8th > May > 2002 Archive

Allchin quizzed on ‘secret’ MS protocols and APIs

In court yesterday Microsoft VP Jim Allchin defended the security exception to disclosure in the proposed Microsoft-DoJ settlement, which is derided by opponents as "security by obscurity," but under cross-examination by States' attorney Kevin Hodges he went some way toward defining the protocols and APIs that Microsoft would keep security under the banner of security. The precise meaning of the clauses in the proposed settlement referred to here needn't detain us, but the protocols and APIs have some considerable relevance, because they'll help us assess how strong Microsoft's argument is. If the wider disclosure provisions of the States' proposals were implemented, Allchin argues that " the risks are greatly increased that valuable information stored on computers will be stolen and that computers will be subjected to malicious attacks." So, how many protocols will be withheld? Allchin suggests just the one, and possibly only for a limited period: A. It is possible that all protocols, barring one, will end up being disclosed underneath 3(e). But it's not done, the analysis isn't complete yet. Q.[Hodges throughout] Can you tell me what the one protocol is that you currently believe may not be disclosed pursuant to section 3(e)? A. Yes, I can. There is a protocol dealing with software functionality in Windows called message cueing [queueing], and there is a mistake in that protocol. And that mistake, if we disclosed it, would in my opinion, would compromise a company who is using that particular protocol. We are replacing that protocol. But today, I think if we disclosed it, it would be not the right thing to do for our customers. That's an example. That's a classic example of security by obscurity. There's something bad in there, and if the hackers got hold of it all hell would break loose. Actually though, one begs leave to doubt this. If knowledge of the hole were such a big deal, should not the Microsoft attorneys have been hopping up and down shouting 'close the session,' and should not Jim, who is after all in charge of this stuff, have pleaded confidentiality? Presumably transcript-reading hackers will have the final say on this. As regards APIs, Allchin said the analysis determining which ones would be withheld was still in progress, but came up with some examples: A. There are things dealing with antipiracy and things dealing with digital rights management. For sure, they come to mind as I sit here. Q. Are there particular names or ways of describing these APIs that you can use? A. I don't remember the specifics right now. There is one dealing with Windows file protection -- or maybe it's two with Windows file protection. You know, I can't remember in terms of the DRM. In his deposition earlier Allchin had given the Secure Audio Path component of its DRM system as an example of something that would not have been disclosed prior to the proposed settlement, but which would now. Clearly, though, there are other things it wants to hold onto, so could these roadblock Real et al? Allchin said that he didn't know the number of APIs that would be withheld, that he didn't expect there to be a very large number, but that "some of them are very important." "As I said in my testimony, I think there's a confusion about authentication and the way keys are used in authentication and the ways that keys are used in digital rights when you're trying to protected content. It may come to you, but the content owner wants to not have that be sent to somebody else or not used in some way. And in those cases we have to hide keys and the algorithms for manipulating those in -- physically in the code, so that level of disclosure would compromise installations." Hodges went on to explore this "confusion about authentication," and found some in the Microsoft camp. In his deposition Microsoft witness Roger Needham, managing director of Microsoft Research in Cambridge, had a narrower view of such matters: Q. Mr. Allchin, if I could ask you to turn to page 45, starting at line 4. Let me read you the question and answer. "Question: Do you believe this RFPJ J-1 is necessary to protect anything other than keys and the locations of keys? "Answer: I don't believe it is. It is to protect keys and the locations of keys from being indirectly inferred." Do you see that testimony? A. I do. Q. Do you agree with that testimony by Professor Needham? A. No. Unfortunately, I don't. It's partly right, but my example of a protocol with an error in it is a classic example of how I wouldn't agree with him on that. So Needham is right provided everything works, but Allchin wishes to use security by obscurity as a backstop for when it doesn't, if we understand that correctly. The whole problem with the proposed settlement, of course, is that when it comes down to it, we don't believe them. Sure, if Microsoft confines itself to keeping real security issues close to its chest, that's one thing, but this company has a legal record, doesn't it, so it can't be trusted. Cut to the chase: Q. All right. Mr. Allchin, what language, in section 3(j)1, would prevent Microsoft from using the security exception to withhold information, other than the mistake in protocol that you mentioned, the location of keys, and the cryptographic keys themselves? A. I want to be as precise as I can be here. It's "would compromise," to me, that's the key, if you will, about us having the ability to use 3(j)1 versus the documentation requirements that we have for 3(d) and 3(e). And in your question I felt like you were trying to say: Okay, is this the absolute limit of what you might find? And I already said that we're not complete. I think through my testimony I've sort of said, you know, there are only a few places so far that I know of that this is going to end up to be applicable, but we haven't completed it, and I do feel quite strongly that I have to look after our customers. We have -- you know, we are trying to work on a reputation of security in the marketplace. Or