3rd > October > 2003 Archive

Mac OS X 10.3 Panther hits Gold Master status

UpdateUpdate Mac OS X 10.3, aka 'Panther', is ready for primetime, Apple has declared, according to a variety of sources cited by a range of Mac-oriented web sites. The latest build of the operating system has been signed off as Gold Master - in other words, it's ready for mass duplication and thus shipment to customers. Panther is expected to go on sale later this month. However, glitches may yet be found that could force Apple to ship a further build to distribution. Such errors do occur: witness the recent release and almost immediate recall of the Mac OS X 10.2.8 update. That code may yet be re-released, but with Panther potentially so close to shipping, its future could be in doubt. But we understand Apple has seeded a new build of 10.2.8 to developers. And in any case there are quite a few folks out there who will need the revised update to fix the problems induced by the original 10.2.8 release. ® Related Stories Apple recalls OS update Mac OS X Panther 'fast approaching' release - Apple
Tony Smith, 03 Oct 2003

Trojan hijacks web browsers

A Trojan that exploits an Internet Explorer vulnerability is capable of allowing attackers to hijack browser behaviour, anti-virus firms warn. The QHosts (Delude) Trojan can't spread by itself. Users only become infected if they visited a maliciously constructed website containing code which allows the malware to run. This code used a critical object data vulnerability in Internet Explorer to execute. More information about this vulnerability, including a (partial) fix, can be found in an advisory from Microsoft, issued back in August. Some anti-virus vendors reckon that this patch will protect against the exploit. However, McAfee warns that the patch fails to protect against the automatic execution of VBScript contained in an HTML file, the infection mechanism used by QHosts. AV firms are united in saying the latest Windows menace is low spreading, which is just as well. As usual Mac, Linux, OS/2 and Unix users are immune from infection. According to McAfee, the purpose of this Trojan is to hijack browser use. When page requests are made, they are rerouted to specified Domain Name Servers. This allows a remote 'administrator' to direct users to the pages of their choosing. This Trojan is responsible for recent reports of strange DNS changes on systems as recently reported on NTBUGTRAQ, McAfee believes. Finnish AV firm F-Secure has noted two variants of the Trojan. An advisory by Symantec provides technical detail on the changes the Trojan makes to infected PCs. Users are advised to update AV signature definitions so that security tools can block the Trojan in case a user is tricked (using spam or via other mechanisms) into visiting an infected Web site. ®
John Leyden, 03 Oct 2003

South Korea launches Hynix probe

Having faced European Union and US Department of Commerce probes, Hynix is now under investigation by the South Korean government. A report in South Korean paper Chosun Ibo yesterday claimed the Korea Deposit Insurance Corp. (KDIC) - the government's corporate liquidation agency - wants to see whether past and present Hynix employees are responsible for the huge losses the company has suffered. The paper cited a KDIC official as its source. KDIC's interest in the matter arises from the public money it provided Hynix's creditor banks after Hynix allegedly passed KRW 730 billion ($635 million) of losses on to its creditors. The implication is that if individuals are found to have been responsible for the losses, they will be billed by KDIC for the sums involved. KDIC's action forms an interesting addendum to the EU and DoC investigations. Those probes concluded that Hynix had received illegal government aid in the form of a bail-out package provided by its banking creditors. Since many of those banks were part-owned by the South Korean government, the rescue funding amounted to state help. Hynix rejects such a verdict. It says that its rescue plan was backed by many banks who have no connection to the South Korean administration. Possibly, but the KDIC's use of public money allegedly to help creditors cope with Hynix losses casts the memory maker's relationship with the South Korean government in new light. ®
Tony Smith, 03 Oct 2003

Albatron, Chaintech prep NV36 boards

Nvidia's upcoming NV36 chip - likely to be released as the GeForce FX 5700 - will feature DDR 2 SDRAM support across a 128-bit memory bus, and will be offered running at a variety of core and memory clock speeds. So says web site PC Stats, which got its hands on an NV36 reference board at Computex in Taiwan last week. It spoke to two graphics card vendors, Albatron and Chaintech. The former said it plans to offer cards with cores running at 450MHz and memory at 500MHz. Chaintech's core and memory will both be clocked to 475MHz, the site says. Both companies will ship their cards with 128MB of video RAM. The NV36 itself is believed to have been assigned to IBM for fabrication, using the foundry's 130nm process. Previous information had the NV36 pegged at 4000-5000 points on the 3DMark03 scale, a figure apparently confirmed by one of PC Stats' sources. ®
Tony Smith, 03 Oct 2003

