Saturday, May 07, 2005

Some thoughts on how to succeed... or not.

I've been thinking, and admittedly, that's always a dangerous endeavor.

And anyone who knows me would probably agree.

However, here lately, I've been feeling vindicated in the fact that my beliefs, and sticking to my proverbial guns, my closely-held engineering principles, will eventually prove themselves in their truths.

I've been thinking about this: Why is it that, when someone has a technical problem or crisis in the Internet community, they want to sweep it under the rug and pretend it never happened?

This really pisses me off, and if nothing else, violates the Tao of the Internet community-at-large... if you're not part of the solution, you are certainly part of the problem.

Well, I know why, or at least I think I know why. I've seen it first-hand working amongst the movers-and-shakers in the heady days of the high-tech, VC-money-for-virtually-every-start-up-over-the top, heady days of the mid- to late-1990's when this business was a tad more raw, over-inflated, and experimental in the business sense, than it ever was, or has been to to this day. However, some events of the past few weeks have left me feeling a few tinges of Déjà vu.

I left Cisco Systems, Inc. in 2001, after taking a leave-of-absence -- probably the best move for both me, and Cisco. But believe me, I've been doing this for a long time. And all I've ever wanted to do was engineer -- not manage. not direct -- just be an engineer. Keep my hands dirty, so to speak. That's what I still do -- engineer -- and that's what I hope I can always do. However, I reached a point (back before the bubble bust) where the enjoyment factor had been sucked out of the job -- everyone was more worried about appearances than real tech. You know, no "rough censuses or running code," just appearances.

When will tech companies make decisions based on doing The Right Thing? It was all about appearances -- how will we be perceived? Will our stock price go up? You get the spiel.

Well, probably never. It's all about margins and profits these days, and it would appear that any acknowledgement of fault is tightly integrated with marketing. What a shame for us engineers, huh?

Well, I just had a nasty flashback the past few days.

And it really leaves a bad taste on my technical palette.

Selfishness is the problem these days, it would appear. We have companies who are more concerned about their image than they are about admitting any technical problems, or helping the Internet community at-large. That's the state of business, huh? We haven't really moved ahead very much as a community, have we?

I've got news for you: Openess is supposed to be a bonus, not a liability. When is everyone going to figure that out? It only goes to show you -- the ones who never talk about their technical issues are the ones which ultimately fail in their own protective, retarded walled garden.

Tragedy of the commons.

End tirade.

Good night, Gracie, wherever you are.

Mozilla Firefox "Web Features" Remote Code Execution Vulnerability

Wow, it seems to be the day for Mozilla/Firefox vulnerabilties.

FrSIRT reports of yet another:

FrSIRT Advisory : FrSIRT/ADV-2005-0493
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-05-07

* Technical Description *

A critical vulnerability was identified in Mozilla Firefox, which may be exploited by remote attackers to execute arbitrary commands. This flaw is due to an input validation error when processing a specially crafted "src" parameter of an "IFRAME" tag referencing a firefox extension add-on, which may be exploited via a malicious web page or email to inject arbitrary JavaScript code in the "chrome" and compromise a vulnerable system.

* Affected Products *

Mozilla Firefox version 1.0.3 and prior

* Solution *

- Disable JavaScript, or disable the "Allow web sites to install software" option [Tools - Options - Web Features].

The FrSIRT is not aware of any official supplied patch for this issue.

* References *

Google hacked?

Om Malik writes in his Broadband Blog that:

Looks like we are having a Google outage - apparently someone has hijacked their Domain, and something called SoGoSearch is showing up instead. GMail was down as well. Google ads are not being served up as well. Am I the only one, or did you guys feel the webquake as well? Man if this is a hack, then we now know nothing - not even god, I mean Google is safe! Is this someone’s idea of teaching them a lesson? Or has the Web Accelerator shown its true colors? Lots of unanswered questions. Here is a screen grab by the way!

Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

FrSIRT (French Security Incident Response Team) reports that:

This is a 0-day exploit/vulnerability (unpatched). This code will download/execute a malware without user interaction.

Rated as :

Solution : Disable Javascript

Intel's CEO says WiMAX competitive with DSL, cable

Via Reuters:

Intel Corp. Chief Executive Craig Barrett said on Friday that new wireless high-speed data technologies would be competitive with Internet links provided by cable and phone companies.

Intel, the world's largest chip maker, is pushing WiMAX, which would provide high speed data over areas as large as a small city, as a way to spread cheap yet ubiquitous wireless broadband access. Intel is hoping to replicate the success it had in popularizing the short-range wireless WiFi standard popular in airports and coffee shops.

Google yanks two political ads attacking Reps. Pelosi and DeLay

Michael Bazeley (Mercury News) writes in an article via Yahoo! News that:

A complaint this week by a conservative advocacy group over a political attack ad it tried to place on Google's Web site has again raised questions about the company's restrictive advertising policies and whether it can effectively police them., a conservative group based in Georgia, tried last week to place an ad on Google and its advertising network that was critical of California Congresswoman Nancy Pelosi, a Democrat. The ad was a direct response to one already running on Google attacking Republican Congressman Tom DeLay, the House majority leader.

Google nonetheless rejected the anti-Pelosi ad, saying it does not permit ad text that "advocates against an individual.''

Suit against Cisco names products, damages

Jim Duffy writes in NetworkWorld that:

A Miami Beach company suing Cisco for alleged patent infringement has named 110 products it claims infringe on its patents, worth damages totaling $8.8 billion.

ConnecTel, a developer of routing technology, sued Cisco last year, claiming Cisco is using without compensation a set of technologies that ConnecTel founder Allen Kaplan invented in the 1990s. ConnecTel filed its complaint on Tuesday in U.S. District Court for the Eastern District of Texas, in Marshall, Texas.

FTC Offers Security Tips to Mothers

Always nice to start the day with a bit of humor, even if it was meant in complete seriousness.