indeed, to establish one which we have not at this juncture got. Allchin undoubtedly does have a major and genuine job on his hands in getting a lid on Microsoft security issues, but the huge noise the Redmond marketing morlocks made about security becoming the number one priority earlier this year suggests that some people in the company are more concerned about the reputation than the nuts and bolts of reality. Hodges pursues more detail: Q. You would agree that section 3(j)1 would allow Microsoft to withhold from disclosure information beyond cryptographic keys and the locations of cryptographic keys; correct? A. I -- I would. Q. If we could look at section 3(j)1, there's a list of several different types of information that would be withheld from disclosure. The first is antipiracy system. Do antipiracy systems in Windows expose cryptographic keys or the location of those keys? A. I'm sorry. I don't understand the question. Do they expose? Do they use keys? Yes. I'm trying to answer. I don't understand. Q. Well, the use of the key itself, would that require Microsoft to withhold from disclosure APIs and protocols associated with antipiracy systems? A. In the narrow sense. You have to look at the specifics. We disclose a lot, as I mentioned in my testimony, about Windows file protection, but there's a part of the algorithm which we use that we have hidden, if you will, in the operating system because we don't want pirates to steal the system. So if we were required to disclose it under 3(d) or 3(e), then that part I would want to not have to be disclosed. Q. Are you talking about disclosure of APIs now? A. You could talk about it as either, but the most important part here that I was personally talking about was the APIs, yes. Q. So is it your testimony that if you disclose the API, you're also disclosing the algorithm that pirates would need to make copies of Windows? A. There are APIs that if we expose them, the more we say, as an example, if you hang your key outside your door and it's always there and you tell people that's where it is, it's not -- it's a risk. So, yes, there is at least one API that I can think of dealing with the Windows file protection that I don't want to disclose because it would make it easier for people to either do antivirus -- or attack us in a virus sense or antipirate, or pirate us. One kind of hopes he meant something rather different from what he said just there about antivirus, but Hodges then presses him on Kerberos. After establishing that it's open, but that Microsoft has added proprietary extensions, they proceed as follows: Q. Is Kerberos an authentication system? A. Yes, it is. It's a protocol. Q. So Kerberos is something that would fall under section 3(j)1; correct? A. I don't know what "fall under" means. We've decided that we're going to not invoke 3(j)1 for any authentication coming out of the Windows operating system to a Windows operating system -- or Windows server. Q. When did you make that decision? A. I don't know. Within the last month, maybe. Q. The SRPFJ, do you recall when this was negotiated? A. The attorneys would be better at that. In the fall. Q. So is it correct there was a period of time when Kerberos was subject to the nondisclosure provision of section 3(j)1; correct? A. Well, we had until August of this year to make the pass through the protocols, according to the SRPFJ. And I haven't read all the testimony in this trial, but -- or hearing, but there are many, many protocols, and we have been methodically walking through each of them. So it's no big surprise at all to me to be where we are today. Q. Am I correct that protocols are not disclosed until Microsoft decides, after analyzing them under section 3(j)1, that they should be disclosed? A. Yes. We have to do that by August when this -- for the first deliverable of those protocols. Q. So up until about a month ago the extension to Kerberos was not disclosed; correct? A. That is correct. Hodges then goes on to talk about the protocols and APIs Microsoft has already identified as not for disclosure, and asks if there is any necessity for the company to say which haven't been disclosed. No, says, Allchin, there is not, and "that would defeat the purpose of the 3(j)1. I don't want -- the fact that I even mention the message cueing [queuing] thing here bothers me." Q. So when Microsoft decides that an API or protocol is not subject to disclosure in reliance of section 3(j)1, it simply doesn't disclose those APIs or protocols and also doesn't make an announcement that it has failed to disclose them; is that correct? Indeed. So if your software doesn't work with Windows, you're going to have considerable difficulty figuring out whether it's your software that's broken, Microsoft's software that's broken, or whether it's something Microsoft isn't telling you. And Microsoft isn't going to tell you it's not telling you. Layered security by obscurity, and a familiar process. There's plenty more of interest here, but we'll call it a day for now, leaving you with an excerpt that may shed light on some of the cracking XP exploits of last year: Q. So it's possible for hackers to find unprotected undisclosed interfaces within Windows; correct? A. Yes. It's a question of how hard we make it. Q. Has that been done in the past? A. If for a digital rights we had an attack where, because of a coding error, they discovered the algorithms for how the key was, and the code, was obfuscated for DRM. Q. This is the data rights management mechanism in Windows XP; is that right? A. Well, it didn't have to do with Windows XP per se, but it was the DRM functionality. By the time Windows XP was done that issue had been addressed to my knowledge. Q. The DRM mechanism is something that is not published by Microsoft; is that correct? A. That is correct, except in how you use it. Q. Did the part that was not published, is it correct that someone figured that out and published details on the Internet? A. Yes. They spent a great deal of time reverse engineering the technology. ®
John Lettice, 08 May 2002

