3rd > February > 2004 Archive
The Oracle 10g wait is over, at least if you are a preferred customer of Sun Microsystems or HP. Oracle let a pair of downloads for its new database slip onto the Web just ahead of a Tuesday conference call to discuss the product. As of this moment, Solaris (64-bit/SPARC) and HP-UX developers are taken care of with build 10.1.0.2. Windows and Linux editions of the database are expected to follow in due course. Exact delivery dates and pricing for the official, polished 10g release are expected to arrive at the Tuesday event. Oracle is under pressure to cut the price of the Standard Edition One - or low-end version - of 10g, if it hopes to apply pressure on both Microsoft and IBM. Microsoft currently has SQL Server 2000 priced close to $5,000, while IBM sells an Express edition of DB2 for $4,000 per processor. Last year, Oracle trimmed the price of its Standard Edition One database to $6,000, but one report from IDG News Service says the new Standard Edition One for 10g will come in at $5,000. Database darling James Niccolai at IDG also reports that Oracle may bundle its Real Application Clusters (RAC) software with the midrange Standard Edition 10g database. The high-end version of the Oracle database comes in at around $40,000. ® Related Story IDG's Italian Stallion speaks
Intel has put back the release of 'Dothan', the 90nm version of its Pentium M mobile processor, to late April or early May. And Taiwanese notebook manufacturers are pretty annoyed about it, a DigiTimes report detailing the delay claims today. Last month, Chipzilla's COO and President, Paul Otellini, admitted that the chip's release had slipped from Q1 to Q2. Dothan had been expected to debut on 15 February. "Our validation processes recently showed the need to make some circuit modifications to enable high-volume manufacturability," he said at the time. When the chip was announced, back in March 2003, it was officially scheduled to appear sometime in the second half of the year. Internal roadmaps had it down for an October release. That came and went, and Intel went on record to say that "revenue shipments" would be made before the end of 2003. That paved the way, it was hoped, for the mid-Q1 official outing. The effect of the delays has left Taiwanese notebook manufacturers, who produce almost all of the world's portable PCs, wondering quite when Intel will ship the chip. Apparently, they're tooling up for hardware production in May. Some observers believe Intel is holding back on Dothan to devote its 90nm production lines to 'Prescott', the 90nm Pentium 4, which launched yesterday. Chipzilla has already said it wants to aggressively ramp up Prescott volumes during Q1 and Q2, and may well want to devote 90nm fab resources to the new chip in order to allow it to do so. The Pentium M remains a popular processor, courtesy of all the Centrino marketing spend. Demand is sufficiently high, we'd say, for the market to stand the late introduction of Dothan. The second generation of Centrino, codenamed 'Sonoma', is due sometime during Q3 or Q4. ® Related Stories Review: Prescott, the 90nm Pentium 4 Dothan slips again - official Dothan debut due 15 February Intel delays Dothan debut? Intel i855GME to pave way for 'Centrino 2' next year
Notebook vendors are expected to continue the trend of crammed desktop processors into mobile computers, this time using the 'Prescott' Pentium 4 chips launched yesterday. Desktop-replacement notebooks based on the 90nm chip should arrive later this quarter, ahead of Q2's introduction of Mobile P4s based on the new technology. Prescott's large power draw - larger than the 130nm Pentium 4's, clock for clock - is likely to restrict the new line of notebooks to lower clock frequencies. For higher speeds, we will have to wait for the Mobile part. But there's a price advantage for going with the desktop product. Mobile Prescott processors are expected to ship at 3.06, 3.2 and 3.46GHz, all with a 533MHz effective bit rate frontside bus, and priced at $234, $294 and $433, respectively. By contrast, the desktop Prescotts at 2.8, 3, 3.2 and 3.4GHz, with an 800MHz FSB, are priced at $178, $218, $278 and $417, respectively. ®
Jerome Heckenkamp pleaded guilty Thursday to defacing the online auction house eBay and penetrating systems at the San Diego-based telecommunication equipment maker Qualcomm, ending years of pre-trial court wrangling and casting considerable doubt on his public claims of innocence. Under the terms of his plea deal with prosecutors, Heckenkamp, 24, admitted to causing at least $70,000 in losses in a 1999 hacking spree while a graduate student at the University of Wisconsin. In addition to the Qualcomm and eBay hacks -- the latter performed under the handle "MagicFX" -- Heckenkamp admitted to penetrating the systems of Exodus Communications, Juniper Networks, Lycos, and Cygnus Solutions. Prosecutors agreed to recommend no more than two years in prison, and not to seek restrictions on Heckenkamp's employment-related use of computers and the Internet in the period of court supervision likely to follow any prison term. The hacker will get credit for approximately eight months of time that he spent in custody in 2002, after he fired his lawyer to clear the way for a series of unusual legal challenges that only served to perplex and anger federal judges in two jurisdictions. Among other gambits, Heckenkamp had argued that the government lacked standing to prosecute anyone, and that the indictments in the case referred to a different defendant: they spelled his name in all capital letters, while he spells it with the first letter capitalized and subsequent letters in lower case. Angered by the arguments, federal judge James Ware declared Heckenkamp a flight risk and ordered him arrested in the courtroom. He was released on bail, months later, only after accepting legal representation again. Defense attorney Benjamin Coleman says he'll ask the court to accept a formulation of federal sentencing guideline factors that limits Heckenkamp's sentence