Technology latest news

DENVER (Billboard) - At first glance, Nokia's Tero Ojanpera and Dave Stewart might seem like an odd pair.

As executive vice president of entertainment and communities for Nokia, Ojanpera oversees all of the company's music, gaming, video and social networking initiatives, including the Nokia Music Store and Comes With Music.

Stewart is a musician/producer best known as one half of the Eurythmics. In February, Stewart was named founding member of Nokia's new Artist Advisory Council, an initiative created to foster an artist-friendly environment within the company.

But the two have more in common that meets the eye. Stewart has strong ideas on how technology and digital business models should benefit acts and their fans, and, in fact, was the driving force behind the council's creation. Ojanpera, meanwhile, aims to combine Nokia's entertainment content services with its social networking capabilities to help fans and artists better connect and communicate to promote and distribute new content.

For Nokia, the effort is central to its reinvention from a handset vendor with 40 percent of the global mobile phone market share to a Web services company. For Stewart, the technologies of today and tomorrow represent a new stage of creative and professional development he hopes to share not only with musicians but also with filmmakers and others in the creative community.

Q: Can you give us a better idea what the vision of the Artist Advisory Council is?

Dave Stewart: It's a vision of the future where people would want to dig deeper in the world of an artist and where artists would be willing to be more experimental because the payment systems would be more transparent and different than they are today. It's about artists linking together and being collaborative.

Tero Ojanpera: If you think about the artist's point of view, it's not about selling one track or selling a ringtone or wallpaper. It's about how you create a discovery mechanism (that) represents the artist in a way that gives justice to their work. It's not just putting something online in a digital format — the technology will enable us to make a rich world where things come together in a really new fashion.

Q: How do you plan to achieve this?

Ojanpera: At this point it's about understanding the artist and understanding the consumer and making that connection. The rest will sort itself out. It may need some facilitation, but we should worry about those two things first. If you can bring value to the consumer and to the creative talent, I'm sure we will do well.

Stewart: Imagine a future where you have a little cloud above your head and in that is everything you think is groovy, and you can carry that along with you and pull it down to either watch or share … and it's all controlled by this little device in your pocket. The other part of it is that there are artists all over the world who don't want to share much more than what they can control — there are filmmakers who want to make 10-minute short films. So you can't put everything into one bag. What you can do is create a facility that can put all that work — whatever it is — into a context and in a way (that) consumers can access it.

Q: Dave, what is your perspective as an artist on the current digital/mobile business constructs?

Stewart: What I'm talking about is dropping a neutron bomb on the old paradigm of the entertainment industry and the way in which it functions. It's completely insane. In America, it's all gotten completely strangleholded by these providers. Nobody ever talked to artists about what they wanted to do. Steve Jobs didn't talk to me about selling music online — it just went straight to the music labels.

Artists make their work, and people come along and treat it like something you can chop up into bits and sell into other bits. They say ringtones is a $3 billion business; I still haven't seen one cent on a “Sweet Dreams” download. There's always been a bit of foggy accounting. There's ways and means through technology and through common sense to create a way in which the consumer gets a fair deal and the creator gets a fair deal and business is good.

Q: So it sounds like the vision is to try to use mobile phones as a way of distributing content directly to fans without all the other layers.

Stewart: I'm not going to try to do that. I am going to do it. It's also about trying to get artists to understand that, in the new world, it's not about making an album or a film that has to fit the exact demographic and exact length. It's going to be a completely different world. I can send you clips of what I'm working on and you can pre-order it. There's a dialogue going on so you actually know who your fans are and where they are.

Q: Do phone manufacturers have more power in the mobile value chain now that entertainment services have made the phone more of a consumer electronics device and less a mere network access device?

Ojanpera: This is a great opportunity for the whole industry to grow: device manufacturers, carriers and the content companies. The fact that content is coming to mobile will enable us to continue to innovate for the industry. We have the strength to invest in this space, and that's valuable to the content industry. This is not about who has more power or less power — this is about, Can we attract the consumer to really use these services?