Dotcom death rate falls

The number of Internet companies going titsup.com continues to fall, according to the latest stats from the US. Webmergers.com - a California-based research outfit which monitors the health of dotcoms that have received significant funding - found that the number of closures and bankruptcies in the first three months of the year were down two thirds compared to the same quarter last year. In total, 54 companies turned up their toes in Q1 2002 compared with 164 dotcom deaths in Q1 2001. Those outfits hit were spread evenly among infrastructure, ecommerce and content companies. The last time the number of dotcom failures was so low was back in summer 2000. According to Webmergers, the number of dotcoms throwing in the towel has declined steadily since they peaked in May last year. Those behind the research predict that failure rates will level off during 2002 before declining still further. Which all means that, according to the number crunchers, some 823 funded dotcoms have gone tits up since January 2000. ®
Tim Richardson, 08 May 2002

Alphacide yesterday, Yamhill tomorrow: HP merger architect talks

If the name Shane Robison doesn't mean much to you, then take heart, because it had barely figured on our radar until yesterday. Robison has been described as "the man behind the curtain" in the SirCam merger by people we trust, and the HP CTO was instrumental in bringing HP and Compaq together - at one stage, he was one of only four people in the loop. It was by accident then that we found ourselves at lunch with Shane, and HP's head of labs Dick Lampman, with whom we'd earlier been chatting about MRAM and P2P stuff, and CodeCon, astonishingly free from interruptions. That had been good, but this was going to get a lot better. After a morning of bland corporate videos in which HP executives had strained to find a reason for the SirCam Merger other than "hey, we're really big now!" - failing to find a reason to stir the soul, other than satisfying Wall Street's asset strippers - Robison offered a glimpse for the rest of us why HPQ might need to exist. For a start, he can play the part of a tech villain from central casting: a vaudeville baddy so malevolent that the audience starts hissing as soon as he comes on stage. Kitted out like a Southern plantation dandy, Robison can put out a small house fire with a glare. And having run AT&T's research division, and endured seven years as a VP at Apple - again looking after research - he's clearly damn smart and knows how to survive and prosper in the games of executive politics. You'd want to hire him as an assassin… then hide all the cutlery. So folks, you can see that this is beginning to look very promising… Robison was CTO at Compaq, so let him tell the story. "We were evaluating all the options for consolidation for some time. We began talking in May, and I think you'll find this in the SEC filings." And who was involved? "Me and Mike from Compaq. There was no need to get anyone else involved at that stage." But Compaq wasn't talking about "consolidation" to anyone else during these negotiations? "No. And this was not a negotiation - these were discussions." And who was involved at HP? "Carly… and Duane [Zitzner]." OK, so we know the chronology of the Alphacide fairly well. What went first? "Internally, it was justifying what made sense. This was the first question I asked Mike when I took over as CTO. [1999 - ed.] How can we justify this?" "As soon as Alpha stopped having twice the performance advantage, it was 'how can we justify the expense of microprocessor design?'… Don't forget we had three roadmaps, three speed bumps going…. You can't just do it once - you have to do it forever. How could we justify the tools, the compilers?" So how hard did Compaq then try to license the Alpha, we asked. Samsung and API had been licensees, and SPARC and PA-RISC had some OEMs too. "We could have licensed it out, but we didn't have the market footprint. We would have been perfectly happy to," said Shane. Itanic rising Despite Itanic's dismal traction, HP doesn't think the cost of designing chips is worth the expense: and it doesn't think IBM and Sun has met the challenge, just yet. "You'll see Sun selling a lot more x86 than they are now in five years time." And that goes for IBM, too, he added. Robison and Lampman re-emphasized the point SRCAM has made throughout the proxy fight: it will invest in chipsets to differentiate itself, but not chips. "We'll see HP IP in the software and the tools," said Dick. The idea is to use these to eliminate management and services in the enterprise. "We'll still compete on speeds and feeds, but at a different level… we're not in this perpetual horserace about who can make the fastest