Recent Technology News

For example, if an internet customer in Belgium purchases an MP3 music file from a New York vendor's web site, then the New York vendor will have to determine (somehow) that the purchaser is in Belgium, and then will have to charge the appropriate VAT amount to that customer.

I always have to chuckle at these things. There must be a million ways for a purchaser to get around this -- hiding the fact that he's in Belgium when he makes the purchase. I'll be interested in seeing how the politicians work this one out.(See European Union 5/7/02 press release.)

We now have cameras watching us all the time anyway -- whether we're walking or driving down the street in many cities -- and some will send us traffic tickets if we go a little too fast. So it's not surprising that this technique is now moving to the retail industry. (See 10/12/01 Minneapolis/St. Paul Business Journal story, and also 5/1/02 Los Angeles Times article.)

Since 1996, Enron spared no expense not only for leading edge computers, but also SAP's financial software and Siebel's customer relationship management software.

But the real jewels are Enron's extremely sophisticated analytical software: It analyzes business conditions, weather, energy commodity prices, political strife, and other factors that affect energy markets, along with real-time information on the markets, and spot buying or selling opportunities well in advance of competitors, according to analysts. The information was fed wirelessly to a mobile workforce that could make buying and selling decisions from the side of the road. (See 1/21/02 InformationWeek article, and also the 1/21/02 Computerworld article.)

These programs use several different techniques to crack passwords. Some use brute force (trying billions and billions of passwords, until one is found that works). Other programs go into the protected file or operating system and simply change the stored password to a known value.

Most people use password cracking software to recover their own data in cases where they've forgotten the passwords, but these products' availability means that anybody's password-protected data or operating systems may have very little protection at all.

External Forces predictions:

• The IT industry will remain challenged, facing accelerated job losses and significant vendor consolidation.
• Safeguarding people, knowledge, systems and nations will take priority.
• Consumers will go online, finally, with the number using online account management doubling by 2005.

Business Behavior predictions:

• Short-term focus on expenses will squeeze IS organizations in 2002 as business demand for IT increases.
• Outsourcing and trusted suppliers will take more control as capital spending reduces in favor of operating budgets.
• Through 2004, businesses will continue to view the discipline of CRM as a critical component of corporate strategy.

Applications and Technology Trends predictions:

• During 2002, despite budget restraints, operational IT infrastructure will still need to anticipate and fulfill critical IT initiatives.
• More than 50 percent of mobile applications deployed at the start of 2002 will be obsolete by the end of 2002.
• By 2004, Web services will dominate deployment of new application solutions for Fortune 2000 companies.
• During 2002, leading-edge businesses will exploit application integration to generate business innovation.

(See January, 2002, research analysis from Gartner Group.)

Gartner's predictions paint a bleak picture for the computer industry. It seems like only a short time ago that we were developing "client/server" applications, and our major worry was that all computers would stop working on January 1, 2000.

A lot of people expected to make money from the Y2K problem, but almost no one did (except for some consulting firms who provided conversion services). People who focused too hard on Y2K ended up losing time to get on e-commerce bandwagon. Still, everyone did great on e-commerce in 2000 until the Nasdaq crashed early in 2001. Since then, things have been bad, and 9/11 made them worse. We've already had consolidations from client/server and Y2K shakeouts, and Gartner seems to be predicting e-commerce predictions this year, as the recession continues.

Gartner's predictions do point the way for new business, however. Customer relationship management (CRM) applications are an important part of the e-commerce revolution that we'll be in the middle of for several years to come. However, it's fairly clear that IT managers will no longer tolerate bloated development projects in CRM or anything else. Quick, low-cost solutions will be funded in 2002, and the you'll have to wait until at least 2003 for the bloated projects to start up again.

