15th > November > 2001 Archive

Researchers probe Net's ‘dark address space’

Broadband customers and US military systems are the most common victims of an online phenomenon researchers have dubbed "dark address space," which leaves some 100 million hosts completely unreachable from portions of the Internet. For a variety of reasons ranging from contract disputes among network operators to simple router mis-configuration, over five percent of the Internet's routable address space lacks global connectivity, according to the results of a three-year study by researchers at Massachusetts-based Arbor Networks, to be released Tuesday. "Popular belief holds that the Internet represents a completely connected graph," says Craig Labovitz, Arbor Networks' director of network architecture. "It turns out that's just not true." Anecdotal evidence has long hinted at the existence of dark address space, but the researchers shed light on the subject by continuously gathering and analyzing core routing tables for three years. In the end, they found that for much of the Internet, the shortest path between two points doesn't exist. The most common factors contributing to dark address space: aggressive route filtering by network operators seeking to ease the load on equipment, and accidental mis-configuration. US military sites frequently fall into the shadow zone because they often occupy neglected 'Milnet' address blocks dating back to the Internet's stone age. Why cable modem customers also top the list remains one of the unsolved mysteries in the project, says Labovitz, who describes the research findings as preliminary. Murky Crime Despite the large number of hosts that fall into the partitioned space, the phenomenon is generally not noticeable to average Internet users because most Netizens only use a tiny portion of the Net. "Most people access five or ten web sites," Labovitz says. The study was conducted by Labovitz, Michael Bailey and Abha Ahuja. In the course of their monitoring, the team also caught the occasional fleeting glimpse of another, more elusive routing anomaly -- one that often comes with a more sinister explanation. Blocks of Internet address space that are supposed to be unused sometimes briefly appear in global routing tables, and are used to launch a cyber attack, or to send a flurry of unsolicited commercial email, before being withdrawn without a trace. Dubbed "murky" address space, this works because of the fundamental insecurity of the Internet's routing infrastructure. Under protocols developed during cyberspace's age of innocence, if an Internet router claims that it owns a block of address space, the rest of the Internet will take it at its word, and route to it all the traffic for that address block. "You co-opt one router, and you can create whatever net-block you want and inject it into the global net," says Labovitz. Arbor Networks' researchers went to the mail logs of a local ISP and compared several thousand unique mail sources with "murky" addresses spotted in their monitoring. They found that 30 of those addresses sprang into existence shortly before sending the email, and quickly vanished afterwards. Because routers don't normally log such activity, murky address space could hide the full range of antisocial or illegal network behavior, says Labovitz. In October, a report from Carnegie Mellon's CERT Coordination Center warned that hackers are increasingly compromising routers, and using them to launch denial of service attacks against Internet hosts. © 2001 SecurityFocus.com, all rights reserved.
Kevin Poulsen, 15 Nov 2001

ICANN ponders DNS hack defence role

The international body that oversees the Internet's naming system struggled this week to find a role in the war against terrorism by putting one of the Net's weakest links under a microscope. In the wake of the September 11 terrorist attacks the Internet Corporation for Assigned Names and Numbers (ICANN) swept aside most of its scheduled agenda to explore its options in shoring up the security of the Internet's domain name system (DNS), the infrastructure that invisibly translates domain names like www.securityfocus.com to Internet IP addresses like 66.38.151.125. In a beachside hotel venue secured by plainclothes guards sporting Secret Service-style earpieces, researchers labored Tuesday and Wednesday to explain in excruciating detail the DNS' vulnerability to spoofing, cache poisoning and other, more exotic attacks that hackers have already used to divert traffic from victims' Web sites. "A hacked web page appears, even though victim site was untouched," said NAI Labs' Edward Lewis on a Tuesday panel. "That is by far the most important impact of an attack on DNS" Many participants looked to the DNSSEC protocol to counter such attacks in the future. A project of the standards-setting Internet Engineering Task Force (IETF), DNSSEC uses public key cryptography to protect domain records from spoofing or corruption. But five years after the protocol's base specifications were laid out, it's still considered unripe for wide deployment. Compounding the DNS' vulnerability, older versions of the Berkeley Internet Name Domain (BIND) software -- the standard program for domain resolution -- is notoriously insecure, and yet is still in use, presenters said. A recent survey found that authoritative servers for 50 of the 250 top-level domains ran a version of BIND that suffers from documented security holes allowing attackers to gain complete control of the system remotely. But most of the focus of ICANN's attention wasn't on vulnerabilities that lend themselves to occasional mischief, but on the potential for a cyber attack on the 13 crucial 'root servers' at the top of the domain name system's hierarchy. Scattered throughout the Internet, those servers are the sine qua non of domain name resolution. And with their IP addresses effectively hardwired into DNS software, the root servers are immobile targets in an otherwise flexible system. The DNS can easily absorb a loss of some of those servers, but not all of them at the same time. "If you take out, or make all the root name servers stop serving domain names, many if not most Internet servers will suffer from reachability problems," said Lars-Johan Liman, who runs a root server in Stockholm. Physical attacks aren't much of a concern, Liman said, because the servers are ordinary off-the shelf computers that can be easily replaced. But the servers are vulnerable to distributed denial of service attacks, similar to those that crippled Yahoo!, CNN.com, and other high-profile web properties in February of last year. If an attacker staged such an assault on a large enough scale, the root servers would be unusable. "The attacks are going to be ddos attacks," said Randy Bush, co-chair of the IETF working group on the DNS. "Stop trying to rearrange deck chairs on the Titanic." But it's not clear what ICANN can do about a problem that has its roots in the Internet's infrastructure. At a Wednesday session, participants looked at developing emergency plans for securely communicating with one another to reconstitute the DNS system in the event of a malicious outage. "Authenticated contact information needs to be out there now, while things are working," said AT&T Fellow Steven Bellovin. Participants later broke up into committees to form recommendations for ICANN's board of directors. Among the options, ICANN could put strict security requirements into its contracts with accredited domain name registrars, issue non-binding guidelines, or do nothing at all. ICANN's unusual move to transform its membership meeting into a security think tank was not without controversy. But on Wednesday it drew praise from Washington. In a keynote address, John Tritak, director of the US Critical Infrastructure Assurance Office, said terrorists may soon target the Internet, and it was "appropriate and proper" for ICANN to consider DNS security. © 2001 SecurityFocus.com, all rights reserved.
Kevin Poulsen, 15 Nov 2001

