16th > September > 2005 Archive

A Million Nation States of One fears Google Balkanization

Some stories just take forever to come true. 30 months ago, we revealed Google was going to introduce a weblog search engine - and this week, it finally did. The story, so obvious in retrospect, barely merits the term 'scoop'. But now, as then, it has been eclipsed by a raging debate about the implications for bloggers and for the web in general.
Andrew Orlowski, 16 Sep 2005
fingers pointing at man

Microsoft issues HPC, web server challenge to Linux

Microsoft has taken its battle against Linux and open source a notch higher with a first beta of its Windows Server 2003 Compute Cluster Edition operating system for high-performance computing (HPC), and a modular version of its IIS web server. Bob Muglia senior vice president of Microsoft's Windows server division, announcing the Windows beta at Microsoft's Professional Developers Conference (PDC) positioned the operating system as an integrated alternative to Linux in HPC. "[Open source] applications are not integrated into companies' Linux environments. They are built on one off environments so there's no consistency... there are real support issues," Muglia told Windows diehards. Windows Server 2003 Compute Cluster Edition will cluster at least four, eight, 32 and 64 machines, Muglia claimed, with the ability to run jobs across different machines with different requirements and memory demands. "Windows Server 2003 Compute Cluster Edition is targeted at intensive environments," Muglia said. Microsoft has recognized that it is trailing Linux in HPC and Windows Server 2003 Compute Cluster Edition, due in 2006, is designed to close the gap. While acceptance of the Linux threat is new, Microsoft has been chipping away at clustering since the late 1990s, when Windows 2000 - then Windows NT 5.0 - was on the drawing board. In a second stab at open source, Microsoft on Wednesday handed out its first developer release of the next version of IIS. IIS 7.0, part of the Longhorn Server due in 2007, has dumped the web server's monolithic architecture for an Apache-style, modular approach. By going modular, developers can quickly add and remove services and launch their web server without rebooting. Also gone is the IIS metabase, which stored all of IIS's configuration data and required machine-level skills to change or fix. "The monolithic nature of IIS which has been a total pain for people to build applications has been replaced," Muglia said. Product unit manager Bill Staples, also speaking at PDC, added IIS 7.0 was "molded on the kind of modularity Apache is known for." Console consolation Muglia also used PDC to outline Windows server features for Windows Server 2003 Release 2, due later this year, and Longhorn Server for developers. Muglia sold developers on improved management and directory based security. Windows Server 2003 Release 2 will feature federated password synchronization with Unix and support for WS-Management, the XML-based web services specification. Microsoft's Management Console (MMC) 3.0 will allow developers to write management applications using .NET managed code. Muglia promised, too, the introduction of Microsoft's systems definition model (SDM) architecture after Windows Server 2003 Release 2. SDM, revealed at PDC in 2003, provides an architecture for application developers to build management capabilities, like setting performance thresholds, inside an application before it goes live. SDM creates binaries and content files that are used to speed rollout to testing or runtime environments by generating installation packs. Developers can also expect a new scripting language for management applications, called Monad. Monad is an object-oriented language based on .NET, and provides command-line based management while enabling management services to be passed between different commands. Muglia called Monad a "gigantic leap forward in management of the server." Banging the drum on directory based security, Muglia explained developers must move beyond simple password-based log-in to web services, applications and data. With Microsoft's Active Directory the primary directory for 75 per cent of Windows customers, developers can use the directory as the foundation for identity and authentication services in a range of web, enterprise and regulatory scenarios. "It's no longer about single sign-on, it's about dealing with HIPAA [Health Insurance Portability and Accountability Act] and compliance, privacy and identity theft. Authentication that is password based is not secure," Muglia said. Looking further out, Muglia highlighted Longhorn Server features while releasing the first Longhorn Server Community Technology Preview (CTP) to developers. The server companion to Windows Vista is following IIS down the modularity route, with a layered approach to operating system features and architecture. Longhorn will consist of a basic foundation of the operating system, networking, security and Active Directory with additional layers for features such as antivirus. As with Windows Vista, storage is a focus. Longhorn Server will introduce the Transactional File System (TxF), which will allow administrators to transfer files in bulk and to also roll-back a transfer in the event of a mistake. TxF will become part of new WinFS Windows storage subsystem and be used in Microsoft's SQL Sever database.®
Gavin Clarke, 16 Sep 2005

Swedish MP3 player maker refuses to pay levy

Swedish producer of MP3 players Jens, which offers a full line of flash-based audio players and recorders, is facing legal proceedings after refusing to pay a controversial copying charge on its products. According to Swedish news site The Local company director Jens Nylander told a national newspaper "that it is not our problem that the record industry hasn't come up with its own solution to safeguard its interests." Like many other European countries, Sweden has a 'cassette compensation', which was designed to compensate copyright owners and applies to blank recording media. In 2004 85 million kroner in compensation was collected by Copyswede, an umbrella collecting society for coordinated negotiations and agreements in certain copyright areas. The law now also affects MP3 players. According to Nylander several foreign companies, including Apple, do not have to pay the surcharge. Copyswede is taking legal action only against his company an one other. Jens hasn't paid the surcharge for almost two years. The compensation should be part of the price of the songs, Nylander argues. Likely sanctions for Jens are unknown. Earlier this year the Dutch Stichting Thuiskopie foundation proposed a tax for any storage device that could possibly be used to store pirated works, including MP3 players. Already in Germany there is a levy on PC hard drives. ®
Jan Libbenga, 16 Sep 2005

Hackers are all B'stards now

CommentComment If there's one thing I've learned in the past few years as editor of SecurityFocus, it's that there is absolutely no saving grace in the security world. Everyone is a target, everyone is vulnerable and exposed, and no one is safe from, well... anything.
Kelly Martin, 16 Sep 2005
homeless man with sign

Key clicks betray passwords, typed text

Eavesdroppers armed with a shotgun microphone or a small recording device could make off with a computer user's sensitive documents and data, three university researchers said in a paper released this week. The researchers, from the University of California at Berkeley, found that a 10-minute recording of a person typing at the keyboard reveals enough information for a computer analysis to recover nearly 90 per cent of the words entered. The recording can be low quality - the researchers used a $10 microphone - and the system does not need previous samples of a user's typing to perform the analysis. Moreover, the technique can frequently guess a person's password in as little as 20 attempts. "Primarily this is a message to the security community saying we need to change our thinking on authentication," said Doug Tygar, a professor of computer science and information management at UC Berkeley and the principal investigator of the study. "This is not very exotic attack in that the equipment used is dirt cheap and the software is readily available." The research is the latest study to underscore the potential for attackers to steal information from computers by analyzing machine emanations--the sound, light and magnetic energy given off by a system. Many attacks rely on intercepting and decoding encrypted communications, such as the signals used by the Bluetooth standard or wireless passport technology. However, machine emanations can inadvertently leak the information displayed on a computer screen or reveal details of the system current calculations. The paper builds on research by two IBM researchers that showed that software trained to recognize different key clicks could identify the right key about 80 percent of the time. The researchers, Dmitri Asonov and Rakesh Agrawal, also found that telephone keys could be recognized by such software, known as a neural network, more than 90 percent of the time. UC Berkeley's Tygar, along with students Li Zhuang and Feng Zhou, improved the recognition to an accuracy of nearly 96 per cent using a different processing algorithm, a non-neural-network recognition algorithm and the assumption that English words were being typed. The researchers extracted audio features from the sounds of a user's keystrokes and lumped similar sounding keys into categories. Then, using statistical properties of the English language -for example, 'e', 't' and 'o' occur most frequently and 'j' never follows 'b' - the researchers assigned letters to each category. Assigning the categories automatically resulted in 60 per cent of the letters guessed correctly, but only 20 per cent of the words, the paper stated. Adding spelling and grammar checking increased the character recognition slightly, but made word recognition dramatically better - more than half of all words were correctly guessed, according to the researchers. By using the previous results to feed back into the algorithm, the accuracy was further improved. Three rounds of feedback resulted in more than 92 percent of characters correctly guessed in a typical scenario, though the software recognized more than 96 per cent of characters in some cases, the paper stated. The researchers found that at least five minutes of recording time - approximately 1,500 key strokes - were needed to recognize characters with a high degree of accuracy. A five-minute record resulted in better than 80 per cent accuracy, while a ten minute sample increased that accuracy to more than 90 per cent, the paper stated. While the researchers used spelling and grammar to improve the recognition software's accuracy, the system could frequently recognize the characters that make up non-word passwords. If allowed twenty guesses, the system could recognize 90 per cent of all five-character passwords, 77 per cent of all eight-character passwords and 69 per cent of all ten-character passwords correctly. The attack resembles Cold War spycraft, said Bruce Schneier, chief technology officer for Counterpane Internet Security and a well-known security expert. The Soviets used to bug the American Embassy and analyzed the sounds of typewriter keys clacking to guess what was being typed, he said. "Suddenly, everyone can do this," he said. "If I can get access to your workspace, I can get your passwords. With cameras and microphones getting smaller and smaller, it will be harder to keep secrets." Quieter keyboards are not necessarily a solution, the researcher found. In a test of three keyboards that produce less noise, characters were recognized correctly more than 90 pe rcent of the time. While a cell phone failed to foil the recognition system, multiple typists in the same room caused recognition rates to lower. Such defenses are fodder for future research, Berkeley's Tygar said. "Our research goal is not to build better tools for espionage," he said. "The reason to do this work is to highlight a concern, but you can't consider the problem of defense without first understanding the problem of attack." Copyright © 2005, SecurityFocus
Robert Lemos, 16 Sep 2005
hands waving dollar bills in the air

