11th > August > 2003 Archive

802.11bofh

Episode 16Episode 16 BOFH 2003: Episode 16 It's a dull week at Mission Control with no one adding a lot of value to the place, so the PFY and I give ourselves a quick challenge of writing the ultimate application for the new 802.11b cards that we've picked up for our personnel disorganisers. A few furry toothed days of programming later, the PFY and I meet to show off our respective efforts. "Check this out!" the PFY chirps happily, handing his PDA over. "Well, at least you're trying I suppose," I admit grudgingly. "Trying?!?" "Yeah, well, with the self-paging thing. But if you want to make an urgent departure from a meeting really believable you need something like the EEP I wrote for my PDA" "EEP?" "Emergency Exit Procedure. It's hooked into the Excuse Calendar and generates a message which is SMS'd to your mobile in less time that it takes to compromise IIS, and, should anyone ask questions, is vague enough to be believable as a real fault" "Hmmm.... It does look interesting," the PFY admits. "But not," I interrupt, "as good as the ECF program." "ECF?" "Emergency Calendar Filler. You know, like when you're somewhere near the Boss and he has a brainwave about how he could send you to some technical event in godforsaken backwater full of retards like Virginia or somewhere, and you just know that if you say you have something on he's bound to check your calendar before you can get back to the office and take it offline..." "Yes." "Well, with ECF, all that's taken care of. You say, 'Hang on while I check my calendar,' fire up ECF, select the length of unavailability you want (in months), then click on the maximum allowable free time (in hours), and the ECF will fill your calendar with copies of past appointments, random specialist appointments, religious observations, etc. that you couldn't possibly attend the event he has in mind." "You know that actually sounds like a bloody useful tool - but what about if you reversed it to make yourself more avai--" "You mean my ECD program - Emergency Calendar Deleter," I interrupt. "Select a date window click the GO button and your Calendar will have less content than a software support agreement." "You haven't really done that." "Sure. And from the drop down menu at the top you can also choose who's calendar you want to empty. Which reminds me, the Boss has booked you into that Health and Safety refresher course next week." "Ah, I don't think so, I've booked holidays next week!" "Not any more you haven't!" "BASTARD!" "In person, WAP'ed up and making your life a misery!" "OK, so those things are good, but what about my locator?" "Locator?" "Yes, it's software that tracks the Boss by his PDA. As his PDA moves about the place the software tracks his network card's progression through the building." "A little inaccurate, don't you think? Those 802.11 cards work through walls and floors?" "Not so bad in this building, but in any case, I also flipped the on-board Bluetooth on his PDA and installed a sprinkling of Bluetooth cards in strategic places round the building which make the location a lot more granular." "Sneaky. But how did you get access to put the Bluetooth cards in?" "Told them I was giving them more RAM. Worked like a charm." "Smooth. So where's the Boss now?" "Survey says... out of the building." "Really. And he hasn't switched his PDA off or forgotten to take it with him." "No, I've told him we'll keep him on the cutting edge of PDA releases..." "So he can show off his new kit to all his toy-loving mates." "Exactly, and to ensure he keeps it with him I told him it makes the ultimate secure repository for private, personal stuff that he doesn't want people accessing because no one can steal his stuff if he keeps his PDA with him." "Sounds like you've thought of everything," I admit with a touch of newfound respect. "What was the private, personal stuff then?" "Oh, a bit of cheap smut, a spreadsheet of his DVD collection, some email drafts to women, etc. - nothing interesting." "I have to admit it does sound like a good tool..." "But...?" "But, when compared to my last program, which I call Pandora, it still pales." "Pandora?" "Oh, yes!" "What does it do?" "Here," I show him proudly. "To the casual observer, a remote control application for infrared devices. In actuality a remote control for a large part of the building." "Really?" "Indeed. Here we have the touch screen controls for Fire Alarm Test, Halon Discharge, Security Alarm Test - both with and without building lockout, and/or individual door lockout, Lift Priority Recall and Remote Control, Escalator Emergency Start/Stop, Building Environment Control and master Building Lighting remote!" "No Building Power On/Off." "No, it's a chunky manual breaker in the basement, damn it all!" "That's fantastic, but what's the big button down the bottom?" "My favourite, orders a large Pizza with all the toppings to whatever room in the building you're in, supplying the credit card number of the person whose desk is nearest to the current location." "Bloody Fantastic!" "You like" "I certainly do!" the PFY gasps. "Excellent, because I pressed that button 14 times from your chair about ten minutes ago" "BASTARD!!!!!" ® BOFH: The whole shebang The Compleat BOFH Archives 95-99 Get BOFH Books here BOFH is copyright © 1995-2003, Simon Travaglia. Don't mess with his rights.
Simon Travaglia, 11 Aug 2003

