3rd > November > 2003 Archive

September world chip sales rise 6.5%

The chip business' fortunes have cycled round to a more positive time, if the latest figures from the Semiconductor Industry Association (SIA) are anything to go by. The each month's increase in sales over the previous month does appear to be accelerating. September's worldwide chip sales totalled $14.4 billion, up 6.5 per cent from August's $13.6 billion total, itself up four per cent on July's figure of $12.9 billion. During the first six months of 2003, the monthly sales total hovered around the $12.3 billion mark. For the three months through to the end of September, chip sales reached $43.3 billion, up 17.5 per cent on Q3 2002 and up 13.7 per cent on Q2 2003's $38.1 billion. Sales in Q1 totalled $36.4 billion. The SIA identified increasing demand for PCs as the quarter's key driver. Memory chip sales rose 33.2 per cent during the quarter, while processor sales jumped 23.9 per cent. The PC arena represents 30 per cent of the end-user market for semiconductors, so recovery there is essential to the revitalisation of the chip business. Quarterly sales in Asia Pacific rose 19.1 per cent, Europe was up 12 per cent, Japan 11 per cent and the Americas 8.6 per cent over Q2. ®
Tony Smith, 03 Nov 2003

Why Spamcop got yanked

Anyone who tried reporting spam to the popular Spamcop service this weekend got a nasty surprise. The site had bizarrely disappeared. And no, it wasn't a server outage. Joker.com, the German service that registered the Spamcop.net domain name, decided to yank the Spamcop.net domain name from its database, citing false Whois information. The Whois database records the contact information for each registered domain in the DNS, the data query service used for translating hostnames into internet addresses. On October 15, Spamcop.net owner Julian Haight received an email from Joker.com, which claimed that "the address-record of the owner of this domain is incomplete or wrong". Haight discovered that only thing wrong about the record was a disconnected phone number. He corrected the number using Joker's own web-admin interface and figured that would be the end of it. Not for Joker.com. The registrar pulled the plug on Spamcop.net last Friday (October 31). "It appears that a false complaint can spur a process, whereby the owner of the domain must fax a signed response or face termination of service," Haight writes. 'It should be noted that the original complaint (about the incorrect phone number - The Reg) was false and presumably malicious in nature - a human-engineered denial of service attack.' Joker.com corrected the mistake and from today (Monday) Spamcop is alive and kicking again. The interesting thing is that Whois records are chockful with incorrect details. Spammers frequently register domain names using bogus zip codes, real-looking phone numbers that turn out to be nonexistent or disconnected; and countless email addresses that bounce. Joker.com's databases are no exception. In September, the Bush administration ordered The Internet Corporation for Assigned Names and Numbers (ICANN) to improve the "accuracy of Whois data." However, not much has happened. Registrars only seem to respond to complaints, even incorrect ones, and do very little checking themselves. ® Related stories The conspiracy against our in-boxes MP unleashes brilliant anti-spam plan Spam fighters defeat nuisance junk mail lawsuit Sobig linked to DDoS attacks on anti-spam sites
Jan Libbenga, 03 Nov 2003

Thus ups revs, narrows losses

Thus, the Scottish telecoms outfit behind the Demon Internet brand, reckons it's on course to make some cash. For the six months to the end of September, turnover was up 10 per cent to £157.5 million, compared to £143 million last year. At the same time, Thus narrowed its pre-tax loss by 67 per cent to £10.2 million - down from £30.8 million during H1 last year. In its Internet business, turnover grew 10 per cent to £48.6 million with the number of broadband punters topping 50,000. In the UK, Thus now has 39,000 punters, while Demon Netherlands has more than 14,000 high-speed Net users. In a statement Thus chief exec William Allan saidthe telco had "delivered sustained turnover growth…demonstrating rapid progress towards our target to be net cash flow positive on a sustainable basis". Although still cautious about the economy and the state of the telecoms sector, he said the business is on a "steady trajectory to turn operating profit positive in the second half of the next financial year ending 31 March 2005". And even though revenue from its contact centres dipped - following the loss of a Microsoft account - this part of Thus' business is "confident of recovery". Last month, Thus announced it was planning to create 250 new jobs at its call centre in Glasgow. ® Related Stories Thus creates 250 jobs in Glasgow Cliff Stanford denies hacking Redbus
Tim Richardson, 03 Nov 2003

Dangerous Mimail variant knocks over anti-spam sites

UpdatedUpdated AV vendors are warning of the spread of a dangerous worm, called Mimail-C, which offers racy pictures but delivers only fresh misery for credulous Windows users. Another variant, Mimail-D, which attempts to DDoS anti-spam sites, is also causing considerable Net disruption. Mimail-C normally spreads through email using its own Simple Mail Transfer Protocol (SMTP) client. Infectious emails typically have subject lines such as "Re[2]: our private photos ???" and a compressed file attachment (photos.zip) which contains an executable file named photos.jpg.exe, as explained in a Trend Micro advisory. As usual, this is a Windows-only menace - Linux, Mac, OS/2 and Unix users are immune. Windows users who open the executable file get themselves infected. Thereafter the worm scours the hard disk of infected machines for the email addresses of potential victims. The worm fakes the sender's email address by composing it from 'james@' and the domain name of a recipient. Mimail-C tries to perform a DoS (Denial of Service) attack on certain sites and to steal information from infected computer users, as explained by Kaspersky Labs here. Most AV vendors rate Mimail-C as medium risk. Although it's certainly dangerous and spreading, Mimail-C has yet to reach epidemic proportions. According to email filtering firm MessageLabs, the original Mimail-A worm is much more common. This may be explained by the use of certain Windows exploits with Mimail-A that are not featured in Mimail-C or other variants of the worm. Mimail-C and Mimail-D were both first spotted on Friday (October 31 - Halloween). Mimail-D attempts to DDoS anti-spam organisations Spamhaus, Spamcop, and SPEWS. Mimail-D has a different subject line (typically "don't be late!") and attachment name (readnow.zip) to Mimail-C, but is otherwise similar. Mimail-D, which is also (confusingly) called Mimail-E by some AV vendors, is less common, so far, than Mimail-C. Even so the DDoS attack against Spamhaus created by Mimail-D has made the site almost unreachable today. Mimail-D is designed to cause infected computers to each begin making overwhelming amounts of bogus requests to Spamhaus.org's web server. The worm also attacks the web servers of spamcop.net and spews.org. In a statement, Spamhaus said Mimail-D is the "latest in a string of viruses, each one released by spammers for the purpose of creating a vast worldwide zombie network of spam-sending machines and building an attack network consisting of hundreds of thousands of virus-infected zombie machines with which the spammers then attack anti-spam organizations". Standard defence precautions against viral attacks from all variants of the worm: users should update their AV signature definition files to detect the virus and resist the temptation to open suspicious looking emails. ® Related Stories Sneaky virus poses as email from sysadmin (Mimail-A) Sober email worm gives Windows users the DTs Joe Average User Is In Trouble The trouble with anti-virus
John Leyden, 03 Nov 2003

Apple blames Oxford for Firewire data loss bug

Apple and 1394 chip maker Oxford Semiconductor are each blaming others for data lost when some Mac users upgraded to Mac OS X 10.3, aka Panther, in the week following its release on 24 October. The problem emerged on official and third-party support forums early last week, when users who had upgraded to Panther while their external Firewire drives were connected to their computers, found information stored on said drives had been irreparably damaged. Some users reported experiencing data loss when they rebooted into Panther with their drives connected. Users have claimed to have experienced the problem with both 400MBps and 800MBps versions of 1394, but late last week Apple issued a statement acknowledging the problem with FireWire 800 drives. The Mac maker laid the blame at Oxford's door: "Apple has identified an issue with external Firewire hard drives using the Oxford 922 bridge chip-set with firmware version 1.02 that can result in the loss of data stored on the disk drive. Apple is working with Oxford Semiconductor and affected drive manufacturers to resolve this issue, which resides in the Oxford 922 chipset," the company statement said. However, Oxford issued a statement of its own, effectively passing the buck back on to hard drive manufacturers. "Currently we believe this issue relates to a change in the way Panther uses FireWire that affected version 1.02 of the OXUF922 driver software," the Oxford statement reads. However, says Oxford, "a new version, 1.05, was issued by Oxford Semiconductor to the manufacturers of external drive products in early September". In other words, there was a patch out. The question is, did Apple know about it? If so, why didn't it advise Panther installers to ask their FireWire driver vendors for the appropriate firmware update? To be fair to Apple, it's not its responsibility to liaise between users and third-party product makers. But a polite warning to users would have been politic, particularly since many users will have connected external FireWire 800 drives to back-up their data prior to the Panther install. As we did, albeit with an older FireWire 400 unit. "For firmware updates for OXUF922-based FireWire drive products please consult your manufacturer's website," says Oxford. Until those patches become available, Apple is recommending users keep their FireWire 800 drives disconnected. So far, LaCie, Otherworld Computing (OWC), EZ Quest and WiebeTech have introduced patches to update their FireWire 800 products' firmware. ®
Tony Smith, 03 Nov 2003

