Critical Impact: Windows Metafile Flaw a 'Zero-Day Exploit' How to Fix it NOW

New test for vulnerability and fix here Fix Developed by: lfak Guilfanov Everyone should check that their system is protected against this exploit. As a courtesy to our members we are hosting 2 files of which will identify if you are vulnerable and patch the system to protect yourself. Ilfak Guilfanov, well known in "reverse engineering" circles for his wildly popular IDA Disassembler, needed a temporary patch for his own system due to the seriousness of the WMF vulnerability . . . so he wrote one! This safely and "dynamically patches" the vulnerable function in Windows to neuter it and, after rebooting, renders any Windows 2000, XP, 64-bit XP and 2003 systems completely invulnerable to exploitation of the Windows Metafile vulnerability. Please Note: Unlike the "DLL unregister" recommendation offered by Microsoft and posted here earlier, Ilfak's patch completely eliminates the vulnerability. Therefore, until Microsoft is able to update and repair their vulnerable GDI32.DLL, this is what you should use. You do NOT need to unregister the DLL as described below. You SHOULD REMOVE THIS PATCH to restore full functionality to Windows Metafile processing once WIndows has been officially updated and repaired. To Remove: Simply open the Windows Control Panel "Add/Remove Programs", where you will find the "Windows WMF Metafile Vulnerability HotFix" listed. Remove it, then reboot. Microsoft have released a weak work around which does not fully protect you. Quote: Microsoft responded with an acknowledgement of the problem which included a very weak workaround (the shimgvw.dll unregistration) that provides very little protection. There's is not a cure, and it is not known how long the Windows user community will now be waiting for a true patch from Microsoft. 01/04 UPDATE FROM MICROSOFT Microsoft has completed development of a security update to fix the vulnerability. The security update is now being finalized through testing to ensure quality and application compatibility. Microsoft’s goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins on the second Tuesday of the month. The update will be released worldwide simultaneously in 23 languages for all affected versions of Windows once it passes a series of rigorous testing procedures. It will be available through Microsoft Update and Windows Update, as well as Microsoft’s Download Center and through Windows Server Update Services for enterprise customers. Customers who use Windows’ Automatic Updates feature will be delivered the fix automatically. Based on strong customer feedback, all Microsoft’s security updates must pass a series of testing processes, including testing by third-parties, to assure customers that they can be deployed effectively in all languages and for all versions of the platform with minimum down time. Microsoft has been carefully monitoring the attempted exploitation of the WMF vulnerability since it became public last week, through its own forensic capabilities and through partnerships within the industry and law enforcement. Although the issue is serious and the attacks are being attempted, Microsoft’s intelligence sources indicate that the scope of the attacks is limited. In addition, attacks exploiting the WMF vulnerability are being effectively mitigated by anti-virus companies with up-to-date signatures. Customer Guidance Users should take care not to visit unfamiliar or untrusted Web sites that could potentially host the malicious code. Additionally, consumer customers should follow guidance on safe browsing. Enterprise customers should review Microsoft’s Security Advisory #912840 for up-to-date guidance on how to prevent attacks through exploitation of the WMF vulnerability. The intentional use of exploit code, in any form, to cause damage to computer users, is a criminal offense. Accordingly, Microsoft continues to assist law enforcement with its investigation of the attacks in this case. Customers who believe they have been attacked should contact their local FBI office or post their complaint on the Internet Fraud Complaint Center Web site. Customers outside the U.S. should contact the national law enforcement agency in their country. Customers who believe they may have been maliciously attacked by exploitation of the WMF issue can contact Microsoft’s Product Support Services for free assistance by calling the PC Safety line (1866-PCSAFETY) and international customers by using any method found at this location: http://support.microsoft.com/security. Microsoft also continues to encourage customers to follow our Protect Your PC guidance of enabling a firewall, getting software updates and installing anti-virus software. Customers can learn more about these steps at www.microsoft.com/protect. IN THE MEAN TIME, I'LL BE TESTING Ilfak Guilfanov's FIX AND POSTING RESULTS LATER TODAY. 