Typing: music to fraudsters' ears

Computer users should learn to type silently if they don't want to reveal intimate details such as passwords, according to a new study Researchers at the University of California, Berkeley have discovered that a simple audio recording of keyboard clicks can betray what users have typed, possibly leading users to betray intimate details about their lives to virus writers and fraudsters. In an experiment carried out at the university, computer scientists were able to take several 10-minute sound recordings of users typing, feed the audio into a computer and use an algorithm to recover up to 96 percent of the characters entered on a keyboard. "It's a form of acoustical spying that should raise red flags among computer security and privacy experts," said Doug Tygar, UC Berkeley professor of computer science and information management and principal investigator of the study. "If we were able to figure this out, it's likely that people with less honourable intentions can - or have - as well." According to the researchers, what makes the technique feasible is that each keystroke makes a relatively distinct sound, however subtle, when hit. Given that typical users type around 300 characters per minute, enough time is left for a computer to isolate individual keystrokes and categorise the letters based upon the statistical characteristics of English text. For example, the letters "th" will occur together more frequently than "tj," and the word "yet" is far more common than "yrg." "Using statistical learning theory, the computer can categorise the sounds of each key as it's struck and develop a good first guess with an accuracy of 60 per cent for characters, and 20 per cent for words," said Li Zhuang, lead author of the study. "We then use spelling and grammar checks to refine the results, which increased the character accuracy to 70 per cent and the word accuracy to 50 per cent. The text is somewhat readable at this point." Moreover, after this has been achieved, the recording can be played back repeatedly in a feedback loop to "train" the computer to increase its accuracy until no significant improvement is seen. In the experiment, three feedback cycles were often enough to obtain recovery rates of 88 per cent for words and 96 per cent for characters. Once a system is trained, recovering the text becomes even more straightforward, even if the text isn't in English. After just 20 attempts, researchers were able to retrieve 90 per cent of five-character passwords, 77 per cent of eight-character passwords and 69 per cent of 10-character passwords. What was particularly striking about this study, the researchers said, was the ease with which the text could be recovered using off-the-shelf equipment. "We didn't need high-quality audio to accomplish this," said Feng Zhou, co-author of the study. "We just used a $10 microphone that can be easily purchased in almost any computer supply store." So what's a PC user to do? Other than scanning one's surroundings for bugs or recording devices and making sure a room is soundproof, the researchers suggest that computer users need to rethink the use of typed passwords or even long passphrases for security. "There are different forms of authentication that could be used, including smart cards, one-time password tokens or biometrics. That helps with passwords, but it doesn't help protect text documents we would want to keep classified. I'm not sure what the solution is, but it's important that we're aware of this vulnerability," added Tygar. Copyright © 2005, ENN
ElectricNews.net, 16 Sep 2005

Chinese film warns of teenage net dangers

A new film has been released in China which tackles the gritty problem of adolescents and the net. Over the last two years Chinese authorities have closed thousands of internet cafes amid fears that accessing the web is damaging the "mental health of teenagers" while spreading "unhealthy online information". In a bid to shine a light on the problems Internet Teenagers - which is in colour, by the way - follows the effort of "model teacher" Suo Lala to help a group of "problem children", reports China Daily. The film's director, Shi Xuehai, told the paper: "When shouldered with too much hope and pressure from their teachers at school and parents at home, some of the students choose to indulge themselves in virtual reality, where they believe they can find relaxation, entertainment, self-esteem and friendship, and not to face real life. "The lack of positive and effective educating and parenting styles have led to many tragedies in schools and homes, such as adolescent delinquency and suicides," he said. The flick is currently in cinemas around China. We'll let you know when the film is available online. ®
Tim Richardson, 16 Sep 2005

BCS embraces professional contractors

Members of the Professional Contractors Group (PCG) can now fast-track themselves into the upper echelons of the British Computer Society (BCS), thanks to a deal between the two groups. This is, as ever, another move towards making IT a more professional profession, something the BCS has been campaigning for for as long as we can remember, and something the PCG is quite keen on too. PCG chairman Simon Juden says that demand from clients and employers for professional accreditation is increasing: "The professional status of freelancers, consultants and contractors is becoming an important differentiator and we encourage all PCG members to invest in building their technical and business credentials," he said. The scheme is open to PCG members who want to upgrade an existing standard BCS membership, as well as to those who want to go straight in at the Professional level. There is already a strong link between the two organisations. A survey of PCG members found that 25 per cent are already members of the BCS as well. PCG members can apply here, safe in the knowledge that the BCS promises to process applications for Chartered membership within four weeks. ®
Lucy Sherriff, 16 Sep 2005

30,000 volt synthetic jacket menaces Oz

Those readers who thought that the biggest threat from wearing clothes hewn from synthetic materials was to your street cred, be warned: they could transform you into a walking static bomb ready to discharge carpet-threatening voltages. Just ask Frank Clewer, a high-energy Aussie from Warrnambool, Victoria, who accumulated an estimated 30,000 volts of static charge simply by walking around his home town in inadvisably large quantities of non-natural tailoring. According to ABC News Online, he then walked into the lobby of a local business and unleashed the stored energy through the floor. A shaken Clewer said: "It sounded almost like a firecracker or something like that. It was at the reception area. Within say, around five minutes, the carpet started to erupt." The County Fire Authority (CFA) immediately implemented its synthetic clothing emergency protocol and evacuated the building lest a crackling Clewer threaten electrical systems. Scientist Karl Kruszelnicki later explained: "This poor guy has built up static electricity thanks to an unfortunate combination of insulating clothes that he's wearing, static, synthetic clothes, just walking along and he's just building up this static charge everywhere. I've read of it but I've never heard of it here in Australia." The CFA wisely impounded Clewer's jacket, which continues "to give off voltage". ®
Lester Haines, 16 Sep 2005

Zurich in talks with Capita

Capita - the UK IT and business services group - is holding top level talks with insurer Zurich concerning a "potential business relationship". Details of any deal have yet to be disclosed although staff at Zurich have been told that discussions are underway and that they will be kept informed over the next couple of months. In a statement released to the London Stock Exchange (LSE) yesterday Capita said the talks "involve assistance with certain operations and business processes within Zurich's UK life business". A spokeswoman for Zurich declined to release any further detail to comment on how many jobs would be outsourced to Capita or even offshored overseas. She also declined to say whether IT jobs were in line for a switch. Instead, she directed us to the Capita statement which said: "A comprehensive assessment of the proposal and scope of operations for inclusion in any arrangement will be undertaken over the coming months. This could result in a material contract being awarded to Capita, the value of which will be dependent on the scope and scale of services transferred." Capita was asked to comment on the announcement but failed to return call by the time of writing. ®
Tim Richardson, 16 Sep 2005

Open access to research worth £1.5bn a year

The UK is losing out on its investment in scientific research to the tune of £1.5bn every year, according to advocates of open access publishing. Professor Stevan Harnad from the University of Southampton argues that because of the tradition of locking the results of publicly funded research away in research journals, the scientific community is not as free to build on and develop ideas as it should be. He calculates that if all published work was self-archived (i.e. made available online, after publication in a journal), the research impact would be the equivalent of a further £1.5bn investment in UK science, every year. He argues that only researchers working at institutions that can afford journal subscription fees have access to published research, and offers his backing to the Research Councils UK (RCUK) proposal that all publicly funded research should be made available on the research institution's website. "RCUK spends £3.5 billion of Government money annually funding British science," he says. "Research, if it has any value, must not only be published, but used, applied, and built upon by other researchers. This research impact can be measured by the number of times an article is cited by other articles." In related news, the Organisation for Economic Co-operation and Development (OECD) is to publish a paper recommending that access to publicly funded research must be broadened, both nationally and internationally. It says that R&D and the use of research is important to economic growth, and argues that open access would help maximise the return on investment. Professor Harnad's paper: Maximising the Return on UK's Public Investment Research. The OECD's paper is due to be published next week. ®
Lucy Sherriff, 16 Sep 2005
For Sale sign detail

