8th > October > 2004 Archive

Windows Media Center survives in shrinkwrap purgatory

Microsoft's Media Center has survived the New Year cull, but it now looks set to inhabit the strange zone of purgatory between being a fully-marketed product and the remaindered bin. Next year Redmond will make a shrinkwrap, software-only version of Windows XP Media Center Edition (MCE) available to the retail channel, so MCE will in fact be haunting American shopping malls, if only in a similar condition to the zombies in George Romero's Dawn of the Dead - bumping rather aimlessly into things. That's because, sources suggest, the retail edition of MCE will receive as much promotion as the average yard sale. Microsoft had downgraded Windows XP Media Center Edition (MCE), to give its full title, in favor of what has now become a more elaborated, two pronged strategy which places more emphasis on home networking. OEMs were dismayed - to put it diplomatically - to be told of the change of plan days before the CES Show in Las Vegas in January. The show saw a slew of announcements for the just-undead product line, including the debut of Media Center Connector and Extender. Microsoft has, for once, done a fine job with the user interface: it's cleaner and less cluttered than a digital set top box. But that isn't the problem: Media Center PCs have failed to set the market alight, largely because it's a product in search of a demographic. We've already identified two: people who live in bedsits, and might not have all the bits and pieces to consolidate in the first place. Now we think we've found another demographic. It's someone who can afford a Media Center PC, but who doesn't have, or doesn't mind junking the expensive home entertainment equipment he already has, and who doesn't mind a PC in the living room. And here he is! You can see how it makes perfect sense, in a let's-get-rid-of-all-this-junk sort of way. But you're getting less for your money than first appears. In a crisp write-up at Ars Technica's Eric Bangeman points out that although MCE 2005 supports HDTV, and the broadcast flag, it doesn't allow you to time shift cable shows. So not only can't you share music, because the Media Center is a vehicle for Microsoft DRM, you can't record The Sopranos from HBO. What exactly is the point of this life-enhancing innovation, again? Selling consumer electronics replacement is never easy: manufacturers must rely on wear and tear, or hope for format changes. So selling something that gives you fewer capabilities, and more restrictions, than what you've already got will require incredibly creative marketing, bloody-minded determination, and an astronomical budget. How well will a retail MCE with little promotion fare? We'll see. ® Related stories Whatever happened to the Windows Media Center? Microsoft nearly ditches the PC with home net plans Love DRM or my family starves: why Steve Ballmer doesn't Get It
Andrew Orlowski, 08 Oct 2004


Google has introduced a free texting service that taps into its existing Froogle, phone directory, business listings databases, and even refined "clippings" from the main search engine. There's no premium to be paid by the user, over and above what it costs to send a text message. Perhaps that's because premium text services are their infancy in the USA, with carriers currently preferring to run their own promotions rather than co-operate on a billing infrastructure for third-party services. Or perhaps it's because Google is really trying not to be evil. In which case we hope we haven't put ideas into the boys heads, and really hope they haven't read articles like this. [*]. In fact, the answer seems to be depressingly predictable. The ad broker wants to squeeze its context ads into the message, if it can: "To the extent that ads can provide you with useful information, we would be likely to do that," Google's Georges Harik told Internetnews.com. Either way, the service is quick and surprisingly broad ranging, delivering multi-part messages within a minute in our tests. You can look up word definitions, zip codes, use the calculator (although most phones have one built in), or reference factoids. As an example, Google cites G population San Francisco, which works pretty well. We tried G wealth Larry Page and received a sentence from a BBC News Online report, two fragments from Kuro5hin.org, and one that simply read "4of 4)Stanford Alumnus Larry Page (#43 at ...", which is about as useful as a one legged man in an arse-kicking competition. Still, at least we didn't get any Movable Type Trackbacks texted back to us. We ought to classify that as a near miss. What the service appears to have done, judging by what we see here, is skim part of the context provided by first search result, the BBC news story, and then three fragments from a single Kuro5hin posting, which is the second result. A little cleverer parsing would have discovered No.5, where we learn that "Larry Page and Sergey Brin of Google, both 31, hold the No.4 and No.5 spots with total wealth of $4.19 billion and $4.17 billion, more than four times their..." which would have given us an answer. That fifth search result is the first fragment with a dollar sign in it. So you can see better queries aren't unimaginable, although this depends on your faith in taxonomies and natural language parsing. But refining the SMS search must be easier than building a space escalator (and hopefully, a higher priority). Google's SMS service is interesting for a couple of reasons. Texting is the world's most popular computer user interface. It's how most of the world communicates, too. The second is so obvious that we wouldn't mention it at all if it wasn't in danger of being forgotten with all the recent psycho-babble about search. Search is at best a bumpy road that gets people to information, that might or might not be useful to them. It's not, in itself, a destination. Nor is "information" a special kind of stuff. Google's mission statement, as it is for so many technology companies, is "to organize the world's information and make it universally accessible and useful." The first two are easy - the third one is hard. So we shouldn't be surprised to discover that services like AQA in the UK seem to have caught the popular imagination: it was created by people who pay as much attention to what people really do, than to the algorithms. Stateside readers with a mobile phone - that's the one without wires - can investigate the service here. ® Related stories Google founder wanted phones banned from HQ Google sued by Planet Goo Former Symbian, Psion boss answers all your questions UK premium rate phone complaints rocket Drp yr WMDs now plse! - debunking Iraqi text psyops Premium rate txt on the rise Stop this SMS I want to get off
Andrew Orlowski, 08 Oct 2004

Apple colour-screen 'PhotoPod' said to be in production

The iPod looks set to make a further step into PDA territory if claims that Apple is preparing a 60GB model equipped with a 2in colour display and iPhoto synchronisation prove correct. "Highly reliable" sources cited by ThinkSecret claim that the new model is currently in production, presumably for a pre-Christmas introduction, and will make photo viewing a key feature. The new machine is said to be based on Toshiba's recently announced 1.8in 60GB hard drive, but that was always a logical move given Apple's long-time partnership with Toshiba for iPod hard drives. The colour screen is more interesting, since it's somewhat contrary to one of the iPod's key selling points: its simplicity. However, as PDA makers like PalmOne discovered, going colour may not be the best move, but if your competitors are doing it and the public wants it, what can you do but follow? Sony's soon-to-be-released Vaio VFG-AP1 player sports a colour display, as do upcoming products from iRiver, not to mention items like Creative's Portable Media Center. And if you're going to do a colour screen, you need to do something with it. Apple's iPod chip partner, PortalPlayer, announced support for image formats almost a year ago, so the platform is ready for storing and browsing photos. Video is also a possibility, but Apple's oft-stated belief that the time isn't right for mobile video makes that less likely. Expect it to show album art. The device will tie in to Apple's iPhoto software, which currently only runs on Mac OS X. Will the new machine, like the original iPod, remain a Mac-only product, or does Apple have iPhoto for Windows ready to launch? A new version of Apple's iLife package is expected early next year, so there's certainly an updated version of iPhoto on the way. Mac OS X 10.4 is believed to be scheduled for shipment in the same timeframe. The new iPod may used 'Tiger's' integrated device synchronisation engine - what is today the standalone iSync - for iPhoto transfers. ThinkSecret's sources claim the new iPod will sport audio/video out ports, but it's not clear whether that's in the player, its docking cradle or both. Together, the whole package will retail for a premium $499, the sources say - $100 more than the 40GB monochrome model. ® Related stories Alleged Apple Flash iPod 'partner' signs with Rio Apple iPod team seeks Wi-Fi engineer PortalPlayer Photo Edition paves way for Picture iPod Sony apes Apple with coloured music players Toshiba tilts digital music player line at iPod MS cheers as Amazon offers 'iPod killer' Media Centers iRiver to ship third 'video iPod' in July Related reviews Sony Vaio Pocket VGF-AP1L digital music player Xonix 256MB MP3 Watch Neuros II 20GB HDD music player Creative MuVo 2 4GB MP3 Player
Tony Smith, 08 Oct 2004

ATI Q4 sales, income rocket

ATI saw its income almost triple during its most recently completed fiscal quarter, Q4 2004, the company said yesterday after announcing record results. Revenues for the three months to 31 August 2004 totalled $572.2m, up 50.3 per cent on the same period last year and 16.4 per cent on Q3 2004. Gross margin for the period came to 33.8 per cent, down 1.8 percentage points. Net income reached $61.2m, up 174 per cent on Q4 2003 and 26 per cent on Q3 2004. Earnings came to 24 cents a share - a good margin over Wall Street's 21 cents average. ATI said desktop discrete chip sales rose 40 per cent during the quarter thanks to strong demand from PC OEMs for PCI Express graphics solutions. Notebook-oriented graphics chip sales rose 20 per cent, though notebook chipset sales declined. Sales of phone and PDA-oriented products more than doubled, ATI said. Digital TV chip revenues rose "dramatically". Crucially, ATI reported not only growing demand from existing customers but greater design wins, establishing a stronger sales base going forward. For the FY2004 as a whole, ATI saw revenues total just under $2bn, up from the $1.4bn reported this time last year. Annual income reached $204.8m, up from FY2003's $35.2m. ATI said it believes Q1 2005, its pre-Christmas quarter will see revenues continue to rise, to be between $600m and $640m, for a sequential growth rate of 4.9-11.9 per cent. Gross margin will fall somewhere in the 33-34 per cent range, it said. Income and earnings levels will be affected by an exceptional charge of $7m as ATI covers the cost of "expense compensation costs associated with stock options granted to employees after 1 September 2002", the company warned. ® Related stories ATI breaks revenue record ATI readies 'Radeon Xpress' Athlon 64 chipset ATI to unveil Athlon 64 PCIE chipsets 'this month' Athlon 64 PCI-E chipset here by end of year 'for sure' ATI unveils mid-range Radeon X700 ATI HyperMemory revives little-used AGP 2x feature ATI syncs audio, video with Theater 550 chip ATI unwraps All-in-Wonder X800 XT
Tony Smith, 08 Oct 2004

AT&T culls another 7,400 staff

AT&T is to stop marketing traditional consumer services, resulting in the loss of another 7,400 staff. The the US telecoms giant had already planned to cull around 4,900 jobs during 2004 - a cut of around eight per cent of its workforce. But last night it warned that it would "significantly exceed its previously estimated workforce-reduction target...[and] now expects to reduce total headcount by more than 20 per cent in 2004". Thish means a further 7,400 are to be culled, taking total job losses for the year to 12,300. So far, around three quarters of affected workers have either left - or been told they face the chop. The financial burden of axing so many jobs is expected to cost the company around $1.1bn (£620m). By the end of the year AT&T expects to employ around 49,000 people - down from the 62,000 ten months ago. It blamed the move on "sustained pricing pressure and the evolution of services toward newer technologies in the business market as well as changes in the regulatory environment, which led to a shift away from traditional consumer services". Said AT&T chairman and chief exec Dave Dorman: "In response to recent regulatory developments and a highly competitive market, we have made some tough decisions to reduce our workforce and cut costs." The company remains adamant that the "acceleration of workforce reductions and other cost-cutting initiatives are having a positive impact on profitability across the business". The telco is also reducing the paper value of its assets by $11.4bn (£6.37bn). ® Related stories AT&T Wireless launches mobile music store AT&T Wireless launches mobile music store Say goodbye, then hello to AT&T phones AT&T goes live on 3G
Tim Richardson, 08 Oct 2004

