22nd > September > 2005 Archive
A year after the Wi-Fi-to-cellular roaming standard UMA was initially published, the first true mobile handset supporting the technology appears to be heading for the USA. LG's forthcoming LG-CL400 will support the Unlicensed Mobile Access specification, designed to allow Bluetooth and Wi-Fi devices access to GSM networks, and to handover seamlessly without dropping the call. BenQ's P50 was expected to be the first UMA device to market. The PocketPC based device was announced last October but will is only creeping onto the market, in limited numbers now. But carriers might find the LG-CL400 more attractive, and LG clearly has Cingular in sights with the clamshell camera phone, as its supports the old AT&T Wireless 850Mhz. Development of UMA was blessed by the 3GPP in April, and now shelters under the GSM organization's standards umbrella. Technical Specification 43.318, as it's known, will be included in future versions of the 3GPP standard. Over the summer UMA received two boosts from Nokia and Symbian, which both announced partnerships to work with Kineto Wireless, the Silicon Valley start-up which has driven development of UMA. LG's handset also uses Kineto's UMA controller. ®
Canadian cops staked out a bar in the hope of finding a journalist drunk, a court heard today. The journalist in question, Edmonton newspaper columnist Kerry Diotte, wasn't suspected of involvement in any crime. But Diotte had written a column criticizing the police force's radar and camera technology as being more of a cash cow for the force than an effective measure against road fatalities - and the story enraged the local constabulary. Diotte has been a consistent critic of the police's technology dependency habit. Police illegally tapped into the confidential vehicle licensing database to obtain Diotte's details of car and home residence, then staked out the Overtime Bar in Edmonton with three officers. According to one Edmonton officer, the journalist posed a real threat to the city's burghers. "It was true that we found that vehicle in a bar lot and the potential for serious harm or death was there," claimed Sergeant Glen Hayden, testifying before a disciplinary hearing. According to witnesses the journalist took a cab home and was reported to be sober. What kind of journalist is he? The hearing continues. ® Related link Cop targeted Sun writer over column on photo radar, suggests lawyer - Edmonton Sun
Nokia only began to partner with Microsoft earlier this year - but already it's showing signs of catching Longhorn Syndrome. The Finnish phone giant has confirmed that its would-be iPod killer, the N91 music phone, will miss the Christmas shopping season, and won't now ship until Q1 2006. "What we basically decided is that we will postpone it a few weeks, push it out to Q1 and do this Microsoft DRM implementation solidly," explained Nokia's music chief Jonas Geust this week. Nokia wants N91 owners to get their music using the same interface whether it's from a PC, directly over the air via 3G or GPRS, or from each other over Wi-Fi or Bluetooth. Geust also insisted that the carriers were showing a strong interest in the N91. Motorola's long-awaited iTunes phone, the ROKR, finally arrived last week on Cingular's network, but without the ability to buy music over the air. Carriers have reportedly been reluctant to allow Apple to replicate it's dominant position in the PC download space on mobile devices. They want some of that action themselves. Nokia has announced two significant partnerships with Microsoft this year. At 3GSM in Cannes, the two announced a deal to bring music supporting Microsoft Windows Media DRM to Nokia handsets without any need for transcoding. And earlier this week, the Nokia launched a corporate mobile email infrastructure with support for Exchange Server licensed from Microsoft. Read our hands-on with the N91 here.®
The "darknets" were looking a even darker today. WinMX spent the day offline and eDonkey has closed its New York office, Reuters reports. Both P2P file sharing networks WinMX and eDonkey are bearing the brunt of increased pressure on companies who encourage copyright infringement. While the US Supreme Court's June Grokster ruling was widely misinterpreted in the popular inkies as signaling the death of P2P technology - it actually bounced the major issues back down to the lower courts - the Court nevertheless frowned on companies who encourage infringement. "We hold that one who distributes a device with the object of promoting its use to infringe copyright, as shown by the clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties," wrote Justice Souter. Last week the RIAA sent seven letters to the networks, reportedly including BearShare, LimeWire and WinMX. WinMX was offline most of Wednesday, and Reuters also reports that eDonkey's New York office is closed. Earlier in the week Mashboxx was said to be in talks to acquire Grokster and turn into a non-infringing, legal network. Mashboxx's Wayne Rosso was briefly President at Grokster. It's clearly too early to say if eDonkey is a dead donkey. But with Mashboxx and "MSPs" gearing up to offer walled garden file sharing, and Ian "Freenet" Clarke promising new, untraceable P2P by the end of the year, the stage is set for the next act. ®
Siebel users concerned about the possible takeover of the CRM company by Oracle should sit tight and relax. So says a panel of JD Edwards and PeopleSoft users at the Oracle OpenWorld conference in San Francisco. Oracle presented four cherry-picked users to the press, who supplied a rosy view of the convergent roads towards Fusion, the paths that will blend all of the company’s CRM products into one. All agreed that their experience is good so fa,r but concerns for the future still exist. Mitch Myers, vice president of operations at F W Murphy, admitted that his initial concerns were that the PeopleSoft and JD Edwards acquisition would require a massive migration to Oracle. This has not been the case and the gentle migration to Fusion that Oracle now offers is an attractive proposition, he said. Some fears still exist because of Siebel’s leading role in the CRM market. Users are worried that this will influence the shape that Fusion will take. “The ability to customise the product is probably one of the biggest areas of concern. We chose JD Edwards over Siebel because it seemed more flexible. Our worry is whether Oracle will keep this flexibility in the toolset – and I know others share this concern,” Myers said. Phil Walton, group director of information technology at Spirent Communications, a user of both JD Edwards and Siebel, agreed with him, but added that he does not feel rushed to move from JD Edwards now that Oracle has announced a long-term support option for all of its CRM offerings. Lifelong support is a new licensing scheme but Oracle has yet to say what the premium will be. Walton advises other Siebel users to sit tight, ignore the flood of calls from competitors and to judge Oracle on its actions. “A year on from the merger, we are just beginning to see the benefits of the acquisition,” he said. ®
BT looks set to reveal the identity of its new Access Services Division (ASD) today as part of a regulatory settlement with Ofcom. Details of the new organisation - which will be staffed by around 30,000 workers - are to be revealed today along with the organisation's name and new livery. BT agreed to create the ASD as part of a deal with Ofcom not to press ahead with an investigation that could have led to the enforced break-up of BT. Instead, the ASD - or whatever its name is - will provide telecoms access products such as line rental and local loop unbundling (LLU) on an "equal basis" to all telcos including BT Retail. In the past, rival operators have argued that BT Retail - which has some 18m phone customers - was given preferential treatment by other parts of the BT organisation at the expense of others. Under the new regime all telecoms operators will have access to the same products, prices and back office processes "to ensure all providers are able to order, install, maintain and migrate connections for their customers on equal terms". The move is seen as key to increased competition in the UK's telecoms sector. ®
Fraudsters have hijacked the identity of a firm owned by billionaire businessman Philip Green. Crooks changed the registered address of a property company the BHS boss runs with his mother to order goods on credit and run up bills under an assumed identity. The ruse takes advantage of a flaw in the Companies House registration scheme highlighted by The Register in February. The offices of Green's company, Langley Road Investments, were moved from the offices of an accountancy firm to a flat on a council estate in Harrow last December, the Mail on Sunday reports. Its unclear how much crooks made through the scam, which only came to light last month after crooks attempted to swap the address back to its original location in a bid to avoid detection. Police are reportedly investigating the fraud. Green - who has amassed a fortune estimated at £5bn through investments in retailing and other businesses - made an unsuccessful bid to take over Marks & Spencer last year. Speaking about Langley Road Investments, a source close to Green told The Mail of Sunday: "There was a problem about six months ago with the address being changed. Philip is not involved in the company other than being a director." ®
Oracle's chief executive has ruled out any more major acquisitions for the next year, as he tries to grow the database and application giant's annual revenue to $30bn. Larry Ellison told OracleWorld that the break would provide time to assemble the pieces of various companies' technologies and business Oracle has acquired during the last year's $18bn shopping spree, which started with PeopleSoft. This attempt to assemble an integration portfolio could, for example, see a downplaying of recently acquired Siebel Systems' Project Nexus for Oracle's Project Fusion. Nexus was designed to make Siebel's software more interoperable. Ellison believes he can more than double Oracle's long-term revenue while maintaining a 40 per cent operating margin through the acquisition strategy. "In order to grow at this pace, there'll have to be a couple more acquisitions along the way," Ellison said. Ellison was speaking during a year that has seen Oracle snap up companies at an unprecedented pace. Since PeopleSoft, Oracle has bought companies spanning niche and specialized technologies, vertical sector expertise and business software. His comments appear to rule our any more big-ticket deals, like another PeopleSoft or a Siebel - Oracle's two biggest ever purchases. It does not, though, seem to rule out the kinds of smaller deals that have come to dominate this year. As such, Ellison ruled out acquisition of fellow enterprise infrastructure software vendor BEA Systems, a deal Ellison himself once floated as a possibility. Commenting on BEA, Ellison said: "BEA was very high on our list, but they are less interesting to us than they use to be." Instead, the focus seems to be on business applications and a determination to surpass enterprise resource planning (ERP) giant SAP as the world's largest maker of business applications. That competition saw Oracle scuffle with SAP for ownership of retail software specialist Retek earlier this year. Ellison said he expects increased competition in applications, especially from hosted vendors Salesforce.com and NetSuite and from Microsoft, who recently committed itself to a hosted customer relationship management (CRM) offering. Ellison said he expects these companies to become "serious players." Oracle's chief executive raised the prospect of going head-to-head with Salesforce.com in the wake of buying Siebel's OnDemand business. "We want to go after Salesforce.com as much as we can," Ellison said. "I am an investor in Salesforce and I want to see my investment go to zero." ®