WiMAX trials give new hope for broadband wireless specialists

Trials of WiMAX-ready equipment for broadband wireless access (BWA) are coming thick and fast as operators test the real world capabilities of the standard in preparation for 2004 roll-outs. And the new cost-effectiveness of building powerful metro area networks will have a knock-on effect on some previously sidelined backbone technologies, giving them a new lease of life in backhauling WiMAX and linking WMans to form national networks that really could challenge 3G. The history of broadband wireless has been largely one of disappointment to date. Pioneers like Teligent, Nextlink and Winstar entered the market in the late 1990s with networks based on cost effective LMDS (Local Multipoint Distribution System), but they played safe and stayed in over-served metro areas of the US rather than remote regions, and having paid huge federal fees for their licenses, all three companies filed for bankruptcy. Carriers such as MCI and Sprint invested in an alternative, MMDS (Multi-channel Multipoint Distribution System) but failed to gain significant market momentum – although BellSouth continues to push the technology, and announced trials in two rural North Carolina counties this week using its 2.3GHz licenses. Related Research Get the Wireless Watch Report and Weekly Newsletter, click here
Wireless Watch, 03 Oct 2003

GSM rebrands 3G service but claims victory over CDMA prematurely

The GSM Association has rebranded its 3G technology as 3GSM to avoid confusion with CDMA, and is claiming resounding victory over the Qualcomm-controlled rival. This is somewhat premature. Few doubt that, eventually, the GSM upgrade paths to 3G – which embrace GPRS, EDGE and W-CDMA – will be more dominant than the 2.5G and 3G versions of CDMA, CDMA2000 1xRTT, EV-DO and EV-DV. But the CDMA upgrade path has been far simpler and smoother than the GSM one, so at this stage it is ahead in terms of live 3G networks and actual subscriber numbers. And the delays and technical hiccups in W-CDMA have served to enhance the appeal of CDMA and to guarantee it a longer and stronger life than would have been predicted a few years ago. The GSM Association, the industry body behind the cellular standard, said this week that 85% of the world's operators have committed to W-CDMA. Its chief Ron Conway was on the offensive – or perhaps the defensive – slamming Australia's Telstra for choosing recently to upgrade to CDMA2000 1X EV-DO for its Mobile Loop services. By 2008, its users will be unable to roam in other countries, he claimed. He was keen to reassure carriers that the key technical problem with 3GSM, the incompatibility of handsets with GPRS and GSM, was "on the way to being fixed", though this fixing process has already dragged on for far too long. But despite teething problems, the installed base of GSM will ensure the success of 3GSM in the medium term. It has 850m subscribers worldwide, compared to 150m for CDMA, according to researchers at ABI. At this point, however, CDMA2000 is ahead. Of the 20 live 3G networks in the world, the CDMA-based ones have higher subscriber levels because there have been fewer technical problems, more rapid development of attractive handsets and more appealing pricing. For instance, SK Telecom in South Korea has 1.5m EV-DO subscribers, compared to under 1m on NTT DoCoMo's 3GSM system, which is of a similar age and scale. And rival Japanese carrier KDDI has 10m subscribers on its 2.5G and 3G CDMA 1x services, branded 'au'. SKT says its network delivers real world data rates of 700Kbps and its subscribers spend an average of $22 per month each on data options, compared to $5-7 per month on the carrier's 2.5G 1xRTT network. Reinforcing the strength of CDMA2000 – even if this proves shortlived – Verizon Wireless has launched its BroadbandAccess EV-DO service in San Diego and Washington DC. This data-only network requires a special PC card, priced at $150, and costs $80 monthly flat rate, with real world sustained data rates of 300-500Kbps (the theoretical rate is 2.4Mbps). Verizon claims it downloads files 20 times more quickly than GPRS and five times faster than EDGE. EV-DO services remain expensive, although the US' first such network, Monet’s in the Midwest, is half the price of Verizon's, and prices are sure to come down under pressure from other services including Wi-Fi – although typical 802.11b hotspot data rates are about the same as EV-DO's real speed. Verizon is also testing 1xEV-DV. However, Sprint PCS told the Washington Post that it has an opposite strategy for high speed data services, with no plans to roll out EV-DO for at least two years. Instead, it is focusing on its newly announced Wi-Fi service, based on building its own hotspots and leasing those of Wayport. Sprint said this is a more "fiscally prudent" approach as there is little infrastructure investment involved, and it claims Wi-Fi is faster than EV-DO for most data applications. This decision leaves Verizon Wireless with the broadband cellular data market to itself for a while, apart from small players like Monet. Two major factors will affect the eventual pattern of 3G. One is China, whose government is still hesitating to make final decisions on licenses. If it opts for the third 3G standard – TD-SCDMA, developed by Chinese companies and Siemens – Conway claims this will be easily integrated with GSM-based networks. It is expected that China will issue licenses for at least two of the three 3G networks, and will make its decision in the second quarter of next year. Exclusion of either CDMA2000 or 3GSM would be a major blow. However, it is certainly not a foregone conclusion that China will reject CDMA2000. Growing demand in Japan and South Korea – and in China for 2G CDMA services – is keeping the Qualcomm technology in the race. Subscribers to CDMA in Asia-Pacific increased by 18m to 63m in the year to 30 June, with over half of these on 2.5G or 3G systems, say researchers. The second factor in 3G's fate is, of course, whether 3G networks take off at any significant level at all, or whether they will be marginalized by Wi-Fi/WiMAX and by the advent of IP-based 4G. Related Research Get the Wireless Watch Report and Weekly Newsletter, click here
Wireless Watch, 03 Oct 2003