Salesforce.com's new application shop

These days, even Bill Gates is bandying around the term 'software as a service'. But what does it mean? The point of offering software as a service (SaaS) is that it allows companies to avoid deploying and managing those applications within their corporate networks. This means that they do not have to purchase and manage any hardware or software for disseminating use of those applications to end users. Instead, they purchase the right to use a particular application via web-based services as they need it – or, on demand. According to those offering SaaS, this provides better value for customers than the traditional model of paying for software licences, installing the software and managing the application and associated upgrades themselves. One of the main proponents behind the SaaS movement is Salesforce.com. Salesforce was founded some five years ago with the intention of developing a platform on which applications could be built, with a web-based interface so that companies can purchase the rights to use those applications as they need them. The first application that it built was CRM – and it now claims to have a market share of around 50 per cent of the on-demand market for CRM applications. Since it delivered its first application, Salesforce.com has been hard at work developing further services for customers. These include a platform for easing integration with back-end technology used in companies and a toolkit for expanding and customising software. At the same time it has built out an ecosystem of partners to help companies with implementation and further development of applications. Most recently, Salesforce.com has added a service that takes it closer to executing on the vision it has always espoused – its AppExchange offering. This is a web-based portal giving companies access to a range of applications for on-demand use, ranging from financial and administrative applications, to applications focused on specific industries. According to Salesforce.com, the reasoning behind this is that the internet provides a more dynamic environment for accessing services than traditional means of distributing software. Chris Boorman, VP of marketing in EMEA, explains the concept with reference to the online retailer Amazon.com. He highlights that when Amazon was founded, it primarily offered books for sale; but it fundamentally changed the way that people browse for books. In a high-street bookstore, people will spend time looking at a range of books, but the books that they are able to look through depends on the amount of time that they have available and their willingness to spend time going through all the different departments. At its online store, Amazon provides customers with the ability to search for books by title, author, or keyword and to compare books related to a particular topic in which they are interested. And Amazon's service can also recommend products to customers based on their buying history, search preferences or personal profile that they build. It is this same sort of idea that Salesforce.com has built with its AppExchange offering. Compared to a traditional high-street computing store, customers can more easily see a wide range of competing products and can read reviews from other users, as well as checking how other users rate the product in terms of a score out of five. This is a bonus for companies that do not wish IT budgets and resources to be tied up installing and managing software – especially those applications that are only used by a few people in the company. Only launched this month, time will tell as to how great the take up will be. But Salesforce.com is betting that this will be a hit with customers and, never one to hide its lights under a bushel, is adopting the slogan "success on demand". Copyright © 2005, IT-Analysis.com
Fran Howarth, 16 Sep 2005

TechScape: Vint Cerf mulls the future

InterviewInterview In the third of TechScape’s three exclusive interviews with Vint Cerf, Bill Robinson asks the man to look into the future... Sir Arthur C. Clarke’s name came up more than once during my conversations with Vint Cerf, and justifiably so. Arguably the greatest sci-fi writer of all time (only Asimov fans have the temerity to challenge the Clarke supremacy), Sir Arthur has worked very closely with NASA and other space agencies in mankind’s exploration of the cosmos while accurately predicting such technological strides as the emergence of geosynchronous communications satellites decades in advance. Cerf, as we’ve learned, also has been involved in space exploration mainly in the evolutionary process of setting up his InterPlaNet. Clarke is known as a visionary, and during my interview with him made some fascinating predictions about his environmental worries about Earth, the Space Elevator and Brain Cap. So our final conversation with Vint Cerf outlines his ideas of what our world may look like in the future. When I opened by mentioning Clarke’s Brain Cap - literally, a cap connecting directly into the cerebral cortex and providing direct mental stimulation - Cerf wanted to know more. When I told him Clarke had said we could have any experience imaginable from touring the Louvre to scuba diving in Sri Lanka or having carnal relations with a supermodel but that his concern was that this would “turn us all into the ultimate couch potatoes”, Cerf took the bait. “We already have the ability to fool the brain,” he started. “My wife has a cochlea implant which allows her to hear in this way. The inner ear has small hairs rooted in fluid and when tympanic responses from sound goes through three small bones the hairs vibrate, or oscillate in sympathy, at different speeds finally sending signals into the brain for interpretation. The device simulates this process allowing her to hear.” “What I find most fascinating,” Cerf continued, already thinking decades ahead, “is whether we will ever learn to understand the process of cognition and the inner-workings of the brain. Something such as memory and how the brain stores, retrieves and recognizes it is a total enigma at this point.” Our dependence on computers, PDA’s and other devices “is scary”, Cerf added anxiously. “Recent estimates say there are more than 150 million zombies out there. This is the dark side of the future technologically - the vulnerability of the network.” In 20 to 30 years Cerf predicts, we’ll have many more orbiting astronauts for much longer periods; permanent systems on Mars where he is excited about the potential for sustainable life. “We’ve seen clear indicators of life in recently discovered underground ice formations,” he said optimistically. One of the technological challenges Cerf and others are working to overcome is that, surprisingly the radios in spaces are overheating. “When their temperature hits 30 to 40 degrees Celsius, they can breakdown entirely,” he said. “The question we’ve asked ourselves is could we reprogram the rover to uplink data to the Mars Odyssey satellite to hold it there? The ‘store & forward’ strategy has resulted in significantly larger amounts of data being received and processed.” What’s the bigger picture for space communications? “Once we standardize these communications protocols,” Cerf pointed out, “each mission will be helping to build another piece of this space communications backbone. Right now, there are over 300 international spacecraft using communications standards we’ve developed.” Here on Earth and out in space, communications would seem to be important if we need to defend ourselves from enemies. What’s Cerf’s take on this? “Network-centric warfare information is very important in the battlefield environment,” he stressed. “Overhead satellite assets can provide crucial information to forward assets.” Potentially winning the war? “Absolutely,” Cerf said vigorously. “The communications system has to be ultra-robust; otherwise your communications system becomes a real vulnerability.” I asked Cerf if he had seen the Terminator movies and in particular the part where the computer chip was the central target for destruction and preventing a nasty future. He responded affirmatively. Did he think the premise that increasingly intelligent machines would eventually try to take over the planet from us feeble humans was realistic? Could the machines run amok? He countered by asking me if I had seen one of his favorite movies (and mine certainly), Isaac Asimov’s Bicentennial Man with Robin Williams. When I said yes, Cerf said: “Do you remember the scene when the robot named Andrew is taken back to the manufacturer and the concerned executive observes that the robot 'might run amok?' 'One is not qualified to run moks,' the robot responds." Cerf chuckled and continued: “That nightmare is hard to predict. We could even argue a scenario where the internet is a nascent platform for a connection to be made for the machines to take over. It’s not the hardware that’s important, but the software.” Other possibilities, according to Cerf, include clothing made with sensors built-in to monitor people’s biological data; and water purification technologies such as desalination and aquifers which were developed for space will be “extremely beneficial”. Would Cerf want to go on a space mission to Mars, as former US Senator and astronaut John Glenn did at the ripe old age of 77? Is he lobbying for this opportunity? “Funny you should mention that,” Cerf replied. “I met John Glenn and his wife Annie at a White House reception a while back and we talked about this idea.” So, would Cerf go? He evaded a direct answer probably for fear of his wife’s reaction but did decoy me with: “It was clear from my conversation with John at that time, that if an invitation came to John to go to Mars, he would go and Annie would understand.” On another tangent, was Sir Arthur exaggerating and distressing needlessly about the ecological damage being done to our planet? In a recent issue of Scientific American, Cerf found compelling questions with regard to this planet’s sustainability or collapse by the year 2050. This issue projected population growth and diminution (in the case of Russia) then stabilization by mid-century at around nine billion. Cerf said he had predicted a few years ago that figure would be 11 billion, so he was pleasantly surprised but still concerned. “Another surprise,” he said, “was that in 2050 the leading killer will be heart disease.” “Sir Arthur’s concern was very real,” Cerf concluded gloomily, “very real indeed.” Bill Robinson has appeared on CNN, PBS, Bloomberg and had his own segment on SKY News commenting on high-tech and marketing issues and has written columns and articles for FORTUNE Small Business, The Financial Times, Marketing Magazine (UK), Forbes.com, The Moscow Times, Cisco Systems iQ Magazine, United Airline's Hemispheres Magazine and Upside Magazine. Bill can be reached at: bill@relentlessmarketing.com More from the TechScape Vint Cerf interview TechScape: Vint Cerf on how the internet was born TechScape: Vint Cerf on the InterPlanet
Team Register, 16 Sep 2005

