17th > March > 2004 Archive

Why Microsoft ‘Shared Source’ can never be trusted

Yesterday we recounted the tale of how at the height of the Cold War Soviet infrastructure had been penetrated by software containing Trojans. Retired spook and nuclear scientist Thomas Reed claims that the United States provided compromised software to the USSR which detonated the Trans-Siberian gas pipeline. The Cold War's over, but we suggested that without an open toolchain - unless users could also inspect the source code for the tools used to build the OS - initiatives such as Microsoft's Shared Source program are worthless PR exercises. But that's not quite right, as a few of you have pointed out. So let's correct that. Even with an open toolchain, initiatives such as Microsoft's Shared Source program are worthless PR exercises. In 1984 the co-author of Unix Ken Thompson gave a theoretical example of how even an open toolchain could be compromised He described what he called the "cutetst program I ever wrote" in a paper subsequently known as Reflections on Trusting Trust. Thompson set about producing a program which produced as output an exact copy of its source, in other words a program that will create a self-reproducing program. His compromised compiler could be used to replace the standard UNIX compiler, and the intruder could then remove the traces from the compiler source code, knowing that any program generated by the compiler would harbor the Trojan. Thompson's point was simple. "You can't trust code that you did not totally create yourself. No amount of source-level verification or scrutiny will protect you from using untrusted code," he pointed out. The answer is to have a clean room environment - both tool chain and operating system - that the user has created and knows is free of compromises. This can then be trusted to bootstrap the toolchain and OS of your choice. A reader casts doubt on Reed's claim and points out that the leading protagonists are "conveniently now dead". Reed could have been covering a genuine covert operation, or could be indulging in psyops in his retirement. You never know with spooks. "In September," Mercury News reminds us today, "the governments of China, Japan and South Korea announced they would collaborate on developing an open-source alternative to Windows, citing cost and security benefits." "Code for open-source software is freely available for anyone to download and modify. The Chinese government, concerned about security holes in Windows, favors a system it can customize and control." For all of its educational benefits for the Chinese - and the programmers' comments evident the Windows source code recently on the Internet will certainly help expand their vernacular English - Shared Source doesn't help allay foreign governments' security concerns. And it probably never will. ® Related Story Explosive Cold War Trojan has lessons for Open Source exporters External Link Reflections on Trusting Trust - Ken Thompson
Andrew Orlowski, 17 Mar 2004

3Com launches desktop IP phone

KitWatchKitWatch 3Com has launched a desktop IP phone which promises much better acoustic quality than conventional circuit switched phones. The 3Com 3102 Business Phone supports the emerging wideband audio standard, which significantly enhances speech transmission compared to conventional public switch telephone network (PSTN). A typical PSTN phone line reproduces speech at 3.3 kHz whereas the 3102 phone can relay IP conversations at a frequency of 7 kHz or higher, enabling clearer phone calls - at least to other phones that support the same wideband standard. The 3102 - a desktop IP phone with improved speakerphone features - is designed to be easy to use and sleeker than previous models. The device supports the industry-standard session initiation protocol (SIP and the 802.3af Power over Ethernet standard. The phone has a list price of £173 and will be available in the UK from March 26. In the US, Canada and Mexico the 3102 it will be available from the same time for $320. ®
John Leyden, 17 Mar 2004

Net hermit to ditch DotComGuy moniker

DotComGuy - the man who spent an entire year in a house living off entirely what he could find on the Net - is to change his name back to plain old Mitch Maddox. After four years of being DotComGuy, he's decided legally to change it back again. Keen to cash in, this stunt man is flogging the registered trademark - DotComGuy - and the domain name registration www.dotcomguy.com. The auction is being conducted via his site. The closing date is 30 April. Said a press statement: "Mitch's life-changing decision creates a unique opportunity for a fortunate company to purchase this one-of-a-kind trademark, garnering instant name recognition. He will be selling the trademark, domain name and the notoriety associated with the name." Whatever. ® Related stories Internet hermit plans to tie the knot UK journo follows DotComGuy's example
Tim Richardson, 17 Mar 2004

Ballmer presses Monti for compromise

Steve Ballmer, Microsoft's dancing chief exec, parachuted into Europe yesterday to ask Competition Commissioner Mario Monti to take a merciful view of the software giant. The four-hour meeting did not end in agreement. The European Commission will officially announce its decision next week, but it is widely believed to want to force Microsoft to offer PC makers a version of Windows without Media Player and to levy a big fine on the company. Both sides confirmed talks had happened and were continuing but gave no further details. The Commission will release its full findings on 24 March. Ballmer was accompanied by Microsoft's general counsel Brad Smith. Microsoft had specific proposals for the EC but was unwilling to extend the deal to other areas Monti may be concerned with, according to the Financial Times. ® Related stories EC warms to Microsoft EC probes mobile sports right sales Europe's MS sanctions to be wide-ranging, long-taking
John Oates, 17 Mar 2004

Ebookers chief defends offshoring

Dinesh Dhamija, chief executive of online travel agent ebookers, has defended 'offshoring' - the practice of exporting business support services to cheaper, usually developing countries. Dhamija said his company would not have survived without moving some operations to India. After the attacks on the World Trade Centre ebookers was almost driven bankrupt by the collapse in holiday bookings. Ebookers made 140 people, almost a fifth of staff, redundant and opened a call centre in Delhi. Dhamija told the Labour Friends of India meeting that tax breaks offered by the Indian government also played a role in the decision. But he pointed out that at the time of the move ebookers employed 560 people in the UK against 1,150 today. Without such a move he believes the company would not have survived and another 560 jobs would have been lost. "If we hadn't gone to India, we would have gone under and lost 560 British jobs." Dhamija told the FT. Around 25 per cent of back office IT jobs will move from rich countries to developing countries by 2010, according to Gartner, the analyst firm. India, China and Russia will be the main beneficiaries, but Eastern Europe and Malaysia also stand to gain. In Europe, UK businesses are the most likely to outsource jobs, followed by the German-speaking countries. Around 30 per cent of Western European businesses will have outsourced some of their jobs to offshore outfits by next year. ® Related stories Co-op IT staff to strike over SCC outsourcing gig Bush backtracks on offshore czar post 'One in six' Silicon Valley tech jobs ripe for offshoring
John Oates, 17 Mar 2004

Voda slapped for ‘Best Network’ claim

Vodafone has been ticked off for suggesting that it's the best mobile phone network in the UK. Rival operator Orange got the hump after Voda ran an ad asking: "The UK's best Network? Here's the strongest signal yet." The small print cited a survey conducted by now defunct telecoms regulator, Oftel, which showed that Voda had "more successful connections than any of the other UK networks" and dropped the least amount of calls of any network. "It's the surest indicator yet that we are the number one network for successfully connected calls," boasted the mobilephoneco. But Orange saw red, insisting that Voda's sense of superiority was based on a data that was "statistically insignificant". The Advertising Standards Authority agreed, concluding that the claim "UK's Best Network" was "too wide-reaching to justify the basis for the claim". Voda has been told not to repeat the claim again. ®
Tim Richardson, 17 Mar 2004

Groupe Bull feels cold steel of EU probe

The French government has agreed to put its rescue plan for Bull on hold while the EC investigates the deal. As part of the surreal deal, the French government agreed not to pay any more money to Bull until the company pays back part of the assistance it was given in 2001 and 2002. This should have been repaid in June 2003. Bull will receive no more money until 31 December 2004. In February this year France offered €517m in aid. In return, Bull will pay 23.5 per cent of "annual consolidated result before tax" for eight years, which the French government estimates at between €50m and €60m. The Commission investigation will seek if the rescue package guarantees a return to viability, avoids unduly distorting the market and aid is the minimum required and does not leave the company with spare cash. The EC press release is here. ® Related stories Intel downbeat about 64-bit extensions SGI sees gravy coating midrange Linux on Itanium servers Intel toasts Itanium's success by giving servers away
John Oates, 17 Mar 2004