01/03 UPDATE: A flaw in Microsoft's Windows Meta File has spawned dozens of attacks since its discovery last week, security experts warned Tuesday. The attacks so far have been wide-ranging, the experts said, citing everything from an MSN Messenger worm to spam that attempts to lure people to click on malicious Web sites. The vulnerability can be easily exploited in Windows XP with Service Pack 1 and 2, as well as Windows Server 2003, security experts said. Older versions of the operating system, including Windows 2000 and Windows ME, are also at risk, though in those cases the flaw is more difficult to exploit, said Mikko Hypponen, chief research officer at F-Secure. "Right now, the situation is bad, but it could be much worse. The potential for problems is bigger than we have ever seen," Hypponen said. "We estimate 99 percent of computers worldwide are vulnerable to this attack." The Windows Meta File flaw uses images to execute arbitrary code, according to a security advisory issued by the Internet Storm Center. It can be exploited just by the user viewing a malicious image. Microsoft plans to release a fix for the WMF vulnerability as part of its monthly security update cycle on Jan. 10, according to the company's security advisory. Source:Code for what Secunia is deeming an "extremely critical flaw" in Windows Metafile Format files is being exploited on fully patched systems. Researchers are currently tracking thousands of sites distributing the exploit code. Over the last 24 hours, we've seen three different WMF files carrying the zero-day WMF exploit. We currently detect them as W32/PFV-Exploit.A, .B and .C. Fellow researchers at Sunbelt have also blogged about this. They have discovered more sites that are carrying malicious WMF files. You might want to block these sites at your firewall while waiting for a Microsoft patch: Crackz [dot] ws unionseek [dot] com www.tfcco [dot] com Iframeurl [dot] biz beehappyy [dot] biz And funnily enough, according to WHOIS, domain beehappyy.biz is owned by a previous president of Soviet Union: Registrant Name: Mikhail Sergeevich Gorbachev Registrant Address1: Krasnaya ploshad, 1 Registrant City: Moscow Registrant Postal Code: 176098 Registrant Country: Russian Federation Registrant Country Code: RU "Krasnaya ploshad" is the Red Square in Moscow... Do note that it's really easy to get burned by this exploit if you're analysing it under Windows. All you need to do is to access an infected web site with IE or view a folder with infected files with the Windows Explorer. You can get burned even while working in a DOS box! This happened on one of our test machines where we simply used the WGET command-line tool to download a malicious WMF file. That's it, it was enough to download the file. So how on earth did it have a chance to execute? The test machine had Google Desktop installed. It seems that Google Desktop creates an index of the metadata of all images too, and it issues an API call to the vulnerable Windows component SHIMGVW.DLL to extract this info. This is enough to invoke the exploit and infect the machine. This all happens in realtime as Google Desktop contains a file system filter and will index new files in realtime. So, be careful out there. And disable indexing of media files (or get rid of Google Desktop) if you're handling infected files under Windows. HERE IS THE SIMPlE FIX, DO IT NOW ! Un-register the Windows Picture and Fax Viewer (Shimgvw.dll) 1. Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK. 2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box. Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer. To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks). This workaround is better than just trying to filter files with a WMF extension. There are methods where files with other image extensions (such as BMP, GIF, PNG, JPG, JPEG, JPE, JFIF, DIB, RLE, EMF, TIF, TIFF or ICO) could be used to exploit a vulnerable machine.

