27th > November > 2003 Archive
Esat BT this week introduced to Ireland a do-it-yourself hotspot product for small business owners who wish to enable their premises with a public wireless network. Openzone in a Box can be purchased off the shelf and will allow business owners to install their own hotspots for a significantly lower cost than opting for the company's full service solution. It retails for €499.95 (ex-VAT). For this, buyers receive a wireless networking (Wi-Fi) hub which is designed for business use, capable of supporting multiple VPNs. Customers also receive a batch of 60 vouchers which they can sell on to users of the hotspots. The purchase also entitles the premises owner to technical support from Esat BT. The announcement is the first of a series of developments that Esat BT is promising in its wireless services. The company said that a further product, "Mini-Openzone," will launch in the New Year. This will be positioned between the entry-level DIY solution launched on Tuesday and the full service solution provided by the company at its existing chain of hotspots. The company is also experimenting with outdoor hotspots that are based in telephone boxes and provide wireless coverage within a hundred-metre radius. Esat BT now has 19 hotspots in the Republic of Ireland. The number has been boosted somewhat be the company's recent deal with the Insomnia chain of coffee shops. Fourteen of these hotspots are in the Dublin area, with further hotspots in Cork, Kildare, Sligo, Galway and Limerick. The company says it has no immediate plans to alter its pricing for Wi-Fi access, which is quite high compared to similar public hotspots in the US. Costs range from €10 per hour, up to €120 for an unlimited subscription. Alan Hall of BT Openzone said that the pricing might seem quite reasonable to corporate customers in need of widespread connectivity. Richard Dineen, an analyst at Ovum said that pricing is indicative of the maturity of a market. "Competition tends to drive down prices," said Dineen. "While markets such as Japan and the US may be quite developed, Europe is still in an experimental phase." © ENN Related stories BT Openzone to cut hotspot charges for business Orange and Vodafone tap BT for Wi-Fi access BT payphones get Wi-Fi
OpinionOpinion Linux vendors spend money building security bug fixes. How much longer will they give them away for free, writes SecurityFocus columnist Hal Flynn. In the last week of October, Apple debuted its latest installment of the BSD-based operating system Mac OS X 10.3, also known as Panther. With it came many new features, as well as some security fixes. And not just a couple security fixes, several of them. All told, nine security fixes ranging from problems in Mac OS X applications such as finder, to freely available applications such as OpenSSH. The security patches created a huge controversy when they came out, owing to a rumor that the only way to get the fix would be to purchase the upgrade, a $129 outlay. In the end, this turned out to be untrue. Apple assured customers that the fixes would be back-ported, and would be available for all other currently supported operating systems. But until Apple made a public announcement about it, we almost saw a revolution. When it comes to security patches, I've always heard the same argument from the open-source and free software crowd. The argument is that distributing source code for the operating system facilitates the speedy resolution of security problems. When a security hole is announced, the volunteer community is supposed to come to the rescue like a fire brigade, quickly putting out a patch that makes everybody safe and keeps the hackers at bay. But in most cases, it seems the open-source community is the last group to come to the rescue. When a vulnerability is initially made public, things usually go one of two ways: if the vendor was notified first, that vendor typically tries to work with the researcher, and makes an effort to issue a coordinated release. Otherwise, if the vendor wasn't notified, the problem is disclosed to the public, and the community stands idly by, dumbfounded. Inevitably, somebody fixes the problem -- usually very quickly, if it happens to involve a piece of software that's distributed widely, and included as a standard package in most UNIX and Linux distributions. But it's not the much-ballyhooed open-source volunteer community that's providing the fix. One wouldn't even know that community exists, if they weren't brought up each time the arguments for open-source are made. Instead, the fire brigade consists primarily of the maintainers of the software. It also includes the vendors -- SuSE, Red Hat, Mandrake, and others -- that end up having to devote paid development resources to resolving issues in the code. Who Pays For It? One thing I've never understood is why vendors who distribute an operating system for free also distribute fixes for free. The General Public License has always required vendors to make sources of all such licensed software freely available. But more often than not, these fixes are not trivial: they require real analysis, and significant developer resources. If you're a software vendor, these resources aren't free. Developer time that could be dedicated to creating new or improved products that are, ironically, often also given away for free, are instead devoted to providing maintenance on applications not originally authored by the vendor. It isn't hard to find places where those resources would be better spent, like the nagging problems in usability, interface design, and maturity that prevent most free software packages from seeing more widespread adoption. But the vendor resources are dedicated to the security holes. The vendor puts out the fix, and gives it away for free. The volunteer community, which is allegedly supposed to pick up this ball and run with it, instead waits for the vendor advisory, then downloads the fix when it becomes available. And all of this is provided at the vendor's expense. Yeah, we almost saw a revolution with Apple. We almost saw the start of vendors outright demanding payment for security fixes. We almost saw an end to the freeloading. Though the difference between Apple and Linux vendors in terms of licensing is, pardon the pun, apples and oranges, I think we will likely see vendors charging for security patches as a standard practice in the not-too-distant future. It only takes one vendor to prove they can do it for the rest to follow. For a frame of reference, look at online music distribution schemes: with all of the controversy surrounding digital rights management, people are paying for and downloading music in a variety of DRM formats, including iTunes and Windows Media files. Another good example is subscription-based software. Many software packages have moved to a subscription-style pricing scheme. Instead of a perpetual license, you pay for each year you use the product, and the subscription fee covers development and support. In the last few weeks, we have seen a number of shifts in the Linux market. For example, Red Hat moving to Enterprise distributions, which cost significantly more, and dropping their desktop operating systems. We also saw SuSE purchased by Novell, a company that requires "entitlement rights" to obtain fixes for software. Did Apple chicken out on a good, but controversial, decision at the last minute? Or was it just another case of the FUD floggers dreaming up new conspiracy theories? We may never really know. Whatever it was, I think it was a glimpse of a revolution to come, and a peek at the future of Linux software fixes. Copyright © 2003, Author and security analyst Hal Flynn manages the SecurityFocus UNIX focus area.
