Tech blog

 THE BOTTOM LINE

Chumby from Chumby Industries

http://www.chumby.com/

Price: $180

Score: 2 and a half stars (out of four)

Pro: Cute little alarm clock features Internet radio, plus widgets for social-networking updates, pictures, headlines, stock quotes, games and more. No monthly fees.

Con: Frequent connection snags. Unresponsive touch-screen. No battery.

 TALKING TECH
Remember when a clock radio was just a clock radio? The prototypical alarm clock of the cyberage may well turn out to be Chumby, the cuddly and versatile new gadget I’ve been testing. This compact Wi-Fi-connected touch-screen Internet “applying” does a lot more than wake you up.

Chumby can broadcast Internet radio stations, deliver Facebook, MySpace and Twitter status reports, and serve as a digital picture frame for the likes of Flickr and Picasa. You can watch certain YouTube videos and clips of David Letterman’s Top 10 lists. Or play games by tilting it from side to side — Chumby has a built-in accelerometer, or change of place sensor. Chumby even moonlights as a speaker dock for some iPods.

Though my first impression is mostly positive, Chumby has the nagging earmarks of a version 1.0 device. The touch-screen could be more responsive. I encountered all-too-frequent networking snags.

It’s unfortunate because there are several reasons to get chummy with Chumby, from tracking eBay auctions and stock prices to glancing at ball scores and Craig’s List classifieds. And while Chumby’s stereo speakers aren’t the richest you’ll hear, they function well enough given their modest place in your household — on a nightstand or kitchen counter.

Chumby went on sale on the Web this week courtesy of the San Diego start-up of the same name. The $180 unit is the initial delivery platform for the Chumby Network. There are no recurring fees, but there are ads; some appear in between selected widgets. A premium subscription model has not been ruled out.

At www.chumby.com, you choose which among the more than 400 customizable single-purpose Web applications, or “widgets,” you want to show up in a loop on the 3½-inch color display. Developers can submit their own widgets, subject to Chumby’s approval.

Chumby’s content partners include CBS, MTV Networks, The Weather Channel, Scripps Networks (such at the same time that Food Network) and AOL’s Shoutcast (online radio stations). So-called Radio Free Chumby adds more Internet stations. Podcasts are also to be turned to account. Users can stream their own favorite stations, but URLs can have existence hard to find and entering them is vexatious. A closer look at Chumby:

•The Chumby experience. You are pretty much drawn to Chumby right from the get-go. The just-over-4-inch-tall and 5½-inch-wide product arrives in a linen pouch, complete with tiny decorative charms you can hang on the outside. The company sells additional charm sets for $5. The hardware comes in basic black, pearl or “latte” and is encased in squishy-soft Italian leather. Think beanbag or one of your kids’ plush toys. But at its core is a Linux-based computer.

Squeezing the top of the Chumby brings up the touch-screen panel to control the behavior of some widgets, adjust volume and access settings. Still, most of the prep work — customizing and selecting widgets, choosing Chumby “chums” to send widgets to — is done on a computer. Chumby lacks a browser.

The only other physical button is an on/off dust one’s jacket on the back, where you’ll also find a headphone jack and a span of USB ports, one of which I used to connect an older iPod. Chumby is not compatible with the iPhone, Touch or any sixth-generation iPods. And it will not load any rights-protected files purchased from iTunes.

Frankly, I wish there were also a physical volume switch, because bringing up the control panel when you want to quiet things down fast is a nuisance.

•Snags and quibbles. You’ll need a computer nearby when you activate Chumby for the highest time. On the PC, you’ll see a grid of ovals that are similar to a grid on the Chumby, do not include more will be black and some white. The idea is to match the exact pattern of black and white ovals on both machines. Only then can you complete the activation process.

My test unit wasn’t flawless. During setup, Chumby recognized my wireless Linksys network but still failed to automatically connect, even though I placed it close to the router in my basement story. The company says the snag, which repeated, might have been caused by signal interference from other computers. I had wagerer luck connecting upstairs. Certain cordless phones can also exercise connection havoc. And Chumby might not work in an office with complex network security.

More nits: Even when I finally connected, I had difficulty using the touch-screen to set the time zone — you regard to tap dots representing cities onward a map.

