Posts by happygeek

Kid Rock, The Beatles, AC/DC and Garth Brooks would make for a bizarre and unlikely concert line up, yet they share something in common: they are the last men standing as far as making their music available on iTunes. In the case of Kid Rock, he is apparently refusing to put those albums over which he has control onto iTunes as a matter of principle. According to the BBC the Rock 'n' Roll Jesus, real name Robert Ritchie, is holding firm simply because performers are not getting paid their fair dues for material downloaded from the market leading Apple music store.

Not that being absent from iTunes is holding back his career, after all his last album went to number one in the US charts without the help of Apple. That said, his new 'All Summer Long' single has appeared on iTunes in Europe. When it comes to albums he reckons that the actual cost to him of not being available for download on iTunes, in terms of album sales, is something in the region of 20 percent.

"I will be on iTunes eventually because I can't avoid it" Kid Rock told the BBC, adding that "the Internet was an opportunity for everyone to be treated fairly, for the consumer to get a fair price, for the artist to be paid fairly, for the record companies to make some money."

The trouble was the music industry didn't see it like that and continued to try …

File under strange but true: an IBM developed supercomputer based on the same processor technology that powers the Sony PlayStation 3 has just been officially ratified as the fastest computer on the planet. According to the Top 500 supercomputing rankings, published today at the International Supercomputing Conference in Dresden, Germany, the IBM RoadRunner scoops the top spot.

Not only that, but with a benchmarking of 1.026 petaflops it clocks in at more than twice the speed of the previous number one which has held the title since 2004. A petaflop, in case you need reminding, is one thousand trillion calculations per second. Which would make one heck of a fast game of Quake.

Although first seen in the PlayStation 3, those Cell processors were jointly developed by IBM, Sony and Toshiba. Each of them comes complete with a general purpose processor as well as no less than eight co-processors handling high-def graphics and other processor intensive operation functionality.

The IBM RoadRunner can boast no less than 12,240 Cell processors along with its 6,562 dual-core AMD Opteron processors. No wonder, then, that it runs so fast.

No wonder, then, that it cost so much.

How much? Well the US Department of Energy's National Nuclear Security Administration coughed up around $100 million for the beast, to be used within the Los Alamos National Laboratory.

In case you were wondering, IBM remains King of the Supercomputers with an incredible 210 of the 500 fastest machines …

I always like to wait a week or so, if I can resist the urge, to upgrade with FF. That way I can be sure that most of my extensions will have also been upgraded and still work :)

That is what happens when you opt for silly publicity stunts like the world record download thing, instead of concentrating on the user and ensuring they get the smoothest upgrade/download experience.

It has not been a good couple of weeks for Microsoft, at least not when it comes to how the online search space is fanning out anyway. Following on from the refusal of yahoo to take the Microsoft buy out bid seriously, comes the news that it is jumping into bed with Google instead. If it were not bad enough that Yahoo didn't see the Microsoft bid of some $9 billion in cash and $1 billion every year in a revenue sharing scheme as serious enough, the news that it had decided to opt for an advertising deal with Google must have been hard to swallow. Especially when you examine the terms of that agreement, which seem to suggest that as far as Yahoo is concerned Google is the real powerhouse and not Microsoft.

We all know by now that the deal means Google places search ads on Yahoo next to results, and that Yahoo reckons this will be worth some $800 million in annual revenue, boosting cash flow by as much as $450 million over the course of the next year. But what is only just coming to light are the terms of that arrangement, and particularly the ones that pertain to what happens if Yahoo is bought out in the next couple of years.

Amazingly, Yahoo has agreed to a kill fee with Google that would see it paying a stonkingly large $250 million settlement if ownership changes, or even if 50 percent of …

There ain't no such thing as a free lunch, as I learned a long time ago while eating my soup and being forced to listen to a product pitch from some marketing droid straight out of college. I thought I was going to get an inside edge on technology developments at the company, instead I found myself in a world of pain where apparently the use of the word 'leverage' at least twice a minute was compulsory. I mention this because I always get goosebumps when the term 'free software' is bandied about, all too aware that all too often it is nothing of the sort. From the blatant marketing message (the software is free, but then so are the adverts that eat the screen space) through to the 'actually it's a demo and you need to pay up after a month, when you've already invested your time inputting all that data' definition of free. The small print usually explains all of this, naturally enough, but then nobody reads the small print do they?

Certainly that would appear to be the conclusion of the Federal Trade Commission which has come to a settlement with one company over a charge that it had offered free software that ended up costing customers dearly. According to reports a free CD of software was offered in return for a minimal shipping and handling fee, quickly followed by another offer of more free software for those who signed up. The catch, says …

> Where did you get the $200M figure from?

Seems to be from the news story which the link arrives at, on the PC Pro magazine website.

Following announcements at the Microsoft Tech Ed IT Professionals 2008 conference in Orlando this week, it would appear that Internet Explorer 8 will concentrate on getting things right for the business user. This means a focus on deployment issues, a focus on improving compatibility and updates to the IE admin kit. Microsoft product managers writing on the official IEBlog have confirmed some of the measures that are to be taken in order to "help IT Professionals deploy and manage IE8 within their organization."

As a result of questioning more than 2000 IT professionals over the course of the last year, Microsoft has learned that some topics crop up more often than others when it comes to concerns surrounding the deployment of software in an enterprise. Such things as managing updates and upgrades, application compatibility and data security. In order to satisfy these users that Microsoft is listening to their input and taking appropriate action during the IE8 development process, it has been announced that some of the new features will include:

Slipstream Support to allow IE8 to be added into a Vista image so that deployments of the OS will effectively already come with Internet Explorer 8. Slipstreaming of IE8 cumulative updates will also be possible.