Siebel teams with IBM in software climbdown

Siebel has formed a partnership with IBM to sell its CRM software over the internet as a low cost monthly subscription service. This represents a climbdown by CEO Tom Siebel, who vocally dismissed the subscription model two years ago after a failed initial experiment with a spun-out business called Sales.com. This was merged back into the main company after a year and closed down in 2001. However, now Tom Siebel says: "This is the way software is going to be delivered in the future". Under the new venture, called CRM OnDemand, Siebel will share the monthly fees of $70 per user with IBM, which will run the service from its own data centers. Users access it from a browser interface and pay by credit card. Despite the failure of Siebel's Sales.com, other smaller companies in the field have done well with internet-based rental models, notably Salesforce.com and Netsuite, which is funded by Oracle's Larry Ellison. Siebel, by contrast, has had a difficult year financially and saw new license revenue drop by 47% year-on-year in the first half of 2003. The problem with monthly pricing is the threat of undercutting Siebel's highly priced enterprise offerings. "They need to cannibalize themselves faster than we're cannibalizing them," said Marc Benioff, chief executive of Salesforce.com. Siebel is trying to differentiate the IBM venture as being specifically for smaller companies, or for partners working with large enterprises. However, the $70 monthly fee could cost more over several years than Siebel's traditional licensing, which ranges from $1,500 to $2,500 per user upfront. Related Research Get the News IS Weekly Newsletter, click here
News IS, 03 Oct 2003

IBM adds Windows, AIX, AS400 to hosting line-up

IBM has taken its hosting business to the next level. It has been offering Linux application hosting for a year, and is now adding it on Windows, AIX and AS400 architectures, as its iSeries, pSeries and xSeries. IBM refers to all these hosting offerings as its Virtual Server Service, promising hosting in isolated environments and only charge each customer for the cycles they use, with a set up fee and monthly "on demand" charges. These virtual servers are deployed at an IBM Service Delivery Center and managed by IBM Global Services and offer additional services, connection to the net, caching, storage and backup services, firewalls and load balancing, this latter through a partnership with Inkra Networks. IBM says it is the first vendor to offer businesses a choice of Windows-based, Unix-based, or Linux-based server processing and network capacity delivered on demand. IBM launched its first hosting service on Linux running on zSeries mainframes last July and IBM predicts savings of between 15-30 per cent using its virtual server service versus owning the machines outright. Prices were not given. Related Research Get the News IS Weekly Newsletter, click here
News IS, 03 Oct 2003

GX Networks to buy Pipex for £55m

GX Networks plc - the telco and business broadband outfit - is to buy Pipex for £55 million in shares and cash, it was announced this morning. If the deal gets shareholder approval at an EGM later this month then GX Networks will change its name to Pipex Communications plc to make the most out of the Pipex brand. Pipex - which is wholly owned by MD David Rickards and his family - has been around for 12 years. At the end of June it had around 119,000 punters - one in ten of all ADSL connections in the UK. Part of its success as a broadband ISP was its willingness to spend cash up front to attract punters, combined with competitive monthly subscriptions which undercut the big boys such as BT and AOL. Early on, many of Pipex's critics said such an approach could not be sustained. However, in the year to the end of May Pipex generated £32 million in revenue and notched up pre-tax profits of more than £10 million. As of today Pipex also has around £20 million of cash in the bank. Said Mr Rickards, who will be joining the enlarged company: "We needed an alliance with a larger organisation to take our business to the next stage. GX, with its highly resilient network presence and a culture similar to ours, is the right choice for Pipex." Said GX Networks chairman, Peter Dubens: "This is an important acquisition in the development of GX Networks as it allows us to become cash flow positive immediately and it enables us to rebrand the entire group as Pipex, which is one of the strongest brand names in the sector. Furthermore, it will improve the mix of products that we sell, as Pipex has established a large broadband customer base." Last month, GX Networks bought Firstnet Services Ltd - the company that acquired fixed wireless broadband outfit Liberty Broadband (aka Tele2 UK) earlier this year - for £4.3 million. The deal means that GX Networks has now added wireless broadband to the stable of products it can supply punters. In July, GX Networks acquired XTML Limited and Compulink Information eXchange Limited, which were previously part of the Telenor Business Holdings UK Limited Group. In October last year Zipcom acquired Transigent through a reverse takeover before changing its name to GX Networks Plc in March 2003. ® Related Stories GX Networks buys Firstnet GX buys CIX, XTML LTD
Tim Richardson, 03 Oct 2003

