10th > September > 2003 Archive
The RIAA took quick steps to blunt a public relations atrocity by agreeing to settle out of court with a 12-year-old girl accused of trading copyrighted songs. It took all of twenty-four hours for young Biggie Brianna to be hit with a lawsuit and then pay up for her alleged crimes. The youngster's mother has agreed to shell out $2,000 to get the RIAA (Recording Industry Association of America) off her family's back. This marks the first settlement to come as a result of the 261 lawsuits the RIAA filed this week. Earlier in the day, Brianna complained of stomach pains and emotional suffering as a result of the RIAA's actions. After signing the soothing settlement, however, she expressed regret at having harmed the precious artists. It's okay, Brianna, don't worry. Fox manufactures new artists every few months. The new ones won't know that you committed the naughty act of trying to listen to their music. The pigopolists no doubt prepared a contingency plan should any toddlers, pre-teens or bedridden seniors get caught in their web of lawsuits. Alarm bells must have sounded in the swine cave when word of Biggie Brianna got out. A number of news outlets rushed to tell the story of the honors student gone wrong. Brianna thought the $29.99 fee her mother paid for the Kazaa music trading service entitled her to download songs at will. Nothing like a lawsuit seeking $150,000 per song to correct that misconception. This is what some refer to as a growing pain. This settlement has taught us a few valuable lessons about the RIAA's methodology. Apparently, young teens hit the copyright infringement scale at the $2,000 mark. College students, by contrast, must cough up between $12,000 and $17,000 for their violations, as we saw earlier this year. So any parents out there with children under 12 can expect their precious tots' crimes to cost around $1,000. That's comforting. It's also clear that the RIAA has no leniency for the less well off in society. Brianna happened to live in a New York Housing Authority apartment, which provides safe, affordable housing to low- and moderate-income families. The music label executives are struggling to pay the rent on their penthouse apartments because of file-trading, so why cut the lower class some slack? We all have needs. The RIAA's actions, however, aren't going unnoticed by the government. During a Senate Judiciary Hearing Tuesday, the RIAA president Cary Sherman faced some tough questions. "Are you headed to junior high schools to round up the usual suspects?" Sen. Dick Durbin asked, according to the AP. "Yes, there are going to be some kids caught in this, but you'd be surprised at how many adults are engaged in this activity," Sherman said. Don't let your emotions get the best of you, Cary. Come on, stay tough. The RIAA is sure to have some PR gaffes as their legal crusade goes along. But a few miscues are certainly worth it when we are all being taught such a valuable lesson. ® Related Stories The RIAA sees the face of evil, and it's a 12-year-old girl RIAA sues 261 evil-doers
Fresh off a an impressive quarter for both its server and storage divisions, IBM is wasting no time upgrading kit in preparation for the rest of the year. First up, IBM has started selling its second Itanium 2-based server - the x382. The server has arrived a month late, but that's no surprise. IBM is a less than enthusiastic supporter of Intel's 64bit chip. Nonetheless, the two processor box is now available with 1.4GHz Itanium 2 processors, up to 16GB of memory and three PCI-X slots. Along with the high-end kit, IBM is upgrading the low end of its 32bit server line. It has started shipping the x305 server with 3.06GHz Pentium 4 chips. The chip has a 533MHz front-side bus and 133MHz DDR memory - max 4GB. The x305 is a 1U server that can hold up to 240GB of IDE storage or 146GB of SCIS storage. IBM has also started shipping the x205 tower server with the 3.06GHz chips. IBM's server team posted stellar results in the second quarter. IBM reclaimed its spot as the top server seller worldwide, according to IDC, and boosted sales 10.12 percent. It gained in both Intel and RISC sales. IBM's storage business also faired well in the second quarter. It drew closer to overall leader HP as revenue rose 10.2 percent. The server and storage groups were clearly able to help each other out during the period. To help bolster its storage business, IBM has rolled out the TotalStorage Enterprise Tape Drive 3592. The drive has a 300GB capacity and can transfer data at 40MB per second. ®
The results of a study released this week confirms what the world's BOFHs and sysadmins have known for ages: that users are a dangerous menace who should not be allowed near anything more advanced than a fridge. A staggering one in seven technologically challenged employees needs help even switching their computers on and off, according to research commissioned by City & Guilds. The UK vocational awarding body's study of 405 random UK financial directors revealed that, despite the fact that PCs have been around for over thirty years, getting to grips with the devices is totally beyond many British office workers. A fifth were found to struggle to save a document, more than one in five need assistance printing, while a quarter cannot understand a spreadsheet. City & Guilds pointed out that, apart from greatly reducing productivity, this lack of IT proficiency is causing IT support cost to sky-rocket as beleaguered BOFHs struggle to distribute some clue to their gormless users. British companies, according to the study, are forced to fork out an average of £49,000 per year for additional IT support to bolster this skills shortfall. Despite three quarters of businesses having in-house IT staff, a fifth admitted they cannot handle all technical problems internally with a third reliant on external support or helpdesks, and more than a quarter employing IT contractors. Additionally the poll indicated that the nation's businesses are losing an average 312 employee hours as a result of technical incompetence. According to City & Guilds, a lamentable lack of even basic IT training is one of the main problems. One in five firms responding to the study admitted employees have only basic IT skills and over one in ten said their workers have no IT qualifications at all. The problem is apparently compounded by the fact that more than one in 10 employers state that IT skills are non-essential when hiring recruits. ® Fab O'Really t-shirt at CashnCarrion Distributing Clue to Users
The fight to control the application development environment is far from over, according to the latest research from QNB Intelligence. The analyst firm interviewed 415 senior decision makers and influencers across Europe, and found that 75 per cent had adopted J2EE while 58 per cent had chosen Microsoft’s .NET for their enterprise application development, or custom development, projects. Many organisations (41 per cent) saw dual-platform as the route forward. Those with a single-platform strategy tend to plumb for J2EE (31 per cent), compared to .NET, (23 per cent). Microsoft, which sponsored the study, may not be overly-concerned. Most companies deploy a modern platform to improve the application development cycle – thinking they’ll see productivity, management and control benefits from these ‘new’ environments. It doesn't always pan out this way. Companies which opted for a single platform were asked what effect its technologies had on the control and management of the development life-cycle. In the case of the J2EE users the more respondents (32 per cent) said that it was getting worse – 18 per cent said it was getting better. The situation was revers with .NET users with 44 per cent found the management of the development life-cycle improving – 13 per cent said it was getting worse. ® Bootnote And now for a plug QNB Intelligence supplies the technology for Register Reader Studies, our survey panel. We are seeking recruits. Find out more here. ®