Meanwhile, some computer experts are questioning the multi-billion dollar estimates that appear in the media as the costs of recovering from various virus attacks. For example, the Code Red virus was serious, but did it really cost $2.62 billion to fix it? These figures always come from Computer Economics, a California-based research firm whose primary business is to advise companies on technology investment and marketing strategies. These experts claim that Computer Economics is hyping the figures. (See 1/14/02 Wired News article.)

There was a flap last week over an ad that referred to CNN news reporter Paula Zahn as "a little bit sexy." In a 1/11/02 Wall Street Journal article by Tunku Varadarajan, the following paragraph appears:

It is always painful to see people rated solely by physical appearance, and devalued -- whether by virtue of their beauty or their plainness -- because of it. But it was disingenuous of Ms. Zahn, a master-hand in a milieu where pleasing looks are a precondition of employment (just as strength is for firefighters or an Indian passport for computer analysts), to play the role of slandered female, her professional dignity besmirched by the male chauvinist pigs in the CNN publicity department.

Well, I thought I'd been doing systems and computer analysis all these years, but I guess I must have been doing something else. Well, Tunku, I'm ready to advance to the next level. Tell me -- what do I have to do to get that passport?

The developers of Grokster, LimeWire, KaZaa and BearShare all took advantage of a free installation software tool called "Clicktilluwin." Using this free software saved them the trouble of developing their own installation software. (Any software application needs to include installation software, so that the application can be installed on a user's computer.)

However, ClickTillUWin surreptiously installs DLDER.exe, a "spyware" program that track's the users' web pages. Evidently, the program does not damage the computer's hard disk, although neither the developer of the program nor the full purpose of the program is yet known. (See 1/3/02 Business Week article. People familiar with the ancient Greek classic, Homer's Iliad, will know that this article makes a mistake by calling DLDER.exe the "Trojan Horse"; actually, Grokster, LimeWire, KaZaa and BearShare are the "Trojan Horses." Also see the Grokster press release, and the LimeWire press release. )

There's a lot of free software available these days, and this incident illustrates an important lesson for corporate IT departments, as well as companies that develop software. If you include someone else's free software in your own software product, make sure that the source code for the free software has been published, so that there's a way of checking for little tricks like DLDER.exe.

A federal judge has given the FBI the green light to use Magic Lantern, saying that it "suffers from no constitutional infirmity." (See the 1/4/02 Wired News story.)

Now the Bush administration has increased the computer power that may be sold to certain countries (like North Korea). However, limits still exist, and so these countries will still have to purchase the most powerful computers from outside the United States. (See Reuters news article.)

However, in the last four years astronomers have reported evidence that the expansion of the universe is not just continuing but is speeding up, under the influence of a mysterious "dark energy," an antigravity force that seems to be embedded in space itself. If that is true and the universe goes on accelerating, astronomers say, rather than coasting gently into the night, distant galaxies will eventually be moving apart so quickly that they cannot communicate with one another. In effect, it would be like living in the middle of a black hole that kept getting emptier and colder. (See See 10/23/01 AP article. 1/1/02New York Times article.)

The selected top 10 words of 2001 are: Ground Zero, W. (Dubya), Jihad, God, Anthrax, Euro, Wizard, -stan (the Persian suffix used in names like Afghanistan), Oprahization, and Foot-and-Mouth. (See 12/26/01 press release.)

If you have a Windows XP system, then Microsoft has already included a utility program that performs the synchronization automatically, once a week. However, Microsoft's utility program connects to Microsoft's own time server, rather than one of NIST's servers, and Microsoft's server was providing the wrong times, as much as 9 minutes off. However, Microsoft has fixed the bug, and your computer should set the time correctly within a few days (provided you're connected to the internet). If you'd like to play around with XP's time utility, right-click the time display on the taskbar, choose Adjust Date/Time, click the Internet Time tab. (See article in the December, 2001, issue of PC World Magazine.)

