Computer | TechBlogPlus

One of the upcoming solutions that should make a stand on the market is AMD's RS880, a new integrated package that is reported to come along with the company's new Radeon HD 4200 graphics core. In addition, the product is also said to be able to deliver up to 15 percent more performance than similar solutions available at the moment.

The integrat... (read more)

By Angela Gunn, Betanews

This episode of Recovery is brought to you by a city full of nerds prepping for the Seattle Zombie Walk, because your Rain City geeks are all about the BRAAAAAINS and their undead data centers, and by frequent Betanews commenter PC_Tool, who said something in a comment that got me thinking.

I wrote earlier this week about an essay by Richard Posner that suggested that what the media needs to survive in the era of the Internet is a ban on linking, excerpting and such. Conversations about business models and copyright belong with Lockdown, and we're still talking about them in the comments section there this morning. But there are some things no one talks about concerning the old-line media, and here in the friendly confines of Recovery, I thought I'd go ahead and say them, because they may confirm what you've suspected all along:

The mainstream news industry dug itself this hole by not staying smart, humble, hungry and focused, and now it blames the geeks.

Some of the incurious double-digit-IQ nonsense I've heard in the newsrooms of old-line mainstream publications would make the average geek bite a mousepad in half. Frankly, a lot of people with journalism degrees are the last people who ought to become journalists.

The idea of journalism as a white-collar profession, rather than a grubby old trade, is only a few decades old. As the profession became a more attractive line of work to the children of the middle and upper classes (because like the song says, there's only so much you can do with a BA in English), its practitioners wanted to retain some shred of elevated class identity, as they would have if they'd gone into medicine or the law. The job of journalism became less a matter of scrap and skill and shoe leather and more about one's educational (and, to some extent, cultural) bona fides.

One of the side effects of that was a change in college curricula to make journalism an actual pre-professional major, on alleged par with pre-law or pre-med. Suddenly you became a journalist by getting trained in journalism, as opposed to being trained in science or economics or business or statistics or any of those things journalists write about. That trend accelerated in the wake of Watergate, when it really did seem for a bit like you could save the world (and get famous and have movies made about you starring Robert Redford!) by going into the journalism business.

So now you have a whole bunch of people trained "as journalists" -- they know how to write headlines, they know how to conduct interviews, they own a copy of the AP Stylebook -- and holding a self-important belief that their education has given them a "profession" rather than a set of skills that could easily have been learned on the job. What they tend to lack, certainly at the beginning of their careers and often for a very long time after, is a necessarily deep understanding of the things they may be writing or interviewing about.

Reporters that really sink their teeth into a topic area often manage to triumph over their silly education, but that's not how the system's designed to work. Instead, the "profession" of journalism is supposed to confer on its people the skill -- and necessity -- of hopping between beats and publications to get ahead. This year you're covering the courts, next year you've jumped to the business section at a higher-profile paper in another town, five years from now with some seniority there you luck into the television-reviews beat. Nothing at all wrong with learning new things, but the mainstream career path doesn't lend itself to deep, sustained knowledge.

Compare that to the geekish life, where deep knowledge is major currency. Let's say you're a security nerd today; would you consider it a wise thing to absolutely turn your back on all that tomorrow and declare yourself the go-to guy on printing tech or HR or wiring? Do you feel that too much first-hand knowledge of your specialty and opinionated conversation with people involved in it might taint your ability to think clearly about matters? Do you think it's somehow embarrassing to be passionately interested in a topic? No and no and no and no? Let me tell you, friend, you'd have a pretty uncomfortable time around a lot of journalists, who would accuse you of going native, or worse.

(Mainstream journalists, that is. On the tech side, we may jump publications -- or, more accurately, all sort of revolve amongst the publications available; the joke among tech writers is that sooner or later every one of us works for everyone else -- but we try to build on expertise. It's one of the many, many things that causes large amounts of mutual contempt between mainstream journalists and us specialty-press types, but that's a topic for another day.)

Meanwhile, while the profession of journalism was trying to get middle-class respectable, the era of family-owned local newspapers (or regional chains) was ending -- consolidation was at hand, and the era of the publicly-held publishing company. This newspaper racket, in those days, was rather lucrative, but publishers were greedy bastards; even back when profit margins for newspapers dwarfed those of just about any other sector, it was nothing but cuts and belt-tightening for the newsrooms. That's public ownership for you, by the way; as the marvelous old fellow who owned that magazine of mine said many times, calculating a publication's success in terms of quarterly stock earnings is a counterproductive and ultimately deadly. (And that publication's fortunes slid right to hell after he retired and his kids sold the company, but that too is a story for some other time.)