22C3: Private Investigations

The 22nd Chaos Communication Congress (22C3) is a four-day conference on technology, society and utopia. The Congress offers lectures and workshops on a multitude of topics including (but not limited to) information technology, IT-security, internet, cryptography and generally a critical-creative attitude towards technology and the discussion about the effects of technological advances on society. More at the links: http://events.ccc.de/congress/2005/ and here

Five Ways To Get To The Top Of Google

Status on Google is determined by a number of factors, all of which can be faked Key words Good practitioners will make sure sites contain clear information that is relevant to a user search. Others will use misleading but popular keywords - such as "Britney Spears" - to try to capitalise on somebody else's fame. Some even attempt to hide fake keywords on a page so that they can be read by search engines but not by people Popularity The more people that link to a site, the more popular it is in Google's mind. By carefully choosing who to link to and where to place those links, SEOs can push a target website up the rankings. Some shady operators even create a fake ecology of websites which all point at each other Spam Spamming is a tactic employed by unscrupulous SEOs, and attempts to raise profile and popularity by leaving fake messages pointing towards the target across thousands of other sites and weblogs. While unpopular with surfers, it often boosts the ranking of the site in question Regular updates Sites which seem new are often considered more important, because they are more likely to contain relevant information. Unscrupulous operators will often steal content from other pages to create the appearance of movement Metadata Each web page carries a selection of unseen information that tells other programs what its contents are. While most SEOs simply include correct information about a given page, crooked operators will use unrelated terms to try to direct unwitting surfers

Photoshop retouching of model

Interesting interactive Flash movie shows model retouching before and after. Link

Sennheiser: Approved By Skype and DJs !