Romanian Jedi warm to El Reg

It's always flattering for a publication to see its musings translated into a foreign tongue, so it was with great delight that we recently spotted part of a ground-breaking Reg report in Romanian. Yup, our fearless exposé of the Romanian Jedi Academy has provoked a certain amount of comment among the members of that august establishment. Delighted that the initiative has caught the eye of El Reg, one proto Luke Skywalker takes the following magnificent piece of journalism: Count Dracula had better watch his back - the Romanians have opened a Jedi Academy and it can only be a matter of time before graduates are working their way through Transylvania at weekends, smiting the undead with their light sabres, between bouts of trading collectibles and arguing as to whether The Phantom Menace was merely the worst Star Wars film or actually the worst film ever made. ...and offers part of it as: E numai o chestiune de timp pina cind absolventii Academiei Jedi vor haladui la sfarsit de saptamana printre gunoaie si resturi, stirnindu-i pe ne-morti cu sabiile-de-lumina si certindu-se intre ei daca Amenintarea Fantomei este cel mai slab film al seriei sau cel mai slab film facut vreodata. Top stuff. Sadly, though, the disussion of our coverage then turns to the small matter of the Dracula reference, roundly condemned as a piece of ethnic stereotyping which maintains that Romanians spend all of their spare time decapitating corpses and bedecking their humble cottages with garlic flowers. At least, that's what we think they're saying. Readers who have studied Romance languages other than Romanian will be able to see from the above that there are tantalising similarities between the language and, say, Spanish. The Slavic influence is evident, though - notably on the vocabulary*. Bearing that in mind, we're pretty certain that some Romanian Jedi would like us to set the record straight regarding Romania, viz; that it is a highly-developed eastern European democracy with TV and electricity and everything and that the locals are not a superstition-struck bunch of yokels who cower in fear of the night. And we're happy to do so, and further recommend Romania as an ideal short weekend break location for sophisticated metropolitans - apart, that is, from the eastern village of Cristinesti where locals recently mistook disco lights in a nearby town for an alien invasion and fled for the hills. ® Bootnote *According to this reference, Romanian has "77% lexical similarity with Italian, 75% with French, 74% with Sardinian, 73% with Catalan, 72% with Portuguese and Rheto-Romance, 71% with Spanish." Related stories Romanian villagers flee disco-dancing aliens Romanians open Jedi Academy Readers give us a kick in the Balkans
Lester Haines, 08 Oct 2004

House approves anti-spyware bill

The US House of Representatives yesterday unanimously passed a bill that would make using spyware to snoop of the online activities of consumers a criminal offence. The Internet Spyware Prevention Act would allow the courts to send offenders who use spyware to commit other crimes such as stealing user's credit card details, or computer cracking, to jail for up to five years. The legislation authorises the US Department of Justice to spend $10m targeting organisations which sneak rogue programs on users' PCs without their consent. As well as spyware, the bill also targets people and organisation responsible for launching "phishing" attacks. Earlier this week the House voted by 399 to one to pass the Spy Act, which would allow the courts to impose hefty fines on organisations caught using spyware. The two bills are widely expected to be combined in a single piece of legislation that would be put to the vote in the House before the start of next year, AP reports. ® Related stories Bush to sign anti-phishing bill There is no anti-spyware silver bullet CoolWebSearch is winning Trojan war When spyware crosses the line US moves towards anti-spyware law The average PC: spyware hotel
John Leyden, 08 Oct 2004

Analyst lifts 2004 chip capex forecast...

Chip makers will spend $45.7bn on new plant this year and a further $45.8bn in 2005, market watcher Gartner said this week. But while 2005's figure remains higher than 2004's, the company revealed it had lowered its growth forecast. In July, Gartner said 2005's capex would jump 13.4 per cent over 2004's total, then forecast at $44.8bn. That would have left 2005's capex at over $50.8bn. While Gartner has raised its 2004 capex forecast by fractionally under one percentage point, that's not enough to cover the 2004-2005 growth decline, from 13.4 per cent to just 0.4 per cent. That leaves 2005's spending essentially the same as 2004's - $100m is not a lot in this business. Gartner is now forecasting a 0.6 per cent decline in chip-making equipment sales in 2005, compared to 2004's levels. The reason? "A downcycle in 2005 driven by supply and demand issues," said Klaus Rinnen, VP for Gartner's semiconductor manufacturing and design research group, in a statement. However, it appears to be a relatively gentle downturn: "We do not expect a semiconductor device unit contraction, but rather a slowing in the pace of expansion, which, combined with new capacity additions, would lead to a supply-demand imbalance," he said. "Utilisation rates should drop below the 90 per cent level in the seasonally weak first quarter of 2005," he added. "While seasonal demand growth in the second and third quarters will buffer the impact of capacity in motion, rates will decline in late 2005 and bottom out in the first quarter of 2006 in the low 80 per cent range for all production before beginning to climb again." Fab utilisation rates currently stand at around 94.7 per cent, down from Q2's 94.8 per cent, as demand slows on the back of big purchases during Q2. Q1's rate was 93.2 per cent. ® Related stories AMD turns profit on strong 64-bit chip sales ATI Q4 sales, income rocket World chip sales flat in August IDC ups '04 PC sales forecast Hynix pumps up 2004 capex Slowing H2 chip sales to hit 2005's growth - report AMD grabs Intel market share in desktop arena
Tony Smith, 08 Oct 2004

Shifting cyber threats menace factory floors

The factory floor of a modern paper manufacturing plant is a ballet of heavy machinery and razor-sharp blades, pressing, dying, rolling, unrolling and cutting dead tree pulp by the ton. To James Cupps, it's something else, too: a target rich environment for cyber attacks. Cupps came to this perspective about three years ago, when, as newly-appointed information security officer for a large U.S. paper manufacturer, he got a phone call from an engineer posing a theoretical, but troubling, question. "He was worried about whether somebody from another site could control his equipment remotely," says Cupps. "And I looked into it, and, sure enough, they could." At issue were the Programmable Logic Controllers that served as the electronic brains of each major piece of plant equipment. PLCs are microprocessor-based systems programmed to make the timing and control decisions in machine automation that once required arrays of electromechanical relays. They're essentially discrete computers wired into the machinery, monitoring and controlling functions like the speed of a motor or the movement of a conveyer belt. Those PLCs are in turn manipulated remotely from a plant's control room. On older systems, PLCs communicated over RS-232 serial lines -- slow going, but relatively secure. But modern PLCs can plug right into a plant's Ethernet, exposing them to whatever threats lurk therein. Coming from an IT environment, Cupps hoped to find that the control systems at his company's plants were protected by at least as much security as a Windows desktop. But when he set up a sniffer and monitored the traffic between a remote control program and one of the PLCs, he was dismayed to witness the program handshaking with the device by sending it a single UDP packet, with six plaintext ASCII characters as the data field. That's how Cupps learned that the secret password to take control over much of the hardware on the factory's assembly line was a hardcoded "hihihi." "Script Kiddy Material" "We talked to the vendor after this, and they talked to us a bit and they gave us recommendations," says Cupps. "But what it comes down to is they don't have any authentication mechanisms built into their tool, and until they do it's not going to be fixed." The controls systems at Cupps' company are made by Rockwell Automation, but Cupps hastens to point out that the absence of authentication on PLCs is an industrywide problem, and not at all limited to one particular vendor. Other experts agree, and say the root cause is historical: the control systems rely on protocols and industry standards that were built for dedicated serial lines - not shared TCP/IP networks. "It's script kiddy material to control PLCs," says Eric Byres, a researcher and critical infrastructure security specialist at the British Columbia Institute of Technology (BCIT). "When the protocols were designed it wasn't Ethernet, it was a closed system. Then when the Ethernet was added the protocols remained the same." The implications are disturbing to Byres and Cupps; in factories across the globe PLCs control pumps, conveyer belts, paint sprayer booths, welding machines, motors and other equipment. Neither expert envisions hacked robotic welding arms turning on their human masters, but the costs of an attack that shuts down an assembly line can be significant. "For most companies, if you interrupt production for even ten minutes, you're talking about tens of thousands or even hundreds of thousands of dollars," says Cupps. "We found numerous ways to perform single-packet denial of service attacks against PLCs," says Byres. "You send one packet and this box isn't going to be working for a while." On Wednesday, BCIT put some numbers to the problem. A report released in conjunction with the UK-based PA Consulting Group counts a tenfold increase in the number of successful cyber attacks on control systems since 2000. The study is based on an analysis of entries in BCIT's Industrial Security Incident Database, a decades-old voluntary industry information-sharing program. That attack spike isn't as ominous as it sounds; since its launch in 1981, the BCIT database has logged a total of only 34 confirmed incidents. But Byres believes that's the tip of the iceberg -- that for every attack reported another 10 to 100 are kept secret by the victim. Moreover, Byres says the most significant finding in the report is that the source of attacks has shifted. The 13 cyber security incidents logged between the years 1982 and 2000 were almost all attributable to accidents, inappropriate employee behaviour, or sabotage by disgruntled employees. In contrast, 14 of the 20 incidents reported from 2001 through 2003 were from external sources, like the Internet. "There was always an assumption that your biggest threat was coming from the inside," says Byres. "That's now incorrect. Your bigger threat is coming from the outside, and that surprised me." Processer Power Issues In a lot of those external attacks, control systems were merely collateral damage from IT issues like worms, "because we have Windows running all over the plant floor," says Byres. So far, directed attacks against PLCs are virtually unheard of. "I don't think the hacker community has totally woken up to the opportunity, fortunately," Byres says. "I think we've got a bit of a jump on them." There's no telling how long that will hold, though, and a number of industry, governmental and public initiatives are trying to close the vulnerabilities before serious attacks take place. Efforts range from a US Department of Commerce plan to develop security standards for control systems, to an open-source firewall project designed to protect PLCs that speak Modbus/TCP, the networked update to the industry standard MODBUS protocol, which lacks authentication. Michael Bush, security program manager at Rockwell Automation, acknowledges that Ethernet-enabled control systems "change the rules significantly" from the days of dedicated serial lines. But he says that PLCs simply haven't had the processing power to handle encryption and authentication protocols. "A typical plant floor device has significantly less processor bandwidth, horse power, speed and memory than a PC," Bush says. "A lot of things like the authentication protocols and the encryption protocols that are in PCs use enormous amounts of power." Bush says that's just now changing with the industry's latest generation of controllers, and that authentication is on its way. "As devices on the plant floor start to have the processor capability to support these advanced protocols, we'll begin incorporating them," says Bush. "We're right on the cusp of that." But he cautions that PLCs can have a lifecycle as long as 20 or 30 years before plants replace them. In the meantime, Rockwell advises customers on how to secure networks that run control systems, and publishes a detailed whitepaper on the topic. For his part, Cupps says he took emergency measure to shore up the control systems at his company, then committed to a massive reorganization of its networks, putting the factory floors on their own subnets, adding firewalls between them, and installing intrusion prevention systems, among other things. He estimates the effort took over two years and $1 million dollars to complete at the company's 15 factories around the world. And while he's confident that the measures are adequate, he'd still like the devices to speak a more secure language. "The problem is the hard-and-crunchy on the outside and soft-and-chewy on the inside syndrome," Cupps says. "The reason you need an authentication mechanism is there are vulnerabilities that are unique to IP sessions, like source address spoofing... That's why it's important for these companies to take a look at this stuff and use some sort of asymmetric key to make sure the right machines are talking to the right machines." Copyright © 2004, Related stories Nuke watchdog issues cybergeddon alert Mitnick movie comes to the US Sluggish movement on power grid cyber security
Kevin Poulsen, 08 Oct 2004

