27th > September > 2002 Archive

Intel dampens DRAM alliance speculation

There was rampant speculation in the Far East yesterday that Intel Corp was plotting an alliance with a raft of DRAM vendors. Local reports suggested the Santa Clara, California-based company was in talks with Taiwan's Powerchip Semiconductor Corp, Hitachi Ltd, NEC Corp and Mitsubishi Electric Corp. The reports coincided with speculation that NEC, Hitachi and Mitsubishi Electric are planning to integrate their DRAM operations by next Spring. Exactly what sort of alliance may be cooked up between Intel and the memory vendors is a mystery. Intel pulled out of the DRAM market years ago. An Intel spokesman said the company never commented on rumors. However, he also pointed out that as part of its normal course of business the company was often in conversations with memory vendors about future technology directions and other strategic issues. The implication seems to be that run of the mill conversations between CPU vendor Intel and its DRAM counterparts have been blown out of proportion. © ComputerWire
ComputerWire, 27 Sep 2002

Jobs axe falls at Colt

Colt Telecom has confirmed massive job cuts amid the continuing slump in the telecoms industry. Over the next year some 800 people will find themselves out on the street as Colt makes savings of £40m. Although the job cuts are a massive blow for those who work at the company, it's not as bad as first thought. Insiders had claimed that as many as 1,000 jobs were facing the chop as Colt tries to gets to grips with its finances. In a statement today Colt wittered on about moving to a "pan-European organisational structure" which will lead to "improved pan-European sales and operating efficiencies". Colt said that it expects EBITDA (earnings before interest, etc) for the quarter ending 30 September to improve to around £17m, compared with £14.7m for the previous quarter. Turnover for Q2 is expected to remain flat at around £258.3m. Said the company in a statement: "Given the recent downturn in the telecommunications industry and in the overall economic environment that it is prudent to take further action to ensure that its asset base remains aligned with the realities of the market." ® Related Story Colt to shed 1,000 jobs?
Tim Richardson, 27 Sep 2002

Software firms team to fight bug leaks

A loose coalition of software developers and security companies has come together with the aim of preventing vulnerability information being released prematurely, Kevin Murphy writes. Yesterday, a body calling itself the Organization for Internet Safety, announced its existence, and said it intends to have draft guidelines published early next year. Scott Blake, chair of OIS's communications committee, told ComputerWire the guidelines will give security researchers and software developers responsibilities for being discreet and taking warnings seriously respectively. The key proposal is a 30-day waiting period between a patch release and details of the bug being released. "We want to give the good guys a 30-day head-start on the bad guys," Blake said. "Demo code for [vulnerability] exploits won't be published by anybody without some assertion that it will not be used for unlawful purposes... We don't want researchers putting loaded guns in the hands of script kiddies." The OIS was the brainchild of Steve Christey of the MITRE Corp and Chris Wysopal of @Stake Corp, who published a best practices document as an Internet Draft with the Internet Engineering Task Force in February. Founding members also include Oracle, Microsoft, Symantec, NAI, Guardent, ISS, SCO Group and BindView. In recent years, there has been friction between vendors and professional and hobbyist bug-hunters. The periods between notifying a vendor of a bug and releasing the information to the public have been variable, and vendors, notably Microsoft, have been criticized for ignoring warnings or threatening legal action against the discoverer. "It's been a very long time since anyone has had a legitimate complaint against Microsoft for not responding to a security issue," said Blake, who works for BindView Corp. "More often it's someone who wants to embarrass Microsoft, or other software companies, because they have a bone to pick." "We'll probably get more traction with the professionals at first," he added. "But we're hoping to set a good example for the rest." The hope is that ultimately anybody, including the hobbyist bug-hunter, releasing vulnerability information without conforming to the guidelines will be frowned upon. Two weeks ago, US senior presidential advisor Richard Clarke published a document outlining a strategy for securing American interests on the internet. Responding to the fact that most successful attacks are due to unpatched systems, among the proposals was the notion of an industry-led clearinghouse for vulnerability and patch information. But Blake said there's no chance OIS will become that organization. "We're very specifically going to stay out of that kind of thing," he said. The OIS will merely create and maintain the guidelines and approve new members. Companies wishing to join need only seek approval from the OIS board. There will be no enforcement of the guidelines, no certification seal to boast, and no membership fees. "We're using the honor system," Blake said. © ComputerWire
ComputerWire, 27 Sep 2002