The Japan news daily Nihon Keizai Shimbun last week revealed that China, Japan, and Korea are planning to jointly develop a new open-source operating system aimed at replacing Microsoft's Windows, something that the Linux community has been trying to do for years. Given that most of the major Japanese firms feel enslaved in their PC efforts by Windows and that the Japanese electronics firms have virtually pledged their future to some form of embedded Linux, it is likely that the outcome will be Linux derived. Specifics of the deal will be hammered in private by the end of 2003 after initial discussions began back in March when an inaugural meeting was attended by more than 100 software engineers from the three countries. Perhaps significantly the Far Eastern Bloc can do what no anti-trust suit has so far managed and re-introduce innovation at the PC level, where constant bundling activities by Microsoft have held it at bay. Japanese electronics firms such as Matsushita, Sony and Toshiba are used to establishing standards that leave a level playing field, and lets them build their own product differentiation at a higher level. The operating systems, once built will eventually expand into the Asia Pacific. China has the power one day, as an emerging economy, to double the size of the PC marketplace, and if it were to tamely endorsed Windows it would have doubled Microsoft's size. If it can use this market power to introduce a new system, it could potentially destabilize the Microsoft operating system outside, as well as inside, the Far East, although it is likely to take time, perhaps as long as 8 to 10 years to affect the West. In the meantime China, Korea and Japan will almost certainly have to weather various US government and GATT sanctions if they see through this threat. This move is typical behavior for a major economic power that has been left behind. China surprised the wireless industry three years ago by picking an alternative Mobile phone standard for third-generation phones, TDS-CDMA. Now that it has taken the global pole position in terms of both making televisions and buying televisions, it wants to come out with its own digital TV formats and video standards for DVD players and video-game platforms. Another place where, according to a piece in this week's Wall Street Journal, China is set to make a move, is in its acceptance of MPEG video compression. China doesn't see why it has to pay royalties on a standard that was built before China could contribute to the process. The Journal pointed out that Chinese DVD-player makers pay between $3.50 and $5 a machine to the Japanese and European firms that own video patents, for access to the MPEG technology that compresses the DVDs. A Beijing group has put forward the Audio Video Coding Standard (AVS) which should be completed by the end of 2003, with products shortly afterwards. The Beijing-based Audio-Video Coding Standard, or AVS, group aims to publish a standard by the end of the year that will compete with MPEG 4, engineers in China began working on it a year ago after realizing that the new MPEG 4 H.264 encoding would also be created without their help and looks likely to stay as the compression standard for the next decade. Given noises made by Japanese manufacturers of phones last year over the usage based royalty scheme suggested for MPEG, where they said that they may not use it, the Chinese codec is likely to find a willing market in Japan as well. Faultline Opinion We think that the Windows alternative is highly feasible. No-one in the history of the planet has established a permanent monopoly with something that it relatively easy to build. China probably only needs to put 500 to 1000 people on a project of that type for two years or so, and it has the political weight to mandate its use internally. However, outside of China, in Japan for instance, such an effort will meet stiff resistance from habit users and from simple economic forces. All the effort needs to be around a single initiative for it to be successful and the Open Source model is focused on Linux. Where would all the applications come from for this new format? Codecs are two a penny though and are often built by teams of three or four mathematicians. It is likely that there will be more codec experience in the West where MEPG 4 has many competitors, including Microsoft. Copyright © 2003, Rethink Research Faultline is published weekly by Rethink Research and is edited by Peter White.
Sony lifted its skirt an inch this week to reveal the beginnings of a game plan on music, which is could potentially copy on film too, with its US head of Sony's entertainment operations telling journalists that Sony would launch its own online music services. Dubbed Net Music Download, the key messages were that it will launch in Japan first, then US and Europe next spring, and that Sony will tightly integrate the music with its electronics devices and Sony- Ericsson phones. Sony is currently negotiating the music licenses it needs for the service, but shouldn't find them hard to come by since every music company, from Vivendi's Universal Music group, to EMI, Bertelsmann, Time Warner and Sony itself, is in need of rejuvenated revenues and is hoping that someone can take the success that Apple has had with its smaller online Mac community, and duplicate it globally. Apple's iTunes has led the way in re-pricing music, placing a 99 cents charge on a downloaded track in the face of piracy that has undermined all previous attempts to bring the industry back to life. Since Apple has launched, BuyMusic.com has used the same pricing model and successfully got a service off the ground in the US. Microsoft has worried more about supplying its Media Player to other services, letting partners run the services it offers. But all of the existing services need a PC to download music, with the only other online music systems relying on the mobile phone. Sony has the power to launch a single service which has live portable players, such as phones and its Clie handheld, alongside its Playstation games platform ranges, and its digital home electronics media players. Stringer was speaking in Paris and claimed that piracy had cost the music industry some $7bn in the past two years. He added that US film studios had lost $3bn-$4bn and risk losing bigger and bigger amounts. Last year, the head of the Sony Music Group, was ousted after steep losses in that division. He was succeeded by Andrew Lack coming out of the television business, with insiders suggesting he was put forward by Stringer. Stringer himself has been elevated to vice president of the Sony Corporation. Since the move, Sony cut 1,000 jobs as part of a wide-ranging overhaul and has managed to bring the division back into profit. Stringer also hinted that a foolproof, self contained digital rights management system would be built into the service. This week Vivendi responded to piracy at its Universal Music Group, the world's largest music company, by announcing price cuts for compact discs Stringer also pointed out that broadband would allow piracy to do the same to the movie industry if film studios did not react, and it is reasonable to assume that once Sony has streamlined its music delivery platform, tightly tied into its electronic music players, it will try to do the same with its film delivery and digital televisions and digital theater systems. In an echo of Sony's announcement, German newspapers report that the ISP subsidiary of Deutsche Telekom, T-Online, also has plans for its own online music download site. The German press reports that the service will begin with 30,000 tracks and that Bertelsmann, EMI Group, Sony and Warner Music are supplying the music. Copyright © 2003, Rethink Research Faultline is published weekly by Rethink Research and is edited by Peter White.
