12th > September > 2007 Archive
Computer security consultant and convicted cyber intruder Max Butler has been indicted on counts of wire-fraud and identity theft, just five years after being released from prison for hacking into military and defense contractor computers.
An Australian accounting software developer blames a "severe downturn in sales" on people who bad-mouthed its products in online user forums. It wants a judge to muzzle their comments. The company, 2Clix Australia Pty. Ltd, is also seeking about $125,000 in damages from the operator of the website which hosted the forums.
AMD regained a few percentage points of world microprocessor market share from its arch-rival, Intel, the latest, second-quarter figures from market watcher iSuppli show.
Want to equip your next laptop with a Flash-based solid-state hard drive? You can if you're after a Dell XPS or an Alienware m9750. Samsung said this week it's sending 32GB and 64GB SSDs to both companies. But fitting them will cost you.
Calling all iPhone owners. The first free easy to use - well, relatively easy to use - software to unlock your Apple handset has arrived, mere hours after a rather more tortuous process. Well, almost. It's not quite ready for release, but folk who have seen it claim it does the business.
HP has appointed a long-time Disney executive, Michael Mendenhall, as its new marketing boss.
A documentary that cited video games among the reasons for childhood obesity did not treat Sony unfairly when criticising the PlayStation maker's refusal to sponsor a fitness scheme for kids. Sony also lost a claim that the company's privacy was breached. The ruling was published by Ofcom, the regulator for the UK's communications industries, yesterday. Sony Computer Entertainment UK Ltd had complained that Ian Wright's Unfit Kids, a Channel 4 show presented by the former footballer, made Sony the target for unfair, one-sided and pejorative comment. Sony also argued that its privacy was "unwarrantably infringed" when footage of the company's offices and logo were used and a confidential email from the company was included in the programme. In the programme, Ian Wright explored some of the reasons behind childhood obesity. In the first show, Wright selected overweight 13-14 year olds who did little or no exercise and devised an After School Fitness Club programme for them. He tried to extend the project and the second episode of the series, broadcast on 20th September 2006, showed his attempt to secure funding. He arranged to meet representatives of Sony to seek sponsorship from them. Sony decided not to sponsor the scheme. Sony was referred to in the programme, which also showed an email from the company in relation to sponsorship and footage of the exterior of the company's offices. Sony complained to Ofcom. Sony said that Wright's comments created an erroneous and unfair impression of the company, which was disproportionate in the context of the refusal of a request for sponsorship. In particular, Sony complained about Wright's remark, "Fuck Sony, man. Sony's not gonna stop this from working". Sony also argued that the programme implied wrongdoing on Sony's part, alleging that it failed to sponsor Wright's project and unfairly contrasted this with a statement about the firm's worldwide turnover of $8.6bn from video games. Wright also said that there is a Sony PlayStation game for "every single thing that a child can go out and exercise [for]". Sony also claimed that the programme makers did not explain the nature and purpose of the programme to them and that they did not inform Sony that its refusal to have the meeting with Wright filmed would be referred to negatively in the programme. It complained that Sony's positive views about Wright's project and the company's involvement in other sports-based initiatives were omitted. Channel 4 countered that it was "perfectly reasonable" for Wright to express his frustration at the company's decision. It also said that Sony was made aware from the outset the nature and purpose of the programme. Sony said its privacy was infringed when its offices and logo were filmed without permission and it pointed out that the email used in the programme was confidential correspondence intended for the addressee only. Channel 4 countered that the programme makers did not need permission to film Sony's offices "as the programme makers were filming openly from a public highway". It added, "All company emails are routinely accompanied by confidentiality wording," but said that there was express authorisation from a Sony representative to use the email. Ofcom found that the inclusion of Wright's reaction to the news that Sony was not going to provide funding was "reasonable as a reflection of his disappointment". This did not amount to an allegation of wrongdoing to which the programme makers should have given Sony an opportunity to respond, said Ofcom. Ofcom said it was "entirely acceptable" for the programme makers to film and broadcast footage recorded from a public place. Ofcom added: "Such material was firmly in the public domain and did not require consent from the company." Ofcom noted that there was a clear conflict between Sony and Channel 4 as to whether the broadcaster had permission to use the email. It concluded that it was for the courts to determine the question of any misuse of confidential information. However, Ofcom was able to consider whether there had been an infringement of Sony's privacy under Rule 8.1 of the Broadcasting Code, which states: "Any infringement of privacy in programmes, or in connection with obtaining material included in programmes, must be warranted." Ofcom said it considered both the subject matter and content of Sony's email and ruled that the parts used did not contain any information that was inherently private to Sony, such as exposing the inner workings of the company. The regulator also said it was foreseeable that the programme would wish to make reference to what Sony had said in the email and there was no evidence Sony had specifically asked for it not to be included. Ofcom ruled that Sony did not have a legitimate expectation of privacy. Ofcom's ruling concluded: "The complaints of unfair treatment and infringement of privacy were not upheld. Accordingly the complaint was not upheld." Copyright © 2007, OUT-LAW.com OUT-LAW.COM is part of international law firm Pinsent Masons.
Telecoms giant BT has acquired Belgian-based network systems integrator INS Group S.A. as it continues to push the brand beyond British shores. The firm said it hoped to ramp up its presence in the global LAN and IP telephony services market.
Sony has updated the UK PlayStation Portable firmware taking the handheld console's on-board system software to version 3.70 days after the Japanese code was released.