Skype has certified the Sennheiser PC series headsets. You know, just in case you didn’t already know that Sennheiser makes top-notch headsets

The Google Box: Taking over the digital world four ounces at a time.

By Robert X. Cringely How can I top last week's prediction about Google's shipping container data centers? By explaining a bit more about how the system came to be and how it will work. In last week's column I told how Google has been experimenting with portable data centers built in standard 40-foot shipping containers. The idea isn't new and it isn't even Google's. As far as I can tell it came originally from Brewster Kahle of the Internet Archive, who wants to replicate the archive here and there around the world and figured that a shipping container filled with servers and disk drives might be the easiest way to do so. Not only is it truly plug-and-play, but it is also a heck of a lot cheaper from a bit-schlepping perspective. Carrying a petabyte data center by ship from California to Australia is the virtual equivalent of an OC-192 optical connection - the world's most powerful SneakerNet. The Internet Archive sponsored presentations trying to drum up interest in this concept (the presentation, itself, courtesy of Bruce Baumgart, one of its authors, is one of this week's links) and at one meeting Google's Larry Page was in the audience. I guess he must have found something of interest. At this point I should make a couple of confessions. First, I was off in my cost estimate last week by an order of magnitude. This error was pointed out to me by reader Paul Tuckfield and he's right. That'll teach me not to make quick-and-dirty calculations. I had the spec but no dollar numbers. But this actually makes the whole scenario MORE likely, not less, because Google likes projects that would be too great a financial risk for most others. It's somewhere between $1.5-$3 billion, to implement, but who other than Microsoft or Yahoo could afford that? And who other than Google could pull it off? Second, Matthew Glotzbach, senior product manager for Google's Enterprise Division wrote to say that I made an error in the way I last week characterized Google's Search Appliance. He said, "The product is a "plug and play" appliance as you said, and setup and maintenance requires little to no time or technical expertise. However, the setup and management is performed by the customer, and there is no communication between Google and the customer's appliance. In the event of a problem or support issue, the customer can request that a Google technical specialist perform remote diagnostic and problem resolution, but at no time is the customer's data pulled from their appliance back to Google's data centers." Sorry. This message from Mr. Glotzbach, by the way, was the only response I received from Google. So if you were expecting "We don't need no stinking shipping container data centers" from Google, it didn't happen. That's important. Getting back to Paul Tuckfield, he points out, too, that this whole idea of a network in a box (a very BIG box) is just the logical extrapolation of a trend. "I think the trend is there too, to package entire networks as a single system," he said. "It makes sense because many applications do this already -- websites and supercomputers being easy examples. The same trends of miniaturization that caused microprocessors to emerge from a background where supercomputers CPUs were built with discreet logic back in the 80's will cause networks in a box to emerge in this decade." The big question is what Google will get for its $3 billion bet? Last week we covered the idea of doing massive video streaming or downloading through parallel peering arrangements. We also covered the basics of reducing latency for network-based AJAX applications to compete with Microsoft. But there is a LOT more. Once you have a data center at every Internet peering point, you also have a data center in or near every major city in the developed world. That suggests Google might be interested in using the portable data centers for Voice-Over-IP telephony. Sitting 2-3 hops from every telephone and having available Google's own fiber network and traffic shaping to give priority to its VoIP packets, Google could offer world-beating telephony performance, all for less than eBay is paying for Skype. Another possible use for this parallel Internet is, if anything, more political than technical. The players in broadband Internet service - the telephone and cable companies for the most part - have as much to lose as they do to gain from the Internet. The telephone companies have at risk their voice service, which is already being undermined by VoIP. The cable TV companies are risking their video service as telcos get set to offer various DSL video channels. Each group realizes they can't stop the progress of technology yet on some level each group would like to try. By grabbing a big fistful of optical fiber and having data centers at very peering point, though, Google offers an alternative in case one party or another is tempted to undermine the system through technical tricks like altering the packet interleaving to mess with VoIP as I have written before. Google's success requires an open Internet and their presence and deep pockets guarantees that will be the case. But the most important reason for Google to distribute its data centers in this way is to work most efficiently with a hardware device the company is thinking of providing to customers. This embedded device, for which I am afraid I have no name, is a small box covered with many types of ports - USB, RJ-45, RJ-11, analog and digital video, S-video, analog and optical sound, etc. Additional I/O that can't be seen is WiFi and Bluetooth. This little box is Google's interface to every computer, TV, and stereo system in your home, as well as linking to home automation and climate control. The cubes are networked together wirelessly in a mesh network, so only one need be attached to your broadband modem or router. Like VoIP adapters (it does that too, through the RJ-11 connector) the little cubes will come in the mail and when plugged in will just plain work. Think about the businesses these little gizmos will enable. The trouble with VoIP in the home has been getting the service easily onto your home phone. Then get a box for each phone. The main hurdle of IP TV is getting it from your computer to your big screen TV. Just attach a box to every TV and it is done, with no PC even required. Sounds like Apple's Video Express, eh? On top of entertainment and communication the cubes will support home alarm and automation systems - two businesses that are huge and also not generally on the radar screens of any Google competitors. Throw a panic button atop every cube. But for all this to work, especially with end-to-end elliptical encryption, you need a tight connection between the box client and a server, which is why those shipping containers need to be so broadly distributed and why Google will need so many of them, eventually numbering in the thousands to support hundreds of millions of cubes. The cube, itself, is a sealed device literally embedded in epoxy. For a smart device, it is as dumb as Google can make it, because dumber is cheaper and dumber is less vulnerable to security breaches. For the cube, in addition to all its other functions, also handles Digital Rights Management. Now imagine a world where Google Cubes were distributed as widely as AOL CD's. It will be in Google's interest to provide them in volume to every Google users, which is to say every broadband user everywhere. As a result, Google becomes overnight a major phone company, a major video entertainment provider, a major player in home automation and even medical telemetry. The Google Box mesh network can reach out to nearby neighbors, too, bringing them onto the Internet in a way that would be difficult to stop or control even if the broadband ISPs wanted to, which they won't, because Google will find a way to share the wealth with them. It is not in Google's interest to put out of business any ISPs, so they'll try hard not to. But it IS in Google's interest for there to be universal broadband coverage, which the Google Cubes will, for the most part, enable. It reminds me a lot of Sun Microsystems' vision for Jini, its Java-based distributed intelligence product that Microsoft derailed with Universal Plug-and-Play. If the Google Box is the practical equivalent of Jini, then it ought to be able to fulfill some of the grand plans for that technology, which was often presented as an intelligent sensor network to drive e-commerce. In the Jini model, a chip embedded in your car's brake pads would signal that they were worn and needed to be replaced, but he network not only used that knowledge to turn on a dashboard warning light, it sent a message to the brake pad factory to build another pad, please. Well the Google Box is a coarser-grained version of that, with the tinier sensors being added later as technology comes down in price and the system pays for itself. Is that a grand enough plan?