New events will be added to the Application Compatibility Toolkit (ACT) in order to improve the detection and resolution of potential issues between IE8 and other existing internal applications and web sites.

The addition of Group …

With Father's Day here in the UK fast approaching (hint for my own kids: it's on Sunday!) research published today by the world's 2nd largest digital music store, eMusic, suggests that nearly half of us lie about the music we have on our iPod. It seems that us Dads are caving in to the cultural pressure to stay young and keep up with the kids as far as new musical trends and genres are concerned, yet to do so 46 percent are living a lie with regard to what they listen to and what they know.

The eMusic survey argues that 'Festival Fathers' are trying too hard to appear cool and as a result end up trying desperately to impress friends and family with their familiarity regarding new music by lying about recent MP3 downloads. Some 35 percent of dads said that it was more difficult to keep up with new music after embracing fatherhood, and for those aged between 30 and 34 the pressure to listen and download is greatest with 51 percent admitting to a musical fib or three. London Dads are the most dishonest it would appear, two thirds have told a mistruth, while older Dads in the East of England are the most honest - only 29 percent have fibbed about the tracks on their playlists.

Let's be straight about this, not all Download Dads are experiencing the musical midlife crisis. In fact 47 percent download new music every month, with 21 …

I don't know many young people who are going to get all excited about politics by watching a video of a bunch of old people, and we are probably talking about an average age of 70 or so here, dryly recounting how important they all are.

Yes, it is good for the Lords to be thinking about these things, but the execution is all wrong and more likely to put kids off rather than motivate them into finding out more.

Where are Mulder and Scully when you need them to investigate a mystery? The paranormal technology happening I am referring to is the strange case of the UK House of Lords publishing a handful of short videos on YouTube. The idea is OK, in that it has been designed to encourage youngsters to get involved with politics. But seriously, have you seen the bunch of old duffers that fill the House of Lords? I don't have the actual figures, but my guess is the average age of a Lord is probably about 80. If I were a teenager stumbling across Baroness Hayman explaining how there are two houses of parliament, or Baroness Williams of Crosby describing how the Lords examine new bills coming their way, let alone Lord Tyler banging on about how important they are then the last thing I would want to do is get involved with politics.

Kudos to their Lordships for embracing modern technology, but when it comes to energising an electorate, using YouTube to generate a passionate interest in politics then well, it's not exactly in the same ballpark as Obama. I got a sneak preview of the videos before the official launch today, and oh boy did it help me get to sleep. On the bright side, the videos do make the Lords of the Blog website seem positively upbeat and believe me that takes some doing.

Commenting on the launch of the House of Lords YouTube videos …

Thanks! Although I feel more 'knackered' than 'awesome' at the moment. :)

Andrew Cuomo, New York Attorney General, has been fighting one of those fights that you sadly cannot win: to rid the Internet of child pornography. Believe me, as a father of four I would love to say that it was possible but as a technology journalist with some 20 years experience of writing about the online world and the people who inhabit it I know that it isn't. It would take a sea change in terms of international cooperation, both legal and political, for starters and that's without even thinking about the technological hurdles that would need to be jumped. Still, according to the New York Times Cuomo has won a small victory in the battle against the paedophiles, even if the war itself looks set to wage on indefinitely.

That victory comes as three of the bigger US service providers have agreed to block child sex abuse sites and bulletin boards alike. Sprint, Time Warner Cable and Verizon have all come clean and admitted that they will bring a broad brush to the likes of Usenet which has been exploited by paedophiles as both an avenue of communication and a system of image exchange for as long as I can remember.

The Inquirer reveals that coming to this conclusion was not as straightforward as you might imagine, however. "Despite the fact that service providers clearly state in their customer service agreements that certain activity (including child sex abuse) is severely discouraged, they rarely do anything …

Sits back with a large coffee and a fire-proof shield to watch the flames come in...

Google has made 13 new features available to users of its Gmail service, although you do have to dig into the 'labs' settings in order to enable them. Remember also that Gmail is one of those long-term Beta test services that Google seems to specialise in (although word is that it will be coming out of Beta real soon now) so in effect, as these new features are in the experimental labs bit of the configuration settings, you will be getting what might best be referred to as Beta Beta test functionality. I think.

Anyway, that slight grip apart, what is actually on offer from Google here? Well, there's the Quick Link tool that adds a box to the left column enabling single-click access to any bookmarkable URL directly within Google Mail, which is rather neat. It means you can save frequent searches, important individual messages and the like. Then there is the slightly less impressive Superstars feature which, err, adds additional star icons - like we really need those. The Pictures in Chat function is pretty self-explanatory, as is the always annoying Random Signature feature. OK, so that's 4 down so far, 3 of which I could easily do without. Moving on then, we have the Fixed Width Font function, hooray, which at lasts adds an option to reply drop-down menu to view a message in a fixed width font and display it properly at that. I also like the Custom Keyboard Shortcuts enabling custom mapping …

Kaspersky Lab is warning the public at large to be on the lookout for a new version of the blackmail virus Gpcode which has started to appear in the wild. This particularly nasty twist on the virus format encrypts your files using an RSA encryption algorithm, this time with a 1024-bit key. In order to get your file access back, the virus author offers to sell you a decryption tool. Straightforward blackmail for the digital age, and if those files are critical to your work or contain vital personal data then you might just consider giving in and paying up.

