Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Apple MAC OS X is still vulnerable-security firm
Wednesday May 26, 6:40 pm ET
SAN FRANCISCO, May 26 (Reuters) - Apple Computer Inc.'s (NasdaqNM:AAPL - News) Mac OS X operating system remains vulnerable to attacks by hackers, even after the Mac computer maker issued a software update to fix the problem, security firm Secunia said in an updated warning issued Tuesday.
Niels Rasmussen, chief executive of Denmark-based Secunia, said that while Apple patched one of the vulnerabilities in its Mac OS X operating system, it did not address what is known as a disk URI vulnerability, which could allows malicious Web sites to silently place code on a user's system.
"Mac users are left just as vulnerable as they were last week," Rasmussen said in a telephone interview. "They (Apple) have dealt with one of the vulnerabilities in the correct way but with the other one they have not."
Apple did not immediately return calls seeking comment.
The patched vulnerability, which Apple (NasdaqNM:AAPL - News) called "theoretical," exists in an application used to get help while browsing the Web and could expose users to malicious code, Apple had said last week.
The lack of a more detailed explanation from Apple could leave it facing some of the same criticisms Microsoft Corp. (NasdaqNM:MSFT - News) once endured over its response to its own software security holes before it buckled down and made security a public and company-wide mandate, experts said.
"From the very beginning Apple has downplayed this issue," said Rasmussen.
Part of Apple's relative invulnerability to viruses until now is because of its small share of the personal computer market -- less than 5 percent. That has made it a less attractive target for virus writers and attackers, experts have said.
"You could clearly fault Apple from the view that the second a vulnerability appears you make it known," said Tim Bajarin, an analyst at industry research firm Creative Strategies. "But there are times when the nature of the vulnerability are such that it may not be prudent to make it known immediately."
Apple's patch -- a small piece of software meant to repair glitches or security holes -- is available on its Web site at http://www.apple.com/support/downloads.
Microsoft's rival Windows operating system, because of its dominant market share, has long been plagued by worms, viruses, Trojan horses, and other security threats.
But the company, which at first was criticized for being slow to warn customers and provide patches, now routinely discloses vulnerabilities and aggressively encourages users to update the Windows software with free patches when needed.
"It seems like Apple wants to learn these lessons like other huge vendors have learned them," Rasmussen said.
http://biz.yahoo.com/rc/040526/tech_apple_1.html
Apple MAC OS X is still vulnerable-security firm
Wednesday May 26, 6:40 pm ET
SAN FRANCISCO, May 26 (Reuters) - Apple Computer Inc.'s (NasdaqNM:AAPL - News) Mac OS X operating system remains vulnerable to attacks by hackers, even after the Mac computer maker issued a software update to fix the problem, security firm Secunia said in an updated warning issued Tuesday.
Niels Rasmussen, chief executive of Denmark-based Secunia, said that while Apple patched one of the vulnerabilities in its Mac OS X operating system, it did not address what is known as a disk URI vulnerability, which could allows malicious Web sites to silently place code on a user's system.
"Mac users are left just as vulnerable as they were last week," Rasmussen said in a telephone interview. "They (Apple) have dealt with one of the vulnerabilities in the correct way but with the other one they have not."
Apple did not immediately return calls seeking comment.
The patched vulnerability, which Apple (NasdaqNM:AAPL - News) called "theoretical," exists in an application used to get help while browsing the Web and could expose users to malicious code, Apple had said last week.
The lack of a more detailed explanation from Apple could leave it facing some of the same criticisms Microsoft Corp. (NasdaqNM:MSFT - News) once endured over its response to its own software security holes before it buckled down and made security a public and company-wide mandate, experts said.
"From the very beginning Apple has downplayed this issue," said Rasmussen.
Part of Apple's relative invulnerability to viruses until now is because of its small share of the personal computer market -- less than 5 percent. That has made it a less attractive target for virus writers and attackers, experts have said.
"You could clearly fault Apple from the view that the second a vulnerability appears you make it known," said Tim Bajarin, an analyst at industry research firm Creative Strategies. "But there are times when the nature of the vulnerability are such that it may not be prudent to make it known immediately."
Apple's patch -- a small piece of software meant to repair glitches or security holes -- is available on its Web site at http://www.apple.com/support/downloads.
Microsoft's rival Windows operating system, because of its dominant market share, has long been plagued by worms, viruses, Trojan horses, and other security threats.
But the company, which at first was criticized for being slow to warn customers and provide patches, now routinely discloses vulnerabilities and aggressively encourages users to update the Windows software with free patches when needed.
"It seems like Apple wants to learn these lessons like other huge vendors have learned them," Rasmussen said.
http://biz.yahoo.com/rc/040526/tech_apple_1.html
Apple security...