Sony Ericsson is considering the application of the PlayStation brand to a series of phones, the company's outgoing President has confirmed.
Compliant Voice has received Vodafone Certification for its voice-recording application, which can catch calls made from mobiles and commit them to the memory of an intercepting server. Unlike more surreptitious versions, Compliant Voice is aimed at corporations who want to keep recordings of every phone call made by employees, even when workers are using their mobiles. The software, which runs on Symbian, Windows Mobile and Blackberry-based handsets, routes all outgoing calls through a voice-proxy, which does the recording. Incoming calls are made to a new number connected to the proxy, which forwards the call. Alternatively, the software on the handset can bounce incoming calls to the proxy, which connects back, while listening in. Many companies routinely record all calls, and some are required to by law. It would seem that the scope of such recordings is set to expand: "New financial regulations (MiFID and FSA) on 1st November 2007 mean financial institutions will have to record more calls, including mobiles," according to Compliant Phones, which would seem to open up a business opportunity. Companies routinely already keep a copy of every email sent, and every instant message exchanged, but with the cost of storage decreasing, it's only a matter of time before databases full of audio files are equally common: so best stick to video conferencing if you don't want your words to come back to haunt you.
Sage, the UK-based biz management software maker, has acquired a majority stake in French firm XRT. The cash-only deal will see Sage buy £30m shares, or €1.67 per share, the transaction should close within a few days.
ReviewReview The concept of the PC-free Skype-supporting DECT phone went straight to the top of our How Did We Survive Without One? list on the first day we used such a device, the Netgear SPH200D - reviewed here. Now, from Singapore-based Aztech, we have the V500DS-S1, another all-singing, all-dancing, Skype'n'DECT phone capable of making calls via either a run-of-the-mill landline or VoiP.
Palm and Vodafone have, as expected, just announced the Treo 500v, a 3G smartphone aimed at the YouTube and MySpace generation and which sports Palm's curvy new handset design in iPod-like white and black versions.
Hopefully you all can shed some light on this very dark subject: are there any decent Home Theatre PC (HTPC) remotes out there? Are the Logitech Harmony ones any good with Windows Media Center Edition (MCE)?
I am looking for - sad though it may sound - a bit of an IT strategy at home. I host my own website(s), need VPN access to data on the servers, prefer routing with a dedicated server OS rather than a "hardware outer", want centralised storage of all my media, potentially like the idea of thin clients or LTSP clients for my 'media nodes' or Linux MCE running on cheap boxes in each room.
Italian astronomers have detected a planet that survived the red giant expansion of its home star. The researchers say that the discovery could be a sneak peek at the fate that awaits the Earth, some four or five billion years from now. The surviving planet was discovered by an international team of more than twenty astronomers, headed by Roberto Silvotti, researcher at the INAF-Osservatorio Astronomico di Capodimonte. In the last five years, there has been a veritable explosion (no pun intended) in the number of extra-solar planets we have discovered. But at an age of roughly 10 billion years, V 391 Pegasi b is by far the oldest, and the first to be seen orbiting a post-red-giant star. The red giant phase of stellar evolution takes place when a sun-like star has exhausted all its hydrogen. The star then expands massively, swelling to a size that would easily engulf the inner planets in our solar system. The Earth is right on the limit of that expansion zone, and V 391 Pegasi b orbits its star slightly beyond that limit. Silvotti explains: "As far as our planets are concerned, we expect Mercury and Venus to disappear in the sun’s envelope, whereas Mars should survive. The fate of the Earth is less clear because its position is really at the limit. All this will happen in about five billion years, when the Earth will be more or less the same age as V 391 Pegasi b, i.e. ten billion years." The team says the discovery was almost accidental. "While we were analysing the irregularities of V 391 Pegasi’s luminosity variations with a method called timing method, we began to suspect that these irregularities might have been caused by a planet," Silvotti says. After seven years of further observations, the team felt confident in discarding other possible interpretations of the data and saying that the star was orbited by a planet. Direct observation of an alien world is still some way off. "Neither with the largest telescopes available today, nor with those available tomorrow," Silvotti confirms. "But the future generations of telescopes will definitely make such a thing possible." The work is published in today's edition of the journal Nature. ®
Fly the friendly skies Is there really any way to endure an intercontinental flight to Macau, other than to get tanked? Fortunately, I didn't have to answer that question - a friend recently had surgery to repair a torn meniscus, and had painkillers to spare. One oblong white pill stamped M367 washed down with a couple of glasses of wine courtesy of Singapore Air, and I was at cruising altitude. It was actually relaxing to be on board after the confusion surrounding the ticket dragged on into the day of the flight. Singapore Air always seemed relatively sophisticated as far as airlines go, but the website is a joke. Sure, they tell you to do it all online - its utterly worthless website made it impossible for me to check in online or even register for their frequent flier club. It couldn't even find my name in the database. No matter - Singapore Air is one of the last bastions of stewardess babedom, so it didn't take long to forgive the company its shortcomings. Funny thing that, the power of women. It had been ten years since my last trip to the former Portuguese colony, a period in which it has sought to remake itself from a triad and money laundering paradise to a more Vegas-style, corporate experience. There are those who miss the old Vegas, who find the current Disneyland-esque incarnation infuriating, and I was wondering what I would think of the changes being wrought in Macau. Crumbling colonial meets Chinese gangster Almost ten years ago, I travelled to Macau during a trip to Hong Kong, to visit the lesser-known of the two European colonies chiselled out of the rocky coast of Southern China. Macau was a major money-laundering hotspot, and a considerable amount of that illegal activity occurred through the casinos. Aerial view - note tiny gondolas Although the authorities these days blather on about internet gambling, money laundering and terrorist financing, whipping up a media frenzy whenever they can, in truth, the cash model of old-school "brick and