29th > November > 2006 Archive
The US Supreme Court heard oral arguments in the case of KSR International v. Teleflex, in which the limits of combination patents and so-called obvious patents are being considered. According to several wire reports, KSR argued that its design for adjustable vehicle accelerator pedals does not violate a patent held by Teleflex for a similar gizmo, because Teleflex did not legitimately invent anything when it combined two existing technologies in an obvious way, and does not, therefore, deserve the patent.
And ninthlyAnd ninthly Was Daniel Sadville a knight with a moral compass wound tight or one of those pagan spiritualists out to make a huckster from anything that moved? That's what the audience wanted to know - just before they pulled out the tomatoes and the jackhammers - Julio Stantore, Large Gland Weeping My recent "How to help bloggers restore their dignity" seminar proved a smashing success. That was expected. What proved unexpected, however, was the recovering bloggers' newfound dependency on the video game Second Life. Bloggers have turned to Sadville to fill their moral corruption void and they've done so in some gratifying ways. Take, for example, one of my campers who we'll call Rafe X. Rafe spent his first forty years bumbling through life in an ordinary, uncontroversial fashion. He operated a New Jersey tollbooth, played with ribbons and bought Dell computers. Then, at 41, Rafe started a blog, hoping that an online diary would inject flavor into an otherwise dull heart-beating exercise. After a couple of months documenting underwear changes and interesting pennies that turned up on the job, Rafe realized that blogging wasn't all he had hoped. Blogging Rafe was the same stodgy nitwit as unblogged Rafe. And now five more people scattered around the globe knew this ugly truth. To really fix his problem, Rafe needed a life-altering experience not a life-masturbating one. So, he turned to Second Life - aka Sadville. Rafe joined a growing number of people who have concocted traumatic events in Second Life in the hopes of making their real selves more interesting. In short, he embraced the avatar of a 12-year-old boy and then started banging around the seedy streets of Sadville. Rafe modeled his avatar's supple, young tush to any other avatar - be it man, beast or doorknob - that would have a look. Eventually, the tush did the trick and a drunken uncle avatar molested Rafe in the middle of Sadville's popular Lollipop Grove. The one molestation turned into another one and then another one. Eventually, Rafe got exactly what he wanted from Second Life - a troubled childhood. The toll collector has since used this "fake" troubled childhood to explain why his "real" life is so pathetic. "I was raped by 12 uncles," he confessed to the thousands of attendees at my seminar last month in Bangkok. "That's how I ended up as a lowly toll collector. That's how I ended up having only myself to hold as I fall asleep every night. That's how I ended up relying on the chefs at Swansons to add zest to my life. That's how I ended up blogging." You might think Rafe the exception rather than the rule, but hundreds of my seminar attendees admitted to faking their own childhood traumas in Second Life just to provide a rationale for their dismal existences. So we find Sadville emerging as some kind of odd online Prozac for the over-privileged, over-nurtured, over-loved middle-class that missed out on the drug addictions, eating disorders and deaths that added substance to exciting peoples' lives. And how has Linden Lab - the emergent company behind Sadville - rewarded this behavior? Well, with the cruelest of punishments - timeouts. On the Second Life police blotter, you'll find one desperate blogger banned for 7 days after displaying "crude and offensive images and animation" in Sandbox Island. I happened to witness this "indecent event," and it was nothing more than Rafe X being heavily pet by a paint-sniffing tulip named Uncle Rob. Dear heavens, Rafe needs that tulip just to feel human, and now Sadville has taken his pain away. It makes me pig-tossing mad. (Seven days seems so excessive when other Sadville members who hijack accounts and give away peoples' funds are only banned for 14 days. Is there no justice in Second Life?) Isn't wonderful that computers have brought us to this point where we can live out the pedophiliac nightmares that we never actually got to experience in a virtual world? When will CNET and Reuters' reporter avatars tell us all we want to know about these sweet tails? ® Otto Z. Stern is a director at The Institute of Technological Values - a think tank dedicated to a more moral digital age. He has closely monitored the IT industry's intersection with America's role as a world leader for thirty years. You can find Stern locked and loaded, corralling wounded iLemmings, talking, drinking and driving, suppressing Bill Gates U, developing strong Mexican engineers, corrupting his youth in Sadville, masticating beta culture, booing our soccer team, following Jimmy Wales, nursing an opal-plated prostate, spanking open source fly boys, Googling Bro-Magnon Man, wearing a smashing suit, watching Dead Man, dropping a SkyCar on the Googleplex, spitting on Frenchmen, and vomiting in fear with a life-sized cutout of Hilary Rosen at his solar-powered compound somewhere in the Great American Southwest.