BOFH: A ringside seat at the Boss-baiting pit

Episode 34Episode 34 BOFH 2004 "And this is what again?" "The heatsink," the PFY responds calmly. "It fits on top of the processor." "And the fan sits on top of it!" the new Boss says happily. "Yes. No, not that fan, that's a case fan. The small fan screws into the heatsink." "Of course - it's obvious when you think about it!" "If you think about it, yes." Building your own PC is not one of the activities we recommend for non-technical managers. Or technical managers for that matter. Even more so for technical managers who aren't all that technical, but think they are. It’s even worse when the non-technical technical manager is the new boss with a great idea of saving cash by making our own machines. The PFY, after trying to talk him out of it by recounting the MTBF of build-your-own-kit and the sliding scale of cost over reliability decides - out of the kindness of his heart and stupidity of his mind – to help the new Boss in his endeavour. "And we swing the little lever over now?" "No, screw the fan to the heatsink first, THEN we put the processor in, THEN we swing the lever over, THEN we take the little sticker off the heatsink, THEN we clip the heatsink on." "And you have to be careful to get the chip in the right way around?" "Yes." "Well there doesn't seem to be all that much to it really. Honestly, the way you people talk, you'd think you were building Beagle III, when in actual fact it’s more like Meccano." "Yeah, we do make it out to be a lot more than it is," he responds drily. If I could somehow distract the PFY, I'd to warn the Boss that comments like this are the equivalent of teasing a hungry attack dog... Still, it is a slow week… >click< "And I plug the memory in now?" "Uh huh, but the other way around," the PFY says, gesturing. "Yes yes, I'm not stupid," the Boss snaps. (>tease tease<) >clip< "And now I connect up the power supply!" he says. "No, plug the disk cables in first." "Yes, yes, I was going to do that." "And now the disk power cables." "GIVE ME A BLOODY CHANCE, I'M MAKING SURE THE CABLES ARE THE RIGHT WAY AROUND!" the Boss lies, annoyed. “Honestly.” (>tease< >tease< >jab with a sharp stick<) "Oh, you're right, they're not in the right way,” the PFY adds. “Which is surprising, because you shouldn't be able to do that!" "Well you are in my light…" the boss snips. (>jab< >jab<) Around about now I'm wondering who's going to crack first as the Boss is starting to get a little testy too. Oooooh BITCH FIGHT! I'd best get a coffee and some popcorn! By the time I'm back from the coffee machine, the Boss has tried to bury the hatchet .in a non-escalating manner by apologising to the PFY. Ah well, Can’t win em all. "And so it should be able to start now?" the Boss asks. "Should do, yes." The Boss pushes the power switch, and, in the manner of a poorly located xyzzy, Nothing happens. "It's broken," the Boss says. "No, it's probably something simple," the PFY says. "Lets have a look inside." An hour later. . . "I don't get it," the PFY says. "I've checked everything on another box and they're all working ok.” "Perhaps it's something you've forgotten," the Boss says smarmily. >prod< >tease< "The power supply is switched off at the back of the machine!" the Boss notes, locating the source of the problem. When caught out by someone with technical ability so far below yours it looks like an ant on a runway, there are two possible responses: Like 98 per cent of the population and admit that you have made a mistake, or lie like a bastard in a pathetic manner to cover up for your momentary lapse of technical acumen. "No, I turned that off to isolate the unit," the PFY lies, taking the path less traveled. "So that won't be the problem. But I think it's possibly a thermal lag heating coefficient problem in the processor mount." Now that the PFY has gone down this road the Boss’ machine is a goner. There’s no way on earth he’s going to let it work once the power is switched on. Which means it’s popcorn time! "A what?" the Boss asks, being new and not knowing the smell of recycled hay. "It doesn't matter." the PFY says. "We just need to remove and reseat all the components again." "Are you sure?" "Positive." "Right, I'll just plug myself in," the Boss says, clipping the earth lead onto his antistatic bracelet. "Don’t worry about that,” the PFY blurts. “You plugged it in earlier so it’ll be operating in wireless mode! Oh, look, you haven’t secured the CPU fan. Right, grab the hot glue gun and drop a huge glob onto the fan just there.” "Right, done," the Boss says dully. "Anything else?" "You’ll want to zero the memory.” “How?” “Just pop it out and rub it up and down on the carpet tiles for a couple of minutes…” . . . Switching the voltage on the power supply to 115 just after the processor cooked was just cruel, and I would have called a halt to the whole thing if I hadn’t been videotaping it. She’s a hard road finding the perfect balance of cost to reliability though… ® BOFH: The whole shebang The Compleat BOFH Archives 95-99
Simon Travaglia, 08 Oct 2004

Orange UK to squash techie jobs

Some 300 techie jobs could be axed by Orange in the UK as part of plans to make the mobilephoneco more efficient. Workers have been told that the company is looking at job cuts but Orange has so far declined to say how many face the chop. However, a PA report puts the number somewhere between 200 and 300 job losses. In a statement Orange said: "We have announced to staff that we are restructuring the departments that manage our network and technical systems. No customer-facing staff are affected. This restructure is part of an ongoing process, designed to make Orange more efficient in a highly competitive market. "We would stress that the changes are only proposals at this stage, and we can't confirm how many jobs could go until we've finished consulting all the staff who may be affected." ® Related stories Orange network wobbles after planned upgrade Orange admits crossed line fault with Vodafone Crossed lines leaves Orange punters seeing red Orange buoys France Telecom results
Tim Richardson, 08 Oct 2004

German fined for publishing neo-Nazi web links

Linking to neo-Nazi websites in Germany can cost you dear. The founder of a German online protest forum - http://censorship.odem.org/ - against web censorship was sentenced by the district court in Stuttgart today for linking to two neo-Nazi sites and a bad-taste website hosted in the US. Alvar Freude is not an advocate of neo-Nazi content but thinks of himself as a fighter for a free internet and freedom of information. But links to the websites of neo-Nazis Gary Lauck and Dan Block and the legendarily nasty rotten.com landed him with a fine of €3,000. The case results from the debate surrounding website blocking orders issued in 2001 by the district government of Dusseldorf to ISPs in North Rhine-Westphalia. The authority demanded blocking of the domain names nazi-lauck-nsdapao.com and stormfront.com by domain name or IP address. Challenges to the blocking orders from several ISPs are pending court hearings. Freude, however, published critical commentaries on and analysis of the debate and linked to the barred websites. For his trouble, the district government reported him to the local constabulary. He was found guilty of "aiding and abetting access" to material published by people "inciting racial hatred [and] denying the Holocaust" - a criminal offence in Germany. Freude tried hard to convince the court that the Nazi links were merely documenting part of the website-blocking case. To block access was the wrong way to fight Neo-nazism, he argued. It could even endanger the constitutional right to freedom of information, since blocking lists might grow once the precedent was set. Another provocation to the Dusseldorf authorities was a project called "freedomfone", in which Freude had offered people the chance to call a premium-rate phone number to get blocked web content read aloud to them. "Is somebody restricting your internet access? No problem, use FreedomFone to get the missing information over the net!" reads the promotion. "I did not expect people to call and in fact nobody called. It's satirical," explained Freude to the judge and district attorney. But neither found it funny. The district attorney said Freude risked "confusing young people" by making Nazi propaganda available to them. If the only intention was to fight for freedom of information he should avoid linking to the content that he knew was illegal. Freude's work did not qualify as documentary, according to district attorney and judge. This would protect him against punishment according to an exemption in the penal law. "Documentary is for museums or exhibitions," said the attorney, adding that newspapers too enjoyed this exemption. But this was not the case for Freude. The judge agreed with this analysis when passing sentence: "It is not research, education or reporting," she said, before further declaring the freedomfone project "too flimsy for art". Freude's lawyer was annoyed by the lack of reasons given for the sentence. In his summing up he argued that Freude had "nothing, and nothing at all" to do with the content of any of the the sites he had linked to. The website, he noted, had been used by the media and other legal experts as source material during the debate and was therefore nothing more than record of current events. "This kind of documentation is not only not illegal, but in fact socially desirable." Freude's lawyer said his client would appeal the sentence. Difficult questions lay ahead for the German criminal justice system: what is "documentation" and what is not? And who can claim that his or her work is documentation? Would Freude's work qualify as such if he had a title or worked for an institution? The district government of Dusseldorf does not link to the domain adresses of the Nazi websites, yet publishes them on its own website. Is there a difference between a linking to, as opposed to simply publishing a domain name? None of these questions has yet been addressed by the courts. ® Related stories German police blitz music-swap neo-Nazis Germany may strike Nazi sites with DoS attacks US judge's Nazi net ruling turns worldwide law on its head
Monika Ermert, 08 Oct 2004

Second chance scammers and the meaning of 'Va va voom'

