6th > August > 2001 Archive

Son of Code Red is born

A new IIS worm similar to the dreaded Code Red worm (which was supposed to break the Internet last week and didn't -- damn) has emerged over the weekend. This one's a little scary. Not a lot, just a little. It's not going to break the Internet. It's not going to cause a run on the banks and crash the stock market. It won't be necessary to stockpile groceries and ammunition or purchase a gas-powered electric generator. It will, however, be a fabulous idea to patch your IIS machine(s) if you haven't already, because sonny-boy installs a command shell (\inetpub\scripts\root.exe) which will enable even the most clueless intruder to Telnet in effortlessly and make your system his own. The new worm also installs virtual roots such that clearing root.exe from \scripts will leave the system still vulnerable, security outfit eEye claims. So what? One of the most under-reported aspects of the Code Red worm was the fact that the IIS Indexing Service ISAPI filter vulnerability, which it exploits to do its dirty work, can yield system-level access to an intruder. While the mainstream press was hopping and hooting about the DDoS potential (probably because it's all they can understand), few bothered to mention that all Code-Red-infected machines are easy pickings for any journeyman cracker using a handy-dandy attack script graciously provided by Japanese computer enthusiast HighSpeed Junkie, which was released more than a week before Code Red made its debut. Now things have in fact got a bit worse. The door gets propped open and milk and cookies laid out so that even a complete imbecile can wander in and play hell with an IIS machine infected by the latest worm. All we need now is something like a Telnet client with Socks support so that even the totally clueless can skate in anonymously. Ooops. Cyberwar with China (yawn) The new IIS worm spawns its propagation threads in a most intriguing fashion. It spawns 300 on systems where the default language is not Chinese; but 600 where the default language is Chinese, thus: bool is_Chinese = (GetSystemDefaultLangID() matches CHINESE) nthreads = is_Chinese ? 600 : 300; sleeptime = is_Chinese ? 2 Days : 1 Day; while ( nthreads-- > 0 ) spawn_thread; Sleep(sleeptime); ExitWindowsEx(EWX_FORCEIFHUNG | EWX_REBOOT | EWX_FORCE, 0 ); It looks like someone wants to cause a bit more trouble in China than elsewhere. Let's have a guess, shall we? Some moronic twit in the USA or Europe has persuaded himself that the 'hacked by Chinese' defacement red herring in the original Code Red was proof that that a Chinese hacker created it, and this is payback. We're reminded of Wired News' little self-fullfilling cyberwar with China. Their Michele Delio announced, on ludicrously shaky evidence, that Chinese hackers were poised to mass-deface US sites over the spy-plane incident. Unfortunately, a heap of American kiddiots actually took her seriously, and began patriotically 'retaliating' against the non-outrage. Naturally, it wouldn't take long for the Chinese kiddiots to begin 'retaliating' in turn, and thus was cyberwar history made -- until an embarrassed Delio denied the entire incident. As you may recall, Code Red The First defaced default Web pages on infected systems where the language was not Chinese, with the ludicrous motto "Hacked by Chinese!" It would seem to us that the author meant to give a heads-up to non-Chinese admins. It's pretty hard to ignore the fact that your Web site is spouting nonsense slogans, after all. As for Chinese-language servers, these would not receive the benefit of this obvious warning, leading us to the inference that the original author meant to cause more trouble in China than elsewhere. Sure, a Chinese worm scripter might be that stupid; but then again not. We'll never know if the original author was a retarded Chinese hacker or a slick Westerner trying to lay the blame elsewhere. But the original worm was well-written, we have to admit, and the likelihood of its author being a retard is reciprocally diminished. ® Related Stories Code Red hysteria - $8.7bn in damage estimated Code Red Tribulation is nigh, Steve Gibson warns Washington mobilises against Code Red resurgence Internet survives Code Red IIS worm made to packet Whitehouse.gov Related Links The relevant MS security bulletin The Win-NT 4.0 patch The Win-2K Pro and Advanced Server patch
Thomas C Greene, 06 Aug 2001

