Slashdot Mirror

See: Encryption restrictions in China.

"If you encrypt data in China, you have to provide the Chinese government the ability to access the keys. By this regulation, the Chinese should be able to get access to [Secure Sockets Layer]-encrypted traffic, too."

It's basically one big Charlie-Foxtrot over there. But if you want to avoid being found out and thrown into a Chinese jail cell, you had better play it safe.

Unix was killed by the high price of licenses ...

... With the license for Windows NT ...

Interestingly, the tide is turning again. Despite the ongoing anti-competitive activities, people realize that they've been burnt by MS, even if only as a result shelling out for software assurance. Though many have a longer more serious list of grievances and disappointments. With all other options gone, that basically leaves only 'Linux'. As a result we are now seeing that sales of Linux servers have shown 15 consecutive quarters of growth. That's sales not general market share which would also include Linux servers installed over other operating systems.

You are reading Slashdot on a free day pass. Thanks for the support.

Ask Slashdot: What Corporate Email Limits Do You Have?
Posted by

Cliff

in The Mysterious Future!

from the drives-that-are-bursting-at-the-seams dept.

roundisfunny wonders: "We currently do not have any mailbox restrictions for our Exchange users - which has led us to have a 420 GB mail store for 320 users. Our largest mailbox has over 13 GB in it. One of the main concerns for us is the time it takes for a restore. We have encouraged archiving, but now have 250 GB of .pst files. What sort of limitations does your company have on mailbox size, amount of time you can keep mail, and archives? Please mention your email platform, type of business, and number of users."

IT: Harvard Offers Sneak Peek Into Their Network

Posted by

ScuttleMonkey

in The Mysterious Future!

from the what-makes-you-tick dept.

Bob Brown writes "Harvard University doesn't usually talk much about its internal network, but here, the guy overseeing it opens up about the homegrown and commercial tools used to manage the massive system." From the article: "Harvard, as of late, has been exhibiting another telco trait - considering the network as part of the university's critical infrastructure. As such, its construction is considered during the initial planning phases of building renovation, new construction and campus expansion projects. The data networks that are being built today, at Harvard and similar institutions, are being built to host a variety of IP-based traffic. Most every physical-plant control device, whether it be security cameras, chilled water-valve actuators or parking garage card readers, are being designed to work with the IP network"

This story is currently under construction.

Games: Come the Revolution

Posted by

Zonk

in The Mysterious Future!

from the up-against-the-wall dept.

GamesIndustry.biz has a piece looking at what game developers think will be req

Anything that can kill the XML boondoggle would be a good thing. The too-numerous WS-* groups have been doing a pretty good job of overspecifying XML-related standards (and of pulling standards out of their collective WS-ASSes when no prior art exists - an even better way to produce unuseable standards).

And the death of XML would leave Web Services untouched, since XML is unnecessary for RESTful Web services.

Don't forget that money came from charging 4 to 5 times the market value of the products (most vouchers were never cashed so there was in practice no punishment) and from scams like Microsoft Software Assurance.

Until radio Internet access forms an uninterrupted coverage area, Internet radio will be relocatable, not truly "mobile". Like the difference between a "luggable" KayPro PC and a Palm Pilot, only convenient mobility will be palatable to the masses (not just geeks, early adopters, and scattered specialists). That limitation means not only that cost will remain prohibitive until industrial scales are marketable, but that the network won't really be populated enough to really be social - except as an echo chamber of the same hackers and antisocial worker drones we've already got on Slashdot ;). That might have been better for Usenet, before AOL piped into the Internet, but the path to riches and humanization runs right through the washed masses.

WiFi (and its descendants) will be just the place to settle down, or breathe free. But hotspots will be spotty for some time, as our society's P2P buildout continues inexorably, but unplanned. The way this environment will reach a basic mobility platform includes interspot coverage by barely-adequate 3G "phone" networks, with roaming among them and hotspots, interchangeably. Motorola has announced a WLAN/GSM roamer due by Q32005. BT promises a WiFi/GSM "phone" by Q42005, and is launching a Bluetooth/GSM project. These vendors are trying to both extend cell/PCS service to enterprise WLANs (SCCAN), and roam VoWLAN connections to cell/PCS networks (UMA). And the IEEE already has a new "WiFi" descendant, WMM, that promises better roaming and QoS over the WLANs, for seamless telephony interop.

