Internet firms tackle human rights

NEW YORK (AP) -- Leading Internet companies, long criticized by human rights groups for their business dealings in China, are agreeing to new guidelines that seek to limit what data they should share with authorities worldwide and when they should do so.

Google joins Yahoo! and Microsoft in agreeing to new guidelines on human rights principles.

The guidelines, to be announced Tuesday, call for Google Inc., Yahoo! Inc. and Microsoft Corp. to try to reduce the scope of government requests that appear to conflict with free speech and other human rights principles. They also require participating companies to seek requests in writing, along with the names and titles of the authorizing officer.
The Global Network Initiative guidelines were drawn up by the Internet companies along with human rights organizations, investors and academics.
But ultimately, the documents are less about "what happens when you get a knock on the door than what are you doing before then," said Leslie Harris, chief executive of the Center for Democracy and Technology, one of the main groups behind the guidelines.
Harris said the companies are agreeing to consider human rights issues ahead of time, as they decide which countries to operate in and what services to offer. The guidelines also call for companies to train employees and develop mechanisms to resolve conflicts.
It was not immediately clear, however, what practices, if any, will change, as the guidelines do not ban any specific conduct, and many of the key points are open to interpretation or are left to individual companies to implement.
"What's disappointing is that the amount of effort ... didn't produce something more substantial," said Morton Sklar, executive director of the World Organization for Human Rights USA. The group sued Yahoo! for giving Chinese officials information that led to the arrest of two journalists. The lawsuit has since been settled for an undisclosed amount.
Don't Miss
Microsoft anti-piracy tactic angers Chinese
He said the documents do not offer specific guidance on how a company's employee is supposed to respond when presented with a particular set of circumstances.
But Sklar praised the companies for recognizing "that there was a huge problem here and needed to be addressed."
About 18 months in the making, the guidelines do call for the creation of an oversight organization to regularly review the companies' practices, though what sanctions they face have yet to be decided. Other companies may join the Global Network Initiative.
The guidelines stress that free expression and human rights are ultimately principles requiring the commitment of governments, and that organization will also help companies collaborate on lobbying.
Internet companies have felt compelled to expand into China because of its growth potential, but the push into the world's most populous country has raised thorny issues, particularly for Yahoo! and Google, which were both co-founded by immigrants.
Yahoo! and its Taiwan-born chief executive, Jerry Yang, have faced the biggest backlash for handing over e-mails that led to the imprisonment of two Chinese journalists. Besides Sklar's lawsuit, the outcry spurred a congressional hearing during which the late Rep. Tom Lantos likened Yang to a moral "pygmy" for cooperating with the Chinese government.
Yang has since been more proactive about speaking out for human rights. Leading up to the Olympics in Beijing, Yang urged the Bush administration to use its diplomatic influence to obtain the release of jailed political dissidents.
Google has refrained from offering e-mail or blogging services in China because it doesn't want to be put in a position where it might have to turn over any of its user's communications.
Still, Google has come under fire for censoring about 2 percent of its search results in China to comply with government rules. Google's Russian-born co-founder, Sergey Brin, has maintained that the people living there will be better off with an abbreviated version of the search engine than a full version that is entirely blocked by the government.
"From the start, Google has promoted free expression and the protection of our users' privacy," said Bob Boorstin, Google's director of policy communications. "We see this as another crucial step. The coming together of all these diverse companies and groups is more likely to bring change in government policies than any one company working by itself."
In a statement, Yang said the guidelines "provide a valuable roadmap for companies like Yahoo! operating in markets where freedom of expression and privacy are unfairly restricted."

Black thumb? Your computer can help

SAN FRANCISCO (Fortune) -- We have been taught to keep our electronic gadgets out of the sun, dirt and rain. So it is a surprise to come across a startup that wants its sophisticated gear subjected to everything nature can throw at it, at least within the confines of your yard.
Founded by Matthew Glenn and David Wilkins, San Francisco-based startup PlantSense aims to harness the power of your home PC and the Internet to make everyone a master gardener. The first step is to place the company's EasyBloom device in the dirt or any place you might want to grow a plant.
Inside the cheery, plastic daisy - it looks a lot like an electric toothbrush - are a number of sensors that measure solar radiation, moisture and temperature over a 24-hour period. You take that data, download it to your PC via a handy USB, and the information from your front yard is then mapped against a Web-based database of plants. Given your locale (based on zip code) PlantSense will come back with types of plants that will work for specific parts of your yard, inside your house or any place you want something to grow.
"You buy a plant at a nursery and the tag it comes with gives you vague guidance about what environment it will grow best in - like partly sunny. No one knows what that means," says Glenn. "We tell you exactly what plants will grow in an exact spot in your yard. It's like gardening with a scalpel."
That scalpel can be too sharp at times. During the company's beta testing period over the past few months, the device recommended that a gardener in a hot part of Arizona plant moisture- and cool-climate-loving blueberries. For the 24-hour period that the EasyBloom measured, you could have grown blueberries, but only until the weather got hot and sunny again. Needless to say, the PlantSense team changed their algorithms to make sure an entire growing season is considered when making recommendations, not just a snapshot.
Mining for information
On its own, PlantSense is a big enough idea. Gardeners in the United States spend about $40 billion annually on plants and assorted shovels, buckets and gloves to get things to grow. About half of that is spent on plants, one-third of which die. Outside the United States, gardening occupies even more time and money.
While the startup's EasyBloom attempts to solve a millennia old problem, it does it with a bleeding-edge technological approach that has more in common with the iPhone and Google than a wheelbarrow and the Farmer's Almanac. Rob Coneybeer, a partner with Silicon Valley venture capital firm Shasta Ventures describes what PlantSense is doing as part of the emerging physical web. "With cheap sensors and easy connectivity, companies like PlantSense are turning the physical world all around us into a database," Coneybeer says. "You are going to see it happen everywhere."
Glenn thinks of these databases in combination with sensing devices as emerging expert systems. With the proliferation of cheap, available sensor technology and easy access to the Web, you simply gather the data required, and then set it loose on whatever expert system you want to build.
Expert systems focused on health, your car or your house are obvious examples of areas that could fit into the physical web. Step on a scale and it maps your weight against what you ate, your weight loss goals, and your exercise regime. Start your car and it monitors performance and mileage, and makes suggestions depending on driving preferences. Your roof tells you there is a leak before it does thousands of dollars in damage.
We are sure to see many more of these physical web companies, and at a certain point some other company, probably Google, will start to index all this data being thrown off by plastic daisies and everything else that is being measured in the real world.
var yahooBuzzArticleId = 'cnnmoneycom521:http:\/\/money.cnn.com'+location.pathname;
var yahooBuzzBadgeType = 'text';
var yahooBuzzShowBranding = false;

EPA, UPS join to launch eco-friendly hybrid trucks

Embracing technology developed by federal engineers, UPS will order a handful of new delivery trucks powered by a hydraulic hybrid system that saves fuel and cuts carbon emissions.
The Environmental Protection Agency holds many of the patents on the innovative technology, which was developed in an EPA fuel-emissions lab in Ann Arbor, Michigan, with the help of engineers from Eaton Corp., which designs hydraulics systems.
"This vehicle to my right may look like a brown package truck that you'd see every day in your neighborhood," said UPS Chief Operating Officer David Abney, standing beside a prototype of the hybrid truck at a news conference Monday. "But underneath the hood is a whole different kind of technology."
The trucks combine a diesel engine with a unique hydraulic propulsion system that replaces the conventional drivetrain and transmission. Using hydraulic pumps and storage tanks, the vehicle captures and stores energy the way a battery does on an electric hybrid car.
The motor converts pressure from the hydraulic fluid into rotating power for the wheels and uses stored energy to accelerate the vehicle, thereby recovering more than 70 percent of the energy normally wasted during braking.

Cable TV provider plans its own wireless network

NEW YORK (AP) -- Cable TV provider Cox Communications Inc. was set to announce Monday that it plans to have its own cellular network up and running next year, a move that intensifies cable's competition with phone companies.

Cox Communications appears to be the only major cable company building its own cellular network.

