12th > September > 2002 Archive

PGP creator joins UK privacy watchdog

Cyber rights luminary Phil Zimmermann has joined the advisory council of influential UK privacy watchdogs the Foundation for Information Policy Research (FIPR). Zimmermann, best known as the creator of Pretty Good Privacy (PGP) who earned widespread acclaim for facing downs threats from the Feds when he exported his famous encryption program, said he was joining FIPR to further trans-Atlantic co-operation on civil liberties. "I've always felt that efforts to preserve civil liberties must be pressed on both sides of the pond to be effective," said Zimmermann. "I think our own government in the US found it harder to hang on to the crypto export controls after we made progress in the French and British domestic policies. Now we face tougher challenges, and we must face them together." Zimmermann joins the FIPR at a time when cryptography continues at the centre of many issues of technology policy, ranging from the powers sought by law enforcement agencies since 9/11 to force telecomms companies to retain customer data, to the debates about copyright and digital rights management. Emerging technologies such as the Trusted Computing Platform Alliance (TCPA) and Palladium are "creating fresh tensions between privacy and corporate interests", notes the FIPR, whose former head, Casper Bowden is now privacy and security manager at Microsoft. No word yet on any likelihood of any head to head debate between Zimmermann and Bowden on Palladium but you just know it's going to happen and, when it does, be sure to save us a ringside seat. ® Related Stories MS Palladium protects IT vendors, not you - paper Internet privacy campaigner to become MS privacy officer
John Leyden, 12 Sep 2002

Open Source .NET supports Office challenge

A desktop challenger to Microsoft Corp's Office has adopted an open source version of .NET, potentially increasing its appeal to a cross-section of developers, Gavin Clarke writes. The KDE Project has emerged as possibly the first real-world adopter of Project Mono for application development. Mono is an open source alternative to .NET for Unix and Linux desktops, initiated in July 2001 by Ximian Inc. Central to Mono - like .NET - is support for multiple languages. KDE is a desktop applications package and framework written in the Qt programming language. Using Mono means KDE is open to developers working Mono Basic and C Sharp (open source versions of Microsoft's languages) and Cobol. Increased language support could increase up-take of KDE as more applications are developers. Adam Treat, open source developer and Qt Sharp author, said: "The more choices that KDE offers the developer, the more attractive KDE becomes to the developer. Mono holds the promise of providing multi-language support for KDE through the efficient and solid completion of only one binding." Increased backing from developers comes at a critical time for Microsoft. The KDE office application suite includes a word processor; spread sheet and presentation software among other modules. Vendors are lining-up to challenge Microsoft's Office since the company introduced unpopular subscription-based pricing in August. Challenges have been issued by Sun Microsystems Inc, Corel Corp and Ximian. Adding to the pressure is the fact many now believe open source desktop technologies have matured and pose a credible alternative to elements found in Office. Opening KDE up to developers unskilled in Qt could increase the pressure. Astute developers could build applications for KDE that attract customers unhappy with Microsoft's licensing. KDE developers are working two Mono-based projects. The first is a Mono-based script interface to KDE with planned bindings to Qt. These will allow different languages to be used when building KDE applications. A sub-project is also underway for a plug-in interface to Kate, the KDE advanced text editor. The project would enable developers to write Kate plug-ins, such as a browser, in Qt or a version of Microsoft's C Sharp written for in Mono for KDE called QtC Sharp. KDE is also using the open source DotGNU project on KDE, but Treat noted Mono is further along in development. Since announcing Mono just over a year ago, Boston, Massachusetts-based Ximian has completed an open source version of the C Sharp programming language, C Sharp compiler and converted approximately 15,000 libraries. Ximian co-founder Miguel de Icaza has positioned Project Mono's as a means to streamline development of cross-platform applications instead of a means to build open source web services. Microsoft positions its version of .NET as both a set of more efficient development technologies and a platform for web services. Treat backs de Icaza. "[Mono] combines a modern development framework and powerful class library with a beautiful new language." He said Mono is a distinct improvement over previous development technologies. "It's a breath of fresh air for developers," Treat said. © ComputerWireTM
ComputerWire, 12 Sep 2002