MS to donate custom WMP skins to US military

A brief note posted at skinz.org claims that The Skins Factory has been commissioned by Microsoft's Windows Media Division "to create four Custom Windows Media Player 7 skins for the United States Armed Forces." The intent is to show support for the US Military. Both Microsoft Spin Central and the Windows Media Division's press operations seem as yet silent on the subject, but The Skins Factory says the four WMP 7 skins will be for the United States Marine Corp, United States Air Force, United States Army and the United States Navy, and are to be unveiled at the Government Video Expo in Washington, D.C. on Nov 28-29, 2001." This conference certainly exists, as indeed does conference co-sponsor Government Video Magazine, which itself runs the delightfully tagged sellingtothefeds.com. There's no mention of a presentation in the conference program as far as we can see, but there's much there that strikes The Register as slightly surreal. In fact the mere existence of this as an industry strikes us as surreal and almost - but not quite - eclipses the images of what the blazes the US Marine Corp is going to get up to with its tailor-made Media Player skins. The Skins Factory says the skins will be available to the general public at windowsmedia.com, and that a variant, the United States of America version, will come with the upcoming Windows Media Player Bonus Pack. And who are we to doubt them? ®
John Lettice, 15 Nov 2001

iPod coming to Windows

Cross-platform computing specialist Mediafour is developing a software bridge to allow Windows users to download their digital music collections to Apple's highly rated MP3 player, iPod. Called XPod, the code will transfer MP3s, WAVs and AIFFs to iPod from any machine running Windows 95, 98, Me, NT 4.0, 2000 and XP, Mediafour promises. All you need is a 1394 port, built-in or installed by way of a PCI add-in card. Mediafour says it will soon open its work to public scrutiny through a beta test programme. The company is best known for its MacDrive utility, which allows Windows PCs to read and write Mac HFS disks. So far, the iPod, which began shipping in the US last week and is expected to debut in the UK and Europe next week, has been presented as a Mac-only product, part of Apple's strategy to entice computer buyers to the Mac platform. iPod connects to Apple's iTunes, and to date Apple has said it is not planning to port its digital music management application over to Windows. Of course, since iPod is essentially a 1394 hard drive with music stored in an invisible directory, it shouldn't be too hard to code a simple application to expose said folder and allow Windows and Linux users to copy over files by drag-and-drop. Quite how XPod interfaces with Windows music applications we don't yet know - we're waiting to hear from Mediafour. Watch out for an update as we learn more. ® Related Stories Apple iPod redux Apple pops iPod When will Apple hook PDAs into the OS X digital hub? Related Link Mediafour: XPod Thanks to reader Jared for the link
Tony Smith, 15 Nov 2001

Telewest signs up 70k broadband customers

Telewest has reported a massive jump in broadband customers putting it behind rivals NTL and ahead of BTopenworld. Publishing its latest figures Britain's second biggest cableco reports that 70,000 households now subscribe to its blueyonder broadband service - an increase of 71 per cent in the three months to September. The latest figures from the mass market Internet division of BT reveal it has 62,000 customers. And NTL - Britain's biggest cableco - reports it has 79,000 broadband users. The sizeable increase in take-up coincided with a nation-wide advertising campaign during the summer to boost awareness for broadband. Philip Jansen, MD of Telewest Broadband's consumer division, believes that the message about broadband is beginning to filter through to consumers. "We're dispelling any notion of apathy among UK consumers - our booming sales show there is plenty of life in the broadband bulldog," he said. Crucially for Telewest, broadband is helping to increase its customer base. One in five of its new users become customers because they want broadband Internet services. Seven out of ten then go on and subscribe to other packages such as cable TV or telephony services, helping to increase the amount of cash Telewest gets per customer. Today's figures coincide with the release of Telewest's Q3 results. For the nine months to September 30 total turnover was up 20 per cent to £973 million compared to £813 million during the corresponding period last year. Earnings before interest etc (EBITDA) were up 22 per cent to £225 million during the nine months to September. By mid morning shares in Telewest had jumped more than 17 per cent - 10.25p - to 68.25p. ®
Tim Richardson, 15 Nov 2001