Dixons has reported better than expected trading figures for the summer. Although like-for-like sales in the UK were flat, some analysts had expected a drop in revenues. International like-for-like sales for the UK's biggest electrical goods retailer grew 3 per cent. Group retail sales for the 18 weeks to 6 September advanced 19 per cent compared to the same period last year and grew 1 per cent on a like-for-like basis. Gross margins were also up slightly. For the first time, the figures include the performance of UniEuro, the Italian electrical retailer Dixons acquired last year. In a statement chairman, Sir John Collins said: "While it is too early to extrapolate these trends for the balance of the year, the Group is well placed for a year of progress." Part of Dixons performance could be attributed to the fact that it shifted more than 30,000 fans in just three days in August as the UK sweltered in the summer heatwave. By mid morning shares in Dixons were up 6.5p (4.74 per cent) at 143.5p. ®
SACRAMENTO, Calif.--A federal judge ordered Adrian Lamo released to his parents Tuesday afternoon, but barred the hacker from using computers, and ordered him to obtain full-time employment pending trial. Federal magistrate judge Gregory Hollows ordered Lamo released on a $250,000 bond, part of it secured by his parent's house, in accordance with a negotiated surrender deal reached between the federal public defender's office and New York prosecutors Monday. The high bail was necessary, said Assistant U.S. Attorney Camil Skipper, because of the hacker's nomadic reputation. "He has led a transient lifestyle, he has been known as the 'homeless hacker,'" Skipper told the court. Under the terms of his release, Lamo's future wanderings will be confined to the northeastern half of California, and southern New York state, unless he gets prior approval of the court to travel elsewhere. He was ordered to fly to New York City at the government's expense and turn himself in to FBI agents Thursday morning. There, he faces a two-count federal complaint charging him with illegally accessing the New York Times internal network last year. One count charges Lamo with computer intrusion; a second with unauthorized posession of "access devices." Federal deputy public defender Mary French said Monday the access devices refer to passwords for the Lexis-Nexis database service allegedly obtained from the Times network. In custody since his surrender Tuesday morning, Lamo appeared in court in his street clothes, with his hands cuffed at his waist, and listened quietly as Hollows read him his rights. Lamo's mother, Mary Lamo, sat at the back of the courtroom. Computer Ban Following the recommendation of a federal pretrial services officer who interviewed the hacker in custody, Hollows ordered Lamo to obtain full-time employment or enroll in college pending trial. The ban on computer use was the judge's idea. "This whole business of computer hacking, viruses and so forth is getting very wearisome," said Hollows, explaining his thinking from the bench. In recent weeks the Blaster computer worm and the latest variant of the SoBig virus have wreaked havoc on Windows machines throughout the Internet. But virus-writing has little to do with Adrian Lamo. The hacker has become famous for publicly exposing gaping security holes at large corporations, then volunteering to help the companies fix the vulnerabilities he exploited -- sometimes visiting their offices or signing non-disclosure agreements in the process. Until now, his cooperation and transparency have kept him from being prosecuted. In an interview the eve of his surrender, Lamo said he had no regrets. "My views may change as this goes on, but I still think this has somehow all been worthwhile," said the hacker in a telephone interview. "There's no action that I've ever taken that I'm not willing to accept the consequences for." Lamo appeared at the federal courthouse here at around 9:30 a.m. Pacific time, trailing camera crews from cable network TechTV, and TriggerStreet, Kevin Spacey's production company, which is filming a documentary on hackers. The TriggerStreet crew has been with Lamo since late Thursday, when the hacker learned that the FBI was searching for him. The 22-year-old was without the backpack that he usually carries, containing a change of clothes and the laptop computer with which he's hacked some of America's largest corporations. "What backpack?," he quipped. "I lost it. It fell off a bridge." Lamo's supporters have erected a website at FreeLamo.com to support Lamo "and his fight for freedom." Federal prosecutors in the Southern District of New York did not return phone calls on the case. Lamo's bail conditions could be changed when he appears in New York. Copyright © 2003, Related story SecurityFocus: Who is Adrian Lamo?
Getting affordable broadband to areas currently regarded as commercially unviable continues to be a "challenge", according to eminister Stephen Timms. But he's convinced that aggregating public sector demand will provide a big enough incentive for private sector companies to invest in bringing broadband to areas currently without high-speed Net access. He described the £1 billion of public sector funding - announced last year by prime minister Tony Blair to be used to hook up schools and GP surgeries, for example, to broadband - as a "big lever which we can use". "By aggregating the procurement of this public sector demand we can influence the investment decisions of the suppliers and make sure that that investment makes broadband more widely available," Mr Timms told attendees at the World Broadband Forum in London yesterday. "Substantial, assured long term demand from a gilt-edged customer - central and local Government - lowers the risk to investors and changes the business model for broadband fundamentally in rural areas. "It means that there will be sufficient demand to justify investments from the service providers in many more places than would be the case if each department proceeded on its own," he said. In July the Government announced the creation of nine Regional Aggregation Bodies (RABs) charge with aggregating public sector demand for broadband. Due to start work by November, the RABs - set up in partnership with Regional Development Authorities (RDAs) - will be responsible for buying broadband services for public sector organisations while cutting costs for the public sector. ® Related Stories Govt BB aggregation plans take step forward Edubroadband, edubroadband, edubroadband
3Com is to outsource manufacturing operations, a move which will see 1,000 staff lose their jobs Approximately 640 people will be made redundant with the closure of 3Com's Dublin, Ireland manufacturing facility, by the end of February 2004. Over the next six months, 3Com will hand over manufacturing for its enterprise networking products to Flextronics and Jabil. Flextronics will also take on 3Com's global distribution. 3Com today also said it has established a Taiwan Design Centre (TDC) which will be responsible for the continued design and manufacture of low-end, standardized volume products. The headcount will include staffers from Taiwanese OEMs as well as 3Com employees. Bruce Claflin, 3Com CEO said the cuts will make 3Com more competitive and enable it to focus resources on product development. "We will focus 3Com's internal engineering on high value-add innovation such as VoIP, ASICs, XRN(TM) architecture and security, while leveraging partners around the world to complement our internal resources." From a high-water mark of around 10,000 workers three years ago, 3Com has repeatedly reduced its headcount, in response decline in IT spending which has hit the data networking segment with particular force. In May this year, around 3,400 people worked for 3Com. So the company's latest round of job cuts will reduce this figure by almost a third. ®
