16th > October > 2003 Archive

IP convergence eat away at voice services cash cow

IP convergence is forcing European telecoms operators to re-evaluate market strategies and move away from their traditional cash cow voice services and circuit-switched networks to packet-based infrastructures. According to a Yankee Group survey of 25 incumbent and alternate operators across 16 European countries, two thirds of operators expect traditional voice services to account for less than 50 per cent of their revenue by 2006. The primary drivers behind the migration to packet based infrastructures are, according to the analyst firm, lower operating costs - which almost 40 per cent of respondents cited - and new service deployment - which was the considered most important by a third of operators. Yankee said the move to IP marked a departure for telco operators as it is the first time that they have been forced by customer pressure to provide services. Chris Lewis, Yankee Group veep, said the change in telecoms is "happening from the street up. This means that operators are increasingly looking first at customer needs and then building a business case to launch a service. This is a major change for the industry that traditionally developed services that the market then followed." The survey found that, for many operators, converged services are linked to the roll-out of broadband DSL, with almost a quarter of respondents expecting to use broadband as a major launchpad for service development. The vast majority of operators polled by Yankee - some 83 per cent - are already offering or intending to offer an IP telephony service over the next three years, citing customer demand as the driving force. Although the study indicates that operators are currently targeting the high end of the business market with convergence offerings, Yankee recommends extending this strategy to small and medium-sized businesses. The firm notes that these customers have fewer in-house resources to develop complex services or manage converged voice and data networks. ®
Robert Jaques, 16 Oct 2003

EDS and Opsware: bringing XML to the data centre

Outsourcing specialist EDS and systems management software partner Opsware are spearheading DCML. EDS and Opsware are proposing a derivative of XML aimed at helping the systems in data centres better communicate with each other and with systems management and provisioning tools. Such a language would also put incompatible servers and applications under the control of one central DCML-driven console. Opsware is spearheading the Data Center Markup Language (DCML) effort for very good self-serving reasons. Opsware's eponymous provisioning and management tool automates the initialization of operating systems and applications from bare metal to a running stack; it also reprovisions that server as needed and can be used to apply software patches to dozens of popular programs. If DCML could be developed and accepted by the industry, Opsware could bring a lot more machine types under its control. Then again, so could another software vendor - which is always the risk in proposing any standard and championing it. IBM, Hewlett Packard, Sun Microsystems, and Microsoft all have their own ideas about delivering utility-based computing and centralized control of heterogeneous systems and incompatible applications, and none of the three big IT platform providers were part of the DCML launch yesterday. The big industry players never champion a standard unless it is one of their own, so this is not surprising. If DCML gathers steam, they will get on board and try to differentiate themselves, their tools, and their approaches to systems management and utility computing. Oddly enough, DCML may be just the tool that allows each of these vendors to attack what are essentially proprietary approaches to systems management and utility computing among IBM, HP, Sun, and Microsoft platforms. EDS wants DCML to fly because such a language will, in theory, make it easier for it to control the machines that it uses to run outsourced applications. But the sword will cut both ways. What is easier for EDS will also be easier for IBM Global Services, HP Services, Sun Services, Control Data, and other outsourcers who also use DCML-based tools. And just in case utility computing takes off as an outgrowth of outsourcing, EDS wants to be ready and have the right tools, partnerships, and technologies in place. That's why EDS is always seen standing next to Opsware. Source: Computerwire/Datamonitor Related research from Datamonitor The Web Services Outlook: Cutting through the hype
Datamonitor, 16 Oct 2003

Apple UK confirms iPod add-ons launch

Apple UK has confirmed rumours that the Mac maker will introduce a set of iPod accessories, almost certainly later today when the company unveils the Windows version of iTunes and opens its iTunes Music Store to Wintel users. "Rumours site" Think Secret has been touting such peripherals for some time, and yesterday cited sources who claim a microphone and a memory card reader will be among the items Apple will offers as iPod options. Apple will also ship a firmware update - taking the device's on-board software to version 2.1 - to allow the portable music player to use the new add-ons. Alas, it appears only the latest generation of iPods can make use of the peripherals, but here's hoping. The story is confirmed by Apple's UK online store which has a graphic on its front page advertising "Hot iPod Accessories". The player "now records your voice and stores more than tunes," it burbles. Click for full-size image The iPod accessories may also be accompanied by a special edition, 40GB iPod, which according to earlier Think Secret reports was due to appear at Apple Exp Paris last month, but didn't. Either way, Apple will today unveil iTunes for Windows and open up the iTunes Music Store to Wintel users, well ahead of its end-of-the-year deadline. The launch comes as Dell is preparing to offer just such a service of its own and as the relaunched Napster opens its doors for a public beta test period. Apple has other rivals, but it has garnered sufficient media mindshare for its previously Mac-only to be considered a serious player going forward, but it needs to open the service, via iTunes, to a broader range of players than it supports right now. Napster remains a key challenger because of the brand awareness it possesses, but given its reputation as a source of free music, the paid-for version can't take the high levels of public support the service once had for granted. Bootnote Now that the UK AppleStore has effectively revealed the iPod accessories ahead of their official release, we wonder whether Cupertino High Command will issue a dictat informing Apple staffers they should on no count talk communicate with it, as we understand it has regarding other sites that discuss Apple's plans and products ahead of time. Whoops!
Tony Smith, 16 Oct 2003

Micron samples DDR 2 mobile DIMMs

Micron has begun sampling mobile-oriented DDR 2 memory modules, and has shipped them to Intel for testing. The chip giant, meanwhile, has sent back to Micron 110nm 256Mb DDR 2 SDRAM chips, which it has given the thumbs up for 400MHz and 533MHz operation. The DDR 2 SO-DIMMs are filled with 128MB and 256MB of memory, and paves the way for the adoption of the technology in mobile devices, primarily notebooks. Intel's next major Centrino revision, codenamed 'Sonoma', includes the 'Alviso' chipset, which supports DDR 2 SDRAM, the company revealed last month. Alviso also integrates Serial ATA and Gigabit Ethernet into the Centrino platform, along with a 7.1 sound system, dubbed 'Azalia'. Sonoma is due to be launched in the second half of 2004. DDR 2 will appear in servers and desktops first, however, starting in Q1 2004. Hence Intel's validation of Micron's 110nm 400MHz and 533MHz DDR 2 256Mb parts. According to Micron, the former is destined for server usage, the latter for high-performance desktops. Last month, Intel said it will invest $450 million in Micron to help the memory maker boost its DDR 2 output. Intel has put money into other memory companies, such as Elpida, in a bid to drive the production of DDR 2, which it has chosen as a key memory technology for 2004 and beyond. ® Related Stories Intel i855GME to pave way for 'Centrino 2' next year Intel pays Micron to boost DDR 2 output
Tony Smith, 16 Oct 2003

