The weekly newsletter for Fed2 by ibgames

EARTHDATE: October 15, 2006

Official News - page 11

WINDING DOWN

An idiosyncratic look at, and comment on, the week's net and technology news
by Alan Lenton

Well the news kept coming in this week. Lots of security stuff - I've put it into a round up to save scattering it around the other pieces - and I resisted the temptation to nag you all about keeping your software up to date. :)

The weather here is weird - it's hotter at the moment than it was for most of August, which is normally the hottest month. It's supposed to start being cold in October - not to mention miserably damp. I wonder if I could sue this guy El Nino that the scientists keep going on about.

Event of the week was Google's acquisition of the loss-making YouTube. The nay-sayers pointed out the parallels with the dotcom boom/bust, and yea-sayers gushed on about new social networking models. Yawn. Heard it all before. I've no idea if it will work or not, but I do know that if anyone -can- make it work, then it's Google. They'll probably put their chef in charge of it...


Roundup: Security

This week saw the delivery of Microsoft's October security patches, as well as the annual Virus Bulletin Conference, which was in Montreal.

The security patches included three for vulnerabilities that the baddies were already exploiting, plus another three deemed to be 'critical', Microsoft's highest threat rating. (Actually, that's not strictly true. Microsoft's highest threat rating is for things that affect its profits - like hackers breaking its DRM system - which it deals with immediately.) Apart from that there were four further patches for problems considered less serious.

Probably the most interesting feature, which is also a trend showing up in vulnerabilities for other operating systems, is that the bad guys are now starting to exploit problems with applications, rather than the operating systems themselves. That's probably not surprising, Windows XP has now been around for over four years, and Windows 2000 is six years old.

Here's a prediction - the number of operating system security problems will climb rapidly next year, with the release of Windows Vista. Of course, Vista already holds one record on the security front - it is the only operating system to have a security patch issued before the product launched!

The Tuesday release of the patches (known in the trade as 'Patch Tuesday') was not without its own drama as users struggles with problems caused by Microsoft's Windows Update delivery system. Many ended up going to Microsoft's web site directly to get the patches, rather than leave it to the automatic system. The report card for this month? 'Could do better'.

Meanwhile in Montreal, members of the anti-virus community were discussing trends in the industry and Microsoft's belated entry into the world it has created with its security sloppiness.

The nature of attacks is changing considerably, the conference noted. While some attacks are still aimed at destroying data on computers, most are more concerned with stealthy take-overs to create networks of compromised computers for criminal and semi-legal activities like sending out spam and storing porn.

The sheer scale of the malicious attacks is staggering. Message Labs, for instance, pull about three million pieces of malicious software out of e-mail messages every day. 2006 is already a record year for security flaws being discovered, and we are only three quarters of the way through it. Last year there were 5,195 security bugs found, this year the total already stands at 5,450, with a projected full year total of 7,500. Not a nice thought!

The really worrying thing is that the identity of the attackers remains unknown. It could be multiple gangs in different parts of the world, a single organisation, anti-social individuals, intelligence agencies, no one knows. The same goes for the motivation of those involved. Testing new attacks, corporate intelligence (think HP), military intelligence, anti-social behaviour? It could be all, some or none of these, which makes it really difficult to root out.

Coda: Even telling people their computers are compromised is proving to be a problem. Following a raid in the US, the UK police were given details of data stolen by a virus from 2,300 UK-based computers. The police have been trying, without much success, to notify the owners of the computers. It seems the e-mails sent to the computers by the police are being treated as spam mail by the owners who just junk them instead of calling the police phone number provided!

http://ct.techrepublic.com.com/clicks?t=14004181-18a32f6148453f76b7d88f6b914d69a0-bf&s=5&fs=0
http://www.theregister.co.uk/2006/10/11/days_of_the_week/
http://ct.techrepublic.com.com/clicks?t=14331022-18a32f6148453f76b7d88f6b914d69a0-bf&s=5&fs=0
http://www.theregister.co.uk/2006/10/11/october_patch_tuesday/
http://news.bbc.co.uk/go/click/rss/1.0/-/1/hi/technology/6038670.stm
http://www.theregister.co.uk/2006/10/09/av_market_analysis/
http://www.physorg.com/news79727778.html


Shorts:

An interesting 'milestone' was reportedly passed in Europe earlier this month. It was reported that the Internet has overtaken newspapers and magazines as the main source of news and feature information.

The report, from Jupiter Research, indicates that Europeans spend an average of four hours a week online, compared with only three hours reading newspapers and magazines. Three years ago they were only spending two hours a week online.

The report seems quite definite, but I used the word 'reportedly' deliberately. The research seems to have the unspoken assumption that people only read news and feature material when they go online. I'm not convinced. I think they do many other things not related to news - they play games, read e-mail, download material not available through newspapers, chat to friends, upload their own pictures and videos, and even, in some cases, (gasp) surf the Net!

What I think the report tells us is that people spend more time online that they do reading newspapers and magazines, which is interesting in its own right. Oh, and by the way, for comparison, people in Europe spend, on average, 12 hours a week watching television - three times as long as they spend online - so the net still has a long way to go to become the dominant media.

http://www.physorg.com/news79615525.html

There was an interesting pointer for the future at the Mipcom conference recently. Anne Sweeney, co-chair of Disney, recognised 'piracy' as a business model to compete with, as opposed to just an illegal threat to be fought.

"We understand now that piracy is a business model," said Ms Sweeney, "It exists to serve a need in the market for consumers who want TV content on demand. Pirates compete the same way we do - through quality, price and availability. We don't like the model but we realise it's competitive enough to make it a major competitor going forward."