Mobile operators as content providers

AnalysisAnalysis We are all now familiar with the dilemma faced by the mobile operators – revenue from traditional cellphone services is slowing, despite the boost from camera phones and mobile email, just as carriers are trying to pay off the huge capital investment in 3G. And to make matters worse, software houses, content owners and handset makers are all biting into the mobile value chain. New research from Booz, Allen Hamilton argues that, with mobile data the main driver of new revenue streams, carriers should cash in through integration – offering not just the network and handset but their own content too. But transforming into a content provider is a strategy beset by risk, in terms of timing, user demand, carrier competency and competition from Nokia and Microsoft. The biggest operators are well down this track already, with Vodafone Live! clocking up 3m users on its first birthday this week, and other multimedia services chasing it. The handset makers are incorporating features into their phones that support ever more sophisticated content delivery, including, this week, Nokia’s first television phone. All this with a view to boosting all-important upgrade sales in the more saturated markets and luring users on to handset models and operator plans that are data-heavy and so carry higher average revenue than voice. That this is the only route to growth for carriers and phone makers has become a truism that is scarcely questioned any more. Nearly all the major operators have multimedia data services now – the grandfather of them, NTT DoCoMo’s i-Mode, has been emulated by T-Mobile’s T-Zones, AT&T’s mMode, Orange World, Verizon’s GetItNow and a host of others. But there are disturbing doubts surfacing about the ‘content is king’ route – doubts that echo the dotcom era, when for a couple of years every web site operator believed it had to provide rich content. This created a massive boost for content providers, followed by a subsequent crash, not only because the dotcom bubble burst, but because it became clear that the only sites that needed sophisticated content were those in the content business themselves – publishers, information service providers and so on. Companies selling groceries online generally did not. Similarly, the fact remains that a majority of people still use their phone almost entirely for voice calls and a bit of text messaging. This will change as the handset and the network become better adapted to content delivery – with ubiquitous 2.5G and 3G networks, larger color screens, decent quality video and so on. But the experience of UK operator 3, which now offers video calls at the same rate as voice, shows that, while phones are rapidly becoming a more amenable environment for content, this does not necessarily mean that operators will be able to charge premium prices. Content business models All these factors mean that only a few operators will succeed in achieving their mobile data ambitions – and even they will face challenges from handset makers who want to offer the mobile environment themselves. Key business choices must be made now, and as in most content-driven businesses, the winners will rely on a few highly desirable offerings – the hottest games titles, music and video clips, the first workable television service, for instance – and on the power of brand, the area where Live! is scoring highly, in Europe at least. This puts considerable power in the hands of the owners of this critical content. When the offering is right, the revenues and profits do follow. DoCoMo has moved almost 40 million of its 46 million Japanese subscribers to i-Mode and claims i-Mode users typically spend 20 per cent more per month than voice-only customers. Nokia is targeting fourfold growth in mobile data revenues to €180bn by 2007. But the right choices need to be made now, rather than adopting a dotcom-style scattergun approach, assuming that quantity of content will win over quality. Operators have two choices – to focus on driving volume of data over their networks in order to grow revenue from increased traffic, but missing out on capturing value from the content itself; or to take the higher risk approach of providing a complete mobile experience under their own brand, as Vodafone is doing, competing on the range and quality of their offering not just volume. For the larger operators with high 3G investments, the latter is the more likely choice, but it is risky. It involves companies with business models based on cost per minute and network efficiency, which left third parties to take the content distribution risk, moving into an unfamiliar world of content marketing and user experience. The carrier-branded feature phones with their unique user interfaces were the first step in this direction, and the evolution of the operator as content provider is the second. Content partners, chosen for their brands and also for their expertise in presenting and marketing their content in an attractive way, will be vital, as will closer ties with handset makers to ensure that the latest cellphones can deliver the multimedia experience effectively. Some operators are even getting into creating content under their own brand – SK Telecom has a boy band specifically formed to promote its 3G service – but this is, in most cases, a step too far. Most users will select content such as games, ringtones and clips on the basis of its own brand, not the operator’s. Content also changes the pricing model. So far most operators have clung to their traditional pricing by time or by volume of data consumed. But those that are serious about content will have to introduce a new charging model that prices per download, particularly for premium content. This will fit with user preferences too – Booz, Allen Hamilton found in its research that 69 per cent of European mobile users would prefer to pay per download, while only 14 per cent wanted to pay per megabyte of data. The role of handset makers The operators are taking on a major challenge. To succeed as content providers they must move from their relatively simple business models of the 1990s to understand a whole range of complex factors from user interfaces, security and pricing to content channels and marketing. And the carriers are not the only companies trying to take this market – Nokia, Qualcomm and Microsoft all believe they can create a content-driven mobile world under their own brands that would relegate the carriers to their former role of network provider and pump most of the real value into the business chain of those three giants. Other technology companies, including nearly all the handset makers, are working far more closely with the carriers, seeming to accept that operators will invest in the brand and the software platform and that the phone makers will profit purely from increased demand for their higher range models. Vodafone and Orange lead Europe in the closeness of their control over handset design, something that was unknown outside Japan until recent years. Sharp, for instance, makes a GX10i model specifically optimized for Live! and branded by Vodafone. This is certainly not the view of Nokia, which is in a branding head-to-head with Vodafone that threatens to have a highly disruptive effect on the mobile industry, especially now that the Finnish giant has set up a dedicated division for Media. This will house its most advanced, content-oriented handsets, such as the new 7700, the unit’s first product, launched this week. The 7700 is Nokia’s first ‘media category device’ designed to provide “a mobile internet and personal media experience”. It has a full browser and large 65,000-color touchscreen optimized for internet and video content viewing, and also incorporates music and video streaming, VGA camera, FM radio, MMS and content creation tools. The handset, which will ship in Europe in the second quarter of next year with a retail price around €500, can also play television clips, but its successor will have the option of a full TV receiver and tuner. Not that executives in Nokia Media use the word handset very often – these products are heavily distinguished from their humbler cousins in the Mobile Phones division, and are presented as multimedia devices, lifestyle gadgets, content hubs, anything but phones, and always under the increasingly powerful Nokia lifestyle brand. Qualcomm – with Brew and its software platforms for the CDMA world – and Microsoft also have their own portals, content, user interfaces, and applications, though are far behind, in the handset business, in terms of brand. All these parties are constantly hunting not just for more high profile partners but for new types of content that will differentiate their offering and increase the amount they can charge. Television on mobiles The latest content type to catch the operators’ eyes is television, with some looking to mobile broadcast satellites for music and TV delivery to handsets. SK Telecom is working with Toshiba-backed Mobile Broadcasting Company (MBC) to share satellite infrastructure costs and both parties will offer subscription mobile TV and radio services from next spring. Several handset makers are integrating TV tuners into their devices, including Samsung, Sharp, NEC and now Nokia. The carriers are divided, even in Asia, where mobile multimedia usage is most advanced. NTT DoCoMo’s CEO Keiji Tachikawa told reporters recently that TV on mobile will “surely trigger a battle over battery life and a battle over talk time”, arguing that users will spend less time talking and will drain their batteries. Vodafone Japan and NEC are to launch a service, however, with an NEC phone that includes an analog TV receiver and tuner. The manufacturer claims TV is “at the top of the list of consumers’ most wanted features” in Japan. Some handsets are available that can receive free analog terrestrial broadcasts but these pictures tend to break up when transmitted to a moving device. Terrestrial digital TV has far greater potential, and in Japan, one-thirteenth of the digital TV transmission band has been set aside for broadcasting to mobile devices and Sony has already demonstrated a digital tuner module that works in a handset with an OFDM chip. Anssi Vanjoki, executive vice president of Nokia Mobile Phones, is pinning his hopes on the emerging Digital Video Broadcast-Handheld standard, which is designed to conserve battery and cope with moving receivers. This will take a couple of years to be commercialized and to pass some countries’ regulatory hurdles, but in the mean time, many operators are starting to pump television clips directly over their networks. In Europe, Telecom Italia and 3 have led the way, the former’s sports clips service operating even on a 2G network. Chipmakers like Philips are leaping on the bandwaggon, and Qualcomm is developing an architecture called "media flow” for video streaming and TV, although it is cloaked in secrecy right now. Any evolution in the sophistication of mobile content benefits the chipmakers of course. Intel showed its hand earlier this month with a partnership with Sony to optimize Sony Music Entertainment’s applications and content services for the Intel mobile architecture. This is a classic Intel approach in the mobile world, working with key partners to ensure that the most desirable applications work more effectively on its chips than those of rivals, thus boosting user and carrier demand for phones based on Intel PCA. More content partnerships can be expected soon. Short term tactics While operators examine their business models and their future in content, they still have the short term problem that the majority of users are voice-focused and are not upgrading – or have no access to – next generation networks and handsets. Even Live! has less than five per cent penetration of the Vodafone subscriber base (five per cent in the UK, three per cent in Germany). According to a new report by Research and Markets, 95 per cent of operator revenue is still voice-based, most of the remaining 5 per cent is from messaging, and only 0.5 per cent comes from GPRS, WAP, or EDGE data services. And JupiterMedia discovered that US consumers, at least in the next 12 months, are highly price sensitive and favor low cost, basic voice handsets over paying more than $49 in order to get cameras and multimedia features. And what of second tier operators? They do not have the resource to create their own content service, attract the biggest partnerships or spend millions on branding campaigns. They will be confined to trying to increase revenue through the old traffic model, as outlined above – or they provide a new revenue opportunity in their own right for their big rivals. NTT DoCoMo pioneered the practise of licensing its i-Mode service to partners in order to expand its reach in countries where DoCoMo does not operate itself. The ambition was to set a global standard, something that has not been achieved – i-Mode still has under one million users in Europe, despite licensing deals with Holland’s KPN, Bouygues Telecom in France, Telefónica in Spain and others. But the pattern has been emulated by Vodafone, which has seen Live! taken up in France by SFR and in Switzerland by Swisscom. It is encouraging to see the major operators thinking long term and devising creative business strategies that will finally reap serious revenue and margin from their investment in 3G and 2.5G networks. But they still face a period of one to three years when those networks are not widespread and when demand for content and multimedia is immature or unproven. Content will become a major differentiator and it will accelerate the inevitable shake-out of the operators, especially in Europe and the US. But even Vodafone, with its apparently strong start, needs to keep delivering what most of its users want for 2004 – competitive voice services – and keep a keen eye over its shoulder for Nokia’s moves to create its own content business and relegate the operators back to their old role. © Copyright 2003 Wireless Watch Wireless Watch is published by Rethink Research, a London-based IT publishing and consulting firm. This weekly newsletter delivers in-depth analysis and market research of mobile and wireless for business. Subscription details are here.
Wireless Watch, 03 Nov 2003

