26th > April > 2006 Archive

Borland wants to be a Red Hat for developers

Borland's Java and Windows application development tools will once again lead the industry, setting the pace in both quality and innovation. So says Nigel Brown, who is leading Borland's integrated development environment (IDE) business to independence and out of the shadow of Borland's other application lifecycle management (ALM) tools. Brown, an 18-year Borland veteran, was recently named general manager of Borland's IDE business. In an interview with The Register, he promised significant investment in research and development for Borland's IDEs along with significant increases in sales and marketing for the popular JBuilder and Delphi programming environments among other tools. Brown is also rehiring engineers and architects who were at the forefront of developing languages like Delphi but who had left Borland. Borland has long been the victim of a brain drain to other software companies, most notably Microsoft, which spent years playing catch-up in terms of features and language design. Brown vowed Borland's spun-out IDE business would recapture its lead. "Four to five years ago, what we put in Delphi one year, Microsoft copied one or two years later. Our goal is to get back to that scenario where we are leading. Also JBuilder - that drove Java to the limits. Our goal is to get back to that," he said. He blamed Borland's surrender on a legacy of under-investment in tools thanks to corporate priorities that came to emphasise the bigger ALM picture, with more R&D pro-rata going into Borland's Caliber, StarTeam and Together software. "Over the last few years [tools] haven't been part of Borland's key investments... that has been ALM product. Our immediate goal is to get that [investment] to, or above, what [other] software companies put into their leading products." This begs the question: where will Borland get the cash to sustain the R&D and sales and marketing? budgets. The company is asssessing suitors to help fund and develop the IDE business, which also features the company's database and application server. One reason Borland has been forced to spin out tools is because of the price pressure the IDE market is experiencing. The increase in "free" tools has forced IDE providers to re-examine what exactly it is they offer in order to make any money. In common with chief executive Todd Nielsen , Brown is keeping exact revenue plans pretty close to his chest but repeated his boss's wording on providing "services." Like Nielsen too, the words "Red" and "Hat" are employed and there is a fervent belief the new company can monetize its installed base of three million developers. "There is a model with the likes of Red Hat making money from support and added services. Borland is a global company and the IDE business will be global," Brown said. "It will be a matter of how can we get more of the IDE products into developers hands for good money, and [being] less hung up on licensing model," Brown said. "When we spin off the IDE business we will be a big startup." Another challenge is who will buy Borland's tools. One reason Borland moved into ALM and upped its pitch was to target executives and IT directors who - unlike developers - hold the keys to the large purchasing decisions. It seems Borland's IDE business will try to shift pricing to suit the budgets of developers, whose spending runs to several thousand dollars and can be put through on a credit card. "We won't be speaking to CTOs except in rare instances," Brown said. Borland is evaluating subscriptions, but Brown noted there is unlikely to be a change in the short term to the current licensing-base approach. The IDE business also expects to use web-based marketing to reach developers. Brown is placing his faith in the concept of "smaller means more efficient." He believes a smaller organization, independent of the large Borland machine, will have more resources to develop features and functions instead of just "writing infrastructure." Brown estimates that two thirds of resources for JBuilder went into building infrastructure and just one third into features. ®
Gavin Clarke, 26 Apr 2006
channel

Oracle extends 'lifetime' promise

When it comes to Oracle- bought software, 'lifetime support' used to mean just support for seven years, making "software support years" run even faster than dog years. But no-longer. Oracle has had a rethink over its inherited Siebel, PeopleSoft and JD Edwards code-bases, today announcing it will release new versions into the foreseeable future. The company had previously defined lifetime to mean support ending in 2013. So Oracle will continue to update the trio of applications it bought last year, long-after delivery of its planned Oracle Fusion Applications in 2008. Also on the table are full "customer-driven" roadmaps, development teams inside of Oracle who will continue to upgrade the acquired applications, and "no forced upgrades." Oracle says the scale of its applications business - spanning 30,000 customers - means it can continue investing in the products, "which in turn, allows us to address a wide range of customer requirements". In the meantime, Oracle is certifying acquired applications for interoperability with middleware. Oracle announced Siebel 7.8 would be certified for use with its PeopleSoft, JD Edwards and Oracle E-Business Suite with the release of Siebel 8.0 due later this year.®
Gavin Clarke, 26 Apr 2006
hands waving dollar bills in the air

Database and support duo take on Oracle

Database spin-out Ingres is getting a little enterprise support from netCustomer in its unfolding strategy of challenging Oracle in the database market. Customers using the Ingres open source database will receive enterprise application and database support from netCustomer, in a deal promising to "dramatically" lower the support costs for PeopleSoft and JD Edwards users. Additionally, netCustomer said it would help customers move from "expensive proprietary databases" to Ingres 2006. Oracle was not mentioned directly, but netCustomer did go on to say Ingres is estimated to come in at half the cost of Oracle. The expanded relationship between tiny Ingres and netCustomer, which forged a business providing third-party support to PeopleSoft and Oracle users, is clearly being offered as a way for customers to lower their IT costs by easing Oracle out of the equation. The senior management and marketing ranks of Ingres - spun out from CA last year - are groaning under the weight of former Oracle heavy hitters and experts. These include chief executive Terry Garnett, chief financial officer Tom Berquist, chief technology officer Dave Dargo and chief communications officer Jim Finn. Part of Ingres's strategy against Oracle has been to claim lower cost of ownership combined with enterprise-class features. Ingress is now targeting not just users of the Oracle database but also users of applications that Oracle took ownership of during the last year. A slowly emerging theme among business application providers is to use open source databases as their underlying platform to help lower costs. Hence SAP is working (separately) to certify MySQL with its software and Ingres is hoping to hook the interests of PeopleSoft and JD Edwards users. For its part netCustomer claims to reduce customers' annual support costs by up to 50 per cent. Berquist said in a statement: "With its data centre track record, the now open-source Ingres will appeal to customers who are looking to uniformly lower their costs without sacrificing the reliability and performance they expect from their database platform."®
Gavin Clarke, 26 Apr 2006
channel

