The software industry is facing a "spiralling Internet piracy problem" that threatens to reverse a global trend that has seen the thieving of commercial software decline over the last eight years. In its latest annual study [pdf] the Business Software Alliance (BSA) claims that software piracy has decreased 10 points (from 49 per cent to 39 per cent) since 1994, thanks to increased education and tighter legislation. It notes that every country - except Zimbabwe - has reduced its piracy rates since 1994, the year in which the study was first commissioned. In the US, piracy rates have hit an all-time low of 23 per cent, the report said, making it the country with the lowest piracy rate in the world. The UK, though, saw its piracy rate nudge up 1 per cent last year to 26 per cent. "It is welcoming news to learn that the worldwide software piracy problem has improved significantly since the release of the first study," said Robert Holleyman, president and CEO of BSA. "However, it's critical to recognise that the industry is facing a spiralling Internet piracy problem. In the future, if the industry is to continue its success in reducing the problem further, then clearly, more robust education and advocacy initiatives will be required." Earlier this year the BSA claimed that clamping down on software piracy could help "jumpstart the world's stagnant and struggling economies" by creating new jobs and business opportunities. The report claimed that cutting global piracy levels from 40 per cent to 30 per could lead to the creation of 1.5 million new jobs, increase economic growth by $400bn and generate $64bn in new taxes. ® Related Story Cut software piracy and jumpstart 'stagnant' economies
Security consultancy @stake has completed a comparative security analysis of Microsoft's .NET Framework and IBM's WebSphere development environment which concludes that Redmond's environment takes less effort to secure. Although touted as independent the analysis was funded by Microsoft, a point openly disclosed by @stake openly discloses. For the record, @stake compared Microsoft's .NET Framework Version 1.1, running in Windows Server 2003, and IBM's WebSphere Java 2 Enterprise Edition (J2EE) framework, running in both Unix and Linux environments. The research shows that while both frameworks provide comprehensive tools and infrastructure for building secure Web applications and Web services, the .NET Framework on Windows Server 2003 "better complies with security best practices and requires less effort to secure," according to @stake. "The study is a great resource for software developers who are designing, developing, testing and maintaining the security of their Web applications," said James Mobley, president and CEO, @stake, Inc. "Microsoft has made significant progress on application platform security. Windows Server 2003 and the .NET Framework 1.1 were clearly built with security in mind and received strong ratings from our research team." @stake is now a key partner of Microsoft and has staff employed in code review for the software giant. It has come a long way since the days when its founders at L0pht poked not-so gentle fun at Microsoft in the tag line to their Web site. (From memory, L0pht had a quote from someone at Microsoft saying "that vulnerability is purely theoretical" with a rejoinder saying "L0pht: making the theoretical possible since 1997"). You want to know more about the tests? Here's what @stake has to say about its study: To evaluate the platforms, @stake developed a scoring system for calculating "security best practice compliance" and "ease of securing" metrics. When the scores for three scenarios - Web application, Web service and Intranet application - were calculated, the .NET Framework scored higher than WebSphere in both areas by a narrow margin. @stake's findings define the strengths and weaknesses of each framework in relation to feature completeness, level of security provided by default, and the overall level of effort required to bring solutions built on the platforms to a level compliant with security best practices. @Stake has published a more detailed breakdown of its findings and methodology here. In fairness to @stake, the report shows that the company has worked hard on the project. But we wonder if you can ever be objective about security. Neil Barrett, technical director at UK consultancy Information Risk Management (IRM), says he is yet to see objective measurements on security, although there are objective metrics of usability in computing IRM has tackled project involving both WebSphere and .NET. .NET projects are encountered far more frequently in IRM's work. According Barrett, the .NET framework is easier to handle and "more engineered out of box", in common with most Microsoft products. WebSphere, by contrast, offers more choices. While this may supply more potential for slip-ups, an expert would welcome this increased level of control, make more good choices and end up building a more secure platform, Barrett says. So while it might, as @stake suggests, be easier for novices to get up to a pretty good level of security using .NET, other tools may be better suited to building a really secure platform. And @stake's study neglects arguably the most important area in security: the human factor. ® Related Stories Windows Server 2003 - Secure by Default Office workers give away passwords for a cheap pen People are the biggest security risk NT4.0 too flawed to fix - official IT managers trust Microsoft on security... Too cool for secure code Open and closed security are roughly equivalent External Links Security analysis of Microsoft .NET Framework and IBM WebSphere, by @stake (funded by MS) Vs. Passive smoking isn't really harmful, 'independent' study funded by tobacco industry