Security spending to hit $13.5bn by 2006

Global revenues in enterprise security technology are predicted to reach $13.5 billion by 2006, up from $7.1 billion in 2002 last year. Intrusion protection, vulnerability assessment technology and security management tools are tipped to be key revenue generators in a new report by market watcher Datamonitor called Enterprise Security Product Markets. While North America will remain the largest market, predicted to reach $6.9 billion in 2006, Latin America, followed by Asia Pacific will be the fastest growing markets during the 2002-2006 period. Datamonitor expects security spending to increase by 25 per cent on average each a year in Latin America, and 23 per cent in Asia Pacific over its forecast period. Between 2002-2006, Datamonitor predicts the security market in Europe, the Middle East and Africa (EMEA) will be enjoy a compound annual growth rate of 18 per cent. Which is nice. However, not everything is rosy in the security garden. Datamonitor reports that security product vendors with more than one product line in their portfolio have often performed well in one market but have mostly failed to increase sales of their other products. The failure to achieve significant cross-sell opportunities has been a frustrating experience for vendors that have invested heavily in the 'one-stop shop' school of security product promotion. According to Datamonitor, positioning best-selling solutions within an overall security framework, will allow them to better leverage their best-of-breed products to greater effect and enable them to gain more revenues from areas where stronger growth is predicted in the future. AV and firewalls still raking it in Anti-virus and firewall products have seen strong growth, despite being the most mature product group in the security arena. Datamonitor attributes this to a number of recent high-profile virus outbreaks that made sure perimeter protection technologies stayed prominent in buyers' minds. One of the new protection models, 'layered security', will help ensure that these markets continue to grow. The layered security approach encourages enterprises to embed more technologies at each layer of the enterprise: at the perimeter, within the network, on servers, and on client devices such as PCs and PDAs. Datamonitor reckons this approach will boost sales in traditional security technologies as well as open up sales in complementary markets such as threat protection and content filtering. Meanwhile, the need to manage increasingly complex security systems and regulatory pressures are fuelling the growth of the security management tools market. The market for security management tools generated global revenues of $371 million in 2002. By 2006, Datamonitor predicts, this market will be worth $1.1 billion, growing by 30 per cent a year over the next four years. The intrusion protection and vulnerability assessment market generated revenues of $642 milllion in 2002. Datamonitor predicts this market will grow 20 per cent year on year to reach $1.3 billion by 2006. Ian Williams, Programme Manager for Datamonitor's Enterprise Security team, commented: "The more traditional security product markets such as firewall and anti-virus demonstrated some impressive growth in 2002 and although some vendors struggled in the face of stiff competition, the overall market increased by around 11-12 per cent from year-end 2001 to 2002. "While the market for other products such as intrusion protection and vulnerability assessment solutions will see stronger growth over the next few years than previously experienced, they will achieve greater success as part of a more complete security solutions package than by themselves," he added. ®
John Leyden, 11 Aug 2003

UMC to pay up to $130m for Infineon fab JV share

UMC will pay Infineon $100-130 million to buy the memory maker's 30 per cent stake in their Singapore-based 300m wafer fab joint venture. So says an unnamed UMC source, cited by Dow Jones. The payment follows Infineon's decision, announced last week, to quit the JV. At the same time, the company said it would be working with IBM and Chartered Silicon to develop 65nm and smaller chip fabrication processes. Having previously partnered with UMC on 90nm and under process development, the IBM/Chartered announcement effectively marked the end of Infineon's development work with UMC. Infineon's decision to pull out of the Singapore fab project marks the end of its plant construction work with UMC, too. UMC will gain Infineon's 30 per cent stake in the fab, adding to the majority interest it already holds. The only other major shareholder is Singapore's Economic Development Board, which owns 15 per cent of the plant. The JV was formed in 2001 and is expected to go into volume production next year. ® Related Story IBM to partner with Infineon on 65, 45nm tech
Tony Smith, 11 Aug 2003

Chip biz to see ‘lacklustre’ 2003 growth

Semiconductor industry watcher Semico has reiterated its prognosis that the global chip business will see on "lacklustre" growth this year. However, 2004 is set to become something of a boom time, as growing PC and cellphone sales lift demand for new chips, the researcher added. Semico bases its forecast in its Inflection Point Indicator (IPI), which models the state of the market and provides an indication of the industry's health six to nine months down the line, the company says. Back in April, Semico said its IPI had yielded a negative figure from December 2002 through February 2003. That, it said, suggested industry instability through 2003. On the back of its findings, Semico downgraded its 2003 growth forecast from a bullish 17 per cent to just 10.7 per cent. Two months later, in June, the Semiconductor Industry Association (SIA) downgraded its own 2003 growth forecast from over 19 per cent to 10.1 per cent. Now, Semico says its June IPI was the lowest positive reading since February, a further indication that growth this year will not be impressive, with a slower-than-expected upswing during the second half of the year. Any sudden upturn in demand will drive the chip industry upwards, but the effects won't really be felt until next year. Come 2004, and growth is likely to rise to 21-23 per cent above 2003, Semico says, driven by increased enterprise and consumer spending on computers and cellphones. The improvement will be short-lived alas, with the market dipping once again in 2005, as chip makers find the equipment installed on the back of the previous year's growing sales falls idle. ® Related Story Semico forecasts another gloomy year for chip biz
Tony Smith, 11 Aug 2003

IBM backs HyperTransport

IBM, National Semiconductor, Texas Instruments and EMC have joined the HyperTransport Technology Consortium, the organisation said today. IBM, at least, was keen to point out that that the move is not a rejection of Rapid IO, the other next-generation chip-to-chip bus the company has been backing. "HyperTransport is one of many I/O technologies that is rapidly becoming a standard chip-to-chip communications technology for high-performance processors and subsystems," said Lisa Su, director of PowerPC and emerging products at IBM Microelectronics, in a statement. "We are pleased to provide HyperTransport along with other leading I/O technologies to our customers requiring low latency and high bandwidth." Su's role suggests that IBM may be looking to extend its PowerPC processor family with HyperTransport. While IBM's 64-bit PowerPC 970 chip doesn't support HT, the chip's chief 970 customer, Apple, does use the next-generation bus to connect its IBM-manufactured North Bridge chip to its South Bridge part. HyperTransport is a serial, point-to-point bus designed to allow chips to exchange data at speeds of up to 12.8GBps. ®
Tony Smith, 11 Aug 2003

Confusion reigns ahead of 192 switch-off

BT - which corners around 70 per cent of the £300 million directory enquiries (DQ) market in the UK - is warning of consumer confusion arising from the 192 switch-off later this month. On 24 August, the plug will be pulled on DQ's old number, 192, and exclusively granted to a mob of operators, including BT, providing new services the new DQ prefix of 118. With just days left until the switch-off, BT is becoming increasingly concerned that a large percentage of customers are still think 192 is DQ's number. Paul Elliott, chief exec of BT Directories, said: "Our research shows around 70 per cent of people are still quoting 192 as the number to call for directory enquiries. "We expect most people to switch at the last possible moment and this is bound to lead to confusion and irritation, as callers will have to make at least three phone calls before they get the number they want," he said. Curiously, according to the latest research from Oftel, eight in ten people are aware that there are a range of new numbers for directory enquiries with three in ten people already using the new 118 numbers. These figures suggest that consumers will adapt quickly to the changes when the 192 service ends, said Oftel in a statement that is clearly at odds with BT's view. Anyhow, if you're confused then check out Oftel's guide to the new services on offer. ®
Tim Richardson, 11 Aug 2003

