VERY,VERY HOT READS, I Would Read The News In This Thread This Thead Is To post Any Thing Ye Want About The News,,NEWS WAS MOVED,READ MY FIRST POST..CHEERS
p2p news / p2pnet: Here?s what Google's help entry on censorship used to read:
Google does not censor results for any search term. The order and content of our results are completely automated; we do not manipulate our search results by hand. We believe strongly in allowing the democracy of the web to determine the inclusion and ranking of sites in our search results. To learn more about Google?s search technology, please visit ...
But that's changed, points out Google Blogoscope, quoting Gary Price on SearchEngineWatch.
Here's what the Google Help Center says these days:
Does Google censor search results?
It is Google's policy not to censor search results. However, in response to local laws, regulations, or policies, we may do so. When we remove search results for these reasons, we display a notice on our search results pages. Please note: For some older removals (before March 2005), we may not show a notice at this time.
Oh.
If you're Google, censorship is OK, then.
Microsoft and Yahoo would agree.
Meanwhile, the company is at the same time being roundly criticized for kowtowing to Communist China and warmly praised not kowtowing to US president George W. Bush, who's demanding that the company hand over certain search data in the interests of anti-terrorism.
http://p2pnet.net/story/7756
Ok ireland, i read your first post to this and you said we could post anything here..
First let me say, you have provided us all with a wealth of information.. very detailed informaion on a host of subjects. Thank you very much. Its gonna take me some time to read thru it all. Now for something completely informative, but on another level.
Did you notice someone has a red sharpie in the very left of this picture? I just noticed that, and believe me, i have looked at this picture more than once.. Is that some kind of magic trick? LOL
Gadgets to Go: The Latest in Tech Travel Toys
Small wonders for hitting the road.
PC World
Monday, January 30, 2006; 4:10 AM
Faster, smaller, smarter: The latest mobile gadgets promise to entertain, enlighten, or connect today's tech-savvy traveler. Due to arrive by midyear, these portable powerhouses include a phone fit for video sent via a high-speed network; a pair of USB flash drives with smarts; a durable yet small headset; and a monitor in an eyepiece.
Headset With Staying Power:Nokia wants to steer heavy-duty talkers to its new BH-900 Bluetooth headset. Due in spring for about $100, the BH-900 is rated for an impressive 8 hours of talk time and up to 180 hours of standby time; in addition, the device supports noise cancellation and echo reduction.
Informative Flash Drive:Lexar's JumpDrive Mercury is a USB flash memory device for people who like to know just how much available storage they're packing in their pockets. Expected in April in 1GB and 2GB versions (about $100 and $170, respectively), the drive presents a built-in gauge that indicates how much space is still free.
See It All, Anywhere:If the image on a video iPod seems small to you, eMagin's Eyebud 800 can blow it up--right in your face. Just plug the headset into any video-capable iPod or other personal video player and position its eyepiece close to your right or left eye for an experience eMagin likens to watching a 105-inch screen from a distance of 12 feet. For those who might find the outside world distracting, the Eyebud 800 comes with a rakish eyepatch for the other eye. We photographed a preproduction unit; look for the shipping product this summer with a price tag of about $599.
Fast Phone:Samsung's zx20, due this spring, may look like just another clamshell phone, but it's expected to be the first commercially available handset to support Cingular's HSDPA (High-Speed Downlink Packet Access) BroadbandConnect service. The 3G speed (about 400 to 700 kilobits per second, according to Cingular) should come in handy when you try the phone's video- and music-on-demand capabilities. Pricing will be determined by carriers.
What's On:Royal's EZVue Vista USB flash drive shows the names of stored files or directories on a scrollable two-line display. Versions will range in capacity from 128KB to 1GB, priced from $50 to $150.
p2p news / p2pnet: Will Microsoft's forthcoming Vista spell the end of the security problems which have plagued, and continue to plague, the company.
Not from the look of it, despite a Seattle Times intro to a Q&A with Windows Boss Jim Allchin.
He is, says the story, "putting final touches on software that could finally help people start feeling safe and secure using a PC, if all goes according to plan".
However, that opening to a talk with the retiring (literally, not figuratively) Allchin, who, "gave an overview last week of Windows Vista, the new version of Microsoft's flagship software that Allchin's team is set to deliver before ? the end of 2006," may be a trifle broad.
He said Vista is, "on track to go on sale by the holidays."
But Vista, formerly Longhorn, has for already suffered from one long delay after another and Allchin also says, "I will also make a cautionary notice that I will not ship this product if it doesn't achieve the quality that's demanded by our customers.
"So although everything looks great right now, quality will be the deciding factor. I feel pretty good right now and we'll see how it goes the rest of the year."
Bill and the Boyz haven't so far paid much attention to the quality demanded by their customers, especially when it comes to security issues.
But time will tell.
Meanwhile, "Will you make a version of Vista for Apple computers, now that they're using Intel processors?" ? asks the Seattle Times.
Allchin: We have no plans to move Vista to the Macintosh hardware.
On "all the security advances in Vista," will concern fade away over the next couple of years"? - wonders the Q&A.
That's Allchin's dream he says, "so I'll have to see if my dream comes true. To some degree, when we did Windows 2000 and Windows XP, we worked on trying to take away the reliability stigma that PCs had. By that I mean I don't think people even think about their machines having to be rebooted, not like they used to be in the old days.
"It used to be very common to reboot your Windows 9x machine." It was indeed. In short, the premature release of a faulty product wasn't a problem. But, "I think we did a very good job there," says Allchin.
"I hope we can do the same thing on safety and security with Windows Vista," the story has him saying.
"We are going to do a huge change with Windows Vista on this, but it truly is something that isn't going to go away for a very long time.
"We are going to make it much less of an issue, but it's still going to have to be something that people are aware of."
Also See:
Seattle Times - Q&A with Jim Allchin of Microsoft, January 31, 2006
VSO-Software: New ConvertXtoDVD Version 2.0 Posted by Herbert on 30 January 2006 - 08:39 - Source: VSO Software
The following text is a complete press release, unmodified by CD Freaks. If you don't want to view these kind of news posting you can disable them in your preferences page once logged in. Please send your press releases to news@cdfreaks.com
How to watch your PC movies on any DVD player ?
VSO-Software: New ConvertXtoDVD Version 2.0
VSO Software announces a new product ConvertXtoDVD. This product is actually a new version of the well known DivXtoDVD. This version has integrated the requests through VSO surveys and introduces many new major features.
VSO ConvertXtoDVD allows you to convert and then burn your video files that were originally only playable on your PC so that they are now playable on any DVD Player. ConvertXtoDVD handles your everyday digital multimedia life, extending support beyond AVI files, XviD, MPEG 1/2/4, VOB, MOV, and now WMV 3 and HD formats and more.
We clearly underestimated the common usage of WMV formats in our previous version. We were expecting people to use much more exotic formats when in fact they are still using a lot the default software that comes with Windows! With new support of WMV3, the creation of a DVD from files of your digital camera becomes a 1 click task." says Claire Waledisch which manages a part of the technical support in VSO-Software. Once again VSO-Software listens to their users and has implemented their requests.
One of the most exciting features introduced is the option to create DVD Menu automatically from the conversion file list. You can make a personalized menu as well as define how you would like your DVD to be read (AutoStart the movie, loop the videos ). Therefore, ConvertXtoDVD is a must-have for busy people who want to put TV episodes or their personal camcorder movies onto DVDs with excellent quality.
At a glimpse, the interface of ConvertXtoDVD is clear and easy to use with direct access to essentials functions. But once you become familiar with it , you discover many options to customize your project. For example, by adding subtitles ( .SRT or .SUB/IDX ) with a total control of the font and color. To name a few others, files using multiple audio tracks can be tuned and useless audio can be removed to save space and quality. And last but not least the biggest change made to this version (which is not visible to the user) is the new conversion engine. The engine has been rewritten to handle more cases due to the diversity of the source channels. The engine is now faster and you can set a balance between conversion speed and quality. The DVD looks exactly like your original files.
This new version implements a PULL-DOWN option, extremely advantageous when you need to convert videos from PAL to NTSC or NTSC to PAL, which are the 2 TV Standards.
ConvertXtoDVD contains the VSO Burning engine, used by popular 3rd party software too. You can use your favorite media wether it is DVD+R or -R , double-layer or RW family. We encourage you to look at the VSO Database results posted online a few weeks ago.
You would find interesting results about the best DVD drive manufacturers and media.
ConvertXtoDVD can be purchased online for a cost of 35 euros / USD, but the existing users of DivXtoDVD can upgrade to this version free of charge. The program will be available at the beginning of February
Features and Specifications
* Supported video formats: DivX, XviD, MPEG4, MOV, AVI, WMV, WMV HD, DV, and more...
* Supported sources : existing files, digital camera, TV / Sat , capture card.
* Supported audio formats: AC3, DTS, PCM, OGG, MP3, and more...
* Can merge up to 6 hours of material from several movies or episodes.
* Handles subtitles files (.SRT .SUB/IDX ) with color and font selection
* Video format choice: NTSC, PAL, or automatic and PULL-DOWN
* Picture output: Widescreen, Fullscreen, or automatic
* Create Automatic chapters or edit your owns
* Fast preview mode to check if the source is loaded correctly
* Save the DVD structure on hard drive or burn it to a blank DVD
* Reliable burn engine integrated (supports all DVD formats)
* Customizable interface (themes, dockable windows)
* Variable options and settings for advanced users
* Control of the conversion speed vs quality
* Fast and quality encoder ( typically less than 1 hour for converting 1 movie )
* DVD Menu control ( auto-start, loop etc )
* DVD Menu edition ( background, fond, color )
* Multilingual support (available languages...)
* Optimized for Windows 2000 / XP / Vista
Audioholics interview with Microsoft HD-DVD Program Manager
Posted by Dan Bell on 30 January 2006 - 14:40 - Source: Audioholics
This news is a bit old, but we are getting close to release of the first generation of new equipment concerning the blue laser. We decided to make everyone aware of this interview, just in case you had not seen it like us, we thought better late than never! It seems to hold some information of value that may not be common knowledge and can make for some good discussion points for us here as well. We know already that Microsoft favors the HD-DVD format as they are sure that it is more consumer and PC friendly than the rival Blu-ray, or at least this is the stance at the moment. So, it should be interesting to read an interview held with Sage Schreiner, HD-DVD Program Manager at Microsoft, right? The show being referred to here is of course the CES 2006.
Audioholics: The second question I had is based on some feedback I received from the RCA booth whereby they indicated that the titles were not currently mastered in 1080p. Are you aware of whether the movie studios are planning on re-releasing HD DVD software titles in the 1080p format once the second generation players are available? The overarching question is - are the studios aware of any eventual plans for 1080p and the timeline for these second generation players?
Sage: The initial / first generation content will be encoded at 1920x1080p/24. Case in point, playback from a PC, right now, will output 1920x1080p/24 without doing any conversion steps.
The primary issues around encode quality are: quality of the source, encode method used, and bit rate. Modern codecs, like VC1, are capable of delivering a better quality encode at a more moderate bitrate than MPEG2. The primary limitation you will see with 1st generation movies in either format is the use of MPEG2 to encode, even at high bit rates. On a quality 1920x1080p display, MPEG2 will not look as good as VC1 (or H.264). Most (if not all) of what was on display in the HD DVD booths was VC1. You may want to investigate the actual encoding method of a given movie to really get a handle on its likely quality.
It's not a very long interview, but the questions that they do ask are good ones. To see what else Mr. Sage has to say, head on over to this link at Audioholics!
http://www.cdfreaks.com/news/13009
as below
HD DVD Interview with Microsoft
I was able to interview Sage Schreiner, HD DVD Program Manager at Microsoft, regarding some observations I made at CES this year. These primarily had to do with the differences between Blu-ray Disc and HD DVD in terms of resolution, specs of the released players and the HD DVD media. Here is the interview:
Audioholics: When does HD DVD plan to release 1080p output players? All of what we saw at the show was 1080i.
Sage: The HD DVD players announced so far will not support 1080p outputs -- yet. This is in part because the latest version of HDMI (the only one supporting 1080p as mandatory) is still being finalized. There are CE [consumer electronics] HD DVD players "in the works" that will ship later and are expected to have 1080p outputs, but nothing has yet been announced.
Also note that advanced 1080p displays can also do their own conversions from 1080i to Progressive. There are no limitations in HD DVD as a format (i.e., both BD and HD DVD support the same native formats: 720p/60, 1080i/60, 1080p/30). It?s only a player or a display issue whether there?s a conversion to 1080p/60.
Finally, note that PC playback will always be Progressive playback. Ditto the Toshiba laptop announced at CES; it will playback 1080p.
Audioholics: The second question I had is based n some feedback I received from the RCA booth whereby they indicated that the titles were not currently mastered in 1080p. Are you aware of whether the movie studios are planning on re-releasing HD DVD software titles in the 1080p format once the second generation players are available? The overarching question is - are the studios aware of any eventual plans for 1080p and the timeline for these second generation players?
Sage: The initial / first generation content will be encoded at 1920x1080p/24. Case in point, playback from a PC, right now, will output 1920x1080p/24 without doing any conversion steps.
The primary issues around encode quality are: quality of the source, encode method used, and bit rate. Modern codecs, like VC1, are capable of delivering a better quality encode at a more moderate bitrate than MPEG2. The primary limitation you will see with 1st generation movies in either format is the use of MPEG2 to encode, even at high bit rates. On a quality 1920x1080p display, MPEG2 will not look as good as VC1 (or H.264). Most (if not all) of what was on display in the HD DVD booths was VC1. You may want to investigate the actual encoding method of a given movie to really get a handle on its likely quality.