Cox had signaled an interest in building a wireless network by spending $550 million on licenses to use the airwaves. But such spectrum purchases don't always lead to the building of a network, and privately held Cox hasn't previously detailed its plans.
The Atlanta-based company plans to build its own network in its cable service area, and partner with Sprint Nextel Corp. for roaming outside those areas.
Cox's spectrum licenses cover the areas around Atlanta, New Orleans, San Diego, Omaha, Neb., and Las Vegas as well as much of Kansas and southern New Mexico. Those areas have about 23 million people, said Stephen Bye, Cox's vice president of wireless.
Wireless phone service will add to Cox's video, phone and Internet services to head off competition from phone companies like AT&T Inc. and Verizon Communications Inc., which already have wireless service and are rolling out video.
Cox, which has 6 million customers, appears to be the only major cable company that is building its own cellular network right now, but it's an area where the cable industry has long been involved.
Cox itself built and operated a cellular network covering Southern California and Las Vegas in the 1990s, then sold it to Sprint in 1999. Comcast Corp., the country's largest cable company, also owned a wireless network in the '90s and had ties to Sprint.
The cable companies teamed up with Sprint again in 2005 to market wireless service to their video customers, but the project was scuttled this year.
Bye said the latest project with Sprint taught Cox that it was important to provide a consistent experience for customers, and that the best way to do that was to keep control under one roof rather than share it in a joint venture.
Forrester Research analyst Charles Golvin said Cox probably did the right thing to get out of wireless in the '90s to focus on upgrading its cable network with optical fiber that carries broadband and wired phone service.
In building a new wireless network now, Cox can take advantage of that fiber. Generally, wireless carriers are struggling with getting fast fiber-based data connections to their cellular towers. They need the fiber to handle higher wireless data speeds used by smart phones like the iPhone and wireless laptop cards.
Even though Cox can use its dense fiber network for its cell towers, the cost of building a wireless network will be at least hundreds of millions of dollars, Golvin said.
Cox will be selling phones under its own brand. Bye had no details on what handsets would be available, or what they would cost. Nor would he say which business model the company will use. National carriers like Sprint subsidize their phones and recoup the money through minute-based plans. Smaller, regional CDMA carriers Leap Wireless International Inc. and MetroPCS Communications Inc. don't subsidize their phones, and sell cheaper, unlimited-calling plans without contracts.
Other cable companies also have their fingers in wireless. Rather than building their own wireless networks, Comcast and Time Warner Cable Inc. are investing along with Sprint in a venture that is building a network based on a new wireless data technology known as WiMax.
Cablevision Systems Corp., a New York-area cable company, is building its own wireless network, but it's a less ambitious project than Cox's. It's using free airwaves and Wi-Fi technology to create a mesh of Internet

Handsets to become crime targets

The risk of spam and viruses that attack mobile devices is set to rise, says a report.
Security experts suggest current risks are small, and that attacks will take the same form as PC spam and scams.
End-user protection like anti-virus software is not yet mature in the mobile market, so the issue is being addressed by the network operators.
Mobile users are urged to employ the same safe behaviours familiar from PCs to reduce risks.
New threat
The annual Emerging Cyber Threats Report from the Georgia Institute of Technology Information Security Center (GTISC) in the US has identified mobile devices as particularly vulnerable platform.
It said that as more and more people adopt smartphones, more applications will allow financial and payment infrastructure that employs them, and the availability of such sensitive data will prove to be a draw for cybercriminals.
The growth of mobile spam and viruses has been reminiscent of the early days of PC spam and scam, says Simeon Coney of Adaptive Mobile, a firm that tracks malware and provides security software for mobile firms.
"One of common types we see now runs amok on the Symbian platform," Mr Coney told BBC News. "These viruses work their way through the contact book, sending themselves out to every subscriber who has been called or has called that handset."
Mr Coney says that network operators receive 100,000 virus incidences a day, nearly a 50% rise on last year. However, most subscribers are not infected - in part because mobile viruses are comparatively unsophisticated at present.
"The first generation of these were fairly easy for mobile operators to detect," Mr Coney said.
"Just like the first PC viruses came across as screensavers, in the mobile instance they came across as executable files. No-one was ever sending executable files themselves so it was easy to detect and block that.
"But in the last four months, the majority of viruses we now see are of a new type that either masquerade as an MP3 file, a picture file, or a media file."
People should start to exercise that same caution with their mobile devices that they do today on their PC
Simeon Coney, Adaptive Mobile
Adaptive Mobile has identified one particular virus called Beselo that spreads via MMS or by searching for nearby Bluetooth devices - a true "airborne virus".
For a typical network operator, they find, the virus is responsible for a rise in spam from 0.5% of traffic to 6% over the last 12 months.
The simple solution for users, Mr Coney says, is to employ the same behaviours familiar from computing.
"People should start to exercise that same caution with their mobile devices that they do today on their PC; think twice before running any attachment from someone you don't know, check your bill on a regular basis, and ensure your Bluetooth connection is not set in discoverable mode.
Mikko Hypponen, chief research officer at F-Secure, said statistics it had gathered about mobile viruses suggested there were about 400 in circulation.
"The growth rate is slowing," he says. "This is because the mobile vendors are awake and are installing better built-in security in their new phone models."
"We haven't seen much mobile malware that would use exploits to target vulnerabilities on mobile phones to gain access," he adds. "Almost all of them instead rely on users installing the malware themselves. This could change."
'Missed opportunity'
Up to now, mobile security has largely been in the hands of the network operators, who have taken a very pro-active stance to security for their users.
But the report instead suggests that co-operation between operators, manufacturers and application developers will be necessary.
The report lauds open-source mobile operating systems like Google's Android, which will make it easier for application developers to develop robust security.
The average life-cycle of mobile devices is just two years - compared to 10 years for a PC - so developing security infrastructure for mobiles will happen quickly.
"Because the mobile communications field is evolving so quickly, it presents a unique opportunity to design security properly - an opportunity we missed with the PC," says the GTISC's Patrick Traynor in the report.

Web content 'disturbing children'

Three out of four children have seen images on the internet that disturbed them, an NSPCC poll suggests.
The charity is renewing its call for computer manufacturers and retailers to install security to stop children finding violent or sexual content.
The NSPCC, which polled visitors to its children's website There4me.com, said it was "alarmed" by the accessibility of potentially disturbing material.
Some 377 of 497 votes cast claimed to have been disturbed by internet images.
One child posted a comment on a There4me message board saying: "I've seen violent images I didn't search for. I was freaked out."
Children are just a few clicks away from innocently stumbling across upsetting or even dangerous pictures and films
Zoe HiltonNSPCC policy adviser
Another said his eight-year-old sister's search for "pictures of animals" generated pornography adverts.
The NSPCC wants social networking and video hosting sites to remove offensive material within hours of finding it.
Policy adviser Zoe Hilton said the NSPCC was "alarmed" by how easy it was for children to access "disturbing internet material".
She said: "Children are just a few clicks away from innocently stumbling across upsetting or even dangerous pictures and films such as adult sex scenes, violent dog fights, people self-harming and children being assaulted."
'More effort'
Ms Hilton said that every child should be using a computer with child protection software.
"High-security parental controls installed in their computers would help shield them.
"Currently computer manufacturers and retailers leave it to parents to find and install software that filters out material unsuitable for children. This can be a complicated process for customers."
The charity wants retailers to ensure the software is installed before selling computers, and also manufacturers to start building such controls into their products.
She added: "Social networking sites must also put more effort and resources into patrolling their sites for harmful and offensive material and ensure their public complaints systems are clearly marked, easy-to-use and child-friendly.
"We would also recommend they give information on their sites about sources of help and advice, such as Childline, for children who have been affected by what they have seen."

Game delayed over Koran phrases

Entertainment company Sony has postponed the global release of a much- anticipated video game because of concerns that it may offend Muslims.
Copies of LittleBigPlanet are being recalled from shops worldwide after it emerged that a background music track contained two phrases from the Koran.
Sony says it apologises for any offence caused, and that a modified version is due to be released next month.
The game is expected to be a hit for the Playstation 3 games console.
A contributor to an online games forum reported the presence of the phrases from the Koran, adding that mixing music and words from Islam's most holy text could be considered deeply offensive by Muslims.
Eighteen months ago, Sony apologised to the Church of England after setting scenes in a violent video game inside Manchester Cathedral.
On that occasion the game was not withdrawn.
LittleBigPlanet, created by developer Media Molecule, has been described as a game about making games.
A platform title, it lets gamers built their own playground levels and then swap them with other players over the PlayStation Network.
Everything that can be seen in LittleBigPlanet can also be created by gamers - from textures, characters, to objects and levels.