NSA proposes backdoor detection centre

Declaring hidden malware to be "a growing threat", the National Security Agency's cybersecurity chief is calling on the US Congress to fund a new National Software Assurance Center dedicated to developing advanced techniques for detecting backdoors and logic bombs in large software applications. In prepared testimony before the House Select Committee on Homeland Security's cybersecurity subcommittee last month, NSA information assurance director Daniel Wolf bemoaned an absence of tools capable of scouring program source code and executables for evidence of tampering. "Beyond the matter of simply eliminating coding errors, this capability must find malicious software routines that are designed to morph and burrow into critical applications in an attempt to hide," said Wolf. The proposed solution: a federally funded think-tank that would include representatives from academia, industry, government, national laboratories and "the national security community," said Wolf, "all working together and sharing techniques." While accidental security holes dominate the work-a-day security world, government spooks periodically fret over more exotic danger of corrupt software engineers, saboteurs and spies slipping malicious code into commercial software applications used in critical infrastructures and sensitive governmental functions. In 1999, then-FBI cybercop Michael Vatis warned that cyberterrorists posing as law-abiding programmers could be planting logic bombs in U.S. software while performing Y2K remediation - a theory that never panned out. More recently, U.S. programmers have raised similar security concerns over American companies outsourcing programming work to India, China and other countries. Untrustworthy Computing Cybersecurity thinkers express reserved support for Wolf's proposed national center. "It's not a bad idea," says John Pescatore, research director for Internet security at Gartner. "It would not take a lot of funding to do. I think the more complicated issue is what do they do with the information. Are they just providing it to the vendors of that software, do they make it public?" Peter Neumann, a computer scientist at SRI International, points out that researchers have been working on developing automated code analysis tools for decades. "There's a lot of progress in analyzing source code," says Neumann. "But remember that it's still a long way from actually determining that the code you're looking at is the code that's actually in the system at the time." Neumann says the emphasis on finding malicious code is odd, given the number of security bugs released with commercial software. "The bigger problem is that the software development process is broken, by and large, and systems are being released with literally hundred of flaws," he says. "So trying to find a Trojan horse in one of these systems is only a very small piece of the puzzle. But I think this is an interesting step in a very useful direction." Indeed, confirmed cases of source code being modified maliciously are few and far between. But Pescatore says the NSA may have some institutional insight into the threat that outsiders lack. "We know they look at lots of software products that other countries are using, to look for vulnerabilities that they can exploit," says Pescatore. "As an intelligence agency, that's part of their job." In his testimony, Wolf also said that untrustworthy hardware poses a similar threat. "Most microelectronics fabrication in the USA is rapidly moving offshore," said Wolf. "NSA is working on a Trusted Microelectronics Capability to ensure that state-of-the-art hardware devices will always be available for our most critical systems." ® Copyright © 2003,
Kevin Poulsen, 11 Aug 2003

Habeas cans spammer

Habeas, the company that fights spam with Japanese-style poetry, finally won a first lawsuit against a spammer. Rather than identifying which email is spam, Habeas helps users determine which email is not spam by including a haiku, a form of Japanese poetry, in the headers of outgoing email. This haiku is trademarked and copyrighted. Habeas says over 300 million e-mail addresses worldwide use the system. In April, the company, headed by lawyer and anti-spam activist Anne P Mitchell, filed two suits in the US District Court in California. One was against financial services marketing company Intermark Media and its affiliate Avalend, the other against Dale Heller. Habeas accused Heller of intentionally using the Habeas warrant mark (for which he even signed a licence) to promote a book called Secrets of the Big Dogs through affiliate network ClickBank. Habeas dropped its claim against ClickBank in April, after it had become clear that the company hadn't helped Heller to violate its trademark. Habeas also dropped its claims against InterMark Media and Avalend later that month. Instead, it went after William 'Billy' Carson, an Avalend affiliate marketer based in Florida, who, it claimed, distributed e-mails with the Habeas poem used to evade spam filters. That case is apparently still pending. Heller may not only not use the Habeas warrant mark, he isn't allowed to send unsolicited commercial or promotional messages of any type to anyone, anywhere either, even if the messages do not contain the Habeas mark, a judge ruled. "The system worked exactly as designed," Mitchell said in a statement. "We filed the lawsuit as soon as we received and verified the complaints, and Mr. Heller immediately stopped using our warrant mark, and it's safe to say that he will never use it again." ® Related Story Habeas sues haiku abusers
Jan Libbenga, 11 Aug 2003

MS takes mouse wheel into second dimension

Microsoft is planning to add 'tilt-wheel technology' (TWT) to its popular range of computer mice, the company has announced, in a move which is sure to have significant connotations for hardcore PC gamers. TWT adds another axis of scrolling to the ubiquitous mouse wheel, allowing users to move left and right by tilting the wheel with their finger, as well as up and down in the traditional manner. It won't be a four-way scroll wheel, but in many respects that's better for PC gamers. Microsoft's official announcement points out the potential business applications (quicker navigation of large spreadsheets and unwieldy web sites), but the tilt could also be put to good use by gamers. In first-person shooter titles, for example, there is always a need for faster inventory or weapon switching, and strafing or binding are other functions that might also benefit from TWT. Microsoft plans to launch three TWT-equipped mice on 3 September in the US: one corded and two cordless. They will also have a feature that allows users to toggle applications by pressing down on the wheel - a function that rodent rival Logitech introduced a year ago. However, Logitech senior product manager Lloyd Klarke isn't convinced of TWT's worth. "It is not to say that horizontal scrolling is good or bad, but the things that customers say they want to do with their mouse are the things we have already implemented," he said last week, going on to claim that emphasis on a scroll wheel's 'click' is far more important - and something that TWT won't be able to accomplish horizontally. We're guessing that Mr. Klarke doesn't play much Counter-Strike. ® Copyright © 2003, gamesindustry.biz
gamesindustry.biz, 11 Aug 2003