LettersLetters It has been a big news week for eBay. It turned five, asked for a new trial over some patents, CEO Meg Whitman toppled Carly Fiorina from the top of the most powerful women in IT list, and fell victim to a new scam attack. Naturally, you had most to say about the scam: This is NOT a new scam! This has been going on for _years_! Read the newsgroup rec.games.pinball through Google and look up ebay scams. The pinball community is often the hardest and first hit with new scams since the items are normally traded for thousands of dollars. Other common scams: Alternate seller contacting you through ebay (before bidding is over) saying they have an identical item for farrr less, spammers setting up fake auctions where all bidders must be "pre-approved" (send them an email to be approved, you're not, but now you get TONS of spam), item listed as residing somewhere in the US but when you either ask to inspect it, the item has suddenly "moved" to Germany or the Netherlands or some other far far away place, etc. The one that I got recently that I kind of liked was a was to "hack" into paypal. That was a neat phishing scam (although its effectiveness I somewhat doubt), since it was written by a native English speaker and looked somewhat complicated. Of course, it was all bunk and designed to distract people from the fact that they were sending their paypal username and password via email to a hotmail box. Oops. :) Vince I was nearly hit by a variation of this scheme whereby a new user has contacted me through the site's facility with an approach to settle an auction privately for an unusually high price. At first this seemed like a good idea until I did a little digging and realised that the shipping address is abroad, the user has no history and the account was only set up a couple of days previously. This may not seem strange, but the same person contacted me about multiple eBay auctions I had running and they used different eBay accounts - set up with exactly the same details (and the same contact email address - the give away!). The only link between the auctions was the fact they were mobile phones... Gee Just thought you might like to know your article was very well timed. I received an email from an ebay user today asking why they had been given a second chance offer for something I just sold, but from a slightly different username than mine. I sent him a link to your article....the guy was about to pay out over £500! Barnaby It's more than that - at one point (several years ago, to be sure), eBay would allow you to see/request e-mail addresses for any arbitrary username. Couple that with the recent uptick in fraudulent messages from non-existent eBay sellers that somehow include a 1-pixel GIF beacon - I think someone out there is quietly compiling a database of eBay username and addresses. I wouldn't be surprised if this fraud started not with a message sent through eBay's authorized contact form, but by a well-crafted spoof of an official eBay e-mail, sent directly to the recipient. Doesn't bode well, if that's the case... Michael You didn't think we'd let a letters bag go by without your thoughts on Mr. Ballmer's comments in Portugal, did you? For shame... You quote Ballmer: "India and China produce more computing graduates than almost anywhere else." I can't stop LOL. I teach English to Chinese Comp Sci students at what is considered a top regional university over here. Out of 30 students in the special low-entry-bar class for rich kids (I hate these, but they make up the bulk of my assigned classes -- regular classes with real students are quite a bit better), I could point out possibly two who are actually interested in computers. The rest have been pushed into it by their parents who want their child to be "rich like Bill Gates". They have no interest in computers and hence little ability beyond punching in Textbook Java and C++ and the only thing they know about the global computer industry is that Bill Gates is the richest man in the world and he owns Microsoft. I'm not kidding -- that really is it. I tried to build an entire Oral English unit around discussing current tech-industry issues (history, future directions, open- v's closed-source -- pros and cons of both models in different situations, computer security -- SPAM, viruses, spyware, and so on) and it fell flat on account of I actually expected them to spend an hour a week doing research on the internet (I even gave them the keywords to plug into the search engine) and learn something. They don't know and they made it quite clear that they don't care. Who are Steve Jobs, Steve Wozniak? They don't know. Linus Torvalds? Richard Stallman? Don't know, don't care. Who is Larry Ellison? Never heard of him (this is a several months after he did a major -- and heavily-press-covered -- tour of China). Keep in mind these are Comp.Sci. majors -- I wouldn't expect a lay-person to recognise all those names, though a good number of lay people -- even here in China -- would at least get the Larry Ellison one. Funniest of all, they had absolutely no idea who Steve Ballmer is (I enlightened them with the MonkeyBoyDevelopers music video). I had to refuse to assess the class as in 18 weeks they had learnt absolutely nothing. I even had the departmental director sit in on a few of my classes to check if it was my teaching, but he could only shrug and say-without-explicitly-stating-it "what do you expect, this course is just here to make us money and to fill the government-set quota on Comp-sci graduates for this year." The number of graduates in ANY field in China is set by quota. The trouble a colleague in the physics department had in getting a student who was actively disrupting classes removed was astronomical. She wanted him out. The other students wanted him out, the department wanted him out. The university administration wanted to meet this year's quota for physics graduates. So Stevey-baby's comments on "...China produc[ing] more computing graduates than almost anywhere else." are quite funny in a very depressing way: there are so many computing graduates because the Government has decreed that it be so. It has nothing to do with either ability or even interest. Don't get me wrong, there are some really smart people over here, but no more per-capita than in any other country, and most of these smart ones aren't from rich enough families to be graduates in anything. The place is getting too much like the US these days. I'm out as soon as my present work contract is over. Better withhold my identifying details if you print any of this. Obvious reasons. Ballmer's a crack up! He should keep his mouth shut because nothing screams viable alternatives like claiming you'll respond with the might of the enire company should someone choose to do something different to what you offer. I loved the comment, "it’s not compatible with Microsoft Office and it’s missing key applications like Outlook." If Mr Ballmer is so interested in compatibilty, his company should start sharing a little more. Of course, that wouldn't be in their best interests, but it doesn't change the fact that Microsoft are the one's creating the ncompaitibilty and not Star Office (or OpenOffice.org). And while Outlook might be missing, I'm sure this is attractive to many organizations who don't need another security hole on there desktops. More importantaly, Star Office runs on some platforms that have alternatives to Outlook (like Evolution) so that may not be such a big issue anyway (and it might just be one more reason to give up MS for good.) My favorite bit was, "He blamed the success of Linux in the public sector on influential academics, who favour it because universities are Unix environments, and policticians reacting to "noisy constituents - and those Linux people are noisy." I'm one of the noisy ones. Of course, any ignorant fool can make these sort of negative comments about people who aren't using your product. Let me try and turn this comment around. You could say that Windows users don't have enough time to be noisy to their government about IT issues because they are too busy trying to recover from MS's latest patch, while desperately trying to update their virus definitions to the latest version." No wonder they don't have any time to spruke MS? Rodd Kodak announced nearly 900 job losses this week, 350 of them from the company's photographic film plant. I find it had to feel sorry for the managers at Kodak. I applied straight out of uni (1997) to Kodak for a job working in digital photography research, only to be told that Kodak did not see digital photography as the way forward. I have always resented that rejection! My wife now owns a very nice (presumably rebadged) Kodak digital camera and we no longer pay to get film developed (on Kodak paper using, Kodak machines and Kodak chemicals). Woohoo! Yay the demise of consumer chemistry. David The BBC has asked for help developing an open source video codec. Naturally, we knew we could rely on Reg readers to step up and support Auntie's efforts: They can have the VP4 source code from On2 for free. If you would like to, please let them know Best, Douglas A. McIntyre Chairman, President and Chief Executive Officer On2 Technologies, Inc. 1560 Broadway New York, NY 10036 www.on2.com If anyone at the Beeb is reading this, perhaps you would pass the message along? Some readers are a little less charitable: John, Maybe the BBC should ask their freshly-outsourced IT department to help...? Or wasn't that level of flexibility in the contract :D -Ian What I'm wondering is; If the BBC is so intent on avoiding patent issues, won't the entire process of checking code produced by third parties, as they seem to be asking for, bog down their production staff as much as having them work on it themselves? David The European Courts have been asked to rule on whether or not the UK's mobile operators are entitled to a VAT rebate on the money they paid for their 3G licenses. Fortunately, there is no need to involve higher courts and all those horribly expensive lawyers. Once again, Reg readers have the solution: "According to Paddy Behan, a VAT specialist at accountancy firm Grant Thornton, the meaning of the word telecommunications could decide the case. He told the FT: "If the operators' definition is accepted by the court, it is hard to see how they could lose."" Easy, peasy, the court decides that that it is VATable, so C&E send the telecoms operator invoices for an additional 17.5%. Cough it over, then you can attempt to reclaim as much as you like. Unfortunately our government will be too concerned with pumping up the economy to make it look great for the general election, so an extra £3.5 billion going on the bottom line of our big telcos will look nice on the FTSE. Alan More, briefly, on the shocking survey results that no-one likes buggy software: Since only 66 people bothered to reply, the rest must have been busy playing Solitaire/Minesweeper. Now that's a more interesting survey: how many IT managers prefer Solitaire to Minesweeper? You might get more than 66 replies. That'll tell you all you need to know. Btw, can someone explain what an IT manager does (if anything)? Are they the ones in charge of producing buggy software? Roop Are these the same IT managers that choose the wrong product for an insufficiently analyzed problem, then give unreasonably short datelines for implementing said product ? Are these the same IT managers who waste significant resources on useless pet projects, then whine that their budget is not big enough ? Software would be less buggy if developers were not ceaselessly badgered and pressured into churning out the latest high-priority app the day before it was asked. The test phase is always the first to be sacrificed, either in quality or in duration. And it is often the IT manager himself who breezes through and starts getting impatient about implementing the thing before the next board meeting. Pascal. Well, Pascal, these were the IT managers with enough time to fill in a survey form... Now on to more serious matters. The rise of the machines, and the emergence of more and more satanic cyber appliances. Soon, as they say, we will not be safe in our beds: Hi Lester. After reading your article "Man in satanic Renault terror ordeal" and several of the other "Rise of the Machines" testimonies, i remembered the following story about a more direct attack by a mobile phone. Since the original article was in Greek, i translated it for you as best as i could. The mobile phone turned into a grenade "A woman's mobile phone blew up like a grenade, while she was working in her office at the Municipality of Larisa. Fortunately, the explosion happened at a moment that she was not using it nor holding it, as it was at the inner pocket of her coat hanging near by. It was around 9 in the morning when a loud bang was heard at the office. Frightened employees and citizens searched for the source of the noise, and with surprise, they realised that the woman's coat was on smoke, while she stood puzzled not being able to believe what have happened. The phenomenon, although very rare, is assumed to have occurred due to, the type of battery and especially on whether it is genuine or not, as well as the charger." Well, it's an old story but it might be important since it's the first time (of what I've heard so far) that an attack was held on a state building. I'll leave the rest to you. Keep up the good work. Dimitris H. There's something very wrong about that story. The goons over at Slashdot gave it a good going over the other night and it doesn't make a lot of sense. The guy had footbrakes, a parking brake, a gear selector (and possibly a clutch) and he still couldn't stop his car. Give me break. (Pun?) He either panicked and didn't think of any of the above, or he's just found a tasty way of getting through the traffic! I certainly don't think we're going to see plagues of unstoppable cars on our roads in the near future. PS. As I write this a follow-up story has appeared on Slashdot saying that Renault have found nothing wrong with the vehicle. The plot thickens! James Re. your article about the rampaging Renault, whilst perhaps the best thing anyone can do to such Gallic rubbish is launch it off a cliff, the continual rise in the number of incident that are technology related should be investigated. I experienced a similar fright in a Mercedes Benz that I was thinking of buying (Hey, the job was paying well), which used electronics for the throttle instead of a simple cable. It decided to stay about two-thirds open, which gives a tidy shove forward, and the only thing I could do was select neutral and try and turn off an engine which was fast trying to grenade itself. Mind you, the salesman attempting to sell the car to me had an expression you could only paint....... Don't forget, we've had a Chinook helicopter fall out of the sky because of sh*te software (which our dear President's Government is happy to stay very quiet about), and the argument about the safety of Denis buses on our roads still rages (see Private Eye passim). I sound like a Luddite I know, but we are at times unrealistic about how far we let technology invade our lives, and the resulting injuries/loss of life are unforgivable. We need to get a grip. Before somebody does something really stupid like make a wireless nuke button for Dubya. Now that is truly scary! Pete This story sounds a bit like the truck driver who claimed his brakes had failed and his throttle was stuck at 60mph as he hurtled down the M1 towards the North Circular. It was later found he'd made it all up. On Yahoo! France, it's reported that far from being in denial, Renault are calling for an independent investigation, as they know it's the only way the car-buying public will be satisfied that the car is safe. The "Rise of the Machines" angle is funny, but don't forget the story of the American woman who insisted to Audi that her car shot forward rapidly when (according to her) she slammed her foot on the brake... User stupidity will probably one day bring the black box to cars. rgds, Matthew ROFLMAO... wish my Renault Scenic could do 200kph. Definately a case of VA VA VOOM ! Morgan Just give it to Thierry Henry , I'm sure he could handle its va va voom. Anyway, it sure makes me want to buy one, I could avoid a few speeding tickets with that excuse ! Karl A note for our non-UK readers: Renault runs a series of ads over here following Arsenal footballer Thierry Henry in his never ending quest to discover the French for Va Va Voom. This, we discover, is a mysterious quality evidently possessed by Muppets with drum kits, women in men's shirts and by the Renault cars in question. That's all, folks. More next week. ®
Lucy Sherriff, 08 Oct 2004

