How Long Can the IPod Stay on Top?
Apple's media player rules its market, thanks to rapid innovation.
Terril Yue Jones
Since the iPod's debut in 2001, Apple Computer Inc. has worked feverishly to keep its iconic portable media player two beats ahead of the competition. Last week's introduction of the iPod Hi-Fi home stereo was the latest in a rapid succession of updates and add-ons designed to maintain Apple's dominance in digital music.
So far the strategy has worked. In January, iPods accounted for 78% of the portable music players sold in the United States, according to market research firm NPD Group. Apple's online iTunes Music Store has sold more than 1 billion songs in three years and is transforming the way masses of people buy music and video.
But rivals around the world including titans Samsung Corp., Sony Corp. and Toshiba Corp. are catching up with devices that often are cheaper than Apple's offerings and sometimes do more.
Some Apple watchers also suspect that the iPod's innovation curve may be flattening as the company runs out of obvious ways to jazz up or shrink down its best- selling product.
Bigger hard drives? Been there.
Video? Done that.
FM tuner? Now an option.
Sleeker design? But of course.
"The music iPod was a tidal wave in the music industry," said Rob Yarin, vice president for entertainment at Frank N. Magid Associates, a media consulting firm. "The video iPod is more than a ripple, but it's not a tidal wave. Whether the addition of video is enough to keep the iPod in a leadership position is something Apple will have to keep an eye on."
Despite iPod's substantial lead in the market 42 million have sold since 2001 Apple is in no position to get comfortable. In many ways, the emerging market for portable media players mirrors the early PC market.
The runaway popularity of the iPod recalls the success of the iconoclastic company's Macintosh personal computer, whose elegance and reliability made it a luminary of the digital age.
As rival computer makers churned out cheaper machines powered by Microsoft Corp.'s Windows operating system, though, Apple's market share dropped steadily from 11.6% in 1994 to 4.2% today, according to research firm IDC Corp.
With the iPod, Apple is determined not to let history repeat itself.
"Our formula for success has been and still remains to make a better product than anyone else and to out-innovate everyone faster and better," said Philip Schiller, Apple's senior vice president for worldwide marketing. "So by the time they try to copy and target what we've done, we've already moved on."
For now, Apple still dominates a relatively small niche.
Sure, iPods are ubiquitous in hipper circles. Snowboarders, bobsledders and ice skaters sported them at the Winter Olympics in Italy. In the U.S., though, just 15% of households have a digital music player, compared with 98% that own a television, 71% with a wireless phone and 73% with a PC, according to the Consumer Electronics Assn.
And despite the iTunes Music Store's selling its billionth song and 12 millionth video, its success is dwarfed by the 599 million CDs and 1.1 billion DVDs sold in the U.S. last year, according to Nielsen SoundScan and Adams Media Research.
Apple's competitors concede that the Cupertino-based company has won the first round, but they still see plenty of opportunity. Early leaders, they note, don't always win. TiVo Inc., for instance, is synonymous with digital video recorders that can pause live television, but as demand for that type of device has grown, cable and satellite companies have taken control.
"The market is growing overall, not just for Apple," said Louis Masses, Toshiba America's director of business development. "Are we going head to head with Apple? No. Our approach is to give people an option."
This month, Toshiba plans to release the second generation of its Gigabeat media player. Powered by Microsoft's new Windows Mobile operating system, the device will play music, photos, home videos and downloaded movies and TV shows.
Samsung has a similar device arriving this month, Sony continues to enhance the capabilities of its hand-held PSP and Creative Laboratories seems always to be updating its extensive line of portable multimedia players.
Already, investors are getting nervous. Although Apple posted record earnings last quarter and hasn't had an annual loss since 2001 its stock has fallen 22% from its 52-week high of $86.40 in January.
Among the challenges facing Apple is that digital media players are relatively simple to make. They're basically a portable hard drive or, increasingly, flash memory and a liquid crystal display plus silicon and software to convert data to sound. The differentiating features boil down to the user interface and the design of the case.
Apple has excelled in both areas. The iTunes software that enables iPod owners to fill their players with music and video is easy to use and versatile. And iPod's austere design has made it as much a fashion accessory as an entertainment device.
Los Angeles architect Patti Poundstone appreciates the curves of both of her aesthetically essential possessions: her iPod and her Volkswagen Passat.
Most of her 50 or so colleagues at KAA Design Group in Marina del Rey have variations of the iPod and regularly use them at work. "It's the most must-have object for an architect," Poundstone said.
But trends come and go especially in the technology industry.
Technology can be fleeting when it is developed for its own sake, said Van Baker, an analyst with market research firm Gartner Inc. "The ones that have staying power are ones that have appeal above and beyond the value of the technology itself, and clearly the iPod would fall in that category."
Apple so far has been able to tap into shifting tastes and change the iPod with them.
"The thing that's got most of their competitors scared is how fast they can move," said Richard Doherty of technology consulting firm Envisioneering Group. "Because they don't have an 85-person audio consumer marketing department spread over three continents, decisions can be made over dinner."
Toshiba, Doherty said, "has to pull marketing people together from three continents during which time Apple will have come out with two new iPods."
For example, Doherty said, Apple quickly developed the iPod nano, a flash memory-based player that's no thicker than a couple of sticks of chewing gum.
"They get a deal on flash memory, and six weeks later there's the nano," Doherty said.
That speed was on display in 2005. Apple came out with three new versions between January and October: the screenless iPod shuffle, the slim iPod nano, which has a tiny color screen and also stores photos, and the video iPod, which plays videos and TV shows on its 2.5-inch screen.
"Saturday Night Live" spoofed the iPod's lightning-like product cycle, with comedian Fred Armisen playing Apple Chief Executive Steve Jobs introducing the iPod Micro, the size of a paper clip. But wait as he is talking about it, the Micro is superseded by the iPod Pequeno, as small as a vitamin pill, which is replaced 30 seconds later by the iPod Inviso, the size and weight of a speck of dust.
"It holds 8 million songs, every photograph ever taken and 'Pong,' " the Jobs character intones gravely.
Increasingly, the iPod is tied to Apple's online iTunes store, which has branched out from 99-cent music downloads to video.
Apple is not the first or only provider of video over the Web, and its rivals are expanding their offerings. America Online Inc., Microsoft's MSN, Yahoo Inc. and Google Inc. offer TV shows and clips, while Movielink and CinemaNow focus on feature films. Vongo is an Internet download service optimized for Windows Mobile.
While Google's video site attracted 3.04 million U.S. users in December, MSN video had 9.46 million visitors and Yahoo's video site drew 2.15 million, iTunes had 20.7 million visitors, according to Nielsen/NetRatings.
Google acknowledged in late January that it had mishandled the launch of its video store that month. Shows for sale were poorly promoted at Google Video, and customers couldn't find hit TV shows such as CBS' "CSI: Crime Scene Investigation" and "Survivor."
"By comparison with what Apple has done with the iPod and iTunes, they fell far short," Gartner analyst Allen Weiner said.
As Apple tries to keep the iPod fresh, a favorite of the rumor mill is that the company will try more directly to target the digital home. Its vehicle may be a device that can record, store and burn DVDs of photos, music and videos and beam them wirelessly around the house, similar to what "entertainment PCs" from rivals such as Hewlett-Packard Co. can do today.
But is that really a role for a beefed-up iPod?
"It's a delicate balance: Do you go more to a living-room, stationary product or to a mobile device?" said Mike McGuire, a consumer technology analyst with Gartner. "Creating a product for which there's not a tangible market is risky. The challenge is, which thing are they going to put their weight behind to go after in rich content?"
The iPod has the potential to change the very fabric of how people interact, some imaginative thinkers say. For now, it's a static device you put stuff on, you play it back.
But Alex Soojung-Kim Pang, a research director at the Institute for the Future in Palo Alto, imagines a world where people socialize by tapping into strangers' iPods in a cafe, on a train or at the gym.
"This provides opportunities to hear some new stuff, or at the very least take a break from your own music collection or strike up a conversation. 'Oh, I see you have the Grateful Dead concert at Cornell in 1977. Wasn't that a fantastic show?' " Pang said.
Such interaction would flip the conventional dynamics in which people are introduced before the talk may turn to music.
"There already is a sense among many iPod owners that they're part of this iPod nation, and the sense of citizenship in this group makes it easier for people to adopt this sharing," Pang said
For now, the ranks of iPod loyalists show no signs of thinning. The devices have changed the way some people run their lives. Ask Aliza Loewy, a musical theater performer who lives in the Hell's Kitchen district of Manhattan. She switched from Windows to Macintosh computers all because of her iPod.
"We were willing to go out and replace all our computers with Macs just to be happy with the iPod," she said. "Really and truly, it's like a child to me."
http://www.latimes.com/technology/la...nes-technology
Almost iPod, but in the End a Samsung
David Pogue
ALL right, we've now entered Year 5 of the iPod Era. Apple's rivals have had plenty of time to study the iPod, figure out what makes it such a hit and offer reasonable competition.
As you may have noticed, however, that hasn't happened. Of every 100 people walking by in their little music isolation bubbles, 78 of them seem to have telltale white iPod earbuds. Year after year, the iPod's market share drifts upward, leaving its rivals to fight over the scraps; call it Snow White and the 20 Dwarfs.
The iPod's competitors have wasted years of opportunity by assuming that they can beat the iPod on features and price alone. They're wrong.
In fact, at least six factors make the iPod such a hit: cool-looking hardware; a fun-to-use, variable-speed scroll wheel; an ultrasimple software menu; effortless song synchronization with Mac or Windows; seamless, rock-solid integration with an online music store (iTunes); and a universe of accessories. Mess up any aspect of the formula, and your iPod killer is doomed to market-share crumbs.
This week, Samsung is the latest company claiming to have cracked the iPod formula specifically, that of the wildly popular iPod Nano. Its new Z5 player has the same-size sleek facade as the Nano (3.5 by 1.6 inches), comes in a similar choice of colors (silver or black), is offered in two of the same capacities (2 or 4 gigabytes) and even costs the same ($200 and $250).
Samsung wouldn't be the first; Archos and Creative offer Nano clones. And featurephiles await a similarly sized SanDisk Sansa player, arriving later this month, that will have FM radio recording, removable battery and memory card, video playback and 6-gigabyte capacity (a first among memory-based players).