High Court bans alleged data protection profiteer

The High Court last week granted an interim injunction against Christopher Yewdall preventing him from profiting from allegedly misleadingly advertised data protection notification services. The interim injunction was granted on Thursday (7 August) as a temporary measure pending a judgement in a lawsuit brought against Yewdall by the Office of Fair Trading (OFT). It is alleged that Yewdall was involved with misleading advertisements relating to notification with the Information Commissioner under the Data Protection Act 1998. The names used in the advertisements included: Data Protection Agency, Data Protection Agency Registrations, Data Protection Agency Services, National Registrations, Data Protection Registration and Data Protection Registration Services. The OFT received thousands of complaints from businesses regarding to these adverts, which used return addresses all over the country. According to the OFT, these adverts are misleading "because they give the impression they are from an official body, that businesses receiving them are under a legal obligation to register with the sender and that notification costs £95". In fact, businesses who need to register under the Data Protection Act 1998 can do so with the Information Commissioner directly, for a fee of only £35. The offending adverts also fail to properly explain that some small business who process personal data for limited purposes are exempt from notification under the 1998 Act. The injunction prevents Yewdall from being involved in any way with certain types of advertising about data protection notification services. It also means he cannot accept payments in response to such advertising. According to the OFT, Yewdall "consented" to the interim injunction being granted until full trial without making any admissions about the OFT's case. In August 2002, Yewdall had given written assurances to the OFT that he would not be involved with such advertising again, a promise he has failed to keep, according to the OFT. Welcoming the interim injunction, Penny Boys, OFT Executive Director, said: "The OFT has received thousands of complaints about this sort of misleading advertising. "Businesses should contact the Information Commissioner if in any doubt about their obligations to notify under data protection legislation," she added. Details of whether or not you are required to notify under the Data Protection Act 1998 are available on the Information Commissioner's Web site at dpr.gov.uk or you may telephone its Notification helpline on 01625 545740. ® Related Stories Must do Better - EC data protection report Data Protection Register is Out of Date
John Leyden, 11 Aug 2003

Pre-pay plans to boost i-mode in Europe

Dutch telecom operator KPN Telecom finally introduced DoCoMo's i-mode to pre-pay users in the Netherlands last week in a move intended to boost its subscriber base. The same service will be offered through KPN's subsidiaries E-plus and BASE in Germany and Belgium later this year. So far, i-mode users had to subscribe to a complex mobile pricing plan. KPN charged a fixed monthly fee with additional charges per kilobyte of data transferred, while most people in Europe prefer to use pre-pay cards. By introducing pre-pay plans, KPN believes it can meet its goal of one million i-mode customers across the Netherlands, Germany and Belgium by year's end. KPN signed up 225,000 new customers in the Netherlands, Germany, and Belgium during the first quarter alone. So far, the spread of i-mode outside of Japan has been disappointing. DoCoMo's strategy of taking minority stakes in mobile operators - at a cost of ¥1.9 trillion ($15.96 billion) - foundered as the tech boom went bust, resulting in a huge write-off. In Germany i-mode stalled because of a lack of handset choices. In some European countries, however, i-mode is slowly gaining momentum as more operators adopt the data service. Bouygues Telecom in France signed up 200,000 subscribers who pay as much as €15 ($16.95) a month for data traffic. Spain's Telefónica Móviles launched i-mode on 25 June, albeit under a different banner. This fall, Wind, Italy's third-largest mobile phone group, will bring i-mode phones into Italian shops. Analysts believe 600,000 people are now using the service in Europe, and that number could more than double by 2004. However, market researcher IDC believes only ten per cent of mobile users in Europe will buy i-mode phones by 2007, compared with the 20 per cent who use it in Japan. The service is facing fierce competition from operators all over Europe. Vodafone Live attracted 1.5 million UK users since its debut last October. Although DoCoMo holds stakes in Hutchison 3G, a British i-mode service hasn't been announced yet. ®
Jan Libbenga, 11 Aug 2003

SAS gets tough with rivals

Despite the fact that SAS is by a long way the largest business intelligence vendor in the market, it has regularly faced claims from Business Objects and Cognos that these are the leading suppliers in the BI space, writes Phil Howard of Bloor Research. The reason for this is that Business Objects and Cognos have largely had the mid-market for BI to themselves, while SAS has focused on high-end, sophisticated stuff. Well, no more: SAS is taking off its gloves and plans to get down to some real bare knuckle stuff in order to take on its erstwhile rivals on their own patch. Actually, it's not just the BI vendors - SAS has its eye on just about every aspect of business intelligence, in its widest sense, including ETL, data profiling, data cleansing, data warehousing. You name it, SAS wants to get involved. As a point of fact, SAS has had pretty much all of these solutions for some time but they have disparate, disjointed and not fully fledged. With the release of SAS 9.1, which was first mooted earlier this summer and will become generally available towards the end of the year, it will have a much more complete and integrated platform at a technical level, which will from the basis of its higher level horizontal and vertical solutions. As far as the technical platform is concerned, this will consist of SAS ETLQ, which is the company's ETL and cleansing tool; SAS Intelligent Storage, its data warehousing solution; SAS Business Intelligence; and SAS Analytic Intelligence. However, while covering the products you can buy, this doesn't tell the whole story. Building a complete, integrated offering Let's start at the back end. Here, in SAS Intelligent Storage, you can store data in three ways: in SAS data sets, the SAS Scalable Performance Data Server or in SAS OLAP Server. While the first and third of these should be obvious, the second is a parallel, multi-threaded database in much the same way that DB2 or Oracle is. Except that it doesn't have any of the transactional paraphernalia that they do. On top of the storage product, SAS is introducing the SAS Metadata Server, which provides a consistent metadata layer that is leveraged by all relevant SAS products. This product (though it is not available separately) conforms to the CWM (Common Warehouse Metamodel) standard but SAS is also building a wide range of meta brokers to support non-CWM products. In terms of tools, the first is not actually ETLQ but is the data profiling and analysis capability provided by Dataflux, which is a wholly owned SAS subsidiary. The same company also develops data cleansing and quality control software, but this is embedded with ETLQ. This is pretty much unique in the way that it supports the extraction of data. While you can extract data in the normal way, you can also, if you have Base SAS installed, transform the data on the source system and then extract it. This should provide significant performance improvements during the extraction process. At the front-end, it is in SAS Business Intelligence that the company is introducing some significant new features. In particular, SAS wants to offer a BI environment that caters to as wide an audience as possible within the organisation. To this end the product will ship with five different user interfaces: SAS Web Report Studio, a J2EE thin client, for "information consumers"; SAS Add-in for Microsoft Office, for those familiar, particularly, with Microsoft Excel; SAS Report Studio, which provides desktop-based reporting and is aimed at power users; SAS Enterprise Guide, which is fully .NET enabled and is targeted at business analysts; and, finally, administrative interface for managing metadata, developing business intelligence applications, and managing the BI environment. In addition there is, of course, the SAS Portal, which spans its BI and analytic products for presentation purposes. The question is how successful SAS will be at competing directly with the likes of Business Objects and Informatica. This is by no means merely a technology issue and the jury is still out. However, what is clear is that SAS no longer intends to give its smaller competitors an easy ride. ® Copyright © 2003, IT Analysis.com
IT-Analysis, 11 Aug 2003

