Technology latest news

The good guys are taking a hit in the ongoing online war between the thugs who profit from phishing and malware, and those who work to stop them.

For two weeks, Web sites like CastleCops.com, which offers help to those hit by malware and also actively works to shut down malicious Web sites, have been under attack. In what's known as a distributed denial of service, black hats are flooding CastleCops with a barrage of garbage data in an attempt to overwhelm the site and knock it offline.

“It's the folks who are out there in the trenches getting hit,” says Paul Laudanski, who founded CastleCops five and a half years ago

Attack Spreads

When the attack on CastleCops.com began on August 29, Laudanski says, the site went down for a few hours as he scrambled to apply countermeasures. His site came back up, but the attack soon spread to other helpful sites such as 419eater.com, fraudwatchers.org, scam.com, scamfraudalert.com, and scamwarners.com. Most of these sites are currently unresponsive.

When the hosting provider for another site, aa491.org, dropped the site because the attack became too much for the provider, CastleCops gave aa419.org a home. CastleCops went down again under the combined attack, but is back up again.

The sites are all being hit by botnets, corralled networks of malware-infected computers that can be issued commands by a central controller, or botherder. Botnets are most often used to send money-making spam, but they can also launch denial-of-service attacks where each infected PC sends a steady stream of traffic at a victim site. CastleCops is shouldering the brunt of 20,000 bots as of today, and more than 1,000 additional bots join the fray each day.

Mystery Motive

Laundanski says he and others who work at these sites, many of which are not-for-profit, are still unsure about the attack's rationale. And he's likewise uncertain about whether it's one group or many behind it all. He's been able to gather some details, but doesn't want to share them while the threat continues and let his attackers know what he's been able to find out.

But Paul Sop, CTO of Prolexic, a company that defends clients against DDoS attacks, says “the prevailing street theory is that these guys are having an effect.” Their advice is helping malware or phishing victims, and their investigations are helping to shut down criminal operations

“So the botnet guys are targeting them,” he says.

Security sites, including CastleCops, have been targeted in the past, but attacks are on the rise, Sop says. In the past five months, he says, there has been an increased focus on attacking organizations on the front lines who try to fight back against the crooks.

Strengthened Resolve

But according to Laudanski, who has started a new online forum documenting the ongoing battles, the attacks may backfire.

“The criminals are in it for the money,” he says. “It's a huge business for them. [But] we're in it for the feeling that we get being on the side of right.”

So this assault shows that “these sites are definitely doing something right,” he says, “because we've got the attention of these scammers. It gives us greater resolve.”

San Francisco (InfoWorld) - BEA Systems' planned next-generation application platform, called Project Genesis, will feature an open source component and accommodate scripting languages such as Ruby and Perl, BEA officials said at the BEAWorld San Francisco conference on Tuesday.

Open source has been great for proliferating knowledge in the marketplace, said Alfred Chuang, BEA chairman, CEO, and president. In addition, he mentioned that development technologies will be open-sourced as part of Genesis and that BEA already offers open source technologies to the Eclipse Foundation. “We also believe that we likely have to be grooming and starting up a new community,” he said.

Genesis is intended to enable quick development of applications without requiring new infrastructure. It will feature tools that take collaboration, social tagging, and business process management and integrate them with existing enterprise applications. New sets of applications can be built, including mashups and composite applications as well as business processes. Wikis, blogs, and RSS feeds also are to be part of Genesis, said Rob Levy, CTO at BEA. The company announced Project Genesis earlier on Tuesday.

Chuang, however, cautioned against going open source for the sake of going open source.

“I think open source for open source's sake has been useless,” Chuang said.

“Some companies have taken multimillion lines of operating system code and open-sourced it,” he said, critically. Although sometime-BEA rival Sun Microsystems did this with its Solaris OS, Chuang said his comment was not specifically targeted at Sun. Others have done this as well, he said.

