4th > April > 2003 Archive

RIAA attacks the future of America

The Recording Industry Association of America (RIAA) has attacked again, and this time against some of our most promising young minds. The Pigopolist mob has filed lawsuits against four university students for setting up music-sharing P2P networks at their respective institutions of higher education. Two students attend the Rensselaer Polytechnic Institute (RPI), one goes to Michigan Technological University and the last studies at Princeton. Yes, even the Ivy Leagues are under siege. "The perpetrators of these internal Napster networks . . . make use of software known variously as Flatlan, Phynd or Direct Connect," the RIAA said. "All of them work much like Napster, centrally indexing and processing search requests for copyrighted works. And they permit users to download any of those works with the single click of a mouse." Backed by the major music labels, the RIAA is seeking $150,000 per infringed song. Like the dangerous undergrads, the music companies have faced stiff fines. Last year, five of the largest labels paid $67.4 million in cash and coughed up $75.7 million in CDs to clear a price-fixing lawsuit backed by 41 states. The RIAA suggests in its press release that anyone with knowledge of these types of illegal networks should call its piracy hotline at 1-800-BAD-BEAT. Although when we called in to report a P2P crime in progress, we were placed on an endless hold. The use of any kind of technical wizardry to discover the culprits seems somewhat ironic given the RIAA's troubles in dealing with technology. The organization has barely managed to keep its Web site up for more than a day at time. Perhaps, the hackers could set up a part-time gig keeping the RIAA's servers up as restitution for their evil deeds. More importantly, the RIAA is bucking a time-honored tradition of committing illegal acts while at college. What would happen to the fabric of our educational structure if police actually cracked down on underage drinkers, sexual deviants and drug abusers? Collegians would be forced to study in sober dorm rooms void of music -- a most un-American act. These particular students took it upon themselves to provide their peers with massive collections of song, while the RIAA floods trading networks with fake files. And you can be sure that the students respect the integrity of the artists they promote by not "enchancing" the files with clicks, dropouts and white noise. So it would seem, once again, that the pirates are actually doing more to promote music than the recording industry itself. ® Related Stories Missing RIAA figures shoot down "piracy" canard RIAA website now routable and public Disabled war veteran hosts Disabled RIAA website RIAA defaced -again! RIAA invites comments RIAA servers still broken Pigopolist's pants still down
Ashlee Vance, 04 Apr 2003

Thus complains to Oftel over BT ADSL ‘margin squeeze’

Thus - the alternative telco best known for its Demon Internet brand - has joined the chorus of critics opposing BT's decision to cut the cost of some of its wholesale ADSL services. It is calling on telecoms regulator Oftel,to investigate the "margin squeeze" created by BT, following the dominant telco's new broadband pricing strategy. In a complaint echoing similar concerns raised by rival ISP Tiscali UK, Thus argues that the cuts favour BT and disadvantage other operators which make use of alternative, rival networks. It claims the move will harm the competitive landscape and ultimately lead to poorer and more expensive services for customers and business users. BT's cost changes announced yesterday relate only to 'IPStream' connections - the wholesale end-to-end service provided by BT Wholesale to BT's retail operations and other service providers. However, Thus points out that BT has failed to pass on similar price advantages to its Datastream service - a service that allows other service providers to use their own networks to provide competitive broadband services, as opposed to relying solely on the "inflexible services" provided by BT Wholesale. Tiscali UK described this move as "anti-competitive". Thus adds that those involved in local loop unbundling will be at a "significant disadvantage as they see their investment devalued". Said Thus COO Phil Male in a statement: "A significant reduction in the wholesale cost of IPStream without a corresponding reduction in the wholesale cost of the Datastream service will discourage innovation and competition in the market for broadband services. "Time and again BT has only reduced its prices when forced to by competition. If there are no competitive pressures in the market, a dominant operator can use the opportunity to set artificially high price points. "Consumers, both business and residential, will ultimately pay the price." ® Related Story Tiscali blasts BT's 'anti-competitive' ADSL price cuts
Tim Richardson, 04 Apr 2003

