Posts by happygeek

I hear you brother. Well said, etc...

American chip maker Freescale Semiconductor has today announced the development of a magnetoresistive random-access memory (MRAM) chip which can maintain data using magnetic properties and not the traditional electrical charge methodology.

Think of it in terms of storing data more like a hard drive, albeit a very small one indeed, and you are on the right conceptual tracks. Unlike flash memory, MRAM does not degrade over time, does not need any power in order to store the data and is lightning quick when it comes to read/write speeds. Think in terms of nanoseconds in fact!

Each MRAM chip is comprised of memory cells, hundreds of thousands of them, containing a magnetic electrode with a fixed magnetic field and another that can change polarization. The magnetic orientation of electrons being used to represent bits.

Like much of the innovation we see in technology today, this is not actually something new, as people (including IBM) have been experimenting with similar memory modules for many years. However, it is important because Freescale Semiconductor is the first to overcome the problem of producing it in any volume. Indeed, the only reason it has kept quiet about the breakthrough was to enable it to build the kind of inventory that would silence the critics and back up the claims. Production actually started at the Arizona factory over two months ago!

Will Strauss, an analyst with research company Forward Concepts has gone so far as to describe it …

Italy may have won the soccer World Cup in a thrilling final yesterday, but they did not even make it through to the group matches as far as the Malware World Cup is concerned. Webroot Software Inc. has just released details of global average malware infection rates during June 2006 to members of the press. Rather than waste this opportunity to make serious comment about infection trends and create a geographical map of malware distribution, why not put it in World Cup terms I thought? So I have.

OK, let us start with the knockout rounds where every country competes to see which can be the most infected in each of four categories: spyware, adware, Trojans and system monitors. The results pan out as follows:

Spyware (showing average number of spies per PC scanned)

1. Dominican Republic (43.643)
2. Ecuador (35.905)
3. Lithuania (35.516)
4. Iceland (32.406)
5. Slovenia (31.937)
6. Latvia (30.577)
7. USA (30.489)
8. United Kingdom (28.75)
9. Ireland (28.542)
10. Venezuela (26.297)

Adware (showing average number of spies per PC scanned)

1. Dominican Republic (6.495)
2. Slovenia (5.945)
3. Ecuador (5.52)
4. Puerto Rico (4.535)
5. Iceland (4.463)
6. Israel (4.262)
7. Colombia (4.252)
8. Croatia (4.144)
9. Norway (4.093)
10. Canada (3.978)

Trojans (showing infection rates per 1000 PCs)

1. Slovenia (1103)
2. Ecuador (1057)
3. Croatia (972)
4. Lithuania (761)
5. Portugal (733)
6. Norway (728)
7. Poland (692)
8. Indonesia (683)
9. Sweden (678)
10. Venezuela (675)

System monitors (showing infection rates per 1000 PCs)

1. Estonia (276)
2. Jordan (267)
3. Iran (233)
4. Peru (220)
5. Albania (194)
6. Latvia (177)
…

Although the Firefox Version 2.0 Beta is not actually released until Tuesday 11th, you can download the feature complete Windows public release candidate 1 build right now from the Mozilla FTP server.

Linux and Mac versions are also available, early reports suggesting that it works just fine with Intel based Macs at last.

Apart from the integrated spell checker and anti-phishing filter, Firefox 2.0 adds horizontal scrolling for tabs and a revised options dialog. Most of the changes, though, are beneath the surface.

Do not expect your existing extensions to work. Do expect your existing themes to be overwritten. Unless, that is, you download the portable version instead as this keeps everything within the Portable Firefox folder which can be uninstalled simply by deleting it. Your existing profile remains separate and untouched. This seems the sensible option, given that much of the value of Firefox is invested in the extensions it supports.

Good question, but the answer may not be as straightforward as the announcement this week by Microsoft, and the ongoing online media coverage, suggests. The impression given is that Microsoft is supporting the Open Document Format in Office 2007 by sponsoring an open source based translator. This will take documents in the native Office 2007 Open XML format and convert them to ODF ones. Great stuff considering that ODF did not even exist in the Microsoft universe as recently ago as 2005, what with it being a rival format and all, indeed, some would say THE rival as ODF is used by OpenOffice.

So why am I not dancing in the moonlight with joy? Well I guess it might have something to do with me being a professional word monkey, for whom what is actually said is more important than the message that is being sold. And what Microsoft has actually said is that it is ‘supporting’ the format in Office 2007 and I don’t believe that to be the case, at least not according to my own definition of support in the technical sense of the word. Let’s get this straight: there will be no ODF support built into Office 2007and there will be no Microsoft ODF translator. What there will be is support for the three third party developers who are creating the tool under the Open XML Translator Project and making it available for download from Sourceforge.

But Aztecsoft, Clever Age and Dialogika are not …

Are users becoming more wary of link clicking in email? Are they getting savvy to the tricks of the email phisher? Certainly there is some evidence that the security message is starting to get through to the masses, but not nearly quickly enough to turn the phishing tide in my opinion. Whatever the case, it appears that ID thieves need to find their own unique selling point in order to stand out in a sea of scam. Anti-virus specialist Sophos has uncovered one such attempt, where the phisher uses a new twist to con PayPal users into revealing credit card details.