Majestic was billed as "the game that plays you." It began with a concept reminiscent of "The X-Files," featuring shadowy corporations and government agencies involved in secret mind-control experiments. While most games sit quietly waiting to be played, the Majestic gaming system never slept. Gamers paid a monthly $10 fee to enter an environment of all-encompassing paranoia. The game flashed cryptic instant messages on their computer screens, faxed them mysterious maps and photographs, even phoned them at 2 a.m. with recorded threats, all related to the ongoing story line. The idea was to smudge the dividing line between fantasy and real life, much like the bizarre pseudo-reality that tormented Michael Douglas in the 1997 film "The Game."

The game was launched in August, but the number of active players "dropped like a cliff after 9/11," and now Majestic has been killed completely. (See the 12/24/01 Boston Globe article.)

The chip is raising privacy concerns if use of the implanted chip becomes widespread. For example, someone could "scan" an entire room of people, looking for people to rob. (See 12/22/01 Reuters article.)

Unfortunately, the economics of e-mail is the reverse of what it should be. It's essentially free for marketers to send out millions of e-mail spam messages, but it costs the recipients a great deal of time to sort through all the messages and delete them. Corporate e-mail servers are being clogged by spam, and worker productivity is being negatively affected.

The only good news is that spam is almost totally ineffective as a marketing tool, since people consider it to be almost totally garbage. (See 12/24/01 New York Times article.)

The Sharp PC-UM10 weighs 2.89 pounds, but has too many minuses, according to Mossberg: the optional external CD drive is clumsy to use, and the computer has no ports except a modem, an Ethernet port and a single USB port.

The Fujitsu LifeBook P weighs 3.4 pounds, has numerous ports and a built-in DVD drive that doubles as a CD recorder. However, battery life is poor, and Mossberg recommends purchasing the extra large external battery with it.

These computers cost $1,500 to $2,000, depending on what optional hardware you purchase. (See Walter Mossberg's 12/20/01 column.)

If those computers are too big, perhaps a flyweight handheld system using Microsoft's Pocket PC operating system might work for you.

According to a review in InfoWorld, the Compaq iPaq has been the industry leader to date, but now the new HP Jordana from Hewlett-Packard is blowing the iPaq away. The Jordana is smaller, lighter, and easier to use, and has more application programs available for it. However, the iPaq does have stronger expansion capabilities. Both machines cost around $600. (See 12/14/01 InfoWorld article.)

The weakness was discovered in August, 2001, in the 802.11 wireless encryption standard.

To solvethe problem, US security companies RSA Security Inc. and Hifn Inc. have announced a new key generation algorithm which makes wireless networks substantially more secure. (See 12/18/01 New Scientist article and also see 12/17/01 press release from RSA Security Inc.)

However, the technology is not yet available to create such a tape. The biggest hurdle would be mimicking the cadence and rhythm of human speech. Synchronizing a doctored soundtrack with existing video would also be tough, and technology that can synthesize Arabic speech is still in its infancy. (See 12/14/01 AP news story. See also the CNN transcript of the bin Laden tape.)

The decision regards computer code known as "DeCSS" which allows programmers to defeat the copy protection scheme in DVD movies. Eric Corley and his company, 2600 Enterprises Inc., has been prohibited by the court in distributing DeCSS code on its web site.

The idea of prohibiting a programmer from distributing his own computer code is bad enough, but the court decision contains an even more ominous ruling: Corley cannot even provide a hyperlink from his web site to another web site containing the code.

This is ominous because it means that any web site containing a hyperlink to another web site which contains any proprietary material might be harassed or prosecuted by the owner of the proprietary material. (See the 12/14/01 New York Times article -- link requires registration).

Thus, if the New York Times web site happened to contain some proprietary material, then not only could the New York Times be prosecuted, but so could any web site which hyperlinked to the New York Times. This would particularly target online an nnline journalist who wrote an article about how the New York Times web site contained proprietary material, and then provided a hyperlink to the web site.

The same restrictions would apparently not apply to a print journalist, who would be protected under the First Amendment.