Sling Media’s SlingLink helps network up your Slingbox

by Paul Miller Related entries: Home Entertainment Sling Media has a new product called SlingLink for their Slingbox remote TV viewing device. It’s a fairly basic network adapter that allows you to create a simple Slingbox network over your home’s electrical wiring without much networking know how, and would be perfect as a bundle if you’re gifting the Slingbox to someone a bit less tech savvy, but you could probably find a networking solution cheaper than the Slinglink’s $99 if they already have WiFi set up. It’s nothing ground breaking, as networking products such as this have been around for years, but Sling Media seems to be going to extra mile to make sure that you’ll have a hard time not getting the Slingbox up and running. http://www.slingmedia.com/

Geek Humor: How to stop filesharers from stealing hotel bandwidth

Posted by signal15 2 hours ago (original here: http://www.signal15.com/articles/2005/12/06/how-to-stop-filesharers-from-stealing-hotel-bandwidth) Starts out with some geeky stuff, keep reading, the funny part is later on. So, I’m in Milwaukee at ye olde Holiday Inn Express. They have a wireless internet connection here and it’s been suckin’ all night, like I couldn’t even do anything on it. I suspected someone running a p2p program and taking up all of the bandwidth, so I fired up ntop to analyze the type of traffic on the network, and just who it was generating it. Lo and behold, someone was running a p2p app, and taking up 1.6Mbit worth of bandwidth. That’s just not fair to the 20 other people on the network, so I decided to boot him from the network. I tried poisoning his arp cache and the default gateway’s cache, but that only works on some wireless access points, apparently not this one. I can’t send an 802.11 deauth message from my OS X box, because the card doesn’t support raw packet injection, so what to do??? I notice that his IP in the ntop interface changed into a name. His windows machine was spewing Netbios packets with his computer name in it. For the sake of his privacy, I’ve changed the name, but let’s say it was “smith-laptop”. So I pick up my cellphone and call the front desk at the hotel and as for Mr. Smith’s room. The lady at the front desk says “Eric Smith?” And I tell her yes. The phone rings, someone picks up, the conversation goes like this: Me: Eric Smith? Eric: Uhh, yeah? Me: My name is Jim Grant, and I’m an investigator with the RIAA. Have you heard of us? Eric: Uhhhhh….. What does that stand for? Me: Recording Industry Association of America. We represent several large record companies. In monitoring several p2p filesharing networks, we have found that you Eric, are currently downloading copyrighted material. Are you aware that this is illegal? Eric: Ummm…. my laptop is off. (At this point, I no longer see him on the network) Me: We are in the process of filing 18182 lawsuits against people who steal copyrighted music on the internet. We will continue monitoring these networks, and if we see you on them again, you will hear back from us. Eric: Ok, thanks. Bye. So, now my network is nice and speedy again. And some guy is in his room trying to dry out his underwear. :) I should have recorded the call since my cellphone has the capability to record conversations. The above conversation can’t even begin to show the fear in his voice. I’m sure he’s scared as hell wondering how they found out his name and that he was staying at a hotel and exactly what room he was in. Comments

TELCOS are attempting to control the Internet (really ?)

This Washington Post article outlines that Internet service providers (allegedly)should be allowed to strike deals to give certain Web sites or services priority in reaching computer users. Specifically, William L. Smith, chief technology officer for Atlanta-based BellSouth Corp., told reporters and analysts that an Internet service provider such as his firm should be able, for example, to charge Yahoo Inc. for the opportunity to have its search site load faster than that of Google Inc. A system such as this has a major impact on the way WE use the internet. Why did we trust these people with the Net? Oh, I'm sorry. It's their Net. Forgot about that. Thanks to Mike Taht for the pointer.

Beyond Wireless Broadband, Forget Wi-Fi, Wi-Max, Wi-Bro: XMax Looks Like A Winner