Intel rubbishes AMD's hybrid plans

The head of Intel Corp's server chip division rubbished AMD's 32/64-bit hybrid processor proposition yesterday, saying that if it's such a good idea, why hasn't anyone done it before? Mike Fister, senior vice president and general manager of Intel's enterprise, speaking after a keynote speech at the vendor's developer forum in San Jose, questioned the logic of supporting both 64-bit and 32-bit computing on the same processor. Advanced Micro Devices Inc is pushing its hybrid approach as a way for corporations to smooth their transition from legacy 32-bit applications to 64-bit computing. Fister said performance issues meant it was questionable whether many customers would find much use in such an approach. "There's maybe a splinter where it could have some value." he said. "[But] the end point where our customers have got to get to is 64-bit." Making the shift to 64-bit is a massive undertaking for any vendor to do, he said, even without trying to straddle 32-bit computing as well. "If it's so easy to do, you'd think it wouldn't have taken us so long to get to Itanium." Meanwhile, Intel said it would keep the Itanium 2 branding for its next brace of 64-bit processors. Madison, which represents the shift of the Itanium architecture to a 0.13 micron manufacturing process and which features a 6MB cache, will ship next summer, said product manager Michael Graf. Deerfield, a lower power version of Itanium, is due to ship some time after, but before the end of 2003. Intel says the next generation of Itanium will offer a 1.3 to 1.5 times performance improvement over the current line. Graf said the rollout of Madison and Deerfield will follow a similar pattern to the earlier Itaniums, with long evaluation periods by both OEMs and customers. "It's an artefact of the high end space," he said. © ComputerWire
ComputerWire, 12 Sep 2002

Liberty president's challenge: to remain ‘relevant’

The next president of the Liberty Alliance Project must ensure security specifications are produced in a timely fashion while the organization remains relevant to the needs of nearly 100 members. Gavin Clarke writes> That's according to presidential candidate, and acting president, Michael Barrett, who this week told ComputerWire Liberty has evolved from a "start-up" to mature organization in just 12 months. Liberty was announced in September 2001 with 16 founders. Since then, members have grown to include corporate consumers of IT, vendors spanning network hardware to cell phones, and an increasing number of not-for-profits and public organizations. But the organization's first anniversary has been marred with bad news. Liberty president Eric Dean last week announced he has stepped down to devote more time to his regular job as chief information officer at United Airlines. Liberty's long-term role is also in question. It emerged in July that members are considering submission of specifications to the Organization for the Advancement of Structured Information Standards (OASIS), potentially leaving Liberty bereft of a mission. Barrett, vice president of Internet strategy for American Express Corp, said future challenges include coordinating activity and delivering on specificaitons in this rapidly expanding organization. A number of Liberty board members have thrown their hats in the ring for election as Dean's successor. Elections to the year-long post are expected to take place during the next few weeks. "We have a unique blend of members and we produce specifications so quickly, the challenge is how we make progress going forward as the organization grows bigger," Barrett said. "I don't think there's any magic, you have to pay attention to the details." Barrett is unsure where Liberty's long-term future lay. He said Liberty would have to consider how it remains relevant, as specifications mature and gain wider adoption in vendors' products. "There are multiple possible end scenarios [for Liberty]. We could all go home... or transform into a standards body in the identity space," he said. "That's 18 months to two years down the road, and it's not relevant to have that discussion yet." Not topping the list of near-term presidential challenges is attracting IBM or Redmond, Washington-based Microsoft Corp to Liberty. Despite being courted by Liberty members, Microsoft and IBM remain aloof. Talk of a federated version of Passport - announced rather suspiciously by Microsoft within days of Liberty - has subsided. Instead the company developed WS-Security with IBM and Mountain View, California-based VeriSign Inc. WS-Security has now passed to OASIS, also home of Security Assertion Mark-up Language (SAML). Microsoft has said it will support SAML assertions - developed by OASIS members - that relate to WS-Security. Barrett believes events will take a natural course, avoiding the need pursue either IBM or Microsoft. "In the long-term there's going to be interoperability and potentially [there will be] convergence. We are going to look back in a couple of years and ask what all the fuss was about and why people got so excited," Barrett said. © ComputerWire
ComputerWire, 12 Sep 2002