Nokia goes it alone on push-to-talk

An interoperability battle is looming within the mobile phone industry over technical standards for walkie-talkie-like technology. The dispute over push-to-talk (PTT) technology has emerged in the run up to the CeBIT 2004. Ericsson, Motorola, and Siemens have all announced the first joint interoperability tests for push-to-talk technology. It is hoped that the tests will provide network operators with an easy integration, interoperability and a competitive environment in which to deploy commercial PTT services. Meanwhile, Finnish mobile giant Nokia has said that its own new PTT infrastructure solution would in fact also enable operators to use manufacturers' push-to-talk terminals. Instead of dialling a number to start a conversation, PTT users select someone from their buddy list, push a button on the handset and speak, in order for their voice to be instantly heard by the recipient. Like a walkie-talkie, push-to-talk is uni-directional, so callers cannot talk over each other and must wait for their turn to speak. The technology is already being used in the US, mainly by Nextel. The first specification for PTT, called Push-to-talk over Cellular (PoC) Phase One, was developed by wireless industry players to ensure an interoperable standard mobile networks that will help drive rapid uptake of PTT. The specification also allows for a standard network software upgrade path to the upcoming Open Mobile Alliance standard for the technology. Ericsson, Motorola, Siemens and Sony Ericsson are promoting a final version of the PoC standard through the OMA. For network operators, PTT enhances telephone service and may potentially provide mobile operators with new sources of revenue from existing infrastructure at a relatively low risk. Siemens is to show its first PTT-enabled phone at this week's CeBIT. Nokia's 5140 will be commercially available during the second quarter of this year and is to feature includes a digital compass, flashlight, radio and a built-in VGA camera. © ENN Related Products Buy your next Nokia from The Reg mobile store
ElectricNews.net, 17 Mar 2004

Business optimism and investment jitters

US publication Optimise Magazine recently produce some interesting conclusions concerning the correlation between business outlook and technology investment for 2004, writes Bloor Research analyst Bob McDowall. The magazine's analysis is based on a survey of business/technology executives from the financial services sector in an InformationWeek Research Priorities study. The survey may be US-based, but the results do not seem to differ from the European environment. Financial services are, traditionally, substantial investors in Information Technology. Information Technology is a very visible and tangible means of leveraging business and resolving business, administrative, regulatory and compliance issues. Historically, business optimism is a prelude to increased investment and spending in the financial services sector: Contrary to historic patterns it seems that the business optimism is unlikely to translate itself into increased IT spending. Executives are optimistic about business but seem to be continuing their cautious approach to IT spending. Substantial technology investment is predictably going into enabling financial institutions to meet the plethora of compliance, regulatory requirements, outsourcing and risk management. This is neither the most stimulating area for technology investment. The nature of the work is unexciting, not usually innovative and almost certainly lacks innovative qualities. The fact it is absorbing proportions of It budgets hitherto unimaginable further blunts Enthusiasm for the nature of the work! Outsourcing in the financial services sector continues to blunt substantial elements of IT spending, the appetite for outsourcing, not of wholesale operations but applications and project based technology development. On the innovative side much of the work tends to be based on applications integration work. Much of this comprises integration of customer data, which enables financial institutions to better understand customers, their behaviour so they may provide additional and improved products and services for their customers. Beneath this rather unappetising scene should there be concern that a time gap is now growing between business upturn and development and readiness of the technology resources to support it. An upturn in business there maybe but where is the innovation? Low interest rates and low inflation combined have succeeded in producing low returns on financial investments This has blunted much appetite for investment in financial assets as property and other tangible assets demonstrate better returns. Financial products, which support such investment, have proved innovative. In other ways financial institutions have not provided any immediately attractive financial products for this environment. Financial scandals across the western hemisphere have assisted in producing a sense of cynicism towards investment in financial assets. A time gap may exist between business upturn and technology investment in the financial services sector but absence of innovation it may be calmly discounted. © IT-Analysis.com
IT-Analysis, 17 Mar 2004
Cat 5 cable

Progressive CIOs deliver real IT value

Talk regularly with chief information officers as we do, and it quickly becomes evident that there are two prevailing views among them and their C-level technology colleagues on how to assess IT value. There also seem to be some very different habits over how they engage IT to solve operational problems, strengthen competitive capabilities, or develop better business strategies... The more traditional IT executive, who still seems to view IT in its traditional role as a cost centre, tends to use the old-school financial yardsticks of NPV (Net Present Value), IRR (Internal Rate of Return), EVA (Economic Value Added), or break-even analyses, to try to measure the value that IT delivers. Business strategies are determined first and are thrown over the wall to IT where a blueprint of the systems needed to support them is drafted. Then some form of financial justification is mandated before any purchasing decisions are made. Among this group, corporate IT measurement policies are all over the map and there are no clear formulas in place to measure ROI. There seems to be no discernible consensus about performance measurement either. More "progressive" CIOs, on the other hand, tend to challenge the conventional wisdom about what IT can and cannot do. They see IT as a powerful means for moving business into cutting-edge initiatives. That positive image of IT as business-strategy-enabler is helping them change how organisations implement IT strategy. As a group they tend to spend more than their peers and rarely complain about inadequate IT funding levels. Think of CIOs in this camp as IT budget getters, not budget setters. For them budgets for IT initiatives are funded by the business, not set on an annual basis. They also claim the strongest returns from their IT. Collaborative processes This is because "best-practice" CIOs have worked to foster a more collaborative decision-making process, bringing together both IT and non-IT-related people, or technology and business types. They evaluate requests for new systems from the various groups by turning the request into an objective process often by using a senior technology resource manager to manage the process. This individual acts as a technology bridge, aligned to a business group with the sole purpose of developing an intimate understanding of their business processes and their technology needs. The outcome? IT projects are properly funded, deliver the required benefits, and bring real value to the business. Value depends on whether an investment has to do with increasing the levels of efficiency and effectiveness in the way business is conducted, or whether it has to do with IT being used for strategic pursuits, or expanding and creating markets with IT. Different companies have different goals for IT. These might be improved productivity, reduced administrative costs, improved customer relations, or faster product development. The value derived from IT depends on what form of payback is intended and where it is likely to emerge in the business operation. Progressive attitudes Good CIOs will put as much emphasis on gut feelings about the value of technology deployments as they do financial justification. They contend that quantitative metrics are not always a reliable way to assess true value as it relates to improved customer satisfaction or a business process improvement that results in a new product breakthrough. In fact, most executives agree that IT value measurement will never be airtight. While ROI is not to be ignored, progressive CIOs are more interested in how and to what extent IT investment will enable and propel growth strategies. CIOs who still tend to be more interested in assessing ROI need to wise up. They might think that they're being asked to cost-justify every technology investment, but what CEOs really want is a clearer understanding of how certain IT initiatives can help to create better, more agile business processes. Source: ComputerWire/Datamonitor
Datamonitor, 17 Mar 2004

Medion brings best-selling GPS PDA to UK

Reg Kit WatchReg Kit Watch Germany's Medion last year took 7.9 per cent of the European PDA market making it the territory's third largest vendor, behind PalmOne and HP, and ahead of Sony and Dell. Unlike many of its rivals, it started out with no market share at all. Impressive as these statistics are - they come courtesy of market watcher IDC - they are doubly striking because Medion sells its PDAs exclusively through German grocer Aldi. Until now, that is: its Pocket PC has come to the UK, and is now available through car accessory chain Halfords. Medion focuses on a single PDA: a Pocket PC with a bundled GPS receiver. And it sells it very cheaply. Halfords is offering the product for just £400 including 17.5 per cent sales tax in the UK, well below comparable devices. It's this focus on a single application - satellite navigation - low pricing and mass-market outlets that propelled Medion to a top three chart position in less than a year. The Medion Satellite Navigation System (the MD7200 in Germany) is based on a 200MHz Intel XScale processor and runs Windows Mobile 2003. It contains 64MB of RAM - 36MB accessible to the user - and 32MB of Flash ROM. Medion bundles a 256MB MMC memory card. The unit weighs 120g and measures 12.3 x 7.7 x 1.2cm. The Halfords version contains a full UK street map, with directions provided visually and through speech synthesis for motorists. A in-car power adaptor is supplied. Related Story Euro PDA biz sees first growth since 2000
Tony Smith, 17 Mar 2004