I am a thinking how similar Apple's response to security issues is similar to Windoz.
Secunia: Apple Patch 'Inadequate'
2 hours, 15 minutes ago
Kimberly Hill , www.enterprise-security-today.com
Apple (Nasdaq: AAPL - news) issued a patch on Friday in response to the discovery of two OS X holes that allow malicious code to travel from Internet sites to users' computers. Apple's announcement of the patch included a statement that the vulnerabilities created by the holes are "theoretical," and that users that regularly download patches to their operating systems receive such fixes routinely.
•Apple Warns of Mac OS X Security Hole
•Mac OS X Attacked by Trojan Horse
•How Secure Is OS X?
•Controversy Erupts over Apple Safari Update
•Hidden Costs of Mac Ownership
This specific patch, however, leaves users "just as vulnerable as they were before," Niels Henrik Rasmussen, CEO of computer security firm Secunia, told NewsFactor.
Two Flaws, One Patch
The two flaws allow malicious code to be transmitted through Internet browsers -- such as Internet Explorer -- on which users have left the default settings in place. Even after downloading the patch, though, "it is still possible to execute arbitrary code on a vulnerable user's system," said Rasmussen.
The first flaw exploits a vulnerability in the OSX "help" URI handler, and the patch addresses that. However, by downplaying the critical nature of the flaw, Apple is failing to convey to users the importance of downloading the patch, according to Rasmussen.
Apple has yet to learn the lessons of operating-system competitor Microsoft, which routinely describes the nature and impact of most vulnerabilities, allowing customers to determine whether to fix a problem. Network administrators routinely use the rating system to create a schedule for implementing fixes or to group them into workable categories.
Manual Fix
In addition, Rasmussen says, Apple did not address the second vulnerability -- "disk" URI -- at all. This hole allows malicious code to be placed on a PC without the user's knowledge.
Secunia has recommended a series of manual steps that users can follow to eliminate the holes. By unchecking the "Open 'safe' files after downloading" item in Internet preferences and adding a protocol helper (application) for the "disk" and "disks" items, says a Secunia advisory, users can protect their systems.
http://story.news.yahoo.com/news?tmpl=story&u=/nf/20040524/bs_nf/24176
Hardware is more secure than software. It is coming in the future to a mac near you...
yaya, how long do you think before HW will be talked about? eom
Mac Platform Endures as Apple Splits Hardware Division
By David Morgenstern
May 20, 2004
What does Apple's reorganization into Macintosh and iPod business units say about the company?
It proves "Apple can chew gum and walk at the same time," one former high-level engineering exec said about this week's reorganization, which opened a new division for its iPod media player. But whether the Macintosh-based hardware platform is the gum or the feet was left to the imagination.
The Cupertino, Calif. company late Wednesday offered a terse statement to the media: "This organizational refinement will focus our talent and resources even more precisely on our industry-leading Macintosh computers and the wildly successful iPod."
But a company representative confirmed a report in The New York Times that Senior Vice President Jon Rubinstein will take the helm of the newly formed iPod division, and Tim Cook, executive vice president of Apple Computer Inc.'s worldwide sales and operations, will run the new Macintosh division.
The move marks a significant change for the company, for its leadership and, some suggest, for iPod development.
Rubinstein is one of the pair of former NeXT Software Inc. executives that Apple Chairman Steve Jobs brought to Apple in 1997 to lead its R&D division.
Avie Tevanian, now Apple's chief software technology officer, handled software R&D, while Rubinstein moved into the hardware spot. In a reorganization about a year later, Rubinstein was placed in charge of all of the company's hardware products—and until now, there he has remained.
Before Jobs' return to the company, then-CEO Gilbert Amelio decentralized Apple into eight, mostly autonomous divisions. At the time, Apple offered a wide range of products, including computers, the Newton handheld device, set-top boxes, printers, cameras, storage and software.
Each unit maintained its own profit and loss statements, some with different brands, such as the Claris division, which was selling software as well as the Mac OS.
Under Jobs' leadership, the company jettisoned its profitable peripherals businesses to focus on delivering Macintosh desktops and notebooks for professional and consumer markets, as well as on creating Mac OS X. At the same time, the product development hierarchy was divided into hardware and software groups.
Click here to read about Apple's plan to ease its pace for Mac OS X upgrades.
Over the past year, Apple's product line has expanded from the Macintosh to a new, multiplatform consumer line. The iPod media player has captured the imagination of the industry. For its last fiscal quarter, Apple reported that iPod sales grew by 10 percent, and the consumer platform generated $264 million.
Three Apple observers hold differing opinions on whether the company should stay in the computer business. Click here to read their views.
Yet Apple was not the originator of the iPod's internal hardware design, according to reports. The device was based on a reference platform created by PortalPlayer Inc. of Santa Clara, Calif.