CMGI cuts ties with past, sells NaviSite

CMGI Inc yesterday said it has sold the second of its firstborn, NaviSite Inc, to ClearBlue Technologies Inc, for an undisclosed amount. Earlier this week, CMGI divested its interest in Engage Inc, which CMGI formed at the same time as NaviSite in 1997. ClearBlue has acquired HP Financial Services' 3.2 million NaviSite shares and $55m convertible debt position and CMGI's 76% equity and $10m convertible note in NaviSite, giving it 79% of NaviSite's equity. If it were to convert the notes being acquired it would own 94% equity. In exchange, HPFS and CMGI get to share a 24% stake in ClearBlue. Having spent the large part of the dot-com years acquiring technology firms, struggling CMGI is now fine-tuning its strategy on what it sees as core assets. Last month it closed the acquisition of iLogistix (Software Logistics Corporation), as part of its effort to beef up its e-business and fulfillment segment. ClearBlue, a holding company with its roots in Israel, has also been vulturing for bargains this year, snapping up the European assets of bankrupt PSINet Inc six months ago and bankrupt AppliedTheory Corp in June in an effort to build out hosting and internet connectivity business in the US and Europe. NaviSite's loss of $2.million in the third quarter to April 30 contributed to CMGI's overall loss of $125.2m, but with the divestiture, future losses will not count against CMGI's numbers. CMGI still owns five companies that are not in its e-business and fulfillment segment, including AltaVista Co, YesMail and Equilibrium. © ComputerWire
ComputerWire, 12 Sep 2002

Bon and MobilCom's future hanging by same thread

The futures of MobilCom AG and France Telecom SA's chief executive, Michel Bon, appeared to be closely tied together yesterday, as speculation mounted that the embattled head of Europe's number two telco would sacrifice MobilCom to save his job. According to the French daily Le Figaro on Tuesday, Bon is begging his government masters to be allowed to cease funding MobilCom, even though such a move would almost certainly bankrupt the German wireless operator in which France Telecom has a 28.5% stake. Yesterday however, as investors wiped 60% off the value of MobilCom shares, it was still unclear what France Telecom's next move will be. The telco's board is thought to be considering the buyout of the company, which is still 50% held by the founding CEO that France Telecom forced out in June, Gerhard Schmid, and his wife Sybille Schmid-Sindram. But Bon is said to be against this move, which would leave France Telecom holding the weakest player in Germany's crowded wireless market, and facing extra costs associated with loan repayments and the ongoing development of MobilCom's 3G network. Arguments over the scale of Schmid's original 11bn euros ($10.7bn) 3G plan were at the heart of France Telecom's decision to oust the former CEO earlier this year. The company is now at daggers drawn with Schmid, who is suing France Telecom for reneging on an earlier agreement to buy him out. At the same time MobilCom, under France Telecom direction, is also suing Sybille Schmid-Sindram for the return of more than 70m euros ($68.03m) it alleges Schmid's wife's company acquired via an illegal stock transaction. Clearly Bon, who paid 3.74bn euros ($3.63bn) for the 28.5% stake in MobilCom two years ago, believes that there is no sense in throwing good money after bad. MobilCom owes some 6bn euros ($5.83bn), including 4.5bn euros ($4.37bn) in bank loans which France Telecom agreed to secured against its own shares in June, and still faces a huge bill to go ahead with its 3G plans. Its association with France Telecom has contributed to a 70% slide in the telcos own share price this year, and Bon would clearly like to cut these ties at the earliest opportunity. Even if France Telecom does decide to cease funding MobilCom, it is still left with the responsibility of meeting MobilCom's 4.7bn euros ($4.57bn) of bank debt obligations, or risk wrecking its own credit worthiness. France Telecom cannot afford to take this risk, with 15bn euros ($14.58bn) of bank loans of its own coming due next year, and possible cash shortages of 5bn euros ($4.86bn) and 20bn euros ($19.4bn) forecast for 2003 and 2004 respectively. In the meantime, Bon has been working to renegotiate 1.1bn euros ($1.07bn) of vendor financing that Nokia and Ericsson agreed to in connection with MobilCom's 3G equipment procurement, and the 4.7bn euros ($4.57bn) in banks loans to the company. So far Nokia has agreed to write-off 300m euros ($291.5m) owed by MobilCom, but has said it will not offer any further financing to the company, but the situation with MobilCom's creditor banks remains to be resolved, and may hold the key to Bon's future tenure at France Telecom. Indeed, some observers believe that Bon's position at France Telecom is already on the agenda of a board meeting scheduled for today, at which the company's biggest stake holder, the French government, will decide on what to do next. If it backs Bon it will likely confirm the opinion of the company's other investors that Bon is merely a government place man, and harden their conviction that if France Telecom is to be trusted in future, the government must sell its 56% stake in the company, or at least reduce it to a point where it cannot artificially cushion that company from adopting truly market driven strategies. © ComputerWire
ComputerWire, 12 Sep 2002