The upshot for devices like this cute little inFusion Internet radio is popularity well beyond shoppers at ThinkGeek. Which bigger global market means cheaper devices, easier to use, and more jobs for geeks. But it also means a bigger audience for content, within which niche producers can find supporting consumer scale for even the least popular content. So the leveled multimedia playing field can support people who tie other people together across the globe. Let's get it on!

"We are only doing POSIX as a checkbox, so we can get government contracts..."

Thus a few years later, MS is getting sued because of a landed US Fed Gov't contract (DoD, I believe) where the RFP called for a POSIX-based solution.

A bunch of other POSIX "experts" get together while the trial is going on and decide they can implement this thing. They form Softway Systems, producing Interix, and get acquired by MS.

MS at the time had an SFU (Services for Unix) pack that included MKS tools.

Somewhat interesting (though not surprising) is that some of the principals at Softway are former MKS employees.

I expect that an alpha version of "Shorthorn" will get pushed out the door in December just to justify claims that it was ready in 2006. The only way for MS to gain marketshare over PDF would be to leverage their desktop monopoly to break into that new market currently occupied by PDF.

Even if the licensing were just a rubberstamp issue (which it probably isn't) with MS giving the nod till all who request it (which it probably won't), dealing with the paperwork is an unreasonable hurdle and PDF still wins. Publishing is about reaching your audience and that's where a freely available, documented format like PDF comes in. Yes, it's owned by Adobe, but anyone can implement a writer or a reader. Metro fails on that due to licensing restrictions.

the real requirements for this thing could be huge

It would also ensure a captive market for all those new DRM'ed CPUs (e.g. La Grande from Intel) and BIOS (something from Pheonix) that folks swore up and down they'd never buy, which just happen to be in the new boxes...

There's a real demand for an escape path, especially something that runs on the old hardware: NT is dead, and 2000 is being put out to pasture, and many got burned in the Software Assurance scam. I'd expect that Redhat, Suse and independent companies providing linux services and support would capitalize on this.

I decided to make a search on google for "just works"...seems its everyone's sales pitch at some stage or another:

- http://www.artima.com/spontaneous/upnp_digihome.ht ml
- http://www.nwfusion.com/columnists/2002/0715mustha ler.html
- http://www.apple.com/switch/whyswitch/
- http://bashburn.sourceforge.net/
- http://www.oreillynet.com/pub/wlg/6037

... just to name a few.

Also here is a page with an interesting write-up about "It Just Works": http://c2.com/cgi/wiki?ItJustWorks

1. Immature person tries out the emergency call just to see what happens or if it really works.
They actually don't mind if you call to test right now, though they may put you on hold if it's busy. It's a lot better to find out your address is wrong during a test, than when you can't talk.

2. Creative but malicious person writes virus that triggers this technology.
That's already been done - some guy wrote a virus that made WebTV dial 911 w/o the user knowing. Ended up getting 6 months in jail for it. Link!

All the new enterprise WLAN providers have this capability - Aruba, Trapeze, Meru, etc. The enterprise WLAN players are looking at voice over Wi-Fi bigtime. See a recent review from Network World

Personally, I don't think Congress should be making an anti-spyware bill. It's stupid, and a waste of time and money. What they SHOULD be doing is coming up with a bill that forces companies to be more straightforward with their EULAs. Certain things should have to be hilited, and restated in non-legal terminology.

What congress should be doing is setting statutory civil penalties, like $5000 or actual damages whichever is more, for distributing software that deliberately or even negligently damages your computer. So you can sue them for your damages.

Damages are trebled if there is deception involved, like a multi page EULA such as used by Gator (Claria) & 180Solutions and described at http://www.benedelman.org/spyware/installations/3d -screensaver/

In the recent news 180solutions is complaining about CA and their PestPatrol product which removed the 180solutions spyware product, and Gator threatens to sue CA over removal of their spyware.
See http://www.nwfusion.com/news/2005/040405-spyware.h tml
The above article is well worth a read.

6 or 7 years ago i worked in a company which considered to put the whole V5.2 (US GR303) into ASIC and speed up telecom switches.

IBM 430/440 has some "TCP" fetaures inside like IP header checksum calculation.

true, i did not read the patent, but smart chips (and NICs) is not something new. SCSI first of all is a smart HD controller.