Nigeria is to set up an inquiry into 419 fraud and the laws covering this crime. It may also set up a new agency to tackle the scam which has made the country's name synonymous with Internet fraud. "The government will step up measures against these criminal activities," President Olusegun Obasanjo said, the BBC reports. According to some estimates, 419 fraud (so called after the section of Nigeria's penal code which makes it illegal) is one of Nigeria's biggest export earners, generating $5bn a year in foreign currency earners for the scammers. The biggest 419 fraud uncovered to date was a $180m swindle of a Brazilian bank which resulted in its collapse, the BBC reports. Suspects are facing prosecution as are 200 alleged perpetrators of computer fraud (including a federal lawmaker), arrested by Nigeria's anti-fraud squad in May. So 419 is becoming a higher-risk activity, but the amount of money it generates suggests that 419 is a viable career option for the go-ahead young Nigerian and that thousands could be involved. In the mid-90s, Nigeria bought ads in leading Western newspapers to warn people off 419 frauds. It pointed out that victims were knowingly getting involved with crime and should expect no help from the Nigerian government. The basic 419 fraud has existed in letter-writing form since the late 1980s. The Internet has vastly increased the reach of the fraudsters. The letter writer says he has acquired millions of dollars under dubious circumstances and needs help to get the money out of the country. The victim knows that this is illegal but is sucked in on the promise of a huge fee. The fraudsters then attempts to extract advance fees from the victim. Often the victim is lured to another country to meet the fraudsters; the reasoning for this is that the police in, say, the UK, are not particularly interested in the plight of a venal, stupid person from outside their jurisdiction. Also there have been a few cases of kidnapping and extortion conducted by 419 gangs. ®
StobStob Today was ‘open doors day’ at Softwron Inc, the US software and litigation giant. Softwron is the first company to take advantage of the US Patent Office’s surprise announcement that integers are patentable. To counter recent unfavourable coverage, the company took a party of top-notch journos, your correspondent naturally included, around its secret research facility.
Around 18,000 people were charged twice for their BT Internet services this month, following a billing error at the dominant fixed-line telco. According to a BT spokesman, only a tiny percentage of the company's dial-up and broadband customers were hit by the snag. In an email to punters BT apologised for the mistake explaining that an error in its billing systems "may have caused your November Direct Debit to be collected from your bank account twice". BT is to give customers a full refund. ®
Demand for public WLAN services will be stronger in Europe than the US during the next five years, according to a study carried out by US market watcher Insight Research. Worldwide, some $163 million will be spent on Wi-Fi services and kit during the 2003-2008 period. Insight's study - Wi-Fi in North America and Europe: Telecommunications' Future 2003-2008 - expects global revenues to grow from $7 billion this year to $44 billion in 2008, a compound annual growth rate of 44 per cent. Insight didn't offer a specific breakdown of US vs European revenue, but is expects the adoption of Wi-Fi in Europe more quickly than in North America. Essentially, it's Europe's technology lag that will drive its growth. Fewer new buildings with Ethernet cabling installed during construction and the cost of wiring existing office space will steer business toward wireless networking. Europe also has a stronger standards-based mobile communications heritage, thanks to the ubiquity of GSM mobile phones. That favours IT solutions that deliver a high level of mobility. Europe also has a lower installed base of office PCs. That, plus the natural upgrade cycle, will favour the purchase of newer systems with integrated Wi-Fi. In the consumer space, Europe's cafe culture and ubiquitous mass transit systems lend themselves to public hotspots, says Insight. Globally, equipment providers will be the big Wi-Fi winner initially, says Insight, accounting for $5 billion out of this year's $7 billion WLAN revenue - services account for the remaining $2 billion, 28.5 per cent of the total. By 2008, services will account for 41 per cent - $18 billion of that $44 billion total. "We expect growth of European Wi-Fi services to surpass North American service revenue well before the end of our forecast period," said Insight Research President Robert Rosenberg. ® Related Products Buy Wireless, 802.11 & Wi-Fi products in The Reg mobile store
Spanish police have arrested a 23-year man on suspicion of writing the Raleka computer worm. The unnamed man is suspected of leading a Spanish phreaker group called "AKELARRE". According to a statement by Spain's Civil Guard, three houses were searched and eight computers seized during the investigation that led to the arrest of 23-year-old suspect, nicknamed "900K", in Madrid. It's believed to be the first time Spanish authorities have arrested a suspected virus author. The Spanish Interior Ministry hailed the arrest as a "landmark in the fight against the computer science delinquency" in the country. Raleka infected more than 120,000 computers in 14 days following its release in August this year, according to Spanish police. The worm exploited the same DCOM vulnerability as the much more contagious Blaster worm. Once infected computers could be controlled by a remote hacker over IRC, as explained here. Microsoft recently announced two $250,000 bounties for information leading to the arrest and conviction of the authors of the Blaster and Sobig worms. Although Raleka used a similar trick as Blaster, it is not believed the Spanish arrest is connected to Microsoft's reward. ® External Links Statement on the arrest by the Spanish Ministry of the Interior (in Spanish) Related Stories Nachi worm infected Diebold ATMs MS puts $250k bounty on virus authors' heads Juvenile arrested in Blaster worm probe Feds sexed up case - Blaster suspect Parson not dumbest virus writer ever, shock!