Intel plots 4MB L2, 64-bit desktop CPU

Intel is preparing a multi-core, desktop incarnation of its Pentium M processor with a whopping 4MB of on-die L2 cache and 64-bit x86 extensions. So claims usually accurate Japanese website PC Watch. The chip, codename 'Conroe' (a name as yet unconfirmed, the report says), is being developed by the Israeli team behind the first Pentium M, 'Banias', and its 90nm successor, 'Dothan'. The latter is due to ship next quarter. Banias was a ground-up redesign focusing on power preservation and performance, rather than simply producing a mobile version of the Pentium 4 architecture. Naturally enough, the team are working on the chip's descendants, including 'Merom', which will again sport an entirely new architecture. Like Conroe, it will feature 4MB of cache, a feat made possible by the use of a 65nm fabrication process. Merom is also expected to include all the technologies Intel has been touting of late, including HyperThreading, the Vanderpool virtualisation system - allowing the chip to run multiple OSes simultaneously - LaGrande security features and, of course, Intel's 64-bit Extended Memory system. Conroe is believed to be essentially the same part but with desktop roles in mind. In practice, that means a greater willingness to trade power consumption for performance, so you're looking at Conroe consuming 90W to Merom's 45W, PC Watch suggests. That's not only a big improvement on the current generation of 90nm Pentium 4, 'Prescott', but also Prescott's successor, 'Tejas', which is expected to consume around 125W. Merom will not follow directly on from Dothan - 'Jonah', essentially two Dothan cores on a single die, connected to 2MB of unified cache, is expected to ship first, again fabbed at 65nm. Merom and Conroe are roadmapped to appear in 2006, Jonah sometime next year, probably in the second half and maybe much later, depending on whether Intel suffers the same problems it experienced with its transition to 90nm when it makes the move to 65nm. Delays to Jonah would undoubtedly push back Merom from H1 2006 to H2. Jonah is likely to be accompanied by a third version of the Centrino platform, dubbed 'Napa'. The chipset itself is codenamed 'Crestine', and is expected to offer a higher frontside bus that 533MHz, 667MHz DDR 2 SDRAM support and feature a next-gen. ICH7-M South Bridge. 'Alviso', the next generation of Pentium M chipset, will take the FSB from 400MHz to 533MHz, Intel has said. Before Conroe, Intel will ship Tejas sometime next year, followed by 'Cedarmill', a dual-core, 65nm version of Tejas. ® Related Stories Intel to ship 64-bit Pentium 'in time for Longhorn' Intel to kill off Mobile Pentium 4 'around Q1 2005' Intel to combine Wi-Fi, Bluetooth in Centrino 2 'Centrino 2' to launch next Autumn
Tony Smith, 17 Mar 2004

Taking the fight to the hackers

Site offerSite offer Q. How does software break? Q. How do attackers...attack? Q. Why do security systems not protect us? Q. How can we improve security? Q. What tools are used to break software? A. This week at The Register bookstore we've got 'All the books' with 'ALL the answers!' Exploiting Software RRP £37.99 - Reg price - £26.59 - Saving £11.40 (30%) This title shows you how to break code - if you want to protect your software from attack, you must first learn how real attacks are really carried out. Using attack patterns, real code, and example exploits, learn techniques that are used by real malicious hackers against software. Malware RRP £35.99 - Reg price - £25.19 - Saving £10.80 (30%) Discover how attackers install malware and how you can peer through their schemes to keep systems safe from thier viruses, worms, Trojan Horses etc. Biometrics and Network Security RRP £35.99 - Reg price - £25.19 - Saving £10.80 (30%) The biggest vulnerability in most enterprise networks is the authentication system, this title has guidelines, applications, and procedures for implementing finger, voice, hand geometry, face, and eye biometrics. Enterprise Java™ Security RRP £37.99 - Reg price - £26.59 - Saving £11.40 (30%) This is the comprehensive guide to Java security that explains the applicability of J2SE and J2EE securtity technologies in building a secure enterprise infrastructure. CCIE Security Practice Labs (CCIE Self-Study) RRP £38.99 - Reg price - £27.29 - Saving £11.70 (30%) CCIE Security Practice Labs provides a series of complete practice labs that mirror the difficult hands-on lab exam. IPSec RRP £35.99 - Reg price - £25.19 - Saving £10.80 (30%) The insider's guide to IPSec for every network professional. This title covers architecture, deployment, policies, and the use of IPSec to deliver end-to-end security. CCSP Self-Study RRP £46.99 - Reg price - £32.89 - Saving £14.10 (30%) Master intrusion detection and other security procedures while learning CSIDS concepts with the only Cisco authorized self-study guide. Away from the hacking and security for a minute, we've also got titles to cover essential web programming procedures and books to guide your future, your mind and to turn you into a born leader. Defensive Design for the Web RRP £23.50 - Reg price - £16.45 - Saving £7.05 (30%) Anticipate unexpected user errors and apply contingency plans on how to get users back on track when purchasing on your web site. Designing With Web Standards RRP £27.50 - Reg price - £19.25 - Saving £8.25 (30%) The be-all-end-all resource on web standards - writing code once for use on today and future browsers. Provides code snippets and web site examples of compliant code in use so that when done correctly all web sites will look the same regardless of the browser. Brilliant Future RRP £12.99 - Reg price - £9.09 - Saving £3.90 (30%) Most people plan and take charge of their finances but few do the same with their career and life. Welcome to a new concept: the personal career/life planner. The Leadership Mystique RRP £19.99 - Reg price - £13.99 - Saving £6.00 (30%) In The Leadership Mystique, management and psychology guru Manfred Kets de Vries unpicks the many layers of complexity that underlie effective leadership, and gets to the heart of the day-to-day behavior of leading people in the human enterprise. How to Move Minds and Influence People RRP £9.99 - Reg price - £6.99 - Saving £3.00 (30%) This book will show you how to create a story to influence anybody, in any situation. Don’t argue, don’t proposition, let a well chosen story smuggle in what you need them to know. To search or browse other discounted titles available to The Register readers click on the links below: The Reg Bestsellers Last week at The Reg Great new releases This week's book bag
Team Register, 17 Mar 2004

East Germany warms to Internet

Europe in BriefEurope in Brief The European Space Agency (ESA) plans to outsource its entire corporate information system infrastructure services under a single prime contractor, the organisation announced earlier this week. The contract will be for a maximum of seven years with a total value exceeding €100m. Until now, all the Agency's information systems infrastructures and associated services have been outsourced through a number of separate procurements with different contractors. The new contract will combine the different systems and services into one large contract to be phased in during the third quarter of 2005. The tender is open to companies in ESA Member States and Canada. Germany: East Germans discover the web Citizens of East Germany are catching up. According to a new survey of the Institut für Empirische Forschung (LEIF), 56 per cent of East Germans now own a computer, and 45 per cent have access to the net. Five years ago only 9 per cent had internet access. LEIF interviewed more than 1,200 Germans of 16 years and over in Mecklenburg-Vorpommern, Berlin, Branchenburg, Sachsen-Anhalt, Thüringen and Sachsen. According to LEIF, those with Internet access spend seven hours per week online, about 30 minutes longer than in 2002. Malta: e-id system deployment imminent Malta is to introduce an innovative system of electronic identification for all citizens, paving the way for different advanced online services including VAT and income tax. The e-id, Malta Business Weekly reports, is used to ensure security of personal details when accessing services and processing transactions online. The electronic authentication system, based on encrypted key technology, was developed by Microsoft and Malta Information Technology and Training Services Ltd. Germany: Hands-free puzzle At CeBIT this week the Fraunhofer Institute for Integrated Circuits IIS will demonstrate a computer puzzle (pictured here) which allows contactless play without voice or keyboard. The system recognises via camera the player's hand and face and acts according to the his or her gestures. Today, man-machine communication is still dominated by keyboard or touch-panel interfaces. The new technology could - in addition to the toy and game sector - find a use for vandal-proof info screens or virtual shop windows.
Jan Libbenga, 17 Mar 2004

Atheros updates Wi-Fi speed booster tech

Wi-Fi chip maker Atheros this week has updated its 'standards plus' WLAN speed-boosting technology, Super G, to make devices based on its 802.11g chipsets better network neighbours. Super G extends 802.11g's maximum throughput of 54Mbps to 108Mbps. Data compression and burst transmission together form one part of the story, the other is the 'bonding' multiple channels into a single, fatter data pipe. It's this second element, called Turbo mode, that has caused all the fuss. Last November, rival Wi-Fi chip maker Broadcom alleged that Turbo operation slowed down any nearby wireless network that was sticking to the IEEE Wi-Fi standard. Super G's Turbo mode simultaneously runs data across channels five and six of the 11 22MHz-wide segments into which the Wi-Fi standard subdivides the 2.4GHz band. Because all but three channels overlap there is inevitably some interference with adjacent channels, but this is an issue with almost all Wi-Fi products, and one of the many reasons users never see full speed. Not so, alleges Broadcom. It claimed Turbo cross-channel interference stretches further than the IEEE standard 'allows', causing problems with networks that have flipped to channel one or 11. As a result, Wi-Fi networks utilising these bands slow down by dropping their data rate in order to reduce the number of errors induced by the interference. Independent tests confirmed Broadcom's claims. "A Super G wireless LAN running at full speed will interfere with an 11g WLAN also running at full speed. Severe throughput loss in the 11g WLAN can occur up to 30 feet away and significant throughput loss may still be seen around 50 feet," wrote Tim Higgins of web site Small Net Builder. The upgrade, released this week and dubbed Dynamic Turbo, forces Atheros-based devices to check for traffic in the channels they hope to combine. If the channels are clear, the chipset bonds them. It continually checks for other traffic, and turns off bonding if another network using the bonded channels is detected. Atheros spins the update not as a fix to the interference problem, but as an innovation that plays to the US Federal Communications Commission's cognitive radio initiative - 'smart' wireless devices that choose the least used part of the available spectrum to operate in. Indeed, the companies denies that any of its hardware manufacturer customers have received complaints from end users that they have suffered problems with the technology. Not that they would, of course - it's other folks' networks that suffer. Not that they will now, thanks to the upgrade. Atheros has shipped the software to its customers, who may now update their devices' firmware. D-Link, for one, has already posted the update as a free download on its website. ® Related Stories Broadcom blames Atheros for bad WLAN performance Tests confirm Atheros' Super G degrades rival WLANs
Tony Smith, 17 Mar 2004