The FBI has let Indiana University graduate student Christopher Soghoian off the hook for having posted a fake boarding pass generator on his website. Soghoian had intended to illustrate the ease with which a person on the no-fly lists could gain access to secure areas of an airport, although it is unlikely that anyone could have boarded a plane without further trickery. Naturally, the TSA is less than welcoming toward those who would reveal the flaws in its security protocols, so the FBI quickly moved in by ordering Soghoian to remove the pass generator from his site, searching his residence, and impounding his property. A month or so later, the Feds have decided to let the matter drop. According to Soghoian, the authorities were in no way persuaded that he had performed a service by spotting a flaw and publicising it, but allowed that he had not intended to cause harm. He points out on his blog that the no-fly lists are exceptionally weak, with numerous false positives to their credit, and no terrorists caught. He notes that it's also possible to fly domestically without ID if one is willing to submit to additional screening, which means that a banned person could fly, although it would be difficult for them to smuggle a weapon on board with the extra scrutiny they would attract. "The domestic no-fly list and the ability to fly without ID simply cannot co-exist," he writes. "We need to figure out, as a nation where the majority of people do not support a national ID, if we want a no-fly list in the first place and if we are willing to be forced to present our papers." He seems to believe that the government should do it right, or not at all, with a bit more emphasis on the not-at-all option. He's clearly no fan of the TSA's slack approach, which is to enact a security rain dance, the sole purpose of which is to assure the public that "something" is being done. ®
CommentComment With January approaching, bringing foul weather and a Democratic majority to Capitol Hill, the President has abandoned one of his cute little dodges that had shut down Congressional inquiries into the NSA's mass wiretap scandal. The Department of Justice (DoJ) Office of the Inspector General (OIG) will now conduct a review of the Department's involvement in the affair, as Congress had previously requested. In the past, the White House had thought it clever to deny the inspectors the security clearance necessary to perform this duty, while a Republican majority on the Hill obediently declined to insist. But the balance of power in Washington is about to shift, and Bush can read the handwriting on the wall as well as anyone. There's no point trying to obstruct the inevitable. Thus the inspectors have finally been granted clearance to do their jobs. DoJ investigators will examine how the data scooped up by the NSA is handled and applied when US citizens are affected. No doubt the government's practices will be measured against the Foreign Intelligence Surveillance Act (FISA), although the Bush administration has claimed repeatedly that it answers to a higher authority. Too easy This apparently proactive cooperation should strike Washington watchers as preemptive. If the Bushies are willing to concede the issue without a fight, it's most likely because they doubt there's much red meat to be had from it. That is, if they want this investigated first, it's because they want other things investigated last. The media has made a great fuss about this program, so it should surprise no one if the combination of a whole lot of smoke and a small fire suits the administration quite well. If it keeps Congress and the press occupied, and only hurts the administration moderately, it's a Godsend. There are so many dark avenues for Congress to illuminate: arbitrary classification of "enemy combatants", indefinite detentions, extraordinary rendition, secret prisons, torture, military kangaroo courts, prisoner abuse, war crimes, phony intelligence used knowingly to justify a needless conflict. Along these avenues lurk unspeakable things involving blood and death, endless loneliness, profound loss, and enduring pain. The NSA spy scandal offers the administration many virtues as a national hobbyhorse. For one, it's painless and "clean"; no one has been bloodied, maimed, or killed by it. It doesn't melt anyone's skin like the incendiary weapons used in Fallujah; it doesn't blow up one's house and leave half of one's family dead. It doesn't cause the premature burial of young Americans killed in Iraq, whose families need them far more than their country ever did. No one in Iraq is fighting for America, not even the Americans. The USA never needed that war; George W Bush alone needed it, and for a contemptible reason: he thought it would make him Great. Another virtue of the spy fiasco is its relevance: it (presumably) affects millions of Americans, which the carnage in Iraq and the associated counterterrorist brutality now hidden from us cannot. It's something that the public can appreciate in a personal way. This guarantees it tremendously solid legs in the press. The atrocities in Fallujah will never be as relevant as the thought of Uncle Sam surfing pr0n over your shoulder, or listening to you break up with your boyfriend over the phone. Indeed, the NSA spy program could be just the media obsession the administration is looking for, now that the balance of power has shifted. ®
The EFF has successfully defended the owner of a web site ridiculing Barney the Dinosaur. Shysters representing the simpering mascot had demanded that webmaster Stuart Frankel cease and desist in giving the purple menace the negative publicity he so richly deserves. Lyons Partnership, Barney's corporate masters, claimed that Frankel was violating their copyrights by mocking their profitable creation on line. But then the mighty EFF marshaled its legal beagles, and for once, they were able to prove fair use. Frankel is free to disparage the reprehensible reptile using his own likeness, slogans, and desultory ejaculations. It's always good to see today's children's programming taking the abuse it deserves. Sesame Street, while uniquely intelligent, is a veritable snake pit of sexual perversions. One look at Big Bird's eyelashes, and you're ready for tender bestiality ("Rubber Duckie"), oral compulsions ("Eating Cookie"), group homosexuality (Bert, Ernie, and the Count in bed), and pedophilia ("kiss kiss, baby" Elmo). The Reverend Lou Sheldon needs to get involved. Meanwhile, Bob the Builder is clearly some diabolical American plot to sell the idea of dead-end wage slavery to impressionable sprouts. And don't even get me started on Teletubbies. Most of these shows treat children as if they were basket cases - they actually teach stupidity. At times I scream, "They're children, not retards! Don't you people know the difference?" I'm especially gratified to see Barney go down for the count, even if, metaphorically speaking, being conquered by the EFF is much like being bitten to death by a duck. I believe he's neurotoxic. I forbid my young son to watch the show, fearing that it will make him dull witted, or gay. Incidentally, I don't permit him to play with dolls, either, even if they are branded as "action figures". I was given a GI Joe doll as a lad, but quickly, and wisely, lost interest in it. And you see how I turned out: perfectly heterosexual, except for the lightest of crushes on actors Andy Garcia and Johnny Depp. And maybe George Clooney and Russell Crowe too, but I'm not sure. There were no GI Joes in tight leather jumpsuits or plush talking Barneys in my childhood. I did have a lot of regular stuffed animals, however, all which I loved deeply. None of them were purple or sang gay songs, I can assure you. They remained silent and stoic, even as I lined them up in bed for interrogations each week on prison camp night. There was no wheeney, whiney, pleading "I love you, you love me, we're a happy family" nonsense from them during their simulated water boardings and car-battery 'encouragements'. No sir. It's a harsh world, after all, but I like to think that I brought some joy and tough love into my little corner of it without Barney. And thanks to the EFF's successful defense of free speech and contrary opinion, I'm confident that my son will learn to do the same. ® Bonhomie Snoutintroff is a plain-spoken strong leader in cyberspace. He did poorly in school but his family is rich and well connected, so he's served as CEO of numerous, well-known Internet ventures that for various reasons unrelated to his forward-looking guidance no longer exist. He developed a cocaine and alcohol problem, although he refuses to dwell on the past: his mission is to bring honor and dignity to the IT profession. His keen insight as a global techno-visionary is matched only by his Christian humility.