Genesis will support Java code as well as scripting languages, Chuang said. He cited scripting languages as an area where BEA historically has not had much involvement.

A specific product plan for Genesis is set to be unveiled at the BEAWorld Shanghai conference in December. BEA officials stressed some components of Genesis, such as BEA's enterprise service bus technology, already exist. New products are to include a rules engine technology, as well as offerings for data manipulation and structured mapping.

“Genesis is sort of where ultimately we want to take AquaLogic for this new generation of applications,” Chuang said. AquaLogic is a BEA middleware platform.

Genesis will support SaaS (software as a service) methodologies in that ISVs could use Genesis to build applications, which they could then offer via a SaaS format, Levy said.

San Francisco (InfoWorld) - Mozilla has posted mock-ups of Places, one of the most-awaited new features in the upcoming Firefox 3.0, on its Web site.

As part of the weekly Firefox 3.0 status update that Mozilla posts to a wiki, the open source developer included screenshots of Places Organizer, the interface users will see later this year or early next when the browser goes to its final release.

Places, the name given to the new unified history and bookmark manager, was originally scheduled to be included in Firefox 2.0, but it was yanked last year from that version because Mozilla decided it couldn't finish the feature in time. Unlike current browser bookmark tools, Places will use a database — the SQLite database engine powers it — so that users can search for saved pages. Places will also support the use of tags, or user-defined labels that are applied to categorize bookmarks and make them easier to retrieve via searches.

The Places Organizer mock-up uses Windows Vista styling to show bookmarks, surfing history, and downloads in one spot. Among its traits are thumbnails of the saved or surfed-to pages that appear in a separate Properties pane, tag lists, and the ability to drill down through both the browsing history and the tags.

Places Organizer, which is set to appear in M9, a prerelease version likely to ship late next month, will also boast built-in bookmark backup and possibly a thumbnail view to go along with a more traditional list.

The code for the current development version, Firefox 3.0 M8, was frozen last Wednesday in preparation for rolling out the build next week. The last-released build was pegged as Gran Paradiso Alpha 7; it rolled out in early August.

In other Firefox news, the next Firefox security update, Version 2.0.0.7, now carries a tentative release date of Oct. 14.

DALLAS - Chip-maker Texas Instruments Inc. narrowed and slightly raised its third-quarter forecast Tuesday, saying it expects earnings of 49 to 53 cents per share on revenue between $3.56 billion and $3.72 billion.

In July the company said it expected fiscal third-quarter earnings between 46 cents per share and 52 cents per share on revenue between $3.49 billion and $3.79 billion.

The semiconductor company should see revenue between $3.36 billion and $3.50 billion, compared to the previous range of $3.29 billion to $3.57 billion, according to a company statement.

Revenue in its education technology division, which includes handheld calculators, was unchanged and is expected to come in between $200 million and $220 million.

The July sale of a semiconductor product line associated with DSL equipment boosted the per-share earnings estimate by 2 cents, the company said.

Analysts polled by Thomson Financial predicted earnings of 49 cents per share on revenue of $3.66 billion for the quarter ending Sept. 30.

Before the report was released, Texas Instruments shares rose 50 cents, or 1.4 percent, to close at $35.72. The stock fell 67 cents in after-hours trading.

Without getting into specifics, Ron Slaymaker, TI’s vice president of investor relations, said the biggest growth area for the quarter has been high-performance analog chips used in cellular phones and other electronic gadgets.

Slaymaker told analysts in a conference call that wireless chips were seeing mixed demand depending on the customer, while the company’s relatively small education technology division was flat.

Cody Acree, an analyst with Stifel, Nicolaus & Co., said he was encouraged by continued strength in Texas Instruments’ analog sector. “It’s good to see but it’s not surprising,” he said.

The update came a day after Texas Instruments detailed plans to lay off 191 workers whose manufacturing jobs in Dallas are being eliminated and who couldn’t find other positions at the semiconductor company.