Rapid Group has bought the assets of rival Apple dealership Logic for an undisclosed sum. The company is taking on all of the Bournemouth-based reseller's engineering and sale staff, customer lists and name. Rapid CEO Garret Doyle told MacWorld that Logic had been unable to weather the Apple product drought of the summer. Rapid was "lucky" as it has a more diverse product base, he said. ®
Two British men were charged on Monday with conspiring to take over computers using malicious code. Jordan Bradley, 20, of Bates Avenue, Darlington, and Andrew Harvey, 22, of Scardale Way, Durham, are believed by the National High Tech Crime Unit (NHTCU) to be members of an underground cracking group called the "Thr34t-Krew" who launched the TK Worm (AKA Troj/TKBot-A) sometime before February this year. The Trojan horse code attempts to exploit a vulnerability involving Microsoft's IIS Web Server software to break into vulnerable sites and give up their control to crackers. Microsoft released a patch for this vulnerability in October 2000 (see advisory here). The TK worm allowed infected computers to be controlled over an IRC channel. A variety of actions, from scanning other computers for vulnerabilities to starting DDoS attacks on other computers and Web sites, could be initiated from infected hosts. The worm caused disruption and damage to computer systems in the UK and elsewhere estimated at £5.5 million, according to statements by investigators made earlier this year. Detectives at the National High Tech Crime Unit first quizzed the pair in February, following police raids in the UK and US aimed at dismantling the Thr34t-Krew. Bradley and Harvey were subsequently released on bail pending further inquiries, which ultimately led to charges against the duo this week. They are charged with conspiring together and with others between January 1 2002 and February 6 2003 to "effect unauthorised modifications to the contents of computers with the intent to impair the operation of those computers, contrary to Section 1 of the Criminal Law Act 1977," according to a brief NHTCU statement of the case. Bradley and Harvey are due to appear at Consett Magistrates Court on 18 September. ® Related Stories US and UK arrests in computer worm probe UK police release TK worm suspects NY Times hacker surrenders, is released FBI arrests Blaster suspect Parson not dumbest virus writer ever, shock! Feds sexed up case - Blaster suspect Welsh virus writer loses appeal
Camera phones are beginning to revitalise the European cellphone market, bringing consumers back into shops to buy new handsets. So says market watcher Canalys, which today reported that shipments of camera phones jumped 166 per cent during the second quarter over the same period last year. Just under 3.9 million camera phones shipped in Europe during Q2, up from just over 1.4 million in Q2 2002. Doubly impressive, this growth, when it comes at a time when the European handset market overall remains "stagnant", according to Canalys. The camera phone market is also a genuinely mixed bag, with high-end handsets selling as well as low-end models. But Canalys warned that the latter represent a greater threat than they might have in the past, as network operators push cheaper phones in order to minimise subsidies and encourage the use of pricey multimedia messaging services. No-name vendors are also happier for networks to re-brand their handsets. Not that Nokia and co. appear to have much to worry about just yet. Nokia took a healthy 42.6 per cent of the European camera phone market during Q2, followed by Sony Ericsson on 22.1 per cent and Samsung on 10.5 per cent. Sharp (9.7 per cent) and Panasonic (7.4 per cent) complete the top five vendors list - all the rest account for just 7.7 per cent of the market, some 295,520 units. Among the latter is Motorola, which has failed to hop onto the camera phone bandwagon as quickly as its Japanese and European rivals. The company launched its first cameraphone, the E365, last month. The E365 integrates the digicam into the body of the phone; previous Motorola handsets have simply offered cameras as plug-on optional extras. It's clear that European punters, at least, want their cameras built in. ® Related Story Over 500m handsets to ship next year
HP and Vertias have rushed to Microsoft's side to show their support the version 3.0 of the Windows Storage Server. Microsoft is delivering the NAS (Network Attached Storage) OS right on time. The company said earlier that it expected vendors to start shipping kit with the software in September, and sure enough they are. HP and Veritas picked the Storage Decisions conference being held here in Chicago to tout their new goods. HP is talking up the HP StorageWorks NAS 2000s. This system starts at $8,295, including the NAS head, two OS drives and four 146GB data drives. Users can add up to 24TB of external storage onto the kit. The system will actually start shipping in a couple of weeks, as part of a bigger storage launch. HP is expected to roll out what it calls SAN/NAS fusion systems. HP has been one of Microsoft's most vocal partners in the storage market. Microsoft was a relatively late entrant into the NAS market with its SAK (Server Appliance Kit) OS - now rebranded as the Windows Storage Server. In just a couple of years, Microsoft has managed to take 41 percent of the NAS segment. However, the same old Microsoft story holds true. The gains in NAS are almost all for low end kit. Unix-based systems from the likes of Network Appliance remain a preferred choice for high-end tasks. Microsoft has long faced a similar battle in the server world. It comes out with a new OS, says it will own the data center but fails to do so. HP is trying to help the folks in Redmond correct this in storage. Along these lines, HP is saying that is larger disk arrays now support the Windows Storage Server 2003 Volume Shadow Copy Services tool. This makes it easier for customers to take snapshot copies of data straight from the NAS system. For its part, Veritas has said that is Storage Replicator product will now work with Microsoft's new OS. The Replicator software makes it possible to back-up data from remote Windows systems to a central site. ®
A new US-based study on Wi-Fi shows that it is more widely used in the home than in the workplace, but analysts say businesses will catch on. The survey of 2,500 people showed that 34 per cent of respondents used a wireless LAN (Local Area Network) at home compared to 27 per cent who used it at work. The sample for the study came from IDC's Mobile Advisory Council of which there are 12,000 members comprising consumers, business users and buyers of mobile devices; 84 per cent of the council is based in the US. "I don't think you could say that that [trend] is happening in Europe," said Sandra O'Boyle, senior analyst with telecoms consultancy Current Analysis, indicating that Europe is nowhere near as ready as the US for Wi-Fi, "but that conclusion makes sense." O'Boyle said with a number of family members wanting to avail of a broadband connections from anywhere in the house, demand for access to WLANs from the home was understandable. IDC said the results of its survey confirm its assertion that business use of Wi-Fi is falling behind home use. The research company has attributed the current economic climate to the low priority wireless LANs are given in corporate IT budgets. At the same time, IDC maintains that cheaper equipment costs has driven WLAN use in homes. "The rise of affordable wireless-enabled