Dennis Fisher writes in eWeek that:

The Federal Trade Commission, perhaps having run out of things to do, suggested that Americans forgo giving jewelry and flowers on Mother's Day and instead give mothers an FTC e-card, which includes tips on safeguarding their personal data.

The FTC's e-card message is set to cloying piano music and starts with a Hallmark-esque poem thanking the recipient for teaching her kids to tie their shoes and be careful crossing the street.

But the clincher is the list of four tips at the end that advise mothers on keeping themselves from being victims of identity theft. The messages caution moms to safeguard their Social Security numbers, read bills and bank statements, check suspicious calls and e-mails, and report fraud to the FTC.

Friday, May 06, 2005

Industry Group Looks To Stem Cookie Deletion

Antone Gonsalves writes for TechWeb that:

An industry group hoping to reverse the trend toward cookie deletion by consumers plans to begin work next week on a plan to help improve the image of the technology used to track Web activity., a San Francisco group that advocates responsible use of cookies, hopes to form a taskforce that will decide a course of action for the volunteer organization, Cory Treffiletti, co-founder of the group and managing director of Carat Interactive, a San Francisco public relations firm, said.

New Baggage Scanning System Is Tested At Boston Airport

Via TechWeb:

The U.S. Transportation Security Administration (TSA) began testing a baggage monitoring system Friday at Boston's Logan International Airport. Developed by Analogic Corp., the Carry-On Baggage Real Time Assessment (COBRA) system scans baggage in real time searching for explosives, guns and knives.

The monitoring system delivers 3-D color images of the interior of luggage and is an improved follow-on technology of Analogic's Exact scanners which have been used in airports for several years. Sophisticated algorithms can pick out embargoed cargo, the company maintains.

If the scanning system passes its test period, the TSA plans to approve the system for widespread usage.

Bloggers Learning Tools of Reporting

Gary Tanner (Associated Press) writes:

Bloggers — those Internet-based writers without rules — are fighting back against criticism that their work is unreliable, libelous or just poorly written.

More than 300 of them were in Nashville Friday for a weekend conference heavy on training in techniques used by journalists in what bloggers term the mainstream media.

SBC confirms 'naked' DSL plans

Yesterday I mentioned that Marguerite Reardon passed along a rumor (via the C|Net Broadband Blog) that SBC CFO Rich Lindner supposedly told analysts at a conference that SBC was planning a limited trial for "Naked DSL" .... well, today it is confirmed:

SBC is going to get 'naked'. An SBC spokesman confirmed comments made by the company's chief financial officer at an investor conference this week that SBC is planning to trial 'naked' DSL. He said testing will begin this summer in select locations, and the service will be rolled out more widely later this year. A story will be posted on shortly that discusses 'naked' DSL in more depth.

Update: Here's the promised C|Net article, posted this afternoon.

FCC Rejects SBC's VoIP Bid

Roy Mark writes on that:

The Federal Communications Commission (FCC) said Thursday SBC is jumping the gun in its petition to exempt IP platforms from rules and regulations that apply to common carriers.

On a 4-0 vote, the FCC rejected SBC's request to free its broadband networks and services, such as Voice over IP, from the myriad regulations and government-mandated rates currently imposed on its legacy, copper-wire systems.

The FCC is currently reviewing all IP-based services and ruled that SBC's petition would require the agency to "prejudge important issues pending in broader rulemakings."

More E911 troubles for Vonage....

Om Malik writes on his Broadband Blog that:

First a death in Texas, and now another one in Florida, this e911 is going to become a hot button issue in the coming days, especially for Vonage, which has become the public face of the VoIP technology. This report says that a Volusia County, Florida couple is working hard to shut down Vonage, because they could not reach 911 service over their Vonage phone connection. As a result, the “Waller family says their three-month-old daughter stopped breathing recently and, when they called 9-1-1, they didn’t get a live operator, they got a recording.” The baby died soon after.

This will certainly fan the already raging flames into the issues surrounding E911/VoIP integration. Stay tuned....

Google Web Accelerator: Hey, not so fast - an alert for web app designers

Jason Fried writes over on the Signal vs. Noise Blog:

Google's web accelerator seems like a good thing for the public web, but it can wreak havok on web-apps and other things with admin-links built into the UI. How’s that?

The accelerator scours a page and prefetches the content behind each link. This gives the illusion of pages loading faster (since they’ve already been pre-loaded behind the scenes). Here’s the problem: Google is essentially clicking every link on the page — including links like “delete this” or “cancel that.” And to make matters worse, Google ignores the Javascript confirmations. So, if you have a “Are you sure you want to delete this?” Javascript confirmation behind that “delete” link, Google ignores it and performs the action anyway.

Computer Sciences Consortium Wins $58-Million FBI Contract

TechWeb reports that:

Computer Sciences Corp., a longtime major provider of IT services to the Federal Bureau of Investigation, announced Friday that with a number of partners, it will provide certification, accreditation, and information security services to the FBI under a new $58-million task order.

UK crackers jailed for piracy

Iain Thomson writes on that:

Four members of the software cracking group known as Drink Or Die have been sentenced to between 18 and 30 months in prison.

Two members of the group pleaded not guilty at the trial, arguing that they did not make any money out of their activities and had thus not committed a crime.

Members of the group were captured by the FBI as part of Operation Buccaneer, an organised campaign against software pirates.

US appeals court tosses FCC's broadcast flag rule

Reuters reports that:

A federal appeals court on Friday vacated a Federal Communications Commission a rule designed to limit people from sending copies of digital television programs over the Internet.

The U.S. Court of Appeals for the District of Columbia said the FCC had "exceeded the scope of its delegated authority" with the 2003 rule.

'Unscheduled downtime' floors

Euphemism n. - The act or an example of substituting a mild, indirect, or vague term for one considered harsh, blunt, or offensive: “Euphemisms such as ‘slumber room’... abound in the funeral business” (Jessica Mitford).