It starts off as any other PayPal scam, claiming fraudulent activity on the recipients account and requiring contact to confirm personal details to reactivate it. But there is no typical ‘click here to confirm’ link that opens a convincing fake site with login screen to capture username and password followed by a form to capture financial detail. What there is, is a telephone number to call in the US that leads to a voice message purporting to be ‘account verification’ and asking the caller to enter their credit card number to match the one they supposedly have on file. This is a lot cleverer than at first it may seem, as users have been conditioned by security experts and the media alike to be rightly wary of link clicking in email messages. What is more, those same advisors will often say that if in doubt you should telephone …

H.D.Moore, he of Metasploit toolkit fame, has vowed to publish details of one browser vulnerability every day during July. Already he has been true to his word with exploit information relating to Internet Explorer, Firefox and Safari but nothing that would help any would be attacker run unauthorized code on an unsuspecting victim’s computer.

Although officially Moore claims it is to publicize the inherent dangers of browsers, there is a feeling that it might also have something to do with a bit of a spat between Moore and Microsoft. Only a couple of weeks ago Microsoft berated the security researcher for acting irresponsibly by disclosing a flaw with a recently patched vulnerability in the Windows Remote Access Connection Manager service. The nature of this ‘irresponsible’ act? Apparently waiting only 9 days to publish code after the bug was patched, far too soon said Microsoft. Cobblers, was the gist of Moore’s blog reply: “Microsoft is doing themselves a disservice by asking for vulnerability information on one hand and then condemning the folks who provide it with the other."

The month of browser bugs, as it is being called, is nothing to get too worried about though. Provided you are well patched, avoid suspect sites, and do all the usual safe surfing stuff that is. However, the fact that someone is releasing vulnerabilities from some list of such not known by the browser developers is worrying. Why not just let them know the whole lot, and make the …

The latest Merriam-Webster's dictionary update has ruffled a few feathers online. Not for the inclusion of Manga (noun: a Japanese comic book or graphic novel) nor ringtone (noun: the sound made by a cell phone to signal an incoming call) or even supersize (transitive verb: to increase considerably the size, amount, or extent of.)

Could it possibly be mouse potato (noun: a person who spends a great deal of time using a computer) or himbo (noun: and attractive but vacuous man?). Nope, then surely unibrow (noun: a single continuous brow resulting from the growing together of eyebrows) or even soul patch (noun: a small growth of beard under a man's lower lip) must be the cause?

Heck, even spyware (noun: software that is installed in a computer without the user's knowledge and transmits information about the user's computer activities over the Internet) and avian influenza (noun: a highly variable mild to fulminant influenza of birds that is caused by strains of the influenza A virus which may mutate and be transmitted to other vertebrates -- called also bird flu) hasn’t got anyone slightly excited.

Of the 100 new words that have been added to the 2006 update of America’s first and best-selling dictionary, the one that’s attracting all the online attention is google (verb: to use the Google search engine to obtain information about (as a person) on the World Wide Web.)

It remains to be seen whether Google will behave like a drama queen (noun: …

VIA Technologies has long since been known for a small is beautiful philosophy, and there is no reason to start doubting now if the VX700 chipset is anything to go by.

Created specifically for Ultra Mobile PCs, the UMPC Origami form factor getting publicity and hyperbole in equal measure from the direction of Microsoft right now, the VX700 enables an even smaller form factor courtesy of its single chip design. Chinhwaun Wu, Special Assistant to the President, Processor Platform Product Marketing, VIA Technologies, Inc. reckons that "Together with the VIA C7®-M processor, VIA can now offer a platform that breaks form factor barriers while maintaining comprehensive performance, a leading feature set, and ultra-low power operation for longer battery life."

If the DualCor Technologies' cPC, moving the UMPC concept into an even smaller handheld form factor, is anything to go by he just have a point. Using a VIA VX700 chipset and the VIA C7-M ULV processor, DualCor has created this new device with an ultra small footprint and enhanced battery life, but without compromising the mobile PC performance we all demand.

The VX700 really is the most impressive part of the VIA announcement package though, integrating as it does all the functionality of a modern chipset's North and South bridges within a single chip design that measures 35mm x 35mm. In terms of silicon real estate saved, that is a none too shabby 42% or so. In addition, when VIA talk of ‘all …

If Mac enthusiasts groaned when Apple announced it was switching to Intel chips, watch out for full-scale hissy fits as they discover that OS X 10.4.7 contacts Cupertino servers on a regular basis. Just how similar to Microsoft does Apple want to be?

You would have thought that the furor regarding the Windows Genuine Advantage mother ship communication might have been a warning shot about secret computer communications being a bad thing. You would have certainly have thought the ongoing legal wrangling at Microsoft would have the alarm bells ringing at Apple.

Nevertheless, no, in an insane display of Seattle Fever, Apple developers were quite happy to have a new process in 10.4.7 called dashboardadvisoryd call out to Cupertino in order to verify Dashboard widget versioning matches the ones on Apple's servers. In typical Microsoft fashion, end users are being assured that no personal information is transmitted. In equally typical Microsoft fashion, you can be sure that Apple would not have been saying anything had the packet sniffers using Little Snitch not made their discovery. Certainly not the fact that, also new to this latest Tiger update, a the .Mac dotMacTranslator service will attempt to contact configuration.apple.com if you create a new email account, for example, regardless if that email account is a .Mac address or not.

I seriously doubt that anyone with any real understanding of how the OS works will lose much sleep over the actions themselves, but plenty of end users will …

<goldeagle2005> Not anticipate, observe. There's no compulsion either, other than the fact that it does become a little addicitive :)

<mikeandike22> The vast majority of people who blog are, ultimately, blogging about themselves: their opinion, their ideas, their feelings. LiveJournal just happens to provide a methodology to measure the collective mood of those posters.

Have you ever wondered if the Internet is having a good day, if it is happy or sad, or maybe feeling a little depressed? Well, probably not, but thanks to a team of information access researchers from Amsterdam University you might be able to find out.