Nortel warns again of Q3 revenue slump

Nortel Networks Corp has issued a second profit warning on its third-quarter figures and announced plans to avoid the ignominy of de-listing of its shares in New York and Toronto by a reverse stock split. The network equipment vendor said it now expects revenue in the third quarter to September 30 to show a 15% decline on the $2.77bn achieved in the previous three month. When it released second-quarter figures in July, it forecast that the third quarter would be "essentially flat" but last month revised this to a 10% decline. Each month clearly brings a new bout of bad news, and Nortel blamed the deterioration on a further fall in spending by service providers, generally in the US and for wireless networks in Asia. CEO Frank Dunn said he is sticking to the target of returning to profitability by June 2003. Last month, the company announced an additional 7,000 lay-offs, and Dunn said the company would be prepared to take additional action to achieve its profitability goals. With shares trading in New York at just $0.64, Nortel runs the risk of de-listing and plans a reverse stock split, where the shares are merged to attract a higher value. The company said it plans to get this approved at the annual meeting next spring at a level it hopes will bring the new share price to a level of between $10 and $20. This is a far cry from the bullish noises emerging from Nortel two years ago when the share price topped the $80 level and the company was boasting that research showed that bandwidth demand would increase 300-fold over the next eight to 10 years. The then CEO John Roth dismissed predictions of a glut in network capacity. "Will this growth rate continue? We're being very bullish. It will absolutely." This was at a time when Nortel's revenue was over $8bn a quarter. With the current glut in network capacity, it is now predicting third-quarter revenue of approximately $2.3m. © ComputerWire
ComputerWire, 27 Sep 2002

Nokia launches first dual-mode 3G phone

Nokia Corp attempted to shine a light across the gloomy European 3G landscape yesterday with the launch of the first 3GPP-compliant WCDMA and GSM900/1800 dual-mode, tri-band handset. The device, known as the Nokia 6650, is also notable for allowing users to record up to 20 seconds of video (128x96 pixels) with sound using a built in VGA camera employing 4096 colors, the first Nokia phone to offer the facility. The camera can also be used for taking still photographs (640x480) that can be viewed on the device's color display. Other features include a multimedia messaging service (MMS) client, a WAP 1.2.1-compatible browser, integrated Bluetooth, a "wallet" application for mobile transactions, and a Java 2 Micro Edition (J2ME) virtual machine based on the mobile information device profile (MIDP). Nokia is also making great play of the 6650's ability to multitask, allowing it to run more than one data session at a time - for instance, recording video while talking on the phone. Nokia claims two hours and 20 minutes talk time in WCDMA, two hours 40 minutes in GSM, and standby time of up to 14 days for the device, which weighs in at 141g. Nokia said the 6650 will start shipping to operators for live network tests in the fourth quarter with commercial sales expected to begin in the first half of next year. Nokia demonstrated the device in Helsinki in cooperation with local operator Sonera Corp. © ComputerWire
ComputerWire, 27 Sep 2002

PCA attacks ‘shabby’ handling of Great Fujitsu HDD fiasco

To: Adam Harris VP – Fujitsu Europe From Keith Warburton Executive Director PC Association 27th September 2002 AN OPEN LETTER Dear Adam, I write on behalf of the Personal Computer Association, a trade organisation consisting of businesses from throughout the UK and international IT industry. I have made two attempts to speak with you directly about this matter, with no success. Since this matter seems to have a worldwide impact, I ask that you communicate the contents of this letter to the company’s management in Japan, and seek from them the clarification that has not been forthcoming from any of the subsidiaries. This is about the issue of faulty Fujitsu hard disk drives; in fact the issue is not so much to do with the faulty drives – of which more later - but the way in which Fujitsu seems to have gone into either “deny” or “ignore” mode regarding the situation, and in doing so is demonstrating lack of regard or respect for their customers. Following PCA Members' concerns this issue was publicly discussed during the Conference of the PC Association, co-incidentally and simultaneously the matter was raised in the international IT press. Since then I have received many stories from the trade and end users that confirm beyond any doubt whatsoever that the rate of failure of your MPG3xxx disk drives is way above that which might normally be expected. In this context we believe that a 1% failure rate p.a. (i.e. 2% within 2 years) might be acceptable, and 2%p.a. would be regrettable but manageable. 3% and above would be cause for grave concern. However, I have spoken with a number of very well informed people, and from my conversations with them and from the reports we have received from three continents we can conclude, with a reasonable degree of confidence that the MPG3xxx series drives may well have a failure rate in excess of 20% pa (40% within two years of install). Indeed some of our correspondents would say this is a conservative estimate. Notwithstanding the actual rate of failure, I believe that the way that Fujitsu corporation has handled this situation is shabby to say the least, and reflects no credit whatsoever upon the company’s most senior management. The days when giant corporations can ride roughshod over the wishes and needs of their customers are, thankfully, long gone. Or perhaps that should be rephrased: in a competitive marketplace, where the customer has choice, any business that has a wish for longevity must be seen to be open and honest and to treat its customers decently and fairly. Whilst Fujitsu in the UK has cautiously admitted that it has had “reports from some customers regarding increased failure rates over some months” – inferring perhaps that the problem is more to do with customers than the company, we have received reports of Fujitsu in Canada and Germany denying that there is any problem whatsoever. The following verbatim extracts should give you a flavour: “I am a Tech for a School District in BC Canada. We purchased a brand new lab of Hewitt Rand machines about a year ago. They all came with the MPG3204AT 20 GIG Fujitsu Harddrives.As Hewitt Rand has gone out of business, we have been having to deal with Fujitsu Canada directly. So Far, out of 30 machines, we have had 26 fail with the "no harddrive" lack of detection by the system. That is 86% and climbing every day. These machines stay running all the time. They were fine for about eight months and then they started to fail at a rate of 2 - 3 per week. I eventually called and talked to the President of Fujisu Canada himself, Mr Howard Day. He denied any "world wide" issues with these harddrives and said they only have a 3% failure rate. He said it must have somehow been "Hewitt Rand"'s fault. Easy to blame a company that doesn't exist anymore. As we are a school, it is insane having a lab where 4-6 machines are not working at one time. From the time we request the RMA and send the drives to Fujitsu (our own cost in shipping) and then receive another drive back, it is over 2 weeks turnaround. We have been down as many as 6 drives for 2 week periods. Your (comments published in The Register) is the FIRST I have found over months of searching that says I am not alone. I was beginning to think that I had "ghosts". Fujitsu has given me quite the runaround over the past 6 months. 1) First they said they would offer us a refund for all the drives so we could go out and buy a different brand. 2) They rescinded that and said that they would only offer us a refund on the drives that had failed. 3) Then they rescinded that and said that they would only offer us a refund if we sent in more than 10 drives at a time, knowing full well that we couldn't be down 10 drives at a time in our lab and still keep classes functioning.” Or how about this heartfelt comment from a system builder in Germany “We are thankful to hear finally from other people to have problems with fujitsu HDD drives. We bought about 80 fujitsu since 2001. Most of them we had to give back to our distributer, and we got new once back of them who have all exactly the problems you discribe. In August we wrote a letter to fujitsu Munich. Of cause they sayed, they haven't heard of this problem, and they will give us the chance to give them back until December 2002 for each $ 52,-- !! What a joke, we payed 80-90€ and had a lot of costs changing and posting. And why are they doing it anyway”. These are representative examples from the correspondence that we’ve received. The only response we’ve heard coming from Fujitsu is that “press reports are inaccurate”. In just what way are they inaccurate, exactly? Are failure rates higher than 86%? And that’s the point. Fujitsu’s policy seems to have been to try and contain the problem (of getting a bad reputation) by treating each complaint independently and in isolation. Please recognise that this policy has now failed, and come clean about the whole mess. I understand that if Fujitsu feels that it has an epidemic failure rate on disk drives – and the way some of your major OEM’s have handled massive swap-out programmes would seem to confirm this – than it may be reluctant to confirm the scale of the problem for fear of impacting shareholder confidence. Frankly, the company has already lost the confidence of a large portion of its customer base; the only way to rescue what little credibility you have left – regarding this matter – is to come clean and implement a decent, honourable, workable and clearly stated solution for your trade customers, a solution that will in turn allow them to look after their customers. Yours sincerely Keith Warburton Executive Director Personal Computer Association
Drew Cullen, 27 Sep 2002

