24th > April > 2003 Archive

Why Intel doesn't write stuff down

What's the difference between hardware engineers and Microsoft - between the hardware guys and the software guys? Why was Microsoft caught in the humiliation of a four year hairball of legislative scrutiny, when Intel escaped without the public knicker-washing. A complicated deal was cut with the FTC in 1997 - at about the time Intel acquired the Hudson plant, and with it the license for StrongARM and the rights to manufacture DEC's Alpha processor. At about the same time, Microsoft was being drawn into the propellors of a vicious Antitrust suit. Why did Intel cut such a shrewd deal, while Microsoft let its garrulous dirty washing hang out to dry? Perhaps it's down to how they communicate, and their modes of communication are worth a moment of comparitive analysis. Microsoft's heady corporate culture created a frenzy of babble - executives gushed and laid bare their sins in public. Bill agonized (in the Nokia memos) about how nice it is to have a monopoly, because it gives you the guilty pleasures of unearned wealth, and he toyed, as a cartoon Bond villain would, with the option of introducing proprietary protocols into Windows, to screw everyone else over. Brad Silverberg's memorable and quite confessional lower case memos (think bad Bloggers) attested to a dysfunctional company at war with itself, and in quite some disarray. In common, they left a guilty paper trail behind them. But Intel's tidiness and exacting corporate culture forbids such communication. Firstly, when bidding for contract work, Intel representatives are encouraged to refrain from mentioning specifics: they must not commit to figures when negotiations are in progress, sources tell us. Secondly, staffers have quite specific instructions to talk on a fixed line, not to call from cellphones, and not to email where possible when dealing with sensitive matters. "Do everything verbally as far as you can", is how one source tell us. Avoid certain phrases such as "monopoly", and certain ways of applying pressure to people. In other words, Intel is a company very aware of the potency of language in a given context This is no bad thing. And for Intel, it's paid off. It has evaded the filthy media attention, or public auditing as we like to think, of its internal processes. This is not intended as criticism: but it is a tribute to the superior modes of communication that hardware people seem to employ: terse, economic, efficient and full of value. Whereas software people tend to babble incoherently, getting themselves into all kinds of trouble. We reckon this is because the barrier to entry in the hardware world is higher. In hardware, bullshitters are not tolerated. The linguistic economy and sound sense of reason that are required to become a hardware engineer contrast with the skills to become a "software engineer". When Andy Grove wrote Only The Paranoid Survive, perhaps he was only articulating a defense of linguistic precision, much like any hardware guy would delineate a problem as being between the bounds of feasible and the fanciful). We think he was doing exactly this, and whatever you think of this equation (precision in expression) the results appear to be justified. So notch one up to the linguistic engineers - or at least, the guys who care how language is used. We hear so much nowadays to the contrary: we are asked to subscribe to a model where more communication is axiomatically good for us. But this isn't the case: hardware engineers reject this Utilitarian equation, and know that better communication means better quality signals, not more noise. A victory to Intel, and a deserved one, we reckon. ® Related Story Googlewashed [poor information representation]
Andrew Orlowski, 24 Apr 2003
Cat 5 cable

Veritas makes gains in Q1

Software maker Veritas saw its first quarter profits come in higher than expected but warned that sales could be harder to come by in the next three months. For the quarter ended March 31, Veritas generated $394 million in revenue and posted net income of $43 million. That compares with the $370 million and $44 million in net income posted in the same period last year. Veritas makes the majority of its money selling backup software and products such as its volume manager and file systems for various operating systems. It has worked to generate new sources of revenue with clustering software and sophisticated networked storage management products. Despite higher than expected gains this quarter, the company said that continued slow IT spending patterns cause it to be cautious about the second quarter. Veritas expects revenue between $370 million and $380 million for the period. Veritas has surpassed earnings forecasts every quarter since Gary Bloom took the helm in November of 2000. ®
Ashlee Vance, 24 Apr 2003