The layoffs will begin in early November and be spaced out until the end of January, the Dallas-based company said. The workers will be put on paid leave for 60 days after their release, the company said.

Texas Instruments is also finishing the last of 233 layoffs from two other facilities in Dallas by year end.

San Francisco (IDGNS) - Spending on mobile search and display advertising will skyrocket in the coming years in the U.S., finally making cell phones a viable vehicle for this type of online marketing, according to research firm The Kelsey Group.

Spending is expected to total $33.2 million this year and grow at a compound annual rate of 112 percent through 2012, when it will hit $1.4 billion, Kelsey Group analyst Matt Booth said.

This means that major players in online advertising, such as Google, Microsoft, and Yahoo, as well as the major mobile carriers, will battle it out in a market that is uncharted territory. “Between now and 2012, the opportunity [in this market] is wide open,” Booth said.

As the market morphs from tiny into sizable, Internet companies and carriers are learning as they go, figuring out how to compete and partner with each other, win over advertisers, and better serve mobile subscribers, he said.

The boost in spending follows technology advances, such as the increasing availability of mobile broadband services, the expansion of GPS capabilities, and improvements in device usability at the hardware and software levels, he said.

For Google, the broadening of the mobile channel for search advertising comes at a good time because it currently has ad inventory backed up awaiting increased traffic, Booth said.

It's no secret that mobile is the next big frontier for Internet services and advertising, although the market's explosion has been prematurely predicted in the past.

Kelsey Group expects mobile Internet users to grow at a 20 percent compound annual clip in the U.S. through 2012, when there will be almost 92 million people going online via their cell phones.

Previous unfulfilled expectations haven't discouraged Google, Yahoo, Microsoft and other big Internet companies from adapting in recent years their PC-based online services like e-mail, instant messaging, photo managers, and search engines for mobile devices.

Yahoo, for example, has a suite of mobile services and applications called Yahoo Go for Mobile 2.0, while Google offers mobile versions of several services, including Gmail, Maps, YouTube, Picasa, Blogger, and search. Meanwhile, Microsoft's mobile offerings include Windows Live Hotmail, search, Spaces, and Messenger.

Beyond adapting services to mobile devices, Google has also expressed interest in bidding in an upcoming U.S. Federal Communications Commission auction of 700MHz wireless spectrum set for January. There have also been rampant rumors that Google is developing a cell phone, but the company hasn't officially acknowledged those plans.

San Francisco (InfoWorld) - Microsoft has released its security patches for September, fixing known vulnerabilities in its MSN Messenger software and Unix services for Windows as well as a critical bug in Windows 2000.

In total, Microsoft patched four bugs in its products. This was one less update than expected following the software maker's last-minute decision to scrap a fix for its SharePoint collaboration software.

The Windows 2000 update is the only one Microsoft rates as critical. It affects the Microsoft Agent software that Web developers use to create interactive characters on Web pages. By tricking a Windows 2000 user into visiting a maliciously encoded Web page, an attacker could exploit this flaw to run unauthorized software on a victim's computer.

This is not the first time Microsoft has been forced to patch a critical bug in Microsoft Agent. In April, the company fixed a similar flaw that also affected Windows XP users.

Because the MSN Messenger and Windows Services for Unix flaws were both publicly disclosed last month, they should also be given priority said Amol Sarwate, manager of Qualys's vulnerability research lab.

“They had both been known for awhile, but they are important,” he said. “Especially the MSN vulnerability.”

MSN Messenger and Windows Live Messenger users will be prompted to upgrade their software when they connect with Microsoft's instant-messaging services, Microsoft said in its notes on the security update. “If you do not upgrade to a non-affected version of the MSN Messenger or Windows Live Messenger client, depending on your platform, you will be notified to upgrade on each attempt to sign on.”

MSN Messenger 7.0.0820 or Windows Live Messenger 8.1 are not vulnerable to the flaw, Microsoft said.