One US startup attempted to put H.323 (VoIP) into single chip together with TCP/IP

Something like this, or this, you mean ? Or maybe this, or one of these ?

You'd think. You'd hope. But it's not to be.

Realistically, there are too many nonlinear interactions between the universe of Windows applications and the OS for even Microsoft, with all its resources, to test exhaustively. [I know, clean interface design would cure or substantially reduce those side effects, but there's too much water under the bridge now.]

That's why there's outfits that specifically try to pull apart and find out what happenned each month that Patch Tuesday occurs.

Sure took a long time. The concept of perpendicular recording is relatively old - I remember work being done on it back in days when Microsoft was a cute little monkey. Here is a nice link that explains the process: http://www.wtec.org/loyola/hdmem/02_03.htm/ Intel has a note on it - no date, but this is for floppies... http://support.intel.com/design/archives/periphrl/ docs/7281.htm Toshiba is working on this technology: http://www.nwfusion.com/news/2004/1214toshitous.ht ml/ The technology was used in tapes in 2002: http://www.internetnews.com/storage/article.php/15 01631

I think it refers to pulling out an ARM: designing processor cores and licencing them to be manufactured by third parties (or licencing parts of the technology used).

It could work if they do it right: Transmeta has a bunch of CPUs with very interesting technology and low consumption, which are in high demand these days - for embeeded systems mainly.

Good article from all the way back in 2004 regarding where this is actually pointed. http://www.crn.com/showArticle.jhtml?articleID=510 00391&flatPage=true

Would Sun rather see Linux go away? Sure, but they also believe in it enough to sell it. http://www.sun.com/servers/entry/v20z/index.jsp

These are quotes directly from they guy heading up EDS's strategic alliances. Not from members of the strategic alliance - has anyone asked Ellison if he thinks Linux is insecure, prone to unfriendly forking? Guess not. http://www.oracle.com/events/unbreakablelinux/inde x.html. Guess not.

Cisco? Well lets see they have linux running on some of their hardware, and apparently its good enough for their engineers to run http://www.nwfusion.com/news/2005/0216cislinux.htm l

So lets round out the list...

EMC - http://www.emc.com/products/systems/linux/index.js p
Dell - http://linux.dell.com/
Microsoft - http://www.mslinux.org/ Err, umm - ok maybe not.

Story here.

I agree that "one size fits all" doesn't work. But with the plethora of licenses avaliable today, why create another one?

I mean, I'm a developer. It's horrible to scroll over all these "custom licenses" just to find out what's the catch. You mentioned Mozilla, Apache, OpenBSD, X.org... what does CDDL gives to Sun that those licenses doesn't? Or, better yet: What does CDDL gives us?

My opinion about Sun is the same that I have about opensource.apple.com (BTW, I like Apple a lot more than the scumbags at Sun): They only want to cut development costs "outsourcing" the development to the FOSS community.

Sun is free to do whatever they want with their ancient Unix. They can even pay SCO. I don't care. I will still recommend other better alternatives than Solaris. That is part of what freedom entails.

I just happened to read this today... It is another review of Solaris 10 and includes some limited comparisons to RHEL. Nothing exhaustive as far as the benchmarks go, but it's a pretty good review.

After 30 years nobody has found and come public with a way around DES

Like I said, the keyspace is just one problem. After it became ridiculously easy to crack DES then people stopped trying to come up with better ways to do so. Look at the link I provided before, DES is still vulnurable to time-memory trade off attacks (needs about 1 TB of storage and 5 days of computation with a normal computer), differential cryptanalysis, and linear cryptanalysis. Triple-DES also suffers from DES's chopping off of the last bit in every byte of the key, dramatically reducing the keyspace (2^128 compared to 2^112). The other problem with Triple-DES is that it is slower than AES or most other algorithms. Here are some more reasons that AES would have been a better choice than Triple-DES.

Tires blowing out due to design flaws can end someone's life. Spyware infecting a computer due to design flaws can cause someone to format their hard-drive.

Seriously, why would anyone think this stuff is in danger? As if SBC wouldn't see it as an asset, part of their "goodwill" portfolio.

Don't trust a company that lists "goodwill" as an asset on its balance sheet.