US intros tougher sentences for computer crimes

US authorities are to introduce harsher sentences for convicted computer criminals starting next month. The stiffer penalties, developed by the US Sentencing Commission to comply with a Congressional bill last year, are designed to reflect the serious damage caused by crackers and virus writers. However, the supposed deterrent effect of the tougher approach have already been questioned by the most famous former computer felon, Kevin Mitnick, who argues that the measures are unlikely to have the desired deterrent effect. The Washington Post reports that the current tariff for most computer crimes ranges from between one to ten years maximum in prison, although sentences of between 20 years and life can be levied if it's proved a computer crime resulted in serious injury or death. Penalties on the rise Under the revised sentencing guidelines, crackers convicted of stealing personal data would face an average of a 25 per cent increase in jail. This becomes a 50 per cent increase in jail time if computer crims pass on purloined data to a third party or a doubling in a sentence if sensitive data is posted on the Net. Crackers who trespass into government and military computers, or break into the networks of systems controlling critical national infrastructure systems, also face a doubling in jail time. Meanwhile, break-ins to online accounts would be punishable by sentences based by the amount of money in an account, even if no money is stolen. Under the new guidelines, judges can add an extra 50 per cent increase to a prison sentence if funds are nicked. Convicted virus authors face a 50 per cent increase in their prison sentence. And under the revised rules, prosecutors are allowed to factor in the cost of repairing systems and lost revenue in counting up the damage caused by a computer crime. Traditionally computer crimes only became felony offences where more than $5000 in damage was caused. "The increases in penalties are a reflection of the fact that these offences are not just fun and games, that there are real world consequences for potentially devastating computer hacking and virus cases," said John G Malcolm, deputy assistant attorney general and head of the US Justice Department's computer crimes section, told the Washington Post. "Thus far, the penalties have not been commensurate with the harm that these hacking cases have caused to real victims." The revised sentencing guidelines only apply in prosecutions of adults (not juvenile court cases) that commence on 1 November. Judges will still have the power to decide sentences based on the aggravating and mitigating factors of a particular case. It's just that the starting point in these considerations has been substantially raised. Mitnick, who spent almost six years in prison, has expressed doubts about the deterrent effect of the tougher sentencing regime. "The person who's carrying out the act doesn't think about the consequences, and certainly doesn't think they're going to get caught," Mitnick told the Post. "I really can't see people researching what the penalties are before they do something." Most computer criminals are "well educated, have little or no criminal history, commit their crimes on the job and often are seeking financial gain", according to Sentencing Commission documents cited by the paper. Half of the 116 federal computer crime convictions in 2001 and 2002 involved disaffected workers, it reports. ®
John Leyden, 03 Oct 2003

118 118 ticked off by regulators

The opening up of directory enquires (DQ) services in the UK is going "pretty well overall", according to telecoms regulator Oftel despite an outcry over the quality of some of the services on offer. The assessment follows yesterday's hastily convened meeting between Oftel, premium rate watchdog ICSTIS and DQ operator The Number (118 118), which has been fingered for slapdash customer service. Punters calling 118 118 have been cut off in mid call and given the wrong numbers amid allegations that some staff were trying to get bonus payments by hitting performance targets. A spokesman for The Number admitted: "It has happened, we have caught employees doing it." As a result a dozen or so staff have been given the boot with a further 20 or so asked to leave because they were "not performing well enough". At the meeting late yesterday afternoon Oftel and ICSTIS warned The Number that standards of customer service had to be maintained. Any operator failing to meet those standards faced the threat of regulatory action, warned the watchdogs. As a result of the meeting the regulators will continue to monitor the performance of all DQ operators to ensure they're not ripping off the public. ®
Tim Richardson, 03 Oct 2003

Consumer lawsuit claims damages for MS security failures

A lawsuit filed against Microsoft in Los Angeles this week is attempting to hold the company responsible for the damage wrought by the systemic failures of security in its sofware, and for its conspicuous failure to fix them adequately. The suit follows hard on the heels of the publication of a paper on Microsoft security which, among other things, suggested that the company should be held legally responsible for such damages. The Los Angeles case is being brought by one woman who says she was the victim of identity theft, but it is designed to form the basis of a class action. It argues that the vast majority of successful attacks occur because of major vulnerabilities in Microsoft's software and - crucially - claims that the disclaimers in Microsoft's licence agreements constitute an unfair business practice under Californian law, because consumers have little choice but to use Microsoft software. Licence agreements have traditionally operated as a catch-all 'get out of jail' for all software companies, so the argument of this suit can be seen as quite narrow, success depending on establishing the existence of a Microsoft monopoly, rather than on exposing licence agreements as the outrage (you can tell we're disappointed, can't you?) they are. Microsoft's recent practice of stopping you fixing the software you've got if you refuse the new, even more horrid agreement could well provide some support for this suit's argument. Aside from being able to argue that the licence agreement means it doesn't have to do anything about its software being broken (which from a marketing perspective is probably not an ideal first line of defence), Microsoft is currently attempting to shift the blame ground away to the "criminals" out there. Pitching the new-look line on security recently, Steve Ballmer denounced all hackers as criminals, and signalled a move away from the 'patch and patch again' approach to 'securing the perimeter.' The patch regime certainly doesn't work, as it's just plain ridiculous to expect all consumers to keep their patches up to date, even if they have the bandwidth (for the record, a Register test of a bringing a virgin Win2k installation up to date as far as last Tuesday, over dial-up, took in excess of three hours, without us bothering about WMP and DirectX updates). Large numbers of unpatched machines out there generate 'cascade failures' which bring a cost (in terms, for example, of bandwidth and crippled email systems) even to patched systems, so you still get hit no matter how good you are. Securing the perimeter, though, is under the circumstances a dubious alternative for Microsoft to be proposing. If you currently think you have a pretty secure perimeter, we expect you still feverishly patch your Microsoft clients, and there's good reason why you do this. What Microsoft is really saying, we think, is that security should be addressed further out in the network. This is certainly sensible, but doesn't have an immediate effect on where we are today, and how we got there. It does hold out the prospect of the blame being shifted from the vendor of the client software to the vendors of the firewalls, to the ISPs and so on, but we're sure this can't be why Microsoft now thinks it's the way to go. Given that Microsoft's security pitch is shifting, and it's at least arguable that the company concedes that what it's been doing doesn't work, defending it in court could be particulalry tricky, if the company can't stop it getting as far as that argument. But this is still a half a loaf kind of a lawsuit. It is consumerist, certainly, but doesn't look likely to test the broader issues of product liability and 'fit for purpose' on the products of the software industry. In order to do this it would be necessary to overthrow licence agreements on more general grounds than are being applied here, but we reckon there's a case, at least under European consumer legislation. Software companies in general have managed to avoid test cases over licence agreements - we think there's a good reason for that. ®
John Lettice, 03 Oct 2003