Europe delays its ExoMars mission

Europe is delaying its flagship space mission to Mars by more than two years.
The ExoMars rover, which will search for signs of life on the Red Planet, will not now launch until 2016 because of the high cost of the project.
The 1.2bn-euro price tag is deemed to be too high by governments, and space officials have been asked to find ways to reduce it.
One option may be to try to get greater involvement - financial and technical - from the Americans and the Russians.
"This way we could retain the full splendour of the mission and not reduce its scientific capability," European Space Agency (Esa) spokesman Franco Bonacina told BBC News.
This is the second big delay for ExoMars. Esa had already pushed back the launch from 2011 to late 2013 as engineers grappled with the early stages of the mission's design.
EXOMARS MISSION CONCEPT

Now set to leave Earth in 2016; primary aim is to search for life
Requires a heavy-lift rocket, such as the Ariane 5 or the Proton
Vented landing bags allow for a larger payload
Rover will carry a 16.5kg 'Pasteur' instrument suite
30kg geophysics/environment static station also possible
This would study the weather and listen for 'Marsquakes'
Concept to cost Esa states more than first estimates
Mars robots begin test campaign
UK Mars rover hopes face set-back
Evolution rolls on for Mars rover
Approved by space ministers in 2005, the rover was supposed to be a fairly small venture costing no more than 650m euros. But as the project developed, it was decided the endeavour should be upgraded, to provide a bigger, more capable vehicle; and one that could carry a much broader range of science instruments.
However, the design boost also meant a huge jump in cost. The prime contractor, Thales Alenia Space, estimated the final price tag would be 1.2bn euros.
Italy, the lead nation on ExoMars, made it clear recently that it was not going to put any more cash into the mission; and with no other nations offering to make up the large shortfall in the budget, a delay became inevitable.
Because Red Planet missions are only launched when Earth and Mars are favourably aligned, the November 2013 departure must now slip to a January or February 2016 opportunity.
It is down to Europe's space ministers to take the final decision on ExoMars' future. They will meet in The Hague at the end of November to set out Europe's space policy.
The ministers will be told by officials that options will be sought to reduce the financial impact of ExoMars. One possibility is to ask the Russians and the US to take a greater stake in the mission. The US, for example, is already funding the development of two instruments.
The slight concern here is that the Americans have budget woes in their own Mars programme, with their next rover - the Mars Science Laboratory - also heading way over budget.
The decision to delay ExoMars will come as a bitter blow to Europe's scientists. It is the biggest, most expensive robotic mission in the current timeline; and is the flagship venture of Esa's Aurora programme, its roadmap to explore the Solar System.
But Professor Andrew Coates, of UCL's Mullard Space Science Laboratory, UK, urged people to stay upbeat.
"It's disappointing to be going to Mars later rather than sooner," the leader of the ExoMars PanCam team told BBC News.
"Our team are very busy building hardware and writing documents. But it seems the only way of launching early would be to dramatically de-scope the mission, which would limit the science objectives.
"ExoMars is going to the heart of one of the most significant questions for mankind - it's all about looking for past or present life beyond Earth, and that has to be done properly. The excitement of this mission will be worth the wait."
Europe's only attempt to date to land on Mars, the Beagle 2 robot, was lost on entry to the Martian atmosphere in 2003. Europe's Mars Express satellite, which carried Beagle 2 to the planet, continues to return exceptional pictures and other remote-sensing data.

Cyber criminals to target mobiles

Mobile networks and handsets are becoming more of a target for criminals with a technical bent, security experts are warning.
"There's a real transition from online in to the mobile space," said Simeon Coney, head of business development at Adaptive Mobile, which helps operators keep an eye on the malicious traffic flowing across their networks.
In the PC world malicious programs started with viruses designed to be a nuisance but now they have evolved into software designed solely to help their creators make money.
There is no doubt that hi-tech criminals have cottoned on to the fact that making malicious programs, be they trojans or viruses, can be a very profitable business.
That evolutionary process took, said Mr Coney, about 15 years.
Attack pattern
In the mobile world the change from nuisance to profit has happened far faster.
The attacks patterns used with mobile malware suggest that those behind them are applying the lessons they have learned online.
"In the mobile space they are recognising that to be more effective they must try to slip under the radar," said Mr Coney.
There were few attempts to swamp networks with malicious programs, he said, most attacks were targeted towards specific segments and users.
In a sense, said Mr Coney, it was a surprise that mobile networks have not been targeted before now because almost everything that a handset owner does costs money.

Hi-tech criminals are taking lessons learned on computers to mobiles
Even better, he said, was the fact that once you possess someone's phone number you have a consistent way of reaching them. By contrast filters on e-mail accounts that spot and stop spam and viruses make it hard to be sure a message has got through.
"Mobiles offer so many opportunities for extracting value from people," he said.
This could explain why the numbers of mobile viruses has remained relatively low.
2008 has seen the release of about 10 new mobile viruses and trojans, said Simon Heron, managing director of security firm Network Box.
"There are about 400 variants of mobile malware compared to in excess of 700,000 for computers," said Mr Heron. The vast majority of viruses written for mobile phones are aimed at the Symbian mobile operating system - a consequence of its early dominance.
New viruses
But these relatively low numbers do not mean that mobile malware cannot cause problems.
Said Mr Heron: "The phones themselves have vulnerabilities and there is tremendous take up of email, internet and texting from mobiles, making this one physical platform that can reach a huge number of people."
In one outbreak logged by F-Secure, one of the few firms that produces anti-virus software for phones, an operator with 14m subscribers had 8,000 devices infected with a virus that resulted in the sending of more than 450,000 multimedia messages (MMS). One handset alone sent 3,500 of those messages.
Figures gathered by F-Secure suggest that for any operator with 9m subscribers or more they can depend on having 5% of their MMS traffic being virus carrying.

Mobiles have become the gadget people carry everywhere with them
Among viruses for mobiles what has been growing are trojans that exploit mobile payment systems such as premium rate SMS.
One instructive instance of such a malicious program is known as Viver. This was discovered in May 2007 and hides its malicious code inside three fake applications.
Installing any one of those bogus applications on a Symbian phone starts that handset sending costly premium rate SMS messages to an international number. Each SMS message costs about $7 (£3.50).
Spam on mobiles is also starting to become a bigger problem. One of the biggest spam bombardments on mobiles took place in March 2007 in China when about half the nation's mobile phone owners received several unsolicited commercial messages in one day.
Statistics gathered by Adaptive Mobile suggest that the average Chinese mobile user gets about 6-10 spam SMS messages per day. In India spam traffic can make up 30% of the text messages flying around networks.
In the UK spam numbers are lower and high profile problems with premium rate services has given rise to a system that has been adopted across all the operators.
Texting the word "stop" to the company running a premium rate service should cancel any subscription and stop messages turning up.
If it does not then subscribers are advised to get in touch with their operator to report abuse.
A spokeswoman for Vodafone said: "Do not sign up for things if you do not know the source of it."
"Virus outbreaks do happen," she added, "but they usually only affect a very small number of customers."
"There is a combinations of things that have to happen for you to get hit," said the spokeswoman.
For instance, she said, many mobile viruses have to be manually installed once they make their way on to a phone and require people to over-ride settings that warn against installation.
Said Mr Coney the lessons learned from viruses and spam hitting PCs had many most in the West less likely to fall for a mobile virus.
By contrast, said Mr Coney, people fell victim to scams in places where mobiles are becoming hugely popular, such as India and China, people have little experience of malware.
"There is a big demographic of people that have a mobile phone that have never had a PC," he said.

Computer viruses hit one million

The number of viruses, worms and trojans in circulation has topped the one million mark.
The new high for malicious programs was revealed by security firm Symantec in the latest edition of its bi-annual Internet Security Threat Report.
The vast majority of these programs have been created in the last twelve months, said Symantec.
Cyber criminals pump out malware to fool anti-virus programs which look for characteristics they have already seen.
Money game
The latest edition of the Symantec report covers the second half of 2007 during which time the security firm detected 499,811 new malicious code threats. This figure was up 136% on the first six months of 2007.
Throughout 2007 Symantec detected more than 711,912 novel threats which brings the total number of malicious programs that the security firm's anti-virus programs detect to 1,122,311.
The report notes: "almost two thirds of all malicious code threats currently detected were created during 2007."
The vast majority of these viruses are aimed at PCs running Microsoft Windows and are variants of already existing malicious programs that have proved useful to hi-tech criminals in the past.
Symantec said part of the rise was down to criminals increasingly using trojans as a "beachhead" to gain access to a PC and then use that route to download and install a variety of other malicious programs.
Popular malicious installations include key loggers that spring to life if particular websites are visited or programs, such as online games, are started up.
The report also put the growth in malicious code down to the increasingly professional digital criminal underground.
Typically, groups engaged in hi-tech crime employ groups of programmers to generate the novel variants.
The fact that these programmers expect to be paid drives the criminals to make as much money as possible out of the information they steal and to be constantly on the look out for new victims.
Said the report: "The combination of these factors results in a high volume of new malicious code samples that threaten users online."