Ingram solid in Q1 despite Euro softness

Ingram Micro beat its own financial forecasts in the first quarter despite softening economies and currencies in Europe.
Team Register, 26 Apr 2006
chart

Europe's plan to hunt down pirates

The EU is planning a crackdown on counterfeiting and pirating of goods, with penalties including a minimum four year prison term.
Team Register, 26 Apr 2006

Forensic felonies

A new law in Georgia on private investigators now extends to computer forensics and computer incident response, meaning that forensics experts who testify in court without a PI license may be committing a felony.
Mark Rasch, 26 Apr 2006
hands waving dollar bills in the air

Rambus awarded $306.5m in Hynix patent case

Rambus has won its month-long patent infringement trial against South Korean rival Hynix Semiconductor. A San Jose, California jury yesterday awarded compensation to the US chip interface designer in the sum of $306.5m.
OUT-LAW.COM, 26 Apr 2006

TalkTalk slapped for 'free' calls ad

BT has struck a blow against fierce rival Carphone Warehouse after the advertising watchdog ruled that an ad plugging its TalkTalk phone service was misleading. The former monopoly had complained about an ad which boasted "Free Unlimited landline calls for three months". The ad, plugging its phone package, went on to say that "TalkTalk customers talk FREE FOREVER to each other". BT submitted its complaint because it reckoned the calls were inclusive, not free. Carphone argued the opposite insisting that calls made between their customers were free, not inclusive. But after mulling the complaint, the ASA decided that TalkTalk's claims were misleading. "We considered that calls to other TalkTalk customers offered under a call allowance," said the ASA in its ruling, "that, in isolation, did not involve a monthly fee but was offered in conjunction with a line rental agreement, were an intrinsic part of a 'bundled' package; they were therefore not free, but inclusive in the overall package price." In a statement, Carmoan Warehouse chief exec Charles Dunstone told us: "Whilst we take any ruling from the ASA seriously, the fact that the only complaint received was from BT leads us to think that this doesn't seem to be an issue that confused any real customers. We politely recommend to BT that they spend a little more time looking at their own expensive call charges and a little less time reading our ads." Today's ruling will come as a blow to Carphone which is using a similar approach to flog its new "free broadband forever" service. Following more than 40 complaints from members of the public, and just two from industry rivals (BT and Tiscali), these ads are now also under ASA investigation. ®
Tim Richardson, 26 Apr 2006

British employment law challenges offshoring

Recent changes to rules that protect British employees when a business changes hands have angered offshore service providers who fear becoming liable to British workers who lose their jobs. An employment law expert says the concern is justified, at least in part. Under the Transfer of Undertakings (Protection of Employment) Regulations, better known as TUPE, when a business changes hands, the existing terms and conditions in an employee's contract of employment will continue automatically with the new employer. Earlier this month, the rules were updated in response to widespread concerns about their ambiguity and the burden they presented to British business. But among the updates was an extension of the rules to service provision changes. India-based TataSoft was highly critical. "[It] could not only possibly leave Indian BPO service providers with enormous liabilities but could also assist in protectionism capturing root in a country that was so far believed open to offshore outsourcing services," it said in a statement. The software development firm acts for UK clients and argues that "new TUPE", as it is sometimes known, "slaps overseas contractors with legal and financial accountability for the British employees". It warns that the law could also inflate overseas service costs for British companies. Edward Goodwyn, a partner with Pinsent Masons' employment group, agreed that new TUPE is likely to heighten the risk of TUPE claims in future when BPO services are sent to India. He explains that, even under old TUPE, there was always a risk that TUPE would apply in relation to offshoring to India. The issue was whether or not there had been a "transfer of an undertaking or business or part of an undertaking or business". The fact that the undertaking ended up outside the EU was not fatal to the question of whether TUPE applied; old TUPE made it clear that TUPE can apply if the undertaking was situated immediately before the transfer in the UK. "Clearly, a UK based IT service being outsourced to India met that criteria and potentially there could be a TUPE transfer of risk," Goodwyn said. But the crucial question of whether old TUPE did apply, always turned on whether the undertaking effectively retained its identity after the transfer. "There is very little case law to determine the issue where a service has been moved out of the EU," said Goodwyn. "However, the central issue under old TUPE was whether the operation in India was sufficiently different so as to be a different undertaking to that which had been previously operational in the UK." Goodwyn said that under old TUPE, it could be argued that the mere change in geography meant the undertaking is different – so that TUPE did not apply. "This argument had some merit – but it was always, in our view, equally arguable that if BPO services in the UK were likely to be the same BPO services in India, then TUPE would apply. Where TUPE did apply under old TUPE, the consequence was that the UK employer would have various consultation and information obligations in relation to the transfer. Additionally, any dismissals by reason of the TUPE transfer were arguably automatically unfair by the fact that they were connected to the TUPE transfer. However, in relation to both obligations, liability for failure to consult and liability for any unfair dismissal would transfer to the new Indian transferee. In other words, while TUPE would apply, the practical consequence of this would be that the employees or trade union would be left with seeking to enforce their claim against the Indian company. Practically, this would lead to the difficulty of seeking to enforce UK TUPE rights in India. The only exception to this was if the Indian outsourcing company had some UK presence which allowed the employees or union to sue the UK Indian company in the UK. Whilst matters remain broadly the same under new TUPE, there are some substantial differences that, in Goodwyn's view, increase the risks to both the outgoing UK employer and the incoming Indian employer. Firstly, the issue of when TUPE applies and when it does not has been modified. New TUPE makes it clear that TUPE will apply where there has been a "service provision change". The definition now means that the so called "innovative defence" is no longer available where you are talking about a service provision change. So the Indian company would no longer be able to argue that the mere fact that the services are being undertaken in India in an innovative and different way means that new TUPE will not apply in circumstances where the basic BPO service is still being provided. To this extent, it is more likely that TUPE will apply to offshoring of BPO Services. Additionally, there has been a change under new TUPE as to who bears responsibility for any failure to consult or inform the employees in relation to TUPE. As mentioned, the obligation to inform and consult predominately falls to the outgoing employer; but liability for any failure would transfer under TUPE to the incoming Indian company. Under new TUPE, the liability for failure to consult or inform is now joint and several between the transferor and transferee. As such, if there has been a failure to inform and consult, the UK employees and their trade union will be able to sue the outgoing UK employer, who will be joint and severally liable for the whole claim. "The consequence of this," said Goodwyn, "is a higher likelihood of employees and unions who have not been properly informed and consulted under new TUPE after an offshoring bringing claims for protective awards against the outgoing UK employer." "Indian offshoring companies should continue to be aware of the TUPE risk and indeed be advised that by reason of new TUPE, the risk of TUPE applying and it inheriting employee claims has increased," he said. But Goodwyn points out that the UK employees will still face the substantial practical problem of seeking to enforce their TUPE rights which, more often than not, will need to be enforced against the Indian company in India. "Nonetheless, it will be prudent for Indian outsourcing companies to look for an indemnity in relation to such claims as part of the offshoring agreement," he said. Copyright © 2006, OUT-LAW.com OUT-LAW.COM is part of international law firm Pinsent Masons.
OUT-LAW.COM, 26 Apr 2006