AOL UK pulls unmetered dial-up Net access

AOL UK is to cease offering unmetered dial-up Net access to up to 30,000 customers because their telcos don't support unmetered Internet services. From November 9 all customers who don't use BT, Telewest or NTL as their phone provider will be switched to a new metered price plan called AOL 30 HOUR, which will provide 30 hours of online time for £15.99 a month. Anyone exceeding this monthly limit will be charged 1p a minute for their extra time online. Those telcos affected by this change include Kingston Communications, Telewest Eurobell, Jersey Telecom, Guernsey Telecoms, Manx Telecom and WightCable. It's understood that some of the telcos do provide a wholesale unmetered product but that it is simply too expensive. In an email AOL UK explained: "In the near future we will only be able to offer our AOL FLAT RATE price plan to members who access the AOL service using a line provided by BT, NTL or Telewest (excluding Telewest Eurobell customers). This is necessary because we require an underlying unmetered connection from your telephone company in order to offer you a service on a flat-rate basis. "Unlike telephone companies serving the vast majority of our members, and despite continued lobbying, the unmetered connection currently offered to us by the telephone provider you have selected to access AOL is not sustainable." A spokesman for AOL UK said that if these telcos offered a fair and sustainable wholesale unmetered package then it would offer flat rate services to these customers again. ®
Tim Richardson, 27 Sep 2002