mortar" casinos is a much more suitable way of disguising illicit revenue. A little gambling, and then cocktails on the veranda of that grand old colonial hotel, the Bela Vista, watching the junks sail into the harbor? Why not? Back then burned-out cars were everywhere. There was a gang war going on at the time, and one guy got taken out down the block from the restaurant we had slipped into to grab a beer and get out of the rain. We heard the gunshots, and after the rain cleared we went to rubberneck the crime scene. He had been shot in his car by an assailant who had pulled up next to him on a motorcycle. It was exactly the kind of hit that prompted the authorities at the time to tell the public it really had nothing to worry about from all the gang killings, since these guys were "professionals" who almost never missed. The gang war centered largely on control of the VIP rooms at the local casinos, which provided the local triads wth private and convenient hubs for a variety of illegal activities, from loan-sharking to prostitution and drug-dealing. The Stanley Ho-run casinos that then were the only game in town operate a bit differently than a Vegas casino - the public casino floor is quite small, consisting of a few tables. Most of the action takes place upstairs in a warren of rooms that resemble a brothel more than a Vegas casino, and which are sublet by the casino for the sub-letters to run as they see fit. They are intense, smoky affairs, with small groups of gamblers shouting out numbers in Chinese as the games are played. Some of the high rollers will have a private bookie or assistant making the bets for them. Watching one of those guys sweat out a losing streak is truly something to behold. That is the Macau the Chinese authorities hope to sweep away. The Vegas of the Orient and the light of day Not long after the Portuguese left for good in 1999, the Chinese authorities realized that they needed to eliminate Stanley Ho's stranglehold on the local casinos if they were to get a grip on the triad violence. Much as corporate America pushed the mob out of Vegas, Chinese authorities hope that corporate management will change the face of Macau. Note ample granite and mirrored surfaces for high rollers Foremost among those changes is the massive Cotai Strip development, anchored by the Venetian Macau, which is modeled after the Strip in Vegas and has space for up to 22 mega-resorts. The total tossed about for what is already in the works hovers around $10bn, although most of it has yet to be built, lending the number that vague, out-of-focus quality usually associated with government projects. The introductory press video - little more than a gushing tribute to Sheldon Adelson, the owner of the Venetian, it plays on a continuous loop in the media center - labels it the most expensive tourist development in history. It may or may not be that, but it is certainly a lot of money to be invested in landfill. How pretty at night! Quit with the little gondolas. We touched down at the crack of dawn, and after a ferry to Macau and a car ride to the Venetian, we arrived at about 11am. Frankly, there is not much to do in an empty casino, so I proceeded to enjoy the copious wine and champagne on offer by my gracious host Mr. Adelson, and then cruise the vacant leviathan with a camera. There are no rooms in the Venetian Macau, only suites - 3,000 of them to be exact, each a minimum of 650 sq/ft. In terms of floor space, the Venetian Macau has the equivalent of four Empire State Buildings, and its casino floor is twice the size of anything in Vegas. The Venetian has the usual assortment of amenities associated with the modern casino, such as toney shops and restaurants - most of which were struggling to open on time. However, it also has a 15,000 seat arena, which later in the year will host the first NBA exhibition in Asia. Clearly, with close to half the world's population less than five hours away by plane, Macau is making an aggressive move to be the entertainment capital of Asia. It already has a Grand Prix, and new construction is everywhere, with the airport being expanded to accommodate what is expected to be a crush of visitors. Macau has already surpassed Vegas in terms of gambling revenues, but it has done it so far mostly with day-trippers - it has fewer than 1/10 the number of rooms that Vegas has. Only about 25 per cent of those that gamble in Macau currently stay the night, but that will change - at least that's the gamble everyone is taking. The old-school Macau casinos - those run by long-time monopolist Ho - are intense and claustrophobic, catering to hard-core gamblers. The new casinos have expansive gaming areas and all of the amenities associated with the luxury casino developments of the last ten years - high-end restaurants, shows, and luxury shopping, all designed to provide a complete vacation and to keep vacationers spending as much time and money as possible within those glittering walls. One woman I spoke with who came to take a look at the Venetian actually complained of how big the gaming floor is. If they can prevent you, mole-like, from seeing the light of day, they will. You are trapped. There is nothing else on the Cotai Strip. The media hordes descend The crush of foreign media was notable mostly for the almost complete absence of the American press. With the exception of a couple of gambling trade publications, only the Wall Street Journal and the American desk of El Reg covered the event, although the press coverage from Asia and Europe was significant. Check out the crapper phone - always a classy touch Fortunately, the media briefing took place that same day and the wine was still flowing at lunch, which allowed me to continue the party through the reception that night. There was no other way - my flight had left at 1:30 am on Sunday morning and arrived at 6:30 am local time on Monday, meaning I had an entire jet-lagged day to kill. I was drunk enough to offend that PR, thank god. Barbarian media hordes descend Most of those in attendance were from the travel press, and they typically provide fawning coverage of whatever the latest resort destination might be. The question that will go unasked is the one raised by the one-upmanship behind the construction of every mega-casino, where each has to be more extravagant than the the last - is this finally the one, the white elephant? Just where does it end? "If you build it, they will come" has worked for the casino industry up to now, but why should it forever? Adelson is banking on tourists beyond Hong Kong for his vision of the Asian Las Vegas - yes, he trademarked that - but Macau doesn't really have much of an airport, forcing it to rely on the airport in Hong Kong, which is a one hour ferry ride away, and a half hour ride from the airport to the ferry. Vegas is accessible from anywhere. Don't forget to check out the local cultural sights! Here's to a Titanic-themed casino. Let's really roll the dice.® Burke Hansen, attorney at large, heads a San Francisco law office
Firefox hit a significant milestone on Friday as it crossed the 400m download mark.