But Samsung took one additional step: To design the Z5's software, it hired Paul Mercer, a former Apple employee whose software toolkit was used to design the iPod software. The result is the easiest-to-navigate software since the iPod. Here's the familiar main menu (Music, Pictures, Playlists and so on); here's the center Select button; here's the button at the top that backtracks toward the main menu. If you've ever used an iPod, you'll feel instantly at home. (In fact, at first, I caught myself tracing circles on the Z5's face with my thumb, turning a scroll wheel that wasn't there a reflex that Samsung acknowledged isn't uncommon among first-time users of the Z5.)
INSTEAD of a wheel, the Z5 has a big square button surrounded by a clickable frame. The frame's four edges precisely replicate the clicky edges of the iPod scroll wheel: Menu at the top, Play/Pause at the bottom, Next Track and Previous Track on the sides.
Inside the frame is a touch pad. You step through lists by lightly tapping the pad; you hold down to scroll quickly. The best part is that your thumb doesn't have to move between scrolling and clicking; after scrolling by touching, pushing harder to click in exactly the same spot does the trick.
Samsung has even improved on the iPod's design in several important ways. For example, you can adjust the playback volume even when you're not on the Now Playing screen (such as when you're adjusting the settings or perusing your music list), thanks to dedicated volume buttons. The name of the current song appears at the bottom of every screen, too.
More thoughtful touches: Whenever you highlight a song or album name, a thumbnail image of the CD cover appears right there in the list a handy visual aid. Holding down the Menu button takes you all the way back to the main menu, so you don't have to tap it repeatedly.
And you know that iPod moment of befuddlement when the buttons don't seem to be working and then you realize it's because you've engaged the Hold switch? On the Z5, pressing any button makes a tiny padlock icon glow on the screen to help clue you in.
Finally, the Z5 plays music for a staggering 35 hours between charges, according to Samsung, which is 2.5 times the duration with the iPod. Unfortunately, that beefier battery means that the Z5 is no Nanoesque wafer. At just under half an inch thick, it's two-thirds thicker than the Nano.
Like almost all non-iPod music players, the Z5 is based on Microsoft's music-player software. That is, it doesn't work with the Macintosh. And while the Z5 can't play songs from Apple's iTunes Music Store, it can play songs from Rhapsody, Napster, Musicmatch, MSN Music, Wal-Mart, AOL Music Now, Yahoo Music and other members of the "MMS-MMS" consortium (Microsoft-based Music Stores with Minuscule Market Share).
Many of the MMS-MMS stores offer something that Apple doesn't: subscription plans. For a flat $12 or $15 a month, you can download as many songs as you like. (The wrinkle is that if you ever stop paying, all of your music self-destructs.)
It's also worth noting that unlike songs from iTunes, music from MMS-MMS stores also works on gadgets like the Roku SoundBridge, which broadcast music from your computer to your stereo wirelessly.
Is the Z5, then, the fabled iPod Killer? Let's review the checklist.
LOOKS Not quite. It's sleek and nice-looking, but thicker than the Nano. The metal case conceals fingerprints, unlike the mirrored chrome of the Nano. But it doesn't look as classy and doesn't feel as nice in your palm. SCROLL WHEEL No. The Z5's controls are thoughtfully designed. But the touch scroller is finicky; perhaps to screen out accidental taps, it registers a tap only if your finger sits on the surface longer than a quarter-second but less than half a second (after which fast scrolling begins). You need the reflexes of a frog's tongue.
Worse, you can't control the speed of the scrolling; you can't slow down as you approach one part of the alphabet. How could Samsung have missed this one?
SOFTWARE MENU Ultrasimple. Samsung nailed this aspect.
SYNCHRONIZATION Mostly effortless. But in the case of the iPod, Apple designed the music store, the player and the jukebox software on the computer; no wonder it all works so smoothly. When you use the Z5, you get some jarring reminders that three different cooks were at work. For example, during the Z5's on-screen tutorial, the narrator cheerfully tells you that the Z5's U.S.B. cable might not match the one illustrated on the screen. "But the connector will match a port on your portable music player," she says reassuringly. Well, let's hope so.
Similarly, Samsung provides a table called "How Many Songs Will Fit?" But it lists 128 megabytes, 256 megabytes, 1 gigabyte, 2 gigabytes and 5 gigabytes (and not 4 gigabytes). Doesn't Samsung know that the Z5 comes only in 2 and 4 gigabytes?
Evidently, Paul Mercer was not involved with the help system.
MUSIC STORE INTEGRATION No. At Samsung's suggestion, I tested the Z5 with Rhapsody's store, which is available directly from the copy of Windows Media Player provided by the Z5's installer. After banging my head on the keyboard for an hour, unable to get it to work, a Rhapsody rep finally let me know that, in fact, Rhapsody's subscription store doesn't work in Media Player only with Rhapsody's own software jukebox. (So much for the Microsoft "Plays for Sure" logo. Try "Plays for Some People.")
ACCESSORIES Not so much a universe as a shelf. You can buy generic adapters for the car and your home stereo. There will soon be a carrying case, and Samsung will sell its own speakers. But there's no remote control of any kind, and the overall accessory situation looks pretty grim a drawback of any non-iPod player.
The Z5, then, will not cause any discernible dip in iPod market share.
It does, however, deserve to be a hit for Samsung. For someone who wants a Nano that's not a Nano, it's a close enough match in looks, sleekness, capacity and crystal-clear software design. In fact, if iPod didn't loom over every conversation as the screamingly obvious point of comparison, the Z5 could be the next little thing.
http://www.nytimes.com/2006/03/09/te...s/09pogue.html
Amazon Considering Downloads
Richard Siklos
Amazon.com is in talks with three Hollywood studios about starting a service that would allow consumers to download movies and TV shows for a fee and burn them onto DVD's, according to three people briefed on the discussions.
If the advanced negotiations are successfully concluded, Amazon's service would position itself in the media world alongside rivals like Apple Computer's iTunes as a place where people go not just to order goods to be sent by mail, but to instantly enjoy digital wares as well.
So far, Paramount Pictures, Universal Studios and Warner Brothers are engaged in the talks, said one person close to the talks who, like the others, asked not to be identified because the negotiations are continuing.
Although it is not clear when it might begin, an Amazon downloading service would be sure to send waves through both the media and retail worlds. Players in both industries are racing to offer new ways to give technology-savvy audiences instant access to their favorite shows and songs, in a field crowded with potential rivals using Internet and on-demand technologies.
Amazon, which was created as an online bookstore and now sells a wide range of goods, is already among the largest sellers of DVD's and VHS tapes. Other retailers, like Wal-Mart Stores and Target, are also working with the studios on new ways to distribute programming in digital formats.
Keen to maintain as much control over their product as possible, the studios have also invested in new video-on-demand movie rental services like MovieBeam, which is backed by Walt Disney, and Movielink, which counts several other studios including Paramount, Universal and Warner among its backers.
Warner is also involved in IN2TV, a service on America Online that offers a library of free vintage TV shows, and also plans to begin selling downloads of other programming this year. Both companies are divisions of Time Warner.
None of these services so far plans to offer a way to let people buy, burn and keep DVD's or stream them at a lower price as the contemplated Amazon service does. Other retailers, however, are working to develop similar businesses.
One advantage Amazon would hope to have over competitors is its ownership of the Web site imdb.com, which stands for Internet Movie Database. The site was acquired by Amazon in 1998 and is a repository for all manner of movie information for professionals and fans alike. One person involved in the deal said that as more people use search engines like Yahoo and Google to find their favorite videos, imdb.com would be a valuable asset because it appears, with increasing prominence, in the results of online searches.
For example, when entering the name George Clooney on Google, the actor's page on imdb.com is the first of 17.1 million results that are cited. According to comScore Media Metrix, imdb.com is the most-visited movie Web site, having posted a 41 percent increase in unique visitors between February 2005 and February 2006.
Last month the site had 15.1 million unique visitors, surpassing Yahoo Movies, whose tally of unique visitors declined 17 percent year over year, to 12.1 million.
As previously reported, Amazon is also working on a digital download service for music and an Amazon-branded portable MP3 player to compete with Apple's market-leading iPod.
Patty Smith, an Amazon spokeswoman, declined comment.
Depending on the pricing of downloaded movies and the agreed split between the studios and Amazon, electronically selling DVD's to consumers could represent a way to increase profit margins, as the overall growth of DVD's has cooled. But the studios also face a delicate balancing act in ensuring that physical retailers like Wal-Mart, which account for the bulk of their existing sales, do not feel left in the lurch by the new digital endeavors.
http://www.nytimes.com/2006/03/10/te...10movies.html?
British Royalty Group Unveils Trial Podcasting License
British music licensing organization MCPS-PRS Alliance has just unveiled a trial podcasting licensing scheme. The pilot will involve over 10 million works, of which the MCPS-PRS consortium administers both mechanical and performance rights. As part of the Alliance Music Podcast Scheme, podcasters will be charged 12 percent of overall revenues for usage of MCPS-PRS Alliance works, or 1.5 pence (2.6 cents) per full track, whichever is greater. Usage of half-tracks, defined as less than 50 percent of the work, will require a .75 pence (1.3 cents) per usage payment. The trial will last through December 31st of this year.
http://www.digitalmusicnews.com/#030806uk
iTunes Offers New "Multi-Pass" Bundling Option
Why grab just one beer when you can have a six-pack? The bundled purchase is a time-worn concept across many industries, but something the music industry has been struggling with recently. For years, music fans have been moving away from the album, which creates some consumer pain by tying a collection of songs into one purchase. The effect is being felt both offline and online. "The sad fact is that given the choice online, people choose songs over albums," said Eric Garland, CEO of media tracking firm BigChampagne, during a recent discussion at Music 2.0 in Los Angeles.
Enter iTunes, which helped to popularize paid, a-la-carte downloads with an easy interface, simple iPod syncing, and a uniform price point. But one billion downloads later, the recording industry is finding it very easy to argue with success. Cherry-picking is something labels have resisted for decades, though P2P file-sharing networks may have broken the levee first. Regardless, Apple is beginning to experiment with its own bundling ideas, including a new "multi-pass" option. The concept, which allows consumers to purchase a set of shows, is being rolled out with Comedy Central series "The Daily Show" and "The Colbert Report". Elsewhere, iTunes also offers digital album purchases, which recently accounted for a significant chunk of overall buying activity on the Jack Johnson project, Curious George. And others, like independent online music store eMusic, are successfully selling bundled downloads within monthly subscription accounts, potentially part of a larger trend.
http://www.digitalmusicnews.com/#030806uk
Winapple? Wapple?
Needham's: 'Apple Could Grab 9% Marketshare'
Jonny Evans
Needham & Co analyst Charles Wolf believes Apple is in position to achieve a massive growth in its market share - with consumers very ready to make the switch.