computing devices, coupled with low-cost wireless home networking solutions and increasing hotspot availability, is driving the use of wireless beyond the office, and especially at home," said IDC's Randy Giusto, vice president of personal technologies and services. While home users appear to have the edge on businesses, Wi-Fi in the long-term is anyone's game, according to IDC. But the company does predict that increased dependency on electronic communication and the desire to maximise productivity will drive up demand for WLAN among business users. O'Boyle also believes there will be a change in the rate of Wi-Fi demand in the business sector. "There will probably be a shift, and if there is more security for wireless LANs, IT companies will avail of it," she said. Another key finding of the study was that top hotspot locations among mobile users are in key travel locations and coffee shops. Universities represent the highest degree of daily use and laptops remain the device platform of choice. In Europe use of available Wi-Fi hotspots has been small. "People are not aware, billing roaming doesn't work that well at the moment, not everybody has a wireless enabled laptop and not everybody needs it," O'Boyle said, describing the European Wi-Fi scene. © ENN
Demand for high speed Net access in Japan and China is on the up accounting for almost half of all new DSL lines in the first six months of the year. In all, 10.7 million DSL lines were added in the six months to June 30, a growth rate of 30 per cent, with Japan and China accounting for 4.5 million new subscribers between them. According to researchers at Point Topic there were 46.7 million DSL lines in the world as of June 30. Japan added more than 2.6 million subscribers, while China notched up more than 1.8 million lines. The US is still increasing its demand for DSL, accounting for 1.1 million lines in H1, compared to 800,000 lines in H1 2002. While these countries experienced strong growth, top broadband nation, Korea, is showing signs of reaching saturation. Researchers found that the take-up of DSL lines grew by only 5.8 per cent in H1. Oh, and the UK managed to get a mention too. DSL growth topped 94 per cent in the first six months for the year - second only to Israel, which registered growth of almost 120 per cent. ®
The computer technician at the centre of Britain's biggest ever credit card fraud was yesterday jailed for nine years. Sunil Mahtani, 26, a former IT worker at Checkline plc, the firm that processed Heathrow Express's credit card transaction, pleaded guilty last week to downloading almost 9,000 credit card numbers from Checkline's systems. He sold this information on to a gang of crooks who obtained goods worth £2 million over three years using cloned cards that matched the data Mahtani supplied. The scam was only rumbled in September 2001, following an undercover police operation. Mahtani's lawyers told Middlesex Guildhall Crown Court that he turned to crime in order to impress his merchant banker girlfriend, Elizabeth Ryan, who earned much more than her non-resident Indian national boyfriend. Mahtani was jailed for seven years for his part in the scam by Judge Simon Smith. The judge sentenced Mahtani to a further two-years imprisonment for child pornography offences. Two other members of the credit card cloning gang, Shahajan Miah and Shaidal Rahim, who pleaded guilty to one count of conspiracy last week, were each jailed for four years yesterday. The courts are yet to deal with eight other people charged in the case. ® Related Story Police smash UK's biggest credit card fraud ring 'Open and helpful community' - of credit card thieves
Cisco yesterday unveiled technology that boosts its Fibre Channel-based storage-area-network (SAN)-extension services over Synchronous Optical Network/Synchronous Digital Hierarchy (SONET/SDH) wide area networks. The networking firm's SL-Series interface for its Cisco ONS 15454 Multiservice Provisioning Platform (MSPP) steps up port density by providing four gigabit-interface-converter (GBIC)-based ports, each capable of 1- and 2-Gbps Fibre Channel at wire speed, giving a total of 40 Fibre Channel interfaces. The SL-Series will ship commercially by the end of this year. The company said that the latest device, which boosts the capacity of the currently available ML-Series interface, will complete its SAN extension portfolio by allowing a Cisco ONS 15454-based service network to provide Storage Area Network-extension services using native Fibre Channel, Gigabit Ethernet, or Fibre Channel over Internet Protocol (FCIP). Cisco's full range of SAN-extension offerings include native Fibre Channel, FCIP, and Small Computer System Interface over IP (iSCSI) technologies on the firm's MDS storage switches, DWDM-based SAN services over its ONS 15530 and ONS 15540, FCIP-based interfaces on the Cisco 7200 and 7400 series routers and multiservice transport over the Cisco ONS 15454. The latest SAN-extension services share the same Cisco management tools used to create time-division multiplexing (TDM) and Ethernet services. According to Dave Dunphy, a principal analyst at Current Analysis, the SL-series "adds flexibility" to Cisco's Multiservice over SONET/SDH offering, due to its ability to supporting both the 15454's installed base and new builds. The networking company added that its SL-Series interface is currently being certified across major SAN original storage manufacturer applications. ®
Orange is to re-brand Handspring's next-generation smartphone, the Treo 600, as the Orange Treo 600, The Register has learned. The launch of the device is imminent - possibly as early as next week. Orange and Handspring announced last April that they were partnering to develop "future smartphones". In June, Orange reiterated that it was planning to offer a smartphone based on the Palm OS, to provide its customers with a choice of operating system. Right now, consumers and business users can buy Microsoft PocketPC-based smartphones, the Orange SPV family, from the network operator and the Sony Ericsson P800, though that's not an Orange-branded device. Orange's relationship with Handspring goes back more than 18 months to when the network's Swiss operation agreed to offer Handspring's early Treo 180 smartphones. So did O2, then known as Celnet, but later dropped the Treo in favour of its own-brand XDA PocketPC device. Today, no UK network offers a Treo, though it can be bought unsubsidised. The arrival of the Treo 600 will see Handspring's product rolled out across the Orange network. To date, neither company has admitted they are partnering on the 600, though it's always been likely that they would given the April statement of intent. A couple of months back, after the 600's launch, Handspring co-founder Jeff Hawkins was said to have been seen with an Orange-branded 600. The 144MHz Texas Instruments OMAP 310-based Treo 600 runs Palm OS 5.2.1 and features a 160 x 160 16-bit colour display, integrated 640 x 480 digicam and QWERTY micro-keyboard. The handset also sports a five-way navigation control. The handset contains 32MB of RAM, which can be added to using the handset's SD card slot - though we have seen specs. listing just 16MB of RAM, so Orange may be offering a lower-specced version of the device. The GSM version to be used by Orange is thinner than the CDMA version which Sprint will offer this autumn in the US. A rechargeable Lithium Ion battery offers for up to six hours' talk time about two weeks PDA use. The Treo 600 will be the last device to be shipped by Handspring as an independent company. It will soon become part of PalmOne, what's left of Palm after the OS division, PalmSource, is finally spun off. ®
