Blog: Exploit code is out for a critical Internet Explorer vulnerability that Microsoft reported in its MS07-009 bulletin. [eWEEK]
A new tool called Jikto can turn any PC or device with a browser into a site attacker. [eWEEK]
IT pros eye Windows Server 2003 SP2 with caution Despite its security and stability enhancements, IT pros say they are in no rush to deploy Windows Server 2003 SP2, which arrived with little warning two weeks ago. [SearchSecurity.com]
20 million copies of Vista reported sold Analysts questioned the figure and said it shed little light on the program’s popularity during its first month on the market. [NYT]
Linux kernel to add VMI The next stable update to the Linux kernel, Version 2.6.21, is slated to include a new feature submitted by VMware called Virtual Machine Interface. [eWEEK]
Next version of GPL to cover Novell-Microsoft deal The non-profit group that owns rights to much of the Linux operating system says it will seek to undermine a controversial deal between Microsoft Corp. and Novell Inc. through a new software licensing agreement to be unveiled on Wednesday. [Reuters]
Although Oracle’s lawsuit against SAP is directed against the German-based software giant, SAP’s channel partners could also be held culpable for any role they may have had for using software and documentation that turns out to have been illegally obtained, according to one lawyer specializing in intellectual property law.
Systems integrators (SIs) and consulting firms that provide support for Oracle products should prepare for any potential legal action by documenting what they did and didn’t know about the origins of materials given to them by SAP, according to Tucker Griffith, partner at McCormick, Paulding & Huber LLP.
Those partners are at risk if Oracle is “going on a theory that this was stolen material — and I’m pretty sure they are going on that theory — and if they’re going on the theory that some of the stuff was trade-secret protected,” Griffith said. “If you [the VAR] had reason to suspect it was stolen, or suspect it came from illegal means and illegal sources, then you might have some culpability.”
It would also be prudent for partners whose contracts with SAP do not include an indemnity clause to negotiate with the company to get one, he said. Indemnity clauses, in which one company insures another against lawsuits, can be written with generic language or be specific enough to, for example, specify whether the party offering indemnity will also cover court fees, he said.
Those partners who find themselves needing to negotiate for indemnity may have some leverage, though. Partners can point to the bad press the suit may generate for SAP and hint that they would consider migrating to other vendors if SAP does not earn their loyalty, Griffith said.
The lawsuit against SAP alleges that TomorrowNow, a provider of third-party Oracle support that SAP acquired in 2005, used Oracle customers’ login information to access Oracle’s support site. There, according to the 44-page complaint Oracle filed last week, TomorrowNow downloaded thousands of materials — software and documentation — which it then used to undercut Oracle’s own support.
But players at TomorrowNow, and SAP may have not thought they were doing anything wrong, Griffith said. They did not appear to try to cover up their tracks — the logins were traced back to computers in Bryan, Tex. where TomorrowNow is located — and Oracle did not take steps to prevent bulk downloads like those it accuses TomorrowNow of making.
“The defense would be well: we thought there was nothing wrong, because if we thought there was something wrong about it, we would have made it less obvious, less blatant,” Griffith said.
Oracle and SAP have continued to remain mostly silent about the suit, although SAP did issue a press release Friday saying that it will “aggressively defend against the claims made by Oracle.”
Vonage told to stop using Verizon technology A judge ordered the Internet-based telephone service to stop using technologies patented by Verizon Communications. [NYT]
SMBs face big challenges in meeting regulatory requirements Managed services and better policies can help SMBs deal with costs associated with archiving and protecting data in the name of compliance. [eWEEK]
Wireless industry gears up for WiMax Where does 3G wireless go from here? Many equipment makers and carriers are looking to the packet-based technology known as WiMax. [CNET]
Windows weakness can lead to network traffic hijacks Problem in the way Windows PCs obtain network settings could let attackers hijack traffic, researchers warn. [CNET]
The news that Oracle sued SAP shocked the IT industry yesterday, and the dust hasn’t begun to settle yet. In addition to SAP and its wholly-owned subsidiary TomorrowNow, Oracle named 50 “Doe” defendants who are still unknown but may include channel partners such as systems integrators and resellers.
