- Update: TrackMeNot fools searches
- Spam and phishing on the rise
- That slippery ship date
- Update: Sun spills UltraSparcIIIi+ delay
- McAfee to step up to Microsoft
- Schmidt and winds of Apple-Sun
- SpiralFrog's "free" tunes are pricey
- Kaboodle, Kosmix and Gravee -- Oh My!
- Windows Live QnA: Answer this...
- Your next (bus) ride?
August 31, 2006 | Comments: (0)
Update: TrackMeNot fools searches
Note from the writer, added Sept. 1: This article has been updated to correct some mistatements about Browzar and its capabilities. Additionally, thank you to those of you who commented below. Given your comments, I've written another entry about Browzar.
In the wake of AOL's stunningly ill-conceived decision to publicize the search habits of hundreds of thousand of its users, as well as reports of various search engines employing user-profiling, we're seeing more Web tools emerge aimed at helping users hide their tracks to an extent -- or to baffle their trackers.
Browzar falls under the former category. Though the name sounds like Godzilla's next-door neighbor on Monster Island, Browzar is actually essentially a wrap for Internet Explorer designed to protect users' privacy by not retaining details of the Web sites they've searched. It does so by automatically deleting Internet caches, histories, cookies and auto-complete forms. Notably, aside from deleting cookies, the software really just saves you from the potential embarrassment of having those who share your PC see where you've been hanging out on the Internet.
Taking a different tack from Browzar is a Firefox extension called TrackMeNot. Rather than employing concealment or encryption to mask a user's browsing activities, it "periodically issues randomized search-queries to popular search engines, e.g., AOL, Yahoo!, Google, and MSN," according to the TrackMeNot Web site.
So, for example, while you're busily searching for terms like "tutu for my cat" and "XXL rubber pants," TrackMetNot will send random queries like "purple monkey dishwasher" to the aforementioned search engines. (I don't know if any of those words are actually in TrackMeNot's vocabulary; Simpsons fans can only hope.)
Doing so "significantly increases the difficulty of aggregating [search] data into accurate or identifying user profiles."
The creators, Daniel C. Howe, researcher at NYU's Media Research Lab, and Helen Nissenbaum, an associate professor at NYU, acknowledge that although TrackMeNot can produce a goodly number of faux search-term requests, "it is unlikely to deter serious data-profiling by those aware of the system. Future versions are likely to include larger (distributed) query databases, dynamically generated and/or Web-harvested queries, as well as grammar-generated natural-language queries."
The duo's explanation for developing the extension makes for interesting reading. Here's an excerpt:
"We are disturbed by the idea that search inquiries are systematically monitored and stored by corporations like AOL, Yahoo!, Google, etc. and may even be available to third parties. Because the Web has grown into such a crucial repository of information and our search behaviors profoundly reflect who we are, what we care about, and how we live our lives, there is reason to feel they should be off-limits to arbitrary surveillance."
What steps are you taking, if any, to hide your search path on the Wild Wild Web?
Posted by Ted Samson on August 31, 2006 03:58 PM
August 31, 2006 | Comments: (0)
For some people, Spam is tough to swallow, and it would be more so if it contained 19% fish.
Well, for just about everyone, e-mail spam is very difficult to swallow. Not only is there more of it clogging up network arteries and inboxes, but 19% of it is phishing lures, according to Ipswitch's latest Spamometer Survey, released Thursday.
Spamming and phishing are both on the rise, according to the report. Currently, spam accounts for more than 70% of all messages received, up from 62% last quarter and 57% the quarter prior.
Driving that influx of unsolicited messages is the surge in phishing attempts, which hadn’t even registered in Ipswitch's previous Spamometer Survey.
“While it is disappointing to see the percentage of e-mails that are spam continually on the rise, it is the recent epidemic of phishing e-mails that are of most concern,” said Chris Greaves, Ipswitch sales director for Northern Europe.
The reigning kings of spam are messages hawking medication, which accounts for 36.6% of all spam.
"Even though some of this [spam] growth may well be created to try and maximize responses from a shrinking audience, the fact that such a basic spam as medication sites is No. 1 is quite frightening," said Clive Longbottom, head of research for industry analyst firm Quocirca.
Next on the list are the finance and phishing e-mails, followed by pornographic e-mails, which represent 14% of all spam. Down 24%, porn was previously in the top slot. Perhaps that's what drove up the demand for certain types of medication?
Messages pushing electronics and pirated software remain in fourth place, representing 10% of all spam. Finally, those ever-helpful and oh-so-personalized mortgage offers, previously the No. 2 spam offender, take up 9% of the spam space.
Ipswitch, based in Lexington, Mass., provides messaging solutions such as IMail Secure and Ipswitch Collaboration Suite, which integrate with spam-fighting technology from Mail Filter.
Posted by Ted Samson on August 31, 2006 10:50 AM
August 31, 2006 | Comments: (0)
Vista ships on January 30 you say? Well...maybe. How about "Early 2007?"
That's the message today, after reports by InfoWorld, and on CNET and elsewhere yesterday that major e-tailer Amazon.com was informing customers that Vista would ship on January 30. (That's a Tuesday, btw.) Ever the reluctant groom when it comes to taking Vista to the altar, it looks like Microsoft wasn't comfortable being pinned down to a specific date, so now Amazon has changed the Vista order pages to say that Vista is "Estimated to be available in early 2007" which, depending on your definition of "early" could be anytime from January 1 to, say, May 31.
Posted by Paul Roberts on August 31, 2006 08:55 AM
August 30, 2006 | Comments: (0)
Update: Sun spills UltraSparcIIIi+ delay
Note from the writer, Aug. 31: Reports today say Sun has announced it is cancelling the UltraSprac IIIi+ line entirely.
If you're eagerly awaiting the release of servers running Sun's UltraSparc IIIi+ processor, you may have a lot more waiting to do -- perhaps until mid-2007.
Reports say that nugget slipped out Wednesday during a Sun-sponsored online Q&A. The admission was likely not intentional. During the forum, an participant with the screen name spp made the following comment, which was labeled as a "private response for Martin".
"The V215/245 and the V445 will be shipped without the USIIIi+ because of manufacturing/yield issues and we shouldn't expect to see them until mid-year next year."
"Martin" likely refers to Martin Shepard, a Sun product line manager, ZDNet reports.
Sun revealed last July that the forthcoming trio of Sun Fire servers would come running the UltraSparcIIIi -- which came out in 2003, not its much-anticipated son. But the company also said the USIIIi+ would come out this year.
The USIIIi+ was originally slated to debut in 2005, but Sun delayed its development in order to get the UltraSparc T1, code-named Niagara, out the door.
Designed for lower-end servers, the USIIIi+ is an improved version of the 1.6GHz USIII with higher speed and more memory.
Posted by Ted Samson on August 30, 2006 09:46 PM
August 30, 2006 | Comments: (0)
McAfee to step up to Microsoft
While gaining Microsoft as a competitor in the computer security arena might look like an intimidating proposition, a McAfee executive on Wednesday said he looks forward to dealing with the software giant.
"I actually look forward to them kind of joining the whole industry," said George L. Heron, vice president and chief scientist at McAfee, during an Oakland A's game at McAfee Coliseum in Oakland, Calif. (McAfee hosted journalists and analysts in a luxury box for Wednesday's A's game against the Boston Red Sox.)
"[Microsoft has] a lot of catching up to do and we welcome that kind of competition," Heron said. McAfee, meanwhile, has been in the computer security business for a long time, he said.
Microsoft's security offerings have been limited to antivirus software, antispam software and a firewall, Heron said. McAfee offers a fuller breadth of products, said Heron.
Still, McAfee is awaiting access to information about the inner workings of the upcoming Windows Vista OS so the company can tune its products to work with it. "Right now, it's kind of closed," he said.
"We're just sort of learning about what is coming," said Heron, who acknowledged that Vista is still in a beta release. Microsoft, however, may be overdoing it in locking down Vista details, which may present a problem for providers, he said.
Microsoft in June published a white paper outlining its security plans for Vista.