Lack of understanding rather than lack of service availability is the biggest factor inhibiting broadband take-up among small and medium-sized firms in the UK. A whopping 80 per cent of small companies that can get broadband in their area have no plans to upgrade from dial-up Internet access during the next 12 months, a recent study has reported. The poll, conducted by Intellect, a British IT, telecoms and electronics suppliers' trade association, found that the main reason quoted by the broadband refuseniks is "lack of business case". However, the UK same research, which found that less than a third of SMEs currently have cable or xDSL, observed that this apparent apathy over broadband is "a surprising response" since the feedback from SMEs which have broadband is extremely positive. "Nine out of ten SMEs with broadband say they are highly likely to recommend the technology to other business. Moreover, they say that broadband is easy to install and to integrate into their existing systems, scotching negative perceptions about complexity being a barrier to take-up," Intellect's report stated. "They say overwhelmingly that they cannot imagine how they managed before it was available, that getting broadband is a no-brainer and that if they lost broadband tomorrow it would be like turning out the lights." According to Intellect, the conflicting opinions suggest that a divide is opening up - not between firms that can get broadband and those that can't - but between companies that understand the potential benefits of the technology and those that don't. The suppliers' group attributes this failure to understand the benefits of broadband to the fact that organisations usually to apply cost-benefit analyses to their existing processes, they don't think about using broadband to change these. Since SMEs are reporting many benefits from broadband that they had not originally envisaged, these don't get factored in. "When first asked, SMEs overwhelmingly report that the major benefit of broadband is speed but they often hardly notice the implications of this faster speed: how it is changing their processes. A number of interviewees said at first that broadband had not changed their ways of working - until they were asked to recall how they had operated before," the study stated. "Once they had a chance to think about it, they said that broadband had had a transformational effect - it was just that they had grown accustomed to it so quickly that they didn't think about it any more." ®
The prolific Sobig-F virus stopped spreading today, marking the end of arguably the worst single email-borne viral epidemic to date. Managed services firm MessageLabs blocked the virus a staggering 16.5 million times during its month-long spread. At the height of the epidemic, one in 17 emails the firm scanned were viral (other companies say the situation was even worse). Sobig-F, first detected on 18 August, is the sixth variant issued in the Sobig series and appears to be the most sophisticated to date, according to MessageLabs. Like earlier versions of the virus it was programmed to stop spreading on a set date: for Sobig-F this date was September 10. Although Sobig-F isn't spreading any more, infected machines still need to be identified and decontaminated. Sobig-F outstripped the infamous LoveBug, Klez and Kournikova viruses in prevalence but its overall impact is arguably less than that of Internet worm like Slammer and Blaster. In scanning for fresh victims, Blaster generated copious quantities of traffic that had a measurable effect on Internet performance, according to Net performance monitoring firm, which says Sobig-F had a much lesser effect on the Net. That's small comfort for the numerous users with prominent Net addresses, like us at The Reg, who were carpet bombed by the worm, whose email spoofing tactics created mass confusion. The effects of the worm raised questions about the effectiveness of traditional AV scanner software. There's concern that it's only a matter of time before a similarly effective email nastie is next released. Mirror, mirror on the wall: what's the worst virus of them all? According to a study from security firm TruSecure released earlier this month, the past four years have seen a rise in virus worm infections of 11 per cent per year. The company broke down this analysis to review on the impact of eight of the biggest viruses over the last four years, giving an indication of the relative severity of each. Data obtained from the study was obtained from surveys on NT BugTraq, responses from vendors participating in ICSA Labs certification programme, emails passing through TruSecure's Shadowmail messaging service, group monitoring of firewalls and IDS systems and monitoring of the hacker underground by TruSecure. The figures are accurate within an uncertainty of 20 per cent, according to TruSecure. Sobig.F - August 2003 The biggest and most virulent worm over the last four years. It infected one in 15 messages during the peak of the outbreak last month. Sobig-F infected 200 million email messages across the Internet during its first week of activity, causing $1 billion in corporate impact through loss of productivity, according to TruSecure. The company estimates Sobig impacted 30 per cent of smaller organisations and 15 per cent of large organisations, chiefly because of the message storm the worm generated. Of these only one in 20 were actually infected. Blaster - August 2003 One in three (34 per cent) of organisations were infected, 15 per cent of which suffered a moderate or major impact, according to TruSecure. Blaster exploited the DCOM vulnerability - inside infections were very common in large organisations, which led to a significant impact. Slammer - January 2003 Infected 10 per cent of smaller organisations and 48 per cent of larger companies, according to TruSecure. Slammer exploited a MS SQL Server vulnerability and spread over VPNs, laptops and direct attacks. Perimeter filtering, desktop configuration upgrades and testing eventually succeeded in halting the outbreak. Klez-H - throughout 2002 Largest infection in 2002. Slow but steady producer of infectious email. TruSecure estimates it infected 12 per cent of corporations via mail, infecting up to 100 million emails in total. Nimda - September 2001 Nimda, according to TruSecure, infected 68 per cent of corporations, half (48 per cent) of which suffered a major infection. The number of remote users and sites heavily influenced the level of infection. Perimeter filtering, desktop configuration upgrades and testing eventually succeeded in containing the virus. Code Red - July 2001 According to TruSecure, 38 per cent of corporations suffered a moderate or major infection because of Code Red. The level of infection was highest among businesses with remote users and remote sites. Love Letter (Love Bug) - May 2000 Infected one in twelve messages and in excess of 100 million total infected messages in the first week. Caused significantly more harm in large organisations than Sobig, infecting nearly 50 per cent of corporations, causing an average of $155,000 of damages to each, and a total cost of $2 billion, according to TruSecure. ® Related stories Why Sobig is bad for privacy and AV vendors AV bigwigs weigh in on Sobig debate The trouble with anti-virus Blaster rewrites Windows worm rules US warns nuke plants of worm threat Sobig second wave attack fails to strike Sobig-F is fastest growing virus ever - official Why spammers lurve the 'Microsoft support' worm (Sobig-A) Virus writers outpace traditional AV AV vendors sell 'blunt razor blades'