InterviewInterview Earlier this week, a leak from the Treasury's much-anticipated Gowers Review of Intellectual Property suggested the former Financial Times editor will recommend the government not extend the copyright term granted to sound recordings.
Apple has posted a Mac OS X Security Update that patches almost two dozen holes in the Unix-based operating system. The update incorporates fixes for AirPort, Apple Type Services, Finder, Installer, Security Framework, VPN and a raft of other, under-the-hood apps and utilities.
Industry commentIndustry comment There's a secret many people in the IPTV/VoD industry don't want you to know. Setting up an IPTV network is actually incredibly easy. In fact, almost anyone can do it. But if you knew that, you'd build your own and no one would make any money by selling you proprietary products with huge mark-ups.
AMD will today announce its Quad FX platform, formerly codenamed '4x4', it has been claimed. The technology is built out of Nvidia's nForce 680a SLI chipset and AMD's new Athlon 64 FX-70 series of dual-core processors.
Nineteen MPs have accused a government agency of restricting the procurement of software in schools. In an Early Day Motion (EDM) led by Liberal Democrat MP John Pugh, the MPs claims that the government's adviser on the use of ICT in education, the British Educational Communications and Technology Agency (Becta), is excluding suppliers of open source software. The EDM says: "This house...expresses concern that Becta and the Department for Education and Skills (DfES) through the use of outdated purchasing frameworks, are effectively denying schools the option of benefiting from both free and open source software and the value and experience small and medium and ICT companies could bring to the schools market." Pugh told GC News: "The EDM is like a gauntlet being thrown down to Becta and DfES. It is a challenge for them to prove that our concerns have been misplaced. "This is an opportunity for government to not only talk the talk but to walk the walk, because within education the procurement frameworks are stacked against the small to medium enterprises especially at the bidding stage." A Becta spokesperson said: "We strongly reject the claims made by John Pugh that it is denying schools the opportunity to benefit from free and open source software. "We also strongly reject claims that the procurement frameworks are outdated." This article was originally published at Kablenet. Kablenet's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.
Polonium-210, the radioactive isotope fingered as the substance used to off exiled Russian KGB spy Alexander Litvinenko, is available to buy online for just $69 plus shipping and handling. New Mexico firm United Nuclear Scientific Equipment & Supplies offers a sample of radioactive element on its website, as part of its aim of putting the "fun back into science". Litvinenko died at University College Hospital on Thursday, sparking a massive search of London locations for traces of the dangerous element. The BBC told us yesterday: "The radioactive substance implicated is as difficult to obtain as it can be to detect." Hmm. United Nuclear don't do international shipping, but we reckon a determined assassin might find a way round that. Since retreating to The Register's central London anti-nuclear bunker in blind panic when the poisoning story broke, we could have sworn we've been told by sections of the media the use of polonium-210 meant the assassination must have been sanctioned from the top. The only possibility was for Vladimir Putin having handed out vials of the stuff to an elite force of brilliant but disfigured hitmen in a disused provincial Soviet nuclear power station, we were led to believe. In fact, according to the vendor, polonium-210 is the only alpha particle emittor available without a licence. ® Bootnote United Nuclear was set up by researcher Bob Lazar, who claims to have been involved in reverse engineering alien spacecraft which crash landed at Area 51. And yes, we know the amount in the United Nuclear sample probably wouldn't kill anyone, but that's not really the point of the above is it?
The Ministry of Defence (MoD) is banning all staff from accessing eBay. All the 180,000 MoD uniformed staff and the 100,000 civilian staff are banned from accessing eBay via the MoD's network. But the ban does not apply to squaddies on active service in Iraq or Afghanistan - although they might have trouble getting couriers to deliver their purchases. Some soliders complained to The Sun newspaper that the ban would make it harder for them to buy extra equipment. An anonymous officer told The Sun: "The lads like to personalise the bog-standard equipment we're issued with their own purchases, to improve them and make them more comfortable. The best way to do that is second-hand over eBay." A spokeswoman for the MoD told the Reg: "It's true we don't allow eBay access for people at work. But soldiers on active duty in Afghanistan or Iraq get internet access as part of their 'operational welfare package' - which is for leisure use, not work, so they can access what they like." More from The Sun here. ®
Irish businesses are holding back from taking advantage of modern technologies because they are concerned about potential risks. According to new research from CA, 100 per cent of Irish IT managers surveyed said risk-related concerns were enough to stop them implementing new technologies. This figure fell to 80 per cent among European/Middle eastern businesses, but still remained a significantly high number. The survey took in some 715 senior IT managers in Europe and the Middle East, including 20 senior IT managers in enterprise-sized organisations in Ireland. The study found that many firms across the region are failing to adopt an integrated business risk management service, leaving IT departments out of the decision making process. Not only does this create the potential for unforeseen vulnerabilities throughout a business, it also holds companies back from deploying new technologies that could give them an advantage over competitors. EMEA-wide, some 60 per cent of company technical officers said although risk was considered "broadly" across their businesses, they were only involved in discussions about risk requirements at a senior level about 30 per cent of the time. This figure fell to 50 per cent among Irish IT managers. "Across EMEA, a fairly staggering 55 per cent of respondents have no overall risk management budget for the business or IT, and in Ireland, this figure rises to 65 per cent, while in both EMEA and Ireland only 30 per cent [of businesses] involve senior IT management in discussions about business risk," CA country manager for Ireland Frank Kennedy said. "This disconnect will continue to drive a wedge between the business strategy and the IT strategy, undermining or even preventing the business from competing or evolving in their market," he said. Top of the list of concerns among the senior business managers surveyed was loss of critical business information and operational downtime as a result of an IT system failure. Around 95 per cent of Irish executives specifically considered this threat in their business risk management planning. Some 60 per cent of Irish respondents said illicit use of confidential information was also a major concern, closely mirroring the Europe/Middle East figure of 58 per cent. Copyright © 2006, ENN