nForce too expensive for retail, mobo makers claim

The high price Nvidia is charging for its nForce AMD-oriented chipset has forced motherboard makers to steer clear of the retail market, fearing that nForce-based boards will be just too expensive for price-sensitive consumers. nForce boards have started to appear in the Taiwanese retail channel, according to a DigiTimes report, but sources close to mobo makers who haven't yet shipped a retail board reckon that nForce's time may have come and gone. Quite apart from the basic cost of the chipset - around $45, says one DigiTimes source - the part's integrated graphics is looking increasingly underpowered and overpriced. nForce's graphics is pitched between Nvidia's discrete GeForce 2 MX 200 and MX 400 chips. That was fine when nForce was launched, but the arrival of the GeForce Titanium family - essentially clocked-up GeForce 2 and GeForce 3 parts - has forced down the price of lesser chips, including the MX series. Board makers fear that punters will prefer boards based on much cheaper discrete chipsets into which they can plug a GeForce 2 MX 400 board, getting better graphics than a nForce-based board at a potentially lower cost. Of course, retail is one thing and the system integrator market another altogether, and DigiTimes' sources say they have decided to target the latter. 'Name' motherboards are less in demand here, and second- and third-tier will have a better chance of selling boards to PC makers than to the kind of customer who buys retail boards who, we suspect, are more discerning. As such, opportunity, far more than price, may be what is keeping less well-known mobo makers away from the retail market. Price issues certainly don't appear to be bothering first-tier motherboard companies too much. MSI has shipped its MS6367 board, and next month should see the arrival of Asustek's A7N266, Gigabyte's GA7NTX and Abit's NV22. ®
Tony Smith, 15 Nov 2001

Dell PC biz grows in Q3

Dell, already the world's largest PC maker, has grown its global market share, as well as its piece of the American pie. IDC is set to report that Dell bumped up its share to 14.5 per cent in the third quarter from 11.5 per cent in Q2 for the worldwide market, no mean feat. In the US, it rose from 24.8 per cent (Q2) to 26.4 per cent (Q3). All other PC makers in the top five declined during the same period. The numbers were leaked by Michael Dell at Comdex and he suggested the company's growth could be attributed to market confusion surrounding HP and Compaq's embattled merger. The research, reported by the FT, comes just ahead of Dell's third quarter financial results where it is expected to post profit margins in the seven per cent range. The numbers mirror 3Q Gartner figures seen for EMEA where Dell (second largest after Compaq) grew 5.6 per cent against Compaq's 18.8 per cent decline. IDC earlier reported a 10.4 per cent EMEA growth for the company in the same period. ® Related Stories All quiet on the Western Europe PC front PC sales down 12% in Western Europe
James Watson, 15 Nov 2001

Computerlinks hits forecasts

Fayrewood, the UK-listed networking distributor, has reported its German subsidiary Computerlinks AG has grown sales but seen earnings drop in its Q3. Computerlinks AG (51 per cent owned by Fayrewood and listed on the Neuer Markt), which trades in the UK as Unipalm, reported earnings before interest, taxes, depreciation and amortisation (EBITDA) of 2.3 million euros, down on the year earlier period's 3.1 million euros. Fayrewood had issued a profit warning at the start of October and Computerlinks AG Q3 results are in line with the company's revised figures. The company said it anticipated an upturn in the IT-sector in the course of the year 2002, and believes it will reach its forecasted turnover of 159 million euros and an EBITDA of 11 million euros for the entire business year 2001. Computerlinks AG increased group turnover in Q3 by 16 per cent to 39 million euros, compared with the same quarter last year. For the nine months, EBITDA went up by 42 per cent from 5.9 million euros to 8.4 million euros, representing a lower percentage increase than that of the turnover. Group turnover went up by 68 per cent from 70.8 million euro to 119 million euro for the period. ® Related Story Fayrewood profit warning
Robert Blincoe, 15 Nov 2001

IT spend up 1% in 2001 – IDC

The "perfect storm" of the 11 September terrorist attacks, slowing global economy, and the telecommunications supply-demand mismatch, means that worldwide IT spending will only increase one per cent in 2001. The figure comes from IDC which forecast spending growth will recover slowly to 5.5 per cent by the end of 2002. The year 2000 saw 12 per cent growth. The analyst firm predicts hardware spending will decline 9 per cent this year, and a further 1 per cent drop will follow in 2002. But software and services spending growth will recover, to some extent, in 2002, with an upturn in the second half of the year expected to produce 2002 worldwide growth rates of 11 per cent for software and 9 per cent for services. John Gantz, IDC chief research officer, said: "Hardware shipments have suffered most dramatically, as is always the case in an economic slowdown. This year, due to other factors, things have been even worse than anyone predicted." The US slowdown has spread to Western Europe. Hardware spending there will show a decline of 4 per cent this year and will decline by a further 2 per cent in 2002. In Japan, PC spend is declining by 16 per cent this year. According to IDC, software spending will recover to the strong growth rates of previous years, driven by investment in ebusiness and other areas. IT services will remain strong as well, recording 9 per cent growth worldwide this year despite the industry slowdown. IDC's figures are the results of a study, Operation Beacon, set up to quantify the impact of the September 11 terrorist attacks, along with other economic factors, on the state of the worldwide IT market. ®
Robert Blincoe, 15 Nov 2001