The commercial assault on our childhoods continues with the shocking news that Paddington Bear is ditching his marmalade sandwiches in favour of Marmite, otherwise known as the Devil’s personal lubricant. According to The Guardian, the peripatetic duffle coat-wearer will decide it’s time to “try something different”. Instead of just using an inside toilet instead of woodland, he only goes and tries a Marmite-and-cheese sandwich, declaring it “really rather good”. He then throws a piece of the yeast-infected butty to a bird, who sensibly recoils and flies off, only to cause a chain reaction that ends with a taxi crashing into a shop and a policeman being hit with a watermelon. Paddington is subsequently led off by said policeman. No doubt DDB London, the advertising agency behind this epicurean fiasco, has a series of follow-up ads during which the arrested bear's paw-prints are taken, thereby alerting the authorities to his dubious immigration status. Future ads presumably will show Paddington in an immigration holding centre, smearing himself with the foul vitamin B-heavy extract in a dirty protest, with the whole nightmare series ending with the bear being hooded and bound and shipped back to darkest Peru courtesy of a redirected CIA rendition flight. Let's just hope reports that other Marmite campaigns are likely to feature Winnie the Pooh and the three bears turn out to be a load of Goldilocks.®
Reader PollReader Poll The security of Wi-Fi hotspots, cellular data connections and other mechanisms for connecting remotely is something that is becoming relevant to more and more organisations. While the advocates and scare mongers put their extreme points of view, what is actually happening on the front line?
Like some sort of file managing addict, Sun Microsystems has acquired yet another high-end file system. The server maker today revealed that it will buy most of Cluster File Systems' intellectual property and business assets, including the Lustre File System.
DSEiDSEi OK, so you're an elite special forces type. You're just checking that your beeper shows enough that the girls across the bar will notice it, when the damn thing goes off. You race into the barracks. It seems that there's this crisis somewhere - hostages, WMDs, cat stuck up a tree - doesn't matter. Somebody's arse needs foot contact, and your team has the boots for the job. But there's a problem. The location to be reached lies within hostile airspace, swept by enemy radars. The only way you can get there fast enough is by transport plane: but if your aircraft goes near the target, bad things will happen. The Gryphon strapon stealth-jet parachute in testing. Normally, you'd go with what's called a HAHO parachute jump, High Altitude High Opening. HAHO is a variant on the perhaps better known HALO (High Altitude Low Opening). With HALO, you jump out and freefall most of the way, opening your chute at the last moment. This means you get down fast and minimise your chance of being spotted, but obviously the plane needs to fly close to the landing zone. With HAHO, on the other hand, you get out up in the stratosphere and open your chute immediately. Modern high-performance parachutes have quite good glide performance, and you can travel a long way like this - say 40km in still airs, or even 60 with the wind behind you, jumping from 33,000 feet. But damn - today, 40km just won't do it. Today the target lies more than 100km within hostile borders, and some utter bastard has sold the local force air-search radars. (Who would do that?) HAHO troopers do show up on radar, and they can often be tracked for most of their descent. Today's the day for Gryphon. You and your buddies strap on your astounding, stealthy delta-winged backpack airframes, packing most of your kit inside them to minimise radar signature. As the transport plane flies innocently along on the safe side of the border, the team jumps out. Your helmet heads-up displays give you full navigation readouts, and the Gryphon almost flies itself with computer-aided controls, so that you can merrily zoom through clouds or bad weather without trouble. As you start to get near the ground, you fire up the mini jet engines (yes, it can have mini jet engines, apparently) and fly on, covering over 100km with ease. You can even boost up and over a hill or two towards the end, in terrain-following mode. The radar operators on the ground never stand a chance. As you come in to land, you pop open a conventional chute, and release the Gryphon wing to hang beneath you. It hits the ground, and then you do. And there you are - 150km inside hostile, well-defended airspace. It's going to be a bloody long walk back out again, that's for sure. The Gryphon is actually a reality; though it doesn't yet have its mini jet engines and it isn't in service with any special forces. The amazing strap-on wing is on show at the DSEi killware expo this week, and the Reg defence desk got the chance to chat with Erich Jelitko, Geschaftsfuhrer (MD, roughly) of Spelco (Special Parachute Equipment and Logistics Consortium GbR). Spelco makes HAHO parachute rigs for the German special forces, and Jelitko is a former instructor at the German army's parachute school. He's also one of two men who have flown the Gryphon, with 74 flights/jumps logged; though he seems quite normal. Without its jets, the Gryphon doesn't carry you a lot further away from the drop aircraft than a HAHO rig. But Jelitko still reckons it's better. He says you get down a lot faster - 15 minutes in the air, as opposed to an hour or more - and its radar return is reduced too. While Spelco hasn't done formal tests, Jelitko says that he's been told the Gryphon is about as detectable "as a bird" on radar. As for the jets, he says that plan is entirely practical. Spelco will apparently fit small turbojets - of a type apparently used in model aircraft - to the Gryphon next year, and Jelitko says he's looking forward to trying the new rig. He reckons that