Nagel, Sakoman map Palm's future

One of my very first forays into the wicked, wicked world of journalism (aged 15) was being shown by a local radio reporter how to re-edit a tape to make the Mayor of Middlesbrough appear to be a slurring, bumbling wreck. I'd wangled a school assignment with the station and having just met the Mayor - a confused and very red-faced fellow - in person, the doctored tape did him no less than justice. Sometimes you have to exaggerate the truth just a little bit, to convey the essential truth. Yesterday the sun shone on another Mayor as he performed a ribbon-cutting ceremony for PalmSource's new Sunnyvale campus, which also marked a Palm open day for partners and press, and the only exaggerated thing in sight was the quite extraordinary genitalia on a statue that greets visitors at the main entrance. (We provide a photograph below. If you're John Ashcroft, stop reading now). I wanted to say hello to the Mayor, and remind him that in Hartlepool, which is just over the other side of the River Tees from Middlesbrough, the townsfolk had held their first ever Mayoral election, and elected a monkey. "Even drunken monkeys aren't safe now!" was the gist of the message I felt compelled to convey, but I was too busy trying to pursue Jean Louis Gassee into a side meeting room. Unsuccessfully, as it turned out. Gassee is on the PalmSource board now, along with Palm's Satjiv, and a Stanford professor of economics, and ... Bob Finocchio. Bob was CEO of Informix when it was disgraced for accounting irregularities in 1997 - it wrongly and illegally booked revenue worth $278 million, and paid out $142 million in shareholder lawsuits in which Informix admitted no wrong doing. Inevitably, this resulted in a brief spate of joyous Finocchio/Pinocchio puns, and even more inevitably, when his nose could grow no longer, Bob resigned from Informix - where he was also chairman of the board - two years ago. Bob was also a 3Com executive and a co-litigant, with Eric Benhamou, the 3Com boss who delayed the Palm spin-off just long enough so that Palm's Jeff Hawkins and Donna Dubinsky left to start Handspring, Inc. Jean Louis, who we love to pieces, was also a 3Com board member. But all of this will be edited out of the final tape. It's irrelevant. Well, almost irrelevant: we only mention it because the old 3Com ghosts are still hanging around, clanking their chains. Both Eric and Donna were at the ribbon-cutting yesterday, but note: Eric left before Donna arrived. Palm redux Now that we've got all that out of the way, what's the Palm pulse? The beast is alive, we're very glad to report. Palm doesn't have the triumphalism of its post-IPO era, and it doesn't combine paranoia with babbling nonsense either. These are nice people to do business with, which is exactly what's called for when you're trying to create new partnerships. It's a tricky time of transition, with PalmOS 5 providing a rope bridge to a new hardware platform, while not quite giving Palm developers or users a taste of a new, clean and highly promising platform that the former Be Inc. are brewing before The Bull. On the subject of the all-new, singing and dancing Palm OS6 - which should be shipped to developers next summer - Steve Sakoman was completely silent. Steve is really CTO of PalmSource, and quite a bit more, and although he doesn't have "CTO" in his job title, he's the best-loved CTO in the Valley. But he wouldn't even commit to a public ship date, nor confirm what the language of choice of the APIs would be. C, or C++?, we asked. "It'll be Snoball!" he told us. "Ha! Ha!" Palm has an emulation layer for OS5, and Sakoman said it was a "delicate line" to get the OS onto ARM, "where customers don't have this cliff to face". The easy thing for Palm would have been to make a clean break, and move to a new AP. But with 14,000 developers and an infinite variety of "cheats" - code that writes to the hardware - it would have had to create a new platform from scratch. Actually, this is what Palm is doing anyway, but it's minimizing the pain. David Fetter told us that the emulation layer is going to be around for a long time, as long as people want it. We wondered how much legacy Be code would make it into PalmOS6. "We're picking and choosing," said Sakoman, "in some cases it's the right thing, in other's it isn't." There's a school of thought that believes that PalmOS is some straight port of BeOS to a handheld: this is a ludicrous idea, Sakoman said. PalmSource wouldn't be providing air interfaces to smartphone manufacturers - the GSM or GPRS or CDMA stacks. Sakoman said that Palm provided pretty good abstraction in its telephony APIs already. Third parties could provide the rest. Indeed, the three contenders for Palm hardware: Texas Instruments, Motorola and Intel were all present and all offer bundled phone stacks if you don't want to shop around yourself. Phone futures? We asked PalmSource supremo David Nagel if he thought that converged handsets, i.e. smartphones, would become a commoditized business similar to today's PC business, as Microsoft dearly wishes, with millions of white box vendors, or whether it would stay in the hands of a few companies. Nagel's reply was nuanced, thoughtful and very interesting. Yes it would become commoditized. But it wouldn't look like the PC business for three reasons: the carriers like to set the terms; the technology is too complicated for white box builders to throw components into a box and hope they work - as integration is an issue; and there's scope for terrific differentiation between devices, which are already fashion accessories, and the Dell model doesn't work in such a market. Differentiators will be rewarded, he believes, and the economics of a market with lots of different form factors and utilities isn't going to create a new Dell. PC makers resent having every cent squeezed from them, Nagel suggested, and this isn't going to happen in the smartphone space. Wow. We've covered these points in detail here, but the emphasis on the "value" chain argument, suggests that Palm has learned what Microsoft doesn't yet know. This isn't Wintel economics. Of all the things Nagel could have said, we thought this was pretty optimal, and should be the most encouraging to long-time Palm platform loyalists. Samsung and Kyocera both showed imminent new PalmOS phones, and Handspring's cdma2000-baed Treo 300, which you can actually buy now, completed the picture. All provide a great deal more utility than American consumers are used to from handhelds. European or Asian readers might be appalled by how primitive they are: none has expansion or Bluetooth, and to be honest, none of the offerings looks like recent (two year old) technology. We're getting spoiled, for sure, with our Nokia and SonyEricsson screens. We'll give you some first impressions later today, and after that - and if we haven't offended the sensitive vendors too much - full reviews should follow in the next couple of weeks. Kyocera and Samsung's phones aren't available yet, but Stateside readers: if you've an idle moment this weekend, try and find a Treo 300 on Sprint. Although this isn't 3G, as Sprint somewhat desperately claims, it's comfortably superior to any GPRS-based combination you can find in the US this week. And without a compelling GPRS or CDMA offering from the big boys (Nokia, SonyEricsson, Motorola) on the slate this year, it could have time to prosper. And here's the inspiration. Very impressive. ®
Andrew Orlowski, 27 Sep 2002