AMD learns Italian

AMD this week scored a strong public sector win in Italy. A Government organisation decided to go Duron on an education contract involving 60,000 desktop PCs. Italian system builder CDC will supply the machines, which will be based on 1.1GHz Duron chips. AMD has done well in education circles. Its year-on- year market share grew 66 per cent from 3Q 2000 to 3Q 2001 for the European education segment, the chipmaker says. In February, AMD announced the latest incarnation of Olivetti was to supply two government agencies with Athlon-powered PCs in Italy, historically one of its weaker markets. It added to that success in March with the announcement that NEC would use its chips in one of its corporate-targeted desktop lines. Since then, however, the chipmaker has faced tougher times. A number of major PC brands, including Tiny, Gateway and IBM (among others), dropped or de-emphasised AMD processors from their desktop line-ups. ® Related Stories NEC anoints AMD for euro-corporate PCs AMD, Olivetti and the Italian connection AMD shuts fabs, fires 2,300
James Watson, 15 Nov 2001

Freeserve threatens legal action against UK Govt

Freeserve is prepared to take legal action against the British Government unless it resolves a loophole which excludes some Internet companies from paying tax. The UK's biggest ISP has lobbied for a change since the summer but it is becoming increasingly frustrated at the delay. Under the current law, ISPs based outside the European Union are not liable for VAT (Value Added Tax). Freeserve believes this is giving companies such as AOL an unfair competitive advantage while depriving the Treasury of millions of pounds in lost tax revenue. Customs and Excise - which collects VAT - has completed its review and passed its recommendations to ministers. Freeserve company secretary David Melville has written to Treasury Minister Paul Boateng wanting to know when a resolution to the matter is due. In the letter seen by The Register Mr Melville warned: "In the event that the position is allowed to drag on much further, we will have no option but to pursue a remedy against the UK Government before the European Commission, arguing that the Government's failure to act puts it outside the scope of current community law." Freeserve's CEO John Pluthero put the matter more bluntly: "This looks as if the UK Government is running scared of American lawyers and lobbyists, and so we should not be surprised that they don't give a toss about UK companies having a level playing field on which to compete. "It's open season against British business by the UK Government at the moment and it seems as if we'll have to take the matter to a higher jurisdiction to get any real progress," he said. Freeserve has also written several letters concerning the matter to ecommerce minister, Douglas Alexander, but has yet to receive any reply - not even an acknowledgement. A spokeswoman for AOL declined to comment ,saying instead that this was a matter for Freeserve and the UK tax authorities. Earlier this year Freeserve threatened to move its business outside the EU unless the tax loophole was closed. ® Related Stories Freeserve tackles AOL UK over '£2.5 million in unpaid VAT' AOL UK escapes £1.8m in tax in 22 days 'If AOL UK paid full VAT it could fund heart transplants' Freeserve takes swipe at AOL's tax free status Freeserve threatens to move operation to Algeria
Tim Richardson, 15 Nov 2001

Salmon Days Trailer Trash

We are shutting off the Salmon Days trailer at the end of next week. So far, just shy of 90,000 people have seen our BOFH-inspired comedy vidstrip effort. Join the crowd while you still have the chance. There has also been more than 60,000 downloads of clips from Salmon Days Cutlets, an annoyingly effective viral marketing ploy. What else? Episode one goes into filming RSN, and will be out before Christmas. We hope to get our act together on regular outings sometime in January. ®
Drew Cullen, 15 Nov 2001

WinXP: log on as admin if you want to play games, MP3s?