Kaspersky, of course, has seen Gpcode before. In fact, it has managed to thwart the efforts of the virus authors in previous versions by cracking the private encryption keys using in-depth and time consuming cryptographic analysis of the RSA algorithm implementation. The last time around a 660-bit key was used, which Kaspersky says would take a single 2.2Ghz PC some 30 years to crack alone. Unfortunately, in the two years that have followed, the author has tweaked his code to fix previous errors which allowed that analysis to take place and added a 1024-bit encryption key which Kaspersky has been unable to crack so far.

Unless any errors are found it is, to be honest, unlikely that a key of this length will be cracked. Which means that if you do get infected, and if your files do get encrypted, then the only decryption option would appear to …

Verdict Research has published a report which suggests that the credit crunch is benefiting web-based businesses as consumers in the UK flock to the Internet in search of money saving bargains. With £15bn ($30bn) spent online by UK consumers in the last 12 months, according to the research, this equates to a rise of 33 percent over the previous year and interestingly also represents an increase some ten times faster that the same period for the overall retail sector. Online retail in the UK, says Verdict, will grow to £45bn ($90bn) within just four years or around 14 percent of the total amount of money being spent by UK consumers. But in the rush to beat the credit crunch, are consumers overlooking the fact that there are those who would seek to turn their profit seeking into misery?

Symantec, has also produced research under the banner of the Norton Online Living Report which suggests that while the UK has 96 percent of adults saying that they shop online at least sometimes, ten percent of UK online adults have also had someone use their credit card online without approval. That's the highest level of online credit card crime in the world.

Symantec's latest global Internet Security Threat Report revealed that an underground online economy exists in which criminal data is sold supermarket style, piled high and sold cheap. Indeed, it's possible to buy a bundle of 50 active stolen …

The Malicious software (malware): a security threat to the Internet economy report published by the Organisation for Economic Co-operation and Development over the weekend suggests that the PC malware infection rate in the US has hit 25 percent. These OECD cybercrime infection findings are highly disturbing, admits Geoff Sweeney, CTO with behavioural analysis IT security specialists Tier-3 (whose customers spread across major corporations and governments the world over) but nonetheless are accurate. In fact, the figures confirm the companies own findings with regards to infections. OECD says in the report that while the economic and social impacts of malware may indeed be somewhat hard to quantify, there is no doubting that when used directly or indirectly can harm critical information infrastructures resulting in financial loss. Malware, the OECD warns, therefore plays a pivotal role in the erosion of trust issues that the Internet economy is currently facing.

"PC infections are a lot more prevalent than many corporates realise, mainly because many go unnoticed for long periods of time, until IT security software vendors get around to updating their applications to counter the specific malware involved" Sweeney told me, adding "The Internet has become the modern equivalent of the Wild West. For most companies it's become as essential as the telephone, but it is far, far more dangerous." There is little doubt in Sweeney's mind that the assertion within the report that such a simple act as connecting a computer to the Internet can effectively mobilise …

According to reports the most serious forthcoming threats to IT security will be revealed during the Gartner Security Summit in Washington this coming week, and it looms like the consumerization of IT will be right there front of stage. Something that Gartner research fellow, John Pascatore, describes as the Gen X - Gen Y problem. In other words, the users who have grown up with a social networking model as the norm being expected to follow an old school approach to IT security which dictates what resources you can use and when and where you can use them. But with the social networking model spilling over into the enterprise, it is almost inevitable that a new generation of threats will emerge that demands a new generation of security thinking.

As Pescatore puts it “the old IT model that tells you what you can do and use is breaking.”

So what is being done to fix the problem, what are the threats that will emerge and how can you protect against them? Unsurprisingly Gartner is not revealing too much of the new security threat landscape ahead of that security summit next week, however Pescatore has given Dark Reading some clues. "Among the main threats on Gartner’s list: attacks on SaaS providers, social network subversion, and desktop utility application attacks" the security site reports.

SaaS seems to be the main focus from what I can read between the lines, with Gartner expecting attackers to "streamline their attacks …

Nope. I see the downloads being, primarily, existing users upgrading and not new Firefox users. I hope I am proved wrong :-)

Set a Firefox world record on Download Day is the message being trumpeted loud and clear from Mozilla HQ as the launch of the Firefox 3.0 web browser gets ever closer. It seems that the Mozilla people are serious as well, with talk of an official Guinness World Record ratification for the most downloads of a piece of software in 24 hours being pushed for here. "It’s a whole lot easier and safer than donning a beard of bees or underwater jump roping" proclaims the Mozilla Blog, continuing "with your help the Firefox community can go down in history!"

Now I am not averse to a little innovative marketing, and let's face it Mozilla and Firefox certainly know how to milk the hyperbole cow, but I cannot help but wonder if downloads in a day is the record they ought to be aiming at. Surely the only one that really counts is biggest share of the web browser market, and I honestly do not see Microsoft fretting too much about losing that particular place in the Internet record books any time soon. Even with the might of the open source movement behind it, the undeniable public distaste for the Microsoft machine and ongoing security and privacy stories bringing negative publicity to Internet Explorer while bigging up the Mozilla product; even with all that going for it Firefox can still only lay claim to a 22 percent market share in the US and 29 percent in …

File under the strange things that social networking sites think will stop sex offenders, or maybe that should be really stupid things because Faceparty has reportedly deleted the accounts of most of its users who are over the age of 36 for just that reasoning. Yep, although it beggars belief, Out-Law.com says that Faceparty claims UK Government law is behind the move even though the particular legislation in question has yet to come into force. It reports that a "huge number of accounts" have been deleted for a number of reasons to do with filtering out the potential sexual predators, and cites being over 36 amongst them.