Rio reveals 20GB Ogg Vorbis network music player

Reg Kit WatchReg Kit Watch MP3 Players Rio has announced its first raft of MP3-based portable music players since it was acquired by consumer electronics company D&M Holdings in April following the collapse of Sonic Blue. Today, the company unveiled seven players under five brands, including its first hard disk/Flash combo unit, the Rio Nitrus. Said player is a 1.5GB machine that runs off a built-in Li-ion rechargeable battery. Connectivity is provided by a USB 2.0 link. An IDC rent-a-quote announces the devices a "pioneer in an important new MP3 player category", but we're not convinced - there seems little need to bring the Flash and HDD player markets together. The Nitro isn't capacious enough to challenge the iPod, iRiver's iHP-100 or Creative's Zen, or small enough to match the convenience of most modern Flash-based players. At $299 it's not particularly cheap, either - you can get a 10GB iPod for that. Of the latter category, Rio announced the Chiba, Fuse and Cali players, the latter essentially Rio Sport S30S with more memory - up to 128MB (which retails for $169)and 256MB ($99) from 64MB - and with an improved play time: 18 hours off a single AAA battery over the S30S' 15 hours. The Chiba and Fuse are new models, both offering the same play time as the Cali. The Chiba appears to have the same spec. as the Cali - it's available in $169 128MB and $199 256MB models, both with FM tuner, five-band equaliser and backlit LCD, as per the Cali. The Fuse is a 128MB device designed to plug straight into a USB port - music files can be dragged and dropped onto its icon. It too sports a backlit LCD and an adjustable equaliser. Fuse costs $129. The $399 Rio Karma is a 20GB HDD-based player. Its built-in Li-ion battery provides 15 hours of play time. Like the iPod, it ships with a docking cradle, which serves as the PC connection point and battery charger. Unlike the iPod, the Karma connects to its host via an Ethernet connection. Can it be networked? Rio doesn't say. However, the Karnas does offer Ogg Vorbis support. Users can create playlists on the fly, crossfade from one song to another, and adjust the output using a five-band equaliser. All seven models will go on sale in the US this month. Creative will begin shipping its tiny Nomad MuVo NX 128MB Flash MP3 player in the UK this month. The NX is the successor to the original MuVo, and adds a backlit LCD, a scroll wheel controller and an eight-hour voice recording facility, courtesy of a built-in microphone. Like Rio's Fuse (see above), the NX connects directly to a PC's USB 1.1 port, allowing MP3 and WMA files to be copied directly to the device. The NX contains 128MB of Flash memory. Creative claims 11 hours' of MP3 play time from a single alkaline AAA battery, less if you're playing back more decode-intensive WMA files. The MuVo NX will cost £119.99. ®
Tony Smith, 11 Aug 2003

Industry mulls £5-a-minute phone calls

Phone users in the UK could be paying up to £5 a minute for premium rate phone calls if new tariffs get the go-ahead from industry regulator ICSTIS. At the moment, tariffs for premium-rate services such as weather information and TV show voting are capped at £1.50 a minute, a charge introduced way back in 1994. Now ICSTIS is currently mulling over the idea of introducing additional tariffs of £2.50 and £5.00 per minute (with total call cost capped at £75) following pressure for reform from the premium rate industry. ICSTIS reckons the new higher tariffs would be used by professionals such as lawyers and accountants so that they could give paid-for advice over the phone. But the regulator has made it clear that entertainment services (including all types of live chat and competitions), counselling services, consumer credit services and children's services would be excluded from the new tariffs. Even so, ICSTIS is still concerned that these higher tariffs could lead to unexpectedly high bills for punters, which is why it is proposing a "cautious introduction to the market". Although it has proposed a string of restrictions, it still recognises that higher premium tariffs could lead to people being ripped off by unscrupulous operators. ICSTIS is currently consulting with the industry over the proposals. Deadline for submission is 1 September. ®
Tim Richardson, 11 Aug 2003