microprocessor." "Sun's in a lot of trouble," said Robison. America, phone home We'd begun by talking about the phone business. HPQ had made much of wireless, but seems to have missed the wave with smartphones. Shane didn't buy our proposition that as a platform provider, Microsoft has missed its chance, and knows it. "It's too early to call a winner," he said. But with devices such as the Sony/Ericsson P800 and the Nokia 7650 taking imaging down to the pocket, wasn't this a challenge? Didn't HP at least know how to stick a camera on a phone, and sell it? "We've got that in the labs - iPaqs with wireless and a camera, sure," said Shane. Oh, fscking hell, we thought. Watching America's tech lead in handhelds disappear is like replaying the automobile industry crash of the 1980s, only in slow motion. Twenty years ago there wasn't a foreign car on the roads here, and US-built cars averaged 13 miles to the gallon. Now the domestic industry designs cars such as SUVs that are so awful that no one else in the world wants to buy them, and the classic aesthetics of American manufacturing's golden age - those beautiful Oldsmobiles - return only in the form of weird pastiches like the PT Cruiser. So it is that today that American computer brands - Microsoft and Intel - sell the world over, while the East makes components and chipsets. In the phone business, it could well be the reverse: the model is being commoditized, but the only American technology deployed by tomorrow's brand darlings such as Sony and Nokia is in the chipsets (TI's OMAP, with Intel and Moto as contenders) and some software (Sun's Java). Last week Mike Capellas was asked this very same question, and replied that Microsoft's promise of uniting home and office with a personal devices was the most enticing proposition on the table. Now across from me were two guys with a $4billion R&D budget. I should have asked for a flying car, and would have settled for a great American smartphone, but in the end got Shane to promise to at least have a look at the P800. I hope he does. 64 bits - take 'em or leave 'em One final tidbit. We asked the CTO of the world's biggest PC company - and the world's biggest PC server company - how it would react to 64bit x86 - from Intel, or from anyone else. "Yamhill's going to cause a lot turmoil in the marketplace: a lot of turmoil," said Robison. Er, if it's ever launched, we silently added, ever being mindful of executive indiscretions. So will HP use Yamhill in its servers, assuming that such a thing would ever happen? "We're very committed to IPF," said Robison. So if say, AMD, had an x86-compatible 64bit processor that met the performance requirements of HP's server division, would HP be a customer? "We work with AMD now, and we hope to work with them in the future," he replied, his grin now as wide as the Golden Gate. So don't take that as a yes. Or even a maybe. But it is a glimmer of hope that HP might be more than an asset-stripper's dream. For eight months HP's management has sold this merger on the grounds that consolidation is inevitable, and that IT will eventually become a business as commoditized and as lifeless as cleaning pipes, or selling beds: a business where distribution efficiency and scale count for much more than vision or scientific innovation. Even on these grounds, not all mergers are inevitable or even desirable, as this piece suggests. Now we may be biased, but that will never be completely true: HP has the power to make markets, buck markets, and literally - although such a phrased has been debased by its own disinfected marketing speak - sort of, kind of, invent the future. Carly and Capellas, while you have to give them their hour in the sun - just gave us the orthodoxy of accelerated capitalism: bigger is better, and consolidate faster and further than your competitors. It's a vision fit for an accountant. We think there's still scope for the latter, however, with a company that's bold enough to get everyone else's worried. If that ever happens, we do hope Robison is behind it. He asked us what we thought of the merger, and after we'd mumbled about not knowing the integration plans in enough detail, expressed the relief that at least we now knew it wasn't the result of the Sircam virus. For some reason, this brought a grin and two handshakes. There is hope. ® Bootnotes: We asked Lamphill if HP had expressed interest in acquiring AT&T's Labs in Cambridge, England - birthplace of VNC and other wonders. The lab has now closed, as reported by John Naughton in last week's Observer. Dick said he'd spoken to Hopper while it was still the Olivetti/Oracle Lab, but no offer had been made. It's no ancient history, he said. But MRAM is now in production…
Andrew Orlowski, 08 May 2002