Anyway, publications -- newspapers especially -- started casting about for ways to save, and they turned to the wire services such as the Associated Press, United Press International, Reuters, and so forth. Years before it had been a badge of honor for a writer to earn a position at such places; a wire reporter was the very best of breed, tried and true, in whatever topic s/he covered.

As the profession changed, though, the wire services changed too, shifting from a best-of-breed model to a churn-and-learn approach, eating up young journalists at alarming rates (and low pay, which meant the turnover was vicious). The movement to keep younger (cheaper) journalists in newsrooms and shed the older (more expensive) ones likewise led to increasing brain drain on newspaper staffs; you simply can't keep smart, experienced grownups around when you pay less than McDonald's or Wal-Mart.

Newspapers started relying on the wires to augment their own newsrooms... and then started cutting staff, figuring that many topics areas could be covered day-to-day with material "from the wire." That freed up staff in ever shrinking newsrooms, in theory to cover specific stories but in practice to do, always, more and more attention-getting (not to be confused with better) stories.

So you have these journalists, striving to make themselves a professional class and to earn honors for showy pieces of work, rather than the shoe-leather journalism of years past. You have publishers pleading poverty and leaning ever harder on the wire services to cover a growing number of "out of the way" places and topics. And you have wire services serving the same dishes to just about every newspaper out there. Most publications turned into a sludge of in-house "signature" pieces padded out by wire copy that read much the same in every one of the hundreds of papers running it -- islands of high-profile, sometimes blatantly sensational pieces surrounded by the same commodified coverage you can get anywhere else.

So when publishers whine about Google News, they're fussing about a system they themselves built -- because Google News, by virtue of the way the algorithms work, turns almost every so-called big story into a commodity, precisely because the newspapers themselves have homogenized their coverage. A really orthogonal story isn't going to make the front page of Google News, because there aren't enough others like it to trip the circuit. (I guarantee you that if I turn from this column and write the best news story in the history of the universe about, say, IETF RFC 4301, there is precisely zero chance it'll hit Google News, because no one else is writing about it today. That's just how it goes.)

The lions of the old-line press, in other words, left themselves no structure for very focused journalism on any but a few high-profile topics. Google News and its ilk pick up that trend and extend it to its logical end. The blogs, meanwhile, take up the very sort of reportage newspapers have been saying they can't do (ultra-focused journalism) and won't do (by writers who are primarily experts, not writers). Most of us here probably have never relied less on mainstream news sources -- or more on highly focused specialty sites, blogs, and data feeds written by people who know a great deal and have first-hand experience with the things they're writing about. There's a niche yet for sites like Betanews and people like me, who are generalists by virtue of not being actual IT folk or coders or governance wonks but have a knack for synthesizing data (and have a huge well of experience with the industry to draw upon). Such pubs are small and they will always struggle to make themselves known in the maelstrom, but we're better off that the big mainstream books, because we provide a product that makes sense in the link-anywhere, drill-down era of modern news.

It's a specialist world now -- figure out what interests you and focus on those topics via blogs and searches and feeds, rather than expecting any single generalist publication to be your gateway. Good general reporting is a proper and necessary counterbalance to that, and it's a damn shame the old-line publications can't provide that more consistently, since that's the evolutionary path they chose.

The most interesting task in online news right now isn't figuring out how to support an old business model and an old education model. It's figuring out how to support the big watchdog / investigative efforts -- the kinds of projects that made the reputation of newspapers in the late 1800s, made the reputations of the Blys and the Tarbells and the Lewisis and the Woodwards and the Bernsteins and all the eager idealists that followed in their path, and eventually ruined the thinking of awards-mad editors, publishers and writers who forgot what actually mattered to everyday readers in their everyday communities. A lot of online journalists, professional and citizen, are figuring out ways of doing (and funding) those projects, but the era of those acting as tentpoles to otherwise denatured wire-service delivery devices is over. And going forward, journalists are going to need to actually know stuff -- and care about it as much as their target audience does.

And now for something almost completely different: The Park Bench has, for those among you seeking a geek chick as a partner, a guide to How to Meet and Woo a Nerdy Girl. The comments may also be helpful to those of you pursuing this path, especially since they throw in some zombie-evasion information just in case. A full-service blog, that Park Bench.

Let your geek flag fly and have a great weekend.

Copyright Betanews, Inc. 2009

By Angela Gunn, Betanews

[NOTE FROM THE M.E. For over two decades, I've made a living in one way or another from being "the Windows guy." And in recent months, what you've been seeing from us at Betanews has been Windows 7, Windows 7, Windows 7 -- at one point, ten times in a row. Last month, I concluded our ongoing series about my picks for Top 10 Features in Windows 7. And I received a number of letters from folks who claimed that Linux did this first, or already did that several years ago, or does this better.