Switch start-ups turn to WLAN security

The anticipated shake-out in the overcrowded wireless LAN switch market shows signs of starting, with the star of the sector, Vivato, making yet more cutbacks and Trapeze laying off more than one-third of its workforce. The market has become packed with start-ups in the past year, far too many to survive, especially with Cisco defending its 75 per cent-plus market share and other data networking companies moving across from the wired world. Many of the specialists have sound technology and decent financing, but there are just too many of them in an enterprise WLAN market that has been slow to grow this year. Now they are all racing to add differentiators to their products that will encourage corporate uptake and enable them to survive long enough to reap some rewards from the likely upturn in enterprise WiFi spending in mid-2004. The number one concern of companies considering wireless remains security, so it is no surprise that many of the switch makers are focusing on this in their bid to remain competitive. Trapeze, one of the strongest of the switch specialists, but forced to lay off 22 per cent of its workforce this week, was the first to make capital out of corporate nervousness about hackers. Back in the spring, its advanced security features put it a step ahead of most start-ups, but now most of its rivals are jumping on the bandwagon. Last week, we saw Aruba upgrading the software behind all its switches, AirOS, to include an intrusion detection system that can even handle the latest breed of denial of service attack, ASLEAP, which targets Cisco’s LEAP security protocol. This gave Aruba a new marketing line of attack for its low end 800 switch – as a dedicated IDS box – that is sure to be copied by others in the this increasingly pressurized market. Intrusion detection systems are the hot ticket in wireless security at present, spurred by IBM’s entry into the market earlier this month with a managed service. IDSs go a step beyond rogue access point detection, which is now offered by most suppliers of business grade WiFi equipment. An IDS continually scans the airspace for clues to denial of service and other hack attacks. Vendors are offering a range of ways to implement such functionality – outsource it entirely to a managed service, as in the IBM solution; integrate it into the core switch and detect via passive monitors that feed data to the center, as Aruba and AirMagnet do; or use the existing AP network for monitoring, the approach to which Airespace, the grandfather of the WLAN security market, is moving in a bid to differentiate itself from the monitor-based systems and retain its market lead. The latter route highlights the problem for the switch makers. Security is a strong selling point for their devices, but the software specialists can offer greater depth of functionality and can usually stay a step ahead. The switch companies can argue that an integrated IDS is a cheaper option than buying separate software on top, but few corporate customers are that price sensitive when it comes to protecting their networks. So as Trapeze, Aruba, Vivato and others upgrade their security facilities, the software houses are moving ahead too. This week, AirMagnet has upgraded its Mobile suite to supports 802.11g for the first time and to identify 22 new attacks including denial of service from its notebook-based WLAN management software. Also included is a new signal strength capability that can detect signal fluctuations and their cause, distinguishing between malfunctioning access points, normal interference and multipath interference and a reporting function that monitors statistics and highlights abnormal patterns of usage. For companies of any size, the most effective security systems for WLANs offer multiple overlapping detection methods, which the switchmakers generally cannot support. AirDefense is also upgrading its platform, aiming to diffentiate itself by moving more detection and monitoring functionality away from sensors and into the access point, reducing cost and deployment time by eliminating special sensor devices, or providing richer detection data by combining input from sensors and APs. All this means the switch makers need to find a new way to attract customers to their devices, and some of them are running out of time. The first signs of trouble have come from Trapeze and Vivato, ironically among the best-funded and most technologically robust of the pack. Trapeze, like Vivato a few weeks ago, has accompanied job cuts with a management reshuffle that puts greater focus on operational efficiency, appointing a chief operating officer for the first time. This is Al Sadler, currently vice president, and VP of worldwide sales George Prodan has also stepped down in favour of director of product marketing, Mike Banic. Forty of the company’s 110 staff have been laid off though Banic insisted this would not affect roll-out plans. “We're still completely staffed up to deliver on our... roadmap," he said. The next step on this map is a software upgrade that lets its Mobility Point APs communicate with the central switch without actually being connected to it. Trapeze has been one of the most aggressive of the switch start-ups but it took the risk of throwing money at the challenge of taking a strong market position, a strategy expounded in the main by Prodan, who argued that there was only a year in which to gain this position or fail completely. Until the restructuring it had double the number of staff of its main competitors Airespace and Aruba and was said to be using up its $50m in funding to date at a rate that alarmed its backers. Prodan’s departure is taken as a signal to the investors that Trapeze will take a more cautious financial approach from now on, although he remains an advisor and investor. The company’s last round of funding was in June when it raised $34m from Oak Investment Partners, Duff Ackerman & Goodrich, Castile Ventures, Trautman Wasserman, CE Unterberg Towbin, Accel and Redpoint. Vivato, too, has been pulled into line by investors recently. While it raised a third round of $44.5m in August, it laid off 10 per cent of its workforce shortly afterwards in order to “rebalance” the company away from engineering and towards operations and marketing. The company admitted this was spurred by the venture capitalists and was, in part, meant as a sign that Vivato would use its new funds responsibly. This was apparently not enough and now Vivato has laid off another 22 staff, 2 per cent of the total, mainly from its engineering center. The company’s CEO Ken Biba stepped down earlier this month and a replacement is expected within a few weeks. His primary role will be to ensure that Vivato can survive the shake-out. Like many innovative start-ups, it has invested heavily in engineering in order to create pioneering products – indoor and outdoor switches that boost WiFi’s range and data rates – only to find other companies catching up and itself forced to compete in a newly crowded space on the basis of marketing messages. All this is made worse by the entry of established enterprise networking players. Cisco has always been there, pushing its ‘fat access point’ approach against the centralized switch dumb AP route of the start-ups. But now it is joined by Foundry and Extreme, both with R&D and marketing budgets that dwarf those of the new companies, plus established contacts in the corporate world. The start-ups that have pioneered the dedicated, centralized wireless switch have achieved high levels of interest and headlines in the past year, but have failed to bite significantly into Cisco’s corporate WLAN market. Although we would expect Trapeze and Vivato, despite their current problems, to be survivors, we are sure to see many others cutting back and some disappearing altogether in the coming months. © Copyright 2003 Wireless Watch Wireless Watch is published by Rethink Research, a London-based IT publishing and consulting firm. This weekly newsletter delivers in-depth analysis and market research of mobile and wireless for business. Subscription details are here. Related stories US parents sue over WLAN school fears Apple upgrades AirPort Extreme Wi-Fi security
Wireless Watch, 03 Nov 2003

El Reg seals TechnoDepot apparel pact

Cash'n'CarrionCash'n'Carrion Injecting a little bit of sunshine into a blustery November is the news that Reg shop Cash'n'Carrion has signed a landmark deal to sell TechnoDepot apparel. TechoDepot's range will more than satisfy those who like their t-shirts both in black and with a snappy tech-savvy slogan, to wit: Binary - "There are 10 types of people in the world. Those who understand binary and those who don't." Fragged - "I see fragged people" RTFM It's all good stuff and guaranteed to get a knowing wink from fellow conspirators. All three shirts are available in sizes medium to gargantuan 3XL and can be yours for £12.76 (£14.99 inc VAT). And don't forget that you can now shop at Cash'n'Carrion in pounds, euros and dollars. Terrific stuff. ®
Cash'n'Carrion, 03 Nov 2003