ATI CEO confirms AMD PCI-E chipsets shipping

ATI has already begun shipping its AMD-oriented PCI Express chipsets, CEO Dave Orton revealed during the company's Q4 results conference call last night. Of course, ATI has yet to announce its Radeon Xpress chipsets formally, but Orton expressed the company's happiness with the interest its customers have shown in the products. "We're quite encouraged in the early stages," said Orton, professing himself and the company to be "very excited" with the chipsets' "initial customer reception". So if ATI is shipping already, how come there hasn't been a formal launch? "We want to be very cautious on this one because we want to show it in the results this time," Orton explained. In other words, ATI doesn't want to announce the product until it's got volume shipment going - an approach seemingly in marked contrast to the Radeon X800 XT Platinum Edition launch, which has still to appear on the market in significant numbers. That in turn suggests that while Radeon Xpress parts are shipping, they're doing so in limited numbers. Orton said the company would be formally announcing "Radeon IGP products... for Intel and AMD platforms soon". "Stay tuned this quarter for more information," he suggested. According to reports on the web, first out will be the Radeon Xpress 200G and 200P, better known as the RS480 and RX480, respectively. The 200G incorporates an RV370 graphics core - the same core that's behind the Radeon X600 and X300 - while the 200P offers no integrated graphics, as expected. AMD-based PC vendors and their customers are apparently much keener on add-in graphics cards than their Intel equivalents, so ATI's decision makes sense. Both parts will support a range of HyperTransport bus speeds, to ensure compatibility with a variety of Opteron/Athlon 64/Sempron processors. ATI will follow these two chips with the RS482 in April 2005, a Radeon Express 200G variant that adds component video output. A separate South Bridge update is noted for February 2005, which updates the original's AC 97 audio to Intel High-Definition Audio. Whether it will be added then, or when the RS482 ships, isn't yet clear. The Radeon Xpress chipsets for Intel processors will appear in November, again with RV370 graphics cores, but with a choice of single- or dual-channel DDR 2 SDRAM support. The dual-channel part offers component video out. The RC400 will be updated to the RC410 in April 2005, when the chipset is remade using a 110nm process. ® Related stories ATI Q4 sales, income rocket ATI readies 'Radeon Xpress' Athlon 64 chipset ATI to unveil Athlon 64 PCIE chipsets 'this month' Athlon 64 PCI-E chipset here by end of year 'for sure' ATI unveils mid-range Radeon X700 ATI HyperMemory revives little-used AGP 2x feature ATI syncs audio, video with Theater 550 chip ATI unwraps All-in-Wonder X800 XT
Tony Smith, 08 Oct 2004
homeless man with sign

Intel delays Xeon E-0 core update to 29 October

Intel has rescheduled the release date for Xeon processors supporting what the chip maker calls Execution Disable Bit (EDB) technology - essentially the same code-disabling technology found in AMD, Transmeta and other CPUs, and used by Windows XP Service Pack 2 to render some viruses ineffective. Xeons that support an 800MHz frontside bus will now ship with EDB support on 29 October, according to Intel documents seen by The Register. In July, Intel informed its customers that the EDB-enabled Xeons would arrive on 24 September. That date came and went without any indication of the new CPUs, though Pentium 4 processors with EDB support did arrive early this month, as anticipated. Like the P4s, the updated Xeons are based on the revised E-0 core - the previous model being the D-0. The two parts are pin-compatible, so vendors should be able to slot in the new chips and go. E-0 Pentium 4s are indicated by a 'J' at the end of their model number. Presumably the new Xeons will be similarly marked, this time with the suffix applied to their clock frequency. ® Related stories Intel ships 'execute disable' Pentium 4s Intel 'Nocona' Xeon to get 'no execute' support Intel to add NX security to Pentium 4 in Q4
Tony Smith, 08 Oct 2004

Porn filters have a field day on Horniman Museum

Regular readers will know that we at El Reg studiously avoid reporting the sort of linguistic mishaps which result in schoolboy-style snickering and utterances of "Ooooh, matron!" in the manner of Kenneth Williams. Indeed, just last week we managed to completely bypass the sorry tale of a UK couple who christened their baby "Drew Peacock" only to get a very nasty shock when they typed it into Google. Likewise, we have never mentioned the legend of Scunthorpe and the trouble it had with emails and related domain names when they crashed against porn filters ("Who put the c*** in Scunthorpe?" came the cry at the time.) However, with the news that London's Horniman Museum has itself fallen foul of the electronic net nannies, we now feel that the innuendo-laden news possibilities have reached such a critical mass it would be journalistically irresponsible of us not to deliver the facts, as follows: According to newsshopper.co.uk, hundreds of Horniman's emails have been discarded by filters and returned to the "horny-man" responsible for their dissemination. So bad have things got that "some schools have even been prevented from accessing the museum's website where a range of educational packages on the Horniman's various collections can be found". Museum spokesman Antony Watson admitted: "We are currently experiencing some problems with our domain name for email and web traffic. It appears the issue lies with spam filtering software used by a number of internet service providers and web servers. At present, tests are being carried out to work around the situation and we hope the changes we have made to our servers have corrected the issue. "The blocking of email and web traffic is a frustrating scenario because the Horniman Museum is a much-loved and well respected part of the south London community. Our website is a hugely popular resource of information for educational purposes and it would be a great shame if our visitors had difficulties accessing it." Agreed. Anyone having trouble accessing the museum's website is invited to alert the institution at enquiry@horniman.ac.uk. Now, if you'll excuse us, we're off to check out some newsworthy saucy surnames from the UK 1901 census. Oooh er missus! ® Related stories Could you be descended from a Shagger? Reg gags on hardcore porn
Lester Haines, 08 Oct 2004

CA intros usage pricing for mainframes

It has been a busy few days at Computer Associates (CA) as the company first announced the acquisition of Netegrity and has now released details of a new licensing schema for its large portfolio of mainframe software. CA has actively promoted its FlexSelect licensing scheme for nearly two years. FlexSelect is designed to supply levels of flexibility not usually available to customers in traditional licensing models. FlexSelect supports, for example, much shorter contracts than those traditionally supplied by software vendors. This enables users to license the software required during migration projects for the duration of the project only. CA is now taking this licensing flexibility a step further with Measured Workload Pricing. This bases licensing costs on measured usage, rather than the total installed hardware capacity of the mainframe server. In the mainframe world it is becoming common for organisations to have a machine with MIPS held in reserve ready to cope with any peaks in workload. Measured Workload Pricing will use reports created by the IBM mainframe's native Sub-Capacity Reporting Tool (SCRT) and calculates associated costs quarterly. Baseline usage will be charged at a baseline cost, with additional utilisation incurring extra charges based on a pre-determined scale. Existing users of CA's suite of mainframe software that have CPU or MIPS-based licences can convert to the new model, if they wish. CA will continue to offer existing licencing offerings. At the same time, CA is also introducing 20 mainframe management solution sets (comprising multiple integrated products) that will be available only under Measured Workload Pricing. These include Network Management and Systems Management and range through Information Lifecycle Management and Storage Management. Also provided are solution sets for Identity Management, Change Management and Financial Administration. IBM's Erich Clementi, general manager, zSeries, IBM System Group, welcomed CA's move on pricing: "By employing Measured Workload Pricing within their mainframe business model, CA is positioned to better support our mutual customers' computing strategies. Their usage-based pricing will be good news for the customers of the zSeries platform, as it supports variable software charging, which is aligned with the concepts of an on-demand business model." Indeed, if the pricing is attractive this development is to be welcomed. It has been apparent for some time that new models for software licensing are needed if organisations are to achieve maximum benefits from the increasing suppleness available in modern servers. Without software usage flexibility, server flexibility is a nice feature. With software flexibility, server flexibility can become very compelling very quickly. All software vendors recognise that their licensing must adapt in response to utility, grid and flexible computing infrastructures. CA's delivery of Measured Workload Pricing for the mainframe is very welcome and is a natural evolution of FlexSelect. Let's hope that other software authors will also bring forward new licensing models; and that the type of model being introduced on the mainframe will soon make its way to other major server platforms, where similar challenges exist. Copyright © 2004, IT-Analysis.com Related stories CA upgrades BrightStor line with gusto BMC grabs IT Masters 3A security software to boom
Tony Lock, 08 Oct 2004

Fighting the army of byte-eating zombies

Being an intellectual dilettante, the fields of Systems Theory and Knowledge Management interest me greatly. One of the key principles of those fields is the DIKW Hierarchy first developed by Russell Ackoff, the idea that human minds (ideally) interact with the world and progress through what they find in a hierarchical process, from Data to Information to Knowledge to Wisdom (Ackoff also adds Understanding, but not everyone does). This makes sense to me, and it helps me think about my own day-to-day education so I'm always asking myself some pretty important questions: How valuable is this data? What can I gather from this data? How does this information work together? Why is what I'm observing happening? Finally, what can I do in the future to either repeat this, if it's positive, or reduce the likelihood of its recurrence, if it's negative? If you think about it, the DIKW Hierarchy also defines the job of security pros. Security professionals are in the business of: Gathering data (logfiles, of course, but also visual inspections, asking questions, reading listservs and RSS feeds) Turning that data into information (figuring out what is happening to whom, and where and when it's happening) Applying information to create knowledge (how is this happening) Synthesizing knowledge into wisdom (what can we do to make sure we're safer? what are best practices?) Recently Symantec released their latest Symantec Internet Security Threat Report, and it is a document that all security pros ought to read. It's free (although you do have to register to get it), it's detailed, and it's full of data, information, and even some knowledge. Let's take a look at some of the more interesting data points in the document and see what we can gather from those. (Full disclosure: SecurityFocus is owned by Symantec, so I'm discussing a document written by a parent company. But trust me, this is worth your time, and I'd be writing about it regardless of its source. A new virus every hour "Over the past six months, Symantec documented more than 4,496 new Windows (particularly Win32) viruses and worms, over four and a half times the number as the same period in 2003." Whoa. I'm no mathematician, but that means we're seeing a new virus or worm every hour of every day. Of course, not all of these are Sasser or Blaster or CodeRed, but still. That number should get your PHB's attention. Walk in and say, "PHB, we've been at work 8 hours today. During that time, 8 new viruses and worms have been created. When we come in tomorrow, 16 more will have been created. 24 hours in a day, 24 new viruses and worms." Let that one sink in. Then quote that number to the people whose machines and networks and data you're tasked with protecting. Oftentimes what we do doesn't really sink in with quote-unquote normal users. I'll bet that this will. It's concrete, it's easy to understand, and it will hopefully make them realize why they need to be hyper-vigilant about updating AV databases and not clicking on every damn attachment they get in their mail. An army of byte-eating zombies "Over the first six months of 2004, the number of monitored bots rose from well under 2,000 computers to more than 30,000." They're out there, waiting. Too many to overcome. Stupid, unthinking, with just one purpose: to overwhelm you, to make you one of them. A large and growing threat for which you must prepare (yes, I saw Dawn of the Dead again recently - the good one, from 1978). I think most people can understand bots and the dangers they pose. In fact, I think the idea of bots both intrigue and horrify people when they hear about them. The idea that someone can remotely control a huge army of machines, with the so-called owners of those machines not even aware that the machine they use is not really theirs any longer - that's amazing to non-technical users. But when you explain the consequences of a couple of hundred machines working in concert to further the ends of a criminal, or a couple of thousand ... well, that's pretty scary. And that 30,000 number is just the ones we know about. If you want to purchase an IDS or invest in greater vulnerability alerting, this number may help you. No, you can't run KaZaA "Peer-to-peer services (P2P), Internet relay chat (IRC), and network file sharing continue to be popular propagation vectors for worms and other malicious code." Look, I use P2P ... on Linux. And when I used P2P apps on Windows, I knew not to use the ones that come loaded with ten kinds of spyware, and I only shared one little folder on my hard drive, and I knew to watch out for executables, and I scanned everything I downloaded. Most people have no idea. They just go download KaZaA, or whatever else their friends are using, and they don't pay a bit of attention to what they're sharing or what they're downloading. Gotta get that new Justin Timberlake song! At home, P2P is cool. At work, P2P has no place ... unless you've set up Groove or some other corporate-approved app that is used solely for business purposes. IRC at work? Not for most people (programmers, maybe). Network file sharing? A huge problem, but necessary, so it is tightly controlled. Again, the numbers in the report will help justify your actions to those who pay the bills. Use the report. That way, it's not you that's the bad guy for taking away P2P and file sharing: it's those killjoys at Symantec who explained that bad guys use those apps to get into our network and do bad things. It ain't lil' Johnny anymore "The rise in targeted attackers for e-commerce ... may indicate that the motivation of attackers may be shifting from looking for notoriety toward seeking illicit financial rewards." It seems that while script kiddies are still a problem - and will always be a problem - they are fading as a threat before a bigger, badder worry: organized, professional criminals who know what they're doing and know what they're after. It's never a good thing when your computers or network gets taken over by a young punk, but there's usually a limit to what he wants: to show off, to perhaps take something, or even, in the best circumstances, just to poke around and learn. Sometimes, of course, our young punk engages in criminal activities, but often they're stupid or clumsy. Now, though, we've really got problems. The professionals smell blood, and they're after far more than props from their pals. In fact, these guys don't want to show off. They want to stay as incognito as possible so they can steal ... well, everything. Money, identities, credit card numbers, you name it. When talking to your bosses - and your users - I don't recommend using "hackers" anymore, as in "We're facing threats from hackers". Instead, I'd use "organized crime". We're facing a radically different threat, so it's time we started talking like it. Time to exploit "Over the past six months, the average time between the announcement of a vulnerability and the appearance of associated exploit code was 5.8 days." And now we reach the crux of the matter. Given that (a) we have a new virus every hour, (b) an army of bots, (c) popular software increasingly used as an attack vector, and (d) the increasing involvement of organized crime in security attacks, then it's no surprise that the time we have to prepare for each new attack is small and getting smaller. Six days between vulnerability and exploit. Who can prepare for that? How many vulnerablities are you watching? How many can you, or your team, watch? Automation is an answer - for instance, I was heartened to learn that a major anti-virus vendor now has its software default to checking for updates every four hours (just a few years ago, it checked every week) - but it's only one answer. I write a lot about ways to get your users - and the bean counters - involved in security. Now, more than ever, we're going to have to redouble those efforts. There's plenty more in the Symantec Internet Security Threat Report that I haven't covered - a lot more. Hopefully, the five data points I've pulled out of that very useful document will provide us with information, knowledge, and maybe, if we're all lucky, some little bit of wisdom. We're going to need it. Copyright © 2004, Scott Granneman is a senior consultant for Bryan Consulting Inc. in St. Louis. He specializes in Internet Services and developing Web applications for corporate, educational, and institutional clients. Related stories Rise of the Botnets McAfee app raids Mac users' inboxes McAfee to eradicate app assassin bug
Scott Granneman, 08 Oct 2004