HP deploys Linux desktops in Asia

HP announced yesterday that it would the first top tier manufacturer to offer desktop PCs loaded with Linux across the world's biggest and most populous continent. The company will bundle the Turbolinux operating system on HP Compaq business desktop PCs for sale in 12 Asian countries. The new agreement adds 11 new countries - including Hong Kong, India, Indonesia, Japan, Korea, Malaysia, Philippines, Singapore, Taiwan, Thailand and Vietnam - to a pre-existing agreement to deliver Turbolinux on HP systems in the People's Republic of China. Japan-based Turbolinux and HP have pre-certified all hardware to be shipped under the OEM agreement for Linux compatibility and smooth operation. The Turbolinux OEM software bundle is built around Turbolinux 10 Desktop (10D), one of the first distributions to ship with the new Linux 2.6 kernel. In addition, 10D offers applications for technologies such as 802.11b wireless Lans, FireWire, CD-ROM burning, Bluetooth and digital camera image loading software. Turbolinux will also provide HP customers with OpenOffice.org 1.1, the integrated open source application suite. Customers can update their desktop software with the latest Linux kernel, packages and security patches by using a graphical update tool. Turbolinux will provide technical support to HP's engineers to help in resolving any tricky support issues. Neither company is talking about how many computers they expect to sell under the agreement. ®
John Leyden, 17 Mar 2004

UK gov backs £1m blueprint for open source switchers

The UK government has announced funding for a 'third force' open source migration project. A group of local authorities led by Rossendale has won £502,500 of matched funding (i.e. the project is worth double that) for an examination of "the issues associated with migration to Open Source," involving a justification of and implementation of open source in three English local authorities, and the production of a report. So effectively the project intends to use a measure of real life deployment to produce a blueprint for the migration of open source in local government - this is not a drill. Aside from that point, the project is highly significant for a number of reasons. The Office of Government Commerce has two groups of trials going on from Sun and IBM, but these are Sun and IBM funded, while this is the first serious effort funded by government as an independent study. It's also ground-up, whereas the OGC studies are pretty much top-down. The funding comes from the Office of the Deputy Prime Minister's e-Innovations programme, which announced a list of winning projects yesterday. The Rossendale-led project won the largest sum by a substantial margin. Among the local authorities involved are, The Register understands, West Sussex, Havering, Camden and Newham. Newham recently agreed to stay with Microsoft after spending some months poised on the brink of an open source defection, so perhaps Microsoft UK might now legitimately query the long-term utility of the deployment of strong money in such circumstances. Also in the department of strange coincidences we have the consultancy involved in the successful bid - none other than Netproject, the outfit that prototyped the open source system for Newham. This means that Netproject's Eddie Bleasdale has won the independent, government-funded study he's been lobbying hard for, and that the project is able to start with something that was sufficiently battle-ready to be approved in principle by Newham last year. So it's dangerous, and Microsoft, and Sun and IBM look like they have serious competition in UK local government. There are a couple of other interesting looking projects in the e-Innovations awards list, although in several other cases we fear we detect a whiff of happy-clappy dotcommery. Hammersmith and Fulham is trialing a transponder-based parking system, which could have longer-term lessons for road-pricing and traffic management schemes, and there are one or two identity-related projects that could produce interesting results. And Newham has its own independent project too - RegenTV "will take UK’s most advanced Internet Protocol Television (ipTV) service and convert it into an Open Source product and service model that can be deployed on scaleable basis." Ungrateful baggages, if you ask us... ® Related links ODM awards announcement Microsoft, Sun, IBM and the war for government desktops Gates to meet Brown, OGC and NHS chiefs - Sun, OSS in crosshairs? Savage discounts from MS flush OSS desktop from London council
John Lettice, 17 Mar 2004

AOL future uncertain – report

The future of AOL is once again in the spotlight following a report that the Internet outfit could be sold off. Citing unnamed sources, the New York Post Online reports that Time Warner's banker, Goldman Sachs, is working on a series of proposals concerning the future of AOL. Options include flogging the business, floating it or engaging in a "significant restructuring". The proposals are due to be discussed by senior execs next month at a board meeting. The New York Post Online quotes a Time Warner spokesman as saying that the renewed talk of AOL's future is just "rumour". Earlier this week AOL warned that the "significant" erosion of subscriber numbers suffered over the last year or so looks set to continue as the Internet giant faces stiffer competition from broadband and cheaper dial-up services. In its annual report filed with the US' Securities and Exchange Commission (SEC) AOL reported that the number of AOL subscribers in the US fell by 2.2m last year, from 26.5m at the end of 2002 to 24.3m at the end of 2003. AOL blames the decline on an exodus of punters from its service and poor uptake to marketing campaigns, as consumers opted for rival dial-up services or shifted to broadband instead. It also warned that the decline in subscriber numbers could hit revenues. Reports of AOL's future tend to crop up from time to time. In November last year there was speculation that German ISP T-Online was in the running to buy the Internet giant although this was denied too. ® Related Stories AOL warns of falling revs as punters flee service T-Online to take over AOL? T-Online to buy AOL - report
Tim Richardson, 17 Mar 2004

UK Net paedo crackdown bags 600

More than 600 UK sex offenders have been convicted as a result of an ongoing probe into Internet child porn. UK police have - as part of Operation Ore - investigated 6,500 British people suspected of using a paedophile portal in the US. The operation has so far led to more than 1,200 prosecutions and 655 convictions, Home Office minister Baroness Scotland of Asthal said yesterday. The statistics came in a written response to a question table by a peer in the House of Lords. Operation Ore began here 18 months ago after the FBI turned over the details of 7,200 British child porn suspects to UK police. The list contains names, addresses and credit card details of UK subscribers to an American child porn aggregator. Members paid £21 a month to Landslide Productions of Texas, for access to 300 child porn sites. Around 250,000 people worldwide had paid to access this material. The list was compiled by the US Postal Service, which busted Landslide in 1999. The raid led to the conviction of Texas computer consultant Thomas Reedy, who ran the site, three years ago on child porn offences. They've got a (not so) little list Some of the UK residents on the list have died whilst others have fled the country. There were also duplicate names on the list, reducing the overall number to 6,500. Police are prioritising investigations into three categories. The highest priority - featuring approximately 1,200 names - includes convicted paedophiles and those who work with children. Suspects in positions of authority (such as police and magistrates) are next in order of priority. Individuals deemed to pose a lesser risk have been placed in a third category. "Whilst the internet has increased the transmission and exchange of images of child abuse, it has also provided a valuable opportunity to identify, prosecute and treat a significant group of child abusers who might never otherwise come to our attention," Baroness Scotland said in her reply. ® Related stories Typical child porn user is white male IT pro UK police build massive child porn database Child porn-lite users to wriggle free from court hook Child porn (Operation Ore) list leaked to Sunday Times
John Leyden, 17 Mar 2004

Opera 7 for Mac OS X goes live

After a period of silence, Opera is bouncing back into the Mac market with a preview of Opera 7.50 for Mac OS X. The software - "unfinished and unsupported beta-quality" - requires 10.1 or later, and brings Opera's Mac edition into line with the Windows and Linux versions. And some. It includes Opera Mail, which has been standard on the other platforms since version 7, and experimental IRC support. It integrates with Keychain, imports information from Address Book and bookmarks from Safari, and has a Mac Native skin to give the look and feel of OS X. Full sychronisation with Address Book and support for Liveconnect are planned for the final version. Download and related information is available here. ®
John Lettice, 17 Mar 2004

Philips faces legal challenge over fluid lens technology

As we suggested might be about to happen, Varioptic is going legal over Philips' announcement of a low-cost, mass-manufactured fluid lens system. Varioptic has been developing such systems for some years now, and in an announcement today stated its intention to "actively enforce the patents it holds on the use of electrowetting technology to create variable focus lenses." According to the statement, Varioptic "officially informed Philips about its patents and asked Philips on what basis it considers itself eligible to create any product incorporating this fluid-lens technology." "Varioptic's decision to enforce its patents follows a written request to Gerard Kleisterlee, Chairman, President and CEO of Philips Electronics requesting the basis on which Philips intends to produce products using Varioptic's patented technology without a license or other agreement. The response to this letter made clear that Varioptic will have to take the necessary legal actions to enforce its patents and intellectual property assets." The precise content of Kleisterlee's response is not detailed, but it was clearly sufficient to trigger war among the electrowetters. ®
John Lettice, 17 Mar 2004