MS to intro hardware-linked security for AMD64, Itanium, future CPUs

Microsoft is to introduce hardware-linked security technology with Windows XP Service Pack 2, and beyond that will make "additions to Windows" supporting the technology, execution protection (NX). The feature is already supported by shipping AMD K8 and Intel Itanium processor families, and according to Microsoft: "It is expected that future 32 and 64-bit processors will provide execution protection. "Microsoft is preparing for and encouraging this trend by supporting execution protection in its Windows operating systems." So is it DRM? Not exactly, not yet, but it's another example of the closer linking of hardware and software that will result in the processors with NGSCB built-in that Bill Gates promised at the recent Professional Developers Conference, and a reread of his keynote after hearing about NX does tend to suggest that Bill might not see any clearly defined line between the two, and between hardware security and hardware ID. And linkage is helpful from the point of view of selling DRM to users; clearly, you can't pitch hardware protection that screws up your ability to listen to music as you wish as an unalloyed benefit for the general public, but you can sell them it on the basis it stops Bad Things coming at them from The Net. Microsoft can also use compliance with this and future hardware features as the 'entry ticket' for hardware manufacturers wanting Windows development relationships and support. One might speculate that Windows XP support for AMD64 might not be entirely unconnected with NX support. As Microsoft says: "The 32-bit version of Windows currently leverages the NX processor feature, as defined by the AMD64 Architecture Programmer's Manual." So actually, it's not being introduced to the mass market with SP2 - it's here already for AMD64 platforms. NX "uses the CPU itself to enforce the separation of application code and data, preventing an application or Windows component from executing program code that an attacking worm or virus inserted into a portion of memory marked for data only." Which is quite cute really, when you consider that one of the fundamental security problems of Windows is its failures in separating application code from data. Fix Windows? Go back to basics and write a proper operating system? Nope, we have a better idea... Whatever, although there may be applications for NX support in non-Windows operating systems, it doesn't immediately look like a 'must have' for, say, Linux in the same way that it does for Windows. Does it have direct DRM implications? None that are obvious to us at first reading, but it clearly does have potential to help Microsoft leverage DRM into the CPU. It certainly does have a 'breakware' component, as Microsoft tells us: "Some application behaviors are expected to be incompatible with execution protection. For example, applications that perform dynamic code generation (such as Just-In-Time code generation) that do not explicitly mark generated code with execute permission may have compatibility issues with execution protection. Note that managed code applications and components built on the Microsoft .NET Framework's common language runtime (CLR) will continue to work—the CLR is compatible with execution protection in SP2. "Application and driver developers should be aware of execution protection and the requirements of software running on a supporting platform. Applications that perform just-in-time (JIT) code generation or execute memory from the default process stack or heap should pay careful attention to execution protection requirements. The .NET Framework, for example, works with the NX bit set." So some applications will be broken by SP2, although this will obviously only happen on systems that already ship with NX in the CPU. In the longer (presumably not hugely longer) term all volume CPUs will have it, and it will clearly encourage developers to go down Microsoft's preferred development route (i.e., the one that leads to Longhorn) as quickly as possible. This, says Microsoft, is "promoting general good coding practices." Bear in mind that Microsoft wants and intends to make a big noise about the steps it's taking to make Windows secure, and that it's therefore going to want to package, present and market this and other security features. Meanwhile, the chip companies and the PC companies desperately (even more so than usual) want to figure out ways to get people to buy even more new computers. An SP2-based refresh with added hardware worm protection and just a soupcon of ID/DRM for fall 2004 does look awfully compelling to us. Athens provides one possible base for packaging this, and with Tablet and MPC starting to look tired by then, even without the 'sell security' imperative Microsoft surely needs to think up a couple more compelling packages. Will the chip companies switch from running and hiding whenever anybody mentions hardware protection to actively marketing it? It could happen, it really could... ® Related stories: Longhorn as the next Microsoft desktop domination play Microsoft security paper
John Lettice, 03 Nov 2003

A dossier on every UK citizen?

The Government plans to establish a database of life records which could be used to create a dossier on everyone in the country, privacy advocates fear. The Foundation for Information Policy Research (FIPR) has called on the Government to ensure that a new electronic database of life events - births, marriages, deaths etc. - supports, rather than reduces, privacy and liberty. In a response to the Office of National Statistics' consultation on its plans for such a database, the FIPR said the "proposal amounts to establishing the foundations for a compulsory dossier on every citizen". "Once begun, the database would develop its own momentum as agencies discovered new advantages. Fraud and crime prevention could be argued to justify the inclusion of information relating to social security benefits, tax, passports, drivers' licences, criminal records and much else," the FIPR writes. "Public health considerations might be argued to justify extension of the snapshot of information about the cause of death to an accumulation of information about health events during life. The protection of children might be argued to justify linkage with information accumulated by social services departments. The needs of the war on terrorism seem capable of being used to justify almost anything," it adds. According to the FIPR, the proposed database is already intended to store information that goes beyond its stated purpose. "It is difficult to see the justification for including occupations, ranks and professions of brides, grooms and their parents, or causes of death, within the registration system." The FIPR argues that simpler measures could be cheaper, less invasive and more effective. For example, a basic registry of deaths would allow the Passport Agency to check applications for fraud. The think tank also believes paper records are more trustworthy because they are "harder to retrospectively alter" than database files. Nicholas Bohm, General Counsel to the FIPR and author of the response, said: "The Government must avoid the risks of turning the register of births into a set of comprehensive dossiers on every citizen." "We should not be moving towards a system where our very identity is dependent on registration by the Government in a central database." ® Related Stories UK ID card scheme likely to be 'debacle', says Jack Straw Finger, faceprints get green light for Europe's ID standard NHS patient privacy? What patient privacy!
John Leyden, 03 Nov 2003

Amazon hobbles full text search

Amazon.com quietly changed its recently introduced book-searching feature, following concerns by some authors that users could also print out several pages surrounding the places where the phrase appears. Printing is now disabled. On October 23, the Internet retailer introduced a new feature called Search Inside the Book, which lets users search the complete text of books. In collaboration with publishers, Amazon digitised more than 120,000 books - 33 million pages of searchable text. Customers interested in ‘resistojet propulsion’ for instance can search for ‘resistojet’ and will automatically see a list of books at Amazon.com that contain this term in the text, in addition to those books that contain the term in the title. The introduction of the feature drove a nine per cent sales increase, Amazon reported last week. Some 190 publishers are participating, including Time Warner, Wiley, Simon & Schuster, Random House, McGraw-Hill and HarperCollins. Since the launch of the programme, 37 additional publishers have contacted Amazon requesting to participate. Authors, however, are concerned. Upon testing the new feature, staff from the Authors Guild managed to print out 108 consecutive pages from a bestselling book. The Guild also noted the potential for abuse by college students. At least one student is already bragging that he used the system to print out what he needed, when others, to their chagrin, had bought the book. 'We believe that most authors should sit tight and see what further technical improvements Amazon makes before deciding whether to pull their books from the program,' the Authors Guild writes in a statement. ® Related stories Amazon posts slim profit without Santa's help Stealth mode Amazon.com gets into search MS, eBay, Amazon et al join ID theft busters
Jan Libbenga, 03 Nov 2003

Drivers ignorant about mobile phone law

Almost half of UK drivers are still clueless that from next month using a hand-held mobile phone while driving will be illegal. The survey from the Association of British Drivers (ABD) and hands-free kit maker, JABRA, supports research from a leading motoring organisation last month which revealed widespread ignorance concerning the new legislation. According to the latest survey, four in ten drivers are unaware that the legislation is coming into force from December 1. What's more, a quarter of those who were aware of the new legislation said it would not stop them from using a hand-held mobile while driving. The survey found that younger drivers were more likely to flout the new law even though half of all those quizzed admitted that using a cellphone affected their driving. ABD is concerned that not enough people are aware of the law change and called on motorists to be given more information ahead of the December 1 deadline. Said ABD spokesman, Nigel Humphries: "To avoid widespread non-compliance of the new legislation, there is a clear need for the Government and the mobile industry to tell drivers exactly what is legal and what isn't, and to provide positive guidance on making calls safely rather than simply telling people not to do it." Drivers caught using their phones illegally could face a fine up to £1,000. ® Related stories Motorists face £1000 fine for cellphone use UK drivers face fines for 'wrong type of hands-free device' Of vehicle mobile phone bans, and automotive Bluetooth
Tim Richardson, 03 Nov 2003

Brazilian script kiddie arrested in Japan

A Brazilian teenager has been arrested in Japan last Friday on suspicion of membership of an international hacking group. Japanese police believe the unnamed 17 year-old is an active member of a gang of Web site defacers called Cyber Lords, which is blamed for the defacement in recent months of 1,032 Web sites in 33 countries. Japanese investigators have tracked the group's activities since March, following a tip-off from South Korean police via Interpol. Sites in Japan, the US, Taiwan, the Netherlands and South Korea have been hit by the group, according to Tokoyo police, the Japan Times reports. The arrested teenager is suspected of hacking into the Web sites of a computer services firm, a private high school in Tokoyo and Kyoto University Hospital since September last year. He is suspected of breaking Japanese laws prohibiting unauthorised computer access. The Brazilian teen reportedly told Japanese investigators that his group has seven other members in countries including the US, Brazil and Portugal. Police told the Japan Times that the 17 year-old, who works as a temporary worker and lives in the city of Otawara in central Japan, is the first suspected member of the Cyber Lords gang to be arrested. Investigators said the group took advantage of lax corporate security to break into web sites and deface them with messages in either English or Portuguese. The group commonly signs its name on defaced sites and posts the names of other web systems it has broken into, a factor that no doubt made the police investigation that much easier. ® External Links Teen hacker identified as Cyber Lord member, the Japan Times (in English) Cyber Lords (AKA Bug Travel) used a well known flaw with a Web admin tool called CPanel to break into some sites, according to posts on security bulletin boards earlier this year. Defacements by Cyber Lords, as recorded by defacement archive Zone-H. Most of the sites hit are running Windows. Defacements indicate the group weren't the biggest fans of US president George W.
John Leyden, 03 Nov 2003