MoodViews work by tapping into the mood level flags set by more than 10 million LiveJournal bloggers. By scanning the 150,000 or so daily postings that include one of the 132 different available mood flags, the MoodViews software collects the information and then looks for trends, Although there is a temptation to write this off as some kind of digital biorhythm, there is no doubting that emotional trends have emerged that make sense. So the Internet tends to be drunk at the weekend, feel loved on Valentine’s Day, was worried during Hurricane Katrina and positively scared after the 7/7 London bombings last year. The researchers do not see it as just a bit of fun however, but rather hope it will help them to develop new methods for searching, discovering and retrieving blogs.

You can keep an eye on how the Internet is feeling at any given time by checking out the MoodGrapher which updates and plots those mood levels every 10 minutes by showing the actual mood reported and the rate of change within any given hour. Then there’s the MoodTeller which uses natural language processing together with machine learning to guesstimate mood levels from the text …

As from July 11th, some 70 million users of the Windows OS will be left stranded without official support, and that includes no more security updates. By withdrawing support for its Windows 98, Windows 98 SE and Windows ME platforms, Microsoft is effectively leaving around 12.5 percent of Windows users open to hack attacks and malware exploits.

Of course, the counter argument is that users of these outdated legacy systems are leaving not only themselves open to attack but at the same time exposing large swathes of the Internet to attack as their machines become used as spam bots, host DDoS attacks and spread malware. It is not as if the withdrawing of support has been a closely guarded.

Microsoft intended to pull the support plug as long ago as January 2004 but gave users a reprieve of 2.5 years, which should be time enough for anyone to update their OS.

Already the effect is starting to show, even before the deadline is reached, as Microsoft has not developed a 98, 98SE or ME patch for the MS06-015 vulnerability, despite doing so for 2000, XP, and Server 2003 users.

Is this a case of Big Bad Bill and his Evil Empire? No, of course not. Can we really expect Microsoft to be trying to retroactively developing old operating systems, changing critical core components, just to pacify those who are too mean or stubborn to upgrade? The harsh truth is, I suspect, that the vast majority of …

Unfortunately, like the drunk driver, it isn't just the stupid user who suffers from the result of their actions.

Just when Microsoft had hoped things could not get any worse after the whole Windows Genuine Advantage phones home scandal, things have. Much worse, as the newly discovered Cuebot-K worm disguises itself as something called Windows Genuine Advantage Validation Notification.

Intended as an anti-piracy measure, WGA has in fact been nothing less than a spectacular PR disaster for Microsoft and a huge pain in the ass for end users. So much so that Microsoft has issued a new less intrusive version just a month after the initial release, as well as publishing instructions for removing WGA completely.

However, the WGA specter is going to hang around to haunt Microsoft for some time it seems. Antivirus specialists Sophos reveals that Cuebot-K, propagated by way of the AOL Instant Messenger software, disables the Windows firewall and opens up a backdoor route for remote access, malware execution and potentially a distributed denial of service launch pad for good measure. Cuebot-K copies itself to the Windows system folder as wgavn.exe and then creates a file called \Debug\dcpromo.log and registers wgavn as a new system driver service with an automatic startup type.

The clever tactic being that because of all the fuss over WGA, technically aware users who keep an eye on the list of running services will not be overly concerned by the fact that WGA is there. Unless they are really technically aware and removed the thing already, of course. Guess what my recommendation …

There are not many things, it has to be said, that a Linux user would covet of his Windows using neighbor. Skype is quite possibly one of them though, but not for much longer. The first meaningful development for the Linux Skype client in almost a year has arrived in the shape of Beta 1.3.0.30

I was starting to think that Microsoft rather than eBay had acquired Skype, such has been the time, money and devotion lavished upon the Windows client since: video calls added, stability issues fixed, UI beefed up yada, yada, yada. The bad news is that Linux still does not get any of these. So why the excitement? Well how about because it has been updated at all, suggesting that the eye candy big guns are not too far away. The fact that Advanced Linux Sound Architecture (ALSA) has now been incorporated so that Skype can be switched between this and the default Open Sound System (OSS) is none too shabby either. Nor is the public API for X11 windowing, which might mean some application integration on the Linux front finally.

Oh, and while on the subject of non-Windows Skype versions: do not be tempted by the video enabled Mac version that is doing the P2P rounds. This is actually an internal development version, and one that Skype itself claims to be unstable and extremely buggy. In an attempt, perhaps, to dissuade the curious Skype also warns it will eat …

The cost-per-click model for Google ads could soon be complimented by a cost-per-action one, if the testing for this click fraud busting technology proves successful. The concept is simple enough: advertisers would only get charged when a particular action is performed rather than simply clicking on the thing. Already a growing band of volunteers advertisers have been putting the system through its paces, with a positive reaction if my sources are to be believed.

However, if it is so good at combating click fraud, why is Google not going to replace the current system outright? My sources tell me that it is seen as an alternative not a replacement, which is just truly bizarre. After all, it is a win-win situation for all concerned surely. Google benefits from not having to compensate companies defrauded by click fraud swindles, and from the higher charges it will likely sell these ads for. Advertisers benefit by being charged on a more realistic bums on seats basis. Have you spotted the fly in the ointment yet? Yep, if the system really does work then, despite the higher charges, Google’s revenue will fall over time as fraud is eliminated. Therefore, which is it Google, do you want to get rid of this kind of fraud or are measures like this just smoke and mirrors?