Nvidia turns water into wine

UpdatedUpdated Nvidia is to take a charge of up to $66m to cover the cost of converting underwater - i.e. worthless -employee stock options into stock. If all the option holders take up the offer - and they would be as daft as a brush not to accept free shares - 20.6 million stock options will be cancelled and 4.8 million new shares will be issued. According to Nvidia, the offer is "designed to help the Company retain employees and better align their interests with stockholders". Say that again? Existing shareholders will see their stake in the company diluted by there per cent - how are their interests aligned? And why is it so difficult to retain Nvidia employees, in a time of recession. There aren't exactly many computer hardware companies hiring . And in the graphics chips business, there is no competition left to speak off - except ATI, which is based thousands of miles away, in a country which has ferocious winters, and which pays its staff less - up to a third less - than Californian Nvidia. So when Nvidia is talking of "employees" it really means a few senior managers who we guess are holding the vast majority of shares options (the CEO, CFO and board of directors are excluded from the deal, the company says in a press release).But is senior managerial talent so hard to find in Californa, right now. And are they really so unmotivated that they need such a sweetener to keep them at the company and get motivated again. Doesn't really sound like the sort of people one would want to keep, does it? ® Letters Let's hear it for Nvidia stock options
Drew Cullen, 27 Sep 2002

Hacker groups declare war on US.gov

A record number of malicious hacking attempts were made this month, and anti-American groups are responsible. So says Mi2g, the London-based security consultancy, which notes that US government on-line computers belonging to the House of Representatives, Department of Agriculture, Department of Education, National Park Service, NASA and the US Geological Survey were attacked in September. According to Mi2g, malicious hacker groups such as S4t4n1c_S0uls, USG, WFD, EgyptianHackers, Arab VieruZ, MHA, The Bugz and FBH, as responsible for many anti-Israeli and anti-Indian attacks, as well as the US targets. Mi2g has recorded 9,011 digital attacks to date in September, following previous record highs of 4,904 and 5,830 recorded in July and August of this year, compared with 3,499 and 2,820 for the same months last year. September 2001 saw a huge decline in malicious hacking activity with just 816 attacks recorded. This fall is attributed to the aftershock surrounding 911. This month, US-registered domains suffered the most, with 4,157 attacks, well ahead of the number two nation on the list Brazil which suffered 835 attacks. The UK, Germany and India were next most popular targets, with less than 400 attacks each. Mi2g also reports that systems running Microsoft Windows suffered more attacks than all other operating systems combined, with only 1,740 attacks on Linux, 933 attacks on BSD and 229 attacks on Solaris. "Many hacker groups, in anonymous interviews with Mi2g, have said that they prefer attacking Linux systems and very rarely target anything running Windows, simply because to do so is far too easy," claims Jan Andresen of Mi2g. "Those hacking for intellectual gain or fun will generally be attracted to the greater challenge associated with hacking Linux systems." "Hacker groups with political motivations target country or content specific on-line systems regardless of operating systems and this is where Windows comes under maximum fire." According to DK Matai, chairman and chief executive officer of Mi2g, an increasing number of vulnerabilities are being found in generic operating systems, server software, applications and libraries deployed on mission critical systems. These flaws are often time consuming to patch and as a result, fixes on these holes are often delayed. "Applying patches was traditionally relegated to the weekend. Invariably some mission critical machines don't get patched in time despite the best will to do so," said Matai. "Those are perfect doorways for hackers and they are being exploited ruthlessly." Mi2g forecasts that there will be more than 45,000 digital attacks globally in 2002, up from 31,322 in 2001, 7,821 in 2000; 4,197 in 1999 and only 269 in 1998. © ENN
ElectricNews.net, 27 Sep 2002

The Nortel anti-worm defence system

Nortel Networks yesterday revealed the anti-computer worm defences it had developed in-house after it was hit hard by last year's outbreaks of Nimda and Code Red 2. According to John Morris, an IT manager at Nortel Networks, the anti-worm system could help large institutions and even ISPs. He challenged vendors to develop a commercial equivalent to the bespoke system designed by Nortel. When Nortel was hit by Code Red 2, the outbreak was manageable - for the first 30 minutes, following which the worm spread exponentially. The spread of Code Red 2 was curtailed only when the worm ran out of worm food (vulnerable servers to infect) and as its actions pulled down the network services it needed to propagate. Speaking at the Virus Bulletin Conference in New Orleans yesterday, Norris said no single strategy is enough to constitute an effective countermeasure for the spread of such worms. AV tools and personal firewalls can mitigate the risk against spreading worm, software patching restricts exposure and traffic filtering and tarpitting help slow down the spread on malware, but even all three on their own are not enough. Shutting down port 80 traffic in a network as a cure may allow other traffic, such as email, to continue across a network but represents a cure worse than the disease from the point of view of many end-users. Detect worms and taking infected servers off the network is very time consuming, so Morris and his colleagues developed a variety of early warning systems to catch worm in the crucial, early stage of infection. This allows Nortel to quickly quarantine infected machines, preventing incidents becoming outbreaks. In many ways Nortel's anti-worm defence is very similar to an intrusion detection system, albeit designed specifically to look out for network-aware worms. Among the measures Nortel implemented are worm lures, honeypot servers placed directly in the path of likely paths of worm infection; honeypot email accounts, designed to catch email-borne worms that send themselves to the first addresses in users address books and SMB lures, designed to flag up machines attempting to spread across file shares. Nortel also uses what Norris described as a Black Widow tool to detect worms crawling the Web. Lastly, with the spread of possible successors to Nimda in mind, Nortel has established a large number of IP addresses on one machine, which will therefore show early signs of a large-scale worm assault on the companies network. Nortel has had the system in production for six months and reports considerable success, with the SMB Lure proving to be the most effective tool in isolating problems (it accounts for four out of five quarantine events thus far). Doubts were expressed about whether Nortel's systems led to an unacceptable level of false positives, but Morris said that tuning the system minimises this risk. Other end users attending the conference said they used some, but not all, of the techniques deployed by Nortel. But there was a marked scepticism from vendors about Nortel's ideas, and no particular appetite to rise to Morris challenge to commercialise an anti-worm defence system. ®
John Leyden, 27 Sep 2002