Intel's Grove blames unitease on TWHRUPBS

AnalysisAnalysis A transcript of Intel co-founder Andy Grove's important speech warning of an apocalypse facing the US software and services reaches us. A detailed analysis - and last week, we could only skim the surface - suggests things are far worse than we feared. Grove pulled no punches in front of his audience of Washington politicians and policy makers at the Global Technology Summit. "One cannot help but ask the question, is this psych calquestion or TKOSZ?" Grove asked. "Do we have the national goal to take purpose FM action?" he demands. Grove intended his speech to shake up complacency amongst policy makers, who have underestimated the technological investment made in India and China. FM action, or no FM action, the US is in danger of lagging, he warned: "It is well recorded and well-known that U.S. based university violates enrollment in science and engineering has been trending downward over the last decade, and compounding this is that th tragedy levels drivers of innovation industry are 50% or greater than 50% for TPHARLS, the STAOEUPBLD a TPOURPB factors former nationals." And if that wasn't bad enough. "Increasing foreign analysis ruin either because they want to or SPWAEF to." "UnSRAOERTS need to do research on productivity related technology in the software and service industries which are the higher evaluated industries that we are ping our HOEPGS on need to generate STPRAOUPBDZ." Which we've seen time and time again. Grove also warned that intellectual property litigation was a threat to innovation and productivity. Noting that software patents have "psych rocketed", he blamed TWHRUPBS first and foremost. Grove's speech was unusual in placing a problem in front of an audience which didn't want to hear any bad news. He squared up to the geo-political context, by appreciating the growing economic power of India and China as power blocs at least equivalent to, or perhaps stronger, than the EU and the USA. And unusually for a CEO, he wasn't asking for corporate welfare - simply making a plea that the US education system starts churning out something more useful to him than burger-chomping dummies. Then again, we'd never thought of the TWHRUPBS angle. We hope to give you a less "raw" transcript as soon as we can. ® Related Link Put TWHRUPBS First [Grove raw and unedited - 160kb Word document] Related Story Intel's Grove: US software, services face meltdown
Andrew Orlowski, 16 Oct 2003

Transmeta Q3 sales slump

Transmeta yesterday admitted its sales had fallen by almost half between the second and third quarters of its current fiscal year and almost 60 per cent down on Q3 2002. Sales for the three months to 26 September totalled $2.7 million, down 47.1 per cent on the previous quarter's $5.1 million and 57.8 per cent on the $6.4 billion it recorded for Q3 2002. The plunge saw the company's loss widen to $23.7 million (17 cents a share) from Q2's $22 million (16 cents a share) and the year-ago quarter's $21.8 million (16 cents a share). The current, fourth quarter isn't going to get any better. Despite launching its new Efficeon processor on Tuesday, Transmeta reckons its sales could halve again at worst - at best, they'll stay the same - with a loss of around 15-17 cents a share. That's excluding $3 million worth of non-cash amortization and deferred compensation charges. Q4 operating costs are likely to stay at around $18.5 million. Cash at the end of December should be approximately $52 million, after a regularly scheduled payment of $7 million to IBM in accordance with the two firms' technology licensing agreement. So the company can keep going for at least a few quarters yet. In the meantime, it needs to wish like crazy that Efficeon starts attracting a broader range of customers. In what's almost an admission that it doesn't expect to sell too many chips, the company reiterated its plan to offer the intellectual property bound up in its processors to other chip makers. President and CEO Matthew Perry said Transmeta has seen "significant interest from several parties" for its LongRun power management technology. ® Related Story Transmeta plots Efficeon roadmap to 2GHz
Tony Smith, 16 Oct 2003

Sony to work with Intel on mobile music tech

Sony's Music division has selected Intel's next generation of PDA processor, codenamed 'Bulverde', as its mobile processor of choice, the company effectively said yesterday. The deal the two firms announced will see the two co-operate to bring Sony's content to Intel-based PDAs and cellphones. The pair will create applications that run on Intel's hardware yet leverages Sony's content. Intel has already decided multimedia will be a key component of phones and other handheld devices in years to come. That's why it's building the MMX multimedia instructions it developed for its Pentium processors into the next generation of its XScale chip line, Bulverde. That processor is due mid-2004, and has been described by its maker as enabling an "Xbox in a phone" experience. The chip also incorporates better power management and digicam support - essential for the increasingly camera-hungry cellphone market. The Sony connection is also interesting, but not from a technological standpoint. While you might expect Sony's Computer Entertainment division to be keen on Bulverde's scope for improving 3D mobile gaming, music is actually pretty low-tech from a playback perspective. It's also fairly platform agnostic, in that whatever format its encoded in can be decoded by an app on any suitable processor. Bulverde's Wireless MMX technology will improve playback, but it will do so for content from Sony Music's rivals too. No, what's interesting about the announcement is that Sony, as a content creator, is preparing itself for the next wave of personal entertainment technology. Having missed the boat somewhat on the Internet - as the Napster saga to ably demonstrates - Sony, for one among the giants of the music industry, wants to make sure its ready for a world where we all perhaps listen to rented music on mobile devices. It's too early to say whether Sony Music will itself offer such services, work with partners like cellular carriers and handset makers, or both, but it's clear the company is researching the technology and what it services it will enable. ® Related Story Intel preps 'Xbox in a phone' XScale chip
Tony Smith, 16 Oct 2003