When the city sleeps, it's never completely silent. But when the Internet sleeps, what kind of static does it make? What does it sound like? Like the weird warbles astronomers claim to hear from outer space? We'd like to share what the Internet sounds like when it sleeps, and in its current highly agitated state, we think it's worth sharing. Our thanks to ISP Robin Bandy at Cliq for providing traffic information for a node which died, but which was still being routed to, over several months. A silent tristero, if you like: the computer which we'll examine was giving out no TCP/IP responses. Cliq's traffic monitoring continued, however, and began to trace what the rest of us can't hear. This is the unbidden Internet traffic: the very sound of static. What we're hearing are the pings and portscans that leave untraceable fingerprints around our sockets, and they're so slight that we don't notice. Let's look at the packets. A daily sample shows that this traffic is persistent, and fairly variable. But a weekly sample shows that a poor silent, unattended node gets something of a break at the weekends. What's a gal to do? We see that traffic drops by half at weekends, from 20 bits per second to 10. This, as Robin suggests, gives credence to the theory that a lot of the Internet's static is generated by business computers, which are running Microsoft® Windows™., but which are left unattended when the corridor warriors depart their desks, and head downtown, to hunt for unprotected nodes. Now that's interesting. The monthly chart isn't too interesting, however, so we won't bother showing you it, but for the sake of completeness, here's a chart for the duration. It represents a routed but silent Internet node over the course of eight months silence. As we can see, it's going up. Some of us have noticed that the noise quotient of the Internet has increased somewhat and, what with all the spam, the pop-up windows, the blog noise and Google being broken, things just aren't what they used to be. The 'be' being a thing that perhaps never was, or only ever existed as the romantic hope of someone's imagination. Our Robin brings us back to earth, and points to a few interesting implications of this data. The hard figures we can draw are that modem users lose about 20 bits per second to Internet junk, which is just about tolerable. But owners of Class B networks, who expect to monitor 256^16 nodes, are probably more interested in the stats, as they pay for the data. Techno-utopians have tried to school us that the "Internet" is frictionless and free. But now we look at the real Internet and, once we included background static in the picture, we can begin to discover where the real costs lie. And the larger networks have a real cost here, as Internet static is multiplied exponentially. So what happens next? From the technical follows the political: these guys may start to get selfish soon, and demand to be paid. For punters who've always accepted that "things" are "free", and never thought about the political economies of the Internet - this could be a real eye-opener. The operators may well decide to throw the Internet's real freeloaders - geeks who contribute little real (in terms of technical or social) infrastructure, off of the payroll, at a macro-economic level. The political economies suggest that some day very soon Internet consultants may well be expendable to the people who really pay the bills. And if this cost is a form of pollution, which polluters must we bill? The guys whose computers are left unattended at weekends, leaking like an oil spill? The Universe gives off a persistent background microwave radiation - and this provides astronomers with the historical data of how the cosmos was created. How much can you stand, and how much do you think the money men can stand before they pull on their radiation suits? And who do we send the bill to, at the end of the day? Let us know ®
Nigeria is to set up an inquiry into 419 fraud and the laws covering this crime. It may also set up a new agency to tackle the scam which has made the country's name synonymous with Internet fraud. "The government will step up measures against these criminal activities," President Olusegun Obasanjo said, the BBC reports. According to some estimates, 419 fraud (so called after the section of Nigeria's penal code which makes it illegal) is one of Nigeria's biggest export earners, generating $5bn a year in foreign currency earners for the scammers. The biggest 419 fraud uncovered to date was a $180m swindle of a Brazilian bank which resulted in its collapse, the BBC reports. Suspects are facing prosecution as are 200 alleged perpetrators of computer fraud (including a federal lawmaker), arrested by Nigeria's anti-fraud squad in May. So 419 is becoming a higher-risk activity, but the amount of money it generates suggests that 419 is a viable career option for the go-ahead young Nigerian and that thousands could be involved. In the mid-90s, Nigeria bought ads in leading Western newspapers to warn people off 419 frauds. It pointed out that victims were knowingly getting involved with crime and should expect no help from the Nigerian government. The basic 419 fraud has existed in letter-writing form since the late 1980s. The Internet has vastly increased the reach of the fraudsters. The letter writer says he has acquired millions of dollars under dubious circumstances and needs help to get the money out of the country. The victim knows that this is illegal but is sucked in on the promise of a huge fee. The fraudsters then attempts to extract advance fees from the victim. Often the victim is lured to another country to meet the fraudsters; the reasoning for this is that the police in, say, the UK, are not particularly interested in the plight of a venal, stupid person from outside their jurisdiction. Also there have been a few cases of kidnapping and extortion conducted by 419 gangs. In 2001, a Nigerian gang lured a British businessman to South Africa and then held him for ransom. He escaped only because he was allowed to make a phone call and was able to alert his wife by speaking in his native Polish. ® Related stories Canadian '419er' released without charge Pensioner accused of AUS $5m Nigerian scam Two-in-one ID theft, fee fraud scam debuts Amsterdam: home of the 419 lottery scam World's first 419 revenge killing?
The DVD Forum, the industry body responsible for defining and maintaining the DVD standard, has approved Toshiba and NEC's suggestion for a version of the format that will support HDTV. The proposed specification is based on a blue laser optical system, yielding a disc capacity of 15-20GB per side. The format uses the same disc structure as today's DVDs. However, while the Forum voted 8:6 to support the Toshiba/NEC format, it only agreed to use the read-only implementation. The two companies also offered a rewritable version, but that failed to gain a majority vote. Technically, neither did the ROM format, EE Times reports. The victory was achieved only through new voting rules that ignore abstentions. In two past ballots, based on previous regulations, the Toshiba/NEC format did not achieve a majority vote. Crucially, the Toshiba/NEC format offers backward compatibility with the current DVD standard. However, it's up against a powerful consortium of key consumer electronics players, including Sony, Philips, Matsushita and Samsung, who back the incompatible Blu-Ray format. As we've seen with DVD-R/-RW and DVD+R/+RW, the two formats are likely to go head to head in the market, despite the Forum's support for a particular technology. Blu-Ray has not been offered to the Forum as the basis of a future DVD spec., but it will be offered to the market as the next generation of write-once/rewritable optical storage technology. Sony began shipping Blu-Ray based storage product this month. ® Related Stories Sony to ship blue laser storage rig next month Sony unveils blue-laser optical drives Toshiba to demo low-cost blue-laser optical disc 8.5GB DVD+R discs, drives to ship April '04