Oracle and Microsoft square up for Fall CRM showdown

NetLedger Inc, an Oracle Corp off-shoot and maker of the Oracle Small Business Suite, plans to launch NetCRM this fall, putting the Oracle/NetLedger combo firmly in competition with Microsoft Corp's CRM plans and its interest in seizing a share of the small- to mid-cap market for business applications. San Mateo, California-based NetLedger started life as an ASP, founded by ex-Oracle VP Evan Goldberg and majority funded by Oracle's chairman and CEO Larry Ellison, who also holds the position of NetLeger chairman. But when the ASP model failed to find favor, the two companies agreed NetLedger would continue to develop the software, but it would be branded Oracle Small Business Suite. The result was that NetLedger got to use a quality brand name, thereby gaining credibility, while Oracle gained a company to do its bidding in the SME sector and an all-in-one product suite that meant it was able to go to market with a hosted application suite specifically designed for the small-to-mid sized market. Originally focused on providing accounting software, before expanding and adding payroll, personnel, inventory, sales force automation and customer management, the addition of NetCRM bolsters the all-important front-office applications and results in a suite that address and integrates both areas of the business. NetCRM fills a gap in the suite's front-office functionality with the addition of marketing functionality, particularly with regard to campaign management and segmentation to support personalized campaigns. It also adds partner relationship management. Overall the suite is aimed at 500-employee companies. NetLedger's offering originally challenged bCentral, Microsoft's software-as-service initiative for the small businesses community. bCentral has since been folded into the Microsoft Small Business Solutions division that also houses Microsoft's Great Plains and Navision acquisitions and from which Microsoft CRM will sprout. Now we have two roughly equivalent divisions from archrivals Oracle and Microsoft, both offering all-in-one application suites, aiming to integrate front- and back-office functionality and going straight for the same SMB market segment. To add to that heady mix, both are due to launch their CRM products during the final quarter of this year, by which point they will have their patchwork of applications more of less complete and can start to take them to market with gusto. Over the coming months several fundamental issues will be addressed. Given that Microsoft has yet to outline how it will integrate and manage the various applications gained as a result of its own development work and its acquisitions, Oracle looks to have the more coherent product suite. Yet Oracle Small Business Suite is a hosted offering and despite the success of CRM ASP Salesforce.com, this model has not proved popular with the business community at large and even Salesforce.com has introduced an offline version. Finally there is the channel issue. Microsoft was attracted to Great Plains and Navision because of their established mid-market centric distribution channels, an essential element in succeeding in the SMB market while NetLedger cannot match that amount of specialist market reach. What is certain is that as of this fall, many of the pieces will be in place for a fall CRM SMB showdown between Microsoft and Oracle. © ComputerWire
ComputerWire, 12 Sep 2002

BT to trial 2Mbit/s SDSL, rollout next year

BT is to begin trials of a high-speed SDSL (Symmetric Digital Subscriber Line) service next month, ahead of a planned full roll-out from the middle of next year. The pilot - which will test two SDSL products giving speeds of up to 2Mbit/s both upstream and downstream over a copper line - should be a hit with companies keen to try out videoconferencing and teleworking. Oh, and it should also appeal to those outfits which need to move large files/documents around the place. Anyhow, BT Wholesale is looking for up to 20 ISPs to take part in the six month trial. Initially, the service will be available at 20 exchanges in London, but from December a further 30 exchanges in areas including Manchester and Yorkshire should also be able to provide SDSL. In June BT announced it would be working with broadband service provider, Bulldog (a vocal critic of BT in the past incidentally) to run an SDSL broadband trial in London from late autumn. Easynet - one of the few operators still engaged in local loop unbundling - is already offering SDSL services. ® Related Stories BT woos SMEs with broadband Fibernet to offer unbundled services
Tim Richardson, 12 Sep 2002