The fourth patch issued Tuesday fixes a bug in Crystal Reports for Visual Studio. Attackers could run code on a victim's PC by getting them to open a specially crafted Crystal Reports RPT file, Microsoft said.

Overall, the September updates are a far less serious group of patches than the nine updates Microsoft released last month.

“Compared to last month, Patch Tuesday in September is almost anticlimactic,” security vendor McAfee said in a statement. “Customers who have legacy applications installed on Windows Server 2000 Service Pack 4 should be paying the most attention, but we don't foresee a lot of exploitation of the Windows 2000 vulnerability. Not many people will use those systems to surf the Web, which would be the attack vector.”

The remote control for Nintendo's Wii game console, and the add-on attachment known as the Nunchuk, are having their first offspring. It is named the Wii Zapper. On Monday, the games company announced that the Zapper will launch on November 19, bundled with Link's Crossbow Adventure for $19.99.

Both controllers — the Wii controller, or Wiimote, and the Nunchuk — will be combined into one housing to create the Zapper. The Nunchuk, initially demonstrated at the 2005 Tokyo Game show, was the first attachment that Nintendo released for the Wiimote.

The Zapper connects to the Wiimote by a long cord, has an analog stick like the Nintendo GameCube controller's, and sports two buttons. The Zapper has a “classic style reminiscent of arcade-style games,” Nintendo's senior vice president of marketing George Harrison said in a statement.

Crossbow and Zombies

For instance, Link's Crossbow Training, based on the Legend of Zelda series, could be useful if you're hoping for a career as Robin Hood. Assuming the role of the Link the hero and using the Zapper, players must practice and perfect their crossbow techniques. First, unmoving bulls-eyes and then moving targets are provided as tests. Then, if players' eyes are good and the wind is at their back, they will graduate to defending themselves — that is, Link — against all manner of enemies.

Lest you think that Zappers are only good for emulating crossbows, various third-party game publishers “have lined up to support” the new interface device, according to Nintendo.

In EA's Medal of Honor Heroes 2, players can use a new, Wii-exclusive Arcade Mode to make their way through World War II. The game supports single-player mode as well as a multiplayer mode for up to 32 players.

Capcom's Resident Evil: The Umbrella Chronicles enables one or two players to use the Zapper against bunches of zombies. In the course of doing so, the back-story behind the fall of the Umbrella Corporation is unveiled.

In addition to being compatible with these titles, the Zapper can become your own personal, arcade-like light-gun in SEGA's Ghost Squad.

Wii Game Titles

The Zapper could drive sales of games as well as consoles. Already, the Wii has four of the top 10 game titles in a recent NPD report, and it is positioned to increase its strength.

A recent report published by Gaming Target said that there were now more Wii-exclusive games in development than for any other console, a position that the Xbox 360 had held since such tracking began in late 2006. According to the report, the Wii has 113 exclusives, Microsoft's Xbox 360 has 96, and Sony's PlayStation 3 only 47.

Electronic Arts, the world's largest video game publisher, has said that it is less expensive to develop for the Wii than for the graphically intensive PS3 or Xbox 360.

From the day the iPhone was released, consumers have had one persistent complaint — the lock-in to AT&T and its poky data network. Steve Jobs is no fan of wireless carriers. In fact, he has called them “orifices” in the past, and at last week's announcement of the iPhone price cut, he didn't even mention his partner, AT&T. Is it possible, then, that Jobs would act to cut the stranglehold wireless carriers have on mobile communications?

Reports emerged Monday that Jobs and Apple are indeed considering participating in the government's auction of 700-MHz spectrum — the long-distance spectrum being abandoned by television broadcasters. Google already has announced its intention to bid. While the reports published Monday say Apple is leaning against the idea, Jobs apparently has been giving the possibility serious consideration.