In the meantime, the AdWords program has been beefed up a little by the expanded integration of Google Analytics. The introduction of an AdWords Analysis and AdWords Keywords Positions …

The world of malware could be turned upon its head if the Blue Pill virtualization based rootkit due to be demonstrated at the SyScan 06 Conference, Singapore, in a couple of weeks proves as undetectable as the security researcher who has created it claims.

Joanna Rutkowska is a stealth malware researcher with a Singapore based IT security business, and specializes in rootkit technology. Using AMD's SVM/Pacifica virtualization technology, she has created a working prototype that not only takes complete control of the underlying operating system but also remains 100% undetectable while doing so. The demonstration will be on the Vista x64 platform, sure to cause embarrassment to Microsoft when it is repeated at the Las Vegas Black Hat Briefings on August 3rd: the same day that Microsoft is scheduled to brief the world about core Vista security functionality.

Do not think it is just another Windows problem either, Rutkowska claims that while the prototype has been written to run under Vista x64 there is no reason why she should not be able to port it to any x64 platform such as BSD or Linux.

Now you may be forgiven for thinking that this is nothing new, after all did not Microsoft Research itself (in conjunction with the University of Michigan) already make a big fuss about the VM-based SubVirt rootkit? Forgiven but incorrect, sorry. Blue Pill is something very different, in that while SubVirt is ‘nearly impossible’ to detect, Rutkowska claims …

And if you were thinking of a good reason why you should bother upgrading to IE 7 Beta anything, then how about the small fact that unlike IE 6 it is not troubled by the new cross-site scripting issue revealed by SANS yesterday. Not that it, or the HTA application handling vulnerability which exploits a SMB/WebDAV weakness, is actually 'out there' in as far as they come under the heading of proof of concept rather than real world danger.

For now.

That said, better safe than sorry so perhaps the IE 7 Beta 3 update isn't such a waste of time after all. Unless you already use a safer browser client such as Firefox or a safer OS platform such as OS X of course :)

It’s not exactly a major advance in web browser client technology, but the release of Internet Explorer 7 Beta 3 today is a move closer to the release version, scheduled for sometime later this year. What’s changed from the Beta 2 release? Er, good question, and one that had me straining my eyes to determine that you can drag the page tabs around and have an e-mail button on the toolbar if you so desire. There are enhancements to the RSS support, enabling the update of all feeds automatically and empowering more control over marking feeds as read. But again, it is hardly earth shattering stuff.

Under the surface a bit more is happening, such as the fixing of a number of layout rendering bugs which should help with site compatibility. Then there is the fact that all the June 13th security fixes that relate to IE 7 from the MS06-021 patch have been rolled into the Beta.

Do not expect any new security tools or features though. There is no sign of the protected mode that is evident in the Windows Vista Beta IE 7+ version. This is a shame as these user account controls enable you to build a sandbox around the browser environment for additional security, helping to prevent malware from dropping code onto the hard drive by only allowing files to be written to the IE 7+ cache for example.

Do not expect any further Beta releases of IE 7, at …

Yeah, but I still want one :)

Pricing is, surprisingly, hard to to come by at the moment. However, my unofficial man on the inside is suggesting that something in the region of 15,000 Euro / 18,000 USD / 10,000 UKP isn't going to be too wide of the mark for a configured system starting point (although that's not likely to be a maxed out system of course.)

I still want one!

At ISC2006, the 21st International Supercomputer Conference, in Dresden, Germany today an interesting announcement was made by Tyan Computer: the launch of the Personal Supercomputer. Not quite a desktop machine, it is being marketed as a deskside unit, the Typhoon PSC certainly promises to pack quite a punch. The 8 processors and 64Gb RAM delivering a hard hitting maximum 70 Gigaflop punch to be precise. All this in a device no bigger than a couple of standard desktop PCs and bringing low noise and power consumption to what we normally think of as the noisy, high power end of the computing market.

Obviously most of us don’t need such power, but when has need ever stopped a geek from getting something? I might not be into the compute-intensive applications of the high end graphic rendering or scientific research sectors, but ever since visiting the BMW-Sauber Formula 1 racing factory just outside Zurich, Switzerland last year when they switched on Albert, their 530 CPU, 1 Terabyte RAM powered supercomputer being used to shave precious milliseconds off lap times through Computational Fluid Dynamics, I have wanted one. Not the multi-million dollar 18tonne beast that is Albert, you understand, but a smaller more affordable cousin that can plug into a standard wall power socket instead of a dedicated APC designed generator. One that would allow me to still be able to hear myself thinking, and possibly even the radio playing and the Typhoon PSC …

Last week, via the official MSDN WinFS blog rather than the usual Microsoft PR channels, it was announced that WinFS is effectively dead. There was much talk of the great many technical innovations the WinFS project has created and how those innovations may find their way into a broader Data Platform Vision and examples cited such as the Entities features being built into ActiveX Data Objects starting out as something for the WinFS API. But at the end of that much talk the bombshell remained: "we are not pursuing a separate delivery of WinFS, including the previously planned Beta 2 release.” In effect WinFS has not only been downgraded from optional download sometime after Vista hits production, to a possible component within future editions of ADO.NET and SQL Server, but made extinct for all real world intents and purposes.

So much for replacing the legacy Windows file-system, one of the oldest parts of the platform, with a search ready, object-oriented engine that could be queried with a SQL variant (think SQL schema instead of File Allocation Table) and truly revolutionize file storage and retrieval for Windows users. So much for the much heralded three pillars of Vista which is now down to just two: Windows Presentation Foundation (Avalon) user interface layer and Windows Communication Foundation (Indigo) web services layer. So much for the object-oriented file-system first promised, and tantalizingly teased in preview releases, back in 1993 when Cairo was still an ongoing project.