Audioholics: So even the first generation of media will be encoded in 1080p/24, but HD DVD players (for now) will provide only 1080i/720p support?
Sage: Just to be clear, the content is all 1080p/24, not 1080i. As an FYI, while 720 is an HD format, I don't know of anyone encoding 1st generation movies at 720p.
Audioholics: It seemed that BD did a better job at pushing 1080p/24 and stating that their players will be 1080p compatible when they come out (though there were a few players that claimed 1080i/720p output).
Sage: Again, keep in mind that the content will be encoded in the same format in both BD and HD DVD ? mostly 1080p/24. It?s only a player or display issue whether it?s displayed to 1080i/1080p. Once HDMI is finalized, we expect HD DVD players to begin including 1080p outputs.
By the way, from my own booth touring, the only 1080p BD player that I saw was the Pioneer Elite player. All of the others were 1080i players.
Audioholics: Will Microsoft's Xbox 360 eventually feature a generation 1 HD DVD player (720p/1080i)?
Sage: I don't believe that the specifics of Xbox 360 playback were announced.
Audioholics: I want to make sure that our facts are correct and that we are not missing out on any important factors in our coverage of the two formats. Is there any additional insight or information you would like to provide?
Sage: A couple of additional notes:
* All 1st generation HD DVD players will ship with iHD support, allowing much more flexible interactivity design than DVD.
* All 1st generation HD DVD players will ship with features such as Picture-in-Picture, that content authors can take advantage of.
* All 1st generation HD DVD players will ship with network connectivity.
As you may have seen in TG Daily, key interactive features (e.g., PIP, Networking) won?t be available in the original BD players. Samsung?s player specs in the BDA booth didn?t even include BD-J. So, much of the interactivity in the BD spec is optional.
Audioholics: Thanks a ton for taking the time to speak with us about this and helping to clear up some of the misconceptions associated wth the format and its generation 1 release.
By Ambrose McNevin: Monday 30 January 2006, 12:30
FRIDAY FEBRUARY 3rd 2006 is the final day for businesses, people or interest groups to let Whitehall know what they think about the proposed strategy on transforming government through technology.
In the words of the Ian Watmore, the man behind ?Transformational Government, Enabled by Technology? it is time to move from strategy to delivery.
But you do have a final few days to let him know what you think of his strategy.
Prime Minister, Tony Blair says: ?This strategy has my full support and I?m going to do everything I can to make it happen.?
The strategy document is available online (see below) and covers everything from how the government wants to engage with suppliers (it spends £14 billion annually on technology) to Identity cards.
On I.D. cards it says: ?Identity Management: Government will create an holistic approach to identity management, based on a suite of identity management solutions that enable the public and private sectors to manage risk and provide cost-effective services trusted by customers and stakeholders. These will rationalise electronic gateways and citizen and business record numbers. They will converge towards biometric identity cards and the National Identity Register. This approach will also consider the practical and legal issues of making wider use of the national insurance number to index citizen records as a transition path towards an identity card.?
If you wish to proffer an opinion you can do so by writing to Ian Watmore , former head of egovernment and now head of the Prime Minister?s delivery unit at:
ian.watmore@cabinet-office.x.gsi.gov.uk
Or drop them a line:
Strategy Team, eGovernment Unit, Cabinet Office, 3rd Floor, Stockley House, 130 Wilton Road, London SW1V 1LQ
ADVANCED WINDOWS CARE..........Slow down, freeze and blue-screen crash are over. Advanced WindowsCare thoroughly examines the Windows system, accurately detects the bottlenecks for slowing down and crashing, fixes these problems and repairs Windows. All work will be done with 30 seconds and 1 click. The intuitive interface makes Advanced WindowsCare the perfect tool for Non-IT professionals.....(free).....GO THERE!
http://www.iobit.com/WindowsCare.htm
BURRRN.......... Burrrn is a little tool for creating audio CDs from various audio files. Supported formats are: wav, mp3, MPC, ogg, AAC, mp4, ape, flac, ofr, wv, tta, m3u, pls and fpl playlists and cue sheets. You can also burn EAC?s noncompliant image + cue sheets! Burrrn can read all types of tags from all these formats (including ape tags in mp3). Burrrn uses cdrdao.exe for burning.....free).....GO THERE!
http://www.burrrn.net/?page_id=4
BOOTING FROM USB..........Booting a computer from your USB flash drive may seem like a daunting task, but it is actually quite easy. With the right equipment and some basic knowledge, this very useful technique can be taken advantage of in all sorts of different circumstances .....(free).....GO THERE!
http://www.hddsaver.com/content/18/index.html
WINDOWS ERROR MESSAGES UTILITY.......... MS Windows Error Messages is a small utility that will allow you to look up MS Windows error code numbers and display a descriptive message explaining what the numeric code actually means. If you have software programs that produce numeric error codes now you can find out what they really mean. MS Windows Error Messages also provides a facility to display all of the error codes and messages defined for your version of MS Windows. MS Windows Error Messages will run on MS Windows Millenium Edition and 98 as well as MS Windows 2000 and 95/NT systems (Go to System Utilities).....(free).....GO THERE!
http://www.gregorybraun.com/
p2p news / p2pnet: Professor Ed Felten (left) and Alex Halderman are working on 'Lessons from the Sony CD DRM Episode' in which they're analyzing, "several not-yet-discussed aspects of the XCP and MediaMax CD copy protection technologies" as they try to, "put the Sony CD episode in context and draw lessons for the future".
They're posting section drafts on Felten's Freedom to Tinker Blog, emphasising the sections are part of the draft and shouldn't be formally quoted or cited.
The final, complete version will be posted on Felten's blog.
We have the first three posts here and below, in order of appearance, are the latest two >>>>>>>>>>>>>>>>>>>>>>>
CD DRM: Unauthorized Deactivation Attacks
Freedom to Tinker - January 29, 2006
[Part of the technical core of the paper]
As described previously, active protection methods rely on installing and running software components that interfere when ordinary software tries to access the disc. If an adversary can remove or deactivate the active protection software, then the DRM scheme will fail to prevent arbitrary use or ripping of the music on the disc. In this section we discuss such deactivation attacks.
One attack strategy is to manually deactivate or uninstall the active protection software. This can be done by using standard system administration tools, which are designed to find, characterize, and control the programs installed on a machine. This attack is very difficult to stop if the user has system administrator privileges on the machine.
Deactivating MediaMax
The MediaMax active protection software is simple to deactivate since it is comprised of a single device driver with a consistent service name, sbcphid. The driver can be removed by using the Windows command sc delete sbcphid to stop the driver, and then removing the sbcphid.sys file containing the driver code. Once the driver is deactivated, MediaMax-protected albums can be accessed as if they were unprotected.
Defenses Against Deactivation
To counter these deactivation attacks, a vendor might try to use technical tricks to evade detection and frustrate removal of the active protection software. The best example of this kind of defense is the rootkit-like behavior of XCP, famously discovered by Mark Russinovich [citation], as described earlier.
When XCP installs its active protection software, it also installs a second program?the rootkit?that hides the software?s presence. Specifically, it conceals any file, process, or registry key with a name that begins with the prefix $sys$. The result is that XCP?s main installation directory, and most of its registry keys, and almost all of its individual files and processes are made invisible to normal programs and administration tools.
The rootkit is installed as a kernel-level driver named $sys$aries and set to automatically load early in the boot process. When the rootkit starts, it hooks several Windows system calls by modifying the system service dispatch table, the kernel?s KeServiceDescriptorTable structure. This structure is an array of pointers to the kernel functions that implement basic system calls. The rootkit changes five of these addresses so that they point to functions within the rootkit. When an application invokes one of these patched system calls, it is handled by the rootkit instead of the original function in the kernel. The rootkit calls the real kernel function with the same parameters and filters the results before returning tem to the application.
The system calls intercepted by the rootkit are:
* NtQueryDirectoryFile ? This function is used to list the contents of a directory; the rootkit version filters out directory entries that begin with $sys$, rendering such files and directories invisible to applications.
* NtCreateFile ? This call is used for creating and opening files. The rootkit version returns an invalid filename error when programs attempt to open existing files with names starting with $sys$, protecting XCP?s files from reading or writing by other programs.
* NtQuerySystemInformation ? One use of this function is to obtain a list of running processes. The rootkit filters out any processes with names prefixed by $sys$, making them invisible to other applications.
* NtEnumerateKey ? This function returns a list of the subkeys of a registry key. The rootkit filters the results to remove subkeys with names starting with $sys$. Note that it does not conceal individual fields within the registry (?values'? in Windows parlance) with names starting with $sys$.
* NtOpenKey ? This function opens a registry key for reading or modifying. The rootkit intercepts this function call but does not alter its behavior. Its authors may have intended to restrict access to hidden registry keys in the same way that the hooked NtQueryDirectoryFile call restricts access to hidden files, but for some reason they did not ship a working implementation of this behavior.
The rootkit begins each intercepted function by checking the name of the calling process. If the process?s name begins with $sys$, the rootkit returns the results of the real kernel function without alteration. This allows XCP?s own processes to bypass the rootkit?s filters for a complete view of the system.
The XCP rootkit increases users? vulnerability to many kinds of attacks because it can be used to hide arbitrary software, not just XCP. The rootkit is indiscriminate about what it conceals?any files, registry keys, or processes with names beginning in $sys$ will be hidden. Spyware and malware authors can leverage this functionality on systems where the rootkit is installed. This saves attackers the trouble of installing their own rootkits, but more importantly, it gives them access to a rootkit in situations where they would not be able to install one themselves because of the system?s security policies.
Only kernel-level processes are allowed to patch the Windows system service dispatch table, and only privileged users?normally, members of the Administrators or Power Users groups?are allowed to install such processes. (XCP iteslf requires these privileges to install.) Malicious code executed by an unprivileged user wouldn?t normally be allowed to install a rootkit that intercepted system calls in the kernel. However, if the XCP rootkit is installed, its cloaking behavior applies to all users regardless of their security privileges. Unprivileged malware can adopt the $sys$ prefix to become invisible to both privileged and unprivileged users. This privilege escalation attack has already been exploited by at least two Trojan horses discovered in the wild [citations].
Another privilege escalation attack facilitated by the XCP rootkit allows an unprivileged application to crash the system. Russinovich demonstrated this problem using an automated testing program he created called NTCRASH2 [citation]. This utility makes repeated system calls with randomly generated invalid parameters. The original Windows kernel functions handle invalid inputs correctly and the system remains stable, but with the XCP rootkit installed, certain invalid inputs result in a system crash.
We investigated the specific circumstances when these crashes occur. The rootkit?s implementation of NtCreateFile can cause a crash if it is passed an invalid pointer as its ObjectAttribute argument, or if it is passed a valid ObjectAttributes structure that points to a ObjectName structure with an invalid Buffer pointer. We do not believe that an attacker could exploit these flaws to execute code; however, they do allow an unprivileged user to bring the system to a halt. As Russinovich and other have pointed out, these problem illustrates the security danger of installing software in secret. Users experiencing system instability due to these rootkit bugs would have great difficulty diganosing the problem, since they likely would be unaware of the rootkit?s presence.
Deactivating XCP
Deactivating XCP?s active protection software is more complicated because it is comprised of a number of processes that are more deeply entagled in the system configuration, and because these files are hidden by the XCP rootkit. Deactivation can be accomplished by a three-step procedure.
The first step is to deactivate and remove the rootkit. This is the same procedure used to deactivate MediaMax. The only change is that the driver?s name is aries.sys. Disabling the rootkit and then rebooting the system exposes the previously hidden files, registry entries, and processes (ones with names prefixed with $sys).
The second step is to edit the system registry to remove references to XCP?s filter drivers and CoDeviceInstallers. XCP uses the Windows filter driver facility to intercept commands to the CD drives and IDE bus. If these filter drivers are not removed, the CD and IDE device drivers will fail to initialize after the program files for the filter drivers are deleted. This can cause the CD drives to malfunction, or, worse, cause the system to fail to boot because the IDE device driver is disabled. XCP?s filter drivers can be neutralized by editing the
Windows Registry to remove any reference to a driver named $sys$cor from any registry entries named UpperDrivers or LowerDrivers. The CoDeviceInstallers can be neutralized by removing any lines containing $sys$caj from any list of CoDeviceInstallers.
The third step is to delete the XCP services and remove the XCP program files. Services named $sys$lim, $sys$oct, cd_proxy, $sys$drmserver, and $sys$cor can be deactivated using the sc delete command, and then files named crater.sys, lim.sys, oct.sys, $sys$cor.sys, $sys$caj.dll, and $sys$upgtool.exe can be deleted. After the system is rebooted, the two remaining files, named CDProxyServ.exe and $sys$DRMServer.exe can be removed.
After performing these steps, XCP will now deactivated, and only the passive protection on XCP CDs will continue to be in force. Of course, these steps could easily be automated, creating a point-and-click tool for removing XCP.
Tactics like the rootkit function, and the engineering of programs so that removal attempts can system instabilty, iare often used by spyware programs. That active DRM systems would be drawn to the same tactics as spyware should come as no surprise, as the two have the same goal: to prevent a user from removing unwanted software. In both cases, the user wants to remove the software (if he can find it) because the software provides no value to the user and can only harm him.
These tactics harm users, primarily by undermining users? ability to manage their computers. If users lose track of which programs are running on their computers, they lose the opportunity to remove or patch programs that are malfunction and to remove unneeded programs. Maintaining a secure configuration is difficult already, and spyware tactics make it even more difficult. Though it is not surprising that spyware tactics would have attraction for DRM designers, it was a bit surprising that mass-market DRM vendors chose to use those tactics despite the risk of harming users. If only one vendor had chosen to use such tactics, we could write it off as an aberration. But two vendors made that choice, which is probably not a coincidence.