Viruses are dead. Long live viruses!

This year has been mercifully quiet on the virus front but anyone who reckons the virus problem has finally been beaten is failing to learn the lessons of history. The problem of computer viruses has been declared "over" before, only to be "reinvented" a few months later, argues David Perry, a marketing manager at Trend Micro. In the mid 90s, for example, when Microsoft moved to a virtualised 32-bit OS this greatly reduced the potential effects of boot sector viruses. There wasn't much relief for users though, since this threat rapidly was supplanted with the emergence of Word concept viruses. The dominant Windows monoculture is blamed by many for the prevalence of viruses. If everybody used Macs or Linux boxes, the argument goes, the virus problem would die overnight. This argument is strengthened by much lower incidents of viruses on these platform and the security loopholes in MS applications, like Outlook, that have contributed to the spread of viruses like the Love Bug. But Perry says that hopes that a different OS will end the computer virus problem are misplaced. A new OS will change but fail to eliminate the problems posed by computer viruses, he argues. In the late 90s, heuristics (automatic detection) of viruses was offered as a way to eliminate the need to update AV tools by some vendors (many now deceased). Heuristics, though used by almost all vendors, have failed to fulfil such inflated claims. Ssignature updates remain a necessary component of protective measure, according to Perry. Integrity checking technology or tougher punishment of virus writers are also incomplete solutions to the virus conundrum, Perry argues. Mass mailers beaten back This year has seen a marked decrease in the spread of fresh malicious code, as increased user awareness, improved technology and procedures have brought the mass mailing virus plague under partial control. A "chilling effect" post September 11 discouraging VXers from writing malicious code and the maturity of mass mailing viruses have also contributed to the decline of viruses through 2002. Good - but this doesn't mean we've licked the virus problem, Perry argues. He suggested some candidates for the next big thing - PDA infectors, .NET wrapper viruses or unusual transport mechanisms - but was reluctant to speculate on which poses the greater future risk. So, whatever the future brings, it doesn't look like AV developers attending this week's Virus Bulletin conference will have to look for alternative employment in the near fuure. ®
John Leyden, 27 Sep 2002

Let me out of here, I'm an anti-virus expert

Mollycoddled attendees at the Virus bulletin conference remained confined to the Hyatt Hotel, New Orleans on Wednesday night, as Tropical Storm Isiodore petered out. After the Mayor ordered a 10pm curfew and the French Quarter's famous bars failed to organise hoped for lock-ins, attendees at the conference confined themselves to watching the Weather Channel in the hotel's third floor Sports Bar. Outside, around three inches of rain fell in the City overnight, main roads were shut, and the city's pumping system struggled to cope. It was up to the city's newspaper, The Times-Picayune, to report the real news - that Isiodore as it hit New Orleans bore little resemblance to the category 3 hurricane that claimed the lives of two people and left 300,000 homeless on Mexico's Yucatan peninsular earlier this week. That's not to dismiss the concern of local residents, fearing that their properties might be flooded - mearly to put things in perspective. On Thursday morning, the conference began on schedule - albeit without a number of numbers of speakers and the conference proceedings, which were stranded in MeMphis. Yes, Memphis, for in its wisdom the US Food and Drug Administration had impounded the conference-related shipment after deciding that conference mugs bearing the inscription "Virus Bulletin" might harbour biological bugs. At the time of writing the mugs are still undergoing lab analysis. ®
John Leyden, 27 Sep 2002

BT sets DSL demand levels for 58 more exchanges

BT Wholesale has set pre-registration trigger levels for a further 58 telephone exchanges, it announced today. In total, 653 exchanges now have a trigger level which, if converted into firm orders, will result in BT Wholesale concerting the exchange to DSL. The trigger levels set for those exchanges announced today range from between 300 and 550. Since the broadband registration scheme was launched at the beginning of July more than 100,000 individual lines have been registered via service providers. Todmorden in West Yorkshire became the first exchange in the country to hit its trigger level. For the exchange to be converted to DSL ISPs are now working to turn those expressions of interest into firm orders. In a statement Bruce Stanford of BT Wholesale said that in the last few weeks demand levels have been triggered at exchanges in Yorkshire, Buckinghamshire and on Merseyside. "In other areas the level of interest is growing rapidly and we expect demand to hit target levels for providing ADSL broadband in many locations including the north of Scotland and the Welsh valleys in the coming weeks as awareness of the benefits of broadband grows." ® Related Story Todmorden triggers ADSL checker first ADSL registration cheats don't prosper
Tim Richardson, 27 Sep 2002

Windows XP version 2 mooted for 2003?