The court used the following reasoning: A hyperlink is not protected First Amendment text, but is actually HTML computer code, which is to be prohibited just as much as the original DeCSS code was prohibited.

Incidentally, Eric Corley's web site is at http://www.2600.com .

This kind of nonsense by the courts comes from the fact that judges don't have much understanding of the technical issues involved.

Consider this: Between 1983 and 2001, a typical high end home computer hard disk went from 5 megabytes to 50 gigabytes. In another 18 years, it will have increased to 500 terabytes. Communications bandwidths will increase similarly. At that point, it will be possible to package, into a single file, MP3 versions of every song that's ever been recorded. Within a few more years, it will be possible to package every movie that's ever been filmed. Instead of swapping an MP3 file containing a single song, kids will be swapping a single file containing every song and every movie. There is no way that I know of for the music and motion picture industries to control this without Taliban-like laws.

The ominous DeCSS court decision is one step in that direction. Let's hope that the judges figure out the technical issues before more people are harassed and jailed.

• http://www.Amazon.com -- the clear number one winner.
• http://www.EBay.com -- auction site.
• http://www.LandsEnd.com -- especially because of its "virtual model," a three-dimensional figure you can careate with our measurements to see how a particular outfit might look.
• http://www.RedEnvelope.com -- gift shopping site.
• http://www.Gap.com -- good quality, great sale prices, online coupons.
• http://www.LLBean.com and http://www.JCrew.com -- Good products, well stocked.
• http://www.Expedia.com -- Travel site, reliable flight information.
• http://www.1-800-Flowers.com -- Offers next day, and sometimes same day, flower delivery.
• http://www.Dell.com -- Makes it easy to customize a computer from millions of different arrangements.

Here are some lesser known web sites, selected from the numerous runners-up:

• http://Bluefly.com -- clothing retailer.
• Butcher & Packer Supply Co. (http://www.butcher-packer.com) -- variety of specialty food processing items for the home.
• Design Within Reach (http://www.dwr.com) -- designer furniture and accessories.
• Emily the Strange (http://www.emilystrange.com) -- Clothing, accessories and books related to the cartoon character Emily, a gloomy 13-year-old.
• Go-Today (http://www.go-today.com) -- Low-cost, last minute travel packages.
• My Tailor (http://www.mytailor.com) -- Hong Kong tailors offering custom-made shirts online.
• Penzeys Spices (http://www.penzeys.com) -- Spices.
• Red Trumpet (http://www.redtrumpet.com) -- Pre-owned records and CDs, and high-quality audio and video equipment.
• Rejuvenation (http://www.rejuvenation.com) -- Period lighting and decorative hardware.
• R. Wood Studio (http://www.rwoodstudio.com) -- Funky pottery and gift site.
• The Writers Store (http://www.writersstore.com) -- Software, books, seminars for writers, screenwriters and filmmakers.

Yesterday (Friday, 12/7) at 3 pm, a Texas consultant called Fleet Bank to tell them of a flaw in their web site that makes personal data, including names, addresses and social security numbers of its 9 million users, freely available to hackers. All he got from Fleet officials was a runaround, and the site remained up, bugs and all, until almost midnight. (See 12/8/01 Boston Globe article.)

On Thursday, a judge ordered a shutdown of all Dept. of Interior web sites, in response to a lawsuit by Indian tribes claiming that web site security was so poor, that hackers could get in and read and even change data relevant to the tribes. 12/7/01 LA Times article.)

IT managers for web site development should not miss the obvious moral of these two stories: that you'd better implement improved quality assurance procedures for your web site. All software contains bugs, but if your accounting system cuts an invalid check, you can always get the money back; but if your web site lets hackers get your customers' credit card numbers, there's no way to get the numbers back. (See 11/28/01 META Group News Analysis.)

Since Green Lantern is essentially a virus, a controversy is developing over whether anyone can defeat Green Lantern by simply installing a virus protection program. So far, the two major virus protection vendors have been flipping around the problem.