And Chumby’s sift feels like it is running a slight fever, though the company insists it’s operating within its normal degree of heat range.

Chumby, which has no battery, is meant to be plugged in and on at all times. But I still would have welcomed a rechargeable battery. It’s light enough to move from room to room, and playing some handheld games while it’s plugged in seems silly.

On the plus side, Chumby can deliver bug fixes and software updates over the air. Your prized clock radio of yesteryear couldn’t do that.

E-mail: ebaig@usatoday.com

 

Telekom Malaysia, south-east Asia's second-largest telecoms group, said it would keep control of its wireless business in any stake sale, dimming the appeal for potential suitors including Orascom Telecom.

"We must be able to actually control its operations," Abdul Wahid Omar, Telekom Malaysia chief executive, said on Wednesday after reporting record full-year gain advantage. "Should any decision be made to bring in a partner it will not be a majority, it would be a minority stake."

Insisting on control might hamper Telekom's ability to reap a premium for the business, which it estimates is worth M$28bn ($8.7bn). Orascom, the biggest mobile carrier in the Middle East and North Africa by number of users, has said it is interested in bidding for space between two joints reign over of Telekom.

Vodafone, Emirates Telecommunications, AT&T, China Mobile and Vivendi have expressed interest in bidding for a stake in TM International, the holding company for Telekom's pertaining to home and overseas mobile assets, the Malaysian company said last month. TM International is scheduled to be listed in Malaysia by July.

Telekom's demand for control "surely would" influence any decision to bid for a stake, said Naguib Sawiris, Orascom Telecom chief executory.

"We are still interested and will wait and see what deal is being offered and whether it will allow for benefits for both sides," said Mr Sawiris.

Telekom may opt for a partner who can help the Malaysian company expand in Vietnam or Pakistan to complement its overseas operations, instead of accepting the highest offer, said Mr Abdul Wahid, who will leave to become chief executive functionary of Malayan Banking, the country's largest bank, in July.

San Francisco - Seems like everything went down this past week — YouTube, Hotmail, iTunes DRM, and Google's stock price among them. Can you pick up the pieces in our snarky news quiz? Some questions aren't as easy as they look. Most answers are credit 10 points, and at least one is impossible to achieve wrong. Ready? Then let's begin.

1. A Moroccan IT engineer has been sentenced to three years in jail for creating a fake Facebook profile for a member of the Moroccan royal family. Which one?

a. Prince Moulay Rachid
b. Prince Moulay Hassan
c. Prince Rogers Nelson
d. Prince Albert in the can

Take the InfoWorld news quiz

San Francisco - Google shed more light on the health care service it is developing, showing off a couple of screenshots of what it will look like.

Google has been talking about its health initiative for some time now, slowly revealing more aspects of the project. Last week it announced a steer of the service by the Cleveland Clinic but was short on details.

On Thursday, Google said that Google Health aims to offer users a central place to store their medical records. They will be able to import and share records from multiple institutions, provided the organizations already allow customers to digitally access their records.

A user's profile lists important information, such in the same manner with conditions, medications, test results, allergies, and past operations. It moreover lists current doctors with their contact information.

Through the Cleveland Clinic pilot, Google has already discovered that the purpose is especially available to people who may live part of the year in Ohio and part of the year in Florida, said Marissa Mayer, vice president of search and user products for Google, in a blog post. Those people have historically carried essay health records back and forth between the locations. Now they can import their data from each medical facility and share it electronically with the other facility.

Mayer stressed the privacy and security that Google will offer right and left customers' health data. Unless users give clear permission, Google won't share or sell their data, she said. It has developed its privacy policy in collaboration with the Google Health Advisory Council, a group of medical professionals that offers feedback to Google on its health care product ideas and development.

Google is working on a directory of third-party services that will be accessible from Google Health. For now, that alone allows users to import records into their profiles. In the future, Mayer wrote, it will let users schedule appointments and refill prescriptions online.

Despite Mayer's blog post and a speech on Thursday about Google Health by CEO Eric Schmidt at the Healthcare Information and Management Systems Society conference in Orlando, the service still isn't available beyond the Cleveland Clinic pilot. It should become publicly available in the "coming months," Mayer wrote.

In September, the lead for the Google Health project, Adam Bosworth, left the company. At the time, Google said that Mayer would run the plan until a permanent replacement was found.