Fraudsters' website shut in swoop

A website used by criminals to buy and sell credit card details and bank log-ins has been shut down after a police operation, the BBC has learned.
International forum Darkmarket ran for three years and led to fraud totalling millions of pounds.
Nearly 60 people connected with the site have been arrested in cities including London and Manchester as well as in Germany, Turkey and the US.
The FBI spent two years gathering evidence after infiltrating the site.
The Serious Organised Crime Agency (Soca), which has been leading the UK investigation, said it was "a one-stop shop" for criminals.
The arrests were made after computer experts, including some former hackers, followed electronic trails left by site users.
A total of 11 people were arrested in the UK. As well as London and Manchester, raids took place in Leicester, Humberside and South Yorkshire.
Corporate cards
Darkmarket was strictly invitation-only and gave criminals access to a wide range of valuable personal information.
The data held on the magnetic strip of an ordinary credit card was available to buy for as little as one pound.
Most prized were corporate credit cards belonging to frequent business travellers.
These aren't geeks. These are serious and organised criminals
Sharon Lemon,Serious Organised Crime Agency
Police stalking cyber fraudsters
Soca deputy director Sharon Lemon said these were highly sought after because they could be used by criminals all over the world to spend large sums without arousing suspicion.
"Darkmarket is a one-stop shop for the online criminal," she said.
"You can go to the forum and engage in criminal activity quite freely. You can buy any product you want, you can sell any product you want."
She stressed that online fraud of this kind was not a "victimless crime" and involved criminals of all levels of sophistication.
"They are taking someone else's money," she said.
"These aren't geeks we're talking about. These are serious and organised criminals.
"And they can vary. You can be the beginner who can go onto the site, get a tutorial and start your life of crime.
"Or you can get people who are fed up. [They think] Actually, Class A drugs are a bit hands-on, why do that when I can make hundreds of thousands online?"
She said there were 2,000 users registered on Darkmarket, but many of those were not unique because one individual could go by a number of online aliases.
'Invitation only'
Underground forums, such as this one, where hi-tech criminals buy and sell valuable data such as credit card numbers and bank logins can be hard places to find and infiltrate.
While many can be found just be searching on the internet, the publicly-accessible ones tend to be full of conmen looking for victims or people to carry out crimes on their behalf.
BBC News website technology reporter Mark Ward said: "The most serious underground markets operate on an invitation-only basis.
"Getting invited involves building up and maintaining a reputation as an honest criminal on other public places."
He said the information the police and FBI would gather as a result of the raid on Darkmarket would probably lead them to many more underground forums.
The FBI infiltrated Darkmarket in a similar way to a previous sting, known as Operation Firewall, that was carried out against a group known as the ShadowCrew.
It was able to access the group when an administrator who looked after the ShadowCrew's forums was arrested on an unrelated crime.
Following a series of raids, the FBI initially arrested 28 members of the group. Further investigation led to more arrests around the world, including some in the UK.
Mrs Lemon told the BBC that one individual had spent £250,000 on personal data in just six weeks.
"Had he realised the full potential of the information he had, he could have obtained up to £10m," she said.

Google's Android also comes with a 'kill switch'

The world was up in arms when it was discovered that Apple's iPhone comes with a "kill switch" that "allows Apple to remotely delete malicious or inappropriate applications stored on the device." That terrible, proprietary, all-controlling Apple!
Well, as it turns out, Google's open-source Android comes with the same feature, as reported by ComputerWorld:
In the Android Market terms of service, Google expressly says that it might remotely remove an application from user phones. "Google may discover a product that violates the developer distribution agreement ... in such an instance, Google retains the right to remotely remove those applications from your device at its sole discretion," the terms, linked to from the phone, read.
So far, Google is getting a free pass on its kill switch, perhaps because it has been more open about the "feature," as ComputerWorld suggests, or perhaps because, unlike Apple that vets applications in its App Store, this may be the only way Google can protect users from its Android Market, which allows any applications through the door and onto the device. Google enables freedom to put applications onto its Android-based phones, but reserves the freedom to yank them off should it want to do so.
Prudent? Yes. Android customers, however, will have to depend upon Google's "non-evil" promise. It would actually be quite funny to see what Google would do if Microsoft or Apple put an application on the Android Market that installed Windows Mobile or Apple's iPhone software over Android....Worthy of the kill switch?

Surviving the tech manager's global squeeze

It's the new reality of IT: working as part of a global team, with coworker and outsourcers all over the world, coordinated by a project manager at headquarters. But that reality can be ugly, as managers are stretched across time zones, with no such thing as being off the clock. Work quality, commitment, and communications vary considerably, putting the burden on the manager caught in the middle to make it all work -- from thousands of miles away.
getRelatedBoxOne("/article/08/10/14/42FE-tech-manager-global-squeeze_1.html","spBoxOne")
For many companies, the results are bad: Thousands, sometimes millions of dollars in wasted efforts. Software and other tech projects that don't deliver as promised. Burned-out IT managers who leave if they can, and give up if they can't.
[ Frustrated at in your IT job? Check out InfoWorld Advice Line columnist Bob Lewis' sage advice Looking for a change? Make sure you have the 30 skills every IT person should have. ]
Unfortunately, there's no easy solution. Making global project management work requires compromises all around, compromises to which executive management are often blind and that teams in different countries see only partially, making it hard to come to a common arrangement.
Caught in the middle: Stories from the insideConsider the case of Jill (not her real name), a project manager in a global consumer products firm. She works in the United States, but the hardware and software development teams are in India, China, and Sweden. The Swedes refuse to work outside local business hours, so she has to have meetings with them between midnight and 7 a.m. in her time zone. The Indians typically give positive status reports but say nothing when they miss delivery schedules -- even when she asks directly -- so Jill can't trust what they say and has no idea what the project status really is. The Chinese often implement code strictly to specification, not raising issues when the intent of the project isn't supported by the specs. Quality suffers. They don't respond to her requests to raise such issues before completing the code.
Jill says her U.S. managers don't care about any of these issues, saying it's her problem to figure out and that all that matters is that something ships on schedule. She's still at the company, but actively looking to leave.
At a major pharmaceutical company, Darren (also not his real name), had a similar Alice in Wonderland experience, dealing with outsourcers in India. Darren knew that something was wrong with the offshoring project on his first day on the job, when he couldn't find the on-site relationship manager. It took a whole week to locate him. The pharmaceutical company never considered the outsourcing staff to be part of the team, Darren says. So -- surprise, surprise -- the offshore team wasn't well integrated with the company's own staff, there were big communication issues, and deadlines and project goals weren't being met.

Security the focus as Microsoft, Oracle patch bugs

t's the mother of all patch days for enterprise IT shops, with both Microsoft and Oracle releasing critical software updates Tuesday.
InfoWorld Podcast Top storage trends and IT consolidation strategiesSponsored by Sony
getRelatedBoxOne("/article/08/10/14/Security_the_focus_as_Microsoft_Oracle_patch_bugs_1.html","spBoxOne")
Microsoft kicked things off Tuesday morning with 11 security updates, including fixes for critical security bugs in Windows Active Directory, Internet Explorer, Excel, and the Microsoft Host Integration Server, which integrates Windows computers with IBM mainframes.
[ Discover the top-rated IT products as rated by the InfoWorld Test Center. ]
Security experts say that the Internet Explorer update, which fixes six bugs in the browser, is the one to watch. That's because it is rated critical for Internet Explorer 6 users running Windows XP -- a very common configuration in the enterprise.
But customers who are running Windows Active Directory on older Windows 2000 machines should move the MS08-060 Active Directory update to the top of their patch queue, said Don Leatham, a director of solutions and strategy at Lumension Security. Because an Active Directory server can be used to set permissions on other machines and manage users on the network, taking over this machine "would be the Holy Grail for someone trying to get into a company and totally disrupt it," he said.
Normally, Active Directory servers are blocked at the firewall, which means that an attacker would probably have to be on an internal network to mount an attack, said Eric Schultze, chief technology officer with Shavlik Technologies. But the bug "means any internal, disgruntled user can take complete control over Windows 2000 domains and domain controllers," he said via instant message.
Mitigating this concern, however, is the fact that Microsoft has not had any reports that this vulnerability has been exploited in an attack. While it's likely that an attacker could crash the Windows 2000 machine by exploiting this bug, "creating functioning exploit code to leverage remote code execution is difficult," Microsoft said in a note on its Web site.
In total, 20 security bugs were fixed in Microsoft's 11 updates. There were also six less-critical updates, rated "important," by Microsoft, for various Windows components, and a "moderate" patch to fix a bug that could let an attacker snoop information from an Office user.