J2EE is emerging as the dominant environment for web-enabled application development. Just less than half of the European retail financial services institutions surveyed by Datamonitor are using J2EE as their primary environment for web-enabled application development. Interestingly, even though IBM and BEA are neck-to-neck in the overall applications server market, IBM's WebSphere platform has a commanding lead among J2EE-using European FSIs. As part of a survey of European retail banks and insurance companies, institutions were asked to name their strategic development environment for web-based application development. For 44% of interviewees, this was "primarily J2EE", while 17% answered "primarily .Net". J2EE's position is particularly strong among UK, French and German institutions, where web-enabled application development is most advanced. In Spain and Italy, J2EE is somewhat less well established and this was reflected in a greater prevalence of .Net. However, a significant number of respondents preferred a 'wait and see' approach, either using both or remaining undecided and opting for neither. These results don't really hold any surprises - J2EE has gained a lot of ground among the top tier European financial services institutions thanks to the level of flexibility that it offers. .Net, by contrast, has come somewhat later to the market and it is more likely to be favored by the smaller banks that have traditionally been wedded to Microsoft and are less likely to have large internal IT development capabilities. Institutions favoring a J2EE-based strategy were then asked to name their primary application server platform. IBM's WebSphere was selected by 66% of respondents, followed by BEA's WebLogic in second place with 20% of responses. WebSphere had a strong presence across all the major European markets, whilst BEA's presence was primarily concentrated in the UK and German markets. WebSphere was particularly dominant in the insurance sector, where 84% of companies cited it as their strategic application server platform. Meanwhile, competition in retail banking was more fierce, with 53% of respondents using WebSphere, 26% using WebLogic, 12% using Sun and 9% using Oracle. This represents a significant departure from the overall application server market, where BEA and IBM are thought to have more or less equal strength. This difference may be due to BEA having less mindshare in Europe and the fact that IBM already has such as strong presence in European financial services at the infrastructure level. © Datamonitor is offering Reg readers some of its technology research FOC. Check it out here.
Cable & Wireless has announced 1,500 new job cuts after announcing lower than expected full-year revenue. The telecoms company said the cuts would be made over 18-24 months. But speaking on CNBC on Wednesday, Cable & Wireless Chairman Richard Lapthorne said that as many as 1,000 jobs could be cut before the end of this year. He said the company has looked at a number of benchmarks in comparison to other operators and has realised that Cable & Wireless is employing "far too many people" relative to the size of its business. The job cuts are part of an extensive restructuring programme that will also see C&W drop its United States business, which lost more than STG255 million last year. Despite an investment in US operations that is thought to have run into billions of dollars, Cable & Wireless said it now realises there is no long-term viable business there for the company and it will withdraw from the region in the most cost-effective way possible. For the full year to 31 March, C&W reported revenues down 24 percent to STG4.391 billion, lower than even the most pessimistic analyst estimates of STG4.5 billion. Its loss before tax and exceptional items ballooned from STG14 million last year to STG224 million in 2003, a result that CEO Francesco Caio frankly admitted was "unsatisfactory." Including exceptional items, the full-year loss was STG6.53 billion. Lapthorne said that dividends would also be suspended for a year and that his priority is to create a stable financial base for the company, which he said could return to profitability by 2005. Cable & Wireless, which claims to have the largest UK market share after BT, also has operations in territories including the Caribbean, Japan, mainland Europe and Panama, with more than 18,000 employees. From now on, regional CEOs will be responsible for the financial performance in their territory, and in its reporting the company will focus now on Profit Before Tax (PBT) instead of Earnings Before Interest, Tax, Depreciation, and Amortisation (EBITDA) to keep management's focus on the bottom line. Cable & Wireless was down sharply in morning trading in London, falling 10 percent to STG86.50. © ENN