We suspect that the explanation may lie in the DRM vendors? platform building strategy, which relies on keeping the software installed on as many computers as possible, coupled with the risk tolerance of DRM startup companies. The vendors may not have realized the extent of damage they could be causing, but they must have known that they were doing some harm. Our hypothesis is that the vendors allowed the lure of platform building to override the risk to users.
Authorized Uninstallers
Once users began to complain about the spyware-like behavior of the XCP and MediaMax software, the vendors offered access to uninstallers that would remove their software from users? systems. Uninstallers had been available previously, but they were very difficult to obtain. For example, to get the original XCP uninstaller, a user had to fill out an online form involving some personal information, then wait a few days for a reply email, then fill out another online form and install some software, then wait a few days for yet another email, and then finally click a URL in the last email. We can think of no explanation for the complexity of this procedure, other than a desire to deter users from uninstalling the software.
The uninstallers, when a user did succeed in getting one of them, did not behave like ordinary software uninstallers. Normally an uninstaller is a standalone program that the user runs, either by double-clicking it or by using a system-provided user interface to designate the program to be removed. One advantage of ordinary uninstallers is that they can be acquired and used by any user who has the software.
The first XCP uninstaller did not work this way. Instead, the uninstaller was customized for each user, so that it would work only for a limited time and only on the computer on which the user had filled out the second form. This meant, for example, that if a user uninstalled the XCP software but it got reinstalled later?as might happen if the user inserted an XCP-bearing CD?the user could not use the same uninstaller again but would have to go through the entire process again to request a new one.
Customizing the uninstaller in this way is more difficult for the vendor and increases customer support costs, compared to a more traditional uninstaller, so a rational vendor would not do it unless there was some benefit. Most likely, the benefit is to the vendor?s platform building strategy, which takes a step backward every time a user uninstalls the vendor?s software. Customizing the uninstaller allows the vendor to contol who receives the uninstaller and to change the terms under which it is delivered in the future.
As user complaints mounted, Sony-BMG announced that unrestricted uninstallers for both XCP and MediaMax would be made available to all users from the vendors? web sites. Both vendors chose to make these uninstallers available as ActiveX controls accessed via a web site.
By an unfortunate coincidence, both uninstallers turned out to open the same serious vulnerability on any computer where they were used.
MediaMax Uninstaller Vulnerability
The MediaMax uninstaller employed a proprietary ActiveX control called AxWebRemove.ocx created and signed by MediaMax author SunnComm. When users visited the MediaMax uninstaller web page, Internet Explorer prompted them to install the control. Then the web page invoked one of the control?s methods to uninstall MediaMax. This method, Remove, took two parameters: key, and validate_url. The key parameter was a single-use code provided by MediaMax technical support, and the validate_url parameter specified a web page that would validate the key and deliver executable code to perform the actual uninstallation.
When Remove is called from the web page, is issues an HTTP GET request to the provided url to validate the key. If it is valid, the server responds with the message true, {uninstall_url, where uninstall_url is the URL of a DLL file containing code to uninstall MediaMax. The control retries this DLL file from the Internet and saves it to a temporary location, then calls a function in the DLL named ECF7() to perform the uninstallation. If the function returns sucess, the control issues a second HTTP GET request to validate_url to report that the uninstall was sucessful and that the single-use key should be retired.
This design is vulnerable because the control accepts an arbitrary validate_url parameter and does not check that the DLL specified by the key validation server is authentic. The ActiveX control is not itself removed during the uninstallation process, so its methods can be invoked later by any web page without further browser security warnings. A attacker can create a web page that invokes the Remove method and provides a validate_url pointing to a page under the attacker?s control. This page can return an uninstall_url pointing to a DLL created by the attacker. When the MediaMax control executes the uninstall function in this file, arbitrary attacker code will execute on the user?s machine.
XCP Uninstaller Vulnerability
The XCP uninstaller contains the same design flaw and is only slightly more difficult to exploit. XCP?s ActiveX-based uninstaller invokes a proprietary ActiveX control named CodeSupport.ocx. (Early versions of XCP?s rootkit removal patch utilized the same control.) Usually this control is installed when users perform the second step in the three-step XCP uninstall process. In this step, the user is prompted to explain why they are requesting to uninstall XCP. The user?s response is sent to an XCP server along with a pseudorandom code generated by the ActiveX control. The same code is written to the system registry. Eventually the user receives an email with a link to another web page that uses the ActiveX control to remove XCP, but only after verifying that the code sent with the request matches the code in the local system registry. This check ensures that the uninstaller is only used on the machine from which the uninstallation request was made. As a consequence of this design, the control may be present on a user?s system even if she never performed the step in the uninstallation process where XCP is removed.
Matti Nikki first noted that the XCP ActiveX control contains some suspiciously-named methods, including InstallUpdate(url), Uninstall(url), and RebootMachine() [citation]. He demonstrated that the control remained installed after the XCP uninstallation was complete, and that its methods (including one that restarted the computer) were scriptable from any web page without further browser security warnings.
We found that the InstallUpdate and Uninstall methods have an even more serious flaw. Each takes as an argument a URL pointing to a specially formatted archive that contains updater or uninstaller code and data files. When these methods are invoked, the archive is retrieved from the provided URL and stored in a temporary location. For the InstallUpdate() method, the ActiveX control extract from the archive a file named InstallLite.dll and calls a function in this DLL named InstallXCP().
Like the MediaMax ActiveX control, the XCP control does not validate the download URL or the downloaded archive. The only barrier to using the control to execute arbitrary code is the proprietary format of the archive file. We determined the format by disassembling the control. The archive file consists of several blocks of gzip-compressed data, each storing a seperate file and preceded with a short header. At the end of the archive, a catalog structure lists metadata for each of the blocks, including a 32-bit CRC. The control verifies this CRC before executing code from the DLL.
With knowledge of this file format, we constructed an archive containing sample (benign) exploit code. The most difficult detail was the CRC, which is computed with an apparently proprietary algorithm that proved tedious to reverse engineer. We saved the trouble by having the ActiveX control compute the CRC for us. The control checks the CRC by computing a CRC for the file data in the archive and verifying that it matches the CRC specified in the archive catalog. We inserted a break point where the comparison occurs and ran the control on an archive containing code we prepared. We then took the CRC computed by the control and placed it in the archive catalog. Thus modified, the archive passed the CRC check and the ActiveX control executed our code. (This illustrated why digital signatures, rather than CRCs, must be used to validate code from untrusted sources.)
This procedure would allow a malicious web site to execute arbitrary code on the user?s machine. Like the MediaMax uninstaller flaw, it is especially dangerous because users who have completed the uninstallation may not be aware that they are still vulnerable.
Obviously, these vulnerabilities could have been prevented by careful design and programming. But they would not have been possible at all if not for the decision to deliver the uninstallers via this ActiveX method rather than using an ordinary download. We conjecture that the vendors chose to use ActiveX in this way because they wanted to retain the ability to rewrite, modify, or cancel the uninstaller later, and that this desire was driven at least in part by the vendors? platform building strategy.
Summary of Deactivation Attacks
When all is said and done, there is little a CD DRM vendor can do to stop users from deactivating active protection software. A user can do this via ordinary security and system administration tools; attempts by the vendor to interfere with these tools are harmful and will trigger a strong backlash from users. In practice, vendors will probably have to provide some kind of uninstaller ? users will insist on it, and some users will need it to deal with the bugs and incompatibilities that crop up occasionally in any complex software. Once an uninstaller is released, users will be able use it to remove the DRM software. Ultimately, determined users will be able to keep CD DRM software off their machines.
>>>>>>>>>>>>>>>>>>>>>>>
CD DRM: Attacks on Installation
Freedom to Tinker - January 30, 2006
[Part of the technical core of the paper]
Active protection measures cannot begin to operate until the DRM software is installed on the user?s system. In this section we consider attacks that either prevent installation of the DRM software, or try to capture music files from the disc in the interval after the disc has been inserted but before the DRM software is installed on the computer.
Autorun
Both XCP and MediaMax relies on the autorun feature of Windows. Whenever removable media, such as a floppy disc or CD, is inserted into a Windows PC (and autorun is enabled), Windows looks on the disc for a file called autorun.ini; if a file with that name is found, Windows executes commands found in it. Autorun allows a disc to pop up a splash screen or simple menu, for example to offer to install software found on the disc. However, the autorun mechanism will run any program that the disc specifies.
Other popular operating systems, including MacOS and Linux, do not have an autorun feature, so this mechanism does not work on these other systems. XCP ships only Windows code and so has no effect on other operating systems. MediaMax ships with both Windows and MacOS code on the CD, but only the Windows code can autorun. The MacOS code relies on the user to double-click an installer on the CD, which few users will do.
Current versions of Windows ship with autorun enabled by default, but the user can choose to disable it. Many security experts advise users to disable autorun, to protect against disc-borne malware. If autorun is disabled, the XCP or MediaMax active protection software will not load or run.
Even if autorun is enabled, the user can block autorun for a particular disc by holding down the Shift key while inserting the disc. This will prevent the active protection software from running.
Even without disabling autorun, a user can prevent the active protection software from loading by covering up the portion of the disc on which it is stored. Both XCP and MediaMax discs contain two sessions, with the first session containing the music files and the second session containing DRM content, including the active protection
software and the autorun command file. The first session begins at the center of the disc and extends outward; the second session is near the outer edge of the disc.
By covering the outer edge of the disc, the user can cover up the second session?s files, effectively converting the disc back to an ordinary single-session disc. The edge of the disc can be covered with nontransparent material such as masking tape, or by writing over it with a felt-tip marker. Exactly how much of the disc to cover can be determined by iteratively covering more and more until the disc?s behavior changes, or by visually inspecting the disc to look for a difference in appearance of the disc?s surface which is often visible at the boundary between the two sessions.
Temporary Protection
Even if the copy protection software is allowed to autorun, there is a period of time, between when a protected disc is inserted and when the active protection software is installed, when the music is vulnerable to copying. It would be possible to have the discs immediately and automatically install the active protection software, minimizing this window of vulnerability, but legal and ethical requirements should preclude this option. Installing software without first obtaining the user?s consent appears to be illegal in the U.S. under the Computer Fraud and Abuse Act (CFAA) as well as various state anti-spyware laws [citation].
Software vendors conventionally obtain the user?s consent to installation of their software by displaying an End User License Agreement (EULA) and asking the user to agree to it. Only after the user agrees to the EULA is the software installed. The EULA informs the user, in theory at least, of the general scope and purpose of the software being installed, and the user has the option to withhold consent by declining the EULA, in which case no software is installed. As we will see below, the DRM vendors do not always follow this procedure.
If the discs didn?t use any other protection measures, the music would be vulnerable to copying while the installer waited for the user to accept or reject the EULA. Users could just ignore the installer?s EULA window and switch tasks to a CD ripping or copying application. Both XCP and MediaMax employ temporary protection mechanisms to protect the music during this time.
XCP Temporary Protection
The first time an XCP-protected disc is inserted into a Windows machine, the Windows autorun feature launches the XCP installer, the file go.exe located in the contents folder on the CD. The installer displays a license agreement and prompts the user to accept or decline it. If the user accepts the agreement, the installer installs the XCP active protection software onto the machine; if the user declines, the installer ejects the CD and exits.
While the EULA is being displayed, the XCP installer continuously monitors the list of processes running on the system. It compares the image name of each process to a blacklist of nearly 200 ripping and copying applications hard coded into the go.exe program. If one or more blacklisted applications are running, the installer replaces the EULA display with a warning (shown at right [in the paper version, but not here]) indicating that the applications need to be closed in order for the installation to continue. It also initiates a 30-second countdown timer; if the any of the applications are still running when the countdown reaches zero, the installer ejects the CD and quits. [Footnote: Similar application blacklisting techniques have been used in other security contexts. The client software for World of Warcraft, a massively multiplayer online role playing game, checks running applications against a regularly updated blacklist of programs used to cheat. [citation]]
This technique might prevent some unsophisticated users from copying the disc while the installer is running, but it can be bypassed with a number of widely known techniques. For instance, users might kill the installer process (using the Windows Task Manager) before it could eject the CD, or they might use a ripping or copying application that locks the CD tray, preventing the installer from ejecting the disc.
The greatest limitation of the XCP temporary protection system is the blacklist. Users might find ripping or copying applications that are not on the list, or they might use a blacklisted application but rename its executable file to prevent the installer from recognizing it. Since there is no mechanism for updating the blacklist on existing CDs, they will gradually become easier to rip and copy as new applications not on the blacklist come into widespread use. Application developers may also adapt their software to the blacklisting technique by randomizing their process image names or taking other measures to avoid detection. [Footnote: An extreme extension of this would be to adopt rootkit-like techniques to conceal the copying application?s presence, just as XCP hides its active protection software.]
MediaMax Temporary Protection
The MediaMax system employs a different?and highly controversial, if not illegal?temporary protection measure. It defends the music while the installer is running by installing, and at least temporarily activating, the active protection software before displaying the EULA. The software is installed without obtaining consent, and it remains installed (and in some cases, permanently active) even if the user explicitly denies consent by declining the license agreement. This practice is uncomfortably close to the behavior of spyware and may be illegal.