Freeserve loses AOL VAT case

Freeserve has lost its long-running campaign to force AOL to pay VAT in the UK. The High Court dismissed an attempt by Freeserve to challenge HM Customs and Excise's decision not to charge VAT on AOL's Internet service in the UK. The High Court also turned down Freeserve's bid to appeal the decision. The rulings - handed out on Friday - bring an end to a saga that has dragged on for two years. During that time Freeserve argued for a "level playing field" claiming that a tax loophole meant that AOL was exempt from paying around £100 million in VAT. It launched a series of high-profile campaigns in what became an increasingly bitter bid to highlight its plight before eventually taking legal action. Now, though, the case has been thrown out and Freeserve has got to pay costs - estimated at more than £500,000. Freeserve pressed ahead with its VAT campaign, even though new European legislation introduced during the summer meant that all ISPs - even AOL - now pay VAT. In a statement Freeserve said: "We are disappointed with the verdict but we are pleased that since 1 July 2003 AOL is in line with all other ISPs and has been paying VAT so that the level playing field we fought long and hard for has been achieved." AOL - which stated throughout that it has always played by the rules - had this to say: "The High Court has confirmed that Customs & Excise followed the correct procedure in coming to its original decision to make any information providers with their hubs outside the EU exempt from VAT. AOL has always abided by the relevant legislation on VAT and will continue to do so." ® Related Story Freeserve gets nod for AOL legal action
Tim Richardson, 03 Nov 2003

Vodafone slashes IT contractor rates

Vodafone today confirmed it is to slash cIT ontractor pay rates from the end of this week. A Vodafone spokesman told The Register that "some contractor pay rates" will be reduced by 10 per cent. Pay rates have been "adjusted to reflect current market rates", he added. Last week Vodafone sent out a memo to contractors (copy below) which provides more background on the cuts. ® Following several months of Director level meetings, Vodafone have instructed their current preferred suppliers of IT contract personnel to implement a cost reduction policy that they see as vital to the future growth and profitability of Vodafone UK. In line with cost reductions through out all areas of the organisation Vodafone are seeking to achieve a significant saving in their IT contractor spend. In order to realise this saving they are implementing a rate reduction program that will result in a 10 to 15 per cent reduction in contractor charge rates. It is proposed that effective from 6th November 2003 rate reductions will be enforced on the following scale: Over £500 per day - 15 per cent reduction Above £15 per hour but under £500 per day - 10 per cent reduction We appreciate that this is not the type of news that will obviously be welcomed within the Vodafone IT contracting community, however Vodafone see this as the only real alternative to a reduction in contractor numbers, which would have a far bigger impact on Vodafone and peoples livelihoods. You will be contacted individually to discuss how the reduction programme effects you, and letters will be sent confirming the details. Related Stories Light at end of the tunnel switched back on for IT contractors Four in ten IT contractors out of work New PCG boss predicts doom and gloom in IT sector HP axes UK contractor rates
John Leyden, 03 Nov 2003

All the stupid people. Where do they all come from?

OpinionOpinion Microsoft's best chance for regaining the revenue lost to security concerns isn't in eliminating bugs, writes SecurityFocus columnist Tim Mullen. Two years ago I wrote about how security would become critical to the success of Microsoft, and how the challenge of combining "simplicity and security" would represent the highest costs in IT. For what is apparently the first time in Microsoft's financial disclosure history, the company has reported that security issues, or more appropriately insecurity issues, have directly affected their balance sheet in a negative way. Though quarterly stock earnings were up from last year (and above industry projections), Microsoft has identified losses of approximately $700 million in unearned revenue from non-renewed contracts in product futures. This was primarily attributed to industry concern over recent product vulnerabilities and other security-related problems. Microsoft bashers will be quick to say things like: "All of Microsoft's revenue is unearned!" But that's just because they don't know any better. The truth is that from a business perspective, Microsoft does an excellent job in their support of customers and partners. Even so, revenue has been lost, and it is due to customer perception. It isn't a critical hit -- most companies do not get to enjoy unearned revenue; they're lucky if the earned revenue is enough to keep them in business. But this is significant because it marks a time when businesses are finally taking security into account when making their purchases. It shows that the industry is maturing -- that it's ready to hold someone accountable for bad security. Now that they've grown up, all we have to do is educate the corporate masses to point their fingers at the right places: Not at Microsoft or other vendors, but at themselves. That's right: education -- not some software Manhattan Project to eliminate buffer overflows -- is what's needed here. The reason most vulnerabilities become issues is because the products are used by people who don't know what they are doing. Village Idiots This may get the ire up on some anti-Microsoft zealots, but to be honest, I really don't care. After my last column about the CCIA report, I received many an email from Linux aficionados telling me how fatally flawed the architecture of Windows was. I was amazed at how totally ignorant some of these people are to what the Microsoft reality is -- it seems that many still think the Windows operating system is synonymous with Windows 95. News Flash: It's 2003, time to grow up and get a place of your own. But Microsoft is not trying to win these people over. In fact, some of the company's worst enemies are the ones who are already their clients. A case in point comes from a notice in the latest SANS NewsBites. It seems a buddy of Stephen Northcutt's works for a company who has a "C-Level executive" mandating that RPC and NetBIOS not be blocked at the border routers or firewalls. (The editor's note says "between organizations," but the full memo shows that this is the desired configuration over the Internet.) This is so Exchange servers at different sites can communicate over RPC and executives can easily use file sharing. SANS is soliciting solutions for this quandary. Here's mine: Fire the dolt. For one thing, you don't block ingress ports on firewalls -- they should all be blocked by default already. You allow them when you have to, and only when you have to. But regardless of the default firewall policy, any executive who mandates that RPC and NetBIOS be opened at the gateway in order to make file sharing easy needs to find a village missing an idiot, and move there. And this is probably the same guy who did not renew his contract with Microsoft because his company got hit with Blaster. Microsoft isn't the problem. The problem is the executive who doesn't want to pay for security to be implemented properly, who mandates ridiculous policies, and who ultimately refuses to do anything that provides any real level of security. These are the people don't take the time or commit the resources to ensure that the products they use -- the ones they have become dependent upon -- are being administered by those with security training. Then they blame all their woes on the vendor, while making their staff suffer through the effects of their poor judgment. This is why the next big step for Microsoft should be in the arena of security education -- right behind patch management. Look for this shift soon, as this time, right or wrong, security is hitting Microsoft's bottom line. If this kick in the Microsoft wallet has the end result of increasing security, then it's ultimately a good thing. Even if we have to lose a clueless executive or two along the way. SecurityFocus columnist Timothy M. Mullen is CIO and Chief Software Architect for AnchorIS.Com, a developer of secure, enterprise-based accounting software. AnchorIS.Com also provides security consulting services for a variety of companies, including Microsoft Corporation.
Tim Mullen, 03 Nov 2003
Broken CD with wrench

HP pads Itanium server line with midrange kit

It took a while, but HP now has an Itanium-based server replacement for just about every PA-RISC box it sells. On Monday, HP added two new midrange servers to its Itanium line - the eight processor rx7620 and the 16 processor rx8620. These systems fill a gap between the 1- to 4-way and 64-way Itanium servers already on sale from HP. In addition, the new kit signals that HP is indeed ready to begin moving all of its customers off of PA-RISC and Alpha servers and onto Itanic. HP also rolled out a new low-end ProLiant system and pre-packaged Linux clusters. HP turned to a tennis comparison to express what this massive hardware launch means to the company. "The rules of the game have changed in the server market, and it's clearly 'advantage HP,'" said Scott Stallard, EVP of enterprise storage and servers at HP. Stallard's optimism is appreciated, but HP faces serious challenges at the moment. The most recent data from Gartner shows that HP faces an increasing threat from IBM and Dell. HP still owns the top spot in total units shipped, but both IBM and Dell have been growing at a faster pace of late. Breaking out the Itanium server segment does not help HP's cause. Intel's 64-bit product continues to be punished by slow adoption rates. What was once billed as a "twenty-year" design appears to be growing long in the tooth before it ever really arrived. HP, however, is less concerned about OEM adoption for Itanium and more worried about how it fairs as a PA-RISC replacement. And benchmark-to-benchmark against Power4 or UltraSparc, Itanium is doing rather well. Having a host of OEMs selling Itanium kit would help keep chip and component costs down, but that would just be gravy for HP at this point. It's performance that matters. The performance of the new 8-way and 16-way systems is of particular importance to HP. CEO Carly Fiorina has been talking a lot lately about the death of midrange Unix. IBM and Sun seem content to bill their versions of Unix as the OS of choice on midrange kit for some time, but HP has all guns blazing around Windows and to a lesser degree Linux in this market. HP will take care of its current Unix customers. It has the last couple revs of PA-RISC on the way and is merging Tru64 and HP-UX. Still, you get the sense that HP wants to push Unix toward the high-end as much as possible. That is, of course, where its Superdome system shines. The rx7620 starts at $23,735, and the rx8620 starts at $62,730. HP also has a refreshed 4-way box - the rx4640 - available, starting at $15,869. Along with the Unix kit, HP is touting the ProLiant DL140 server. This system is set to arrive by mid-November as an option for small and medium-sized businesses. The kit starts at $1,299 and runs either Windows, Red Hat or SuSE. HP also plans to make it available as a node in its pre-packaged cluster products. To that end, HP has two new Linux clusters on tap for December. The XC3000 and XC6000 clusters are similar to what IBM and Dell also offer as a way to get a technical compute system up and running with as little hassle as possible. A 34-processor configuration of the XC3000 starts at $171,500. HP offers both its 32bit ProLiant systems and 64bit Integrity products as options in the clusters. The higher-end XC6000 systems use Quadrics Elan3 interconnect and the XC3000 systems run on Myricom's Myrinet interconnect. ®
Ashlee Vance, 03 Nov 2003