JEDEC to drive DDR 2 to 800Mbps

Memory standards organisation JEDEC has founded a team to investigate how to extend the current DDR 2 SDRAM spec. to 400MHz and a per pin data throughput of 800Mbps. It has also approved a preliminary specification for a DDR 2-based mini-DIMM replacement for today's notebook-oriented SO-DIMM format. It is looking to expand the usage of DDR 2 to handheld devices like PDAs and cellphones. Memory manufactures are currently sampling DDR 2 parts offering 400Mbps and 533Mbps data rates - 667Mbps DDR 2 is starting to appear too. JEDEC wants to follow these up rates quickly with 800Mbps, EBN reports. DDR 2 is expected to begin shipping in volume early next year, primarily aimed at server applications. Desktop-oriented products should appear during Q2 2004, with chips for notebooks following in the second half of the year. By then, JEDEC should have its mini-DIMM standard in place. Market acceptance will depend on the availability of solid notebook chipsets that support DDR 2. DDR 2 for handhelds will appear sooner than that, with a final standard being put in place by June, manufacturers anticipate. The standard will incorporate power-saving technologies that complement DDR 2's low core voltage (1.8V). ® Related Link EBN: Standards body begins to advance DDR2 SDRAM
Tony Smith, 04 Apr 2003

Wanted: One boat to go to Rockall

Charity appealCharity appeal Some pretty weird and wonderful stuff has appeared on El Reg over the years, but we reckon that this may be among the most unexpected. We at The Rockall Times are obliged this morning to Vulture Central for allowing us to post this appeal for support for our 2003 charity assault on Rockall — the snappily-titled Rockall Ho!. Yes, we kid you not. Sometime between 18 July and 4 August a team of five of us will land on Rockall in support of Mental Health Media, a small mental health charity doing top work in raising awareness of issues surrounding mental health and learning difficulties. Its work is close to the heart of TV's Donal MacIntyre, who took a few minutes out from his punishing schedule to pose in Rockall Times t-shirt with team photographer Mark Alden: For those of you not acquainted with Rockall - and let's face it, who is? - it's a lump of granite roughly 73ft high sticking out of the North Atlantic some 230 nautical miles west-ish of Scotland. Our plan is to proceed to Rockall by sea, and then launch the final assault by inflatable. Madness? No so. A few years back Greenpeace occupied Rockall for more than a month, and we're obliged to those intrepid eco-warriors for their help and advice in putting together our plan. To see what we're up against, have a look at our Rockall picture gallery. There's also some illuminating history of the rock available here. So, how can Reg readers help? Well, we have a fundamental problem: getting to Rockall in the first place. You'd think it would be pretty simple to hire a boat and get moving. Sadly not. For reasons too tedious to recount here, practically all of the commercial hire companies on the West coast of Scotland are restricted to within 60 nautical miles of the coast. Not much use to us. Now, we need a vessel to take us to Rockall. We're prepared to pay, but would obviously rather find some kind soul who will do it for expenses only. We'll make any accommodation, fulfil any criteria required by such a ship owner. If you think you can help, contact us at rockall.ho@therockalltimes.co.uk Naturally, any company or individual who doesn't happen to have an ocean-going vessel knocking about can help in other ways. We're looking for sponsors to offset the costs of the trip, estimated at around £5,000. This doesn't include our personal expenses, which we're meeting in full. We're committed to ensuring that 100 per cent of the cash raised for the charity goes to them, so this is your chance to help out and join our (presently modest) list of sponsors, who will doubtless gain great fame by association with this media-friendly venture, not to mention a future nod from the Reg. You can donate right now via PayPal by hitting this button: In addition to cash, we're looking for climbing equipment, use of an inflatable, and some sort of laptop/satellite phone digital camera set-up to send instant images from the top of the sacred rock. Again, if you can help, have any other support you might be able to offer, or want any further information, contact us at rockall.ho@therockalltimes.co.uk. Thanks, and muchas gracias again to El Reg for letting us make this appeal. ® Related links There's more on the Donal MacIntyre angle here, and a very basic outline of what we need here. Click here for a look at how we intend to assault Rockall.
Lester Haines, 04 Apr 2003