Microsoft today issued an amended antidote to the Windows vulnerability infamously exploited by the Blaster worm. Today's fix for flaws with Microsoft's implementation of Remote Procedure Calls (RPC) within its Distributed Component Object Model (DCOM) framework supersede a patch Redmond issued in July. It also replaces a fix (MS01-48) involving a DoS risk MS issued two years ago. The July patch is effective at stopping the flaw Blaster exploits. The trouble is there are more than one flaw with Microsoft's implementation of an RPC interface for Distributed Component Object Model services (DCOM). This gives rise to security vulnerabilities not fixed by the first patch. According to Microsoft's revised bulletin, it turns out there are "three identified vulnerabilities" in the RPCSS Service that deal with DCOM activation - two that could allow arbitrary code execution and one that could result in a denial of service. "An attacker who successfully exploited these vulnerabilities could be able to run code with local system privileges on an affected system, or could cause the RPCSS Service to fail. The attacker could then be able to take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges," Microsoft warns. The issue affects the underlying RPCSS Service used for DCOM activation, which listens on UDP ports 135, 137, 138, 445 and TCP ports 135, 139, 445, 593. Additionally, it can listen on ports 80 and 443 if COM Internet Services (CIS) or RPC over HTTP is enabled. This complicates procedures for mitigating against the threat - we now have to worry about a far wider range of ports beyond port 135 used by Blaster to spread. Workarounds involving turning off services and blocking ports on the firewall could be attempted but the risk of affecting legitimate services is that much greater. No surprise then that Microsoft describes its latest fix as 'critical'. As before the flaws Microsoft has identified affect Windows NT 4, NT 4 Terminal Edition, Win 2000, XP and Win 2003. Once again only Windows 98 and Me users are left off the hook. Microsoft recommends that system administrators "should apply the security patch immediately", unusually forceful advice from the software giant. But given the possibility of Blaster-type worms arising from the flaws MS has identified it's a recommendation well worth heeding. The advisory, which provides links to patches and details workarounds, can be found here. ® Related Stories Blaster worm spreading rapidly Blaster rewrites Windows worm rules Windows Update still standing despite Blaster Blaster variant offers 'fix' for pox-ridden PCs FBI arrests Blaster suspect Feds sexed up case - Blaster suspect Panel probes the half-life of bugs
The RIAA's vendetta against file sharing is entering a new phase, applying the taint of child pornography to foul the waters. Not content to sue twelve-year-old children, the music industry is now marshaling its flacks on Capitol Hill to stigmatize P2P technology as a vehicle of kiddie porn. The Senate Judiciary Committee held hearings earlier this week to expose the problem. Our children are encountering the most appalling images of child rape when they search for music files, a number of witnesses claimed. General Accounting Office (GAO) Information Management Issues Director Linda Koontz had done some hands-on research. "In one search, using 12 keywords known to be associated with child pornography on the Internet, GAO identified 1,286 titles and file names, determining that 543 (about 42 per cent) were associated with child pornography images. Of the remaining, 34 per cent were classified as adult pornography and 24 per cent as nonpornographic," she said. Of course it's unlikely that children would accidentally search for music using keywords known to be associated with KP, but Koontz was prepared for that objection and brought along some research using more innocent keyword searches. Here the torrent of KP by which our children are being swept away seemed to slow to a trickle. "Searches on innocuous keywords likely to be used by juveniles (such as names of cartoon characters or celebrities) produced a high proportion of pornographic images: in our searches, the retrieved images included adult pornography (34 per cent), cartoon pornography (14 per cent), child erotica (seven per cent), and child pornography (one per cent), Koontz admitted. Suffolk County District Attorney Thomas Spota has had some experience prosecuting pedos who've used P2P services. He implied that the KP available on KaZaA and other services is actually worse than that found elsewhere. "The images of child pornography available on peer-to-peer networks are some of the worst seen by law enforcement to date. Included in the images seized by police in the cases being prosecuted by my office, are still photographs of very young children engaged in sexual acts with other children and adults and video clips lasting several minutes of children being subjected to unspeakable acts of sexual violence," Spota claimed. How this is worse than the same vile material found elsewhere on the Internet in vastly greater quantities was not explained. Later, National Center for Missing and Exploited Children Chairman Robbie Calloway asserted that there is a direct connection between the availability of KP images and the likelihood that children will be assaulted in the real world. A pedo "can convince himself that his behavior is normal, and eventually he will need more and increasingly explicit child pornography to satisfy his cravings. When mere visual stimulation no longer satisfies him, he will often progress to sexually molesting live children," he explained. Next, Sharman Networks Executive Veep Alan Morris did his best to counter the demonization of KaZaA as a tool for dangerous perverts by pointing out that there are far safer ways to trade KP. "Pedophiles quickly realized, when P2P first appeared, that it was a foolhardy way to pursue their warped ends. To make their collections publicly available on P2P is counter to their cloak of secrecy. Law enforcement agencies quickly picked them off and so they retreated back to their sordid encrypted sites, newsgroups and the like," Morris said. When it came time for Recording Industry Ass. of America (RIAA) President Cary Sherman to speak, he spent the bulk of his time whining about a "drastic decline in record sales" brought about by "the astronomical rate of music piracy on the Internet." After mentioning kiddie porn briefly in passing, he then launched an attack against telecomms behemoth Verizon, which has not been quite as cooperative with the RIAA as Sherman would wish, having moved to protect the privacy of its subscribers from the music-lobby's 'John Doe' subpoenas. He then recapitulated the RIAA's excellent arguments and Verizon's spurious arguments in this dispute at considerable length, and detailed exhaustively the various provisions of the DMCA that Verizon is supposedly violating, as if giving court testimony in that particular dispute. Sherman concluded that "the DMCA information subpoena represents a fair and balanced process that includes important and meaningful safeguards to protect the privacy of individuals" and protect the music cartel's revenues, as if this had been the hearing's topic. And of course it always was the topic. It's clear from Sherman's tirade that the day's exercise was purely an attack against P2P technology for its presumed negative effects on the music cartel's profits, not on children. The specter of child rape may have hung over the proceedings like a revolting stench, but it was nothing more than an atmospheric effect. If Sherman has the slightest concern for the welfare of children, he certainly knows how to hide it. ®