Gates: MS has 20m mobile market share, heads for 60%

Microsoft, previously thought to be finding the achievement of a million shipped phones somewhat challenging, already has 20 million and will shortly achieve 60 per cent of the market. Or at least, that's what Bill says. Microsoft's marketing people do tend to use a bizarre form of counting which, if employed on the financial side, would surely get the Redmond beanies sent to prison for a very long time, but this one's particularly impressive. Speaking to the European Technology Round Table Exhibition in Berlin this week, reports Bloomberg, Bill Gates came up with this: "If 500 million devices a year is the total maket, and we have 20 million now, then that will easily grow to be 60 per cent of the market... It's not a market where anyone, looking forward, will have 90 per cent of the market share." How very reasonable and modest, you may observe, although the ease with which Gates thinks that 20 million (4 per cent) swiftly multiplies to 60 per cent might just strike you as a tad overweening. How does he manage to make it 20 per cent though? Well, he cites AT&T, Vodafone, Samsung and Orange as outfits selling phones using Microsoft software, and he clearly does not entirely (or even largely) mean phones based on Microsoft's mobile phone platform. He means services, and while 20 million is probably still a bit of a stretch here, it doesn't look anything like so bizarre. And it'd be wrong to just dismiss this as a numbers fiddle to make Microsoft look good in a Bill speech (so OK, we'll stop doing that now) - Gates is actually telling us what is of most immediate importance to Microsoft in the mobile phone market (services, not directly 'owned' handsets), and therefore where it intends to apply leverage. Which takes us on to that 4 per cent to 60 per cent ramp. Microsoft's services deals with mobile phone networks so far have tended to be very dull indeed, link ups that make it easier for business customers to connect their Microsoft mail systems, their desktops maybe, and their workforces' mobile phones being a prime example. Given that there are plenty Microsoft shops out there that find this kind of thing useful it's no doubt a living, but it's not 60 per cent of the business market, never mind the whole handset market, and even in his most optimistic dreams Bill couldn't possibly think 60 per cent share was easy. Possible, inevitable in the long run, yes, but easy, no. And there's absolutely no way that easy access to all of your business-critical applications plays to 60 per cent of the whole mobile phone market. But other Microsoft services do. Normal people tend not to be too bothered about syncing with their desktops, picking up their email on the move or whatever, but they're pretty keen on chat, instant messaging and the like, and they'll do it more if it's easy, and easily available. Microsoft already has IM deals with several mobile networks, and it will undoubtedly get more. There's competition, certainly, but the playing field here is tilted more in Microsoft's favour than elsewhere in the mobile phone services business, and the brand and the weight of the company's existing user base in the computer area will be an advantage. Interoperability, or a lack of interoperability, can also be exploited here in the way it has been in the computer business. Who's going to be quick enough to stop him? Nokia? Sun? AOL? You could doubt that, and maybe in a couple of years Bill really will be Mr 60 per cent. ®
John Lettice, 16 Oct 2003

MS shores up five critical security holes

Microsoft last night issued five security fixes and two patches to defend against less serious security vulnerabilities, in the debut of its recently announced policy of releasing security patches in a monthly batch. Software packages and applications affected by the vulnerabilities include Windows Messenger Service and other components of Windows, along with enterprise apps, such as Exchange, so both businesses and consumers are at risk from the flaws. The Unmagnificent Seven The critical vulnerabilities include a hole in Windows' Authenticode component that could allow remote code execution (MS03-041); a buffer overflow in the Windows Troubleshooter ActiveX Control component of Win2K (MS03-042) and a buffer overrun in Window’s Messenger Service (MS03-043). Microsoft also warns of a critical buffer overrun flaw in Windows Help and Support Centre which "could lead to system compromise" (MS03-044). Meanwhile, enterprises need to be aware of a critical vulnerability in Exchange Server 5.5 and Exchange 2000 Server that could allow arbitrary code execution on servers running unpatched versions of the applications (MS03-046). There’s also a "moderate" vulnerability in Exchange Server 5.5 Outlook Web Access that could allow cross-site scripting Attacks (MS03-047). Finally, returning to the consumer space, there's an "important" buffer overrun flaw in the ListBox and in the ComboBox Control of Windows (MS03-045). Security firm Network Associates warns of the severity of these various flaws: "An attacker can exploit these vulnerabilities by using them to run arbitrary code on a targeted machine. This would allow the attacker to take over control of that machine, use it to launch a further attack, or to deny the use of that machine and its applications to legitimate users." Security tools firm ISS draws particular attention to the buffer overflow flaw in the Windows Messenger Service, which seems to be the worst of a bad lot. Windows Messenger Service (not to be confused with MSN Messenger) is enabled by default on all Windows NT, Windows 2000 and Windows XP desktops and servers. An overview of these various patches can be found here and a consumer-orientated bulletin can be found here. Monthly patches – will it help? Last week Microsoft CEO Steve Ballmer announced a change in the company's approach to issuing patches designed to make it easier for businesses to organise and manage the application of security fixes. Instead of issuing patches on a weekly or ad-hoc basis, Microsoft is releasing patches on a monthly basis. The move is part of Microsoft's ongoing Trustworthy Computing initiative. However, Alan McGibbon, CEO of newly launched UK security firm NetSecure, which specialises in patch management, warns that Microsoft's changed approach is not without its drawbacks. "Monthly security alerts inherently makes things less secure because any new vulnerability will reside on a system for longer. It takes the freedom of choice away from people about whether to apply patches," he told The Register. McGibbon, while welcoming the spotlight Microsoft has shone on the patch management issue, said that he preferred Microsoft's previous approach of "near time alerts". He added that whatever approach Microsoft takes the "onus is on end users" to apply patches by establishing an effective patch management regime, using either internal staff or a third party. "Patch management becoming an increasing problem. It's a resource issue and a skills issue. Part of the problem is that the kind of information Microsoft, or other vendors, provides in security alerts do not help companies to determine business risk. "With over 4000 vulnerabilities reported in 2002 and nearly 2000 vulnerabilities reported in the first six months of this year, companies that don't practice good patch management are at significant risk from hack attacks and other security breaches," he added. ®
John Leyden, 16 Oct 2003