TomorrowNow provides third-party support for Oracle products, especially its PeopleSoft and JD Edwards lines of applications, at half the cost Oracle charges. It also works with several consultancies and systems integrators to provide support on their behalf. About a dozen or so of these are smaller, regional-level firms, said Bob Geib, vice president of sales at TomorrowNow, in an interview with SearchITChannel.com earlier this month.
Because many of those firms fear retaliation from Oracle for providing support through TomorrowNow, Geib said, “many, many of our efforts with partners are what I would call under-the-radar opportunities.”
It is unclear whether any of those partners may be dragged into the suit. But one clause in Oracle’s filing reads:
“Oracle is currently unaware of the true names and capacities of Does 1 through 50, inclusive, whether individual, partnership, corporation, unincorporated association, or otherwise, and therefore sues these defendants by such fictitious names. Oracle will amend this Complaint to allege their true names and capacities when ascertained.”
According to the suit, TomorrowNow’s “cut rate support” was made possible, at least in part, from thousands of illegal downloads of software, patches, documentation and other information made by TomorrowNow using logins provided by Oracle customers whose service agreements were about to expire.
The nature of those service agreements does not allow Oracle’s customers to share those downloads with third parties, and many customers downloaded information they themselves were not authorized to access, Oracle chrged.
TomorrowNow was founded by former PeopleSoft employees and was acquired by SAP in January 2005, at about the same time Oracle announced it would acquire PeopleSoft. Oracle claims in the suit that the timing is not coincidental, but does not provide further evidence.
Oracle and SAP both declined to comment further on the lawsuit as of Friday evening.
Oracle sues SAP for ‘stealing software’ Oracle has filed a lawsuit against SAP, charging the German software giant with “corporate theft on a grand scale.” [SearchSAP.com]
SOA: SAP to offer standardized processes SAP has announced that it will offer standardized processes to help companies in designing business processes and implementing SOA plans.[SearchSAP.com]
Cisco slugs FTC-addled McData Cisco Systems appears to have made the most out of FTC scrutiny surrounding the union between Brocade and McData. Cisco’s share of the switch and HBA market rose 2.2%, while McData’s dropped 2.6 %.
802.11n will require upgrades 802.11n, the new Wi-Fi standard on the cusp of being ratified by the IEEE, offers greater throughput and better range than other standards but may require companies to upgrade their wireless network infrastructure.[SearchNetworking.com]
A federal appeals court (8th Circuit) has upheld the FCC’s 2004 conclusion that VoIP providers (like Vonage) provide an interstate service that frees them from state control.
This ruling confirms the FCC‘s jurisdiction over VoIP, acting as regulators over the digital communication technology in similar fashion to their authority over regular telecommunications.
Despite this case dealing mostly with the more consumer market-focused Vonage, it has overtones that will affect the channel and the businesses that look to networking consultants and VARs to provide solutions for their communications needs. In short, it’s much easier to trust and invest in a technology that has an established federal commission overseeing it.
As a result, businesses can be expected to view VoIP communications as an even more viable alternative to traditional circuit-switched telephones. For networking channel professionals looking for help and ideas for selling these systems, as well as suggestions for the actual set-up, SearchNetworkingChannel.com recently launched a VoIP Project Guide that answers many questions and offers helpful insight.
Thoughts on this ruling? Ideas on VoIP? Drop me a line!
Cisco’s Charlie Giancarlo is a pretty smart guy (he’s chief development officer, so that’s more of a job requirement than a compliment), but I’m not sure he has as tight a hold on differing forms of information as he does on different kinds of data.