McAfee, meanwhile, is focused on the risk management market, Heron said. The company's planned acquisition of Preventsys plays into this strategy. McAfee also seeks to add more technology to verify the safety of computers being plugged into a network and may either develop the technology itself or buy it from a third party, Heron said.
(By the way, the A's won, 7-2.)
Posted by Paul Krill on August 30, 2006 06:14 PM
August 30, 2006 | Comments: (0)
Schmidt and winds of Apple-Sun
A quick browse of the Web to see what speculation emerged after the news that Google CEO Eric Schmidt will join Apple's board came up with a ditty from one John Dvorak: Is an Apple-Sun merger in the works?
Dvorak opines that Schmidt "may have been brought in as the set-up pitcher for what may finally be the often rumored merger between Apple and Sun".
Whoa! What gives? Dvorak explains:
Of course, speculation about a Sun-Apple deal has gone on for the last 20 years. On any given Sunday one of the companies was on the verge of buying the other depending on how the stock prices skewed. As of this writing the two stock prices have never been more skewed, making the deal attractive to Apple.In the past the deals have always fallen apart before they began because (among other reasons) the combined companies would not have an acceptable CEO. Neither Scott McNealy nor Steve Jobs nor John Sculley nor Mike Spindler (not to mention Gil Amelio) seemed capable of handling a combined operation.
With today's two CEO's, Steve Jobs at Apple and Jonathan Schwartz at Sun, this continues to be true. But with Eric Schmidt in the game as a middleman it's quite possible that he could take the reins of such a combined operation and make it work.
ZDNet's Dana Blankenhorn takes a more sober look:
It's very possible Schmidt is on that board for other reasons. Like Google wants Schmidt out of the house while it deals with the hodgepodge of me-too "innovations" he has allowed to drain Google's resources. Like having the Google CEO on the board (Google is currently worth $116 billion, twice Apple's valuation) is a coup for Apple, giving it online cachet it hasn't gotten past iTunes.An Apple-Sun deal, midwifed by Google, would be a major blow against open source, I believe. While Apple's OS X is based on BSD Unix, and Sun's CDDL license is even more restrictive, Sun's commitment to open source is increasingly welcome. Apple, by contrast, might as well be Microsoft.
But I digress in the rumor mill. I was looking for some more tradional speculation that Microsoft was in trouble because of the Schmidt move. There's plenty of that. But technology guru Om Malik says the move is trouble for everyone.
Care to join in on the speculation mill and tell us who is in trouble because the mild-mannerd Schmidt is joining Apple's board? Why not take a swipe at SGI or Novell? "Dvorak made me do it." Talk back below.
Posted by Mike Barton on August 30, 2006 04:41 PM
August 30, 2006 | Comments: (0)
SpiralFrog's "free" tunes are pricey
There are right ways to use ad revenue to provide free goods and services, and there are wrong ways.
This brilliant revelation struck as I read all the buzz about the forthcoming free music download site SpiralFrog, which some are touting as a challenge to the reigning king of the downloadable music world, iTunes.
If you glance over the headlines, you might indeed believe that Apple faces a real challenge. Here you have a new company with an amusing name, teamed up with a dominant music company in Universal, providing music and video downloads absolutely free. That's 100% less than what iTunes charges per song. (Math majors: Please double-check my work.)
Shockingly, Universal isn't opening up its music treasure trove out of the goodness of its corporate heart; rather than having you fork over some cash for a tune or a video, you trade some of your time (and brain cells) by watching an ad.
If it stopped there, I'd say that SpiralFrog and Universal were onto something big (but that's not a very realistic model). But no; through the magic of DRM, the file you've downloaded will become unplayable after one month -- unless you visit the site again and watch an ad to refresh the license.
It's not clear whether you'll need to watch an ad per month for each file you've downloaded, and the PR person at SpiralFrog didn't respond to my e-mail. But that would be my anticipation, which makes the service even less palatable.
Pretend there's a fellow named Billy, who (like me) falls into the 18 to 34 year-old age range SpiralFrog is targeting. Billy visits SpiralFrog for the first time and loads up on 20 songs. He's a little aggravated by having to sit through 20 minutes of commercials to get his tunes, but hey, he's got free music. He then transfers his newly scored tunes to his non-iPod MP3 player. (Did I mention the files from SpiralFrog won't run on iPod, at least at first? Oh, and you can't burn them to CD, either.)
A month later, Billy's on the plane to Boise to visit Grandma Ethel. He's listening to his Creative MuVo when he suddenly finds that a bunch of his songs won't play. After worrying that his device is malfunctioning, he remembers those tracks came from SpiralFrog and had locked up. So once he gets back home from grandma's, he gets on his PC, goes to SpiralFrog, renews his 20 licenses by viewing a bunch of commercials, then transfers the newly re-licensed versions onto his MuVo to replace the locked-up ones.
Billy then reflects on whether it would have been worthwhile to pay $20 (or less) to get those songs from any number of music-download sites, rather than dealing with that aggravation.
As far as I can tell, the incentive to deal with that just isn't there, especially with so many ways to listen to music for cheap or free, from MySpace band pages to Napster to Yahoo Music.
Now compare SpiralFrog's ad-driven model to something like Google's new Web-based communications package, Google Apps for Your Domain. The Standard Edition gives your organization e-mail, IM, calendar, and a Web page creator, along with a management UI and freedom to swap services in and out for users. It's entirely free; revenue comes from ads.
In this case, I expect the ad-revenue driven model will work, because the ads aren't ridiculously disruptive. You don't need to do anything extra to use them; just go about your business as your peripheral vision takes in an advertising message. (You're not going to use a Firefox plugin to disable those ads, are you?)
Plus Google is providing a service that's more difficult to come by for free. Remember: It's not just the applications; there's the management UI and customizeability.
Ad revenue also works for media sites like, say, InfoWorld.com. Those flashing squares and rectangles you see to above and to the right? They're not there simply for your entertainment. But they're (generally) not disruptive.
I do apologize to the good people at SpiralFrog for my gloomy take on their still-unborn service, though I'm not the only person to have made one. And hey, SpiralFrog won't release the service until December, so it has some time to refine its plan, if necessary.
What do you think? Is Spiral Frog a good model for an ad-revenue driven business?
Posted by Ted Samson on August 30, 2006 04:07 PM
August 30, 2006 | Comments: (0)
Kaboodle, Kosmix and Gravee -- Oh My!
We all know that the DEMO shows, which market themselves as a "launchpad for emerging technology" can get a bit zany and hype-driven.
That's never more true than ever at this year's DEMOfall show, scheduled for Sept. 25-27 in San Diego. Scanning the list of companies who were at DEMOspring might make you think you've stumbled into the software aisle at Kaybee, what with names like BiggerBoat, Bones In Motion, Blurb, Gravee, Kosmix and MooBella on board.
Want a theme for this year's DEMO shows? Search. (Now there's a shocker.) Not surprisingly, many of the companies at Demospring and, we can assume, at Demofall, will be trying to hone in on Google's business.
Gravee's AdShare "fundamentally changes the economic model for search -- shifting power from content distributors (such as search engines) to content owners," Kosmix has "developed algorithms and technology that solve a complex engineering problem: categorizing the entire Web into understandable categories, such as women's health and adventure travel." Biggerboat is "the Internet's most comprehensive, entertainment industry specific search engine delivering cross-category, cross-format, and cross-retailer search results to online entertainment consumers." I could go on (and on..and on...)
Still, there's more than just search. Krugle and Jitterbit are two companies presenting cool new technology aimed at the open source community: Jitterbit has an open source integration tool for Windows and LInux for designing, configuring, testing and deploy integration solutions. Krugle's got a search engine for accessing open source code and other supporting information.
Then there's moobella, which is, as far as I can tell, an ice cream vending machine that can "produce a delicious scoop of ice cream within 45 seconds."
Now that's technology I can use!
Posted by Paul Roberts on August 30, 2006 04:01 PM
August 29, 2006 | Comments: (0)
Windows Live QnA: Answer this...