Selling OEM Windows copies – you can do it in Europe

Our recent piece on Microsoft's interesting claim (now withdrawn*) that it's a legal requirement that a preinstalled operating system system remain with a machine for the life of the machine prompted a contribution on a related matter from Andrew Katz of Moorcrofts Corporate Law, who argues in some detail that under European law Microsoft has no right to stop you selling on any copy of Windows, including preinstalled versions. This is not what the licence agreement says, of course, and it's probably not what Microsoft's lawyers are going to say when you meet them in court. So if anybody wants to be a test case, please note Andrew's disclaimer towards the end of this piece. Now, over to Andrew. In Europe, subsequent sale of computer programs is governed by the 1991 Computer Software Directive, the relevant text of which is: The first sale in the Community of a copy of a program by the rightholder or with his consent shall exhaust the distribution right within the Community of that copy, with the exception of the right to control further rental of the program or a copy thereof. (Article 4 (c)) In English, this means that once Microsoft has sold a copy of Windows anywhere in the European Union (actually the European Economic Area, but let's not quibble over another country or three), it has no control over how that copy is subsequently distributed (with an exception only for rental). Reading this, barrack room lawyers will be saying "Stop! Microsoft doesn't sell its software - it licenses it - so these rules don't apply". Bollocks. The only way of reading this provision consistent with the "purposive" approach of interpreting European law is that "sale ... of a copy ... by the rightholder or with his consent" means "sale of a licensed copy". "Exhaust the distribution right of that copy" means "Prevent Microsoft having any control on how that copy is transferred from user to user". On the one hand, Microsoft can argue that since you bought the copy of Windows on a hard disk inside the computer when you bought it, then you can transfer that copy, on that hard disk. So there is an argument that that copy of Windows is linked to that hard disk. But it's not a very good argument. Remember I mentioned "purposive" above. "Purposive" means that the directive must be interpreted in a way which is consistent with its purpose. And the purpose of that part of the directive is to place Microsoft on a level playing field with the manufacturers of goods, like cars and fridges and tomatoes. No doubt, Ford would love it if it was allowed to "sell" Mondeos in circumstances where it could prevent the buyer from selling them on the second-hand market. But it can't for two reasons. (1) there is an established and flourishing second-hand market and no-one would buy a car they knew they couldn't sell second-hand; and (2) there are long established rules (in English law in any event) surrounding "unreasonable restraints of trade". Any attempt by Ford to impose such an obligation on a purchaser would be struck down by the courts as an unreasonable restraint of trade. Why should Microsoft have an advantage that Ford does not have? Note that the advantage is to the supplier itself, not to the market or the economy as a whole. Hence the passing of this part of the directive, which (among other things) is intended to bring about the establishment of a legitimate second hand market for software (something which for other reasons - unfathomable to me - has never actually happened). Incidentally, I have in my possession a Microsoft mouse which is also allegedly not to be resold except with other hardware. I have never come across a more blatant and unreasonable restraint of trade. Therefore, limiting the sale-on of the Windows software with the hard disk it came on is clearly (to me) an attempt by Microsoft to exercise the "distribution right" of that copy of the software after that right has been exhausted, and is unenforceable. I can argue this on and on. Clearly, if when you buy a machine with an OEM copy of Windows on CD (as in the good old days) there is no argument, and the copy on CD can be given away or sold on (provided you don't keep on using it as you are no longer an authorised user). However, you are fully entitled to take a backup (again under the directive). Which leads to the logical corollary (remember "purposive"?) that you must be allowed to restore that backup. If you choose to restore that backup onto another hard disk, then that restored version of the software must be "the copy". Or what if your copy of Windows is on a RAID setup, in which case there will be more than one copy of the software? The point is, in order to establish the correct scope of the directive, you must read "copy" in the correct context. Was the purpose of the directive to allow more than one person to benefit from a copy of Windows at a time? No it wasn't. Was is to allow a user to legitimately sell on a copy of Windows once he had finished with it: upgraded to Linux, say? Yes it was. I've got to do the boring lawyer thing and say the foregoing is not advice: it's my own personal view, so if you publish this and people get hammered by Microsoft by trying to exercise the rights granted to them under E.U. law, I won't either be (1) surprised or (2) liable. But I'm always in the market for (legitimate) second-hand copies of software. After all, unlike a Mondeo with 100,000 miles on the clock, a second-hand copy of Microsoft Windows NT4.0 sp6 [we may be able to help you there - Ed] is in exactly the same showroom condition as it was the day the gold master was pressed. By the way, I'm getting concerned calls from clients in the business of developing remote control software which suggests that it is an infringement of the Windows XP licence to use remote control server side software (in the "not X-windows" sense) on an XP (Professional) installation where you don't have XP Professional on the client side. Unless, of course, you are using NetMeeting as your remote control software. This throws open more issues than I can cover in a lunch break, but I don't like it one bit... ® * Yesterday dogged Register sleuth Thomas C Greene received a response to the query he filed with Microsoft some days before we published the piece. It goes as follows: The language surrounding operating systems that come already loaded on donated machines has been clarified to better reflect best practices: If you feel it is in the best interest of your school to accept the donated PCs, make sure you know the licensing guidelines. For instance, if the hardware donation is an original equipment manufacturer (OEM) machine, the pre-installed operating system license is only valid when used on the original machine for which it was first installed, so it's beneficial to leave it intact. Microsoft is committed to helping our education customers proactively manage technology assets. We appreciate your feedback and actively use your comments in our planning processes. Higher Education Customer Communications
Team Register, 08 May 2002