Cisco, SAP launch joint cross-layer composite application

In an atmosphere where government fines for breaches in privacy regulations are increasing, SAP and Cisco unveiled this week Data Privacy Composite Application by SAP and Cisco at the SAP TechEd conference in Berlin.
InfoWorld Podcast Top storage trends and IT consolidation strategiesSponsored by Sony
getRelatedBoxOne("/article/08/10/14/Cisco_SAP-launch_joint_cross_layer_composite_application_1.html","spBoxOne")
The application supports compliance with a company’s data privacy policies as well as any external requirements from government agencies. If, for example, an admitting nurse in a hospital attempts to send an e-mail to friends that a celebrity is checking in to the hospital, the SAP-Cisco application would quarantine that e-mail and thus prevent it from being sent.
According to Sharada Achanta, senior director of SAP GRC Data Privacy Solutions, the average cost in the U.S. for fixing a breach in privacy and related fines is now about $4.8 million per incident.
The composite application is unique in that it takes its components from the SAP application layer and Cisco network layer, making it a network-wide solution rather than a point solution.
Using components from SAPs GRC (Governance Risk Compliance) application portfolio for attaching controls to business processes and documents as they relate to privacy, the controls are enforced at the network layer using Cisco’s AON (Application Oriented Networking) middleware. AON adds message-level inspection to the network.
"The business process rules and controls that reside in the application layer and that are usually run by GRC managers have never before been integrated with IT network policies. That makes this unique," said Achanta .
"We are exposing network services at a network layer to the application layer, which means that the network can talk to the GRC process control application and vice versa," added Vaughn Miller, director for business development at Cisco.
The combined solution would also prevent an employee from transferring data from the network on to transportable media like a USB stick.
Other privacy prevention capabilities include creating privacy policies based on location so that a U.S. employee would be restricted from accessing data residing in another country, and stopping e-mails sent to unauthorized employees or names outside of the company firewall.
getRelatedBoxTwo("/article/08/10/14/Cisco_SAP-launch_joint_cross_layer_composite_application_1.html","spBoxTwo")
The solution requires NetWeaver, the BI module, and SAP GRC Process Control 2.5 for the SAP stack. From Cisco, users must have AON.
The solution is shipping now.

US satellite returns first hi-res snap

Satellite imaging outfit GeoEye has released the first pic from its GeoEye-1, launched on 6 September and destined to provide hi-res snaps for Google's all-seeing Earth and Maps services.
The image in question is of Kutztown University, Pennsylvania, caught on camera while the satellite was "moving north to south in a 423-mile-high (681 km) orbit over the eastern seaboard of the US at a speed of four-and-one-half miles per second":
GeoEye has bigger versions of the image here, which demonstrate some crisp detail:
The GeoEye press release explains: "GeoEye-1 simultaneously collects 0.41-meter ground resolution black-and-white imagery in the panchromatic mode and 1.65-meter color (multispectral). This first image ... was produced by fusing the satellite's panchromatic and multispectral data to produce a high-quality, true-color half-meter resolution image."
It adds: "Though the satellite collects imagery at 0.41-meter ground resolution, due to US licensing restrictions, commercial customers will only get access to imagery that has been processed to half-meter ground resolution."
According to Cnet, commercial customers include Google, which has "an exclusive partnership to use the GeoEye-1 imagery for online services". The powers that be will also benefit from GeoEye-1's sharp eyesight. GeoEye's CEO, Bill Schuster, explained that the satellite is "an excellent fit to meet the US Government's important requirements for mapping and broad area space-based imagery collection over the next decade".
GeoEye is planning a second satellite launch, a 25-cm resolution flying eye cunningly dubbed "GeoEye-2", for 2011 or 2012. ®

Space tourist docks with ISS

Space tourist Richard Garriott is about to begin his 10-day stay aboard the International Space Station (ISS) following a successful docking this morning of the Soyuz TMA-13 spacecraft (see pic) which launched on Sunday from Baikonur Cosmodrome in Kazakhstan.
Computer games designer Garriott, 47, paid Space Adventures around $17m for the privilege of joining American Mike Fincke and Russian Yuri Lonchakov on Expedition 18 to the outpost. His father, Owen Garriott, spent 60 days aboard Skylab back in 1973, and he'll apparently spend some of his stay snapping the Earth's surface to see how it's changed since dad's time in orbit.
Garriott will return to Earth in a Soyuz TMA-12 on 23 October with Expedition 17 crew members Commander Sergei Volkov and Flight Engineer Oleg Kononenko, who've been aloft since 8 April. The third ISS crew member to welcome Expedition 18 is Gregory E Chamitoff, who arrived aboard Discovery's STS-124 mission which launched on 31 May.
Fincke and Lonchakov are both ISS vets, with the former on his second gig, and the latter on his third tour. They'll be on board for six months, during which the crew will prep the station's life-support equipment for a permanent compliment of six crew members from next year.
Chamitoff will be relieved in November by astronaut Sandra H Magnus, scheduled to fly to the station on Endeavour's STS-126. The mission is due to deliver extra equipment for the ISS's crew expansion.
After that, NASA has eight further shuttle flights to the ISS on its launch roster, before the fleet's final 2010 retirement. In 2009, Discovery (STS-119 delivering final solar arrays to the ISS) is slated to lift off on 12 February. Endeavour will on 15 May carry the final components of Japan's kibo lab (Exposed Facility and Experiment Logistics Module Exposed Section) on mission STS-127, while Atlantis (STS-128) is slated to launch on 30 July bearing science and storage racks for the station.
Discovery will be back in in the air on 15 October, when its mission STS-129 will "focus on staging spare components outside the station". The 2009 schedule wraps on 10 December with Endeavour on STS-130 whisking spacewards the "Cupola" - a "robotic control station with six windows around its sides and another in the center that provides a 360-degree view around the station".
The final three ISS jaunts are scheduled for 11 February 2010 (Atlantis, STS-131), 8 April (Discovery, STS-132) and 31 May (Endeavour, STS-133). They will deliver to the ISS Multi-Purpose Logistics Module, deliver maintenance and assembly hardware and "critical spare components", respectively.
The other planned shuttle launch is that of Atlantis' STS-125 mission to service Hubble, now knocked back to 2009 and "under review". ®

Free Wireless Band Gets FCC OK

"Last month the FCC conducted tests to determine whether mobile devices using a new US radio band (2,155 to 2,175 MHz) with free wireless service would cause significant interference with cell phones using a nearby band. Now, the results are in and in a report released Friday, the FCC concluded that 'the analysis shows that an AWS-1 and AWS-3 device operating in close proximity does not necessarily result in interference.' Still, T-Mobile accuses the FCC of basing its conclusions on new assumptions that weren't used when the tests took place. But at least one party is happy: M2Z praised the report, saying 'There is no longer any need for American consumers, the public interest and the FCC's regulatory process to be held hostage as it has been for the last five months by incumbent carriers... who have used unfounded claims of interference to disguise their intent to prevent the introduction of new broadband competition in the AWS-3 band.'"