Q: So on that note, how is the Nokia Music Store doing?

Ojanpera: We're not sharing any specific data. But the service is live in the U.K. and Germany, and we are launching (in) additional countries in Europe and Asia. So one could describe it as a store rollout phase for the next month or two and getting the catalog in place. The feedback from the U.K. store is good; people are using it and seeing that there's an easy way to get music on your device, both side-loading and (over the air). We're currently seeing about 75 percent side-loading and 25 percent OTA. We think once the Comes With Music service is in place later this year, it will make the purchase decision easier, and we believe that can and will really scale the music market up.

Reuters/Billboard

Apple's teasing commercials that imply its software is safer than Microsoft's may not quite match the facts, according to new research revealed at the Black Hat conference on Thursday.

Researchers from the Swiss Federal Institute of Technology looked at how many times over the past six years the two vendors were able to have a patch available on the day a vulnerability became publicly known, which they call the zero-day patch rate.

They analyzed 658 vulnerabilities affecting Microsoft products and 738 affecting Apple. They looked at only high- and medium-risk bugs, according to the classification used by the National Vulnerability Database, said Stefan Frei, one of the researchers involved in the study.

What they found is that, contrary to popular belief that Apple makes more secure products, Apple lags behind in patching.

“Apple was below 20 [unpatched vulnerabilities at disclosure] consistently before 2005,” Frei said. “Since then, they are very often above. So if you have Apple and compare it to Microsoft, the number of unpatched vulnerabilities are higher at Apple.”

It's generally good for vendors to have a software fix available when a vulnerability is disclosed, since hackers often try to find out where the problem is in order to write malicious software to hack a machine.

For a vendor to have a patch ready when the bug is detailed in public, it needs to get prior information from either its security analysts or external ones. Otherwise the vendor has to hurry to create a patch, but that process can be lengthy, given the rigorous testing needed to test the patch to ensure it does not conflict with other software.

Apple only started patching zero-day vulnerabilities in late 2003, Frei said.

“We think that Apple had fewer vulnerabilities early on, and they were just surprised or not as ready or not as attentive,” Frei said. “It looks like Microsoft had good relationships earlier with the security community.”

Over the past few years, Microsoft has tried to cultivate a closer relationship with the security community in order to encourage researchers to give it a heads-up about software problems. Apple, however, doesn't appear to have that same sort of engagement yet, and, “based on our findings, this is hurting them,” Frei said.

Curiously, both vendors' abilities to have zero-day patches ready at disclosure seemed to dip in the six months before a major product release. That trend was most pronounced in 2004 and 2005. Frei theorized that the buildup to big software releases took away software engineering resources.

Andrew Cushman, director of Microsoft's Security and Research, said he couldn't pinpoint what might cause that trend. But in 2004 and 2005, Microsoft had a rash of vulnerabilities pop up in its Office products that it did not get advance notice of, which may have contributed to a higher percentage of unpatched publicly disclosed bugs.

However, the study proved to be such a glowing affirmation of Microsoft's increased focus on security in the past few years that it prompted Cushman to ask Frei, “Did Microsoft fund this research?”

“This is independent academic research,” Frei replied.

Scrapblog, a Web 2.0 startup that aims to marry the worlds of scrapbooking and blogging, has enhanced its drag-and-drop tools for editing and cropping photos.

With the new features, Scrapblog now allows “freehand” cropping of photos, whereas before it provided only pre-set cropping shape options. In addition to the new scissor-like cropping ability, Scrapblog is also providing an “eraser.”

Meanwhile, the company has also added a dozen one-click photo effects like antique and sepia, as well as the ability to adjust five elements like brightness and contrast, all things that previously required using a third-party editing program.

Scrapblog, privately-held and based in Coral Gables, Florida, launched its free Web-based scrapbook authoring service in April 2007, after developing it for two years.