VIA shows off tablet PC design

One day we'll all be taking the tablets. That's what we've been told by industry experts for 10- years or more -even before they were called tablet PCs (anyone remember the Dynabook?) One day every e-potato will have one. But in the meantime we'll have to make do with reference designs. Latest off the drawing board is from VIA Technologies, which showed its take on the concept yesterday at WinHec in its home town of Taipei. Concept designs kinda need pictures - but we haven't any to hand. Instead, here's some spec for this 'sleek and stylish device'. There's an 'digital ink' system - no, we don't know what it means either, but it's innovative. There's a 10.4in electro-magnetic digitizer portrait screen, USB 2.0 and Firewire connectivity and optional 802.11b wireless support. The beast is built around the the VIA Apollo 2002, VIA's mobo for thin and light ultra portable applications. It uses either a VIA C3 or Eden processor and the VIA Apollo Pro266T DDR SDRAM chipset which supports low voltage - c. 3.3 volts - meaning lower power drain. VIA's tablet PC runs on MS Windows XP Tablet PC Edition, it's less than an inch (2.54cm) thick and it weighs in at just over a kilo. But how much? When? Any OEM customers yet? One day, we'll find out. In the meantime, here's VIA's tablet release. ®
Drew Cullen, 08 May 2002

Deutsche Telekom fingered for unfair pricing

The European Commission has written to Deutsche Telekom accusing it of abusing its dominant market position through unfair pricing for access to its local loop. Eurocrats are concerned that DT is charging new entrants higher fees for wholesale access to the local loop than what DT's subscribers pay for retail access. This, claims the Commission, discourages new companies from entering the market and hinders competition. In a statement Competition Commissioner, Mario Monti, said: "After four years of complete liberalisation of the telecommunications markets in Europe, competition has come to a critical stage. "This is particularly acute in the local loop where many very promising new entrants have already been forced to give up their business. I believe that much can still be done to foster competition in this field and that is clearly one of our priorities now," he said. A spokesman for DT expressed his surprise at today's intervention by the Commission. He told The Register: "The market is totally open in Germany and prices are fixed by the regulator." Today's action by the Commission stems from complaints by Mannesmann Arcor and local and regional carriers in Germany. The Commission has also sent statements of objections to France Telecoms's subsidiary, Wanadoo, over predatory pricing for high speed Internet access services, and to Dutch incumbent KPN over the price charged to terminate calls on its mobile network. ®
Tim Richardson, 08 May 2002