Bell, Chamberlin remember Ted Codd

The father of the relational database, Ted Codd has died aged 79. With his background in mathematics, the British-born researcher laid the foundations for a breakthrough in database technology at IBM. "Ted had the key insights and developed the mathematical theory on which RDMBS were based," Don Chamberlin told us today. "System/R were the carpenters who came along and implemented the ideas." But while the relational database was lauded as a theoretical concept, the carpenters had a job to convince a skeptical world that it could be a practical reality. System/R was the code name for the legendary IBM research database project based in San Jose. The work culminated in IBM's DB2 database and included large contributions from Jim Gray, now at Microsoft Research. "At first it wasn't clear that you could build an optimizer that would be as efficient as a human programmer," says Chamberlin. "It took a little while for the relational ideas to catch on. It required a software layer to be implemented that could take a high level language that could map it down to an efficient execution plan," he says. "We had the same arguments with high level languages with Fortran in the Sixties. There would be programmers who would insist that 'I can do a better job with my registers'". "It took a practical demonstration that we could build a good optimizing compiler for SQL," he said. "We were up against existing products, some of which from IBM." Mike Ross, a spokesman for IBM's Almaden research lab, sets out why: "The Year 2000 issue was the result of memory limitations, but we can't imagine not having four digits on a date now; and relational databases allowed lots of flexibility when people weren't used to having flexibility." Codd is lauded for defining the twelve rules of a relational database. Although Codd was given an IBM Fellow award and focused on natural language processing, Codd also contributed to the System/R team. "There was a good synergy. Ted had studied Mathematics at Oxford, other members had more of a programming language and system implementation background." Even before his landmark "rules", Codd's influence was being felt beyond IBM. "I was at Carnegie Mellon University when he was the IBM liaison at CMU," Gordon Bell told us today. "It was while I was talking to him that I came up with an invention." The invention was Unibus, an interconnect that Bell introduced into Digital Equipment Corporaton's PDP line of computers. Bell described it as an "aha" moment. He went onto lead engineering on the VAX, and [oral history] Back to San Jose. Chamberlain related how he Codd spoke in aphorisms, which is a nice detail: "Codd had a bunch of ...fairly complicated queries," Chamberlin said.  "And since I'd been studying CODASYL , I could imagine how those queries would have been represented in CODASYL by programs that were five pages long that would navigate through this labyrinth of pointers and stuff. Codd would sort of write them down as one-liners. ... (T)hey weren't complicated at all. I said, 'Wow.' This was kind of a conversion experience for me, that I understood what the relational thing was about after that." [via the fascinating and exhaustive System/R reunion site, which records vital oral history, with important things to tell us, and you must spend some time there. Today, if you can.] Chamberlin also said (at the reunion) that Codd was slightly distant from the System/R project, in case it failed. And Codd would probably, he adds, have judged anything a failure against his own exacting 12 rules. Codd's 12 rules expanded into 300, and were last seen heading north at over a thousand. So who's to say who was right? Commercial The first commercial RDBMS was Multics Relational Data Store, from Honeywell, which shipped in 1976. But at the University of California, Berkeley in 1973, Michael Stonebraker and Eugene Wong used published information on System/R to begin work on their own relational database. Codd's work - and the early published information on System/R - helped push their efforts along. Their Ingres project would eventually be commercialized by Oracle Corp., Ingres Corp. and other Silicon Valley vendors. Codd was born in Portland, Dorset, attended Oxford University and served in the RAF in the Second World War. He joined IBM in 1953, and retired on 1 May, 1984. He subsequently formed a company with RDBMS expert Chris Date. Jim Gray told us by email that a wake will probably be held in the San Francisco. It hasn't been organized yet, but "is likely to happen at IBM on Ted's Birthday in August." ® Good Links System/R reunion site Multicians.org any more? - ao
Andrew Orlowski, 24 Apr 2003

Europe gets new game rating system

A new pan-European age rating system for computer and video games is to be introduced to help protect kids from unsuitable content. Known as PEGI (Pan European Game Information), the new system will eventually replace existing age rating systems currently used in European countries. Each game will feature an age rating (3 and over; 7 and over; 12 and over; 16 and over, and 18 and over) on the front cover of the title plus a brief description of the game's content. The only exception to the new rating system - introduced by the Interactive Software Federation of Europe (ISFE) - are some minor local variations in Portugal and Finland. Oh, and Germany won't be using it since will retain its own rating system - 'cos that's the law. Those behind PEGI - which will be regulated by the industry - hope it will make life easier for parents and adults buying games for kids. ®
Tim Richardson, 24 Apr 2003