By way of …

According to just released research from Michigan based OnlyMyEmail Inc it would appear that Sender ID is ineffective as an anti-spam solution. Despite the high profile, and frankly somewhat aggressive PR campaign by Microsoft, the 60 day statistical analysis certainly suggests that it isn’t the Holy Grail of anti-spam that Mr. Gates would have us believe.

Across a 60 day period, OnlyMyEmail discovered that emails sent by a domain without a published Sender Policy Framework (SPF) record were only slightly less likely to be spam than those sent by domains that publish Sender ID information in their DNS records. But, emails returning a positive match for Sender ID were not significantly more likely to be legitimate compared to those without a published SPF record, which is surprising. Most surprisingly, in my view, was the fact that an email that failed Sender ID verification only had a 91.4% chance of actually being spam. This translates into a false positive rate (FPR) of 8.6% if Sender ID were relied upon to accept or reject messages. When I evaluate anti-spam solutions in a professional capacity, be that for a magazine labs review or with my consulting hat on for a corporate purchase decision, anything that returns a FPR greater than 1% is rejected out of hand (no company can afford to lose 1 out of every 100 business communications because it has been wrongly flagged as spam.) With 1 out of 6 emails passing Sender ID …

Agreed. I think that like much in life, it's all about balance. And as I say in the blog, unless you remove the emotionally charged arguments on one side and financially motivated on the other that ain't gonna happen.

What started off as a show of political defiance, with thousands of file-sharing downloader’s joining forces and planning to field 140 candidates in the September Swedish elections, has spread to the US.

The trigger in Sweden was the May 31st police raid on a community of a million BitTorrent users called The Pirate Bay. The Piratpartiet (pirate Party), which actually formed in January, was quick to organize protests amongst the Xbox Generation. Indeed, some 1000 did just that in Gothenburg and Stockholm on June 3rd, and the resulting publicity in Sweden has seen Pirate Party membership swell to in excess of 6000. The chances of it achieving the 4% share of the popular vote required in order to gain representation in the Swedish parliament is, frankly, remote. Most right thinking folk are equally unlikely to accept that suspending copyright protections after just five years of creation and abolishing patents are the way forward. Not that it matters if they did, Sweden is governed by international agreements as a member of the EU and WTO that would make them impossible to achieve. Even the eradication of surveillance cameras, although getting a knee jerk vote of confidence, is likely to be rejected upon a little reasoned reflection.

But the cultural phenomenon of Piratpartiet is showing no sign of slowing down, and now The Pirate Party of the United States has been launched with much the same remit: to reform intellectual property laws. Founded by University of …

My theory is:

Windows Live Messenger
WLM
Said out loud is wer-lum
Werlum = William

Gates has named it after himself as a parting shot. Everything is going to end up branded as Microsoft Bill...

Microsoft has, at last, shown its hand when it comes to answering the online services challenge from the likes of Google and Yahoo!; both of whom currently trounce the Seattle OS champions in both audience reach and earnings in the online sphere. Windows Live is moving out of Beta at long last (although not as long as Google services which traditionally remain in Beta, well, pretty much forever – or it often feels like they do anyway.)

With a big huzzah, MSN Messenger has re-emerged with voice and video integration, and one click access to email, blogging and other Windows Live services. MSN Messenger is dead: long live Windows Live Messenger. Unfortunately for Microsoft, Skype is still very much alive however. But with 240 million IM users, compared to 100 million Skype users, Microsoft is hoping to carve its own niche amongst the PC to PC and PC to telephone voice market. It is also in the perfect position to leverage this user base and build a new brand based upon online services: the 20+ Windows Live online services that will launch across 60 markets during the course of the next year to be precise. How long, I wonder, before we see the removal of the MSN brand altogether?

Let’s hope Microsoft can overcome sign-in problems, as it certainly won’t make much of an impact if users are met with the “we're unable to …

Well quite.

However, it is worth reporting on as it does represent something of a technical breakthrough and draws a likely roadmap for things to come.

The reports that are popping up all over the web that IBM, along with Georgia Tech, has demonstrated the world’s fastest ever chip are, sadly, not quite as exciting as you might at first think. Not least because this wasn’t a chip at all, but rather a transistor, and even the least technical minded of people will realize there’s something of a difference between the two. Looking beyond that basic misunderstanding of the facts, the news still fails to excite me as much as it seems to have excited everyone else and here’s for why:

Yes, it did run at more than 500GHz. Yes, that is 125 times quicker than the current batch of commercial chips. Yes, you do need a near absolute zero cold room (with a temperature of minus 451 Fahrenheit, or minus 260 degrees Celsius if you prefer) to achieve that speed. And yes, you did read that right. Within a normal environment you’ll be more likely to see a still none too shabby 350GHz which is impressive considering that your average commercial chip at the moment manages less than 4GHz, but sadly not record breaking.

Still, building a transistor made from silicon laced with germanium that runs so fast is good news and bodes well for a super-speedy computing future. It also suggests that there’s plenty of performance still to be squeezed out of silicon, albeit under rather unrealistic conditions and using very expensive base materials. What it …

Norton Confidential will also be wrapped up in the OneCare competitor, Norton 360, which looks like being the product that will ultimately kill off SystemWorks.

However, it seems that there will still be a Norton Internet Security Suite and a standalone AV product in the 2007 line.

Apart from the bundling of the backup functionality into the 'suite' and the reduction of GUI complexity, I still remain unconvinced as to the validity or need for the OneCare/360 model in the first place. Why not just add backup to the security suite and concentrate on making that less resource hungry, more stable? Alternatively, if 360 is the way forward then kill off the security suite and the standalone AV product.