Home users seem to be coming badly unstuck when tangling with the new security features of Windows XP. Now it's possible for them to set up one account on their machine with administrator rights, and lesser accounts for the kids, less significant other, cat and so forth - but setting things so that the right people get access to the right programs? Hmm, tricky... The Windows XP Public Newsgroups are currently peppered with pleas for help on the subject (and indeed with messages from people who just don't get WPA, but that's another story). If they're used to any kind of security at all, in many cases it's the Win9x system that does precious little beyond getting you used to the idea of pointless multiple logins and passwords. XP is a different matter altogether, and Joe Public plus kids, less significant other and cat are being baffled by several issues intersecting. First, you get the ability to use different user accounts with different privileges. Second, you get to confuse yourself with Fast User Switching, which allows multiple accounts to be poised ready and waiting for, well, fast user switching. So can you remember who you are at the moment? Third, quite a lot of programs (Microsoft's Age of Empires II apparently being one of them) don't grasp the wonderful new world of multi-layered security that is XP, so you end up with them demanding administrator rights from you before they'll let you run them. Many aspects of this will cause gales of mirth in the Linux camp, where the security systems are a model of Stalinistic structured control-freakery (well, that's what we think, anyway). Doing your day to day work from an admin account isn't good practice, but XP can easily be installed with just that assumption. And having programs that won't let you run them unless you're admin will quite likely mean Joe Public will wind up letting everybody run as admin. If he can figure out how, that is. According to the relevant Microsoft support article, the problem occurs "because many programs were written for use with Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows 98 Second Edition, or Microsoft Windows Millennium Edition (Me). These operating systems did not have an administrator or limited user account." The way installations should work with XP, if we understand the situation correctly, is that when installing under administrator account you should be able to specify that other accounts have access to the program, but clearly that doesn't always happen with the older stuff. It's also worth noting that the stuff users are running into problems with seems typically to be games, music programs and so on - so you've got to give your five year old admin rights so they can run Age of Empires, right? Right. As Microsoft says, "If you installed a game by using an administrator account, you may have to log on with an administrator account before you can play the game." Or alternatively, as one suggestion in the newsgroups goes, just install it again for each user you want to access it, using the same folders. The "limited user" account also makes an appearance in the knowledge base. If you look here, you'll find a substantial list of things you might not be able to do, and a very long list of programs you can't run, if you're logged on as a limited user. Not being able to see the CD in the drive will no doubt make Linux defectors feel at home. But given that paterfamilias is quite likely to reckon the kids ought to be limited users, you can see what a heap of trouble this one could cause. Register browser wars trivia: This happens every now and again, and happened just now when we thought we'd just look around http://support.microsoft.com to see if there was much else on admin account issues in XP. Using Opera 5.11 masquerading as IE 5, you get a continuous high speed looping between "sending request to support.microsoft.com" and "connecting to support.microsoft.com". We surmise that this is a result of Opera saying "hello, I'm IE5" and microsoft.com saying, "hang on a moment, no you're not", "yes I am", etc. And when it finally times out the tag on the dialogue box reads "http://support.microsoft.com/support/misc/unsuppor..." Our friends in Norway may care to get loudly outraged about this sometime. As regards those admin account issues, we can report after a brief excursion into IE5 that there are currently 200 articles in the XP knowledge base containing the word administrator. One cracker is Q293834, "User Accounts That You Create During Setup Are Administrator Account Types". It applies to Home and Pro editions, and (hold onto the strap before you read this, Unix geeks) is summarised as "After you install Windows XP, you have the option to create user accounts. If you create user accounts, by default, they will have an account type of Administrator with no password." Outstanding. ®
John Lettice, 15 Nov 2001

Intersil takes 802.11 knock

Intersil is fighting an uphill battle to get its OFDM (Orthogonal Frequency Division Multiplexing)technology accepted as the 802.11g wireless networking standard, It received just 55 per cent of the vote at the long-awaited IEEE ratification meeting this week. It needed 75 per cent for its proposal to be set as the standard. The battle is not over yet, but Intersil's effort is heavily dented. At the meeting, a vote on whether to lower the 75 per cent requirement to 50 per cent for a standard has been postponed until tomorrow, which could resurrect Intersil's proposal. However, as EE Times reports, the 802.11g working group's chairman, Stuart Kerry, is strongly opposed to the move. Earlier this year, the IEEE working group voted against PBCC, a technology put forward by Texas Instruments, and the signals started to look good for Intersil. (PBCC is Packet Binary Convolution Coding). Since the early IEEE setback, TI recovered quickly to produce its ACX100 controller in June, incorporating its PBCC technology, to power speedier 802.11b-compatible networks. It provides a theoretical 22Mbps transfer rate (in the 2.4GHz spectrum) and offers up to 70 per cent more area coverage than existing 802.11b products. The company has been working hard to flog ACX100 to equipment makers as a nice step up for existing 802.11b networks. Its labours have been rewarded with various companies like Buffalo and LinkSys producing kit based on the technology. And, by getting working product out into the market, TI's PBCC may rear its head again in the IEEE ratification process, further pummelling Intersil's OFDM proposal. b to g to a Following on from both 802.11b and 802.11g comes 802.11a (don't ask), which is heavily hyped as the successor to today's 802.11b networks. Companies such as Proxim, Intel and 3Com are all shouting about it at Comdex this week. Chipsets which manage 802.11a traffic have proved to be rather cheaper than anyone anticipated, bringing the cost of the technology almost down to the level of 802.11b. Who needs 802.11g now, 802.11a proponents say. There is a problem; 802.11a operates on the 5GHz spectrum, while 802.11b sits at 2.4GHz, raising incompatibility issues. 802.11a doesn't like wall either, lowering its effective range. 802.11g sits in the middle, being backwardly compatible, but not as speedy as 802.11a (which runs at a theoretical maximum speed of 54Mbps, although reality falls far short of this). And 802.11a has yet to be certified to use the 5GHz band in Europe. It's all a bit of a mess really. ® Related Stories To be or not to 802.11b Rocky road to wireless networking nirvana WLANs hit 22Mbps
James Watson, 15 Nov 2001
Cat 5 cable