New technology from the Royal Institute of Technology (KTH) in Stockholm (Sweden) is teaching household robots a more efficient way to get around the house. A major problem for household robots on the move is that they have very little knowledge about their surroundings. A chair that has been moved or a person standing in the way can easily puzzle a robot. Several earlier attempts have involved programming an enormous amount of map data: The more data needs to be processed, the slower the robot becomes. Nor is a robot particularly good at improvising when unexpected obstacles turn up. Swedish researcher Philipp Althaus describes a whole new concept in his thesis, defended last Friday: Just make robots stupid. The idea is to clear the brain of the robot from unnecessarily information as much as possible. Obstacles the robot encounters on the way can be forgotten immediately. Works like a charm, it seems. Just wish we could do this with our brain. Netherlands - Instant S.O.S. Dutch company Netpresenter released its ’Emergency Alert’ software this week to meet terrorist threats faced by organisations everywhere. It is the first commercially available software that instantly broadcasts evacuation and other urgent messages immediately overriding employee’s PCs. Key personnel enter messages into a simple browser interface. Planned scenarios can be set up in advance, or quickly added to meet the threat. Then with one mouse click, the Emergency broadcast hits every PC, TV or Plasma screen targeted in the buildings concerned. Netpresenter say their software is already in use at Amsterdam Airport and several petrochemical companies. Norway - hiring foreign ICT expertise virtually impossible Norwegian companies Opera and Trolltech are complaining that they can't hire foreign workers. The problem is the UDI, Norway's Directorate of Immigration, according to the national daily newspaper Aftenposten. Browser company Opera has employees from about 20 countries, but many new applicants have to wait six months before they can get a work permit. To hire foreign outsiders for short-term assignments is virtually impossible. Fast Search and Transfer are employing people abroad instead. Portugal - improving road safety by satellite A new system currently under development in Portugal may improve road safety. Each year in Europe, 40 000 people die and 1 700 000 are injured in road accidents. Statistics show that one in three Europeans will become road accident victims during the course of their lifetime. A new satellite project named ARMAS (Active Road Management Assisted by Satellite), developed by the European Space Agency in corporation with Portuguese companies Skysoft and INOV and with the support of Auto-Estradas do Atlântico and Lusopont, will bring about changes on many levels. A receiver located inside a vehicle calculates its position in real time and enables information to be exchanged with a regional control centre. The system also allows a car to send back information about problems that may occur while traveling. An S.O.S. alarm can be sent in an emergency. It is also possible to alert nearby motorists to slow down. Real time tests are currently conducted on the Vasco Da Gama Bridge above the Tagus, one of the longest bridges in Europe. To learn more, watch this videoclip. ®
Sendo founder and CEO Hugh Brogan yesterday announced the company's big bet smartphone, the Sendo X. "Announced", which is what it says here, is apparently different from "unveiled", which is what it says here, and is different still from having volume production shipping into the channel today. But glitches permitting the Sendo X will be with us in volume very shortly, and has enough going for it to give Sendo a shot at transforming itself into a big name in the smartphone arena. It is just over a year since Sendo pulled the plugs on its previous shot at stardom, and the associated lawsuit will rumble on for some time. This year's model, not MS smartphone but Symbian OS Series 60, is however carefully calculated to make up lost ground by outbidding the key players in several areas. The graphiX co-processor leaves the phone's ARM 9 free for other tasks, making it just plain faster, and it's being positioned much more as a device with 'real' camera capabilities, as opposed to a handset with a 'good enough' camera included. It includes flash and redeye reduction, and can record up to 35-40 minutes of 15fps video. The screen is 176x266 with 65,000 colours. It raises the game with audio too, with a 64 voice polyphonic capability, an acoustic chamber that makes it sound better at high volume, an MP3 capability (which is not standard with S60), and recordable ringtones. The latter strikes us as having all sorts of potential, some of it (e.g. the phone that rings with your kid saying, 'father, come home') quite chilling. Sendo also repurposes some of the old Microsoft script by pushing the phone's capabilities as regards syncing with MS Office. According to head of product strategy and marketing Ron Schaeffer (who sheepishly tells us "you may have heard me say the same thing about the Z100 a couple of years ago") it's the only S60 phone that will do email synchronisation, and it's ready to work with SyncML servers just as soon as the operators start deploying them. It also comes with a wide range of document viewers as standard. The actual utility of strong sync and integration capabilities with Office strikes us as doubtful, but for anyone who subscribes to the bonkers Gartner viewpoint that Microsoft phones will rule the world for this very reason it's a checkmark to put against the Sendo X. The fold-away keyboard accessory is possibly also helpful here, given that if you want to do email on as mobile phone it might be nice to be able to type, and there's an SD slot to give it enough memory to back up any pretensions it has as a mini platform. Sendo confesses that the SD slot is not SDIO, although this is starting to feature on people's wishlists. But the company has some interesting things to say on the subject of wi-fi - says Brogan: "We have a technical solution for how to do it. There are no product offerings currently on roadmap, [but] now we need a customer to ask us to do it, then we'll go forward." And assuredly, as Symbian phones start to overlap more with PocketPC devices, somebody will ask. Schaeffer also offers a major come-on for operators. The X is a Series 60 phone that can be tailored in order to allow the operator to customise graphics and sound to achieve their own branded ' user experience.' Demoing yesterday he showed this very thing done with Vodafone livery, stressing that the choice of operator should be seen merely as exemplary, without other significance. Yes Ron, right... Vodafone is the one of the operators that's pushing hardest here, and is currently attempting to show Nokia how little it needs them. The Sendo X is a cool-looking upmarket phone that beats current Nokia specs but can come without trailing the Nokia branding. And Orange, another noted self-branding merchant, doesn't like you a lot on the grounds that you sued them. So Ron, who in the UK are you going to hug if it's not Vodafone? Sendo is already hugging TIM in Italy, where Brogan says the order is comparable to the the size TIM is placing with other companies, "for example, Nokia." It will also ship in Germany with an unnamed partner before the end of March. Sendo puts its unsubsidised price at around €500, which places it on a par with what major brands expect initially from their top of the range handsets. Sendo is not as yet a major brand, so its bet must clearly be that it has added enough in the way of features and tweaks for it to overcome this hurdle and catapult itself to brand status. Brogan next year sees a global smartphone market of up to 30 million units, with around 18 million of these in Europe, and Sendo establishing itself as one of the "four or five people who're going to have devices of this capability." Right now it looks lovely (pix here), and convincing enough to get the company a hearing. But it's a narrow window Sendo is aiming for, and this time around it definitely can't afford any breakages on the way to market. ® Related Products Order the Sendo X from The Reg mobile store