Microsoft made its Windows Live QnA service (a la Answers.com) available today. So what better question to ask than: What is Windows Live? There are four days left to come up with the answer.
Our own Oliver Rist dissected the Live juggernaut recently in his Enterprise Windows column, What the heck is Windows Live, anyway?.
...If you're thinking it's just meek retaliation to the Web service juggernaut that Google is becoming, you're only partially right. Sure, Google's announcements -- and even more recently, news from Yahoo and others -- are spurring Windows Live announcements to keep Microsoft's cutting-edge Internet relevance alive. But the product responses themselves are neither brand-new nor meek. Redmond's been planning this for some time...[Rist's Live in a nutshell:] Live Search is an updated version of MSN Search; Live Toolbar, yet another Web browser toolbar; Live.com is Microsoft's customizable portal page; Shopping and Product Search, its answers to Amazon and Froogle, respectively; Live Local, the reply to Google Maps and Mapquest; QnA, the answer to Yahoo Groups; Live Mail Desktop, the counter-punch to Google Mail, although with some very sexy mail client features culled from Outlook Web Access; and Live Expo is a burgeoning Microsoft iteration of eBay or Craigslist.
Live Academic is a search engine devoted solely to academic content -- research journals and such -- for which I don't know a direct competitor off the top of my head. Windows Live Search Mobile is supposed to deliver all the power of the updated Live Search engine in a format suitable for Windows Mobile 5 pocket devices.
OK, so it is Microsoft playing catch-up on Webifying everything. Too bad Google gets all the glory in this PR-centric world. The ex-MS PR hack Robert Scoble makes some points in A Google Vs. Microsoft Double Standard?, noting Google's edge with Web-centric bloggers following its media home run with news of its short-on-beef Office rival package yesterday.
This one sort of says it for those who use Hotmail and will be switched over the white-page world of Live at some stage soon...
6) Branding. Microsoft doesn't have a cool Web brand right now. In fact, the one that they had, MSN, is being thrown in the trash and they are switching over to Windows Live. That probably will turn out to be the right decision in the long term, but in the short term Google has the better naming team - by far. Calling Google Maps "Google Maps?" Sheer brilliance! Who came up with the name "Windows Live Local?" Blllleeeeccchhh.
And there have been some questions about if Live is the real deal, or if it is pure marketing by MS. Earlier this month, a early-departing Live manager, Niall Kennedy, raised concerns about Microsoft commitment to the strategy, saying Live was paralyzed and that the former Technorati man was not given the resources needed to roll out the program he managed for Microsoft.
Rist writes: So where's the beef for corporate America? Fortunately, it's mostly in the nonbeta offerings. Microsoft Safety Center is first: a stable and surprisingly thorough malware checker and PC Health diagnostics check, free for the asking. It won't replace corporate anti-virus, anti-spam, or even disk defragger applications, but it's a great place to start a workstation diagnostic process.
He sums up: Microsoft has made grand announcements on the future of the platform, including hints of a Web version of Microsoft Office and other Microsoft applications, but all of that is many moons away and certainly subject to change should market interest shift away from running everything through a browser. The here and now -- for businesses, anyway -- is a nice set of security and diagnostic tools and a very competitive Web and e-mail hosting service.
Tell that to the newest PR tools on the block, Gmail-packin' bloggers.
Posted by Mike Barton on August 29, 2006 01:57 PM
August 29, 2006 | Comments: (0)
Could this be your next (bus) ride? The folks at MIT new research lab think so. The new MIT Design Laboratory is focused on bringing emerging technology to urban planning, and combines existing MIT research groups like PlaceLab and SENSEable Cities, as well as others. The new lab will work on "problems of social, economic and cultural importance," according to a press release from the university.
The idea is to create a comprehensive design approach to buildings and urban areas, not just focus on using technology in the context of individual projects. Among the projects the new lab is working on:
The City Car. This one has been around for a while. A "stackable car for two passengers," City Car can be deposited at stacks, which are located at convergence points like bus and subway lines. Kind of Zip Car meets Duplo."Each stack receives incoming vehicles and electrically charges them. Users simply remove a fully charged vehicle from the front of the stack just as they would pick up a luggage cart at the airport."
The Digital Mile. A mile-long, programmable wall of water in Zaragoza, Spain,that replaces a set of train tracks that was removed from the city center. "Sensors respond when someone approaches, causing the water to rise or fall or propagate waves." OK. Now that's cool, even if the name does make it sound like Chris Anderson's next book.
The Electronic Lens. (Flash preso) A system of talking landmarks in Barcelona, Spain (what is it with Spain and futuristic architecture?) that provides pedestrians with on-the-spot information about the city's resources.
Posted by Paul Roberts on August 29, 2006 08:45 AM
August 29, 2006 | Comments: (0)
With little fanfare, Microsoft updated its Windows Marketplace e-commerce site on Monday. The main advantage of the redesigned site appears to be the introduction of Digital Locker, a secure software distribution system that allows anyone with a Windows Live or Passport ID to buy software, manage installs and store purchased software securely online for future access. As Microsoft points out: no more boxes and CDs to manage...as long as the power stays on!
One of the interesting things about this new version of marketplace is the tie-in with Vista, as Ed Bott discusses in his excellent blog.
Turns out that Vista's new Windows System Assessment Tool passes Windows Marketplace the results for your system's ratings for things like its processor, memory, hard drive, etc. You can access that "base score" online through Windows Marketplace. As Ed points out, that may allow Microsoft to recommend software that is best suited to the capabilities of your PC (and discourage you from buying software that'll bog you down?)
Interesting stuff.
Posted by Paul Roberts on August 29, 2006 07:42 AM
August 29, 2006 | Comments: (0)
T-Mobile hacker to do time at home
There's an episode of "The Simpsons" where the gluttonous family patron Homer spends a day in Hell and is forced to endure the horrors of the Ironic Punishments Division.
For Homer, that means being force-fed, literally, a roomful of donuts. Yet even as the last few are shoved down his throat into his ridiculously overstuffed body, he politely requests, "More please."
I was reminded of this episode after reading about the punishment handed down Monday to 23-year-old hacker Nicholas Lee Jacobsen. Jacobsen was busted for breaking in to T-Mobile's network in 2003 and accessing private information of about 400 customers, including a Secret Service agent.
Jacobsen's punishment? He must pay T-Mobile $10,000 in damages -- plus he faces a year of home detention.
Hm. Home detention. How will this convicted hacker pass the time? Perhaps a year without Internet access would have been more fitting -- or does that fall under the category of cruel and unusual punishment?
Yes, I'm being just a bit flippant. I'm sure a year at home won't be a walk in the park, and I'd rather see him suffer that than be forced to rot in jail. And to his credit, he did apologize and acknowledge the error of his ways.
U.S. District Judge George King clearly felt that same way, in that he didn't slap Jacobsen with anything close to the maximum sentence for accessing a protected computer: five years in prison and a fine of up to $250,000.
Posted by Ted Samson on August 29, 2006 06:16 AM
August 28, 2006 | Comments: (0)
Due to the growing popularity of Web applications, AJAX (Asynchronous JavaScript and XML) is the emerging international programming lingua franca, according to a report released today by Evans Data.
Titled 2006 Emerging Markets Development Survey, Evans Data surveyed more than 400 developers in emerging markets.
According to the study, AJAX adoption is generally higher in emerging markets such as India, Brazil, China, and Eastern Europe than it is in North America. Leading the pack is Brazil, where 25% of all developers use AJAX. China has the lowest adoption rate at just 16%, while North America's level is around 18%.
"While we see strong adoption of AJAX globally, our latest research indicates the developer community in the emerging markets is embracing this programming model most aggressively," said John Andrews, president of Evans Data, in a written statement. "Given that these developers are spending a majority of their time developing Web applications, we only see this trend continuing."
AJAX-driven Web applications are indeed becoming increasingly popular. Google just today announced a package of Web-based apps aimed at SMBs, with plans for a more feature-rich package geared toward the enterprise. Microsoft, Adobe, Oracle, Sun, and many other companies are also studying and using the programming language.