Nintendo halves UK, European GameCube prices

Nintendo today said it will cut the price of the GameCube console in Europe, slashing the cost of the console by up to 50 per cent to £80 ($132) in the UK and €99 ($115) on the Continent. It also cut the console's price in Japan, by 29 per cent to ¥13,999 ($126). The Japanese and European price shifts follow a similar move last week to drop the US price to $99. The move is undoubtedly intended to help shift Nintendo's inventory of unsold consoles as it prepares to begin manufacturing the machine again. In August, the company said it was suspending GameCube production until the Autumn in a bid to reduce its stockpile of unsold consoles. The company yesterday said it had sold four times its previous weekly sales average after it announced the US price reduction on 24 September. After the cut, it sold 61,000 units in the US, it claimed. The reduction also comes in response to the £20 Sony this week knocked of the price of the PlayStation 2. The PS2 now costs £139 in the UK. Of course, there's almost no way Nintendo can catch up with Sony - Microsoft is a better target. But according to figures from market watcher ScreenDigest, cited by Reuters, Nintendo's 1.6 million-strong EMEA customer base is up against Xbox's 2.3 million. Sony has shipped 15.6 million PS2s, by contrast. Nintendo also said it would spend €15 million promoting the GameCube to Europeans this Christmas. ®
Tony Smith, 03 Oct 2003

ATI Q4 sees revenue jump 71%

ATI saw sales rise 70.8 per cent year-on-year to $380.7 million during the three months to 31 August, the company's fourth quarter of fiscal 2003. Revenues rose 6.5 per cent sequentially from Q3's figure of $355.7 million. Net income grew 32.7 per cent between Q3 and Q4, rising from $15 million (six cents a share) to $22.3 million (nine cents a share). This time last year, ATI reported a loss of $34.6 million (15 cents a share). Adjusted Q4 net income totalled $29 million (12 cents a share), up a little on the previous quarter's $20 million (eight cents a share). In the year-ago quarter, ATI's adjusted loss came to $100,000. Gross margins rose three percentage points sequentially and just over four percentage points year-on-year to 35.6 per cent, but ATI's operating expenses also increased, rising by $9.7 million to $99.5 million, largely thanks to increased R&D spending. Looking ahead, the company said it expects Q1 of fiscal 2004 to yield revenues of $400-430 million, with gross margins between 32 per cent and 35 per cent. Operating expenses should not increase, leading to flat or marginally higher net income over Q4 2003. ®
Tony Smith, 03 Oct 2003

Sharp brings Aquos LCD TV tech to PDA displays

Sharp has developed an LCD panel for PDAs and cellphones that it claims provides a "clear, bright display visible from virtually any angle and under any ambient lighting condition". The panels are based on technology devised for the company's Aquos LCD TV screen and have been designed with streamed video content in mind. They also incorporate transflective display technology, which combines back-lit transmissive and reflective LCD techniques. The result is a screen that can be viewed at up to 160 degrees in both the vertical and horizontal planes. The response time comes in a 25ms, and the screen provides a 300:1 contrast ratio. Sharp said it will initially offer four Mobile ASV screens - as it calls them - with 1.5, 2.4, 4.0 and 6.5in screen sizes and 560 x 240, 240 x 320, 480 x 640 and 400 x 234 resolutions. They are aimed at digicam, mobile phone, PDA and in-car navigation systems, respectively. The last three displays offer RGB colour depths. All four displays will sample in December, and go into volume production during the Spring of 2004. ®
Tony Smith, 03 Oct 2003