Let's face it, there's sad (unemployed man, station platform, notebook, trains); sad (Linux programmer, darkened room, slice of pizza, Natalie Portman website); and the following, which has redefined the sad paradigm for all time: Thought you might be interested in the picture at the top of this page: http://www.microsoft.com/hardware/default.mspx Looks like its creating a bit of a stir/confusion accross a few forums as alot of people seem to think the womans top is see through and it is showing nipple. No, no don't click on the link - there's no time. Here's the pic: Well, lovely as the young lady is, we can't for the life of us spot any hot nipple action in there. God alone knows we tried, including advanced image enhancement techniques: Of course, it's entirely possible that once Steve Ballmer found out that some brunette was flashing her jugs on MS Hardware, there was a bit of hot flying chair action - accompanied by some choice f**king language - until the offending teats were airbrushed from history. Who can say? Yup, sad doesn't even begin to describe it, and barely does justice to the sight of a baying mob of Reg hacks crowded round a monitor eagerly debating whether or not the slight shading on the mams in question was in fact aereolal activity. We are, of course, suitably ashamed of ourselves. ®
Education technology supplier RM has won a £37.5m, five-year contract with the Scottish executive to set up a national education intranet, dubbed the Scottish Schools Digital Network (SSDN). The SSDN will be accessible not only to teachers, but to each of Scotland's 32 councils, 3,000 schools, and 750,000 pupils in Scotland. The network is designed to offer everyone better access to educational resources. It will host educational content and other streaming media, provide online workspaces and a managed teaching and learning environment, the Scottish Executive says. Peter Peacock, Scottish Executive Education Minister, said that investment in technology in schools was transforming learning and teaching. "I am determined to see that continue. This project is a hugely exciting development for Scottish education and one which sees Scotland leading the world." Every pupil in Scotland is expected to be connected to the network within three years. ®
The Mozilla Foundation's Firefox browser successfully took market share away from software giant Microsoft's Internet Explorer over the past 18 months, but has found that popularity comes with growing pains. When Microsoft fixes problems, the public generally doesn't know about them. For Firefox, the nature of the process means that we know what gets fixed. Critics of the open-source Firefox browser took its security track record to task this week after a biannual Internet security report noted that the application had almost twice as many vulnerabilities as Internet Explorer in the first half of 2005, with a higher fraction of those flaws being severe. "Mozilla's popularity has gone from almost zero to double digits, so they have had to deal with a lot of sudden attention," said Mikko Hypponen, chief research officer for antivirus firm F-Secure. "Since Mozilla has become popular, people have been looking for more vulnerabilities." And researchers appear to be finding flaws with greater frequency. In the first six months of 2005, the Mozilla family of browsers had 25 vulnerabilities, with 72 per cent rated as high severity, according to the Internet Security Threat Report released by Symantec this week. During the same period, Microsoft's Internet Explorer had 13 confirmed vulnerabilities, with 62 per cent rated as high severity, the report said. Symantec is the parent company of SecurityFocus. That poses a problem for the open-source browser's security image. Much of the popularity of the Mozilla Foundation's Firefox has been built on the browser being a secure alternative to Microsoft's Internet Explorer. In June 2004, a pop-up toolbar's ability to infect computers when their users browsed a malicious website with Internet Explorer gave Firefox additional momentum to start claiming market share from Microsoft's well-known browser. Mozilla's browsers accounted for almost seven per cent of popular web traffic as of May 2005, the most recent data available, according to analytics firm WebSideStory. While the developer of Firefox, now known as the Mozilla Corporation, has also attributed the browser's success to its ease of use, security has always been a way for the application to stand apart from the perceived problems of Microsoft's browser. For example, the Mozilla Foundation still carries a quote on its website from a USA Today article lauding the security of Firefox. The Mozilla Corporation is the commercial subsidiary of the non-profit Mozilla Foundation responsible for developing and marketing Mozilla products. Now, the picture has been turned upside down: After some high profile vulnerabilities were found in the browser earlier this year, some security experts questioned whether the Mozilla Corporation could claim that Firefox is more secure than Internet Explorer. With the latest data showing that Microsoft has cut the number of publicly disclosed flaws while the number of vulnerabilities in Firefox climbs, open-source developers may have to find new metrics to compare the browsers. "The high level, from our perspective, is that it's hard to make any sort of apples-to-apples comparison," said Chris Beard, head of products for the Mozilla Corporation.. "But we believe our process works and we are the safest browser around." Microsoft's tendency to roll up patches for Internet Explorer could decrease the apparent number of vulnerabilities, while the open development process of Firefox could inflate its vulnerability count, Beard contended. On Wednesday, the Mozilla Corporation released a new version of the browser fixing two serious security issues. The researchers at Symantec agree that the data does not show the whole picture. "There is no easy way to compare (Firefox and Internet Explorer), because Microsoft is really a black box," said Oliver Friedrichs, senior manager for Symantec's Security Response. "When Microsoft fixes problems, the public generally doesn't know about them. For Firefox, the nature of the process means that we know what gets fixed." A Microsoft representative was not made available for comment. Growing pains Other issues suggest the Mozilla Corporation, which spun off from the non-profit Mozilla Foundation last month, might be encountering other growing pains as well. Recently, one researcher who found a flaw complained that he didn't like the response from the Mozilla Corporation - and outed the details of the vulnerability to punish the developers. Tom Ferris, an independent security consultant in southern California, found a flaw in Internet Explorer and a different flaw in Mozilla's Firefox browser within weeks of each other. With the Internet Explorer flaw, Ferris publicized the existence of the vulnerability but withheld all significant details. However, for the Firefox issue, he made public the flaw and enough detail that vulnerability researchers were able to reportedly exploit the issue. The difference in how he handled the flaws was driven by how he was treated by each development team, Ferris said. While Microsoft and the Mozilla Foundation responded quickly, the Mozilla security group seemed to be hesitating on paying him a bounty on the bug he found, Ferris claimed. "I never thought that the Mozilla Foundation would push me around," he said. "That is something I would have expected from Microsoft. I am not a Microsoft zealot, but they were much more responsive." Yet, Mozilla developers contradict Ferris's reading of their intent and maintained that the incident was an isolated problem, not a trend in developer relations. "We need time to investigate and understand the issue before we can determine whether it does qualify for the bug bounty," said Mike Schroepfer, director of engineering for the Mozilla Corporation. "Our priority in these cases is to investigate the issues and work with the security team to develop fixes first." More than ever, the Mozilla developers are now in a race against those that would use the vulnerabilities against their products, said F-Secure's Hypponen. The only real, if not practical, solution for security-conscious users may be to ditch the popular applications and use software that is not so cool, he said. Hypponen pointed to the early 1980s, when virus writers created their first malicious programs for Apple's Macintosh computers. At first, Windows seemed safe from viruses, then the popularity of Microsoft's operating system made that the most threatened platform, while the Macintosh - and most notably, Mac OS X - has seen hardly any viruses in the past decade. "If you run a Mac right now, you don't need antivirus," Hypponen said. "If you want to be safer, you should be using software that other people are not using." Copyright © 2005, SecurityFocus
The opening passage to True Names, a novella written by noted science fiction author Vernor Vinge nearly 25 years ago, delivers an eerily prescient summary of modern Internet usage. "In the once upon a time days of the First Age of Magic, the prudent sorcerer regarded his own true name as his most valued possession but also the greatest threat to his continued good health, for - the stories go - once an enemy, even a weak unskilled enemy, learned the sorcerer's true name, then routine and widely known spells could destroy or enslave even the most powerful." Criminals pursuing identity theft, phishing scams, and spam rings are running rampant on the internet. Just a few years ago our major concerns were more to do with securing servers and avoiding virus outbreaks. Now anonymity and protecting one's information has become paramount. Anonymity on the Internet is a heated subject. It's also amazing the cross section of interested parties, too. We have the old-school cypherpunks, and the hacker community on both sides of the law. There are teams of lawyers, and of course, governments everywhere trying to protect the average person's anonymity and privacy. And then we have the average internet user himself, bombarded with alerts and warnings but is unsure what he should do. If you ask me, the problem started with Caller ID. All joking aside, this now ubiquitous technology really opened our eyes at the time to the concepts of identity and location. Fast forward past all the war-dialing and the insecure, open networks of yesteryear. With pervasive broadband access, one's IP address is virtually his Caller ID. It begs the question: is anonymous internet usage even possible? The answer of course is, it depends. IP spoofing I wrote a SecurityFocus article on IP spoofing over two years ago, and to this day I still get many emails about it. It causes a lot of confusion, especially for non-technical users because the casual term "IP spoofing" seems to imply a technique that hides one's IP address. As we know, this isn't the case. It's relatively easy