Eleven new UK GSM mobile carriers

Ofcom has announced that it will award some "thin" mobile phone franchises in May; and the winners include - beside the usual suspects, a company called CyberPress. Is that Pipex? The bidders are named in the 1781 awards list published today. Micro-cells are the most likely applications, and potential applications for these bands include private GSM networks in office buildings or campuses; most mobile phones operate at these frequencies, Ofcom said. Dean Bubley at Disruptive Analysis said: "These are 'thin' low-power 1800MHz GSM spectrum licences, which could enable deployment of some innovative business models, using technologies like picocells for indoor cellular services, along with normal low-cost handsets." Exactly what it will mean, is still far from clear, Bubley said. He listed his guesses as follows: The price for making GSM calls when users are not actually "mobile" but nomadic (ie at home/work) will plummet. "This has already happened up to a point, but will now accelerate further, especially given other initiatives like dual-mode Fusion-type service launches and (probably) Genion-style HomeZones." We're going to see businesses exert a much greater level of power over mobile operators. "If large enterprises and government bodies have a choice of 16 mobile operators (and probably countless MVNOs), it seems very likely that corporate cellular tariffs will cease to be such a burden on CIOs' telecom budgets." it's going to be tricky: "It'll probably take longer to get things up and running than everyone expects. For example, does anyone know what happens when a phone's "network selection" menu has 10+ options shown? Were the menus even designed to cope with that many, perhaps scrolling onto another page?" a lot of companies that have been ignoring picocells and femtocells are going to sit up and take notice. lots of network security equipment vendors will have to get their act together. 'Remember the fuss a few years ago when people were plugging "rogue WiFi access points' into enterprise networks & PCs? Welcome to guerilla wireless v2.0 , only this time with cellular." Bubley said in his blog that he was particularly fascinated by the appearance of a new bidder in the race: Cyberpress. That looks to be either a French-based media company, or a Pipex spinoff. "Interestingly, it appears on the Pipex CEO's list of current directorships, though," Bubley said. Copyright © Newswireless.net
Guy Kewney, 26 Apr 2006
channel

Evesham has graphic plan for notebooks

Evesham Technology has spruced up its top end notebooks by giving them Nvidia’s latest graphics processor and a liberal sprinkling of Intel’s dual-core processor technology.
Team Register, 26 Apr 2006

Council takes initiative on identity

Sunderland City Council is rolling out its prototype regional federated identity initiative across the north-east of England. The council, which designed, developed, and deployed the Trusted Services Infrastructure (TSI) in association with the North East Connects Partnership (NECP) - which consists of 25 local government organisations - has said it is encouraging local businesses and organisations to come up with innovative ideas to exploit the system for their own identity projects. Federated identity is an arrangement where a number of organisations can register the authenticity of a person's identity accepted in a much wider circle. The TSI enables citizens to gain access to shared services provided by the public and private sector. The move follows two successful pilot schemes. The first in 2003-04 provided local log-in, buildings access and network log-in for 400 students at Sunderland College. The other, in September 2005, saw NECP deploy 8,500 smart cards for the University of Sunderland Student Union. They hold membership details, discount privileges and digital certificates to authenticate online services. The university plans to relaunch the smart card scheme combining the student union with other education services with a view to providing 17,000 cards. Using ActivIdentity technology and Smart Connect software, the initiative currently has the capability to manage up to 80,000 smart card holders for use in third party payment and e-ticketing services. Future plans include building ticketing capability for use on public transport. Con Crawford, Sunderland City Council strategic projects officer, said: "The infrastructure is a prototype capability designed to support the government's drive towards shared services and ours compliments central government's Shared Services Unit. "Since our definition of this embraces all sectors we are now promoting it to public and private sector organisations to encourage their use of the system. "Federation protects the company asset, including confidential employee information, while the use of third party services can enhance the whole cardholder proposition." NECP is currently working with accountancy package company Sage, in a partnership that has already supplied access control smart cards for systems at the company's global head quarters in Newcastle. This article was originally published at Kablenet. Kablenet's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.
Kablenet, 26 Apr 2006