Why 3G won't fry your brain just yet

A study for the Dutch government which linked UMTS or G3 base stations to complaints about nausea and headaches in people close to them, has caused quite a stir this week, but only in the media. The actual study (download the PDF here) conducted by the technological research institute TNO is less conclusive. Most reporters forgot to mention that only a very small group of people participated in the double-blind experiment, whereby participants do not know whether they are exposed to 3G base station signals or not. Indeed, some subjects said they felt tingling sensations, got headaches and felt nauseous. But then again, how would you feel in a shielded semi-anechoic chamber? The study also suggests that cognitive functions such as memory and response times were boosted. Some people became more alert when were exposed to signals from GSM and UMTS antennae. But thermal effects, or the warming up of body tissue, could play a role here too. Third-generation UMTS networks transmit signals at a higher frequency range. TNO seems to be aware of its shortcomings: the report says that because of a lack of scientific data "a prediction of reasonable electromagnetic exposure is not possible". And that the constant presence of the base station antennas during the measurements "might invite the subjects to malinger the results". And that the "dimension of changes observed" is relatively small. TNO also admits that it not possible to speculate on "a scientifically justified hypothesis to explain the potential effects on cognition". In other words: we measured something, but we don't know what it is. The GSM Association claims that the effects reported are too small to be taken seriously. Ericsson too downplayed the report this week, telling Reuters there is no scientific evidence that there are any health problems associated with radio waves from mobile communications. The government ministers responsible for Economic Affairs, Health and Telecommunications in the Netherlands reconfirmed this week that follow-up research is needed to substantiate the findings as well as to look at any longer-term health effects and biological causes. Germany's Research Association for Radio Applications already commissioned its own health study. Until we know the results, let's assume UMTS won't fry you brain just yet. ®
Jan Libbenga, 03 Oct 2003

Senator calls for end to excessive fines against file-traders

US Senator Norm Coleman has called for new legislation to reduce fines faced by file-traders that have been sued by the RIAA (Recording Industry Association of America). Coleman, applying a refreshing dose of sanity to the whole P2P affair, says that fines of between $750 and $150,000 per downloaded song are excessive. The high penalties could well force innocent people to settle with the pigopolist mob out of fear. "I can tell you that $150,000 per song is not reasonable, and that's technically what you can put in front of somebody," Coleman said in a conference call with reporters, the AP reports. "That forces people to settle when they may want to fight, but they're thinking, 'Goodness, gracious, what am I going to face?'" Coleman has been questioning the RIAA's tactics for some time and with good reason. The RIAA has flooded US courts with lawsuits that have, for example, 12-year-old girls facing millions of dollars in fines. The reckless approach applied by the music labels has also seen innocent people be hit with massive charges - $300 million in the case of 66-year old woman. Coleman notes that the RIAA's use of the DMCA to obtain subpoenas and set penalty levels may be outdated. "The range of penalties was put in when downloading wasn't even thought of," Coleman said, according to the AP. Coleman hopes to push forth legislation that will lower the fines and also require a judge - and not a lowly clerk - to approve subpoenas, seeking file-traders' information. The Republican out of Minnesota is calling for some much needed due process to be added to a situation that has spun out of control. ® Related Stories RIAA withdraws $300m lawsuit against innocent pensioner P2P software suppliers team to fight RIAA and piracy KaZaA sues RIAA for copyright infringement
Ashlee Vance, 03 Oct 2003

Sony claims victory in PS2-is-a-PC battle

Sony today reiterated its view that it has prevailed in its attempt to force the European Commission (EC) to treat the PlayStation 2 as a computer and not a games console for the purpose of calculating import duty on the machine. Sony's statement follows media reports that the EC had won the legal battle, begun in October 2001 and which came to a conclusion this past Tuesday when the European Court issued its verdict. A Court spokesman initially detailed Sony's victory - then, bizarrely, made a 180-degree turn and stated that the judgment had gone the EC's way. A number of news sources subsequently said the spokesman had first misreported the Court's ruling. However, the final judgement seems clear enough: according to the text of the verdict, the Court annulled an EC regulation - number 1400/2001 - which effectively classified the PS2 as a console. The Tribunal also ordered "the defendant to pay all the costs". Regulation 1400/2001 was issued on 10 July 2001, and contradicted a 12 June 2001 decision taken by British Customs & Excise that the PS2 should be classified as a computer under the definitions laid down in European law. As such it is zero-rated for import duty - unlike a games console. For the purposes of calculating import duty, the European regulations offer a number of criteria by which a device may be considered a computer - specifically, an "automatic data processing machine". The key factor in the PS2 case was whether the machine can be programmed by customers and users. Sony contended that the availability of a version of Linux for the PS2, along with appropriate programming tools, ensured the machine is indeed freely programmable. The EC argued that since the PS2 is primarily used for gaming, it should be considered as such for the purpose of calculating import duty. The Court agreed with the EC's logic, but ruled that since UK Customs had already decided that the PS2 should be counted as a computer and not a console - a judgment held to be binding upon other European Community members - that's how the machine must now be regarded. The EC erred in law when it drew up the July 2001 regulation, which was intended to reverse the UK decision. The Court's annulment of the regulation that enshrines the EC's judgement now paves the way for Sony to recover from the EC the duty it has paid since July 2001 - a figure in the "low tens of millions", according to a Sony spokesman. In the meantime, the EC has two months to appeal against the Court's verdict. ® Related Story EU rejects Sony PS2-is-PC claim
Tony Smith, 03 Oct 2003

