Cyber War: Microsoft a weak link in national security

"Microsoft has vast resources, literally billions of dollars in cash, or liquid assets reserves. Microsoft is an incredibly successful empire built on the premise of market dominance with low-quality goods."

Who wrote those lines? Steve Jobs? Linux inventor Linus Torvalds? Ralph Nader? No, the author is former White House adviser Richard A. Clarke in his new book, Cyber War: The Next Threat to National Security and What to Do About It.

It has been a few months since Clarke's latest opus appeared, but it's still making quite a splash. Clarke, after all, was the guy who repeatedly warned the White House about Al Qaeda before September 11, 2001. As a result, he has quickly become the most publicly identifiable person on the subject.

"While it may appear to give America some sort of advantage," Cyber War warns, "in fact cyber war places this country at greater jeopardy than it does any other nation." The enormous dependence of our financial and energy networks on the 'Net open us up to potentially devastating online attacks. "It is the public, the civilian population of the United States and the publicly owned corporations that run our key national systems, that are likely to suffer in a cyber war."

Large scale movement

Clarke takes readers through various famous cyberwar incidents, most notably the Distributed Denial of Service (DDoS) attack on Estonia back in 2007, but how bad could such events really get?

The hypothetical answer is on page 64. There Clarke deputizes you as Assistant to the President for Homeland Security and takes you through a scenario of doom. The National Security Agency has just sent a critical alert to your BlackBerry: "Large scale movement of several different zero day malware programs moving on Internet in US, affecting critical infrastructure."

But by the time you get your office, one of the DoD's main networks has already crashed; computer system failures have caused huge refinery fires around the country; the Federal Aviation Administration's air traffic control center in Virginia is collapsing, and the hits just keep coming.

"The Chairman of the Fed just called," the Secretary of the Treasury tells you. "Their data centers and their backups have had some sort of major disaster. They have lost all their data." Power blackouts are sweeping the country. Thousands of people have already died. "There is more going on," Clarke narrates, "but the people who should be reporting to you can't get through."

File under fiction

Clarke's book has gotten tons of play with this sort of stuff—check out, for example, the scary interview he did with Terry Gross on NPR's Fresh Air. But little of it impresses his critics.

"File under fiction," begins Ryan Siegel's review over at Wired. "Like in real war, truth is the first casualty." Siegel warns that the tome is based on hypothetical scenarios (see above) or alarmist and inaccurate rehashings of various cyber emergencies. Plus, we note the book has no references or index.

Ditto, says Evgeny Morozov in the Wall Street Journal. "We do not want to sleepwalk into a cyber-Katrina," he writes, "but neither do we want to hold our policy-making hostage to the rhetorical ploys of better-informed government contractors." Clarke is one of four partners in the Good Harbor Consulting security firm.

But even his detractors acknowledge that some of Clarke's broad arguments make sense—most notably his warning that the Pentagon can't assume that the energy and financial sectors will effectively defend themselves from cyber attacks. 

"At the beginning of the age of cyber war," Clarke ruefully notes, "the US government is telling the population and industry to defend themselves."

Money talks

Why has the national response to this problem been so slow? Lack of consensus on what to do and fear of the "R-word"—government regulation, Clarke contends. Then there's Reason Number Five on his list, which basically boils down to "Microsoft."

"Some people like things the way they are," Clarke obliquely observes. "Some of those people have bought access." Microsoft, he notes, is a prominent member of OpenSecrets.org's "Heavy Hitters" political donor list. Most of the list's stars are trade associations. "Microsoft is one of only seven companies that make the cut."

The software giant's largesse has shifted from Republicans back in the Clinton antitrust days to Obama, he continues, but the agenda is always clear: "Don't regulate security in the software industry, don't let the Pentagon stop using our software no matter how many security flaws it has, and don't say anything about software production overseas or deals with China."

Clarke tries to be fair. He notes that Microsoft didn't originally intend its software for critical networks. But even his efforts at fairness are unflattering. Microsoft's original goal "was to get the product out the door and at a low cost of production," he explains. "It did not originally see any point to investing in the kind of rigorous quality assurance and quality control process that NASA insisted on for the software used in human space-flight systems."

But people brought in Microsoft programs for critical systems anyway. "They were, after all, much cheaper than custom-built applications." And when the government launched its Commercial Off-the-Shelf program (COTS) to cut expenses, Microsoft software migrated to military networks. These kind of cost cutting reforms "brought to the Pentagon all the same bugs and vulnerabilities that exist on your own computer," Clarke writes.