XMax is a new wireless and wireline transmission technology which allows very significant increases in wireless transmission reach and capacity. A month ago tomorrow, a small group of reporters attended the first press demonstration of this revolutionary technology in the swamps of Florida, and outside of the impossibility of directly checking and "seeing" some of the transmission parts involved, the showcased results were nothing short of impressive. xMax uses a transmitter similar to those used in cordless phone base stations and which operate in an unlicensed and very crowded frequency spectrum in the 900MHz band and is capable of sending a 3.7Mbit/s data signal to a radius of 18 miles, while utilizing only an omnidirectional antenna powered by a 50mW transmitter! xMax goes beyond what were considered physical limits of existing Wi-Fi, Wi-Max, Wi-Bro and radio technology, it leaves 3- and 4G in the dust, and may further prove to be also much less costly to deploy. According to the written specs distributed to the press at the demonstration xG Technology is capable of realizing performance improvements over similar transmission technologies by literally orders of magnitude – 10x, 20x, 30x, 100x. Here more details: As companies scramble to develop 3G telephony and data services, the need to acquire additional radio spectrum from the FCC has become a pressing issue. To accommodate increased demand for data services, the radio spectrum bandwidth needed to transmit data must increase proportionally. Essentially, in order to effectively transmit more data, the speed of data carried must also increase, which means that the allocated channel width must also be increased. Since the demand for spectrum exceeds today’s supply, competitors have driven up the price for this scare commodity. As such, the cost of spectrum licenses constitutes an increasingly high percentage of the overall cost of delivering wireless services. Despite these high costs, in the U.S., no single block of radio spectrum remains unallocated in sufficient size to meet the needs of 3G services. xMax solves this problem by dramatically reducing the amount of allocated spectrum required to transmit data. xMax uses a narrow channel allocation of dedicated spectrum to coordinate reception of its non-interfering, xG Flash Signal. By using xG Flash Signaling to convey wideband data below the noise floor, xMax allows for efficient spectrum reuse by numerous users in a manner that solves the spectrum crunch. Because xG Flash Signaling accomplishes this with far less “out of band” energy than traditional modulation systems such as CDMA and GSM, xMax helps to "clean-up" the spectrum for more efficient use than is currently realized. In typical situations today, the greatest impediments encountered when trying to deploy wireless broadband for the consumer market are: line-of-sight restrictions, high costs of end-user equipment, and carrier truck rolls xMax may indeed be able to wipe out all the above issues in one move. How? xMax is essentially a new way of modulating data which allows enormous improvements in data rates capacity both across wireless and landline communication infrastructures. xMax does not utilize compression techniques to achieve its extraordinary results as it employs two very popular communication approaches to make an extremely more efficient use of the radio spectrum available. What xMax in fact does is to intelligently blend the unique characteristics of narrow-band carrier systems with those of the non-interfering components utilized in low-power wide-band transmission systems. The end result is an exponential increase in data-rate capacity and a very significant decrease in power transmission requirements. Because of all this you can imagine how vast could be the implications of the arrival of such a disruptive transmission and data distribution technology, which would not only put rapidly out of market existing ADSL and cable operations, but it would also create immediate opportunities for broadband-based content and services to be widely distributed for a fraction of the money that it would cost today. xMax would in fact enable wide and easy adoption of high-bandwidth services such as video-based real-time collaboration, high definition television (HDTV), video-on-demand, IPTV, to name some of the most popular ones. Due to its technological characteristics xMax technology can be interleaved within existing cable RF channels and can operate over existing network physical infrastructure which would clearly allow existing operators to start offering new xMax-based services without ever needing to interrupt existing services. Because of this xMax appears a strategic alternative to seriously followed by telecom that still heavily rely on landline infrastructures. In terms of specifics facts, xMax is reported to be so reliable and with such a higher level of quality that signal capacity improvements could allow cable operators to deliver over one thousand channels of broadband-like services. In the DSL universe xMax is supposed to deliver much higher data-rates while increasing the effective reach to about 21 Km from the central transmission base. During the early November demonstration xMax technology was used to broadcast a data stream equivalent to a full-motion MPEG-2 video with stereo sound at a distance of 18 miles. The transmitter utilized for the demonstration required only 50 milliwatts of power to operate. Here are some of the other unique characteristics of xMax: xMax can be designed to operate at any frequency and it is suitable for use on licensed and unlicensed spectrum. xMax achieves equal transmission reach with far less power, thereby improving battery life. A wireless LAN powered with this technology could run on a set of batteries for a few years. Significantly less infrastructure is required to cover a given service area. The emergence of a true retail fixed wireless model becomes possible as xMax enables the design of affordable “over the counter” modems that eliminate the need for high gain antennas or expensive outside mounting. With line of sight no longer an issue, broadband for the user becomes portable, from home to car to office to pocket. xMax could even modulate signals carried over copper lines and this might allow DSL technologies to immediately offer much higher data rates and a greater reach. According to xG Technology, the company behind this new technology, xMax already complies with all regulatory thresholds set by the Federal Communications Commission (FCC), that prevent one system from interfering with another's operation. What is also very interesting is that the core research and development underlying xMax is now already complete. The company has developed working reference hardware designs and the modulation and demodulation circuitry can be integrated into FPGA or ASIC and will be utilized typically into equipment such as computers, TV’s, phones, cell phones, base stations, and more. xMax technology has been also been checked over by Princeton professor of electrical engineering Stuart Schwartz who has effectively staked his reputation on it. Does xMax really work? For now, no-one can say for sure. Not even xG technology itself. No independent tests have been so far published nonetheless the company has demonstrated a very important part of its plans: "in its November demonstration it has covered an area of over a thousand square miles with a claimed 50mW signal, and shown nearly 4Mbps arriving at a point almost 18 miles from the transmitter. Even given the details of the test — some 14dB total gain in the antenna systems and a 260m-tall tower for the transmitter — this is an exceptional result. UWB, perhaps the closest technology to xMax in existence, has so far failed to turn into consumer products after more than five years of promises. It is not clear that xMax could escape a similar fate, even if the technology questions were to be universally agreed." (Source: ZDNet UK - Could xMax change the world of broadband? - ZDNet UK News) xMax has been developed by xG Technology, a company based in Sarasota, Florida. xG Technology, LLC is not a manufacturer of consumer products and it provides value to licensees who will use their technology for the manufacture of their own products and services. xG has promised to have commercial systems ready by the second half of next year, which can be sold off-the-shelf. (Thanks to Robin Good)