Not surprisingly, tools for AJAX development are multiplying and maturing.
According to the study, PHP is used most widely in Eastern Europe at a rate of 39%. India and Brazil have an adoption rate of just over 31%. 35% of North American developers use PHP while 21% of those in China do.
The study also found that 42% of the respondents are using Flash, which Evans says is higher than that found in North America.
Additionally, Linux is increasingly becoming the embedded OS of choice across all regions. China leads the way with 39% adoption.
Finally, 90% of all developers in the emerging market develop on a Windows platform.
Posted by Ted Samson on August 28, 2006 05:01 PM
August 28, 2006 | Comments: (0)
Multicore processors are on the minds of Microsoft researchers, who are working on a means to leverage this budding processor technology.
An internal project at Microsoft called PLinq, which is in the early stages of development, would implement Microsoft's LINQ (Language Integrated Query) technology on multiple processors.
LINQ is intended to extend C# and Visual Basic with native language syntax for queries, with the goal of reducing the need to use multiple query languages for different data types. LINQ is planned for inclusion in the next major release of the Visual Studio developer platform, codenamed "Orcas."
The intention of PLinq is to divide queries among multiple CPUs, which can make programs run faster, a Microsoft representative said.
Microsoft is not alone in seeking to accommodate multicore processors with application development technologies. Intel on Monday rolled out three tools to help developers take advantage of multicore systems.
Posted by Paul Krill on August 28, 2006 04:34 PM
August 28, 2006 | Comments: (0)
ICANN ponders variable pricing
If you register an Internet domain today, typically you pay a flat fee, no matter what the domain name. That could be about to change, according to blogger Ken McCarthy. A new proposal is being shepherded through ICANN that McCarthy says could lift the price caps on domain registration. A variable pricing system, he says, would inevitably lead to dramatically escalated prices for domain registrations -- think thousands of dollars, or more, for popular domains.
So far, the ICANN proposal applies only to the .biz, .org, and .info top-level domains (TLDs), but if it passes, McCarthy and others expect that VeriSign will follow suit with .com, the TLD that VeriSign controls.
ICANN has a public comment process in place where you can let your voice be heard on this issue, but McCarthy points out that you'd better move quickly: The deadline for comment ends today at 5:00pm Pacific Time.
Posted by Neil McAllister on August 28, 2006 03:22 PM
August 28, 2006 | Comments: (0)
Microsoft Vista isn't out yet, but there's already been a slip in prices -- so to speak.
A Web page listing the prices of Vista went live today on Microsoft's Canadian Web site, according to an IDGNS reports.
It wasn't up for long, but Ed Bott, a blogger at ZDNet, had enough time to record all the prices, listed in Canadian loonies. (That's dollars for those who don't speak Canadian, eh?)
Here's the price list of the six versions of the forthcoming operating system:
Full versions (all prices Canadian)
Windows Vista Ultimate $499
Windows XP Professional w/SP2 $429
Windows Vista Business $379
Windows Vista Home Premium $299
Windows Vista Home Basic $259
Windows XP Home w/SP2 $259Upgrade versions (all prices Canadian)
Windows Vista Ultimate Upgrade $299
Windows XP Professional w/SP2 Upgrade $259
Windows Vista Business Upgrade $249
Windows Vista Home Premium Upgrade $199
Windows Vista Home Basic Upgrade $129
Windows XP Home w/SP2 Upgrade $129
Bott stresses that converting those figures to American dollars wouldn't provide an accurate estimate of what Vista will cost in the States. "You'll get a much more accurate picture by doing what I've done, which is to compare the relative prices of the new Vista versions to current XP versions and then make similar adjustments to the U.S. price list."
He took a shot at estimating using the aforementioned approach, and came up with the following. (The first figure is the flat cost; the second is the upgrade fee):
Windows Vista Ultimate $349/$199
Windows Vista Business $269/179
Windows Vista Home Premium $239/$139
Windows Vista Home Basic $199/$99
Microsoft isn't the first well-known company to recently and unintentionally make public information on its Web site. Amazon.com did it last week, exposing screens of what could be a forthcoming video-download service.
Posted by Ted Samson on August 28, 2006 03:03 PM
August 28, 2006 | Comments: (0)
As mobile phones become increasingly vital tools for corporate and social communication, savvy and malicious hackers are finding new ways to exploit both the security holes of devices as well as the, well, gullibility of some end-users.
Case in point: McAfee today announced a new type of phishing attack. Called "SMiShing," a marriage of phishing and SMS, this attack sends a message to the phones of unsuspecting users reading, "We're confirming you've signed up for our dating service. You will be charged $2/day unless you cancel your order," writes McAfee Mobile Threat Researcher David Rayhawk in the McAfee Avert Labs blog.
Included in the text message is a URL that some unsuspecting users will very likely click. From there, Rayhawk writes:
"[Users] are prompted to download a program which is actually a Trojan horse that turns the computer into a zombie, allowing it to be controlled by hackers. The computer then becomes part of a bot network, which can then be used to launch denial of service attacks, install keylogging software and steal personal account information and other malicious activities. Because monitoring botnet activity is complex, it is challenging to know the current scope of the problem."
Meanwhile, CBS recently announced plans to push TV clips to mobile devices via Bluetooth. The idea is, a user would see a billboard at Grand Central Station in New York City urging him or her to enable Bluetooth. Doing so would let the user connect with a Bluetooth system on the billboard and download video files.
Clever? Certainly -- perhaps from a marketing perspective. But urging users to enable Bluetooth in a public place like that could result in leaving them susceptible to a virus like Cabir.
Mobile insecurity shouldn't just concern individuals who fear for their phone bills, of course. Mobile devices can be overlooked and poorly protected gateways to your enterprise network.
McAfee's Rayhawk urges enterprises to revisit (or create, in some cases) mobile security policies: "Enterprises would be wise to keep a close eye on this issue and think about policies for securing their mobile devices ahead of time, rather than playing catch up when it hits them, and begin to educate their employees about the potential risk now."
Posted by Ted Samson on August 28, 2006 01:28 PM
August 28, 2006 | Comments: (0)
Jaguar supercomputer hits 54TFs
There are system upgrades, and there are system upgrades.
The Cray XT3 supercomputer, or Jaguar, at Oak Ridge National Laboratory recently got the latter, now clocking in at a mind-blowing 54TFs (teraflops).
The upgrade involved replacing all 5,212 processors with Cray's latest dual-core processors, doubling the memory and adding additional interconnect cables to double the bisection bandwidth. The Jaguar now features more than 10,400 processing cores and 21TB of memory.
The largest computer in the Department of Energy's Office of Science, Jaguar is also the major computing resource for the DOE's Innovative and Novel Computational Impact on Theory and Experiment, or INCITE, program. Boeing, DreamWorks Animation, and General Atomics, all INCITE grant recipients, are doing their work at ORNL.
"The XT3 is a remarkable system for scientific calculations, and the upgrade of all system components maintains the balance of the machine while doubling the performance," said ORNL's Thomas Zacharia, associate laboratory director.
"It is probably the fifth-fastest machine" in the world, Zacharia told the Associated Press. "It is clearly the fastest open-science machine in the U.S. today."
The supercomputer was previously ranked No. 13 on the TOP500 list, which ranks and details the 500 most powerful computer systems in the world. The current list, updated last June, ranks the IBM BlueGene/L as the faster system, boasting a speed of 280.6 TFps running the Linpack benchmark.
Not on that list is the MDGrape-3 at Riken in Japan, which clocked in at 1 petaflop (one quadrillion calculations per second) last June. A special-purpose system built for molecular dynamic simulations, it didn't make the TOP500 because it can't run Linpack.
DOE's Leadership Computing Facility is on a path to exceed 100 teraflops by the end of this year and to reach a petaflop, or 1 quadrillion mathematical calculations per second, by 2009. The multiyear contract between Cray and the DOE will cost nearly $200 million, according to AP.