Based on Adobe's Flex technology, the Scrapblog Builder is a rich Internet application (RIA) that requires no downloads and is aimed at letting people create online scrapbooks with photos, videos, audio and text, said CEO Carlos Garcia.

The company sees itself as a complement to photo and video-sharing sites like Photobucket, Flickr and YouTube, Garcia said. “People already have so much content uploaded to those sites. We started with the idea of letting people design online,” he said. “We want to let them mix up their uploaded media creatively. That to us is the evolution of the first wave of user-generated content sites.”

As such, Scrapblog's strategy is to provide easy links to video sharing sites and online photo album sites so that people can remix their content using Scrapblog's application. About 75 percent of Scrapblog's users bring photos that they have previously uploaded elsewhere.

To accentuate its non-compete strategy with video and photo upload sites, Scrapblog doesn't let its users share standalone pictures, only the scrapblogs they create. While it consumes content uploaded elsewhere, it also lets its users publish their scrapblogs to blogging, social networking and other sites, so Scrapblog also contributes content back, Garcia said.

Garcia cautions that the application is designed for regular users, not for graphic design professionals expecting to find Photoshop's entire feature set. Scrapblog's intention is to appeal to two main constituencies: people with a lot of uploaded photos and videos, as well as enthusiast scrapbookers eager to extend their hobby online.

Regarding the latter group, Garcia notes that there are about 30 million offline scrapbookers in the U.S. and that offline scrapbooking is a $3 billion a year industry.

By the end of 2007, about 1.2 million scrapblog pages had been created on the site. Most– over 80 percent– of scrapblog builders are women, many of them mothers of young children, Garcia said.

The company gives people the option of keeping their scrapblogs private or make them public for anyone to view. Creators of private scrapblogs can invite others to view them by extending a guest pass.

Although not yet profitable, the 15-person company is generating revenue, albeit not from traditional online ads, which Garcia believes would “pollute” the user experience. Instead, Scrapblog has gone the route of sponsored content, such as a campaign it did this past Christmas season with Disney's ABC Family TV channel, which was sponsored by car maker Dodge.

Scrapblog is backed by Longworth Ventures and Steamboat Ventures, which is affiliated with Disney.

LIVINGSTON, Tenn. - Four days a week Todd Matthews earns $11.50 an hour working for an automotive parts supplier. He punches in at 4:15 a.m., punches out nearly 11 hours later, then drives half a mile to his little beige house on a hill where, in the distance, he can glimpse the Appalachian mountains.

He spends the next seven to eight hours at his desk, beneath shelves lined with miniature plastic skulls, immersed in a very different world.

Their faces seem to float from his computer — morgue photographs, artist sketches, forensic reconstructions — thousands of dead eyes staring from endless Web sites as though crying out for recognition. John and Jane and Baby “Does” whose nameless bodies have never been identified.

His wife, Lori, complains that Matthews spends more time with the dead than he does with the living, including his two sons, Dillan, 16, and Devin, 6.

You need a hobby, she says, or a goal.

I have a goal, he replies, though he describes it as a “calling”.

He wants to give “Does” back their names.

His obsession began two decades ago, when Lori told him about the unidentified young woman wrapped in canvas whose body her father had stumbled on in Georgetown, Ky., in 1968. She had reddish brown hair and a gap-toothed smile. And no one knew her name.

So locals blessed her with one. They buried her under an apple tree with a pink granite tombstone engraved with the words “Tent Girl.”

At 37, Matthews is a sensitive soul who has always felt an affinity for the dead, perhaps because two of his siblings died just after birth. Matthews still chokes up when he visits the graves of Gregory Kenneth and Sue Ann. But at least he knows where they are buried.

Tent Girl haunted him. Who were her siblings? What was her name?

Matthews began searching library records and police reports, not even sure what he was seeking. He scraped together the money to buy a computer. He started scouring message boards on the nascent Internet.