A number of Japanese magazines are reporting that Microsoft is moving ahead with plans to release a redesigned Xbox, dubbed "Xbox 1.5", which will come in a significantly smaller case than the original model. Weekly magazine WAM has reported that the new system will be launched alongside the MMORPG True Fantasy Live in Japan later this year - a move which would make sense, given that True Fantasy Live is one of Microsoft's key hopes for invigorating sales of the Xbox in that territory. Also reporting on the new Xbox is respected Japanese games magazine Dorimaga, which speculates that the forthcoming hardware revision is the reason why Japan has not seen an Xbox price cut in the last few months - with the price of the old hardware expected to drop when the new version appears on the market. Many commentators fully expected Microsoft to unveil a revised version of the Xbox hardware at E3, following long-running criticism of the bulky casing of the console. It's not expected that any changes will be made to the internals of the system, however - this is, by all accounts, a purely cosmetic makeover. © gamesindustry.biz
It may only be a minor point upgrade, but Apple today cemented its position as the smartphone's best friend. While the mission is not complete, Apple is making good progress toward the threefold plan of getting a top notch Bluetooth stack, working with the phone vendors and most important of all, ensuring it all works through a good human interface. iSync 1.1, released today, supports a host of new devices, including the Nokia 3650 and 7650, Series 60 phones, and many more from Motorola and Sony Ericsson. A full list, and schedule can be found here. We were able to synchronize contacts on a Nokia 3650 with just a couple of clicks, after downloading iSync 1.1 and the recommended driver update. The photos came through intact. Calendar synchronisation is "coming soon". Microsoft's support for Bluetooth, either through political interest or technical incompetence, or both, causes Windows users nightmares - we know, because you tell us. Apple's Bluetooth support is exemplary. And it's worth taking stock. Macs can now send SMS from the Address Book application, and you can initiate and receive calls. Apple also updated QuickTime to support the video format used in the Nokia 3650 and 3GPP-compliant recorders. ® Related Story Apple boosts Bluetooth - Bluetooth boosts Apple What the hell is a Proximity Server and why should you care? Microsoft dispatches phone OEMs to knife Bluetooth Chuck out your handsets, here come the wristphones
Tesco is to punt its own-brand mobile phone service alongside tins of baked beans and jars of pickle. The monster supermarket chain is teaming up with O2 to create a new 50:50 joint venture - Tesco Mobile - which will flog Tesco-branded mobile services in its stores across the UK. Both companies plan to invest £8m in the JV over the first two years of the tie-up. Neither side can pull out of the deal before 2008. The new service is expected to be up and running in time for Christmas with handsets on sale in Tesco stores. Punters will get access to supermarket-style offers and the chance to earn Clubcard loyalty points when they buy handsets and airtime, Tesco said. In January, Tesco announced it was working with Cable & Wireless to create a fixed line telecoms service from early summer 2003. Called Tesco Telecom, the fixed line service will give punters what's been called "supermarket-style" offers for their phone calls. The service is based on Carrier Pre-Selection (CPS) technology that does away with the need for callers to use PIN codes and prefixes, or install special boxes in order to use a new telecom service. Supermarket rival J.Sainsbury is also entering the telecoms business after joining forces with Carphone Warehouse to provide mobile and fixed line telecoms services. Called TalkTalk, that service is due to go live later this month. ® Related Story Sainsbury's phone calls '30% cheaper'
Motorola is preparing a next-generation two-core G4-class PowerPC processor, the company will this week tell attendees of its annual Smart Networks Developer Conference, held in Disneyland Paris. The chip, as yet unnamed - at least in public - will contain two PowerPC cores with AltiVec, Motorola's SIMD engine. It will also contain its own memory controller, capable of connecting to DDR and DDR 2 SDRAM, according to documents seen by The Register. It will interface with the rest of the system using Rapid IO, the next-generation chip-to-chip bus developed by Motorola, but offered as a standard to the embedded processor industry. Given Motorola's Rapid IO heritage, support for the bus isn't surprising - indeed, on sales collateral produced earlier this year, the company's roadmap features