Terra Lycos seeks path to profit

Terra Lycos has managed to offset in part falls in advertising revenue with an increase in Net access revenues. Publishing its Q1 results today the global Internet network, which includes operations such as the Lycos portal, RagingBull.com, Tripod.com and Wired.com, said that it had continued to cut operating costs in a bid to drive the business into the black. During the first quarter of 2002, Terra Lycos earned revenue of E161 million, in line with the company's previously announced forecast. However, this was down 10 per cent on the same period last year when the group notched up revenues of E178 million. Advertising and ecommerce revenues fell 26 per cent from E123 million in Q1 2001 to E90 million in Q1 2002, although this was partly compensated by a 28 per cent jump in Internet access revenues from E55 million to E71 million during the same period. EBITDA (earnings before interest, taxes etc) losses improved by 46 per cent from E76 million in Q1 2001 to E41 million in this quarter - the company's best EBITDA performance to date. In a statement Joaquim Agut, Terra Lycos executive chairman, said: "These results demonstrate that Terra Lycos is confronting adverse market conditions with a clear business vision, offering customer-oriented services and content and adding new sources of revenue. "This clear market orientation, along with efficient cost management and a strong financial position, gives Terra Lycos a uniquely solid position in the Internet sector and strengthens its positive trend toward profitability," he said. However, the Web portal and ISP business could have it plans to reach profit scuppered if Bertelsmann AG succeeds in renegotiating its $1 billion online advertising contract with Terra Lycos. The massive ad contract was originally signed in May 2000 and stated that Bertelsmann would spend $325 million on advertising with Terra Lycos by October 2002. Bertelsmann also agreed to spend a further $675 million with Terra Lycos by the end of 2005 although it retained an option that it could renegotiate this deal if necessary. According to reports, it now wants to exercise this option and see a sharp drop in the amount it spends. ®
Tim Richardson, 08 May 2002

Guillemot severs last link with Ubi Soft

Guillemot this week announced that it had, after a protracted divorce, severed its fulfilment contract (or was it the other way around) with Ubi Soft, the French games outfit. This makes Guillemot, also French-owned, a "pure player in the interactive leisure hardware and accessories market", the company says. Guillemot's three logistics units will now focus all their energies on supporting its Hercules and Thrustmaster brands. Guillemot reports a "strong sales dynamic" for Hercules and Thrustmaster in recent months, "promising extremely satisfactory order levels for the remainder of 2002". However, the loss of the Ubi Soft contract has hurt sales revenues to the tune of €27.6m in the second half of FY2001(ended August 2001) and €37.7m for the first half of 2002. Guillemot is currently reorganising its North American operations, and there appears to be job losses, hardware review site HardOCP reports. The company has also focused all retail energies in Europe at the high-end around ATI, ditching Nvidia as a partner. It will be interesting to see the impact that solus ATI distribution rights for European retailers will have on Guillemot's sales. ® Guillemot statement
Drew Cullen, 08 May 2002

HDS trebles bandwidth on storage kit

Hitachi Data Systems (HDS) has set itself the goal of becoming the number one provider in the storage market with a major revamp of its enterprise storage line. Key to this ambition is the unveiling today of its Lightening 9900 V, the second generation of storage systems based on its Hi-Star switched architecture (which is technically superior to bus architectures). The 9900 V series boasts triple the bandwidth with twice the cache of previous 9900 series models, allowing customers to consolidate storage resources and reduce total cost of ownership, HDS says. The idea is to reduce complexity and simplify management. Two model are available in the series: the Lightening 9970 V, which scales up to 9TB and the high-end 9980 V, which can handle up to 75TB of raw capacity. Each support 1 and 2Gbps Fibre Channel, ESCON and FICON, with support for iSCSI promised by the start of next year. The hardware is the cornerstone of HDS' TrueNorth strategy for open information management, through which it hopes to overtake EMC as the largest supplier of storage systems. At a launch event at the Dali museum on London's South Bank today, HDS execs talked confidently on their support for industry standards (SOAP, XML and Common Information Model), industry partnerships (HP and Sun OEM HDS kit) and the technical performance of their box. However they shuffled uncomfortably on the Daliesque Red Lips sofa when quizzed about virtualisation, which has become a much-hyped buzz word in the storage industry. The 9900 V series comes with a feature called virtualisation assist layer which offers the ability to mix mixed Windows, Unix and other heterogeneous servers on a single port. But this falls short of true virtualisation, the pooling of storage from multiple networked devices into a single storage resource that is managed from a central console. Robert Bignell, senior director of enterprise products and solutions, said to common standards on the network are needed before the industry can move forward to that level of virtualisation. But what of the $1 billion war chest HDS said last year it had to expand its virtualisation capabilities or the deal with IBM to jointly develop storage virtualisation (announced last month)? Bignell said that fruits of the IBM collaboration were yet to come through in its products and fended off questions about its war chest, which remains (it would seem) locked up somewhere. Although HDS left its plans for virtualisation vague (like everyone else in the industry) it was able to announce significant improvements in its HiCommand storage management software. HiCommand Management Framework adds to the device management features of its earlier software to perform functions like automating common storage tasks, freeing up more time for administrators, and bandwidth allocation. HiCommand Management Framework modules, which work on Solaris and Windows platforms, will be announced throughout 2002 and 2003. ® Related stories Sircampaq: The Winners and Losers Storage benchmarkers push the envelope Storage Tank on its way, IBM says IBM hands over HDD biz to Hitachi The great storage giveaway HDS plays down API swaps with IBM or EMC HP extends 'pay as you go' to storage
John Leyden, 08 May 2002