Prior to license acceptance, both MediaMax version 3 and version 5 discs install the active protection driver. (At this writing, version 5 is the current version. To our knowledge, there was no version 4.) The driver file sbcphid.sys is copied to the Windows drivers directory, configured as a service in the registry, and launched. Initially, the driver?s startup type is set to ?Manual,'? so it will not re-launch the next time the computer boots; however, it remains running until the computer is shut down and remains installed permanently. Albums that use MediaMax version 5 additionally install components of the MediaMax player software before displaying a license agreement?almost 12 megabytes of programs and data that are stored in %programfiles%\Common Files\SunnComm Shared. These files are not removed if the EULA is declined.
Even more troublingly, under some common circumstances the MediaMax installer will permanently activate the active protection software (by setting its startup type to ?Auto,'? which causes it to be launched every time the computer boots). This behavior is related to a mechanism in the installer apparently intended to upgrade the active protection software if an older version is already installed. Under the following scenarios, it is triggered even if the user previously declined the EULA:
* The user inserted a CD-3 (older version of MediaMax) album, then sometime later inserts an MM-5 (current version of MediaMax at this writing) album.
* The user inserted an MM-5 album, then sometime later inserts a CD-3 album.
* The user inserted an MM-5 album, reboots, then sometime later inserts the same album or another MM-5 album.
These steps do not have to take place in a single session. They can happen over a period of weeks or months, as users purchase new albums.
We can think of two possible explanations for this behavior. Perhaps the vendor, SunnComm, did not test these scenarios to determine what their software did, and so did not realize that they were activating the software without consent. Or perhaps they did know what would happen in these cases and deliberately chose these behaviors. Either possibility is troubling, indicating either a badly deficient design and testing procedure or a deliberate decision to install software after the user denied permission to do so.
Even if poor testing is the explanation for activating the software without consent, it is clear that SunnComm deliberately chose to install the MediaMax software code on the user?s system even if the user did not consent. These decisions are difficult to reconcile with the ethical and legal requirements on software companies. But they are easy to reconcile with the vendor?s platform building strategy, which rewards the vendor for placing its software on as many computers as possible.
Even the activation of temporary protection software before the user consents to anything raises troubling ethical questions. It is hard to argue that the user has consented to loading and running software merely by the act of inserting the disc. Most users do not expect the insertion of a compact disc to load software, and although many (but not all) of the affected discs did contain a statement about protection software being on the discs, the statements generally were confusingly worded, were written in tiny print, and did not say explicitly that software would install or run immediately upon insertion of the disc. Some in the record industry argue that the industry?s need to block potential infringement justifies the short-term execution of the temporary protection software on every user?s computer. We think this issue deserves more ethical and legal debate.
Passive Protection
Another way to prevent copying before active protection software is installed is to use passive protection measures. Passive protection exploits subtle differences between the way computers read CDs and the way ordinary CD players do. By changing the layout of data on the CD, it is sometimes possible to confuse computers without affecting ordinary players. In practice, the distinction between computers and CD players is less precise. Older generations of CD copy protection, which relied entirely on passive protection, proved easy to copy in some computers and impossible to play on some CD players [citation]. Furthermore, computer hardware and software has tended to get better at reading the passive protected CDs over time as it became more robust to all manner of damaged or poorly formatted discs. For these reasons, more recent CD DRM schemes rely mainly on active protection.
XCP uses a mild variety of passive protection as an added layer of security against ripping and copying. This form of passive protection exploits a quirk in the way Windows handle multisession CDs. When CD burners came to market in the early 1990s, the multisession CD format was introduced to allow data to be appended to partially recorded discs. (This was especially desirable at a time when recordable CD media cost tens of dollars per disc.) Each time data is added to the disc, it is written as an independent series of tracks called a session. Multi-session compatible CD drives see all the sessions, but ordinary CD players, which generally do not support the multisession format, recognize only the first session.
Some commercial discs use a variant of the multisession format to combine CD audio and computer accessible on a single CD. These discs adhere to the Blue Book [citation] or ?stamped multisession'? format. According to the Blue Book specification, stamped multisession discs must contain two sessions: a first session with 1?99 CD audio tracks, and a second session with one data track. The Windows CD audio driver contains special support for Blue Book discs. It presents the CD to playing and ripping applications as if it was a normal audio CD. Windows treats other multisession discs as data-only CDs.
XCP discs deviate from the Blue Book format by adding a second data track in the second session. This causes Windows to treat the disc as a regular multisession data CD, so the primary data track is mounted as a file system, but the audio tracks are invisible to player and ripper applications that use the Windows audio CD driver. This includes Windows Media Player, iTunes, and most other widely used applications.
Using a specialized procedure, it is possible to create discs with this flavor of passive protection with standard CD burning hardware and software [citation].
Limitations
This variety of passive protection provides only limited resistance to ripping and copying. There are a number of well-known methods for defeating it. Advanced ripping and copying applications avoid the Windows CD audio driver altogether and issue MMC commands [citation] directly to the drive. This allows programs such as Nero [citation] and Exact Audio Copy [citation] to recognize and read all the audio tracks. Non-Windows platforms, including Mac and Linux systems, read multisession CD more robustly and don?t suffer from the limitation that causes ripping problems on Windows. The felt-tip marker trick can also defeat this kind of passive protection, as noted above.
p2p news / p2pnet: Bill Gates may think it's OK for Google to help Communist China out with Net censorship, but millions of people around the world disagree with him. Vehemently.
If you're one of them, email Google bosses Larry Page and Sergey Brin, ceo Eric Schmidt, and PR people David Krane, Debbie Frost and Elliot Schrage.
ActionNetwork has made it easy with an auto-email function on its China/Tibet protest site. Here's its suggestion, but you can edit it on the site.
http://actionnetwork.org/campaign/googleaction
I am outraged at Google's hypocritical decision to join hands with the Chinese government in its propaganda efforts. Google's decision to custom-build its search platform to Chinese authorities' specifications is more than just censorship.
It's active participation in the Chinese government's efforts to repress and undermine Tibetans, democracy advocates, people of faith, and anyone working for freedom and human rights.
By censoring search results on critical topics such as "Tibet," you are promoting Beijing's wildly distorted version of history and truth. This is indefensible.
Under China's totalitarian regime, the internet is a critical tool for people seeking justice. Your decision to help the Chinese government thwart this effort renders your motto "Don't be evil" an ironic joke.
Please re-read your "Ten Things" company principles and do the right thing by ending your partnership with the Chinese government.
ActionNetwork points out, "Under China's totalitarian regime, the internet is a critical tool for Chinese citizens and Tibetans to improve their political situation.
"Google has become an active partner in the Chinese government's efforts to repress their own citizens along with Tibetans, Uighurs, Falun Gong practitioners, and anyone else standing up to Chinese authorities and demanding human rights and self-determination."
(Thanks, Mingma)
Boing Boing has an item featuring pix from Telendro showing protesters from Students for a Free Tibet demonstrating in front of Google's HQ and, "Paul Boutin has discovered that one way to thwart internet filters is too spel yur serch qweries inkorreckly," it says going on:
"Over at News.com, Declan McCullagh reports that Google.cn not only omits politically sensitive material, but 'goes further than similar services from Microsoft and Yahoo by targeting teen pregnancy, homosexuality, dating, beer and jokes'.
And there are loads more items. Just Google them.
What about Sergey and Larry?
They have their lawyer, Andrew McLaughlin, claiming on the Google blog that it's all about creating, "a great experience for our users" because, "Google users in China today struggle with a service that, to be blunt, isn't very good".
The problem, "could only be resolved by creating a local presence, and this week we did so, by launching Google.cn, our website for the People's Republic of China. In order to do so, we have agreed to remove certain sensitive information from our search results. We know that many people are upset about this decision, and frankly, we understand their point of view. This wasn't an easy choice, but in the end, we believe the course of action we've chosen will prove to be the right one."
p2p news / p2pnet: America's famous Stanford may have been among the first of the major American universities to be sucked in by one of Apple's cleverest marketing ploys for iTunes.
But it won't be the last, not if Steve Jobs can help it because Apple has launched a, "nationwide expansion of a service that puts course lectures and other educational materials online and on-the-go via Apple's iTunes software," says the Associated Press.
Jobs' thinking may have been, "Since we've already talked a few of them into adopting our iPod music player as 'essential classroom technolgy,' who knows, maybe we can get away with it with iTunes as well?!"
Not that the underlying theory behind using teaching institutions and their staffs for corporate sales and promotions is anything new. The entertainment cartels have been doing it for years.
It seems Apple has been working with six universities on the "educational program" and is now, "inviting other universities to sign up".
The University of Missouri was already offering lecture podcasts through the school network, says the story, "But 'Tunes U' offered a software and service package - in Apple's reputedly easy-to-use interface - all for free, said Keith Politte, the development officer at the university's School of Journalism."
For free? Heh
Apple is also using Stanford as a promotional vehicle.
"For instance, Stanford University, which joined the pilot program last fall, gives the public free access to not only some lectures but also audio broadcasts of sporting events through its iTunes-affiliated site," says the story, adding:
"And it only takes a slight movement of the mouse to go from a university's section of iTunes to a link to the commercial site, where songs are sold for 99 cents apiece, and TV shows and music videos are sold for $1.99 a pop."
Interview: Bot Buster Merrick Furst
botnet Botnets or bot armies are large networks of thousands of machines under the control of an attacker who could potentially use the computers for criminal activities including stealing financial information and proprietary data stored on a computer. One of the biggest bot busters is Dr. Merrick Furst, distinguished professor and associate dean at the College of Computing at Georgia Tech. Dr. Furst has been tracking botnets for the last two years, researching how they are created, how they speak to each other, and how big the problem is.
______________________________________________________________________
Q&A: Bot-Buster Merrick Furst
The associate dean at Georgia Tech?s College of Computing says botnets are today?s top security threat.
January 27, 2006
The Internet worm Zotob that crashed computer networks at major companies including The New York Times and credit card company Visa brought into focus the danger of bots. Short for robots, bots are computers that have been infected by worms, viruses, or spyware so they can be controlled externally by a hacker (see Zotob Costs $97K per Company and Top Security Trends for 2006).
Botnets or bot armies are large networks of thousands of machines under the control of an attacker who could potentially use the computers for criminal activities including stealing financial information and proprietary data stored on a computer.
Because of the potential of bots to do great harm, law enforcement has gone on high alert. Their efforts appear to be paying off. On Monday, Jeanson James Ancheta, a 20-year-old in Downey, California, pleaded guilty to hijacking thousands of computers. The hacker launched destructive attacks and sent huge quantities of spam across the Internet.
Mr. Ancheta made about $60,000 in advertising affiliate proceeds through the surreptitious installation of adware on about 400,000 compromised computers, said the assistant U.S. attorney?s office at the Department of Justice in California.
One of the biggest bot-busters is Dr. Merrick Furst, distinguished professor and associate dean at the College of Computing at Georgia Tech. Dr. Furst has been tracking botnets for the last two years, researching how they are created, how they speak to each other, and how big the problem is.
During October, the College of Computing spun off a startup called Damballa, named after the most-important god of the voodoo religion.
Dr. Furst, who is also the president of Damballa, worked with the FBI on the Zotob case and helped federal investigators track botnets. In an interview with Red Herring, he said botnets are being generated at an astounding rate and traditional methods to fight them are proving ineffective. Below are edited excerpts of the conversation:
Q: How big do you think is the problem of botnets?
A: More than a quarter-million new machines are conscripted every day by bots. We are currently tracking 10 million machines that we think are infected. And these machines are spread all over the world though we find a large number to be in Asia. There are lots of machines in Asia running pirated software, so they?re not getting the latest security patches and these computers can become bots.
In the U.S., 25 percent of bots that we see are AOL machines and 10 percent are MSN machines. Bots spread through worms and viruses that carry them. During a typical seven-day period we found we were tracking over six bot armies that were forming and each of these armies had thousands of computers.
We found 700,000 computers infected during the last few months. In a typical month, there are about 6,000 command-and-control points up and running. It is how a botnet master talks to the bot armies. It like an HQ [headquarters] for the botmaster.
Q: What are these botnets being used for?
A: Bot armies have become platforms for carrying out criminal fraud. One bot that is acting alone will pick up all the keystrokes that you type and it will send a snapshot of the screen to the botmaster so he can see a slideshow of what you are doing on your computer terminal. More than 80 percent of spam is being sent by bot armies since they are hard to pick up by spam filters.
Bots are being used for denial of service attacks. A botmaster will have 100,000 machines at command, and can use them to launch these attacks. They even use bot armies to commit click fraud. Phishing email comes from bot armies. There?s been a big transformation over the last year and a half. People are learning how to make money using the botnets and it makes it very dangerous.
Q: How effective are the traditional approaches to combating the problem?
A: They are obviously not that effective since we think there may be 75 million machines affected worldwide. Normally, people try to protect individual machines. They have standard, traditional methods for protection, which is signature-based protection or behavior-based methods.
The problem is that botmasters defeat those. They keep building new software so signature-based protection doesn?t work and they have more machines available. So they can divide their resources up and keep their messages under the threshold that will be flagged by behavior-based networks.
Q: How does your startup, Damballa, tackle the botnets issue?
A: We have taken a nonconventional approach. We studied how these bot armies communicate with each other and the patterns they have. We have been monitoring networks so we can pick up the formation of these armies. Imagine if you could listen in on all the interactions that computers are having and recognize that some of those are about forming a bot army.
Our customer right now is the government, which is worried because these bots can be direct threats against infrastructure. They can be used to take out cellular networks through distributed SMS attacks and used to direct anonymous threats.
http://www.redherring.com/Article.aspx?a=15459&\1hed=Q%26amp%3BA%...
NTFS Performance Hacks
tips One way of improving the performance of your Windows XP machine is to tweak the NTFS file system. In certain scenarios, simple changes can make a big difference; that's because hard disks are often a primary bottleneck in today's machines, which have fast processors and lots of memory. Let's look quickly at ten ways you can boost performance using NTFS (or not using NTFS) on Windows XP.