a new chip, called the G4+, with Rapid IO built in. However, the chip will also support "general purpose IO" - presumably a reference to the 745x family's current bus, MPX - so the processor is clearly being designed with backward compatibility in mind. The G4+ that appears on the January roadmap will be fabbed at 0.1 micron, the sales sheet says, and will feature a "higher level of integration" than previous G4-class CPUs. As of January, the G4+ was simply a proposal to Motorola chiefs, but from presentations Motorola will make this week at SNDF, that the chip has been given the green light. As one presentation says: "We are putting a dual core PowerPC on our roadmap," and that a "high performance dual core is on our roadmap in a manufacturing process that provides a cost-effective solution." That suggests a 100nm as per the G4+ or, more likely, 90nm process. The chip is some way off, with a 2004 appearance at the earliest. Motorola's roadmap shows the company will split the G4 family next year into two lines: one featuring "integrated" parts, the other "discrete" chips. So Motorola still sees the value in offering straightforward processors without the extra IO and memory manager functionality. Whether that's because it still sees Apple as a potential customer isn't known. The dual-core processor is said to be "capable of going up to 2GHz" with 25W of power dissipation at 1.5GHz. By contrast, the upcoming 7457 dissipates 30W at 1.4GHz. Those are Motorola' numbers, based on a 7457 with a 1.6V core voltage. Motorola's dual-core presentation doesn't give a core voltage, but it's likely to be around the 1.6V mark. Apple watchers dismissive of that 2GHz target should bear in mind that Motorola's SNDF event targets the embedded market, the focus of the company's sales efforts. Motorola supplies Apple 1.25GHz and 1.4GHz 7455 processors - with part numbers like XC7455ARX1250PF and XPC7455BRX1400PF, respectively - but officially the 7455 only goes up to 1GHz. The 7457 officially maxes out at 1.3GHz, but that's a frequency intended to appeal to embedded processor makers. The version offered to Apple is likely to clock much higher, though whether Apple takes it or not is another matter - it may prefer IBM's 64-bit PowerPC 970. The bottom line is that Motorola almost certainly can offer significantly higher clock speeds to its desktop customers, even though it doesn't generally discuss such products, presumably to indicate its strong focus on the embedded market. That applies as much to future dual-core parts as to today's G4-class CPUs, and Motorola believes it can offer such a chip at high clock speeds yet keep it within today's chips' power dissipation levels. Achieving that will be Motorola's 90nm silicon-on-insulator (SOI) fabrication process (HiPerMOS 8-SOI) and the company's use of low-k dielectric materials, as we reported yesterday. HiPerMOS 8-SOI is due to come on stream early next year. Beyond that, during 2005, Motorola will transition to HiPerMOS 9-SOI, its 65nm process, which also pulls in thin-film SOI techniques. AMD is working with IBM on something similar (see AMD 'super' SOI to boost chip speeds by 30%). ® Related Stories Motorola starts to talk up PowerPC 7457 Motorola to boost 0.13µ PowerPCs with low-k dielectrics IBM preps 1GHz-plus PowerPC 750GX 'Gobi' AMD 'super' SOI to boost chip speeds by 30%
MCI - which recently changed its name from WorldCom - is to close its office in Cambridge. Workers were told of the closure yesterday during a conference call by new EMEA MD, Andrew MacLeod, who only started his job at the beginning of the week after serving time as COO at Cable and Wireless Global. According to sources, one of his first tasks was to tell workers that the Cambridge office is to close and that they can either move to the company's European HQ in Reading or take redundancy. It's understood that more than 200 people work at MCI's offices in Cambridge. The company declined to say how many people were likely to lose their jobs. However, in a statement the company told The Register: "As part of our corporate restructuring, we announced that we intended to consolidate a number of facilities across the company, in an effort to control costs and to centralise our operations. "While we cannot discuss specifics at this time, we can confirm that the Cambridge facility will be impacted by this process." At this stage its not know if MCI intends to "consolidate" other "facilities" in the UK. ® Related Story WorldCom to adopt MCI name