there should be twenty minutes of fuel, and enough poke to gain altitude slowly if required. "Our calculations say 178km range," he says. "But of course we have to test this." The rough Spelco flight plan would call for departing the aeroplane at 33,000-odd feet and gliding down. From 20,000 feet the jets will light up, and the Gryphon troopers can fly high for best range or hug the ground for stealthiness. Once the fuel runs out, it's glide and then pop the chute to land as normal. As for getting home again from 178km into bandit country, Jelitko says "it's not for the German forces." He says he's been invited to take the Gryphon to America, but so far hasn't done so due to concerns over people copying all his kit and perhaps not paying. The US forces might be able to suddenly open up an air corridor into defended airspace quickly enough to extract a team of Gryphon troopers before they ran out of supplies or got hunted down or overrun. A stealthy Gryphon insertion followed by a massive air assault might be an option where there was a target which might move away on short notice, or if there were hostages who might be done in at any sign of a rescue mission. Jelitko also says that people have asked why not have a rocket or something, and simply take off again after the mission, boosting oneself up to gliding height once more. "But I'm not crazy," he says. Video, pics etc from Spelco here.®
UpdatedUpdated A popular Facebook application that promises users privacy in exchange for opinions on their friends is acting as a stooly by offering the information for others to buy.
Messaging security vendor Tumbleweed recently adopted a new indirect global market strategy but reckons direct sales will continue to grow. The firm, which has traditionally stuck to the direct business model and a customer base primarily made up of government, banking, finance and healthcare organisations, said it hoped to push up market share by partnering with resellers, system integrators and infrastructure folk.
DSEiDSEi Here at the DSEi killware show there's a constant parade of robots: crawling, flying, swimming or just sitting still and killing people who walk past. It's relatively difficult for a jaded deathmech hack to muster up much interest... sometimes. Robot motorchute leaflet dropping. It was inevitable, really. Now and again, though, you come across something a little bit out of the ordinary - an actual clever notion. Such a thing is SnowGoose - a flying robot with a difference. Its makers, Canadian company MMIST, were and are suppliers of satnav-guided parachute packs for air-dropping supplies. You strap one of their "Sherpa" GPS-guided parachutes to a pallet of cargo, push it out of a plane at high altitude, and the load flies itself down to land within 100m of where you want it. Apparently, the US forces' psychological-ops teams were using Sherpas to deliver leaflet drops. Simply chucking leaflets out of a plane at height isn't very effective - the leaflets get caught by the wind and float away to Lord knows where. But you don't always want to fly low over places like Afghanistan. Hence the use of guided chutes. But each Sherpa costs $20k or so and, in the case of leaflet drops, you don't get it back. Of course, $20k is the same sort of price one pays for a smart bomb - chickenfeed to the mainstream US forces. But the psyop lads don't have a mainstream-type budget. "They asked us: 'Can you make them come back?'" said Ron Campbell, chairman of MMIST. "So we came up with SnowGoose." SnowGoose is essentially a motorised robot parachute, a bit like an automated sports paramotor. It adds a petrol Rotax engine and propellor to the GPS guidance and parachute and, after dropping its load, it will then happily fly away hundreds of miles to home base on its own. Though designed for air drop, Campbell told the Reg that, in fact, more than 90 percent of SnowGoose operations in the field are launched from the ground. This requires no more than a small team of soldiers and a truck or Humvee to get the canopy up to flying speed. The SnowGoose has taken on many other missions besides leaflet dropping, and is highly prized by the US spec-ops community in Afghanistan for its simplicity and relative unobtrusiveness - as compared to a helicopter, say. Normally launched from a truck, not a plane. The SnowGoose is apparently used routinely to resupply US spec-ops teams lurking in the Afghan boondocks. "It'll fly in, drop off a couple of hundred pounds of batteries, and fly out," says Campbell. "Maybe some food and water, too, but mainly batteries. God knows what those guys have out there, but it's power hungry." Apparently MMIST will do you a pair of SnowGeese and support kit for a tad under a million bucks (US), and it can normally be repaired and maintained in the field by ordinary soldiers, rather than needing a base and lots of skilled technicians. That's very cheap and easy to operate for an aircraft that can carry quite useful payloads, and Campbell says that MMIST might offer an even simpler diesel-powered job in future. Other options apart from cargo modules include propaganda loud-speakers and FM radio broadcast, radio-relay equipment, meteorology payloads and relatively ordinary satcomms-connected spyeye rigs. Can it carry people? "That's the first thing that everyone asks," says Campbell. "It's not supposed to, but these guys get in some situations. It could happen if the alternative is worse."®
UpdatedUpdated Three more western nations have blamed China for an upsurge in hacking attacks against government computers. Germany, the USA and the UK have all become the subject of targeted attacks originating from China, with many observers pointing the finger of blame towards China's Peoples Liberation Army (PLA). France, Australia and New Zealand joined the growing list this week. The Chinese government has denied any involvement in the attacks, with officials painting the Asian giant as a victim of unidentified hackers.