BT boss talks up broadband

The CEO of BT is not one for nostalgia. Any talk of BT's dismal track record on broadband before he joined the company earlier this year is likely to get a prickly response from Ben Verwaayen. "I am amazed by the energy in trying to find out who is to blame instead of 'what can we do?'," he told journalists yesterday in his office overlooking St Paul's Cathedral. "If you want to blame BT, among others, fine. Go-ahead, be my guest. But it is not the issue." For Verwaayen, the "issue" isn't about BT's recent past. He prefers to keep his eyes fixed firmly on the road ahead, instead of checking the rear view mirror, as he puts it. "I said from the first day that I put a foot in this building that BT will be committed on broadband, that we will do everything in our power to make sure that Britain will be a broadband place to be, because I believe it is the next thing in telecommunications." "It [broadband] is within the core of our strategy. Nobody can doubt it. There is no backing away any more." Such a positive commitment from the BT boss is still a little difficult to take without an equally hefty dollop of scepticism. After all, Net users who've been around a bit will find it hard to forget the difficult and long campaign to introduce unmetered dial-up access in the UK. Nor will they forget the dominant telco's foot-dragging in bringing broadband to the country. After all, it was only two years ago that telecoms regulator, David Edmonds, spoke of the "trench warfare" he had endured with BT over the opening up of its network to competition. Twelve months on and his views hadn't altered much as he described local loop unbundling as a "painful and often miserable process" during which time BT preferred to protect its dominant position rather than spearhead the broadband revolution. Was it only last September that e-commerce minister Douglas Alexander finally lost his patience with BT and called on the company to "exploit (its broadband) investment more aggressively" in a bid to get Broadband Britain on track? Singling out BT for particular criticism, the minister said BT had a responsibility to drive demand, lower costs and increase availability of broadband. Then, of course, there have been umpteen calls for BT to be broken up because of its lack of broadband progress. That, though, was before Verwaayen took charge of the telco. From the outset, he put broadband at the heart of the company's strategy. Within days of joining the company back in February he announced that broadband costs would be cut, and followed this up with substantial wholesale price reductions just weeks later. He also pledged to improve the performance of the DSL network and service quality, and work to extend broadband to less commercially viable areas. There can be little doubt that Verwaayen's appearance has produced a major shift in BT's strategy. While everyone may not be happy with BT's performance so far (especially those who can't get ADSL) it is still an astonishing turnaround. Not wishing to dwell on the past, the Dutchman prefers to talk about the journey ahead towards reaching and passing key broadband milestones. One of those milestones will be reached later this month when BT Retail begins a major marketing push for its no frills, access-only broadband product - BT Broadband. On September 22 BT Retail, its massive customer-facing division with 22 million customers, will begin its largest broadband marketing campaign so far in a bid to ramp up demand. The company has set a target of reaching one million broadband subscribers by 2003 and five million by 2006 - much of this on the back of its no frills service. "We’re going to make sure that everyone in the company is focused on the importance of broadband," said Verwaayen. But BT's decision to provide an access-only service from its main customer-facing division has not been without its critics. Freeserve warned that BT was being allowed to dominate the broadband marketplace and exploit its dominant position as the leader of fixed telephony services. Others, including industry analysts, believe that the no frills service, which doesn't even include email, is lacklustre. But there are also more fundamental questions associated with this move, such as the relationship between BT Retail and the telco's mass-market ISP business, BTopenworld. Earlier this week the MD of BT Retail, Angus Porter, speculated that if the no frills BT Broadband service proved to be a runaway success it could result in BTopenworld being swallowed up by BT Retail. Verwaayen was more circumspect - stressing that BTopenworld's full ISP service and the no frills BT Broadband product were there to give people a choice. Asked how the launch of BT Broadband would affect BTOpenworld he said: "That's what the market will decide." Indeed it will. And time will tell if, in the future, Verwaayen allows himself a sneaky look in the rear view mirror to see how far (maybe) he's travelled down that broadband road. ®
Tim Richardson, 12 Sep 2002

Greek court throws out gaming ban case

A Greek court has ruled that the country's new ban on electronic games is unconstitutional and throwing out a case brought against two net café owners who were charged with allowing their customers to play Counter-Strike and online chess. The two proprietors, along with an employee, could have faced a three month jail sentence and fines of about 5,000 Euro each, along with the loss of their business licences, the BBC reports. Instead the court has set a precedent for other cases, and set the country's legal system against its government - a battle which the courts are almost certain to win, given their ultimate right to interpret the constitution. The ruling was welcomed by the Greek Internet Café Owners Union, with a spokesman saying that "all those who supported this from the beginning are vindicated", and by the 300-strong crowd which had gathered outside the court to protest against the law. © z Related story Greek govt bans all computer games
gamesindustry.biz, 12 Sep 2002

MS intros ultra-liberal ‘write your own licence’ scheme

When it comes to Microsoft's new-look licensing agreements it's not all downhill, apparently. The texts you have to agree to in order to install Microsoft stuff have been getting tougher, but hey, if you don't like it you can just write your own and sign that instead. No, really! Take a look here, where down at the bottom you will find the EULA for the Windows Driver Development Kit. Select all, then press delete. Now, you can insert your own agreement, haiku, plea for world peace, laundry list or whatever, and then accept it. Hurry hurry hurry, before Microsoft changes its mind and abandons DiY licence agreements. You didn't want the DDK anyway? Neither did we. Never mind. (thanks to Simon for pointing us at this one) ®
John Lettice, 12 Sep 2002
DVD it in many colours

Anti-email snooping proposals ‘stupid’