MPs' spam report due out Monday

A report into spam by the All Party Parliamentary Internet Group (APIG) is due to be released on Monday. The report - based on written evidence, public hearings and a "Spam Summit" held during the summer - will see if legislation can be drawn up to beat the spammers. It will also examine whether technology can be used to reduce the amount of spam clogging the Net. Publication of the report comes less than a fortnight before MPs are due to fly to the US to discuss the issue of unsolicited commercial email with colleagues in Washington DC. The politicians will be making the case for the US to consider an 'opt in' - rather than their current 'opt out' - approach to unsolicited commercial email. However, one Euro MEP has cast doubt over the effectiveness of the trip after revealing that APIG's stand on spam is likely to get a cool reception in the US. ® Related Stories Doubts raised over MPs' anti-spam crusade MPs head to US on anti spam mission MPs hold public inquiry into spam
Tim Richardson, 03 Oct 2003

Finger, faceprints get green light for Europe's ID standard

The European Union has taken the first step towards standardised ID with biometrics on-board, in the shape of two proposals from the Commission covering a uniform format for visas and residence permits for third country nationals. But this is only the first stage; the Commission's announcement notes that The Thessaloniki European Council earlier this year "confirmed that 'a coherent approach is needed in the EU on biometric identifiers or biometric data which would result in harmonised solutions for documents for third country nationals, EU citizens' passports and information systems (VIS and SIS II)', and invited the Commission 'to prepare the appropriate proposals, starting with the visa.'" Given the desire for "harmonised solutions" it is perfectly reasonable to see the Commission's third country national proposals as green-lighting the use of biometrics in a future Europe-wide standard ID document. The proposals put forward facial image as a "primary biometric identifier in order to ensure interoperability", presumably with other systems which are designed with the work of the ICAO (International Civil Aviation Organisation) on biometrics in mind. Fingerprint is put forward as a secondary biometric identifier "as it provides the best solution for so-called 'background checks'." We have no idea why, but possibly the Commission here means that fingerprints are currently a more established and proven technology than facial image. Note however that here we're talking more about a 'faceprint', than facial recognition, and that currently comparing your actual fingerprints with a centrally-held set is a lot more doable than comparing your actual face. The Commission describes the use of biometrics as "introducing modern technologies to combat not only document fraud, but also fraudulent use by establishing a more reliable link between the holder and the visa and residence permit format." So the birth of a standard European format for biometric ID will be music to the ears of those politicians (e.g. our very own David Blunkett*) who wish to do that very thing. It is perfectly feasible, even probable that the format will domino from residence permit through passport and ID card to driving licence, "entitlement" card, becoming a universal standard even in situations where biometric ID in unnecessary or even inappropriate. Statewatch points out that the Commission is proposing the new measures in the form of a regulation which applies across the EU, and leaves member States no discretion, as would be the case with a directive, and notes that also although the Commission says that the data held will come under the EC 1995 Directive on data protection "it also highlights the inadequacy of the data protection regime at national level across the EU." Effectively, the Commission is proposing to land Europe's data protection authorities with a whole new area to supervise, and expecting them to more or less figure it out for themselves. Statewatch editor Tony Bunyan said the proposals "show that the EU is just as keen as the USA to introduce systems of mass surveillance which have much more to do with political and social control than fighting terrorism. "To the proposed surveillance of all telecommunications is added the control of movement of all visitors and third country nationals, to be followed by that of EU citizens too. How long will it be before there will be a compulsory EU identity card? All the data will be held on the EU-wide Schengen Information System which can be accessed by tens of thousands of officials - how long will it be before biometrics collected for travel documents will be used for other purposes?" ® * Who was weirdly quiet on ID cards in his conference speech yesterday. In an interview earlier in the day, however, he extolled the virtues of cards in dealing with "illegal and clandestine entry" and "fraudulent use of the health service - we cannot provide it free to the rest of the world." Exactly how an ID card system helps in cases of asylum seekers who, as he'd just been fulminating, have thrown away their documentation, he did not alas make clear. Related links Statewatch analysis
John Lettice, 03 Oct 2003