DiData wipes slate clean with Proxicom disposal

Channel round-upChannel round-up DiData sells Proxicom Dimension Data has sold Proxicom, the US consultancy it outbid Compaq for in 2001. The networking reseller paid $448m in the heyday of the Internet bubble. It sold the company on for so little that it will have no impact on the bottom line so the figure can stay secret. Chief executive Brett Dawson told newswires: "We can agonise over it forever or we can take the pain, call it a day." The company may get rid of other investments but not on the scale of Proxicom. Entanet offers Business Internet provider Entanet is offering members of reseller buying group Brigantia special offers on its ISP services. Brigantia members will get better commission rates, online trading facilities and marketing material for the Web. Entanet provides broadband connections but the end user customers remain the reseller's customers. Printer sales up The laser printer market in France, Germany and the UK grew 18 per cent January 2004, according to data from Context. The UK saw the highest year on year growth with sales up 32 per cent. The survey uncovered more evidence that the market is concentrating at the low end. Fastest growth was in sub-$200 machines, which saw 81 per cent growth. The largest number of unit sales were between $200 and $300. The biggest sales increases came from Samsung, Brother, HP and Kyocera Mita with respective growth of 45 per cent, 29 per cent, 22 per cent and 13 per cent. Plasmon finds a partner Cambridge-based storage specialist Plasmon has signed a distributition deal with OVEDAS which is granted Authorised Tape Partner status. OVEDAS will distribute Plasmon's tape storage products in the UK. C2000 bets on Novell Distributor Computer 2000, the UK arm of Tech Data, is training up its sales team for what it believes will be a big year for Novell sales. It anticipates strong interest and healthy sales for Novell's Small Business Suite 6.5, in particular. ®
John Oates, 17 Mar 2004

MS seeks enforcer & revenue generator for trademarks

Have you got what it takes to make the grade as a Senior Trademark Attorney for Microsoft? If you think you have, then check out this help wanted notice at the International Trademark Association. But you may have to practice keeping your face straight if you make it to the interview. Microsoft "has an immediate opening for a highly qualified and experienced attorney" (just the one, then?) "to manage the company's trademark practice." (ah.) "This is a rare opportunity to provide strategic leadership for a global trademark practice that not only handles some of the most recognized consumer brands in the world, but also is on the cutting edge of legal and best practice developments." Pop back and re-parse that one if you were speed-reading. It says Microsoft is at the cutting edge of legal developments, and of best practice developments - not that it's at the cutting edge of legal best practice. But such a claim would surely transcend satire. As the next paragraph makes clear: "The manager of the Trademark Group will provide key direction to the company on strategies for maximizing Microsoft's trademark rights, developing and enforcing Microsoft's worldwide trademark portfolio, managing trademark disputes worldwide, and developing a revenue-generating trademark licensing business. The position will also be responsible for providing leadership in trademark policy development as well as related government and public relations. The Trademark Group, which is part of the Intellectual Property & Licensing Group in LCA, consists of three other attorneys, ten paralegals, and half a dozen support and administrative personnel." Extensive experience of revenue-generating trademark licensing and policy-making required, it says here. Redmond-based, go for it. ®
John Lettice, 17 Mar 2004

Siemens launches ‘rugged’ multimedia mobile

Siemens today unveiled a pair of media-oriented handsets, the ruggedised M65 and the more traditionally cased C65. The splash, dirt and shock resistant M65 sports a 2.1in 132 x 176, 16-bit colour display, backed by a 640 x 480 digicam for video and still photography. Stills can be edited using on-board software, with special effects filters built in too. The handset supports 40-voice polyphonic ringtones, a customisable user interface, Java games - four titles are bundled with the phone - and instant messaging. The tri-band GSM/GPRS handset comes with a 750mAh lithium ion battery - enough, said Siemens, for five-and-a-half hours' talk time and 300 hours' standby time. The C65 is a more mainstream handset. It integrates a CIF digicam and 16-bit colour display, but it's only 130 x 130. Again, Java and GPRS are supported, as are polyphonic ringtones. The UI is likewise customisable. The C65 features removable, clip-on covers. The handset's only stand-out feature is the bundled Tamagochi-style Photopet software. The digital beastie is fed with photos. Kiddies will love it - grown ups will perhaps prefer the on-board PIM software suite. Siemens claims up to 410 hours of standby time and 300 minutes' talk time. The C65 will be available in Europe and Asia Pacific from June, and in North America and Latin America from August. The M65 will be available across Europe, the Middle East, Africa, Asia-Pacific and Brazil in Q2. Prices for both handsets were not disclosed. ® Related Stories Siemens unwraps 1.3 megapixel camera phone Nokia introduces 'megapixel' mobile Related Products Find your next Siemens mobile in The Reg mobile store
Tony Smith, 17 Mar 2004

HP top (channel) dog for PCs

HP is still top vendor for PCs sold through business resellers across Europe. In the seven major countries in Europe, HP accounted for 40 per cent of all PC sales in 2003. Fujitsu Siemens Computers was in second place with 12 per cent of sales, up from 10.5 per cent last year. IBM came third with 9.3 per cent market share, up from 8.9 per cent the year before. Acer is in fourth place with 8.1 per cent - helped by strong laptop sales in the last quarter of 2003. Toshiba, in fifth place, has 6 per cent of the market, down from 6.7 per cent last year. Context blamed increased competition in some markets for Toshiba's poor performance. Context Sales Watch collects the monthly figures from resellers. ® Related stories European PC sales up HP is flavour of the month Sun says HP customers are 'ripe' for change
John Oates, 17 Mar 2004

Siemens unwraps 1.3 megapixel camera phone

Siemens followed up its launch of a pair of mass-market handsets today with the release of a more business-oriented phone, the S65. The German handset maker touted the phone's 1.3 megapixel digicam, but we'd say the 32MB of memory, tri-band GSM/GPRS support and Bluetooth integration are more likely to appeal to the average businessperson. The camera can take still pictures and 15fps video, and features a 4x digital zoom function. The S65's screen is a 16-bit colour job with a large, 132 x 176 resolution. In addition to the 32MB of on-board RAM, the S65 sports a memory card slot and ships with a 32MB card. The integrated Bluetooth is there to synchronise the S65's PIM apps with desktop equivalents, such as Microsoft Outlook and Lotus Notes. The S65 weighs in at 98g and measures 10.9 x 4 x 1.8cm, and will be available in silver when it is launched in Europe, Asia Pacific and Latin America in Q3. Siemens claims the handset yields up to 250 hours' of standby time or six hours' talk-time. ® Related Stories Siemens launches 'rugged' multimedia mobile Nokia introduces 'megapixel' camera phone Related Products Find your next GSM handset or smart phone at The Reg Mobile Store Related Products Search for Siemens phones in The Reg mobile store
Tony Smith, 17 Mar 2004

Data Protection – getting it right

The information commissioner (IC) Richard Thomas has warned organisations not to use the Data Protection Act 1998 (DPA) as an excuse for poor practice. Speaking following recent criticism of the DPA by the police and British Gas, the IC said he was concerned that the advantages of the DPA were being undermined by officials who did not understand its purpose, benefits and the way in which it should be applied. The IC said: "It is ridiculous that organisations should hide behind data protection as a smokescreen for practices which no reasonable person would ever find acceptable." The IC announced a package of measures designed to give greater clarity to businesses, including a commitment to plain English, more user-friendly guidelines and an improved telephone helpline: "Data Protection is all about fairness and common sense. If an organisation feels that data protection is leading them to do something unacceptable, then to resolve that we have set up a telephone helpline that can give them guidance." The IC is reported to be unsatisfied with British Gas after the utilities provider claimed that the DPA prevented it from informing social services that an elderly couple's gas supply had been disconnected because they had failed to pay a bill. The elderly couple were later found dead in their south London home. The IC also criticised claims by Humberside police that the DPA prevented officers retaining intelligence on murderer Ian Huntley that might have prevented his appointment as a school caretaker. The IC considers that there is nothing (either in police internal policies or in data protection regulations) that would require Humberside police to delete personal information relating to Huntley from their databases. The author agrees that the Humberside Police misinterpreted the DPA. The IC has indicated recently that he agrees with the court of appeal that (in parts) the DPA is "cumbersome and inelegant". The IC intends to take measures to clarify and simplify the interpretation of the DPA by releasing further guidance. The IC said that "Data protection law stands in the way of a surveillance society where government and commercial bodies know everything about everybody. It helps prevent the growing problems of identity theft and the buying and selling of personal information." But the IC considers that it is unrealistic to expect the IC to give guidance on every eventuality that can be affected by the DPA. It is clear that businesses are expected to seek their own legal advice, check the DPA and the guidelines and make their own - correct - decisions. If your business needs help interpreting or applying the DPA then Taylor Walton offers a data protection audit service which is free of charge. Please email Tim Cook for details. Copyright © 2003, Taylor Walton. All rights reserved. Taylor Walton supplies a comprehensive range of commercial legal services. If you would like to discuss the content of this article or any other commercial matter, please email Tim Cook or call 01582 731161.
Taylor Walton, 17 Mar 2004