BT offered £18bn for phone network

BT has been offered £18 billion for its fixed line telecoms infrastructure, the Sunday Times reported yesterday. A consortium headed by German investment bank West LB made the offer two months ago. Details of the bid are still sketchy but it's understood that negotiations are still at a very early stage. If successful, BT would hand over the running of it phone network while maintaining control of its customer base. Those in favour of such a split believe it would help foster competition and inject new impetus with the roll-out of broadband services. The monster telco declined to comment on the story this morning except to say it gets approached by companies all the time. Last week, BT ruled out an £8 billion bid for its local loop network - the last mile of copper cable that connects homes and businesses to the phone network - from Earth Lease, a consortium led by international investment bank Babcock and Brown, and US merchant bank, Chancery Lane Capital. By mid morning BT's shares had slipped to 485p down 13.25p. ® Related Story BT dismisses £8 billion bid for local loop
Tim Richardson, 06 Aug 2001
server room

PCI-SIG says ‘yes’ to Intel's 3GIO

Intel's next-generation PC I/O bus, designed to be the successor to PCI and AGP, has won the backing of the PCI Special Interest Group. Intel announced in February it was working on what it calls a third-generation I/O spec. It submitted a preliminary version of the new bus, dubbed '3GIO', to the PCI-SIG, which on Friday voted on whether to back the would-be standard. And back it they will, under a jointly-steered programme to build an architecture currently codenamed 'Arapahoe', derived from Intel's 3GIO work. Intel's architecture always had a good chance of dominating the market, and the PCI-SIG's support, which brings the backing of IBM, Microsoft, Dell, Compaq and others, can only improve the likelihood of 3GIO becoming the next de facto system bus standard. Conversely, it will make it harder for AMD to establish its HyperTransport bus as the standard. HT has some impressive allies, as AMD announced last week, just ahead of an anticipated vote by the PCI-SIG on 3GIO. In the event, the PCI-SIG decided it needed another week to think about the spec. So now we have what looks like a real Wintel vs. the rest battleline being drawn up between the two standards, bringing to mind the fight between supporters of IBM's Microchannel Architecture (MCA) and companies backing the Extended Industry Standard Architecture (EISA) bus, for those of us old enough to remember it. But so what? There's no reason why the industry shouldn't have two alternative I/O architectures, just as there are multiple processor platforms and competing chips within each instruction set architecture. With OpenGL and DirectX, we have parallel competing 3D graphics APIs. Unlike the MCA vs EISA fight, this time both camps have numerous, big-name supporters, which should ensure the battle doesn't end up a conflict between a few companies and a great many others. And that assumes that HT and 3GIO aren't eventually aligned for the sake of simplicity and a true industry-standard solution. Much will depend on precisely what's included in the Arapahoe 1.0 spec. Only then will most IT companies be able to evaluate the architecture and compare it to the likes of HT. ®
Tony Smith, 06 Aug 2001

Time to declare first ever loss

Time Computers is to report its first ever loss, after 13 years in business, according to the Mail on Sunday. The PC maker was caught out by a sales crash in the middle of a huge store expansion programme, Tahir Mohsan, Time's publicity-shy boss, said in a rare interview. At first, Time was slow to react - "In September, we blamed the fuel crisis. Then we blamed the floods," Mohsan told the paper. In December, the company recruited Brian Glynn to take the difficult decisions. Since then, Time has been through what the Mail on Sunday describes as a "brutal restructuring". This included the halting of the TimeTalk chain of mobile shops. "I would never have done that because it was my baby, but that's what we employed Brian for," Mohsan said. In the interview, Mohsan reveals his irritation with the bitch board set up by former employees attacking Time. "I would not have minded the criticism, even the personal stuff, but it was all in public." ® Related Link Mail on Sunday: Chips down for this Time Lord
Drew Cullen, 06 Aug 2001