to the time he's already served. "The way the guideline should be calculated, he should get time-served," said Coleman. "He shouldn't do any more time." The plea agreement also allows the lawyer to challenge as unconstitutional the 1999 search of Heckenkamp's computer that led to the charges. According to court records, examination of the deleted file space on Heckenkamp's Linux box surfaced a detailed personal log of computer intrusions at 120 different universities and companies. If the appeal is successful, Heckenkamp's conviction could be undone. But either way, his oft-repeated claims of innocence are likely a thing of the past. In a 2002 jailhouse interview with SecurityFocus, Heckenkamp claimed that hackers had penetrated his dorm-room computer and used it to crack other systems. "Some of these companies I had never even heard of before I was charged," said Heckenkamp. A similar theme dominated a website set up by supporters and maintained by Heckenkamp's father, coloring the hacker an "innocent scapegoat of a restless, unrelenting and desperate FBI, caught in the middle of a 21st century spin-off of McCarthyism." That website could no longer be reached Monday. Heckenkamp's father, Thomas Heckenkamp, declined to comment on the plea. Sentencing in the case is set for May 10th. Copyright © 2004,
NEC today launched a cameraphone the size of a credit card, dubbing it "the world's smallest and slimmest mobile phone". It's a little thicker than your average Mastercard, obviously, but at 0.7cm thick, it's not exactly chunky. Face on, the dimensions are a neat 8.5 x 5.4cm. The handset weights 70g (2.5oz). Built into the slimline silver shell is a 1.8in 120 x 160 colour LCD and a 0.3 megapixel digicam. It has a 40-voice polyphonic sound system for ringtones, and operates on GSM and GPRS networks. NEC said it would use the technology that allows the phone's small size in other applications, including PDAs, mobile terminals and micro PCs. NEC provided few other details of the phone's capabilities, though it did say the handset will go on sale this month in the Chinese market. ®
The US Federal Trade Commission has announced an international initiative to fight spam, which will focus on closing off the unsecured servers used by spammers. The FTC is to work with 36 different agencies in 26 countries on its new programme, entitled Operation Secure Your Server. The initiative is designed to coordinate an international effort to reduce the flow of unsolicited commercial email by urging organisations to close open relays and open proxies, which are often used by spammers to send unsolicited email. Participating agencies have identified tens of thousands of owners or operators of potentially open relay or open proxy servers around the world; the agencies are sending letters urging the owners and operators to protect themselves from unwittingly relaying spam. Open relays and open proxies are servers that allow any computer in the world to route email through servers of other organisations, thereby disguising its real origin. The FTC said that these abuses not only overload servers, but also could damage an unwitting firm's reputation if it appears that the business sent the spam. "International cooperation is going to play an important role in combating spam, as this project clearly demonstrates. Moreover, government cannot solve the spam problem on its own; everyone with an Internet connection must do their part to make sure that they are part of the solution and not part of the problem," said Howard Beales, director of the FTC's Bureau of Consumer Protection. "Any move to reduce the flow of spam is to be welcomed. We're happy that the FTC is now taking a line that looks at the international situation, rather than focussing solely on US citizens," said a spokesperson for the Irish Data Protection Commissioner. The spokesperson said that a European Commission delegation is due to meet the FTC on Wednesday and further news on cooperation may emerge after the meeting. Agencies in Albania, Argentina, Australia, Canada, Brazil, Bulgaria, Canada, Chile, Colombia, Denmark, Ecuador, Finland, Hungary, Jamaica, Japan, Lithuania, Norway, Panama, Peru, Romania, Serbia, Singapore, South Korea, Switzerland, Taiwan, and the United Kingdom are sponsoring the initiative along with the FTC. The FTC has also created a Web page http://www.ftc.gov/secureyourserver that contains information for businesses on how to protect themselves from becoming unwitting distributors of spam. © ENN
There's yet more evidence that the UK's IT sector could be on the mend. The latest bulletin from UK industry group "e-skills" suggests that there is growing optimism among employers, something that is supported by an increased demand for skilled IT staff. Here's a quotation from the report: "The state of the ICT sector remains unsettled, with positive changes in the stock market counterbalanced by a continuing decline in the trade balance for ICT services and reduced private sector spending on IT hardware and software. "Businesses appear bullish however and appear positive about future sales and employment prospects." It goes on: "There appears to be a gradual re-emergence of demand for contract ICT staff and skills shortages remain for those with specialist skills/experience." E-skills has reached this assessment by pooling research from a whole host of different sources including the Office of National Statistics (ONS) and other market data. In effect, it's licking its finger and sticking it in the air to find out which way the wind's blowing. For instance, e-skills also found that the number of people employed in ICT occupations increased by 21,000 over the previous quarter. And while the unemployment rate for those normally working in ICT jobs stood at 4.8 per cent, the number of vacancies for contract ICT staff increased by 4 per cent over the previous quarter, it said. In its last bulletin e-skills was "cautiously upbeat" about the future of the UK's ICT sector, adding that the indicators "appeared to show that the market has at least bottomed out". ® Related Story E-skills upbeat about tech sector