Health, Safety and… BOFH

Episode 24Episode 24 BOFH 2003: Episode 24 "It nearly crushed her!" the H&S feeb blubbers, in an attempt to justify yet another new brainwave. "And you think that we'll avoid workplace tragedy by 'Securely, at a minimum of three points, bolt monitors to immovable desktop surfaces'?" the PFY asks. "Yes!" "What about laptops? Do we need to bolt them too?" "Obviously laptops don't need bolting down," he responds, "they're not as likely to fall. AND not a piece of equipment that would hurt you if it fell on you." "So what about LCD monitors?" I ask. "They could fall, but they wouldn't do you much damage if they fell on you - not even the really big ones." "Well, I suppose would could examine things like this on a case-by-case basis because some pe--" "And speaker systems?" I interrupt "What about those ginormous sub-woofters you see up in your department?" "I think you mean subwoofers," the H&S guy points out. "No, no, sub-woofters - the people that own those big speakers. Some of those speakers are huge! Are you going to make the sub-woofters bolt them down?" "LOOK, I'M ONLY DOING MY JOB!" he snaps suddenly, obviously feeling underappreciated. "And what a fine job it is!" I add, cheerfully. "And we'll happily bolt our monitors down at three places. What's next on your list?" "I'm to check all your fire extinguishers are approved for use on electrical fires." "Be my guest!" I cry, gesturing about the room expansively - loving, as I do, red tape in all it's manifestations. He wanders off extinguisher spotting until he comes across the unit near the door. "This one's not an approved type! It's water! You could get a severe shock from this if you used it on an electrical fire!" "Ah well that IS the visitor's extinguisher," the PFY notes, nonchalantly. "VISITOR'S extinguisher?" "Yes, for visitors. Which we don't have. But, because of the square footage of the control room, you guys made us have one extinguisher for each person in the Control room, plus a spare." "My records say that it should be a CO2 unit!" "Well it was, but it was needed in the Computer room, so we had a bit of a shuffle." "You had a water type extinguisher in the Computer Room!!?!?!" "No, that came from the cafeteria." "How did the cafeteria one get to be here?" "OK..." the PFY sighs, taking a deep breath for the story. "We needed a FLAT-bottomed extinguisher in the Computer Room to keep the door open when we're transferring tapes from the tape safe room to the tape jukebox in the Computer Room. The Computer Room extinguisher had a ROUND bottom, which wouldn't stand up by itself. When we tried to swap them we found the Computer Room one was too tall to fit on this wall hook, which is rather low. So we swapped it with the one in the cafeteria which was shorter." "B-b-but this is the wrong extinguisher for this area - and the one in the cafeteria was supposed to have been a... >scrabble< dry powder one - for oil fires - not the water one you took, and what the HELL are you doing holding a fire-rated door open with an extinguisher? Don't you realise the risks?!?!?" "What risks?" "A fire could spread from your tape safe room through the open fire door to the Computer Room!" "That's ridiculous!" I cry, re-entering the conversation. "A fire's FAR more likely to start in the Computer Room - especially with those flagons of isopropyl alcohol on top of warm equipment." "You're supposed to keep flammibles in the dangerous items cupboard!" "We swapped that with the bloke from stores who was told HE had to keep HIS stocks of isopropyl alcohol in a dangerous items cupboard." "You SWAPPED it? What for?" "His bottles of isopropyl alcohol, I seem to recall," the PFY responds. "This is all going in my report you know!" he threatens. "You should do what you think is best," I say to plactate him. "I will. Now I want to look in this Computer Room." "Oh." "What?" "Well, I'd like to let you in, but if you remember back to last time H&S had a slow day - probably all of six weeks ago - you told us that the Computer Room was a dangerous place and we shouldn't permit visitors." "Which you said you don't have." "No - yet we do have a visitor's extinguisher. Ironic, isn't it?" "Well I still want to look in the Computer Room!" "No can do!" "Why not?" "You haven't been on the Computer Room safety briefing you people insisted that visitors must attend prior to entering the Computer Room." "How about I do that now?" he responds sarcastically. "Are you sure? It's quite involved..." "Positive!" he snaps triumphantly. . . . Ten minutes later . . . "THAT'S RIGHT!" I shout through the Computer Room door and over the halon discharge alarm "KEEP LOW WHEN YOU CRAWL TO THE DOOR, THAT WAY THE HALON WILL HAVE LESS EFFECT!" "Will it?" the PFY asks, peering into the Computer Room. "No idea, but we'll find out when he gets over here and I tell him he dropped his swipe card in the middle of the room." "So that's the safety briefing is it?" the PFY asks. "Lock them in the Computer Room and test the Halon?" "It depends. I've 'prepared' lessons on 'Navigating the Computer Room in the Dark' - which we've always enjoyed in the past - 'The dangers of racks without earthquake restraints', 'Why you should check how secure the grating floor is before stepping into a comms riser' and, if he's still moving, 'Why we always treat wires as live'." "Ooooh, can I teach that one?" the PFY gasps. "Of course you can," I say magnanioumously. After all, Health and Safety is everyone's responsibility. ® BOFH: The whole shebang The Compleat BOFH Archives 95-99 Get BOFH Books here BOFH is copyright © 1995-2003, Simon Travaglia. Don't mess with his rights.
Simon Travaglia, 16 Oct 2003
SGI logo hardware close-up

AMD re-iterates plan to offer multi-core Opterons

AMD has confirmed it will ship multi-core processors - almost a month after admitting it was "inevitable" that the company will make such a move. Interviewed by CNet, AMD CTO Fred Weber said: "We will have a multi-core product." No surprise there. Chairman Jerry Sanders, speaking at September's European Athlon 64 launch, said it's "inevitable that we'll have multiple cores on a single chip". Indeed, at the same event, his engineering colleagues revealed that the architecture on which the Athlon 64 is based - and the Athlon 64 FX and Opteron processors, for that matter - was designed from the ground up to support two cores on the same die. The Athlon 64's on-die North Bridge today can support connections from two cores - dubbed 'CPU 0' and 'CPU 1' in AMD's documentation. Weber also said that the next generation of AMD's 64-bit architecture, codenamed 'K9', will begin sampling during the second half of 2005.* Curiously, that's the same timeframe the company is believed to have specified for the release of dual-core Opterons, suggesting that K9 is simply 'K8', the architecture on which today's Opterons and Athlon 64s are based, with the second core in place. Intel's first dual-core Xeon chip, codenamed 'Tulsa', is due to ship around the same time. Weber also said that AMD is exploring its own implementation of simultaneous multi-threading (SMT) technology, a technique already implemented by Intel (as HyperThreading) in Pentium and Xeon products, and soon by IBM in its Power 5 chip. Weber's Microprocessor Forum keynote acknowledged that chip designers in the future will look to multiple cores each processing multiple threads, which is probably as close to a 'we're going to do it too' statement as we're likely to get right now. When chip makers speak about the industry generically, they tend to be thinking about themselves. However, Weber gave no indication as to when SMT might appear in an AMD processor, or whether that chip will be K9. ® * 2005's other big launch is, of course, the return of Doctor Who. How appropriate then that AMD codenamed is next generation of 64-bit chip after the good Doctor's robot doggie. Let's hope the chip works better than the mutt, which we recall was always breaking down, being written out of stories before being dumped altogether... Related Stories Dual-core Opteron to ship late 2005 Multi-core Athlon 64s 'inevitable' - AMD Intel commits to multi-core Pentiums, Xeons, Itanics
Tony Smith, 16 Oct 2003