Contrary to popular belief, it seems that chocolate isn't always simply a pleasurable oral substitute for sex. In fact, chocolate munchers are a rowdy bunch - a bloke in the midlands who is rather partial to a "Rocky Road Slab" is also "fantastic in bed", apparently... How do we know this? One El Reg reader alerted us to the fact that online choccy provider Hotel Chocolat had been inadvertently displaying personal information on its website. Names, addresses, and orders could be seen alongside intimate messages left for the intended recipient of chocolatey goodness. Although the website was not displaying anything as private as credit card details, the fact that names and addresses were viewable is enough to violate data protection. As soon as she became aware of the privacy issue she emailed Hotel Chocolat and politely suggested it fixed what was clearly a security flaw. However, it took several emails before the website responded, which meant personal details were displayed for at least a day - though likely for longer than this - before the issue was rectified. The website has a privacy page that states the following: "Security is a priority at Hotel Chocolat...You need to know that a website is legitimate, and transactions are secure before you buy. To address these issues, the Hotel Chocolat website uses a Digital Certificate from BT TrustWise." Hotel Chocolat also uses Verisign, which should encrypt information before it is sent across the web to help secure the site from hackers/wrong-doers/people in dark bedrooms with nothing better to do, etc. But for at least 24 hours the website offered dubious types the opportunity to print off personal information. By mid-afternoon yesterday the website had finally been fixed, it seems, thanks largely to our reader's determination. Meanwhile, Hotel Chocolat isn't talking to us despite several phonecalls. Seems they're, er, fully booked or something. ®
CommentComment Microsoft and Novell have recently announced a set of agreements to build, market, and support a series of new solutions to make their products work better together. Microsoft will now recommend SUSE Linux Enterprise for customers who want Windows and Linux together. The two companies are going to create a joint research facility at which Microsoft and Novell technical experts will architect and test new solutions with customers and the open source community, including virtualisation solutions, web services and service-oriented architectures (SOA), and interoperability between office productivity applications. They have also promised to provide each other's customers with patent coverage for their respective products. Microsoft and Novell will each provide covenants that promise not to assert their respective patent rights against customers who have purchased or licensed products from the other. Microsoft has also made some agreements with Novell regarding the open source community. Finally, the two companies will pursue a variety of joint marketing activities to promote the adoption of technologies on which they've collaborated. Novell has posted a FAQ on its web page for the open source community explaining details of the agreement as it relates to the community. The implications of what Microsoft and Novell are up to should keep pundits busy for awhile. Certainly a flotilla of lawyers are earning their holiday bonuses this year. But we're more interested in the why of it all, and more importantly, why now? Novell has been losing ground to Red Hat and others despite the fact that many believe SUSE to be the superior distribution from a technical viewpoint and despite the fact that companies like IBM have made significant financial contributions to make sure Novell could do the right things with SUSE. At the same time, Microsoft is turning up the heat as Vista hit RTM (release to manufacturing) this week, surrounded by discussions of changes to the wording of its upgrade policy, concerns over what features are available on which versions of Vista, what exactly the WGA (Windows Genuine Advantage) will be like under Vista, and how likely this is to turn customers off Microsoft and cause them to seek alternatives. Certainly, both companies are vulnerable. Novell has had many recent changes in executives and strategy and has yet to find a compelling message for its mix of open source SUSE and traditional Novell products. Microsoft's announcements, changes, and re-announcements around Vista have led to the development of a web community akin to that which follows the television series Lost, as the curious try to figure out exactly what is really going on and what it all actually means. On another front, patents come up frequently in these agreements. Said agreements are not irrevocable, and they are finite, but they certainly indicate an intent and a direction from the two companies. It is a sad statement on the state of the industry that more and more companies are making money from patents and intellectual property not by making products with them but by threatening other vendors who may be infringing those patents. SCO has certainly become the poster child for how not to do this, but respectable Linux supporters like HP came out early indemnifying its customers who used Linux in case the threat might be credible. As far as we know, no Linux customers have been sued for using a distribution, but vendor versus vendor could be the subject of the next Celebrity Deathmatch series on MTV. In this particular instance, although Microsoft and Novell have promised to play nice, many disgruntled folks in the open source community aren't sure if what Novell has done is actually in violation of the GPL or whether they're just selling out. This announcement has given the press a bit of excitement while they wait for the Zune and Vista launches. But in terms of real impact on users? Well, we're not holding our breath. Copyright © 2006, The Sageza Group
An email showing a man being decapitated has led to disciplinary action for 100 Herfordshire police officers and staff after a "robust" investigation. The American email at the centre of the controversy reportedly showed images of a black man who, during a police chase in Atlanta, attempted to jump from a flyover onto the roof of a building and was then decapitated after falling on railings. The email, entitled "do not run from the police", was distributed to 400 officers and staff, of which 100 viewed the disturbing content. The remaining 300 deleted the message. Deputy chief constable Simon Ash said: "I am disappointed by the conduct of officers and staff who distributed this inappropriate image that some people may have perceived as being racist." However, Adam Kemp, chairman of the Hertfordshire Police Association told the BBC that the disciplinary action did not relate to any racist offence, but rather that staff had breached the force's internet security policy. "My own view is that the image itself is not racist but it's certainly inappropriate to be circulating it within a police force," he said. The five-month-long investigation was conducted under the supervision of the Independent Police Complaints Commission. Eight police sergeants were reprimanded and seven civilian supervisors were given final written warnings for distributing the email. Read the full press release from the Hertfordshire Constabulary here.®
University security experts warned administrators on Monday that a bot program has started to spread by exploiting five patched Microsoft vulnerabilities and a six-month-old flaw in Symantec's anti-virus software.
Nokia yesterday launched a trio of handsets, including its latest bid to win business from Apple's iPod and other music players with its a colourful music-friendly handset. It also took aim at the mid-range 3G arena with a clamshell-format 3G smart phone.