Xbox chipper jailed and fined

Biren Amin, owner of US games store Pandora's Cube, has been sentenced to five months in prison and given a fine of almost $250,000 for the sale of pirated games and illegally modified Xboxes, the Entertainment Software Association (ESA) announced yesterday. Games consoles such as the Microsoft Xbox or Sony Playstation 2 include copyright protections that prevent them running pirated games, or games subject to regional control (where a console bought in one part of the world cannot run games purchased in another). Mod chips are designed to circumvent these protections. As such, mod chips and "chipped" consoles are in breach of the controversial Digital Millennium Copyright Act (DMCA), which prohibits the manufacture and distribution of products or services that circumvent technological protection measures designed to prevent unauthorised access to and copying of copyrighted materials. According to the ESA, Amin and some of his employees modified Microsoft Xbox video game consoles and turned them into what Pandora's Cube called "Super Xboxes." These Super Xboxes were designed solely to defeat the Xbox's copyright protection system and permit the user to avoid purchasing and paying for legitimate Xbox video games, said the ESA. The Pandora's Cube employees also loaded illegal copies of video games onto the hard drives of the Super Xboxes, in violation of federal copyright law, it claimed. Amin was sentenced to five months in prison with three years of supervised release, including five months of home confinement. He was also fined $247,237.05 and ordered to complete 80 hours of community service as part of his sentence. He is the fourth Pandora’s Cube employee to be found guilty of conspiring to commit felony copyright infringement and conspiring to violate the DMCA. Mguresh Amin, a store manager, has already been sentenced to six months home confinement, twenty-four months probation and 150 hours community service. Herbie Walker, a senior retail manager, was sentenced to six months home confinement, paying for the costs associated with electronic monitoring, twenty-four months probation and 100 hours of community service, while Hitesh Patel, a store manager and technician, received a sentence of four months in prison, with two years of supervised release including four months of home detention. According to ESA president, Douglas Lowenstein, "Sentences of this magnitude send a clear message to game retailers that selling pirate products has serious consequences, including prosecution to the fullest extent of the law." UK position In the UK, the modification of consoles has been an illegal practice since 31st October 2003, when Regulations were passed that made an amendment to the Copyright Designs and Patents Act. The new regime allows rightholders to take action against individuals who circumvent what the law calls Technological Protection Measures, or TPMs, to make unauthorised use of copyrighted works. Action, including criminal action, can also be taken against those who make and distribute equipment designed to circumvent TPMs. Accordingly, the whole process of chipping consoles is illegal, including selling and advertising chips as well as providing a service for chipping. The UK saw its first criminal conviction for the illegal modification of video games consoles in July. Copyright © 2005, OUT-LAW.com OUT-LAW.COM is part of international law firm Pinsent Masons.
OUT-LAW.COM, 16 Sep 2005
Click here for the full BOFH range

BOFH: Bloody computer room tourists!

Episode 28Episode 28 Bloody Computer room tourists! It seems the Boss has been asked by the Beancounters to "consult" on their appointment of a new technical support person after the tragic accident that befell the last holder of the position after he stole the PFY's car parking space three days in a row... True, the PFY does take the tube into work and doesn't even need a car parking space, however the presence of another vehicle in the space made the PFY's lease agreement with a bloke in the next building a little troublesome. Half a glass of water and one "faulty" switch mode power supply later it's all sorted out and there's a vacancy in Beancounter central. Meantime the Boss is taking his consultancy role seriously by asking pointed questions designed to winkle out those people with less computing knowledge than himself (infants, the recently E.C.T-ed, etc). Part of the lead-up to these questions is the Boss taking the prospective candidates through the computer room to show them how he is "Lord of all he Surveys" and the magnificence of his earthly domain. Not wanting to be shown up as the chronic halfwit we all know him to be, he's instructed us to remain absent so as not to disturb his "review process". In other words he doesn't want someone overhearing the fabrications he's constructing around his managerial persona. Which leaves the PFY and I, acutely interested in the potential outcome of the selection process, having to keep an electronic eye and ear on the boss courtesy of the machine room monitor... "I can't hear him," the PFY says. "The bloody financials server is running hot and the fans are overloading the mic input." >Clickety< "How's that?" I ask. "A lot better, what did you do, change the fan modulation?" "Yes, with the shutdown command." >Ring< >Clatter< >Slam< >Clatter< "Right, request lines are closed, what's he saying?" "Hang on, I'll put it on speaker" "... and then I installed those two servers over there," the Boss burbles. "!" the PFY says, remembering just who installed the machines concerned. "You've done a great job," prospective beancounter support person 1 brownnoses. "Yes, but that job pales in comparison to when we cabled up the fibreoptic to the whole floor in one weekend. Course, that was a couple of years back when I was on the tools." "He's got his hand on a tool at the moment if thinks anyone will buy that!" the PFY snaps. "So you're a real all-rounder then," PBSP #1 bumlicks. "Don't like him," the PFY says, putting a cross next to the bloke's photo. . . . The next candidate is only slightly better - less of a brownnose and more of an idiot - which is generally par for the course for the beancounter support types. The Boss's stories have benefited from the fertilisation of the bullshit spread liberally on the previous candidate and have grown substantially in size. He's now responsible for installing two RACKS of machines and has cabled the entire building in fibreoptic. When he was on the tools. After PBSP #2 departs fawningly, PBSP #3 rocks up and things take a turn for the better. "It's a girl!" the PFY gasps happily. "A woman," I correct. "And don't get your hopes up - there's a reason why the geeky world is dominated by sad chunky guys with beards, glasses, BO and poor social skills..." "But still!" "Let's just see how she pans out." "...and so basically I install every machine personally myself." "Really?" PBSP#3 asks with a tinge of disbelief in her voice. "Yeah. Course, I get the Systems guys to do all the donkey work once I'm sure it's up and running properly - otherwise I'd spend all my time in here!" "Mmm-Hmm." "And this is one of our networking rack things." "Krone, patch by exception?" she asks. "Mmmmm and over here the fibreoptic which I installed a couple of years back." "All by yourself?" she asks - in the tone of voice which usually precedes a "bullshit" coughing session. "She's great!" the PFY sighs. "Now, now, lets not rush into any snap judgements!" "...and this is one of our more recent installations," the Boss chirps, gesturing behind him. "Tell me, can you guess what we use this server for?" "Air conditioning?" she says dryly. "I... Oh yes, yes of course, well done." "I think I love her!" the PFY gasps. "Well, I suppose that ends the, uh, technical side of the interview, so how about we just pop down to the pub across the road and have a bit of an informal chat?" the Boss says, chopping down into sleaze mode. "The Bastard!" the PFY snaps. "Just wait," I say. "This could be the true test of character. Oh look, she's stepping in close, doesn't go for the knee to the groin - damn it - bumps the pen from his hand." "Why?" "Just wait. And he bends down to pick it up... and she slips out of the room.." "Oh," the PFY says disappointedly. "And slips a wedge under the computer room door..." "Oooh!" the PFY says happily. "Before pressing the halon release..." "WE HAVE A WINNER!" the PFY blurts happily. A borderline psychotic, loose in beacounter central. So it all worked out for the best then... ® BOFH: The whole shebang The Compleat BOFH Archives 95-99
Simon Travaglia, 16 Sep 2005

Finnish gov will not criminalise MP3 players - officials

Fears that Finland's upcoming new copyright legislation would de facto render MP3 players illegal are unfounded, Ministry of Justice officials have claimed. Like the US' Digital Millennium Copyright Act (DMCA) and laws enacted by other European Union member states under the direction of the European Union Copyright Directive (EUCD), Finland's proposed new law would ban the circumvention of copy protection mechanisms. That said, the law does make it possible to copy music for personal use, which gives, say, CD owners the right to rip songs in order to transfer the songs to an iPod Nano. Indeed, such a freedom is not granted to other European citizens. English law, for example, does not permit recording owners to make copies for personal usage beyond certain academic/study purposes, technically rendering the act of transferring a CD - even a CD you own - to an MP3 player illegal. That doesn't render iPods illegal, incidentally, because they have substantial non-infringing uses, such as holding tracks for which the player owner holds the copyright, or for licensed copies like those downloaded from the iTunes Music Store. In Finland, Jukka Liedes, an official with the Ministry of Justice, yesterday claimed bypassing copy protection for the purpose of make a copy for personal use only would not be criminalised under the new law, Finnish newspaper Helsingin Sanomat reported today. The bill goes before the Grand Committee of Finland's Parliament today. The Committee has the right to amend the proposed law, and it appears likely a change removing the copy protection circumvention clause may be suggested. Finnish Minister of Culture Tanja Karpela yesterday called on the Committee not to make such a change - or the new law may fail to meet the requirements of the EUCD. ®
Tony Smith, 16 Sep 2005