In the process, Matthews discovered something extraordinary. All over the country, people just like him were gingerly tapping into the new technology, creating a movement — a network of amateur sleuths as curious and impassioned as Matthews.

Today the Doe Network has volunteers and chapters in every state. Bank managers and waitresses, factory workers and farmers, computer technicians and grandmothers, all believing that with enough time and effort, modern technology can solve the mysteries of the missing dead.

Increasingly, they are succeeding.

The unnamed dead are everywhere — buried in unmarked graves, tagged in county morgues, dumped in rivers and under bridges, interred in potter’s fields and all manner of makeshift tombs. There are more than 40,000 unnamed bodies in the U.S., according to national law enforcement reports, and about 100,000 people formally listed as missing.

The premise of the Doe Network is simple. If the correct information — dental records, DNA, police reports, photographs — is properly entered into the right databases, many of the unidentified can be matched with the missing. Law enforcement agencies and medical examiners offices simply don’t have the time or manpower. Using the Internet and other tools, volunteers can do the job.

And so, in the suburbs of Chicago, bank executive Barbara Lamacki spends her nights searching for clues that might identify toddler Johnny “Dupage” Doe, whose body was wrapped in a blue laundry bag and dumped in the woods of rural Dupage County, Ill., in 2005.

In Kettering, Ohio, Rocky Wells, a 47-year-old manager of a package delivery company, scoots his teenage daughters from the living room computer and scours the Internet for anything that might crack the case of the red-haired Jane Doe found strangled near Route 55 in 1981. “Buckskin Girl,” she was called, because of the cowboy-style suede jacket she was wearing when she was found.

And in Penn Hills, Pa., Nancy Monahan, 54, who creates floor displays for a discount chain, says her “real job” begins in the evening when she returns to her creaky yellow house and her black cat, Maxine, turns on her computer and starts sleuthing.

Monahan’s cases include that of “Beth Doe”, a young pregnant woman strangled, shot and dismembered, her remains stuffed into three suitcases and flung off a bridge along Interstate 80 near White Haven in December 1976. And “Homestead Doe,” whose mummified body was found in an abandoned railroad tunnel in Pittsburgh in 2000. Her toenails were painted silver.

Monahan was so moved that last year she sought out the tunnel, climbed down the embankment and offered a silent prayer for the young woman whose life ended in such a pitiful place.

“It’s like they become family,” Monahan says. “You feel a responsibility to bring them home.”

The stories of Doe Network members are as individual as the cases they are trying to solve. Bobby Lingoes got involved through his connection with law enforcement — he’s a civilian dispatcher with the Quincy, Mass., police department. Traycie Sherwood of Richmond, Mo., joined when her adoptive mother died and she went on line searching for her birth mother. Daphne Owings, a 45-year-old mother of two in Mount Pleasant, S.C., needed something to take her mind off the war when her husband was sent to Iraq. Carol Ceiliki of Whitehall, Pa., was searching for her ex-husband.

And Laura Allen Hood of Fort Smith, Ark., was searching for her brother.

For years, Hood refused to speak about Tony, who vanished without a trace in 1978 while visiting friends in Oklahoma. He was 16, two years older than his sister. Her parents tried to shelter the family from the pain, tried to make life for his siblings as normal as possible. But, she says, “it never leaves your mind.”

Hood describes years of false sightings and false hope — stalking someone in a car because he looked like Tony, picking up hitchhikers who bore a resemblance, her mother wrapping a Christmas present year after year for the son who never came home.

It wasn’t until 2004, when Hood’s own son became a teenager that she decided to find her brother once and for all. Trolling the Internet she discovered the Doe Network. Sifting through its vast indexes, she found new reason to hope.

For the first time in her life, Hood e-mailed a stranger — Matthews in Tennessee: “Can you help me find my brother?” she pleaded.

Matthews responded with a series of questions. Was the case filed as missing with the National Crime Information Center, an FBI clearinghouse? Did she have dental records or relevant medical information? Had the family submitted DNA to law enforcement?