Acquisition mad accountancy vendor Sage Group PLC reported revenues and profits up, as it unveiled its full year results today. The Newcastle-based software developer turned in revenues of £935.6m for the year ending 30 September, up 23.2 per cent on the year. Pre-tax profits were up 14.3 per cent to £221.2m. Sage is famously acquisitive, buying its way into local markets for accounting and other software around the world. This year it snapped up seven more companies. Nevertheless, organic revenue growth was seven per cent for the full year, and eight per cent in the second half. The company has its eye on further acquisitions, it said today. North America is Sage's biggest market, generating revenues of £321.4m, with EBITA of £76.4m. Mainland Europe pulled in revenues of £253.2m, and EBITA of £59.3m. The UK pulled in revenues of £205.2m, with EBITA of £75.6m. The rest of the world generated revenues of £68.2m, with EBITA of £18.2m. While Sage said it will keep on hoovering up other companies and product lines, it also plans to overhaul its UK product line, integrating its product line more tightly and building on a common database technology for its entry level products. Who knows, maybe this strategy will work for its product lines across the world. ®
Gateway UK today unveiled its bid for the wallets of the PC-buying public this Christmas with a pair of Core Duo-based and Centrino-branded notebooks and a trio of desktop systems released under its eMachines brand.
Nokia is to bring the brushed-metal look of its N series of smart phones to a broader audience next year with the Nokia 6300. The stylish new handset has a mid-range spec and an attractive price that includes a 128MB MicroSD card.
ReviewReview Most Shuttle XPC small form-factor systems such as the SN27P2 and the SN37PS look like a cut-down PC tower, but the XPC mini X100HA sets a new standard. It's absolutely tiny. We previewed the X100 here and now we've got our mitts on a real, live working example...
It appears the Russian government has agreed to shut down popular music site AllofMP3.com in order to appease US objections to it joining the World Trade Organisation (WTO). However, the management of the site still insists it is legal. The summary of negotiations from the US Trade Representative, dated 19 November, names AllofMP3.com as an illegal distributor of music. The letter outlines an agreement between the US and Russia on what it must do in order to join the WTO. The summary says: "The United States and Russia agreed on the objective of shutting down websites that permit illegal distribution of music and other copyright works. The agreement names the Russia-based website allofmp3.com as an example of such a website. "Russia will take enforcement actions against the operation of Russia-based websites, and investigate and prosecute companies that illegally distribute copyright works on the internet." But Putin's government might have a fight on its hands. Mediaservices, the parent company of AllofMP3 and Alltunes, put out two statements again insisting the services are completely legal. An FAQ on the site - available here - claims the service is legal under Russian law. Another document explains why it is legal for US consumers to buy music from the site. The company also again offered to take down any material which rights holders want removed from the site. Vadim Mamotin, director general at Mediaservices, said: "If the RIAA had done its homework, it would have discovered that even under US law consumers apparently have a legal basis to purchase music from AllofMP3. There is absolutely no legal basis for the campaign against AllofMP3." The US' letter calls for legislation to stop such sites by 1 June 2007. "Amendments to the law to provide that collecting societies may act on behalf of rights holders that explicitly authorise such action; and provisions needed to implement the World Intellectual Property Organisation Copyright Treaty and WIPO Performances and Phonograms Treaty." The US also wants Russia to increase penalties for convicted pirates and to protect information relating to pharmaceutical tests. The Russian government also promises to take action against CD and DVD pirating companies using military facilities to make their copies. The side letter says: "Ensure that facilities on the territory of government-controlled military-industrial sites are not leased or otherwise made available to companies producing optical media bearing content protected by copyright or related rights." The summary of bilateral negotiations is here, the side letter is here, or you can see allofmp3's FAQ here. Allofmp3 is very much online at the time of writing. Site monitoring service Pingdom reveals the site has only had 18 minutes of downtime in the last week. More here. ®
Microsoft is turning to the telecoms sector for leadership of its global services operations in the wake of veteran Rick Devenuti's departure. The company has named its communications sector vice president Maria Martinez as vice president of worldwide services, taking over from Devenuti next January.
Thanks very much to reader Neil for pointing us in the direction of his local rag The Bolton Evening News, which is offering readers the chance to buy a snap of this poor bloke: Nice one. As Neil says: "Gruesome, but could look very nice on the office wall." Update The "Buy this photo" option has now been removed from the story. Quite right too.