to modify the bits of an IP packet encapsulating some other protocol, specifically the source address. However, this also means the modifier cannot receive a response, since a fake source address is used. Therefore, IP spoofing cannot be used to effectively protect one's identity on the Internet. It works wonders for attacks like Denial of Service floods and passive fingerprinting techniques during network scans, but doesn't add much to our debate on anonymity. Proxies and chaining One of the most popular methods for protecting an identity would be the use of a proxy. A proxy is something that acts as a buffer for communications between two machines. Many companies use web proxies to monitor employee access, filter restricted content, improve performance via caching and protect the internal network. These might be transparent proxies, where the user does not even know their content is being watched. Virtually any network application, such as the web, FTP, SSH or email can communicate through a proxy. Several companies sell anonymous proxy services, primarily for web surfing, aimed at people looking to obscure their identity without the hassle of setting up and maintaining a server. There are also several free proxies open to the public, generally geared towards privacy groups. However these machines tend to be unstable, slow and are constantly changing. The catch-22 with any proxy are the log files. While the destination machine never sees the client it is truly interacting with, the proxy certain does and records this interaction in a log file. Several commercial companies and the public proxies promise anonymity and claim to destroy log files, however, it's nearly impossible to guarantee or verify such claims. And there have been multiple instances of court orders issued for proxy logs that were supposedly destroyed. Taking this approach further, many people employ proxy chains, using multiple proxies that further obscure their identity. Instead of a single proxy, they might use six, each one making it increasingly more complex to trace back. This approach is as old as the Internet itself, but it's still quite effective. It's very similar to a cracker who might have shell accounts on a dozen compromised machines. He logs into machine 1, then connects to machine 2 and so on, until he is using a shell 12 links down the chain. Such chaining techniques make it extremely difficult for investigators to determine the true identity of an end user. Malicious hackers often employ chains spanning several countries, using the differing legal complexities of various nations to create an impenetrable wall of red tape. Even with a legal army and the government on your side, tracing an attack through such a maze is a nearly impossible task. Onion routing The next generation of privacy and anonymous services lies in a concept known as onion routing. Combining aspects of proxies, peer-to-peer networking and encryption, onion routing looks to create a method for virtually any application to communicate securely and anonymously via the internet. Conceived in 1996 and now in its second generation of design, the most popular implementation of the onion routing concept is Tor. Initially funded by the US Navy, it works as follows. An initiator obtains a list of nodes via a centralized server. A path to the destination is randomly generated, and each server in the path only knows where the request came from and where it is going. Individual encryption keys are negotiated at each point. The beauty of the Tor design is that the content, source and destination of a message are protected at all points in the link. No single machine can see beyond where it received a message from and where it is forwarding it to, it can only peel away one layer - hence the term 'onion' routing. Someone analyzing the traffic could only acknowledge that communication is taking place, but what or between whom remains completely protected. It's extremely difficult to track someone using Tor. The problem with Tor is that complaints about performance are common. I'm not sure how usable it is for regular surfing because of this, and of course it might be rendered ineffective by sites that use free IP-to-country filtering, if the site is extensively filtering by country and the final node in the routing list is in a banned country. But this is unlikely for most sites, and since the project is still relatively new it should scale to handle increased bandwidth as more people offer up their computer resources so that nodes come online. Unfortunately, many ISPs would seek to restrict such usage from their customer accounts. Wireless access My favorite way to stay anonymous is also one of the easiest – simply by using unsecured wireless hotspots. They're everywhere. They're useful and convenient in coffee shops and restaurants for people doing legitimate work, but honestly if someone wanted to attack a network or communicate anonymously (although not necessarily securely), this is the easiest way. A quick drive through virtually any metropolitan area will reveal hundreds of open networks, some by design, others by negligence. The majority of these networks operate using inexpensive SOHO routers with minimal logging capabilities, and they are virtually never monitored. The only real identifying component would be a MAC address. Why is privacy important? A vocal minority always claims that one must be doing something wrong if he prefers to remain anonymous. That's most often not the case and it troubles me when people employ such reasoning. There will always be those who abuse certain privileges or liberties, but those few cannot ruin an entitlement for the rest. There are many factors why privacy is important. First there are repressive governments that forbid access to certain sites, censor the internet, and then track users who show interest in particular topics. There are people who want to tell the truth without fear of repercussion, such as corporate whistleblowers and bloggers. There are intelligence needs, in both corporate and government sectors. But most importantly, we live in an age where our names, social security numbers, phone numbers, dates of birth, buying habits, credit reports, demographics and surfing tendencies are traded like commodities amongst big companies. We all knew this day was coming, the information age has been upon us for some time. But even in these digital times, it remains our right to protect our privacy, our identities, our true names. Copyright © 2005, SecurityFocus Matthew Tanase is president of Qaddisin, a services company providing nationwide security consulting.
Intel has sacked up to 250 workers in India after alleging they fiddled their expenses claims, reports from the sub-continent suggest. According to a story in the Times of India yesterday, the firings followed an internal audit of expenses claims. The report implies bad employee practices like "faking bills to claim your allowances like conveyance [and] drivers’ salaries" are endemic in Indian business, but Intel, for one, isn't having any of it, and has for the past few months been monitoring expense claims. The probe was conducted as part of Intel's internal Business Practice Excellence programme, an initiative put in place in 2003 to keep the chip giant's corporate nose clean in an era of ever-greater public scrutiny of big business' behaviour. One element of the programme Intel stresses is employee rights, but clearly it believes they come with responsibilities too. Hence, it seems, the clamp-down in India. The investigation may have lasted for months, but the lay-offs appear to have taken place unexpectedly. "It was like they are working with us one day, and are suddenly not there from the day after," one employee told the paper. ®
BT has promised never again to engage in the kind of behaviour that "restricts competition" and "discriminates" against its competitors. The "legally-binding undertakings" - 230 of them to be exact - form part of a regulatory settlement with communications watchdog Ofcom. Had BT and the regulator failed to reach agreement it could have led to the break-up of BT. Instead, the deal is being billed as a new chapter for the UK's telecoms sector and should help create a level playing field for telcos in the UK. Announcing the deal today Ofcom said that BT "has agreed to substantive structural, product and governance changes, affecting both its current and future networks". If the regulator has got it right, BT should no longer be able to abuse its position as the UK's dominant fixed line telco at the expense of competition. Key to the new deal is the creation of a new access services division within BT called Openreach which will ensure that all telcos get equal access to BT's network. Ofcom is confident that the new separate division - which will provide access to the local loop, for example and be overseen by an independent body - will allow "all communications providers to gain real equality of access to critical BT infrastructure on fair and equal terms". The regulator also reckons this new set-up will encourage investment in infrastructure and promote innovations while leading to greater competition, lower prices and improved services. "After a full year of detailed consultation, Ofcom has accepted BT's commitments. The new management of Openreach and the Equality of Access Board must now deliver - and be seen to deliver," said Ofcom chief exec Stephen Carter. Today's settlement comes follows Ofcom's strategic review of the UK's telecoms industry. Rival operators have long complained that BT Retail - which has some 18m phone customers - was given preferential treatment by other parts of the BT organisation at the expense of others. They also complained that BT dragged its feet over the introduction of new technologies. In a report published in the summer Ofcom highlighted some of those concerns. "Ofcom suspects that competition is being restricted in markets for the supply of wholesale access and backhaul network services in the context of electronic communications in the United Kingdom and on directly related downstream retail markets," it said in one document. Another said: "Ofcom believes that the combination of ... upstream market power and vertical integration provides BT with both the ability and the incentive to discriminate against its downstream competitors, who are also its wholesale customers. "Moreover, Ofcom suspects that BT may have engaged in conduct which has had the effect of restricting competition." ®
HM Revenue & Customs has apologised to investment management firm UBS Laing & Cruickshank for the disappearance of a computer disc containing details of some of the company’s Personal Equity Plan investors, according to the BBC. Details stored on the CD included names, addresses, account numbers and PEP values. It was sent to HMRC in late April and outsourced for processing to a contractor, but has now disappeared. HMRC has apologised for the loss. The number of investors affected is unreported although they have been notified by UBS Laing & Cruickshank. The disclosure follows a string of high profile privacy breaches in the US, including the loss in transit of computer back-up tapes holding information on up to 600,000 Time Warner current and former employees, and the disappearance of backup tapes containing the credit card information of 1.2 million federal workers by Bank of America. Copyright © 2005, OUT-LAW.com OUT-LAW.COM is part of international law firm Pinsent Masons.