Apple should make every effort to eliminate every last obstacle that may prevent a PC user moving to Mac, he says, particularly as the Intel processor switch means Apple can now "match the performance of Windows PCs".
Huge migration possible
Wolf's research suggests that consumers and others may be on the edge of a mass Mac migration: "The magnitude of possible Windows defectors suggests that Apple should go all out to remove the few remaining hurdles to running Windows apps on a Mac," Wolf writes.
"Our online survey of college students reveals the possibility of a dramatic increase in switching," he adds.
The analyst also pointed out that the move means Intel Macs "should" be able to run Windows applications as fast as they run on PCs, "after a few technical problems are solved".
Wolf's survey showed that if Apple was to make it easy for Macs to run Windows applications the number of students who would buy an Apple computer would double.
Windows + Mac = Apple 10% market share
"To measure the possible impact of the Mac's impending versatility, we conducted an online survey of 255 college students. Two important statistics emerged when the Mac could run Windows apps. First, the mean likelihood of purchasing a Mac rose dramatically - from 24.7 per cent to 44 per cent. Second, the percentage of Windows users who would definitely buy a Mac rose from 1.8 per cent to 13.5 per cent.
Wolf sees the ability to run Windows applications on a Mac as potentially even more beneficial to Apple's market share than the iPod halo effect.
"Our results are almost too good to be true in highlighting the possible increase in the Mac's market share once it can run Windows apps. The increase from 1.8 per cent to 13.5 per cent in the percentage of respondents who would definitely switch underscores this potential. And if
applied to the US home market, the 80 per cent increase in the mean switching rate (from 24.7 per cent to 44 per cent) would raise Apple's share in this market to 9.2 per cent. Such an increase would translate into almost one million additional sales, equivalent to a 22 per cent increase in Apple's 2005 Mac shipments."
Will they, won't they, are they?
However, Apple is it's own Achilles Heel, Wolf warns. When the company announced its shift to Intel processors in June 2005, Apple took the line that it would not sell or support Windows itself, "but would do nothing in its hardware design to prevent users running that OS if they liked," Wolf writes.
"In our opinion, Apple comments are important for what they don't say. They leave open the possibility that it will support the efforts of others to bring Windows to the Mac platform. Indeed, there have been unconfirmed reports that Apple itself may be secretly working on virtualisation software
that would provide native support for Windows," he writes.
Apple has the most to gain from allowing such support to emerge, Wolf said.
http://www.macworld.co.uk/news/index...ge=1&pagePos=2
No Vista on Mac's Horizon
Ina Fried
Hoping your Intel Mac will easily run Windows Vista?
Don't bet on it, one Apple Computer engineer said Thursday.
One of the big obstacles is that although both the Macintosh OS and Windows now use Intel chips, the two operating systems have different ways of booting up.
Mac fans have held out considerable hope that the next version of Windows would be easier to load on Macs than Windows XP, because like Mac OS X, Vista will use Extensible Firmware Interface (EFI) to aid the boot process. Older versions of Windows have used Basic Input Output System (BIOS).
However, Apple Senior Software Architect Cameron Esfahani said that his understanding is that only 64-bit versions of Vista will support EFI. To this point, all of the Intel Macs have used 32-bit chips.
"I don't think so" he said, when asked whether Intel Macs should easily run Vista. Esfahani was speaking at the Intel Developer Forum here--to a packed room despite the session being the last of the conference.
In addition, while EFI has prospects for supporting many older types of software and hardware, Apple has not included much of that "legacy" code in its EFI implementation.
"Windows is a legacy OS," he said to laughter and applause from the crowd. "We don't have legacy support."
Ever since Apple released the first Intel Macs--and even before--enthusiasts have been trying to get both the Mac OS running on non-Apple machines and Windows booting on Intel Macs. Both tasks have proved thorny, with myriad issues both legal and technical that must be overcome.
Apple has said that it won't stop Mac owners from running, or trying to run, Windows on their Macs, but it has said it is not supporting such efforts, a point Esfahani's talk made all the more clear. On the other hand, Apple has taken steps to prohibit people running Mac OS X on anything other than Apple's own hardware.
Apple announced last June that it would move the entire Mac product line to Intel-based chips. The first Intel Macs, a revamped iMac and the MacBook Pro laptop debuted in January. Earlier this month, Apple added an Intel-based Mac Mini.
In more bad news for the Vista-on-Mac crowd, Microsoft reportedly told another IDF session on Thursday that the initial release of Vista won't be supporting EFI at all.
APCmag.com reported that a Microsoft panelist told IDF attendees that EFI support won't be coming until some later release of Vista.
http://news.com.com/No+Vista+on+Macs...3-6048250.html
Mac OS X Hacked Under 30 Minutes
Munir Kotadia
Gaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability.
On February 22, a Sweden-based Mac enthusiast set his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications.
Participants were given local client access to the target computer and invited to try their luck.
Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced".
The hacker that won the challenge, who asked ZDNet Australia to identify him only as "gwerdna", said he gained root control of the Mac in less than 30 minutes.
"It probably took about 20 or 30 minutes to get root on the box. Initially I tried looking around the box for certain mis-configurations and other obvious things but then I decided to use some unpublished exploits -- of which there are a lot for Mac OS X," gwerdna told ZDNet Australia .
According to gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple.
"The rm-my-mac challenge was setup similar to how you would have a Mac acting as a server -- with various remote services running and local access to users
There are various Mac OS X hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access.
"There are only limited things you can do with unknown and unpublished vulnerabilities. One is to use additional hardening patches -- good examples for Linux are the PaX patch and the grsecurity patches. They provide numerous hardening options on the system, and implement non-executable memory, which prevent memory based corruption exploits," said gwerdna.
Gwerdna concluded that OS X contains "easy pickings" when it comes to vulnerabilities that could allow hackers to break into Apple's operating system.
"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," added gwerdna.
Apple's OS X has come under fire in recent weeks with the appearance of two viruses and a number of serious security flaws, which have since been patched by the Mac maker.
In January, security researcher Neil Archibald, who has already been credited with finding numerous vulnerabilities in OS X, told ZDNet Australia that he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers.
"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.
If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time.
An Apple Australia spokeswoman said today it was unable to comment at this stage.
http://www.zdnet.com.au/news/securit...9241748,00.htm
eEye Flags More iTunes, QuickTime Flaws
Ryan Naraine
Security flaws in Apple's popular digital media products are beginning to add up.
Researchers at eEye Digital Security have pinpointed two high-risk vulnerabilities in iTunes and QuickTime that could put millions of Windows and Mac users at risk of code execution attacks.
Aliso Viejo, Calif.-based eEye issued two alerts on its upcoming advisories Web page to warn of heap overflows and integer overflows in the two Apple products.
Apple's iTunes is a wildly popular online media service that sells music downloads and QuickTime is the company's flagship media player.
Click here to read about more bugs in Apple's iTunes and QuickTime media players.
eEye said the vulnerabilities affect QuickTime/iTunes on Windows NT, Windows 2000, Windows XP and Windows Server 2003. Mac OS X users are also vulnerable to the code execution attacks.
Apple does not comment on potential security vulnerabilities in its products until a fix is available. eEye only releases basic information on the existence of the bugs but withholds technical details until a patch is ready.
In the meantime, users are urged to avoid clicking on untrusted media files.
The latest flaw discoveries come at a sensitive time for Apple. The company is under intense scrutiny after the recent release of exploit code for a Safari browser flaw and the discovery of two pieces of malware affecting Mac OS X users.
Do your resources meet and defeat every cyber threat? Keep your systems operational as they defend against a variety of threats. Find out how on March 21 at 4 p.m. ET, live at eSeminarsLive.com. Sponsored by Symantec.
On March 1, Apple shipped a Mac OS X security update with patches for more than a dozen security vulnerabilities. The monster update included five patches for Safari, including an "extremely critical" flaw that could cause remote code execution attacks if a user simply viewed a maliciously rigged Web page.
http://www.eweek.com/print_article2/...=173264,00.asp
Apple: Finding the Root of the Problem
Arik Hesseldahl
To maintain public confidence in its operating system, Jobs & Co. should consider hiring a security czar
The second potentially major Mac security incident in as many weeks has thankfully been debunked. Earlier this week I wrote a blog entry about a Mac Mini owner in Sweden who configured his machine as a server and challenged hackers to gain access to it. The Mini was -- as hackers like to say -- "owned" only 30 minutes after the challenge started. By "owned," I mean rooted. An outside attacker, through a remote Internet connection, was able to get "root" access -- the highest and most powerful level of administrative access on a Unix-based computer (which Macs running OS X happen to be).
Root access gives the bearer free reign on a machine, no questions asked. Files can be altered or deleted. Accounts assigned to other users can be changed or deleted altogether. The potential for misuse of the privilege has caused Apple to ship its machines with root access disabled by default. Root can be re-enabled only through a series of technical contortions understood by advanced users.
Even so, the Swedish attacker said he succeeded with an "unpublished" exploit -- a method that hasn't been publicly documented. If your Mac is connected to the Internet all day, as mine is, you can see the fright such news might generate. It's like knowing a criminal gang has a master key to your home and thousands of others, and that the only defense you really have so far is that they haven't found you yet.
BIASED STUDY. That is, if it were true. It turns out the original reports weren't forthcoming with all the facts. The person who "rooted" the Mac already had a user name and password, as if he were a regular day-to-day user. In fact, having an account on this Mac was a prerequisite to taking part in the challenge. From there, the person used some method -- most likely having to do with weaknesses in the Unix underpinnings of the Mac operating system -- to gain escalated access.
These kinds of "privilege escalation" vulnerabilities have cropped up on the Mac over the years and date back decades to FreeBSD, the variant of Unix on which Mac OS X is based. But remember, you can't take advantage of this type of vulnerability unless you already have access to the machine -- which implies having been given permission for that access in the first place.
The pseudo break-in and misleading reports didn't sit well with Dave Schroeder, a network systems engineer and Mac enthusiast at the University of Wisconsin in Madison. He's been outspoken on the issue of Mac security, portraying recent reports as overblown. So he set up his own challenge, inviting the world to hack a Web page -- the very page he used to tell the world about the challenge -- running on a Mac Mini he set up as a Web server.
His challenge mirrored the one in Sweden, with one critical difference: No one would have an account on the machine. They'd be locked out and therefore would have to break in. His aim was to demonstrate the flaws in the Swedish test, and provide a more realistic test of Mac security. The tech news site Slashdot picked up news of the challenge and quickly spread the word.