Oftel fingers BT over dial-up price cut

Oftel claims BT should cut the cost of wholesale unmetered narrowband Net access by 17 per cent. Launching a consultation - prompted by a complaint from Cable & Wireless and later supported by Energis - the telecoms regulator reckons the cut is necessary because BT is charging operators for certain call routing and call management measures that are no longer technically necessary. If implemented, BT would have to backdate the refund to December 2001. Said Oftel chief David Edmonds in a statement: "I propose to order BT to reduce its wholesale unmetered Internet access prices by 17 per cent...these savings could be passed on by other operators to their customers. "Oftel's action will ensure that operators and consumers pay a fair price for unmetered Internet access from BT, and reflects the relevant costs that BT incurs to provide this service." However, even if the cost cutting is implemented in full BT estimates it would only lead to a £10-£15m loss in revenue. One industry insider told The Register that even if ISPs did pass on the discount in full - a move thought unlikely - then it would only mean a price cut of a few pence a month. The dominant telco is currently studying what it describes as a "very complex" document. ®
Tim Richardson, 04 Apr 2003

EU investigates MS, EU buys scads more Windows servers

The European Commission is currently deciding what it can do to stop Microsoft using its dominant position on the desktop to carve itself a similar monopoly in the server market. But at the same time, the European Commission's IT purchasing policies are supporting that very process. The Commission uses Windows clients, is upgrading these to Windows XP, and has just invested in a large number of Windows 2000 Advanced Server application servers to support them. Presumably, one of the factors slowing up a decision on the antitrust matter involves the Commission trying to figure out how it can stop itself doing this kind of stuff. This particular contract award, made to Dell, is listed in an EU Tenders Electronic Daily (TED) notice published on 28th January. It has a value of 12.7 Million Euros, and is for "Acquisition of 'Office and application servers' (entry-level, mid-range, high-end) including associated equipment (options and extensions) and add-on software, and maintenance and associated services." The servers, according to the contract notice issued last June, are 237 entry level, 445 mid-range and 68 high-end, and the contract is for two years,with three possible extensions of one year each, with "maintenance, upgrades and associated services" covering six years, again with three possible one year extensions. By the standards of EU spending this is actually a pretty small contract, and could be seen as a follow up to previous purchases, as the Commission says it bought 240 "office and application servers" between December 1999 and December 2001. The choice of Windows 2000 as the OS may also have significance, although the fact that the decision-making process took place well in advance of Windows 2003 Server being finished means it couldn't have been a credible option for 2003 delivery. It would surely be politically difficult for the Commission to allow its Informatics Directorate to follow Microsoft down the .NET road, so a Win2k purchase now allows it a couple of years breathing space before it has to confront that decision. Or quite possibly longer - the commission has a lot of purchasing power, advantageous framework agreements with Microsoft, and other IT suppliers, so if it wants to buy Windows 2000 for longer than Microsoft would prefer, well, it probably can. (In which case one wonders about the necessity to upgrade the clients to XP, but there you go). The Register's sources in Brussels, even the Unix-loving ones, are unperturbed by the latest deal, which they see largely as the short-term continuation of existing Commission policy at the applications level. It does not, they feel, change the policy of encouraging open source and using Unix (at the moment, particularly Sun) as the mid-range and high-end production platform of choice. Their Lenin-like confidence in their ultimate triumph is commendable. But in the longer term the Commission is going to have to confront the issue of monopoly leveraging on its own doorstep and decide how far, and for how long, it intends to run with Windows as its application platform of choice, and Windows applications servers munching their way up the food chain. If the pattern is to buy a pile of Windows servers every two years, then we should expect the contract notice to appear in TED around the middle of next year. Should be interesting. And it'd perhaps also be interesting to see how it was going in encouraging open source clients, and perhaps associated applications servers, a little bit before then. ®
John Lettice, 04 Apr 2003

BT green lights rural broadband scheme

BT is to push ahead with a scheme that could help bring ADSL to areas currently deemed not commercially viable for investment in broadband. The initiative, known as ADSL Exchange Activate or Community Broadband, uses "sponsors" such as development agencies and local authorities to help subsidise the cost of rolling out the ADSL service. It is these "sponsors" who help offset the cost of bringing broadband to areas currently without broadband. Although BT is talking to potential sponsors now, the full national launch of the scheme is due to begin in July. The scheme has already been trialled in Wales, Scotland, Northern Ireland and parts of England. According to BT, it has proved successful. ® Related Story BT tests water with rural ADSL project
Tim Richardson, 04 Apr 2003