SirCam tops July virus charts

The privacy-threatening, bandwidth-stealing SirCam worm topped the Virus charts in June. Sircam accounted for a whopping 65.2 per cent of calls to the support centre of antivirus vendor Sophos. It was followed by Magistr (10.4 per cent), last month's chart topper, and Hybris (4.1 per cent). Sophos found 1276 new viruses during July 2001 but the emergence of SirCam swamped all before it. Graham Cluley, senior technology consultant at Sophos, expressed concern that such a high-profile virus is still spreading, even to the extent of infecting computers at the FBI's National Infrastructure Protection Centre. He advised users to update their antiviral protection and apply "safe computing guidelines". In other words don't open suspect attachments, if you want to avoid infection from SirCam. This is an old message but bears repeating, especially when figures from rival antivirus vendor McAfee are taken into account. In the last week of July, SirCam had infected 12 per cent of PCs scanned in North America and 11 per cent of European machines checked using McAfee's online scanning service. ® Top ten viruses reported to Sophos in July Sircam Magistr Hybris Badtrans Apology Kakworm Keylog Trojan HHold Flcss Qaz External links Top ten viruses reported to Sophos in July 2001 Related Stories SirCam virus hogs connections with spam Rise in viruses within emails outpacing growth of email Symantec fails to stop SirCam Hotmail fails to block SirCam worm Users haven't learned any lessons from the Love Bug FBI cyber-brainiacs infect themselves with SirCam Magistr continues three month reign as top virus
John Leyden, 06 Aug 2001

Redbus-TeleCity merger hanging by a thread

Merger talks that would create Europe's largest Web hosting group are still on going - just. Redbus was on the verge of announcing a deal until talks were interrupted by the discovery of a reported £20 million cash shortfall in TeleCity's figures. This led to speculation that the deal might be called off. Indeed, today's Times reports that Redbus has already walked away from the table. This morning, however, TeleCity issued a statement to the Stock Exchange in which it noted press speculation concerning its "current financial position" but said that negotiations were still on-going. But it warned that if the deal fell through it would have to "raise additional finance, whether debt or equity, in the short term to fund its business". "TeleCity plc has received preliminary indications of support from certain of its key shareholders but no assurances can be given as to the level of funding which may be available to the Company," it added. A spokesman for Redbus confirmed that negotiations were still underway. He described reports that the deal is worth £50 million as "pure speculation". TeleCity has "Internet hotels" in 11 cities across Europe including Amsterdam, Frankfurt, and Stockholm. Redbus has three locations in London, Paris and Milan. ®
Tim Richardson, 06 Aug 2001

Theglobe.com spins out of orbit

Chat and gaming site theglobe.com is to shut most of its Web business and axe half its staff after falling victim to the online ad slump. The New York-based outfit said on Friday it would close its community site theglobe.com on August 15. It also plans to shut its web-hosting business webjump.com on the same date. Meanwhile, the company is "significantly scaling down" its online games operations. Sites up for sale include UK-based Games Domain, as well as Happy Puppy, Kids Domain, and Chips & Bits. It is also to slash another 60 jobs, or 49 per cent of its remaining workforce. At its height, theglobe.com employed around 350 staff. In addition, it will quit its HQ for smaller offices in mid-August. "The decision to discontinue our community operations, which contribute disproportionately to our operating losses, allows our senior management team to focus solely on theglobe.com's core strength - games," said theglobe.com CEO Chuck Peck. Peck added that, while the company had faith in the future of online advertising, it was not in a position to stay in business in the long-term. He described the current spending slump as "a temporary pause in market's overall growth," adding that sales bookings at the dotcom had actually increased in July. ® Related Link Theglobe.com statement Related Stories Dopey surgeon loses $200k on dud deal - sues E-Trade, and wins Brits spend 25 minutes per day surfing at home
Linda Harrison, 06 Aug 2001

Japanese boffins build robot receptionist

Japanese boffins have come up with what they say could become the world's first robot receptionist. The scientists working on the Erato Kitano Symbiotic System Project say they have developed a robot that can pick up human voices, even with background noise. "Sig" (named, presumably, after the Symbiotic Intelligence Group that built it) can also turn its head toward the sound. Yes, ladies and gentlemen, the future is already with us. Sig can't actually do much else: but think of the possibilities! It has microphones stuck on its head and uses a revolutionary new technique that compares the loudness of voices through the different microphones to work out where someone is (like ears!). It then uses image-recognition to identify who it's looking at. Sadly though it doesn't have any arms. Or lower body come to that. It's a humanoid torso. To check out pics and see the spec go here. Try to dampen your rampant excitement though because Sig is just one in an increasingly long line of PR-garnering robots which perform closely-controlled tasks and give the illusion of having greater significance. The team, led by Sony researcher Hiroaki Kitano, will tell an Artificial Intelligence conference in the US this week exactly what it has managed to do. The Erato project was set up to research intelligence with the aim of building electronic networks that can perform the same tasks as biological systems (brains). As such, it has been knocking out a range of robots specifically designed to test particular perceptions. While this may be a step in the right direction for intelligent artificial beings, it is a very small one. Plus, of course, the real tough job is not getting something to respond to one stimulus but getting it to pick up several and understand what they all mean in context to one another. The sight of a robot receptionist is still some way off however: they haven't even started research on how to make a robot snide, stubborn, mocking or unhelpful. ® Related Link Erato Kitano Symbiotic System Project Pics and spec of Sig
Kieren McCarthy, 06 Aug 2001