Bob Jones - the boss of email filtering and blocking outfit Equiinet - describes proposed legislation to outlaw bosses snooping on employees' email as "stupid and ill-considered". Last week Tory MP Michael Fabricant announced he was looking to introduce a Bill that would stop employers from snooping on employees' email. The Lichfield MP wants to give the same level of privacy in law for emails, as currently exists for conventional mail and telephone calls. But Jones reckons any move to protect personal privacy would be a "recipe for litigation". "This is going too far by giving license to the few who would abuse the privilege of private use of email at the expense of exposing employers to litigation. If this bill became law, the employers' only course would be to ban all personal email at work." Jones' views were backed by email outfit Mirapoint, which reckons that the key difference between e-mail and other forms of communication is that e-mail comes with the company's name in its address. Those who back employers' right to monitor email usage believe that failure to do so leaves companies open to fraud, offensive material and loss of confidential data. "Surveillance and privacy are not the issues here, it's the organisation's ability to protect itself from unnecessary risks", said Jeff Brainard, of Mirapoint. "Ultimately, all the information sent across a company's network by employees is company property, because if a company fails to prevent malicious, offensive or confidential information being transmitted across its network, then it's the company that is responsible for the results - and that could mean anything from damaged reputation to heavy lawsuits," he said. Related Story Bosses should stop snooping on staff email - MP
Tim Richardson, 12 Sep 2002

Dabs.com and Time bow to OFT pressure

Dabs.com and Time Computers have agreed to stop using misleading ads for interest-free credit. The Office of Fair Trading (OFT) won the assurances as part of an ongoing campaign to crack down on companies it believes could be in breach of consumer law. In particular, it was unhappy with Time Computers and Dabs.com which were advertising "interest free" credit, "0% APR" or "interest free option/choice" deals for their products. In reality interest was payable from the date of the agreement if a lump sum was not paid off in full by the end of the interest free period. The OFT took the view that such adverts break the law and could mislead the public. John Vickers, Director General of Fair Trading, said: "When a consumer signs an interest free deal, they need to know they are getting just that." No one from Dabs.com was available for comment at the time of writing. A spokesman for Time Computers said the company ceased running the misleading ads when it received notice from the OFT in April. "We never meant to mislead anyone," he said. In April the OFT won a similar undertaking concerning misleading advertising from giant electrical retailer Dixons Group ®
Tim Richardson, 12 Sep 2002

P2P swamps broadband networks

Peer-to-peer file sharing applications are taxing the finances of broadband operators, who are struggling to manage the off-network traffic. That's the main conclusion of a study, titled The effects of P2P on service provider networks, by network management firm Sandvine, which warns P2P activity "threatens to swamp" broadband operators in off-network traffic - a serious problem for operators because it drives up their network access fees. P2P activity accounts for up to 60 per cent of the total traffic on any service provider network, Sandvine found during its study. Users downloading and uploading files accounts for only a portion of this data traffic. It's the overhead generated by these applications - advertising, searching functions, and other transactions largely transparent to most users - that are the real bandwidth hogs. Service providers are well-aware that a portion of their subscriber base is eating up (arguably from their perspective) more than its fair share of bandwidth and driving up costs by using P2P clients. In this context, concerns expressed by some ISPs about acting as a vector for copyright infringement are, largely, a red herring. Cost is the overriding reason why ISPs impose bandwidth caps and otherwise discourage P2P use. In order to determine the scope and magnitude of P2P bandwidth-hogging, Sandvine developed a set of tools to measure the traffic by protocol type, map patterns of connectivity and determine the impact on service provider profitability. Marc Morin, chief technology officer of Sandvine, said P2P traffic was identified as something distinct (compared to Web browsing and email) and out-of-the-ordinary by service providers because it created "a kind, and volume, of traffic that they hadn't really provisioned for". "Peer-to-peer technology ignores the logical topology of service provider networks. P2P clients like KaZaA and the many Gnutellas communicate with other clients in a completely random fashion." "Generally speaking if you boot up KaZaA this evening on your home PC, you're more likely to connect with users in another country or another continent, than you are to connect with a KaZaA user on your own service provider's network." That's expensive. So service providers need tools to address the cost and efficiency challenges posed by peer-to-peer activity...such as Sandvine provides. "File sharing is tremendously popular with broadband subscribers, but unless it's directed along a least-cost network path, P2P traffic will continue to challenge the business model for basic Internet access," Morin explains. Sandvine's white paper echoes the findings of a recently published University Of Chicago study, Mapping The Gnutella Network (pdf), which details the critical performance implications of the popular Gnutella P2P protocol on service provider networks. ® Link The effects of P2P on service provider networks, by Sandvine (registration required)
John Leyden, 12 Sep 2002