Finally, Matthews asked for a photograph of Hood’s brother, which he forwarded to one of the professional forensic artists who donate time to the network.

Nothing prepared Hood for the black-and-white image that filled her computer screen a few weeks later. Gone was the long hair and devil-may-care grin. Smiling, ghost-like, but yet so very real — the artist’s depiction of a middle-aged Tony.

Hood stared at the image, her mind racing. Was he alive? Dead? Did she really want to know?

Four years later, Tony Allen has still not been found. There have been a number of false matches, though, and each narrows the search. Hood says she feels a new sense of certainty that someday, someone will click on a mouse and find a connection.

Matches can be triggered by a single detail — a tattoo, a piece of clothing, a broken bone. It’s just a question of the right person spotting the right piece of information and piecing together the puzzle. The process can be tedious and frustrating; months or even years of endless late-night clicking on a dizzying array of sites can often lead nowhere.

And it can take its toll. Lori Matthews once left her husband for six months because of his obsession with Tent Girl. “He didn’t talk about anything else,” she said. “It wasn’t normal.”

They reconciled after Matthews agreed to limit the amount of time — and money — he spent on “Does.”

Still, Matthews and others say the rewards of cracking a case make the time worthwhile. The Doe Network claims to have assisted in solving more than 40 cases and ruling out hundreds more.

Successes are not entirely joyous, says Kylen Johnson, a 38-year-old computer technician from Clarksburg, Md. “On the one hand, you are giving families the information they have been searching for. On the other, you are extinguishing all hope that their missing loved one will be found alive.”

Johnson tells of a Kentucky woman who had been searching for her ex-husband for 18 years. The woman described a tattoo on his shoulder — the initials “RGJ.” Johnson, with other Doe volunteers, was able to track down a John Doe with identical markings in Vermont.

Johnson still marvels at how grateful the woman was at the other end of the phone. And at how strange it felt, that someone would thank her for finding out their husband had been murdered.

“Nothing you find can be any worse than something that has already gone through your mind,” says Mary Weir of Palmer, Alaska, describing the sickening moment when she spotted an artist’s rendition of her 18-year-old daughter’s face on the Network.

Samantha Bonnell had been missing for 19 months. She was killed while running across a California highway in 2005, and buried in an unmarked grave — Jane Doe 17-05.

“Her name wasn’t Jane Doe,” Weir said, her words punctuated by sobs.

“She was Samantha, my Samantha and she had curly red hair and green eyes and freckles on her face. And she was a real person and she was loved. She wasn’t just a number. She was funny and maddening and she wrote her first resume at 10 — for a baby-sitting job! And she read Shakespeare for fun. And she was just bigger and brighter than the rest of us, and the world is worse off for not having her.”

Bonnell’s remains were exhumed last year. She was buried in her native Oregon beneath a headstone carved with her name.

Today her mother actively lobbies the state government to pass legislation making it easier to file missing-persons reports for people 18 and over — some local authorities are slow to pursue missing adults, saying they have every right to go missing — and mandating DNA samples be taken from family members within 30 days of a report being filed. Several states already have such laws and many others are considering them.

“I don’t care who you are,” Weir says, “to be buried with no name implies that your life didn’t matter, that you were just discarded like trash. I wanted better for my daughter — and for all the other missing people out there.”

“They do God’s work,” says Mark Czworniak, 50, a veteran homicide detective in Chicago.

He first encountered the Doe Network when he was approached by Lamacki, the Chicago bank executive, about potential matches. Unlike some officers, Czworniak has no hesitation about working with civilian volunteers, especially those willing to devote endless hours to cold cases that he cannot get to.

Czworniak says there are hundreds of “Does” in the department files. He is assigned five, including a tall, thirtysomething man found at the Navy Pier in 2003. Czworniak hopes that the man’s height will help Lamacki or another Network volunteer eventually make an identification.