Really, now? Well, perhaps so. To find out for sure, I've commissioned a new Betanews series that seeks out whether, for features that Microsoft touts as supreme or new or of special value, similar functionality exists in some form or fashion for users of Linux client operating systems. To make sure I get a fair answer on this -- one that isn't biased in favor of Windows -- I've asked our Angela Gunn, who has more experience with Linux than I, to start digging. And to make sure she's digging in the right place, we've asked Jeremy Garcia, founder of LinuxQuestions.org, one of the Web's leading Linux user communities, to lend his voice to our evaluation. You and I are about to find out, once and for all, the answer to the musical question...]

Our subject today is full-disk encryption, that useful security tool that keeps data on your hard drive safe even if the drive itself is in peril. It's the feature that Microsoft would have you spend an extra $120 for when upgrading to Windows 7 Ultimate. We'll compare the Windows approach to the problem with that of a leading Linux contender. (Mac folk, your turn may come. And then again maybe it won't.) And to make dead sure that we're balancing out the Windows fans on staff (looking at you, Mr. Fulton), we've asked Jeremy Garcia, Founder of LinuxQuestions.org, to provide insight into the comparison.

With data and computing devices ever smaller and easier to lose (or abscond with), companies in data-sensitive industries as well as the federal government have gotten serious in recent years about protecting the data on a drive even when the drive itself has been compromised.

Enter full-drive encryption, which protects data at rest (DAR) -- that is, even when no one's actively trying to access the data, it's safe. (Arguments that data is only at risk when not at rest will be entertained in other articles; that's not what we're doing here. Also, though Seagate popularized the term "full disk encryption," it has passed sufficiently into common usage to be an effective category descriptor.) FDE also provides some protection from PEBKAC security vulnerabilities, encrypting temporary and swap files and relieving the user from the hideous burden of protecting individual files or folders.

Many would argue that BitLocker has no place in a conversation about full-disk encryption, because it doesn't encrypt the full disk; the boot volume is still separate, so really it's just a variety of volume encryption. Still, BitLocker is the go-to utility in the Windows realm for Vista machines and (soon) Windows 7 and Windows Server 2008 R2 machines -- not the only FDE option, or even necessarily the most robust, of course, but the one that's most easily available on modern versions of the operating system, since Microsoft bakes it right in. It's included in Vista Enterprise, Vista Ultimate, and Windows Server 2008. It utilizes Trusted Platform Module (TPM), the secure encryption processor present on some motherboards.

Redmond was, frankly, late to this particular party, releasing BitLocker in 2006. As for Linux, excellent encryption has been available for years for all levels of encryption -- individual files, whole folders, or entire drives/volumes. TrueCrypt began life in 2004 as a Windows-only product branching out to Linux in late 2005. (Linux Unified Key Setup, or LUKS, is another open source alternative that's included in Linux kernel versions 2.6.x, Garcia reminds us.)

"As you might expect, the Microsoft option is not Open Source...so you really have no idea about the quality of the implementation or the flaws it may contain," Garcia told Betanews.

Now let's take a look at these full disk encryption options feature-by-feature:

Trusted Platform Module support TPM is technology that doesn't sit well with everyone, and there are perfectly good FDE options that don't make use of the "Fritz chip." BitLocker can use TPM if it's there, but can be set up not to use it, especially for non-Intel vPro platform computers. "To use BitLocker on a computer without a TPM, you must change the default behavior of the BitLocker setup wizard by using Group Policy, or configure BitLocker by using a script," states Microsoft's documentation. "When BitLocker is used without a TPM, the required encryption keys are stored on a USB flash drive that must be presented to unlock the data stored on a volume."

Algorithms BitLocker uses the AES encryption algorithm in CBC mode with a 128- or 256-bit key, plus an extra "Elephant" diffuser; though AES is a public-domain algorithm, Microsoft's implementation is closed-source. TrueCrypt offers several AES flavors (AES, AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish AES), all with a 256-bit key, along with Serpent, Twofish, and Twofish-Serpent. The mode of operation in all cases is XTS, which is the IEEE 1619 standard for disk encryption.)

Multifactor authentication BitLocker allows additional layers of authentication -- a PIN, a thumb drive with a startup key -- as long as the utility has been enabled on a machine with TPM. BitLocker users can boot from the hard drive as they usually do; that is, with their usual Vista password (transparent mode) or, for added security, with a PIN and/or a USB key (on TPM machines). Also, for machines running a BIOS that can read a USB at the pre-boot stage, one can also boot in "USB Key Mode" -- very handy in case the user's lost the password. On the TrueCrypt side, two-factor authentication is likewise an option.

Next: If BitLocker comes pre-installed, isn't installation a factor in Linux?

Installation BitLocker drive preparation has been a notorious pain under Vista, with the necessary BitLocker Drive Preparation Tool available through Ultimate Extras and for Vista Enterprise and Windows Server 2008. (BitLocker has been incorporated into Windows 7 for machines with TPM.) Installation is notoriously cranky, and woe betide the user who doesn't partition the drive correctly -- two partitions are required -- before installing the OS.