A NEW CHALLENGE. Attacks on the machine surged. It recorded more than 4,000 login attempts, and Web traffic to it spiked to 30 megabits per second. Half a million people visited the Web site (
http://test.doit.wisc.edu/). That little Mac Mini was one busy server, but it remained online.
Most of the network traffic conveyed attempts to break in: Web exploits seeking a wedge into the machine via the public page; dictionary attacks, which make repeated guesses at passwords at high speed; and a scanning tool known as Nessus, software that scans for known vulnerabilities. The machine even came under what's known as a denial of service attack, in which an attacker hammers a machine with thousands of requests for information in an attempt to overwhelm the server and thus create an exploitable weakness.
For 38 hours, nothing worked. The Mac Mini held its ground against the worst that the multitudes could throw against it. The contest ended earlier than originally planned and even appears to have gotten Schroeder in trouble with his employer, since it wasn't sanctioned by the university. I'm hearing he may face some kind disciplinary action. The University of Wisconsin apparently isn't interested in such a real-world ad-hoc test, no matter how successful and harmless it proved to be. Schroeder wasn't available for comment.
This illustrates changing perceptions about Mac security. The Mac is increasingly on the radar screen of people who have long ignored it and who, for whatever reason, want to find the chinks in as-yet virtually impregnable armor. And while it may indeed be a more secure system than anything put out by Microsoft (MSFT ) and its many hardware partners including Dell (DELL ), Hewlett-Packard (HPQ ), Gateway (GTW ) and others, the level of attention can only increase. Hackers love nothing more than a difficult challenge -- which Windows ceased to be a long time ago.
SOWING FEAR And as Apple Computer (AAPL ) gains attention for its innovation, superior software and so far relatively airtight security, people in the media -- including myself -- will be watching with interest and not a small amount of anxiety for the moment when the first really nasty and widespread Mac security vulnerability shows up. Until that happens, even little hiccups are going to trigger an avalanche of negative publicity.
Uninformed media sources will do what they do best -- sow fear, uncertainty, and doubt. And the first time a really big Mac security incident occurs it will cause some people who are considering a Mac over a cheaper Windows-based system to change their minds.
Vulnerabilities in Windows are so common they don't really make the news anymore. But a large-scale, widespread incident on the Mac could badly wound Apple's reputation.
LOCK DOWN. It's for this reason that I think the time has come for Apple to consider doing what many other companies like IBM (IBM ) and Oracle (ORCL ) have: create a position of chief security officer. This person would be a well-known computer security expert, ideally from outside Apple, who would wave the flag for all things related to Mac security, debunking myths, correcting the record, and providing a public face when issues crop up.
And when something does go wrong -- and I think eventually something will -- he or she would be Apple's ombuds officer evaluating what failed, where, when and how, and then take responsibility for seeing that it's fixed, reporting on the matter to CEO Steve Jobs, Apple's board of directors, and (where appropriate) its shareholders and customers.
I talked briefly with Apple's Bud Tribble, vice-president of software technology. He called my idea a "good suggestion" but said the company would be reticent to assign security issues to any single individual, and that the responsibility of a CSO instead tends to rest with everyone. "For pretty much all the senior people at Apple, security is one of the top jobs on their list," he says. "When we think about security and how we design software, the basic approach is to make it as secure as possible, because most people really aren't security experts. We try to make sure things are pretty well locked down out of the box."
CONFIDENCE BUILDER. While the Mac's Unix underpinnings suffer from the occasional vulnerability, they still present a security advantage, Tribble says. "Unix is sort of a kid that grew up in a tough neighborhood," he says. That neighborhood was a networked environment where people were constantly trying to figure out tricks to log into the system. So over the decades, lots of holes have been plugged. You can't say that about Windows.
And I admit, creating a CSO position may be viewed by some as an admission of weakness. Still, I say it would be a good way for Apple to inoculate itself against the perception -- warranted or not -- that Mac security may be eroding, and get ahead of the curve for any troubles that may be inevitable. That may not be the case, but in matters related to product marketing, it's the public perception, not the reality that really matters.
And once you've lost a user's confidence, it's hard to get it back. Just ask Microsoft.
http://www.businessweek.com/technolo...campaign_id=ds
Shadowboxing With a Bot Herder
Brian Krebs
Security Fix had an interesting online conversation Tuesday night with a hacker who controls a vast, distributed network of hacked Microsoft Windows computers, also known as a "botnet."
I went into the interview knowing very little about this individual, other than his online alter ego, "Witlog," and that he has infected close to 30,000 Windows PCs with his computer worm, which he claims is powered by code that he downloaded from a Web site, modified slightly, and set loose on the 'Net. I came away from the interview no more knowledgeable about his background, age, location or motivation, but perhaps with a stark reminder of how just a little bit of knowledge can be such a dangerous thing.
Witlog claims he doesn't use his botnet for illegal purposes, only "for fun." I found that claim pretty hard to believe given a) the income he could make installing ad-serving software on each computer under his control, combined with b) the risk he is taking of getting caught breaking into so many computers. The kid I wrote about in the Post magazine story on the connection between botnets and spyware was making $6,000 to $10,000 per month installing adware on a botnet half the size of the one Witlog claims to have.
I was introduced to Witlog through several security experts who are part of the Shadowserver.org crew, a group of talented volunteers who dedicate a great deal of their free time and energy toward making life more difficult for bot herders like Witlog. Shadowserver has been cataloging Witlog's every move for the past two months or so, and shared with me records showing Witlog seeding his botnet with adware from DollarRevenue.net, which pays distributors $0.30 for each install of their pop-up ad-serving software on a computer in the United States; distributors can earn $0.20 per install for Canadian PCs, and ten cents per install for computers based in the United Kingdom. Installs on PCs in other countries net the distributor two cents or less.
Witlog admitted to me that he made at least $400 by installing adware on his bots and conducting a petty distributed-denial-of-service attack against a couple of Web sites that knocked them offline for a while. For all I know, that could be the extent of it. He also admitted that he lets his buddies use his botnet for their own purposes, which he claims not to know much about.
But what blew me away was how he created the botnet, which is powered by a worm that spreads only through known network security holes in Microsoft Windows and which require no action on the part of the victim other that the failure to apply security patches and (maybe) use a simple firewall. Had he decided to spread his worm through more conventional means -- via Web links sent in instant message or as attachments in e-mail - - his botnet could probably have grown to twice its current size.
In this snippet of our conversation, I asked Witlog how and why he got his botnet started:
Witlog: why i did it? i've read an article on yahoo or smth like this
Witlog: so when i've read that article, i thought "why not to make my own"?
SecurityFix: so did you just download the source from some site and set it loose?
Witlog: yes
Witlog: changed settings, and started it
Witlog: thats all
Witlog: anyone could do that
Witlog: you don't have to know many things to do a botnet like this
Over the past month and a half, Witlog used freely available source code for SDBot and built his botnet to 45,000 PCs. That is, until botnet hunters like Shadowserver and others put enough pressure on Witlog's Internet service provider to shutter Witlog.com, the domain name he was using to control his bot herd. That was only a temporary setback for Witlog, however, who simply registered a new bot control channel at Witlog.net. So far his network is back up to about 65 percent of its original size and growing by several thousand newly infected machines per day.
But again, Witlog says it's not about size, it's all about the fun of it. For guys like Witlog, building botnets can be akin to a kind of digital hide and seek. On Monday, he began using a new version of the code that runs his botnet (this is the sixth iteration). Less than 24 hours after he released it, the bot code was only detected as malicious by two out of more than a dozen or so of the major anti-virus scanners employed by the free virus-testing service over at VirusTotal.com; Two other anti-virus engines flagged it as "suspicious," but could not tell whether the file was overtly hostile.
Witlog may in fact be the product of a new generation of "script kiddiez"; the chief distinguishing feature of this generation being that instead of using Web site flaws to deface as many Web sites as possible, these guys are breaking into thousands of home and work PCs and taking them for a virtual joyride, often times all the way to the bank.
And it's not just hacked home PCs we're talking about either. According to stats released this week by computer security giant Symantec Corp., the most common computer operating system found in botnets is Microsoft's Windows 2000, an OS predominantly used in business environments. Indeed, the vast majority of bots in Witlog's network were Win2K machines, and among the bots I saw were at least 40 computers owned by the Texas state government, as well as several systems on foreign government networks. At least one machine that he showed me from his botnet was located inside of a major U.S. defense contractor.
http://blog.washingtonpost.com/secur...6/03/post.html
Video Crypto Standard Cracked?
Ann Harrison
Noted cryptographer Niels Ferguson says he's broken Intel's vaunted HDCP Digital Video Encryption System, but fear of U.S. law is keeping him silent on the details.
ENSCHEDE, NETHERLANDS--A Dutch cryptographer who claims to have broken Intel Corp.'s encryption system for digital video says he will not publish his results because he fears being prosecuted or sued under the Digital Millennium Copyright Act.
Niels Ferguson announced last weekend that he has successfully defeated the High- bandwidth Digital Content Protection (HDCP) specification, an encryption and authentication system for the DVI interface used to connect digital cameras, high- definition televisions, cable boxes and video disks players.
"An experienced IT person could recover the master key in two weeks given four standard PCs and fifty HDCP displays," said Ferguson. "The master key allows you to recover every other key in the system and lets you decrypt [HDCP video content], impersonate a device, or create new displays and start selling HDCP compatible devices."
Ferguson, who announced his results at the Hackers At Large 2001 (HAL) security conference, is not providing details of how he defeated HDCP. But he says it is a textbook example of a cryptographic attack.
Intel spokesperson Daven Oswalt says the company has received several reports from people claiming that they have broken HDCP. But he says none have held up, and the company remains confident in the strength of the system.
"Intel believes that HDCP meets the intended goal of preventing the casual copying and distribution of entertainment content of DVI outputs," said Oswalt. He declined to comment on Ferguson's decision to withhold publication of his research.
A respected cryptographer, Ferguson helped design the Twofish algorithm, one of the algorithms selected as candidate for the U.S. Advanced Encryption Standard (AES).
In his address at HAL, Ferguson reviewed a well-known published attack on a reduced- round version of the Rijndael algorithm, which was discovered before Rijndael became the final AES. The cryptographer also presented an algebraic formula that describes the structure of Rijndael. If the formula is solved, Ferguson believes that the Rijndael block cipher could be broken.
Ferguson says he has contacted Intel and informed the company of his HDCP findings, but added that he declined to email the results to the U.S., because he is not sure of the legal risks.
Intel has not threatened him in any way, says Ferguson. But he says he was informed by a lawyer from the San Francisco-based Electronic Frontier Foundation (EFF) that he could be sued or prosecuted under the DMCA for publishing his research, even on his own Web site. And if Intel chooses not to sue, Ferguson fears that the motion picture industry, whose movies are encrypted with HDCP, may haul him into court.