I can see one of two things happening here. Either Disney will make a clean sweep of the market, as the first organisation to deal in realities rather than fantasies, or Ms Sweeney will soon be retiring to spend more time with her family. I rather hope it's going to be the former, not the latter, but only time will tell. In the mean time I'm keeping my fingers crossed that what we have here is a return to common sense by sections of the film industry.

http://www.netribution.co.uk/2/content/view/972/182/

There's an important court battle going on in the US, the outcome of which may well set an important precedent in the patent field. At the moment you cannot challenge a patent if you hold a licence to use that patent. This is because the law treats the licence as the settlement of any dispute between two companies.

This is being challenged in the Supreme Court by a company called MedImmune, which holds a licence from Genentech. MedImmune believes that the Genentech patent should not have been issued and is arguing that it should have the right to challenge the patent. It can't give up the licence, because that would destroy its business and it would have no funds to challenge the licence. A classic Catch 22 situation.

And when you think about it, who better to be able to challenge a bad patent than a licensee who is using the technology? As regular readers will know, I'm not exactly enamoured of the patent system, but even within its own framework, the current practice is bizarre. Let's hope MedImmune win their battle on this one.

http://www.theregister.co.uk/2006/10/09/medimmune_patent_challenge/

And now... My nomination for the most futile endeavour of the year!

The European Committee for Standardisation (CEN) and Information Society Standardization System (ISSS) are holding a meeting to 'explore' standards requirements for spam filtering tools!

I'm sure the participants feel that this is a very worthy endeavour (worthy of what is a matter for some debate), but it seems to me that they have missed out something important in their call for participation in this meeting. They don't just need a filtering standard. For it to work they need a standard for spam e-mail so it can be properly filtered!

I have little doubt that the international spam community will be delighted to assist CEN/ISSS in their endeavours, and in the mean time I'm looking for a suitable category to nominate them for an IgNobel award in the coming year.

http://www.cenorm.be/cenorm/businessdomains/businessdomains/isss/internet_filtering.asp


Homework:

This is for the programmers and techies amongst my readers. I was searching for some information for a UML Sequence Diagram, when I came on a piece entitled 'Death by UML Fever', written by Alex E Bell of Boeing, publish in the ACM online 'Queue' magazine. It's very amusing, and really sharp. Some of you may have already discovered it, it's two years old, but if you haven't, you need to read it. It's very funny. I'm sure you will recognise the symptoms in your own work places...

http://www.acmqueue.com/modules.php?name=Content&pa=showpage&pid=130


Geek Toys:

You can't buy this yet, but Prof Alan Epstein at MIT has come up with a way of powering laptops using a miniature butane burning jet engine. His team are currently involved in building a prototype by bonding a bunch of shaped silicon wafers together. I think the team should talk to Sony and Dell, who are the leading industry experts at powering laptops with flames! "Dell, this is Houston - we have lift off!"

http://blog.scifi.com/tech/archives/2006/10/08/tiny_jet_engine.html

Something you can buy now, though, is a wallet specially designed for geeks (especially aging ones). It's a US style three panel wallet designed to look like the old two tone dot matrix printer paper - it even has the sprocket holes. And the killer is that printed on the outside is the first 3,000 digits of pi - cool, very cool - and at only $25, you will even have some money left to put in it!

http://www.reghardware.co.uk/2006/10/10/dynomighty_dot-matrix_wallet/

And, finally, for those of you whose home computers have seriously large storage requirements, Seagate are offering a new tera-byte level of external hard drive. Its Maxtor One Touch III Turbo Edition is now available in 1TB and 1.5TB sizes.

The really neat thing about it is that the drive box contains two physical drives which you can either use normally to get the full capacity, or configure as RAID 1 to duplicate the contents of one drive on the other. The only problem I can see is that, judging from the picture in the report I read, the drives aren't hot-swappable. Still, I guess you can't have everything. The 1TB model will set you back US$550, and the 1.5TB model costs US$800.

http://www.reghardware.co.uk/2006/10/12/seagate_ups_maxtor_capacities/


Scanner: Other stories

Google to subpoena Yahoo! and Microsoft in library battle
http://www.theregister.co.uk/2006/10/06/google_yahoo_microsoft_library_battle/

IBM's speech recognition technology headed to Iraq
http://newsletter.eetimes.com/cgi-bin4/DM/y/ez2d0FypUC0FrK0EpCc0Ei

Gartner predicts biggest change in PCs for a generation
http://www.theregister.co.uk/2006/10/10/gartner_20_years/

We need a better yardstick to measure the digital divide
http://www.physorg.com/news79860784.html

SpikeSource - an OSS innovation?
http://www.channelregister.co.uk/2006/10/10/spikesource_oss/

Google makes video play with YouTube buy
http://www.theregister.co.uk/2006/10/06/google_youtube_talks/
http://ct.news.com.com/clicks?t=13652931-18a32f6148453f76b7d88f6b914d69a0-bf&s=5&fs=0

Amazon's new services
http://newsletter.infoworld.com/t?r=314&c=642442&l=3993&ctl=
144157A:215D3E184FC552DC48E1CCB96ACF25D1EFF29049075316B4

Broadcast treaty needs sounding out, says WIPO
http://www.theregister.co.uk/2006/10/04/wipo_halts_broadcast_treaty/


Acknowledgements

Thanks to readers Barbara, Fi and Lois for drawing my attention to material used in this issue. Please send suggestions for material to alan@ibgames.com.

Alan Lenton
alan@ibgames.com
15 October 2006

Alan Lenton is an on-line games designer, programmer and sociologist. His web site is at http://www.ibgames.net/alan.

Past issues of Winding Down can be found at http://www.ibgames.net/alan/winding/index.html.


Fed2 Star index Previous issues Fed 2 home page