Microsoft to announce Silverlight 2.0 on Monday

Microsoft has scheduled a conference call on Monday to announce, among other things, that it has completed version 2.0 of Silverlight, its rival to Adobe's Flash.
The software maker has scheduled a conference call for 9 a.m. PDT with developer division executive Scott Guthrie.
A Microsoft representative declined to comment on the impending announcement, but a source told CNET News that the completion of Silverlight 2.0 is among the topics of discussion. Microsoft released Beta 2 of the software in June, while a "release candidate" version was offered up last month.
The software maker apparently has more to say than just the completion of version 2.0. (I'm all ears, folks).
Otherwise, I'll tune in Monday and let you know the rest of the Silverlight sto

EFF: Hollywood's RealDVD suit is a smokescreen

Hollywood isn't suing RealNetworks over piracy--that's just a smokescreen, according to the Electronic Frontier Foundation.
The group that advocates for the rights of Internet users said in a blog post Friday night that the the primary reason the Motion Picture Association of America (MPAA) filed a copyright suit against RealNetworks and is trying to halt the sale of the RealDVD software is to make sure the company, and anyone else wishing to build movie players, gets Hollywood's permission first.
"It has nothing to do with piracy and everything to do with controlling innovation," said Fred von Lohmann, EFF's senior attorney.
The studios accused RealNetworks in a copyright suit of violating the Digital Millennium Copyright Act and breaching its contract with the DVD Copy Control Association, the group that oversees the licenses that manufacturers need to build DVD players. On Tuesday, Hollywood convinced U.S. District Judge Marilyn Patel to keep RealDVD off the market until November 17 at the earliest.
"It has nothing to do with piracy and everything to do with controlling innovation."
--Fred von Lohmann, senior attorney for EFF
The studios told the judge that RealDVD enables consumers to build huge film libraries without paying a cent. They just need to rent a movie and use RealDVD to copy and store the material to their hard drives. Lawyers for the MPAA described the "rent, rip and return" scenario and told the judge this could cost the film industry billions. But in his post, von Lohmann points out what many others have already noted: there is software readily available on the Internet that copies and stores films on hard drives. Most of it is unencumbered with any of the copy protections found on RealDVD.
"Hollywood can't possibly believe that the $30, DRM-hobbled RealDVD software represents a piracy threat," von Lohmann wrote. The studios are using the lawsuit to "send a message about what happens to those who innovate without permission in a post-DMCA world."
The licensing agreements tech firms are required to sign before making movie players are a means of control, said von Lohmann. The licenses "define what the devices can and can't do thereby protecting Hollywood business models from disruptive innovation," he said. Representatives from RealNetworks and the MPAA could not be reached Friday.
Watermarks and DRMThe licenses also give Hollywood the power to ask a that tech companies help in the fight against piracy, says von Lohmann.
"In the course of these years-long negotiations, Hollywood has managed to wrest several important concessions from technology vendors," von Lohmann wrote. They "include requiring that computers do watermark detection to spot pirated copies when reading data from Blu-ray discs, and imposing DRM on resulting copies."
Why RealDVD is so threatening to the studios is that RealNetworks has the potential to start a rebellion among gadget makers. The company is thumbing its nose at Hollywood's licensing deals and telling the courts that it only needs to protect the DVD's contents, which RealDVD does. If RealNetworks is allowed to build a player without a license, then others will follow. Hollywood wants to avoid that at all costs, according to von Lohmann.
"By reading the existing CSS license carefully," von Lohmann wrote, "Real found a way to create a new product category without first getting permission from the Hollywood studios."
He suggests that Hollywood isn't against allowing people to back up their DVDs. He said we might see products that enable people to make copies. It's just that the studios want to share in the profits made by such products.

The tech downturn: How long and how bad?

Silicon Valley venture capitalist Ron Conway sent a sobering e-mail on Tuesday to the 130 start-up companies he's invested in: now is the time to hunker down.
Credit: Joi Ito
"You better rely on your own proactive action."
-Ron Conway
"In 2000 and 2001, the companies that hunkered the fastest were the companies that survived," said Conway in an interview with CNET News. "Get costs under control; make sure you have plenty of runway."
While that admonition from Conway, a noted investor who over the years has put early money into tech giants like Google and up-and-comers like Digg, was timely, it's hard to imagine that any tech executive who's been paying attention to the news needs to be reminded that rough economic conditions are most definitely ahead.
How bad those conditions will be and how long they'll last is anyone's guess. The CNET Technology Index, which tracks 66 publicly traded tech companies, dropped for the third straight day Wednesday to hit its lowest level in more than three years. Even the healthiest of companies are seeing their stocks being sold en masse. Google, for example, finished trading Wednesday down 2.28 percent to $338.11 per share; that's a new 52-week low and less than half the asking price for a Google share in November 2007
Bad news persists in the overall economy as well, despite continued attempts at government intervention. The Dow, Nasdaq, and S&P 500 indexes all continued to slide Wednesday; the Dow has now dropped 35 percent from its high a year ago.
CNET contacted more than 20 tech executives, venture capitalists, and industry gurus Wednesday to ask "How long and how bad this will be for the tech industry, and what should companies do about it?" Not so surprisingly, there was no consensus. While nearly everyone interviewed is concerned about the economy, their reaction to it and their plans to deal with it are across the map. Experienced investors like Conway and venture capitalist Larry Augustin of Azure Capital Partners are cautious, while some executives (at least in their public comments) are downplaying the risks to their businesses.
Credit: Susan Dove/CNET News

Mobile gaming firms eye Nokia and Apple boost

HELSINKI (Reuters) - Mobile gaming companies say they will book few new sales from Nokia's N-Gage phones or Apple's iPhone, but are betting on a market boost next year as more phones of these kinds are taken up by consumers.
Nokia launched its N-Gage gaming service six months ago, but it had so far gained little traction as users have to install the service to their phones themselves.
What gaming industry executives hoped for was a similar takeup, as with the App store on iPhone, which gave users easy access to buy new games or other software.
While Apple has talked about a total of 10 million phones on the market, Nokia's leading position in cellphones gave it the potential to reach an audience at least 10-times larger.
The mobile gaming market suffered an unexpected slump last year, with many game developers and analysts pointing to telecom operators' lack of investment in marketing.
"Merchandising has been a primary pain point for the mobile games industry, and the introduction of new platforms gives consumers a really simple way to discover and download games," said Greg Ballard, chief executive of Glu Mobile, one of the largest mobile gaming firms.
N-Gage was a software platform that allowed one game, without special programming, to be used across many phone models, and was one of the cornerstones of Nokia's new services strategy.
"In many ways the N-Gage design reflects an insider's view of how to solve the merchandising challenges that we have all seen in this business for so long. It was like a bunch of us had gotten together and said, 'Here, this is how it should be done,'" Ballard said.

Visit China's Forbidden City -- as a virtual eunuch

BEIJING (Reuters) - Culture fans thousands of miles from Beijing can now visit its famous Forbidden City, through a three dimensional recreation of the vast palace that also allows them to dress up as an imperial eunuch and meet a courtesan.
One of the jewels in China's cultural crown, the sprawling complex in the heart of the capital already gets tens of thousands of real-life visitors each day.
But now online tourists can also watch the Qing dynasty emperor feast at dinner, train fighting crickets and feed them with blood-fattened mosquitoes, or practice archery with the help of a courtesan.
At the virtual palace, unveiled on Friday, they can also dress up as part of the huge imperial entourage.
"When you enter the Forbidden City you choose one of nine historical costumes, which is to give a sense of history but also keep a sense of decorum," said John Tolva, program manager at IBM who led the project, dubbed "Beyond Space and Time."
"You can't run and you can't fly," he added, a restriction that aims to prevent other virtual visitors, whom you can see and interact with, being distracted.
The program does not shy away from the racier sides of imperial history, shaped in part by the legions of eunuchs who controlled portions of court life and could rise to great power.
"One of the costumes you can chose is a eunuch," said IBM Vice President Paula W. Baker -- though to spare blushes that avatar is only labeled "imperial servant."

Latest gadgets for cyclists: Pedalite, lights and pedals, no batteries needed!

I’m a keen cyclist myself and though the Pedalite don’t look exactly the most professional of all bike accessories, for those of you who enjoy or often cycle at night, my gut feeling is that safety should come first! Though these pedals are no candidate for being the latest in technology, they don’t actually require any batteries neither, they run ‘naturally’ by harvesting the kinetic energy produced as you ride. The brilliant thing is, even when you stop riding, it remains lit up so in situation where you need to stop at lights, cars will be able to see you!