The Register's Wireless LAN Channel AT&T is rolling out WiFi hotspots across the hotel lobbies and airport lounges of America and is pitching the service very much at road warriors and their big business employers. The telco says that it will deliver secure access from its public WiFi network to corporate intranets in 2003. And in the following year it will offer access to AT&T secure network services over its public WLAN network. It makes good economic sense to for AT&T to public WLAN on business users, and especially existing business users. With assured security and seamless billing, AT&T can keep corporate customers happy. And there is more chance of turning a profit by getting and keeping the high-roller suits on board. As we have noted, the chances of success for public WLAN networks which rely on people seeking entertainment, freelance journalists and sundry passers-by are slim indeed. But by definition, road warriors are not a captive market. AT&T's WiFi network is unlikely to be ubiquitous. The company will need to come to terms with rival networks to deliver seamless roaming and service provision, if it is to offer anything more than patchy coverage. AT&T made its WiFi announcement yesterday at SUPERCOMM 2003. In a keynote speech CEO David Dorman announced the company is investing $500m this year in upgrading corporate customer service. "From ordering and provisioning to maintenance and billing, nearly all aspects of customer experience in the telecom industry have been broken for more than 20 years," he said. Don't we know it. The AT&T press release replete with upgrade news is here. ® Related stories Wi-Fi hotspots mean some burnt fingers Operators falling short of ambitious Wi-Fi roll-out plans Free Wi-Fi punted to pubs and hotels Public Wi-Fi has look and feel of a dead duck The Register's Wireless LAN Channel
London-based information security consultancy Defcom has been placed in administrative receivership. A representative of the company confirmed that administrative receivers had been appointed to run its business but declined to answer our subsequent questions over the phone. He said the company needed to receive questions by fax. We've sent over a list of questions and will update you if and when Defcom responds. Defcom Information Security Ltd was set up in the UK in April 2002 as a result of a management buyout by the London office of Defcom AB. The london offices of Defcom AB were set up in 1999. Defcom specialised in offering security consulting and penetration testing services. According to its Web site Defcom's clients included "30 companies from blue chip financial institutions and energy conglomerates to IT security service providers themselves". According to industry sources, some of the pen-testers in the company have left to form their own company. Security consultancy is an expanding, but highly competitive, market so it's possible Defcom will re-emerge from administration in some form. ®
Palm is to acquire Handspring, the company set up when its two founders, Jeff Hawkins and Donna Dubinsky, decided to go it alone in 1998 following Palm's acquisition by 3Com. The deal, announced today, follows final approval of Palm's board for the plan to spin off PalmSource. So as Palm waves goodbye to its operating system development wing, it's saying hello to a very experienced smartphone development team. Subject to shareholder and regulatory approval of course. PalmSource will go first, allowing the remaining Palm Solutions Group to merge with Handspring. Handspring shareholders will be offered 0.09 Palm shares - no PalmSource stock, though - for each Handspring share. As a result of the merger, Handspring's shareholders will own approximately 32.2 per cent of the newly merged company on a fully diluted basis, and Palm's shareholders will own approximately 67.8 per cent. The resulting company will contain two business units: handhelds and smartphones. The former will presumably continue to develop the Zire and Tungsten PDA brands under current PSG chief Todd Bradley, while the other unit will work on Treo, Handspring's smartphone, under Handspring's COO, Ed Colligan. Hawkins will become overall CTO of the merged operation. Dubinsky will stay on as a Palm board member. Further down the employment ladder, some 125 people will lose their jobs in the merger, presumably from both Palm and Handspring. It's not hard to see why the two have come together - a move that has been rumoured a number of times over the last few years. Handspring has been having a particularly tough time recently, achieving critical acclaim for its Treo line, but far fewer sales than its original Visor PDA product line achieved, leading to a corresponding collapse in its market share. Indeed, the closer you look, the more this looks like a Handspring rescue bid. Say the companies: "As part of the merger agreement, Palm will provide an initial $10 million line of credit to Handspring for working-capital purposes until the transaction closes. Under certain conditions, the line of credit may increase to $20 million, and its maturity may be extended." In other words, Palm is bailing Handspring out. It's providing enough cash to keep it afloat until the merger completes - in the autumn, if all goes to plan - and will cough up more if Handspring needs it. In short, without Palm money, Handspring's toast. Palm itself has continued to lead the market, and has done very well launching Tungsten and Zire, particularly the latter. Handspring's products will give a new string to its bow. That said, Palm has always been vociferously opposed to the concept of the merged phone and PDA - it believes the two devices should be kept separate. It's hard to imagine it has really changed its mind. But at least Treo gives it a line of products not currently offered by its main PalmOS rival, Sony's Clie family. ®