UpdateUpdate Nokia's first 3G handset, the 7600, will go on sale in the UK this month - but not, it seems, with the blessing of 3G service provider Three. Instead, the handsets come courtesy of retailer The Carphone Warehouse, which claims to be the phone's exclusive UK supplier. In fact, you can also get one through the Reg Mobile Store, SIM-free and unlocked, or with an O2 GSM connection. Weighing a mere 123g and measuring 8.7 x 7.8 x 1.86cm, the 7600 is one of the lightest and smallest dual-band GSM and 3G (WCDMA) phones in the world. It also features a 640 x 480 digicam which can be used for stills and two-and-a-half minutes of 15fps video. To complete the handset's multimedia features list is polyphonic ring-tone support and a built-in MP3/AAC audio player. Songs can be transferred to the handset using a USB connection or the phone's integrated Bluetooth link. Up to 29MB of storage capacity is available for tracks, pictures and video. The phone has talk time of almost three hours using a 3G connection. Stand-by time is up to 12.5 days. There's a catch, however: 7600 owners will be able to watch some of the video content Three offers, but not the network's premium material, such Premiership football goals or - ahem - its porn channel. Nor, crucially, can the phone be used to make video calls, we understand. Depending on which Three tariff buyers choose, their 7600 will cost up to £229.99, Tech Digest reports. The Reg Mobile Store is charging £359 (exc. VAT) for a SIM-free version, or £159 (exc. VAT) with connection to O2's non-3G GSM network. ® Related Story Nokia launches trendiest phone yet
OpinionOpinion Microsoft can end the scourge of e-mail viruses by ending its support for old software, and the clueless users who refuse to upgrade, writes SecurityFocus columnist Tim Mullen. Well here we go again. We are suffering through yet another email-borne virus (this one called Novarg) whose infection has reportedly trumped out all others in the infamous history of malicious computer code. Was the vector some l337 0-day 'sploit? Nope. Was it a complex multi-layer program leveraging several unpatched vulnerabilities? Nope. It was -- wait for it -- an executable attachment in an email. What genius! The author of Novarg (or MyDoom, or whatever you want to call it) really put his noodle to the test when he cooked this one up, huh? I would like to think that in this day and age people would know better than to open executables in an e-mail. I'd also like to be able to flap my arms and fly to the moon. Opening attachments in e-mail is one par with group needle-sharing after having unprotected sex in a Third World orgy. Yet, with an estimated 30 per cent [peak] of world-wide e-mail traffic being Novarg, it is clear that millions are willing to blindly point-and-click their way into infection while a tempest of white noise rages in the part of their brain where conscious thought should be. When events like this occur, it really makes me question my faith in education as a means of mitigating security issues. As much as I want to believe that we can teach people about computer security, it looks as though it may be a pipe dream after all. A mere month after my "Resolutions" column called for patience and understanding in user training, I'm ready to throw in the towel. Looks like I was wrong. Many will be quick to point out that it is Microsoft's "crappy code" that allows people to open attachments in the first place, but let's take a look at that: all "recent" Microsoft software does not, in fact, allow one to do so-- not easily, anyway. Outlook 2000's "e-mail security patch" was released almost four years ago. And though still officially supported, that product is three major versions in the past. Security years are like dog years, so this is like using a product made back in 1976. The only thing in my house that was around in '76 is me, and possibly that pink fuzzy thing in my refrigerator. So what is the solution when you have stupid people using old software? We can't really get rid of the stupid people, so I think it is time that the old software gets the boot. The problem is that Microsoft is still supporting these legacy clients. Bill and Steve, I have utmost respect for you and your business knowledge, but it is time you kicked these people through the goal posts of life and score some points for your "real" costumers-- us. All of the good light Microsoft is shining on security gets totally overcast when virus/worm outbreaks like this happen. And the people like me who faithfully spend time and money to follow in the upgrade path still suffer from the inaction of those who choose to stay behind. Microsoft is making great strides toward product security, and I'm proud to be part of the movement. But now it is time to fully commit to security by stopping support for products that can't be secured. If clients are still using Windows 9x along with the associated legacy support software, it should be a pretty good indication that they are not really interested in paying for decent software security. So stop being a co-dependant in their addiction to cheapness. Stop dating these people if you're not getting a kiss on the doorstep. Stop letting them use the bathroom in the same place where the rest of us have to eat. Product support and security is not Social Security. The money I spend today should not be used to help those of the generation before when they don't want help or don't know they need it. I know that the repercussions of this would be far reaching, and I am not ignorant of the enormous undertaking it would be to pull it off, but I think the numbers speak for themselves. "When" is now, and it is time we said it. Copyright © 2004, Timothy M. Mullen is CIO and Chief Software Architect for AnchorIS.Com, a developer of secure, enterprise-based accounting software. AnchorIS.Com also provides security consulting services for a variety of companies, including Microsoft Corporation.