So here are the main specifications…
Flashes front, back & sides when pedalling starts for essential 260 visbility
The only pedal that keeps flashing when pedalling stops (up to 5 mins)
Visible 1km away
Very simple, standard fit on all adult & child bikes (from age 9)
No batteries, no maintainance: fit and forget!
Tough and durable with 1 year full warranty
Non-slip surface and supergrip studs
Compatible with Pedalite Toeclip
Detailed instructions inside the packaging
Unique, patented technology to help you put safety first
Product dimensions: (H) 12cm x (L)9.5cm x (D)4cm
Box dimensions: (H)23cm x (L)14.5cm x (D)5cm
Package weight: 637g
Power requirements: Pedal power!

Did you know that 75% of accidents happen at, or near, a road junction where cycles need to be seen from the side – cycle smart with pedalite pedal lights!
The pedalite bike lights fit all standard adult and child bikes easily and give essential 360 degree visibility that’s crucial for road safety. Your bright road safety pedal lights begin flashing as soon as you begin pedalling – with bright lights on the back, front and sides of your new easy-fit pedals, which can be seen up to 1km away!Pedalite Pedals
No batteries are required – just fit and forget! The pedalite cycling lights harvest energy from your cycling and are the only pedals that continue to flash (for up to 5 minutes) even after you have stopped, which is perfect for traffic lights and junctions where cyclists are most vulnerable.
Built with a non-slip surface and super grip studs for added comfort and security, your pedalite pedal lights are tough and durable. Order your pedalite bike lights today and cycle safe and with confidence on the roads.
If you’re interested in Pedalite, it’s now available from Gizoo for £34.95, via the link below…[via Gizoo]
Remember: We hand out 'dofollow' links to top five commentators of our blog within our sidebar each month, so get commenting! Thanks for your support!
Click and comment on the post you've just read:
Latest gadgets for cyclists: Pedalite, lights and pedals, no batteries needed!Tags: Pedalite, kinetic, power, eco-friendly, energy

Red Hat boosts open source SOA

Red Hat is expanding its open-source JBoss SOA platform with the unveiling Wednesday of JBoss Enterprise SOA Platform 4.3 and JBoss Operations Network 2.1.
getRelatedBoxOne("/article/08/10/08/Red_Hat_boosts_open_source_SOA_1.html","spBoxOne")
Enterprise SOA Platform supports small-integration projects to enterprise-wide SOA integration. It features open-source projects like JBoss ESB, JBoss JBPM, and JBoss Rules.
"[The product] is designed to integrate services in an SOA and then orchestrate services into processes that can be automated," Pierre Fricke, Red Hat director for SOA product line management, said. "It's basically an SOA integration platform based on an SOA."
SOA Platform 4.3 offers ESB features including gateway listeners, a declarative security model and improved Web services integration. Additional scripting languages are supported, enabling development of services in Jython, JRuby, and BeanShell. These languages enable non-Java programmers to build services, Fricke said.
Version 4.3 can be administered by JBoss Operations Network 2.1, which also is being introduced Wednesday and supports patch management, start-stop monitoring, and other capabilities.
With version 4.3, stateful rules services decision tables and rule agent support further enable business event processing and an event-driven architecture, Red Hat said. Also, non-developers can construct business rules.
Among the other capabilities of JBoss Operations Network 2.1 is centralized management including inventory, administration, deployment and updating of JBoss Enterprise Middleware products and subsystems. Remote platform configuration and deployment and automatic ESB service inventory discovery are offered as well, along with JBoss ESB service monitoring.
JBoss Enterprise SOA Platform 4.3 and JBoss Operations Network 2.1 are expected to ship by the end of October.
Prices of the two products vary based on configuration. A 32-CPU configuration costs $135,000 for a subscription featuring 24-by-7 support services

Firefox extension blocks dangerous Web attack

A popular free security tool for the Firefox browser has been upgraded to block one of the most dangerous and troubling security problems facing the Web today.
getRelatedBoxOne("/article/08/10/08/Firefox_extension_blocks_dangerous_Web_attack_1.html","spBoxOne")
NoScript is a small application that integrates into Firefox. It blocks scripts in programming languages such as JavaScript and Java from executing on untrusted Web pages. The scripts could be used to launch an attack on a PC.
[ Read more about a clickjacking vulnerability indirectly related to Adobe products. And discover the top-rated IT products as rated by the InfoWorld Test Center. ]
The latest release of NoScript, version 1.8.2.1, will stop so-called "clickjacking," where a person browsing the Web clicks on a malicious, invisible link without realizing it, said Giorgio Maone, an Italian security researcher who wrote and maintains the program.
Clickjacking has been known for several years but is drawing attention again after two security researchers, Robert Hansen and Jeremiah Grossman, warned last month of new scenarios that could compromise a person's privacy or even worse, steal money from a bank account.
Unfortunately, clickjacking is possible due to a fundamental design feature in HTML that allows Web sites to embed content from other Web pages, Maone said. Nearly all Web browsers are vulnerable to a clickjacking attack.
"It's a very hard thing to fix because it's part of the very fabric of the Web and the browser," Maone said.
The embedded content can be invisible but a person can still unknowingly interact with it. A clickjacking attack takes advantage of that by tricking a user into clicking on a button that appears to do some function but actually does something entirely different.
Clickjacking can also be accomplished by manipulating the plug-ins of other applications, such as Adobe's Flash program and Microsoft's Silverlight. For example, researchers in recent days have shown it's possible for a clickjacking attack to turn on a person's Web camera and microphone without their knowledge.
getRelatedBoxTwo("/article/08/10/08/Firefox_extension_blocks_dangerous_Web_attack_1.html","spBoxTwo")
In an advisory on Tuesday, Adobe said it will issue a patch for Flash by the end of the month.
The new improvement to NoScript, called ClearClick , can detect if there is a hidden, embedded element within the Web page. It then displays a warning message asking the user if they still want to click on it.
Maone said ClearClick will likely stop all clickjacking attempts. NoScript is only for the Firefox browser, so users of Microsoft's Internet Explorer -- the most-used browser in the world -- are vulnerable.
Web site owners, however, can take one step to prevent their users from falling victim, Maone said. Programmers can use a script on their Web sites that checks to see if a Web page is embedded in another page. If so, the script forces the good Web page in front, preventing clickjacking, Maone said.
The technique is called "framebusting." Ebay's online payments service, PayPal, which is frequently targeted by cybercriminals, has already implemented framebusting, Maone said. NoScript will allow a framebusting script to run, Maone said.
"The best thing that can happen is that Web site owners start to think more carefully about security," Maone said. "It is important that Web site owners spread the word that they should implement framebusting

For a promising IT career, go east, young techie

As IT job opportunities in the United States and Europe start to contract -- a trend that predates the current financial meltdown but may accelerate because of it -- perhaps it's time to look abroad, where there may, in fact, be more growth and better opportunities to advance your career.
getRelatedBoxOne("/article/08/10/08/41FE-tech-jobs-overseas_1.html","spBoxOne")
For example, the International Monetary Fund now predicts that the U.S. economy will barely grow -- at a 0.1 percent rate -- in 2009, while European economic growth will range from a slight contraction (-0.2 percent) in Italy to slight growth (0.2 percent) in France. Canada will be the superstar of the major developed economies, predicted to grow 1.2 percent.
By comparison, the IMF expects China to grow at about 8 percent, with India at about 7 percent, and Russia about 6 percent -- despite the financial crisis. The world at large should grow about 3 percent.
[ Use InfoWorld's interactive map to learn about 12 hot cities and 6 regions you should consider for career-boosting tech jobs abroad. ]
Tech jobs overseas are no longer just the scut work of heads-down programming. As foreign, U.S., and global firms have set up shop throughout the world, they've increased the demand for a wide range of tech talent in those locations. Foreign companies are particularly looking for IT professionals with business fluency, and such experience is more common in the United States than in most places. The combination of industry-specific skills and knowledge of American markets is an invaluable asset that outsource providers from countries like China, India, and Russia lack and will pay a premium for.
And the experience you'll gain from working overseas will make you even more valuable. According to Rob McGovern, CEO of JobFox, an international employment agency for IT, in today's global economy, people who truly understand how to do business globally are a minority. "IT is going global. The IT profession is going global. Developing product for markets all over the world is something you have to learn how to do. Overseas work is a huge enhancer for IT professionals," he says.
So where should you move to accelerate your tech career? InfoWorld interviewed outsource suppliers and industry analysts from around the world and found 12 hot cities and six promising regions, as well as what it takes to make the move. Many are in the Far East of Asia and in Eastern Europe, but Latin America, the Middle East, and -- closer to home -- Canada are all strong possibilities as well, for at least some tech skills.
The most popular types of tech jobs outside the United States vary considerably, and emerging IT centers are themselves trying to diversify their own areas of expertise. But as a gross generalization, product support and business process development positions are more likely to be in India than in Indianapolis; embedded software development positions are more likely to be in China than Cincinnati.
[ Story continued below the map. ]
getRelatedBoxTwo("/article/08/10/08/41FE-tech-jobs-overseas_1.html","spBoxTwo")