Nokia introduces ‘megapixel’ mobile

Nokia introduced its first megapixel camera phone today which also features the company's latest in a long line of bizarre keypad layouts. Indeed, the 7610 "imaging device", looks rather like a 7600 that's been stretched. Unlike the older, 3G model, the 7610's 176 x 208, 16-bit colour screen sits above the keypad rather than inside it. The camera is a megapixel job by the skin of its teeth. With a 1152 x 864 resolution, it actually contains 995,328 pixels, allowing Nokia to claim megapixel status only by rounding up. Still, it offers a 4x digital zoom, timer mode and what Nokia calls a "high quality lens". The handset itself is a tri-band GSM/GPRS unit, though it will be offered as both 900/1800/1800 and 850/1800/1900 versions when it ships next quarter. The 7610 runs Nokia's Series 60 UI on top of the Symbian OS. Like the 6600, it features Bluetooth and Kodak's photo printing application. E-mail is integrated into the handset's Messaging app, and the phone provides a Web browser and an MP3/AAC music player, too. More interesting is Movie Director, which allows video footage to be stitched together into sequences lasting up to ten minutes - thanks to the 72MB of memory the phone provides through the 8MB of on-board RAM and a bundled 64MB MMC "reduced size" memory card. Nokia is also including Lifeblog, which is a kind of digital diary that sits on your phone or PC rather than a web site. Nokia claims the phone will provide three hours' talk time or 250 hours' standby time. It weight 118g and will retail SIM-less for around €500 when its ships next quarter. ® Related Stories Siemens unwraps 1.3 megapixel camera phone Siemens launches 'rugged' multimedia mobile Related Products Find your next GSM handset or smart phone at The Reg Mobile Store
Tony Smith, 17 Mar 2004

Kazaa coder sues Sharman Networks

Sharman Networks, owner of the controversial P2P utility Kazaa, today found itself facing yet another legal fight centring on copyright ownership. But this time the tussle is not with its old sparring partners in the music or movie industries, but a Romanian programmer who claims he wrote the code Kazaa is distributing. And the programmer, one Fabian Toader, wants the US court to grant him $25m in damages, AP reports. Toader says he wrote portions of the Kazaa Media Desktop application while working as a freelance in 2000. He was hired by Dutch firm Kazaa BV, which sold the rights to the software to Sharman Networks in 2002. The programmer says he never signed a contract with Kazaa BV. The result, he claims, is that he owns the copyright to the KMD code, not Sharman. Toader is no stranger to Sharman. It sued him last August, claiming he had attempted to blackmail the company. Sharman was granted an injunction against Toader. Sharman said his contract with Kazaa BV clearly states who owned the code he wrote - and it wasn't him. Sharman dubbed the latest suit a "shakedown effort". In a statement, Toader said: "Sharman has made millions using my software. I just want to be fairly compensated for my contribution." Toader now no longer works in his native Romania as a freelance, but is a Microsoft employee living in Redmond. ® Related stories Kazaa to appeal data seizure order ruling Kazaa fails to overturn music biz data seizure orders Kazaa trial judge delays hearing Kazaa demands Oz trial delay Music industry raids Kazaa's Australia HQ Dutch Supreme Court rules Kazaa legal
Tony Smith, 17 Mar 2004

Carrera picks bones of Multivision

Midlands PC builder Multivision has gone into liquidation and its stock has been sold off. Its assets have been picked up for an undisclosed amount by Firecrest Solutions, a subsidiary of Carrera SSC. Liquidators Griffin and King told tThe Register that Firecrest had bought the business assets of MultiVision but would not keep the business trading under that name. A spokesman for Carrera said: "Multivision was seen as a local competitor for us, so we didn't want it to reappear. We have taken on 12 of their staff and we are still interviewing - there are still jobs available. We've emptied all their offices and factory and have started selling off that inventory." Carrera is offering ex-Multivision customers the chance to buy a new warranties. Multivision ceased trading on 5 January and so all warranties are null and void. The company is preparing a letter which should be sent out to all ex-Multivision customers next week. It will offer warranties starting from £99. The website for the sale of inventory and for warranties is here. ® Related stories Multivision ceases trading Carrera assets bought by Digital Carrera ceases trading
John Oates, 17 Mar 2004

Police offer ‘stolen’ mobe insurance fraud amnesty

Punters who cheated on their insurance to get a new mobile are been offered an opportunity to come clean without getting nicked. South Yorkshire Police has established a month-long amnesty for people who falsely reported mobile phone thefts to 'fess up and thereby clear up non-existent crimes. The police force reckons it receives 160 false reports of mobile thefts a month, which cost it £1 million a year to investigate. This problem that is replicated across Britain. The National Mobile Phone Crime Unit reckons that between 15-20 per cent of mobile phone theft reports in the UK are bogus. People make bogus reports in order to get an upgrade largely on their own initiative, but false claims are sometimes encouraged by unscrupulous mobile phone shop staff hunting for extra commission, police suspect. Detective Superintendent Paul Broadbent told the BBC: "At the moment we've got a number, albeit a small number, of shop assistants who we believe are encouraging people to commit a crime or to take part in a crime." Police have sent letters to retailers warning them that it will prosecute any caught encouraging fraudulent claims after the end of the amnesty. Sometimes punters who have lost their phone falsely report it as stolen in order to claim on insurance. People attempt to kid themselves they're doing nothing wrong in lying to police and insurance companies. "People don't see it as a criminal offence. They see it as fiddling their insurance," DS Broadbent added. South Yorkshire police have established a free phone number - 0500 510999 - where punters will be able to withdraw false mobile phone theft reports. The line, which opened on Monday (March 15), runs until April 15. ® Related stories Police crack down on mobile phone thefts Calling time on mobile crime Punters will pay for mobile phone anti-theft devices Mobile phone theft is far worse than we thought
John Leyden, 17 Mar 2004

Sony music download service to launch in June

Sony today confirmed that it will launch its European digital music download service, Sony Connect, in June. Connect will be made available to music buyers in the UK, France and Germany, who will have the pick of over 300,000 songs. The catalogue includes bands signed to independent labels as well as Sony's own roster of artists. Sony already has physical distribution deals with a number of small labels, so it's likely these arrangements will be matched in the digital domain by Connect. "We will offer a unique catalogue proposition for each country which includes not only international but also a wealth of local artists," said Robert Ashcroft, senior VP at Sony Network Services Europe, which is running Connect. Each song will be offered in Sony's ATRAC 3 format, the compressed digital music technology that's the basis of the company's MiniDisc products. While tracks will be initially downloaded to a PC, they can only be transferred to "secure Sony portable audio products". Indeed, Sony is using the service to tout its Hi-MD high-capacity MiniDisc players. Prices will start at 79 pence in the UK and 99 cents in Europe, Sony said. Tracks are copy-protected using Sony's own Open Magic Gate (OpenMG) DRM system, and users will need to download songs through the company's SonicStage jukebox and CD burning app. A new version, 2.0, will be required to use Connect. At this stage, it's not clear how many times songs will be allowed to be burned, copied to Sony MD players or shared with other, local PCs. Sony bundles SonicStage with its Vaio PCs. We somehow doubt it will offer a Mac version. Sony Connect is expected to launch in the US in due course. The arrival of the European store will be keenly awaited by a number of digital music companies and market watchers who believe Sony will not allow other players to offer its catalogue of songs until it has launched its service. Many observer says the European Commission will examin the launch of Sony Connect in its investigation of the music company's proposed merger with Bertelsmann Music Group (BMG). ® Related stories Wippit adds 10,000 BMG tracks to catalogue HP to bundle iTunes 'late March' Apple notches up 50m music downloads Napster parent increases revenue forecasts
Tony Smith, 17 Mar 2004

Gershon retires from the Office of Government Commerce

John Oughton is to replace Sir Peter Gershon as chief executive of the Office of Government Commerce (OGC). The OGC is the government office in charge of revamping government procurement policy. It's the department in charge of the open source trials with IBM and Sun. Chancellor Gordon Brown said Oughton is a "worthy successor". He thanked Gershon, saying he had made the OGC a "key driver in public sector reform". And welcomed his decision to remain involved with the office in a non-executive role. Mr Oughton has been Sir Peter's deputy for a year and will take the helm on 1 April. ®
Lucy Sherriff, 17 Mar 2004
cable