The ongoing row over software patents - as well as the role intellectual property rights (IPR) might eventually end up playing in China - surfaced again this week with telco BT seemingly ending up taking the middle ground between two names rarely out of the tech headlines these days, Microsoft and Skype. Speaking at the European Leadership Forum (ELF) in London on Tuesday, Microsoft EMEA president Neil Holloway came out with what is now a familiar cry from the Redmond software empire - that it should legally be able to protect its investment in intellectual property. It's a common refrain and a position held by most of the big software vendors. However, it is not a view held by a new breed of software providers. Among those was fellow panellist Niklas Zennström, CEO of voice over IP (VoIP) darling Skype, bought in September by eBay for a sum upwards of $2.6bn. Zennström said: "Software patents are hindering innovation. Patents should be granted when there is real innovation and real investment in innovation." Big software vendors are filing for hundreds of patents per year - in addition to thousands granted by patent offices annually - sometimes as defensive measures but often now as a revenue stream or bargaining tool with rivals in their own right. Zennström singled out 'one-click' ordering, as patented by Amazon.com, as an example of the latter. Rest of article: Here

SNARF (Social Network and Relationship Finder) from Microsoft Research

Cool free tool from Microsoft that I'm playing with now. It's an Outlook helper from Microsoft Research, and requires Outlook 2002 or 2003. Essentially instead of just sorting email by date or importance, you can further sort by how often you communicate with a given contact. The pages around SNARF bandy about a phrase I'd never heard before: email triage. I'll have to admit, between something like six or seven distinct email accounts, I'm usually swamped with mail within a few hours. I tend to keep opening my computer just to filter and sort. If I leave it for a few days— well let's just say I begin to see where the term triage is coming from. SNARF sounds like a very cool tool, and one that I hope will make it into Vista. Here's MS's description: The Social Relationship and Network Finder, or SNARF, is an application that uses the same database as a user's e-mail client to count the number of times users send and receive e-mails from people, said AJ Brush, a researcher in the community technologies group at Microsoft Research, who developed the tool. Calling this kind of e-mail triage process "social sorting," researchers worked with graduate students to come up with the tool so it will help users prioritise e-mails based on how often they send and receive mails from contacts, she said. "One of the core SNARF notions is that it’s about people," Brush said. "We’re really trying to remember information about the people in my e-mail rather than on a per-message basis. Then SNARF will know it’s that message from [for example] Julie, I talk to her all the time, so it will put that higher in order of importance." In an e-mail message, Bernie Hogan, a doctoral student in sociology at the University of Toronto who worked with Brush as an intern during SNARF's development, said that modern e-mail clients don't take into consideration aspects of face-to-face interpersonal contact that people use to organise their daily interaction with others. Tools like SNARF will help researchers develop more intelligent software that streamlines e-mail communication, he said. "I want to help interpret the complexities of e-mail, so that we can design tools to help individuals work smarter, not harder," he wrote. "This involves understanding communication in social context -- communication, is after all a social activity -- and discovering what social patterns in communication are meaningful to users and how we can present these patterns clearly, and effectively." SNARF is available as a free download. The software requires Microsoft Outlook 2002 or 2003 as a MAPI source, but also has been tested with Exchange and MAPI servers, Hotmail and e-mail clients using POP, IMAP and the OL Connector (for Lotus Notes).

Comcast Email Problem with MSN\Hotmail

SEATTLE (AP) -- Microsoft Corp. said Friday that some people who use its Hotmail and MSN e-mail services are not receiving e-mail sent from Comcast Corp. accounts and other Internet service providers. Brooke Richardson, a group product manager with Microsoft's MSN online division, said the problem appears to be due to an increase in e-mail volumes, which it is attributed in part to the Sober Internet worm. She said the high volumes are causing e-mail to either be delayed or not make it to MSN and Hotmail users at all. Richardson said the problem began earlier this week. She would not name the other Internet service providers besides Comcast whose users were encountering the same problem. She also couldn't say when the problem would be fixed. "Our hope is that things get better in the coming day or days, but we don't have exact details," she said. Comcast spokeswoman Jennifer Khoury said the problem is only affecting Comcast e-mail being sent to the MSN and Hotmail accounts, and that other e-mail is getting to recipients without delay. She said the company is working with Microsoft to resolve the problem.