Sony Vaio PCV-LX1

ReviewReview Rather than enter the market quietly and go along with the crowd, Sony likes to make the existing competition look dull and lacklustre. Games consoles and notebooks are two areas where Sony has succeeded in stirring up its rivals, and it has now decided to turn its hand to desktop PCs. Desktop PCs are renowned for being big, boring and beige, so Sony has produced a computer more in keeping with its consumer electronics background. The unit is considerably smaller than your average PC and very simple to set up, if not as simple as Packard Bell's Aura. The 15in LCD panel hooks up to the main unit via one cable, while the keyboard and mouse plug into either side of the base. There are nice design touches, too, like the keyboard dustcover that folds down in use to form a palmrest. Slightly unusual is the dual-hinged LCD, which allows the screen to fold flat horizontally. Impressive engineering, admittedly, but it's hard to see a practical use for it. The spec is a competent though uninspiring affair. The 1GHz Pentium III and 128MB of RAM produced a WorldBench result of 154. There's a decent 60GB Maxtor drive, plus a CD-RW/DVD-ROM combo. Sony has also thrown together a nice software package, including cut-down versions of four Adobe titles. Although not excessively priced when you take into account the flat-panel, the PCV-LX1 is still expensive compared to a normal PC. However, if you want the performance of a normal computer, then you have to take all that goes with it - including the beige box. The choice is yours. ® Info Price: £1701 Contact: 08705 111 999 Website: www.vaio.sony-europe.com Specs 1GHz Pentium III 128MB RAM 60GB hard drive 15in flat-panel DVD-ROM/CD-RW combo integrated graphics 10/100 network card USB modem 5 USB ports 2 FireWire ports Memory Stick slot PC card slot Scoring Build quality: 9 Features: 8 Performance: 6 This review is taken from the September 2001 issue. Copyright © 2001, IDG. All rights reserved.
PC Advisor, 06 Aug 2001

Aussie MP in hacking probe

An Australian MP has become the centre of a hacking scandal following accusations that computers in his office were used to hack into the PCs of rival politicians in the New South Wales Parliament. Labor MLC Tony Kelly, who denies any personal involvement in the affair, has confirmed that one of his office PCs has been handed over to police, the Sydney Morning Herald reports. The suspect PC is thought to have been used to gain unauthorised access to sensitive policy files belonging to rival Liberal MLC Charlie Lynn. Meanwhile staff working for Lee Rhiannon, a Green member of the state parliament, have informed police that they saw a "mysterious" message on their machines indicating files were "being copied as they watched". Sounds to us that this is more likely to be misunderstanding of how computers work as an eye-witness observation of hacking. Be that as it may, Government bodies in Sydney are taking the allegations very seriously. The New South Wales Police Commissioner, Peter Ryan, said police began an inquiry into the affair last Friday, after a tip-off from one of the parliament's system administrators that something was awry. Kelly, who taught computers in the 1970s, has issued a statement saying it was his staff who tipped off the parliament sysadmins. Various members of the Great and the Good in the New South legislature are calling for a full audit of all parliamentary computers. And they are fretting about the security of their email and diary management system. A little premature, perhaps? First, the police have to establish whether any hacking actually took place. ® External links Sydney Morning Herald: Politicians' secret files raided by hacker Related Stories Australia goes stark raving mad over Net censorship This man must be the biggest luddite in history
John Leyden, 06 Aug 2001