O2 has begun pushing an early iteration of its My bluebook upload service, which enables subscribers to copy data to a password-protected web-accessible account. My bluebook has been around a while but O2 has kept it relatively quiet as it implements bits that might make the effort of signing up worthwile. Next year the service will be automatic so all texts and media messages will be mirrored to the user's My bluebook area. At the moment there's a faffy shortcode text number to upload material to. O2 says it's also building in an automatic address book synchronisation feature, which would provide a useful no-brainer backup for those, almost, inevitable incidents of leaving one's phone in a taxi/toilet/swamp. It'll also be compatible with Microsoft Outlook, if you're into that sort of thing. The ubiquitous social angle is there too, with subscribers able to share their content via forwarded weblinks. O2 say My bluebook is free and uploading won't even incur any data charges or use up any of your GPRS allowance. But there is one catch. The Ts and Cs ensure subscribers won't be able to take the contents of their bluebook with them should they up sticks to another operator. ®
We reckon the English-language version of Pravda needs to have a rethink regarding the snappy photo gallery navigation bit on its front page. While the top pic does indeed link to a photographic disasterfest, it's a bit strong to label The French Lieutenant's Woman as any other than a roaring Hollywood suceess. And quite what the poor old Honda Legend is doing there is anyone's guess, since to our knowledge this fine Japanese automobile has never tried to kill a Frenchman. ®
The News of the World's royal editor has pleaded guilty to consipracy to intercept voicemail messages. Clive Goodman, 48, from Putney, London and co-accused Glen Mulcaire, 35, from Sutton, appeared at the Old Bailey today and both admitted the same charge - five counts of intercepting the voicemails of an MP, a supermodel, a footballer's agent, and publicist Max Clifford among others. Goodman was arrested over claims made by the Prince of Wales's household that security had been breached after the News of the World published a story detailing a private conversation between Prince Harry and Prince William in 2005. Clarence House alerted the Royal Protection Unit which led to an investigation by anti-terror police and the subsequent arrest of Goodman. Liberal MP Simon Hughes, supermodel Elle Macpherson, and Sol Campbell's agent Andrew Skylet all had their voicemails intercepted by Goodman and ex-AFC Wimbledon footballer Mulcaire. According to the Guardian Mr Justice Gross said: "All options are open. It is an extremely serious matter." Goodman issued an apology this morning to Prince William, Prince Harry and the Prince of Wales for the "gross invasion of privacy" caused. Sentencing of the pair will be determined after an Old Bailey hearing next January. ®
We've been hearing about RFID for a while (see the RFID Gazette, for example, here). The technology is genuinely useful as it solves an identification problem faster than other methods. So, a store knows what product you've brought to the checkout without having to scan the barcode, for example, and the US government wants to put RFID in passports (see Bruce Schneier here, commenting on an article in Wired) so that instead of people forming orderly queues in front of a border guard they can be mass-processed. Credit card companies want to put RFID in your credit card - instead of the slow process of swiping your card and entering your PIN you can wave it near a reader without taking it out of your wallet. We're looking at an explosion of the applications of RFID, and a chunk of last month's RSA Conference in Nice was dedicated to highlighting the security risks associated with this. Identity theft is a big concern as a terrorist can alter his passport to emit an assumed identity to get past a security check point, possibly with less risk than that associated with forged paperwork. And, if a thief creates an RFID chip that emits your card details, he doesn't even need to bother to make it look like a credit card because it stays in his wallet. Privacy is another issue: you buy something in a store that uses RFID inventory control and all day long anyone interested can tell what you're carrying and where you shop. Some people argue that this information isn't personal, as RFID scanning a crowd may tell you that someone is carrying HIV treatments or pornographic films but it doesn't identify the person. Nevertheless, things might be different if the person also happens to be carrying an RFID-enabled credit card, a passport, a store fidelity card, or whatever the next piece of RFID-enabled identification is. A less personal threat is one against the enterprise that increasingly uses RFID to streamline business processes. The technology is being applied in new areas such as supply chain management; and each new application increases the vulnerability of the technology to attacks. If organised crime wants to know if a warehouse is worth exploiting then they've a whole new attack vector to exploit. Who knows if there will also be ways to extort by means of "denial of RFID service" attacks? Life will certainly be easier for the industrial "espions" among us. Efforts are under way to mitigate the security risks, and several organisations have published codes of conduct that contain good solutions for privacy protection. For example, the RFID tags on your shopping will have tear-off antennas that are removed at check out. This means they cannot be read remotely after you've paid for the goods. The effectiveness of these protections will, of course, depend on if and how they're implemented; clearly the stores would prefer a voluntary code of practice, but with regulation the consumer can have more confidence that corporations will do the right thing. Regarding credit cards, it seems the motivation for this technology is to allow small payments to be processed more quickly. We've all been stuck behind someone searching for bus change and personally I'm all for anything that reduces my chances of being provoked into homicide. The designers of RFID micro payments say you'll have to wave your wallet right in front of the card reader so it's totally secure. However, this confuses the difference between the distance the system is designed to work at reliably and the maximum distance it will work at if you're lucky. In other words, the card will always be readable at a couple of centimeters by normal equipment, but what's the distance it will work at for the criminal who has invested in specialist card reading equipment? Would it be practical, for example, for someone with such equipment to walk through a crowded shopping centre, walking close to people, skimming card numbers without anyone realising? As long as the thief can get enough credit card numbers or make enough micro payments then the attack works, even if some cards can't be read. With an RFID credit card, the attack will be invisible and we're not going to know it's happened until the end of the month when we trawl our credit card bill to pick out the bus-fare-sized payments we didn't make. Of course, the card companies tell us this can't happen as the technology is completely safe, but security researchers sometimes discover otherwise. On the bright side, at least there's going to be a whole new market for aluminum wallets... ®
Novell has abandoned an open source project hyped as challenging Microsoft Outlook and Exchange by becoming the "Apache" of email and collaboration software. The company has pulled full-time engineers off project Hula following lacklustre demand. Engineers are "moving to other roles", according to the Hula mailing list. Novell announced Hula amid a fanfare at LinuxWorld, Boston, in February 2005 by donating 200,000 lines of code from its NetMail collaboration server to the community. Novell's then chief executive Jack Messman predicted Hula would "become for collaboration what Apache is to servers". Apache is the internet's number one web server. Hula drew strong support from the Mozilla Foundation, Open Source Applications Foundation, Open Source Development Labs, and O'Reilly Media's father of Web 2.0 Tim O'Reilly. Branding Hula as a "project to watch", O'Reilly called Hula "a great opportunity for open source to leapfrog commercial software applications rather than just playing catch up". The market disagreed. Novell's Peter Teichman wrote: "As a team we have spent a lot of time looking at where the Hula project is and the opportunities in the market and in the end we had to conclude that we couldn't justify investing at the same level in Hula." The Hula server featured SMTP, IMAP, and support for the CalDAV calendar access protocol. According to Teichman though, that amounts to just another mail server. "Every organisation we've talked to already has mail infrastructure. Bringing Hula in for the web mail means duplicating their SMTP, IMAP, and POP set up." Hula will go down as yet another failed effort by Novell to challenge Microsoft on the desktop and in collaboration at a time when Google is re-inventing the medium with hosted services like Gmail and Apps for your Domain. Hula will also be remembered as an example of IT vendors interpreting open source and community to mean dumping code into open source for street cred, and how such efforts will fail unless a clearly identifiable market has been identified. ®
An advert showing a close-up picture of Tony Blair with a barcode on his top lip was not offensive, the Advertising Standards Authority has ruled. The advert appeared in The Guardian newspaper with the strapline: "ID cards have worked well in Europe before." Eight people complained that they thought the barcode made Blair resemble Hitler. The poster is available here. The ASA said although the ad may be offensive to some "it was unlikely to be seen as making a serious comparison between Tony Blair and Hitler but instead as highlighting a lobbying group's opinion that ID cards should not be introduced because of the threat to civil liberty they posed". NO2ID made clear they had worked hard to make Blair look like Hitler. The ASA statement said: NO2ID said the photograph of Tony Blair was expertly retouched to make it look like a 1930s portrait and the layout was designed to recall the Nazi era. They said the photograph did not portray Tony Blair as Hitler but was intended to be a comparison of Tony Blair with Hitler based on policy, not personality. NO2ID asserted that the ad contained an implicit claim that identity cards were useful to the implementation of Nazi policies across Europe; they argued that that was beyond doubt. They asserted that identity cards themselves had been used to control populations in occupied Europe and were very closely associated with the process of sorting victims for the concentration camps. They said the ad was intended to be insulting to Tony Blair but argued that insulting a politician was unlikely to offend. Indeed. The complaint was not upheld because: "The ASA noted the ad had been intended to encourage discussion on a sensitive political issue." The whole ASA judgement, well worth a read, is available here. ®
Apple's move to recast the iPod Nano in a metal casing is starting to influence other product designers. Nokia announced a stainless steel phone yesterday, and today German gadget supplier Maxfield unveiled Max-Ivy, an MP3 player with a "scratchproof... flawless" jet-black magnesium shell.