Do you recall the issue where Sun complained that Microsoft was undermining Java by using its own polluted and incompatible version of the JRE - which (funnily enough) had security holes in it which Sun's JRE didn't?

Microsoft announced that it would elliminate a JRE from WinXP altogether.

Microsoft stated - to justify what it was doing - that it didn't feel bundling gave an advantage, and that it was easy enough for anybody to download Sun's JRE.

Isn't it funny how Microsoft has changed its view. Now, Microsoft would have you think that Windows was severely hampered by not having WMP bundled with it. People having to download it is just terrible!

Microsoft still doesn't mind people having to download megabytes worth of patches though.

I belive MS has already stated that a multi core CPU will be treated as a single CPU

it's called 802.11i. Read about it here.

If you are really curious go find the IEEE standard documentation.

Don't forget all those sucker companies that bought Software Assurance contracts and saw them expire without getting anything in return.

Microsoft's latest move should be a challenge to other software makers as well. They've decided to count dual-core cpus as a single processor for pricing purposes.

"Motorola ... launched its CN620 phone, a dual-mode GSM/Wi-Fi device that can make and receive voice calls on a cellular network or enterprise WLAN."

Examples of simple Application Service Providers (ASPs) even you may use today:
- Virtual webhosting
- E-mail providors
- Online Fax providers (delivered to e-mail type)

This has been talked about for years now (practically as long as I remember the internet being around, maybe before). From an artical written in 1999, "IBM rolled out a series of new hosted business applications that support critical accounting, human resource and sales automation services for small and midsize businesses."

Really, it's just an old idea made new . In 1999 they were asking if it would work. however it sorta went by the side when it came to the sort of all-in-one solution we are talking about now due to the lack of high speed connections for enough people. There are however lots of firewall providors, managed VPNs, managed intrusion detection services, managed anti-virus and content filtering, managed vulnerability assessment and emergency response, and some that to a bit of all of the managed security.

If you want to read more about HOW they are talking about doing it here is a link to a few white papers to puruse on ISPs providing these services.

Examples of simple Application Service Providers (ASPs) even you may use today:
- Virtual webhosting
- E-mail providors
- Online Fax providers (delivered to e-mail type)

This has been talked about for years now (practically as long as I remember the internet being around, maybe before). From an artical written in 1999, "IBM rolled out a series of new hosted business applications that support critical accounting, human resource and sales automation services for small and midsize businesses."

Really, it's just an old idea made new . In 1999 they were asking if it would work. however it sorta went by the side when it came to the sort of all-in-one solution we are talking about now due to the lack of high speed connections for enough people. There are however lots of firewall providors, managed VPNs, managed intrusion detection services, managed anti-virus and content filtering, managed vulnerability assessment and emergency response, and some that to a bit of all of the managed security.

If you want to read more about HOW they are talking about doing it here is a link to a few white papers to puruse on ISPs providing these services.

With the dramatic improvements in spam filtering software, getting rid of spam is no longer the technical problem it once was. In my experience as a consultant to email administrators and as a market research in the messaging industry, other, derivative problems are now taking over. And these problems are the result of filtering.

There are several problems that now plague email administrators: 1) satisfying the vast resource requirements of a modern email filtering system, 2) handling an increased flow of end-user complaints (yes, increased), and 3) dealing with false positives.

Everyone knows that spam is an enormous problem. The 75% number quoted in this article is conservative. Many organizations I work with receive in excess of 90% spam. Dealing with a problem of this magnitude is of course absolutely necessary -- and most large companies have by now installed a spam solution.

Unfortunately, implementing a large scale spam filtering solution requires rolling out sophisticated enterprise software and managing expensive, complicated, and high maintenance storage devices. This storage is mostly eaten up by the spam quarantine (or "junk mail folder") -- something that is necessary to deal with the possibility of false positives.

Even assuming that the system is correctly installed, maintaining it is an ongoing nightmare. And with a spam filter in place, end-users tend to assume that any spam that does get through is the result of a system failure that should be reported immediately as a trouble ticket -- adding to the email administrator's burden.

Finally, even though the latest spam filters are pretty good at what they do, if you're looking for a 95% spam rejection ratio, getting a false positive rate of less than 0.5% in the real world is a challenge. And while most false positives are things like newsletters that you don't normally care about, occasionally something critical is eliminated. When that happens, the email administrator can lose his job.