DoJ goes after Oracle's hidden secrets

Oracle has agreed to hand over to the Department of Justice secret internal documents relating to discount arrangments made between sales staff and customers. The DoJ is seeking evidence to help it stop Oracle's attempted takeover of PeopleSoft, according to the newswires. The DoJ filed to block the takeover on 27 February and the case is to be heard in June. The department believes the documents will show how Oracle offered discounts to unfairly compete with PeopleSoft and SAP. Oracle has already handed over some documents, but the department said a request for more material was refused. The two sides have until Friday to decide exactly what documents will be handed over. In not entirely unrelated legal news, Microsoft is in court to try and get some of its secret documents protected from arch rival Oracle. The DoJ asked industry for evidence or comments to its case against Oracle. Despite the company's mixed relationship with lawyers, Microsoft was happy to help and managed to find 20,000 pages of relevant documents, according to CNET. But Microsoft is not happy because Oracle lawyers will get access to the paperwork. Microsoft has now gone back to court to ask that Oracle lawyers should not be allowed to see some of these "highly sensitive" documents. It also wants a right of refuse permission for others who wish to see the documents. ® Related stories EC objects to Oracle takeover Oracle strikes back against the Feds US DoJ sues to block Oracle's $9.4bn PeopleSoft bid
John Oates, 17 Mar 2004

Budget sells IT industry short – Intellect

The chancellor has not done enough to provide real R&D incentives in today's Budget, according to the IT Industry trade association, Intellect. In the run up to today's budget, the body had called for the ceiling on R&D tax credits to be raised to 10 per cent. However, Tom Wills-Sandford, Intellect's director of campaigns, said that it is still below the "noise level" of real incentive. Yesterday, the government published details of its ten-year strategy for science. Chancellor Gordon Brown said his goal is "to make Britain the best and most attractive location in the world for science and innovation". Tax breaks and collaboration with industry are key to achieving this. Today's Budget has now revealed the extent of government support. Intellect is "seriously concerned about the outlook for the UK as a base for research and development and innovation". Despite this, the government has an impressive line-up of companies advising how best to support R&D in the UK. Brown said that "a range of leading R&D businesses have indicated that they wish to work with us on our science strategy and to make their own commitments to the future of British science and innovation over the next decade". Intellect argues that tax credits are not aggressive enough, despite the widening of allowable costs. They will fail to provide British firms and multi-nationals with enough incentive to invest in the UK as an R&D base. In particular, Intellect highlights software R&D. The Inland Revenue does not understand the role it plays in innovation, it claims. ®
Lucy Sherriff, 17 Mar 2004

Jobs: Apple will not meet 100m song download goal

AnalysisAnalysis Apple has admitted that it will fall rather short of its first-year iTunes Music Store 100 million song sales target. "We're not going to make that number," CEO Steve Jobs told The Wall Street Journal this week. "At the rate we're at right now we'll probably have sold 70-75 million songs by the end of April." The forecast was made by Jobs himself last October, and the admission comes after the company said on Monday that it had sold 50 million songs since its iTunes Music Store was launched on 28 April 2003. "We think we've got a really good shot at selling 100 million legal downloads the first year... by April 28th, 2004," said Jobs (our italics). Apple's 50 million download tally was seen by some web sites as inherent admission of failure. Of course, Apple might be able to double that figure in a month and a half, but it seems unlikely. While the 50 million figure does not include the tracks given away through the Pepsi-Apple joint promotion, it's clear from Jobs' speech that he hoped the giveaway would encourage folks claiming their free song to download some more and pay for the privilege. He also banked on the company's partnership with AOL helping ramp up the number of paid-for downloads to 100 million. It's interesting that a number of well-known news sites were harangued by Mac fans for initially stating that Apple would miss its 100 million. Indeed, both Cnet and BBC News both modified their headlines apparently after being flamed by the Mac community for their apparent error. In fact, Jobs never said that the Pepsi downloads would directly provide the 100 million target, rather that it would help. As the quote above shows, Jobs refers to "selling" 100 million songs, not 'selling and giving away' that total. In other words, Pepsi redemptions do not count toward the 100 million goal. That's not to say the total wouldn't have been achieved hadn't the Pepsi programme gone as planned. Jobs told the WSJ that Pepsi redemptions weren't "what we thought they might be", and claimed that "many of the Pepsi bottles with the winning bottle caps were distributed late". Pepsi sources cited by The Mac Observer web site suggest Jobs might have a point. However, it does seem likely that Apple over-estimated how many paid-for downloads the giveaways would lead to. Ditto how many AOL subscribers would use the service. All of which shows the danger of making big numerical projections well ahead of the deadline. In mitigation, Jobs can claim that the early success of ITMS was way beyond what the company had anticipated, so an ebullient forecast at the time the service was opened up to Windows users can perhaps be forgiven. And even 70 million tunes yields an annual revenue contribution of $23.1m, based on Apple's claim that it takes 33c out of every 99c track sale. What its profit margins are remain to be seen, but at the very least Apple has set a large lead that its rivals are a very long way yet from matching. ® Related Stories Apple notches up 50m music downloads Sony music download service to launch in June
Tony Smith, 17 Mar 2004

Delivering the 12kb Bomb

The average size of email-bourne viruses so far this year has been well under 20 kilobytes. A young virus writer, sitting in his underwear in his parent's dark basement, takes a hex editor and modifies a few bytes of the latest Netsky.M (16.5kb), Beagle.J (12kb) or Mydoom.G (20kb) mutation, spawns a new virus variant, and then releases it into the wild. The resulting few thousand compromised machines, a conservative estimate perhaps, will sit naked as drones or "bots" on the Internet, waiting patiently for their summons and commands. A mere 12 kilobytes of action-packed code is impressive. For a 12 kilobyte Beagle, you get total system compromise, plus a highly effective spam engine. This short column, in comparison, is about 29kb of plain text and HTML. A 12 kilobyte binary is thus very small. The latest code that brings a Microsoft computer to its knees is small enough that it could be silk-screened onto an extra-large t-shirt: a walking time bomb, if you will. With today's monolithic software programs and operating systems, often barely fitting compressed on a CD-ROM, it's easy to see how small bits of malicious code can slip under the radar. David vs. Goliath I still remember the days, many computer-years ago now, when BackOrifice and SubSeven Trojans first came out. At just over 100kb, they were impressive in their day. Back then most people were running Windows 98, and a small 100kb email attachment could easily slip into the operating system and wreak havoc without ever being noticed. Today these are 100kb Trojans are monolithic in comparison to our modern email-based worm-virus-backdoor-spam-engines that tend to be under 20kb; these old relics are still a useful footnote, however, for watching the long-term evolution of malicious code. Speaking of monolithic: Windows XP Home Edition requires approximately 1,572,864 kilobytes (1.5Gbytes) for a typical install, according to Microsoft. Of course, it's better/faster/easier-to-use than previous versions, as the advertisements say, and if you believe the literature too it's also less buggy and significantly more secure. The public relations spin machine for such a large company is fascinating to me - Windows has become bloated into millions and millions of lines code, yet it only takes a mere 12 kilobytes to provide full system compromise and an annoying spam engine. The divide between David and Goliath has never been greater. Consider an analogy on the size of modern malicious code: if Windows XP were the size of the Empire State Building, then the little barking Beagle virus - the size of a small dog - can come in through the front door, lift its leg, deliver its payload, and somehow cause the entire building to come crumbling down. Or, Beagle can simply hold the door open automatically, so that a large cement truck can drive in and deliver its mystery payload to the base of the operating system as required. When Size Matters The latest craze in the virus-worm-spam war has seen computer worms crawling inside of other computer worms - like watching maggots crawl on top of each other as they make their way through a tender piece of meat. Some of the latest worms found in the wild have multi-vector propagation algorithms and also make use of previous viral infections by Beagle and Mydoom. So basically you start with 12kb of code, whereby Beagle slips into your email and under the radar, opens a backdoor, and then gets automatically disabled and replaced later in the week by a yet-more malicious and larger piece of worm code - perhaps new code that tunnels the user's GUI onto the Internet, provides full remote-control capabilities, records keystrokes and searches for a user's sensitive data. Worms are crawling on top of worms, eating out holes in Microsoft's dominant operating systems like a giant piece of swiss cheese in front of thousands of tiny, malicious rats. I do not know to what extent Microsoft's code is scrutinized through an exhaustive security audit, but two years after Bill Gates' long-heralded announcement the holes in the cheese are larger than they've ever been. It is no wonder that dozens of virus variants appear just a week or two after the first incarnation is released into the wild - fitting a backdoor and a highly effective SMTP spam engine into a mere twelve kilobytes of code is not easy, and many young programmers want to learn how it's done. Microsoft could learn a few things from these bright, if mis-aligned, people to help them write more efficient code. Perhaps with more efficient code, Windows XP on a modern AMD Athlon, Intel Pentium or Celeron with a gig of RAM would actually run more quickly and be more secure than Windows NT was on an old P-100 with 32 Mb of RAM. Who knows? For now we're stuck with millions and millions of lines code compiled into a giant operating system that can be wiped out of existence remotely with nothing but a small 12 kilobyte piece of code, launched by someone in his underwear on the other side of the world. Copyright © 2004, Kelly Martin is the content editor for SecurityFocus.
Kelly Martin, 17 Mar 2004