______________________________________________________________________
NTFS Performance Hacks
by Mitch Tulloch
02/08/2005
"Are we there yet?"
"No."
"Are we there yet?"
"No!"
"Are we there yet?"
"NO!!"
"Are we--"
(Lock-Nah stabs a knife between Alex's fingers.)
"Wow, that's amazing! Perfect aim!"
"What are you talking about? I missed!"
That dialogue, between Alex O'Connell and Lock-Nah in The Mummy Returns, is a simple joke but still one of my favorites. It also reminds me of how impatient most of us are nowadays when it comes to how technology performs. And when it comes to computers, the questions often become Has it booted yet? Has it loaded yet? Has it finished searching yet?
One way of improving the performance of your Windows XP machine is to tweak the NTFS file system. In certain scenarios, simple changes can make a big difference; that's because hard disks are often a primary bottleneck in today's machines, which have fast processors and lots of memory. Let's look quickly at ten ways you can boost performance using NTFS (or not using NTFS) on Windows XP.
1. Disable Short Filenames
By default, NTFS creates an 8.3 filename every time it creates a long filename, which adds a bit of time to the file creation process. To speed things up, you can disable short filenames using the fsutil command:
fsutil behavior set disable8dot3 1
Restart your machine for this to take effect. A couple of caveats:
* You'll typically notice a performance difference only on drives that have a very large number of files (300,000 or more) but relatively few folders, and where a lot of your files have names that start similarly (for instance, NTFS Performance Hacks version 1.doc, NTFS Performance Hacks version 2.doc, and so on). That's because if you have a lot of files that start with the same characters in their filenames and occupy the same folder, NTFS has to work harder (and take more time) to generate unique 8.3 names for these files.
* If you have an older version of Microsoft Office or some older third-party apps, they may not work properly if 8.3 names are disabled. So test first before you mass-implement this hack.
2. Name Your Files Appropriately
Let's say you can't disable 8.3 filenames because of older software on your machine. You can still improve NTFS performance by choosing a naming scheme for your files so that files located in the same folder differ at the start of their names instead of at the end. So for example, instead of
NTFS Performance Hacks version 1.doc
NTFS Performance Hacks version 2.doc
That way NTFS won't have to work so hard to generate a unique 8.3 name for each file in the folder.
Related Reading
Windows Server Hacks
Windows Server Hacks
100 Industrial-Strength Tips & Tools
By Mitch Tulloch
Table of Contents
Index
Read Online--Safari Search this book on Safari:
Code Fragments only
3. Use More Folders
If you frequently need to open, close, create, or delete certain types of files, keep the number of such files in each folder small. In other words, if you have a lot of these files, create additional folders to spread them out between folders. If this isn't practical for some reason, then the first two hacks above can help compensate for having too many files in one folder.
4. Use More Partitions
In Windows 2000, when you partition a large disk (50GB or more, say) into several smaller NTFS volumes (10GB each), you can speed disk performance by up to 10 percent. NTFS on Windows XP has been improved to perform better overall, but you can still squeeze a percent or two of better performance out of a large disk by partitioning it into several smaller volumes.
5. Plan Your Cluster Size
The default cluster size on NTFS volumes is 4K, which is fine if your files are typically small and generally remain the same size. But if your files are generally much larger or tend to grow over time as applications modify them, try increasing the cluster size on your drives to 16K or even 32K to compensate. That will reduce the amount of space you are wasting on your drives and will allow files to open slightly faster.
Two caveats, though:
* If you want to compress older files to save disk space using NTFS compression, you have to leave the cluster size at 4K.
* The smaller your files (compared with the cluster size), the more fragmented your volume will tend to become over time.
The second caveat means that you should also ...
6. Defragment Regularly
Fragmented drives increase the time it takes for applications to open, close, create, or delete files. A good practice is to use Windows XP's Disk Defragmenter tool to defrag your drive at least once a week, especially if you run applications that frequently modify files and you have a lot of files on your drives. If you like, you can use the Scheduled Task Wizard to automate this process. See How to Automate Disk Defragmenter Using Task Scheduler Tool in Windows XP in the Microsoft Knowledge Base for instructions.
7. Reserve Space for the MFT
NTFS on Windows XP improves performance of the Master File Table (MFT) over Windows 2000 by not placing some of the MFT metadata files at the start of the disk. This enhancement alone can boost NTFS performance on Windows XP by up to 10 percent over Windows 2000. But you can squeeze out even better performance by ensuring that your drive has enough room for the MTF to grow if it has to. This will prevent the MTF from becoming fragmented, which is important because the Disk Defragmenter tool can't defragment the MFT.
By default, Windows XP reserves 12.5 percent of each NTFS volume (an area called the MFT zone) for exclusive use of the MFT. So if you plan to store tons of small files (under 8K, say) on your volume, your MFT may run out of space before your volume's free space does, and the result will be MFT fragmentation. To prevent this from happening, you can reserve additional space for the MFT using the fsutil command:
fsutil behavior set mftzone 2
This doubles the size of the reserved MFT zone to 25 percent of the volume. Of course, this means you lose 12.5 percent of the free space used to store files themselves, so there's a trade-off to consider when implementing this change. You can even make more aggressive changes using set mftzone 3, which reserves 37.5 percent of the volume for the MFT, or set mftzone 4, which reserves a whopping 50 percent. These extreme settings are only useful, however, if you have zillions of files, each smaller than about 1K.
To reset the MFT zone size according to your needs, do the following:
1. Run the fsutil command as described previously.
2. Reboot your system.
3. Create the volumes you need.
To return to the default behavior of reserving 12.5 percent of each volume for MFT, use the fsutil behavior set mftzone 1.
8. Disable Last Access Time
By default, each file and folder on an NTFS volume has an attribute called Last Access Time, which records the last time the file or folder was opened, read, or changed. This means even when you read a file on an NTFS volume, a write action occurs on that volume too. Normally this isn't a problem, but if you have an application that tends to frequently access files for short periods of time, this feature of NTFS can really slow performance. Fortunately, you can use fsutil to disable writing to the Last Access Time attribute:
fsutil behavior set disablelastaccess 1
Once this is done, the Last Access Time attribute for newly created files will simply be their File Creation Time.
One caveat: disabling Last Access Time may affect the operation of backup programs that use the Remote Storage service.
9. Turn Off (or On) the Indexing Service
Whether you enable or disable the Indexing Service on Windows XP depends on your needs. If you search for files on your hard drive only rarely, it's probably best to leave Indexing turned off, since it adds a slight overhead to NTFS operation and also uses up disk space to store the catalog. But if you search for files on your hard drive frequently (and need to search the contents of files as well) then turn Indexing on, as it will speed the search process considerably.
10. Use FAT32 for the Paging File
Finally, if you have a second physical disk in your machine, you can boost performance by moving your paging file (pagefile.sys) onto your second drive. To make this work best, do the following:
1. Create a volume on your second drive, making sure the volume is big enough to hold your paging file. (Three times your RAM amount will be more than enough.)
2. Format the new volume using FAT32 instead of NTFS, since FAT32 gives slightly better read performance on smaller volumes.
3. Don't create any additional volumes on your second drive--that is, leave this drive for exclusive use by the paging file.
So in other words, our final NTFS tweak is to not use NTFS for your paging volume.
Mitch Tulloch is the author of Windows 2000 Administration in a Nutshell, Windows Server 2003 in a Nutshell, and Windows Server Hacks.
By Dawn Kawamoto
Staff Writer, CNET News.com
Published: January 30, 2006, 9:28 AM PST
Tell us what you think about this storyTalkBack E-mail this story to a friendE-mail View this story formatted for printingPrint
An exploit that takes advantage of an "extremely critical" flaw in Winamp could lead to malicious attackers taking remote control over a user's system, according to a security advisory released Monday by Secunia.
The vulnerability is found in the latest version of Winamp 5.12. Earlier versions of the media player may also be affected, the security firm said.
"Winamp used to be the world's most popular MP3 player and is still quite popular, but as Windows Media Player has gotten better, some users have migrated over," said Thomas Kristensen, Secunia's chief technology officer.
Secunia is advising people to uninstall the player until America Online division Nullsoft, the maker of Winamp, develops an update for the flaw, especially as exploit code is circulating on the Internet.
"We aren't aware of any systems that have been compromised yet, but it's likely to happen since there's exploit code out," Kristensen said.
The vulnerability could be exploited when a Winamp user visits a malicious Web site and a tainted media file is launched onto the person's system. A buffer overflow is triggered, which allows the attacker to take control of the computer without being constrained by security measures, Kristensen noted.
The flaw was initially discovered by AtmacA.
The vulnerability is not the first to be found in the Winamp software. In late 2004, a highly critical flaw was found in the playlist files for the Winamp player.
By Stephen Shankland
Staff Writer, CNET News.com
Published: January 29, 2006, 9:00 PM PST
Tell us what you think about this storyTalkBack E-mail this story to a friendE-mail View this story formatted for printingPrint
Hewlett-Packard plans to begin selling a water-cooling system next week to address the power and heat problems that new technology inflicts on computer administrators.
The Modular Cooling System attaches to the side of an HP rack of computing gear, providing a sealed chamber of cooled air separated from the rest of a data center, said Paul Perez, vice president of storage, networking and infrastructure for HP's Industry Standard Server group.
"We used to talk to IT" when approaching customers, Perez said. But because of the power issue, "now we're talking to IT and facilities together. The customers ask, 'What should our power budget be over next three years?' After the sticker shock for energy costs, they say, 'How is HP going to help get the cost down?'"
liquid cooling
The system lets a rack consume as much as 30 kilowatts of power--about three times what would be possible otherwise--without posing problems to a data center's cooling systems, Perez said. However, the cooling system also requires a connection to an external chilled-water system to cool its water.
Liquid cooling, used in vintage computers from companies such as Control Data Corp. and Cray, is experiencing a comeback because of new technology challenges. Processors are consuming more electricity and being packed more densely, and electricity costs to pay for that power and for air conditioning have been increasing.
Chipmakers and server makers are working on improving computers' performance per watt, but in the meantime, liquid cooling can help. Blade server maker Egenera, IBM and Silicon Graphics offer cooling systems that chill air pumped out of the back of a computer rack. HP's system, by contrast, recirculates the same air within that rack, Perez said.
A successor to the modular computing system will chill the air of an entire row of racks, Perez said. That product is due out by the end of the first quarter of 2007.
Liquid cooling means administrators require new expertise, and the cooling system won't appeal to everyone, Perez said. But he's bullish about its prospects: "I don't think you'll see tens of thousands of these things in the immediate future, but can say we've revised our forecasts upward 3 or 4 times in last few months," he said.
The cooling system, expected to be launched on Feb. 6, requires HP's 10000 G2 Universal Rack, a new $1,200 model that replaces seven nonstandard rack models the company used for its products until now. For example, a customer using ProLiant x86 servers and Integrity Itanium servers would have had to purchase separate racks for each type of equipment, Perez said.
Later this year, HP plans to release a cooling system retrofit kit so it can be attached to the older 10000 G1 racks, used to house ProLiant servers, Perez added.
p2p news / p2pnet: There's a 21st century system purpose-designed help put millions of poor people, with the emphasis on children, in touch with each other and the rest of the world.
It's the Massachusetts Institute of Technology Media Lab's $100, Linux-powered wireless laptop, and you'd think the various tech companies, already far richer than the most of the countries they'll eventually be fighting to supply, would be falling over themselves to get involved.
But that's not the way it is, as the New York Times' John Markoff stresses.
In fact, since Media Lab head Nicholas Negroponte unveiled his One Laptop Per Child prototype, he's, "found himself wrestling with Microsoft and the politics of software," says Markoff's story.
'Yar boo sucks' was a school-boy expression popular in some older UK comics. Translated, it becomes, roughly, 'Fck You!' - which is more or less what Bill and the Boyz seem to be saying to Negroponte.
"He failed to reach an agreement with Microsoft on including its Windows software in the laptop, leading Microsoft executives to start discussing what they say is a less expensive alternative," says the NYT, "turning a specially configured cellular phone into a computer by connecting it to a TV and a keyboard".
Microsoft vp and cto Craig J. Mundie said although Microsoft was still developing the idea, "both he and Mr. Gates believed that cellphones were a better way than laptops to bring computing to the masses in developing nations". And that's because in places where TV's are already common, "turning a phone into a computer could simply require adding a cheap adaptor and keyboard".
Negroponte's $100 hand-cranked laptop has the United Nations behind it, and Quanta Computer, the company that's actually making it, says it'll start shipment in the fourth quarter of 2006, "and turn out five to 15 million US$100 laptop computers each year".
And it'll run on an AMD (Advanced Micro Devices) chip.
The NYT says Negroponte's Media Lab research group had, "experimented with the idea of a cellphone that would project a computer display onto a wall and also project the image of a keyboard, sensing the motion of fingers over it. But the researchers decided the idea was less practical than a laptop."
Gates, meanwhile, hasn't even decided much his as-yet undeveloped phone would cost.
Negroponte said he'd, "raised $20 million to pay for engineering and was close to a final commitment of $700 million from seven nations - Thailand, Egypt, Nigeria, India, China, Brazil and Argentina - to purchase seven million of the laptops," says the story, adding:
"According to several people familiar with the discussions, Microsoft had encouraged Mr. Negroponte to consider using the Windows CE version of its software, and Microsoft had been prepared to make an open-source version of the program available.
"Steven P. Jobs, Apple's chief executive, had also offered a free version of his company's OS X operating system, but Mr. Negroponte rejected that idea because the software was largely not open-source, meaning users could not get free access to software and its source code, which they could then modify."