OFT to clamp down on misleading online travel deals

Many UK-based online travel sites are breaking the law by making misleading price claims. Forty per cent (54 out of 135) of UK-based websites visited during an investigation by trading standards officials contained potentially misleading claims, the UK's Office of Fair Trading (OFT) announced this week. The OFT and 55 local trading standards authorities were among 87 enforcement agencies in 24 countries surfing the Internet for websites making potentially false claims about travel deals, as part of the International Consumer Protection and Enforcement Network sweep. The study identified more than 1,000 problem sites worldwide. UK-based sites identified as making potentially deceptive, misleading or false claims (or which have breached other consumer laws) are to be pursued by either local trading standards or the OFT with a view to taking further action. Claims that are being investigated under the Control of Misleading Advertising regulations include: 'Hot deals' on a front page which bear no resemblance to the prices of the holiday actually available on the website An advertisement stating 'Australia from £599' when the cheapest price was £891.60 An offer of seven nights in Austria in March for £99, when the cheapest price was £259 A claim of 'up to 70 per cent discount off world wide hotel rooms' with no further mention of any savings or discounted deals More than 100 additional potential breaches of consumer legislation were identified under the E-Commerce Regulations, Unfair Terms in Consumer Contract Regulations, Package Travel Regulations and Distance Selling Regulations. The authorities have vowed to get tough on misleading travel deals online, which will be treated no differently feom false inducements promoted by high street shops or through newspaper and Teletext ads. John Vickers, OFT chairman, said: "The internet is a valuable and expanding resource for consumers and for business. On-line shoppers must have the same protection afforded by the high street, and if traders breach fair trading law, the OFT will pursue them." ® Related Stories Travel sites slammed over hidden charges Dixons has 'scale monopoly' in extended warranties Nominet warns of dodgy domain sales tactics Domain scam merchants get legs sucked by toothless OFT Dabs.com and Time bow to OFT pressure PS2 £150 'offer' too good to be true?
John Leyden, 04 Apr 2003

Tech firms climb on flexi-working bandwagon

Government legislation coming into effect this weekend will give nearly four million working parents the right to work away from the office. The Government's Work-Life Balance Campaign has brought about a change in the law that will allow parents of children under six, or of disabled children under 18, the right to request that their employer "seriously consider" requests for more flexible working conditions. However, DTI statistics reveal that 56 per cent of employers have so far failed to consider introducing flexible working policies, despite the change in law, and the benefits that it can bring for both employers and workers. That assessment is backed up by survey by employee management specialists, Crown Computing, which found that 61 per cent of human resources professionals believe that organisations are not prepared for April 6th changes in UK employment law. The study also found that more than three quarters of the personnel officers questioned reckoned workers were unaware of their new rights. Although employees and employers are largely unprepared for the changes, IT firms are lining up to highlight how their various technologies and services can help firms introduce change. Microsoft helpfully points out that its desktop technologies, such as Windows XP, are designed to enable remote working with a range of features including Remote Assistance, Remote Desktop and built in wireless support. Microsoft Office System, the next generation of Microsoft Office due later this year, includes enhanced XML integration as well as tools such as SharePoint Services to enhance team collaboration and easy access to information designed to boost workers' productivity regardless of their location. Siemens Communications yesterday launched the next version of its unified messaging suite, Xpressions version 3, promoting the product as a way to improve the flexibility of an organisations workforce and increase productivity. The six different modules of the product include hot-desking, unified messaging, fax messaging, voice mail, auto-attendant and Text To Speech (TTS) functions. These modules can be tailored to the individual needs of the different workgroups within a business. Siemens believes the introduction of the government's flexible-working rules will spur growth in unified messaging, which can help companies improve the flexibility of an organisations workforce and increase productivity. The company says improvements in its product will ease these change. "The technology has not taken off as quickly as was first thought due to a number of reasons including integration issues and restricted IT budgets", said Siemens Communications' Mark Bonnor-Moris. With the launch of version 3 we have addressed the niggling issues and developed a package that is cost effective and will deliver good return on investment." Not everybody is as enthusiastic about flexible working, however. Security consultancy MIS Corporate Defence Solutions warns "New Flexible Working Practices Could Spell Disaster For UK Security" (a rather alarmist way to highlight what is nonetheless a real issue). Home workers are likely to be using ADSL and MIS is concerned that they could cause security problems if they connect to their corporate networks without proper authentication, encryption and anti-virus tools. "Fundamental insecurity makes ADSL a dangerous business tool if not deployed with precautionary security devices and policies," MIS warns. The answer here is that companies should implement or amend their remote networking procedures to pave the way for flexi-working, as MIS itself explains. MIS is also urging the government to be "more vocal" about ADSL security when pushing broadband and home working adoption. ® The benefits of flexi working identified by Microsoft are as follows: Benefits for the home worker: Flexibility both in work hours and in managing care of dependants Less commuting Lower travel costs Less stress and better health Improved quality of life Improved productivity Benefits to the employer: Higher productivity Lower absenteeism Greater job satisfaction Lower overhead costs through reduced office space - but can be offset by higher phone bills Higher customer satisfaction and easier recruitment Reduced support costs: it costs an average of £10,000 to set up an office desk worker in the UK, compared to £3,000 to set up a home worker (according to a recent study by City University) Benefits to Society: Reduced traffic congestion Reduced air pollution
John Leyden, 04 Apr 2003