Posted by Ted Samson on August 28, 2006 10:50 AM
August 26, 2006 | Comments: (0)
Busted botnet operator gets 3 years
21-year-old Christopher Maxwell was sentenced on Friday to 37 months in prison and three years of supervised release after pleading guilty to operating a botnet that was responsible, among other things, for knocking a Seattle hospital offline, according to a statement released Friday by the U.S. Attorney's Office for the Western District of Washington.
Maxwell pled guilty in May to operating the botnet, which was used to do earn money through DDOS attacks, spam and identity theft.
Maxwell's botnet, at its height, included U.S. military computers from the Headquarters 5th Signal Command in Manheim, Germany and the Directorate of Information Management in Fort Carson, Colorado. In one two week spam in February of 2005, Maxwell's bots reported infections on 629,000 unique IP addresses.
At sentencing, Judge Marsha J. Pechman stated that Maxwell's crime shows "incredible self-centeredness" with little regard for the impact on others. The three year sentence is necessary for "deterrence for all those youth out there who are squirreled away in their basements hacking."
Which strikes me as a bit broad. Shouldn't she mean "squirreled away in their basements operating botnets"? After all, there's a big difference.
Posted by Paul Roberts on August 26, 2006 11:33 AM
August 25, 2006 | Comments: (0)
CBS to push TV clips with Bluetooth
People brave enough to whip out their mobile devices and enable Bluetooth while strolling around Grand Central Station in New York can be rewarded with TV clips come September.
CBS today announced that it will employ Kameleon Technologies Mobizone Bluetooth download systems to deliver clips of some of its new television shows from billboards to Bluetooth-enabled devices at the famous transporation hub.
According to a release from Kameleon, here's how it will work: "Each billboard invites the mobile user to open his Bluetooth connection and make it discoverable. Then the user is invited to accept a free clip from the particular show. If he accepts, the clip automatically downloads and plays [it] on the screen of the mobile."
George Schweitzer, director of advertising for CBS TV Network, gushes over the new service in the written statement, saying, "We certainly have great content, and telling viewers about it is our job. MobiZone units attached to our OOH billboards is a value-added plus for our OOH media spend [sic], offering people the free opportunity to see our content without incurring a charge from their mobile carrier."
The OOHs, by the way, are either exclamations of awe and excitement, or else they're advertising acronyms for "out-of-home". Ooh!
There's some debate in the IT security world as to just how secure Bluetooth is. Last April, researchers from Secure Networks and F-Secure published a report "which warns of the huge number of devices left in a visible state, and issued statistics on the spread of various Bluetooth services and the ease of spread of an eventual Bluetooth worm."
Posted by Ted Samson on August 25, 2006 05:04 PM
August 25, 2006 | Comments: (0)
Hack, snoop, and snitch vigilantes
Comverse ex-CEO Jacob Alexander's one-minute Skype call has put information technology once again into the crime-fighting limelight. On the lam and wanted for securities fraud, Alexander was tracked down yesterday in Sri Lanka despite opting to connect with a colleague via the arguably more secure peer-to-peer VoIP technology.
Dramatic, yes, but in an era when data mirroring and SWIFT messaging technology have the U.S. government privy to information beyond the scope of its controversial financial transaction investigations, questions regarding the use of information technology in pursuing criminals persist. Jurisdiction vs. technological ubiquity chief among them.
To wit, in today's Police Blotter, News.com's Declan McCullagh outlines the exploits of "Unknown User," as he has been referred to in a recent court briefing. Unknown User's implementation of Trojans has thus far led to the convictions of two men on counts of sexual exploitation of children. Whether Unknown User's intention in planting Trojans was simply to uncover child pornography on individual's hard drives is unknown.
What's worth noting in McCullagh's account is that the FBI, in a pre-emptive extension of diplomatic immunity, subsequently encouraged Unknown User to continue his vigilante hacking, guaranteeing freedom from prosecution based on his residing in Turkey (citizenship appears to have been implied). Contracting individuals beyond U.S. borders to circumvent federal privacy laws is a curious mode of outsourcing indeed. One that begs the question as to how many bank accounts and passwords, etc., Unknown User - and others like him - has been privy to in trolling, presumably, for leads.
Whether the ends in such cases justify the means is, of course, central to the debate over privacy rights in an increasingly plugged-in world. International law expects to become only more complicated as computing technology further conflates with everyday life. And with indiscriminate proliferation central to most malware campaigns, such as those undertaken by Unknown User, a collateral-damage-be-damned approach to outsourced law enforcement could lead to some seriously risky business.
Who, for example, wants to be the last corporation on the block not to reap the sideline advantages of "encouraging" - or setting up - an outsourced regulatory-compliance watchdog? Far-fetched, perhaps. But if the mantra is, Fish for something prosecutable to justify access to other, potentially more valuable data streams, who knows where all this "justifiable" hacking will lead?
When it comes to tracking down child molesters, stock scammers, and terrorist financiers, lines may be more readily drawn. But the precedents set by these cases will have far-reaching effects, particularly if this hack, snoop, and snitch vigilantism breeds.
Posted by Jason Snyder on August 25, 2006 04:53 PM
August 25, 2006 | Comments: (0)
Internal video slips out of Redmond
A couple of spoof versions of Office have leaked out of Microsoft.
Wait, no. That's a couple of spoof versions of "The Office," the popular British sit-com.
Titled "The Office Values," two internal Microsoft training videos, written by and starring Ricky Gervais and Stephen Merchant of "The Office," have found their way onto the Wild Wild Web, ZDNet UK reports.
Microsoft UK reportedly commissioned the videos in 2004 and at the time, refused to acknowledge their existence. The company is now trying to weed out who leaked them.
Speaking to ZDNet UK earlier this week, "a spokeswoman for Gervais explained that the comedian was concerned that the appearance of the videos could make fans think he had reversed his decision to retire the [David] Brent character for good."
She said that Gervais will not file charges against Microsoft.
"The Office Values" videos are available on some blogs and popular video-download sites such as Google Video. It was on YouTube, but now the site says "this video has been removed at the request of copyright owner Microsoft because its content was used without permission."
The videos, which run a total of 37 minutes, have sparked all sorts of weighty debate on the Net, including which is superior: the American version or the British version of "The Office."
Posted by Ted Samson on August 25, 2006 03:59 PM
August 25, 2006 | Comments: (0)
MS douses fire over Vista's HD support
You can't spell misstatement without MS.
The technohemoth of the Great Northwest faced a flurry of flames after APC reported that 32-bit Windows Vista would not support HD DVD, Blu-Ray, and other high-definition protected content.
The report was based on misstatements by Microsoft Senior Program Manager Steve Riley at TechEd 2006 in Sydney, which created the impression that a user had to be running a 64-bit version of Vista to watch commercial movies on DVD. Among them: "Any next-generation high-definition content will not play in x32 at all."
Fear not, movie enthusiasts, says Microsoft: "The real deal is that no version of Windows Vista will make a determination as to whether any given piece of content should play back or not," Vista product manager Nick White wrote in the Windows Vista Team Blog. "The individual ISV providing the playback solutions will choose whether the playback environment, including environments that use 32-bit processors, meet the performance requirements for playback of protected high-definition content."
Windows Media Player 11, however, will not deliver out-of-the-box support for HD DVD and Blu-Ray, BetaNews reports, "due to pressure from media companies who are wary about piracy."
Posted by Ted Samson on August 25, 2006 11:47 AM
August 25, 2006 | Comments: (0)
"Pre-RC1" Vista build unveiled
According to various sources, Microsoft last night pushed out another build of its forthcoming operating system, "Vista," build 5536, which the company is labelling "Pre-RC1" (Release Candidate 1).
Reviews, at this early stage, have been positive, with improvements to the installation routine and a performance testing program that rates your system for use with Vista. MS has also apparently added some new gadgets, including an RSS aggregator and "Weather Gadget" that lets you view weather conditions in various cities simultaneously. (All this thanks to Brandon LeBlanc's blog, where pix of the new build are available.)
Most recently, Microsoft released a build in early August at the Black Hat Briefings security conference in Las Vegas, where the company invited attendees to scour the new release for security holes.