Motorola's latest G4-class PowerPC processor, the MPC7457, will feature prominently at this week's Smart Networks Developer Conference (SNDF), being held at Disneyland Paris. The 7457, codenamed 'Apollo 7', was announced last February, and began sampling in March. In February, Motorola said the part would ship in volume in Q4 2003. The chip is essentially a die-shrink of the current 7455 (aka 'Apollo 6') as Motorola moves from a 0.18 micron to a 0.13 micron process. That has allowed the company to expand the chip's on-die L2 cache from the 7455's 256KB to 512KB. That, says Motorola, brings the 1.3GHz 7457 a 40 per cent speed increase over the 1GHz 7455. The clock frequency hike provides just a 33 per cent performance boost - the rest comes from the chip's extra L2 cache. The 7457 features a faster, 200MHz system bus, paving the way for 400MHz DDR SDRAM support. It can also cope with more backside L3 cache than its predecessor: 4MB compared to the 7455's 2MB. According to Motorola documents seen by The Register, the 7457 is "footprint compatible" with the 7455, but the new chip has an extra pin for L3 cache addressing. The documentation implies that the equivalent pin on the 7455 isn't connected to anything, so provided Apple has designed its existing CPU daughtercards with the 7457 in mind, it should be able to add 7457s to its existing boards, assuming it's planning to use the chip at all. Our instinct is that it will, in its consumer computers, if only to maintain clear water between the iMac and the Power Mac lines. Motorola is marketing the chip at the embedded market, but as we've seen, although the 7455 officially peaks at 1.067GHz, Motorola offers 1.25GHz and 1.4GHz parts too. The 7457's clock frequency range is 1-1.3GHz, but we'd bet that Motorola will offer desktop customers higher clocked versions. It's embedded G4s are given L and N codes to indicate "upper" and "lower" frequencies - and core voltages of 1.6V and 1.3V, respectively. The chips Apple uses are coded P, and feature even higher clock speeds and core voltages of 1.85V. These chips are aimed at desktops and aren't pitched at embedded-chip buyers presumably because their power dissipation characteristics are less desirable for that market. Whatever, it's hard to imagine that Motorola will not offer P-class 7457s to Apple and others. Extrapolating from Motorola's own figures, the 7457 should consume 30W as 1.4GHz and around 33W at 1.6GHz, based on a 1.6V core voltage. Running at 1.85V we'd estimate power dissipation will be much higher. Full pricing for the chip has yet to be revealed but Motorola has said the 1GHz part will cost around $189 in batches of 10,000. That's a lot less than the $475 that the 1.25GHz 7455 is currently available through distributors for. Apple probably won't be paying that much, thanks to volume discounts, not least because it needs two per Power Mac. IBM's PowerPC 970 has been rumoured to be being offered to Apple at around 25-35 per cent cheaper than competing Motorola parts. ® Related Stories Motorola adds dual-core G4 to PowerPC roadmap Motorola to boost 0.13_ PowerPCs with low-k dielectrics IBM preps 1GHz-plus PowerPC 750GX 'Gobi'
The Register's Wireless LAN Channel Sybase is to speed up the development of enterprise apps over Wi-Fi in a $25m push. The database firm is setting up some Wi-Fi competency centres, appointing the University of Waterloo as its first. And it is to spend some of the $25m on a global marketing campaign conducted through its resellers. Sybase is big on mobility: it claims 10,000 corporate customers for mobile and wireless information access technology supplied by its iAnyware Solutions subsidiary. And it owns the "world's biggest mobile content service", MyAvantgo with eight million registered users. The company notes the huge upswing in corporate interest in WiFi. There is "enormous pent-up reliable enterprise Wi-Fi applications that deliver measurable ROI". However, an "estimated 30 per cent of executives cite significant barriers to deployment of Wi-Fi including inconsistent connectivity, low network security, short device battery life, a lack of reliable 'unwired' applications and technology infrastructure that is not wireless-enabled. Sybase says its WiFi technology already addresses successfully the issues of connectivity, security and battery life. And it has brought Jack Gold, veep at analyst firm META to deliver the following quote: "Although enterprises see great potential in applying Wi-Fi technologies to their business, many are still confused about employing Wi-Fi, with security, application persistence, and ease of deployment/use as primary concerns. There are significant opportunities for vendors to take a leadership position by enabling one-stop, complete solutions, thus easing the way for enterprises to apply these technologies to their business." Is $25m enough? ® Related stories Road warriors, we're coming ATT ya Why enterprise WLANs need wireless gateways We'd love to go wireless but what about security? The Register's Wireless LAN Channel