GPL goes to court

When I'm asked to describe the difference between the foreign country I live in (the US) and the country I was born and raised in (the UK), I usually first mention the parks. Parks are public spaces, but they're signposted very differently in each country. Here in California, a park (if you can find one) is in pristine condition. It's beautifully manicured, and very alluring. There's a sign that welcomes you in - and typically the sign has an ethnic mural depicting happy faces of all ages. It says 'Come and enjoy our Park'. In Britain, you'll get a sign leaning sideways with a fierce, proscriptive numbered list of things you Must Not Do in the park. No.4: No dogs; No.8: No ballgames; No.61: No dandling of babies over knees; No.142: no freebasing cocaine in the presence of minors. (That's one that progressive councils like to append). Now here's the funny thing. While this ancient signpost will have been peppered with slingshots, creative use of chewing gum and a marker pen to transform the suggestive numbers (eights and zeros) into representations of human genitalia, the British Park will actually be full of people having fun. Perhaps the kind of drunken, vulgar fun that would appall park-keepers and list-makers on either side of the Atlantic, but fun nevertheless. A well-used park certainly isn't a clean park. But the point is, now matter how well-intentioned or precise are the legal ties that instruct us, we create our own social contracts. Britain, like most European countries, has accrued hundreds of years' worth of arcane laws. The US has a beautiful Bill of Rights, a splendid constitution and a civilian army of its best and brightest to uphold these laws. And while it's a tough call to say who has most fun in each respective park, Europeans have learned that the law and its social instruments are best ignored. There's a strong and growing secessionist movement in the United States, and when I last met the great Robert Anton Wilson (just before Christmas) I asked him which constitutional system he'd choose for 'Pacifica', which is Bob's name for the new breakaway Union of California, Oregon and Hawaii. Well, he told me, "We've got one already. We could go back to the Constitution without any interpretation of what the Constitution says: free speech, and freedom of religion. Everything that has been destroyed in the last two hundred years that was intended by the original Constitution. We can start from that. "But in about two hundred years someone would have to secede from the California Republic, because it takes about two hundred years for any system to get corrupted and monopolised." Wittgenstein's Duck Or we can ignore it, as we've done in Europe. Laws accrue, like an inevitable sediment, and the only rational response is to become more way about the law-makers and more flexible about how we interpret them. In Europe, we don't actually take anything literally, not least the law, and we kind of make it up as we go along. Which bearing in mind the stresses involved, is one hell of ride. Britain maybe isn't the best example to pick, as the logician school of thinking is very much an Anglo-American creation. The continental metaphysicists have forged their own paths, but they need not concern us here. However, there is a fundamental philosophical difference to how we approach 'the law': in Britain. If we don't like laws, we break them. Sometimes we break them en masse: but if you think about it, we're all very good at doing this. In the United States, if we don't like laws, we hire some lawyers to engage in an epic Talmudic battle of the intellects, with each side waving around such documents as "the Constituion" as if they were a sacred parchment, or Turin Shroud, until a victor is crowned. So rooted is this faith in the law, that constructive civil disobedience - such as having fun in the park - isn't yet embedded in the US culture. Which brings us to the most important social contract that the logician US culture has ever allowed to be tolerated: the GPL, or General Public Licence. This is a quasi-legal document, but it's great strength is the social obligations it bestows on its participants. The greatest strength of the GPL is that it's a social contract, one that makes the most powerful, who can buy the legal system, think twice before going to law. And that's pretty powerful. But with IBM's counter suit against SCO explicitly defending its rights in terms of the GPL, it looks like The One Thing we Didn't Want To Happen will happen. We'll have a random judge poking holes in the GPL, on some perfectly defensible grounds that bear little relevance to the social obligations these imply. As if he's supposed to know the difference. Sure, a wise judge may yet toss the SCO case right out of court, but a dam will already have been breached. The GPL is a far more powerful social contract than it can be a legal contract, and the rancorous Supreme Court pronouncement on the 2000 Presidential election ought to remind everyone that the US' legal system is at best a lottery, and at worst, deeply swayed by human vices. The 2000 election caused a deep psychic scar in the US that few here can yet confront. The 'King' - and the Supreme Court was constructed as the apex of this secular alternative - was supposed to deliver a verdict of great magnanimity. But he's dead now. We're a news site, and this has been a long-winded way of saying sorry, but you can read the details of IBM's countersuit against SCO here, thanks to sterling work from LWN. The GPL will be contested in court for the first time. It's almost redundant to point out that resisting the setbacks that might result from a ruling involve civil disobedience on quite a wide scale - every sysadmin will fiind himself a potential criminal, and this is a horrifying concept for such a young nation as the United States. But maybe the US can catch a clue from the rest of us, and conclude that not only is the law an ass, but that selective civil disobedience is a walk in the park. We do it every day. ®
Andrew Orlowski, 11 Aug 2003

Vodafone snaps up Singlepoint

Vodafone has announced it will buy Singlepoint, the mobile services provider, for £405 million ($649.62 million) in cash. Singlepoint is a subsidiary of the Caudwell Group and it provides billing and customer care services to more than 1.3 million mobile phone subscribers, most of whom are consumers rather than business customers. The company buys 'space' on mobile networks in bulk and sells it on to customers. Up to 90 per cent of Singlepoint customers are said to be on the Vodafone network. After the buyout, Vodafone will have full control of the Singlepoint customers on its network, without paying Singlepoint's 25 per cent commission. O2 has about 150,000 customers through Singlepoint, and analysts say that Vodafone is likely to try to convert these subscribers to its network. Singlepoint will boost Vodafone's consumer rather than corporate customer base. Though its corporate base seems to have been taken care of with the firm's £155 million acquisition last week of Project Telecom, adding in the region of 200,000 customers to its fold. Vodafone chief executive Arun Sarin is continuing the approach of predecessor Christopher Gent, which was characterised by takeovers and acquisitions. Gent retired last month after six-and-a-half years in the job. In March, Gent saw through the buying of Cellular Operations for an undisclosed amount. The deal gave Vodafone direct access to 380,000 customers, and saw it inherit 90,000 O2 customers. In June Vodafone closed down the Cellular Operations business, cutting 480 jobs in the process. Last week the mobile phone giant announced it was cutting another 96 job, with the closure of a customer services centre in the English Midlands. Some analysts have said that Singlepoint is also likely to be closed by Vodafone after it is fully integrated into the group. Other industry watchers are speculating about negotiations between Vodafone and the Caudwell Group with regard to Vodafone's access to Caudwell's Phones4U, one of the leading mobile phone retailers in the UK. ® Copyright © 2003, ENN
ElectricNews.net, 11 Aug 2003