The new build, which became available last night, shows Microsoft creeping towards RC1, a stable and largely complete beta release that (in theory) is close to the final version of Vista that will be made commercially available to consumers.
Posted by Paul Roberts on August 25, 2006 07:58 AM
August 24, 2006 | Comments: (0)
Sun baits HP with wooden cutout
Note from the writer, Sept. 7: In this article, I incorrectly reported the material from which the cutout is made. It's wood. I regret any confusion I may have caused.
Sun has its fair share of cutups. Now they've been joined by a cutout.
In a stunt that appears to be part PR, part prank, and part pestering, Sun has secured a wooden cutout of HP founders William Hewlett and David Packard for $6,000, boasts Sun CEO Jonathan Schwartz in his blog. Since acquiring the life-size portrait, Sun has set up various photo-ops with it, bedecking the duo in pro-Sun and Solaris paraphernalia.
Therein lies the prank and the pestering of the stunt. The PR emerges in Schwartz's touting of Solaris in his post. "With nearly 25% of Solaris downloads requested on to HP's servers, we know their customers really want the partnership, and we're happy to oblige," he writes.
"To warn you in advance, Bill and Dave have both indicated a strong interest in learning more about Sun and the Solaris platform, so stay tuned," he continues.
The wooden dual portrait, by the way, was part of a cross-country art project called "Pioneers Hitchhiking in the Valley of Heart's Delight."
HP was given right of first refusal to purchase the portrait of its esteemed founders, but the company declined. In his own blog, HP Vice President of Global Marketing Strategy and Excellence Eric Kintz returns Schwartz's volley, seemingly unimpressed by, or perhaps even sour on, Sun's "nice stunt." "I never met Bill or Dave, but I bet neither of them would have approved paying thousands for representations of themselves," he writes.
Kintz also made a point of addressing Schwartz's claims about the popularity of Solaris on HP servers by pointing to an HP-written summation of a 2006 IDC report. As far as I can tell, nothing there contradicts Schwartz's assertions of Solaris being downloaded to 25 percent of all HP servers. The report does say that "HP is #1 in high-end Unix server revenue with a 48.3% market share worldwide. IBM is #2 with 20.7% and Sun is #3 with 14.0%."
As for the fate of Hewlett and Packard: Sun says it will donate the piece to the Tech Museum of Innovation in San Jose.
Posted by Ted Samson on August 24, 2006 03:30 PM
August 24, 2006 | Comments: (0)
Before the 9/11 terrorist attacks, the U.S. Government, led by thinkers like Richard Clarke, was obsessed with the prospect of widespread and coordinated cyber attacks against critical infrastructure. Richard Clarke himself used the term "Digital Pearl Harbor" to describe such an event. After the decidedly low-tech horrors of September 11, the whole notion that the greatest threat to the country's security came from computer hackers seemed...well...laughable. Still, the idea of "Digital Pearl Harbor" never went away, and preventing one is still the focus of the Bush Administration's "National Strategy to Secure Cyberspace," which has as its objective to "prevent cyber attacks against our critical infrastructures; Reduce our national vulnerabilities to cyber attack; and, Minimize the damage and recovery time from cyber attacks that do occur."
War gaming, like the "Operation Cyber Storm" exercise in February, or this week's Strong Angel III disaster recovery exercise in San Diego still imagine terrorist groups or foreign governments who are capable of launching sophisticated, multipronged attacks that cripple the nation's critical infrastructure.
Now an article in the September/October issue of Foreign Affairs (500 word preview available, subscription or $$$ needed to access entire article) argues that the "Digital Pearl Harbor" obsession, while not totally unfounded, has distracted the U.S. government from the real online threat: terrorists using the Internet in a more pedestrian fashion for what its good at: organizing, recruiting and planning attacks.
From the article, by Evan Kohlmann: Although catastrophic computer attacks are not entirely inconceivable, the prospect that militants will be able to execute them anytime soon has been overblown. Fears of such science-fiction scenarios, moreover, have led policymakers to overlook the fact that terrorists currently use the Internet as a cheap and efficient way of communicating and organizing. These militants are now dedicated to waging an innovative, low-intensity military campaign against the United States. Jihadists are typically organized in small, widely dispersed units and coordinate their activities online, obviating the need for a central command. Al Qaeda and similar groups rely on the Internet to contact potential recruits and donors, sway public opinion, instruct would-be terrorists, pool tactics and knowledge, and organize attacks.
To counter the threat, which has been dubbed "netwar," the U.S. will have to realign "U.S. intelligence and law enforcement agencies, which lag behind terrorist organizations in adopting information technologies."
Food for thought.
Posted by Paul Roberts on August 24, 2006 11:43 AM
August 24, 2006 | Comments: (0)
MS rolls out biz-primed IE7 RC1
Microsoft today made available Internet Explorer 7 RC1, sporting features such as bolstered security, improved AJAX support, improved enterprise-wide manageability, and even some features tailored just for Windows Vista, Microsoft's forthcoming desktop OS.
Often criticized for lackluster security in its products, Microsoft says it has injected superior protection in this version of IE, which is available for download via the Microsoft Internet Explorer 7 Web site. Among them, nearly all ActiveX controls come disabled; there's a phishing filter that warns users about -- or even blocks -- fraudulent sites; and redesigned URL parsing to minimize possible exploits.
Enterprise admins and developers may take interest in IE 7's CSS (Cascading Style Sheets) improvements. According to Microsoft, this iteration of the browser "addresses many of the major inconsistencies that can cause Web developers problems when producing visually rich, interactive Web pages. Improved support for CSS 2.1, including selectors and fixed positioning, allows Web developers to create more powerful effects without the use of script."
There's been some discussion on the Net as to IE 7's CSS compliance and how it will effect the browsing experience of sites designed with IE 6 in mind. "If your current CSS works with non-Microsoft browsers, the changes shouldn't be too drastic. Nevertheless, Microsoft has provided several documents designed to help ease the pain of transitioning CSS from IE6 into IE7," according to M-Dollar on PC enthusiast site Ars Technica.
Moreover, Redmond says it has added support for all IE settings through Group Policy, which should make enterprise-wide management easier.
There's a new IE Administration Kit as well, which Microsoft reports will enable OEMs and deployment specialists to add customized settings and additional programs in pre-packaged versions of the browser.
Also new is an RSS platform, which Microsoft says provides "functionality for downloading, storing, and accessing RSS feeds "across the entire operating system" for "any application that wishes to consume it." The platform has already received some criticism for not being secure.
The browsers enhanced AJAX support, according to Microsoft, "improves the implementation of the XMLHTTP Request as a native Javascript object for rich AJAX-style applications. Whereas IE 6 handled XMLHTTP requests with an ActiveX control, Internet Explorer 7 exposes XMLHTTP natively. This improves syntactical compatibility across different browsers and allows clients to configure and customize a security policy of their choice without compromising key AJAX scenarios."
Microsoft has tacked on a couple of features tailored just for Vista, too. Among them is a Protected Mode, where IE runs in isolation of other applications. This boosts desktop security in that exploits and malware are restricted from writing to any location beyond the Temporary Internet Files folder with explicit user approval, according to Microsoft. There are also controls for parents to restrict the children's online browsing.
Thus far, the new browser has received at least from kudos from sites such as Paul Thurrott's SuperSite for Windows:
"Internet Explorer 7 RC1 is faster, more stable, and better looking than previous IE 7 betas, so it's a required update for any users who installed IE 7 Beta 3 or earlier. As for IE 6 users, I think it's both safe and prudent to migrate to IE 7 now: You'll be able to upgrade to the final version fairly effortlessly and the security enhancements and new functionality should win over even the most jaded. It's not a perfect browser, but IE 7 is hugely improved, and even in this prerelease version is worth considering. I don't think there's enough there to sway Firefox users quite yet -- maybe IE 8?--but IE 7, even in RC1 garb, is looking good. Recommended."