Etailers tool up for eXmas

One hundred and thirty nine days to go until Christmas and the festive hype has already begun. Etailers are warned to get a move on if they want to capitalise on this year's online shopping blitz. They need to ensure that their Web operation can withstand an onslaught of shoppers looking for gifts, and also they should ensure they have the resources to handle the predicted spike in demand. Last year, one in three online orders made in the pre-Christmas rush failed to arrive in time for Christmas and one in five failed to arrive at all. In the US alone etailers waved bye-bye to $1 billion in lost orders last Christmas because of poor site design or the failure to deliver goods on time. In a bid to improve on last year, broadband operation, XO and e-commerce outfit Intershop have launched a Web site to supply advice to etailers. "The financial impact of the wrong e-commerce strategy at Christmas can be high, especially if considerable resources were spent on design, systems and stock", said John Griffith, MD of Intershop. "Online Christmas shoppers expect round the clock service, swift delivery and good bargains. But frustration with slow or non-existent delivery before Christmas Day, inaccessible or broken web sites and poor support has knocked the shine off many people's perception of the online shopping experience. "Increased consumer Internet sophistication means that at the first sign of slow download times or poor site performance, your customers will head straight for your competitor," he said. Ho, ho, ho. ®
Tim Richardson, 06 Aug 2001

Palm retains world marketshare lead – just

Gartner Dataquest's latest figures for the PDA market during the second quarter of the year continue to show what a tough time Palm had of three-month period. Not only did its own marketshare fall, from 50.4 per cent in Q1 to 32.1 per cent in Q2, but arch-rival Compaq bucked the downward trend by more than doubling its marketshare, from 7.8 per cent to 16.1 per cent. Overall PDA shipments were down 21 per cent, falling from Q1's 3.55 million units to 2.8 million. Compaq's sales jump - it sold 278,000 PDAs in Q1, 450,000 in Q2 - even took it above PalmOS licensee Handspring, for a long time the world's number two PDA supplier. Handspring retained the number two position in the US, however, with a 17.3 per cent share of the market, compared to Compaq's 16 per cent. Palm took 40 per cent of the US market during Q2, down from 54.2 per cent in Q1. All of which tells us that Palm shouldn't be written off quite as much as some observers have done. Palm does have to work hard in the European market, but the US and combined global figures suggest it still has a solid market lead - even during a period when sales were down across the board and when it had undergone a very poor product transition. That's not to suggest of course that all is well with Palm - the company will have to work to ensure that Compaq's gains don't come at its own expense or of its Palm OS licensees. Market watcher the Aberdeen Group last week reckoned PocketPC will own more of the market than Palm by 2005, but that's too far off to be meaningful - simply, too much can happen in that space of time. Aberdeen's thesis is based on the corporate market as the key driver for PDA sales. Dataquest broadly concurs with that viewpoint. Aberdeen is keen to try and devine some technological reason why enterprises will choose Windows CE over the Palm OS, but the real advantages the Microsoft platform has are perceived familiarity with the apps and SO, and, above all, Compaq's corporate sales force. Palm can target both, and the span of years between now and 2005 is more than enough time to do so, particularly with improved ARM-based and wireless products on the way. That goes double if the much-rumoured reliability problems hit Compaq's iPaq sales hard. ® Related Story Palm, Compaq head-to-head in Euro PDA market
Tony Smith, 06 Aug 2001

Internet sector is Hunky and Dory

Some comforting news for the tens of thousands of people who've lost their jobs and/or their life savings in the bombed-out Internet sector: everything will be hunky-dory. The Internet marketplace is not a dead duck (it's just got a touch of the flu) and should be back to health before we all know it, according to a a positively upbeat assessment from Jupiter. The analyst firm reports that the "long-term growth factors will continue to drive development of the Internet marketplace, even though current market conditions will temporarily hinder their near-term effects." It continues: "While current market constraints...have slowed growth in some sectors (such as online advertising revenue, business-to-business trade and infrastructure spending) their overall impact is expected to be relatively modest." That might not bring the dead dotcoms back to life or make-up for investors losing their shirts - but hey, it's a start. David Card, senior analyst at Jupiter Media Metrix, says: "While many Internet ventures today are mired in financial difficulty, it's important for all players not to be overwhelmed by the negative hype that is distorting the long-term picture. "There are many hurdles and setbacks to be overcome in the months ahead, but most of these should prove to be short-term setbacks, the magnitude of which will be offset by continued long-term growth factors. "This doesn't mean that all of the Internet ventures around today will succeed, or that the stock market bubble will revive, or that there's huge potential in niche markets. "But a few serious players across many Internet sectors will have large, thriving markets to capture." Phew! ®
Tim Richardson, 06 Aug 2001