The most remarkable thing here is that a Faceparty explanation of the move attempts to justify it by stating that it understand "only a minority of older users are sex offenders" but goes on to plead that "you must understand that we cannot tell which."

Oh well, that's OK then. Best delete all male accounts as most sex offenders are not female, in order to catch all of them. Oh, and all the female ones as well as many sex offenders pretend to be young females in order to entrap their victims. Can't tell which, so shut 'em all down.

This is the knee jerk mentality taken to its ultimate conclusion, it seems to me.

Apparently the UK Government is to blame because it has passed the Criminal Justice and Immigration Act 2008 which includes …

Reports are filtering through that delegates at the annual Australian AusCERT security conference were given USB sticks replete with malware. It would appear that the Oz telco Telstra handed out the memory sticks, unware of the malware payload, during a security tutorial of all things.

The malware apparently took advantage of the Windows autorun feature in order to transfer itself onto whatever host the stick got plugged into, well whatever Windows host that is. As luck would have it, the particular malware in question is only rated as being a low risk according to McAfee which has examined one of the rogue devices.

Being a journalist who specializes in IT security pretty much these days, and so who gets to attend a lot of security conferences, I cannot say I am altogether surprised. I have lost count of the number of such events where I have been able to quickly scan and detect numerous unsecured wireless networks and where 'researchers' attend with the express intention of finding such security holes and jumping in with both feet to see what resources can be compromised. Often it is the people who should know best who seem most liable to suffer from complacency, and security conferences are a great example of this genre of should have known better syndrome.

I was at a huge security conference in Europe last year where the press room had open terminals for use by journalists to file reports, check email and do …

In a comprehensive review of the new ZonaAlarm virtualized security environment that is ForceField, Roger Grimes praises the elegant user interface. While admitting to being a big fan of Check Point and the ZoneAlarm brand, Grimes remains skeptical of these kind of virtualization products and it would appear with good reason: because he reveals that the sandbox security client still allowed his test system to be compromised by malware within sixty seconds of browsing.

"ForceField did stop many malicious Web sites from loading and many malicious programs from being installed" Grimes says "it reported stopping more than 16,000 threats from the first seven sites I visited, but my network sniffer showed the true number to be below 60. I'm not sure how ForceField is counting threats."

The reviewer also discovered "many false negatives" and found that ForceField failed to prevent a number of malware infections. "One rootkit was installed as a service" Grimes warns "and several others installed using malformed multimedia content."

According to the UK government, new proposals within the Communications Data Bill are being put forward in order to prevent and detect crime as well as protect national security. The government argues that unless legislation is amended to reflect changes in technology, the ability of public authorities to counter criminal and terrorist activity will be undermined. According to Jonathan Bamford, the Assistant Information Commissioner in the UK, the proposed Bill sees us once again "sleepwalking into a surveillance society."

Bamford is not alone in this view, unsurprisingly so when you consider that the changes to the law would, in effect, usher in the potential to create a new national database containing details of every telephone call and every email sent in the UK along with information coverage individual Internet access usage.

As Jamie Cowper from PGP Corporation says "You've got to admire the government's gall in attempting to bring in yet another 'super-database' with public confidence still in tatters over recent lapses in data protection. Surely it would be more logical to initially focus on fixing the existing databases and proving their security before introducing new ones?"

Ah yes, he has a point there. This is, after all, the same government which 'lost' the confidential banking data of 25 million people just last year, the latest in a long catalogue of data disasters which prove, if nothing else, that the government really cannot be trusted with our private information.

Brian Spector, general manager of …

You really could not make this up, despite the fact that the computer bugs in question are called 'crazy rasberry ants' and reported quotes from victims range from the ridiculous "If you’ve seen a car racing, that’s how they are. They’re going fast, fast, fast. They’re crazy" to the sublimely ridiculous "You'd get 3,000 or 4,000 ants inside and they create arcs. They'll wipe out any computer." Yet apparently it is real and the ants have invaded Houston by the billion, consuming pretty much any electronic goods that get in the way.

It seems that the little critters came in aboard a cargo ship, and are related to a species known to inhabit the Caribbean area. So far there are reports of everything from computers to burglar alarm systems, electricity meters to telephone exchanges and, yes, even the sacred iPod being destroyed by the ravenous insects.

If proof were needed as to how serious the threat is then you only have to listen to the man after whom the ants are named: bug exterminator Tom Rasberry. He warns that the NASA Johnson Space Center has called in the bug hunters and claims that NASA already has colonies of the critters on-site. "It could devastate the facility" he says.

My favourite quote comes from The Times which has a resident who has been sweeping up the ants from her patio and scooping them out of her pool by the cupful as saying

Spam is annoying, resource consuming, malware driven and often offensive. It is also nothing if not responsive to market needs. This can be seen in the market driven swing from pharmaceutical and health related spam which has pretty much dominated the landscape during the last couple of years, to the product based stuff that pushes replica designer clothing and Rolex watches for example. New data released by email filtering specialists at the Marshall TRACE security team suggests that the two year long reign of health-related spam is over, and considering that this accounted for 75 percent of all spam in circulation during that period according to the Marshall statistics, it is quite some news.

Of course, there is always going to be some crossover when it comes to the small matter of spam and replica products. Just how much of the Viagra being sold on-line through the spam route do you really think is the genuine article? I would be surprised if anything beyond a limp 10 percent of those little blue pills have been anywhere near the Pfizer factory or, indeed, contain any sildenafil citrate. The deflated purchasers are unlikely to be aware of this until the most unfortunate of timed moments.