Reg Kit WatchReg Kit Watch Austrian watch seller Laks has announced an update to its USB Flash drive timepiece. The new model, due to ship next month, features a built-in MP3 player. Like our own Cash'n'Carrion Memory Watch, the Laks watch features up to 256MB of Flash strorage space. The USB connector neatly locks into the watch's black plastic strap. The new model ships with a pair of in-the-ear phones, which connect up to an earphone socket againt built into the strap. In order to supply enough power to run the MP3 playback circuitry, the watch contains a separate rechargeable lithium battery, which is powered up using the USB link. Laks claims a charging time of 1.5 hours, yielding 4-5 hours' playback time. Running out of juice for the MP3 player should not affect the device's ability to tell the time accurately. The watch component is based on a Japanese mechanism, and comes with a two-year warranty. Versions of the device with 32, 64, 128 and 256MB of Flash are currently on pre-order, preparatory to shipping in March. They are priced at €89 (£60), €129 (£88), €189 (£129) and €279 (£190), respectively. ®
In the proud tradition of naming one's offspring after entire football teams, or a favourite brand of supercar, one US dad has decided to name his son after a software upgrade. Jon Blake Cusack and wife Jamie, of Holland, Michigan, will certainly be spending many a sleepless night debugging little Jon Blake Cusack Version 2.0 and - in about 16 years' time - having a very hard time explaining to their unfortunate offspring whose bright idea this was in the first place. Mr Cusack insisted to the local media that his male friends found the moniker "cool", but admitted his wife and her associates were less impressed. Indeed, Jamie Cusack held out for months against the plan and we reckon she will have something to say about hubby Jon's insistance that Version 2.0's first sprog will be Version 3.0, and so forth. Of course, this type of numerical sequencing of kids is not without precedent: plenty of Romans were called Septimus and Decimus. No Roman, however, was ever burdened with the title Tiberius Augustus Pentium III, and God help the third child of Jon Blake Cusack Version 1.0's fifth son if this madness is not stopped now. ®
Computer Aid international has launched a new appeal for companies and individuals to send it defunct PCs to be reconditioned and distributed to schools and community groups in the developing world. Last year, the British charity refurbished and shipped 1,000 old PCs every month – a figure it believes it can double in 2004 with increased donations from large corporations and public sector organisations. Computer Aid aims to collect 25,000 old Pentium machines in 2004. Tony Roberts, Computer Aid’s chief executive, points out that his charity could actually help companies comply with the requirements of the data protection act, as its machines have their hard drives wiped to Department of Defense standards before they are re-distributed. According to Roberts, nearly 1.5 million PCs end up on landfill sites across the UK every year. He argues that there is a pressing need for re-use of computers even without the environmental concerns. "The fact remains that 99 per cent of children in the developing world still leave school without ever having seen or touched a computer and while organisations such as SchoolNet Africa are trying to address this issue, the cost of new PCs in the developing world is prohibitive," he said. You can find out more on the website. When the WEEE (Waste Electronicand Electrical Equipment) Directive becomes law in the UK in August this year, it will be illegal for any electrical or electronic equipment to be dumped in landfill sites. However, responsibility for collection and recycling of goods will lie with the manufacturers. ® Related Stories: Reg readers are generous PC-donating bunch
Reg Kit WatchReg Kit Watch Sony has launched a pair of Wi-Fi-enabled PDAs in its home market, the Japanese giant said yesterday. Both machines - the Clié TH55 and the Clié TJ37 - run Palm OS 5.2. But while the more consumer-focused TJ37 is based on Motorola's ARM-based i.MXL processor, clocked at 200MHz, its high-end companion is based on Sony's own Handheld Engine CPU. This runs at between 8MHz and 123MHz, depending on load, in a similar fashion to Intel's SpeedStep technology for mobile Pentium processors. The TH55 (left) ships with 32MB, as does the TJ37, but while all of the high-end machine's RAM is available to the user, only 23MB of the TJ37's memory is accessible. The TJ37 sports a 320 x 240 16-bit colour display, while the TH55's panel runs to 320 x 480. Both feature a 640 x 480 digicam, backed with still and video capture software, along with the usual array of Sony-bundled music and movie playback applications, including the AeroPlayer audio player and Kinoma 2 for video. Both models' Wi-Fi adaptor are supported by Clié Mail and the NetFront 3.1 web browser. The TH55 also ships with a Clié Organizer, which combines the PDA's usual PIM functions into a single app. Piscel Viewer, meanwhile, lets you view Microsoft Office files and many other document formats. The TH55 measures 12.1 x 7.3 x 1.3cm (4.9 x 2.9 x 0.5in), though its flip-down cover renders it slightly thicker when closed. It weighs 165g (5.8oz) with the cover off. The TJ37's dimensions are 11.3 x 7.5 x 1.3cm (4.5 x 3 x 0.5in) and it weighs 145g (5oz). The two models are priced at ¥39,800 ($375) and ¥29,800 ($280). US and European availability and pricing was not disclosed. ®
Microsoft has broken its monthly release cycle to issue a cumulative patch designed to address three potentially serious security vulnerabilities. The company has dropped support for a common Web authentication method to fix a flaw which made it easier to lure IE users to malicious constructed or fraudulent sites. Support is removed for handling user names and passwords in HTTP or HTTPS URLs in IE. The syntax http(s)://username:password@server/resource.ext has legitimate users but is also frequently used in phishing scams. The problem is compounded by a security vulnerability, resolved with yesterday’s cumulative update, which could be exploited to display a fake URL in the address and status bars of IE. Rather than fix that specific flaw, which first emerged almost two months ago, Microsoft is ditching an entire approach. Microsoft alerted developers that it was contemplating the change last week. Good riddance to bad coding Reg reader response since has fallen into two camps: those who think the use of user names and passwords in HTTP should never have been supported; and others who think a pop-up dialogue box should be generated when URLs containing authentication tokens are used. This would take the form: "Warning: You are about to go to xyz.com. Please check this