So what does he do? He tunes down the capture efficiency of the filter to drop the false positive rate. In a recent survey, Sophos PureMessage (one of the big iron enterprise anti spam solutions) had a capture rate of 90% and a false positive rate of 0.04% (Network World Spam Survey from December 2004). IMHO, 90% is a terrible capture rate that would result in an unacceptable flow of end-user complaints. Why did Sophos tune their product this way? Because false positives are the number one concern of email administrators.

Bar none. Number one.

False positives get you fired. Spam gets you a few more trouble tickets. You decide.

Spam filtering will always be necessary, but a complete rethink is required to take the problem resolution to the next level without the attendant drawbacks of filtering. The rethink involves end-user authentication (read: this is not the same thing as SenderID's domain authentication), something that can be implemented today using an aliasing system.

And the issue of spamtool/zombie identification is a real one; thanks for bringing that up. As is the much more important issue of the 'sending' IP address. The 'sending' IP address problem in this methodology is one that can be dealt with by a good product (and several products can and do deal with it just fine); some others are so restricted that they cannot work effectively except as first hop. To me, that's a bug. I had one VP of Marketing scream at me "no one ever puts our product anywhere except as first hop," and I barely held back from saying "yeah, that's because your product is such a piece of crap it can't go anywhere except for first hop."

However, the "looking at the SMTP conversation" part is impossible to really deal with. But, I'll note that the majority of the products sit on top of an MTA. Either they install for themselves or they use tools like sendmail, qmail, or (for Windows boxes) the MS SMTP MTA. So those products don't actually know anything about the SMTP stream. There are a few products that specifically brought up this issue because they DO look at the SMTP stream, and they probably did not do as well. How "not well?" Maybe a couple of percentage points in spam catch rate. Maybe less.

In the review, I wrote a short side-bar where I admitted this up front: (http://www.nwfusion.com/reviews/2004/122004spamsi de5.html) "You may notice our numbers are not as optimistic as the marketing literature from vendors' products. There are four reasons for this:

1. Side effects from our test bed probably shaved a few points off of each product's ability to identify spam. ..."

I also brought that issue out when I wrote : "The false-positive and false-negative rates we found are useful for comparing products but a real installation will likely have a lower false-positive rate and higher spam-catch rate." (and mention things like the SMTP catch rate) in http://www.nwfusion.com/reviews/2004/122004spamsid e.html

OK, so now that I'm done defending myself, what's the point? Well, one of the vendors told me "you know, all these products basically have no false positives and catch all spam." But that's completely wrong. We discovered a bunch of products that are still dark-age when it comes to catching spam, ones which have enormous false positive rates (in particular).

However, if you look at the top 10 or 12 products, you can see that while there are differences, they are not showing a huge variation in behavior.

What this means is that you can take a test like mine and use the spam catch rate/false positive rate as a "first cut." Because I believe that where you want to make your buying (or implemention, in the case of open source) decision is based on things besides just spam catch rate/false positive rate.

We have to do the FN/FP rate tests just to say "you must be this high to attack this problem." But from then, there are huge differences in the products, and that is what is important. I don't want to seem like I'm lashing out at the people who say "oh, I use (insert product here) and it never falses and never misses," but those folks just don't get it. It's not the spam catch rate that differentiates the products; it's everything else.

An easy example is CloudMark. Talk about Zen. This product doesn't do

And the issue of spamtool/zombie identification is a real one; thanks for bringing that up. As is the much more important issue of the 'sending' IP address. The 'sending' IP address problem in this methodology is one that can be dealt with by a good product (and several products can and do deal with it just fine); some others are so restricted that they cannot work effectively except as first hop. To me, that's a bug. I had one VP of Marketing scream at me "no one ever puts our product anywhere except as first hop," and I barely held back from saying "yeah, that's because your product is such a piece of crap it can't go anywhere except for first hop."

However, the "looking at the SMTP conversation" part is impossible to really deal with. But, I'll note that the majority of the products sit on top of an MTA. Either they install for themselves or they use tools like sendmail, qmail, or (for Windows boxes) the MS SMTP MTA. So those products don't actually know anything about the SMTP stream. There are a few products that specifically brought up this issue because they DO look at the SMTP stream, and they probably did not do as well. How "not well?" Maybe a couple of percentage points in spam catch rate. Maybe less.