8.5GB DVD+R discs, drives to ship April '04

Expect double-layer, almost double-capacity DVD+R drives and media to hit the stores next April, members of the DVD+RW alliance say. The technology, co-developed by drive maker Philips, and media specialists Verbatim and Mitsubishi Kagaku, adds a second recording layer to a standard-thickness DVD+R disc, taking the medium's capacity from 4.7GB to 8.5GB. That's enough for four hours of DVD-quality material, 16 hours of VHS-quality content or two hours' archive footage. The discs are playback-compatible with existing DVD players and DVD-ROM drives. Initial products will offer a write speed of 2.4x. DVD+R DL, as the technology is known, was demo'd last month in Japan and shown to the press in London last week. Alliance members said the next step is to publish the format's specifications, a process which should be complete this year. Officially, the Alliance says DVD+R DL hardware and media will ship during "the course of 2004", but privately a number of member companies said they are "hoping" for an April 2004 introduction. That should provide a further boost for the DVD+R/+RW format, which is increasingly seen as the successor to the older DVD-R/-RW spec., thanks to its full multi-session compatibility with both DVD-ROM and consumer DVD systems. Essentially, DVD+RW discs can be re-edited even when the session has been closed - of 'finalised' - to ensure compatibility with DVD video playback. That said, there have been some claims about the level of DVD+R/+RW compatibility with consumer DVD players; the consensus appears to be that DVD-R/-RW discs, suitably finalised, are more likely to work with any DVD player than is a DVD+R/+RW. Fortunately, the question of which format to go for is becoming made less relevant thanks to the growing number of DVD burners that support both media formats. The DVD+RW Alliance claims that next year pure-play DVD+R/+RW drives will outsell DVD-R/-RW units four to one. Also, dual-mode drives will also outsell single-format drives. ®
Tony Smith, 03 Nov 2003

College kids are thieves, thieves, thieves

FoTWFoTW Re: College students care more about beer than software Well, well, well... If it isn't A$$lee beating the old software Piracy drum again???? SOS DD huh, ASSlee??? Your implied attitude that stealing of software by college students is no big deal is nothing new now is it A$$lee. Interestingly the BSA's report sounds an awfully lot like what I have posted in the past about Piracy. You seem to think large corporations like Microsoft who violate anti-trust laws to reap billions in profits, are criminals but college students who are more interested in keg parties aren't thieves or immoral for stealing. Is this another one of your double standards of the World??? You seem to hold the belief that Piracy is no big deal and that these college kids will grow up to be good, honest, law abiding citizens when they go out into the real World. Do you have any evidence of this as reality seems to be much closer to the BAS's beliefs than yours. My observations are that unethical, immoral college students tend to hold those same personal values for most of their lives. Some of them even become journalists and write trash to support unethical and illegal behavior. What irony, huh A$$lee, steal then get paid for writing about it. And to justify the Piracy as no big deal because you are stealing from large corporations seems to be a popular rationale for those living in fantasy land. With any luck these types will get to practice their logic in a courtroom and prison. Serves them right, don't it ASSlee??? Shit still stinks no matter how you dress it up. Ain't that right A$$lee. Randy Related Stories Which school of journalism did you go to, Moron? FoTW: ‘You are a lier’ Flame archive 2000 Part 1
Ashlee Vance, 03 Nov 2003

Vodafone adds Blackberry to mobile office offerings

Mobile phone carrier Vodafone will begin offering an own-branded version of RIM's Blackberry 7230 handheld to European businesses later this month. The device - and the back-end systems that connect corporate Microsoft Exchange, Lotus Domino or vanilla POP servers to Vodafone's GPRS network - will be positioned alongside Vodafone's Mobile Connect Card, which brings GSM/GPRS connectivity to laptops. Both will be offered under the carrier's Mobile Office brand. The Blackberry system automatically beams email to users' handhelds, including attachments. Enclosed PDF, plain text and Microsoft Office files can be read on the device, but not edited. The 7230 also doubles up as a tri-band GSM handset. It features a micro keyboard, backlit 16-bit colour screen, 2MB of SRAM and 16MB of Flash memory. The rechargeable battery is removable. The device can be synchronised with a PC using a USB connection, which also doubles-up as the battery charger. The handheld, offered as 'Blackberry from Vodafone', will be initially offered in the UK, France, Germany, Italy, Spain and the Netherlands. In September, Orange launched an own-brand version of PalmOne's Treo 600 smartphone. ®
Tony Smith, 03 Nov 2003

Microsoft picks IBM as Xbox 2 processor partner

Microsoft has signed up IBM to manufacture chips for the "future" generations of its Xbox console. According to a statement offered by both companies, Microsoft has "licensed leading-edge processor technology from IBM for use in future Xbox products and services to be announced at a later date". That's the same language used in the statement announcing Microsoft's deal with ATI to use the graphics specialist's GPUs in future Xbox systems. It is widely believed that that announcement referred to Xbox 2, so it's a good bet that the IBM announcement does too. But which chips will IBM provide? The implication is that we're talking PowerPC processors. That seems unlikely given the current Xbox's foundation on x86 PC technology, but rumours have circulated of a compatibility break between the two generations of the console. If accurate, it's a bizarre move for Microsoft to make, particularly since backward compatibility surely helped Sony sell Playstation 2. But x86 and PC technology may simply have been seen by Microsoft as an easy way into the console market. Having established a foothold, it might well now be looking to develop hardware more relevant to that sector rather than the general purpose computing arena. ATI, meanwhile, already has a games console connection with IBM in the form of the Nintendo GameCube, which is based on a PowerPC 440 variant codenamed 'Gekko' and ATI graphics technology. Did ATI persuade Microsoft that this was the best route to take for Xbox 2? But is IBM offering PowerPC technology? Some coverage of the deal, based on pre-release viewings of the press statement we reckon, suggests that the arrangement is more about manufacturing than CPU development. If so, that might favour AMD. Its Athlon 64 has been heralded by AMD fanboys as the most sensible choice Xbox 2. IBM and AMD have a joint development programme working on future 65nm and 45nm process technologies, so there's a connection between the two companies. We expect AMD to choose IBM has a fab partner when 65nm comes on stream. But the AMD-Xbox 2 connection is largely the result of speculation. Since Microsoft has already dropped Nvidia for ATI, the pundits suggest, won't it likewise drop Intel for the AMD? Today's announcement suggests that it has not only ditched Intel but the x86 platform too, which suggests AMD may not be getting a look-in after all. Microsoft has licensed "processor technology" not 'process' technology, so it's fair to read it as a chip development deal rather than a chip manufacturing deal. The new Xbox technologies will be "based on the latest in IBM's family of state-of-the-art processor", the statement says. That suggests the 970 - aka Apple's G5 - IBM's 64-bit desktop chip. That 130nm chip already clocks to 2GHz, and IBM has already said it has begun sampling the 90nm version, which bodes well for the platform's ramp to 3GHz and beyond. ®
Tony Smith, 03 Nov 2003

Draft ID card bill slips into Queen's speech

A draft bill to introduce ID cards in the UK is expected to be included in the Queen's speech later this month. Although the move keeps the government's options open, the Sunday Times reports that it is increasingly unlikely that ID cards will be brought in before the next general election. Instead, the paper sees the scheme as a means to preserve the political modesty of the Home Secretary, David Blunkett, who is fighting to keep a cherished project alive in the face of opposition from his Cabinet colleagues. Senior members of the Cabinet are said to be split on the issue. Former Home Secretary Jack Straw, the current Foreign Secretary, believes ID card plans are “flawed” and might cause “a large-scale debacle which harms the government”. Chancellor Gordon Brown and the Treasury object to the scheme on economic grounds. However, the Prime Minister backs the idea of introducing ID cards, at least in principle. The rest of the Queen’s speech, expected to contain 23 bills, will include plans to make corporate socially and environmentally responsible, tougher rules on asylum and a scheme to levy university students with extra tuition fees. ® Related stories UK ID card scheme likely to be 'debacle', says Jack Straw ID cards protect civil liberties - Blair Blunkett states ID card aims - but can he achieve them? Cabinet stalls on ID cards, Blunkett says he'll win anyway Passport biometric trials point way for ID cards Now Blunkett wants to charge £39 for ID cards UK ID scheme complex, costly, won't work, says expert Public opposes ID cards, govt admits Blunkett to intro UK ID cards, via £25 passport tax
John Leyden, 03 Nov 2003