According to an 11/27/01 article in the UK Register, Symantec's Norton Antivirus product would contain a backdoor to avoid detecting Green Lantern, "if it was under the control of the FBI."

And Network Associates Inc. has been bombarded with angry criticisms after a Wired News 11/27/01 story reported that its McAfee Antivirus software may contain a similar FBI backdoor.

This is an ugly situation which could really backfire on both Symantec and NAI. Many American users, and almost no foreign users, would want to purchase a product containing an FBI backdoor. Competitive products, especially from foreign companies, would have a big competitive advantage. And what happens when some hacker figures out how to take advantage of the FBI backdoor for his own advantage?

For decades, particle physicists have been searching for fundamental laws and equations of particle behavior. It was thought that once these particle laws were discovered, they could be used to derive the laws that solid state physicists use.

The problem is that particle physicists have been searching for these equations for decades, and have come up with nothing, nada, zip, and many people are beginning to question whether such equations even exist.

On the other hand, there are plenty of well-known laws at the solid state level -- conservation of energy and momentum, laws of increasing entropy, and of course Einstein's famous equation, e = mc², relating matter to energy.

If this trend continues, it would mean a major loss of prestige for particle physicists, and increased cocktail party bragging rights for solid state physicists, since the laws of the universe could only be defined at the solid state level, not the particle level.

More important, it might even mean that the fundamental laws of physics were different at the time of the Big Bang, 12 billion years ago, and that these fundamental laws are changing continually with time. (See 12/4/01 New York Times article.)

Here's a sample entry:

THIS IS NOT SPAM

Your name was obtained from an Opt-In Mail List,
Your name was referred to me,
*This message cannot be called SPAM under Senate
Bill: 1618 Title III

This is NOT Spam!
Hey Donna, Hey Sam,
Here's that info you requested!
You were chosen by someone to get this E-Mail,
You're in luck! YOU'VE BEEN SELECTED!!!

You're getting this message because you subscribed,
In response to your submission,
To be unsubscribed there's no need to reply,
This is a one-time transmission.

Click Here to be removed.

(Note: This poem written entirely with actual phrases contained in Spam emails.)

A new standard was needed because the old one, DES (Data Encryption Standard) was thoroughly hacked a few years ago. Any DES-encrypted message can be recovered by a hacker within a few hours, so many companies have been using triple-DES, which applies the DES algorithm 3 times. It's secure, but it takes forever.

In 1999, Commerce's National Insitute of Standards (NIST) announced a worldwide competition to come up with a replacement, and in a 10/2/2000 press release, NIST announced that it had selected a winner: Rijndael (pronounced RHINE-doll), named after its two Belgian inventors, Vincent Rijmen and Joan Daemen (both male), subject to a year-long review by NIST and anyone else.

In a 11/26/2001 press release, NIST announced that the review was over, and Rijndael is officially the AES. Rijndael is both secure and fast.

Anyone interested in more information about AES should check out the NIST web page on Rijndael at http://csrc.nist.gov/encryption/aes/rijndael/ . The Rijndael algorithm is in the public domain (a requirement of the competition), and so NIST provides sample code written in C++, with other languages available as well.

Although DES lasted only 20 years, AES should last a lot longer. According to one estimate, if someone built a giant computer using every particle and atom in the universe, it would still take trillions of years to hack a Rijndael message.

I did a large "virtual private network" implementation using Rijndael, and found the public domain code quite easy to work with.

However, if you're thinking of doing a homegrown application using Rijndael, remember that the most difficult part of the implementation may be managing the encryption keys securely. No encryption algorithm is secure if the encryption key is written on a note taped up on your computer screen!

However, a recent Gartner Group review of Baan's product roadmap found that the company is showing renewed strength by focusing on its strong core markets -- discrete manufacturing firms in these vertical industries: automotive, electronics, industrial machinery, aerospace and defense, and logistics. (See 11/21/2001 summary by Gartner Group analyst Brian Zrimsek.)