HP has one free port for Sun customers

Looking to kick a competitor while it's down, HP has started a new campaign in which it will provide various software porting services to Sun Microsystems customers at no charge if they agree to abandon Sparc/Solaris systems. HP's "switch and save" program is a bit thin on actual product, but there are a couple of deals to be had. It will port one Sparc/Solaris application onto an HP server running Linux for free. HP will also offer certain hardware/software bundles at a 50 percent discount to users willing to trade in their Sun gear. In a press release, HP claims to be offering $25,000 worth of services to customers who make the switch from Sparc/Solaris to Linux on HP kit. This number, however, is somewhat misleading. It appears to include a Total Cost of Ownership (TCO) assessment valued by HP at $7,500 along with the needed porting services. As it's the customer that has to go through the pains of a migration, any "services" value-adds put on the shift seem a tad silly. The obvious point is that HP will tell you how much a move away from Sun will cost and then help you do it. The most compelling part of the "switch and save" deal is the hardware discount, but fine print has yet to be provided. HP is seizing on a flood of bad news for Sun this week. The company announced a $1 billion charge and then saw a flurry of analysts rush to say things are looking grim for the McNealy bunch. The most searing note from the analyst crowd came from Merrill Lynch's chief hardware groupie Steven Milunovich - known better as The Loon. In an open letter to Sun's CEO Scott McNealy, Miloonovich suggested that Sun drop its Sparc, Java and Linux desktop businesses as the quickest means to becoming a relevant vendor again. It's not often that a financial analyst recommends a vendor chuck out a product - Sparc - that has leading market share in a multibillion dollar business as a good short-term move, but that's why he gets the big bucks. The Loon did make some salient points, but we think the Britney Spears album was turned up a bit too loud when he wrote the Sparc analysis. Maybe he was just upset that the new batch of Watermelon lip gloss didn't make his lips look as pouty as hoped. HP's follow up to the analysts' rumblings is a nice, not so subtle move. The company has seen IBM take market share from Sun, and wants in on the action. The deal only applies to customers in the Americas and will run through Dec. 31. Interested parties can call 1-800-HP-ASK-ME or visit this Web site. HP will loan out a Xeon server and a StorageWorks array for testing, as part of the deal. We make the bold suggestion that HP offer the same service to its own customers. Those willing to shift off of PA-RISC and Alpha onto Itanium should surely receive the same benefits as Sun customers. While HP does not mention Itanic in the Sun giveaway press release, the promotional Web site does bring the chip up. Funny enough, Intel's 64bit chip is described as an "industry standard," which everyone knows is not accurate. To get those Itanic sales going, we suspect it will take a lot more than a free port and a TCO analysis. Why not offer $100,000 a pop to anyone prepared for an EPIC conversion. ®
Ashlee Vance, 03 Oct 2003

Dell and UT team for Texas-sized cluster

In a showing of Texas pride and unity, Dell announced a deal with the University of Texas to create a 300-server cluster to be used by the school's scientists and engineers. The system dubbed "Lonestar" will be housed at UT's Texas Advanced Computing Center and be capable of more than 3 TeraFLOPS (trillion floating point operations per second), which is plenty of horsepower. Over the next year, UT plans to add 200 or more servers to the cluster. Both Dell and UT are located in central Texas, which made the Lonestar name an obvious choice. Not only is Lonestar Texas' preferred monicker, it's also the name of good old boys' favorite beer, as evidenced by this Web site. (We don't get the virtual carding either - Ed.) More eclectic types, as if such people exist in Texas, prefer another stately brew known as Shiner Bock. Neither beer plays a major role in the construction of the Lonestar cluster, other than the fact that all Texas engineers drink beer. The system will be made up of both Dell PowerEdge 1750 and 2650 servers with 3.06 GHz Xeon processors. Raised floors and plenty of AC are required. The cluster will run Red Hat Linux and use Myricom's Myrinet 2000 switch along with Dell's own PowerConnect switches as interconnects. Being a company with a strong aversion to R&D, Dell has turned to Cray for help designing and building the cluster. The Texas-sized win adds to a number of high performance computing contracts that Dell has secured over the last couple of years. While the company goes on and on and on about enterprise customers running Oracle on Dell clusters, the scientific computing market proves to be its biggest bread winner. ®
Ashlee Vance, 03 Oct 2003

VeriSign bows to ICANN, suspends Net Grab

VeriSign has responded to a deadline from Internet quango ICANN and today suspended its SiteFinder service. SiteFinder redirected DNS wildcards, such as misspelled URLs, to Verisign's own website, a practice which breaches time-honored Internet behavior. The move broke many spam filters and in its brief life - it was launched on September 15 - had generated three lawsuits. Verisign was able to do this because it has a monopoly on the .com and .net domains, one granted to it by ICANN. ICANN said Verisign was in breach of this contract. The Internet Architecture Board decided that this violated precedent, concluding "that DNS wildcards should not be used in a zone unless the zone operator has a clear understanding of the risks, and that they should not be used without the informed consent of those entities which have been delegated below the zone." "Sorry for nothing," a VeriSign spokesperson replied today. He didn't actually use those words, but instead accused ICANN of finding "anecdotal and isolated issues to attempt to regulate non-registry services," before conceding, "but in the interests of further working with the technical community, we will temporarily suspend SiteFinder." Which is much the same thing. ® Related Stories All your Web typos are belong to us VeriSign DNS change broke my HP printer (letters) BIND developer blocks VeriSign Net grab move VeriSign's SiteFinder finds privacy hullabaloo VeriSign backlash gathers force ICANN urges VeriSign to suspend SiteFinder Verisign's SiteFinder finds privacy hullabaloo VeriSign slammed for domain renewal scam
Andrew Orlowski, 03 Oct 2003