The Register's Wireless LAN Channel WLAN chip maker Atheros today became the first to market with 802.11g product based on the final draft - version 8.2 - of the standard when it announced it has begun shipping its third-generation, AR5002 family of client and base-station Wi-Fi silicon. The AR5002 line provides dual-band 2.4GHz and 5GHz wireless networking based on 802.11b, g and a, through two-chip solutions (a MAC/baseband part plus a radio chip). The AR500X provides full-range dual-band networking, while the AR5002G supports the 2.4GHz band standards and the AR5002A targets the corporate 5GHz market with Wireless Multimedia Enhancements (WME) quality-of-service provision, a sub-set of the yet-to-be-ratified 802.11e spec. All three client chipsets support the Wi-Fi Protected Access (WPA) security scheme. WPA is a sub-set of the upcoming 802.11i standard. WPA essentially leaves out encryption schemes - Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES) - from 802.11i that will require hardware acceleration. The AR5002 family provides that acceleration, Atheros said. It's also built in Cisco Compatible Extensions (CCX) and Meetinghouse's Aegis authentication API for VPNs. Both are seen as essential for corporate customers. Atheros also said it has boosted the radio chips' range while lowering the chipsets' overall power consumption. And it has incorporated its Super G and Super A/G acceleration technologies that improve maximum network performance - 90Mbps of TCP/IP throughput, the company claims, for networks containing 802.11b nodes, and 108Mbps for a/g networks - between Atheros products that support the schemes. Super G and Super A/G use hardware data compression and data burst modes to achieve these higher throughputs. Atheros' AR5002 base-station chipsets are the AR5002AP-2X, AR5002AP-X, AR5002AP-G and AR5002AP-A. The first two provide dual-band support, with the 2X hosting concurrent networks, and the X simply capable of being configured to operate in one band or the other. The 2X also provides WPA plus TKIP and AES security. The G and A configurations are aimed at budget base-stations offering single-band connectivity. All AR5002AP MAC/baseband chips integrate wired Ethernet links to enable base-stations to be connected to fixed networks or Internet gateways. The chips also support Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC), techniques required for 5GHz products certified for use in the European Union - and soon the US too - but which are not part of the current 802.11a standard. DFS and TPC will become part of 802.11a under the 802.11ah extension. Atheros' AR5002 parts will begin shipping today, the company said. As yet, prices have not been published. ® Related stories 802.11b chipset prices could fall 75% this year Wi-Fi Alliance 'caught with pants down' says chip maker Proxim talks wireless TLAs and security upgrades US Robotics doubles up on 802.11g data rates Intersil triples 802.11g data rates IEEE preps 802.11n 320Mbps WLAN spec The Register's Wireless LAN Channel
The Register's Wireless LAN Channel The UK is now taking around half a million Wi-Fi devices a year, with most of them going into the residential market, says Linksys marketing director Mike Wagner. "The home market is driving wireless now, it's growing 70% year on year while the business market is flat," he says. "It will change when business starts spending again - they've been waiting for the 802.11g standard to be ratified. Schools too are a huge market, and they're also waiting for 11g." He warns that home Wi-Fi will hit the nascent Wi-Fi hotspot market, because most current pricing models are aimed solely at business users. Hotspot operators "still have to figure out roaming and a lower cost of daily usage - £5 a day is the right number," he says. Linksys is well known for its routers, which are designed to connect a home LAN to broadband. Wagner says that its shipments of wireless-capable routers exceeded wired-only routers last September. "It's now 2:1 and we expect it to reach 4:1," he says. He adds that home users are also leading the acceptance of high-speed Wi-Fi. Linksys introduced a number of G products which anticipated the 54Mbps 802.11g standard. Once the standard is fully ratified there will be firmware upgrades for these to 11g, but Wagner says that in the meantime, many home users have been happy to buy the non-standard versions. "The home market will pick up new technology as long as it has a compelling value, but business won't buy it because it's not ratified," he says. His comments came as Linksys launched a series of Wi-Fi multimedia products aimed squarely at home LANs. "The wireless market has moved over the last 12 months from data only to data plus content plus entertainment," he says. The new products include a £69 wired-to-wireless bridge for connecting PS2 and Xbox games consoles to Wi-Fi, a £129 Wi-Fi camera with its own built-in Webserver, and a digital media adapter for TV and hi-fi use. The media adapter uses 802.11b to stream audio from a PC to a hi-fi or still images to a TV. A forthcoming 11g version will support streaming video. Wagner says that Linksys has now taken over from Cisco as the top Wi-Fi vendor. He adds that Cisco's acquisition of Linksys will not change either company's market strategy, and will allow Linksys designers to better integrate their routers with the Cisco headend technology used by many ADSL and cable modem providers. ® Related stories Cisco looks for WLAN boost Trojan Horse warning, as Cisco 'gives away' extensions to WLAN Paris moots city-wide Wi-Fi The Register's Wireless LAN Channel