The European Commission this week adopted a proposal for a Directive on the retention of communications traffic data that would see internet data held for six months, phone data held for one year, and ISPs and telcos compensated for their compliance costs. But the proposal has tough competition: it needs the support of the European Parliament and Council of Ministers to become law – and the Council has its own plans for data retention, set out in a Framework Decision. The Council plan allows for data retention periods of up to three years and it could be adopted by the Council acting alone, without any debate in Parliament. An earlier version of the draft Directive – an “Interservice Consultation” version – had been leaked to lobby group European Digital Rights (EDRi) in July. EDRi posted that version online (16-page/2.2MB PDF). The Commission's information on the new version appears to reflect that leaked version closely. The Commission's proposal The proposal provides for an EU-wide harmonisation of the obligations on providers of publicly available electronic communications, or a public telecommunications network, to retain data related to mobile and fixed telephony for a period of one year, and internet communication data, for six months. The proposed Directive would not be applicable to the actual content of the communications. It also includes a provision ensuring that the service or network providers will be reimbursed for the demonstrated additional costs they will have. Commission Vice President Franco Frattini, responsible for Justice, Freedom and Security, said: “This proposal is a very balanced and constructive one, which takes account of the fundamental rights to security, to a private life and protection of personal data, as well as different interests, in particular those of law enforcement authorities and communication providers.” He pointed out that EU citizens expect the three EU institutions to work jointly on this sensitive but important issue and to form a united front in the fight against terrorism and organised crime. He added: “I am dedicated to working on a co-decision basis with the European Parliament and the Member States in the Council, and in particular its UK Presidency, to try to reach an agreement on this issue before the end of this year – counter terrorism effectively requires that we have no time to loose.” The proposal was developed in full agreement with Commissioner Viviane Reding, responsible for Information Society and Media. “The Commission proposal now puts data retention rules on a sound legal basis, ensures the full co-decision of the European Parliament and limits the data retention periods to the extent absolutely necessary," she said. "In contrast to the text at present discussed in the Council, the Commission proposal in particular requires that all additional costs for the industry, which are proven to have been caused by data retention obligations under the new Directive, will have to be reimbursed.” Law enforcement agencies can use communications traffic data to identify associations between persons and events by time and location. The tragic events of Madrid in March 2004 and London in July 2005 and the investigations that followed have driven the demand for data retention. Squaring data retention with data protection The Commission says its proposal balances the needs of security services with fundamental rights and applies "solid data protection rules". To protect citizens’ fundamental rights and freedoms, and in particular their privacy and personal data, Community law currently provides for the deletion of traffic data once it is no longer needed for the purpose of the transmission of the communication. However, some may be kept and further processed by service and network providers for their own business purposes such as billing or with the consent of the consumers. Beyond these business purposes, "public order" purposes can also be invoked to justify the further processing of traffic data. This is why public authorities in the Member States are in principle, if necessary and in accordance with applicable law, able to request access to traffic data stored by electronic communications operators. Legitimate requests for the retention of specific data – otherwise called data preservation – are also allowed when necessary for specific purposes, such as investigations and prosecutions. Data preservation ensures the onward storage of specific data on specific users as from the date of the request. However, with changes in business models and service offerings, such as the growth of flat rate tariffs, pre-paid and free electronic communications services, traffic data may not always be stored by all operators to the same extent as they were in recent years, depending on the services they offer. This trend is reinforced by recent offerings of Voice over Internet Protocol (VoIP) communication services, or even flat rate services for fixed telephone communications. Under such arrangements, the operators would no longer have the need to store traffic data for billing purposes. If traffic data are not stored for billing or other business purposes, they will not be available for public authorities whenever there is a legitimate case to access the data. In other words, the Commission considers that these developments are making it much harder for public authorities to fulfil their duties in preventing and combating crime and terrorism, and easier for criminals to communicate with each other without the fear that their communications data can be used by law enforcement authorities to thwart them. The responses of Member States so far To respond to this concern, a number of Member States have adopted, or plan to adopt, national general data retention measures. Compared to data preservation measures, which are targeted at specific users and for specific data, general data retention measures aim at requiring some or all operators to retain traffic data on all users so that they can be used for "public order" purposes when necessary and allowed. The need to take legislative action in this area at the European level has been confirmed by the European Council in its Declaration on Combating Terrorism of 25 March 2004, adopted shortly after the tragic events in Madrid on 11 March. In that Declaration the European Council explicitly recognises the importance of legislative measures on traffic data retention, through its instruction to the Council to examine measures in the area of “proposals for establishing rules on the retention of communications traffic data by service providers”. The European Council Declaration continues to state that: “Priority should be given to proposals under the retention of communication traffic data ... with a view to adoption by June 2005”. The priority attached to adopting an appropriate legal instrument on this subject was recently confirmed in the Conclusions of the European Council of 16 and 17 June, as well as at the special JHA Council meeting of 13 July 2005 following the London terrorist bombings. The issue of retention of traffic data has initially been dealt with in a draft Framework Decision, submitted in April 2004 as an initiative of France, Ireland, Sweden and the UK – which is a so-called third pillar legal instrument. Issues of common security and defence policy can be decided under the third pillar – without the need for majority voting. Today’s patchwork The data retention regimes introduced or planned by the Member States vary significantly in scope, their purposes, the data to be retained, the duration of the retention, the reimbursement possibilities and the conditions for access to the data. There is at present therefore a patchwork of national data retention obligations in Member States, which can be summarised as follows: A majority (about 15 according to 2004 figures) of Member States at present do not have mandatory data retention obligations; In about half of the Member States with mandatory data retention obligations laws in place, data retention is not operational since implementing measures are still missing; In those Member States with data retention obligations in operation, the period (between three months and four years) and scope vary substantially e.g. just pre-paid mobile, not the internet, all services etc. The current situation is therefore one which is unsatisfactory in terms of addressing the concerns voiced by the European Council, and in terms of addressing the consequences of the diverging measures adopted by Member States for the effectiveness of international law enforcement co-operation, as well as the consequences for telcos and ISPs, especially those who provide services in different Member States of the European Union. The Commission’s position has been that the largest part of that Framework Decision – the part concerning obligations on providers to retain certain traffic data – should be adopted on a first pillar legal basis (learn more about the pillar structure). This position has also been adopted by the Legal Service of the Council and by the European Parliament. How the Commission’s proposal differs from the Council’s text The Commission says its proposal "has taken account to a significant extent of the work done by the Council on the draft Framework Decision, especially as far as the categories of data to be retained are concerned." But it differs from the draft Framework Decision in a number of important areas: Unlike the draft Framework Decision, the draft Directive proposes harmonised retention periods of one year for fixed and mobile telephony data, and six months for IP based communication data. The Framework Decision sets a minimum term of retention for all data categories of one year, but allows for possible exceptions to this for periods between 6 and 48 months; Unlike the draft Framework Decision, the draft Directive foresees a provision which obliges the Member States to compensate the electronic communication services providers for additional costs incurred as a consequence of the retention obligation; Unlike the draft Framework Decision, the draft Directive foresees a Comitology procedure for amendments to the list of data to be retained, providing for the flexibility needed to ensure that the instrument stays up-to-date in a rapidly changing technological environment; Unlike the draft Framework Decision, the draft Directive foresees the collection of statistics on cases in which data was requested, as well as an evaluation of the instrument and its impacts, taking account of those statistics. Neither the draft Framework Decision nor the draft Directive are applicable to the content of communications. Also, in both texts internet related data to be retained are limited to email and IP-telephony data – which means that no data on web pages visited will need to be retained. The Comission's proposal will follow the co-decision procedure with full involvement of the European Parliament, and consultation of the Economic and Social Committee and the Committee of the Regions. Copyright © 2005, OUT-LAW.com OUT-LAW.COM is part of international law firm Pinsent Masons.