Digital signal processors (DSPs) are making their way into almost everything, and now it's the turn of Bluetooth headsets.
BitTorrent has added 20th Century Fox, Paramount, MTV and others to its roster of legit partners ahead of its launch as a content hub. The firm's peer to peer technology will be used to deliver hit shows like 24, South Park and Hogan Knows Best, along with stone cold classics of the cinematic art Mission: Impossible III and Saw III. The deals add to Bittorrent's announcement in May it would dish out Warner Brothers content. BitTorrent said all TV shows it distributes would be download-to-own, whereas some movies would come in a DRM-tastic video-on-demand form. Details of who's not really ready to embrace digital film distribution weren't given. No details were given on pricing, though BitTorrent said some content will be ad-supported. BitTorrent said it would release details closer to the February 2007 rollout of its online retail store. As part of the launch, Palm Pictures, who were responsible for Alfonso Cuarón's Children of Men earlier this year, said they would be brave enough to be the first to distribute a feature film over BitTorrent before both the theatrical and DVD releases. BitTorrent claims 40 per cent of all internet traffic, and that its research says 30 per cent of users would use it for paid-for content. BitTorrent's play to studios is that it's best placed to help solve their piracy collywobbles. Details of the financial carve-ups weren't released. ®
ColumnColumn How much can artists expect to benefit from Microsoft's Zune MP3 player? Microsoft recently agreed to pay a royalty to Universal Music, which with acts like U2 and Jay-Z is the world's most successful label, of more than $1 for each sale of each Zune sold. Universal promised it would "pay half of what it receives on the devices to its artists." But is that really going to happen? Given my experience, I'm skeptical. Record companies pay royalties on record sales, and licensing. Generally the royalty for sales of records is 10 to 15 per cent of the retail price, but it can be higher for established stars. Traditionally, the split on licensing is 50-50. Licensing applies to transactions for the use of musical recordings that do not involve sales, such as the use of masters in television and movies. For digital music distribution, iTunes pays the labels approximately 70 cents. Although you might think iTunes is a licensing-type deal - because unlike sales to traditional retailers such as Wal-Mart, the labels do not sell individual units to iTunes - they license the catalog. Yet the labels treat income from iTunes as sales. The significance of this is that instead of a fifty per cent spilt, they only pay artists the 10 to 15 per cent royalty. Plus they take standard deductions from this amount including packaging deductions of up to 35 per cent, even though iTunes does not sell packaging with downloads. (This is actually the basis for a lawsuit against Sony BMG at the moment) Moreover, most artists don't even receive this amount because most Artists never "recoup" their recording costs. So for the same reason that most artists never receive royalties from CD sales, they don't generally receive digital royalties either. Although this pattern of not paying artists for digital music sales is dreadful, the chances of artists seeing anything from the royalty placed on Zune is even worse. There is nothing in the standard recording agreement that says the labels must share income derived from licensing digital devices. Labels are only responsible for paying for exploitation of music, not licensing electronic devices. So why would the labels share anything with the artists when they already disregard clauses in the recording agreements that would benefit the artists? As a matter of fact, in the United States there is a federal law, the home recording act, which imposes a royalty on "digital audio recording devices" and "digital audio recording media to be paid to copyright owners - including the record labels and artists. In exchange for the royalty, consumers are exempt from copyright liability for personal recording. But the law only applies to a limited range of digital tape recorders and blank digital media - the recording industry never tried to extend the Act to personal computers, CD burners or MP3 players because they were afraid that people would copy so much music that CD sales would be dramatically reduced. Under the AHRA, royalties collected by the Copyright Office on devices and media are divided into two separate funds: the Musical Works Fund and the Sound Recordings Fund. One third of the royalties goes to the Musical Works Fund, which splits its cut 50:50 between writers and music publishers. These parties receive royalties according to the extent to which their recordings were distributed or broadcast. The remaining two thirds of the royalties are placed in the Sound Recordings Fund. Four percent of these funds are taken off the top for non-featured musicians and vocalists. What remains is split 60:40 between featured record companies and artists, respectively. These parties receive royalties through the Alliance of Artists and Recording Companies according to the extent to which their recordings were distributed, as calculated by SoundScan. (Canada, German, Finland and Australia also have similar levies on digital tape recorders). Under the AHRA, both the songwriter and the Artists are assured of a payment instead of paying the record companies on the artists behalf. However, AHRA won't see any royalties from Zune because MP3 players aren't covered (and for good measure, the agreement was privately negotiated). I'm personally in favor of making MP3 players subject to the AHRA so that both the artists and the songwriters are assured of sharing in these revenues. I think that if Universal is serious about crediting the artists' accounts with half of the Zune royalty, that would be terrific. And it would be even better if they actually paid the artists whether or not they are recouped. But based on how the label are treating artists already, I doubt that this will happen.® Steve Gordon is an entertainment attorney and consultant in New York, and the author of The Future Of The Music Business. He was Director of Business Affairs, TV and Video at Sony Music for ten years. His website is at www.stevegordonlaw.com.