Nintendo unveils DS launch titles

Up to 12 titles will ship for Nintendo's DS in the 30 days after the console ships in the US on 21 November, with the total rising to between 20 and 25 by the end of March 2005, the company said yesterday. Nintendo will itself offer Super Mario 64 DS and Metroid Prime Hunters: First Hunt. Activision will ship Spider-Man 2; EA has Madden NFL, Tiger Woods PGA Tour and The Urbz: Sims on the City; THQ will tout Ping Pals; Namco is preparing Mr. Driller: Drill Spirits and Ridge Racer DS; Ubisoft will offer Rayman DS and Asphalt Urban GT; and Sega will ship Feel the Magic: XY-XX. Nintendo certainly appears to be battling on price. The DS itself is set to retail at a surpsingly low $150, and Nintendo-published games will retail from $30 - below many GameBoy Advance titles. The DS will ship in Japan on 2 December with a broader range of titles, including Pokemon and Final Fantasy III versions, and the 'Tamagochi for the 21st Century' Nintendogs, in which players are able to raise and train their own virtual mutt. The new new handheld also plays GBA SP titles of which Nintendo reckons some 550 are currently available. ® Related stories Nintendo aims high with low-cost console Nintendo patents key console online gaming features Nintendo redesigns DS handheld console Nintendo DS to ship 29 November for $200? Nintendo DS: more communicator than console? GameCube sales leap doubles Nintendo Q2 profits Games too complex, Nintendo chief warns
Tony Smith, 08 Oct 2004

Broadband is great, say business bosses

Broadband is the bee's knees, according to business bosses in Britain. More than eight in ten directors admit that investing in broadband has helped boost productivity while two thirds identified a direct link between high-speed net access and increased profits. While companies are well aware of what benefits broadband can deliver, they're just as tuned in to the dangers of "always on" communications, with nine in ten boasting a firewall, and 96 per cent tooled up with anti-virus software. However, despite BT's pledge that more than 99 per cent of the UK should be able to hook up to ADSL by next summer, there are still concerns that the lack of availability of broadband in rural areas isholding back local economies. Nonetheless, business chiefs have given broadband the thumbs-up. Said Professor Jim Norton, senior policy adviser at the IoD: "Broadband is good for business. IoD members are seizing this opportunity to speed up their communications and boost their customer and competitor analysis. For many companies, broadband is simply transforming the way they work." Yesterday, a report by BT, the Confederation for British Industry (CBI), motoring group the RAC, and Bradford University found that traffic congestion on Britain's roads could be eased if more people used broadband instead of commuting. Edmund King, executive director of the RAC Foundation, said: "If each employee could work from home just one day per week, for example, we would see a twenty per cent cut in traffic, equivalent to the school run. Today's technology is better and cheaper so more employees have the chance to work from home, at least some of the time." ® Related stories Broadband could ease traffic congestion Broadband ISPs must wise up to small.biz needs Broadband worth 52 days a year to UK.biz UK.biz must address broadband
Tim Richardson, 08 Oct 2004

Prosecutor leaves crime files on dumped PC

Dutch public prosecutor Joost Tonino was condemned yesterday for putting his old PC out with the trash. It contained sensitive information about criminal investigations in Amsterdam, and also his email address, credit card number, social security number and personal tax files. Tonino dumped the computer, which he hadn't used for two years, because he thought it contained a virus. The operating system wouldn't start. A taxi driver found the PC on the steet just outside Tonino's home, got it working again and informed a crime reporter, who yesterday revealed on television what was on the hard disk. Based on information eft on the PC, the reporter also managed to gain access to Tonino's email account. Although the PC was meant for personal use, the hard drive contained hundreds of files about murdered real estate owner Willem Endstra, former Philips CEO Cor Boonstra (who was accused of insider dealing) and an investigation over allegations that soccer team Ajax avoided paying millions of dollars in taxes. Putting a PC with highly classified material in the bin is against Dutch judicial protocol. Media labelled with the highest classification should be destroyed when it is no longer required. The prosecutor can consider himself lucky that the taxi driver didn't leak the information to criminals, who would have paid a fortune for it. Related stories Paul McCartney account details leaked on second user PC Old PCs are goldmine for data thieves VIA offers hard disk data scrub code
Jan Libbenga, 08 Oct 2004

Word open to exploit

An unpatched security vulnerability in popular older versions of Microsoft Word poses a severe threat to users, security reporting firm Secunia warned yesterday. The flaw stems from an input validation error in Word. This creates a mechanism for creating malicious files capable of crashing Windows boxes providing a user can be tricked into opening dodgy documents. The bug might also (at least potentially) be used to inject malicious code into vulnerable systems. A buffer overflow vulnerability, the most common class of security vulnerability, is to blame. The vulnerability has been confirmed in Microsoft Word 2000, but has also been reported in Microsoft Word 2002. The bug has been shown to crash systems. The execution of arbitrary code might also be possible, but remains unproven. The vuln was discovered by white hat hacker HexView, who posted information about it on a full disclosure mailing list - without notifying Microsoft first. Microsoft is yet to investigate the bug, much less develop a fix. In the meantime, Secunia advises Word users to open only trusted documents. ® Related stories Microsoft warns of poisoned picture peril MS launches Office security blitz Word 97 feature spawns no-brainer pilfering exploit
John Leyden, 08 Oct 2004

Tapwave Zodiac to ship 22 October

Tapwave's Palm OS-based games console, Zodiac, will go on sale in the UK on 22 October 2004, the company said today, following its formal launch this past September. Availability will be limited to Dixons Stores Group outlets, including Dixons and PC World, with whom Tapwave has signed an exclusive contract. DSG stores will be retailing both versions of the console - the 32MB Zodiac 1 and the 128MB Zodiac 2 - along with at least six £30 game cards. Initial titles include Doom 2, Duke Nukem Mobile, Spyhunter, Tony Hawks Pro Skater and a pair a multi-game packs containing Galactic Realms and Legacy, and Paintball, MegaBowling and Kickoo's Breakout, respectively. The two versions of the hardware will retail for £270 and £330. Both Zodiacs sport a 3.8in, 480 x 320 colour display, and built-in stereo speakers driven by a custom Yamaha sound chip. The handhelds are based on a Motorola ARM-compatible MX1 processor and an ATI Imageon 2D graphics accelerator. Expansion comes courtesy of a pair of SD card slots, either or both of which can be used for game cards. The device also features Bluetooth for multi-player gaming and connecting it to a mobile phone for web browsing and text messaging. Tapwave's UK launch date comes exactly a week before Gizmondo launches its handheld console, also called Gizmondo. Like Zodiac, the Gizmondo device offers PIM and messaging features, and includes Bluetooth. But it also provides direct GPRS connectivity to mobile phone networks and includes GPS satellite positioning. It's based on Windows CE and features a smaller, 2.8in display. Its graphics come courtesy of Nvidia's GoForce 4500 3D acceleration chip. Both are likely to have a very short time before facing Nintendo's latest, the DS. While a UK launch date has yet to be confirmed, with the US roll-out taking place on 21 November and in Japan on 2 December, Europe can't be far behind. ® Related stories Tapwave Zodiac console to launch in UK next month Tapwave charts Zodiac handheld release Gizmondo UK debut set for 29 October Gizmondo pushes Button after Jordan F1 deal deflates Nintendo unveils DS launch titles Nintendo aims high with low-cost console Related review Tapwave Zodiac 2
Tony Smith, 08 Oct 2004

Netherlands deports more 419ers

Amsterdam police yesterday arrested another 21 419 scammers from Nigeria and Sierra Leone, in an operation codenamed Spirit 9. The 21 men, all illegal immigrants, will be deported. The Dutch government is poised to crack down on illegal residence as the immigration service, IND, gains more manpower to track down and deport foreigners. Sending Nigerian scammers home is easier than prosecuting them. Earlier this year the Dutch Department of Justice suffered bitter defeat in a court case against 13 West African men, who allegedly sent thousands of advance fraud fee letters through the Amsterdam cable network of UPC. The court ruled that there wasn't enough evidence to link the suspects individually to the scams. Only one of them was sentenced - to 12 months. However, the raids seem to have the desired effect: scam mails sent from the Netherlands are on the decline. Some scam mails with Dutch mobile phone numbers are increasingly sent from Belgium, through the network of Belgacom. Other 419ers seem to have escaped to Italy, where the majority of 419 scam mails seem to be originating from. ® Related stories 419ers enjoy a five-finger shuffle 419ers launch online educational facility 419ers make guest appearance in Doom 3
Jan Libbenga, 08 Oct 2004