Tim Richardson reports in The Register that:

Email outfit appears to be up and running again after reportedly going AWOL since Tuesday.

One irate punter who hasn't been able to access his email for the last couple of days told us: "Do you guys happen to know WTF is going on with Their servers have been dead for nearly 48 hours, the domain doesn't even ping.

"I am so p#ssed off with them. I moved to Postmaster becuase my last webmail provider cut their service... and even paid Postmaster for gold membership after reading all the good-looking reviews in the hope (belief) that they were capable of providing a solid, long term solution."

Experts Say Business Network Attack May Be a Distraction

Scare tactics and conspiracy theories abound.

Erik Larkin (Medill News Service) writes in PCWorld that:

The recent Internet attacks that invaded business networks and installed a barrage of adware and spyware on vulnerable computers may have been a smoke screen put up by a new generation of sophisticated hackers out to make money rather than cause trouble, security analysts say.

Larkin goes on to say that:

[...] an IT person might remove all the obvious programs and think a system had been disinfected, only to leave behind the one program the attackers really meant to install. That sneaky piece of software could then join a "bot" network used to distribute spam, for instance, or it could get to work collecting personal information.


Hollywood calls BitTorrent Brits to US Court

In an exclusive, Tony Smith writes in The Register that:

The US movie industry has made good its promise to name Brits Kevin Reid and Ian Hawthorne in its legal action against the users of their website, which links to BitTorrent-hosted content.

Last month, Reid formally received a summons to appear before the US District Court of New Jersey, where MPAA members Paramount, Warner, Universal and 20th Century Fox are attempting to identify and therefore sue individuals they alleged shared their film and TV content without authorisation.

The site's owners claim they were told they might have to pay $150m in damages if they fail to settle. Settlement would cost them a mere $7m, they say.

ICANN: Europe annexes Caribbean islands

Kieren McCarthy writes in The Register that:

You often hear it said that the Internet is redrawing the map of the world, but little did any of us know that was a literal truth.

Because - at least according to Internet overseer ICANN - 20,000 square miles of Caribbean water and land has been lifted intact, transported 5000 miles east and deposited in the heart of Europe.

Yes, by the power of IP, the Cayman Islands, usually resting comfortably between the Mexican coast and Cuba, is officially part of Europe, and has been since 2003, despite what the atlases say.

How come? Look no further than the Country-code Names Supporting Organisation (ccNSO), one of eight constituencies that make up the policy-making element of ICANN, and which maintains country-specific top-level domains.

NASCIO goes to Washington over cybersecurity concerns

Dibya Sarkar (Federal Computer Week) writes on USA Today that:

Twenty-one state chief information officers met this week with congressional lawmakers and their staffs on Capitol Hill to discuss concerns over cybersecurity, data sharing, privacy, and health information exchange.

For the fourth consecutive year, members from the National Association of State Chief Information Officers are holding their midyear conference this week in Washington, D.C., to remind federal officials that the association can be a valuable resource on a range of issues. Tom Jarrett, Delaware's CIO, said his fellow state CIOs held 60 meetings with federal officials on May 4.

Spammers launch Tony Blair Trojan

Iain Thomson writes on that:

UK computer users are being warned of a malicious email purporting to be about Tony Blair.

The emails were spammed out last night with the subject line: 'BBC: Tony Blair email account hacked!'. If users click on the link a series of Trojan programs are downloaded that monitor key strokes and could allow a hacker to take remote control.

FCC rejects SBC petition on new Internet services

Reuters (posted here on Yahoo! News) reports that:

The U.S. Federal Communications Commission on Thursday denied a petition by SBC Communications Inc. that sought to exempt new Internet-based services from traditional telephone regulations.

The SBC petition would have shielded the company and its peers' new Internet networks from rules that are applied to traditional telephone networks, like providing competitors access to that infrastructure at wholesale prices.

Marconi cuts 800 jobs

Mark Tran writes in The Guardian that:

The telecoms equipment maker Marconi today announced the loss of 800 jobs one week after missing out on a major contract from BT, a key customer.

Marconi had signalled that jobs would go after it failed to win any work in connection with a £10bn overhaul of BT's network. But the redundancies were less than had been feared.

Thursday, May 05, 2005

ICANN Sticks Up for Trademark Holders

Larry Seltzer (eWeek, posted here on Yahoo! News) writes that:

Did you ever wonder what happens to those domains, like [BigCompanyname], that some guy registers to criticize BigCompany? Turns out there's a procedure for these things.

I've given ICANN (the Internet Corporation for Assigned Names and Numbers) a hard time in the past, but there are certainly positive aspects to its Uniform Domain-Name Dispute-Resolution Policy. Perhaps it wasn't designed for every problem involving domain names, but it deals effectively with the ones it's designed for.

U.S. Top Place For Identity Theft

Maria Santos (Wall Street & Technology) authors a report appearing on Security Pipeline:

The United States is the most prone to identify theft among developed countries, says a recent report by Boston, Mass.-based research firm, Aite Group. Identity theft occurs seven times more frequently in the U.S. than in other industrialized regions, like the United Kingdom. Additionally, in continental Western Europe and Japan, identity theft is a non-event.

Calif. violent video game bill passes committee

Via Reuters.

California lawmakers reconsidered and approved a bill in committee on Thursday that would ban the sale of violent video games to minors.

The California Assembly's arts committee passed the bill by Democratic Assembly Member Leland Yee on a 6-4 vote after taking it up for reconsideration.

A press release issued by Yee's office can be found here.

CME buys MCI's next-generation network services

Matt Hambien writes in NetworkWorld that:

The Chicago Mercantile Exchange (CME) has become one of the first customers for MCI's next-generation Ethernet services. MCI announced the customer win at the Interop show in Las Vegas.