“The major reason appears to be the iPhone,” independent industry analyst Greg Sterling said in a telephone interview. “There's a lot of fervor around the idea of unlocking the iPhone from AT&T. The ability to offer wireless access without a carrier would be a benefit to Apple.”

We Don't Need No Stinkin' 3G

In an iPhone-launch interview with the Wall Street Journal's Walt Mossberg, Jobs dismissed the notion that he should have made the iPhone able to connect to 3G networks. “Wi-Fi delivers data several times faster than 3G networks,” he said. Asked when there would be a 3G iPhone, he said, “Again, Wi-Fi is far faster than the 3G networks.”

Last week he unveiled the iPod touch, which, like the iPhone, is Wi-Fi enabled but doesn't run on cellular networks. Theoretically, both the iPhone and the iPod touch could run on the 700-MHz spectrum. “The rationales are valid enough that they are probably looking at it,” Sterling said. “It gives them a measure of degree over their own fate.”

Becoming a network operator would be a huge sea change for Apple, though. While many have speculated about Apple moving to an Internet-computing approach, Apple really operates only one Web service: iTunes. “Apple can see the road ahead — wide connectivity — and how they would benefit,” Sterling said. “They would be foolish not to chew on the idea, but it's unlikely they'll actually do it.”

The Silicon Valley company that lives and breathes cloud computing, after all, is Google. With its focus on search, online advertising, and online applications, Google would be in a much better position than Apple to recoup any losses it might suffer as a result of owning and operating wireless spectrum.

A Shock to Traditional Carriers

Indeed, any company thinking about stepping up to the spectrum auction would have to have a very strong sense that it knew what it was doing. “This is a business that's a big headache, “with low margins and high operational burdens,” Sterling said.

In any case, it's not clear whether Apple owning the spectrum would be an immediate benefit to consumers at large. “It's not desirable from a public standpoint,” Sterling said. The most desirable result for consumers, he said, would be for the spectrum to blanket the country with open access.

Of course, the winner of the auction will have to abide by FCC rules that require a certain amount of openness. “Interestingly, Apple and Google are aligned in this,” Sterling said. “What would be interesting is to see if they cooperated in some way.”

Ultimately, Jobs' tire-kicking around the auction might reflect his and other technology leaders' sense that the carriers are impeding innovation. “There's a lot of frustration that things aren't moving fast enough,” he said, noting that municipal Wi-Fi seems to have stalled.

The new spectrum is so powerful — the FCC calls is “beachfront property” — that Silicon Valley control of it could mean fundamental, disruptive change for mobile communication, Sterling said. “Wireless providers right now have a stranglehold on the market; they are the gatekeepers. They are inhibiting growth of wireless data and other services.” If another company comes in to subsidize the services with advertising, Sterling concluded, that would be “the rude shock of their lives.”

San Francisco (IDGNS) - M2Z Networks may sue the U.S. Federal Communications Commission after the agency turned down its request for radio frequencies for a national broadband wireless network.

On Aug. 31, the FCC rejected M2Z's plan to roll out free and paid services reaching at least 95 percent of the Americas. For that service, M2Z asked for 20MHz of spectrum for which it would pay the government 5 percent of its annual gross revenue. M2Z proposed the plan in May 2006.

The FCC didn't rule on the plan within a year and apparently didn't look at M2Z's supporting documents because it never commented on them, according to M2Z co-founder and CEO John Muleta. Legally it had to do both, Muleta said, so M2Z is considering filing suit in a federal appeals court.

The issue of wireless spectrum is heating up as the FCC heads toward its planned January auction of frequencies in the 700MHz band being vacated by analog TV stations. Google and others wanted the FCC to require wholesale access to that spectrum so that multiple providers could offer services. It eventually included a provision for some spectrum to be usable for any application on any device.