Too many eggs in a poorly woven basket perhaps?

I’ve just returned from the Symantec Threat Response Center in Dublin, Ireland where a select handful of European security software reviewers witnessed the first public demonstration of Norton Confidential: the Symantec response to what it refers to as the CrimeWare explosion.

Symantec acquired anti-phishing specialist WholeSecurity towards the end of last year, and has been working on a transactional security and identity protection product under the codename of ‘Symantec Voyager’ ever since. The release product will be called Norton Confidential and has some interesting and worthwhile features, although nothing that is truly unique. What it does is combine functionality such as the identification of potential phishing sites using both heuristic detection and known IPs, confirm trustworthy sites courtesy of high-assurance security certificates for authentication, monitor for password-capturing Trojans and key-loggers, and alert the user before transactional data is passed to a suspicious site or in a suspicious manner.

Although I applaud any effort to help secure online transactions against the dangers of identity theft in its many forms, Norton Confidential has a fatal flaw in my opinion. And I made sure to share that opinion with Laura Garcia-Manrique (Senior Director of Product Management), Shane Pereira (Senior Product Developer and Software Architect) and Josh Harriman (Senior Security Quality Assurance Engineer). You see, Symantec will go to great lengths to claim that Norton Confidential is all about making the online user experience as secure as possible, yet it will work only with the most insecure of …

The growing acceptance of IM in the workplace has, eventually, made an impression on AOL which has started a public test of AIM Pro PE (Professional Edition). Although not expected to actually launch until the autumn, one has to wonder how much weight the consumer oriented AOL brand carries in the corporate marketplace and whether it can successfully carve a profitable niche there. Designed to cover a broad corporate church, everything from the individual IT professional through to the medium sized businesses, AOL have invested heavily in doing just that.

Developed in conjunction with web conferencing and online meeting specialist WebEx Communications and available for free download during this public Beta phase, AIM Pro PE will require an as yet undisclosed annual subscription fee to continue with its use once this ends. For your money you will get a promise of better security required for the business environment, at least compared to the free consumer version of AIM. The inline adverts will disappear, Microsoft Outlook integration is added, as are voice and video conferencing together with web meeting functionality (the WebEx influence showing its hand). Until the promised anti-virus file scanning, auditing and logging functionality, which is promised but not yet implemented, it’s a bit early to pass judgment upon the worthiness of the new edition and it’s fitness for purpose in a commercial setting.

A separate Beta test is expected to start sometime this week for an Enterprise IM edition (AIM …

I suspect that the patent lawyers (spit) will earn their keep by arguing that the Nintendo patent is sufficiently different to be valid, and that everyone else infringes sufficiently to have to pay.

Nintendo has been granted a broad stroke patent covering a “messaging service for video game systems with buddy list that displays game being played.” Patent number 7056217 was originally filed way back in 2000, a whole year before the Xbox was launched, and two years before Xbox Live became a reality, it leaves the door wide open for Nintendo to consider litigation against Microsoft and any other games vendor using IM. Certainly the Microsoft position appears to be vulnerable, although it’s doubtful that Nintendo would even attempt to close down the Xbox Live service. A much more likely, and much more lucrative, scenario would be one in which Nintendo pursue a cross licensing deal which would enable it to share Microsoft patented technology such as a games communication system which performs audio compression in real-time for example. Failing that, then a settlement isn’t out of the question, of course. Or is it? As with any patent claim, if prior art can be proven then the patent can be invalidated, and the Sega Dreamcast console certainly shared much, if not all, of the chat system functionality described in the patent.

What is more interesting than the potential for legal bickering is the potential for Nintendo gaming, especially considering that the company was also awarded a patent earlier this year for voice-to-text chat conversion using speech analysis in games. Forget the fact that the IM patent refers, and even …

The triple-gate transistor is not new, almost exactly three years ago on June 12th 2003 at the Symposia of VLSI Technology and Circuits in Kyoto, Japan, Intel was heralding it as the future of chip design. However, the fact that at the same Symposium this week in Hawaii, Intel reveals the technology is moving out of the conceptual research phase and could be used in chip production as soon as 2010 most certainly is newsworthy.

Intel has successfully built the transistors which use gates on three sides to control current: a structure that reduces leakage (so less overheating and less power consumption) while allowing more electricity to flow (so it runs faster). By comparison, the planar transistor used in chip construction today only has current flowing through one side. According to Mike Mayberry, Director of Components Research and Vice President of Technology and Manufacturing at Intel, this will mean processors that use either 50% less off-current or a 45% speed increase when compared to the current batch of 65nm process transistors. The end result being 35% less power consumption at a constant speed.

Why does this appeal to the geek in me? Two words: Moore’s Law. Many engineers have been happily announcing the end of the infamous 41 year old remark that that the number of transistors on a chip doubles roughly every two years (Moore himself insists he never said 18 months, although this has become the generally accepted …

As the battle to become the next Microsoft heats up, this week I’ve been struck by the online maneuvering from both eBay and Google. The auction company is looking to tread on Google toes with its own contextual advertising service, named using devilish cunning ‘AdContext.’ Google, meanwhile, is keeping very schtum about the imminent launch of a PayPal-alike online transactional service called either GBuy or Google Checkout depending upon which source you believe. What seems clearer cut is that the service will go live before the end of the month.

Neither strategy should come as any great surprise, to be honest. Currently eBay is amongst the biggest spending advertisers on Google, so it makes sense to look at ways of reeling in some of that expenditure. Especially so considering the possible expansion of services such as Google Base which is undoubtedly perceived as stepping into eBay territory.