Eclipse, PlusNet cut ADSL prices

Eclipse Internet has confirmed that it is to pass on wholesale price cuts announced by BT yesterday. It's cutting the cost of services for SMEs in line with cuts announced by BT, which will see price of its ADSL Connect 500, 1000 and 2000 services reduced by almost half. The price of its ADSL 1000 service falls from £95 to £52 a month while the fee for its ADSL Connect 2000 Services has been cut to £82 from £140 a month. It has also cut the cost of its ADSL Connect 500 Lite from £22.75 to £20.38. This permanent price reduction will come into effect from 1 May 2003. Elsewhere, PlusNet has also confirmed that it will cut the cost of its ADSL service from May 1 with its monthly fee for it's ADSL Home Surf - PlusNet's entry level home Broadband ADSL product - cut from £19.99 to £18.99. Separately, Zen Internet said it is ditching activation charges across its range of ADSL services until the end of April. As part of the promo it is also reducing the price of the Thomson SpeedTouch 330 modem to £50. The ISP said it would make further announcements over the coming weeks concerning BT's latest round of wholesale price cuts for ADSL, which "Zen will be fully reflecting to provide the maximum possible savings and benefits for customers," it said. ®
Tim Richardson, 04 Apr 2003

Media players hit by buffer overflow glitch

Users of popular media player packages from RealNetworks and Apple have been urged to update their software in the wake of separate warnings of potentially troublesome security problems from both companies. In an advisory updated last week, RealNetworks warns that by creating a specifically-corrupted PNG (Portable Network Graphics) file, it is possible to cause heap corruption to occur. This in turn enables an attacker to execute arbitrary code on a user's machine. "This vulnerability was due to the usage of an older, vulnerable version of a data-compression library within the RealPix component of the Player. The vulnerability was fixed by using an updated (non-vulnerable) version of this data-compression library in RealPix," the company explains. Although RealNetworks is unaware of any exploitation of the flaw, the problem still creates a mechanism for compromising the machines of users running many of its most popular media player packages. RealOne Player and RealOne Player v2 for Windows, RealPlayer 8 for Windows, RealPlayer 8 for Mac OS 9, RealOne Player for Mac OS X, RealOne Enterprise Desktop Manager and RealOne Enterprise Desktop all need patching. The Helix DNA Client is not affected. Meanwhile a URL buffer overflow risk with Apple's QuickTime media player, publicised earlier this week, could allow crackes to inject malicious code into vulnerable systems. This problem, unrelated to the RealNetworks glitch, is explained in greater depth in an advisory by security outfit iDefense. The vulnerability is Windows specific (Mac users are immune) and affects QuickTime Player versions 5.x and 6.0 on Windows. Users are encouraged to upgrade to QuickTime 6.1 for Windows, which addresses the vulnerability. Apple's security page can be found here. ® Related Stories RealNetworks goes live with Helix DNA Server RealNetworks preps format-agnostic DRM RealPlayer security fix is faulty Real opens source but keeps its crown jewels Apple reopens browser wars with Safari
John Leyden, 04 Apr 2003