BT has released details of its new network division which will provide equal access to its phone network. BT Openreach, as it's called, will employ 30,000 people including 25,000 engineers and comes into operation in January 2006. In a bid to keep it separate from the rest of BT it will also have its own HQ and brand identity. Once set up, Openretch will have assets of around £8bn and revenues of more than £4bn making it "comparable in size to some FTSE 100 companies". Said BT Overreach boss Steve Robertson in a statement: "The local BT network is one of the UK's most important assets and my role is to ensure everyone has equal access to it." The creation of BT Ovenready is part of a regulatory settlement with Ofcom. By avoiding the threat of being broken up, BT has instead agreed to "substantive structural, product and governance changes, affecting both its current and future networks". ®
Intel has ditched plans to upgrade the cores that comprise its Pentium Extreme Edition 840 processor, company documents seen by The Register reveal. As planned, the dual-core Pentium D 820, 830 and 840 processors will get the core update, dubbed 'B-0', the documents show. However, while B-0 830s and 840s will be available from 21 October 2005, the updated 820 will not now ship until 3 March 2006. The document doesn't say why. The reason for the decision to abandon the PEE 840's core upgrade is said to be "healthier than expected production yields on our Extreme Edition component". Presumably, it has enough of the chips in stock, it doesn't need to punch out too many more - or not enough, at least, to warrant going through the process of introducing a new core. The document doesn't specify what changes the B-0 core stepping makes, but it's likely to involve making the chips compliant with European Reduction of Hazardous Materials (RoHS) regulations and upgrading their 64-bit support to improve EM64T's AMD64 compatibility. Over the last month, Intel has posted notifications that it will update the cores of Pentium 4 and Xeon DP processors from the E-0 stepping to the G-1 stepping to incorporate RoHS compliance and to add AMD64's LAHF and SAHF instructions. Separately, Intel has told customers it is culling the Pentium 4 561 and 571 from its product line-up. It only launched the chips in June, but come 21 January 2006, customers will no longer be able to order the parts. June's 5x1 update added EM64T support to the P4 5x0 family. The last 561 and 571 chips will ship on 16 March 2006, in tray-packed batches, or 21 April 2006 for the retail-oriented boxed packages. Intel said it was dropping the chips because demand has shifted to other Intel processors. ®
Virus writers have created a Symbian Trojan which also attempts to infect a user's Windows PC if he tries to read a phone memory card on his computer. Cardtrap-A targets Series 60 Symbian devices and spreads via either Bluetooth or by tricking users into downloading and executive hostile code from the web. After infecting a Series 60 smartphone, Cardtrap-A copies two Windows worms (Padobot-Z and Rays) to the memory card of the phone in an attempt to hop across onto other devices. Padobot-Z is copied with autorun.inf file in a bid by VXers to make it run automatically if the card is inserted into a Windows PC. Rays attempts to masquerade as the System Folder in an attempt to trick users into executing the hostile code. There are much easier ways to infect a Windows PC and its doubtful whether the Padobot-Z infection route will work atall since Windows generally doesn't support autorun from a memory card. In most respects Cardtrap-A is an unremarkable Symbian Trojan whose significance lies only in illustrating the emergence of new hacker tactics. "The goal of the Trojan is most likely to cause user to infect his PC when he is trying disinfect his phone," writes anti-virus firm F-Secure. "A typical reaction of more advanced user who would encounter Trojan like Cardtrap, would be to insert the phone memory card to PC to copy file manager or disinfection tool to the card. Only this time a careless user might to get his PC infected in process." ®
UK music industry organisation the BPI has launched an application to help computer users sniff out any of that nasty P2P software that might have sneaked its way on their hard drives, along with any unauthorised media files that might have appeared too. The tool, dubbed Digital File Check, is described as "a simple educational tool that aims to assist computer users... [learn] how they, or their families, colleagues and friends, can enjoy music and film legally and responsibly without risking legal action by copyright holders". DFC "identifies and easily uninstalls or blocks" P2P software. These applications, the BPI claimed, can "slow or damage your PC and can be used to illegally trade files". It will also search for and "remove any music, movie or image files that may have been copied or distributed without your permission or that of the copyright holders". DFC was developed by Danish developer DtecNet, which specialises in anti-piracy software, and implemented by the International Federation of the Phonographic Industry (IFPI). Alas, IFPI's code only runs on Windows, so Mac and Linux users will have to continue using their preferred systems without knowing whether P2P software, which of itself is not illegal, has been installed on their hard drives. As such, we couldn't run the app to see how well it distinguishes between content we own but is encoded in a DRM-free format and what the software believes to be an illegal download. DFC is essentially being pitched at parents who want to check Junior's hard drive and company IT departments who might want to audit employees' PCs for illegal copies of music and movies. It's hard to see anyone else running it. If you want to try it out, you can get it here. The BPI said no information gathered by the software is sent to anti-piracy agencies. We'd argue it's all a bit silly really. People know downloading certain songs from Kazaa, eDonkey etc isn't kosher, any more than copying a chum's CD is. The music industry would better direct its efforts at shutting off the supply at source, which since the Supreme Court rejected Grokster's defence, at which it seems be having some success. Anyone who needs DFC is likely to be among those least likely to run it. Separately, the BPI said it had published a booklet, also produced by IFPI, which will be mailed to IT managers in Britain's biggest companies warning them about the dangers of letting employees access P2P services from their work machines. The BPI claims illegal file-sharing cost the UK music industry £654m in 2003 and 2004. Like the Recording Industry Ass. of America (RIAA), it has been pursuing alleged file-sharers through the courts, initiating legal action against 88 UK Internet users so far. Some 60 have settled out of court, coughing up £2000-6500 in compensation. ®
When Steve Ballmer yelled at a departing Microsoft employee that he would “kill Google” we had no idea just how direct a method he had in mind. Buying all or part of AOL may be the first part of the master plan, as Google relies heavily on the advertising pages that come from Yahoo!, since it now syndicates its search to Google. One estimate suggested that Google would lose as much as $380m of advertising revenue if AOL dropped its search engine and took on MSN's. That would cut Google’s profit by something like 25 per cent, potentially giving its huge share price something of a tumble. No wonder Google is thought to be entering the bidding to partner with Time Warner on AOL instead of Microsoft. However, the move by Microsoft could still potentially backfire, although with its cash mountain you would expect it to win the day. Google only chance is to paint a sufficiently rosy future picture to Time Warner’s management about what kind of outcome there would be for an AOL partnering Google, then perhaps a lot more than that $380m could be saved. For instance the new physical fiber network that Google is believed to be in the process of putting together, be used to transport more than just voice, advertising and wi-fi traffic. This could also become a conduit for video services, providing another route to market for the remainder of Time Warner’s content? Could the Google Video search capability index all of Time Warner’s precious content and give it another lease of life? It’s too late for the Google Talk VoIP service to go out to all the AOL customers because AOL has launched its own complete VoIP package service. The AOL Time Warner merger had some original logic and perhaps a company as imaginative as Google could make that logic work. On the other hand Microsoft in June 2003 paid Time Warner $750m, mostly in settlement of legal disputes, from when AOL inherited the complaints of Netscape when it bought that company right in the middle of the Microsoft anti-trust trial. But the deal also gave AOL rights to use certain Microsoft tools and the two said that they would collaborate on long-term digital media initiatives, some of which they are well into. That agreement was certainly not a mere settlement of differences but included the Free use of Internet Explorer by AOL for seven years, collaboration on Windows Media player and DRM software and early access to Microsoft technology for AOL. And since then the two companies, Time Warner and Microsoft, have become almost inextricably interlinked, working together on standards and buying into companies like ContentGuard together. So Microsoft must be ahead on this deal as it comes to the table and has the money to tempt Time Warner. The New York Post has been painting the deal as if it was a 50-50 partnership, with Microsoft buying half of AOL with other statements suggesting that the deal is nothing like that adventurous and is just a form of marketing co-operation. Yahoo! also has time to throw its hat in the ring, and discussion between it and Time Warner has also been reported. AOL has been losing subscription customers rapidly, which is why it recently switched its business from purely subscription based to increasingly advertising-based. Copyright © 2005, Faultline Faultline is published by Rethink Research, a London-based publishing and consulting firm. This weekly newsletter is an assessment of the impact of the week's events in the world of digital media. Faultline is where media meets technology. Subscription details here.
In the space of one week, many of the P2P filesharing networks are on the verge of exiting the business either to offer a legal version with paid downloads, or selling up or simply closing up shop. If none of them have the stomach for a doomed legal fight, then by the end of the year millions of youngsters all over the world could be shut out from free music and the world order in piracy may be restored. It is unlikely that the public will be grateful for the outcome and it is yet to become clear just what effect, if any this will have on the fortunes of the recording labels and the films studios. A huge wave of resentment may hit them as the world’s youth are reluctant to return to traditional retail music channels. But if the Recording Industry Association of America (RIAA) wasn’t going to use the US Supreme Court ruling on P2P companies then what would have been the point of the Court going to the trouble of making the ruling. The US Supreme Court said that P2P companies are in breach of existing laws by encouraging the infringement of copyright. We said back in June that the Courts already had at their mercy both Grokster and Morpheus, but they still continue to trade, and this week the RIAA has finally slipped into gear after a long summer break and issued cease and desist notices to seven P2P operations, asking them to halt alleged “encouragement to illegally distribute copyrighted material”. The US Supreme Court basically said that existing laws on “encouragement” were sufficient to make a case against virtually all P2P operations. Crucially, because what the Supreme Court decision was not based on a law change, any behavior that was seen as encouraging people to breach copyright laws in the past, can still be raised retrospectively. The key fact at issue will be just what constitutes proof of “encouragement” and whether or not that is open and shut. Lower courts are likely to grant injunctions if they are asked, which shut the sites down, and worry about proof later. Although the RIAA did not name the seven, the top target must be eDonkey which is suddenly the most fashionable P2P and operations such as LimeWire, Kazaa, i2Hub, BitTorrent, WinMX and BearShare and their owners and authors, may all be hit similarly. Cease-and-desist CNET managed to get a copy of the letter which said “We demand that you immediately cease-and-desist from enabling and inducing the infringement of RIAA member sound recordings. If you wish to discuss pre-litigation resolution of these claims against you, please contact us immediately.” Almost immediately there are reports of hurried talks among the P2P community of how to continue. Many are thought to be considering conceding the point and turning themselves into paid download services, but this is likely to be fruitless, since the main benefit most of them offer are that they purvey their goods, whether music or film, completely free of charge, and it is likely that their customers will simply move on to any service that remains free, and largely illegal. Our guess is that some will go legit and others will now begin a merry-go round of moving offshore, being blocked from US viewing and then suing to be unblocked, which is likely to take up the next two years. Grokster is believed to be in advanced discussion with the RIAA over clearing its name and starting life as a legitimate service, and will now fall into the waiting arms of Mashboxx which will acquire the business as part of its own legal file-sharing service. Mashboxx and rival iMesh, both want to become the legal havens for ex-P2P filesharers and have made overtures to most of the other P2P companies. Mashboxx is understood to be paying a token amount for Grokster plus a share in future revenue from the sale of legitimate downloads and more similar deals are definitely under consideration. Both iMesh and Mashboxx will use technology that scans downloaded files and compares them with copyrighted files provided by record companies. If a user is trying to download a copyrighted file, the download will either be blocked or the user will be asked to pay for it. Mashboxx will let users download low-quality files for free, several times before making them pay, and iMesh is considering trying various models of free trials on a subscription service. It is clear that none of them will take over a P2P organization for very much money and not at all if an RIAA settlement is not pre-signed. Copyright © 2005, Faultline Faultline is published by Rethink Research, a London-based publishing and consulting firm. This weekly newsletter is an assessment of the impact of the week's events in the world of digital media. Faultline is where media meets technology. Subscription details here.