Ferguson is a Dutch citizen, but travels to the U.S. regularly for both personal and professional reasons. He worries that if he presents his research, he will not be able to enter the U.S. without fear of persecution. "This is a country that tells others they should protect human rights, but they have trampled on mine," says Ferguson. "The U.S. Congress is telling me what I can or cannot say in my own country."
Ferguson notes that the Recording Industry Association of America (RIAA) used the DMCA to pressure Princeton professor Ed Felten to withhold his research on audio watermarking technology. Felten's subsequent suit against the music industry will be decided this month. But Ferguson, who filed a declaration in the Felten case, says he is not going to gamble on a favorable ruling that could be appealed and reversed.
Robin Gross, an EFF staff attorney for intellectual property, says chances are good that Ferguson could be prosecuted under the DMCA, like Russian researcher Dmitry Sklyarov who was arrested in Las Vegas following the Def Con hacker convention last month. Sklyarov is now free on bail.
Gross says Ferguson could be at risk for simply posting his results, despite the fact that he is not distributing software or presenting a paper. "Even though Ferguson is not doing these things, someone else could distribute his research in this country and he could potentially be liable," said Gross. "There is very little First Amendment protection for scientists in this country."
Gross added that other security researchers, including Alan Cox and Ross Anderson, have stated that they are concerned about traveling to the U.S. for fear of being prosecuted under the DMCA. She said U.S. technical conferences are considering moving offshore so as not to place attendees at risk.
According to Ferguson, his right to freely publish his scientific findings is upheld by the Universal Declaration of Human Rights, the U.S. Constitution and Dutch law. In practice, he says, his opponents have unlimited money and could drag the case along until he is forced to give in. "I would lose my pension, I would lose everything and probably go bankrupt," said Ferguson. "That is the threat."
Ferguson argues that, ultimately, the DMCA will end up costing Intel and the content industries money. While they are spending millions on HDCP, he says, they will be denied the benefits of research that can help fix the technology. Ferguson predicts that a year from now, someone will post a HDCP master key on the Internet, and the money spent on the system will be wasted.
"You can be sure that somehow, somewhere, someone will duplicate my results especially because I am telling them that I have results," says Ferguson. "Someone who is braver, who has less money, and who doesn't travel to the U.S."
http://www.securityfocus.com/news/236
Geek Threat: We'll Take You Down
Jano Gibson
Computer technicans are threatening chaos at fast-food outlets, supermarkets, banks and airports unless they get a pay rise.
More than 100 staff from NCR - a company responsible for repairing computer breakdowns at KFC outlets, Aldi supermarkets and Sydney Airport's baggage handling systems - are planning to to walk off the job on Monday morning.
"In terms of industrial action in the IT industry this is easily the most significant one we've had in Australia," said Australian Services Union secretary Sally McManus. If the strike goes ahead, it might last up to a week, she said.
"If you are Qantas and people can't get on planes, it's an enormous amount of money. For the banks, it's really the consumers who'll be affected.
"For KFC and Aldi supermarkets, if the cash registers are broken down it's going to cause delays," she said.
However, NCR area general manager, Noel Pettitt, said the ASU was exaggerating the potential effects of the proposed industrial action.
"I think that's a gross exaggeration," said Mr Pettitt. "I don't think it's a major concern for the community.
"If [the strike] does happen, and at this stage it's not certain, we have contingencies in place that will ensure that NCR continues to meet its service obligations," he said.
"We've re-jigged our workforce and arranged things such that we'll certainly deal with priority calls in the first instance but continue to deal with the balance of calls."
Mr Pettitt said the union had exaggerated how many workers would take part in the industrial action.
The strike has been called following a breakdown in negotiations over pay, Ms McManus said.
"[The workers] are concerned that NCR is attempting to stonewall so they can use the Howard Government's new WorkChoices laws to cut away at wages and conditions. These workers do not want to inconvenience the public, but have no option to achieve pay increases."
Mr Pettitt said: "We continue to work directly with our employees to reach a conclusion to the negotiations."
The union said their industrial action could affect:
- baggage handling and ticketing technology at Sydney Airport
- regional ATMs across Australia
- ATMs operated by CBA, Westpac, ANZ and some credit unions
- IT systems for Wollongong University
- KFC outlets
- Aldi supermarkets
- public schools with Apple computers
- private companies with Dell computers
http://www.smh.com.au/articles/2006/...701680534.html
Tougher Hacking Laws Get Support
Both the Tories and Lib Dems have backed government measures to increase penalties for UK computer hackers.
Anyone hacking a computer could be punished with 10 years' imprisonment under new laws.
The move follows campaigning from Labour MP Tom Harris, whose ideas are now being adopted in the Police and Justice Bill.
There will be a clearer outlawing of offences like denial-of-service attacks in which systems are debilitated.
Typically, this is done by massively overloading the system and thereby exhausting its computing power.
'Perfectly sensible'
The bill - which was being debated for the first time in the House of Commons on Monday - would also boost the penalty for using hacking tools.
Home Secretary Charles Clarke said: "We need to recognise that in our increasingly interdependent world, work with international partners to tackle terrorism and serious organised crime will be increasingly important.
"One of the growing new threats that can only be tackled through extensive international cooperation is the continued threat posed by computing hacking and denial-of-service attacks."
During the first debate on the legislation, Nick Herbert, for the Tories, criticised much of the rest of the bill, but said measures to tackle hacking were "perfectly sensible" and would enjoy support from across the Commons.
For the Liberal Democrats, Lynne Featherstone also said there was support for measures on computer hacking, while dismissing the bill as a whole as pernicious.
The bill passed on to its second reading without a vote.
http://news.bbc.co.uk/go/pr/fr/-/1/h...gy/4781608.stm
The Big DRM Mistake
Scott Granneman,
Digital Rights Managements hurts paying customers, destroys Fair Use rights, renders customers' investments worthless, and can always be defeated. Why are consumers and publishers being forced to use DRM?
One of my favorite magazines is The New Yorker. I've been reading it for years, and it never fails to impress me with its vast subject matter, brilliant writing, and the depth, wit, and attention it brings to important matters. When it was announced over a year ago that The Complete New Yorker: Eighty Years of the Nation's Greatest Magazine would be released on eight DVDs, I immediately put in my pre-order. After it arrived, I took out the first DVD and stuck it in my Linux box, expecting that I could start looking at the collected issues.
No dice. The issues were available as DjVu files. No problem; there are DjVu readers for Linux, and it's an open format. Yet none of them worked. It turned out that The New Yorker added DRM to their DjVu files, turning an open format into a closed, proprietary, encrypted format, and forcing consumers to install the special viewer software included on the first DVD. Of course, that software only works on Windows or Mac OS X, so Linux users are out of luck (and no, it doesn't work under WINE ... believe me, I tried).
Even worse, if you do install the software, and then perform a search using the somewhat klunky search tool built in to the proprietary DjVu reader, you'll soon find yourself in DVD-swapping hell as you jump from issue to issue. It is sheer painful tedium, and takes me back to 1985 when I was using the first Macs. Remember the floppy shuffle, as you inserted floppy 1, then floppy 2, then floppy 1, then floppy 2, then floppy 1, then floppy 2, ad infinitum? Now it's the DVD shuffle, 20 years later. That's progress for you! You could try copying the disks onto your hard drive, but the DVDs are encoded with Macrovision's copy protection scheme, so you can't legally do so.
The final indignity is that, although other DjVu readers provide for text selection, The New Yorker has removed that feature from its DjVu reader. You can print, but you can't select or copy. As a teacher of several technology courses at Washington University in St. Louis, this limitation, frankly, completely sucks. Suppose I want my students to read ten paragraphs from a New Yorker story that I provide on a password-protected web page. Too bad! I want to copy and paste some sentences into a presentation? Nope! A student expresses an interest in a topic, and I want to send her a New Yorker article via email that would help further her education? No can do.
I finally got so frustrated that I decided to break through The New Yorker's limitations and DRM, both to access the content I wanted to use and to prove to myself that it could be done. I opened up the article I wanted to copy on a Mac OS X machine, and printed it to PDF using the Mac's built-in support for that format (on Windows, I could have used the open source PDFCreator). I then opened the PDF in OCR software, selected the regions I wanted to scan for text, performed the scan, corrected the results, and saved my output to a text file. It took a while, but it worked.
Other folks have come up with strategies for getting around the annoyances I mentioned above. It turns out that it's entirely possible to copy all the DVDs to your hard drive and then make one simple change in the SQLite database. The result? The slow-as-a-turtle, multi-DVD-swapping The New Yorker turns into super-duper fast The New Yorker. Ta-da!
My experience with The Complete New Yorker is not unique. DRM is cropping up, it seems, everywhere, and people are discussing ways of getting around it.
More bad DRM examples
TiVo added DRM allowing TV shows to include a flag that prevents users from storing shows for any length of time. As a TiVo owner who has left some movies on my box for years, waiting for just the right day to watch them, this outrages me. Sure, TiVo said it was a "bug," but that sounds fishy to me, and I don't buy it. Remember: timeshifting is legal. (One solution: get the files off of TiVo, strip the DRM, and save 'em to a hard drive. A better solution: MythTV.)
Apple's successful iTunes Music Store, in addition to forcing users to accept a pretty sonically-limited format with a proprietary DRM scheme called "FairPlay" (using Orwellian language to mask what you're doing is double-plus ungood, Apple). FairPlay limits what you can do with the music you buy, leaving Apple in charge of your music, not you. Want to play a song you purchased from iTMS on a device other than an iPod? Uh-uh. Want to load music onto an iPod using something other than iTunes? Silly boy. Even worse, some universities are now making lectures and classes available using iTMS, a slap in the face to the open nature of learning and education. Sure, you can remove FairPlay's DRM, but you're still left with a music file recorded at a pretty crappy level, and converting it to a more open format only makes it sound worse. The iTunes Music Store isn't the only offender, as a report by the Electronic Frontier Foundation made clear. iTunes is just the most popular, by far. (Solution: Music stores that give you real choice, without DRM.)
The British equivalent to the Oscars is the BAFTA (British Academy of Film and Television Arts) award. Members of BAFTA are sent "screeners", free DVDs of the movies they're supposed to vote on, so they can view the movies and make judgments. In an effort to prevent the release of those screeners to non-BAFTA members, the DVDs are encrypted to only play on special DVD players that were also sent free to BAFTA members. As you can imagine, this is a royal pain in the posterior for many BAFTA members, who have to hook up special hardware just to watch a few films. In a bit of supreme cosmic irony, the screeners for Steven Spielberg's Munich were encoded for Region One (the US and Canada) instead of Region Two (Europe), so BAFTA members couldn't view the movie to vote on it. Oops.