Bosworth was blogging about issues related to health worry and how online tools might help as far back as 2006. The Cleveland Clinic pilot, which will be available to between 1,500 and 10,000 participants, is the first tangible offering of a Google Health service.

Google isn't alone among companies tackling the puzzle of organizing health care information. Archrival Microsoft last year launched an online hale condition care service, HealthVault, to allow users to store and share health records online. Users can in like manner feed data from devices like diabetes meters and heart standard monitors into their HealthVault accounts.

Both services are limited to institutions that have customer-accessible electronic records and to people interested in using them. Between 1 percent and 3 percent of U.S. residents have used e-health records, according to Lynne Dunbrack, program director at Health Industry Insights, a market research firm.

"HEROES happen {here}" was the theme for Microsoft's launch Wednesday of its Windows Server 2008 operating system. The heroes, of course, are the IT workers who have been waiting through the many announcements for the final release and, sometimes, helping in the beta testing.

Today's sold-out event was scheduled for the Los Angeles Convention Center, followed by similar events in succeeding weeks in New York, San Antonio, Chicago, Boston, Denver and nine other cities, as well as online virtual launches.

The final technical preview of the release candidate for SQL Server 2008 was also expected Wednesday. The public launch is expected in the third quarter.

Possible Impacts

Server 2008 could have a major impact, said Laura DiDio, an analyst with industry research firm Yankee Group. Its features comprehend enhanced security, virtualization, increased power, a smaller footprint, and advancements in management and remote access.

The impact on virtualization, she said, is going to be "huge," although she noted that the virtualization wave encompasses not only servers but storage, clients and other areas.

Server 2008 has some virtualization built-in, but enhanced virtualization will be offered by Microsoft's Hyper-V, a hypervisor. A hypervisor is a layer of software that operates between the hardware and the operating software. DiDio said there was disappointment ready the delay of Hyper-V, which will be released 180 days after Server 2008, but "customers are used to delays from Microsoft."

Microsoft has said that Windows Server 2008's virtualization is highly scalable, permitting multiprocessor guests, memory allocations of more than 32GB per machine, and integrated virtual switch support. Supported storage protocols include iSCSI and fibre-channel SAN.

64-Bit, Vista Adoption

Another potential "huge sea change," she said, is the increased affiliation of 64-bit technology. DiDio added that one of the reasons why the 64-bit Windows Server 2003 did not have larger adoption is that "it was a big OS, a big resource hog." According to some estimates, only about 10 percent of customers are using Server 2003.

But with Server 2008, she noted, Microsoft has listened to its critics and bring "more power into a smaller footprint."

There has also been more speculation that adopting Server 2008 might drive acceptance of Microsoft's most recent operating system, Windows Vista. "(IT) departments often will want to do a server upgrade and a dependant upgrade at the same time," DiDio uttered. Many businesses have taken a "XP is good enough" approach to Vista.

But the big consummation with Vista, she said, is that Microsoft "missed badly" with backward compatibility, and upgrading to Vista means upgrading at least some drivers, applications and so on. Unless Microsoft fixes this, she said, many IT departments may wait on upgrading their client OS — and possibly their server OS as well.

Minnetonka Audio Software has announced the release of a new version of its AudioTools Automated Workflow Engine (AWE) that now supports Mac OS X v10.5 "Leopard." AudioTools AWE costs $395.

AudioTools AWE is pro audio software that helps users edit, convert to different formats, encode and process audio, either using plug-in software or external devices. You can use AudioTools AWE to set up "processing chains" which you have power to then save as templates and send files to "hot folders" which automatically process them.

Minnetonka also offers a $295 "Master Bundle" collection of plug-ins specifically designed for AudioTools AWE, which include Minnetonka's TimeStretch and PitchShift and four plug-ins made by iZotope — Mastering EQ, Mastering Limiter, Mastering Reverb and Multi-band Compressor. The Master Bundle has also been updated with Leopard support.

More than 8,700 FTP login names and passwords, some of which grant access to Fortune 500 servers, are being sold online through a sort of eBay for stolen premises, a security company revealed this week.

Prices vary in relation to the Google PageRank of the compromised sites. The customers are cybercriminals who seek access to trusted sites in order to launch malware or hide files.