However, there can be little doubting that spammers are responding to market demand. Especially the handful of major spammers which all but control the global spam distribution chain courtesy of the size of the botnets under their control. Marshall says it has noticed …

Have you ever wondered exactly how a botnet works? A wotnet, you ask? A botnet, I say. You know, the thing that your computer might well be a part of, without your knowledge or approval, which is used to launch distributed denial of service attacks, send spam, distribute malware and above all else make the criminal gangs that control them lots and lots of money. Now are you ever so slightly curious as to how a botnet works, how it does the Borg thing and assimilates your computing resources, what damage it does, how much money it makes and how you can prevent yourself from being just another statistic? Thought so.

Vitaly Kamlyuk is a senior virus analyst with Kaspersky Lab and has just published the first part of what promises to be one the most accessible and complete studies of The Botnet Business at Viruslist.com

"It's the spammers who understand the real value of botnets. According to our data, an average spammer makes $50,000 – $100,000 a year" Kamlyuk says, adding that another option for making money illegally using botnets is "based on leasing them or selling entire networks. Creating botnets for sale is also a lucrative criminal business."

Storm and Mayday are covered in some detail in this analytical article, and it really is rather fascinating stuff for anyone with event the slightest interest in understanding why the IT security landscape is littered with spam, malware and misunderstanding.

Kamlyuk concludes, …

According to security experts Sophos a man has been arrested after allegedly trying to sell a hard drive which had previously belonged to Formula One racing driver Adrian Sutil and contained personal and financial data.

The police in Germany are said to be questioning the man regarding a blackmail attempt concerning both Sutil and fellow F1 driver, and global media sensation, Lewis Hamilton. Reports suggest that the man, currently only being referred to as Dieter, had tried to sell the disk to Bild Motorsport magazine, a racing enthusiast publication in Germany, for 10,000 Euros. And the reason for any media interest in such a mundane thing? The usual combination of ignorance over exactly what data remains on your PC when you dispose of it, and greed. Not just the financial greed of the blackmailer, but the greed of the media and the general public for information about any given celebrity.

In this case the hard drive was said to contain "personal information, details of Swiss bank account transactions, photographs, and private correspondence between the 25-year-old German who drives for Force India, and his racing ace friend, Lewis Hamilton." The drive had been disposed of a year earlier by Adrian Sutil's father Jorge who had failed to properly remove all the data it contained before dumping it.

German police set up a classic sting operation after being tipped off by the magazine, and undercover detectives arrested Dieter at an autobahn service station outside Munich where he …

News is breaking that Microsoft is preparing a 65nm GPU for the next Xbox 360, codename Jasper and due in August. The most recent updates to the ever popular games console, namely the Falcon revision, seem to have helped a lot with RRoD failure: also known as Red Ring of Death. This occurs when the system overheats, burns and crashes with a telltale three flashing red light rings to the front of the console. It has blighted the hardware since launch, and has yet to go away completely. Falcon improved the cooling capability and reduced the size of the CPU die to 65nm.

Which is where Jasper comes in, with its 65nm GPU to replace the current 90nm one which is still proving problematical. This is said to run much cooler and so reduce the overheating issue which is at the heart of the RRoD failures.

Hopefully, by the time the extended 3 year warranties which Microsoft introduced by way of calming tension amongst an unhappy gaming fraternity over the RRoD failures, a new Xbox will be with us. Microsoft is currently working on a next generation version of the 360 which has the codename Valhalla and will integrate CPU and GPU into a single unit. While this will result, we are told, in a cheaper production process it is as yet unclear if this will translate into a cheaper console (unlikely) or a cooler one (hopefully it will.)

A report entitled "Exploiting the Trust Hierarchy among Email Servers" published by Pablo Ximenes from the University of PR at Mayaguez, USA and Andre dos Santos at the State University of Ceara, Brazil suggests that Google Mail is flawed in such a way so as to turn it into massive spam machine.

The report says that the researchers have uncovered a flaw in Google's free email service, Gmail, and that it "presents a vulnerability report and a proof of concept attack that demonstrate how anyone with no special internet access privileges other than being able to connect to SMTP (TCP port 25) and HTTP (TCP port 80) servers is able to exploit a single Gmail Account in order to be granted nearly unrestricted access to Google’s massive white-listed SMTP relay infrastructure."

If true, this vulnerability would enable an attacker to bypass both blacklist and whitelist filtering as well as easily forge all the fields within a message, in effect tricking the Google SMTP servers into functioning as an open relay.

Ximenes and dos Santos say "we were able to confirm that this vulnerability is indeed exploitable by assembling a proof of concept (PoC) attack that allowed us to use one single Gmail account to send bulk messages to more than 4,000 email targets (which surpasses Gmail’s 500 messages limit for bulk messages). Although we have limited the number of messages in our example to 4,000+, no counter measures took place that would have prevented us …

It has emerged that Belgium is the latest country to feel the force of the Chinese cyber-super-power, with Belgian ministers claiming that state sponsored hackers have been targeting Federal Government computers. The Justice Minister in Belgium, Jo Vandeurzen, has claimed that the spate of hacking attacks also reported to parliament by Foreign Affairs Minister Karel De Gucht, definitely originated in China and are likely to have been at the direct bequest of the Beijing Government.

Of course, Belgium has no need to feel lonely in the face of this apparent Chinese cyberspy attention. As recently as September 2007 the Pentagon computers serving the office of the US Defense Secretary, Robert Gates, also came under attack and the hackers were thought to have been members of the Chinese People's Liberation Army. Googling the subject brings up a whole heap of similar reports, with both the British and German Governments being victim of suspected hacker attack by PLA operatives.