RSS maybe more commonly associated with millions of blogs, but Microsoft is preparing to take the popular XML technology a step further - into the enterprise. Microsoft's decision to put Really Simple Syndication (RSS) into the next edition of its Dynamics customer relationship management (CRM) software, for business users to easily access their freshest sales data, will be the tip of the enterprise iceberg. Microsoft is putting RSS into Office 12 so Outlook users can subscribe to feeds that are then fed into their email in-box. Outlook will users to search and store feeds in folders, apply rules, and pull feeds into other Office applications. Also getting the RSS treatment is SharePoint Portal, with document libraries and lists getting a corresponding RSS feed that users can subscribe to and receive as updates. "CRM is one of the first examples of how we see RSS unlocking data in the back end data systems," Amar Gandhi, Microsoft Internet Explorer group program manager, told The Register during a recent interview. Microsoft revealed plans to RSS-enable its CRM last week at the Professional Developers' Conference (PDC) Chris Caposella, vice president for Microsoft's information worker product management group, told software developers attending PDC Microsoft believes RSS would be transformed into a platform that embraces business applications. Turning applications like calendar and contacts into RSS feeds would help drive Microsoft's mission of integration between Office with back end servers and enabling more dynamic access to different types of data. "These applications [calendar and contacts] want to not only tap into the files they are asked to, but also into the store that the user is subscribed to and to then pick up that data," Gandhi said. Underpinning RSS-enablement of Microsoft's business applications is the fact Windows Vista, due in 2006, will feature an RSS store to suck-in and store feeds. According to Microsoft, putting an RSS store into the operating system will help foster innovation by companies currently shipping RSS aggregators. Gary Schare, director of marketing for internet platforms and security, said that Microsoft is taking care of the RSS plumbing, a move that will enable aggregators to develop value-added features like creating better search and watch lists. "We can focus on great ways to focus and present the data so user can manage the information. Aggregators don't have to build the RSS plumbing to pull down and mange the feeds and make sure you don't run out of disk space," he said. ®
Maxdata, the German PC maker, expects to lose a seven figure (euro) sum for the full year, after posting a loss in Q2. According to reports, the company forecast a full-year profit of €5m as recently as July. In its Q2 earnings statement (pdf), the firm reports a big increase in sales volumes, but a big fall in average selling prices. It also notes weak demand in its German home market, but it still expects sales of €700m in 2005 (2004: € 660m). In the UK, Maxdata is probably best-known for its Belinea range of monitors. ®
ReviewReview Panasonic has been making notebooks for a long time, but you may not have come across the Toughbook brand before. The reason for this is that Toughbooks tend to attract a buyer who is more concerned with durability than design and performance. To get an idea of who the Toughbooks appeal to, next time you see a BT engineer working on a junction box in the street, take a look over his shoulder. It's a near certainty that he'll be working on a Toughbook, writes Riyad Emeran.
British Midland and TAP Air Portugal will permit passengers to use their mobile phones in the air next year, the two European airlines said this week. Both companies will use base-station technology developed by OnAir, the Airbus-backed rival to Boeing's Connexion. OnAir uses pico-cell base-stations from Siemens, coupled with software from TriaGnoSys. The kit will be installed in 2006 with a view to commencing a trial service late in the year. Initially, only a couple of aircraft will be equipped with the system. TAP will use OnAir on its single-aisle Airbus 321, and BMI on the Airbus 320. The target market for BMI will include business and leisure travellers to its destinations in Europe out of London's Heathrow, including Manchester, Belfast Edinburgh, Paris and Amsterdam. Travellers can use all GSM and GPRS handsets, including Blackberry devices. However, there are a couple of restrictions. Passengers can use their phones only from 10,000ft - they will still not be able to use wireless devices during take off and landing. Charges have yet to be determined, but rates will be in line with current international roaming charges, OnAir said. ®
Distie round-upDistie round-up Ingram Micro is to distribute Good Technology push email software for handhelds across Europe. It kicks off next month with a reselller bundle combining the HP iPAQ hw 6515 PDA with Goodlink. The two companies already work together in the US. Commtech, the Irish security products distie, is dipping its toe in to the UK, by opening an office in Scotland. This week, the company added Cyberguard to its line card. Dream'eo, a French-Chinese maker of Windows-based mobile entertainment devices, has appointed Germany's Eurobizz to set up a European sales channel. Stock is shipped out of the Netherlands. ZyXEL has signed up Azlan to distribute its security hardware and data networking equipment in the UK. The vendor set up a UK channel in November last year and says it has recruited 800 resellers. They are members of Zypartner, a tiered accreditation programme replete with financial and marketing sweeteners. ®
Reseller round-upReseller round-up South Africa's government has slammed ICT vendors which sell “exorbitant, irrelevant” solutions to local government departments. Joe Mazibuko, of the State IT Agency's provincial and local government services, points to a municipality which had signed "a 50-year contract, without an exit clause, with a local service provider". Nice work, if you can get it. More here. Pegasus Software has promoted Kevin McCallum to channel sales director for the UK and Ireland. McCallum joined the accountancy software vendor in 2001 and most recently ran its product specialist team. Pegasus is part of Systems Union. Horizon Technology, the Irish-owned mid-range reseller, has become an IBM Business Partner in the UK ®
Trilogy Telecom - a small local loop unbundling (LLU) operator that provides broadband in rural Cambridgeshire - has been acquired by Edge Telecom Ltd. The deal was completed earlier this week and comes after Trilogy was placed in administration on August 23. Financial details about the sale were not disclosed. However, in a statement Administrator Eric Stonham said the sale had been completed "without major disruption of service to customers", although one punter has contacted us to say that the service suffered a 72 hour outage that started last Saturday evening. Stonham continued: "We quickly established that whilst the finances of the business were poor, the company's underlying service to its customers had a good foundation." Trilogy received public money to unbundle exchanges in Cambridgeshire that were originally deemed commercially unviable by BT. However, a change of strategy led to BT investing in the area. As a result Trilogy is understood to have struggled to stay afloat in what was described as a "very competitive market". Edge Telecom, which is believed to be based in Hampshire, plans to expand the range of services on offer. ®
BT chief Ben Verwaayen has told staff that today's deal agreed with Ofcom is "historic [and the] biggest change since BT was privatised more than twenty years ago". In an email to staff seen by The Reg Verwaayen said the deal would allow companies to "concentrate on winning and serving customers, rather than arguing about regulation". Announcing the creation of the new access services business "Openreach", Verwaayen called on workers to live by the new rules as set out by Ofcom. Sharing information between the different parts of BT is a real no-no and all workers can expect to have to abide by a new code of conduct. Speaking about BT Oftenwretched [cheers for that one, Paul] Verwaayen wrote: "Treating all communications providers in an equal and fair way also requires that we set up two separate product teams in BT Wholesale to manage products where we have a dominant position. "To deliver this level of transparency, we must get our behaviour right too. "This means taking great care about the way we use information to avoid giving preferential treatment to our own businesses. Certain commercial information can only be disclosed to other parts of BT if it is also being shared - at the same time and in the same way - with other communications providers. "And, we will not share any customer's confidential information without consent." Despite BT's insistence that it's turning over a new leaf, competitors remain cautious. John Pluthero, chief exec of alternative telco Energis and someone who called for the break-up of BT, reckons today's announcement is a "good start point". At the moment, though, it's just words and promises without anything concrete to back up today's new deal. "The watchwords now are promise for promise and action for action," he said. "Ofcom must hold its nerve and continue to insist that BT delivers on promises before giving it its head in retail markets." ®
In case you didn't know, today is "World Car Free Day", during which we are all encouraged to leave our cars at home and find alternative means of transport, thereby giving Mother earth a great big hug. All well and good, if you don't mind cramming into a cattle truck disguised as a commuter train and spending 18 hours travelling eleven miles and paying fifty quid for the privilege. Of course, you could always walk, or cycle, which is what we assume BT Conferencing staff are doing after management rather grandly called on them to ditch the motors: BT Conferencing, part of BT Group, could help avoid the emission of 10 tonnes of CO2 emissions in one day, by discouraging its staff from driving to work or attending face-to-face meetings. This is achieved through the use of conferencing services, which enables its employees to attend meetings without the need to travel. Apparently, all this tree-hugging follows a 2004 BT Group initiative "which successfully prevented 47,000 tonnes of CO2 from being emitted into the atmosphere. This was achieved by eliminating nearly 300,000 face-to-face meetings across its workforce with BT Conferencing technology". While it's entirely laudable to support any initiative which aims to slash CO2 levels, it's a bit bloody cheeky to ask your staff to park the automobiles for the day - unless you're giving them World Car Free Day off so they can take a leisurely, environmentally-friendly stroll down the boozer. ®