Norway's Data Inspectorate says it is ready to go after people who publish embarrassing pictures of others without their permission, the Norwegian daily paper Aftenposten reports. A recent decision by a EU tribunal clears the way for tougher privacy regulations elsewhere too. Any business with a website must prepare for a crackdown by European Data Protection Registrars, Manchester law firm Rowe Cohen now warns. This month the EU ruled on an extraordinary case that may have profound implications for Internet users and business across Europe. The story begins with a Swedish woman named Bodil Lindqvist (you can see a picture of her here, a community-minded parishioner and volunteer worker from Alseda, who was prosecuted for publishing a website to assist fellow church-goers in their confirmation preparations. The pages contained information about her colleagues, whom she described in mildly humorous terms. In several cases their family circumstances, telephone number and other details were given. Much to her surprise, Mrs Lindqvist was fined SEK 4,000 (approximately €450) by the Swedish District Court for "processing personal data by automatic means without notifying the Datainspektion" (the Swedish supervisory authority for the protection of electronically transmitted data) and "transferring data to third countries without authorisation and for processing sensitive personal data". Mrs Lindqvist thought this was unfair. After all, her actions were motivated by the very best of intentions, so she appealed against the decision to the Göta hovrätt or Swedish Court of Appeal, which referred the case to the European Court of Justice. It in turn ruled that the posting of personal information, images or video clips of others without their consent violates laws based on the EU 1995 European Data Protection Directive. With the EU ruling in place, Norway's Data Inspectorate now says (even though it is not a EU member country) it will crack down on the growing problem of web sites featuring so called sneak photos - youth sites where drunken teens are exposed in embarrassing poses or pictures taken of girls in school showers with camera-enabled mobile phones. "We can order sites to remove illegal content and if they do not comply issue daily fines," DI information chief Ove Skaara told Aftenposten. It doesn’t mean everybody that puts up a humorous website can get prosecuted: Norway's personal information laws do allow for exceptions on ‘journalistic and artistic grounds’ as well as ‘in the interests of freedom of speech’. Most European countries have similar rules. Rowe Cohen, however, believes the ruling can have significant implications for all European business. Companies must be aware that corporate and e-commerce websites that hold personal information are a significant data protection liability, the firm told the UK magazine Online Recruitment. Companies must review their online activities to ensure their compliance with Data Protection Regulations. ®
Watch maker Fossil has relaunched its range of timepieces based on Microsoft's Smart Personal Object Technology (Spot). The arrival of the updated line-up comes after it was revealed earlier this month that the system's debut has been put back until next year. Fossil announced last January it would offer a set of Spot watches this autumn, with one model offered across the company's three main brands: Fossil, Abacus and Philippe Stark. The new line-up, dubbed the Wrist Net series, will comprise three Fossil-branded models: the Round, the Square and the Dick Tracy, priced at $179, $179 and $199, respectively. The Dick Tracy version offers the same functionality as the cheaper models, but is styled after the famous 'tec's wrist phone. Each Wrist Net watch will display news, weather, stock prices, SMS messages and other information broadcast by Microsoft's upcoming MSN Direct FM radio service, to which owners must take out a $59 annual or $10 per month subscription. The reason for the delay to the MSN Direct roll-out the appears to be the radio infrastructure, which may be too weakly powered to allow subscribers to get up-to-date information exactly when they want it. The delay has been instigated to provide time for further testing and tweaking, it is believed. ® Related Stories Microsoft Spot watches delayed Fossil blames Flextronics for Wrist PDA delay Amazon.com drops Fossil Wrist PDA Fossil puts back Palm Wrist PDA launch to 2004
Dutch Lindows resellers are accusing Microsoft of intimidation, after several received phone calls from the software giant seeking meetings to "avoid" legal action over the name of the operating system. "This about the name, not about Linux," a spokeswoman for Microsoft in the Netherlands confirms. Lindows argues that "windows" is a generic term that predates Microsoft's use in late 1983 and that Microsoft was granted its trademark under 'questionable circumstances'. "In their typical monopolist style, Microsoft threaten with lawsuits unless we stop selling Lindows," says CEO Menso de Jong from Mensys.nl, which sells alternatives for Microsoft such as Lindows, OS/2, eComStation, Linux and Zeta. "We asked them to confirm their statements in writing, which they haven’t done. We refuse to talk unless we have something on paper." Most Dutch Lindows resellers are small businesses that don't have money to defend themselves. "If they take me to court I have to stop selling Lindows, because I don’t have the money to pay for the lawyers," CEO Hans de Vries of Dutch reseller DV Computer Systems mailed Robertson. Robertson has told the Dutch resellers to stay put. "Originally, he was going to visit the Netherlands this Friday (November 28th) to talk to Microsoft himself," a spokesman for the Dutch reseller Jama Multimedia told The Reg. "It is another example of Microsoft attempting to eradicate all competition through any means," Robertson told his resellers. "While they say they invite competition, behind the scenes they seem willing to take any actions - including blatant extortion - to squash competition.' Robertson CC'ed his reaction to a representative of EU commission investigating MS's anti-competitive behavior in Europe. Ever since US entrepreneur Michael Robertson introduced its Linux version which can interact with files created by Windows programs (hence the name Lindows), Microsoft has tried to sue the company and its resellers and force them to drop the name. But Microsoft’s action in the Netherlands seem somewhat eccentric, as the trademark dispute jury trial between Lindows and Microsoft won't be held until next year. The U.S. District Court for the Western District of Washington in Seattle originally set a trial date back in April, but moved this to December to give Lindows.com more time. Yesterday, Lindows announced that the trial has been pushed back again until March 1 2004. ® Related stories Apple v MS lawsuit to walk again in Lindows.com trial Lindows.com CEO pickets Bill Gates speech MS issues take-down to Lindows, redefines 'guilt'