address carefully to make sure that it is the site you were expecting to visit." And another (two) things... The cumulative patch - critical for IE 5.01, 5.5 and 6.0 users - also contains fixes for two other security vulnerabilities. These involve an Internet Explorer File Download Extension Spoofing flaw and a Cross Site Scripting vulnerability, as explained in greater depth here. Although Microsoft made a decision to release patches on a monthly basis last October it always retained the option of releasing urgent fixes on an ad-hoc basis. Concern that the 'faking it' flaw - which emerged in early December - could aid the cause of fraudsters has driven the issue further up Microsoft's security agenda. A fix for the flaw was not released earlier in order to allow testing, Stuart Okin, Chief Security Officer at Microsoft UK, recently told El Reg. The phishing problem is much bigger an issue than an IE flaw which might allow a fake URL to be displayed in the address and status bars of visiting Web surfers, he said. Too serious to wait Microsoft went to monthly updates with the idea that if the release of fixes was more predictable more companies would get into the habit of consistently applying patches. Failure to apply patches is a major cause of corporate insecurity. Critics might say Microsoft is releasing its fix - which it admits it critical - in a way that (by its own logic) means the patch is less likely to be rapidly applied. It's all a bit of a mess and reason enough for some to consider using alternative browsers, though we can't see much of a stampede in that direction anytime soon. In the meantime, IE users are urged to review Microsoft's patch here. ® Related Stories MS drop authentication technique to foil phishing No relief from Microsoft phishing bug IE phishing scam exploit unearthed Gone Phishin' Halifax suspends e-banking site after phishing attack UK banks and police proffer anti-phishing advice Ballmer's new MS security fix - same patches, but 'nicer'
Freeserve is set to make a big push for broadband this year, according to a senior spokesman at the French-owned ISP. Up until now Freeserve has focused on selling broadband to its existing punters rather than chuck money at marketing the service to the wider market. Now, it seems that the UK division of French ISP Wanadoo is prepared to take on rivals AOL, BT and Tiscali and fight for greater market share. Today, for example, a new three-month cut-price broadband offer takes effect backed by an ad campaign, although at this stage it's not known what else the ISP is planning to boost sales. A senior spokesman for the company told The Register: "This is the year for broadband for us - we're going for it." His upbeat comments come as parent Wanadoo publishes key data from the last three months of 2003. Today's titbits are merely designed to whet the appetite ahead of the publication of full results next week. That said, today's scraps do show, for instance, that at the end of December Freeserve boasted 158,000 broadband users - an increase of 35,000 in the three months to the end of the year. So is Freeserve disappointed by this? Not at all, says our senior spokesman. "We're doing broadband our way by migrating existing customers across." But he went on: "This is the year for broadband for us - we're going for it." And what about overall numbers? At the end of March 2003 Freeserve had almost 2.7 million punters. Since then, numbers have fallen each quarter and its total user base now stand at 2.58 million as of the end of December. Once again our Freeserve spokesman said: "We're quite happy with the way things are going." Indeed, Freeserve reported that average revenues per user (ARPU) reached €9.1 in December 2003, up from € 8.5 in June 2003, mainly as a result of an increase in ADSL customers. Despite this, today's announcement provides no mention of the ISP's financial progress. In September, after all, the company reported that it had made its first profit. So, how are thing? Our Freeserve spokesman declined to be drawn on any specific information except to say: "Freeserve has had a very good end of year." OK - one last thing - the issue of whether Freeserve is going to bite the bullet and rebrand under the Wanadoo moniker. After all, today's statement makes no mention of "Freeserve" and instead refers to Wanadoo "in the United Kingdom". Is this part of a gradual process of rebranding and a sign of the French company's intentions? Our senior source said the company's position hadn't changed and that it "continued to look at rebranding". However, we have his assurance that "no announcement [one way or other] is due soon". Elsewhere, Wanadoo as a whole reported that it now has more than nine million punters in Europe including almost 2.5 million broadband customers. Total revenues for the year were up 26 per cent at €2.6 billion. The company's full annual results are published on February 11. ® Related Stories Freeserve mulls Wanadoo rebranding - again Freeserve makes first (monthly) profit Freeserve denies it's gone cold on BB
Growing demand for handsets in Asia and Eastern Europe propelled the once stagnant mobile phone market to strong double-digit growth last year, market watcher IDC said today. Some 533.4 million handsets shipped in 2003, up 23.3 per cent on the 432.7 million that shipped in 2002. Fellow researcher Strategy Analytics put the cumulative 2003 total at 516 million, beating the record set in 2000, when 435 million handsets were shipped. According to IDC, Q4 2003 was a particularly strong quarter, with shipments up 29.7 per cent on the same period the year before. The 167.8 million handsets shipped in the three months to 31 December 2003 was also 21.8 per cent higher than Q3 2003's total. SA's Q4 total was, like the full year, lower than IDC's: 159 million units. However, it was still enough to become the biggest selling quarter of all time, the company said. Smartphones grabbed the headline growth figure, with annual shipments up 181.6 per cent, according to IDC. But that figure masks the fact that only 1.8 per cent - some 9.6 million devices - of the year's tally of handset shipments were smartphones. That said, Q4's proportion came in at 2.2 per cent - 3.7 million smartphones shipped in the quarter - suggesting that demand is growing, albeit slowly. That figure represents a 77.3 per cent increase over the previous quarter. Worldwide Smartphone Vendors 2003 Rank Vendor 2003 Shipments 2003 Market Share 1 Nokia 5.45m 56.9% 2 Sony Ericsson 815,047 8.5% 3 Motorola 778,287 8.1% 4 RIM 490,263 5.1% 5 Samsung 284,803 3% Others 1.76m 18.4% Source: IDC Nokia dominated the smartphone, accounting for over half the units shipped, IDC's figures show. Overall, the Finnish vendor made a third (33.6 per cent) of all the handsets that shipped last year. However, that represents a dip on the 35 per cent share it achieved in 2002, despite as 18.3 per cent year-on-year increase in shipments. Nokia did achieve better-than-market performance during Q4, with shipments up 19.8 per cent year on year and 22.3 per cent above the previous quarter's figure. Motorola's market share fell, too, but it retained its number two slot, shipping 1.5 per cent more handsets in 2003 than 2002. It took 14.1 per cent of the market. Samsung followed, with 9.9 per cent. Worldwide Mobile Phone Vendors 2003 Rank Vendor 2003 Shipments 2003 Market Share 1 Nokia 179.34m 33.6% 2 Motorola 75.44m 14.1% 3 Samsung 53m 9.9% 4 Siemens 45.35m 8.5% 5 LG Electronics 27.5m 5.2% Others 152.73m 28.6% Source: IDC Related Products Search for your next phone in The Reg mobile store