ESA launches Mars Express investigation

The European Space Agency (ESA) has launched an investigation into the Planetary Fourier Spectrometer (PFS) onboard the Mars Express orbiter. Fred Jansen, the Mars Express mission manager at ESA told us: "The problem manifests itself as a failure in properly executing its initialisation sequence. If this is not successfully executed the instrument cannot do any measurements." If we are reading this correctly, he means that they can't switch it on, so they can't do any science with it. The PFS had been working perfectly, and had produced plenty of data on the composition and movement of the Martian atmosphere, until it developed its inexplicable problem a couple of months ago. Team engineers have suggested that vibration effects from recent spacecraft activity - possibly the unfurling of the MARSIS radar booms - might be to blame, but nothing has been positively identified as being the cause of the trouble. The investigation board will include experts from ESA, industry, and from ASI, the Italian space agency. ®
Lucy Sherriff, 16 Sep 2005
graph up

Arrest made in Berkeley laptop theft case

Police have arrested a man after recovering a stolen laptop that held personal data on more than 98,000 University of California, Berkeley students and applicants. The laptop - containing the names, address and social security numbers of students and prospective students - was taken from Berkley's graduate admission office in March, triggering a security alert. The data might potentially be used by fraudsters to open up bank accounts or obtain credit cards under false names though it's unclear whether any fraud has actually taken place. A new operating system has been installed since the theft and data has been over-written. An unnamed San Francisco man has been arrested and charged with possession of stolen property after campus police discovered the the Berkeley laptop had been sold over the net by him to a South Carolina resident. The accused said he was sold the laptop in April by a woman matching the description of the suspected laptop thief. "UC police note that while a lab analysis could not determine whether the sensitive campus data was ever accessed, nothing in their investigation points to identity theft nor individuals involved in identity theft. It appears, they said, that the intent was simply to steal and sell a laptop computer," the university said in its statement. Several US universities had been forced to issue alerts over data security breaches over recent months. In the latest such case Miami University, of Oxford, Ohio, admitted that a file containing the names, social security numbers and marks of around 21,000 students dating back to the autumn 2002 term had been left exposed and unprotected on its web server for the last three years. The University's statement on the case can be found here. ®
John Leyden, 16 Sep 2005

Apple 'readies' dual-core Power Mac G5s

Apple is likely to ship Power Mac G5 desktops based on dual-core IBM PowerPC processors, perhaps by the end of the month. So claims Think Secret, citing unnamed sources who said the update will come earlier than planned because of allegedly weak demand for the latest single-core systems. Apple last updated the Power Mac G5 line in April, bumping the top-end two-processor 2.5GHz model to 2.7GHz. Two months later, CEO Steve Jobs announced the transition to Intel processors, just ahead of IBM's formal announcement of the much-rumoured dual-core PowerPC 970MP. It's the 970MP that will drive the new Power Mac line-up, the sources claim. While the part is not expected to clock above 2.7GHz, by equipping each two-processor machine with four processing cores instead of two, Mac users should see a hefty performance increase. Apple Expo Paris takes place next week, and despite the company's no-show for a keynote, it's suggested that it may use the exhibition to give the 970MP-based Power Macs their first public appearance. The sources also claimed Apple's PowerBook line will not now be updated before January 2006. ®
Tony Smith, 16 Sep 2005

Govt pledges help for digital TV switchover

The Government has pledged financial and technical support for millions of people to help them cope with the switchover from analogue to digital TV. Confirming the switchover plans last night culture secretary Tessa Jowell said that the Government wanted "all UK households to benefit from digital TV" and was keen to ensure that no one is left without their gogglebox once the plug is pulled on analogue services. Part of that will be the availability of affordable digital kit for all. But for those aged 75 and over and for those with "significant disabilities", the Government has pledged part of the BBC licence fee to upgrade TVs to digital. Help will also be provided making sure the thing works. Speaking to TV execs last night Jowell set out the timetable for the switchover, which will be carried out on a regional basis. First to go will be the Border TV region, covering the north of England and southern Scotland, in 2008 finishing with Northern Ireland and London and the south of England in 2012. Speaking last night Jowell said: "I do not underestimate the scale of the technical challenge - requiring the transmission infrastructure to be in place, and viewers to be informed and prepared, so that no household that can get TV now is deprived of their service in the future. "Nor do I shrink from the inevitable battle for hearts and minds as we seek to convince a minority about the merits of switching to digital." The switch to digital is to be overseen by "Digital UK" - an independent, not-for-profit company set up by broadcasters. Formally known as Switchco it will keep viewers informed of the upcoming changes. ®
Tim Richardson, 16 Sep 2005

Toshiba touts fuel cell-equipped MP3 players

Toshiba today unveiled its latest fuel cell prototypes, this time targeting Flash- and hard disk-based MP3 players. The test units are integrated into the players rather than attached to them externally. Don't expect to see the players or the fuel cells on sale any time soon - even Toshiba now reckons they won't see commercial availability until 2007 at the earliest. The two units are based on the pump-less fuel cell system Toshiba unveiled in June 2004. Then, it was forecasting it would be able to commercialise the technology in 2005, after releasing a PC-oriented version late 2004. Clearly, it has revised its timeline somewhat... In its latest announcement, Toshiba discussed two direct methanol fuel cells, one generating 100mW of power, the other 300mW. Both fuel cells are built into audio players, one using Flash storage, the other of the HDD type, and can be refilled. Both cells store methanol fuel in a 99.5 per cent concentration before diluting it to ten per cent for the power-producing reaction to take place. The reaction chamber comprises two membrane-separated zones, one containing the methanol, the other containing air. Both zones have an electrode. The methanol reacts with water in the presence of a catalyst to produce hydrogen ions and electrons. The ions and electrons pass through the membrane to react with the oxygen to form water - which can be used to dilute the methanol. Besides power, the only byproduct of the reaction is carbon-dioxide. The two cells essentially differ in capacity: 3.5ml for the 100mW unit and 10ml for the 300mW cell. The 100mW cell can generate sufficient current for 35 hours of playback time, while the larger unit can operate the HDD-based device for 60 hours. ®
Tony Smith, 16 Sep 2005

MS shuts up on number of women engineers

Microsoft has once again fallen back on a discredited privacy defence to deflect questions on the proportion of its certified engineers who are women.
Mark Ballard, 16 Sep 2005
homeless man with sign

LogicaCMG may buy Unilog for €73 per share

In briefIn brief LogicaCMG confirmed today that it is in “advanced discussions” that could lead to its buying French services group Unilog. In a statement, LogicaCMG said the talks “may or may not lead to an offer being made for Unilog on an agreed basis and at a price of €73 per share”. This would value the French group at around €931m in total. The deal would go some way to helping LogicaCMG turn the tide at its struggling French business. LogicaCMG, created by the 2002 merger of Logica and CMG, said it would make a further announcement “in the next few days”.®
Team Register, 16 Sep 2005

RIAA calls time on P2Pers

The Recording Industry Ass. of America (RIAA) has told seven P2P software companies to get with the programme - or face the consequences. The organisation, infamous for the thousands of lawsuits it has issued against alleged file-sharers, said it has asked the firms to shut down their networks or implement RIAA-approved anti-piracy measures. The RIAA hasn't said which P2P networks it sent cease and desist letters to, but the Wall Street Journal yesterday named LimeWire, BearShare and WinMX, and it's not hard to guess who the others might be. The demands come three months after the US Supreme Court ruled that P2P providers Grokster and StreamCast are responsible for the actions of their users. If P2P users share content without the permission of the copyright holder then they're guilty of copyright infringement and so too are networks that did nothing to stop them, the Supreme Court said in June. The verdict reversed judgements made at the District Court and Court of Appeal levels, which were founded on the precedent established in a landmark case brought in the 1980s by the movie industry against Sony. Back then, the Japanese giant prevailed, by showing its video recorders had plenty of uses beyond illegally copying movies. This time round, the P2Pers made the same claims, but the Supreme Court maintained that there were substantial differences between the two cases, so the Sony precedent does not apply. The case now returns to the lower court, which must now re-consider the movie industry's complaint against Grokster and StreamCast in the light of the Supremes' decision. The RIAA claimed the Supreme Court judgement had given P2P companies notice "there is a right way and a wrong way to conduct a business", and in the intervening months they have been granted "ample opportunity to do the right thing". It said firms that continue to allow users to share and download illegal copies, and "knowingly operate on the wrong side of that line do so at their own risk". LimeWire, for one, now asks anyone downloading their software if they intend to infringe copyright, refusing to offer the software to anyone who foolishly checks the 'yes' option. That may appease the RIAA, but we doubt it - there are plenty of copies of the code out there already, and when we checked this afternoon, still rather a lot of illicit material to grab. ®
Tony Smith, 16 Sep 2005