UK gov ignoring ICT potential - Intellect

Government attempts to improve productivity will fail if it continues to ignore the potential of ICT (Information and Communications Technology) to contribute to the country's performance. This warning comes from Intellect, the UK's trade association for ICT companies, following the publication of a government report on key indicators for productivity in the UK. In March this year, the government outlined five headline drivers of productivity: investment, innovation, skills, enterprise and competition; and launched a public consultation on particular indicators that would be grouped below these. Beatrice Rogers, a campaign leader at Intellect, said: "Intellect cannot understand how the Treasury has managed to overlook the importance of ICT when our major competitors around the world recognise its impact on productivity." She argues that the report focuses too heavily on "old economy infrastructure investment relating to roads and transport", to the exclusion of newer technologies. The government is still relying on old economy measurements, and, she warns, measurement of the wrong indicators will lead to the wrong policies being developed: "We reiterate our warning that...[this will result in]...a UK heading in the wrong direction, and ask Government to recognise the impact of ICT on productivity and growth." ® Related stories The quest for the IT Holy Grail Hangovers give UK biz a headache 'Frivolous' workers fritter away time online
Lucy Sherriff, 08 Oct 2004

Tatung debuts own-brand servers in UK

Tatung is to start flogging servers under its own name in the UK. It's set up a company, Tatung Server Ltd, and it has hired Microtronica to act as its first distie in the UK. It expects to sign two more broadliners for the line by the end of the year. Tatung has big plans for its PC, storage area network and blade server lines, all of which should be on sale in the UK by the end of the year. The Taiwanese firm aims to capture up to 10 per cent of the market - although it doesn't say by when - pitching directly at the likes of IBM and Dell. The company is not exactly a name in high-end hardware, but it points out that it already builds 300,000 servers a year, for rebadging by "leading vendors". Supply lines are relatively short - servers for the UK market will be built at Tatung's assembly line in the Netherlands. Tatung promises "highly competitive pricing". Which is nice. And it's kicking off with a try-before-you-buy promo. Corporates can install Tatung product for 30 days without charge to evaluate the technical offering. All Tatung server lines are bundled with full three-year on-site maintenance. ® Related stories Sun signs Interface for Opteron dealer push Server makers shift more boxes than cash in Q2 AMD brings white box servers to Europe
Drew Cullen, 08 Oct 2004

KPMG settles with L&H investors

KPMG has agreed to pay $115m to settle lawsuits brought against it by investors in the now-bankrupt software firm Lernout & Hauspie. The lawsuit claimed that Lernout & Hauspie and its top executives used deceptive accounting practices to artificially inflate the company's reported revenues by 64 per cent over a two-and-a-half-year period. The company filed for bankruptcy in 2000, in the middle of the scandal. The company was a client of KPMG in Belgium, which in turn passed work along to the US operation. Anyone who bought stock in the firm between 28 April, 1998, and 9 November 2000 is eligible for compensation. However, because of the sheer scale of the collapse, investors will likely get back mere pennies on each dollar invested. Jeffrey Block, a partner at Berman DeValerio, one of three law firms acting for the investors, said: "Lernout & Hauspie used almost every accounting trick in the book to scam investors, which led to the company's demise." He added that the recovery, which, if approved, will be the third largest of its kind, is a "win for investors, particularly considering the company went bankrupt". Although the settlement marks the end of the case against KPMG, it is still pending against others, including former Lernout & Hauspie top executives. These same executives are currently facing criminal charges in Belgium. The accounting firm's US and Belgian operations have not admitted any wrongdoing, maintaining that they were the victims of a "massive, complex, and cleverly conceived fraud at Lernout & Hauspie". KMPG said the decision to settle was a practical business decision and "saves the firms from protracted legal battles beyond the four years already spent on this matter". ® Related stories Meet the guinea pig man of Flanders SEC takes belated fraud action against L&H L&H struck dumb L&H told where to stick its bankruptcy protection request L&H subpoenaed by SEC L&H returns fire as the class actions roll in
Lucy Sherriff, 08 Oct 2004
graph up

Dell recalls 4.4m notebook power adaptors

UpdateUpdate Dell today asked 4.4m notebook users to return their power adaptors after it admitted these peripherals pose both a fire and electric shock hazard. The potentially faulty parts may overheat. if they do, they could catch fire or split open, exposing live electric connections. Dell asked users affected by the problem to cease using their adaptors immediately. The AC adaptors in question were sold with notebooks and as standalone accessories. Those parts shipped alongside computers were bundled with Dell's Precision M40' Latitude CP, CPi, CPiA, CPtC, CPiR, CPxH, CPtV, CS, CSx, CPxJ, CPtS, C500, C510, C540, C600, C610, C800, C805, C810, V700, C-Dock and C-Port; and Inspiron 2500, 2600, 2650, 3700, 3800, 4000, 4100, 4150, 5000, 7500, 7550, 8000, 8100, Advanced Port Replicator and Docking Station. The adaptors were shipped between September 1998 and February 2002 inclusive. The words 'Dell' and 'P/N 9364U', 'P/N 7832D' or 'P/N 4983D' are printed on the back of the adapters. So too is the name of the manufacturer linked to the faulty adaptors: Delta Electronics of Thailand, according to Dell's recall website. Delta was the manufacturer of the parts at the centre of this past September's IBM ThinkPad AC adaptor recall. Like IBM, Dell said its adaptors could overheat with the possibility that they might catch fire. IBM recalled 500,000 parts. Added to Dell's total, that takes the number of faulty adaptors to 4.9m. Some 2.9m of Dell's 4.4m at-risk adaptors were sold in the US. Oh, and then there are the 430,000 Delta Electronics adaptors phone maker Sony Ericsson recalled earlier this year in the UK, Australia and New Zealand. Still, Delta has almost certainly shipped plenty more adaptors than this, none of which have warranted manufacturer recalls. Indeed, the company claims a 20 per cent share of the switching power supply adaptor market. Our PowerBook G4 runs very happily off a slightly warm Delta adaptor. Dell stressed that not all adaptors shipped during the period in question pose a potential hazard. Full details of affected products can be found here. This is Dell's second major notebook-related recall this year. In July, the company warned that 38,000 Auto/Air Adaptor accessory offered alongside a number of Latitude, Inspiron and Precision notebooks between December 2003 and May 2004 could cause electric shocks. ® Related stories IBM recalls 500,000 melting notebook adapters Dell issues adaptor electric shock warning NCR recalls inkjet refill kits Lexmark recalls 40,000 laser printers Apple recalls 15in PowerBook batteries
Tony Smith, 08 Oct 2004

PalmOne chops PDA prices

PalmOne today trimmed the price of its Tungsten T3 and Zire 72 PDAs in the UK, but buyers keen to take advantage of the T3 offer may prefer to wait. From today, the Tungsten T3 will retail for around £249 inc. VAT, down from £289, a fall of 13.8 per cent. At the same time, PalmOne cut the Zire 72's price from £219 to £179 - down 18.3 per cent. However, sources close to the company noted that PalmOne will shortly release a business-oriented bundle that pairs the Tungsten T3 with the company's infra-red foldable keyboard. The price, we're told, will match that of the standalone product, effectively rendering the keyboard free of charge. The price cuts follow a similar reduction in the US, which saw the T3 fall to $349 from $399. Rather than reduce the price of the $249 Zire 72 outright, PalmOne US opted to bundle a $50 mail-in rebate form. The cuts follow last week's introduction of the Tungsten T5, an upgraded Tungsten E with Bluetooth, a 320 x 480 display, 416MHz Intel XScale PXA270 CPU and 256MB of Flash memory. Some 160MB of that is allocated as an internal storage card, and can mounted on a host PC or Mac just like a USB Flash drive. ® Related stories PalmOne unveils 256MB Flash drive T5 PDA PalmOne preps Bluetooth GPS bundle PalmOne pockets a profit PalmOne 'Ace' Treo piccies leak out PalmOne extends world PDA lead PalmOne offers Wi-Fi card... Related reviews PalmOne Wi-Fi SD Card PalmOne Zire 72 PalmOne Zire 31 Tapwave Zodiac 2
Tony Smith, 08 Oct 2004

Dodgy UK websites terminated

Eight UK websites have been forced to shut down following an investigation into low-life scam operations that make claims that prove to be "too good to be true". A further 27 UK sites have been ordered to change the content on their sites while 40 are still under investigation by the Office of Fair Trading (OFT). The clampdown follows an international sweep by 31 countries of hundreds of sites suspected of ripping off punters. Among the trawl were sites targeting children with XXX images for mobile phones plus expensive ring tones and games. Other scams included "work at home and earn a fortune schemes", "get-rich-quick" schemes and lottery scams. In all, 320 sites have been closed or amended following the effort by the International Consumer Protection and Enforcement Network (ICPEN) while a further 440 letters warning traders to play fair have also been issued. More than 300 sites around the world are still under investigation. Said Christine Wade, an OFT bigwig and president of ICPEN: "We can see from the sweep results that working with consumer enforcement agencies in other countries has delivered real tangible results in tackling cross border scams. With this ICPEN conference we aim to build on these results towards delivering seamless global enforcement." ® Related stories UK probes too good to be true Internet offers Fraud warning for UK resellers Terrorists grow fat on email scams Nominet wins UK domain scammers case in Australia Watchdog mauls internet directory for bogus invoices British Gas warns punters about rogue diallers Spanish invoice scam targets UK
Tim Richardson, 08 Oct 2004

Dracula's descendant sets Reg straight

LetterLetter We can think of no better way* to end the week than with an entertaining reply to our Romanian Jedi warm to El Reg piece. Take it away, Dracula's descendant: Heh good one;) I am actually from Transylvania (Brasov or Kronstadt (DE) or Brassoi (HU)), quite close to the castle known as Dracula's Castle (which is actually Bran Castle and nobody is really sure that Dracula aka Vlad Dracul aka Vlad Tepes - as in Stinger;) - actually stayed too long there , but what wouldn't we, as in the Romanians, do to please the mongering western crowds and give them a little bit of an adventure in exchange for their shiny golden metal-like round things -whatever those are- that we use to make fancy necklaces). You know, some things evolved regarding the decapitations and the garlic, the reason why I wrote to you, just for a short update. Doesn't work any more. Actually we do like garlic and use it too much nowadays in our food, so you'd say "stay away from them, they'll kill you with their garlic breaths" versus "use garlic, they'll stay away". And decapitating is no fun anymore. We'd rather make more necklaces ;) And no more blood, heck who needs it, so old-fashioned, better suck their pockets dry (which I am pretty sure the crowds _pretend_ it's happening and we _pretend_ we did). Ah and I am a constant Reg reader, I even have that RSS thingie of yours, and I do work in IT, yes yes we have that as well, where did you imagine the crackers crowds come from:) All the best to you, Dracula's Descendent PS: What did you mean that we have TV? What's that? Do one eats it? Nicely done. Visitors are duly warned to keep their coinage close to their hearts, their noses firmly clamped shut and a portable television set handy at all times. ® *Beer excepted.
Lester Haines, 08 Oct 2004