Levi's trousers protect your testicles

Levi Strauss is to introduce a new range of slacks with mobile phone anti-radiation pockets. The trousers will be introduced next year in the UK under the company's "Dockers" brand and could cost as much as £100 a pair. The phone pockets are lined with a special material, which tailors say will prevent radiation from phones reaching the skin. Of course, the company isn't saying that radiation from mobile phones is dangerous or anything. No, no, no, it says it's merely responding to customer concerns about radiation emissions from mobile phones. Oh, the slacks also have some waterproof coating as well. And come in different colours. And sizes no doubt. In May the UK Government published a reported which found that some mobile phone shields can "significantly reduce" exposure to radiation. Tests on some products found that many of the shield devices can reduce exposure to radiation by large amounts. However, any reduction is often linked to a similar reduction in mobile phone performance leading to a weaker signal. Which can lead to people shouting more to be heard. ® Related Story Mobile phone radiation products tested
Tim Richardson, 12 Sep 2002

BA signs up Dell for one-stop IT products shop

Dell has won a three-year product supply deal from BA. We assume it's big - the contract is expected to save BA "significant amounts financially", as the airline moves to Dell as a standard platform. But Dell won't tell us how much the deal is worth. We also infer from the very bland press release that Dell is doing a lot of reseller stuff for BA - it talks of delivering a single source of supply for a wide range of products and solutions. And that means bad news for Specialist Computer Centres, BA's incumbent, and by extension HP and IBM. We say "infer", as Dell proved unable to answer our very simple questions on this deal. Dell is kicking off the BA business with a desktop refresh. This will see Latitude notebooks and Optiplex desktops replace - no we can't tell you this either. ®
Drew Cullen, 12 Sep 2002

Meet the one shop stop security appliance

Security appliance vendor ServGate aims to drive down the price of Gigabit speed firewalls by using network processors rather than ASIC-based or software firewalls in its line of firewall gateways. Ease of deployment and the (theoretically) enhanced security that comes from a hardware-based approach is causing a shift in the market from software firewalls to appliance sales - a trend ServGate intends to exploit, albeit with a slightly different approach to that of more established vendors like NetScreen. In addition to Firewall and IPSec VPNs, ServGate's line of Internet Security Gateways feature a variety of services such as web caching, URL filtering and more. Top of the range is its SG2000 firewall appliance, launched in the UK yesterday, and designed to sit in the core of enterprise intranets or service provider networks. Two versions of the product are available, SG2000L, which features 50 Virtual Gateways (independent security domains) and the SG2000H, which features 500 Virtual Gateways. Each is based on Intel IXP 1200 network processors. Peter Ruyters, European managing director of ServGate, said prices of between $40,000 to $85,000 for the SG2000 compared favourably with the $100,000 or more customers might pay for comparable ASIC-based firewalls from the likes of NetScreen. Although competitive on price, ServGate's appliances can't match NetScreen's products on raw horsepower. Firewall performance of the SG2000 is around 1.5Gbps compared to 12Gbps for Netscreen's top of the range 5,400 firewall. Peter Crowcombe, a marketing manager at NetScreen, said using network processors gives a performance somewhere between using software and that achieved using ASICs, which are expensive for short production runs. He dismissed claims from ServGate that NetScreen's hardware lacks flexibility, pointing out that its appliances feature programmable RISC processors as well as hard-wired ASICs. As well as pitching itself against NetScreen, ServGate also aims to pinch share from vendors like Watchguard and Sonicwall at the lower end of the market with products based on mainstream Pentium processors. There's two products here: the SG300 (for SMEs), a 200 Mbps Firewall and VPN appliance that features integrated virus scanning (using software from McAfee), Web caching, DMZ and high availability features; and the SG200 (for telecommuters), a 75 Mbps Firewall and VPN appliance that features Web caching, DHCP server, PPPoE. ServGate distributes its products through TechData in the US. It set up in Europe this March and signed a distribution agreement with Tech Data/Computer2000 in the UK late last month which sits alongside a distribution agreement with MindShare in Europe and Dutch VAR Imtech.nl. ® Related stories Software firewall vendors under sales pressure Vendors sharpen tools to thwart DoS attacks NetScreen puts heat on software firewall vendors
John Leyden, 12 Sep 2002