“She’s like a little bloodhound,” says Czworniak, who exchanges e-mails with Lamacki on cases every week and has introduced her to other detectives. “She has the wherewithal and interest and time and she searches these sites I’m not even aware of.”

Such praise was rare in the early days of the network, when overeager members were more likely to be derided as “Doe nuts” by police and medical examiners. That changed partly as the organization imposed stricter rules on who could join and developed a system of area directors, researchers and media representatives. Now a potential “solve” is rigorously vetted — and voted on — by a 16-member panel, and potential matches are submitted to law enforcement agencies only by designated members.

In another sign of the network’s influence, Matthews was asked to serve on a government task force involved in creating the first national online data bank for missing and unidentified.

The National Missing and Unidentified Persons System, NamUS, launched last year, is made up of two databases, one for the missing and one for the unidentified. The goal is to have medical examiners and law enforcement agencies around the country constantly update information on both sites. Next year the sites will be linked and made available for public searching.

No one believes NamUS will put the Doe Network out of business — there will always be a need for people with their expertise to make the necessary connections.

And so, families of the missing will no doubt continue to rely on people like Todd Matthews.

At his house in Livingston, Matthews has built a little nook next to the living room — his “Doe office,” he calls it. His desk is laden with pictures of dead bodies. He says he gets many e-mails about cases every week. Every night he scrolls down the lists, searching for new information:

Unidentified White Female. Wore a necklace of silver beads and three small turquoise stones, one resembling a bird. Found in a Calendonia cornfield in New York state in 1979. …

Unidentified White female. Strawberry blonde hair and 12 infant teeth. Wearing a pink and white dress that buttoned in the back and a disposable diaper. Found Jackson County, Miss. 1982. …

Unidentified Black Female. Gunshot wound to the skull. Found next to highway ramp in Campbell County, Tenn., in 1998…

The last case is close to Matthews’ heart. Sally, he named her, after a Campbell County police officer entrusted him with her skull in 2001.

The police didn’t have the time or means to pay for a clay reconstruction, and so — with the approval of the local coroner — Matthews took the skull to a Doe Network forensic artist. A picture of the reconstructed head was placed on the Network site. The skull sat on Matthews’ desk for over a year, and even Lori, who was at first so horrified she couldn’t look at it, grew fond of Sally. She remains unidentified.

But even Sally cannot take the place of the first Doe, the one who changed Matthews’ life. He still regularly drives to Kentucky, to a lonely plot in Georgetown to visit her.

“She’s family now,” he says.

Standing by her grave, he tells of the night in 1998 when, scouring chat rooms for the missing, he stumbled upon a message from Rosemary Westbrook of Benton, Ark.

Westbrook sought information about her sister, Bobbie, who was 24 when she went missing 30 years earlier. Bobbie had married a man who worked in a carnival, and she was last seen in Lexington. She had reddish brown hair and a gap-toothed smile.

Over and over Matthews stared at the message. And in his heart he knew.

Lori, he cried, racing into the bedroom and shaking awake his wife

“I’ve found her. I found Tent Girl.”

E-mails were exchanged. Phone calls were made. When Matthews received a photograph of Westbrook’s sister, he had no doubt. She looked just like the forensic artist’s portrait sketched years earlier — the one engraved on Tent Girl’s headstone, the one that had obsessed him for years.

Weeks later the remains were exhumed. The match was confirmed by DNA.

“It was the best peace of mind in the world,” Westbrook says. “What Todd did for our family … I can’t describe it … I don’t have the words. Just to have a grave to visit means everything when you have been wondering for so long.”

The family decided to re-inter Taylor in the place that had been her resting spot for so many years. Beneath the stone etched “Tent Girl” they placed a small gray one engraved with her real name, the name that Matthews had restored.

She was Barbara Ann Hackmann, now and for eternity.

For the second time, a device submitted by Microsoft for U.S. Federal Communications Commission testing of wireless “white spaces” technology has stopped working and been taken out of the process.

