 per cent sequentially to $7.6 billion in Q1. The only Internet companies that saw investment increase were ISPs - they grabbed $1.1 billion, due to relatively big investments in a small number of companies. ® Related Link VC report Related Stories Therapists to profit from dotcom deaths Dotcom value drops 88% in 2000 New York VC warns of more public dotcom deaths The first Titsups of Spring
Linda Harrison, 02 May 2001

Cyberholics! Go Cold Turkey

Are you addicted to the Internet? The easy way to find out is to throw your computer out of the house for a day or two and see if you suffer withdrawal symptoms. The Net may as addictive as gambling, according to Dr James Fearing, CEO of National Counselling Intervention Services & Executive Health Systems USA, AAP reports. "It is similar to gambling in one sense in that it is more of a psychological addiction," he says. "It is almost like a craving in the brain where people stay on the Internet." Dr Fearing's comments were made on at a conference in Australia on problems in the workplace, and he reckons there are already as many as 11 million Net addicts in the US. "I believe companies are losing millions and millions of dollars because of the impact of the productivity of people," he said. Dr Fearing believes those hooked on the Net display various signs, such as losing their ability to control themselves, or breaking promises to themselves and others. His recommendation? Cold turkey. "If (Internet addicts) do not have to use a computer, we really recommend complete abstinence," he says. "Literally get the computer out of the house or out of the office if you don't need it "If you do need it as far as your day-to-day functioning, we ask that you have the people around you monitor your activities." ® Related Link AAP article Related Stories Shrinks called in to Singapore school Scandinavian treated in clinic for SMS addiction
Linda Harrison, 02 May 2001