Jem Telecom, a Leicestershire reseller specialising in BlackBerrys, has been forced into administration by an outstanding debt from Orange, apparently linked to the network operator's investigation into payments to their channel partners.
DSEiDSEi British gov-wartech spinoff Qinetiq is showing a bunch of stuff here at the DSEi battleware fest, but one of the most eye-catching displays is undoubtedly the "Upstart" motorised rope-climb rig. Freeze, creep! Sh*t, I keep spinning round It isn't quite James Bond kit: the UpStart isn't going to fit under a dinner jacket. It's a motor and battery pack which you could clip to a climbing harness or perhaps use as a traveller unit on a Tyrolean Traverse. It's rated to hoist 400lb up 650 feet before needing a recharge, though the Qinetiq live DSEi guinea pig said he's tested it to 550lb without any trouble, still getting decent endurance. A snazzy gadget to be sure, but who wants it? Lots of people rope up and down from helicopters, but it makes a lot more sense to put the winch in the helicopter. The main people at the moment who need to get up ropes silently with lots of heavy kit are the Special Boat Service (SBS - the seaborne equivalent of the SAS). They've spent decades specialising in methods of approaching ships, oil platforms and the like underwater - or perhaps partially immersed. Then they need to get up on deck fast, quietly and with all their weapons, body armour, entry devices and the rest of it. In the past, they would use various kinds of kit attached to ropes, or folding ladders or whatnot; but it was all still muscle-powered. People have been known to say that the climbs are one of the hardest parts of SBS assault exercises. Funnily enough, Qinetiq's spec sheet (pdf) assures us that the UpStart is IP68 sealed for "underwater insertion", and there is an optional inflation pack for achieving neutral buoyancy on the underwater swim or ride in to the objective. In fact, rumour has it that kit like this may have been in use with the SBS for a while. The public appearance of UpStart is probably more a matter of selling it to other people, in particular the American maritime spec-ops community. That said, there could be other customers. UpStart might be handy for mountain rescue people needing to lift casualties in locations where no helicopter was available; or it might be used to scale buildings in urban rather than feet-wet operations, perhaps by SWAT cops as opposed to military types.®
Next week, the Nuffield council on Bioethics is set to publish its thoughts on the ethics of using biometrics as forensic tools. In the lead up to the publication of the report, to be entitled The Forensic Use of Bioinformation: Ethical Issues, the debate about the use of DNA, particularly, has intensified. At the close of The Jill Dando Institute of Crime Science's summer conference on International Crime Science, Tony Lake, Chief Constable of Lincolnshire and Chair of the DNA Board, made his case. He was addressing an audience of entrepreneurial scientists, security minded criminologists and policy advisors from the Home Office and Homeland Security Department who had congregated in the bowels of the British Library. The police, he explained, obtained 3,000 DNA matches a month (he began by claiming 3,000 matches a day, which we will charitably attribute to a slip of the tongue), the implication being that the database is providing valuable leads in the pursuit of evil doers across the country. But in response to a question from The Register, Lake admitted that the figure included innocent matches. Such matches result in police investigations of innocent citizens like David Atkinson, who was arrested on suspicion of breaking into a postbox when his biometrics were found inside it. Atkinson refused to accept a police caution for the offence and subsequent inquiries revealed that the biometrics were on Christmas cards Atkinson had dropped in the ill-fated post-box. His biometrics had been obtained when he was arrested for an offence for which he was later shown to be innocent and never prosecuted; but they were retained on the DNA database in accordance with recent laws. It is against this background that the public is being asked to debate the extension of the DNA database to include all the citizens of what has already been described as a ‘nation of suspects’. As criminal justice principles, like the presumption of innocence, hold little sway in a surveillance society regulated by the mantra of ‘nothing to hide, nothing to fear’, what beacons of guidance is the British government providing us with for debating this issue? The Government has informed the public that on the one hand, extending the database "raises civil liberty concerns" and on the other that DNA matches help the police to solve crimes. It sounds like a difficult dilemma. The Home Office was unable to provide any statistics for the number of investigations instigated by a DNA match in which the suspect was subsequently cleared or any statistics for the number prosecutions instigated by a DNA match which resulted in acquittal. This makes the debate on the extension of the DNA database a difficult balancing exercise. Lord Justice Sedley has fuelled calls for the DNA extension to ameliorate the injustice currently being inflicted on those whose data is retained on the database by exposing every citizen to the same level of risk of being investigated for a crime they didn’t commit. Professor Ben Bowling points out that the same argument could be made for other coercive measures, like police powers of stop and search. What happened to the criminal justice paradigm of retaining forensics from crime scenes and requiring personal data from suspects rather than citizens? A nationwide DNA database will facilitate police fishing expeditions. While placing all of us in the fishbowl might seem more equitable than filling it with the usual suspects, it's a far cry from the lofty ideals of a society that values the presumption of innocence. ® Amber Marks is a barrister. She is undertaking doctoral research into olfactory surveillance with the Law Department and Forensic Science and Drug Monitoring Unit at King's College, London.
A number of notes concerning Azul Systems have reached our inbox - none of them bringing very inspiring news. Our sources claim that Azul - a maker of specialized Java server appliances - is very much a creature in flux. Azul laid off 45 staff, most of them in India, on Monday, according to one source. Meanwhile, a pair of sources say that Azul mucked up its latest funding round with one investor bailing out, while another investor delivered enough cash to pay off some bills.