64-bit Solaris for Opteron coming, McNealy tells Reg

Sun Microsystems is attacking the low end x86-based server market with force, as it has announcements around both AMD's Opteron processor and Intel's Xeon processor on the way, executives said today. Scott McNealy, Sun's CEO, Chairman and President, said in an interview that the company has already started work on a 64-bit version of Solaris for AMD's Operton chip. This move shows far more support for AMD's new chip than Sun first indicated with an announcement this week for only a 32-bit version of the OS on Opteron. "We're doing that," McNealy said. "The investment is happening. It's not hard to get 64-bit since Solaris is a 64-bit OS. That was probably understated at the launch. We just wanted to make sure we were out of the block with what we had ready." Sun, however, does not plan to ship Opteron-based servers. "We have no plans today to do x86-64 hardware," McNealy said. "We are very comfortable with 64-bit SPARC." Sun will be shipping more Intel-based hardware later this year, rolling out what it calls part of a "family of systems." Sun already ships one Intel-based system - the dual-processor LX50 - but executives admit that this server fell short of expectations. "That product was done by a team that did not understand the x86 market," said Neil Knox, the head of volume systems at Sun. "We have a lot to learn in the x86 space. It's a totally different environment from SPARC." Knox confirmed that Sun will use Xeon processors in servers due out next quarter. We pushed Knox to say exactly which kind of Xeon chips Sun will use, but the best we could get out of him was, "It will be a five thh... you almost got me." The only thing we could gather from this was that Sun may use a top-of-the-line Xeon with a 533MHz frontside bus. All of this activity from Sun in the x86 market still seems odd after so many years of beating the Solaris/SPARC drum. Unlike other Intel vendors, however, Sun does not see a lot of x86 hardware leaving the shipping docks unless SPARC systems are part of the deal as well. We asked McNealy what he thought the prospects were of an Intel only sale. "It all depends," he said. "If you go out and buy a piston ring, then you can call that a piston ring-only sale, but nobody really just buys a piston ring. You need a piston, a manifold, then you need an engine block, a carburetor, a distributer, this that and the other thing. Pretty soon you need a car. "A stand alone Intel server just doesn't solve a problem. You need an app server, directory server, database server, support, etcetera. Pretty soon you need a big freakin Web tone switch." So how big of a role will your Intel line play then? "Let's wait until we've done our 32-bit announcement," McNealy said. "We've done one. It's the LX50. You know and I know that there will be better stuff coming out. Wait until the announcement later this year. Then we can talk about it in more detail. It will be interesting." ®
Ashlee Vance, 24 Apr 2003

PDA sales plummet thanks to ‘limited appeal’ – IDC

Palm may have launched two new PDAs yesterday, but if the latest figures from market researcher IDC are anything to go by, it's going to have a tough time persuading consumers and businesses to part with their cash. IDC's numbers show PDA sales continue to decline. Some 2.45 million devices shipped throughout the world during the first three months of 2003, down 21.3 per cent on the same period last year. Around 36 per cent of those machines (881,709 units) were produced by Palm, which retains market leadership in terms of units shipped. That marks a 30.5 per cent decline on the 1.27 million PDAs it shipped during Q1 2002. HP, in the number two slot with 18.1 per cent market share, also saw unit shipments decline year-on-year, from 473,000 - based on combined HP and Compaq shipments - in Q1 2002 to Q1 2003's 444,000 units, a drop of six per cent. The big winners are Sony and Dell, number three and number four in the market, respectively. Sony saw shipments rise 60 per cent from 250,000 units to 400,000 - 16.3 per cent of the market. Dell, meanwhile, has come from nowhere to take 6.5 per cent of the market, shipping 159,000 Axim PDAs. Toshiba (number five), Casio (6) and Sharp (8) continue to see only single-figure market share, though they're now joined by one-time market number two, Handspring (7), which has seen shipments plummet since its decision to move away from pureplay PDAs into the more expensive PDA-cum-phone arena. RIM (9) took 2.1 per cent of the market, shipping 51,000 Blackberries. "The post-holiday slump in enterprise and consumer spending on handheld devices mirrored the difficult worldwide economic climate," said Ross Sealfon, an IDC research analyst, in a statement. "Beyond the impact of seasonality... continued economic instability hampered device purchases. Despite the availability of new, low-priced models and affordable, highly functional models, handhelds offer limited appeal to the majority of consumers and enterprises." ®
Tony Smith, 24 Apr 2003