Intel invests in 200mm-wafer fab capacity

Intel will pump $345m into two US fabs in a bid to boost production capacity, the chip giant said yesterday. The two fabs targeted for investment, Fab 17 in Hudson, Massachusetts and Fab 23 in Colorado Springs, Colorado, both work with 200mm wafers. As such, they're used primarily to punch out chipsets, communications parts and Flash memory components. While Fab 17 will get $155m to increase overall production capacity, Fab 23's cut, $190m, will be used to kit out a second clean room which will be used to finish off processors made on 300mm wafers at other Intel facilities. Both projects will create around 500 new jobs in total: 300 at Hudson and "several hundred" at Colorado Springs. "These investments will increase the capacity of our 200mm manufacturing network to support our platform initiatives and will give us additional supply flexibility across a range of products," said Bob Baker, senior vice president, general manager, Technology and Manufacturing Group. Earlier this month, Intel admitted it had "sold out" of notebook chipsets. In August, it said it was shifting output away from entry-level desktop chipsets in order to focus available capacity on higher-end, higher-margin chipsets, causing some observers to claim Intel plans to quit the low-end chipset business - a move the manufacturer later denied. ®
Tony Smith, 16 Sep 2005
fingers pointing at man

ATI ships Radeon X800 GTO

ATI may be gearing up to announce its R5xx family of next-generation graphics chips, but that hasn't stopped unveiling parts based on the previous generation of its technology. The company yesterday unwrapped the Radeon X800 GTO, a 12-pipeline chip that sits between then X800 XL and X800 XT. It supports GDDR 3 memory clocked at up to 1GHz effective and installed on a 256-bit bus. ATI didn't provide a core clock speed, but it's believed to be around 400MHz. As per other X800 chips, the GTO supports the latest incarnations of ATI's SmartShader, SmoothVision, Videoshader and HyperZ technologies, along with its 3Dc normal-map compression system. Again, it's a Shader Model 2.0 part. ATI said the X800 GTO was available immediately, and will be included on graphics cards produced by ATI itself and by Abit, Asustek, Connect Components, Diamond Multimedia, Gigabyte, Hightech, Info-Tek, MSI, Palit, Sapphire, Tul and Visiontek. ®
Tony Smith, 16 Sep 2005