In the review, I wrote a short side-bar where I admitted this up front: (http://www.nwfusion.com/reviews/2004/122004spamsi de5.html) "You may notice our numbers are not as optimistic as the marketing literature from vendors' products. There are four reasons for this:

1. Side effects from our test bed probably shaved a few points off of each product's ability to identify spam. ..."

I also brought that issue out when I wrote : "The false-positive and false-negative rates we found are useful for comparing products but a real installation will likely have a lower false-positive rate and higher spam-catch rate." (and mention things like the SMTP catch rate) in http://www.nwfusion.com/reviews/2004/122004spamsid e.html

OK, so now that I'm done defending myself, what's the point? Well, one of the vendors told me "you know, all these products basically have no false positives and catch all spam." But that's completely wrong. We discovered a bunch of products that are still dark-age when it comes to catching spam, ones which have enormous false positive rates (in particular).

However, if you look at the top 10 or 12 products, you can see that while there are differences, they are not showing a huge variation in behavior.

What this means is that you can take a test like mine and use the spam catch rate/false positive rate as a "first cut." Because I believe that where you want to make your buying (or implemention, in the case of open source) decision is based on things besides just spam catch rate/false positive rate.

We have to do the FN/FP rate tests just to say "you must be this high to attack this problem." But from then, there are huge differences in the products, and that is what is important. I don't want to seem like I'm lashing out at the people who say "oh, I use (insert product here) and it never falses and never misses," but those folks just don't get it. It's not the spam catch rate that differentiates the products; it's everything else.

An easy example is CloudMark. Talk about Zen. This product doesn't do

IronPort Systems, a messaging appliance vendor, was asked not to participate in the test because Opus One has an existing consulting contract with this company - including them in the test would have created a conflict of interest. If you are interested in IronPort's spam catch rates, you can infer them from Borderware or Symantec's numbers because all three are based on the same anti-spam engine.

...

Full disclosure statement - After last year's test naming the Postini anti-spam service as one of the top products, Opus One signed up as a paying customer of Postini. Some of the companies participating in the test thought that this would present a conflict of interest. We feel that any test lab that hasn't already implemented an anti-spam system by now could hardly be considered qualified to evaluate how such a product would work. In addition to Postini, Opus One is a customer or purchases products or services from Symantec, Sophos, NetIQ, Ipswitch, and Process Software, all of which participated (or wanted to participate) in this test.

No sweat. Thanks.

clickable:

last year's review.

They tested 16 products. Postini "won", and MX-Logic got 4th place with 77% accuracy and a 0.5% false-positive rate.

"In last year's test, false-positive rates were much higher, and we said a quarantine was a critical requirement. This year, while the false-positive rate has dropped overall, we still think that most businesses using e-mail as a critical communications tool need some way to deal with false positives."

I never thought I'd get to use it... but... RTFA jackass. Don't just see a question and post something about it. Answer: http://www.nwfusion.com/reviews/2004/122004spamsid e6.html

RTFA:
We also reached out to the SpamAssassin community (see "What about SpamAssassin?"), but couldn't find someone who could act as a representative for support and configuration assistance. However, two commercial vendors, Roaring Penguin (on Unix) and NoSpamToday! (on Windows) sent products that exposed their SpamAssassin cores.

They have a whole page discussing this.

At the same time, Kusnetzky notes that Apple is barely a blip in the operating system market, falling into the "other" category in a Unix segment that accounted for just 10.6% of overall server operating environments in 2003. Meanwhile, Windows held a 58% share, while paid shipments of Linux accounted for 23% of the worldwide market. Apple also is trying to compete in a 64-bit server market dominated by Sun, which has about 35% of the arena. IBM and HP are behind Sun, with about 12% market share, according to IDC.

This is just speculation to get attention, as near as I can gather. "IBM and Apple should merge!" sounds neat if you don't look at any of the context, but if you look at the actual products they sell it doesn't make really much sense at all. IBM targets almost exclusively corporate customers. Apple targets almost exclusively consumer customers. There's no good way to tie these two things together at all, especially since the existing product lines of each have no particular relevance or connectivity to one another. Okay, yeah, like the article mentions, IBM doesn't have a presence in the "lifestyle"/enduser demographic. Why is this a problem? That's just not their market.