On Linux, Debian has for years included the ability to set up a fully encrypted system right from the installer, if that how you prefer to go about it. TrueCrypt, on the other hand, has a wizard allowing you to create an encrypted file container, encrypt a non-system partition or drive, or encrypt an entire system partition or drive. The volume or drive must be empty of files before installation, but one needn't flush the entire OS.

I asked Jeremy Garcia if he would characterize ease of installation as a major concern for the community. "While I've never used BitLocker, it looks quite a bit more difficult to setup than TrueCrypt," he responded. "As you note though, most distributions now offer the ability to set up an encrypted partition right from inside the installer. Ubuntu uses dm-crypt behind the scenes. I actually wrote an article about TrueCrypt for Linux Magazine a while back, and the feedback I got did not indicate many people had install issues."

Extra protection The problem with FDE is that once the disk is legitimately accessed, it isn't protected at all from attacks by someone who has access to the unlocked machine. If your laptop is swiped while it's up and running, or if a file is plucked from the machine while it's unlocked, you're out of luck. However, TrueCrypt allows one to set up a "hidden" volume within the larger encrypted volume; in case access is gained to the drive, the volume appears to be simply a collection of random data. Individual files can also be encrypted.

BitLocker also allows encryption of secondary volumes, though if you're not yet running Vista SP1 it's a command-line setup process that even Microsoft's documentation says is for advanced users only. And the volumes aren't hidden. BitLocker cannot be used to encrypt individual files.

Thumb-drive protection Both BitLocker and TrueCrypt allow you to encrypt an entire storage device, such as a USB flash drive. Drives are encrypted in BitLocker must as any other drive would be; they'll work seamlessly with the machine on which they were originally configured, but to use them on any other BitLocker-enabled machine, you'll need to "Unlock Volume" and use the recovery key to gain access again. (If the machine doesn't have BitLocker, you're out of luck.) TrueCrypt allows you to encrypt an entire thumb drive, but you won't be able to actually run TrueCrypt from that drive. Instead, you'd create a file container on the USB drive, then store TrueCrypt alongside that container, after which you should be able to operate on any machine.

"You can't run BitLocker from that drive either, can you?" asked LinuxQuestions.org's Garcia. "It's really just a matter of having TrueCrypt on each machine you use, and as you mention, you can easily store a copy on an unencrypted partition on the drive."

Protection during hibernation Hibernation is not a great idea for machines running FDE for various reasons, including the threat of "cold-boot attacks" (see below). However, BitLocker does make a point of encrypting a hibernation file if one is present. TrueCrypt does not.

Key recovery When things go wrong, unless the administration has set up the system to store the private key on a removable drive, BitLocker users will need access to the local administrator account. With the individual user's account password, the key can be recovered -- it's stored on the local system. (This can lead to problems if the would-be intruder knows the admin password, obviously.) It's trickier with TrueCrypt -- under Linux, if the password or keyfile is truly gone, your data's locked on the disk forever. On the other hand, you've gained a lovely paperweight about which you can tell pitiful stories for years to come.

The TrueCrypt FAQ notes there is no "back door" provided for administrative users who need to find a way into users' encrypted drives when they've lost the password. However, there is a way for admins to enable themselves to reset the volume password and/or pre-boot authentication password.

Support On one hand, Microsoft. On the other hand, the TrueCrypt user forums. Choose your poison.

What about that freaky hard-drive attack with the canned air? As we learned last year, the "cold boot attack" can affect any FDE scheme that doesn't authentication before booting, whether it's coming back from a power-off or from mere hibernation. Researchers were able to reconstruct the all-important encryption key by switching on a shut-down machine fast enough to grab the residual electrical changes in RAM -- a time window which as it turned out lasts rather longer if you simply chill the chps to subzero temperatures. Almost no one was spared -- BitLocker, FileVault, dmcrypt, and TrueCrypt were all vulnerable.

Any interesting outliers in the FDE space? If you're seriously comparing Windows to Linux, it's a fair bet you're not too worried about whether a particular piece of software is free as stipulated by the GNU General Public License. But if you are looking for a GNU-compliant Windows package on the level of a TrueCrypt or a BitLocker, there is, of course, TrueCrypt for Windows itself. Also check out DiskCryptor, which bills itself as "the only truly free solution." DiskCryptor criticizes TrueCrypt for placing limits on what developers may do with that program's source code, and derides other packages as "fully proprietary ones, which makes them unacceptable to use for protection of a confidential data." And if, at the other philosophical extreme, your organization prefers to utilize TPM technology, Linux FDE options supporting the chip include CheckPoint and eCryptfs.