Posted by Ted Samson on August 24, 2006 11:07 AM
August 24, 2006 | Comments: (0)
Microsoft updates problem patch
Microsoft has re-released a critial patch that was blamed for crashing some IE browsers and actually introducing a new vulnerability onto systems that deployed it.
The company posted an updated version of MS06-042 that fixes both the original IE vulnerabilities, and the new "Long URL" vulnerability that its initial patch created.
The company was supposed to release the revised patch August 22, but delayed it, purportedly because there were conflicts with the patch and SMS, microsoft's patch distribution system, according to Rob Brown, CEO of eEYE Digital Security, who criticized Microsoft in a blog posting.
Brown and eEYE CTO also hammered Microsoft for naming the source of the buffer overrun vulnerability (" Long URLs to sites using HTTP 1.1 and compression Could Cause Internet Explorer 6 Service Pack 1 to Unexpectedly Exit"), which they claimed gave hackers the information they need to start looking for ways to exploit the hole. eEYE was more circumspect in its customer advisory.
Microsoft claims that it does not know of any attacks using the Long URL hole introduced with the first version of MS06-042, and that only Windows XP Sp1 systems using IE 6.0 SP 1 are vulnerable to attack.
The company says customers using versions of Internet Explorer other than Internet Explorer 6 Service Pack 1 are not affected and should feel free to use the first version of MS06-042. Customers using Internet Explorer 6 Service Pack 1 should deploy the updated version MS06-042 released today.
Well...that's simple enough. ;-)
Posted by Paul Roberts on August 24, 2006 10:45 AM
August 23, 2006 | Comments: (0)
Mozilla: MS invitation accepted?
More genteel than pugilistic, the gloves are off, and it appears Mozilla developers will in fact come to table with Microsoft in an effort to enhance Vista interoperability with Firefox and Thunderbird.
Delivered by Sam Ramji, director of Microsoft's open source software lab, the public solicitation has created quite the speculative stir. Mike Beltzner, erstwhile phenomenologist at Mozilla, posted a response to Ramji's feeler, accepting, in so many words, his invitation to Windows Vista Readiness ISV Labs.
Beltzner's response opens the discussion on certain particulars that may become part of the collaboration, including integration with Vista's calendar and address book, its RSS data store and services, and the InfoCard identity system, as well as the "effects of running in the new application security mode."
Whether Mozilla will in fact have input on the menu remains a matter of conjecture, but what is notable and noble about this opening "salvo" is Beltzner's attempt to extend Microsoft's invitation to the open source community at large.
His query regarding potential lab time for developers of Firefox-based projects such as Songbird, Democracy, and Flock will most certainly go unrequited. And yet his call for MSDN documentation, sample code, and common OS integration points cuts to the core of Microsoft's Mozilla overture.
A gauntlet has, in its way, been insinuated. And it appears to gauge how far Microsoft plans to go in opening the gates to its code.
Posted by Jason Snyder on August 23, 2006 05:29 PM
August 23, 2006 | Comments: (0)
Sun open-sources mobile dev tools
Sun Microsystems is making available via open source the code for two Java development tools used to build mobile device applications.
The NetBeans Mobility Pack and NetBeans Mobility Pack for CDC (Connected Device Configuration) are being released under the OSI-compliant Common Development and Distribution License (CDDL).
Although the tools supplement the NetBeans open source platform, the tools' source code had not been available until now. Sun hopes users will be enticed to take the code and add more features, fix bugs or find other uses, said Matt Volpi, product line manager for mobility tools at Sun.
"This is all source code for developer tools," Volpi said..
The tools are available here.
A NetBeans Web page about the tools can be found here.
Posted by Paul Krill on August 23, 2006 02:41 PM
August 23, 2006 | Comments: (0)
Apple reaches Creative resolution
Creative Technology has taken a $100 million bite out of Apple as a result of settled litigation over a patent dispute.
Last August, Creative was awarded a patent for the digital interface and file organization employed by various MP3 players - including Apple's iPod line. Last March, Creative sued Apple for infringing on its patented technology.
Apple today reported that it will pay Creative $100 million for a paid-up license to use Creative's patent in all Apple products. If Creative succeeds in licensing the patent to other companies, Apple will recoup an undisclosed amount of that settlement, according to a statement from Apple.
"Creative is very fortunate to have been granted this early patent," said Steve Jobs, Apple's CEO, in the statement. "This settlement resolves all of our differences with Creative, including the five lawsuits currently pending between the companies, and removes the uncertainty and distraction of prolonged litigation."
Additionally, Apple announced today that Creative has joined its Made for iPod program.
Creative Chairman and COO Sim Wong Hoo foresees "significant new opportunities for Creative," now that it's participating in the Made for iPod program. "We are very excited about this new market opportunity for our speaker systems, our just-introduced line of earphones and headphones, and our future family of X-Fi audio enhancement products," he said in the statement.
Posted by Ted Samson on August 23, 2006 02:41 PM
August 23, 2006 | Comments: (0)
Screeching solution to cell phone theft
Synchronica and Orange, a UK mobile communications company, are working on a new service to keep lost cell phones from becoming data-leak disasters -- and it's a scream.
Given the amount of information being stored on smartphones these days, the main draw of the business-targeted service (which uses Syncrhonica's Mobile Manager) is likely to be the wipe-clean features. Make a phone call, and your phone will be remotely cleansed of all data and locked down. The rabble-rouser who ends up with your phone might be able to resell the phone itself, but they won't be able to touch your credit card info, classified company data, or personal phone numbers.
But wiping the data stores of mobile devices isn't new -- you can serve up a poison pill with a host of services and software, including Nokia's IntelliSync, Exchange SP2 and MSFP for Windows Mobile 5.0, and iAnywhere's Afaria.
The real kicker here is the bonus "scream" feature: once alerted to the theft, the missing phone starts screaming like a banshee. And no electronic whine, either -- the noise is intended to sound like an actual human scream, according to reports of the new service.
I don't know if a human scream is the best choice of alarms, but if your cell is stolen and the thief tries to blend into a surrounding crowd, the satisfaction of watching him try to coolly play off the fact that he's hold a howling phone would be sweet (schadenfreude, anyone?). Of course, adding a tracking chip to find the lost phone would be much more useful if you don't realize it's gone until well after the fact, or if you're just prone to leaving it in taxis, friends' purses, or odd corners of your own home.
Wonder what would happen if all the stolen laptops involved in the recent spate of data-loss incidents suddenly started yelping?
Posted by Stephanie McLoughlin on August 23, 2006 01:12 PM
August 23, 2006 | Comments: (0)
Judge squeezes $25M more out of MS
Microsoft and Autodesk now owe DRM startup z4 Technologies $158 million in damages, up from $133 million, a federal judge in Texas ruled last Friday.
The two companies were in court appealing a previous ruling that they had infringed on z4's product activation patents. Not only did they fail to convince U.S. District Judge Leonard Davis of their innocence; the judge admonished them for attempting to mislead the court and ordered them to pay even more damages to z4.
Microsoft now owes Michigan-based z4 an additional $25 million to the $115 millions in damages it owed, plus almost $2 million in legal costs. Autodesk, located based in San Rafael, Calif., owes another z4 another $322,000 on top of the original $18 million.
According to The Seattle Times, Davis slammed the defendants for "[attempting] to bury the relevant 107 exhibits ... in a massive pile of decoys" and one "intentional attempt by Defendants to mislead z4 and this Court."
Posted by Ted Samson on August 23, 2006 12:05 PM
August 23, 2006 | Comments: (0)
Update: Microsoft fights cyber-sex predators
Updated Aug. 30, 2006: Contrary to statements provided by the CEOP and quoted in this article, Microsoft has stated that is has no plans to add a Report Abuse button to any version of Messenger outside of the U.K.
Microsoft has teamed up with a U.K.-based child-protection agency to take on potential sex offenders posing as youngsters' innocent online buddies.
Through the efforts of the CEOP (Child Exploitation and Online Protection) Centre, Microsoft is adding a "Report Abuse" icon to its popular Microsoft MSN and Live Messenger IM clients. The icon will provide users one-click access to resources for reporting potential abuse.