What are the lessons to learn from DRM?
1. DRM hurts paying customers
Customers have paid for the texts/pictures/music/movies they purchased, and they expect to be able to use them as they'd like. You can argue that they're not really buying the content, they're just buying licenses for that content, but that argument, while technically legal, is facile and doesn't take into account how real human beings think. When a normal person buys a song, he considers it his ... after all, he just paid for it!
Intelligent people can disagree about the economic impact of file sharing - it seems pretty clear to me that it actually encourages sales and awareness of movies, music, and other content - but that's not what I'm talking about here. I'm talking about moving pictures and movies between devices, about transferring files between the many computers I own, and about changing formats as I please.
When I realized that I couldn't copy text out of The Complete New Yorker, I felt like a sucker - a sucker that had been conned by the same people to whom I willingly gave my money. As a college instructor, I especially thought of the loss to my students, which brings us to the next objection to DRM.
2. DRM destroys Fair Use rights ...
... unless the consumer is willing to break the law. Thanks to the wonderful DMCA (did you catch my sarcasm?), it's illegal for anyone to break the DRM protecting a file, no matter how trivial it might be to do so, in order to exercise the Fair Use rights that are legally granted to American citizens. Rick Boucher, a Representative in Congress who actually "gets it," had this to say about the DMCA and Fair Use in 2002:
"... section 1201 of the DMCA ... created the new crime of circumvention. Section 1201 (a)(1), for example, prohibits unauthorized access to a work by circumventing an effective technological protection measure used by a copyright owner to control access to a copyrighted work. Because the law does not limit its application to circumvention for the purpose of infringing a copyright, all types of traditionally accepted activities may be at risk. Any action of circumvention without the consent of the copyright owner is made criminal."
So even though a Fair Use exemption is granted for "nonprofit educational purposes," I can't really exercise that legal right with The Complete New Yorker, since it would require the commission of a felony to do so. Other uses of Fair Use include, and I'm quoting from the United States Copyright Office, "criticism, comment, news reporting, teaching, scholarship, and research." If I can't copy the text, that makes criticism or comment incredibly onerous, does it not? And so on. DRM means that Fair Use for the file protected via DRM is at the whim of the file's creator, which flies in the face of the whole idea of Fair Use. We shouldn't have to beg for our Fair Use rights, since that's the whole point of Fair Use!
3. DRM renders customers' investments worthless
DRM means that my investment in The Complete New Yorker will one day be completely worthless, unless the publishers can ensure that they will continue to support their encrypted, crippled version of DjVu for years into the future. Or, should they go out of business or decide to switch to a new format, that they'll either open the code (riiiiight) or provide some sort of conversion mechanism (suuuuure).
TiVo is a different matter, since it's essentially a closed box (although there are ways to get around that). In this, we need to trust that TiVo will not use a forced upgrade to further decrease functionality that was there when the machine was originally purchased. Seeing that the company has already done this once, by adding support for a type of broadcast flag that limits timeshifting, I don't have high hopes that TiVo will do the right thing. Hello, MythTV.
I feel especially sorry for the people that have spent hundreds or even thousands of dollars at the iTunes Music Store. What happens when Apple downgrades iTunes again, further limiting what users can do with the songs they bought? What happens in five years, when Apple moves on to another format? What happens to your music collection when the iPod is no longer de rigueur, and you want to switch to a new portable player? How are you going to get your encrypted AAC files to play on that new device, with something approaching the same level of quality?
DRM means that you have no control over the files on your computer. You can only do what the company supplying you with the DRM'd files want you to do.
4. DRM can be defeated
It may take some time, but all DRM can be defeated. Or rather, as Chris Anderson, the thinker and writer behind The Long Tail contends, "Any protection technology that is really difficult to crack is probably too cumbersome to be accepted by consumers." And anything that is not that cumbersome can be defeated (although so-called "Trusted Computing" is going to make that process a lot harder ... but I think it will eventually be overcome by those determined to get around it). Cory Doctorow put it best when he explained that the only way that DRM can work is if all of the following conditions are met:
Every copy of the song circulated, from the recording studio to the record store, had strong DRM on it
No analog to digital converters were available to anyone, anywhere in world, who might have an interest in breaking the DRM (since you can just avoid the DRM by ... taking the analog output off the player and re-digitizing the song in an open format)
· Peer-to-peer networks ceased to exist
· Search engines ceased to index file-sharing sites
· No "small worlds" file-sharing tools were in circulation
Although Cory is talking about music here, the same principles apply to any kind of file that can be protected with DRM. Even if Trusted Computing and Microsoft's vision of DRM'd Word documents and emails comes to fruition, if it's hot enough to protect, it's hot enough for someone looking at it - and someone does need to eventually look at it, or how can it be used? - to copy it by hand.
Of course, some might argue that it's enough that the average Joe can't break the DRM. If that's true, then why use DRM? What's the goal? If the goal is to prevent all unauthorized copies from being made and circulated, then it isn't enough to put up roadblocks; you must seek to lock down your "content" (as a writer, I hate that word) completely. If the goal is just to frustrate users, then why use DRM at all, since you must realize that un-DRM'd copies of your materials are going to circulate? And even if Joe can't break the DRM, he'll eventually figure out how to use a P2P network, or ask his nerd friend for help, and then you've got another unauthorized copy and an upset and now more knowledgeable former customer. What publisher wants that?
DRM has wormed its way into the imaginations of Hollywood, the RIAA, and publishers, and they in turn have convinced the computer industry (who, it must be admitted, needed little convincing) that DRM must be applied and supported throughout their products. To The New Yorker, I'm sure that DRM made lots of sense. In reality, though, it doesn't. DRM has angered this customer (and many others), eviscerated my Fair Use rights, ultimately rendered the money I spent moot, and it can still be copied anyway! Where does that leave the publisher? It sounds to me like we were both - consumer and publisher - sold a bill of goods. Welcome to the future!
http://www.securityfocus.com/columnists/390
A DRM Threat To Lives And Infrastructure?
Bill Brenner
The controversy over Sony BMG Music Entertainment Inc.'s use of rootkit-based copyright protection software has faded from the headlines. But the story continues to play out in the background, where information security advocates are pushing for the right to let users remove Digital Rights Management (DRM) software from their computers when the software is deemed a threat to security and privacy.
This week, Ed Felten, a professor of computer science and public affairs at Princeton University, used his Freedom to Tinker blog to lash out against what he called an "utterly astonishing argument" copyright protection groups are making against that effort.
In the wake of the rootkit controversy, Felten and Princeton Ph.D student Alex Halderman asked the U.S. Copyright Office for an exemption allowing users to remove certain DRM software from their computers when it is found to cause "security and privacy harm." Felten said the Computer and Communications Industry Association (CCIA) and Open Source and Industry Alliance (OSAIA) made an "even simpler" (.pdf) request to exempt DRM systems that "employ access control measures which threaten critical infrastructure and potentially endanger lives."
"Who could oppose that?" Felten asked before answering the question himself: "The BSA (Business Software Alliance), RIAA (Recording Industry Association of America), MPAA (Motion Picture Association of America) and friends -- that's who."
What Felten finds "utterly astonishing" is a statement those organizations make in their (.pdf) written arguments against the DRM exemptions. Felten cited pages 22 and 23, where they said, "the claimed beneficial impact of recognition of the exemption -- that it would 'provide an incentive for the creation of protection measures that respect the security of consumers' computers while protecting the interests of the record labels'
would be fundamentally undermined if copyright owners -- and everyone else -- were left in such serious doubt about which measures were or were not subject to circumvention under the exemption."
The industry groups added, "This uncertainty would be even more severe under the formulations
in which the boundaries of the proposed exemption would turn on whether access controls 'threaten critical infrastructure and potentially endanger lives.'"
To that, Felten responded, "One would have thought they'd make awfully sure that a DRM measure didn't threaten critical infrastructure or endanger lives before they deployed that measure. But apparently they want to keep open the option of deploying DRM even when there are severe doubts about whether it threatens critical infrastructure and potentially endangers lives."
The truly amazing part, he said, is that in order to protect their ability to deploy this "dangerous" DRM, "they want the Copyright Office to withhold from users permission to uninstall DRM software that actually does threaten critical infrastructure and endanger lives."
He ended on a pessimistic note: "If past rulemakings are a good predictor, it's more likely than not that the Copyright Office will rule in their favor," he said.
http://searchsecurity.techtarget.com...172053,00.html
Indie Label Uses Heartfelt Note Instead Of Copy-Restriction
Cory doctorow
An independent label is eschewing copy-restriction technology on its promo CDs in favor of a handwritten notes on a stickie reading:
Dear Recipient of Promotional CD,
Just a note to beg (if you were even thinking about it in the first place) you not to post our CD to the "internet" in any way...I know it's offensive even to bring it up, but we have our many babies to consider, and the landlord wants to reposess Donnybrook farm and the album cover art is important. Thanks for your consideration.
http://www.boingboing.net/2006/03/07..._uses_hea.html
Add Intel DRM To Your Product, Pay $8m Fine
Cory Doctorow
If you cripple your products by adding Intel's DTCP-IP DRM to it, you could be liable for more than eight million dollars in fines if your implementation gets cracked. In this Intel Developer Forum presentation, Intel's Brett Branch explains everything you need to know about implementing Intel's DTCP-IP (including a complicated philosophical argument about why this isn't really DRM, even though it satisfies the primary definition of DRM: technology designed to give control of a device to someone other than its owner).
It's pretty creepy: you have to allow for "system renewability messages" that can revoke features and even disable the DTCP-IP when they're submitted. Ever wonder why enemy space-stations always seem to have a big red "press this to make the whole space-station explode" button in science fiction movies? I mean, wouldn't it be smarter to just not build "self-destruct" into your space-station? Well, that's what DTCP-IP demands of its implementers.
Scariest of all, though, is slide 25, shown here, which explains what happens if your DTCP-IP implementation results in a breach: $8m in fines, more fines from copyright holders (see update below), and revocation of your devices in the field (meaning potential lawsuits from your customers).