VeriSign's Site Finder is undead

VeriSign is to relaunch Site Finder, its highly controversial domain typo redirection service. VeriSign suspended Site Finder earlier this month, following an order from ICANN, the Net governing body, which claimed the company was in breach of its terms of operation. Site Finder was launched in September when VeriSign applied a "wildcard" entry into the .com and .net Top Level Domain zones. This redirects traffic that would otherwise have resulted in a "no domain" response to the controversial search site. In a meeting with members of an ICANN committee this week, VeriSign argued that technical concerns about the effect of the service on affecting the stability and operation of the Net were overstated. VeriSign acknowledged that it introduced Site Finder without any consultation, saying that next time it will give 30-60 days notice. It also agreed to make certain changes. But the basic concept of Site Finder remains the same. When VeriSign resurrects Site Finder, it plans to add a second DNS wildcard entry, called an MX wildcard, which will prevent email servers trying to send email to non-existent domains. It's also promised to offer local language variants of the site. These measures cut little ice with critics who argue that VeriSign's changes are forcing other systems administrators to make changes to their systems. One participant of the meeting, David Lesher, commented that of seven outstanding issues identified by VeriSign, only two require action by the company. He said this amounted to a 'Site Finder' tax, IDG reports. Some network administrators adopted technical countermeasures, such as installing a modified version of BIND (the ubiquitous DNS Server software), to negate Verisign's wildcard changes. However anecdotal evidence suggests that these measures are not without their problems either. Critics of Site Finder argue that Verisign is abusing its position as custodian of the .com and .net domain registry. Site Finder has also drawn legal fire from its competitors. In September, registrar Go Daddy Software and search engine firm Popular Enterprises both filed lawsuits seeking a temporary restraining order against VeriSign. Both companies accuse VeriSign of "hijacking" surfers who get lost on the Web. Similar flak can be expected when VeriSign relaunches Site Finder. Buckle in - it's going to be a bumpy ride... ® Related stories All your Web typos are belong to us VeriSign DNS change broke my HP printer (letters) BIND developer blocks VeriSign Net grab move ICANN urges VeriSign to suspend SiteFinder Related stories Users 'vote with their mouses' for Site Finder VeriSign bows to ICANN, suspends Net Grab Spinning SiteFinder: FUD, brought to you by VeriSign
John Leyden, 16 Oct 2003

Spammers struggle with words

With spam blocking companies trying to ward off the latest advances, spammers are making strenuous attempts to get around e-mail filters. Their latest ploy: Spam with subject lines that read ^G.et^ a BUL"KY 'PO;L`E or ‘Extend y:ou^r r;od` ^easy’. Say again? The majority of anti-spam software currently on the market, still use keyword or trigger-word lists to identify and eradicate spam. With all kinds of word tricks or empty HTML tags to break up suspect words, some of the spam manages to pass through these scanners undetected. But it is getting harder and harder. Email blocking software is getting smarter too. The newest filters often use a scoring system to determine whether a message is spam or legitimate, and they’re winning. With most of the spam, you will still find the words Viagra, insurance or penis in the subject line, but those are easy to detect. The old trick was to chop up these words with random computer code. Separating letters with commas or spaces - "L-o-o-k younger" - can also trip up some filters, but less so than a couple of months ago. Some spammers try to pass filters by inserting random dictionary words, or by attaching a big chunk of neutral text, typically from a book, but according to this report it is a losing battle. The appended text doesn't look like spam, but nor does it resemble normal email. So it gets killed. Intentional misspellings (such as ‘V1agra’) end up having higher spam probabilities than the words the spammers intend to conceal, and breaking up words has the same effect. Sending the spam hidden within a Javascript program fails for a similar reason. The other trick is to pretend that the message is from someone you know. However, since more and more Internet users are getting streetwise and won’t open messages from complete strangers, messages with subject lines as ‘Lets work this out’ or ‘I don't ‘understand’ prove increasingly ineffective. Lately, more and more spam seems to carry peculiar subject lines as "great meds at attractive price dtsprfguoyufnlrikbunwejtfbregm" or "ebay insiders club. hundkysga". The weird characters are created automatically and randomly so that thousands of messages don't arrive with the same subject line, which filters know they can discard as spam. Spammers probably think that by adding more and more garbage to their messages, they get a higher hit rate. Although the trick may fool some scanners, spammers forget one important thing. No one in his right mind is going to open up a message that reads ‘C;ome v;isit o,ur do-ctors v^aek?’. It could be Swedish for all you know. By talking gobbledygook, spammers have found the perfect way to eliminate themselves. ®
Jan Libbenga, 16 Oct 2003