MPs take aim at eBay in gun smuggling report

Guns are being smuggled into the UK using online auction sites such as eBay, according to a report by MPs due out this week. Although the sale of weapons is illegal on eBay, the report is expected to say that villains are getting round the barriers by buying component parts, such as barrels, firing mechanism and triggers. According to the Sunday Times, which has seen a copy of the report, the committee of MPs is to call on the Government to take action. The paper quotes the report as saying: "This loophole is a potential route for illicit weapons into the UK and should be addressed." But eBay UK has told The Register that it does not allow ammunition, replica firearms, or even legal air guns to be sold on the site. Said the company: "We are unaware of any examples of prohibited weapons being sent into the UK from abroad which have been purchased via an eBay website. "If we were aware of this practice we would work with the police to identify and deal with the users accordingly," it said. ®
Tim Richardson, 03 Nov 2003

Intel ships $925 Pentium 4 Extreme Edition

Intel today released its Pentium 4 Extreme Edition - the exceptionally expensive gamer-oriented version of the chip giant's desktop processor - as we reported last week. As anticipated, the chip will cost $925 a throw. The chip is clocked to 3.2GHz and features 2MB of on-die L3 cache alongside its 512KB L2 cache. Like other P4s, it supports HyperThreading, a frontside bus with an effective bit rate of 800MHz and is fabbed at 130nm. The P4EE is compatible with the existing i865 and i875 chipset families, said Intel. Intel also is shipping boxed Intel Pentium 4 processor Extreme Edition 3.20 GHz to Intel authorized distributors for system integrators worldwide. Sold to system manufacturers in 10000-unit quantities, the P4EE costs $925 a pop. Intel will also be selling the part boxed via its distribution channel to resellers, retailers and end users. ® Related Story Intel Pentium 4 Extremely Expensive Edition to ship Monday
Tony Smith, 03 Nov 2003

New Gov.UK Plans Off to Bad Start

Whitehall plans to encourage businesses to compete with Government to offer citizens eGov services are to go ahead - despite an official, three-month consultation attracting just one response from the general British public. The lack of citizen input into the Office of the e-Envoy's proposals has emerged only through analysis of the consulation responses, which were published on the e-Envoy's website on Friday. It also raises serious questions about how Government engages the public in issues of how public service are delivered, and also whether this is a viable outcome on which to base policy. The - br>136 KB PDF">draft policy framework, issued by the e-Envoy's Office in May, suggested that using 'intermedaries' between government and citizen would foster more 'customer-centric' e-services and drive their take-up. After a public consultation seeking comments from potential intermediaries and possible users of these services, a grand total of 49 written responses were received, of which almost half were from the private sector. Public sector and voluntary organisations also submitted comments, making up around half of the responses. Input from private citizens was consigned to one individual. Introducing the report summarising the consultation responses (published here), Cabinet Office Minister Douglas Alexander commented: "There is evidently widespread interest in, and support for, creating a mixed economy in eGovernment service delivery." He added that responses had demonstrated "the need for further clarification and practical guidance" and studying the comments, this is certainly the case. Beside general support for the view that delivery and take-up of government e-services could be improved through intermediaries, responses repeatedly highlighted concerns about the implications of OeE's policy proposals for the public. According to the paper, "Many respondents commented on the likelihood of intermediaries choosing to provide the most commercially advantageous services in terms of cost of provision or customers' ability to pay", which had the potential to create "greater social exclusion and higher transaction costs associated with public sector service delivery." Others expressed concern at there being "no clear discussion in the policy of any regulatory framework for intermediaries". Many commented on the lack of clear incentives for citizens and "several respondents commented that the policy did not provide the 'practical guidelines to assist' that it promised." Others questioned the Government's motives, with the e-Envoy's Office reporting: "Several respondents were sceptical that the policy's intent was to deliver better services to the public, and believed rather that it was intended to save money and allowed private profit to influence service delivery." In light of the feedback, the OeE is now developing "Implementation Guidelines" that should be available in their "first iteration" by the year end, with the stated objective of guiding public bodies and intermediaries "through the early stages of thinking and planning for intermediation". Poor responses from the public in government consultations are not new. Earlier this year it emerged that a three-month consultation into wider sharing of citizens' personal data by the Cabinet Office's Performance and Innovation Unit received 60 responses, of which just three came from the public. Subsequent analysis of the response by the Lord Chancellor's Department said that the small number of individuals responding made it "impossible" to gauge informed public reaction to the proposals, and that the results could not "confidently be used as a firm basis for taking forward policy". The Cabinet Office today maintained that citizens had given input into the consultation - albeit via intermediaries. A spokesperson said the consultation "received many responses from voluntary and private organisations representing millions of clients and customers which they serve every day." "In addition, a number of people responding on behalf of their representative organisations also responded in their own right as private citizens", the spokesperson added. "The Office of the e-Envoy has also conducted primary consumer research to establish public interest in e-Government services delivered via a mixed economy and will continue to liaise with respondents when drawing up the Implementation Guidelines, addressing practical concerns." © eGov monitor Weekly eGov monitor Weekly is a free e-newsletter covering developments in UK eGovernment and public sector IT over the last seven days. To register go here.
Ian Cuddy, 03 Nov 2003