Mars awash with evidence of water

NASA has announced further evidence of a watery history on Mars, from both its rovers. On one side of the planet, a flat rock, dubbed Escher because of its patterned surface, shows signs that the surrounding area has seen water come and go more than once. On the other side, attempts to find a rock unaltered by water have been in vain. Early on in the mission, the rover Opportunity established that its immediate area had been submerged, long ago, before drying out into a wide plain. The new findings suggest that, after an impact created a stadium sized crater, some rocks got wet for a second time. The Escher rocks' surfaces are crossed by a cracks that break their faces into a network of polygons which closely resemble dried-out mud-flats on Earth. There are other possible explanations for the shapes on the Escher rock, including a crater impact that caused the rock to fracture. "When we saw these polygonal crack patterns, right away we thought of a secondary water event significantly later than the episode that created the rocks," said Dr. John Grotzinger, rover-team geologist from MIT. Half way around the world, Spirit's team is nearly drowning in evidence of water. It first discovered that the bedrock had been significantly changed by water, then went looking for a rock that had not been eroded so they could get an idea of the environmental changes in the region. They couldn't find one. Dr. Steve Squyres of Cornell University, principal investigator for the science payload on both rovers said: "All the rocks in the hills have been altered significantly by water. We're having a wonderful time trying to work out exactly what happened here." ® Related stories Broken oxygen generator threatens space station Methane on Mars: aliens - or farts in a jacuzzi? Red Planet serves up blueberries
Lucy Sherriff, 08 Oct 2004

iPod owners very honest, not thieves at all, says MS

How swiftly thought evolves in the wonderful world of Ballmer! First, iPods are full of "stolen" music, next he forgets what he said, but suggests that it might be anything that isn't a Windows Media Player that's full of stolen music, and now iPod owners turn out to be the most law-abiding people in the world. We're sure iPod owners will regard being called law-abiding by an exec from a company with Microsoft's legal experience as a high point to end the week on. But, you ask, how the blazes did we get to this one? We have Ged Carrol's blog to thank. Mightily offended by Ballmer's original comments, Ged used the feedback system at microsoft.com to demand an apology, and he got one. The possibility of feedback systems of this ilk actually working had never occurred to The Register, so we've never bothered trying, but if you want your very own grovel, insert your outraged howls here. The grovel itself is particularly interesting because of the way you can feel the truth shifting under your feet as you read it. "We would like to assure you that when Steve Ballmer implied that most of the music on iPods were stolen, he absolutely did not intend to single out iPod owners for criticism. [this implying would be when he whooped "STOLEN! STOLEN! STOLEN!] In fact, given that they have access to their very own - and very popular - online music store, they are likely among the most law-abiding consumers of digital music." Notice the sneaky bit of dissing there? If you weren't paying attention you might run away with the view that the Apple music store only worked with iPods, and entirely miss the fact that Apple has extremely capable player software in both Mac and Windows formats. But back to the apology. Or maybe the commercial: "Microsoft Windows Media digital rights management (DRM) is a great way to limit piracy, and the main point Steve was trying to convey was that it requires a coordinated effort among many industry partners to do it right. More information on this platform is found on this page: http://www dot microsoft dot com/windows/windowsmedia/drm/faq.aspx" Get a load of those dots in the URL - what on earth could be going on here?* It is however impressive how the power of dotnet seems to have described a broad-ranging industry partnership in just the words "STOLEN! STOLEN! STOLEN!" This must be why Steve is so successful and the rest of us are so not. We have however been able to find what appears to be a list of the "many industry partners" engaged in the coordinated effort, and you'll find that here. More details on the kind of players Steve seems to have in mind can be found here. But we fear our newly honest iPod owners are poised to become arch-criminals again, considering iPods don't actually run any of this stuff. Oh well... ® * An email from Anonymoose explains: "From the Blog you linked to : 'Note: I put the dots in the MS URL so as not to increase the Google Page Ranking of their 'great way to limit privacy' but still allow those interested to get the web address for their own interest.' "Reading to the bottom of the page is a wonderful thing ;)" On the Internet? Is that allowed? But thank you anyway, Mr Moose. Related links Ged Carroll's Renaissance Chambara blog Love DRM or my family starves: why Steve Ballmer doesn't Get It
John Lettice, 08 Oct 2004

IBM proclaims open blade spec a success

Like a good little server maker, IBM has provided an update on how the new BladeCenter specification program is going. Funny enough, it's a smashing success. IBM today announced that 49 companies have "received" the BladeCenter open specification. IBM and Intel said back in September that they would open up parts of their shared blade server designs in a bid to draw third parties to their products. The two companies are looking to make BladeCenter a type of standard in the blade market where most companies currently have very unique systems. While IBM is the blade server leader, it's unclear that it has the power needed to push this type of standardization in a still young market. Both HP and Sun Microsystems and a host of smaller companies all have systems that compete quite well with IBM's. Away from the open spec marketing, IBM delivered some more concrete news about its blade server line. The company has rolled out new designs for its HS20 Xeon-powered boxes that make it possible to use smaller SCSI drives. This gives customers more speed and capacity in their blades over previous IDE drives. In addition, IBM will soon offer 2.2GHz versions of its PowerPC processor in the JS20 blade. This box was long delayed but started shipping recently with 1.6GHz processors. The server runs both AIX and Linux. The new HS20 system will start shipping on Nov. 12 starting at $2,000, while the new JS20 arrives on Oct. 29 at $2,700. IBM has additionally rolled out a new software package called PowerExecutive for the blade servers. This code monitors the power consumption of various server components and then tries to tweak the hardware for efficient use. IBM has long denied that its blade design suffers from any kind of thermal issues. although it has released a number of larger capacity power supplies for its systems over the past year. Elsewhere, rumors are starting to heat up that IBM is close to releasing its large p5-590 and p5-595 servers based on the Power5 processor. ® Related stories Tatung debuts own-brand servers in UK Sun Thumper server plans excavated by The Reg HP summarizes blade strategy with new marketing term HP gears up for Opteron server binge
Ashlee Vance, 08 Oct 2004

£147.5m boost for British particle accelerators

Science and innovation minister Lord Sainsbury today announced £147.5m funding for two particle accelerators. They will be used to aid research in areas including medical and computer research, and clean energy technology. The two devices - ISIS and Diamond Light source - produce high-energy light beams and particles which allow scientists to study the structure of different materials in detail. The need for this was outlined by Wellcome Trust director Dr Mark Walport: "Thanks to the decoding of the human genome and the genomes of many important bacteria and viruses, we now know the sequence of thousands of new proteins that are important in health and disease. But to understand their function, we need to know their structure. Diamond Light Source is a top-notch facility that will help us do that. Ultimately, this is the key to the future development of new drugs and treatments." "These new world-class scientific facilities will enable UK scientists and engineers to make exciting discoveries," said Lord Sainsbury at today's official opening of the first section of the Diamond machine tunnel. "This is not just about pure academic research, Diamond Light Source and ISIS both provide opportunities for industrial research such as the aerospace industry, surgical tools, pharmaceuticals and cosmetics." Some £120m of the new investment - consisting of £103.4m of government funding and £16.8m from the Wellcome Trust - will be spent on phase II of Diamond Light Source. The rest - £27.5m - will be used to increase capacity at ISIS for new high-tech instruments. Said Professor John Wood, chief executive of the Council for the Central Laboratory of the Research Councils (CCLRC): "This is excellent news. The new instruments on both machines will provide UK scientists with complementary, state-of-the-art technology on which to carry out their world-leading research. I'd like to congratulate all staff from DLS and CCLRC who are working hard to make both projects a success." ® Related stories UK gov awards £1m to bio-terror detector firm UK appoints tech strategy supremo Global particle accelerator gets the big chill
Robin Lettice, 08 Oct 2004

Feds seize Indymedia servers

The FBI yesterday seized a pair of UK servers used by Indymedia, the independent newsgathering collective, after serving a subpoena in the US on Indymedia's hosting firm, Rackspace. Why or how remains unclear. Rackspace UK complied with a legal order and handed over hard disks without first notifying Indymedia. It's unclear if the raid was executed under extra-territorial provisions of US legislation or the UK's Regulation of Investigatory Powers Act (RIPA). Provisions of RIPA make it a criminal offence to discuss warrants, so Rackspace would not be able to discuss the action with its customer Indymedia, or with the media. Rackspace US has issued a statement which says that the investigation "did not arise in the United States", but which sheds very little light on the whys and the wherefores. In the present matter regarding Indymedia, Rackspace Managed Hosting, a US based company with offices in London, is acting in compliance with a court order pursuant to a Mutual Legal Assistance Treaty (MLAT), which establishes procedures for countries to assist each other in investigations such as international terrorism, kidnapping and money laundering. Rackspace responded to a Commissioner’s subpoena, duly issued under Title 28, United States Code, Section 1782 in an investigation that did not arise in the United States. Rackspace is acting as a good corporate citizen and is cooperating with international law enforcement authorities. The court prohibits Rackspace from commenting further on this matter." Dai Davis, an IT lawyer at London law firm Nabarro Nathanson, said Rackspace's statement fails to clarify the legal basis of the raid. "If it was a RIPA warrant, Rackspace can't refer to it. Most RIPA warrants can be issued by the Home Secretary," he said. "The FBI has no jurisdiction in the UK and would need to act in concert with UK authorities, such as the security services or police," he added. Net effect The seizure of Indymedia's servers affects more than 20 Indymedia sites worldwide. The list of affected local media collectives includes Uruguay, Andorra, Poland, Nice, several French groups, Euskal Herria (Basque Country), multiple Belgian sites, Serbia, Portugal, the Czech Republic, Italy, Brazil, the UK, part of the Germany site, and the global Indymedia Radio site. One of the servers taken down at Rackspace provided streaming radio to several radio stations and served files related to the Blag Linux distribution, among other purposes. While Indymedia is not exactly sure what prompted the action, the group does have one strong idea. A French Indymedia site last month posted photos of what it believed to be undercover Swiss police officers photographing protesters at a French event. Indymedia received a request from the FBI to pull those photos down, as they "revealed personal information" about the undercover police, said Indymedia press officer Hep Sano. Rackspace appeared to confirm that the photos were an issue with the FBI. "I apologize for the delay in responding. I have been trying to get a hold of the FBI agent I spoke with before, but haven't been able to at this time," wrote a Rackspace official to Indymedia earlier this week, according to Sano. "As the request originated with the Swiss police, I can only speculate on what they saw or what they were concerned about. However, at this time, I have received no further communications from either the FBI or the Swiss authorities, so I feel like we can close this this issue." Still, Indymedia has never sorted out the matter with the FBI. "They never clarified what they meant by personal information," she said. "The photos were taken on a public street." Indymedia believes the photos were eventually pulled, but ironically cannot check on this as it no longer has access to the servers or hard disks. The group has not been notified if the FBI is even involved in this seizure or whether or not the servers or just hard disks were confiscated. "We are still trying to work with the EFF (Electronic Frontier Foundation) to figure out who is charging us and with what crime," said Sano. The EFF did not immediately return a call seeking comment. Reports are now circulating that government agencies in Italy and Switzerland prompted the action against Indymedia. Indymedia said yesterday's raids were part of a wider pattern of "attacks" against independent media outlets by the US Federal Government authorities over recent months. Last month the Federal Communications Commission shut down community radio stations around the US. In addition, an article submitted through Indymedia's Open Newswire service identifying the names of delegates to the Republican Convention and where they were staying in New York reportedly led to an investigation by the FBI. The Secret Service used a subpoena in an "attempt to disrupt" the New York City's Independent Media Centre before last month's Republican National Convention in the city. Speculation (on Slashdot) links yesterday's raids with this investigation. Indymedia, however, now clearly believes that the motivation for the server seizure originated outside of the US. "We have witnessed an intolerable and intrusive international police operation against a network specialising in independent journalism," said Aidan White, general secretary of the International Federation of Journalists. "The way this has been done smacks more of intimidation of legitimate journalistic inquiry than crime-busting." Indymedia (AKA Independent Media Center) was set up in 1999 to provide grassroots coverage of the World Trade Organisation (WTO) protests in Seattle. It has continued to report on controversial subjects often under-reported in the mainstream media since then; but this week has marked the most controversial chapter in its operations. ® Related stories Indymedia.nl loses anarchist hyperlinks case Activists slam Cyveillance May Day Bomber claims Click here for the real news External links Indymedia’s statement on the raids.
John Leyden, 08 Oct 2004