Despite earlier suggestions to the contrary (which we didn't believe anyway) Microsoft may be planning an interim version of Windows XP to fill the chasm between last year's rollout of XP itself, and the next big one, Longhorn, which quite possibly won't hit until 2006 or later. According to an eWeek piece by Mary Jo Foley (who we have missed greatly since Ziff Davis hid her in a paid-for newsletter), Microsoft is proposing to reach for the bottle again, having foresworn the demon release cycle treadmill just a few short months ago. Well OK, maybe Mary Jo doesn't put it quite like that. She postulates a minor "Yukon" update that would ship in the 2003-4 timeframe. Yukon, aka what SQL Server did next, moves us towards the new file system roadmapped for Longhorn, and Microsoft is currently using the word to label the period between now and Longhorn. So although The Register ordinarily takes a fairly sour view of Microsoft's interim releases, which we feel tend to be service packs with a few flashy bits stuck on, there is some kind of argument for a Yukon 'XP 2,' or XP SE. There will be Yukon technology that Microsoft will want to get out and in use in advance of Longhorn, which as described earlier this year is a hugely ambitious, ground-up rewrite and can therefore be expected to be a complete pig to get out of the door. You'll note that the way Bill told it back in June was that Microsoft had considered whether to go for one big bang or to make incremental changes, and had decided to go for the one big bang. But... if it does go for an interim, then would we not be seeing incremental changes starting to feed back into the roadmap after all? It strikes us, however, that there may be less to Longhorn, or at least to what Bill Gates says about Longhorn, than meets the eye. Microsoft is apparently starting with a blank sheet of paper with Longhorn, but as recent job ads made clear, it's also starting with a blank sheet of paper with Palladium. Starting with two blank sheets of paper around the same time strikes us as weird, particularly as Palladium will become more and more of an influence on Microsoft's OS development the closer it gets. It would seem to us to make sense for Palladium to be the major effort (given the security imperative) and for Longhorn to get subsumed in Palladium, or to be transformed into a 'set of technologies' that appears in other products, or just to get busted back down into a less ambitious revamp of Windows XP. Which it at one time was, with Blackcomb then being the biggie. As regards timing of the interim release, it would seem logical for Microsoft to do it in a year's time, the major question here being whether the company would be likely to go for a retail product or just roll it out to the OEMs for use in new PCs. Historically Microsoft has pushed out a serious of minor revs packaged as upgrades, but despite the bullish noises it habitually makes when rolling these out, OS upgrades sold at retail really are not a significant money-spinner for Microsoft. Normal people use the operating system that came with the machine until it breaks (we mean until the machine breaks here - the OS started breaking a lot earlier), they do not buy OS upgrades. And Microsoft is also no doubt looking forward to seeing how effective this year's experiments in interim releases are. Because of course, we already have two interim releases, XP Tablet PC and Media Center editions. Both of these are fairly minor revs of XP, and rather than being made available at retail they're being positioned as enablers for new classes of hardware. If this results in good sales for these new classes of hardware then it's going to produce rather more revenue for Microsoft than trying to sell upgrades. And even if it doesn't, the basic idea still seems sound, and worth persisting with. Sell more hardware by making hardware more compelling, therefore sell more Windows. So the question is, we reckon, what is it that Microsoft thinks will be compelling for the fall 03 market? And possibly, whether a Yukon edition could be packaged in such a way as to be a compelling upgrade for the business market as well. ®
John Lettice, 27 Sep 2002

Letters: let's hear it for Nvidia stock options

Our criticism of Nvidia's plan to convert employee share options into stock (Nvidia turns water into wine) is not universally shared. Here are two contrarian opinions. "So when Nvidia is talking of 'employees' it really means a few senior managers who we guess are holding the vast majority of shares options. " That may be technically the case, and may even be the real motivation, but while the executive staff holds the majority of options, the minority held by the engineering staff are quite certainly significant to _them_ on a per capita basis. When you're not wealthy, tens of thousands of $$$ in share means quite a lot. Joe Kraska San Diego CA USA No offense Drew, but I think you missed the point entirely. Nvidia's decision to issue stock to employees, especially high-level employees, marks a turning point in Nvidia's management strategy. Frankly I'm surprised it took them this long, and they're lucky to have had such great success with their former scheme. It's a testament to Jen-Hsun Huang leading abilities, I assure you. I'm truly tired of seeing corporations dole out enormous salaries to idiots at high levels, who could care less how the company survives in the long run, who make short sited decisions that undermine the workings of a free market system, and consequently put workers and investors at risk. It's the point America is trying to make with newer SEC regulations, "accountability." When high level management isn't financially strapped to the long run performance of a company, you end up with bureaucratic nonsense. Given the SEC's recent investigation of Nvidia, I see this move as a positive foot forward. This last year, the company suffered enormously for the misbehavior of a few high level individuals. Why shouldn't Nvidia seek to clean things up? It clearly indicates to employees, investors, and the American people, we've learned our lesson, no more nonsense, no more Enron-like debacles, we mean to do business the new American way, by ending some of the shady practices that have endured for so long in corporate America. Personally, I salute the decision. Other companies would do better to learn from this companies past mistakes and adopt similar practices. Sincerely, Desmatic. ®
Drew Cullen, 27 Sep 2002