Trojan defence clears man on child porn charges

A man was cleared of possession of child porn this week after experts testified that a Trojan horse infection on his PC could have downloaded 14 depraved images without his knowledge. Karl Schofield, 39, of Reading, was found not guilty after prosecutors accepted expert testimony that the unnamed Trojan could have been responsible for the presence of 14 child porn images on Schofield's PC. It's believed to be the first time such a defence against child porn charges has been run in a UK court case. Prosecutor Nadia Chbat told Judge Stanley Spence: "The Crown would not be able to say he is the only person who knew of these images on his computer." Local news site get Reading has more background on the case, including details of the sustained harassment suffered by Schofield in the two year run-up to the case. ®
John Leyden, 24 Apr 2003

Oftel could block BT's ADSL price cut

BT could be forced to shelve plans to cut the wholesale cost of its broadband product while telecoms regulator, Oftel, investigates complaints from rival operators. Sources have told The Register that Oftel is mulling the idea while it carries out a full investigation into complaints that the cost cut is "anti-competitive". The price drop announced earlier this month only applied to BT's 'IPStream' service - the wholesale end-to-end service provided by BT Wholesale to the telco's retail operations and other service providers. However, Energis, Thus and Tiscali all complained to the regulator incensed that BT failed to pass on similar price cuts to its wholesale Datastream service - a product that allows other service providers to use their own networks to provide competitive broadband services. A spokeswoman for the regulator confirmed that Oftel had received three complaints and was currently investigating the matter. However, she declined to comment on speculation that Oftel planned to block the proposed price cut except to say: "We are looking into all possibilities." However, she confirmed that Oftel is due to make an announcement on the matter - possibly as early as next week. Oftel does have the power to block price cuts and has done do in the past. A spokesman for BT Wholesale said the telco was currently helping Oftel with an investigation into the proposed price cut but remained unaware of any opposition from the regulator. He was confident that the cost cut met the telco's licence obligations. ® Related Stories Thus complains to Oftel over BT ADSL 'margin squeeze' Tiscali blasts BT's 'anti-competitive' ADSL price cuts BT confirms ADSL price cuts BT to cut wholesale ADSL prices
Tim Richardson, 24 Apr 2003

Freeserve hits back at regulator

The acrimonious war of words between Freeserve and Oftel is once again being played out in the FT as the two outfits show little sign of patching things up. In a letter published in the pink paper today Freeserve's David Melville replies to an earlier letter from Oftel boss, David Edmonds concerning their recent spat in the Competition Appeal Tribunal. Wrote Mr Melville: "Many will find it surprising that the director general of telecommunications is not embarrassed by the fact that his original decision to reject our complaint on pricing was quashed by the Competition Appeal Tribunal, which described his approach as insufficient and unclear, even taking into account the ample opportunity given to him to elaborate his position. He went on: "The industry will share Freeserve's hope that in his enthusiasm to claim 'victory', Oftel will not lack either the appetite or resources to investigate the pricing issue properly, with an open mind, and in accordance with the three-month time limit the court has demanded." Ouch. ® Related Story Oftel and Freeserve competition row rumbles on
Tim Richardson, 24 Apr 2003

Matrox launches Parhelia LX-based Millennium P series

Reg Kit WatchReg Kit Watch Graphics Matrox yesterday unwrapped its latest Parhelia graphics chip, the LX, pitching boards based on the part at professional video editing users. The Parhelia LX supports AGP 8x and up to 64MB of DDR memory across a 128-bit interface. The chip can support up to three DVI, RGB and TV displays. It supports OpenGL 1.3 and DirectX 8.1. The part will power two graphics cards: the Millennium P650 and P750. Both contain 400MHz RAMDACs capable of supporting resolutions up to 1920 x 1440 on analog devices and 1600 x 1200 on digital displays. The P650 provides dual monitor support; the P750 can drive two monitors plus a TV, or three monitors. The Millennium P650 will sell for £117/EUR169 and the Millennium P750 will sell for £173/EUR249. Both cards in the Millennium P-Series will be available during Q2. ®
Tony Smith, 24 Apr 2003