Floating i-brick

The former White House advisor cites the 1997 USS Yorktown incident as a consequence. The Ticonderoga-class ship's whole operational network was retrofitted with Windows NT. "When the Windows system crashed, as Windows often does, the cruiser became a floating i-brick, dead in the water."

In response to this "and a legion of other failures," the government began looking into the Linux operating system. The Pentagon could "slice and dice" this open source software, pick and choose the components it needed, and more easily eliminate bugs.

Clarke says that, in response:

[Microsoft] went on the warpath against Linux to slow the adoption of it by government committees, including by Bill Gates. Nevertheless, because there were government agencies using Linux, I asked NSA to do an assessment of it. In a move that startled the open-source community, NSA joined that community by publicly offering fixes to the Linux operating system that would improve its security. Microsoft gave me the very clear impression that if the US government promoted Linux, Microsoft would stop cooperating with the US government. While that did not faze me, it may have had an effect on others. Microsoft's software is still being bought by most federal agencies, even though Linux is free.

The company took a similarly hard line towards the banking and financial industry, Cyber War says, rebuffing access requests from security specialists for Microsoft code. When banks threatened to use Linux, Microsoft urged them to wait for its next operating system—Vista.

"Microsoft insiders have admitted to me that the company really did not take security seriously, even when they were being embarrassed by frequent highly publicized hacks," Clarke confides. Sure enough, when Apple and Linux began to offer serious competition, Microsoft upgraded quality in recent years. But what the company did first was to lobby against higher government security standards.

"Microsoft can buy a lot of spokesmen and lobbyists for a fraction of the cost of creating more secure systems," concludes Clarke's section on the software firm. "They are one of several dominant companies in the cyber industry for whom life is good right now and change may be bad."

Required to do so

Given the considerable amount of criticism Cyber War has come in for, we're not endorsing Clarke's nightmare version of Microsoft's history. And we're more than a little nervous about some of his prescriptions for "change." These include government rules ordering the big ISPs "to engage in deep-packet inspection for malware." 

Although these provisions should include high standards for privacy, "the ISPs must be given the legal protection necessary" so they won't fear being sued for stopping malware, viruses, DDOS attacks, and worms. "Indeed, they must be required to do so by new regulations," Clarke insists.

But many of the reviews and notices of Cyber War gloss over one of the principal observations of the book: the privatization of government over the last two decades may have saved cash but compromised the government's ability to defend crucial portions of America from big and small attacks on the 'Net. That's a concern that bears further discussion, whatever you think of Clarke's scary cyber stories.

Vision of 'a smart phone for everyone'

SINGAPORE : Samsung has launched its new flagship Galaxy S Android smart phone first in the Asia-Oceania region, with the aim of riding the wave of innovation in the Android platform and providing smart phones for every budget.

Speaking at the launch in Singapore, Gregory Lee, CEO of Samsung Southeast Asia and Oceania, said he was confident that the phone will be a major success thanks to Android now being the fastest-growing smart phone platform and the rich variety of applications available on the Android Market.

Samsung is all about open platforms which will help each country build in localisations.

The US and European launches will follow sometime in July. Lee said it was rare in the US for all carriers to launch the same phone at the same time, but all have already signed up for the Galaxy S.

In the region, Singtel, AIS, Telkomsel, Optus (and soon Maxxis) have signed up as launch partners.

''This is only the beginning of Samsung's approach to smart phones. We will soon offer smart phones for every price point aimed at every consumer in Southeast Asia,'' he said.

Winston Goh, Product Manager, ran though some of the highlights of the phone.

The Galaxy S is 9.9 millimetres slim and comes with the industry's most powerful CPU right now, running at 1 GHz. This does not come at a cost of battery life. Standby is 250 hours on 2G and 200 on 3G. With the radios off in flight mode, it is capable of showing video for seven hours.

''And when your battery runs out, you simply open it and put in another one. You don't need an engineer to change the battery,'' he said, taking a sideswipe at Apple's iPhone with its non-replaceable battery. Goh later said that the Galaxy S was not magic, but the result of hard engineering work, also taking a jab at Apple's ''magical'' iPad experience.

The Galaxy S is the second phone in Southeast Asia that comes with Samsung's new Super AMOLED display that offers stunning colours and, unlike earlier AMOLED designs, remains readable under direct sunlight.