CNET intros listing fees for Download.com

CNET is to start charging software publishers for listing their apps on Download.com. From September 30, the tech publisher will charge a fee to have software posted or updated. Software already posted on Download.com will stay there until the end of the year. But then publishers will have to pay up if they are to avoid eviction. CNET is also rolling out some enhanced pay-for-placement services, with subscriptions starting at $99 a month. And it's teamed up with a webhosting firm called MoveDigital to offer cut-price bandwidth. We await news of the paid-for conversion rate with great interest, but the proposition makes sense to us. Why shouldn't CNET make a turn on this worthy service? CNET's plans were first revealed by Dotcom Scoop's Ben Silverman who publishes CNET's memo here. In an earlier article, he writes: "CNET, according to a source, approached Yahoo about a possible partnership for the new Download.com, but was apparently rebuffed. The theory behind the Yahoo partnership was to put Download.com in more direct competition with Digital River, an e-commerce services provider which, among other solutions, enables software vendors to hock their wares via direct download." ®
Drew Cullen, 27 Sep 2002

Win-XP Help Center request wipes your HD

A malicious Win-XP Help Center request can easily and silently delete the contents of any directory on your Windows machine, we've learned. Worse, MS has rolled the fix silently into SP1 without making a public announcement. A good sketch of the problem in English, along with a harmless self-test, can be found here, thanks to Mike at http://unity.skankhouse.org, who did some tinkering after noticing a tip on a BBS. Another, slightly earlier, mention comes from VSAntivirus, but the page, unfortunately, is en español, though there are some handy screen shots in their bulletin. The hole was discovered by Shane Hird of Distributed Systems Technology Centre, who first reported it to MS on 25 June 2002. His bulletin, dated 15 August, offers the most detailed view of the problem. He suggests that fellow bug hunters look more deeply into the Help Center and its mysterious powers, since requests can remotely open files with elevated privileges. He offers a few hints about where one might start probing. To verify the exploit all you need to do is pop the following request into any address bar (IE, Win Explorer, etc): hcp://system/DFS/uplddrvinfo.htm?file://c:\test\* and the directory 'test' will be emptied after a couple of Help Center 'wizard' pages pop up uselessly to distract you. The example works as advertised, so anyone wanting to play with it should create a test directory with copies of files. Of course you can delete your entire root directory with this approach if you so choose. Or someone else's. The exploit is extremely dangerous because it looks to the casual user just like a URL, and can be sent in an e-mail or set up as a link on a Web page. Promising heaps of free pr0n in a busy IRC channel would also likewise be effective. To get rid of the vulnerability, you have two choices. You can install XP's new SP1, which will give Billg remote root privileges on your box by virtue of his new, Trojan EULA (and silently re-enable some services you may have disabled like 'automatic update'); or you can just go to C:\Windows\PCHEALTH\HELPCTR\SYSTEM\DFS\ and find the file uplddrvinfo.htm. This you can simply delete or rename. But beware of installing MS patches later on: these have a funny tendency to restore files and settings outside their immediate purview, back to Redmond defaults. To check it out I did a clean install of XP and verified the exploit on a virgin image. I then installed all of the XP patches and updates except SP1, and it still worked. So SP1 is the only 'official' means of fixing the hole. It's not otherwise been dealt with. Those who object to the SP1 EULA on moral grounds will have to delete or rename uplddrvinfo.htm, and do a search for it after subsequent patching to verify that it's still gone. Problems with the XP Help Center have been known for some time, at least since November 2001, when this exploitable buffer overflow was first reported. Now the issue has finally been fixed, in the background, with no announcement from Redmond. This means that any XP user who doesn't install SP1, and who never hears of the flaw, will remain vulnerable. Redmond's handling of the issue is appalling. Apparently, 'Trustworthy Computing' means never having to say you screwed up. ®
Thomas C Greene, 27 Sep 2002

NTK in suit-busting apparel shocker

Good news for lovers of all things NTK today, as our Cash'n'Carrion Reg shop unveils the latest apparel offering from the kings of IT drollery. If the last time you wore a suit was for an unscheduled appearance before the beak, then this is for you - "404/shirt/tie not found" writ large on a 100 per cotton premium t-shirt. And, in keeping with the high quality we've come to expect from NTK, the "404" features a cheeky grey drop-shadow effect. Slick work lads. You can get this shirt right now at Cash'n'Carrion in a range of sizes, including XXL. Go to it. ®
Lester Haines, 27 Sep 2002