Space Muslims face weightless search for Mecca

Here's a poser for our Muslim readers: if you're aboard the International Space Station and it's time to pray - how do you pinpoint Mecca? That's the problem facing Malaysia's space agency as it prepares to send the country's first astronaut into orbit in 2007, Reuters reports. According to Zainol Abidin Abdul Rashid of Malaysia's space science institute, "following Earth time and facing in the direction of Earth are the key elements to solving the problem". Accordingly, Zainol's got his head down with his graduate students from the National University of Malaysia to write a programme to "calculate the correct prayer times and directions for astronauts, once their positions are keyed in". He explained: "It can be set up on a computer or even a personal digital assistant, and figuring out your location is as simple as connecting to the internet." So far so good, but what about pre-prayer ablutions and kneeling in zero grav? Cue a group of muftis who recently published some highly pragmatic guidlines to tackle these problems on Islam Online: "According to an established principle of Islamic jurisprudence, if for any reason we are unable to fulfil a certain condition or a prerequisite on which the validity of a certain act of worship is dependent, then we must still perform the act without the condition." Malaysia now has a shortlist of four possible astronauts, three of them Muslim, from which to pick a lucky winner to spend six to eight days aboard the ISS. The Soyuz-powered trip is a freebie offered by the Russians as part of a $900m sale of fighter planes to Malaysia, Reuters notes. ®
Lester Haines, 26 Apr 2006
channel

PGP unfazed by MS disk encryption

InfosecInfosec PGP says the whole disk encryption kit Microsoft will bundle with Vista is no threat to its position as the first port of call for forgetful laptop luggers.
Christopher Williams, 26 Apr 2006
For Sale sign detail

Plusnet in cut-price broadband bundle

Plusnet has unveiled the details of a new bundled phone and broadband product that attempts to match the cut-price offer recently announced by the Carphone Warehouse. From 4 July, all Plusnet customers will be able to bundle their existing broadband package with a voice line rental and calls offer for £11 per month. The ISP is also launching a new discount entry-level broadband service for just £9.99 a month from the end of May. It means that from July, subscribers to Plusnet's new entry level broadband (£9.99 a month) and phone service (£11 a month) can get a bundled phone, broadband and line rental package for £20.99 - the same amount Carphone is charging. But there are big differences. Plusnet's service is available nationwide (people out of reach of Carphone's unbundled exchanges have to pay an extra tenner a month for the service); Plusnet's offer includes 240 minutes of "free" landlines calls (Carphone offers unlimited local and national landline calls and unlimited international landline calls to 28 countries); and Plusnet's broadband usage limit is just 50 meg a month, a fraction of the 40 gig monthly allowance offered by Carpone. The other major difference is scale. Carphone's telco TalkTalk has around 2.5m customers and its ambition is to rival BT as the household name for telecoms, while Plusnet is more of a niche operator. "PlusNet believes it is ideally positioned to deliver convergent communications services to its target customers, who are more experienced internet users," the Sheffield based operator said today. Details of Plusnet's offer come as the ISP revealed that turnover in the first three months of the year (Q1) was up 37 per cent to £11.2m with the number of broadband punters up at 192,000. ®
Tim Richardson, 26 Apr 2006

MDM may change your life…or not

CommentComment According to (the normally more readable) Wikipedia, Master Data Management (MDM) “focuses on the management of reference or master data that is shared by several disparate IT systems and groups. MDM is required to warrant consistent computing between diverse system architectures and business functions”.
Mark Whitehorn, 26 Apr 2006

Chinese clone BSE-resistant calf

Chinese scientists have successfully cloned a cow "with gene cells resistant to mad cow disease", reports Xinhua news agency via Reuters. The 55kg calf, born in the eastern province of Shandong, was cloned from cells of an adult cow and carries transplanted genetic material conferring the resistance to bovine spongiform encephalopathy. Professors Dong Yajuan and Bo Xuejin of Shandong's Laiyang Agro-Science Institute collaborated with a Japanese university on the project. The new arrival is another breakthrough for the pair - back in 2001 they produced China's first cloned cow. Chinese state television does, however, sound a note of warning with the statement that "further tests would be required on the calf as it grows to verify the effectiveness of the transplanted genes". ®
Lester Haines, 26 Apr 2006

Hoberman packs his bags

Brent Hoberman - chief exec of Lastminute.com - is giving up the day to day running of the business he helped create eight years ago with dotcom pin-up Martha Lane Fox. Hoberman will become the part-time chairman of the firm - which was snapped up by travel group Travelocity last year for £577m - advising on the strategy and development of the company as well as marketing and technology matters. He will be replaced by Lastminute.com's COO Ian McCaig. Said Hoberman: "Since I co-founded Lastminute.com in 1998, I haven't seen much daylight and I feel it's time to broaden out a little." "This company has come a long way in the past eight years. It has been a tremendous journey, but there remains much to be done to consolidate and extend our position in Europe's travel and leisure industry. "I'm passionate about lastminute.com and its future success and I believe my role as chairman will enable me to take a better perspective of the business and its future strategic development as a whole and support Ian as he takes the business forward." ®
Team Register, 26 Apr 2006