Securing the world for lost, bio-diesel car drivers

LettersLetters A varied haul this week, that's for sure. We've got thoughts on security, women and Microsoft certification, technology and education, and of course, the question of whether or not cats should be used to make fuel. It seems this last one is a real opinion divider. Still, before we descend into the dungeons of daftness, let's kick off with some reactions to Gartner's call for security to be rebranded as "risk management", and handed over to business managers to run. No prizes for guess what the balance of opinion was on this one: It think this is absolute nonsense, business people cannot replace or do the job that trained information system security professionals can do. There will always be a need to bridge the gap between business and IT, especially where security is concerned, but to suggest that that gap can be replaced by a person who has primarily business training is ludicrous and dangerous to a company. How will this person deal with virus, or hack incident or denial of service attempt? There aren't currently any business programs that teach information security anyway. AM As a technical and security specialist (with an MBA) I have to disagree with some elements of this article. I am currently working on contract as an IT Security Consultant at a large insurance company which shall remain nameless. They have, like Barclay's, ABN Amro and many other financial institutions, followed Gartner's recommendations and re-branded their IT Security department as "risk management". Ours is called "Group IT Risk", Barclay's is called "Information Risk Management" (IRM). We now spend all our time doing "risk assessments" for projects, estimating probability and impact, and producing excellent reports for project managers to add to their project risk registers. Risk, Risk, Risk! But we are still running Win2K SP2 not SP4, we still got infected by Zotob, we have RealSecure Personal Firewall on our 3000 legacy NT desktops but we don't have anyone to watch the SiteProtector console, our CSIRT Incident management process still looks like chickens running around with their heads cut off, it still took 48hrs for our outsourced networking partner to realise that what was thought to be a DoS attack on a core internet router was in fact due to mis-configuration of one part of a VRRP router config that had never been tested properly etc etc etc. The baseline security of the organisation is extremely poor, and this is not (and will not) be improved by focussing on trendy risk management processes. What it will be improved by is old-fashioned A/V updates, patch management, configuration management, strict change management with oversight by IT Security, rigorous scanning of the network for new (and rogue) devices, hardened servers, IDS/IPS systems with a well-trained SOC to watch the consoles, good communication plans and awareness schemes, hard disk encryption, BIOS passwords, spam content filters, internet content filters etc etc. All the bog standard stuff that is on the top ten security controls list and has been for the past 5-10 years! It's also the same stuff that is deemed "boring" by our Risk and Gartner Best Practice obsessed, Ernst and Young benchmarked, new-wave Information Risk Management. It's also the same stuff that the Business screams for once a nice juicy worm takes out a thousand desktops - conveniently ignoring the fact that they weren't prepared to sign-off the business case to implement it pro-actively because the cost/benefit case was hard to quantify. The Business will also conveniently ignore that they DID sign-off on a "risk assessment" that said staying on SP2 probably was a really bad idea, the same way they will sign-off on building the DR data centre in the tower next door rather than 10mi away because it saves a few mill. Hey, both Towers are never going to fall down at once, are they? And that is at the heart of the problem - humans are very, very bad at estimating risk. You are hundreds of times more likely to drown at the beach than get eaten by a shark... but which do people worry about more? In the US many parents probably wouldn't let their children go and play at the neighbours if were unsecured guns in the house, but would happily let them go and play in the neighbours pool on a hot day... but the statistics show that your child is 200x more likely to drown in the pool than get shot with the neighbours gun. (See "Freakonomics" for more details). Risk Management as a tool of project governance to get IT projects to examine the risks, implement mitigating controls and prepare contingency plans in case the worst happens is excellent discipline. It's just not a replacement for IT Security. cheers, Steve I believe that companies which attempt to have non-techies handling their security risk management, will end up in trouble. Considering the recent hurricane. While the professional politicians and news analyts are playing the blame game, one major factor to the damage was the failure of the levy system.... The levy system was supposed to be able to withstand only a category 3 hurricane. (If even that, due to lack of maintenance.) One could argue that it was risk management at work. The odds of a cat 5 hitting New Orleans is so small, why not take that risk? (The downside is that one did hit and the total damage in insured property greatly outweigh the cost of building the levy system to take a cat 5 hurricane.) I agree that you can't call wolf at every perceived risk. But how can a "business type" manage these risks if they really don't understand the potential damage that can occur? Ian There might be a few dissenters over the risk of a cat5 storm hitting the gulf coast... If we remember correctly, it was flagged as one of three serious threats to the US at the start of Dubya's terms in office. The other two, you ask? Oh, a terror attack in New York and a big quake in California. Two outta three, and still time to go... The government is spending millions on it, but is it doing any good? Teachers aren't sure and by the sounds of things, you lot are not big fans of technology in the classroom, at least, not just for technology's sake: Teachers think computers interfere with genuine learning? That's because THEY DO. And they top slice the money from the education budget so there's less to spend on real education. I spent a happy (not) weekend trying to sort out an interactive whiteboard in my wife's primary classroom - she was worrying at night because an inspector would be coming and she wasn't using it effectively. We had to: a) position a free standing whiteboard screen on castors - because the education department found by saving on wall mounted boards they could put more into schools b) position a projector on a projector table - because they could put more in by saving on ceiling mounted projectors c) position the board where it could be seen by all the pupils in a classroom designed for 25 student, currently running with a class of 33, being sure none of the pupils were sitting under the bit of roof that leaked d) run extension cables to the (top of the range) laptop and projector, because by saving on electrician fees they could put more into schools e) put rubber trip strips over the cables, because children have to be able to get around the classroom. f) rearrange it all, because the children kept knocking the projector table when going to get paper and scissors from the resources drawers etc., etc. This is money which has been topsliced from the education budgets - i.e. by doing this they have lees for teachers, classroom assistants, wholesome school meals, fixing roof leaks etc., and is totally galling. While the commercial sector now sees provisions (hardware and software) as almost always being a small item against deployment, implementation support, installation etc., education departments still work on the basis that most of their procurement budget should go on kit and licences. The learning objectives are driven by the kit, not the procurement by the desired outcome. It pisses me off when the government boast about how much they're spending on IT in schools when said IT is so profoundly damaging to education. Dunstan Sadly the findings of the report are not surprising. As a school governor I have found that although the Government made a big thing about giving every teacher a laptop they didn't bother with any training. So most teachers have a state of the art laptop but no real idea how to use it effectively. One told me "the kids learn/know more about it than us". This is another example of joined up thinking - not! Btw the spec of the computer is rigidly defined and only available from certain suppliers so not surprisingly the price is not what you might call competitive but that's another issue... Rob My wife's a teacher and I have long berated her for her timidity in using IT in the classroom. But she counters with the strong point that the stuff they are given is just not reliable. She's now in a brand new, wonderfully equipped primary school with whiteboards in every room, a wireless network everywhere and a commitment by management to run the school electronically. But nothing works. The hired geeks have reconfigured the network several times but it doesn't stay up long enough for them to demonstrate that, clearly, it's all the teachers' fault. The benefits that an electronic whiteboard brings over its analogue equivalent are real but finite, and they completely evaporate when the thing malfunctions and the lesson has to be abandoned. It's not that they've bought the cheapest possible kit -- it appears to be reasonable quality. They've even paid for training (though I'm uncertain that it's very high quality). The real problem is that there's nothing in the budget for in-house geeks to be hovering round fixing the problems as they occur. Those of us who've lived with Windows in business know that these people are absolutely necessary because the technology is simply not robust, and isn't designed to be fixed by ordinary people when it fails. Of course, the answer for a school is to use a different operating system -- Mac OS X springs to mind -- but that is never even contemplated... Name withheld Seeing the enormous increase in wasted meeting time that electronic whiteboards and laptops have brought to corporate meetings, I have to applaud the teachers for resisting them. Education is a tough enough business without having to drag tech bloat into the fray. Mike Dr. Debbie Ellen, the boffin behind the study of how many women engineers it certifies, would like to take this opportunity to clarify her research. The response to the original article was, in some cases, extremely hostile. She thinks some of the writers may have missed the point: As one of the authors of the report that was the subject of Mark Ballard\'s article Microsoft trying to track down Engineers (9th August 2005), I feel I should respond to the letters published on 12th August. Firstly, the database referred to by the reader that asserts: "the MCSE data is most definitely "owned" by Microsoft, and gender is a cross referenceable field associated with the account of the MSCE qualified engineer" is not publicly available and requests to Microsoft to use the data held there have been rejected. My understanding of the system is that people with certification can use the system - but it is not obligatory -so data held within the system will not give a comprehensive picture anyway. This issue is part of a much wider problem with vendor specific certifications which are offered by private companies, who are not currently required to collect diversity data. Our report called for government action to address this issue. With regard to the other letters published I feel that some readers have taken the wrong impression from the article. Our report is available for download at: http://www.jivepartners.org.uk/activities/publications.htm. By reading the report I hope that people see that we were not stating that women needed to work in a women only environment. Indeed many of our respondents were already working predominantly male teams across a range of sectors. We were also not calling for a reduction in the number of men working in this area; rather we sought to open up greater opportunities to women, who tend to get stuck in the lower paid jobs, by offering them access to this training. The only other comment I will make is that I was disappointed, but sadly not surprised by some of the appalling comments in the letters. In many ways they make the case for the need to offer such opportunities to women as well as a three year research study has done. Dr. Debbie Ellen Sometimes a story is just too good to pass up, even if the really cool part turns out not to be true. So when German inventor Dr Christian Koch denied using cats to make bio-diesel, we still had to run the story: Of course it's possible to make fuel out of organic matter {plants, animals, and anything made out of either}. That's exactly what petroleum oil is! The trick is that in the laboratory, you can create sufficiently high temperatures and pressures to do the job in a few hours as opposed to millions of years. {Of course, G. W. Bush and co probably believe that the Earth is really only a few thousand years old and that God would never have put that oil under the ground in the first place if He did not want us to use it.} AJ Crikey - do I detect the resurrection of the septic tank? Imagine the following: A huge septic tank to catch all your bio-waste, heating of same to 300 degrees, with another tank (with spigot at the front of the house) for diesel, plus using the extra heat to heat water, the house, etc. If I wasn't living in a new development, I'd go hug a tree. Perhaps a scaffolding post will do... Edwin Never mind the cats, beef lard or dead rats--road kill's the obvious fuel source! What sort of mileage per hedgehog? That's the question I want answered. Butting Shame. I hate cats. The world would be a cleaner place without them. Too many fairy stories about Pied Pipers. Folk should grow up. The food they consume is often of higher quality than humans eat; that being so, it would be better used to alleviate the starving world. Better still, let's see if the rumours about Asian gourmets are true and [if they] can provide suitable cat recipes. Anon In-car satellite navigation systems really are a great invention. We suspect the gadgets have considerably reduced the number of spousal arguments about (a) her map reading abilities and (b) his reluctance to ask for directions had on the way to family gatherings, important meetings etc. In so doing, they have probably lowered the future divorce rate, and reduced the potential earnings of some lawyers. Shame about them sometimes going wrong, then: Hmm. Does this explain why our TomTom 500 has been taking us some very peculiar routes this week? We live in a rural area - Hebden Bridge, West Yorkshire - and my parents live in a place called Chorley, near Preston in Lancashire. The unit took us via primary routes, ie main roads and motorways, to get there but coming back decided to take us into the hills and far away. It was like The Blair Witch Road Movie. Twice TomTom tried to get us to drive into a muddy field - actually, the farmer on the land says it has done this more than several times to unsuspecting motorists - and it has also developed a fondness for stone walls overlooking reservoirs, muddy ditches which conceivably may have been travellers' paths a couple of millennia ago. We got home two hours over the actual time it should have taken us, our nerves shredded and our car scraped after one of TomTom's psychotic episodes. We now look on the machine as a useful tool under some circumstances, but never to be entirely trusted - especially in the countryside. Andy Steve Ballmer says he never threw a chair in his life. You think you know why: No doubt Mr Ballmer did not throw a chair, however, knowing Microsoft's propensity of redefining standards normally accepted in the industry, who is to say that they haven't redefined the basic concept of a chair - I can see it now, flat bit, back rest, support leg(s), it has to be the all new Microsoft Laurel v1.0. Having rested on their laurels for so long, the corporation probably doesn't know that other companies call them chairs. T. We also drew attention to the alarming similarity between the new Quark logo and that of the Scottish Arts Council. You were unable to let this pass without comment, and frankly, why should you? Wow. I wonder how much those designers got paid to draw that logo? It must be all of almost two circles and half a square. Seriously, they may as well have just gone for a doughnut. Here is my artist's ASCii representation: O The humble doughnut represents Quark sitting around on its fat corporate arse long enough for Adobe to come in and obliterate it with InDesign - thank god. The logo would be coloured luminescent pink with rainbow sprinkles. It really was an evolution. The more I played with the pink donut, the more it came to represent so many things about Quark: poorly planned product cycles, expensive add-ons which can be done better elsewhere and complete failure to act when a cooler, healthier product came along. It just seemed to make sense. It's okay, I don't expect to get any money from Quark. That one's free. Mike Well, Quark's new logo is almost the same that a local cellphone (or mobe) company has. Rodrigo (from Chile) Lastly, we turn to the week's sport. Well, only because we're talking about an apparent lack of 3G knowledge in the land down under. Which is also the place the Ashes won't be returning to. Oh, sorry, did we already mention that? Some Australians write: Aussies know about 3G - we also know the per kb cost is too high to make its use worthwhile. In other news, Aussies directed to lose cricket by Murdoch in a bid to spice up cricket prior to paid broadcasts :-) Tim Just wanted to make 2 points: first is that we know about 3G, we just don't care. Second, congrats on the Ashes success. Was well played and a well-earned win - and it's about time the Poms beat us at something! Peter. Thanks. We were going to mention the rugby at this point, but frankly, neither nation can really hold its head high on that, so we'll stick to trading cricket and swimming related jibes. Deal? You cheeky bugger - dropping an Ashes blurb into the bottom of a 3G article. And there I was thinking I would be able to read tech news and get away from any Ashes news for a few minutes. cheers, Greg. Heh heh heh. That's all folks. ®
Lucy Sherriff, 16 Sep 2005