Police have arrested a California man for stealing computers containing the personal information of thousands of Wells Fargo customers. Edward Jonathan Krastof, 38, of Concord in California, has confessed to stealing a computer containing the sensitive information after breaking into the offices of a financial analyst hired by Wells Fargo, Reuters reports. Krastof also stole another computer and laptop during the same burglary. Concord Police Sergeant Steve White told Reuters that investigators recovered the computer gear - along with "equipment used for scanning identity cards and cheques" - when they raided Krastof's home. White described Krastof as a "low-level ID theft kind of guy." Police traced Krastof after he logged onto his AOL account using one of the stolen computers. Wells Fargo offered a $100,000 reward for information leading to the arrest and conviction of the criminals who stole the machine containing a sensitive customer database. Because Krastof's arrest came through regular police work, and not a tip-oof from members of the public, Wells Fargo will keep this money. Data on the computer included names, addresses, account and social security numbers for people holding overdrafts or loans with Wells Fargo. ® External Links Wells Fargo welcomes the arrest Related Stories UK ID theft gang jailed for £350K fraud ID theft hits 10m Americans a year ID theft: a $1bn a year crime Police recover disk at centre of ID theft flap Feds break massive identity fraud
Hello there. Judging from response to previous surveys, The Register has a lot of readers from the channel i.e. the sell-side of the IT industry. Which is nice, especially as our approach to channel-specific news is somewhat less than methodical. We think it's time to up the ante on our channel coverage, but first we have to assess the commercial viability. And that's where you can help us, by filling in this survey. All channel readers are welcome, but especially from the UK, our commercial heartland. The survey below will take a few minutes to complete. And as ever, one reader will be plucked from random, to win a Reg goodie bag. Thanks in advance for your participation. Your Name (optional): Your Email Address (optional): Are you employed within the UK IT Channel - Yes No What is your job function? - General management Purchasing Sales Product Management Marketing Technical Admin Other, please state: What is your company's primary business? - Manufacturer Direct Manufacturer System Builder ISV Distributor VAR Integrator Corporate level reseller Reseller for SMEs Retail (independent) Retail (Multiple) Mail Order E-Commerce Site Other, please state: What is the size of your company in terms of employees? - 1000+ 500-999 250-499 100-249 50-99 25-49 10-24 1-9 What is the size of your company in terms of revenue? - £50 million + £25 million - £49, 999,999 £10 million - £24,999,999 £5 million - £9,999,999 £1 million - £4,999,999 £500,000 - £999,999 up to £499,999 Which of the following products and services does your company sell? Computer Systems: PCs Mac Workstations NC/Thin Clients Notebooks/laptops Palmtops/PDAs Workgroup Servers Enterprise Servers Mainframe Network/Comms: Internet/intranet hardware ISPs LANs WANs Networking/Comms software Gateways/routers/bridges/hubs Modems/ISDN Telecoms/PBX Mobile comms Converged voice and IP solutions Peripherals: Storage devices Backup devices Printers Monitors Scanners UPS's PC Components Software/Applications: Relationship Management (inc. CRM) EPR/Supply Chain Management Accounting Operating systems Databases Application/Integration/Portal Servers Desktop Publishing Content Management Programming languages/ Dev tools Multimedia Video Conferencing e-Commerce CRM Security Services: Business Consulting Project management/Systems Integration Software development 3rd Party Maintenance IT Rentals/Leasing FM/Outsourcing Call centre/Helpdesk Training/Courses/Videos Conferences/Seminars Contract Staff Which Markets does your company actively sell into? Retail Finance Telco End User/SoHo SME Corporates Education Health Transport Government/Local Government/National Defence Other, please state: Which online publications do you use to source your products? The Register Tomshardware guide CRN Inside-IT.com PCdoesIT.com Other, please state: Which magazines do you use to source your products? Computer Trade Shopper Microscope Computer Reseller News Computer Trade Only The VAR ECR Other, please state: How long have you been a reader of The Register? - less than 1 month 1 - 3 months 4 - 6 months 6 months - 1 year 1 - 2 years 2 - 3 years 3 - 4 years 4 - 5 years more than 5 years What are your favourite sections on The Register? Channel Flannel Hardware Semiconductor Other, please state: Are you directly involved in purchasing, specifying or recommending computer products or services for resale by you company? - Yes No Please list your 3 main current suppliers. Does your company resell software? Bespoke Off the shelf product - in house Off the shelf product - 3rd party Security Embedded N/A Of the following vendors which ones do you hold accreditation/authorised reseller status? 3Com IBM Hewlett Packard Compaq Cisco Microsoft Sun Toshiba Other, please state: Are you interested in receiving information from The Register and our partners which may help your business? - Yes No
Internet bank Egg is facing legal action over an alleged breach of contract. The action - due to begin in the New Year - is being launched by electronic payment outfit Earthport. Publishing its results yesterday, Earthport said: "The company [Earthport] has prepared a claim against Egg for a substantial sum under the November 2001 contract and for related work and intends to pursue this vigorously in the first quarter of 2004." No one at Earthport or Egg was available for comment at the time of writing explain exactly what this legal tiff is all about. However, in a statement, a spokesman from Egg said: "Egg has been advised of a potential claim from Earthport. Egg treats all matters of this nature seriously and strongly refutes these allegations. Following internal investigations, Egg has formally rejected these claims through its legal advisers." ®
The BBC is to flog its wholly-owned commercial subsidiary - BBC Technology Ltd - in a bid to save the corporation up to £30 million a year. The sale - which still needs Government approval - could be worth around £100 million to the Beeb and if given the go-ahead, is expected to be completed by autumn next year. Some 1,400 staff will transfer to BBC Technology's new owner. The UK's publicly-funded broadcaster said that if it didn't sell the business it would be forced to make "substantial job losses" (300 according to one estimate) to make the numbers add up. Whichever outfit buys BBC Technology is expected to provide technology support to the Beeb - including broadcast technology services, desktop support, Web hosting etc - for the next ten years as part of the deal. In an email to staff, BBC boss Greg Dyke insisted that employees would not lose out over the sell-off. Said Mr Dyke: "I can give you my assurance that we will make employment terms a priority and future pension arrangements will be an important issue for the BBC during the commercial negotiations." However, staff were stunned by today's news. One insider told The Register: "We're absolutely devastated by the news. We don't want to be swallowed up by a big IT company like IBM or EDS." And broadcasting union BECTU said it will fight the move, claiming there is no evidence that a private company could save the Beeb any cash. The union also expressed concern about the risk posed to the BBC by handing control of its communication and IT networks over to a private company. "Worse than selling the family silver, they're trying to give away the BBC's entire nervous system", said one union official. News of the sale coincided with confirmation that Roger Flynn, chief exec of BBC Ventures Group (which includes BBC Technology) is to quit his job next spring. ®