Aussies to get pseudo-ID Card

It looks like an ID Card. It smells like an ID Card. Heck, it even spooks you like an ID Card. But, as Australia's carbon copy Commonwealth Prime Minister says, "it ain't no ID card". The "homeland security" strategy in Australia appears to be slowly, slowly catchee monkey. Or rather, dupee monkey with platitudes, then nab 'im with a surveillance net. Having declared that ID cards would not be imposed on Australians, Prime Minister John Howard announced a biometric "access card" in its place. Australians will be denied access to health and social services from 2010 unless they have one of these cards. In avoiding calling the Aussie ID card an ID Card, Howard has been able to give the impression that he has "struck a balance" between state security and personal privacy, by changing only his rhetoric. Opponents are calling it an "ID Card by stealth" and there are many more reasons why Howard's plan looks every bit like that of his UK counterpart. For a start, the compulsory nature of the card is being shrouded in outrageous doublespeak. "It will not be compulsory to have the card," the Australian newspapers quoted Howard saying today. But, "It will be necessary for everybody who needs a card to apply for one." Like Britain's card, which is optional for anyone who doesn't carry a passport, the Aussie card is optional for anyone who doesn't get ill. Again, like Britain's card, it will be biometric, but not too biometric at first. As in Britain, the limited biometrics are presented as a sop to borderline civil libertarians. Don't worry, says Howard, the card's chip will only hold your digital photograph, not your fingerprints. They fail to mention how unreliable biometric technology is. They couldn't get anything more sophisticated working in the jittery timescale they want to do it all in. The important thing for the authorities is once they've handed the cards out and got the supporting infrastructure and databases in place, adding new biometrics will require only an upgrade. Australia's biometric non-ID card will be used to replace 17 existing health and social service cards. It will also be backed up by the thing that makes an ID card an ID card - a massive database, shared across government departments. It's almost being sold like an ID card. As it's not being called an ID card anymore, it can't be sold to punters as a panacea for terrorism. It's only being sold as a panacea for petty social ills. It will stop fraud and benefits cheats, and no doubt eradicate inequality of wealth and opportunity as well. ®
Mark Ballard, 26 Apr 2006
fingers pointing at man

We'll buy smut if you send us the spam

InfosecInfosec Spammers get more response from smutty emails than any other form of junk email.
John Leyden, 26 Apr 2006
channel

Microsoft talks up interoperability

MS v ECMS v EC Microsoft took the stand today to try and overturn the European Competition Commission’s decision to force it to improve server interoperability. The commission case looked at three aspects - file, print, and user directory functions. Microsoft QC Mr Forrester told the court there were clear parallels between the previous two days looking at Media Player and the next two looking at interoperability. He said the commission had again failed to provide evidence of unhappy customers, and said the decision created an immense burden, and enormous fine, on Microsoft. He said although server issues involved more acronyms and technical explanations, at base it was a clear legal issue. The court was told it took 210 people to create the documentation required by the commission. They reviewed 3.91m lines of code for directory and 4.3m for print. Today, we heard, 75 people are still working full-time on it. Microsoft recruited retired engineers because much of the code was old. Creating the documentation took 35,000 hours, it is 12,650 pages long, and getting longer as the code is upgraded. After a potted history of network directory services, Microsoft explained how creating trust relationships between machines running different operating systems allowed them to interoperate to the satisfaction of customers. We heard that most organisations have a mixed computing environment - either through choice of as a result of companies merging. The court was shown how interoperability can be achieved in different ways. By using a common language or protocol like http; by installing software on one machine so it can talk to another - Novell software which allows a Windows machine to access Novell directory services; by using a translator such as Hummingbird; or by using Samba, which effectively disguises the identity of a non-Windows machine so it appears to be a Windows machine by using middleware. The court heard that the commission's decision was based on an unduly narrow market definition, and that it failed to take account of its obligations under international law. The CTO of Sapient told the court that problems relating to file, print, and user directory were so easily solved that it was usually done by an internal IT department rather than a specialist. He said solutions had been available in the past and were still available, and that the three had never influenced a technical decision by a customer in his experience. The court was also treated to a demonstration of Centrify software that appeared to achieve just what the commission said was impossible. This relates to getting a non-Windows machine recognised by Active Directory. Paul Moore, CTO at Centrify, demonstrated how to get a Linux machine recognised by the Active Service domain after a quick installation of software. Centrify CEO Tom Kemp then explained the company had made the product in about a year and employed 35 people. To make it, they used publicly available Microsoft material, observed how a Windows machine behaves, and got some “snippets of code” from Microsoft. Centrify’s product can put 60 operating systems within the Active Directory domain. Court president Bo Vesterdorf got a laugh by suggesting it was shame Mr Kemp was not there to sell his software to the court. ® The court reconvenes at 3pm to hear from the commission.
John Oates, 26 Apr 2006