The presentation ends with a bunch of "call-to-action" slides for the people in the audience who are supposed to go out and add this to their products. But none of those slides says this: "If you subtract value from your products by adding our crippleware, we might reward you by bankrupting you when the inevitable breach occurs." It would also be nice to see this slide: "All of the 'premium content' crippled with DRM can also be downloaded for free from the Internet without any of these locks. Hey, entertainment industry cats -- do you think that adding DTCP-IP anti- features might provide an incentive to otherwise honest users to get their TV shows from Bittorrent instead?" 1.4MB PDF Link (via Hack the Planet)
Update: EFF's Fred von Lohmann sez,
Here's the accurate description of how the DTCP license works (all of this is in the public documents): 1) Liability to DT Licensing Authority for a material breach is capped at $8 million (DTLA has never sued anyone to date).
2) Liability to qualified third party beneficiaries (i.e., movie studios) for a material breach is limited to injunctive relief only (no monetary damages payable to movie studios for breach).
3) DMCA and secondary liability claims that a rights holder might want to bring for whatever reason are simply not covered by the contract one way or the other . . . they remain creatures of statute that the DTLA agreement does not affect.
So the DTCP license does expose technology companies to breach of contract damages if they fail to meet the relevant requirements (including robustness and compliance rules), but only DTLA can sue for money. Movie studios can sue as third party beneficiaries, but only for injunctions (e.g., stop manufacturing that tamper-friendly chipset).
http://www.boingboing.net/2006/03/07...rm_to_you.html
Unhappy Upgrades
Software Users Seek Help 'Downgrading' Their PCs
Andrew LaVallee
When Yahoo Inc. released an upgrade to its free MusicMatch jukebox software, Kyle Keeton didn't think twice about installing it on his home computer. "I try all the new programs I can," said the 47 year-old restaurant manager.
But the new version of MusicMatch didn't seem to agree with his PC: He noticed several programs were slower, and there were frequent crashes. When Mr. Keeton tried to revert back to the earlier version, which ran smoothly, he discovered that it was gone from his computer, and he couldn't find any instructions for rolling back the new program.
Yahoo's Web site was no help. Like other companies, Yahoo links only to the latest versions of its programs. After some Web searching, Mr. Keeton was able to download a previous version of MusicMatch from OldVersion.com, a Web site set up by a computer enthusiast that serves as a repository of outdated programs. "When you upgrade, it doesn't [always] mean that the program's better," Mr. Keeton said.
Software makers have long convinced consumers they need to regularly upgrade their products, from multimedia players to games, to keep them running well and to take advantage of the best features. The prevalence of high-speed Internet connections has made upgrading much simpler, and many software makers use automatic notifications to encourage users to download new files. But the newer versions aren't always improvements in the eyes of users: The updates may fix problems or plug security holes, but some may add more advertising or other unwanted features.
Users often try to downgrade when they find confusing changes in a new version or encounter software bugs, or just decide they want to go back to a more familiar version, said David Smith, an analyst at research firm Gartner. Often, they discover that the downgrade process is complicated, if not impossible.
A spokeswoman for MusicMatch said it generally doesn't make old versions of its software available to users, but said customer-service representatives will help users downgrade if they press the issue.
Uncertain Upgrades
Part of the problem, analysts say, is that users are sometimes lured into updating their software without fully understanding what will change. For instance, users of Apple Computer Inc.'s popular iTunes program were recently met with a prompt that said simply, "A new version of iTunes (6.0.4) is available. Would you like to download it now?"
Those who took advantage of an iTunes upgrade earlier this year discovered that it added a new "Mini Store" to the software's music player, which recommended songs for sale from Apple based on the music the user was playing on their computer. Blogs and online support forums lit up with requests for instructions on how to revert to the previous version. An Apple spokesman said iTunes can't be downgraded once a user has installed a newer version, though a feature in the software allows users to disable the Mini Store.
Since few software vendors make past versions of their products available online, computer users are turning to specialized Web sites for help. Collections of long-lost versions of free programs have been amassed on sites like OldVersion.com, MajorGeeks.com, and Jumbo.com, where consumers can download them.
At MacFixIt.com, a technical-support site for owners of Apple Macintosh computers, downgrades are a frequent topic of discussion, said Ben Wilson, the site's editor. Users regularly seek instructions on rolling back upgrades to the Mac's operating system. That process can be daunting, he said, and sometimes requires users to hunt around their computers for specific files to alter.
Tracking Old Versions
OldVersion.com offers more than 600 versions of about 65 different programs. The site focuses on programs that are distributed by their makers for free, such as Adobe Systems Inc.'s Acrobat Reader and Yahoo's instant-messaging software. The old versions are submitted by volunteers who save copies before they get replaced on software makers' Web sites.
"Companies make a lot of new versions. They're not always better for the consumer," said Alex Levine, a 16-year-old who runs OldVersion as a hobby from his family's home in Fayetteville, N.Y. Text advertisements on the site help pay for his monthly Web hosting bill, he said.
Mr. Levine recently tried the latest release of America Online's instant-messaging software, called AIM Triton, but found it had "a whole bunch of advertising." He ended up downgrading, using an installation file from an older version of the program.
AOL, for its part, doesn't mind when users downgrade, said a spokeswoman for the unit of Time Warner Inc. About 6.5 million of the company's 43 million instant-messaging users have upgraded to Triton since it was released in November, she said.
The sites that maintain old versions generally operate without the permission of software makers, but rarely run into trouble, since the programs they're distributing were free to begin with. Mr. Levine said he has only been asked to remove old versions of two programs iTunes and the file-swapping program Kazaa and he complied both times.
Some software makers have gone out of their way to make it easy for users to downgrade their programs. Mozilla Corp., which makes the free Firefox Web browser, maintains an archive of old versions on one of its support sites.
Downgrading became an issue following a major update of the software last fall. The new version contained potential security vulnerabilities, and didn't support some extensions, or add-on features, that independent programmers had created for the browser. "Two extensions that I relied on really heavily wouldn't install," said Sarah Perez, a systems administrator in Tampa, Fla. Ms. Perez said she was able to easily revert to the previous version of the browser. She later upgraded after the company addressed the issues.
http://online.wsj.com/public/article...html?mod=blogs
Can Microsoft Save the Net?
Lawrence Lessig
Working late one night a few months back, I was just about to sign off when I decided to check my email. At the top of my inbox was a message from PayPal, "confirming" a change in my email address. But I hadn't changed the address. In an exhausted panic, I clicked the link to correct an obvious fraud.
For a split second the browser opened not to PayPal but to an unrelated IP address. Then, almost instantaneously, the screen was replaced by what looked exactly like a PayPal window, requesting my password to sign in. This wasn't PayPal; it was a phishing bot. Had I been just a little drowsier, I might have been snagged by the fraud in the very act of trying to stop it.
We who celebrate the brilliance of the Internet - and in particular, its end-to-end open design - tend to ignore the maliciousness that increasingly infects it. The Net was built on trust, and it lacks an adequate mechanism to prevent fraud. Thus, it's no surprise that phishing expeditions nearly doubled last year - and phishing is just one of many evils proliferating online. It's only a matter of time until some virus takes out millions of computers or some senator's identity is stolen. When that happens, the liberties inherent in the Internet's early design will erode even faster than the liberties said to be protected by the Constitution.
Now, with the debut of the InfoCard identity management system, Microsoft is leading a network-wide effort to address the issue. To those of us long skeptical of the technology giant's intentions, the plan seems too good to be true. Yet the solution is not only right, it could be the most important contribution to Internet security since cryptography.
The InfoCard system will first be distributed with Vista, Microsoft's newest Windows OS, set for release this year. The system effectively adds an "identity layer" to the Internet, accomplishing what security companies have been promising for years: making it difficult to falsify an identity and easy to verify your own. Here's how it works: Users' computers (and potentially cell phones and other devices) will hold files called InfoCards that give encrypted sites access to authenticated information about the user. An American Express InfoCard, for example, might carry your name, address, and account number, all authenticated by American Express. When a Web site requests personal data, you choose whether to release that information, securely and with the verification of the card's issuer.
The resulting system is more precise and comprehensive than the hope-it-works hodgepodge of security measures we use now, argues Kim Cameron, Microsoft's chief architect of identity and access. "Auto-complete and cookies and passwords are part of a patchwork solution. With InfoCards, users will always know exactly what's happening and can always control it."
This might sound scary to friends of privacy. It shouldn't. The InfoCard system gives you more control over your data, not less. The protocol is built on a need-to-know principle: While an InfoCard might hold 30 facts about me, only the data I choose to reveal is shared. If I need to certify that I am a US citizen, then that fact is verified without also revealing my name, age, or place of birth. And when it comes to that fake PayPal site, the InfoCard system wouldn't recognize it - it wouldn't have theproper credentials.
Again, if this sounds scary to those suspicious of Microsoft, it shouldn't. It's a protocol - a set of rules for exchanging information - not a Microsoft product. Any company can provide certified protection for data using the protocol, and many will. So unlike Microsoft's Passport system, the dubious personal info repository that alarmed many people a few years ago, no central administrator decides how privacy is protected or trust secured. Instead, the protocol solves the problem of security the same way the Internet solved the problem of browsers - through competition on an open, neutral platform. This is infrastructure for a digital age. It's TCP/IP for privacy and security.
None of this means there isn't a role for (smart) government policy and laws against online fraud or theft. There plainly is. But if this identity layer sticks, then there is a wider range of solutions to the problem. In particular, there is one that seemed impossible to me just a year ago, one that's consistent with the decentralized design of the Internet. That's an extraordinary gift to the online world, from a giant that increasingly depends on the Net's extraordinary design.
http://www.wired.com/wired/archive/1...osts.html?pg=7
One way out
Microsoft: Vista Won't Get A Backdoor
Joris Evers
Windows Vista won't have a backdoor that could be used by police forces to get into encrypted files, Microsoft has stressed.
In February, a BBC News story suggested that the British government was in discussions with Microsoft over backdoor access to the operating system. A backdoor is a method of bypassing normal authentication to gain access to a computer without to the PC user knowing.
But Microsoft has now quelled the suggestion that law enforcement might get such access.
"Microsoft has not and will not put 'backdoors' into Windows," a company representative said in a statement sent via e-mail.
The discussion centers on BitLocker Drive Encryption, a planned security feature for Vista, the update to the Windows operating system. BitLocker encrypts data to protect it if the computer is lost or stolen.
This feature could make it harder for law enforcement agencies to get access to data on seized computers.
"The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data," Niels Ferguson, a developer and cryptographer at Microsoft, wrote Thursday on a corporate blog. "Over my dead body," he wrote in his post titled "Back- door nonsense."
Microsoft is talking to various governments about Vista. However, the talks are about using the new operating system and BitLocker for their own security, Ferguson wrote. "We also get questions from law enforcement organizations. They foresee that they will want to read BitLocker-encrypted data, and they want to be prepared," he wrote.