PalmOne Treo 600 smartphone

Reg ReviewReg Review Handspring's second generation smartphone is a marvel of good hardware and human interface design. It's a GSM/GPRS (or CDMA 1x) phone with built-in camera, QWERTY buttons and stylus, that's backward compatible with the vast selection of PalmOS 5.0 software, and features an SD/MMC expansion slot. While the Treo 600 doesn't have all the bells and whistles of its rivals (Bluetooth, video recording) out of the box, Palm users will feel right at home; and the Treo 600 deserves consideration from anyone wishing to upgrade their two devices, handset and PDA, in favor of one. However, one single factor - the design of keyboard - means that any reviewer must qualify a recommendation heavily. While I struggled with the keyboard over three weeks, I'd hand it to friends who were able to type flawless and quickly. Others picked gingerly at the illuminated buttons before handing it back with an apology. While the style and grace of the Treo 600 more than made up for the keyboard experience - it really is a very fine phone, and it was a pleasure to use it as one - I didn't feel I'd got the most out of the device. So if you're going to evaluate it, there's no substitute for a hands-on test first. Industrial design While the Treo 600 shares the same brand as its ugly duckling predecessors, the 180, 270 and 300 models - it's almost unrecognizable. PalmOne, which is the newly independent hardware division of Palm, will continue to use the Treo brand, now that it has acquired Handspring. A good choice of materials gives a first impression of a robust and durable device - a welcome change from recent plasticky 'candy bar' phones. While the earlier Treo communicators sported a cumbersome flip-up lid that only a Trekkie (or Walt Mossberg) could love, the gentle curves of the 600 make for a device much more comfortable in the hand and the pocket. Gone, but not missed, is the rocker dial on the left side of the phone and the two up/down 'lips' on the face for navigation. Instead, a metal four way navigation pad encircles a central push button, and this combination works very well: the feel is firm and well defined. There's a lot crammed on that small space: 26-alphabet keys plus space, shift, backspace return, and a general purpose modifier key. I was pleased to see Handspring give 'home' and the 'menu' functions their own, dedicated keys. As with the earlier models, nine of the keys double up as a numeric phone keypad. But this has been moved to the left, a small change that makes it much easier to use in your left hand. With the Treo I found a basic ergonomic issue that seems to be shared by every candy bar smartphone I've used: they don't balance very well. With the top half of the unit is the screen, the device tips forward when using buttons on the bottom half. Handspring says it opted for a low resolution screen because the higher resolution LCDs on offer are hard to read in bright sunlight. It's a fair compromise: while the Treo appears to have a 'gauze' like grid that's perceptible when held closer than eighteen inches away, the contrast is excellent in all conditions. And Treo shuns the standard green call/ red hang-up buttons in favor of on screen controls. The former isn't missed, but the latter is the first time you accidentally hang-up by nudging the screen with your ear. I'd prefer to see a dedicated hardware hang-up button to prevent lost calls. While the vibrating alert could use a little more vim - I missed a couple of calls outdoors with the phone in a trouser pocket - the Treo has a dedicated speaker for music and ringtones: and it's possibly the richest I've heard. Navigating the Treo Handspring's design team worked hard to produce a phone that can be used one handed, and set themselves some tough constraints. Despite the presence of a stylus, there's no Graffiti, or any other handwriting recognition software supplied with the Treo. It's a conscious move to force users to use the QWERTY buttons, or the soft keyboard. As with the earlier Treos, I found this a jolting experience. Handspring clearly has RIM in its sights, and RIM's BlackBerry, which has been a success with US businesses, has legitimized such tiny thumb keyboards. However, I found myself longing for a Treo in the form of a Tungsten, with just a slide down area for character input. How svelte would that be? Nokia has an intriguing solution in its 6800 'scissors' series, which features a fold-out keyboard. It's a radical design that doesn't compromise either one-handed or two-handed use, and it poses much more of a potential competitive threat than pen-based rivals. Handspring has tweaked the standard PalmOS PIM apps to use the navigation pad, and it works pretty well, though not flawlessly. For example, I could enter a new calendar appointment simply by tabbing through the controls on offer, but I couldn't navigate through the five "views" without resorting to the stylus. (Pressing the calendar button only flips between day and month view). However the navigation pad comes into its own when using the Treo as a phone. Nokia, with its Janus-like Series 60 UI, has made a 'menu' key lead you to a 'desktop' of applications, with the Phone application as a permanently running, though separate application. On the Series 60, even quick dial is a separate application. However the Treo hides the distinction, and makes phone-related functions much more accessible. From the phone (by default, although this can be configured) the rocker takes you to the Applications screen, if you go West, or Contacts (South), Email (East) and the Treo's 'Favorites' panel if you go North. Or, if you press the main button, a pop-up menu shows recent calls and two permanent options: the call log and the dial pad. The Favorites panel is very flexible: it provides five screens each of ten shortcuts, which can be applications, URLs, as well as quick dials. You can set up a shortcut to text a friend, which is a nice feature. Both Nokia and SonyEricsson could learn a trick or two here. Reception and Reliability A few reviewers have balked at the retro, Ericsson-style antenna on the Treo 600. While it's true that in Europe, external antennae died out somewhere around the last ice age (c.2000), US users need to cope with much poorer reception from their networks, especially indoors. I found that the Treo performed like a champ, and that assurance will trump aesthetics for users on this side of the Atlantic. While it's harsh to judge such advanced new phones on reliability - no manufacturer has a great record here - the Treo lost its signal for no reason on several occasions on my AT&T network. I had to resort to the paper clip on several occasions (this is the only way to reboot the phone, as the battery isn't removable), and once the Treo reported that it didn't have enough power to turn its wireless features on, even though the battery was 60 per cent charged. These proved no worse than teething difficulties with the Nokia 9200 and early cuts of the Sony Ericsson P800, and they were rapidly fixed by subsequent flash updates, which we trust palmOne will provide. Battery life on the new Treo is far superior to its predecessors, which could barely manage an hour of talk time or data sessions. Under intensive use, the Treo 600 had juice to spare at the end of the day, and could run comfortably over three days under lighter use. The Treo conserves power very aggressively by shutting down the screen after a few seconds, a wise choice. Under heavy tasks, however, the Treo showed some spots. Using the VeriChat IM client, we were disconnected every time we switched away to another task. This was annoying enough for the reviewer, but drove IM buddies to distraction. Two out of ten infra red beams required a reboot. PalmOS 6.0, a ground-up rewrite emphasizing multitasking, should sort out many of these problems. Software bundle While phone vendors naturally like to stress their partnerships with corporate email infrastructure providers, the out-of-the-box offerings can be pretty underweight. But the Treo 600 has a better email client than either the Nokia 3650 or the Sony Ericsson P800 (now deprecated, and not having used the P900 yet, I'm wary of making too many direct comparisons). Neither rival allows users to limit downloads to a certain size, which is critical when using a capped GPRS data plan. And if Handspring's own email client isn't enough, excellent third party clients are available. Handspring has also worked hard on its browser, which offers an intelligent 'small screen' mode and rudimentary JavaScript support for HTML pages. In practice, however, it proved sluggish and spotty, looking decidedly primitive compared to NetFront and Opera, and no quicker than the basic Doris Browser, popular on Series 60 phones for its sheer speed. (How much a higher resolution screen would help here, we can't say). There's no certificate management, making secure browsing difficult. When browsing with images turned off, I wasn't able to 'grab' an image, which you often need to do. palmOne needs to work with these third parties and bundle a mature browser with the phone. The camera software is rudimentary too. It's perhaps the weakest part of the proposition: the camera is the worst we've used on a smartphone. It was nice to see a 'downsize' option and 'Set [as] wallpaper', but the Treo isn't going to be the device to ignite the MMS market - which could use a little fuel right now. The PalmOS software is showing its age. The contacts book has allowed only five custom fields for several years now, and it's exactly a year since we were briefed about an overhaul. (The much-anticipated version 6.0 has slipped by six months, and will ship only now ship to OEMs by the end of the year). Again, Palm's rich developer base can help fill the gaps - Iambic's contact manager is an excellent alternative, for example - but there's a lot of opportunity for integrating the venerable suite into a successor that's both more flexible and more tightly coupled. (Do Memo Pad, To Do and Calendar really need to be separate applications?) Another feature that helped established the Palm, HotSync, could also use a brush-up. Bluetooth really must be built-in: although SD cards will provide the missing functionality, that takes up a slot which really should be free for storage. (And using MMC/SD gives the Treo a huge advantage over the SonyEricsson models, which use the much more expensive Duo format). It isn't possible to drag and drop files to the Treo, and users would appreciate a way of retrieving photos quickly and easily from the device. The Treo is compatible with a great range of applications which need to be tweaked to take advantage of the phone's pen-free navigation philosophy. Going forward, PalmSource must begin to attract developers who are increasingly being drawn to the Series 60 platform for really groundbreaking new applications (such as VoIP Buzz2Talk) first. Palm's vast developer community must be seen as the platform's future, rather than its past. Verdict At $599, the Treo 600 isn't cheap. Palm owners at last have a modern smartphone upgrade that's a credible phone, and corporate buyers who currently support employees with both cellphones and RIM devices now have a serious reason to rethink their purchasing plans. With limited resources, Handspring has produced a smartphone that can teach its rivals a few lessons about usability. It was a pleasure to use. PalmOne [Handspring] Treo 600 Pros — Excellent human interface — Good battery life and reception — Wide range of compatible software Cons — Expensive — No Bluetooth — The 'keyboard' is not for everyone Price $599 ($399 upgrade for existing Treo users) More info Handspring Recent Reviews Palm Tungsten E Palm Tungsten T3 Palm Zire 71 PDA Asus A620BT Pocket PC Viewsonic V35 Pocket PC Rio Chiba 256MB MP3 player Creative Nomad MuVo NX Micro MP3 Players Creative SoundBlaster MP3+ Logitech Pocket Digital 130 digicam
Andrew Orlowski, 03 Nov 2003

AMD claims Microsoft delays are not ‘substantial’

After watching Microsoft cast AMD's 64-bit processor line to the backwoods of the Windows release cycle, you have to ask - did Jerry Sanders do enough? Two weeks ago Microsoft dropped a bomb. It pushed the first Windows Server 2003 Service Pack back to the second half of 2004. And along with the Service Pack go new versions of Windows for both AMD's Opteron (Windows Server 2003) and Athlon 64 processors (Windows XP). This places the Windows for AMD64 release close to nine months behind original expectations, adding risks to an already risky proposition from AMD. You would think AMD deserves better treatment than this. The company's Chairman, Jerry Sanders, went to some lengths to get Microsoft on board the 64-bit train. Sanders agreed to testify on Microsoft's behalf in the antitrust trial, hoping, in part, that Bill Gates would consider going public about support for AMD's 64-bit chips. This was surely a bitter pill to swallow for a man always crashing against the Wintel collective. But Sanders' efforts did not go far enough. Microsoft is dragging AMD along like a rag doll for its own convenience. "Microsoft wouldn't inherently have to (keep the Service Pack and OS releases) together, but it's much easier for them to keep things aligned like this," said Gordon Haff, analyst at Illuminata. "And especially with their supposed increased focus on product quality with things like Trustworthy Computing, they're unlikely to shift schedules around willy-nilly." Waiting for Microsoft must be painful for AMD. The company has struggled to post profits and is relying on the AMD64 chips to strengthen its bottom line. It has had some nice high performance computing wins with Opteron and Linux - SuSE in particular - but nothings spells market opportunity like 95 per cent desktop share. "Windows support was such a big deal for AMD's benefit," Haff said. "So I don't see how anyone can casually dismiss it slipping out close to year from its original shipping schedule." And yet AMD appears rather casual about the whole affair. Cut to 23 September. Microsoft issues a press release, saying final versions of Windows for Opteron and Athlon 64 will be ready by the first half of 2004. This went out on the day of AMD's Athlon 64 launch. Enthusiasm from all partners required. Then, just 21 days later, Microsoft says it made a wee mistake and announces that the OSes will not really be available until the second half of 2004. The timing on these announcements is curious to be sure. One day after this bomb dropped, AMD's CEO, Hector Ruiz, fielded a question about the delay, during the company's third quarter earnings call. An analyst asks: "Microsoft apparently yesterday pushed off the intro for Windows XP support for AMD64. What is the impact of that push-off, if you can confirm it?" Ruiz responds: "We are working with Microsoft very closely to continue to stay on track with their release of the software. There is nothing substantial to add beyond that." That holds true if you don't consider 95 per cent desktop market share substantial. Most people do. An AMD spokesman said Ruiz was "being a good partner" in answering the question as he did. You never know what reporter was told something or when. But in reality, Microsoft told numerous media outlets about the delay the day before the call. You would think that a minion would make sure Ruiz is apprised of this delay from the world's largest software maker. It will take a long while to suss out any long-term effects from Microsoft's delay, but in the short term, there are a couple of shifts. AMD must back Opteron with full force and hope the chip can sell better than ever hoped. This isn't a horrible gamble given the processor's impressive performance and steady wins. It has thrived on Linux servers, and Sun Microsystems appears to be coming on strong with a Solaris x86 play. In fact, Sun will have a 64-bit version of its Unix ready in the first half of next year. This means that Sun, which earlier in the year dismissed any Opteron plans, will eclipse the long time backer from Redmond. On the desktop, AMD can keep plugging away with Athlon 64 and Linux. It's a nice play. Not a '95 per cent of the market' play, but a nice one. And as AMD hones in on the Linux market, it can wonder whether or not Intel really has 64-bit desktop plans of its own. Microsoft has bought Intel some valuable catch-up time. When all is said and done, however, it's clear that Jerry Sanders did not do enough. ®
Ashlee Vance, 03 Nov 2003