Estonia phone scammers fined £100k

An Estonia-based company, Digital Media Ltd, has been fined £100,000 for running a premium rate phone scam. Regulator ICSTIS used emergency powers to shut down the service which employed automated calling equipment (ACE) to inform people they had won a prize in a competition. Although the scammers advised "winners" to write in for their prize, due to the shortage of time available they were advised to call a premium rate number instead to claim their jackpot. No prizes for guessing what happened to those who called the number thinking they'd won. No prizes either for guessing whether Digital Media Ltd responded to the allegations or supplied "the information requested" by ICSTIS. ®
Tim Richardson, 16 Sep 2005

US banks lose $50bn to phantom fraudsters

Reported ID theft losses represent only the tip of an iceberg, dwarfed by fraudulent losses run up by crooks assuming completely fictitious identities, according to analysts Gartner. It reckons ID theft will claim 10m US in 2005 resulting in losses of around $15bn from 50m accounts. By comparison "victimless" fraud - bad debt run up in the name of non-entities - will hit $50bn this year. Avivah Litan, research director at Gartner, explained that because US banks are so keen to recruit new customers they will open up accounts on the basis of identification from only a pay-as-you-go mobile phone bill (a type of account that is even easier to open) without checks on the validity of supplied social security numbers. Once a bank account is open crooks will pay bills religiously, eventually earning enough trust to obtain credit cards with higher and higher limits. After around 18 months fraudsters will obtain cash advances on these cards and disappear, a process know as busting out. Losses of around $50K are typical, according to Litan. Banks will pursue these funds and call in collection agencies but in the end the majority will write-off the debt without understanding the root cause of the fraudulent loss. "In many case banks don't even know about the problem so they don't have an incentive to fix the loss," Litan said. "Perhaps it's cynical to say this but banks would rather let people in and deal with fraudulent losses, which they pass on to retailers and customers anyway. There are many dedicated people in bank anti-fraud departments but institutionally they are not that motivated." Litan said that banks in Britain were far better at sharing information and working with each other to minimise exposure to this kind of fraud. The incentive to sign up new customers is great in Europe but in the US it's even more pronounced because banks send out 1,937 pieces of marketing information for every new sign-up. "The goal is getting new customers and banks are not that hungry about eating into fraud," she said. Litan made her comments during a presentation at the Gartner IT Security Summit in London on Wednesday. ®
John Leyden, 16 Sep 2005

Nintendo shows 'Revolutionary' console controller

Games console developers devote as much time to the launching of the controllers their machines will be played with as the game-hosting hardware itself. The latest company to do so is Nintendo. Today it told the world what the gamepad that will ship with its Revolution console will look like. Frankly, it's ugly and looks more like something you'd use to adjust the height of a dentist's chair, but it does at least have some interesting internals. One of which is motion detection, so we can expect to see players gesturing grandiosely at their TV screens in a bid to make Mario jump over rocks and hazards. The look, incidentally, is derived from TV remote controls. Since ordinary consumers are more familiar with them than they are with traditional console controllers, non-gamers will find Revolution easier to use, Nintendo reckons. Revolution is due to ship next year, and is likely to target non-gamers as much as folk who have grown up playing a variety of consoles. Nintendo executives have consistently touted a return to more basic games that win fans through clever gameplay rather than expensive-to-create imagery. As such, it's moving away from Sony and Microsoft whose PlayStation 3 and Xbox 360 are likely to be pitched heavily toward hard-core gamers. Nintendo President Satoru Iwata also said today he hopes to help smaller developers break into the console software arena, something many of them have found too expensive to achieve in the past. "Small developers can compete on creativity not on scale or staff size," he said. "Nintendo is willing to help bring these ideas to life." ®
Tony Smith, 16 Sep 2005

T-mobile customers stuck in Walled Garden

T-Mobile UK has admitted that many of its customers cannot access external email even when they buy supposedly email-enabled phones from the service provider. Unlike most other mobile operators in the UK, T-Mobile operates a "walled garden" that means customers cannot freely access external email accounts with its service. With the latest smartphones on the market, tens of thousands of UK citizens have been upgrading so they can access their normal email accounts while on the move. However, T-Mobile will only allow external email to be accessed through its MDA line of Windows-based PDAs, or its Blackberry devices, which involve an additional fee to Blackberry's owners RIM. T-Mobile customers who choose many of the other email-capable phones on the market are not told by the company they will not be able to access email, however. Instead, they are repeatedly advised to contact either the phone manufacturer or their ISP to recover settings that will enable them to gain access to their email. When those companies advise customers that it is an issue with T-Mobile and not themselves, they return to T-Mobile customer services - only to receive the same advice from the service provider. In a recorded conversation we held with one T-Mobile representative, we were told five times that it was an issue with the phone manufacturer, or our ISP. But faced with repeated questioning, the representative finally admitted: "We don’t do mobile email." [You can read a transcript and listen to a recording of the conversation here.] Customers who receive a new handset are, in the majority of cases, tied into a 12-month contract with the company. However, T-Mobile operates a seven-day returns policy so that customers are tied into the contract if the phone is not returned within that time period - even if they have wasted that time talking to customers services. Customers may therefore be locked into a contract which does not deliver all the services they expected. On Friday, a T-Mobile spokesman admitted to us, “We do not offer an email service.” The spokesman declines to comment on the way T-Mobile was marketing its service. It is understood that the reason T-Mobile currently does not offer external email is because its systems are not capable of the data exchange. Its systems are being upgraded and the "walled garden" situation is expected to end within the next six months. Earlier this week, T-Mobile refused to comment on a possible end to the walled garden and in response to a detailed outline of the accusations above, responded: "The BlackBerry (or MDA III with BlackBerry Connect client) support... both a new 'instantemail' address for the user should they choose to use it, and allow the user to read up to 10 external email addresses they may already have." ®
Kieren McCarthy, 16 Sep 2005

Email slip show Clarke's softer side

Home Secretary Charles Clarke is learning first hand the perils of email, having accidentally appended a revealing early draft of a letter to an email sent to his opposite numbers. Clarke yesterday laid out his proposals for new anti-terror laws that would extend the length of time a suspect could be held without charge from two weeks, to three months. In a letter to his Tory and Liberal Democrat counterparts, Clarke asked for his colleagues' views on the three month detention proposal, while giving the idea his firm backing. However, also attached to the email was an early draft of the letter, in which he takes a much less hardline approach. The draft read: I think the case for some extension is clear, though I believe there is room for debate as to whether we should go as far as three months, and I am still in discussion with the police on this point. As compared to the final version: It may be that you are convinced by the case for some extension but feel that three months is too great an extension. I would be interested in your views on this particular point. The differing versions have been widely interpreted as revealing Clarke's own doubts about the length of the extension. The Guardian suggests the letter will reignite speculation over Clarke's future, after earlier rumours that Blair does not think Clarke is taking a tough enough line on civil liberties, and is planning to replace him as Home Secretary. Liberal Democrats and Conservative politicians have already rejected Clarke's proposal, and Amnesty International dubbed it "internment in all but name". ®
Lucy Sherriff, 16 Sep 2005

Predict next terror attack, win t-shirt

UK tabloid the Sun is in danger of succumbing to rage-inspired spontaneous combustion after discovering a website inviting punters to gamble on where the next terrorist attack will occur - and win a t-shirt saying "I Predicted It" if they're right. Yup, cue outrage in the form of Where-next.com - an interactive "game" where you stick an icon on a world map representing how you think the next strike will be perpetrated (suicide bomber, car bomb, etc, etc). Here's the blurb from creators Molleindustria: Where-next.com is an exciting gambling game. The most accurate prediction on where terrorists will attack next, wins. The definition of terrorist attack stands here for a war action aimed at any civil target on any location that’s not already involved in any kind of "official" war or so intetend by U.S. administration. Thus comnsider a peaceful territory where there could be at least 10 random civil victims within 48hrs (missing people will not be included). The person guessing the right technique used (a bomb attack, a suicide bomber, chemical weapons, etc.) and getting the closest location of the attack, will be contacted by e-mail and will receive the exclusive where-next.com T-shirt, showing the place and the time of the attack. A new game will start after every successful attack and the previous bets will be cancelled. Yawn. There are two problems here: one, that this amateurish effort lacks any sort of redeeming humour which might mitigate against its pointless lack of taste; two, they're flogging skyscraper advertising space on eBay, so it's actually nothing more than a cheap and nasty attempt to pocket some cash in the style of Keith E. Fieler and his feeble "Mind the Bombs". For its part, the Sun has branded the whole thing "sick" and quotes a Red Cross spokesman as saying: "Whilst the promoters of this site may intend it to be humorous it is, in fact, deeply distasteful. We know from our work to support people affected by the terror attacks in London that many have been deeply traumatised by their experiences. They may well find this site appalling and unhelpful." ®
Lester Haines, 16 Sep 2005