All that having been said, what's the verdict? With respect to being able to use full disk encryption functionality in Linux the way Microsoft intends for its customers to use it in Windows, the answer to this Can Linux Do This question...is yes.

Copyright Betanews, Inc. 2009

By Scott M. Fulton, III, Betanews

All throughout the testing phase of Mozilla's Firefox 3.5, we've been tracking the often very granular, very minor speed tweaks that developers have been making to the browser -- a one percent improvement here, a two percent dip there. And some of our readers have been wondering why. With computers that are already fast enough for many consumers, will it matter much that Google Chrome completes some operations in two blinks of an eye versus Firefox's three blinks?

We posed those questions to two of Mozilla's browser engineers: Senior Director for Platform Engineering Damon Sicore, and infrastructure developer Vladimir Vukicevic. Their answers include items we can share with you directly, and demonstrate to you explicitly.

A few percentage points here and there is the complete difference between whether some of the browser's new functionality works fluidly or doesn't really work at all. One test you can see for yourself is on one of Vukicevic's test pages: a high-contrast landscape photo complete with sliders that control the photo's relative brightness and contrast. Live image manipulation isn't particularly exciting, especially for folks who see this sort of thing in Paint Shop Pro.

But slide these two sliders around for yourself in Firefox 3.5, and watch how fluidly the browser responds to your motions, producing updates as fast as 12 frames per second on Betanews' quad-core test system. Then try this same page on Firefox 3.0, or something even older.

"What's important here is how fast the actual adjustment occurs, and how many frames per second you can get while doing this," Mozilla's Sicore told Betanews. "With Firefox 2, you get 0.18 fps, which is almost unusable. Your laptop will heat up, and it doesn't really necessarily enable you to make the changes you want to the actual image. But as we use Firefox 3.5, we can get 8.1 fps, and [even more increases] by tuning the JavaScript just a little bit." Betanews tests estimate that Firefox 3.5 performs with about 251% the speed of the final stable Firefox 3.0.11, in repetitive benchmarks. Those are the tools engineers use to reveal areas of the JavaScript engine that require improvement. In this particular test, the differences are way beyond 251%. In fact, with Betanews tests of this same page using Firefox 3.0 on the same system, after playing roughly, we were able to freeze the browser completely.

"One of the things we've been trying to do is figure out, what are the kinds of actions and applications that we want to see show up on the Web, that are greatly helped by having a faster JavaScript engine?" remarked Vukicevic. "What are the things you couldn't do before that you can now, once you have a significantly improved JavaScript engine? We use [benchmarks] to judge either peak performance, or performance under very specific conditions."

"In the TraceMonkey engine itself," Sicore added, "inside of JavaScript, we've focused on key performance benchmarks that we feel will reflect how the Web is being used today by people."

Another extraordinary demonstration of what a tad more speed makes possible, is the inline video/graphics injection demonstration we unveiled last week. There, an inline video played by 3.5's new inline video rendering engine can receive live overlays from any of six other graphical sources on the page, without slowing down the movie. This is the kind of mixing that has historically been the realm of fully compiled applications. But this is JavaScript, Web code, stuff you get online.

When you're developing a compiler or a language interpreter (which isn't just the engine for Firefox but also its "chassis," if you will), there is a performance threshold below which some functions such as this are not possible. Making Web engines faster by tenths of a degree makes feasible new classes of online applications that could not happen no matter how much faster the underlying computer becomes.

As one Betanews reader named Nick asked me via e-mail earlier this week, though, does that window of opportunity have a ceiling on the opposite side? Or as Nick put it: "I think it's great that all the main browsers are working to improve performance. The consumer actually wins! The improvements over the past five years have been so dramatic. But now, are we comparing three cars and how fast they can go from 80 to 100 mph, but the speed limit is only 65? In other words, can the human eye notice anything below a half-second? Another way to put the question, does Firefox, Chrome and Safari now get a A+ in performance, IE 8 get a 8 and IE 7 gets a C and IE6 gets a D-minus? [And] if so, is A+ the best they can get?"

If the speed limit were something set by the human eye alone, then perhaps the answer to this would be, "Yes." That's if we presume that all that a Web browser will ever do is recite Web pages like the one you're reading now. But as Mozilla and its competitors understand, that's not all the Web will be. For too many years, the speed of everyday processors has been locked away from the novice or experimental developer, only to be tapped through low-level languages such as C++ and C#. In the beginning of the computing era, BASIC was the way we learned to use our machines; today, typical users are no more compelled to program their own applications than to build their own automobiles.