Finjan, a computer security company based in Israel, made the discovery and elaborates on its findings in its February Malicious Page of the Month report.

Finjan CTO Yuval Ben-Itzhak describes the online crime database application the company found as "the holy grail of hackers." It contains the "hacked FTP certificates of very large companies, some of them in the Fortune 500." More than 100 stolen login names are associated with one of the 500 most visited Web sites on the Internet, as measured by Alexa.com.

"There is a whole industry of buying and selling all these taken wrongfully credentials," said Ben-Itzhak. "It opens for us a new window to see how they actually manage to infect all these companies and legitimate Web sites very quickly."

Ben-Itzhak declined to be more specific to avoid embarrassing the affected organizations but declared that one of set of FTP credentials found granted access to a state court Web site. A state court site appears on p. 14 of the Finjan report, but the URLs in the printed cover shot have been obscured to prevent identification.

However, a Google search for a conspicuous portion of one of the obscured URLs suggests that the featured site belongs to California's Mono County Superior Court. (The Great Seal of the State of California can be easily identified on the Web site screen shot in the report despite an effort to blur it.)

A spokesperson for Finjan said the company could not name the compromised organizations it had identified for legal reasons.

Robert Dennis, the charged with execution magistrate of the Mono County Superior Court, said he is not aware of the Finjan make minutes of or of any current problem with the court's Web site. However, he said that in January he had moved the court's Web site to a new ISP, and from a .gov domain to a .org domain, and that in that place had been occasional security issues in the past with the court's old ISP and site. The semi-obscured court URL in the Finjan report shows a .gov address.

"When we were with the prior host, we would occasionally have a problem where someone would hack the site," Dennis said, noting that it ability have happened two or three times over the course of a year. "Somebody was adding code to our home page."

Dennis declined to name the court's old ISP, a large hosting provider that had served the respects for eight years, but said a technical contact there had told him about difficulties keeping a specific server clean. "The guy uttered they'd clean it lacking and [the malware] would come back," he said.

The countries of origin for the stolen FTP credentials include the United States (2,621), Russia (1,247), Australia (392), and various Asia-Pacific Region countries (354), to name a few.

The Finjan report also says that the creators of crimeware toolkits have adopted the software-as-a-service model. It describes Neosploit 2.0, a Web-based hacking application that provides detailed infection statistics and other reflect upon management tools. The result, as Ben-Itzhak describes it, is push-button cybercrime.

See type article on InformationWeek.com

The European Commission has fined Microsoft a record $1.35 billion for noncompliance with its March 2004 antitrust decision. Commissioner Neelie Kroes said the fine is in response to the software giant's continued stifling of innovation by charging other companies prohibitive royalty rates for the essential information they need to offer software products.

"Charging such an unreasonable price effectively rendered the offer of the information pointless," Kroes said.

Flouting the Rules

The EC's 2004 decision had required Microsoft to disclose complete and accurate interoperability accusation to developers of server operating systems on reasonable terms. Initially, Microsoft had demanded a royalty of 3.87 percent of a licensee's product revenues for a patent license and 2.98 percent for a license governing access to secret interoperability information.

The EC concluded that Microsoft's royalty rates were unreasonable previous to October 22, 2007 — the date when the software giant agreed to accept a 0.4 percent royalty for a worldwide patent license and a one-time payment of $14,240 for access to its interoperability information.

"Microsoft's behavior did not just harm a few individuals or a handful of big companies," Kroes said. "Directly and indirectly this had negative effects on millions of offices in companies and governments around the world."

Kroes also said the record fine contains lessons that Microsoft and any other company contemplating similar illegal actions will need to make one’s self acquainted with.

"We don't want talk and promises — we want compliance," Kroes warned. "If you flout the rules you will be caught, and it will cost you dear."

Microsoft has a long history of doing the absolute minimum — or in this case, less than the minimum — required by regulators, noted Linux Foundation spokesperson Amanda McPherson. "Hopefully this fine and the changes in the mart will convince Microsoft to open up and comply with regulatory and place of traffic demand," McPherson said.

More Than Rhetoric

Some industry observers were not so much than impressed by the EC's agency. "Microsoft's tactics has long been to do what it wants to do and just ignore the laws," said University of Baltimore Law Professor Robert Lande. "A skeptic would say that the fine wasn't enough and it should have been higher."