Carphone Warehouse SMS spam ruling reversed

The UK's Advertising Standards Authority has taken the unusual step of overturning its own previous decision which criticised Carphone Warehouse for unsolicited text messaging. It has now decided that the retailer's use of a marketing list was fair. The problem, it seems, is in the meaning of "explicit consent". Today's announcement suggests the ASA is bringing its interpretation of advertising industry rules into line with equivalent legislation which refers only to the need for "consent" - not "explicit consent". The dispute began when the following text message was sent: "For fantastic free handsets, inc up to 6 months free line rental or a free dvd player, call Carphone Warehouse on ... t&c's [sic] apply ..." The ASA received a complaint from an individual saying that the text message was sent without his consent. Carphone Warehouse explained to the ASA that an external list provider had sent the messages on its behalf. It said the list provider had compiled the list from information gathered in a National Shoppers' survey. It sent the ASA a copy of that survey. Carphone Warehouse argued that the man who complained had given permission for his details to be used but had asked the list-owners to suppress them after he had received the message. The ASA acknowledged that the survey offered respondents the chance to opt out of receiving marketing communications from third parties. It nevertheless noted a breach of the CAP Code, a set of rules governing the content of UK non-broadcast marketing communications, produced by the UK's Committee of Advertising Practice which are administered by the ASA. The CAP Code contains a requirement for marketers to have the "explicit consent" of consumers before sending them a promotional text message. The ASA considered this consent to be absent - so upheld the complaint against The Carphone Warehouse. In October 2003, it told the company "to ensure that future commercial text messages sent on its behalf were sent only to consumers who had given explicit consent to receive text messages." However, the ASA today published a revised decision. Carphone Warehouse had argued that people completing the National Shoppers' survey would not have given their mobile phone number unless they were willing to receive marketing promotions. It explained that the survey had made clear that respondents did not have to answer all questions, and it also stated alongside the request for a mobile phone number: "Some reputable companies may prefer to communicate offers to you on your mobile phone." The company argued that it had therefore obtained respondents' explicit consent to receive offers on their mobile phones. The Authority noted the survey stated its primary purpose was to collect respondents' opinions about the goods and services provided by retailers and not to collate a mailing list. It acknowledged, however, that the survey told respondents that some companies might contact them for marketing purposes. The Authority explained in today's revised adjudication that it had noted recent guidance from the Office of the Information Commissioner. This stated that consent should be obtained but did not specify exactly how that consent could be obtained. It also referred to a discussion paper prepared by several data owners that it said outlined various ways in which explicit consent could be obtained. The ASA considered that: "...although the data-owners had not provided a tick-box that stated that the respondent gave explicit consent, because the survey stated that some companies might send offers via mobile phone alongside the question that asked for respondents' mobile phone numbers customers who filled in their mobile number would be aware that in doing so, they were likely to receive offers by text message." The Authority therefore concluded that "the data-owners had obtained explicit consent to send offers on mobile phones". This will likely come as welcome relief to e-marketers, many of whom are understandably baffled by the differences between the CAP Code, the Regulations which are the subject of the Information Commissioner's guidance, and the differences between "consent", "explicit consent", "opt-in", and "opt-out". All of these rules - and how businesses should apply them - will be explained at the forthcoming OUT-LAW Breakfast Seminars. These free events are taking place in April and May in London, Edinburgh, Glasgow, Edinburgh and Dublin. The ASA did, however, uphold another complaint over the same text message: the offer of the "free DVD player" was deemed misleading because it failed to make clear that a new phone contract was required, and the reference to "t&c's apply" was considered insufficient. © copyright 2004 OUT-LAW.com OUT-LAW.COM is part of international law firm Masons. Related story Carphone Warehouse warned over SMS spam OUT-LAW seminars OUT-LAW is running a series of seminars on "Monitoring Employees" and "E-mail Marketing: How to do it lawfully" across the UK and in Dublin. They begin on 20 April and full details can be found here.
OUT-LAW.COM, 17 Mar 2004

VoIP set to generate megabucks

VoIP is set to become a massive source of income for broadband operators as more and more punters use their PC to make voice calls. Industry analyst Juniper Research, reckons that by VoIP (Voice over IP) will generate $47bn a year by 2009, as flat-rate IP-based voice tariffs gradually replace traditional services. That's on top of the $43bn predicted to be spent on broadband access. Ian Cox, broadband specialist at Juniper, says broadband penetration has now grown to a level where the industry "is on the verge of a revolution". It is now economically attractive to launch value-added services to a mass audience. Indeed, only last week BT, the UK's dominant fixed line telco, unveiled plans for a trial of a new service, BT Communicator, which will enable users to make calls using their broadband connections. Last month, pan-European ISP Tiscali announced it had hooked up with NetCentrex to provide residential broadband telephony services for its one million ADSL punters. As a result, punters in Italy should be able to make voice and video calls using their broadband service by the autumn. And Skype, the London-based VoIP firm, has recently raised £11m ($18.8m) in second-round funding to further develop its service. Last month, research outfit Parks Associates said that VoIP could be the killer app for broadband, providing enough of an incentive to sway doubters to ditch their dial-up connections and subscribe to a high-speed Internet service instead. For, according to another survey by Parks, demand for broadband in the US appears to be tailing off. Its latest survey into US trends for broadband adoption has revealed that fewer than one-third of US households with dial-up Net access are interested in upgrading to broadband in the next 12 months, down from a half at the end of 2002. Parks reckons that broadband ISPs are going to have to cut prices or offer more services to tempt punters to sign up to broadband. "Continued growth in residential broadband requires an ever-increasing number of dial-up households jumping ship to higher-priced, higher-bandwidth offerings," said Michael Greeson of Parks Associates. "As interest in upgrading declines, broadband service providers must reinvent the broadband market message, significantly lower what they charge for service, or offer some unique combination of these two strategies." ® Related stories BT goes broadband crazy Tiscali in Net phone deal Skype secures £11m funding
Tim Richardson, 17 Mar 2004

Online extortionists target Cheltenham

Extortionists have launched a series of withering attacks against online bookies in the run up the tomorrow’s Cheltenham Gold Cup. Denial of service attacks on William Hill - Britain's second-biggest betting chain - were swiftly followed by email demands for $10,000. Other bookies, including BetDaq and Totalbet, have been similarly attacked. The modus operandi is the same as pre-Superbowl attacks on betting sites earlier this year. The operation of William's Hill's website was disrupted by attacks on 11 March, but the service was was back up and running in time for this week's three-day Cheltenham horse racing Festival. "We were targeted, but were able to take the appropriate action to minimize the nature of the disruption," Graham Sharpe, a William Hill spokesman told Reuters. Following the attack, William Hill received an email threatening further attacks unless it handed over $10,000. William Hill is refusing to give into these threats. "We had and continue to have no intention of dealing with demands made by blackmailers," Sharpe said. Betting exchange BetDaq was targeted in a similar attack last Friday (12 March), forcing the company to suspend services for several hours as it fought the assault. Yesterday, two other online gambling sites - Totalbet and UKbetting - also found themselves on the receiving end of malicious attack, the London Evening Standard reports. High street bookie Coral suffered a similar fate a few weeks ago. Racing insiders expects punters to wager £250 million during this week's festival, up to £60 million of which will be staked online. Crooks know that if punters are unable to place their bets online they will turn other outlets. This makes bookmakers a popular target for cyber-shakedowns. Attacks on betting sites have become increasingly commonplace since their first appearance three years ago. The latest spate follows reports last November of Eastern European crime syndicates using threats of computer hacking to extort pay-offs from online businesses in the UK. Pete Simpson, Threatlab manager at email security outfit Clearswift, said the network of compromised PCs established by virus like MyDoom, Bagle and the rest make such attacks easier than ever. The thousands of home users' PCs compromised by viral infection provide a ready platform from which hackers can launch attacks on bookmakers. "It's a resource that's up for grabs," Simpson said. "I expect attackers are going through a number of proxies to hide their tracks." ® Related Stories DDoS attacks go through the roof Extortionists attack Paddypower.com East European gangs in online protection racket DDoS protection racket targets online bookies
John Leyden, 17 Mar 2004