The CME began turning on the new Ethernet services two weeks ago to expand its bandwidth to handle growth in its global electronic trading platform, CME Globex, said John Hart, director of network infrastructure at the futures exchange, in an interview at the show.

Covad Locks in SBC-AT&T

Colin C. Haley writes on that:

Covad Communications is now rooting for speedy approval of the SBC-AT&T combination.

The San Jose, Calif., DSL provider today announced that the carriers will continue to use Covad as a nationwide broadband partner when the merger becomes official next year.

Spyware firms targeting children

In addition to this story, it's worth mentioning that keeps a running clock of just how long it takes to compromise a(n) (unpatched) system (out-of-the-box), when it first gets connected to the Internet. I highly recommend participating in DShield (the more particpation, the better), so give the site a visit and cruise the various web pages they have there, especially the pages on how to particpate, and the daily incident handler's diary pages. - ferg

Bob Sullivan writes over on MSNBC that:

Earlier this year, researchers at Symantec Corp. wanted to see just how bad the spyware epidemic had become. So they took a brand new PC out of the box, connected it to the Internet without any standard protection software and browsed. An hour later, they dissected the machine.

BellSouth gives VoIP operators some 911 help

Ben Charny writes in C|Net News that:

BellSouth is opening up its 911 routers to all Net telephony operators and nearing a deal to give Vonage access to its emergency calling infrastructure, the Baby Bell said Thursday.

A day earlier, a spokesman for Verizon Communications, which also owns a significant portion of the 911 infrastructure, said it signed a pact with Vonage for the same kind of access.

Microsoft Patch Day: 1 Bulletin Expected

Ryan Naraine writes in eWeek that:

It's expected to be a relatively quiet patch day for IT security administrators managing Windows systems.

Microsoft Corp. on Thursday announced plans to release just one security bulletin on May 10 to provide a fix for flaws in the Windows operating system.

The solitary bulletin will carry a maximum severity rating of "important," the second-highest in its publicly available severity rating system.

India enters the networking market

Hey! Don't mess with Texas!

Michael Kanellos writes in C|Net News that:

Following in the footsteps of China's Huawei Technologies and ZTL, a couple of Indian companies are trying to get a foothold in the global market for networking gear.

Though most of its sales to date have been in its home country, Tejas Networks, which is based here and specializes in Ethernet-over-Sonet boxes, has started to sell equipment in North America. Rather than sell the gear under its own name, Tejas serves as an original equipment manufacturer, or OEM, for multinationals, which put their own brand name on the products.

'Pope-mobile' sells for almost $250 million on EBay Germany

An AFP article posted on Yahoo! News reports that:

Pope Benedict XVI's former car has sold for nearly a quarter of a million dollars after an Internet auction that saw bids rocket in the space of a few hours, organisers said.

The highest winning offer for the 1999 model metallic grey Volkswagen Golf when bidding closed was just under 189,000 euros (244,000 dollars).

SBC promises to get 'naked'

Living here in Austin, smack dab in the middle of "SBC-land" (and, admittedly, also an SBC residential DSL subscriber), this turn of events will be nice -- if and when it happens.

Marguerite Reardon writes in the C|Net Broadband Blog that:

SBC Communications is going to start testing 'naked' DSL, according to Dave Burstein in his latest newsletter. CFO Rich Lindner supposedly told analysts at a conference that he "expects [SBC] will do trials of naked DSL, especially bundled with wireless."

SBC hasn't yet confirmed these comments. And the company isn't saying yet when testing is likley to begin or when the service might eventually be available.

Hackers figure out file extraction from Sony UMD

This is so great. I mean, the hack, of course.

Reuters reports that:

Software developers have figured out how to extract files from the Universal Media Discs used in Sony Corp.'s new PlayStation Portable handheld video game device, though there is no way to play the games extracted from those discs.

Some details of the exploit were posted Wednesday night on the Web site, along with lists showing all the files pulled off the game discs for "Ridge Racers," "Wipeout Pure" and "Vampire Chronicles."

The games are not yet playable because there is no way to burn UMDs from scratch, and the PSP does not accommodate larger discs. However, the site said the ability to look through the games' file structures could still be instructive for developers.

CERT Signs Up For Symantec's Threat Network Data

Personally, I would have recommended DShield or my|NetWatchman, but whatever.

Gregg Keiser writes in a TechWeb News article that:

Symantec on Wednesday added the Department of Homeland Security's US-CERT -- the U.S. Computer Emergency Readiness Team -- to its customer list for its DeepSight threat alert and management system.

Homeland's Information Analysis and Infrastructure Protection Directorate (IAIP) inked the deal with Symantec to add the Cupertino, Calif.-based company's data -- acquired in large part from its global network of some 20,000 sensors deployed in 180 countries -- to the information already collected and analyzed by the federal agency, which is tasked with the chore of improving computer security preparedness and responding to cyber attacks in the U. S.

Impoverished Ethiopia launches broadband internet service

Figure this one out. You'd think that something like, um, say... food, would be a tad more important that a fast Internet connection. Or maybe I'm wrong...

An AFP article on Yahoo! News reports that:

Impoverished Ethiopia launched the first phase of an ambitious three-year plan to wire the entire country for Internet access with the inauguration of broadband service in the capital.

While not cheap and available only to about 100,000 people in Addis Ababa, officials said they hoped to soon reduce fees and expand the service as part of the project to harness information communication technology to fight the crushing poverty that afflicts most of its population of 70 million.

Nation's First Voice over WiFi launched in New Mexico

Via TechWeb News:

A wireless network company and a telephone company have teamed up to provide what they claim is the nation's first metropolitan-wide VoIP over Wi-Fi service. The service was launched Thursday in Rio Rancho, New Mexico.

Ecuity Inc., a telephone company that has long provided traditional landline service, is providing the VoIP expertise while Azulstar Networks is deploying city-wide Wi-Fi service to Rio Rancho's 64,000 residents. The service has been set at $29.95 a line for unlimited calling in North America.