Beefed-up firewall, new version of Update for XP SP2

The nature of the mysterious components of the 'security update' to ship with Windows XP Service Pack 2 is becoming clearer, and SP2 itself could be becoming nearer. Steve Ballmer told us approximately what the update was supposed to do, but not how, in his security manifesto last week, but Paul Thurrott has some specifics, the most important being that the update to the built-in firewall will include features from Microsoft Internet Security & Acceleration Server, including outbound scanning capabilities. ISA Server itself has an update in beta, but you can get an idea of the differences between it and the current XP Internet Connection Firewall (ICF) from here. Note that the two are described as complementing one another, but that's more a case of Microsoft product positioning for the business market, and clearly doesn't apply elsewhere. Note also that Microsoft categorises ICF as "limited baseline protection for a home or small business network," i.e. as it shipped in XP it was never seriously intended to do front line firewalling on its own. Recent events however have changed the situation, and Microsoft is in the unusual position of being on the point of integrating something that there's a genuine need for. In addition, the firewall will ship with on being the default, and if the updating system isn't also on by default in this rev, it surely won't be much longer before it is. These changes will be accepted, possibly even applauded, although previously they'd have been categorised as predatory control-freakery. But it's not all going Microsoft's way. To some extent its not putting a full spec firewall into the first version of XP can be explained by it being reluctant to start wars with firewall vendors, but it also can't have wanted to place itself directly in the firing line. If you ship a mini firewallette that by default is off and that is categorised as "baseline", then clearly it's not your fault if people are too dumb to get themselves proper firewalls. But if you ship something you call a proper firewall and then it turns out not to protect users as they thought they'd be protected, it is your fault. In our estimation, if Microsoft could just not do firewalls and not get the blame, then that's what it would do. It now gets the blame anyway, so it's got to ship firewalls, which had therefore better work. It's tougher than you think, being a monopoly. According to Thurrott, the codename for the security updates is springboard, and they'll be in the hands of beta testers "soon." SP2 is currently scheduled vaguely for first half 2004, but SP2 without the security stuff has been in beta for a while, and it may well be that the fairly large window Microsoft has given itself is intended to allow it to decide how much to put in and make sure from the testers' reactions that there's enough to have a visible impact. If all goes well, it would seem perfectly feasible for Microsoft to pull it forward to to December-January, and other reports suggest Microsoft execs may already be suggesting December. Alongside the firewall, Thurrott says Springboard will also include a new version of Windows Update (which again could be a reason to be cagey about ship dates), and new memory management code intended to deal with common buffer overrun attacks. That last one falls into the category of enabling "customers to more effectively protect their computers and systems from malicious attacks even if patches do not yet exist or have not yet been installed" that Ballmer talked about last week. ®
John Lettice, 16 Oct 2003

Lime Wire launches legal content portal

Peer-to-peer software provider Lime Wire has launched a 'legal download' portal, in a bid to make it easier for its users to find content they are authorised to download. Lime Wire's MagnetMix content portal uses a URL-style location system to pin-point content on the Gnutella network. Content owners who want their material - be it audio tracks, video, photography, written content, a game or other software - can submit the source of their material to the portal. For content owners, it's a way of making their material rise out of the morass of illegally shared songs and pirated DVDs - something that's hard to do even if you host your material on the network yourself. The other option would be to offer your material on your web site, but this way you potentially get closer to your audience. Lime Wire, meanwhile, shows itself to be promoting the use of P2P for legitimate purposes rather than the dodgy ones for which it and its ilk are infamous. At launch, MagnetMix was only able to offer maybe a handful of items in each category, little of it compelling or not widely available from other download sites. But Lime Wire no doubt hopes that content owners will begin adding material in earnest, now the service is up and running. Of course, the snag is that by emphasising what they are allowed to give away - out-of-copyright novels, unsigned bands' demo tracks, royalty free photos, and so on - Lime Wire is highlighting the fact that almost all of the good stuff on offer, the contents that's worth having, isn't legal. And is downloading the complete works of Shakespeare from Gnutella any better than taking it from Project Gutenberg? Or downloading a software update or shareware tool via MagnetMix any better than getting it from the manufacturer or downloads.com? No, it's not, and that's the problem Lime Wire and co. face trying to build a solid business out of P2P. Only by providing a large enough collection of legal content can they persuade us that the $20 they charge for the ad-free version of their client apps - or the revenue they make from ad sales - isn't ultimately being made on the back of illegal content swaps. But in doing so they de-emphasise exactly what differentiates them from all other legitimate download services. ®
Tony Smith, 16 Oct 2003

Prescott set for 90-100W power draw – Intel

'Prescott' will never exceed 100W of power dissipation, Intel said today, in a bid to keep the heated debate over the as-yet-unlaunched Pentium processor's thermal characteristics from bubbling over. "The Prescott thermal envelope will be between 90W and 100W," a spokesman told The Register. "This [will apply] throughout the entire life of the product, not just for the launch." That marks the first time the company has come clean and put a precise figure - well, a pair of figures - on the next-generation processor's heat-generating potential. Japanese web site PC Watch set light to Prescott's thermals during the summer when it claimed internal Intel documents it had seen said the chip operated at 100W - 15W more than today's top-end Pentium 4 processor. Since then, some sites have even claimed that the chip will consume up to 110W and even 120W. During this time, Intel has steadfastly refused to comment on the specifics of Prescott's thermal characteristics ahead of the chip's official launch, believed to be set for early December - though some reports suggest it has been put back to a January/February 2004 timeframe, after the part has begun shipping to customers. At Intel Developer Forum, company CTO Pat Gelsinger said that 100W was OK for a desktop computer. While he wasn't referring to Prescott directly, his words did seem to confirm the suggestion than Prescott would run rather hotter than its predecessors. And now it's official: Prescott will run at 90-100W. The statement confirms PC Watch's original claim. Earlier this year, Intel roadmaps had the part running with a power consumption closer to the current P4. However, the figure changed over the summer, as spotted by PC Watch. Speaking during a conference call after the announcement of the chip giant's Q3 financial results, Intel President Paul Otellini this week said: "We ended up changing the thermal target for Prescott." Albeit only "slightly". ® Related Story Intel admits it 'changed' Prescott thermal target Gelsinger: 100W power dissipation 'OK' for desktops
Tony Smith, 16 Oct 2003

SunnComm CEO demands to be called a ‘laughing stock’

LetterLetter re: SunnComm shrinks from DMCA threat A couple days after SunnComm backed down from its threat to sue a Princeton researcher, the company's CEO Peter Jacobs sent the following letter to El Reg expressing displeasure with our coverage of the incident. Subject: In Britain... does one re-write stories from other writers without talking to the principals? MediaMax under widespread ridicule? I think not. You obviously didn’t understand that Mr. Halderman discovered NOTHING except how to draw the press to him like a magnet. Here’s yesterday’s BOSTON GLOBE article which you might consider using as a roadmap to help navigate the bandwagon you jumped on.  Boston Globe story pj Peter H. Jacobs Chief Executive Officer For the record, we did call SunnComm for comment, but the PR specialist on the phone did not make Jacobs available. That matter aside, we turn to Jacobs' recommended "roadmap" for reporting. The SunnComm CEO objected to our use of the phrase "widespread ridicule" to describe how hundreds of stories had lambasted his company's DRM technology. So how does the "roadmap" describe the situation? "SunnComm became an Internet laughingstock, and the enraged CEO, Peter Jacobs, threatened to sue Halderman for spreading false information about MediaMax. He even suggested the possibility of prosecuting Halderman under the Digital Millennium Copyright Act, an absurd statute that forbids attempts to bypass antipiracy systems," the roadmap writes. Sorry for being so harsh, Peter, next time we'll call you a laughingstock as well. Be sure to read the roadmap in full. We think you'll find it's a bit of Apples to squirrels comparison of DRM technologies. We haven't heard from Peter since responding to his e-mail, but will be sure to bring you an update should it arrive. ®
Ashlee Vance, 16 Oct 2003