"Spying has been going on between countries for thousands of years, and it would be foolish to think that countries like China would not take advantage of computers and the internet to assist them in this" says Graham Cluley, Senior technology Consultant at security experts Sophos who adds "It is unusual, however, for a nation to accuse another of engaging in this activity - especially when it can be extraordinarily difficult to prove an attack is being sponsored by a government or is a lone hacker acting …

I think we should tax the morons who insist on sharing their music with us on the train/tube/bus/street or just about anywhere in fact, courtesy of the crappy little speakers on their mobile phone.

Not that I have a bee in my bonnet about being forced to listen to a tinny rendition of some, as it inevitably always is, tedious dance track.

I do find that being over six feet tall and heavily tattooed helps in these circumstances though...

Microsoft has launched a new add-in, designed specifically to simplify the process of creating content that is accessible for visually impaired and what it refers to as 'print disabled' individuals. The new Save as DAISY XML add-in is open source, being developed in conjunction with the Digital Accessible Information System (DAISY) Consortium, and will convert Open XML based files into DAISY.XML which is part of the globally recognized DAISY standard for reading and publishing navigable multimedia content.

With groups like the World health Organization and the World Blind Union telling us that the global visually impaired population stands at more than 160 million currently, and that is without counting the additional hundreds of millions who fall into the 'print disabled' category courtesy of physical, developmental or learning disabilities, the need for something like DAISY does not really need much explaining nor a hard sell. By providing free and global access to the add-in though, Microsoft is doing its part because it helps support access information contained within literally billions of MS Office Word documents in circulation.

This news should be of particular interest to the DaniWeb development community as it allows anyone working on a project to utilize the open source code when building those new applications that are aimed at the millions of global Office users who are likely to benefit from this add-in. "Because it's part of a familiar tool, this plug-in for Microsoft Office Word significantly reduces the friction for content …

The trouble with being a mobile kind of guy is that the proliferation of mobile gadgets that I tend to carry around with me demand a small suitcase to bring the power supplies along if I am to be away from home for longer than a day or so. Sure, battery longevity is improving all the time, and convergence means that I can carry multiple technologies with me in a single gadget these days, but the power supply problem remains. If I want to travel light and leave the laptop at home, that means I don’t want to fill a laptop sized bag up with plugs, PSUs and cables to be honest. Which is where portable multi-purpose chargers come in, such as the Devotec Solar Charger.

This tiny device measures just 95x43x10mm and weighs in at 80g, that’s about the same size as a 1st generation iPod Nano in case you were wondering, but manages to pack enough punch to charge the average BlackBerry or MP3 player twice before needing to be re-charged itself. The built-in 1800mAh Lithium Ion battery pack can be topped up by way of a small AC adaptor (well at least it’s just the one to replace the handful you might otherwise have to pack), a USB cable or, as the name suggests, from good old fashioned sunlight. I have been using it in cahoots with an optional USB travel plug which means that I can charge it up from the mains no …

I think the scope and complexity of the project, for the time, pretty much covers that.

Rather aptly located in the heart of Silicon Valley, the Computer History Museum will open its doors to the Charles Babbage Difference Engine Number 2 on May 10th. One of only two such working devices in existence, the first being housed within the Science Museum in London, the Babbage Engine holds a priveleged position as being the first truly automatic computing engine design in the world. Babbage (1791-1871) himself failed to build a complete working model of his design, through a lack of money and the sheer scope of the project, hardly surprising when we are talking about Victorian times here after all. It took 150 years after he drew up the designs for them to be constructed for the first time, with the first engine being completed in London during 2002.

It has taken historical engineers at the London Science Museum some three and a half years to construct this fully working example which weighs in at five tons and contains no less than 8000 component parts. Commissioned by Nathan Myhrvold, CEO of Intellectual Ventures and former CTO of Microsoft, the Babbage Engine Number 2 will be on display for one year and visitors to the Computer History Museum will have the unprecedented opportunity to see and hear the mechanical Engine working.

“Babbage died embittered and unacknowledged” said Doron D. Swade, Director of the Babbage Project and curator of the Babbage Engine Exhibit “This Engine memorializes the first computer pioneer, and closes an …

Threat statistics just released by managed security company Network Box reveals that phishing attacks now account for 67 percent of all malware by volume. This compares with just 24 percent in February and 48 percent in March, suggesting that the phishers are continuing to be successful where other distribution and infection mechanisms are failing.

When it comes to the geographic source of distribution, look no further than the USA which dominates the landscape for pushing out spam and malware. Indeed, it retains the unwanted title for the fourth consecutive month according to Network Box figures. What's more, those figures suggest that with the US accounting for some 14 percent of all junk mail during April it is almost twice as busy as nearest spamming rival, China, with just 8 percent. Unfortunately, the report makes just as bad reading when it comes to virus distribution, with the US hitting 21 percent while second place Spain can only manage a measly 6 percent total for April. This time China comes in third, a point down on 5 percent.

The USA can take a little respite when it comes to intrusions though, sitting as it does in second place with 14 percent which is a little behind the overall 'winner' in this category: the combined Koreas on 16 percent.

Simon Heron, Internet Security Analyst, Network Box, says: "Like spam, phishing attacks are unlikely to disappear completely because they are relatively easy to script and incredibly easy to distribute. …

File under very strange but oh so true: Google has launched a bunch of new themes for the iGoogle personalised homepage by artists as diverse as Rolf Harris and Ronnie Wood. These iGoogle skins can be used freely to decorate and personalise your iGoogle homepage, apparently.

I am not sure I would want the Rolling Stones to take over Google, but am absolutely certain I don't want Rolf Harris, he of the 'can you tell what it is yet' catch-phrase, anywhere near my search results.