EMI signs music fingerprint deal

The BBC reports that:

Napster creator Shawn Fanning has made a deal with music giant EMI for use of his Snocap music tracking system.

Snocap allows internet users to trade music legitimately over peer-to-peer networks as every song is given a unique fingerprint.

Early file-sharing system Napster was shut down in 2001 after US judges said it was breaking copyright law but it has re-launched as a legal service.

Real ID Act also links Canada, Mexico databases: how innovative!

Revelations on the Real ID Act over on Declan McCullagh's Politech blog. Check it out....

Qualcomm says chipsets will support Linux

Hey! Check this out! There's a report over on EETimes that says that:

Qualcomm Inc. announced Thursday (May 5) it would support the Linux operating system on its Mobile Station Modem MSM6550 chipsets.

Qualcomm (San Diego, Calif.), expects the initiative to give handset makers additional design and development efficiencies for 3G smartphones and other mobile handsets. The chipsets' integrated Linux support eliminates the need for a separate co-processor and lowers design costs and complexity compared to multiple-chip implementations now required for a third-party operating system.

Which reminds me of that groovy little "Switch to Linux" video which I mentioned a couple of days ago!

MCI investors urge new Qwest bid

Holy mother... will it ever end? This is, like, "The M&A Saga That Wouldn't Die."

A Bloomberg News Service article on the International Herald Tribune reports that:

Qwest Communications International is being urged by some of MCI's largest shareholders to revive its $9.75 billion takeover offer for MCI.

Fairholme Capital Management and Elliott Associates said Qwest's chief executive, Richard Notebaert, should revive the pursuit. Qwest abandoned its campaign this week after MCI for the third time endorsed a lower bid from Verizon Communications, the largest U.S. telephone company.

Government Set To Issue 20,000 New H-1B Visas

Eric Chabrow writes in InformationWeek that:

There is a catch: To qualify for the additional H-1B visas, immigrant workers must hold a graduate degree from a U.S. institution.

A new law designed to ease the H-1B visa cap will allow an extra 20,000 foreign workers into the United States this year, provided they hold a master's degree or higher from an American institution, according to new regulations forwarded by the U.S. Citizenship and Immigration Services on Wednesday to the Federal Register, the official daily publication for rules and notices of federal agencies.

SBC Taps Amdocs For IP Services Billing

Colin C. Haley reports on that:

SBC said it is a step closer toward the widespread rollout of Internet Protocol services over fiber-optic cable.

The San Antonio, Texas, telecom today announced that it will use Amdocs software for ordering, billing and customer relationship management for its fiber-delivered IP services.

SBC described the contract, which also includes consulting and systems integration services, as a multi-year, multi-million-dollar deal.

Seattle Space Needle To Become WiMax Antenna

An interesting tidbit found over on /.

Posted by Zonk on Thursday May 05, @10:48AM
from the your-landmarks-at-work dept.
Technofusion writes "Seattle, Washington has found a new use for their aging Space Needle. Three companies have teamed up to turn the Space Needle into a giant WiMAX antenna. Bruce Chatterley, CEO of Speakeasy, announced it will be the biggest deployment of it's kind in North America with six towers, one placed on the Space Needle and five others around the city , beaming a signal over a 5 square mile area. Don't put away those 802.11b/g cards just yet, as WiMAX is projected to cost $500 a month for 1.5Mb service."

Om Malik: The Real Truth about VoIP Sales

Om Malik provides some real figures on the hype around VoIP sales:

VoIP service revenues will grow from $1.3 billion in 2004 to $19.9 billion in 2009, Infonetics Research’s latest report, VoIP Services annual market size and forecast for North America. That’s less than 1% of the total Voice revenues in the US. So much for getting excited about VoIP in 2004. Now a few weeks ago, we had a report that said there are 1100 VoIP service providers world wide, of which about 500 are in the US. That means each one of those is doing about $2 million in sales. That’s normalized for the entire group. Back out the top three - Vonage, Cablevision and Time Warner, and factor in that of the total half of it came from Managed IP PBX services, well the residential market was much smaller than many though it was. In other words, all the other pretenders in the VoIP races, well they’re doing bupkiss in sales.

1&1 Targets UK Businesses with Free Hosting, Domain

Netcraft reports that:

1&1 Internet is offering six months free web hosting and a free domain name to any UK small business who signs up before June 30. The huge German host launched a similar promotion in its American subsidiary in January, following on a 2003 offer of three years of free hosting. The freebies have played a role in the rapid growth of 1&1's U.S. operation, which now houses 490,000 hostnames, making it the 16th largest American host.

FCC boss proposes 911 for Internet phones -sources

Via Reuters.

U.S. Federal Communications Commission Chairman Kevin Martin has proposed requiring Internet-based telephone services to offer 911 emergency services to customers by as early as the end of September, people familiar with the plan said on Wednesday.

New Google Software Attempts to 'Speed Up Your Web Browsing Experience'

Gary Price writes over on the SearchEngineWatch (SEW) blog that:

As I compose this post, a recent issue of Fortune magazine with Bill Gates on the cover is sitting next to my computer. Fred Voglestein's cover story says, "the darling of search is moving into software—and that's Microsoft's turf."

Let the turf war continue.

Google Labs has just released (beta), web accelerator software thats designed to speed up your online experience and make your surfing faster and more efficient. I'm sure it will also fuel plenty of additional speculation about Google's play in the OS and browser arenas.

If you're wondering, all of the technology was developed by Google.

Google Web Accelerator (GWA) is client software along with a plug-in (about 1.4MB) that's installed on your computer. It's only available for Windows (Win XP or Win 2000 SP3+) and works with Internet Explorer or Firefox. According to Google's Marissa Mayer, this is the first product that she knows of that's built and optimized for broadband web users. She added that dial-up users are also welcome to use the software.