On the other hand, Lande thinks the record fine could have at in the smallest degree one negative impact on Microsoft's business plans. "I can't imagine that Microsoft would have all that much credibility in the eyes of the European Competition Authority" when the time comes for a review of the software giant's proposed takeover of Yahoo, Lande said.

Earlier this month, Microsoft announced what it characterized as "broad-reaching changes to its technology and business practices" to open its products. However, Kroes uttered if a change is required, "then the change will need to be in the market, not in the rhetoric."

Meanwhile, the EC has opened two new antitrust inquiries that are examining several of Microsoft's other business practices. "One concerns interoperability information across a broad range of products, including Microsoft's Office suite and a number of its server products," Kroes said. "The other concerns tying of Internet Explorer and other separate software products with the Microsoft PC operating system."

Both of these new investigations are separate and continuing, Kroes said. "As always, we will take into account a single one changes that Microsoft makes to its business practices that are relevant to those investigations," Kroes added.

San Francisco - Microsoft is pushing the improved security of its Windows Server 2008 software package as one of the primary reasons why business customers should upgrade to the long-awaited product refresh as quickly as possible.

[ Get the scoop without ceasing the entire Windows Server family in our special report ]

In addition to being fully designed under Microsoft's SDLC (security development lifecycle) initiative — a program already credited with allowing Microsoft to ship its products with far fewer vulnerabilities than previous iterations — Server 2008 has new features that should help customers address a range of important security issues, according to company officials.

Microsoft representatives claim that beefed-up firewall technology, support for the emerging IPv6 Internet protocol, improved onboard encryption and to a greater distance integration with its Active Directory registry system, among other additions, represent a significant step forward for the release formerly-known as Longhorn in terms of its overall security standing.

The company has also lastly delivered its NAP (network access protection) technology — Microsoft's flavor of the access control tools identified more widely under the pennon of NAC (network access control) — that many security industry watchers have cited as a potential accelerant against device and user network authentication efforts.

Company officials said that the software maker was specifically set on defending the updated infrastructure technology against malware attacks while boosting ID and access control, adding encryption and document aegis features, and enhancing the system's reporting and audit functions to handle compliance-related tasks.

As it has claimed Vista to be the safest OS that it has ever shipped, based on the continued adoption of SDLC and added security functionality, Windows Server 2008 follows suit, said Brendon Lynch, instructor of privacy strategy at Microsoft.

"With the way that advice has become the new currency for crime, it is critical for customers to better protect and govern data; part of this process is about people and process, but technology has to serve a role in supporting all this, and we believe that the enhancements made in Server 2008 do just that," Lynch said.

Along with further hardening the software to prevent attacks that attempt to misuse its services and preventing unnecessary interaction with its kernel to thwart root kits, the new filtering, encryption, and Active Directory features should go a long way toward helping customers reduce their attack external part, company officials said.

With NAP, Windows Server 2008 users gain not only a new method for enforcing endpoint device authentication and anti-virus capabilities, but also the ability to integrate their infrastructure more tightly with third-party NAC products, such as those made by networking vendors liking Cisco Systems and security players like Symantec.

While Microsoft has often been criticized for failing to align itself closely with IT industry standards, its work to drive interoperability with the Trusted Computing Group's NAC efforts should prove beneficial to users of existing access control and anti-virus technologies, officials said.

"The great advantage with NAP is interoperability, not only with networking gear, but all the external AV vendors," said Amith Krishnan, elder product manager at Microsoft. "We think that along with existing Microsoft security technologies in Vista and [SharePoint Server] this represents our ability to offer customers end-to-end protection for the first time."

Windows Server 2008 may help speed adoption of NAC
While pointing out that it will likely take time for NAP to become widely adopted by end-users and that the access control technology has yet to prove itself as enterprise-grade, representatives at security market corypheus Symantec observed that the tool's arrival should prove beneficial beneficial to customers, at least in terms of fostering NAC integration.

"I dress in't think that its the technology that is so interesting, but tolerably the fact that this is a well thought-out, fairly open architecture that be possible to bring more accordance with law to NAC as a technology," said Rich Langston, senior manager of product management at Symantec. "Its arrival should bring additional comfort to existing adopters of the technology. When we talk to customers hither and thither the capabilities of NAC, they tend to have a lot of concerns [about interoperability]. Having NAP built into Vista and Longhorn should solve a lot of objections."