Sun gives glimpse of revised Solaris TCP/IP stack

Sun Microsystems' new Software Express program is alive and kicking with the company delivering a rewritten TCP/IP stack for Solaris that is meant to prepare customers for faster networking technology. The new TCP/IP stack - code-named Fire Engine - has 10 gigabit and 100 gigabit Ethernet networks in mind. Instead of using a "brute force algorithm" to move packets around, Sun has a new packet classification engine to "shunt packets off to special routines that can deal more effectively with that specific kind of packet be it UDP, TCP or IP," said Bill Moffitt, marketing manager for Solaris. This is early access, not terribly useful technology as of yet to be sure, but it's interesting for a couple of reasons*. (We later found out the technology does indeed have an immediate impact, please see note below from Sun's CTO of software - Ed.) First off, it's the first public code dump Sun has made as part of the Software Express program. Sun launched Software Express last month to give users an early peek into upcoming Sun code. So far, Sun is only offering up early looks into the future version of Solaris, but it plans to extend the beta-style effort to its entire software line. So far 1,578 customers have signed up for the program, which has two membership options. At no charge, users can download early builds of the upcoming Solaris 10 operating system and see the latest and greatest add-ons Sun has completed. For $99, however, you can receive first class treatment. Sun provides paying customers with a roadmap as to what features are coming when, chats with Solaris engineers and the "opportunity" to report bugs and suggest changes. The pay program is aimed at large Solaris customers who want to plan ahead knowing what the OS will bring and have some input on its direction. The second reason the revised TCP/IP stack stands out relates to ties ins the software has with future processors from Sun. Sun has geared the Fire Engine code to sort through packets and then offload them onto to specialized NICs for processing. Today, companies such as Alacritech and Intel are building TOE (TCP/IP offload engine) cards to handle the TCP/IP stack and take some of the burden off of main processors. In the future, however, Sun plans to build TOE-like processors right onto its chips. Sun is looking to roll out multicore processors in the next couple of years that might have a few cores dedicated to churning through instructions and then another couple of cores aimed at handling TCP/IP and security data. "We are seeing microprocessors become like microsystems where more and more functions are built-in to the silicon," Moffitt said. "We will be able to shuttle specific packets into hardware related routines." So while it may be neat for a customer to see Fire Engine now, it's not all that useful in the short term. (Again, our mistake - Ed.) Sun has no drivers for currently available TOE cards, meaning customers will need to wait until Sun is good and ready to use the technology. But the idea isn't so much to use Fire Engine but to know it's coming. In case you had any worries that was completely ignoring improving Ethernet speeds, have no fear. *Note from John Fowler, Sun's CTO of software: This is not just about taking advantage of future hardware, someday. Beyond being a huge tuning effort and kernel fastpaths, there are a number of fundamental changes. For example, in other operating systems (and today's Solaris) all of the traffic from a particular NIC gets bound to a process that runs on one CPU. With Fire Engine, a single NIC actually can take advantage of multiple CPUs so, in the above uniprocessor configurations, it's faster. in addition, we did work to efficiently handle many NICs, so combinations of NICs and CPUs scale. The upshot of all this stuff is that customers will notice quite measurable differences in latency and bandwidth improvements in networking on existing machines. It shows up in internal benchmarks, and it shows up in real-world workloads from the smallest uniprocessor on up. Also we focused on CPU utilization. One of the little secrets of networking is high speed interfaces can in fact pump lots of bits, but they chew up lots of CPU, which means you aren't doing other things. We worked hard on efficiency, and we now measure, at a given network workload on identical x86 hardware, we use 30 percent less CPU than Linux.  Fowler is one of the top IT exces around, and we thank him for this insight. Looks like Sun has some interesting things cooking for Solaris x 86.  ®
Ashlee Vance, 16 Oct 2003

VeriSign sells off NetSol

VeriSign today announced it has signed a definitive agreement to sell off the registrar and hosting business of its Network Solutions subsidiary to Pivotal Private Equity for approximately $100 million. But VeriSign will retain the registry business it obtained when it acquired Network Solutions three years ago. This business was recently renamed VeriSign Naming and Directory Services when it became part of VeriSign's Internet Services Group. That means VeriSign remains custodian of the .com and .net domain name registries - so its plans to relaunch its controversial Site Finder service remain in place. Under the terms of today's agreement, VeriSign will receive approximately $60 million in cash and $40 million in securities for selling a majority stake in its Network Solutions to Pivotal Private Equity. VeriSign will retain a 15 per cent equity stake in Network Solutions. The transaction, which is subject to certain closing conditions, is expected to close in Q4 2003. Said Stratton Sclavos, Chairman and CEO of VeriSign: "We believe that this transaction will strategically position VeriSign to focus exclusively on our core mission of providing critical infrastructure services for the Internet and telecommunication networks, while allowing Network Solutions to pursue its own independent strategy in the Web presence market." ®
John Leyden, 16 Oct 2003