E-voting could cure voter apathy

A major trial is about to kick off in the UK that could help decide whether e-voting is merely a gimmick or whether it can genuinely help cure voter apathy. Some 1.5m people in 18 local authorities will be able to vote by text, the Net or digital TV in local elections in England on May 1. According to research published today by the Electoral Commission, half of adults reckon technology could make the difference to them voting or not. Predictably, 18-24 year olds were the most upbeat about it with three out of four saying they were turned-on by the prospect of e-voting, although sceptics claim this enthusiasm is based on e-voting's novelty rather than anything of any substance. Either way, the Electoral Commission's research found that four in ten of punters were keen to use the Net to vote, a third would like to text, while a quarter were happy to use digital TV. Last year, less than a third of voters turned out for local elections. A fifth of those non-voters said they didn't put an "X" on a piece of paper because taking a trip to the polling station was too "inconvenient". ®
Tim Richardson, 24 Apr 2003

Look out for the latest IE and Outlook Express patches

It's patching time again for Microsoft users, after the software giant released "critical" fixes for Internet Explorer and Outlook Express last night. First up there's a patch for Internet Explorer, designed to fix four critical vulnerabilities, the worst of which could allow crackers to inject arbitrary code onto a victim's machine. The root cause of this problem is, as usual, a buffer overrun vulnerability. URLMON.DLL is the culprit, in this particularly case. Exploit scenarios are all too familiar: a cracker would trick a user into visiting a maliciously constructed Web site, possibly using spam messages. The other three problems involve: a "moderate" vulnerability in the IE file upload control, a flaw in the way IE handles the rendering of third party files and a problem in the way "modal dialogs are treated by IE". Users of IE 5.01, 5.5 and 6.0 are potentially affected by these issue, which are explained in much greater depth in Microsoft's advisory. Separately, Microsoft issued a patch to correct a potentially devastating vulnerability with Outlook Express. The problem, which affects OE 5.5 and 6.0, involves a flaw in how HTML is encapsulated in email messages. The upshot of this complex problem, explained in greater depth here, is that attackers might be able to launch locally stored programs if they were able to trick victims into visiting a maliciously constructed Web site. That's the theory, anyway. There's more information, and links to a patch for this critical problem, in Microsoft's advisory. ®
John Leyden, 24 Apr 2003

Europe slaps 33% duty on Hynix DRAM imports

The European Commission has imposed a 33 per cent import duty on Hynix DRAM products, Dow Jones reports. The move comes as no surprise. The EC ruled last month that Hynix had received illegal government aid in the form of loans provided by banks owned or part-owned by the South Korean government. Such aid, which the EC believes allowed Hynix to sell DRAM into Europe for less than it cost to produce, is forbidden by World Trade Organisation rules. As a penalty, the EC said it would impose a tariff of 30-35 per cent on Hynix DRAM imports. This decision pre-dates a similar tariff, of 57.37 per cent, which the US Department of Commerce said it intends to impose this summer for the same reason. Both rulings followed investigations into complaints made by Infineon in Europe and Micron in the US. Memory makers in Taiwan and Japan are believed to be pursuing the imposition of comparable tariffs with their own trade regulators. ® Related Stories Europe judges Hynix rescue funding illegal US hits Hynix with 57 per cent import duty
Tony Smith, 24 Apr 2003

Orange roots ‘help Hutchison 3G’