Sensitive data sent using VoIP is vulnerable to attack because call centres are failing to secure their networks robustly enough, according to new research. Customers' private details could be easily hacked into using the wiretapping method with a staggering 7 out of 10 calls open to attack, said security company Scanit, which audited data transfer at various busy call centres and service providers. It found lax security for networks at call centres which deal with thousands of calls from around the world and was able to pick up data that included tone-dial PIN numbers used to access phone banking services. Research also revealed that many companies were left vulnerable to attack because of common-held assumptions that security measures had already been put in place by VoIP vendors on the network. "Administrators at these places lacked adequate skills and understanding of the security aspects of setting a VoIP network up. They relied on the vendor or system integrator to secure it," said Scanit engineer Sheran Gunasekera. He also said that "many networks were even running VoIP without encryption." The research also pointed to the availibility of simple to use free software that can be easily downloaded and installed to pick up unprotected conversations and Gunasekera warned that "one program, called WireShark, detects VoIP calls as they traverse a network, while another, Cain & Abel, records them onto a hard drive, like an MP3." Selling personal details is increasingly becoming a lucrative business with call staff being offered up to £5 to dish out private data, as a result the researchers conclude that companies should sit up and listen to legitimate security concerns regarding VoIP networks or face severe consequences. Read morehere.
Oracle users could be headed for a Microsoft-scale hack or a major database breach as master criminals begin to target valuable business systems. That's the verdict of a UK database security consultant who's warned those running legacy versions of Oracle in particular are at risk from attack.
HP once hurled robots and processor spays at customers, as its answers to cooling data centers. Today, it's only selling air conditioning sensors. HP yesterday unveiled its new sensor system, hoping to cash in on growing concerns around data center energy consumption and costs. The company has moved to a cooling model that relies on the interactions between thousands of 1-wire temperature sensors, air conditioning units and software to make sure data centers operate at their optimal temperature. Such technology could save a large company more than $1m per data center every year, according to HP. "This is not a cooling solution," said Paul Perez, a VP at HP, during a briefing at the company's Palo Alto headquarters. "This is a cooling management solution." HP knows how to draw such fine marketing lines of demarcation after spending years in the cooling management game. In 2002, for example, HP announced "that it is working on a suite of technologies to address the growing problem of heat generation and energy use in increasingly powerful microprocessors and data centers." That suite included things such as a robot that roamed data centers searching for troublesome hot spots and Ronco-inspired coolant spray for coating processors. The spray eluded us during Tuesday's data center tour, although we did spot the robot resting in between some broken down cardboard boxes. HP claims that the new sensor idea is just the "evolution" of 2002's gadgetry. It has moved to place a handful of 1-wire sensors on each server rack and has these report back to a shared server. That system then takes in the temperature data, cranks away on some fancy algorithms and tells the air conditioning units what they should do. "It's all in the algorithms," said Chandrakant Patel, an HP Fellow. HP pitches the sensor network and air conditioning system as a type of sensitive ecosystem. For example, little tweaks to a blower speed here and there can have dramatic effects throughout a data center. HP can make better use of such shifts by having all the cooling units in a data center work in concert rather than viewing them as individual systems meant to run at a constant speed and temperature. HP's technology also deals with the unexpected. An operator could leave a box of new equipment over a vent by mistake or a system could fail, causing a dramatic rise in temperature. In such instances, the sensors tell the central server to kick up the cooling power to handle the extra load. In total, HP claims a more than 30 per cent savings in energy costs by using its technology. That translates to about $600,000 in savings per year for a 10,000 sq. ft. data center that eats up up 2MW today. Operators of large, 35,000 sq. ft. data centers might enjoy close to $1.1m in savings. HP, like IBM, Sun, Intel, AMD and others, has started making a bigger deal about data center cooling as customers grapple with rising energy costs and hotter systems. For what it's worth, IDC pegs 2007 as the first year in which customers will spend more operating data centers than they do on new system purchases. Meanwhile, companies such as Google and Microsoft have started building large data centers in areas with lower energy costs, while other ISPs have turned to server makers with more power efficient hardware. IBM has rolled out some data center cooling services to deal with these issues, while Sun has started selling White Trash data centers in shipping containers. Sun's WTDCs address the space crunch faced by large customers in a more direct fashion that HP's sensor approach. Patel, however, noted that HP too has looked at using shipping containers. HP plans to begin outfitting certain customers with the sensor networks early next year and hopes to have a more formal sales process by mid-2007. The company has yet to decide how it will price the cooling services or what brand it will use for the relevant software. Clay Ryder, an analyst at the Sageza Group, said HP is on the right track, although few customers would be likely to grab the first iteration of the sensor technology. "I think it is very early," he said. "Customers won't really embrace this technology until the sensors and software are integrated parts of the server package. That requires all the bits and pieces here to be properly in place." Ryder expects server vendors to sell high-end rack boxes and blades with the sensors as options over the next couple of years. Key to the success of such technology will be the backing of energy companies like PG&E, according to Ryder. A PG&E executive just happened to make his way to the HP data center tour and said the company will help out customers with financial breaks if they use HP's technology. There's more on HP's cooling kit here. ®