Almost two-thirds of Swedes secretly read their partner's SMS messages, according to research by mobile portal Halebop for Swedish operator TeliaSonera. Some 64 per cent of those questioned this summer said they read their partners' text messages out of nosiness or jealousy, according to The Local. Most Swedes peek into their partner's phone when he or she is in the bathroom or shower. Maybe there is an explanation for the distrust: 86 per cent of those questioned admit to have flirted with someone by SMS, while 40 per cent claim to have gone one step further: having 'SMS sex' with someone. Swedes, it turns out, are a lot nosier than Brits. Almost half of British women, 45 per cent, owned up to secretly checking their partner's messages, compared to 31 per cent of men, according to a survey carried out by Sicap, a Swiss messaging services provider. ®
Nvidia isn't expected to launch its GeForce Go 7800GTX next-generation mobile graphics chip for another week, but that hasn't stopped UK PC vendor Evesham from announcing a notebook which contains the part. Evesham today touted its upcoming Voyager C720 as the "ultimate mobile gaming machine", thanks to the Nvidia chip, which drives the notebook's 17in 1680 x 1050 display and is supported by 256MB of video memory. The 3.8kg beast's 39.7 x 29.3 x 4.5cm frame also contains a Pentium M 750 processor, 1GB of 533MHz DDR 2 SDRAM, a 5400rpm 80GB Serial ATA hard drive, a dual-layer DVD-RW unit, gigabit Ethernet and 802.11g connectivity, Bluetooth support, an integrated 1.3 megapixel webcam, four-in-one memory card reader, and a host of I/O ports. The battery has sufficient capacity for three hours' operation, Evesham said, and it's all a snip at £1500. The Nvidia chip, as we reported earlier this week, is said to yield double the 3DMark03 scores the old GeForce Go 6800 Ultra did, despite a lower core clock speed - 400MHz to the Ultra's 450MHz. It's also said to offer "double the shader performance" and provide "99 per cent" of the performance of "shipping desktop PCs". Evesham was listed on a leaked Nvidia presentation as one of the PC vendors said to be supporting the new chip at launch. Or, if today's announcement is anything to go by, before it. ®
Cash'n'CarrionCash'n'Carrion We're pleased to report that some, at least, of the magnificent BOFH books have found their way onto the shelves of the Cash'n'Carrion warehouse, namely: Book II - Son of the Bastard, and Book IV - Dummy Mode is Forever. Naturally, you're wondering "why on God's green Earth have they only got parts two and four?" A good question, and in reply we ask you to imagine a tramp steamer packed to the gunwales with volumes one, three and five as we speak chugging its way across the Atlantic. Yup, it's a delivery delay on the other three, but we thought we'd get what we have up on the site pronto lest anyone currently missing either of this pair has been sitting in a darkened room for three months awaiting their arrival. You can get these tomes individually for £7.99 or bundled for £13.99 - a saving of more than two quid. Naturally, there is no VAT on books, so that's what you pay. Hopefully, the SS BOFH will dock shortly on Blighty's fragrant shores, and we can complete the set. Watch this space. ®
Earthlink, the leading US ISP, has escaped blame for distributing software that incorrectly identified the website of a legitimate bank as potentially fraudulent. Associated Bank-Corp's lawsuit against the US ISP for negligence and injury to its reputation was rejected by a US judge on the grounds that Earthink licensed the inaccurate information about the bank from an unnamed third party, CNET reports. Users of Earthlink's free "ScamBlocker" toolbar visiting AssociatedBank.com were told the site was "potentially fraudulent" adding that users should "not continue to this potentially risky site". Associated Bank, which operates from 300 branches across America's Mid West, was understandably miffed and launched a suit back in April. US District Judge John Shabaz last week ruled that Earthlink was not liable for using dicky data from a third party because of provisions in the 1996 Telecommunications Act. "Because the evidence indicates the information came from another provider, defendant cannot be held liable for the republication of the statements," he wrote. The decision leaves to door open to a possible lawsuit by Associated Bank-Corp against the firms that supplied Earthlink with incorrect information but its unclear if Associated Bank-Corp will take up this option. ®
A Manchester scientist has developed an open source tool for the Grid Computing Project that could put an end to the vandalising of collaborative websites, known as Wikis. A Wiki, for those who have survived life online thus far without hearing about them, is a website where users can add and edit content as easily as they can read it. The most famous example is probably Wikipedia, a collaborative encyclopaedia, added to, checked and edited by its users. The trouble with such sites is that it is just as easy for someone vandalise their pages as it is for someone to add something useful or constructive. Dr Andrew McNab of Manchester University, comments: "Wikis have been plagued with problems of trust and identity: how do you deal with internet vandals using fake accounts?" He says his new software, GridSiteWiki, ties the security being rolled out for the Grid with the Wiki concept. The Grid is a global network of computers that can be brought to bear to help scientists crack computationally difficult problems. Currently, scientists wanting to use the Grid have to get a digital certificate that identifies them to the Grid as bona fide boffins. GridSiteWiki extends this so that all Wikis can use digital certificates to identify their contributors. McNab acknowledges that some Wikis are deliberately left open to all-comers, but points out that many are set up for particular communities, clubs, employees or other group project work. GridSiteWiki will enable these sites to identify their users. "We can finally make a Web where you can visit a website for the first time and start contributing straight away, without the administrators having to worry about anonymous vandals with fake identities," he said. ®
Sony is cutting 10,000 employees under a $2bn restructuring plan, to shake up operations and face increasing competition. Sony's new chief executive, Howard Stringer,announced the restructuring which is intended to save $1.8bn a year once changes are completed in 2008. Sony expects the majority of job cuts to occur internationally with 4,000 positions going in Japan. The company is also reducing its number of factories from 65 to 54. Sony will incur a $1.25bn hit as a result of the changes during its current fiscal year. The company is concentrating on revitalizing its electronics business through structural forms and a "well-defined" growth strategy to boost annual sales to $72bn and operating margin by five per cent at the end of fiscal 2007. Restructuring comes as Sony faces increased competition across the board. Sony manufactures Wega TVs, Vaio PCs and Walkman music players which are being challenged by companies like Samsung Electronics and Apple Computer for market share while also challenging Sony on both pricing and profit margins. ®
Dell and Oracle are deepening their relationship through a bundling deal and a grid project, both announced at Oracle OpenWorld in San Francisco. Dell will provide PowerEdge servers loaded with Oracle’s database, Real Application Clusters or Fusion Middleware. Alternatively, customers can choose JD Edwards applications or Oracle E-Business Suite. Support packages for up to three years can be bought at the time of purchase and this will allow access to dedicated support staff at Dell and Oracle. The two companies are working together to support the bundles through Dell. If the problem is in the software and beyond the Dell team, the call will be seamlessly elevated to specialists at Oracle. This one-stop approach to support means there is no need for a customer to ring back and explain the problem all over again. Dell is also working with Oracle, Microsoft and Cisco on Project MegaGrid which aims to provide a low-cost alternative to large expensive servers and mainframes. Dell chief technical officer Kevin Kettler claimed that these systems will predominate in five years time as customers feel the benefits of reliability that clustering offers. If a system fails, the grid will continue to operate while repairs or replacements are made. The choice of running on Microsoft Windows rather than Linux was made because of Dell’s perception that some corporates and midsized companies are resistant to using Linux. Windows is a good compromise causing less friction, he said. The systems will run Oracle Database 10g over Windows on PowerEdge servers. Once again, Dell will act as the initial point of contact and queries will be escalated to the company best suited to handle the call. The systems are available now and will be priced according to processor, memory and storage requirements. ®
Four No2ID campaigners were ejected from Gateshead Metro Centre yesterday, after their attempts to protest against the introduction of a national identity register and identity card were deemed "inappropriate" for local shoppers. Home Office Minister Andy Burnham was due to appear at the centre as part of his whistlestop tour aimed at persuading the nation of the benefits of ID cards and biometric technologies. No2ID argues that the Home Office is rigorously excluding opposing views from the tour. The campaign group complains that the details and locations of the tour are not being made public in advance, and that the public is only being given one side of the story. Stephen Hodgson, ringleader of this unlikely group of rebels, said: "It was extraordinary. We had been there about an hour. The minister had yet to arrive. Then Home Office staff manning the stand had a word with Metro Centre security staff, and the security staff had a word with police. The police ejected us from the Metro Centre, saying that our leaflets were 'inappropriate'. It beats me how." The group was handing out standard No2ID campaign leaflets, which you can have a look at here (pdf). No2ID's press officer told us he thought it highly unlikely that the leaflets contained any particularly inappropriate information: "The most violent we've ever been on our leaflets is the red ink," he said. The Home Office has denied asking the police to move anyone along, and says that it is "a matter for Northumbria Police and MetroCentre security". Northumbria Police, for their part, explain that a local bylaw means leafleting is prohibited in the Metro Centre. A spokesman told us: "The security staff asked the protesters to leave. We were just in attendance to make sure there was no breach of the peace." The Home Office confirmed that it too was handing out leaflets. One covering information about the new e-passports, and the other with details of the new photograph standards guidelines. "The purpose of the roadshow is to inform the public," a spokesman told us. ®