Rolf, once voted the most popular artist in the world by people who one has to assume did not take appreciation of art lessons in school, has stated that "Most of us use the internet daily and to have painted a theme which anyone, on the internet anywhere in the world, can access is an amazing thought. My iGoogle theme evolves according to the time of day and the painting takes on different colours and tones so that the screen reflects the time whether you are in Brighton or Bangalore."

Cool, but does it involve having to listen to cover versions of rock classics with 'wobble-board' added?

Seriously though, it seems that Google is teaming up with these celebrities from around the planet in order "to provide a creative way for users to experience the web in a richer, more colourful and more customizable way." You can check it out for yourself here.

Or alternatively you can ask …

Security vendor PC Tools has published the source code and mathematical algorithm used in the domain name generation technique applied by the latest Kraken bot variant, Bobax. Analysis by researchers at PC Tools has uncovered how Bobax talks to control centres via HTTP using pseudo-random DNS names with a variable seven to twelve character length followed by a number of default suffixes in order to evade host intrusion prevention systems. Of course, commands and data will be encrypted for transmission but there are also randomly generated faked headers employed in a further attempt to stay well below the security scanner radar.

The random word generator employed by Kraken is of particular interest as it is capable, in the Bobax variant at least, of dynamically constructing these random words using properly matched vowels and consonants by way of an internal rule based system which ensures that the random vowels and random consonants are only used when the word will still make sense. This means that a randomly generated word will be followed by a bot selected string, one of thirty three common English language suffixes. By using these default adjective, adverb, noun and verb suffixes such as -able, -ency or -hood for example, the bot is able to better avoid detection.

"Essentially what we are looking at is an artificial English word generator, which follows common English grammar rules and produces words of similar appearance to those in the English language" says Sergei Shevchenko, Senior Malware Researcher …

Speaking at the Westminster eForum on Web 2.0 in London, the VP of legislative affairs with AT&T, Jim Cicconi, has claimed that without investment the Internet's current network architecture will be at full capacity by 2010. That's just 24 short months from now, and with the ever increasing volume of video and user-generated content that is constantly being uploaded it is hardly surprising.

VeriSign, are certainly not surprised, and have been arguing for some time that the Internet is full and we need to get off - or at least get on with increasing capability to cope with this increased capacity requirement. It has already announced an expansion to its Project Titan initiative designed to strengthen, protect and make structural upgrades to the Internet's infrastructure and increase its internet infrastructure ten fold by 2010.

Among the upgrades announced are:

• Adding additional network operations centers in the eastern United States and Northern Europe to manage and provide increased redundancy for Internet traffic. These sites expand VeriSign's data center capacity and diversify its locations to improve Internet traffic management and counter region-specific cyber attacks and threats.
  
• Increasing its daily Domain Name System (DNS) query capacity from 400 billion queries a day to more than 4 trillion queries a day and scaling its proprietary constellation of resolution systems to increase their bandwidth from over 20 gigabits per second (Gbps) to greater than 200 Gbps.
  
• Distributing its infrastructure to more than 100 locations around the …

Can it really be 4 years back that Microsoft produced that always destined to fail product the datacasting SPOT watch? Yep, apparently it can, and apparently it has finally been killed off once and for all. Heck, how could it have succeeded? Cast your mind back to 2004 and think of the exciting new smartphones that were just starting to appear, how mobile phone technology was making that decisive move towards data, how WiFi was a reality. Then think how anyone at Microsoft could seriously expect us to go bananas about a larger than you might like wristwatch, that also cost more than you might like, looked as if it had been created by someone who thought that retro was the same thing as ugly and which expected punters to pay as they went to get stupidly miniscule data fragments (news and weather) that could be found for free, and in full, elsewhere with less fuss. Yet that's exactly what happened, and the SPOT watch was deemed a worthy product to pitch.

Of course, being the tech world and coming from Microsoft, these devices were launched amidst the kind of hype you might expect. Much of it latching on to the vision of the future angle, and ignoring the simple fact that these watches were more Dick than Tracey. I seem to recall, for my eternal shame, that I got caught up in exactly that whirlpool of future gazing hyperbole at the time. In my defence, I am happy …

There has been plenty of speculation regarding the what and when of the next generation iPhone from Apple, with some claiming to have laid hands on the device already and others citing new features a-plenty. So far the most reliable reports would appear to have come from the direction of Engadget which claims "on authority" that a "trusted source" has played with one and can reveal it has 3G capability and proper GPS built in.

Other changes would seem to be to the look and feel, with he metal backplate being replaced by a full glossy black finished casing all the way from top to bottom. To contrast with this all black look, some bling is introduced by the addition of chrome plated volume buttons.

One assumes because of the GPS capability, and judging by the experience of other handsets which have added this functionality, the iPhone 2 is somewhat thicker than the original although not by enough to make it a handful.

Meanwhile, the other reliable report comes from the direction of InfoWorld which claims that the next generation iPhone will be officially announced by Steve Jobs during his keynote at the Apple Worldwide Developers Conference on June 9th.

All of this would certainly fit with the fact that Apple seems to be clearing out the old stock of original iPhone units in Europe at least, with recent huge and swathing price reductions resulting in there being hardly any …

Mark Furber, MD of a UK strategic online marketing company called NetCallidus, is warning anyone who might be listening that the publicly funded QUAERO European search engine research project is doomed to failure. Expensive failure at that: Furber says that the project, hyped as at the Euro equivalent of Google (don't we already have one of those, and it is called Google) will cost £75 million before vanishing into the ether. Something that Furber says is ridiculous as Internet technology will have significantly changed by 2013.