Business drives the Wireless Web

Businesses applications will drive the market for the wireless Web while the consumer market struggles through its formative years. This is the conclusion of analyst firm Insight Research which concludes that hopes are misplaced that consumers will kickstart wireless Internet use. Extensive wireless Web browsing and mobile commerce is not viable for consumers - given current limitations on content, presentation, and delivery, Insight says in its report (Wireless Portals and Wireless Service Providers 2001-2006). Speed, quality of service, and reliability issues are less of a barrier to the development of applications that pull information from corporate intranets, Insight argues optimistically. In particular, it notes widespread adoption of sales force automation, customer care, warehouse management, and shipment tracking applications tailored to mobile use. With the adoption of 3G, voice recognition, and Bluetooth, wireless Web use will become prevalent in the enterprise, even as consumer uptake fails to match up to early hype, Insight argues. Confidence - or lack of - in m-commerce does not help either in consumer takeup. This is impeded by the absence of coherent security standards and expertise by mobile operators, according to analyst firm TekPlus. Concerns about e-commerce security will be reflected in the wireless Web market unless mobile operators invest more in security and become more open about the issues they face, TekPlus argues. According to Gareth Williams, research director of TekPlus, mobile operators and application developers need to think about implementing end-to-end security, rather than misdirecting efforts into "closed, proprietary" solutions. The industry needs to focus on developing security solutions for 3G and not WAP as well as promoting standardisation in the mobile security market, he advises. Without the right security infrastructure in place 3G will become little more than a "fat pipe" that does little or nothing to promote m-commerce, TekPlus warns. ® External links Wireless Portals and Wireless Service Providers 2001-2006 by Insight Research Lack of coherent wireless security standards and expertise is a problem for market development, says Tekplus Related stories Vodafone take Notes on mobile services Microsoft and Vodafone launch mobile Outlook app UK to test mobile digital signatures Mobile monsters make m-commerce world domination bid Don't believe the m-commerce hype Suicidal GPRS pricing puts 3G at risk Consumer GPRS is going to be a dog in the short-term Why do we need 3G phones anyway?
John Leyden, 15 Nov 2001

Job axe falls at Novell

Novell is reducing its headcount by 19 per cent - 1,400 employees - to cope with falling software sales. The cuts will save Novell $200 million annually by the second half of fiscal 2002. The software vendor expects to take a $55 million pre-tax restructuring charge to implement its redundancy programme, which will result in the reduction of its workforce to around 6,000. Novell blamea the cuts on the overall decline in the IT market, the oversupply of IT consulting services capabilities, and low expectations of a quick recovery next year. Based on preliminary financial data, Novell expects Q4 revenues of around $306 million (in line with previous estimates) when it reports its quarterly results on November 29. In July, Novell acquired Cambridge Technology Partners to boost services capability; the announcement of job cuts comes days after Jack Messman, the former head of CTP, became Novell chairman. He was appointed chief executive of Novell in July. ® Related stories Novell frees clients with NetWare 6 Novell: In front or also-ran? Novell results are outstandingly mediocre Novell makes eDirectory freeware Novell CEO steps down as it acquires consulting firm Novell reinvents itself for the Internet 'Panting homosexual' applauds Novell's Randy Bender Novell sues Microsoft over Netware death ad External links Novell Announces Restructuring and Workforce Reductions
John Leyden, 15 Nov 2001
server room

Oftel fixes fines for LLU failure

Oftel has set the service level agreements that (SLA)operators can expect from BT. This is another step forward in completing the regulatory framework for local loop unbundling (LLU). Today's announcement marks the first time that the telecoms regulator has formally intervened to set service level standards (after industry and BT failed to come to an agreement on the matter). The ruling on the levels of compensation - £10 for each working day an unbundled loop is unavailable and £80 per operator for each working day's delay in providing co-location facilities - was proposed in August by Oftel in a consultation document. The SLA is designed to ensure that BT meets the needs of operators which want to provide high-speed services over unbundled loops. However, with only around 150 loops unbundled so far, BT is unlikely to be crippled by LLU penalty payments, unless there is a sizeable hike in demand. In the summer, BT's director of regulatory affairs, Ian Morfett, described Oftel's intervention as "heavy handed", although this was later subsequently played down. A spokesman for BT said today that the ruling was "not unexpected". The regulatory jigsaw puzzle surrounding LLU is still incomplete. Oftel has yet to rule on third-party access to local exchanges, currently dogged by security issues, and co-location pricing. ® Related Stories Bulldog snaps at BT's co-mingling security fears Security fears hit unbundling progress Telcos welcome Oftel's heavy hand Oftel bangs heads in LLU row
Tim Richardson, 15 Nov 2001