Getting off the UK DNA database: ACPO explains how

The UK is something of a DNA record kleptocracy, with a national DNA database now well in excess of three million records, and with new sampling opportunities available to the police on remarkably easy terms. These days it's ever so easy to get onto the UK database, but how do you get off? What's that you say? You don't? Well, up to a point - but it's not strictly true to say that once you're on the database you absolutely can't get off again. It's just very, very hard and it's going to take you a long, long time. Fortunately, would-be escapees now have the benefit of some guidance from the Association of Chief Police Officers. Exceptional Case Procedures for Removal DNA, Fingerprints and PNC Records, released by ACPO on 24th April, is in part a response to recent decisions made by the Information Tribunal in connection with police retention of criminal records data. Alongside this, "recent widespread media coverage relating to the retention of DNA", ACPO says, is likely to result in a high volume of removal requests over the next 12 months. These requests will in the first instance be made to Chief Officers in their role of data controller, and ACPO feels that it is important that "national consistency" is achieved in their responses. OK? So how does it work? "Exception cases will by definition be rare," says ACPO, and might well include cases "where the original arrest or sampling was found to be unlawful." Or, if it turns out to be absolutely clear that there wasn't any offence in the first place, that might count. And ACPO gives a specific example: "For example where a dead body is found in a multi-occupancy dwelling and the cause of death is not immediately obvious. All the occupants are arrested on suspicion of murder pending the outcome of a post mortem. All arrested persons are detained at the local police station and samples taken. It later transpires that the deceased person died of natural causes. No offence therefore exists, and all persons are released from custody." Find corpse, nick everybody within range just in case? One certainly hopes that's seriously exceptional. Fortunately though, the honest Chief Copper doesn't have to wrestle with these thorny issues alone. Or possibly, at all, considering ACPO's recommended procedure. First, a request for deletion of a Police National Computer (PNC) record, DNA sample or fingerprints should be viewed as being "a request to remove all items." It is then "essential", says ACPO, that the DNA and fingerprint records are matched correctly to the appropriate arrest summons number on the PNC record. But here comes a gotcha: "Samples taken on other occasions should not be deleted." Which we take to mean that if you're not pursuing a DNA record specific to a PNC arrest record, then you're not going to get off the database. Close the door on your way out. But what if it is associated with an arrest record? "In the first instance applicants should be sent a letter informing them that the samples and associated PNC record are lawfully held and that their request for deletion / destruction is refused" Oh, right... "unless the applicant believes the application should be regarded as exceptional." In that case, "the applicant should be invited to state the grounds upon which they believe their case to be exceptional." And then the Chief Officer gets to decide? Well, not exactly. "The Chief Officer is asked to consider any response and either reply to the applicant rejecting the application for the removal of the record(s)" Oh, right... "or refer the case papers to the DNAFRP [DNA & Fingerprint Retention Project], thus ensuring that a consistent approach is adopted nationally." Then DNAFRP will respond with advice taking into account any relevant precedents, and then the Chief Officer gets to decide. Using a response letter template supplied by DNAFRP. It may be occurring to you that one might easily die of old age while this process was under way. But don't you go thinking dying's going to get you off the database, sunshine, oh no... ®
John Lettice, 26 Apr 2006
channel

Phishing goes international

InfosecInfosec The number of phishing attacks targeting non-English speaking financial institutions is on the rise. Attacks targeting countries outside the English-speaking world now represents almost 40 per cent of worldwide phishing targets, according to data processed by RSA Security's Anti-Fraud Command Centre. RSA said it has shut down more than 10,000 phishing attacks hosted in 70 different countries. The primary phishing targets worldwide still remain English speaking countries such as the US and the UK, followed by Australia and Canada. The United States alone accounts for approximately half of fraudulent email attacks. Over the last six months or so there's been an upswing in attacks targeting European countries, including Spain, Germany and Italy, as well as the Netherlands, Scandinavia and France. Emails are even being sent in local languages, such as Catalan, with fraudulent websites designed to circumvent protection mechanisms such as scratch cards with random access codes, or lists of one time transaction access numbers held by the bank's customers. RSA says the trend is down to a combination of factors including an increase in the number of online banking users in Europe and Asia Pacific, banks offering increased functionality as part of online services, and heightened sophistication on the part of hackers. Phishers have already begun targeting smaller financial institutions. Lately, email fraudsters have widened their net still further by moving across borders and expanding their global reach. Postings in online fraudster communities suggest a recent surge in demand for compromised credentials, referring to the users of various European banks. Crooks often seek to make it more difficult to take down fraudulent websites by hosting them in countries outside the region being targeted. The origin of phishing attacks varies widely. Less than half the phishing attacks against UK punters originate in the US, with 20 per cent coming from Korea, seven per cent from Germany, and four per cent from the UK. In Spain, 37 per cent of phishing attacks are instigated in the US, 20 per cent in Germany, seven per cent in Korea, and five per cent in Japan. RSA Consumer Solutions senior product manager Andrew Moloney said: "Crooks are looking for the next tier down with targeted attacks in specific languages. Fraudsters are essentially crooked entrepreneurs; they are constantly looking for the greatest return for the smallest investment, and financial institutions in relatively untapped markets with users unfamiliar with phishing attacks are an attractive target. Banks and customers who have been fortunate enough to avoid attracting the attention of the fraudsters so far now need to be on their guard and take preventative, proactive measures wherever possible." ®
John Leyden, 26 Apr 2006

Airbus proposes cost-saving 'standing class', says NYT

Aircraft manufacturer Airbus has come up with a cunning plan to cram 853 unfortunate passengers into its new A380 - make them all stand up strapped to a padded backboard, the New York Times reports. The new "live veal calf export class" has been proposed to Asian carriers, but none has taken up the sensational idea, the paper reports. German researcher Volker Mellert, who's seen the design for the proposed restraint, stressed that it would only be used for short-haul flights, such "such as island-hopping in Japan". An airbus spokeswoman, meanwhile, told the Sydney Morning Herald: "I can't comment, I am not aware [of it]." Which is unsurprising, since when the Guardian's news blog made contact with Airbus after running a piece on the NYT report, a spokesperson described the whole thing as "a fantastic story but not true". The official added: "It is not something that Airbus has been working on and if flies in the face of what we're doing with the A380, which is more room. We can assure you it is not an Airbus idea, we have not talked about it inside Airbus and our customers have not asked us about such an idea." Accordingly, Airbus has asked the NYT to print a correction. One thing is true, though - it is actually a terrific idea. For the record, an A380 fitted with seats is designed to carry up to 555 people. An extra 300-odd crammed into every flight will doubtless help the airlines squeeze a little profit from what has been, up to now, virtually an exercise in charitable public transport with no expense spared to provide passengers with the last word in jet-set luxury. ®
Lester Haines, 26 Apr 2006