Some, of course, might accuse Furber of doing nothing more than a little strategic online marketing of his own company here with this press release. Certainly some of the claims made bear a little closer inspection. First there is the small matter of that money, European yes but not in the sense that everyone in Europe is contributing. It turns out that QUAERO was actually awarded £75 million by the French government, something the press release itself admits. Then there is the claim that "a publicly funded project like this has no chance of overtaking Google, even if that money was spent on development over one year, not five." The truth is, of course, that nobody could have predicted the rise to greatness in such a short period of time with Google itself. But it happened. Sure, the landscape is different today, but when it comes to Internet technologies anything is still possible, if not probable in this case. …

Jim Gamble, the chief executive of the Child Exploitation and Online Protection (CEOP) Centre has warned paedophiles who use the Internet that they will be tracked down and brought before the courts. The warning comes as CEOP figures reveal that the number of suspects arrested during the last year has trebled to 297, with 131 children protected from abuse as a direct result. Taking a tip from the FBI, ten of these offenders who fell into the highest possible risk category were caught after details were posted on the CEOP 'most wanted' website. If further icing were needed on the CEOP cake, a recipe that is less than two years old remember, officers have also managed to infiltrate and dismantle six international paedophile rings after working with other child protection agencies.

The success of this UK based agency really should not be underestimated, it has examined almost one million images of child sex abuse and built up a database of intelligence about offenders as a result. What's more, it has been able to not only identify a number of the victims of abuse from these images but also help to save them from further acts of abuse. This success shows in the number of reports it has received from the public during the last year, 5812 which represents an increase of 76% over the previous year. With 2600 police officers and social workers given training in child abuse matters, and more than 1.7 million kids educated by …

How stupid do you have to be to get caught by spam email with the subject line of 'we caught you naked [your name] - check the video' is a question I have been asking myself today. Not because I have been caught naked, and if I had my only concern would have been for the poor soul subjected to the visual ordeal. Not even because I have received such a spam myself, at least not that I am aware of as my spam trap would have swallowed it whole and spat it out in bits before I knew about it. Nope, more because I really do feel for the kind of village idiot hopeful who would click on the link to that supposed video.

Of course those who do, and given the fact that this particular one has gone global and is hitting mailboxes as you read this according to the Marshal TRACE security team, will not see the offending (or should that be offensive) video and in fact will not see anything. You will, however, be volunteering your PC resources as part of the globally spamming and malware infecting Srizbi botnet instead.

Srizbi is the biggest of all spam-sending botnets currently plying its trade on the Internet, and according to Marshal is responsible for no less than a whopping 45 percent of all the spam that its own networks identify. Marshal is not alone in making this call, others have also described Srizbi as …

Research by security as a service specialists ScanSafe has proven something that pretty much everyone knew already: namely that people working at home are more likely to view online pornography than those stuck in an office somewhere. I mean, it hardly needed a survey to dig up that little gem, but I guess at least now there are figures to back up the belief.

The survey results reveal remote users of company laptops are actually two and a half times more likely to visit porn sites. However, perhaps the really interesting statistics come when we, or rather those remote workers, look beyond the pornography and start straying into what ScanSafe refer to as 'extreme graphic content' sites. These are some five and a half times more likely to be visited outside of the confines of the office. Almost as popular away from the workplace are sites dealing with illegal activities such as making your own explosives, some four times as often as office bound workers. The serious side to the figures being that all of the above put both the employee and employer at risk of both legal liability and security breach through virus or malware infection.

The survey analysed no less than eight billion web requests, from which ScanSafe looked at requests for the categories mentioned such as porn and illegal activities, then broke those requests down into those from laptop users using the ScanSafe Anywhere+ service and those coming from regular users where employees …

But you are not a woman <runs and ducks> :)

According to IT Pro the Apple iPhone is vulnerable to Denial of Service attacks. These can occur when an iPhone user opens a JavaScript containing HTML page which triggers the vulnerability. An application Denial of Service attack can then crash the Safari browser on the phone, and quite possibly the iPhone itself.

The vulnerability actually lies with the Safari web browser that is used within the latest version 1.1.4 of the Apple iPhone software, and has been uncovered by integrated application delivery solutions outfit Radware which funnily enough is also offering a solution in the form of its own Security Update Service.

Radware warn that the vulnerability, which obviously has to have a user visiting an 'infected' web page using the iPhone in order to trigger the DoS attack, could be driven by a social engineering exploit using either email or SMS text messaging. The browser is vulnerable due to a design flaw that may be triggered by a series of memory allocation operations on the dynamic memory pool, according to Radware. This in turn can trigger a bug in the garbage collector, and the security hole is currently unpatched.

"While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern" says the Security Operation Centre Manager at Radware, Itzik Kotler who continues "hackers continue to misappropriate other people's software and their job is made easier by design flaws embedded into software products".

The New York Times is running a really funny story, but with serious implications, at the moment. It concerns how the online advertising targets particular groups of people using site tracking technology. Apparently, if you have AIDS, cancer or suffer from an erectile dysfunction then your movements will not be tracked in order to throw related advertising in your direction wherever you go. However, if you are dead then expect to be inundated with ads.

You can also expect to be targeted if you suffer from heart failure, warts and Parkinson’s disease – although not all at the same time one has to assume.

It all comes as part of a new Network Advertising Initiative proposal to distinguish between diseases when it comes to advertising, and specifically the behavioral targeting of users for advertising purposes.

It seems that it is an attempt at self-regulation in order to head off government mandates which could impose stricter rules following a Federal Trade Commission report last year. Let’s see what dead people have to say about that shall we…