"Behind the report abuse button will sit police and intelligence officers who have been specially trained to tackle child sex abuse," said Jim Gamble, chief executive of the CEOP Centre and chair of the Virtual Global Taskforce (VGT). "We will tell you how to capture information and how to seize online discussions and then proactively do all we can to track down the perpetrator."
The VGT is an international alliance of law enforcement agencies working to make the Internet safer for children and young people. Its members include the CEOP, the Australian Federal Police; the U.S. Department for Homeland Security; the Royal Canadian Mounted Police, and Interpol.
"If you make a report as a U.K. citizen then we at CEOP will investigate," said to Carrie Bogner, senior director, Citizenship, Windows Live. "If you make a report as a user from other countries then our counterparts in the U.S., Australia, Canada, or Interpol will take the matter further. That is a truly global response to a worldwide issue.”
A CEOP spokesperson told Kable's Government Computing News: "Because the reporting is not anonymous it will filter out malicious reports."
Posted by Ted Samson on August 23, 2006 10:52 AM
August 22, 2006 | Comments: (0)
Java upgrades: Animals no more
Sun Microsystems has dropped the mammal and marine-life code names of planned upgrades to the Java platform, renaming the Mustang and Dolphin projects JDK (Java Standard Edition Development Kit) 6 and JDK 7, respectively.
"Yes, we must retire some old friends," said Ray Gans, senior program manager at Sun, in his blog. "Management says it's time to drop these code names and develop a new project naming system around our open source model. Better now than after Dolphin gets firmly entrenched - and as for Mustang, well it's almost done anyway. So with some sadness, we're walking Mustang out from her stable one last time to let her roam free in the meadows and we're opening the gate so Dolphin can return to the sea. Code names come and go and it's time to move on to our bright new future," Gans said.
"What has been Project Mustang on java.net will now be recast as JDK 6 (no surprise there I hope) and I'm happy to say we're launching JDK 7 [formerly Dolphin] on java.net today," Gans wrote on August 15. JDK 6 is targeted for a final release by the end of this year while JDK 7 has been eyed for release in the second half of 2007.
Mustang, err, JDK 6, has been geared to accommodate scripting languages, Microsoft Windows Vista and Web services while JDK 7 is to feature XML improvements. Sun officials detailed Java roadmaps at the JavaOne conference in San Francisco in May,
Posted by Paul Krill on August 22, 2006 02:42 PM
August 22, 2006 | Comments: (0)
Microsoft "patch patch" delayed
Microsoft said it is looking at reports from eEYE Digital Security that a recent patch, MS06-042, introduced a new, remotely exploitable vulnerability into Windows XP SP1 (not SP2!) systems. The company has posted an updated Security Advisory here that claims the company is investigating buffer overrun complaints and names "Long URLs to sites using HTTP 1.1 and compression" as the source of the problem.
According to an e-mail statement from a company spokesman, the company does not plan to re-release MS06-042 today "due to an issue discovered in final testing that impacts a customer's ability to broadly deploy the update." The patched...ummm..patch will have to wait for that issue to be resolved, according to the spokesman.
As for the eEYE warning, Microsoft frowned on that and pointed folks using IE 6 and XP SP1 to its security advisory for a work around until the revised version of MS06-042 comes out. Gosh, it's like 2003 all over again!
Posted by Paul Roberts on August 22, 2006 02:23 PM
August 22, 2006 | Comments: (0)
Laden with intrigue, Microsoft's open-letter invitation to Mozilla developers to "see if you are open to some 1:1 support in getting Firefox and Thunderbird to run on Vista" houses within it the kick-start appeal of the choicest of Reality TV teases.
Sam Ramji, director of Microsoft's open source software lab, has extended what many perceive to be a carrot/white-flag/golden-ticket amalgam across the browser divide in hopes of luring four members of the Firefox development team to Windows Vista Readiness Island, er, ISV Lab -- itself a somewhat hopeful, oxymoronic moniker. "Non-trivial," indeed.
The series, billed as a four-day weekly event in Redmond, will conclude with a December finale and is purported to include "secure office space for 4 people, hardware, VPN access, and 1:1 access to product team developers and support
staff."
The goal of the invitation, to enhance Vista interoperability with the increasingly popular Firefox broswer and Thunderbird e-mail platform, has created quite a buzz -- and without word yet on the invitation's acceptance. Whether Ramji's call-out is a concession of the myriad failings of Internet Explorer, a harbinger of greater open source involvement at Microsoft, or simply an attempt to keep an enemy closer while keeping another enemy (Google, perhaps?) at bay, this is certainly a development worth watching, especially given its 11th hour timing with Vista's supposed January release and recent news of Firefox support on the MSDN Wiki.
One may hope that though the chemistry will certainly prove less sensational and instructional than that of Brigitte Nielsen and Flavor Flav, Microsoft's helping itself by helping others will benefit end-users and the enterprise considerably.
Posted by Jason Snyder on August 22, 2006 01:37 PM
August 22, 2006 | Comments: (0)
Does new MS patch need mending?
Security research firm eEYE Digital Security is warning Microsoft customers that a recent patch, MS06-042, actually opened a new, remotely exploitable hole in the operating system, even while it patched other holes in the Internet Explorer Web browser.
According to eEYE Chief Hacking Officer Marc Maiffret, 042, a cumulative security update for IE, introduced a new exploitable vulnerability on Windows XP Service Pack 1 and IE 6.0. If you've forgotten already, that's the patch that caused IE browsers to crash when viewing certain Web sites that use data compression and Web coding standard, HTTP 1.1.
Microsoft has not yet responded to Maiffret and eEye's claims, and it was unclear Tuesday afternoon whether or not the new patch introduced a new security hole in XP systems.
Microsoft issued a hotfix on August 11 that fixed the crashes. The company promised a revised patch for the problem by August 22 (today) to be distributed through the Microsoft Download Center and Windows Update. The company has not, so far, warned customers about any exploitable hole introduced by the patch on XP SP1 systems.
Microsoft was looking into the eEYE claims, a spokeswoman told TechWatch.
But Maiffret said the hole isn't hard to spot. He described it as a buffer overflow that is triggered when Web sites send large amounts of compressed data to vulnerable instances of IE on XP SP1 systems that have applied the 042 patch.
Maiffret worries that customers using XP SP1 might be inclined to ignore the hotfix, leaving their systems open to compromise. The company issued a warning to its customers Tuesday afternoon.
Companies that have applied the MS06-042 patch to fix a host of IE vulnerabilities can work around the crash problem by disabling HTTP 1.1 support on IE 6, according to Microsoft. To do that:
1) On the Tools menu, click Internet Options, and then click the Advanced tab.
2) In the Settings box, click to clear the Use HTTP 1.1 check box under HTTP 1.1 settings, and then click OK.
To be continued...
Posted by Paul Roberts on August 22, 2006 11:59 AM
August 22, 2006 | Comments: (0)
Bloggers and pundits are engaging in a game of "CSI: Web 2.0" as they try to pinpoint who did in online-calendar startup Kiko.com.
Kiko.com -- including the Web site, the software, and the domain name -- went up for sale on eBay last week. One prospective buyer, who has no public buying or selling history on the popular auction site, has made a bid thus far for $49,999.00.
Whatever the future holds for Kiko, some people are taking this opportunity to point an accusing finger at Google, saying the release of Google Calendar was the fatal blow for Kiko. Take this article from the Guardian Unlimited, which invokes the phrase "Google creep":
"It only takes Google to experiment in a particular online area to kill off fledgling businesses. That appears to be what happened to Kiko. Google launched a test version of its Google Calendar application in April, and that seems to have rung the death knell for Kiko."
Google is becoming an increasingly common and easy target for these types of accusations. The company certainly is shifting more than a couple of technology landscapes as it dabbles not only in search innovation but also Web-based applications, news aggregation, and other projects not necessarily ending with -ation, such as its shiny new free wireless network in Menlo Park, Calif.
But did Google unfairly catch Kiko off-guard with the re