Vonage hooks up with The Cloud

Vonage has inked a deal with Wi-Fi outfit The Cloud to enable its VoIP users to use their service on the move.
Team Register, 26 Apr 2006

US clamps down on violent supermodels

Danish supermodel May Andersen was unceremoniously expelled from the US yesterday after allegedly "slapping and wrestling" a flight attendant on a plane from the Netherlands to Miami last week. The unlucky Andersen also fell foul of US immigration authorities, AP reports, with officials deciding she was "inadmissable" under the visa waiver scheme. The battling clotheshorse spent two nights in chokey on charges of "battery, resisting arrest, and disorderly intoxication" - thereby outdoing even Naomi Campbell who recently managed just a feeble second degree assault rap after allegedly battering her housekeeper with a jewel-encrusted PDA. Sadly, we have no evidence of Andersen attempting to attack the pilot with a Victoria's Secret-branded BlackBerry, and therefore no real excuse for running this story at all. We would, however, like to suggest that Ms Andersen has got off extremely lightly in this matter. Indeed, were she not a famous-ish model she might now be showing off the latest Guantanamo Bay Spring 2006 fashion range for the benefit of incarcerated terror suspects. As for Campell, she's due back in a New York court in June facing a possible one year's jail. Since she is really famous, let's see if the judge decides to order officers to drag her kicking and screaming on the first flight back to London, or fines her 50 bucks and asks for her autograph. ®
Lester Haines, 26 Apr 2006

Suffolk becomes 'face of government IT'

John Suffolk, currently the head of Criminal Justice IT, is to take over as the government's chief information officer. His appointment was announced by Cabinet Office minister Jim Murphy. Suffolk will lead the work of the CIO Council in implementing the Transformational Government strategy and head up the e-Government Unit. A Cabinet Office spokesperson told Government Computing News he will move into the position in early June, and report to Ian Watmore, the previous holder of the position who is now head of the prime minister's Delivery Unit. A statement said Suffolk will provide leadership to the IT profession across the wider public sector, enable public service transformation through the strategic deployment of technology, drive the development of shared services, and act as the 'face' of UK government IT both home and abroad. Jim Murphy said: "The government CIO is a high profile post at the centre of government. "I am delighted to announce John Suffolk has been appointed to this post as I believe he has the necessary drive, experience and leadership qualities to fill this pivotal role - a role in which he will be expected to play an important part in realising the government's vision for public service reform. " Suffolk has been director general of Criminal Justice IT (CJIT) since February 2004. Prior to that he worked in financial services, including a spell as managing director of the Britannia building society, and has worked on IT and transformation programmes. Watmore said: "After a successful career in the financial services sector, he has been an influential member of the CIO Council from its inception, through his leadership role on Criminal Justice IT. This combination of public and private sector experience makes him ideally equipped to lead the implementation of the Transformational Government strategy to enable the delivery of better, more efficient, public services." This article was originally published at Kablenet. Kablenet's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.
Kablenet, 26 Apr 2006

Where have all the dolly birds gone?

Infosec blogInfosec blog Infosec's second day witnessed the departure of most of the promotion girls that made the show more colourful than it otherwise might have been. This is a shame because many people only come to the show for one day and spend that lugging their luggage around from stand to stall.
John Leyden, 26 Apr 2006

NY subway w*nker gets two years' probation

NSFWNSFW Dan Hoyt, the New York subway perv who exposed himself masturbating to a 22-year-old web developer, has avoided a jail sentence, the New York Post reports. Hoyt had previously pleaded guilty to a public lewdness rap after victim Thao Nguyen snapped his self-love on her mobile and posted the pic on the web. He was quickly identified as the owner of two veggie restaurants called Quintessence, famed for their nutritious concoctions including "nut milk". The probation service and Nguyen demanded three months' chokey for Hoyt, but the judge disagreed, ordering the five-knuckle shuffler to keep it in his trousers for two years - or suffer the consequences. He is also obliged to continue a course of therapy. As he left the court last week, the perp was met with a group of protestors bearing banners reading, "Wash Your Hands Before You Serve Food", and "No Dan, I Wouldn't Date You" - the latter a reference to Hoyt's recent assertion that Nguyen would "probably want to go out with me" if she'd met him when he wasn't petting the trouser snake. Sadly, and despite his public humiliation, Hoyt still appears completely unrepentant. He told a New York Post hackette (unconvincingly, she explains): "I'm a changed man." He then immediately added: "She [Nguyen] may hate me. She may like me and want to go home with me. It's her call." The object of his masturbatory attentions not unreasonably concluded: "It doesn't seem like he's learned his lesson." Nguyen reckons Hoyt will continue to beat his meat for the benefit of womankind, but will "just be more discreet". He'll have to be: if he's caught again unzipped in public during his two years' probation he'll be straight off to the slammer. ®
Lester Haines, 26 Apr 2006

BT hits back at Carphone dig

BT has hit back at jibes by Carphone Warehouse boss Charles Dunstone that the UK's dominant telco should "spend a little more time looking at their own expensive call charges and a little less time reading our ads". Dunstone's comments followed a ruling today by the Advertising Standards Authority (ASA) which ticked off TalkTalk for saying that customers could make calls for "free". Responding to Dunstone's earlier dig, BT Retail COO John Petter said: "This is obviously a very embarrassing ruling, especially when Carphone is telling the world that its play on 'free' means 'free'. "We agree customers are important and note that the ASA has also received over 40 complaints from the public about the 'free' broadband advertisements. We will stop worrying about their advertising when trading standards bodies and customers can stop worrying about being misled by marketing spin about 'free' and the very smallest of small print." ®
Tim Richardson, 26 Apr 2006
hands waving dollar bills in the air