The wireless prototype, which was not made by Microsoft, unexpectedly stopped working on Wednesday, Microsoft said Friday. In February, the FCC took another Microsoft-submitted device out of testing because it had power problems.

The White Spaces Coalition, which includes Google, Philips and Dell as well as Microsoft, has asked the FCC to let wireless devices use vacant frequencies, referred to as white spaces, in the spectrum band allocated to television. They say this would give consumers more wireless broadband options. Opponents, including the National Association of Broadcasters (NAB), say such devices would interfere with TV broadcasts. Microsoft and others voluntarily submitted prototype devices for testing, a step that usually isn't included in this type of FCC process, said Microsoft spokeswoman Ginny Terzano.

The NAB used Wednesday's unexpected shutdown to attack the white-spaces backers.

“In baseball, it's three strikes and you're out. How many strikes does Microsoft get? If they can't get the device to work in the lab, how are they going to get it to work in the real world?” NAB Executive Vice President Dennis Wharton said in a statement sent to reporters.

Microsoft said the problems that took the two devices out of testing were unrelated to interference and that the units were experimental, not production devices. The FCC gathered valuable information by testing them, and there are three other devices submitted by other parties that can still be used, Terzano said. If Microsoft had tried to do anything to the two devices to get them working again, they probably would have been considered new devices and the FCC would have had to redo its tests on them, she said.

“Considering where we are in the lab testing process… we think that it's more prudent to continue with the other non-Microsoft devices that are currently going through testing,” Terzano said.

Based on observations from Microsoft engineers observing the tests, “the data the FCC has gotten so far has found that there is no interference,” she said.

MANILA (AFP) - Philippine PC manufacturer Neo and multinational computer processor maker Intel have jointly launched a new 16,999-peso (406-dollar) mini laptop, spokesmen said Saturday.

The Neo Explore is a “ruggedized and shock-proof” laptop with a keyboard that will not be damaged by spillages of liquids, said Neo spokeswoman Mariel Que.

It weighs 0.66 kilograms (1.45 pounds) and is the size of a schoolchild's lunchbox but will have the memory capacity and usual features of a standard basic laptop.

Though the Explore is primarily designed for primary school children here, it can also be used by first-time PC users for word-processing and Internet access, said Intel Philippines country manager Ricky Banaag.

It will be available in stores in major Philippine cities.

Adobe is working on an update to its Flash Player software that will address a widespread vulnerability found on hundreds of thousands of Web sites.

The issue, first reported in December by Google researcher Rich Cannings, allows attackers to use buggy Shockwave Flash (.swf) files in order to attack Web surfers. Using what is known as a cross-site scripting attack, criminals could create fake phishing pages or, much worse, gain access to online banking sessions or Web accounts of victims in some situations.

After Cannings went public with his findings, Adobe and other software vendors fixed their development tools so they would no longer create the vulnerable Flash files, but there are still more than 500,000 of these files posted on different sites on the Internet, according to Cannings.

Because of the amount of work it would take to clean up the mess, Cannings had been encouraging Adobe to make changes to its Player software that would nullify these cross-site scripting attacks.

This fix is being developed and will be available “soon,” said Adobe spokesman Matt Rozen in an e-mail message.

Security experts say that Adobe's chief problem now is to work out a way of fixing this bug without making it hard for users to view older Flash files.

In an interview on Friday, Cannings said that some of Adobe's early approaches to this problem had “broken” existing Flash files in the player, but that a satisfactory fix was technically possible. If Adobe could convince browser-makers to make some changes as well, it might simplify things, he added.

Three months after he went public with the problem, Cannings estimates that more than 10,000 Web sites remain vulnerable to this attack.

Expensive legal battles have caused TorrentSpy, the search engine for the BitTorrent file-sharing service, to shut down.

A note on the home page of TorrentSpy's Web site said it is shutting down “not due to any court order or agreement,” but because of a team decision.