Also present is Samsung's Swype keyboard, where words are written on an onscreen keypad without taking the user's finger off the screen. This input method, as used on the Samsung Omnia II, currently hold the Guinness world record for phone text input speed.

The Galaxy S runs Android 2.1 and features all the usual Android features, such as tight integration with social networking, gallery and video playback.

In addition it provides eBook capabilities, HD video playback and recording, DLNA (digital living network alliance) connectivity, ThinkFree office that can view and edit Microsoft Office 2007 documents, Bluetooth 3.0, Wi-Fi B/G/N and mobile access point (tethering) dhcapabilities.

It supports 7.2 MBPS down, 5.76 MBPS up on 3G networks and EDGE class 12.

Other applications included, for the Singapore market at least, was an e-Nets (debit card) application for e-commerce.

Google’s Hong Kong Back Door

Overnight in China, Google started redirecting users of its mainland Chinese search engine Google.cn to the uncensored, Hong Kong-based Google.com.hk, presenting a challenge to China’s control of the Internet.

Google’s latest move to offer unfiltered results to Chinese users represents the most prominent challenge to Chinese authorities in recent memory, particularly for a company that says it still wants to do business in China. The redirection of users to the Hong Kong site could be seen as compounding the offense since it is clearly based on the wider freedoms available in Hong Kong under the “one country, two systems” policy.
The former British colony of Hong Kong, which returned to Chinese rule in 1997, maintains a separate legal system and has a free press. Google’s Hong Kong office is registered as a separate legal entity from its mainland China offices.

Google.hk offers many of the same services as Google.cn, as well as a simplified Chinese-language option (Hong Kong uses traditional Chinese characters). On the simplified Chinese home page of Google.hk, users are greeted with a message that reads: “Welcome to the new home of Google Search in China.” Users can also access Google’s free Chinese music download service through the Hong Kong site.
The Hong Kong government said Tuesday it doesn’t censor the content of Web sites and fully respects freedom of information. “There are no restrictions on access to Web sites, including Hong Kong-based Web sites, from China,” the government said in an e-mailed statement.
The question now is how long China will allow Google to continue to exploit the loophole offered by “one country, two systems.” Mainland authorities could easily revoke Google’s right to use the Google.cn domain name (as well as the related g.cn domain) and/or block access to the Hong Kong site, but beyond that, Google’s activities in Hong Kong are largely beyond their reach. This has made the city a haven for media outlets that take a critical stance toward the Chinese government, such as Jimmy Lai’s Next Media (publisher of Apple Daily) and the U.S. government-funded Radio Free Asia, as well as human rights groups and NGOs that focus on issues in China.
China’s response so far doesn’t offer much comfort. This morning, Xinhua news agency cited an official from the Internet bureau of the State Council Information Office slamming the U.S. Internet giant’s actions.
“Google has violated its written promise it made when entering the Chinese market by stopping filtering its searching service and blaming China in insinuation for alleged hacker attacks,” the unnamed official was quoted as saying. “This is totally wrong. We’re uncompromisingly opposed to the politicization of commercial issues, and express our discontent and indignation to Google for its unreasonable accusations and conducts.”

:blogs.wsj.com

InVisage aims to remake camera sensor market

"With a tiny smartphone 3-megapixel sensor, we could make that a 12-megapixel sensor," said Chief Executive Jess Lee. "Or we could quadruple its sensitivity and ISO. That's the net benefit here." Higher sensitivity means photos that aren't as afflicted with the flecks of color that mean the sensor is capturing noise instead of what a person wants to photograph.

The Menlo Park, Calif.-based company is set to demonstrate its products at the Demo conference in Palm Springs, Calif., on Monday, coming out of stealth mode in the process. Specifically, it'll show images produced by a sensor whose pixels measure only 1.1 microns, or millionths of a meter, on edge.
Essentially, the technology works by adding a new finely tuned light-sensitive layer on top of the silicon chip, Lee said. That layer is more efficient at converting incoming light into electrical signals, and the light isn't partially blocked by a microprocessor's metallic layers, either.

Those who make camera sensors, including Panasonic, Sony, Canon, Micron Technologies spinoff Aptina Imaging, and OmniVision Technologies, have been working to snatch as many photons as possible that come through the camera lens. Among other things, they've reduced the size of circuitry that gets in the way of capturing light, thereby increasing the "fill factor" of each pixel; they've flipped the sensor design around so the circuitry doesn't get in the way of the silicon in an approach called back-side illumination; they've come up with "gapless" microlenses that gather light from one edge of the pixel to the other and focus it on the light-gathering area.