This (external) HDD supports USB 2.0 and Firewire

SimpleTech has developed a portable external hard drive which is compatible with USB 2.0 and Firewire (1394b). Combining the two connectivity technologies on one drive seems to be a first. The product, called the SimpleDrive Deluxe, comes in 6GB, 10GB, 20GB and 30GB capacities, with the entry-level model priced at $200. The product is shipping in the US and will arrive in the UK in three weeks. SimpleTech acknowledges that customers can get cheaper USB 2.0 storage, but it thinks there are people out there who are into Firewire as well. In its press release, the company pushes points of appeal for corporate users and consumers as it's not sure yet where demand will come from. It says the drive is "the choice for video editing as well as for storing digital photos, music files, games or other data. We believe it is the smartest way to upgrade your hard drive, off-load files or take your data on the road and keep it safe." SimpleTech also pushes the line that the device offers a lower cost per gigabyte storage than Zip disk alternatives. The 20GB unit will store more than 20,000 digital photos or 6,500 MP3 songs at 128kbps. It weighs less than 16 ounces and is the size of a hand. The company claims USB 1.1 compatibility for the SimpleDrive Deluxe (which seems a bit redundant as USB 2.0 is supposed to be backwards compatible). ® Related Link SimpleTech site - SimpleDrive Deluxe doesn't seem to be on there yet Related Stories Apple to score industry first with dual 1394b, USB 2 support
Robert Blincoe, 15 Nov 2001

AMD ships 1.2GHz Duron

AMD has released its latest Duron processor, running at 1.2GHz. The chip, based on AMD's Palomino core, supports a 200MHz frontside bus and contains 128KB of on-die L2 cache. AMD reckons that a system based on the 1.2GHz Duron and DDR memory yields "significantly" better 3D games performance than a PC with a 1.2GHz Celeron and single data rate SDRAM. Equally, it beats a 1.4GHz Pentium 4 plus SDRAM system at "office productivity and digital media" apps by 13 per cent. AMD doesn't specify what "significantly" actually means, or note whether the Intel systems used PC100 or PC133 SDRAM. Or, for that matter, which species of DDR the Duron box contained. And since you'd expect a DDR system to be better than an SDRAM rig, we're not sure whether the "significant" performance hike has anything to do with the CPU. The chip costs $103 when bought in batches of 1000 chips. ®
Tony Smith, 15 Nov 2001

Cisco high-end routers in DoS peril

Cisco has issued a fix for a flaw which potentially makes its high-end routers susceptible to denial of service attacks. The performance of Cisco 12000 series routers can be degraded when they have to send a large number of Internet Control Message Protocol (ICMPs) unreachable packets, something that usually happens as a result of heavy network scanning. In an advisory on the issue, Cisco spells out the potential gravity of the problem and also admits some ISPs "have (been) experiencing difficulties" due to the vulnerability. "Exploitation of this vulnerability may lead to Denial-of-Service. The router's performance will degrade and, in the worst case scenario, the router will stop forwarding packets," the notice states. The problem is restricted to certain line cards in Cisco high-end 12000 series routers. Cisco has suggested workarounds which involve either preventing a router from sending ICMP unreachable packets at all, or rate-limiting them. It has also provided a schedule for updates to its IOS software that will provide a more complete solution to the problem. Since this availability is dependant on the underlying technology (or engine) an individual line card is based upon, service provider users will have to first determine this before looking up what they need to do. A less serious problem means that one of four 'engines' that underpin line cards used in the 12000 series has a series of six vulnerabilities involving the implementation of Access Control Lists. Cisco has published an advisory which informs users how to deal with the problem here. ®
John Leyden, 15 Nov 2001

Piracy stops Xbox in China

Microsoft's Xbox gaming console will not be sold in Hong Kong or China for the foreseeable future, due to rampant piracy in the region. The company is selling the actual hardware at a loss - as much as $125 per box, according to Merrill Lynch - and plans to recoup profits on its software titles, much like the razor blade or printer cartridge industry. As pirated software in many Asian regions is so widespread, it doesn't make much business sense to sell there, a Microsoft source told the South China Morning Post on Thursday. Sony faces the same issue; a spokesperson says the company has no plans to sell the PlayStation 2 in Hong Kong. As for the official line, a Microsoft spokesperson says no date has been set for those countries, saying that in a country like China, "consumer demand for PCs and other hardware products is still quite small, compared with the professional market". A visit to the console's official site appears to confirm this, with dates set for most global regions including Europe, Japan and Australia, but no mention of China or other Asian countries. Of course, both Sony and MS consoles (and their pirated titles) will almost surely be available on the grey market. ® Related Links The South China Morning Post - free registration required to view article Microsoft's Piracy Site Official Xbox site Related Stories WinXP piracy report - from Bangkok to Bristol Xbox lands Singapore pirates flog WinXP for $2.75 Natalie Imbruglia wins CD protection race
James Watson, 15 Nov 2001