M2Z wants to use spectrum between 2155MHz and 2175MHz, a band previously used for microwave links between carrier facilities, which the FCC set aside for AWS (Advanced Wireless Services) in 2000. The agency has no plan yet for how to assign the spectrum. In its order rejecting M2Z's plan, the FCC said, “the public interest is best served by first seeking public comment on how the band should be used and licensed.”

The order turned down M2Z's plan “without prejudice,” meaning it didn't stop the company from proposing it again, according to Muleta. M2Z plans to participate in the future public comment process but believes FCC's indecision has gone on too long already.

“They took 15 months to decide that they really couldn't make a decision,” Muleta said. Meanwhile, the country still lacks sufficient broadband competition, he said.

M2Z wants to deliver a free service, supported partly by locally targeted search advertising, at 384Kbps downstream and 128Kbps upstream. People would only have to give a valid e-mail address or phone number to use it. Like broadcast TV, the free service would be “family friendly,” meaning it would filter out content that wasn't appropriate for children. A paid service on the same network would offer 3Mbps throughput and access to anything on the Internet.

Muleta knows who he's up against. He was chief of the FCC's wireless bureau from 2003 to 2005. M2Z, founded in 2005 and based in Menlo Park, Calif., is backed by Silicon Valley venture capital firms.

One wireless analyst said the free service wouldn't be fast enough for most consumers. He also questioned its “family friendly” content restrictions.

“At that point, you're not really giving Internet service,” said Sascha Meinrath, research director for the Wireless Future program at the public policy group New America Foundation.

But even if its service never gets turned on, M2Z has done its part to foster broadband competition, Meinrath said.

“M2Z has pretty single-handedly shifted the debate,” Meinrath said. Its plan to pay for spectrum through royalties rather than up front, as well as to make more efficient use of spectrum and offer a free service, are likely to show up in future spectrum allocation plans, he said. More efficient wireless networks should mean more bandwidth at lower cost – a better deal for consumers, Meinrath said.

WASHINGTON (Reuters) - The 2008 Democratic White House contenders go online on Thursday for what sponsors are calling the first presidential “mash-up” — a Web-based video forum that allows viewers to pick and choose what they want to see.

Interviews with each of the eight Democratic candidates will be cut and posted online by topic and candidate. This will allow users to organize the responses according to what they want to see — directly comparing some answers and completely skipping others.

The forum, sponsored by Yahoo, the Huffington Post blog and the Web magazine Slate, will be available on Yahoo's main news site on Thursday.

It is aimed at potential voters, particularly young people, who are often turned off by the traditional debate format that subjects viewers to rambling discussions, particularly those held long before the November 2008 presidential election.

“This is the first debate to offer people who live online what they love about being online — the ability to choose, be interactive and decide for themselves what their experience will be,” said Arianna Huffington, founder of the Huffington Post.

“They will actually engage with it and spend time with it and interact in a way that we have not been able to do.”

The forum is the latest step in the exploding use of online tools in political campaigns, from Web videos to social networks.

The candidates will be interviewed by satellite on Wednesday by PBS talk-show host Charlie Rose on the issues of Iraq, health care and education. A wild-card fourth topic will be chosen for each individual candidate.

Rose will be able to follow-up questions in an effort to keep the responses on topic, and the answers will be edited and posted. The Huffington Post and Slate will provide links to Yahoo, which will host the site.

Scott Moore, senior vice president of news and information for Yahoo, said the format was designed to be different from the typical one-size-fits-all debate.

“We wanted to come up with a format that was more interactive and innovative and takes advantage of the medium,” Moore said.

If a voter wants to see just the answers on Iraq, they can line them up and watch. Or they can view IllinoisSen. Barack Obama's health care answer compared to the one given by New York Sen. Hillary Clinton, he said.

“We'll have segments for every question and every candidate so as a user you can navigate through the material in any way you choose,” Moore said.

Moore said the sponsors hope to have a similar forum with the Republican candidates, although none have committed yet.

“I think they probably want to wait and see how this goes. If this format proves successful, I don't know how they would not do it,” he said.