Outlook Express becomes attack platform, of sorts

There's a pleasing symmetry about the latest security issue involving Outlook Express. For the last couple of years Outlook (Lookout) Express failings have been exploited to infect users. So why not take advantage of its features to send viruses in such a way that they might fool detection by AV and content checking tools? Well that's the gist of a new method of bypassing many SMTP-based content filter engines, unearthed by researchers at Beyond Security. Using a rarely used feature called 'message fragmentation and re-assembly' (MFR), an attacker can send emails that will "bypass most SMTP filtering engines", Beyond Security reports. This MFR feature, which allows Internet users to split up sent messages, helping surfers with slow connections to send smaller segments of a larger email in multiple emails, is supported by Internet standards (RFC 2046) but easily enabled on only one client - Outlook Express. On Outlook Express the re-assembly feature is enabled by default, while the fragmentation feature can be enabled from a drop down menu. The upshot of this is that virus writers might splice emails containing malware into smaller segments using Outlook Express that might slip past virus scanners or other content testing mechanisms because a recognisable virus signature might not appear in a particular email fragment. Possibly. This strikes us as a highly ineffective way to try to spread viruses, whose only use might be as a targeted attempt to infect a company which relies heavily on server-based AV scanners. Get beyond that shell and you're into a soft weakly protected belly, where all sorts of mischief can be wrought - at least in theory. In practice most corporates use desktop AV protection alongside server-based tools, and this will pick up any virus when the message is reassembled, at a user's PC. Nonetheless a vendor solution to the vulnerability, involving including a reassembling agent at the server that prevents any non-reassembled message past, seems sensible - particularly for gateway AV scanners where the problem (such as it is) is most keenly focused. Beyond Security has canvassed what's available. Trend Micro's InterScan VirusWall 3.5x for NT is affected, and the company has issued a patch. Likewise GFI MailSecurity for Exchange/SMTP 7.2 has been updated to detect this exploit as a "fragmented message". All Symantec gateway products, by default, block multi-part MIME messages at the gateway, so there's not much of a problem there. You can find Beyond Security's advisory, and a list of vendor responses, here. Not all potentially affected vendors have responded as yet but GFI have put together a free test to check if you're vulnerable, available from the company's Security Testing Zone. ®
John Leyden, 12 Sep 2002

Google China crisis over

It seems the great Google blocking episode in China could be at an end. The Register has received a couple of emails from readers in China saying they can now access the search engine after it disappeared from view almost two weeks ago. A spokeswoman for Google told us: "We have also received a number of emails from people who said they are now able to access the site. Google is still looking into the matter in a bid to seek confirmation and clarification. ® Related Stories AltaVista and Google to fight Chinese censorship Google, China work to unblock site China blocks Google. Allegedly
Tim Richardson, 12 Sep 2002

NVidia, MS Xbox squabble drags on

Nvidia tells us it has several business relationships with Microsoft which are warm and productive, but the one involving Xbox graphics chipsets is beginning to resemble a divorced couple squabbling over visitation rights. Nvidia continues to supply The Beast with the graphics it needs for the games console, but the two can't agree on a price. The dispute went to arbitration in April and a final decision isn't expected before next summer. But Nvidia has to do the right thing, and account for this as deferred revenue. In =800080" target="_blank">this SEC filing published on Tuesday, Nvidia said it needs to defer "an amount equal to the difference between the price being paid by Microsoft and the price Microsoft claims it should be paying." The total amount of deferred revenue stood at $46.2 million at the end of July. Nvidia has asked the arbitration panel for "pricing relief" and damages. ® Related StoriesNvidia takes Xbox write-off hit Microsoft, Nvidia at war over Xbox
Andrew Orlowski, 12 Sep 2002

Segway on track: ignore Amazon goof

Segway tells us that Amazon.com customers interesting in buying one of its Human Transporters should disregard an email from the e-commerce giant today saying that the transporter won't be available any time soon. "We've recently learned from our supplier that the item you requested to be notified about, Segway Human Transporter (also known as "Ginger" or "IT"), will not be available in the foreseeable future," Amazon.com told customers who'd registered an interest in the vehicle this morning. That's incorrect, says Segway, which told us there are no changes to the schedule. Amazon.com blamed its email robot for the error. "A small number of customers were e-mailed in error by one of our automated e-mailing systems today. In actuality there is no new information about Segway availability. We of course will let that small number of customers know that they should disregard the e-mail." The midget-crushing moped is on course for a consumer release in 2003, a spokesperson told us today. Commercial customers such as the US Postal Service and utilities are receiving their HTs now. Bootnote:And not just civilian utilities. Reader Chris Partridge sends us this evidence - extraordinary, if true - of Segway deployment amongst the elite of Britain's security forces:- How unwise we were to mock this. ® Related Stories Segway joins the Arms Race Ginger aka IT aka Segway demonstrated
Andrew Orlowski, 12 Sep 2002