Having recently rediscovered itself as a systems company, Sun Microsystems has been welcomed into Microsoft's vast and growing family of OEM partners. Expanding the companies' three-year-old interoperability pact, Sun has agreed to ship Microsoft's dated but important Windows Server 2003 operating system pre-installed on its x64 machines. The companies will also co-operate on go-to-market activities for the machines.
A researcher has demonstrated how a security bug in Apple's QuickTime media player that was disclosed a year ago can cause Firefox to install backdoors and other malware on a fully patched computer. He said both Windows and Mac systems are vulnerable. The researcher, Petko D. Petkov, on Wednesday posted proof-of-concept code that shows how the exploit can be used to run privileged code on an unwitting user's machine. The XML code calls up a QuickTime-supported file such as foo.mp3, which doesn't exist on the victim's machine. The code then instructs QuickTime to load a second file. The thing is, QuickTime isn't particularly picky about the type of URLs it passes on to Firefox, so attackers are free to include addresses with Firefox's "chrome" parameter, which is used to run privileged code on a user's machine. "On its own, the QuickTime issue is less critical," Petkov said in an email. "Firefox is not vulnerable either. But when put together, they create a very dangerous combination." He went on to say he is "101 percent confident" that the vulnerability can allow an attacker to "easily download any rootkit, spyware, adware, etc. and dump it on the client machine in a few seconds." While his exploit was tested only on Windows, he adds, "I see no reason why it shouldn't work on Mac." For the attack to work, users must be logged in as an administrator. Petkov first reported the QuickTime issue last September, a warning he says was "completely ignored." Apple representatives didn't respond to a request for comment. Window Snyder, "chief security something or other" at Mozilla, said through a spokesman: "We have spoken to Apple and they are working on the issue." As is often the case with vulnerabilities affecting Firefox, users can protect themselves against this exploit by using the NoScript extension. According to this post at hackademix.net, the addon will prevent Petkov's exploit from working even if a user has whitelisted gnucitizen.org, where the code is being hosted. The addition of a certain top-level chrome protection some three months ago makes this possible. The vulnerability is reminiscent of a vulnerability that first came to light in July. When it was exploited, the Internet Explorer browser would cause Firefox to execute malicious code. The episode touched off debate about exactly who was responsible for the weakness. While Mozilla has plugged the hole, it has also called on Microsoft to patch IE so it vets code for security before passing it along to other applications. So far Microsoft has not done so. Petkov's proof of concept also demonstrates how seemingly minor security bugs can be magnified into major issues when combined with other unrelated bugs. If Apple security wonks figured this year-old QuickTime issue was too trivial to bother repairing, they may want to think again. ® Please direct news tips, story ideas, inside scuttlebutt and other security-related intelligence to this reporter by using this link. Confidentiality assured.
The mid-market push has definitely been heating up for tech vendors in recent weeks. We've already seen Dell, IBM and Hitachi touting their simplified server and storage lines with SMB-aimed gear, and frankly, we're starting to recite the hard sell for companies with limited budgets and expertise in our sleep. Now Hewlett-Packard has played its hand for the market space today, led by the new HP BladeSystem c3000, or "Shorty," as they call it. It's a fresh, compact blade enclosure in HP's c-Class server line that is aimed to appeal to a market not predisposed to adopting a technology more commonly used in massive data centers.
The US presidential race has, maddeningly, already been moving along at full throttle for months, and political bloggers look poised to play an important role in the selection of the new commander in chief.
At least he's got a fun career as an internet porn star to fall back on. In a decision handed down last week, the US Court of Appeals for the Ninth Circuit determined that an Arizona police department did not violate one of its officer's civil rights when it fired him after discovering that he ran and participated in a porn site with his wife. The officer, Roger Dible, and his wife, Megan, ran a website that provided photographs depicting Megan Dible - under the pseudonym "Katelynn" - in sexual poses and having sex with her husband, other women and "inanimate objects". The Dibles started the website in late 2000 after entering into an agreement with CDM Networks to operate the site. Dible never notified his superiors at the Chandler Police Department of his extracurricular activities, although he did apparently tell a fellow officer about it, and even convinced the other officer to start a website of his own. Not surprisingly, rumors about the site began to fly around the department, and eventually made their way to the ears of department officials. They began an investigation and questioned Dible about the site. He initially attempted to mislead the investigators, but they soon discovered his involvement with the site and placed him on administrative leave. Porn whore Soon, the press also got wind of the site and began running reports identifying Dible as a local police officer and detailing his activities related to the site. After the segments aired, Chandler police officers began to report low morale amid taunts from civilians. One female officer even reported that a suspect called her a "porn whore". Needless to say, Dible was fired shortly after the reports hit the news. He and his wife then filed this lawsuit, alleging that the department violated their First Amendment right to freedom of speech. The district court granted summary judgment for the department, and the Dibles appealed. After reviewing the case, the Ninth Circuit again decided for the department. The court held, in a paraphrase of Justice Oliver Wendell Holmes, that while Dible may have the Constitutional right to operate the porn site, he does not have the Constitutional right to employment as a police officer while doing it. Government employees don't give up their Constitutional right to free speech simply by virtue of becoming public employees. When a government employee is sanctioned because of his speech activities, two potential analyses come into play, depending on whether the speech was related to the employment or not. The Ninth Circuit, not wanting to determine the difficult question of whether the porn site was related to Dible's employment as a police officer, went through both analyses. In the case of related