Judge sets scene for battle over modular Windows

Microsoft trial judge Colleen Kollar-Kotelly yesterday allowed the unsettling states to introduce evidence indicating that a modular version of Windows, based on XP Embedded, was possible. The evidence, in the shape of testing consultant James Bach, is a late entrant, but the judge nevertheless allowed it, saying "I'm going to allow Mr. Bach's testimony primarily for the reason that I think the information should be presented to the court, that I should have it." Bach's professed mission, and the reasoning she presented in her preamble to this decision are interesting. Bach, according to CKK, is intended to "testify that XP Embedded can be configured as a full-feature desktop operating system capable of running on standard personal computers. "And he'll testify that he created an operating system configuration using Windows XP Embedded that would provide the functionality available from the standard XP operating system, including the ability to install and run applications. "Mr. Bach would further testify that he created an operating system configuration using XP Embedded which omitted various Windows components. Plaintiffs indicate that Mr. Bach will testify that he was able to run and test various applications on these embedded run-times. At least that's what I understood his testimony was." She considers the testimony related to this area she's already heard, and notes: "There has been extensive testimony as to whether XP Embedded will substitute for Windows XP as a general purpose PC operating system, and there's been no testimony that I can recall, in looking through it quickly last night, about anyone who sat down to try using XP Embedded as a PC operating system which will support general purpose applications." Microsoft expert witness John Bennett did some stuff with XP Embedded, but CKK has noted that it didn't address the states' claims that it could be the basis for a modular Windows. "In short, he doesn't testify as to what XP Embedded cannot do. He testifies as to what it was created to do, how one uses it to perform that function, and what end result the intended use produces; far from engaging in testing of plaintiffs' theory regarding the usefulness of XP Embedded, Dr. Bennett merely installed XP Embedded, looks like, and created various run-times on his laptop for the purpose of informing his testimony about how the product works." Which is another thing altogether. This doesn't necessarily help the states, as there's supposed to be on rebuttal, and if there isn't anything to rebutt, then they don't need Mr Bach, right? They don't need him for other witnesses either: "Now, with regard to plaintiffs' additional claim that Mr. Bach's testimony is responsive to testimony offered by Mr. Gates and Mr. Short, once again, neither Mr. Gates or Mr. Short -- and I'm not talking about depositions, I'm talking about in trial -- testified that they tried what Mr. Bach has done and whether that was successful or not. "They also talked about how the system might be expected to work based on their understanding of the cross dependencies and how it was intended to be used. These witnesses don't testify that they tried what plaintiffs propose and failed. "In this light, it seems apparent that plaintiffs' proposed rebuttal testimony takes a step beyond responding directly to defendant's case. "Not withstanding all of this, I'm going to allow Mr. Bach's testimony, primarily because I think that the information should be presented to the Court, that I should have it, and secondarily, the testimony is not an improper subject for rebuttal." So she kept them on tenterhooks right until the end. She has also set the scene for what could be a titanic struggle. Testimony from Bach goes to Microsoft tonight, and Bach must be available immediately for deposition. Any objections from Microsoft should be in by Friday, 10am. Microsoft may introduce its own surrebuttal (new one on us too) witness immediately after Bach, no later than May 16th. Could be worth booking the ringside seats for this sequence. ®
John Lettice, 08 May 2002