Esteem buys Scots ACCESS

Esteem Systems has jacked up its Scottish business by taking over Livingstone-based Sun house ACCESS Computing Ltd. Yorks-based Esteem said the deal meant it could enhance Access’ existing offering in Scotland. The target company’s turnover should be around £7.5m this year. ACCESS founder and MD John Livingstone will retire from the business. Analysts Ovum said the deal was not likely to be the last by Esteem, which has steadily improved its performance organically since its MBO in 2004 The companies did not disclose financial details of the buy.®
Team Register, 26 Apr 2006

Arms hawks land on EU security board

Arms manufacturers have been put in charge of forming civil European policies as agents of an unaccountable coterie of big business interests, civil liberties campaigners Statewatch claimed in a report yesterday. They have used their power to recommended giving themselves €1bn of subsidies, in addition to existing arms subsidies, to fund a raft of research projects for monitoring and controlling civil populations. The European Security Research Advisory Board was set up to control EU state spending on security research, and took the "unprecedented step" of effectively giving control over EU strategy to arms corporations. "The idea that private companies, run for profit, should be accorded an official status in the EU goes unchallenged. The result is that the arms industry is shaping not just EU security research but EU security policy," said the Statewatch report, "Arming Big Brother", Responsibility for the formation of civil security policy and strategy have been given to the European Association of Aerospace and Defence Industries, a lobby group, and Thales, the European military giant. With the power to control EU budgets, arms firms have already provided themselves with funding for projects including robot aircraft for "peacetime security", sort of like a black helicopter with an electronic eye instead of Ray Bans. Other projects include James Bond-style space surveillance and technology to spook people inside buildings. Statewatch says this is in effect a subsidy to cover the cost of arms firms branching out into civil surveillance. EU documents describe the aim of the subsidies as helping the European defence and security industries compete with American firms that have been awash with state cash provided under President Bush's homeland security policy. The report says €65m of EU subsidies had already been provided in breach of European conventions and to the dismay of the European Scrutiny Committee of the UK House of Commons. Some important security measures, such as dealing with nuclear fallout and protecting the critical infrastructure (power, water and so on), had been included in the programme. But it had no representation from the EU parliament or Commission, and no ethical or civil representatives.® Full Statewatch report, Arming Big Brother: 48-page pdf
Mark Ballard, 26 Apr 2006
channel

Commission rejects MS server claims and demo

MS v ECMS v EC The Court of First Instance reconvened this afternoon to hear the commission’s defence of its anti-trust decision imposed on Microsoft in 2004. The commission’s barrister Mr Whelan, in a blistering performance, told the court the two sides agreed on one thing - that the hearings of the last two days on Media Player had parallels with the server arguments in that it was another example of Microsoft leveraging its “super dominant” position in desktop operating systems to another area. Whelan said Microsoft’s refusal to give rival firms protocol information after 1998 in an industry where that is normal practice created consumer harm in terms of denial of choice, stifling of innovation, and protection of Microsoft’s near monopoly of desktop operating systems. After a brief explanation of terminology and network infrastructure, he said the commission accepts that there is some interoperability between machines running different operating systems, but that it was a question of degree. He reminded the court that at issue was interoperability of workgroup servers, not servers or computers more generally. He said Microsoft was interested in interoperability before 1998 because its product was in a minority position. When this changed, it refused to provide the necessary information. Microsoft originally licensed its API’s to AT&T, which licensed it to Sun. Whelan said Microsoft's claims of five ways to achieve interoperability were really three, and none of these were enough to allow effective competition. Using open standards like LDAP does not provide enough interoperability for domain controllers. Adding client side software is not sufficient because it involves extra expenses of installation and maintenance. Whelan said adding client side software would cost about the same as buying a Windows server. The third method, reverse engineering, is too slow and uncertain of success. Samba version 3 was released in 2003 to address the demands of Windows 2000 and only allowed a machine to be recognised as a member server not as a domain controller. On this morning's demonstration of Centrify’s software, Whelan said it did not allow a server to be considered a domain controller by Windows. He also noted that since the product came to market after the decision was made, it was not relevant to Microsoft’s claim that the commission decision was wrong when it was made. Whelan further denied that the protocols the commission was demanding would allow rival firms to “clone” Microsoft machines. Whelan said: “We are only talking about the rules of interaction between operating systems, no more than that. Rules of interaction refer to the structure of messages and reactions to such messages…. Source code is the implementation of a specification and you can’t create code from specifications.” The fear of cloning was: “A smokescreen of emotive jargon.” he said. Microsoft’s claim that protocols are protected by patent could only be proved by Microsoft, which had not substantiated the claim. Whelan said if protocols were covered by such patents, then presumably Samba was in breach of them. Whelan said the elimination of effective competition is not incompatible with the presence of minority players in a market. Whelan then turned his attention to the “mighty Linux”. He said even if Linux had a market share of between five per cent and 15 per cent at the time of the decision, it was made up of many different distributions so any claim of market share must be further divided. Whelan said: “It’s a reshuffling of the fringe, but a fringe it remains.” In the only joke in a heavy afternoon thick with involved references to various kinds of competition, copyright and patent law court president Bo Vesterdorf recommended Mr Whelan rest his voice over the evening. The court reconvenes tomorrow morning at 9am to hear from the interveners on behalf of the commission. ®
John Oates, 26 Apr 2006