Redmond's Tablets don't work – not for Dell, anyway

Dell isn't buying the Tablet PC revolution - not yet, anyway. Yesterday Michael Dell himself told the Austin American Statesman (which he surely didn't have to go to Las Vegas to talk to) that his customers weren't interested, and that there were "some other reasons" Dell wasn't going to build Tablets right now. We don't know for sure what these other reasons are, but we think we see where Dell might be coming from. Not going with Tablets and making a point of it is also clearly Dell policy right now. Talking to Infoworld, a Dell PC exec echoed Mikey, and suggested the company wouldn't build them for another 18 months. If two Dell people say the same thing at the same time, they're making a point - Dell's that kind of company. Superficially Dell's apparent antipathy to the new-style box is striking because it's so close to Microsoft, and should therefore be pulling in the same direction. But we propose an alternative analysis: Dell and Microsoft understand one another because they both think similarly about product packaging, marketing and timing. Dell can see what Microsoft is up to with Tablet PCs, and it sees it as a big bet which - if it succeeds - will channel the bulk of the rewards to Microsoft and leave the PC companies in even worse straits than they are today. The Tablet, effectively, is a packaging job. It is essentially a device of similar specification to a current mid-range notebook which has been cosmetically fiddled with. As we pointed out here earlier this week Microsoft has been pretty vague about precisely what a Tablet consists of, but back in July Geoff Walker of Walker Mobile did a very detailed job on it in Pen Computing, based on information gleaned at WinHec 2001. We hadn't seen it before, but if you're interested in what Tablet PCs are really about it's well-worth reading now. Here's his take on what Tablets really are: "Fundamentally, the Tablet PC is a notebook (laptop) without a keyboard. It's not a WebPad, as some of the members of the press still seem to think, it's a full-scale PC with a rotating hard disk. If you take any of today's very thin and light, high-end notebooks, rip off the keyboard, flip over the screen and add a digitizer, you've got what is basically a Tablet PC (except for some minor details, such as not being legacy-free). If you take the Fujitsu Stylistic 3500 and substitute an active digitizer for the passive (resistive) digitizer, again you've got what is basically a Tablet PC." Not difficult, there are machines you could class as Tablets on the market already, and it's significant that one of the founder Tablet builders, Acer, has chosen to just go ahead with the machine early next year without waiting for Windows XP Tablet Edition. Fujitsu is another one of the early movers, except it's already an early mover when it comes to Tablets, so when the big Microsoft rollout comes it also will be doing pretty much what it was doing before, but with whatever the TE extensions turn out to be added, and with the aid of the hundreds of millions of dollars Microsoft will no doubt pretend to be putting behind Tablet marketing. You can probably see where we're going here. Geoff Walker thought this several months before we even started to consider it, so we'll let him take it again: "Actually, what's happening is that Microsoft is simply applying good marketing skills to the pen tablet. Relatively few vertical pen tablet companies articulate the message about laptop versus tablet usage very clearly. This is because either (a) it's such common knowledge in markets such as Sales Force Automation that it's just taken for granted, or (b) the company is selling pen tablets into vertical markets that don't involve a lot of face-to-face meetings, such as Utilities." In this sense the Tablet is a classic Microsoft "product" - it's all been done already by other companies, but they've all been making money quietly in niche and vertical markets. Microsoft can therefore take something that's not revolutionary at all, add a pile of eye-candy and ludicrous marketing spin, call it a standard platform ISVs can build to and voila - it's driving the standards for both hardware and software, on its own. If it can get enough marketing momentum and OEM support behind it, then it can get buyers (it's aiming for the corporate market initially) to go for it as the standard computer. As it said at WinHec, eventually "all laptop and PC owners" will use Tablets. This will be a pretty good trick to pull off, because it's really not about technology, it's about changing customer perceptions - make them stop thinking the tablets they could buy already are low volume, vertical market boxes they don't want, and start thinking they're amazing machines they must have. It could just work, and the script is actually pretty similar to the Xbox one. With Xbox, Microsoft approached the OEMs and - so Microsoft tells us - they weren't interested. Given that the Tablet is going to have to go into the corporate market, the OEMs are maybe a bit more important, because Microsoft needs the OEMs' corporate sales operations to evangelise it. Whether they'll bite or not kind of depends, though. If you're aiming for the corporate market Compaq, Acer, Fujitsu and Toshiba will carry some weight, but ranged against that we have Dell, IBM and HP - you'd need at least two of the latter as well to be sure of making a standard stick. Corporate buyers, meanwhile, are going to be hostile to the Tablet unless there's a lot of momentum behind it, because they're hostile to anything new until it's poised to engulf them. That leaves Dell in a position that is in one sense advantageous (because it might be able to cut a better deal if Microsoft really thinks it needs the company's support) and in another, difficult, because the model Microsoft proposes doesn't really fit in with the way Dell likes to sell computers. Dell likes build-to-order, just in time manufacturing, adding perceived value and steering clear of undifferentiated commodities. It's had blips, but broadly speaking it's done a lot better via this strategy than much of the rest of the PC market. Microsoft, on the other hand, will want to drive the Tablet as a high volume, highly-standardised platform. You could maybe differentiate it with compelling software (which is not Dell's style or business), but otherwise you'd probably be reduced to the colour scheme, shape and what the docking stations looked like. So good buddies or not, maybe Dell can see a future where Microsoft carries on raking in profit per box from a whole new hardware sector, while the manufacturers descend further into no-margin suicide. It's not somewhere Dell would want to go, and consequently it's not a plan Dell would want to see work. ® Related stories: MS Tablet PC: 70 per cent hype, 30 per cent snake oil
John Lettice, 15 Nov 2001