Why Unpatched got unplugged

PivX Solutions has explained the rationale behind its decision to pull a Web page that documented unresolved vulnerabilities with IE. The page (available at time of writing via Google cache)documented 31 unpatched vulnerabilities involving Internet Explorer, but was pulled last Friday. After Microsoft released a new patch (MS03-040) which renders several IE vulns obsolete, PivX became convinced of "a sea change in Microsoft’s commitment to rid its IE browser of the vulns". Taking "Microsoft’s recent positive actions" together with the current rise in attacks against IE into account, PIvX decided to pull the page, after deciding it was doing more harm than good. "As the ubiquitous browser that is utilized to access the Internet, we all depend on IE too much to have crooks, social deviants, malcontents and crackers messing with our lifestyles and our livelihoods," PivX said in a statement explaining it decision. Which, to say the least, is something of a turnaround given how critical PivX has been in the past to air Microsoft's dirty laundry. Rob Shively, PivX chief executive, said the unpatched page has outlived its purpose, but PivX remains committed to security research. "For our part we have not abandoned our research, in fact, we have increased it substantially with the addition of several new full time researchers. Our commitment to disclosure is as strong as ever too. However, we are committed to responsible disclosure in this instance," Shively told The Reg. "We received quite an awakening when we first took the page down last Friday. Among the several thousand people that emailed us there was a vocal minority who were very nasty in their posts. That only strengthened my resolve. If we can keep one cracker from getting the early jump on developing an exploit to a vulnerability that we posted on ‘Unpatched’ then this new approach will be deemed a success, irrespective of what Microsoft does." So if outstanding vulnerabilities PivX previously publicised are not fixed within (say) 90 days would it re-instigate the page or is it gone for good, we asked. Shively told us the company is developing a tool which "should be released in a week's time" that will enable users to be protected from the vulnerabilities that we find and which are or remain unpatched. PivX is also considering the production of a periodic newsletter to share its research with select members of the Net community. "We are not leaving the 10,000-20,000 system admins who have come to rely on the information contained on ‘Unpatched’ in the dark," Shively added. ®
John Leyden, 16 Oct 2003

Sun struggles in Q1

As warned, Sun Microsystems posted underwhelming results for its first quarter, but the company's gripping conference call with financial analysts more than made up for the sub-par numbers. For the period ended Sept. 28, Sun reported revenue of $2.54 billion, which is an 8 percent drop from the $2.75 billion reported in the same quarter last year. The company posted a net loss of $286 million in this year's Q1 versus a net loss of $111 million last year. On top of the revenue slide, Sun was unable to generate cash from operations. The company takes great pride in generating cash even in tough times, and this certainly came as a blow. Sun's CFO Steve McGowan did his best to put a positive spin on the news. "Despite our challenges this quarter, we reached the highest level of services revenue ever for a fiscal first quarter and we made strong gains in the 1-2 way server market," McGowan said. "We reduced SG&A expenses by $84 million year over year, and although cash flow from operations was a negative $49 million, we exited the quarter with a cash and marketable securities position of over $5.5 billion." McGowan then walked through the results in detail, pointing to a 4 percent rise in services revenue year-on-year to $902 million and a 13 percent decline in product revenue to $1.63 billion, which includes a 4 percent drop in storage sales. Revenue in Europe was down 3 percent, Japan was down 26 percent and the rest-of-the-world was down 9 percent year-on-year. Sun added that it saw an unfavorable mix of high-end and low-end servers that hurt margins. Sales of the lower end V210 and V240 servers outpaced those of higher-end Sun Fire 12K and 15K servers by a wider than normal margin. After dolling out these rather grim facts, Sun's volume systems chief Neil Knox jumped on the horn for a brief advertisement. He rattled off a number of facts about Sun's new Intel-based servers, Solaris x86 and low-end Sparc systems and how Sun beats Dell on price just about everywhere possible. "We are doing what we need to do to make sure Sun stands for price performance," he said. "Please stay tuned for some more exciting announcements that will be coming this quarter. And now, back to you, Scott." Sun's CEO Scott McNealy found the infomercial as bizarre as we did. "Thanks, Neil," he said. "Do they get a Ginsu with that?" McNealy took over at that point and returned a bit of respectability to the call. Sun has endured a recent onslaught of critical analyst reports, calling for mass layoffs at the company and a change in strategy. Sun has only reached profitability a couple of times in the last two years, and the analysts are pressuring the company more than ever to say when it will be able to stay in the black. A recent $1 billion charge did not help matters. "We are doing our best to be a disruptive innovator," McNealy said. "We think it's working. It's not showing up in the numbers, and we're not happy with that, but we'll keep plugging away." McNealy noted that Sun has picked up 60 customers for its N1 software/hardware management technology and has 90 bids for the new Java Enterprise System software stack. He urged that these are both spots of hope for the company. This was not enough to silence one of Sun's most vocal critics - Toni Sacconaghi, analyst at Sanford Bernstein. Sacconaghi pushed McNealy to say whether or not the board had a hand in refusing another round of layoffs or if this was just a CEO whim. As always, the analyst did so with eloquence and fairness, as he is a shining star in an otherwise tarnished profession. After some teeth-pulling, McNealy assured the analyst crowd that the board and his top level staff agreed that the time is not ripe to make more job cuts. "I have had a lot of talks with customers and none of them are saying, 'Please stop doing R&D,'" McNealy said. "None of them have said, 'Please back off on all the services and support.'" Sacconaghi pushed again in what became a rather tense moment of the call. "Is there not an imperative to at least toss around the pros and cons (of job cuts)?" he asked. "I am trying to understand how formally that was done. If this performance is repeated, what kind of assurance do shareholders have that Sun will be more firm in expense reductions going forward." "The board has been involved every step of the way," McNealy responded. "I think we need to give this thing a little longer to ride." For those who don't have time to spend listening McNealy and Sacconaghi duke it out, we hope this gives a flavor of the affair. Both men are quite good at what they do, and their sparring matches are a treat. The same cannot be said when Merrill Lynch's lip gloss guru Steve Milunovich decides to show up for a call. The Loon charged that the "old Sun" had a singular focus on Sparc chips and Solaris. He wanted to know where this focus has gone and how Sun could repair its public image. (This question coming from an analyst who just weeks ago recommended that Sun drop Sparc and did so in the most public way possible, penning an open letter to McNealy.) "Well, you could help," McNealy said, wondering how Milunovich's call got past the operator. "I'm trying, but you're not listening," Miloonovich replied. The conference call having denigrated into a tit-for-tat squabble. McNealy then tried to make nice by complimenting Milunovich's new pair of polka-dotted thigh-highs and snazzy Hello Kitty backpack. Well, okay, the conversation didn't turn that ugly, but it may as well have. The analysts across the board pushed Sun to answer some tough questions. They've started calling more and more for Sun to bring in a strong number 2 to back McNealy up and are asking to see near-term results from a company that has very much a long-term strategy. If Sun's current software strategy does not start helping the bottom line quick, it's only going to get uglier for Sun in the coming quarters. The company has plenty of cash to wait for its hardware bets such as multicore chips to pay off, but one wonders if the fierce financial mob will get to it before then. ®
Ashlee Vance, 16 Oct 2003