The contextual advertising service isn’t intended as a generic advertising network, and won’t follow the usual PPC or CPM model either. Instead, it’s very much a ‘monetization’ stream for website operators (in particular blogs) and a method for driving more auction business for eBay. In essence AdContext would promote current auction items, based upon the context of the page in question, with the site operator getting a percentage of any resulting sale. That percentage is a closely guarded secret at the moment, but expect it to be in the …

Get ready for Patch Tuesday. July 13th will be the biggest update for 18 months, with no less than 12 security bulletins: 9 for the Windows OS, 2 for Office and 1 for Exchange. Of these, both Windows and Office updates include one flagged as critical, the highest Microsoft threat rating. At the same time, Microsoft is also releasing 3 non-security, yet apparently high priority, patches for Windows and a new version of the Windows Malicious Software Removal Tool.

If you are a Windows 98 or ME user, however, you’d better make the most of it as this will be the last set of updates you get. If you want a secure system you can pretty much forget it, just as Microsoft pretty much wants to forget you. As has been made clear for some time now, there will be no updates offered for these OS versions after June 2006. But forgive me for being pedantic, it isn’t the 11th July yet is it? So why has Microsoft decided not to bother with a critical security vulnerability patch to protect 98/ME users against a Component Object Model flaw in Windows Explorer? Pretty much all other Windows users got their protection on April 11th, and at the time Microsoft said it would deliver the 98/ME solution as soon as possible. Which looks like being the 12th of never now, perhaps Donny Osmond has been put in charge of Microsoft Security? Certainly I suspect he’d make more sense than …

It isn't a matter of expecting to keep stuff confidential, I am always more concerned with the possibility of mis-information that is expected to be anything but confidential.

My security clearance is high enough for me to be able to travel with children on school outings. I have a certificate and everything... :cheesy:

It's the potential for combining this data with other data, including phone tap stuff and financial transaction data, that worries me. As does defining 'who they keep an eye on' especially when it might be me, or you. We live in dangerous times, no doubt, but the 'war on terror' card is being played just a tad too much for my liking. Making the planet a safer place to live in is a fine thing, unless you fall outside of what TPTB define as a suitable inhabitant of this brave new world. Without people questioning what is happening, and doing so in a timely fashion, civil liberties have a strange habit of being slowly eroded...

All in my never humble opinion, of course.

As an aside, I had lunch today with a former Chief Information Officer for the Executive Office of the President, the White House. Same chap previously served 6 years as a senior executive with the FBI. I'm still trying to figure out what he told me and what I can repeat ;)

At the moment my blogging is exclusive to DaniWeb, although I will be doing a UK buisness-2-business focussed blog in a month or two.

However, you can find my writing elsewhere online at PC Pro (www.pcpro.co.uk), PC Plus (www.pcplus.co.uk) and Microscope (www.computerweekly.com). Just search on my name for various features, opinion columns, reviews etc.

Davey

Last month it was revealed that the National Security Agency had been logging telephone calls since 9/11. This month, the right to privacy debate is set to ignite even further after a report in the New Scientist claims that the NSA is funding research into the harvesting of personal information from social networks such as MySpace.

This might not sound like such a big deal, until you step back and realize quite how much personal information gets posted on social networking services: who you know, what blogs you read, your political allegiances, sexual preferences and more. Things heat up when the social networking data is added to such things as financial transactions, physical movements (cellphone base stations make great tracking systems) and that phone tapping information. But that’s just the start of it; if the semantic web proposals for a common Resource Description Framework (RDF) data structure become a reality then the NSA could potentially monitor your entire online life. The whole point of RDF is to bring an unambiguous commonality to online data, making it a machine as well as people friendly place.

New Scientist quote a paper (Semantic Analytics on Social Networks) presented at the recent WWW2006 conference in Scotland, part funded by the Advanced Research and Development Activity, and showing how data from social networks and other databases can be used together to reveal personal detail. ARDA have since changed their name to the

Yep, to both. I keep an eye here for comments and reply when I have something to say :)

I've been on the Vista Beta program for many months now, and like certain aspects of the thing: the native IPv6 stack appeals to the geek in me, and the Aero interface is neat. I don't care much waiting for WinFS and PowerShell, and I'm not fanatical about the way DRM has been integrated with the OS - especially the High-Bandwidth Digital Content Protection what with the lack of HDCP enabled video cards and the way it degrades HD video without one.

Will I upgrade from XP to Vista? Yes, but not my entire business and certainly not yet. I'll be following my usual plan of waiting a year (at least) for SOS (Some Other Schmuck) to iron out the problems first.

Will I be advising my clients to upgrade? Not on your nelly, and not for more than a year I suspect (although there will always be exceptions where a pressing need is identified.) On the whole there's not really any great advantage, IMHO, for a business to move from XP. The case is stronger, however, if we are talking moving from a NT4/2000 environment of course.

Sorry if that was all somewhat surface skimming, a bit difficult to do the question justice by way of a comment :)

However, it does give me the opportunity to say that the UK is starting to catch …

On May 23rd I predicted that Microsoft would start the Windows Vista Customer Preview Program (CPP) within a few weeks, and I have been proven right. Microsoft today announced public availability of Vista Beta 2, the same build (5384) as was made available to developers at WinHEC. If you don't mind waiting for the 3.5Gb 32-bit download (4.4Gb for the 64-bit version) you might even be able to have a play yourself. Of course, this depends on a number of factors; not least whether your computer is highly specified enough to run it, and the (non) availability of suitable drivers for lots of hardware. See my earlier blog posting with regard to the real minimum system specifications for a Vista Capable PC.