IBM to cut 10,000 to 13,000 jobs, mostly overseas

Michelle Kessler writes in USA Today that:

IBM said on Wednesday that it plans to cut from 10,000 to 13,000 jobs, mostly in Europe, reducing its workforce by about 4%.

The cuts weren't a total surprise. IBM has been hinting at layoffs since April 14, when it reported disappointing quarterly earnings. CEO Sam Palmisano had blamed the shortfall in part on slow sales in France, Germany and Italy. IBM has about 100,000 workers in Europe and 319,000 worldwide.

Wednesday, May 04, 2005

Execs Testify In Favor Of National Data Security Law

Steve Martin writes in InformationWeek that:

Executives from companies stung by losses or theft of customer information vowed Wednesday to do more to safeguard sensitive information, and backed a federal law to require disclosure if customer data is compromised.

In prepared testimony for a hearing by the House Committee on Financial Services, executives from Bank of America, ChoicePoint, and LexisNexis supported legislation patterned after California's law requiring companies to notify customers about security breaches.

Road Warrior at Risk: The Dangers of Ad-Hoc Wireless Networking

Darren W. Miller writes over on CircleID that:

Most people who have wireless Ethernet at home, or the office, connect to the wireless network by attaching to a wireless Access Point, or AP. This method of wireless networking is called "Infrastructure Mode". If you have a secure wireless network configured in "Infrastructure Mode" you are using MAC address filtering, some level of encryption, and have made some additional changes to your AP in order to prevent just anyone from using it or capturing data.

However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of.

Internet Cuts Need for Bike Messengers

I never really thought about it, but it makes sense, and I can certainly see it. Anyone who has worked within the downtown areas of any major metropolitan city has come to accept the sight (and dangers of getting in their path) of bicycle messengers.

David Sharp writes, in an AP article posted on Yahoo! News, that:

Around the country, high-speed Internet, which allows larger documents to be e-mailed quickly, is beating cyclists in the race for fast and cheap delivery of urgently needed material.

Taking on an Online Extortionist

A very interesting post, shamelessly clipped from /.

Please go there to link to the CSO article. (Thanks! - ferg)

An anonymous reader writes "When an online exortionist comes a knocking, threatining a DDoS, do you pay or fight? For many, paying may seem like a sensible option when compared to going out of buisness. CSO Magazine has a riveting article about how an online gambling site and a DDoS specialist teamed up to take on such an extortionist. When everybody else was rolling over and paying, this company risked its very existence to fight back. From the article: '"The attack went to 1.5Gb, with bursts up to 3Gb. It wasn't targeted at one thing. It was going to routers, DNS servers, mail servers, websites. It was like a battlefield, where there's an explosion over here, then over there, then it's quiet, then another explosion somewhere else," says Lyon. "They threw everything they had at us. I was just in shock."'"

UK computer scientists build sign language avatar

Now for something completely different (and useful!).... I just went to check this out and it's very cool stuff.

Lucy Sherriff writes over on The Regsiter that:

Computer scientists at the University of East Anglia (UEA) have joined forces with animation specialists at Televirtual, and the Royal National Institute for Deaf People (RNID) to create a signing avatar capable of translating written web pages into British sign language.

BlackBerry goes to Russia

Dinesh C. Sharma writes on C|Net News that:

BlackBerry wireless services will be available to subscribers of Mobile Telesystems, a Russian mobile carrier, Research In Motion announced Wednesday. Subscribers will be able to access the Internet and send e-mails and text messages, the company said.

AT&T settles suit with @Home bondholders

Chris O'Brien of the Mercury News writes (posted here on Yahoo! News) that:

The bankruptcy of high-speed Internet provider At Home was one the biggest collapses of the dot-com boom. Now it has resulted in one of the largest legal settlements to emerge from the bubble era to date.

On Tuesday, AT&T announced that it had agreed to a $400 million settlement to end a lawsuit filed by At Home bondholders. The bondholders claimed that AT&T had used its role on At Home's board to steal trade secrets and hasten the demise of the broadband company.

UK Parliament IT security plan

Sarah Arnott writes on that:

THE Palace of Westminster is looking for suppliers to improve IT security at the Houses of Parliament.

Plans include installation of improved security software on the Palace network and external testing by a separate contractor to prove the infrastructure is not vulnerable to attack.

'Personal supercomputer' goes on sale

Will Knight writes in NewScientist that:

A personal computer that packs the processing punch of a miniature supercomputer has gone on sale in the US.

The DC-96 computer was developed by Orion Multisystems in California, US, and is aimed at scientists and engineers who routinely carry out computationally intensive calculations.

About the size of small refrigerator, the DC-96 contains a "cluster" of 96 interconnected low-voltage microprocessors, each of which is capable of running at 1.2 Gigahertz, or 1.2 billion cycles per second.

New Postage Stamps Honor Four Scientists

I would probably not have bothered posting this snippet, but John von Neumann is among the scientific minds being honored with a new U.S. 37 cent postage stamp.

An AP newswire article on ABC News reveals that:

The post office turned its attention to science Wednesday, issuing four new stamps honoring pioneering American scientists.

"These are some of the greatest scientists of our time; their pioneering discoveries still influence our lives today," John F. Walsh, a member of the U.S. Postal Service's board of governors, said in a statement.

The commemorative stamps go on sale tomorrow. The scientists being honored: Josiah Willard Gibbs, Barbara McClintock, Richard P. Feynman, and John von Neumann.

A slick move by the U. S. Postal Service -- an effort to lure geek types, who normally use electronic communications, to use snail mail. Tricky!

European Politicians Want To Force Regulators To Monitor Internet Video Content

Blatantly clipped from

Contributed by Mike on Wednesday, May 4th, 2005 @ 02:42AM
from the yeah,-that'll-go-far dept.