Making JavaScript faster changes this equation, shifting the balance more toward where it used to be when the craft of computing was conceived. The feasibility of doing things like live video mixing through high-level languages (those that use interpreters) sets new speed targets that developers at Mozilla and Google, and evidently Apple and Microsoft (and our Opera readers will chime in at this point), will endeavor to reach. This week, Mozilla has reached that bar; I have no doubt that Google, whose Chrome browser already has a faster engine, will meet this challenge in due course.

But when the next class of applications makes itself feasible on a higher level (multiplayer online 3D games, anyone?), then suddenly "A+" will become more like "C." And the competitors in that field (assuming no one's messed up the Web browser market a second time) will endeavor to meet this new target. There may be a dozen or so people who don't really care, at least not at first, because Betanews will render pretty much the same in whatever new browser that comes along. But there will be a different class of developer, one who isn't as pleased with Nissan's 350Z as with the 370Z, who will raise his own expectations and who will contribute to the act of setting the bar higher.

Copyright Betanews, Inc. 2009

By Angela Gunn, Betanews

A fire that started at around 11:15 PDT Thursday night has taken a wide assortment of Seattle businesses, media outlets, and government services offline. It's believed that a fire in a data center at Fisher Plaza set off the automatic sprinklers, which in turn soaked the generators.

A partial list of affected businesses in Seattle shows the importance of the Fisher vault, which is located near Seattle Center and the Space Needle. (Grey's Anatomy fans will believe it to be the location of Seattle Grace.) The payment service provider Authorize.net was knocked out; that company has set up a Twitter account to keep clients posted as they work their way back online. Adhost.com is also offline, right down to the phone system.

The Port of Seattle's mail systems are down, as are Swedish Hospital's internal IT systems. Mars Hill Church's data center rests with the angels. Pacific Science Center's site is offline, as is geocaching.com. Local TV and radio station KOMO is operating from remote broadcasting facilities (translation: a truck in the parking lot). And some Verizon functions are hosted there, though it's not clear how widely the service has been affected.

As of about 10:00 am local time, tech folk were hearing that service might be restored within 2-4 hours. One beleaguered IT pro, who asked not to be identified, noted that he might have to send trucks down to load up his servers if things don't straighten out by then -- and that some of the affected machines haven't been offline "for years," leading to concern that they might not be able to fire back up again.

To follow progress on the problem or to see if a site or business with which you work might be affected, watch the #fisherfire hashtag on Twitter.

Copyright Betanews, Inc. 2009

By Scott M. Fulton, III, Betanews

In a comically blatant display of bravado this morning, George Hotz -- who gained fame last year as the first to post an unlocking utility for the new Apple iPhone -- has unveiled a new utility that he claims enables iPhone 3G S users to download, install, and utilize the applications of their choice, outside of Apple's and AT&T's control.

In so doing, Hotz -- who uses the handle "GeoHot" -- publicly paraded his prowess in front of Dev-Team, the independent group of iPhone developers who had been racing to produce a similar tool for this latest model. Complete with poor punctuation and curious references to "holes," Hotz wrote, "Normally I don't make tools for the general public, and rather wait for the dev team to do it. But guys, whats up with waiting until 3.1? That isn't how the game is played. We release, Apple fixes, we find new holes. It isn't worth waiting because you might have the 'last' hole in the iPhone. What last hole...this isn't golf. I'll find a new one next week."

The Purple Ra1n tool is currently for Windows users only, though Hotz says a Mac OS X version is on the way. 3G S users need the latest edition of iTunes installed. Although this tool apparently will not go so far as to dissolve the bonds between the 3G S and the AT&T exclusive carrier (which was a key feature of Hotz' last tour de force), a test by CrunchGear's John Biggs appears to verify that a relatively simple process may lead to 3G S users installing the apps of their choice.

Hotz' news came just hours after the Dev-Team, in its own blog, pleaded with its own loyal readers to wait just a little while longer. Its own Ultrasn0w tool (whose symbolism may also have been capitalized upon by Hotz' Purple Ra1n) is reportedly capable of being used with the 3G S without modifications, the team says, after having discovered that an exploit that affected the 3G's ROMs and led to its jailbreak-ability, can also be used with 3G S as well.

"This is great news, but how did it happen? Why didn't Apple fix this in their normal cat&mouse fashion?" the team asked rhetorically. "Well it seems this bootrom was cut in about the August 2008 timeframe, so the unintended early reveal of 24Kpwn earlier this year didn't affect the iPhone 3G S."

That being the case, Dev-Team may regret having made that announcement, which could conceivably have given Hotz time to respond and ace that latest "hole." However, it's apparent from his front page graphics that Hotz took some time to beautify himself, as the Purple Ra1n page today contains, besides the download link, a self-portrait worthy of a 1980s album cover. Suitable for framing, evidently. Pictured at right in 2008, a somewhat more youthful looking Hotz is seen here gazing unabashedly at CNBC correspondent Erin Burnett.