"Back doors are simply not acceptable," Ferguson wrote. "Besides, they wouldn't find anybody on this team willing to implement and test the back door."
Windows Vista, the successor to Windows XP, is slated to be available by year's end.
http://news.com.com/Microsoft+Vista+...3-6046016.html
Ich bin ein Penguin
IBM Will Not Use Windows Vista - But Will Move To Linux Desktops
William Henning
IBM switching to Linux destops in Germany according to a Linux Forum 2006 presentation by their head of open source and Linux sales in Germany.
Interesting news from LinuxForum 2006
During a presentation on IBM's involvement with Open Source, Andreas Pleschek from IBM in Stuttgart, Germany, who heads open source and Linux technical sales across North East Europe for IBM made a very interesting statement...
"Andreas Pleschek also told that IBM has cancelled their contract with Microsoft as of October this year. That means that IBM will not use Windows Vista for their desktops. Beginning from July, IBM employees will begin using IBM Workplace on their new, Red Hat-based platform. Not all at once - some will keep using their present Windows versions for a while. But none will upgrade to Vista."
The question is, does this only apply to IBM in Germany, or IBM world wide?
If ALL of IBM switches to Linux desktops and OpenOffice... that would be a very significant loss to Microsoft; not only in direct licensing revenues, but also in speeding adoption of Linux by other companies. After all, if IBM can run on Linux desktops...
http://www.neoseeker.com/news/story/5436/
Google Is Reportedly Switching to AMD
Google Inc. is switching its servers to run on Advanced Micro Devices Inc. chips instead of those made by Intel Corp., according to a Morgan Stanley report.
Google, which has more than 200,000 servers, has started to buy Advanced Micro's Opteron processors with almost all new purchases, Morgan Stanley analyst Mark Edelstone said. He raised his earnings estimates for Sunnyvale, Calif.-based Advanced Micro.
"Most of Google's near-term server purchases will use AMD's Opteron for the first time," Edelstone said. Google "will help AMD to enjoy a significant sequential increase in their server business in the first quarter."
Winning Google as a customer may help Advanced Micro beat analysts' estimates this quarter, San Francisco-based Edelstone wrote.
The switch may also come as a blow to Intel Chief Executive Paul Otellini, who sits on Google's board. Advanced Micro, the No. 2 maker of computer processors behind Intel, last quarter took more than 20% of the market for the first time in more than four years.
Edelstone raised his estimate for Advanced Micro's first-quarter profit to 33 cents a share from 31 cents. He raised his 2006 estimate by 10 cents to $1.70 a share.
Shares of Advanced Micro rose $1.40 to $40.07.
Google spokeswoman Sonya Boralv said she wasn't able to comment on the Morgan Stanley report.
http://www.latimes.com/technology/la...ck=1&cset=true
Intel Says Sales to Fall Short
The chip maker warns it will miss quarterly revenue forecasts, a further sign that rival AMD is grabbing more market share.
Terril Yue Jones
In another sign of Intel Corp.'s eroding market share, the world's largest chip maker warned Friday that it would miss quarterly sales targets as demand slips and archrival Advanced Micro Devices Inc. grabs customers.
It was the latest indication of vulnerability from Intel, which supplies 80% of the microprocessors that run computers. In recent quarters, the Santa Clara, Calif.-based company has grappled with component shortages, canceled products and gains by AMD.
"Intel is far from out of the woods; they may just be getting into them," said Rick Whittington, a chip analyst with Caris & Co. "AMD now has 20% market share, and AMD is producing more chips this quarter from their new [plant] in Germany. So Intel is being pressed, and we'll see more of that."
Since mid-January, when Intel reported fourth-quarter profit and revenue that fell short of projections, the Silicon Valley icon has watched its stock slide 20%. Its shares fell as low as $19.86 on Friday, a 52-week low, then closed at $20.32, down 17 cents.
"The fact that the stock is holding up reasonably well is that there's not really new news now," said James Ragan, an analyst with Crowell, Weedon & Co. in Los Angeles. "This is a continuation of the bad news that we got in January. Everybody knows that AMD did gain market share in the fourth quarter, and it appears it's a continuation, and Intel for the first time is acknowledging that. So they're being more conservative."
Intel said revenue this quarter would be $8.7 billion to $9.1 billion, a lower range than the $9.1 billion to $9.7 billion it forecast in January. Intel executives declined to comment further Friday.
The sales warning underscores the advances that Sunnyvale, Calif.-based AMD has made in recent years in hacking away at Intel's position. Intel still dominates the overall computer processor market, but AMD has been taking market share in processors for PCs and for server computers.
Last quarter, for instance, AMD outsold Intel for the first time in U.S. retail desktop sales.
"We know Intel's a little behind AMD, which is getting a lot of positive ratings on the performance of their chips," said Ragan, who owns Intel shares and rates them a "buy." "There's a lot of different kinds of chips sold now, but AMD has some chips that are offering better performance at a better price, and it's hard to compete with that."
Intel began shipping processors late last year that are built with wires as narrow as 65 nanometers across, the most state-of-the-art process available. A nanometer is a billionth of a meter.
AMD's chips are still made at the 90-nanometer level but provide more performance for the price.
That means "Intel could have a difficult second half," said Whittington, who rates Intel "below average" and AMD "buy."
"AMD has superior performance at lower power, and their cost to manufacture, even though they're behind a generation, is commensurate with Intel," Whittington said. "Hence when AMD catches up in process, they will lengthen their lead."
But AMD has troubles of its own, including slowing PC demand and the continuing refusal of Dell Inc., the world's biggest PC maker, to use AMD processors in its computers.
AMD's shares fell $1.82, or more than 4%, to $39.51 on Friday. They are up 29% this year.
AMD executives declined to comment.
http://www.latimes.com/technology/la...nes-technology
Record Labels Expect 30 Percent Revenue From Satellite Radio
Posted by Seαn Byrne - Source: Morningstar
When it comes to digital radio, the music industry is trying to control it as much as possible, not to mention trying to restrict how its listener's capabilities also. So far, their talks with Sirius Radio Inc. has a long way to go yet, particularly over the issue with Sirius' S50 satellite radio receiver which has the ability to record its broadcasts. Besides trying to enforce restrictions on what consumers try to record, the record labels feel that they are entitled to around 30% of revenue generated from satellite radio.
At present, terrestrial radio broadcast services must pay compulsory rates for the right to play music, however radio companies must negotiate their own rates instead. According to the RIAA, they see satellite radio as an interactive service, which they claim makes them entitled to higher rates, particularly as its audience continues to grow. Also, unlike terrestrial radio services, most satellite radio services are subscription based like satellite TV, which is likely another reason why music labels would like to tap into this revenue stream. The labels and satellite radio companies have until June 30th to make an agreement to avoid a hearing. Thanks to DamnedIfIknow for letting us know about the following news:
Speaking a Bear Stearns media conference Wednesday, which was web cast, Sirius Chief Financial Officer David Frear said he feels satellite radio companies shouldn't have to pay music labels anything in royalties while labels feel they should get something like 30% of revenue.
"There's been some tough talk from some of the labels," he said. Record labels haven't been happy with Sirius's new S50 radio which includes an MP3 player that allows users to record several hours of programming. The music industry insists that because of this "interactive" service, which is entitled to higher fees, satellite radio companies should have to step up and pay more.
If the RIAA and its music labels have their way, the future of digital satellite radio does not look good. First, if the satellite radio companies are forced to pay around 30% of their revenue to the music labels, chances are that they will not be able to absorb this cost, so this will mean a significant hike on subscription costs, not to mention a further 30% of this going to the music labels for the extra revenue generated from the hike. Next, if the Bill for the digital radio broadcast flag goes into effect, consumers will lose the ability to record certain broadcasts, particularly music and possibly the ability to keep or transfer most of their recordings. Finally, this bill would also mean that digital radio receiver manufacturers would have to fork out on extra costs to implement these copy-protection features, not to mention the cost of getting them approved for each model they develop.
DamnedIfIknow: Man, colludding on digital music pricing, a digital radio broadcast flag, and 30 percent royalties? Someone needs to give the record labels a swift kick in the ***.
http://www.cdfreaks.com/news/13148
TiVo To Expand TV Recording To Cell Phones
May Wong
TiVo subscribers will soon be able to program television recordings straight from cell phones using the Verizon Wireless network.
An agreement with Verizon Wireless, to be announced Tuesday, expands on TiVo Inc.'s strategy to bring the digital video recording pioneer's capabilities beyond its set- top-boxes and the television, and directly to cell phones for the first time.
Dubbed TiVo Mobile, it's also the latest feature the Alviso, Calif.-based company is introducing to help differentiate itself from the growing number of rival DVR offerings from cable and satellite TV operators.
A DVR records TV programming onto hard disks and gives viewers the ability to pause live TV and fast-forward through commercials.
Terms of the TiVo-Verizon deal were not disclosed, but TiVo said Verizon would be the first cellular carrier to offer the remote TiVo scheduling feature on its handsets.
"TiVo isn't just about a great way to watch television but it's also about a great way to manage your TV life, and to do that, we realize TiVo can't be isolated. It has to be integrated with all these other digital devices in people's lives," TiVo CEO Tom Rogers said in an interview.
TiVo subscribers already can program their recordings through the TiVo Web site and Yahoo Inc.'s online TV guide, so users with Web-enabled cell phones can schedule recordings that way.
TiVo Mobile, however, is specifically tailored to work on cell phones, making the on- the-go scheduling process easier and faster, said Naveen Chopra, TiVo's director of business development.
Verizon subscribers will be able to access TiVo Mobile through its "Get It Now" service menu starting in the early summer. Verizon's pricing for the service will be announced then, TiVo said.
http://hosted.ap.org/dynamic/stories...MPLATE=DEFAULT
AOL Bows to Nonprofit E-Mailers
AP
Less than a week after interest groups complained about a proposed bulk e-mailing fee, America Online Inc. said nonprofit organizations would not have to pay to send mass messages to their members after all.
The Dulles, Va.-based company said Friday that it would offer qualified groups a bulk e- mail service comparable to one that would be available to commercial e-mail senders. It also said it would pay the fees for the nonprofits and advocacy groups.
AOL's original plan would have required all bulk e-mailers to pay a fee 0.25 cent to 1 cent per message to route e-mail to a user's mailbox without passing through junk mail filters.
But Monday, a consortium of nonprofit groups, including the AFL- CIO and political group MoveOn.org Civic Action, blasted plans to charge for the service, saying it would stifle communication from organizations that couldn't afford to pay.
http://www.latimes.com/technology/la...nes-technology