Reg Kit Watch

Digital Imaging HP UK has launched a five megapixel digital camera for under £399. The Photosmart 935 features 3x optical zoom and 7x digital zoom. It ships with 64MB of on-board memory and a 32MB SD/MMC card. Fully automatic, the 935 also features on-camera Wizards to walk users through manual mode. HP also launched the Photosmart 735, a 3.2 megapixel machine for £199. It too features a 3x optical zoom, but only 5x digital. It contains 32MB of memory and ships with a 16MB SD/MMC card. Both cameras come bundled with Windows and Mac photo editing and management software. ®
Tony Smith, 04 Apr 2003

Habeas sues haiku abusers

Habeas, the company that fights spam with poetry and the law, filed lawsuits yesterday against five entities which "improperly" used the Habeas trademark to get their email past spam filters. The first suit, against Avalend and Intermark Media, alleges infringement of the Habeas trademark in attempts to get junk mail delivered. The second lawsuit, against Dale Heller, Stan Stuchinski (BigDogSecrets.com), Clickbank and Keynetics, covers a breach of contract claim against Heller, a Habeas licensee. The companies advertised in Heller's email, which did not comply with the Habeas license, and are named as co-defendants. "As we have promised since we first launched, we will sue any individual or organization who abuses our trademark in order to send unwanted mail," said Anne P. Mitchell, president and CEO of Habeas. Habeas offers a legal and user-based service, designed to help eradicate spam by identifying that email which is known to be genuine correspondence. Its patent-pending Sender Warranted Email service works by trade marking and copyrighting a unique set of lines, known as the warrant mark, which is embedded in the headers of outgoing email. Included in the Habeas lines is a haiku, a 17-syllable Japanese poem. Copyright offers legal protection to the poetry. Trademark offers legal protection to other parts of the email header. Habeas has vowed that "spammers who counterfeit the Habeas warrant mark can be shut down and prosecuted for $1 million and more". Now we'll see how effective a deterrence this threat turns out to be. "Mortgage and Affiliate Program spammers are among the most prolific sources of junk mail sent to our users," said Suresh Ramasubramanian, the postmaster and abuse desk manager at Outblaze, a Hong Kong-based outsourcer for large email service providers and Habeas customer. "Habeas has always said that they would sue anyone attempting to misuse or falsify Habeas SWE headers in order to get past spam filters. As a leading provider of outsourced e-mail, Outblaze strongly supports Habeas in their anti-spam efforts." Launched in August 2002, Habeas states its service is used in more than 100 countries to protect more than 300 million email addresses. ® External Links Habeas Sues Haiku Abusers Related Stories Spam killing Haikus come to Europe UK.gov seeks input on anti-spam law Spammers break law with covert tracking
John Leyden, 04 Apr 2003