Vulture Central recently predicted that conspiracy theorists would soon be scanning Mars rover snaps for evidence of extra-terrestrial life such as mountains in the form of Kylie Minogue's buttocks and rockfaces carved into iconic representations of Sir Bill Gates of Seattle. The truth has turned out to be almost as terrifying with the discovery of the number "19" clearly etched into a Martian rock, and captured by the fearless Spirit rover: But what does it mean? Chillingly, according to numerologists, the numbers 1 and 9 transpose into the letters AI. Co-incidence? We think not. We can now say with absolute certainty that Mars was previously inhabited by super-intelligent machine beings which, for reasons unknown but probably related to a lack of any decent nightlife on that distant world, came to Earth where they are now running the UK's rail network and teaching cybernetics at Reading University. While we wait with bated breath the humanity-rocking impact of this bombshell, we'd like to offer NASA a suggestion regarding its poorly Spirit rover. Reports suggest a full file system is to blame for its current malaise. Reader Paul Jaggard thinks that if the ailing dune buggy can crawl to the PC World we previously located, the helpful staff there could - after checking the flash memory for any net porn the rover may have downloaded for "research purposes" during the last couple of weeks - give it a scrub and shave and send it on its way. We agree. Every minute Sprit spends dossing about on far-flung reaches of the galaxy is a minute lost to the breathless pursuit of Martian simulacra. ® Bootnote Reader Shawn s, aka Plasmahawk, tells us the original rover picture can be found here. It may not stay there for long, though, once the black helicopters move in, remove the photograph and kill anyone who has ever seen it.
Microsoft's Xbox 2 console - aka Xbox Next - will be powered by three IBM PowerPC G5-class 64-bit processors, with graphics driven by ATI's next generation of accelerator chip. So claims a San Jose Mercury News story, with further details published at TeamXbox. The next-gen Xbox will boast three PowerPC 976 chips, each based on IBM's Power 5 architecture and fabbed at 65nm. That Power 5 connection means each will offer simultaneous multi-threading technology, allowing them to process two program instruction streams at the same time. With three CPUs in the box, and an alleged two cores per die, that means the console has the equivalent of 12 processors inside - a lot of processing horsepower, if the console and chip specs. are to be believed. Alongside them will be an ATI R500 graphics chip, apparently. It will support DirectX 10, which will also provide the graphics API for the next major version of Windows, 'Longhorn'. The R500 die contains its own frame buffer embedded DRAM, which, it's claimed, will yield HDTV picture resolution with full-screen anti-aliasing. Backing that will be 256MB of SDRAM. ®
More than 510 million mobile phone handsets were shipped last year in what is being described by analysts as a "phenomenal year" for the industry. Early estimates from Gartner, based on industry figures, suggest that sales of handsets exceeded expectations around the world. Mature markets, including the US, Europe and Japan, saw a surge in replacement sales with colour screens and camera phones proving popular. In emerging markets, such as China, India, Russia and Brazil, sales continued to beat expectations due to the availability of very low cost handsets and aggressive sales tactics by operators. Said Gartner analyst, Ben Wood: "2003 was a phenomenal year for the mobile phone industry, with an average growth rate of nearly 20 percent. "As we enter 2004, the emerging markets will play an increasingly important role and we expect manufacturers to continue developing low cost products specifically for these markets," he said. Gartner also revealed that the buoyant sale of handsets looks set to continue with early indicators from Q1 suggesting that the "positive trend in the mobile handset market is continuing". As a result, Gartner is "provisionally raising" its forecast for mobile phone sales to 560 million in 2004. ®
SCO has moved its Internet operations to the domain www.thescogroup.com in response to the denial of service attack generated by the MyDoom worm against its regular base of operations, www.sco.com. The alternate Web site is expected to serve as an interim site for SCO until 12 February, when the DDoS attack generated by the MyDoom is expected to conclude. Netcraft reports that www.thescogroup.com resolves to the same IP address as sco.com, one of a variety of SCO web sites that remains in operation despite the MyDoom assault. Since MyDoom targets only www.sco.com, SCO was able to remove the DNS entry for this particular site to block the attack and allow it to maintain a web presence via different URLs. Pity us - evil 'hackers' are attacking SCO knew when exactly when the DDoS attack against its corporate site would begin. So why didn’t arrange to redirect before the attack commenced? Critics of SCO are contrasting the company’s actions with Microsoft's approach when Windows Update was attacked by machines infected with the Blaster worm. They say SCO allowed its web presence to be temporarily swept away in a tide of MyDoom-generated crap in a cynical play designed to provoke sympathy for company. www.sco.com – along with www.microsoft.com – was due to be bombarded with traffic generated by the MyDoom-B worm from earlier this afternoon. However, because MyDoom-B is far, far less prevalent than MyDoom-A this ‘assault’ will only be a puny affair that will be trivial to defend against. Message filtering firm MessageLabs has blocked 18 million copies of MyDoom-A by lunchtime today compared to just 100 copies of MyDoom-B. ® Related Stories Latest Email worm (MyDoom) has SCO-facing payload SCO posts $250,000 worm bounty MyDoom assault forces SCO.com off the net MyDoom variant attacks Microsoft.com Windows Update still standing despite Blaster