"I chose open-source because it's better," Markoff has Negroponte saying. "I have 100 million programmers I can rely on."
http://p2pnet.net/story/7766
Microsoft"reseller"gets two years in jail for a US$20 sale
1/30/2006 10:55:12 AM, by Nate Anderson
Back in 2004, there was some alarm in the Windows community over an Internet leak of the source code to Windows 2000 and NT. The hype died down once it was realized that the code was incomplete and did not include anything from XP. The identity of the leaker was never ascertained. The code was widely distributed over the Internet, and many curious geeks took a look just to say that they had done so. No one was charged with a crime in the case?except for one man, William P. Genovese, Jr.
Genovese, who went by online nickname "illwill," ran a popular hacking site called illmob.org. He soon got his hands on the code, but unlike most people wasn't content simply to look. He posted the code to a private, password-protected FTP site and then ran the following message on his web site: "win2000 source code jacked . . . and illmob.org got a copy of it . . . im sure if you look hard you can find it or if you wanna buy it ill give you a password to my ftp." Besides disqualifying Genovese from future employment as a proofreader, the note caught the eye of an investigator hired by Microsoft to investigate the leak. He then proceeded to purchase the code from Genovese for?seriously?US$20. He then contacted the government, who had an FBI agent do the same thing.
So Genovese (who was then 28) was arrested for selling trade secrets. He got his day in court, where he argued that the restriction on publishing trade secrets was a violation of his First Amendment right to free speech. He also claimed that since he had found the code on the Internet, he could not possibly have known that it was still a trade secret. The judge was having none of it, pointing in fact to Genovese's web posting to prove that he knew such material was not freely available to the public.
Last Friday, the judge sentenced Genovese to two years of jail time, followed by three years of court supervision, during which Genovese's computer use will also be monitored. Is the sentence fair? Two years of your life is certainly a high price to pay for making forty bucks off of some code that you did not even steal, but Genovese's long string of petty crimes (spray-painting a bridge, multiple thefts, etc.) certainly didn't help his case.
Microsoft no doubt hopes that a tough sentence will deter future thefts of its source code. They did not get everything they wanted from the judge, though?a request for US$70,000 from Genovese (presumably for legal and investigative costs) was denied.
http://arstechnica.com/news.ars/post/20060130-6075.html
By Ina Fried
Staff Writer, CNET News.com
Published: January 30, 2006, 11:19 AM PST
Tell us what you think about this storyTalkBack E-mail this story to a friendE-mail View this story formatted for printingPrint
Microsoft has begun e-mailing its corporate customers worldwide, letting them know that they may need to start using a different version of Office as a result of a recent legal setback.
The software maker said Monday that it has been forced to issue new versions of Office 2003 and Office XP, which change the way Microsoft's Access database interacts with its Excel spreadsheet.
The move follows a verdict last year by a jury in Orange County, Calif., which found in favor of a patent claim by Guatemalan inventor Carlos Armando Amado. Microsoft was ordered to pay $8.9 million in damages for infringing Amado's 1994 patent. That award covered sales of Office between March 1997 and July 2003.
"It was recently decided in a court of law that certain portions of code found in Microsoft Office Professional Edition 2003, Microsoft Office Access 2003, Microsoft Office XP Professional and Microsoft Access 2002 infringe a third-party patent," Microsoft said in an e-mail to customers. "As a result, Microsoft must make available a revised version of these products with the allegedly infringing code replaced."
Although existing customers can keep using older versions on current machines, any new installations of Office 2003 will require Service Pack 2, released by Microsoft in September. Office XP will need to be put into use with a special patch applied.
Microsoft is also recommending that customers update their existing software with the new code.
"We understand that this will create an inconvenience for a small percentage of our customers and are committed to working with them through the process and easing the inconvenience as best as possible," Sunny Jensen Charlebois, a Microsoft senior product manager, said in a statement to CNET News.com. The company is readying an all-new version of Office, code-named Office 12, that is due out later this year.
Microsoft would not say how many customers are affected, but said it is likely only a "small fraction" of Office users. However, the company appears to be requiring all companies to use the new version from now on, so most large organizations could be affected by the move.
The software maker started notifying customers this month, in an e-mail sent via its sales channel. All those affected will have been informed by next month, Microsoft said.
Gartner analyst Michael Silver said it is hard to estimate the cost to customers, but said it is a significant impact for companies to move to a new service pack of a major program such as Office.
"It's probably a multimonth effort" for companies that want to double-check that key databases and critical Excel macros all work, Silver said. The other option is to "roll the dice" and just switch to the new software, but "most companies don?t want to do that with critical resources," he added.
The question for companies, though, is if they are exposing themselves to potential legal liability if they don't quickly move to the new software. Microsoft promises to indemnify customers from third-party patent claims, but Silver said the license terms also require customers to "immediately" move to any new noninfringing version that Microsoft releases.
"Immediate is pretty quick," Silver said. "It would be nice if there was some sort of time line that says you have to do it within six months or a year."
Summary:
This year, we saw increased use of multimedia, e-learning, internal blogs, and mobile access. Winning companies also encouraged consistent design by emphasizing training for content contributors.
The ten best-designed intranets for 2006 are:
* Allianz Australia Insurance, Australia
* ALTANA Pharma AG, Germany
* Bank of Ireland Group, Ireland
* Capital One, USA
* IBM, USA
* Merrill Lynch, USA
* METRO Group, Germany
* O2, UK
* Staples, USA
* Vodafone, UK
This is the first year in which a majority of the winners hail from outside the United States, underlining the continued growth of good intranet design around the world. In fact, the globalization of good intranet design is actually greater than what this simple list implies; many of the winning companies are highly multinational, with team members operating in multiple countries. At Vodafone, for example, intranet technology is managed from Germany, with development efforts occurring in California, Spain, Italy, and Egypt.
This year's winners are all large companies, with an average size of 80,000 employees. In previous years, we've always had winners with only a few hundred employees, but this year the smallest company has 3,000 employees. It might be that large companies are finally making intranet quality a high priority, and thus their more substantial resources make it harder for smaller companies to compete. One year's results, however, are insufficient to confirm such a trend.
In any case, while smaller organizations might not have the resources to implement as many features, they can apply many of the lessons learned from large companies' design efforts.
One trend from earlier years that persists is the strong showing for financial companies. This year, financial companies represent 40% of the winners, while manufacturing companies continue to be underrepresented. The possible reason for this is that financial companies have a tradition of emphasizing usability and white-collar productivity, while manufacturing companies have historically focused on physical concerns and thus have less experience in creating good screen-based designs.
Continuing Trends
One notable trend from past competitions -- to enforce a consistent look and feel across the intranet -- is even more prominent this year. Almost all winners have active programs in place to evangelize templates and design standards.
Several winning intranets have special training activities for content contributors, teaching them how to use design templates correctly and how to produce optimal intranet pages. Templates, after all, give users some leeway in applying styles and layouts. Authors therefore need training to employ templates correctly and thus maintain a consistent intranet design.
To further this goal, Bank of Ireland, for one, offers an extensive, searchable knowledge base with tips for intranet publishers. Such training support is necessary to achieve a unified intranet design. It's not enough to simply publish rules and design standards; you must teach them as well.
Another continuing trend we saw was the use of task-based information architectures, rather than IAs based on a company?s business units.
Navigation systems have become very complete, with good global and local navigation. Companies typically present navigation in the left column of a page, running utility features across the top of the page. Many of the winning intranets also make excellent use of breadcrumbs to further help users orient themselves in the large information spaces found on today?s intranets.
Another earlier trend that continues to hold for many of this year's winners is the use of kiosks to allow intranet access for employees who don't work in offices. Staples even has kiosks in its stores that let employees show shoppers a special intranet version limited to information that helps facilitate sales. Conversely, the Bank of Ireland intranet contains selected Web content for branch personnel who don't have access to the public Internet from their work terminals.
Technology Diversity
As in previous years, the technology used to implement intranets shows astounding diversity. Across the ten winning companies, the teams used a total of 54 different products. Clearly, we're far from a consolidated market in which one or two dominant providers offer everything you need. Instead, intranet teams must stitch together their own solutions with multiple parts from multiple vendors. In fact, 40% of the winners had to custom build their own content management systems (CMS).
This year's most-used products were Apache, Autonomy, BEA Portal, EMC Documentum, IBM WebSphere, J2EE, Lotus Domino and Lotus Notes, Lucene search engine, Microsoft SQL, Oracle database, Verity, and various versions of Windows servers.
Multimedia
Most of this year's winners make significant use of video on their intranets, taking advantage of the high bandwidths usually found on corporate networks. Vodafone probably has the most extensive integration of video, with a special Vodafone TV area featuring video from a global team of correspondents.
Poorly used, intranet videos can substantially reduce productivity. It's important, for example, to correctly set users' expectations so that they only click through to videos they actually want to see. Merrill Lynch links to videos through a highly effective gateway page that offers a concise summary of the video's event, along with information about the featured speakers. The time required to write such pages is nothing compared to the time it can save thousands of employees.
Multimedia doesn't have to entail video; simpler media types also have their place. For example, IBM's employee directory includes audio files with the pronunciation of people's names -- a particularly useful feature in a multinational company.
Web Trends on Intranets
In addition to increased video use, we see many other general Web trends migrating to the intranet realm. This makes sense, since most employees use websites for business or in their private lives. Thus, they often come to expect or even demand specific features or design approaches commonly found on the Web.
A striking example of this is ALTANA's system for ordering supplies. The system uses a full-fledged e-commerce metaphor, complete with shopping cart. People are accustomed to picking products in a certain way -- why not leverage this knowledge by designing a feature they already know how to use? Another good example is the IBM intranet's extensive use of weblogs, including a powerful dashboard interface that lets users monitor other blogs, as well as follow-ups to their own postings and comments. Despite considerable Web hype, however, we're not seeing much business blogging in most companies.
More targeted, task-related tools tend to work better. Staples, for example, offers a blog-like feature where store managers inform each other about their progress in preparing for advertised sales offers. But, rather than offer this feature in a separate community area, Staples has a simple notepad-like annotation field in the intranet area where managers view the advertising circulars. These are just-in-time, just-in-place notes -- just for this one crucial task.
Finally, we spotted a contra-trend: the first good use of overlay graphics (where an image appears on top of the content). On the Web, this is one of the most annoying and repellant advertising techniques. Nonetheless, Allianz Australia effectively uses overlays to highlight and explain useful new intranet features. Of course, we usually caution against using techniques associated with hated Web design approaches. Do so only with extreme care and only when you're sure that the intranet's special circumstances allow the technique to add value.
Mobile Access
Although mobile intranet is not yet widespread, several of this year's winners support mobile features. O2 has a special mobile edition of its intranet that?s optimized for the BlackBerry and strips the homepage down to a few of its most useful links. O2 also nicely integrates the employee directory with mobile features, for example by allowing users to send an SMS with someone's contact information from the directory to their cell phone.
Vodafone -- the other telecommunications carrier among this year's winners -- also offers extensive mobile access to its intranet, with simplified pages for smartphones. Its mobile intranet scales back content services, using fewer headlines so users can scan news listings on a smaller screen. Important applications, including the employee directory, have special user interfaces optimized for mobile access.
These mobile-oriented screens drive home the fact that mobile devices and networks have evolved to the point where they can be extremely useful for business people when they're away from the office. Mobile devices are no longer just phones; they're also intranet extensions -- at least when the intranet has features designed for smaller screens. This trend toward offering intranet access from mobile devices will surely continue as an understanding of the concept's value extends beyond the telecommunications companies that are currently leading the way (because of their early aptitudes and interest in mobile technologies).
Training And E-Learning
Another trend this year was an increased use of training areas on intranets. The best designs often locate traditional training options and e-learning in one area. After all, from a user's perspective, what's important is learning -- regardless of whether it takes place online or in a classroom. Many intranets also offer special training areas to help new employees learn about their new companies.
The METRO Group has a particularly extensive set of e-learning features to educate its more than 250,000 employees about the ever-changing retail industry. Many tutorials are presented as interactive Flash animations, with a single interface integrating text, images, and moving images, plus simple controls to pace the presentation.
Enhancing e-learning user interface controls in this manner is important: people often feel disoriented or frustrated when tutorials take over their screens and don't allow them the freedoms normally inherent in the Web (and intranet) user experiences.
A notable example of a unique e-learning feature is METRO Group's Knowledge Quest game, which teaches employees advanced retailing concepts. While games are not common on intranets, they do have their place in e-learning, since they can increase learners' motivation by adding an element of fun.
On the topic of fun, it's worth mentioning the O2 Fun Zone, which lets employees download ringtones -- one of O2's most important products. While not an e-learning feature per se, it does encourage employees to gain more first-hand experience with ringtone use. The O2 Fun Zone also lets employees send each other company-branded e-cards -- featuring such things as holiday, birthday, and get-well wishes -- which enhances a sense of community.
ROI and Expected Use
IBM dubbed its employee directory BluePages in reference to the company's "Big Blue" nickname. BluePages is one of the most impressive staff directories we've ever seen (and we've seen hundreds). The design team estimates that the redesign of this killer app saves employees 72 minutes per month. Likewise, IBM's redesign of its managers' area is estimated to save each manager 42 minutes per month -- a particularly important accomplishment given the higher salaries for this user group.
Given IBM?s size, the productivity gains from improving the intranet's design translate into huge amounts of money. BluePages alone is estimated to save IBM $194 million per year. Of course, smaller companies wouldn't realize quite such large savings, but it's certainly realistic to save an hour or more per employee per month when an intranet is redesigned for usability. At typical, fully loaded hourly rates, this often results in approximate savings of $1,000 per year for each employee -- a cool million for a mid-sized company with a thousand employees.