Despite the many obstacles facing British 3G operator '3,' its ties to Orange will help it succeed, experts say. In its recent assessment of Hutchison 3G's UK subsidiary '3,' research company Current Analysis said that it is taking "a slightly positive stance" on '3' UK, and on its plans for building a new UMTS-specific network in the UK and delivering 3G services. Concern had been raised from various quarters within the industry that Hutchison, which also has a 3G licence in Ireland, would struggle because it lacks a 2G/GSM/GPRS network, the standard most British consumers are currently using. And Current Analysis points to other potential stumbling blocks, such as the firm's lack of an existing customer base, massive expenditure in building its network and no apparent services targeted at business customers -- a group most likely to have the spending power to purchase its product. Another potential trouble is the cost of 3G handsets, which come in at STG199, compared to rival 2.5G multimedia handsets from Vodafone at STG99. The fact that '3' UK will sell dual mode handsets as part of its roaming agreement with O2 is however a positive sign. Current Analysis also said it had faith in '3' because it is, in many ways, following in the footsteps of Orange, which itself was a new entrant to the UK mobile sector that managed to succeed. Not least of these ties is that Hutchison 3G's biggest shareholder is Hutchison Whampoa, one of Hong Kong's largest companies and initial owner of Orange in the UK. In this vein, some of '3' UK's top executives are ex-Orange workers, including Managing Director Dr. Colin Tucker and Strategy and Marketing Director Lisa Gernon. "Everyone who wants a phone in the UK has one," warned Michael Ransom, author of the report, adding that if '3' is to make a successful entrance into the market it will have to show people how its services work and the benefits that come with them. Indeed the company's report acknowledges the importance of 3's focus on content, referring to its contracts with the UK FA Premier League to deliver football content, along with similar deals with the BBC for other video content. Furthermore, 3 reportedly has partnerships with nine game development companies for a range of new and classic style arcade games. Current Analysis also offers a few recommendations to would-be '3' subscribers including a suggestion that consumers organise in-store demonstrations of the company's service prior to purchase. The researcher also advises against customers upgrading to GPRS, claiming they will only have to upgrade to 3G in the future, and notes that there are dual-mode phones GSM/GPRS and 3G phones already available. Asked if '3' will succeed in the UK, Ransom said "It's a 'when' rather than an 'if,' over a long period of time," adding that mobile phone users are only starting to use picture messaging and video on their phones. © ENN
ElectricNews.net, 24 Apr 2003

Gameplay slams online VAT loophole

Online game retailer Gameplay.com has begun a campaign calling on the government to close a loophole in European tax laws which allows offshore companies to import cheap goods into the UK VAT-free. Under current legislation, anything worth less than £18 can be imported free of VAT, a price bracket which covers CDs, DVDs and budget videogames - key elements of the catalogue of goods offered by retailers such as Gameplay.com. This loophole gives an unfair advantage to offshore companies, according to Gameplay managing director Andy Mee - who points out that many British-based Internet companies are now moving their businesses to the Channel Islands in order to remain competitive, with the cost being measured in British jobs. "All the British Government does however is blame Brussels," he told the Yorkshire Post today. "When I asked why VAT could not be charged on all imports, or even a small levy, I was told it would take too much administration. The support it claims to have for e-commerce simply isn't there." One of the main e-tailers to benefit from the tax loophole is Play.com, which is able to undercut its rivals in the music, DVD and videogame markets significantly thanks to its VAT-free prices. Gameplay, along with Yorkshire MEP David Bowe, is calling on the government to follow the example of Belgium and opt out of this element of the tax laws, thus equalising VAT charging across all types of imported products. © gamesindustry.biz
gamesindustry.biz, 24 Apr 2003