More problematical would appear to be the lack of bandwidth at the Microsoft end. The official download link has been mostly unavailable ever since it was first announced. This is to be expected, although not by Microsoft which seems to have been caught out by the sheer demand for the new OS Beta. But fear not, intrepid techies, if you really want to get your hands on Vista and really can't wait then you can either Go Google for a BitTorrent version (and there are plenty out there) or maybe just go and grab it from the top secret direct download link instead. Be warned, it took me more than 4 hours to download the 32-bit ISO over a fast DSL line, so …

Network design can certainly be innovative, and to those of a technical persuasion even considered a thing of beauty. But is it art? That was the question posed by a handful of senior Microsoft folk, the editor of an IT magazine and an Emeritus Professor at an art gallery in London last night.

I was there with the champagne and sushi set, listening to the great and good debate the create genius of IT professionals and the artistic value of their work. Wondering exactly how this Microsoft sponsored DesignIT event could actually achieve its aim of encouraging creativity and innovation within the IT industry, and ensuring these highly-skilled IT professionals receive the recognition they deserve.

The very enthusiastic Microsoft UK Server Business Group director, Bruce Lynn, assured me that the response to the competition had been great and the enthusiasm of those visiting the gallery greater. Phil Cross, Microsoft UK Group Marketing Manager insisted it had been a qualified success and was stirring debate as intended. While Microsoft US Senior Director Christine Betts felt certain it would lead to a greater recognition of IT innovation within the design community. Lynn, who also chaired a judging panel consisting of such luminaries as Microsoft technology evangelist Robert Scoble, said “whether it’s through the PC sat on the office desk or the in-car satellite navigation system that guides you home, the practical ‘nuts and bolts’ contributions of IT professionals are clear, but the creativity they apply is often less …

Reports of the death of PDF support within Office 2007 and Vista are not only presumptuous but wrong. Despite the high profile publicity given to a spat between Adobe and Microsoft over the ‘Save as PDF’ function seen in the Office 2007 Beta, there is no doubting that users will be able to do just that in the release version. What they won’t be able to do is do so out of the box. Instead, a totally free and downloadable plug-in will be made available by Microsoft.

Apparently there have been discussions ongoing between Adobe and Microsoft for the best part of four months now, discussions which broke down according to a report in the Wall Street Journal on June 2nd. The article has a Microsoft lawyer, General Counsel Brad Smith to be precise, claiming that Adobe had “threatened antitrust action unless Microsoft “agreed to raise prices. Now quite apart from the fact that it’s unusual for a corporate lawyer at this level to say anything unless as a preemptive strike to gain the high moral ground in a dodgy argument, this quite obviously only tells one side of the story. The other will remain untold until Adobe makes up its mind in regard to filing suit against Microsoft, because commenting now could reveal legal strategy or otherwise negatively impact upon the strength of the case. What I do know is that any antitrust action is likely to be filed in …

Without the initial knowledge of Tim O'Reilly is not the same as without the knowledge of O'Reilly the company though, which certainly did agree with CMP. However, this is something of a diversion methinks. The core issue is whether something as generic (and like it or not, with merit or not, it is) as Web 2.0 should be given service mark protection at all.

I doubt that we'll agree on this, it is a matter of opinion after all :-)

There's plenty to scream about in this case, and O'Reilly (like it or not) is right there in the midst of it.

I assume you were with Tim O'Reilly at the poolside when he found out about this then, able to gauge that surprise and anger? And if he were, indeed, so shocked by the terrible things being done with the full backing of his company why no immediate retraction online, why no 'we were wrong guvnor' statement, why nothing other than IT@Cork getting a stay of execution for 'this year’s conference' only? I agree with the, apparent, majority of folk who have been commenting on this: that Web 2.0 is too generic a term to trademark in this way, no matter who coined it in the first place. What's more, the whole cease and desist approach is at odds with the O'Reilly corporate image - no wonder people are getting hot under the collar. It's a good story.

For the record, I've not seen any death threats from IT@Cork, although it wouldn't surprise me if the usual immature suspects finding a cause to latch on to have. But that's hardly the fault of IT@Cork. I'd be interested to know how you know that they 'deliberately misrepresented the facts' and what that misrepresentation was though.

As for Tim O'Reilly being a decent chap and being on holiday etc, so what? The cease and desist letter, as pointed out in my piece, was sent by CMP Media with …

Have you heard the one about the book publishing company with a reputation built upon the back of the Open Source movement, which set its lawyers on a rival for using the term Web 2.0? Apparently O’Reilly has applied for a ‘service mark’ to cover Web 2.0 when applied to business and educational conferences within various fields of computers and IT use. Oh, and the person defending both the service mark application and the cease-and-desist letter sent to reinforce it, is called Winge.

But this is no joke, it’s actually deadly serious. The letter sent to Irish non-profit organization IT@Cork, a conference organizer who dared to use Web 2.0 within the name of one of their forthcoming conferences, was actually sent by an attorney acting for CMP Media (who co-produce a Web 2.0 conference with O’Reilly, who gave their agreement to send it). The argument being that just as they could not run a LinuxWorld conference, so nobody should be allowed to use the term ‘web 2.0’ in the conferencing realm at least. The very idea that the man who helped popularize the term should now be, effectively, claiming ownership of it is laughable. Or at least it would be if it weren’t so pathetic. Especially considering, according to an IT@Cork spokesperson, Tim O’Reilly was invited to speak at the conference and turned it down with regret due to a busy schedule. This being way back in February, but the cease-and-desist letter wasn’t …