Copyright Betanews, Inc. 2009

By Angela Gunn and the Betanews Staff, Betanews

Seattle nerds are hereby ordered to appear in costume and with a canned-food donation in Fremont at 6:00 pm PDT today (Friday) to help set the world record for largest gathering of lurching zombies. (Zombies and silly world-record attempts: It doesn't get geekier. Xbox 360's even co-sponsoring, for pete's sake. Also, BRAAAAINS!) The pyrotechnicans among us are enjoined to keep safe.

Federal judge admonished (and that's all) for explicit material on personal site

The 21st century, believe it or not • Ninth Circuit Chief Judge Alex Kozinski, legendary for concluding his opinion in a certain high-profile free-speech case with "The parties are advised to chill," has been reprimanded after a yearlong investigation for having various explicit (but legal) photos and videos on his family's Web site.

The panel had investigated claims first made in the Los Angeles Times stating, according to the decision yesterday, "the "website" -- http://alex.kozinski.com -- included 'a photo of naked women on all fours painted to look like cows,' 'a video of a half-dressed man cavorting with a sexually aroused farm animal,' and 'a graphic step-by-step pictorial in which a woman is seen shaving her pubic hair.' Regarding the alleged public accessibility of the 'website,' the article reported that the Judge 'said that he thought the site was for his private storage and that he was not aware the images could be seen by the public, although he also said he had shared some material on the site with friends.'"

Friends? Oh, well...With apologies to the jurist, who once called blogs "hateful things", we link to three for the more interesting coverage of the decision. Law.com explains the 3rd Circuit Court of Appeals' reasoning. Ashby Jones at The Wall Street Journal (its Law Blog, in fact, but shh!) reached Judge Kozinski for a quote and reports that he is "pleased that today's unanimous decision reaffirms what I have said all along about my private files: They were kept on a private server and were not intended to be shared publicly." And AmLaw Daily, which does a nice job of explaining how a disgruntled lawyer started this particular ball rolling, links to the 41-page opinion, originally filed last June 5.

Californians gain access to database of lawmakers' votes

June 16, 2009 • MAPLight and the California First Amendment Coalition have prevailed in one of those lawsuits you can't believe anyone would have to file in the 21st century: Announced only yesterday, they've settled a freedom-of-information lawsuit against the Office of Legislative Counsel of California. And what do they win, Johnny Olsen? Why, a machine-readable database of state lawmakers' votes, upgrading the previous plain-text dump on the California Legislative Information site.

The two groups filed suit in December 2008 after repeated requests to the Office of the Legislative Counsel for access to the database used to create the previous plain-text site, which was clunky and very hard to search. Since then, the OLC has stepped up its game, launching a Web site that indeed provides the data -- to the two public-interest groups or anyone else visiting the site -- in a structured and machine-readable format. Thus propitiated, the CFAC and MAPLight.org withdrew their suit. Going forward, MAPlight will combine the legislative database with data on donations to California legislators, in hopes of daylighting the connections between money and political capital. And both CFAC and MAPlight will be keeping an eye on the next big legislative database, known for now as "Inquire."

Conviction stemming from MySpace suicide tentatively overturned

July 2, 2009 • There's a difference between not being convicted of a crime and being found innocent of doing wrong. Daily Kos, covering what appears to be the conclusion of the Lori Drew case, accurately states that the decision is most likely a win for free speech on the Internet... and now, please, may the grown woman who tormented a fragile 13-year-old experience "nothing but pain and anguish for what she's done." Other pertinent words in the piece by AmbroseBurnside include "vile human being," "disgusting," "people we hate or abhor," and "a true victory for all of us who love the freedom the internet allows and want to keep it safe from more government intrusion."

Would Albert have really signed his name to this?

July 2009 > Once again, AT&T is crawling into bed with the NSA to screen computer traffic.

Last May, President Obama made an explicit pledge not to use federal government resources to spy on private Internet users. "Protecting this infrastructure will be a national security priority...[which] will not include monitoring private sector networks or Internet traffic," the President said at the time. "We will preserve and protect the personal privacy and civil liberties that we cherish as Americans."

Despite that pledge, as first reported by the Washington Post this morning, DHS Secretary Janet Napolitano told reporters that her department would proceed with a plan initiated by the Bush administration to screen Internet content, with the help of carriers such as AT&T, but presumably in a manner that would protect civil liberties.

The "Einstein 3" plan would, among other things, route Net traffic from civilian agencies through a monitoring system designed to parse for attacks or other intrusion attempts. The Obama administration has been figuring out which pieces of that system they mean to keep. Privacy advocates have been briefed, and say there's a lot of work to do to make this system work.

Green Dam is offline and China is on the fence

Perhaps no time after July 1, 2009 > The Chinese government hasn't given up on the Green Dam project, but between diplomatic protests, inadequate notice to manufacturers, and no strategy for controlling Mac or *nix machines, Beijing appears to have put the stewpot back on the stove.