TorrentSpy has spent the past two years and hundreds of thousands of dollars “defending the rights of our users and ourselves” in a legal climate that was “hostile” to torrent files, according to the note, which is attributed to the TorrentSpy team.

“Ultimately the Court demanded actions that in our view were inconsistent with our privacy policy, traditional court rules, and International law; therefore, we now feel compelled to provide the ultimate method of privacy protection for our users– permanent shutdown,” the team said.

TorrentSpy was a search engine that helped visitors find torrent files on the Web. Torrent files are often music or movie files stored in an easily shared file format. The search engine came under legal fire from the entertainment industry, which in general does not want licensed content to be distributed royalty-free.

In December, the Motion Picture Association of America (MPAA) won a copyright infringement case against TorrentSpy that it had filed in 2006. TorrentSpy argued that its site doesn't contain any copyrighted works or links to copyrighted works, does not promote copyright infringement and can't be held liable for the actions of visitors once they leave its Web site. The site lost its case because the court ruled it had tampered with evidence.

A self-styled ethical hacker group plans to counter moves by companies that attempt to bury security vulnerability information in order to protect their businesses.

Companies spend a lot of money on crisis management teams that try to keep a lid on situations that could alarm their customers, so-called “black public relations,” said Petko D. Petkov of GNU Citizen– a close-knit group of blogging researchers who have published several big scoops on software vulnerabilities.

Black PR is a bit of a black art. It can involve pressure on people, careful sculpting of the media and other ways to keep calm during a crisis situation, Petkov said last week at the Black Hat conference in Amsterdam.

Petkov's organization has been no stranger to controversy, and it has encountered pressure before from small companies concerning security vulnerabilties.

GNU Citizen sticks by the tenets of responsible disclosure, which involved contacting companies that have problems with their software and giving them enough notice to fix the bug before it is publicly published. Nonetheless, they've been blamed by companies for enabling attacks on their systems.

“You don't really want to get on the wrong terms with the wrong company,” Petkov said.

GNU Citizen's “antiblack PR” unit looks at the broad implications of security problems– a company's economic interests, what data may be compromised– and formulates a big picture on the machinations of a company and what's at stake when, for example, banking systems are compromised.

Part of the problem is the economics of fixing faulty software. Creating and distribution patches is very expensive, and a few vendors would rather fly below the radar than fix them, Petkov said.

“Most of the companies, they just don't fix them [software problems],” Petkov said. “They build a big black PR group to counter stories.”

Some security situations are just too big to cover up. Retailer TJX suffered one of the largest data breaches ever last year. Around 45.6 million credit and debit card numbers were pilfered from its system. But many other security problems receive scarce attention.

Petkov said the antiblack PR project rivals GNU Citizen's work on security research. “This is actually one of the biggest games in the world to me,” he said.

China Mobile will launch trials of a 3G (third-generation) mobile service in eight Chinese cities next month, Chinese media reported Friday.

The company will begin testing TD-SCDMA (Time Division Synchronous Code Division Multiple Access) systems in Beijing, Shanghai, Tianjin, Guangzhou, Shenzhen, Qinhuangdao, Shenyang and Xiamen beginning April 1. The test will involve a total of 20,000 users, Sina.com reported. The reports did not say how long the trial will last.

The 3G (third generation mobile telephony) service will feature one-way billing, according to the reports. Currently non-3G customers in China are charged for both making and receiving calls.

China Mobile did not respond to requests for comment.

China has yet to issue 3G licenses to any of its mobile or fixed-line operators. China Mobile, as the nation's and the world's largest mobile carrier seems guaranteed a license, especially as it is conducting the test.

TD-SCDMA is China's homegrown 3G standard, although numerous international companies participated in its development, including Nortel, Motorola and Alcatel. The standard has failed to gain any traction outside China, and slow roll-out of 3G services in China is blamed in part on its slow development. Smaller trials took place last year in second and third-tier cities.