Wired not wireless to dominate home LAN market

The home network market may be set to triple in size this year, driven by increased interest in wireless networking, but only a fraction of European households will have installed a LAN - wired or wireless - by the end of the year, market watcher IDC warned today. Come 1 January 2004, and a mere 2.2 per cent of Western Europe's homes will have a wireless network in place. That's well up on the 0.7 per cent who had one in place last year. Even so, by 2007, fewer than ten per cent of households will have a network, IDC reckons. It's clearly an early adopter market. Many of those will be WLANs. By 2006, says IDC, over half of the continent's home networks will be based on wireless technologies. "Wi-Fi emerged as a de facto standard for home networking in 2002," said Jason Armitage, a senior research analyst with IDC's European Consumer Devices and Technologies group. You'll note that IDC describes wireless as 'a' de facto standard, not 'the' de facto standard. IDC expects a very high proportion of home networks to be based on wires, primarily Ethernet cabling. Given the relative ease of installing wireless - and the low cost of wireless systems - that's surprising. The fact is, Armitage told The Register, since almost all home LANs are installed by earlier adopters - folk willing to get to grips with the technology - they are, by default, being installed by people who have no problem stringing cheap cat-5 cables around the place, particularly if they're just networking a couple of PCs in one area. Such users also appreciate the security and performance benefits cable offers over wireless, he says. Armitage accepts that there will be rather a lot of 802.11 client devices out there, but he reckons many will remain unused. Why? They're simply too complicated for consumers to set up. We can see his point. Physically connecting a wireless gateway device to an Ethernet-based broadband modem isn't so hard, but it's trickier with PC-hosted USB-based broadband adaptors. Then again, since we're talking about techie owners, we're talking about people who, by and large, like that kind of system wrangling and can sort out wireless' security issues. And given the shift toward notebook computing, more home LAN users are going to want the mobility that wireless brings, whether their notebooks come with 802.11 bundled or not. IDC counts two types of network: PC-to-PC, and those linking up consumer electronics kit. The former dominate the arena: of the 3,461,000 home networks in place in Western Europe by the end of the year, only 383,000 of the total (11 per cent) contain some sort of CE device. All these networks are used predominantly to share Internet connections, typically broadband links. Most of the networked CE systems will be games consoles, IDC said. Such applications will driver broader acceptance of home LANs, particularly as multiple service providers - devices, network access, content, etc. - partner to provide integrated packages, says Armitage. Such unified business models will make it far easier for non-techies to adopt wireless technology because they're predicated only tightly integrated offerings. Last year, only 1,167,000 European households had a network of some form, so there will have been a near threefold increase in the number of home LAN installations this year. Come 2007, and the number of homes networks will have increased to over 14.7 million households, 9.1 per cent of the total European homes. ®
Tony Smith, 11 Aug 2003

500,000 kids to get mobile phones

Half a million kids in the UK under the age of ten will have a mobile phone by the end of next year, according to research published by market intelligence outfit mobileYouth. Today, one in nine (400,000) children aged between five and nine has a mobile phone. In 2000, the number was less than 80,000. The increase in mobile phone usage by young children is not limited to the UK. Indeed, mobileYouth found that this latest trend in the UK is merely mimicking what's happened in other countries such as Japan and those in Scandinavia. However, the research has sparked a lively debate about the merits of giving young kids mobile phones. Concerned parents claim it gives both children and parents security to know that help, if needed, is just a phone call away. Critics insist that a five-year-old simply shouldn't be given a mobile especially in light of fears that young children could be potentially damaging their health by using them. Or making them a target of crime. Said report author Josh Dhaliwal: "Whilst mobileYouth in no way advocates the advertising, marketing and sale of mobile phones to children per se, there is a growing trend for parents to overlook any potential hazards with their own concerns for the security of their children and a mobile phone allows them to be remain within reach." ®
Tim Richardson, 11 Aug 2003

EU regulations to control web cookies

European laws due to come into force by the end of October will shake up the way businesses are allowed to use cookies on their Web sites. The UK government has just finished its consultation period but already questions are being raised over the extent to which companies will comply with the new rules. Under the privacy-related regulations companies will be obliged to tell surfers about the use of cookies and how they can delete or control them. Shelagh Gaskill, a partner with international law firm Masons, explains: "The new law requires that a Web site operator clearly indicates to visitors that the site uses cookies or other tracking technologies and gives users the opportunity to reject them." Cookies are small text files used by most commercial web sites. The files are sent from a web server to a web site user's computer and are stored on the user's hard drive, so that when the user visits the site again, the site will remember the user. The DTI recently completed a public consultation on its draft Privacy and Electronic Communications (EC Directive) Regulations 2003. The Regulations, which are chiefly about spam but also cover the use of cookies, are to implement a European Directive in the UK before 31 October 2003. Results of the consultation are expected later this month. Cyberspace laws - more honoured in the breach But patchy compliance with existing e-commerce laws, highlighted by a survey published last week, raises serious concerns about whether UK businesses will adhere to forthcoming regulations. Most UK e-commerce sites do not comply with at least one basic legal requirement, according to a survey by on-line legal documents provider Clickdocs. The company found that 95 per cent of the sites it looked at fail to provide a 'reasonable' level of customer service, 63 per cent breached distance selling rules and 72 per cent fail data protection requirements. Clickdocs investigated a random selection of web sites from 20 different market segments, all selling on-line to UK consumers. A site's ability to offer secure on-line methods of payment is crucial for its potential customers. While 93 per cent of sites surveyed are secure, the remainder are not, raising serious concerns about the possible risk of credit card fraud with those sites. The researchers state that 63 per cent of sites are failing to comply with the Distance Selling Regulations. In most cases this means customers not being told how long it will take for items to be delivered, not being given details of how to cancel an order or sites charging unreasonable penalties for returns. It is a mandatory requirement of any business that collects personal data about customers to be compliant with the Data Protection Act. This extends to e-commerce sites. But while 68 per cent of sites claim to be compliant, only 18 per cent are actually registered, say the researchers. Several sites were found to be simply copying and pasting standard text from other sources. In at least two cases, registration numbers are quoted that do not exist. Consumers who use sites not fulfilling Data Protection requirements are at risk from unauthorised sharing of personal details. The Data Protection Act also requires that customers be informed of what happens to any data collected. Only 51 per cent of sites were found to have any privacy statement. And another thing The Clickdocs research also highlighted that even the simplest identification requirements are lacking: 55 per cent of companies fail provide the name of the limited company or of the proprietor; 16 per cent give nothing but a Web site name; 12 per cent neglect to include a fixed line telephone number and ten per cent omit a dedicated e-mail address or rely on a response form for all communication. Clickdocs also claims that 41 per cent of sites have "unsatisfactory" terms and conditions. Jon Aslin, Director of Clickdocs, said: "Web site design and programming has improved enormously in the last few years. Our research highlights just how much effort has gone into ensuring sites look good and are easy to navigate (92 per cent are regarded as satisfactory in their overall appearance and ease of use). "It is therefore surprising, and indeed disappointing, that the small amount of time and investment that is required to address the basic commercial and legal basics has not been spent to make UK e-commerce sites a positive experience for customers." ® Related Links The Government's consultation paper on the new law can be found here (PDF file) Advice to businesses on dealing with cookies, by Masons Related Stories Web Bugs - Here Are the Rules Privacy: US, full marks, Europe, null points - study EU preps phase two of war on spam UK.gov seeks input on anti-spam law Spammers break law with covert tracking Undetectable 'son of cookie' system wins grant Spam out, cookies tolerated, data retention remains: EU
John Leyden, 11 Aug 2003