LettersLetters “Indiana's decision to scrap the TCS contract will appease voters, media and unions in the short term, but it will probably force the state to spend more taxpayers' dollars on revamping the benefit claims system than it had planned. New Jersey now spends $340,000 per month on supporting its welfare benefits applications from a call center in Camden, which represents a 28% premium over the $266,200 monthly charge it was paying for the service when it was delivered from Mumbai.” Government IT: wasting money to win votes Can you be any more slanted in a headline? I ask why on earth would a government of the people by the people take tax payer money and throw it out to a foreign nation's economy? There are perfectly skilled Hoosiers who can fill this employment need. Indiana is constantly ranked at the bottom of the list for high paying IT jobs. I pay the taxes in this state and the real money wasting is done elsewhere. The previous governor had squandered the largest budget surplus in Indiana history, requested the single largest tax increase and still when the money ran out he sold our jobs to India. There are people who have had to put their houses up for sale because the property tax doubled and they cannot afford to pay it. Not something that would make one popular in this state. Tragically he died from a strokejust days before the story broke... Dave Clark What was causing the uproar wasn't simply that the money was going out of the state. The problem was that the contract was for Indiana's Office of Workforce Development - most accurately translated as "the unemployment office". The state of Indiana has been very hard-hit by the IT job crash. I know many people in the industry who have great qualifications and are skilled at what they do, but have been unemployed or under-employed for over a year. I was unemployed in my field for 50 weeks. The OWD is supposed to be helping unemployed people get jobs, not sending jobs out of the state when there are plenty of qualified people here who can do the work. It is on the surface merely an "image issue" but the fact is that the contract was built in such a way that it was impossible for any local, qualified firm to win it. A perusal of the related story items in the Indianapolis Star would confirm this. Robert Spelman It is smarter for government to pay local in-state centers than to outsource. Sending money to a foreign country is money that is never going to come back to the state. If they spend their money on internal companies, they will get payroll taxes, corporate taxes, taxes on equipment, taxes on telecom connections and keep jobs in their state. Money spent by a state within its own state remains in circulation. Saving money by outsourcing out of country is a net loss for a state government. It makes more sense for states to spend taxpayer money inside the state where some of it will come back to the state and help their own economy. I hope more states and the Federal government start to follow this line of thinking. Jim Mogle Kissimmee, Fl. Systems Tech ®
Sales of downloadable mobile games to N-Gage users have outstripped sales to Nokia 3510i users by eight per cent despite a huge disparity in the installed base for the devices, according to UK mobile game retailer mProvision. The company, which operates mobile gaming portals ngagegames.co.uk and mynokiagames.co.uk, says that although N-Gage users account for only 4.5 per cent of its subscribers (as against 17 per cent for the 3510i), sales of games for the device have broken all records. This is both good news and bad news for Nokia. It proves that the device, despite a critical battering over many technical or design flaws, is being used enthusiastically as a games console; however, it suggests that users are choosing to purchase downloaded games (which cost around £5.75 apiece) rather than full-price N-Gage releases on MMC cards. This will come as no surprise to mobile game developers, many of whom have privately expressed the opinion that the N-Gage will prove popular as a platform for standard downloaded Java games, rather than for full-price retail games. "We manage opt-in subscriber databases for all phone game enabled handsets in the UK," explained mProvision managing director Fox Tucker, "and while our N-Gage users account for just 4.5 per cent of our total subscriber base, we've seen game sales for n-Gage games via our sites break all records. Our opt-in N-Gage subscribers have clearly demonstrated that they bought the handset predominantly as a handheld games console." Copyright © 20003, GamesIndustry.biz Related Products Buy the Nokia N-Gage from The Reg mobile store
Details of a vulnerability in Mac OS X that creates a mechanism for crackers to take over vulnerable machines has been posted on the Net. Security researcher William Carrel released details of a vulnerability, and suggested workarounds, in advance of a fix from Apple because of what he sees as the vendor's sluggish response to the problem. The issue stems from a flaw in Apple's Dynamic Host Configuration Protocol (DHCP) client that means a user can be tricked into logging onto a rogue server. DHCP servers manage the assignment of IP addresses on a network. If an Apple machine is booted in a hostile environment, this vulnerability means an attacker could load malicious code and take full control of a vulnerable Mac OS X workstation or server. Exploitation is possible in both wired and wireless environments but by far the greater risk appears to come with WLANs. The vulnerability affects Mac OS X 10.2 and 10.3 on both workstation and servers. Earlier versions of Mac OS X may also be vulnerable. Carrel suggests a number of workarounds including preventing any network authorisation services from obtaining settings from DHCP, as explained here. A fix from Apple is not expected before next month at the earliest. ® Related Stories Apple preps second Panther OS update Panther bitten by second data damaging bug Scripting flaws pose severe risk for IE users
Pan European ISP Tiscali has undergone a logo makeover to reflect the "maturity and internationality" of the company. The cost of the new image - which turns Tiscali's uppercase logo and accompanying motif into something that looks like a lowercase typewriter-like font - is not being disclosed. Although not being fully introduced throughout the company until the beginning of next year, you can catch a sneak preview at 46664.com. Why 46664.com? Well, Tiscali is one of a number of ISPs around the world that is streaming a concert - featuring Queen, Bono and Peter Gabriel, among others - on Saturday to generate awareness about Aids. And so Tiscali has used its new logo on the site. A spokeswoman for Tiscali said: "Tiscali has undertaken a review of its positioning and visual identity and as a consequence has decided to re-design the logo to reflect the maturity and internationality of the company as well as the dynamic nature of our market and the enthusiasm and passion Tiscali has for the internet." So now you know. ®