speech, a government employee is entitled to a balancing test weighing the rights of the employee against the government's interest in providing efficient government services. For related speech, this test only comes into play when the subject of the speech touches on a matter of public concern, however. Here, the Ninth Circuit panel determined that running a porn site for fun and profit did not constitute a matter of public concern. Because of that, the court had no need to balance the interests of the parties - no public concern, no constitutional violation. The members of the Ninth Circuit panel divided over the next analysis, though. The second analysis concerns speech that is unrelated to government employment, and also involves a balancing test between the speech involved and the government's interest in providing services. Heckler's veto The majority held that the government had a strong interest in providing an effective police force, and that the Dibles' speech didn't have much weight to counter that interest since running a porn site doesn't quite deserve the same force in the analysis as, say, engaging in a political debate or writing articles on environmental policy. Since Dible's activities, according to the court, had undermined the respect that the public held for the department and emboldened individuals to openly mock officers, Dible's speech had adversely affected the mission of the police department and the department was justified in canning him based on the porn site. A concurring judge disagreed with this analysis, arguing that the court's reasoning allowed for government suppression of speech based on a "heckler's veto". That is, by basing its decision on the reactions of the public, the court had approved of censorship simply because members of the public disagreed with the content of the speech. The concurring judge still agreed with the outcome of the case, however, finding it appropriate to fire Dible based on his lies to investigators, regardless of the contents of his website. So whichever way the analyses went, the Dibles were still gonna get screwed.®
ExclusiveExclusive Things at Azul Systems are as bad as we feared, according to numerous sources. Earlier today, we revealed that Azul had laid off a huge chunk of its staff and struggled through a recent financing round. We, however, thought this might be a company trying to trim costs in order to keep pushing gear. Not so, according to our sources.
CommentComment Yes, Firefox reached a major milestone this week, surpassing 400 million downloads worldwide. But that's just the good news. There's another story swirling around the famously open source web browser - and it's a little less sunny. Last week, The New York York Times questioned whether the growing popularity of a Firefox extension called AdBlock Plus poses a threat to the ad-driven business models of entertainment, media, and search sites across the web. If enough people install the extension and other ad-killing browser gizmos, The Times asked, could they chip away at the bottom line of companies like CNN, Microsoft, and Google? With roughly 2.5 million people using AdBlock Plus - and 300,000 to 400,000 more downloading the tool each month, according to its developer - this is certainly a valid question. But there's a second question worth asking, a question looming over the future of Firefox itself. According to internet rumor, Google provides almost all of the revenue for the Mozilla Corp. - the commercial wing of the Mozilla Foundation, makers of Firefox. You know how it works: Google ponies up the dough, and Mozilla ties Firefox to certain Google tools. Most notably, Firefox uses a customized version of Google.com as its default home page. The question is: As more and more people install AdBlock Plus, which is officially recommended by Mozilla, will Google continue to fund the browser? When we asked Google for an answer, the company stayed quiet, as it did when The Times came calling. And we're still awaiting an email from Mozilla on the matter. But it isn't hard to connect the dots. According to a March 2006 rumor trumpeted by Weblogs founder Jason Calacanis, Mozilla pulled in $72m in 2005, and most of that came from Google. In a subsequent blog post, Mozilla board member Chris Blizzard wouldn't verify the rumor, but he said these figures were "not off by an order of magnitude." Meanwhile, AdBlock can be downloaded from the Mozilla website, where it's listed as one of the most popular Firefox extensions. And yes, it does a wonderful job of blocking ads on Google's AdSense network - not to mention banners served up by DoubleClick, the company Google's trying so very hard to purchase. No, that doesn't mean Google is dead-set on pulling its Mozilla dollars. After all, it could simply crack down on the use of AdBlock, a free download developed by an independent German programmer named Wladimir Palant. As The Times discussed, there's already a mini-movement among ad-laden websites to, well, block AdBlock. Oklahoma-based web developer Danny Carlton has succeeded in rejecting any user who visits his sites with AdBlock Plus installed, and he insists that each and every site owner has the right to do the same. Palant and his cohorts, Carlton says, shouldn't be allowed to block AdBlock blocking. "It comes down to whether they're going to be like adults and support the concept of freedom, allowing site owners to block AdBlock users, or they're going to be like children screaming for more bread and circuses," Carlton told The Reg. But if Google jumped on board with this sort of AdBlock crackdown, it would surely anger the masses, undermining the we're-in-it-for-the-little-guy attitude the company tries so hard to foster. "Google could step into this very easily. They could shut AdBlock down entirely," Carlton said. "But then they look like the big-bad meanie." In the end, it might be easier for Google to break off its relationship with Mozilla, leaving the foundation struggling for revenue. Sure, Google would lose the traffic driven by those less than 400 million users, but there's nothing stopping the ridiculously-rich Mountain Viewers from building their own browser - or buying a Mozilla competitor that doesn't block quite so many ads. Opera comes to mind. Then again, if Google dumped Mozilla, it would still look like a big-bad meanie. No wonder the company won't grant us an interview. Update Still no interview, but Google did send us a brief statement. They told us to attribute it to a spokesperson: "Mozilla is a valued business partner because many users utilize Firefox to access Google products and services. We will continue to work with a variety of technology providers, including Mozilla, to ensure our mutual users have the best experience possible with our products and services." Ensure our mutual users have the best experience possible? That sounds like they're not too concerned about AdBlock chipping away at the bottom line. We shall see. ®