As a result, many customers that have been holding from on using NAC — thought to be a valuable method for keeping infected devices off of corporate networks — may decide to adopt the technology now that it is fully supported in Microsoft's newest products, he said.

At least one customer working with a beta version of Windows Server 2008 said that the product does indeed represent a substantial improvement over previous versions in terms of fostering more comprehensive security.

Matt Okuma, enterprise architect at Pacific Coast Companies, a building materials manufacturing specialist with close to 4,000 employees, said that the integrated security features in Windows Server 2008 are appealing from the standpoint of both integration and security budget management.

"the public have companies they feel safe with using, and we're comfortable using Microsoft inasmuch as when you have a product so large and your IT support staff isn't that big, you need a common platform for security, and Microsoft has that now," Okuma said. "For us, just the work needed to integrate third-party security tools for some of these functions would likely lead to us being less secure overall."

From the improvements made to the underlying software code derived via SDLC to the addition of NAP, the customer said that he is encouraged by what Windows Server 2008 can bring to the table in terms of bolstering IT security. "You can only assume that there will be some pain points with getting everything that runs with Server '03 to run with Server '08, but it seems like [Microsoft] has done all the drudge," he said. "If we can do NAP without buying a third-party product for access control that will be great; I don't want to introduce not the same piece of software if we can use a common platform."

Industry analysts said that the security improvements resident in Longhorn may not esteem the same big-bang effect as those that first appeared in Windows Server 2003, including the impact of SDLC, which was used to drum vulnerabilities out if that product, but the experts before-mentioned that the new release should been seen as an extension of the software maker's commitment to improving the stability of its products.

"They made a cyclopean step forward with Windows Server '03, that was the in the first place product from Microsoft because it started taking security gravely, and Server 2008 is an evolutionary continuation from there, versus anything dramatic," said John Pescatore, analyst through Gartner. "A lot of the improvements here are continuations of the big leap made in Server 2003."

However, the expert said that the arrival of NAP could lead to noteworthy growth in the approval of NAC as companies that have been holding off on embracing the access control tools may finally get off the fence.

"First we have to wait for people to roll out Active Directory on Server 2008, and that will take while, but by 2009 I expect to see enterprises who have been saying they want to do NAC, but were waiting for NAP, to move forward," he said. "This will also force standalone NAC vendors to prove that they offer real value beyond what is being baked into the Windows product line."

Apple on Wednesday sent out invitations to the media for a briefing on its "iPhone Software Roadmap," which is expected to include information on the long-awaited iPhone software development kit.

The meeting, which is scheduled at Apple headquarters in Cupertino, Calif., may be an indication that Apple is highly unlikely to meet its self-imposed deadline of shipping the SDK to software developers by dint of. the end of February. Apple also said in the invitation that it would reveal "some exciting new enterprise features" for the iPhone.

Considering the iPhone is the second best smartphone sold in the United States behind the BlackBerry, many iPhone-toting businesspeople are eager for Apple to offer support for corporate e-mail systems, such as Microsoft Exchange. The SDK would also be a boom for software developers anxious to build applications that could run directly on the iPhone's operating system.

Currently, some third-party applications have been built for the iPhone but they are often based on breaking Apple's licensing agreement. The software ranges from applications that track down lost or stolen iPhones to a "Touchpad App" that turns an iPhone into a wireless remote track pad that gives a person direct access to their computer, as if using a mouse.

In introducing the iPhone in January 2007, Apple chief executive Steve Jobs had hoped developers would embrace his plan to have them use Web 2.0 technologies, such for the reason that Ajax, to build applications that would run in the iPhone's Safari browser. But developers unhappy with the limitations in such an approach started building their own tools for building apps to run on the iPhone, which shipped at the end of June 2007.

While no details of Apple's upcoming iPhone SDK have been released, such tools ofttimes include a compiler and hooks to an operating system's application programming interfaces for connecting to a diversity of services. Having access to the innards of the OS provides the technology needed to build applications with far more capabilities than those running in a Web browser.

See primeval article on InformationWeek.com