Mashboxx, the legal P2P software provider, has appointed a former Napster and Universal Music Group executive as President and CEO. Wayne Rosso, the colourful current incumbent, will become chairman, handing over the running of the company he founded to Mike Bebel, The Register has learned. Bebel is a something of a music-industry insider. He has been a senior VP at Universal Studios, and co-founded Universal Music Group's elabs venture. He went on to run Pressplay, the digital music distribution business set up by Universal and Sony, as CEO. Pressplay was later acquired by Roxio, which subsequently bought the Napster name and used Pressplay as the foundation for its licensed music download business. Bebel became the Napster division's President and COO, a role he quit last year. Despite his move to offer a legitmately licensed peer-to-peer operation, Rosso, as one-time head of P2P software provider Grokster, isn't exactly one of the music industry's best buddies. With so many P2P services now going offline in response to the Recording Industry Ass. of America's cease-and-desist requests, Rosso undoubtedly reckons it's now time to give Mashboxx a public face untarnished by the first file-sharing era and one the major labels will feel confidendent in dealing with. Someone, in other words, who is 'us' not 'them'. Rosso's goal with Mashboxx was to create a legal P2P service that would nonetheless co-exist with the questionable ones. The RIAA's actions, fueled by the US Supreme Court's judgement against Grokster and StreamCast, leaves Mashboxx's as-yet-unlaunched network in a vacuum, at least until other legal P2P services come on stream. Indeed, Mashboxx itself may yet prove Grokster's saviour, and we can't help wondering if that's not, at least in part, behind Rosso's change of role. "I am completely confident that Mike will not only take us to market successfully, but build Mashboxx into a long term meaningful entity in the digital entertainment delivery realm," Rosso told The Register by email today. ®
BEA Systems is feeling the pressure from open source, according to investors at Wall St institution Piper Jaffray. The analyst firm has pegged BEA's stock price at $8 per share, saying it expects potential customers to delay new application server purchases until an updated version of open source rival Gluecode is released later this year. BEA currently trades at close to $8.50 per share. "We feel these delayed investment decisions could cause many of the active WebLogic sales opportunities to stall, increasing the length of the cycle," Piper Jaffray said in a research note. Gluecode was bought by BEA's great application server rival, IBM, this summer, in a deal that provides IBM a low-cost, lightweight alternative its enterprise-class WebSphere product that is usually used against BEA's WebLogic. Piper Jaffray said the Gluecode deal strengthened IBM against BEA. The analyst firm's note comes as BEA prepares to host its annual eWorld user and developer conference next week in Santa Clara, California. BEA, which has consistently denied experiencing competition from open source in public, is expected to use eWorld to rally customers to its latest AquaLogic services oriented architecture (SOA) strategy and product line. ®
The National Security Agency - the US's ultra-secretive signals intelligence corps - has patented a geolocation system that tries to pinpoint internet users based on their IP address. US patent 6,947,978, Method for geolocating logical network addresses, uses the latency of connections together with a network topology map to scope the approximate location of net users. Some commercial firms (e.g. Quova) are already developing similar technology and (as often with US patents) it's unclear what, if any, innovation is involved. Applications of the technology cited in the patent include geographically targeted advertising, disabling use of a password from a computer located outside of a specified area or in signals intelligence. The latter two purposes would appear to fit more closely with NSA's core mission, but the agency's intended use of the technology remains something of a mystery. The NSA traditionally remains tight-liped about the advanced technologies it develops, so its recent flurry into the world of patent and intellectual property is sure to excite the interests of many conspiracy buffs. The truth is out there, somewhere. ® Bootnote One of the more creative past NSA patents details a complex system for disposing of shredded paper.
Half of American webloggers cite self-help as their primary motivation for maintaining their online diaries, a survey has discovered. 48.7 per cent of the sample say that blogging "serves as therapy", and it's the most popular reason for publishing an online journal. The second most popular reason, to stay in touch with family and friends, was cited by 40.8 per cent of respondents. Only 3.3 per cent say they blog to achieve fame or notoriety. And only 7.5 per cent of respondents blogged to "expose political information" - suggesting the pyjamahadeen of 'citizen media' are far outnumbered by the neurotic. As one would expect, Group-think is well in evidence in the survey. Over a third of bloggers cite peer pressure of one form or another. One in five say they blog to go with the herd, and more than one in eight say they blog because "it's the latest trend". And we thought happy slapping was the latest trend. We can't keep up! It's hardly surprising that this most solipsistic and egotistical of communications tools attracts people looking for help. But the survey was conducted in the United States, where therapy doesn't have the social stigma that it does in Europe, and comes as naturally to an American as shooting a road sign. In other cultures, would the results have been different? And would say, Europeans or Asians be as honest as US citizens, who are consistently, and admirably frank on such issues? The survey was conducted by DMS for AOL this month. More here.®
Oracle CEO Larry Ellison is happy with SAP’s choice of NetWeaver as its middleware because it has “an almost non-existent market share”. In a Q&A session during his keynote speech closing Oracle OpenWorld in San Francisco, Ellison was given a golden opportunity to lambaste NetWeaver and underline the company’s new open-to-all strategy. He claims that Oracle Fusion Middleware holds a bigger share in the SAP market because NetWeaver is three or four iterations behind with open standards versions. When asked which of the companies would be ahead in five years time, Ellison switched to being the diplomat. He described SAP as being a very important applications company, nominated Microsoft as being his main concern but sees online CRM as the main battleground. “I think the pure-play On Demand players, like Salesforce.com and Netsuite, are going to be serious players. I think the outsourcers, like Infosys are going to be serious players. I think the application space is going to be diverse and complex five years from now. If it was just going to be Oracle versus SAP it would make our life a lot simpler.” Ellison’s performance was not that of the sarcastic firebrand from years gone by but a mature, and consequently lack-lustre, presentation. This maturity seems to filter into the product philosophy, and he expressed this by saying that Oracle has to be open to allow use of competitive databases behind its applications. His emphasis on standards compliance also underpinned the message that the world is changing and Oracle has to compete on price, functionality, reliability and security. Despite this, the future may not be so open. In his presentation, Ellison said that he cannot guarantee that the Fusion project will sit easily on other databases. With 35,000 attendees at the conference, Oracle is still a big draw. The company estimates that the timeline for fusing its product lines will take between seven and ten years, assuming the Siebel acquisition succeeds.®
Oracle OpenWorld is drawing to a close in San Francisco, and some big questions are being left unanswered. Namely, one wonders what Oracle might look like at the OpenWorld event one year from now. The company is maturing and beginning to open out and extend its products. Project Fusion is the major challenge as the company melds its disparate CRM offerings. Competitors believe and hope that it is impossible to evolve a single species of CRM from around eight products. Oracle says it can do it by breaking them all down into services and bolting them together again. The Siebel acquisition will probably go ahead after an initial period of wrangling by the shareholders. This is a sideshow and a distraction from the main challenges Oracle is facing. In addition, progress is likely to be hindered by the addition of Siebel’s products because they are quite different to Oracle’s current array. Siebel specialises in fairly inflexible vertical market products, while Oracle has an array of customisable horizontal CRM systems. Something has got to give way, and those customers affected by a shift will not be pleased. Oracle executives here pumped their speeches full of promises, talk of alliances and sabre-rattling clarion calls. In reality, however, Oracle is in stasis and will not begin to move again until its Fusion project bears real fruit. Its strength is the maturity of its database and applications, but Microsoft and SAP continue to chip away at these foundations. At every conference, Oracle boasts that it has never left any customers behind, but the current question is whether it can keep up with them. ®