Judge lambasts Armani in domain name ruling

A Canadian artist has won the right to the www.armani.com domain, following a remarkable hearing at arbitrator WIPO. The case is unusual in that, despite the clothes chain's lawyers insisting the artist had no legitimate right to the domain, a WIPO judge disagreed since the artist's name is Anand Ramnath Mani - shortened simply to A. R. Mani. There have a number of cases in the past where someone has changed their name by deed poll to match a contested domain and then used this as a defence, but Mr Mani has had his name since birth and went to great lengths to prove the fact. That in itself is not enough to prevent WIPO from applying its flawed dispute resolution rules and handing over the name to the big corporation. However, in the judge's report (as yet unavailable on WIPO's site, but it will be here when it gets around to updating decisions), it is clear that the lawyers for the Armani corporation damaged their own case through arrogance and playing hard and fast with the truth. To remind you, WIPO needs to be persuaded of three things before it hands over a domain. One, that the domain infringes a trademark; two, that the current owner has no legitimate interest in the domain; and three, that the current owner did not register it in bad faith. Clearly the domain armani.com does infringe on Armani's trademark, so that was not in dispute (the sole judge disregarded a filing from Mr Mani regarding Canadian law on trademarks, saying it was not relevant. This is a habit of WIPO's - refusing to tie in current law with its procedures). The Armani lawyers reckon that Mr Mani registered the domain to get attention off the back of Armani, and that he could have registered a-r-mani.com or somesuch. It also says that by asking for just under $2,000 for the domain in 1997, he has shown evidence of bad faith. However, the judge - Nick Gardner - condemned them for failing to tell the full story behind their dispute with Mr Mani. The original complaint did not state that the corporation originally offered Mr Mani Canadian $1,250 (£570) for the domain. Mr Mani said that wouldn't cover the costs of him reprinting stationery etc and asked for US$1,935 plus permission to use the domain www.amani.com. As the judge points out: "The figure seems entirely reasonable - It is a relatively modest sum, far removed from the sort of amounts which were typically sought (especially in 1997) by 'cybersquatters'." Armani refused the sum and the request to work off another domain. The judge also concerns himself with "a number of inconsistencies" in the Armani lawyer's complaint, including whether Mr Mani was actually running a Web site on the domain (he was not). Mr Gardner said it was very common for people to register the domain of their initials and surname. He also said that Mr Mani's response to legal threats was evidence that he was not acting in bad faith. As such, Mr Mani is entitled to the domain. But going further than that, Mr Gardner said in his decision that: "The Panel finds this Complaint to be an abuse of the administrative proceeding." Mr Mani, who is a graphic artist and lives in Vancouver, was delighted by the decision and said he was considering putting up a site due to its popularity. "I might now put up something on some social issues or an arts site," he said. He said he had spent Canadian $10,000 on legal fees but was determined not to back down. He is also unsure of the site's worth and wasn't sure how much Armani would have to offer for him to had it over. But one thing's for sure - it's going to be a whole lot more than if Armani hadn't taken him to WIPO. ®
Kieren McCarthy, 06 Aug 2001