Church group asks FCC to vet MCI

One-time WorldCom scourge, the United Church of Christ (UCC) has officially asked the US Federal Communications Commission (FCC) to block the transfer of the collapsed telecoms giant's operating licences to its new incarnation, MCI. The UCC also wants the FCC to force a hearing on whether or not MCI is "fit" to be a FCC licensee. It's also seeking a guarantee that the FCC will only transfer the WorldCom licenses and authorisations to a company "with clean hands and with sufficient character qualifications". The UCC is a Protestant organisation representing 1.4 million churchgoers in the US. It's been on WorldCom's case since last autumn deciding that an example should be made of WorldCom, perpetrator of the world's biggest fraud, in a bid to encourage other companies - particularly those in the information business - to adopt more ethical ways of doing business. The UCC has been campaigning for the imposition of severe penalties on WorldCom management. What concerns the UCC is that MCI may simply be the old-style WorldCom operating under a new name. Indeed, the UCC pointed to recent allegations that just as WorldCom may have been involved in manipulating FCC-regulated access charges, so too may MCI have been. If the allegations are correct, both companies may have cheated competitors out of up to $1 billion, the UCC claims. Last year, the UCC informally asked the FCC to block the transfer of WorldCom's long distance, Internet and other service licences, but the FCC rejected the request. The most recent filing with the FCC, made this past Friday, appears to make the same request, but this time on a formal footing. Essentially, the UCC is keen that the FCC tackle WorldCom according to the Commission's established powers and not simply rely on the findings of other governmental agencies, which cover WorldCom, but not MCI. Last April, the Rev. Robert Chase, communications director of the UCC, said regarding WorldCom: "Stewardship of the nation's Internet and telecommunication infrastructure and facilities is an important public trust. Companies granted the privilege of running these facilities bear enormous responsibility to assure that the rapidly developing world of communication services are operated in the public interest." The UCC now wants the FCC to ensure that MCI is up to that task. ® Related Stories Big church group urges states to punish WorldCom Judge waves through WorldCom $750m settlement
Tony Smith, 11 Aug 2003

Nominet in paperless revolution

Nominet UK - the national Registry for all domain names ending .uk - is to cease issuing paper certificates for domain owners. Instead, all .uk domain names registered or renewed from August will be sent a letter (OK, so paper hasn't been given the chop completely) with a Web address and unique security code. By accessing the Web site and typing in both the .uk domain name and the security code, punters will be able to check and update their details for that domain name registration. Nominet said the move was intended to make it easier for people to manage their domains. For Nominet, the move is expected to streamline its own processes. Said Nominet's Eleanor Bradley: "Many registrants forget to let us know of personnel or address changes once they have registered the domain name, which can lead to difficulties if we need to contact them about it. The online access to their .uk domain name records will make it easier for them to keep us both informed." ®
Tim Richardson, 11 Aug 2003

Man charged in Acxiom cracking case

A 24-year-old man appeared in court last Friday charged with cracking the systems of one of the world's largest consumer database companies. Daniel J Baas, from Milford, Ohio, is alleged to have illegally accessed and copied information stored at consumer database giant Acxiom last December while working for its partner, Cincinnati-based data-mining firm Market Intelligence Group. Following his 1 August arrest, Baas has also been charged with "unauthorised use of property" in breaking into Market Intelligence's systems in August 2002. Additional charges are pending, the Cincinnati Post reports. Baas is being held in custody. He is due to face a grand jury indictment on 18 August. Market Intelligence fired Baas in June, the Cincinnati Enquirer reports. Anatomy of a hack In a statement, Arkansas-based Acxiom admitted that its systems had been comprised through an insecure FTP server. "Not all Acxiom clients nor all clients using this FTP server were affected, and only a small portion of all the information Acxiom processes for our clients was accessed. No breach of Acxiom's corporate security firewall occurred," the statement said. "The files that were accessed contained a wide variety of client information, some of which was personally identifiable and some of which was not. Most of the data was non-sensitive, and some of the data was encrypted." Worryingly, Acxiom only learnt of the unauthorised access when it was contacted by Ohio law enforcement officers involved in Baas' arrest earlier this month. Acxiom states the incident is the first the company has faced. It is full of apologies. However, its statement only goes part way to reassuring the numerous individuals whose data it held that their information is safe. Acxiom's statement that "law enforcement officials have provided us with no indication that any individuals have been harmed by this unlawful intrusion" is positive but inconclusive. Acxiom clients include 14 of the 15 biggest credit card companies, seven of the top ten auto manufacturers and five of the top six retail banks. The company also analyses consumer databases for multinationals such as Microsoft, IBM, AT&T and General Electric. ®
John Leyden, 11 Aug 2003