The paths to working overseasSo how realistic is it really to move overseas for work? The answer varies based on the country and, of course, your personal circumstances. Family considerations -- such as finding a job for your spouse and a school for your children -- can make an overseas move much harder for a family than for a single person. In terms of the basic process, however, there are three routes to getting a job overseas.
The first is to get a work visa in the destination country, the equivalent of the H-1B program in the United States. This typically requires that the employer sponsor you and go through a process proving you are not taking a position a local could fill.
The second is to get a work-rotation visa in the destination country, the equivalent of the L-1 program in the States. This type of visa lets companies rotate employees among their offices in various countries. It's often used for executives to help them gain experience across different corporate units but can be applied to other positions as well. Global consultancies, federal agencies, and multinationals are the typical venues for such positions.
The third is to use any dual nationality you may hold, such as from being the spouse or child of a foreign national, to seek work in that other country. After all, as a citizen of that country, you have the same employment rights as any other national. (The fact that you are also a U.S. citizen doesn't matter, at least in countries that allow dual citizenship.)
The fourth is to set up your own company in the United States and be a consultant overseas.
Some locales, like Costa Rica, actually make it easier for foreigners to come in and start a company rather than come in as an employee who might be taking a job away from a local.

IBM puts 'Bluehouse' tinge on cloud computing

IBM on Monday launched a major initiative into cloud computing, a current term for Internet-based services, in an effort it hopes will challenge the early lead of cloud pioneers such as Amazon and Google.
Among the offerings launched on Monday is "Bluehouse," a Web-based social-networking and collaboration service designed for business, a test version of which is available from IBM's Web site.
Bluehouse allows users to carry out many of the activities associated with social networks, but is specifically designed for businesses, with features such as document and contact sharing, joint projects, online meetings and online communities. The project is intended as a way for businesses to connect to partners, agencies, suppliers, customers, and outside experts.
Other services introduced on Monday include Lotus Sametime Unyte, for Web conferences and document sharing; Rational Policy Tester OnDemand, which scans Web content to deal with compliance issues; Rational AppScan OnDemand, which scans Web applications for security bugs; and Telelogic Focal Point, which enables information sharing among project management, engineering, marketing, and other teams.
The concept of cloud computing incorporates other recent developments in Internet-based computing, such as software as a service and the rich browser-based interfaces associated with Web 2.0. Google promotes the concept through its Google Apps, and Amazon through its Elastic Compute Cloud (EC2).
The term "cloud" itself is an abstraction of the idea of the Internet, and is based on the cloud symbol often used to represent the Internet in diagrams.
Like Amazon, Google, and others, IBM has recently invested in data centers specifically geared for the delivery of cloud services. It has new centers in Sao Paulo, Brazil; Bangalore, India; Seoul, Korea; and Hanoi, Vietnam, bringing the total number of its hubs to 13.
Unlike more Internet-centric companies, IBM said it is able to help companies run services internally, as well as taking advantage of the cloud.
For instance, IBM's clients and partners will be given access to specialists in its 13 cloud-computing centers and 40 IBM Innovation Centers, who can help organizations test their applications. IBM is also creating a series of white papers and is providing marketing resources for software makers who want to build and sell their own cloud services.
"We are moving our clients, the industry and even IBM itself to have a mixture of data and applications that live in the data center and in the cloud," Willy Chiu, vice president of high performance on demand solutions at IBM, said in a statement.
IBM argued that cloud computing is a way for businesses to draw more value from their existing IT infrastructures, since much of the work is offloaded onto remote servers, but the cloud-computing concept has received sharp criticism recently from the likes of Oracle CEO Larry Ellison and Free Software Foundation President Richard Stallman.
In an interview with The Guardian last week, free software pioneer Stallman said cloud computing is "worse than stupidity" because it leaves users vulnerable.
"If you use a proprietary program or somebody else's Web server, you're defenseless. You're putty in the hands of whoever developed that software," he said.
During Oracle's annual financial analyst meeting in September, Ellison also criticized the companies rushing to roll out cloud services, saying the trend is "fashion-driven."
"It's complete gibberish. It's insane. When is this idiocy going to stop?" Ellison said.
Microsoft Chief Executive Steve Ballmer, speaking to delegates at a Microsoft-sponsored developer conference in London last week, said the company will launch an operating system for the cloud in four weeks.
Tentatively titled "Windows Cloud," although Ballmer suggested it would have a "snazzier name" at launch, the product is designed to make it possible to "just...write an application and...push it to the cloud," Ballmer said.
Matthew Broersma of ZDNet UK reported from London.

Surface developer tools coming this month

The long-awaited software developer kit for the Surface tabletop computer will be made available to those attending Microsoft's Professional Developer Conference at the end of the month.
Microsoft made that pledge on its PDC Web site, as part of a listing for a session focused on writing Surface applications.
"Hear about the unique attributes of Microsoft Surface computing, dive into vision-based object recognition and core controls like ScatterView, and learn how the Surface SDK aligns with the multitouch developer roadmap for Windows 7," Microsoft said, in promoting the session. "Attendees will receive access to the Microsoft Surface SDK."
Microsoft has been promising for some time to open up Surface development beyond the select group of companies that have been working with early launch partners such as AT&T and Starwood hotels.
The company has also promised multitouch will be a part of the Windows 7 interface, but has yet to detail how that will work.

YouTube 'theater view' may be a precursor to widescreen HD player

that's pretty neat. Called "theater view," when clicked it both darkens the screen and increases the size of the player, centering it on the page and adding red curtains. For a leaned back viewing experience it's certainly not as useful as hitting the full-screen button, but I'd consider it a nice alternative--especially if you don't want to watch larger version of a grainy video just to cut out distracting page elements.
Hulu launched with a similar feature called "lower lights," which could be toggled on and off, something that YouTube has provided that simply darkens the rest of the screen.
So far the theater view option appears only on a small percentage on long-form content from specific providers, meaning the three-minute clip you shot of your dog on the trampoline will not have it. Going forward I'm thinking it could only be an option on educational segments, since it temporarily hides advertisements, which could mean a drop in ad clicks.
It could also be the groundwork for a more advanced YouTube viewing experience. The curtains on the player make for a neat decoration, but could also be placeholders for a more advanced 16:9 player that takes advantage of the increasing number of clips uploaded from shiny new HD video cameras.
I couldn't find any theater view-compatible content to try this theory out with, but the extra width on the player is a good sign. As is the huge mass of content that's been uploaded in 16:9 HD, only to be squished into the service's 4:3 player. Last week's 1GB upload limit increase is a good sign, too.

Apple cures the common cold and other stuff

Seth Weintraub of 9to5Mac, a blogger with good sources within the Macintosh community, is reporting that Apple has invented a new manufacturing process for MacBooks.
"It is totally revolutionary, a game changer. One of the biggest Apple innovations in a decade. The MacBook manufacturing process up to this point has been outsourced to Chinese or Taiwanese manufacturers like Foxconn. Now Apple is in charge. The company has spent the last few years building an entirely new manufacturing process that uses lasers and jets of water to carve the MacBooks out of a brick of aluminum. (Yes, this sounded a bit crazy to us as well. But our source is adamant so bear with us. He says Apple has built a manufacturing process that would make Henry Ford proud.)"
Henry Ford? Yowza.
At the same time, Mike Schramm from TUAW.com writes that Nvidia is offering sneak peaks of the product to employees. He speculates that the units may include "some extra Nvidia power," presumably to turn the MacBook into a more serious game machine.
Something up his sleeve?(Credit: CNET News)
Of course, some or all--or none--of the above may be accurate. The hype cycle always works the Mac faithful into a lather, and this time the meter is simply off the charts. The "brick," as it's being referred to, may shape up to be quite the story. (And Apple definitely could use a different narrative after a steady stock decline topped off by a phony Steve Jobs rumor.) But if the breakthrough isn't as revolutionary as the early leaks suggest, will we be talking about the brick the way we now recall the Segway? Just wondering.