EDS is to look after desktop IT services for Barclays plc. The outsourcing deal, worth $350 million over seven years, is described as one "of the largest ever in UK retail banking sector". EDS says it will provide 41,700 desktop seats across the Barclays group and will enable its customer to lower operating costs. And that's it on the detail front. At time of writing the company has not revealed how many Barclays staff are transferring to EDS, or if it is paying Barclays any cash upfront for IT assets. ®
The UK continues to be a Local Loop Unbundling (LLU) laggard, according to the latest research from Oftel. While take-up of DSL services over unbundled local loops are starting to be provided to end users - particularly business users - take-up is currently low in the UK and Sweden. In Germany and the US, however, take-up is higher, accounting for around 6 per 100 incumbent DSL lines, says the telecoms regulator. The biggest change in the last six months has been in France where take-up of LLU has increased around 17 fold. Despite this massive jump, France still trails Germany and the US concerning LLU take-up. Elsewhere, Oftel reckons the UK has some of the lowest broadband prices in Europe for residential broadband. Oftel's latest international benchmarking research shows that residential broadband services are cheaper than in France, Germany and the US, with only Sweden offering a slightly cheaper service than the UK. Oftel reckons that the lower prices have led to an "increasing numbers of people signing up for broadband". Imagine that. ®
The first security patch that needs to be applied to Windows 2003 Server validates, rather than tarnishes, the design by default approach taken in developing Microsoft's flagship server OS. Microsoft took the highly unusual step of ringing around journalists this afternoon to put this positive spin on the announcement of a patch for Internet Explorer designed to fix two newly discovered security vulnerabilities. The cumulative patch also includes the functionality of all previously released patches for Internet Explorer 5.01, 5.5 and 6.0. Simon Conant, a Security Program Manager at Microsoft, explained that although the vulnerabilities covered by the patch are 'critical' for versions of IE running on machines running MS clients, such as XP, the problem is only 'moderate' for Internet Explorer on Windows Server 2003. The lesser risk for Win Server 2003 arises because, by default, Internet Explorer on Windows Server 2003 runs in Enhanced Security Configuration. This default configuration of Internet Explorer blocks attacks based on the vulnerabilities which on other systems might allow an attacker to execute code on a user's system. Despite this mitigating factor, Conant still encourages Windows Server 2003 users to apply Microsoft's patch because the "underlying issue is still there". Although this is an IE problem, it still gives risk to apply the first patches to Windows Server 2003 but Conant said the lesser impact of the vulnerabilities on that platform demonstrate that Microsoft's more security-conscious approach is paying off. Be that as is may, let's not forget that the flaws addressed by the patch are potentially devastating for the vast majority of Microsoft's installed base (who are running XP, Win 2000, 98, Me and NT). A security advisory for Microsoft explains the underlying cause of the problems. First up, there's a buffer overrun vulnerability that occurs because IE "does not properly determine an object type returned from a web server". In common with such buffer overflow exploits this creates a mechanism for attackers to inject hostile code onto vulnerable boxes by either tempting users to visit maliciously constructed Web sites or sending an HTML email that attempted to exploit the vulnerability. There's also a flaw that results because IE does not implement an appropriate block on a file download dialog box. Again this vulnerability creates a possible means for an attacker to run arbitrary code on a user's system. Credit for discovering the evil duo goes to eEye security. More details on the issue, and links to patches, can be found in Microsoft's advisory. Microsoft strongly recommends that you apply its "critical" (except for Win Server 2003) security patches. ® Related Stories Wakey, Wakey it's Patching Day. Again MS relieves patching 'pain point' IT managers trust Microsoft on security... Cost of securing Windows Server 2003? Nearly $200m Trustworthy Computing does Moon Walk (but not yet) Security 'impossible' for Win9x, buy XP now, says MS exec