Pivotal had all the signs of an acquisition target: small customer base, declining license revenue, and dwindling cash reserves. Still, no one would have anticipated the level of interest that has resulted in Oak, CDC and Onyx all squabbling over the potential feast. When the vendor pickings are slim, even the most modest of players looks attractive. Merger frenzy in the IT sector has forced small vendors to assess their options to ensure ongoing survival in some form or other - and mergers and acquisitions that help increase critical mass can be an attractive way forward. But the last few years have taken their toll on CRM pure-plays, reducing the numbers. With few vendors left in play, when one of them does hawk itself around the boardrooms as Pivotal has, it stimulates appetites. Few predators are willing to give up once they have scented their prey, hence the tussle over Pivotal. It is a dangerous game though, because with two of the three likely to remain hungry, they will either look elsewhere or become prey themselves having exposed their own needs. The upside of this situation includes a potential increase in the price paid for the target company, which will benefit the shareholders, while customers should gain from a future roadmap, albeit sometimes less than ideal because it may require migration, where there was potentially a dead end. On a broader level, the overall result is potentially an increase in confidence, and in a way, more market choice. As smaller players combine they become more secure, making it acceptable for customers to invest in their technology, rather than feeling they have to pay for the security of tier 1 vendors, especially now that the current PeopleSoft/Oracle saga indicates that even tier 1 investments may not be secure. However, something has changed since the last bout of mergers and acquisitions. Successful mergers these days require more than balance-sheet consolidation or the pursuit of expanded features and functionality that characterized the acquisition frenzy of 2000/2001. The objective has to be to support the creation of application integration platforms, a move that marks another step in the shift in application architecture from database tables to loosely coupled business services. Source: Computerwire/Datamonitor Related Research The CRM Outlook: Maturing to the next level
A damaged undersea transatlantic cable led to the failure of other Internet systems which resulted in serious problems for many UK Net users this week. Damage to a cable somewhere off the French coast at around 4pm on Tuesday afternoon caused havoc for Net and phone users in the UK. BT has confirmed that some of its voice services were hit by the outage, while NTL blamed the cable problem for downing its Net service - including web browsing, email, FTP and newsgroups - for around eight hours until around 1am on Wednesday morning. An NTL spokeswoman told The Register that because of knock-on effects users still experienced problems when traffic was re-routed (see NTL status page here). Put under extra pressure, NTL's DNS servers failed, she said. That meant users were unable to log onto Web sites using their host name, even though the sites were reachable to users who knew their IP address. Email and other services were hosed for the same reason. NTL's users were the worst affected,but we understand blueyonder, BT, Freeserve, Pipex and Nildram users all experienced problems to a lesser or greater extent. Telewest, which continues to investigate the problem, has confirmed its blueyonder subscribers also experienced difficulties accessing email and personal webspace for around four hours on Tuesday night. A Telewest representative commented: "While the problems were ongoing we saw a massive increase in DNS look-ups for Zone Alarm, which seemed to be a side effect of the cable damage and some networks being down." Behaviour like this has led to a theory that Zone Alarms was been attacked in a DDoS attack routed through insecure UK ISP networks. But this theory fails to stack up, according to Neil Barrett, technical director at security consultancy Information Risk Management (IRM), and an expert on computer forensics,. "Name server lookups were slow but in other aspects the Internet was performing normally. This just didn't have the look and feel of a DDoS attack," he said. ® Related Stories Damaged undersea cable blamed for UK Net problems WorldPay recovers from massive attack
StobStob US software and litigation giant Softwron Inc is today vigorously denying a rumour that its newly patented integer, the so-called ’Wron number, has been caught flouting numerical law.
A survey of European CIOs, published this week on the subject of Enterprise Content Management (ECM), reveals the rationale behind the Open Text - Ixos merger, showing Documentum as the European market leader with Open Text nowhere in sight. Other strong players, only just behind Documentum in Europe include Vignette and Interwoven, with the Open Text's acquisition target Ixos in fourth place with less than half the other three's level of penetration. The study from Rethink Researhc however shows that these companies have barely scratched the surface in Europe, with 66% of companies not yet having ECM, and of those about 60% of them plan to buy a system for the first time within the next 24 months, more than doubling the European market in the process. In Germany, 37% of respondents had installed a content system, and in France 29%. Only 17% of Benelux respondents and just 7% of Scandinavians had systems in place. But there will be an upturn in Scandinavian interest with 50% of respondents from this region planning to finally invest in content management after 2004. The report, "Content and Document Management Trends 2004" costs £600 and can be purchased here. News IS is published by Rethink Research, a London-based IT publishing and consulting firm. This weekly newsletter delivers in-depth analysis and market research of mobile and wireless for business. Subscription details are here.
An EU vote on patents legislation has been delayed again, as the debate over the effect of intellectual property laws on software innovation continues. The original EU directive on software patents was supported by large corporations, but was vehemently opposed by a range of academics, software developers and members of the open source community, who believed that the directive would stifle an open exchange of ideas in the EU and would ultimately discourage software innovation. The bill that was approved by the EU Parliament on 24 September included 124 amendments, which limited intellectual property rights and antagonised many large corporations, who feel that strong intellectual property rights are a fundamental motivation for technical innovation. According to the Dow Jones newswire, the CEOs of a number of large European corporations, including Alcatel, Nokia, Siemens, Philips and Ericsson recently sent a letter to the European Union in which they criticised the revised bill and threatened to move more than €15 billion of R&D research out of Europe. The Council of Ministers vote, which was to take place on 27 November, has been postponed. "The purpose of patents is to encourage innovation, so that you can create something, patent it, make money from it and use the money for further innovation," said Karen Murray, a barrister and lecturer on IT law at the National College of Ireland. "But the patents are published and are available for people who would like to enhance that innovation." But there are fears among the software community that a large number of broad and ambiguous patents could be approved, which would turn generic technical functions into private property. "The purpose of the directive is to clarify the existing situation," said Murray. "In order for an idea to be patented in the EU it must be a new idea, it must not be obvious to people who are technically competent, it must run on a machine and have a technical effect," Murray told ElectricNews.Net. Murray pointed to Amazon.com's one-click patent, which is used to streamline on-line shopping, as an example of a software idea that has been patented. The US has been more open to software patents in the past, but some of these patents are now being reviewed. On 13 November the US patent office announced that it would review Eolas's patent for the technology used to embed and run content within a Web page. The patent has been publicly opposed by Tim Berner-Lee, head of the W3C, who claimed that Eolas was not the first to come up with this idea and that intellectual property laws run against the spirit of the Internet,which is based on free access to protocols and tools. The founder of Eolas, Mike Doyle has accused the W3C of being motivated by an ideological dislike of software patents. © ENN