DirecTV mole to plead guilty

A 19-year-old University of Chicago student accused of leaking the secrets of DirectTV's most advanced anti-piracy technology to hacker websites has agreed to plead guilty to violating the rarely used 1996 Economic Espionage Act. Igor Serebryany is scheduled to appear Monday in federal court in Los Angeles to enter a guilty plea, as part of a plea agreement reached between defense attorneys and prosecutors last week, lawyers for both sides confirmed Wednesday. The plea deal does not stipulate a sentence, which will be governed by federal guidelines, according to the prosecutor in the case. Passed to meet the perceived threat of foreign espionage against American companies, the Economic Espionage Act carries harsh penalties for stealing trade secrets for personal financial gain, or for a third party's economic benefit. For the first five years of its existence the law could only be used with approval from the Justice Department in Washington -- a limitation that was lifted in March, 2002. Unlike most defendants charged under the act, Serebryany is not accused of having a personal financial motive -- the student was not himself a satellite TV pirate, and he gave the secrets away for free. Even with a plea agreement in place, that the powerful law was leveled against the teen doesn't sit well with Serebryany's defense lawyers. "We have some problems with the fact that this was filed," says Kiana Sloan-Hillier, one of Serebryany's attorneys. "Clearly, it was not [meant] to be used carelessly." "It's the crime of stealing trade secrets, so it's properly used when trade secrets are stolen," counters prosecutor James Spertus. "I imagine most people who steal get paid for it, or somehow profit by it... but it's the theft that's the crime. There's no more appropriate statute to use in this case." Smart Card Hacks According to an FBI affidavit, Serebryany's adventures began when he found himself with access to some of DirecTV's most coveted technological secrets while working for his uncle at a document imaging company at the office of a Los Angeles law firm, Jones, Day, Reavis and Pogue. The firm was representing the satellite TV company in a lawsuit against NDS, the makers of the smart cards DirecTV uses to control access to its signal. For years, those smart cards have been at the center of an electronic arms race between satellite TV pirates and the company's own technologists. Each plastic card resembles a credit card, but is a completely self contained microcomputer with its own embedded software and memory. In normal operation, a subscriber inserts the card into a slot in the DirecTV receiver, and a satellite signal from the company tells the receiver which channels, if any, the subscriber is allowed to watch, based on the unique identification number coded into each card. Each successive generation of DirecTV cards has become more technically advanced, but each has eventually been cracked by sophisticated hackers, largely based in Canada where the company is not licensed to provide service, and where until recently selling hacked access cards and equipment was not a crime. Serebryany's job gave him access to the internal technical secrets of the newest version of the smart card, the so-called "P4" card, that DirecTV had begun distributing to subscribers, and which satellite hackers were nowhere near conquering. As described by the FBI, the company closely guards those details with security procedures that rival a defense contractor -- confidentiality agreements, high-power encryption, "need to know" access, and an air-gapped computer network. "Whenever a writing references DirecTV's P4 technology, it must be printed on specific colored paper so it can be easily identified on sight, thereby decreasing possible theft of that writing," wrote the FBI of one of the company's precautions. According to court records, the student began smuggling digitized copies of the papers out of the law firm on CD ROMs, and e-mailing them pseudonymously to the underground. Only a small percentage of the stolen data made its way to public websites, and none of it has yet inspired a successful hack against the cards. "My personal feeling was he was just kind of a young kid, impressionable, that made a mistake," says "Risestar," a British Columbia man who runs the satellite hacking site PirateDen.com, which received, but apparently did not publish, some of the documents. "He thought he was helping people out and he didn't weigh into account the results of his actions." Lawsuit Over Hacking Advice Serebryany's plea agreement comes at a time when DirecTV's lawyers are targeting other sources of hacking information. Last week the company filed a federal lawsuit against an alleged Illinois satellite TV pirate who uses the online handle "Ump25" to post message to PiratesDen.com and other satellite hacking sites. In addition to allegedly stealing DirecTV service, the complaint charges that Ump25 -- who claims in online forums to be a major league baseball umpire -- posted detailed information on how to hack earlier versions of the DirecTV smart cards, thereby "assisting the unauthorized decryption of satellite programming." Unlike Serebryany, Ump25 isn't accused of stealing trade secrets -- an important distinction to Risestar, who says the lawsuit is an unprecedented attack on his users' freedom of speech. "It pretty much boils down to a Constitutional issue," says Risestar. "This guy didn't release any specific tools that aided and abetted anyone. All he did was share his knowledge and experiences publicly, and post." But Marc Zwillinger, the chief litigator in DirecTV's war on piracy, says Ump25's posts aren't much different from posting a DVD descrambling program to the Internet, which has been ruled illegal in the past. "These weren't just instructions like, 'do this and do that.' He was putting up the actual changes to make to the card -- specific code bytes that needed to be changed," says Zwillinger. "People say you should be able to log onto the Internet and say anything. But if you go on the Internet and admit to misconduct, that's called a confession." ©
Kevin Poulsen, 24 Apr 2003