Chip maker VIA is to sponsor a team in the controversial million dollar DARPA Grand Challenge robot race. Team LoGHIQ plans to build a robot that will navigate an obstacle course using a combination of stereovision and dead-reckoning GPS. The race has attracted a fair amount of controversy after organisers apparently changed the entry rules after being swamped with submissions. Entrants were competing for just 25 slots and some argued that the last minute rule change favoured the bigger teams. Team LoGHIQ, however, is composed of Rensselaer Polytechnic Institute graduates and family members living in up-state New York. The group is working to a total budget of approximately $50,000, and will draw on experience in solar vehicle design, mechanical engineering, physics, computer systems and computer programming to create the vehicle "from the ground up". In a prepared statement, team leader Seth Cabe said that pitting the team’s ideas “against the best in the world in a real life test is the ultimate challenge". The autonomous vehicle is based on a VIA EPIA M10000 Mini-ITX mainboard running a stripped-down version of Slackware Linux. The board’s low power requirement and smaller size were apparently major factors in its selection. Teams are scheduled to face off in Barstow, California, in a real-world conditions test. Those vehicles that prove themselves capable of handling the terrain unsupported will get a place in the final. Timothy Brown, Robotics Program Manager at VIA Technologies, commented: "These resourceful young guys are challenging the establishment by developing their own potentially disruptive technologies from readily available parts and components." The million dollar prize will go to the team whose progeny is the first to reach Las Vegas, unaided, in under ten hours. ®
A BT survey has concluded what every office-bound computer slave already knows: that the majority of staff would prefer to choose where they did their work. The most popular alternative to the office was - amazingly - the beach. Mountain tops and park benches polled 18 and 17 per cent, respectively, although a lamentable four per cent expressed a wish to do their chores from the comfort of their own bed. BT's sudden interest in the subject is linked to Wireless Broadband Week. Since 57 per cent of those surveyed spent at least five hours a day slumped in front of a PC, there is much to be said for the idea of teleworking. Not, however, if your staff are "hard at it" next to a women's beach volleyball tournament on Rio's Copacabana, or "just working through emails" from the summit of K2. The park bench as an alternative work environment has found favour among El Reg staff, not least because many of this elite cadre of IT hacks find themselves sleeping on said municipal furniture after a particularly heavy night in Vulture Central's own teleworking poll winner: the local pub. ®
Statewatch has obtained a copy of the draft agreement on the transfer of EU airlines' passenger records to the US Department of Homeland Security. The text gives full details of the deal struck between the European Commission and the DHS, and leaves the strong impression that the Commission, rather than protecting (the ostensible purpose of the EU-US discussions) the personal data of its citizens, is an accomplice in its export. Statewatch also notes that the Commission's intention to make a statement of "adequacy" for the agreement under the 1995 Data Protection Directive leaves the European Parliament with limited scope for intervention. It can only do so if it takes the view that the draft implementing measure "would exceed the implementing powers provided for in the basic instrument." Which would seem a fairly reasonable view to take, but the point is that the default is that the deal will go ahead, unless Parliament stands up and shouts. The draft agreement (text here) gives a full list of the PNR (Passenger Name Record) fields required, and is (perhaps unintentionally) revealing regarding the DHS' pursuit of broader personal data. "Additional personal information sought as a direct result of PNR data will be obtained from sources outside the government only through lawful channels [well that's good to know...], and only for legitimate counter-terrorism or law enforcement purposes." The simple statement of "law enforcement purposes" here flags potential mission-creep; the rider specifying international crime only which the Commission had inserted seems to have fallen off already. The document goes on to give credit card transaction information and email records as examples of the kinds of further information that might be sought on the basis of a PNR. This information will, it tells us, be obtained via US "lawful process", following "US statutory requirement" or "other processes as authorized by law." Us law, we presume. So the data you have to give the airline in order to fly will be passed to the US authorities, and may be used as a trigger for further research by the US authorities into your habits. The deal makes reference to the possibility of the EU adopting a similar system, and as and when that happens we expect the two sides to resist the notion of pooling their databanks for, oh, a couple of minutes? Note also that the current enthusiasm for profiling, the idea being to identify possible threats from people who aren't known, and have no record, absolutely requires broad data capture, use and retention. Course we've got to compile records on people who're innocent - otherwise, how could we confirm they're innocent? And anyway, innocent people have nothing to hide. Or they soon won't have... ® Related stories: Commission agrees US access to EU citizen personal data Data on 10m Northwest fliers handed to NASA for 'testing'
The major mobile phone companies, along with some of the biggest names in computer technology and content provision, this week launched the latest version of their jointly developed copy protection system for mobile phones. Offered under the aegis of the Open Mobile Alliance (OMA), OMA DRM 2.0 allows music, movie and games providers to offer "premium content" to mobile phone users safe in the knowledge that handset owners aren't going to copy the material anywhere they shouldn't. The OMA has been around since June 2002, and launched the first version of OMA DRM the following November. That release was more about demonstrating how DRM might work in a mobile context than actually locking down quality content. It provided some basic copy protection features for "limited value content", as the OMA puts - material, in other words, that vendors don't mind losing. The new release is an altogether more serious effort, apparently. It offers "improved support for audio/video rendering, streaming content and access to protected content using multiple devices, thus enabling new