There they go again. A bunch of politicians who think they're doing something good are working hard to basically make it impossible for the internet to be used properly. European politicians are evaluating a plan that would force regulators to monitor all broadcast-style video sent over the internet or various 3G wireless networks. This would, of course, be a huge, expensive and basically impossible undertaking. Meanwhile, it also seems to view online video only as the realm of professional broadcasters, rather than admitting that the next generation of video content is going to have a huge amateur-produced contingent -- though, that won't happen if all posted videos first need to be checked out by regulators. It's yet another situation where people seem to assume that content online is all professionally produced.

Thanks, guys -- that'll, like, not work....

Aussie scientists create unbreakable diamond code

Reuters reports that:

Australian scientists believe they have developed an unbreakable information code to stop hackers, using a diamond, a kitchen microwave oven and an optical fibre.

Researchers at Melbourne University used the microwave to "fuse" a tiny diamond, just 1/1000th of a millimeter, onto an optical fibre, which could be used to create a single photon beam of light which they say cannot be hacked.

Operator says Afghan mobile market getting crowded

Robert Birsel writes for Reuters that:

Afghanistan's telephone market is going to get very crowded when the government issues two more GSM mobile licenses, one of the country's two operators said on Wednesday.

The Telecommunications Ministry invited bids last week for two new GSM licenses, saying it wanted to attract competition and develop the country's telecommunications. The new operators are expected to launch services by early next year.

Lawmaker Rips RFID Passport Plans

Cool -- this fits in with my whole "RFID Kills!" motif for the day.

Kim Zetter writes in Wired News that:

A key U.S. congressman who led post-Sept. 11 passport reforms told European diplomats last week that there was no need for European countries to put RFID chips in their passports and that Congress never required them to do so.

Rep. James Sensenbrenner (R-Wisconsin), chairman of the House Judiciary Committee, expressed dismay that EU countries were planning to employ a technology that was still unproven for use in travel documents that would add costs and delays to rolling out new, more secure passports.

Cisco slammed for RFID staff tracker

Iain Thomson writes in that:

Cisco has come under fire from privacy groups as it prepares to launch a wireless RFID server that can track people and equipment using existing Wi-Fi networks.

The Wireless Location Appliance 2700 is designed to track RFID tags down to a few metres and display the location on a central map.

Alarms can be raised if the tag moves out of a predefined area, allowing companies to track equipment and, more controversially, personnel.

Oh, yeah, and don't forget.... RFID Kills!

Ericsson axes 250 US jobs

Tim Richardson reports in the The Register that:

Ericsson is to axe 250 jobs in the US, the Swedish telecoms equipment giant announced today.

The jobs are to disappear over the next six-nine months at its Mobile Systems CDMA (Code Division Multiple Access) unit. The division's HQ in San Diego, California will then close.

Apple issues monster security patch

Matthew Broersma writes in TechWorld that:

Apple Computer has released its second major security update in as many weeks, fixing 20 bugs in the "Jaguar" version of the Mac OS X operating system. The most serious of the flaws could allow remote attacks, Apple said.

This week's patch is designed for desktop and server versions of OS X 10.3.9, an update released in mid-April as Apple geared up for the launch of OS X 10.4, nicknamed Tiger. Software vendors often patch a large number of bugs in new software releases, then issue a patch fixing the same bugs in older versions of the product.

Dishnet aims for India-wide WiFi coverage in 2 yrs

Reuters reports that:

India's Dishnet Wireless Ltd. said on Wednesday it aims to dominate the nascent WiFi mobile Internet market by rolling out nationwide service in two years.

Dishnet will use WiMax base stations to link WiFi "hotspots," where properly equipped devices like laptops can download data wirelessly at up to 512 kilobits/second. It aims to be India's largest WiFi provider, with 6,000 hotspots in 38 Indian cities.

Vonage’s $10-Million 911 Plan

Red Herring reports that:

Vonage will spend $10 million to start providing 911-style services for its customers, partly by using Verizon’s infrastructure to connect callers with emergency dispatchers, the VoIP provider announced Wednesday.

The investment is Vonage’s first substantial attempt to close the company’s emergency calling gap. The cash is a relatively low price to address a shortcoming that has become a publicity nightmare for the company, which has spent tens of millions of dollars to market VoIP service.

Interland, Rackspace and Hostway Share Most Reliable Hosting Company Site during April

Via Netcraft:

Interland, Rackspace and Hostway share the top slot as as the most reliable hosting companies site this month, followed by New York Internet and Hurricane Electric. Rackspace was also the top performer in February and in March, but this is the first time that Interland and Hostway have managed to reach this spot. The three co-leaders are leading players in the U.S. business hosting market, with each hosting more than 500,000 hostnames.

Wireless developers plan to meld Bluetooth

An AP newswire article on MSNBC reports that:

Wireless developers plan to work together to meld Bluetooth, the short-range technology that links cell phones and cordless headsets, with an emerging technology designed to beam video and other large content short distances between TVs, home entertainment systems and computers.

The plan, announced Wednesday, comes at a crucial time for Bluetooth. After years of hype, the technology is finally becoming a mainstream feature on mobile devices, only to be met with predictions it may soon be supplanted by other technologies and disappear.

Here is the official Bluetooth press announcement.

Free security scan raises questions

Dan Ilet writes on C|Net News that:

Security vendor Qualys is offering a free scanning service for the 20 most serious vulnerabilities recognized by SANS, a global nonprofit security training organization.

SANS members from within government and business found more than 600 vulnerabilities within their networks in the first quarter of 2005. The 20 vulnerabilities Qualys will look for were chosen to help companies close the most critical holes in their networks.

However, ZDNet UK has found that the service also lets users carry out vulnerability scans on other people's computers. Though Qualys said it has put a number of preventative measures in place to stop this, it hinted that this was possible.