MS Passport security considered harmful

The lynchpin of Microsoft's web services - the Passport authentication service - has been found wanting in a study by two senior AT&T scientists. The authors credit Passport with being an ambitious model, but warn that "the system carries significant risks to users that are not made adequately clear in the technical documentation available." The report was written by Aviel Rubin, a USENIX board member and co-author of the Web Security Handbook and Dave Kormann, a fellow AT&T Research Labs staffer. "Passport's attempt to retrofit the complex process of single sign-on to fit the limitations of existing browser technology leads to compromises that create real risks" Microsoft doesn't take all of the heat: Rubin and Kormann say that without changes to the SSL model, for example, systems that depend upon its delegation and certification such as Passport will inevitably contain flaws. However, Microsoft is criticized for failing to provide an authenticator, and for failing to prevent 'rogue merchants' to steal details using redirects, either by HTTP redirects or fake DNS records. These are vulnerability of merchant sites already, only compounded when a web of many merchants depend on Passport and Passport alone, which is very much Microsoft's grand vision of Hailstorm. The researchers make some recommendations, including using rotating keys to encrypt cookies, using a challenge-response system instead of a password, and ensuring SSL is used for all transactions. Microsoft amended the Passport Terms of Use in April, after an earlier draft gave Microsoft and its Passport affiliates license to use content how they wish, which included the right to exploit users patents. You can read the Rubin and Kormann paper here.® Related Stories Pay-to-Play: Microsoft erects .NET tollgate Microsoft alters Passport Terms to stem Hotmail defections Microsoft's Passport service: No Marylanders allowed?
Andrew Orlowski, 06 Aug 2001

Free Sklyarov Now!

Protests against the continued incarceration of Russian programmer Dmitry Sklyarov are planned outside the courtroom where he faces a bail hearing today. As previously reported, Sklyarov published details of how Adobe's eBook encryption package could be circumvented, and so ran foul of the US Digital Millennium Copyright Act (DMCA). The decision to arrest Sklyarov has angered civil rights activists and the encryption community, all of which argue the case threatens basic freedoms. Sklyarov, who was arrested after making a presentation on eBook security at the DefCon hacker convention in Las Vegas last month, has been transferred to California and will appear before Judge Edward A. Infante at the San Jose Federal Building today. The case is scheduled for 11am local time. The Electronic Frontier Foundation, which is organising protests, plans to stage peaceful protests outside the courthouse and to pack the courtroom with Sklyarov's supporters. Protestors are been asked to observe a "No T-Shirt" dress code. Protests against the DMCA and Sklyarov arrest reached the UK last Friday with a march to the US embassy in London, and simultaneous protests in Edinburgh. Around 40 people took part in the march from Hyde Park to the US Embassy in Grosvenor Square, which culminated in a rendition of the DCMA song (same tune as the Village Peoples' YMCA) and the performance of a short satirical play. You can find more information at www.xenoclast.org/freesklyarov. External links: Electronic Frontier Foundation Free Sklyarov Campaign - UK Co-ordination Site Related Stories: Adobe DMCA protests spread to UK Adobe Folds! Protesters lay siege to Adobe Boycott Adobe campaign launches eBook security debunker arrested by Feds
John Leyden, 06 Aug 2001

So how much is Armani.com worth?

Following on from the recent WIPO case in which a judge ruled that Mr Anand Ramnath Mani (A.R.Mani) was entitled to the Armani.com domain, we pondered just how much Armani.com was worth. So we contacted a number of brokers to ask for their assessment. They all pointed out that it would be very difficult to sell it to anyone but Armani. As such, it is worth only what Armani thinks it's worth, but the fact remains though that having Armani.com would be very useful to the fashion company. And Mr Mani, having already paid out $10,000 to fight its complaint, is likely to drive a hard bargain. Failing that, Mr Mani can clearly make money simply from the traffic that Armani.com will generate. People would happily pay for their ads to be hosted on such a site, especially if they sold either clothing or high-class goods. And then, as one person suggested, he could set himself up as an online Armani retailer. Now, that is a surefire way to make money, although Heaven knows how Armani would react. Now for a stroll down Memory Lane: here are some of the most well-known big domain sales (most expensive first). Business.com - $7.5 million ASeenOnTv.com - $5.1 million Altavista.com - $3.3 million Wine.com - $2.9 million Autos.com - $2.2 million Express.com - $1.8 million WallStreet.com - $1 million Rock.com - $1 million Tdc.com - $1 million Websites.com - $970,000 Drugs.com - $830,000 Engineering.org - $200,000 So what did they come up with regarding Armani.com's valuation? Register.com/Afternic.com: $100,000 upwards DomainSystems.com: between $150,000 and $200,000 Names123.com: start at £100,000 ($143,000). Absolute minimum of £25,000 ($36,000) So there you have it. Looks like it's coming out at around $125,000. That's how much Armani.com is worth. Mr Mani may not have to worry about money for some time. ® Related Story Judge lambasts Armani in domain name ruling
Kieren McCarthy, 06 Aug 2001