In a blog yesterday, he seemed to recommend that reporters spend as much time talking online about their stories as they do researching and writing:
Some publications are even requesting (aka requiring) their reporters to blog as a part of their job. I would argue that tracking your stories in the blogosphere and participating as the bylined reporter in the conversation is more important than authoring your own blog as a reporter, but far be it from me to suggest what a major media outlet should have their employees doing…or not doing.
It’s not a bad point. News outlets typically stink at two-way conversations with readers, not least because journalists are often as thin-skinned about criticism from readers as the people they cover are about criticism from the media.
But what’s the benefit to readers of having a reporter write a story, then spend a ton of time blogging back and forth about how it should be interpreted, the research behind it, and the value of the sources or comments in it?
Via ciscoblog.com: Cisco has posted free online training for its APX/IPX firewall. “Some of the topics are neat…’How to set up Packet Tracers’ ‘How to set up SSL VPNs.’ The modules DO actually describe how to do these things if you can bear the pain of listening to a computer generated voice reading a script someone wrote.”
Court backs FCC over states in VoIP case A federal appeals court on Wednesday upheld a decision by the Federal Communications Commission that barred states, including Minnesota, from regulating Internet-based phone services. [AP]
Gartner: Look for little change in worldwide PC shipment, revenue Worldwide PC shipments are forecast to total 255.7 million units in 2007, a 10.5% increase from 2006, while PC revenue is projected to reach $213.7 billion, a 4.6% increase, according to the latest forecast by Gartner. [Teknorati]
IDC Report: Virtualization Cannibalizes Server Sales IDC’s new report indicates that multicore and virtualization will cost the x86 market more than 4.5 million shipments and $2.4 billion in customer spending between 2006 and 2010. Overall, x86 shipments that were once projected to increase 61% by 2010 are now facing just 39% growth during that same period. [NewsFactor Network]
Palm purchased by Friday? Nokia, Moto among potential owners, it’s said. [TheReg]
Alaska and Dell team on $38bn bungle When storage specialists attack. [TheReg]
Explaining a Vista ban The National Institute of Standards and Technology has put a moratorium on using Windows Vista, but that’s business as usual, says agency’s CIO. [CNET]
Microsoft continues to fine-tune Vista licensing Microsoft is offering users who purchase one Vista license — full or upgrade, purchased either at retail or via a PC-preload deal — the right to buy multiple additional copies at 10% off retail price per copy. At its heart, the promo is just as much, if not more, about fighting piracy as it is about spurring
Vista sales. [AllAboutMicrosoft]
Measuring Vista’s true security muscle will take time Researchers are digging through the Windows Vista code right now, and when they find flaws we’ll hear about it. But it’s the ones we don’t hear about that should keep us up at night. [SearchSecurity.com]
Symantec says fixing licensing portal top priority Company officials say help is on the way as fallout continues from the merger of Symantec and Veritas ordering systems last November.[SearchStorage.com]
T.J. Maxx parent company sued in credit card hack probe Major shareholder files lawsuit seeking documents related to an incident that left customer information vulnerable. [CNET]
Sun hires top Linux developer to market Solaris Sun Microsystems Inc. has hired one of the best known developers of Linux software to market its Solaris operating system as it seeks to improve ties to the open-source community. [Reuters]
Apple makes biggest move yet into living rooms Apple Inc. made its biggest move yet into the living room on Wednesday by starting shipments of the Apple TV box, a gizmo that lets people take music, photos and video stored on a computer and play them on a television screen. [Reuters]
SOA specs SCA and SDO headed for OASIS and the JCP The Open SOA group has finally found a standards body homes for its two key specifications, Service Component Architecture (SCA) and Service Data Objects (SDO) at OASIS and JCP.[SearchWebServices.com]
The size of a paperback and most of the functions of a real PC Hoping to put a PC in every purse, Samsung has upgraded its Q1 line of tiny 1.7-pound portable computers. [NYT]
Windows applications in Ubuntu with a seamless desktop A step by step tutorial on how to set up Windows applications to work seamlessly with the new Ubuntu 7.04 Feisty Fawn. [Ubuntu.com via Digg]