business models" - i.e. file sharing for profit and pleasure. File sharing - or "superdistribution", as the OMA calls it - is possible because OMA DRM enables suppliers to separate the DRM rules from the content. When a file is shared, the receiver device is mandated to acquire the appropriate DRM data from the content owner. That data may or may not allow the content to be viewed on the receiver device. What has made this possible - and, indeed, necessary? "Expanded device capabilities," the OMA says, tersely. Handsets are more powerful - and likely to become very much more powerful during the next 18 months or so, if Intel has its way - than they were in 2002, and the rise of the cameraphone and multimedia messaging, now has the networks keen to exploit the opportunities GPRS and soon 3G have for delivering content to phones. Credit where it's due to the 350-odd OMA members' prescience. Having seen what happened to music on the Internet, they clearly wanted to be able to put DRM technologies in place before content started being passed from phone-to-phone as easily as it was (and still is) from PC to PC. As per the DVD standard, OMA will not administer the licensing of its technology - this role will go to the newly formed Content Management License Administrator (CMLA). ® Related Products Find for your next phone in The Reg mobile store
In a bid to reach small and medium-sized companies, Oracle has revamped the pricing models for its new low-end and midrange 10g database products, the company announced Tuesday. Oracle confirmed that the rumors traveling news sites are true - it will sell the Standard Edition One 10g database for $4,995 a pop, which is a $1,000 cut. In addition, Oracle has graciously increased the processor limit for the product to two chips from one. Oracle delivered word of the price cut during a Tuesday conference call to officially kick off the release of the 10g product. Customers more interested in Oracle's midrange Standard Edition 10g database will see some benefits as well. The product still comes in at $15,000 per processor, but Oracle's Real Application Clusters (RAC) software will now be bundled with the database at no charge. The maximum number of CPUs for the database and cluster is 4. The Enterprise Edition pricing remains unchanged at $40,000 per processor. Oracle has started shipping the 10g database for Unix and Linux operating systems. A Windows version of the product should follow in "some weeks." The price changes are designed to help Oracle compete against Microsoft's SQL Server product and a low-end version of DB2 from IBM. Oracle is hoping to gain ground in Microsoft's traditional small-to-medium sized business market. Oracle first launched the Standard Edition One product last October and hinted that it might lower the price of the product with the release of 10g. And so it has been done. ®
UK ISP Business Serve floated on the Alternative Investment Market (AIM) listing today, valuing the company at £17.5 million. The business-focused ISP, based in the North West of England, raised around £4.5 million as part of the listing. This will give it a bigger war chest to acquire "established customer bases and ISP infrastructure within the fragmented ISP market". Founded via a series of mergers starting in March 2000, Business Serve has around 18,500 customers and employs more than 180 people across its sites in Salford, Lancaster, Bradford and London. ® Related Story Business Serve buys Legend Internet
An online scheme designed to forewarn UK retailers about patterns of fraudulent activity has saved its members more than £2 million in loses after less than 18 months in operation. Early Warning, which commenced operation in September 2002, is focused on sharing information to prevent CNP (cardholder not present) fraud. The company boasts several hundred active members including many IT dealers. Early Warning manages an online database of known CNP fraud attempts. Members can check their own online credit card orders against a database of known frauds, as well as contributing information on frauds that they have discovered themselves. Email alerts for all new frauds are sent to subscribers. "We are enormously pleased to have prevented over £2 million of fraudulent transactions going through our member companies, but this is really just the tip of the iceberg," said Early Warning managing director Andrew Goodwill. Merchants hardest hit by CC fraud CNP fraud has been growing rapidly over the past five years, with losses on UK-issued cards reaching £ 110.1 million in 2002, a 15 per cent increase from 2001, according to Cardwatch. Despite recent attempts by the card issuers to establish more secure verification systems, the growth of CNP fraud shows little sign of slowing. There are even concerns that the wider use of the Chip and PIN scheme could lead to increased CNP fraud, as criminals find it harder to perpetrate their crimes in high street shops and turn to online retailers instead. Merchants carry the liability for fraudulent online or direct order transactions and Goodwill is critical of the failure of credit card companies to crack down on the problem. According to Goodwill, complaints from merchants to the police about fraudulent transactions are rarely investigated and commonly treated as "only a reporting exercise". Fraudsters are employing ever more sophisticated techniques to catch out unsuspecting online retailers and the police are so under-resourced that only the most serious of offences are usually investigated. "When you report these crimes to the police the attitude is ‘give us the details and we’ll put it in the file’," Goodwill told The Register. Because of the lack of help from credit card companies or law enforcement, merchants are obliged to take active steps to protect themselves from fraudulent activity or else risk leaving themselves exposed to potentially devastating loses. The impact of fraud is felt most keenly by smaller companies, a factor that spurred Goodwill (a former IT reseller himself) to set up Early Warning 18 months ago. London is UK Hot Spot for CNP fraud The Early Warning fraud database now runs to several thousand entries, with members of the scheme contributing hundreds more each month. An analysis of the last 12 months reveals that Manchester, Coventry, Nottingham and Paisley, Scotland all feature in Early Warning’s Top 10 Hotspots for fraudulently delivered goods. These areas are also-rans, however, to the UK’s premier hotbed for online fraud: Greater London. Six London areas filed the other places in Early Warning’s Top 10 list. The worst area was South East London. ® Related Stories Nigerian fraudsters 'shop early for Xmas' Net fraudster nailed - in East Ham Forged cheque scam hits UK retailers Nigerian freight forwarding scam hits UK Chip and PIN goes national