And those sensor makers have made steady progress. In particular, SLR cameras can shoot at ISO sensitivity settings as high as 102,400 in a couple cases. But SLRs use large, expensive sensors that don't fit in a mobile phone camera's physical housing or price constraints, and smaller sensors require some combination of fewer megapixels and smaller pixels with lower sensitivity.

InVisage believes its approach offers a much larger leap in improvement than the existing industry has come up with so far, and though it's aiming initially for high-end mobile phones, the technology will work on ordinary digital cameras, security cameras, and military night-vision systems as well, Lee said.

The company has ambitions to remake the image sensor market, but doing so isn't easy. Foveon, another Silicon Valley image sensor start-up, has had only niche success, for example. And it's going up against major chipmaking experts with established businesses.

Competitor OmniVision has 1.1-micron pixels, too, with its own partnership with Taiwan Semiconductor Manufacturing Co. (TSMC), and said the process will work with sub-micron pixels as well.
InVisage has backing in the form of more than $30 million raised from RockPort Capital, Charles River Ventures, InterWest Partners, and OnPoint Technologies. It's got 30 employees to date and a manufacturing partnership with TSMC, as well.

And Lee argues InVisage has an advantage over incumbent powers: its technology doesn't require as advanced manufacturing equipment to make. OmniVision's 1.1-micron pixel sensor requires manufacturing equipment that can make features as small as 65 nanometers, or billionths of a meter, but InVisage's requires only 110-nanometer equipment, Lee said.

InVisage Executives include Lee, who previously was a vice president of OmniVision and also worked at Altera, Silicon Graphics, and Creative Labs; nanotechnology researcher and Chief Technology Officer Ted Sargent; and Marketing Director Michael Hepp, who worked at OmniVision as in product marketing and program management and also worked at National Semiconductor.

InVisage is starting with smartphones first because it's an established, high-volume market. "We're working with two top-tier handset manufacturers already," Lee said, declining to mention them by name.
The company will begin producing samples of its chips by the end of the year. With mass production typically taking six to nine months after that, people could start seeing them in products by mid-2011, Lee said.

:news.cnet.com

Viacom, Google air dirty laundry in court docs

Court filings released on Thursday in the bitter $1 billion copyright fight between Viacom and Google's YouTube show just how far apart the companies remain, as the 3-year-old case winds through federal court.
Viacom, in 108 pages of court documents, portrays YouTube's founders as reckless copyright violators who were far more concerned with increasing traffic to their site than obeying the law. Even executives at Google, which acquired YouTube for $1.7 billion in October 2006, questioned the ethics of building a site through questionable copyright practices, according to the Viacom filings.

But in the 100-page document filed by Google, perhaps not surprisingly, the search engine tells a different story. Viacom is painted as a media giant trying to play it both ways: demanding that YouTube take down videos even while third parties were uploading Viacom content on the entertainment giant's behalf. More intriguingly, the parent company of MTV and Paramount Pictures was at one point interested in acquiring the video-sharing site, according to the documents.
"We believe YouTube would make a transformative acquisition for MTV Networks/Viacom that would immediately make us the leading deliverer of video online, globally," according to an internal Viacom slide that Google filed with the court.
Interesting as the documents may be, it's not clear which side will benefit most from the disclosures. Google argues that it is protected by the safe-harbor provision of the Digital Millennium Copyright Act, which says, in short, that if a Web site acts in good faith to take down copyrighted content as soon as it learns of it, and it has not benefited financially through advertising or other means, it is protected from a lawsuit. Viacom is attempting to pierce that protection by proving that YouTube employees, at the very least, knew of rampant copyright violations on their site and did little about it.
:news.cnet.com

Chrome Extension : Amazon Rocket

Amazon Rocket is access to popular products and Product cheap prices. Simple and fast as possible

download amazon rocket click

HTC Legend in April with Vodafone UK

The month of April seems to be a time of promise for the world Android in Europe, following news that the Nexus One will be marketed in April in England (and also in Italy), now check the news that the 'HTC Legend arrives on the shelves of United Kingdom in the same month.

The price in UK will be £ 399 from 12 April, probably in Italy will cost around € and 499. We recall that the 'HTC Legend is based on the Android operating system 2.1 Eclair, interface Sense of HTC, an optical joystick (instead of the trackball), a 5 megapixel camera and 3.2-inch AMOLED screen HVGA capacitive type.
Street: AndroidWorld.