Foundry Networks has dipped a toe in the crowded wireless networking market with a line of 802.11a/b/g kit that is designed to work with its existing layer 2 and layer 3 edge switches. The firm's IronPoint wireless range, due to ship commercially next month, includes its IronPoint 200 IEEE 802.11a/b/g multi-mode access point, an SNMP-based Wi-Fi Management application suite and a Wireless LAN software upgrade option for the FastIron JetCore modular, FastIron Edge and FastIron Edge Power-over-Ethernet switches. The company says that tight integration of the forthcoming wireless offerings with its FastIron switches will give it an edge - at least for existing customers - in a fiercely competitive market. The IronPoint 200 can be used as a standalone AP or, with a software upgrade, integrated with one of the firm's wireless- enabled switches. Similarly Foundry's edge Layer 2/3 switches can be software upgraded to enable wireless LAN capability. The newly released wireless offerings can be rolled out either in a standalone access point configuration for small/medium size deployments, or as an intelligent access point integrated with wireless LAN switch for larger installations. Zeus Kerravala, an analyst with the Yankee Group, said that wireless was beginning to take off with enterprise corporates after a long period where they have been reluctant to use the technology because of fears centring on management headaches and security concerns. "With many of the enterprise deployment barriers such as security, roaming and management being addressed, network managers are now beginning to add wireless LAN support to their network infrastructure," he said. Ken Cheng, general manager of Foundry's Enterprise Business Unit, said that adding wireless capability is a "necessary add-on" to enterprise network infrastructures. ®
A landmark decision published today confirms that you need to check for explicit consent before using a marketing list for an email campaign, even if you believe in good faith that the list comprises only those who opted to receive marketing. That is the view of the UK's Advertising Standards Authority, which today published its first public decision based on new requirements for consent before marketing by email. It clarified another important point: what is necessary to identify a marketing communication as such. Southampton seminar provider The Training Guild lost a key part of its case before the ASA over a recent e-mail campaign. It sent messages headed "Business Seminars – Telesales & Selling Skills Made Easy" which, when opened, promoted "a selling sales course for non-aggressive people". One recipient complained. This was not a court case, and no laws were referred to. However, marketers in the UK are obliged to follow what is known as the CAP Code – and the complaint was made under two new provisions of the Code, introduced in March this year. The complaint was, firstly, that the email did not make clear in its subject field that it was a marketing communication; and secondly that The Training Guild did not get explicit consent to send e-mail to the complainant. The CAP Code is a set of rules produced by the UK’s Committee of Advertising Practice which are administered by the ASA, governing the content of UK non-broadcast marketing communications. Although lacking the force of legislation, the Code should be followed by all businesses and there are penalties available for non-compliance. The Code states that marketers, "should ensure that marketing communications are designed and presented in such a way that it is clear that they are marketing communications. Unsolicited email marketing communications should be clearly identifiable as marketing communications without the need to open them." This echoes a legal requirement introduced by the E-commerce Regulations of 2002. However, there has been little or no guidance under either the CAP Code or the Ecommerce Regulations on how to identify marketing communications as such. Some suggest adding "ADV" to the start of a subject line, to indicate an advert, as is a requirement under Californian and other anti-spam laws. But until today, there has been no guidance from an authoritative source. The ASA's adjudication takes a more forgiving approach than California: its decision says that the words in subject field of The Training Guild's e-mail - "Business Seminars – Telesales & Selling Skills Made Easy" - made clear that the email was a marketing communication. Unfortunately for e-marketers, the ASA was less forgiving on the second ground of complaint. The most controversial addition to the CAP Code in March 2003 was that "the explicit consent of consumers is required" before "marketing by email or SMS text transmission, save that marketers may market their similar products to their existing customers without explicit consent so long as an opportunity to object to further such marketing is given on each occasion." This reflects another legal requirement, found in the Directive on Privacy and Electronic Communications, which is due to be implemented in the UK by the end of October 2003. That requirement refers to unsolicited communications; the CAP Code does not, but this CAP Code provision only applies to marketing to consumers. The Training Guild argued that over the past nine years it had built up a list of customers who wished to receive its promotional emails. It said that although one person in an office may have asked to be kept informed of its products by email, another person in that office may be unaware of that request and would also have received emails. The Training Guild explained that it had bought a list of email addresses it thought were for businesses, not for individuals, which it believed had opted to receive information about training and business development topics by email. The company added that it had a strict policy of immediately removing someone from its mailing list if requested. The ASA noted the complainant's email address was a personal one and not a business address. Claire Forbes, a spokesperson for the ASA, confirmed to OUT-LAW.COM that the issue would not have been adjudicated had it concerned a work email account. In its decision, the ASA also acknowledged that the advertisers had bought a list of email addresses of people who had opted to receive information about business development topics by email in good faith. But the ASA nevertheless considered that "it was the advertisers' responsibility to ensure that recipients on the list had given their explicit consent to receive such emails." The ASA considered that The Training Guild "had not got explicit consent to send the email to the complainant." Ultimately, the ASA was lenient in its punishment, simply advising the organisation to take more care in its targeting of marketing emails in the future. The ASA's Claire Forbes said that failure to comply would likely result in sanctions. The case will resonate among e-marketers who face a major consent problem when trying to exchange email address lists. OUT-LAW.COM's Louise Townsend, a specialist in data protection, comments: "If buying email lists, companies can get warranties that the lists are 'clean' and indemnities to support these warranties. But this will not give the company any protection against the ASA, just a come-back against the provider of the list. "If your business has its own lists, make sure that you know what information was given when the details were collected. You need to check whether you fall within the exemption for similar products. You need to check if someone opted-in." These are difficult and serious issues for marketers, and the CAP Code must not be overlooked: it is increasingly apparent that it goes further on the issue of consent than the forthcoming regulations implementing the EU Directive. © OUT-LAW.COM