About the only obvious place the products could tie together is if IBM wanted to sell macs as corporate desktops. But as far as I'm aware when IBM sets up corporate desktops, it's just to sell their server infrastructure and such-- that is, IBM's push isn't "we'll sell you all this infrastructure stuff and give you better corporate desktop machines as well!" it's "we'll sell you this infrastructure stuff and it will work with the corporate desktop machines you were going to sell anyway!" In fact as far as I'm aware despite IBM's great use of Linux in the server space they have yet to use anything but Windows on the desktops their solutions people set up-- they're transitioning to Linux desktops internally, but haven't shown signs that they want to try to change the general corporate-desktop status quo. Given all this, it would seem from IBM's perspective suddenly springing "and you should switch to macs for your desktops!" on their customers would make things a lot harder to sell. So I don't think that Apple's systems have much relevance to IBM. Conversely, I don't see IBM selling DB2 en masse to the end-user consumer market.

Meanwhile the article's support for itself is full of nonsense, for example:

Then of course there is Darwin, Apple's version of BSD Unix at the heart of its Mac OS X operating system, which would nicely provide IBM with a non Linux semi-open source alternative, and one that is focused on its on benchmark beating P (sorry G) 5 microprocessor

Why on earth would IBM want a non Linux semi-open source alternative? First off IBM has been making lots of money out of actually just selling Linux; second off if they needed an alternative to Linux they sell several "real" UNIX derivatives themselves; third off Darwin is very highly specialized for the needs and APIs of OS X, and many of the design decisions therein don't make really a lot of sense except in OS X's context. If IBM wanted to repackage BSD they'd have done it themselves by now.

I could maybe see it making sense if IBM tried to integrate their products better with Apple's-- I.E. trying to twist things so that XServes can be dropped into a IBM infrastructure package, or trying to sell packages of G5s as modeling boxes and IBM hardware as a render farm to places doing industrial graphics work. That would be neat, and definitely wouldn't hurt the situation for either company. However I don't see there being some kind of "missing puzzle piece" either Apple or IBM could fill in by working with the other the way the article seems to imply, and the article doesn't give me good reason to think there is one.

• Virtualization technology has been used on mainframes and high-end servers for years, but IT departments are starting to use the technology on low-end servers as well

• "In order to virtualize technologies within a processor, a little bit of hardware goes a long way," Brookwood said. Users still need virtualization software, but that software will run much faster with hardware support, he said.

  Neither Intel nor AMD has built such technology into their processors for low-end servers, but both are now talking about having that capability available around 2006. Intel has discussed its Vanderpool virtualization technology at recent conferences, but like AMD, has not provided specific details about the technology.

Para-Protect used to monitor IRC channels as part of a service which would tell you which miscreants were discussing the state of your org's network security.

Mind you, if you were worth your Nerdgear 'got root' t-shirt, you'd not be discussing such things over plaintext IRC, and you'd stick to discussing such things only on invite-only SSH'd up talkers.

And how many patent lawsuits has Microsoft been involved in:

Microsoft, Tiscali sued over European download patent

Sun, Microsoft settle suit in billion dollar pact

Microsoft settles Intertrust patent lawsuit

Microsoft settles suit with Immersion

Microsoft settles 1999 Patent Infringement Case

Have you thought about the fact that these big companies are 'bankrolling' the new IP only company because they are just trying to protect themselves?

How very noble of them!

Of course, once they have the power, what is to stop them from using it? Oh, that's right! (litigous bastards) corporations don't sue other corporations over intellectual property.

http://www.nwfusion.com/reviews/2004/110804rev.htm l/ Scanning for vulnerabilities on a regular basis is as pro-active as it gets, isn't it?

5.7 TFlops in less than a square metre coming to a store near you, an IBM Blue Gene. If these start appearing at Wal Mart, it's time to redefine supercomputer.

After claiming they want to move to a more Service oriented model, Novell has lost (will lose, has it come out yet?) their VP of Worldwide Services, Bob Couture. Now they lose Chris Stone and the issue has reportedly has something to do with his management style with regards to their Open Source developers.

There is a culture war underway between the products side of the house and the services side. This is the beginning of much restructuring at the big red N house...