In general, too few intranets perform careful studies of productivity improvements, and thus rarely have hard ROI numbers. This was true for most of this year's winners. It's more common to measure an intranet's increased use and then say, "If people use it more, it must be better."
On that front, across all winners this year, intranet page views increased an average of 106% after redesign. These are obviously winning designs; in general, it's more realistic to expect intranet use to increase by slightly less than 100% after a redesign for increased usability.
Even so, you can realize even greater usage increases with more specialized applications simply by making them easier to access. For example, Staples has a "profit improvement culture" program for employees to contribute suggestions for making the company more profitable by cutting costs, improving processes, and so on. When the company placed this submission process on the intranet, the number of employee suggestions tripled. Staples estimates it has saved $200 million based on the ideas generated through this program.
Another way of looking at an intranet's success is to measure the proportion of employees who use the intranet. Among the winners, employee use of the intranet ranges from 75% to 99%. Obviously, the exact percentage of employees who use an intranet will depend on the types of jobs they perform. Office staff and knowledge workers tend to use intranet features more frequently than people who work on a factory floor or process transactions. In general, though, you should aim for at least 75% use overall. If less than half of your office-based employees use the intranet, then you probably have a usability disaster on your hands.
Usability Methodology and Design Process
Approaches to intranet design are stabilizing: new designs stay usable longer. On average, this year's winners let 33 months pass between intranet redesigns, up from 29 months for last year's winners. The redesign projects for this year's winners took an average of ten months, which is fairly speedy.
Despite such rapid design processes, redesign teams are nevertheless finding time for more user research. In looking across six years of design annuals, usability activities are clearly increasing. The following figure shows a comparison between the first three years and the last three years in terms of how often intranet projects employed usability methods:
Proportion of winning intranet projects that employed some of the main usability methods.
All methods show increased use, though heuristic evaluation has especially grown. This makes sense, because this method relies on evaluating a user interface relative to a known set of usability principles (the "heuristics"). In the early years of intranets, there were no documented intranet usability findings, which made it difficult to use this method. Now, however, intranet designers have access to well-documented user research and systematized knowledge about intranet usability, and they can apply this knowledge to judge their own designs.
Accessibility is still not a major concern for most intranets. This year, however, we saw many intranet designs that consider users with disabilities and include some accessibility features. Although very few projects went so far as to conduct actual accessibility testing with disabled users, several projects follow basic accessibility guidelines, such as avoiding frozen font sizes.
This increased attention to accessibility might be related to the larger size, on average, of this year's winning companies. The larger the company, the more employees with disabilities, and thus the greater the payoff from making the intranet accessible. Larger companies are also likely to have more older employees, who often need usability accommodations as well.
Intranet Branding
It's an eternal question: Should you give your intranet a special brand name? Among our earlier winners, opinions have been almost evenly split: 59% of intranets were branded, and 41% were simply called "the intranet." This year, however, branding took a major upswing: 80% of the winners use it.
This year's intranet names include: insite, My One Place, On Demand Workplace (ODW), WorldNet, Networking, vitalO2, Staples@work, and vista.
One year is hardly a trend, particularly since only 50% of last year's winners were branded. Also, a great design with no name will beat a crummy intranet with a snazzy name anytime. Consistency in design and page layout does more to brand the intranet than any name.
Finally, there's no need to overdo the branding: intranets are for internal use, and you're not competing against fifty other intranets. We've seen many intranets that overflow with advertising for different business units, or even for the intranet itself. Such heavy promotions backfire. In the best case, users simply ignore them; in the worst case, they drastically reduce user productivity.
Full Report
Our 287-page Intranet Design Annual with 193 screenshots of the ten winners for 2006 is available for download.
http://www.useit.com/alertbox/intranet_design.html
Low-cost wireless networking gear from Belkin, Buffalo Technology, and Linksys combine impressive range, fast data transfer speeds, and affordable pricing.
Yardena Arar
From the February 2006 issue of PC World magazine
Posted Tuesday, January 03, 2006
The trickle-down effect has hit the Wi-Fi world: New, moderately priced routers and notebook cards now promise and deliver some or most of the speed and range improvements first seen last year in costlier products. In our tests of shipping products from three lines--Belkin's Wireless G-Plus MIMO, Buffalo Technology's AirStation Turbo G High Power Wireless, and Linksys's Wireless-G with SRX200--all performed creditably, even at distances that older, standard 802.11g equipment can't cover. However, the Belkin and Linksys products generally outperformed the Buffalo gear.
Both Linksys's $115 Wireless-G with SRX200 and Belkin's $90 Wireless G-Plus MIMO routers use second-generation chips from Airgo Networks, whose first MIMO (multiple-in, multiple-out) chips powered several of the high-performance lines in our last Wi-Fi roundup.
Buffalo's $89 AirStation Turbo G High Power Wireless router and $59 notebook card (the least-expensive products in this group) don't depend on MIMO technology; they use older high-speed 802.11g chips and owe their enhanced performance mainly to high-powered amplification of the radio signal.
Varied Results
For comparison purposes, we tested the original Linksys SRX router (which is being discontinued) along with the newer products and found that the Linksys SRX200 router with the SRX card--the priciest setup-fell only a bit short of it (see the features comparison chart, "Belkin Leads the Budget Wi-Fi Pack"). Belkin's less expensive G-Plus MIMO products were noticeably slower, especially at close range, where they were only a little faster than routers in Buffalo's line. The new Buffalo model's performance fell off significantly in our long-range test, but many older Wi-Fi setups that we've seen couldn't even connect at that distance. And when we tested the three new routers with a standard 802.11g card on the network, their performance differences shrank.
If price has been a barrier preventing you from installing a wireless network or upgrading older equipment to improve its range, consider these products; alternatively, you might watch for markdowns on the older and faster technology. If low cost is key, I'd go with the Belkin G-Plus MIMO gear: It costs a little bit more than Buffalo's High Power products, but at long range it's nearly twice as fast.
-- Yardena Arar
Features Comparison: Belkin Leads the Budget Wi-Fi Pack
New Linksys comes closest to original SRX's performance, but Belkin wins out with better pricing.
Wi-Fi Router and Card PCW Rating Average throughput (mbps)
Close range Medium range Long range Close range with 802.11g
Belkin Wireless G-Plus MIMO Router and Notebook Card
Street: $160 85
Very Good 26.2 22.6 12.2 19.8
Bottom line: This model trails the Linksys in performance, but its solid transfer speeds and a bargain price make it our top choice.
Linksys Wireless-G Broadband Router with SRX200 and Linksys Wireless-G Notebook Card with SRX
Street: $228 84
Very Good 37.2 28.8 15.1 22.9
Bottom line: The Linksys combination delivers super performance, though at this price you can find faster (albeit older) gear.
Buffalo Technology AirStation Turbo G High Power Wireless Smart Router and Notebook Adapter
Street: $148 78
Good 23.8 21.5 6.7 19.5
Bottom line: An ultralow price for decent range, but the Buffalo's speeds are sluggish and its user interface needs work.
Linksys Wireless-G Broadband Router with SRX and Linksys Wireless-G Notebook Card with SRX 1 39.3 33.4 15.5 26.4
HOW WE TEST: Click here for details about our test methodology. 1The original price of this combination was $275.
First dual-core portables tested prove to be multitasking powerhouses.
Carla Thornton
From the March 2006 issue of PC World magazine
Posted Monday, January 30, 2006
Click here for full-size image. Notebooks are receiving a power boost as Intel brings dual-core technology to its mobile processors. Like dual-core desktops, new dual-core laptops in our tests showed the biggest improvements when doing two tasks at once. And you still get good battery life.
Eschewing the Pentium M name, Intel's new chips come in two lines: Core Duo T for mainstream notebooks, and Core Duo L low-voltage CPUs for ultralight laptops. The T line will range from the 1.66-GHz T2300 to the 2.16-GHz T2600; the L line will have two variants, the 1.5-GHz L2300 and the 1.66-GHz L2400.
Advertisement
Core Duo chips, formerly code-named Yonah, sport a faster, 667-MHz frontside bus (up from 533-MHz); support for faster memory matching the bus speed; a new 945 GM/PM chip set; and Intel's new wireless 802.11a/b/g chip set. Like the Pentium M line, the new CPUs provide a 2MB L2 cache. Additionally, with Intel's power-management technology, they can detect a light workload and shut down one core to improve battery life.
The PC World Test Center looked at two laptops carrying 2-GHz Core Duo T2500 CPUs and 1GB of RAM: a $1923 HP Pavilion dv1000 and a $2307 Dell Inspiron E1705. Each unit earned a WorldBench 5 score of 97, which puts them among the fastest portables we've ever tested. The highest-scoring model in our current Top 10 chart, the Acer Aspire AS9504WSMi, came with a 2-GHz Pentium M 760 chip and earned a score of 99, just 2 points higher than the Core Duo notebooks despite having double the memory.
The Core Duo systems really showed their mettle when juggling multiple jobs. In our multitasking test, where we browse the Web while converting a video file from one format to another, the two units completed the tasks about 30 percent faster than the Acer did. The new systems also performed very well in our Windows Media Encoder and Roxio VideoWave tests (see chart below).
The portables ran fairly cool and quiet. Using a nine-cell battery (a $99 option), the 8.2-pound E1705 ran out of gas after 2 hours, 32 minutes--fairly typical for a laptop with a 17-inch wide screen. The 5.6-pound dv1000, a 14-inch wide-screen model, did better at 3 hours, 51 minutes, nearly matching the 4-hour battery life we saw from a single-core version of it last year.
If you work with multiple apps at once or edit digital media, you'll get a lot out of the new units. And they cost only about $100 more than similarly configured single-core laptops. Core Duo systems should be available now.
Dual-Core vs. Single-Core Notebooks (chart)
Laptops with dual-core processors complete digital media work and multiple tasks significantly faster than single-core systems.
RIAA RICO case hearing, p2p news / p2pnet: We've been calling the members of the Big Four record label cartel the Organized Music family since around October last year.
Tanya Andersen, 42, a disabled mother, lives alone with her eight-year-old daughter. The two exist on government disability payments.
EMI, Warner Music, Vivendi Universal and Sony BMG are accusing her of downloading and sharing music online but she says the accusation is entirely false and, like Patti Santangelo, is demanding a jury trial to prove it.
In addition, she launched a counter suit against the Big Four's RIAA under the Oregon RICO Act, claiming the RIAA qualified because it had committed at least two acts of racketeering.
RICO is short for Racketeering Influenced and Corrupt Organization and it was originally created to combat Organized Crime as epitomised by the Mafia families.
The Big Four's RIAA (Recording Industry Association of America) wants Andersen's RICO suit dismissed and she, in her turn, has asked to have the RIAA's complaint thrown out, says Recording Industry vs The People.
Andersen, who lives off a fixed income from Social Security, says she's never shared or downloaded music in her life and before the RIAA attacked her, told its 'investigators' they could examine her computer any time they wanted.
But the record companies have never bothered.
"I have always been against music downloading," said Andersen last year after being approached by Mark Eilers from the Tukwila, Washington, 'Settlement Centre' who was demanding money to make the RIAA go away.
"In fact, I have been a member of BMG's music club for quite some time and I purchase my music either from there or from Target," said Andersen. "When I first got my computer set up almost three years ago, I had a friend set it up for me since I did not know how to do it. She had put Kaaza Lite on there and told me what it was. I never used it and had no interest in doing so. I deleted it since I had no use for it. Even though I deleted it correctly, as is recommended by Microsoft, Mr. Eilers has told me it can hide out in my system and play without me knowing about it. I have done a total check of my computer and it is no where on there.
"These files you are speaking accusing me of sharing (which Mr. Eiler told me about), are not and never have been on my computer system. Several of those artists, I have never even heard of! One, I understand, is a rap song. I am 42-years-old and do not even like rap music. The login that this person who did this apparently used, which Mr. Eiler told me of, is not a login name I have ever used or heard of.
"There is no one at my household who could have done what is being said at all. Mr. Eiler had brought up the fact that maybe a babysitter could have done it and that is impossible because I seldom have a sitter since I can't afford to pay one and am usually home."
The RICO pattern Andersen accuses the RIAA of, "constituted a common course of conduct used by plaintiffs to target thousands of citizens throughout the United States," says Lory R. Lybeck of Lybeck Murphy, the Washington law firm which is acting for her.
"These activities shared the common objectives of seeking payment of thousands of dollars from each person targeted, regardless of their innocence. These acts had the same or similar purposes, results, participants, victims and methods of commission.
"The predicate acts of racketeering include, but are not limited to attempted violations of Oregon?s coercion statute ORS 163.275 in furtherance of a plan to commit coercion is a violation of ORICO 166.720.
" These unlawful activities were not isolated. The record companies have repeated this coercive conduct with many other victims throughout the United States. Settlement Support Center, has reportedly engaged in the same pattern of threatening and coercive conduct.
"In 2004, the record companies targeted another innocent person in this scheme. When presented with evidence that the defendant did not engage in any of the downloading activities, plaintiffs insisted that her lack of involvement was irrelevant and that plaintiffs reportedly threatened that they would sue her for hundreds of thousands of dollars whether or not she had ever engaged in the alleged file sharing, 'It didn?t matter. Someone is responsible and someone is going to have to pay'."
_____________________________________________________________________
P
Victim sues RIAA under RICO Act
p2p news / p2pnet:- "I just read your 'We're Not Taking It Anymore' Club article on p2pnet.net," emailed Anna. "I've never been sued by RIAA, but I do feel strongly against their actions."