The Chinese government has not issued any new statements on the matter since June 30, although multiple sources are reporting that PC manufacturers have been allowed to go ahead with their plans to install the "Green Dam for Escorting Children" filtering software on their systems if they want to.

The question is now, do they really want to, especially in the wake of last month's University of Michigan security report from Prof. J. Alex Halderman and his team, who discovered that Green Dam may not only be un-authentic but could cause a greater security problem than it solves.

"We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors," Prof. Halderman's team wrote. "Once Green Dam is installed, any Web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition, we found vulnerabilities in the way Green Dam processes blacklist updates that could allow the software makers or others to install malicious code during the update process. We found these problems with less than 12 hours of testing, and we believe they may be only the tip of the iceberg."

Loretta Chao and Ting-I Tsai, writing for The Wall Street Journal this morning after weeks of great coverage of the situation, aren't so sure that by "postponement," China's IT ministry means "doing this within our natural lifetimes." Chao and Tsai noted that "obfuscating" by Chinese officials in the press could mean that the project's simply headed for permanent limbo.

Jammie Thomas-Rasset will appeal RIAA case

Apparently until hell freezes over > Think about it: Based on trial outcome, Ms. Thomas-Rasset is a less sympathetic defendant than Lori Drew. Copycense beats its collective head against the desk on our behalf.

Asteroids: The Movie

Coming in 2010 to a theater near you > Cue the Jerry Goldsmith music, and the Genesis effect creating a brightly-colored planet. The "Universal" letters come into orbit and the cloudless planet settles into place. A triangular ship comes into focus, fires little white pellets into it, and blows it into pairs of smaller planets. First two, then four, until the screen is full of them.

How much do you want to bet? Seriously, as The Hollywood Reporter first reported, some of the team who's bringing you the GI Joe movie this year is working on a script for Universal next year for the film adaptation of the immortal Atari 1978 coin-op game "Asteroids." No casting has been done yet, and no plot points have yet been revealed (or probably yet even created).

You think it even needs a theme song? Or just BOM-bom-BOM-bom-BOM-bom-BOM with a siren or something in the background?

Friday's tech headlines

The Register

• Police serving in the UK's Crown Prosecution Service are being encouraged to prep for court testimony by doing research on Wikipedia.

• Apple may just keep coming at Psystar with the lawsuits, but the Mac-clone maker is on its way out of bankruptcy and refuses to lie down: "When life gives you apples, make applesauce." Oh my.

• Apple has applied for a patent for software that'll help bad karaoke singers improve their grasp of pitch and key. Alert Stockholm.

San Jose Mercury News

• The next time someone tells you that bloggers can't also be serious journalists (good morning, Judge Kozinski), you tell them about Alison van Diggelen, the proprietor of Fresh Dialogues. She's not making money from it, but her brand of interview-based environmental coverage is professional in just about every other way that matters. Mike Cassidy tells her story.

• Clean tech took a beating like everything else during the recession, but biofuels, better batteries, and the like saw improvements in venture-cap funding during the quarter just ended -- and confidence in the sector is up too, Tracy Seipel reports.

Washington Post

• Prisons in Maryland hope to cut down on inmates' mobile-phone communications by jamming signals near the facilities, but there are legal and technical consequences. Henri E. Cauvin has details.

Los Angeles Times

• The Performance Rights Act, which would put over-the-air radio stations on the hook for paying royalties to artists (as well as composers, which they do now), is making those stations nervous. More on that in a minute -- but first, 22 straight minutes of commercials and three replays of the latest Beyonce single!

• Some products just don't sell outside the brick-and-mortar environment: Hershey, the chocolatier, will close its online store as of July 31. There are closeout discounts over there if that kind of thing interests you.

Copyright Betanews, Inc. 2009

ARCHOS has unveiled its next-generation PC tablet that breaks the line separating tablets from netbooks, the manufacturer claims. In this regard, the complete removal of the keyboard of the ARCHOS 9 PCtablet is advertised as an innovative move, as the company has shrugged off traditional input models altogether. Relying exclusively on a tactile interface the ... (read more)

According to the latest news on the Web, Santa Clara-based graphics chips maker Nvidia will release the second iteration of its ION platform with two times more shaders than the number featured on the current version. As many of you might already know, ION 2 should land on the market sometime in the fourth quarter of the ongoing year.
<br... (read more)

Sunnyvale-based chip maker Advanced Micro Devices came to the market with a new line of Opteron chips, shortly following the release of the six-core Opteron processor codenamed “Istanbul.” The new silicon solution, John Fruehe, director of Business Development for Server/Workstation products at AMD, says, comes under the codename &ld... (read more)