Spying on the spyware makers

Declan McCullagh writes on C|Net that:

Ben Edelman may be spyware's most dangerous enemy.

The 25-year-old researcher has spent years analyzing how spyware and adware programs work and publicizing his findings. That often results in red faces and, occasionally, lawsuit threats from companies like WhenU and Claria, formerly known as Gator.

AIM Update Adds Bundled AOL Browser

David Worthington over on BetaNews writes that:

Before it migrates to the next generation of AOL Instant Messenger, AOL has said that it will issue a minor update to AIM 5.9. But BetaNews has learned that the software will be much more than a maintenance release, bundling a full installation of the AOL Browser along with AOL's SpyZapper anti-spyware tool.

Tuesday, May 03, 2005

IP will eat everything

Elena Malykhina writes in InformationWeek that:

During his Interop 2005 conference keynote address Tuesday afternoon, AT&T's Hossein Eslambolchi delivered a Letterman-esque list of his predictions for all things involving networks. Eslambolchi is AT&T's president of global networking technology services, chief technology officer, and CIO.

1. "IP will eat everything," meaning all systems and networks will eventually use Internet-based protocols.

2. "Security is critical." A lot of businesses have "dumb" networks and don't take security seriously, Eslambolchi said. But intelligent networks have to be created, otherwise "we are going to have a problem of biblical proportions in global communications," he said.

Read the remainder of the article here.

Botnets Used to Host DNS for Phishing

From today's Internet Storm Center's Handlers Diary, Lenny Zeltser writes:

A recent post to the Dailydave mailing list, titled Distributed Phishing, described an incident similar to the report we received yesterday. The report outlined a large organization's battle against a botnet that implemented a phishing attack against the organization's customers. The trend to use bots for hosting phishing websites on compromised systems is not new, and was documented in the Register article titled Phishers Tapping Botnets to Automate Attacks. Using bots in this manner makes it difficult to shut down the malicious site, because the attacker can quickly modify the domain record to point to another compromised system. One way to defend against such attacks is to work with the company hosting the DNS server that resolves the malicious domain name to remove or modify the offending records.

Read more here.

Linux: Crush those that oppose us...

If this isn't one of the coolest videos I've seen in a while.....

.... and the "r0X0r lifestyle."

Check it out! - ferg

Connecticut announces lawsuit against Vonage

An AP newswire story on reveals that:

State Attorney General Richard Blumenthal on Tuesday announced he'll sue an Internet telephone company, accusing it of misrepresenting its ability to connect callers to local 911 emergency dispatchers.

Blumenthal, with Edwin R. Rodriguez, commissioner of the Department of Consumer Protection, said Vonage Holdings Corp. violated the Connecticut Unfair Trade Practices Act. The lawsuit is to be filed in Hartford Superior Court.

As Mike over on points out, however, this is appearing to become an issue of more states simply taking out their "lack of taxation frustration" on Vonage's 911 service.

Marketers Shift Ad Spending To Online

Antone Gonsalves writes on TechWeb that:

Nearly half of U.S. marketers plan to spend less this year on newspapers, magazines, direct mail and other traditional advertising channels, so they can spend more online, a study released Tuesday showed.

The cause for the shift is the change in consumer behavior, according to Forrester Research Inc., which published the study, "U.S. Online Marketing Forecast: 2005 to 2010." An increasing number of consumers are using the Web to get news, sports and entertainment reports and to buy products and services.

Privacy Experts Scoff at Government's Plans to Secure E-Passports

Lisa Vaas writes in eWeek that:

Security experts and civil libertarians reacted with skepticism to the government's recent decision to reconsider data protection measures for new RFID passports.

The "e-passports," as they've been nicknamed, were originally slated for spring release in the Los Angeles Passport Agency but are now planned for issuance in August beginning with diplomatic passports, according to a spokeswoman for the Bureau of Consular Affairs.

Remember: RFID kills!

FCC Approves Sale Of Tyco Network To India's Tata Unit

W. David Gardner writes on TechWeb that:

India's largest provider of international telecommunications and Internet services said Tuesday that the Federal Communications Commission had approved its purchase of Tyco International Ltd.'s global fiber-optic cable network unit.

Videsh Sanchar Nigam Limited (VSNL) said it gained the final U.S. regulatory approval for the transfer of the Tyco Global Network (TGN) licenses to VSNL. The chief stockholder in VSNL is India's Tata Group, also that country's largest offshore outsourcing company.

Motorola In Field Trials Of Wi-Fi/Cell Handoff Technology

The folks over at Mobile Pipeline reveal that:

Motorola said Tuesday that it has started field trials of its Unlicensed Mobile Access (UMA) technology that it claims will provide seamless handoffs between cellular and Wi-Fi networks.

The trials are being conducted in conjunction with seven European wireless operators, Motorola said in a statement.

New computer virus spread via promise of football World Cup 2006 tickets

An AFP newswire, posted on Yahoo! News, story reveals that:

Internet security firms have issued a high-level alert to computer users about the spread of the "Worms-Sober.S" virus, which makes recipients believe they have won tickets to the 2006 football World Cup.

Update: The fine folks over at F-Secure provided some additional 411 on this one, including a sample message that in German, and a link to the FIFA warning of infected e-mails disguised as offers of World Cup tickets which might bear the virus.

How a Security Specialist Fell Victim to Attack

Darren W. Miller is the author of an article over on CircleID that reveals what evil lurks in the URLs one types. An excerpt:

These days, I write several pages for our site plus two to three articles per week. The first places these articles are posted are Defending The Net and CastleCops. Several days later, I post these articles on other submission sites. This is standard operating procedure in the world of article submissions.

For the most part, articles are re-published without you even knowing. You typically find out when someone visits your site from another where the article has been posted. Other times, the site that plans on posting the article e-mails you and asks you to review it before it goes live. Two weeks ago, I received one of these e-mails. It was all downhill from there.