She suggested the RICO (Racketeering Influenced and Corrupt Organization) might be a way to go, continuing, "Don't laugh. It's a very potent law. It was originally created to battle the Mafiosi, but it has been recently used to file suits against insurance companies (by the medical associations), corrupt moving companies, and even against 'quackbusters.' Google it; it gets to be interesting reading.
"I believe that what the RIAA (Recording Industry Association of America) is doing is racketeering and harassment. I think a creative lawyer could possibly go to town on this. If they get maybe 15 or 20 people who have been unjustifiably sued by RIAA, I'm sure they'll have a strong case.?
Now, in what could be the beginning of the end for the Big Music cartel's vicious sue 'em all marketing campaign, RIAA victim Tanya Andersen (upper right) has just counter-sued the RIAA for Oregon RICO violations, fraud, invasion of privacy, abuse of process, electronic trespass, violation of the Computer Fraud and Abuse Act, negligent misrepresentation, the tort of "outrage", and deceptive business practices, says Recording Industry vs The People.
Andersen, 42, a disabled mother, lives alone with her eight-year-old daughter. The two exist on government disability payments.
She?s demanding a trial by jury and she?s one of a growing number of people who have had enough of the blatant terror tactics being used by the entertainment and software cartels.
Represented by Lory Lybeck of Lybeck Murphy in Oregon, Andersen decided she wasn?t going to be bullied into paying an extortionate charge to a blackmail centre acting for the Big Four record label cartel.
New York mother of five Patricia Santangelo also says she won't be persecuted by EMI, Warner, Universal and Sony BMG, the members of the multi-billion-dollar record label cartel.
"Don't let your fear of these massive companies allow you to deny your belief in your own innocence," Santangelo, the first RIAA victim to defy the labels, says.
"Paying these settlements is an admission of guilt. If you're not guilty of violating the law, don't pay."
"Thug-like threats"
The first hint of the nightmare Andersen was entering came from Verizon, her ISP.
"It was something I got in the mail and that I didn't quite understand from them stating they were releasing my private information," Andersen told p2pnet recently. "They had a subpoena attached and it basically sounded to me when I read it that they were just investigating something and wanted my information.
"I thought, 'Well I haven't done anything wrong so I'm not going to worry about it'."
The letter told her the company was releasing personal information to the Big Four's RIAA (Recording Industry Association of America), fronted by one of the Settlement Centers the enforcement unit uses to do its dirty work.
"Copyright infringement is wrong," Andersen's lawyer, Lory Lybeck, told p2pnet. But, "Thug-like threats by multi-national, multi-billion dollar businesses against people who cannot afford to speak or even explain their innonence is a much greater wrong. The music industry with all of its assets and all of its talents has the ability to handle the 'problem' of downloading much more effectively and much more humanely. Their present tactics cause real harm to real people.
"Theses tactics do nothing to address highjackers, spoofers and commercially motivated copyright infringers around the world."
Andersen is making the following allegations, among others, says Recording Industry vs The People.
Read on >>>>>>>>>>>>>>>>>>>>>>>>
1. For a number of years, a group of large, multinational, multi-billion dollar record companies, including these plaintiffs, have been abusing the federal court judicial
system for the purpose of waging a public relations and public threat campaign targeting digital file sharing activities. As part of this campaign, these record companies retained MediaSentry to invade private home computers and collect personal information. Based on private information allegedly extracted from these personal home computers, the record companies have reportedly filed lawsuits against more than 13,500 anonymous ?John Does.?
2. The anonymous ?John Doe? lawsuits are filed for the sole purpose of information farming and specifically to harvest personal internet protocol addresses from internet service providers.
3. After an individual?s personal information is harvested, it is given to the record companies? representatives and the anonymous ?John Doe? information farming suits are then typically dismissed.
4. The record companies provide the personal information to Settlement Support Center, which engages in prohibited and deceptive debt collection activities and other illegal conduct to extract money from the people allegedly identified from the secret lawsuits. Most of the people subjected to these secret suits do not learn that they have been ?sued? until demand is made for payment by the record companies? lawyers or Settlement Support Center.....
5. Tanya Andersen is a 42-year-old single mother of an eight-year-old daughter living in Tualatin, Oregon. Ms. Andersen is disabled and has a limited income from Social Security.
6. Ms. Andersen has never downloaded or distributed music online. She has not infringed on any of plaintiffs? alleged copyrighted interest.....
7. Ms. Andersen has, however, been the victim of the record companies? public threat campaign. The threats started when the record companies falsely claimed that Ms. Andersen had been an ?unnamed? defendant who was being sued in federal court in the District of Columbia. She was never named in that lawsuit and never received service of a summons and complaint.
8. Neither did Ms. Andersen receive any timely notice that the suit even existed. That anonymous suit was filed in mid-2004. Ms. Andersen first learned that she was being ?sued? when she received a letter dated February 2, 2005, from the Los Angeles, California, law firm Mitchell Silverberg & Knupp, LLP. The LA firm falsely claimed that Ms. Andersen had downloaded music, infringed undisclosed copyrights and owed hundreds of thousands of dollars. Ms. Andersen was understandably shocked, fearful, and upset. ....
9. After receiving the February 2, 2005 letter, Ms. Andersen contacted the record companies? ?representative,? which turned out to be Settlement Support Center, LLC. This company was formed by the record companies for the sole purpose of coercing payments from people who had been identified as targets in the anonymous information farming suits. Settlement Support Center is a Washington State phone solicitation company which engages in debt collection activities across the country.
10. When Ms. Andersen contacted Settlement Support Center, she was advised that her personal home computer had been secretly entered by the record companies? agents, MediaSentry.
11. Settlement Support Center also falsely claimed that Ms. Andersen had ?been viewed? by MediaSentry downloading ?gangster rap? music at 4:24 a.m. Settlement Support Center also falsely claimed that Ms. Andersen had used the login name ?gotenkito@kazaa.com.? Ms. Andersen does not like ?gangster rap,? does not recognize the name ?gotenkito,? is not awake at 4:24 a.m. and has never downloaded music.
12. Settlement Support Center threatened that if Ms. Andersen did not immediately pay them, the record companies would bring an expensive and disruptive federal lawsuit using her actual name and they would get a judgment for hundreds of thousands of dollars.
13. Ms. Andersen explained to Settlement Support Center that she had never downloaded music, she had no interest in ?gangster rap,? and that she had no idea who ?gotenkito? was.
14. Ms. Andersen wrote Settlement Support Center and even asked it to inspect her computer to prove that the claims made against her were false.
15. An employee of Settlement Support Center admitted to Ms. Andersen that he believed that she had not downloaded any music. He explained, however, that Settlement Support Center and the record companies would not quit their debt collection activities because to do so would encourage other people to defend themselves against the record companies? claims.
16. Instead of investigating, the record company plaintiffs filed suit this against Ms. Andersen. F. The Record Companies have no Proof of Infringement.
17. Despite making false representations to Ms. Andersen that they had evidence of infringement .... plaintiffs knew that they had no factual support for their claims.
18. No downloading or distribution activity was ever actually observed. None ever occurred. Regardless, the record companies actively continued their coercive and deceptive debt collection actions against her. Ms. Andersen was falsely, recklessly, shamefully, and publicly accused of illegal activities in which she was never involved.
Ms. Andersen further alleged:
20. Entering a person?s personal computer without their authorization to snoop around, steal information, or remove files is a violation of the common law prohibition against trespass to chattels.
21. The record company plaintiffs employed MediaSentry as their agent to break into Ms. Andersen?s personal computer (and those of tens of thousands of other people) to secretly spy on and steal information or remove files. MediaSentry did not have Ms. Andersen?s permission to inspect, copy, or remove private computer files. If MediaSentry accessed her private computer, it did so illegally and secretly. In fact, Ms. Andersen was unaware that the trespass occurred until well after she was anonymously sued.
22. According to the record companies, the agent, Settlement Support Center used the stolen private information allegedly removed from her home computer in their attempt to threaten and coerce Ms. Anderson into paying thousands of dollars. ....
Under the provisions of the Computer Fraud and Abuse Act (18 U.S.C. § 1030) it is illegal to break into another person?s private computer to spy, steal or remove private information, damage property, or cause other harm.
26. Ms. Andersen regularly used her personal computer to communicate with friends and family across the country and for interstate e-commerce. Ms. Andersen had password protection and security in place to protect her computer and personal files from access by others.
27. The record company plaintiffs employed MediaSentry as their agent to bypass Ms. Andersen?s computer security systems and break into her personal computer to secretly spy and steal or remove private information. MediaSentry did not have her permission to inspect, copy, or remove her private computer files. It gained access secretly and illegally.
28. According to the record companies? agent, Settlement Support Center, used this stolen private information in their attempt to threaten and coerce Ms. Andersen into paying thousands of dollars. ....
31. According to the record companies, Ms. Andersen?s personal computer was invaded by MediaSentry after she was identified with a nine digit code (an Internet Protocol Address (?IPA?)) obtained from the anonymous information farming lawsuits. MediaSentry did not have permission to inspect Ms. Andersen?s private computer files. It gained access only by illegal acts of subterfuge.
32. The record companies? agent has falsely represented that information obtained in this invasive and secret manner is proof of Ms. Andersen?s alleged downloading. Ms. Andersen never downloaded music but has been subjected to public derision and embarrassment associated with plaintiffs? claims and public relations campaign.
33. The record companies have used this derogatory, harmful information to recklessly and shamefully publicly accuse Ms. Andersen of illegal activities without even taking the opportunity offered by Ms. Andersen to inspect her computer. .....
36. Despite knowing that infringing activity was not observed, the record companies used the threat of expensive and intrusive litigation as a tool to coerce Ms. Andersen to pay many thousands of dollars for an obligation she did not owe. The record companies pursued their collection activities and this lawsuit for the primary purpose of threatening Ms. Andersen (and many others) as part of its public relations campaign targeting electronic file sharing.
37. The record companies have falsely represented and pleaded that information obtained in this invasive and secret manner is proof of Ms. Andersen?s alleged downloading and distribution of copyrighted audio recordings. Ms. Andersen never downloaded music but has been subjected to public derision and embarrassment.....
40. The record companies knowingly represented materially false information to Ms. Andersen in an attempt to extort money from her.
41. For example, between February and March 2005, the record companies, through their collection agent Settlement Support Center, falsely claimed that they had proof that Ms. Andersen?s IPA had been ?viewed? downloading and distributing over 1,000 audio files for which it sought to collect hundreds of thousands of dollars. This statement was materially false. Ms. Andersen never downloaded or distributed any audio files nor did the record companies or any of their agents ever observe any such activity associated with her personal home computer.....
49. Despite having never observed any downloading or distribution associated with Ms. Andersen?s personal home computer and despite refusing Ms. Andersen?s offer to allow an inspection of her own computer, the record companies wrongfully continued their improper debt collection activities against her.....
50. The record companies pursued debt collection activities for the inappropriate purpose of illegally threatening Ms. Andersen and many thousands of others. This tortious abuse was motivated by and was a central part of a public relations campaign targeting electronic file sharing.
51. An employee of Settlement Support Center admitted to Ms. Andersen that he believed that she had not downloaded any music. He explained that Settlement Support Center and the record companies would not quit the debt collection activity against her because to do so would encourage other people to defend themselves against the record companies? claims.
52. The record companies were aware of Ms. Andersen?s disabilities and her serious health issues. Settlement Support Center knew that its conduct would cause extreme distress in Ms. Andersen. As a result of defendant?s conduct, Ms. Andersen suffered severe physical and emotional distress and health problems.
53. The record companies? conduct resulted in damages, including harm to Ms. Andersen?s health and property in an amount to be specifically proven at trial......
55. Oregon?s Unlawful Trade Practices Act prohibits those in trade or commerce from engaging in unfair or deceptive practices in the course of business with consumers. ORS 646.605 et seq.
56. The record companies? agent, Settlement Support Center, is a company doing business in Washington which was established to engage in debt collection activities in manystates, including Washington and Oregon.
57. Settlement Support Center acting as the record companies? agent made false and deceptive statements to Ms. Andersen in an attempt to mislead, threaten, and coerce her into paying thousands of dollars.
58. Settlement Support Center acting as the record companies? agent has made similar false and deceptive statements to many other residents of Washington and Oregon, and across the country. The public interest has been and continues to be directly impacted by plaintiffs? deceptive practices.
59. The record companies? conduct resulted in damages and harm to Ms. Andersen and her property in an amount to be specifically proven at trial. ....
61. The Oregon Racketeer Influenced and Corrupt Organization Act prohibits companies from engaging in organized racketeering or criminal activities. ORS 166.715 et seq.
62. As fully set forth above, the record companies hired MediaSentry to break into private computers to spy, view files, remove information, and copy images. The record companies received and transmitted the information and images to Settlement Support Center. As the record companies? agent, Settlement Support Center then falsely claimed that the stolen information and images showed Ms. Andersen?s downloading and distributing over 1,000 audio files. The record companies falsely claimed that Ms. Anderson owed hundreds of thousands of dollars in an attempt to coerce and extort payment from her.
63. The record companies directed its agents to unlawfully break into private computers and engage in extreme acts of unlawful coercion, extortion, fraud, and other criminal conduct.
64. The record companies and their agents stood to financially benefit from these deceptive and unlawful acts. Proceeds from these activities are used to fund the operation of the record companies? continued public threat campaigns.
65. These unlawful activities were not isolated. The record companies have repeated these unlawful and deceptive actions with many other victims throughout the United States.
Answer and counterclaim.
================
First they ignore you, then they laugh at you, then they fight you, then you win
- Mohandas Gandhi
Something you think we should know? tips[at]p2pnet.net