Orange pushes for ‘pocket money’ SPV cert costs

Orange is pushing to cut smartphone application certification costs to "pocket money" levels, and having opened the gates for small developers by providing an unlock/lock procedure for the SPV (Unlocks all round! Orange frees SPV developers), it does not propose to slam them shut again. The company didn't make any clear statement of terms and conditions when it introduced the 'official' handset unlocking process, apart from saying it was intended for developers, but speaking to The Register earlier this week Orange VP Nick Balderson provided one. Orange will take the view that you can unlock your handset if you want, and that there's nothing it can do about it. This means that even in the case of the scenario we put to him, whereby a developer distributed 'unofficial' apps to run on unlocked handsets, outside of the Orange-approved route, Orange would take no action. The company does say that it won't give support on unlocked phones, but that seems relatively reasonable. The locking process is intended to ensure that only certified apps will run on the SPV. This allows Orange's business customers a measure of control over what their employees can run, and also allows Orange to protect itself against network crashing/threatening apps. However as anybody who wanted to launch an attack on the network could just unlock their handset first using one of the unofficial mechanisms, locking is a mainly about having the ability to revoke a bad app quickly, therefore reducing the damage it can cause. Balderson notes also that the position as regards locking is slightly different in France, where he says it's a legal requirement that Orange offer users the choice of locked or unlocked. Orange is therefore not particularly religious about locking, but by choosing locked as its preferred shipping default, it has presented itself with another problem to tackle - app certification cost. Verisign, according to Orange, currently charges $595 for 75 'events' (an event here is an exe or DLL, so an app would consist of a minimum two events), and although this might come down to reasonable levels if you were able to split it across a number of apps, small developers and or enthusiasts producing just one small app aren't likely to be impressed or lured. Balderson reckons the rate ought to be $10-20, says Microsoft sets the level, and that Orange is lobbying to bring the prices down. The Register, incidentally, is impressed by Orange's attempt to turn itself into the developer's friend, and feels we should all encourage the process while observing it closely, just in case. But Microsoft's fault? We asked again, he said he thought so, but maybe we should check with Microsoft. So we did. Microsoft's view, naturally, is that it is for the companies providing the certificates to determine their prices, and that this is nothing to do with Microsoft. OK, so do you think the prices are too high? "It isn't really a big barrier to entry." Even for people who might want to do shareware, or give apps away for free? "I think there are other ways to remove these barriers." So you think price levels are fine, and you're not joining Orange in trying to get them down? Well no, Microsoft isn't prepared to say that categorically either, because someone, somewhere might be up to something. It does however seem reasonable to read all this as meaning that as far as the company's Mobile Devices Division is concerned, the status quo is just fine. And maybe you could therefore read it as being to some extent Microsoft's fault; small developers who can't or won't pay $600 aren't going to be particularly good business for Microsoft, they quite likely won't be 'serious,' and practically none of them will make a significant impact on the platform. We certainly got the impression that Microsoft felt that anybody who couldn't afford the tab wasn't serious, so go figure, and consider the possibility that Orange and Microsoft are not exactly lined up together on this. Orange, incidentally, confirmed that it will be releasing version 1.5 of the SPV software "in April," so it's possibly there already, although it wasn't earlier today. The prior version is 1.35, which Orange says 85-90 per cent of users downloaded. ® Related stories: MS smartphones: Pope Juha marshalls his divisions
John Lettice, 04 Apr 2003

NAI buys Entercept for $120m

Network Associates (NAI) today announced a definitive agreement to acquire intrusion protection firm Entercept Security Technologies for $120 million in cash. Entercept provides host-based intrusion protection products designed to detect and stop security attacks before they cause damage. Entercept's products use a combination of behavioural rules and signatures to prevent "both known and unknown attacks against servers, databases and applications". The acquisition complements IntruVert Networks which NAI bought this week for $100 million cash. IntruVert makes network-based intrusion protection appliances. Entercept has more than 1,100 enterprise and government customers including New Century Mortgage, First Citizens Bank, Corio and Arlington County. Network Associates expects to finalize the acquisition within the next 45 days. Last May, Network Associates ceased development of its own CyberCop vulnerability scanner and intrusion detection product and announced plans to merge the technology into its Sniffer network analyser product. The decision was part of a major reorganisation last year at Network Associates which saw technology from its PGP Security division folded into other Network Associates' products and the sale of the unit's core Gauntlet firewall business to Secure Computing. With the acquisitions of Entercept and IntruVert Networks, NAI is effectively buying itself back into a market (intrusion detection/intrusion protection) that it had earlier exited. Intrusion detection products were subject to widespread concerns about false alerts, which have promoted vendors to reinvent the market segment as intrusion prevention. Intrusion prevention products are designed to automatically block a smaller sub-set of well-defined attacks. These products still need signature updates to block different types of attack, but variations on a particular attack should be automatically blocked. ® Related Stories NAI buys IntruVert for $100m NAI re-cooks the books NAI to pull plug on CyberCop ASSAiSSINAiTE all bugs NAI sells firewall business IDS users swamped with false alerts
John Leyden, 04 Apr 2003