With technologist Rubinstein helming the division, the company appears to be taking charge of its new platform.
At the same time, some Macintosh software developers worried in online postings that the new division and Rubinstein's move could lessen the place of the Macintosh in Apple's plans.
According to the former engineering executive, Rubinstein's desktop, notebook and server teams are "fully capable" of picking up the development.
For insights on Macintosh coverage around the Web, check out eWEEK.com Executive Editor Matthew Rothenberg's Weblog.
Apple confirmed the report that Tim Bucher, senior vice president of Macintosh system development, will lead the Mac hardware engineering team. Bucher was a NeXT hardware engineering manager who worked on Microsoft's Ultimate TV product.
He also was the founder of startup Ispiri Inc., developer of the Mirra network attached storage line for consumers.
"Successful computer companies often have more than one product line," the engineer observed.
In addition, one Apple insider told eWEEK.com that the shift may give some computer initiatives more play within the hardware division. "It's been crowded at the table, and everything's been coming up iPod, iPod, iPod," he said, requesting anonymity.
http://www.eweek.com/article2/0,1759,1596311,00.asp?kc=ewnws052104dtx1k0000599
Apple to block Longhorn?
Apple Seeks Patent for Translucent Windows
May 17, 2004
By Matt Hicks
Apple is seeking a patent on a method for rendering translucent-appearing windows, technology that appears similar to features Microsoft has been previewing for its next major Windows release.
Apple Computer Inc.'s patent application, which dates back to November 2003, was published Thursday on the U.S. Patent and Trademark Office's Web site. By law, most patent applications become public record within 18 months of being filed, a patent office spokeswoman said.
According to the filing, the patent covers a method in which "information-bearing windows whose contents remain unchanged for a predetermined period of time become translucent." The translucency would intensify the longer a window's content remains unchanged, the patent application states.
The patent filing was first reported last week by The Mac Observer.
For its next Windows operating system, code-named "Longhorn," Microsoft Corp. has demonstrated translucent-appearing windows, said Matt Rosoff, an analyst at Kirkland, Wash.-based Directions on Microsoft.
Such a feature is part of the Aero user interface system in Longhorn, he said. The Redmond, Wash., software maker demonstrated Avalon (the graphics presentation system within Longhorn), as well as Aero, which runs atop Avalon, earlier this month during the Windows Hardware Engineering Conference in Seattle.
Representatives from both Apple and Microsoft declined to comment on the patent application. Cupertino, Calif.-based Apple has yet to be granted the patent, a process that can take years and can end without a patent being issued.
While the patent could pit Apple against Microsoft, Rosoff said he doesn't expect an intellectual-property fight between the companies. More likely, he said, the companies would work out a cross-licensing arrangement.
"Microsoft in the last couple of years has been pretty judicious about patents and about having patents in place and arranging swaps," Rosoff said. "I would be surprised if this turns into any sort of fight."
Read more here about Microsoft's patent battles.
The two companies do have a history of battling over key aspects of their operating systems. More than a decade ago, in 1992, Microsoft and Apple faced off in a copyright case. Apple had sued Microsoft over its use of such elements as windows, icons and menus in its Windows operating system. Microsoft eventually won.
The two companies also reached an unexpected agreement in 1997, in which Microsoft invested $150 million in Apple and agreed to continue developing versions of its Office productivity suite and Internet Explorer Web browser for the Mac operating system.
That five-year deal ended almost two years ago, and Microsoft has since stopped developing IE for Mac but has continued updating its Office for Mac suite.
http://www.eweek.com/article2/0,1759,1594289,00.asp
Apple to block Longhorn?
Apple Seeks Patent for Translucent Windows
May 17, 2004
By Matt Hicks
Apple is seeking a patent on a method for rendering translucent-appearing windows, technology that appears similar to features Microsoft has been previewing for its next major Windows release.
Apple Computer Inc.'s patent application, which dates back to November 2003, was published Thursday on the U.S. Patent and Trademark Office's Web site. By law, most patent applications become public record within 18 months of being filed, a patent office spokeswoman said.
According to the filing, the patent covers a method in which "information-bearing windows whose contents remain unchanged for a predetermined period of time become translucent." The translucency would intensify the longer a window's content remains unchanged, the patent application states.
The patent filing was first reported last week by The Mac Observer.
For its next Windows operating system, code-named "Longhorn," Microsoft Corp. has demonstrated translucent-appearing windows, said Matt Rosoff, an analyst at Kirkland, Wash.-based Directions on Microsoft.
Such a feature is part of the Aero user interface system in Longhorn, he said. The Redmond, Wash., software maker demonstrated Avalon (the graphics presentation system within Longhorn), as well as Aero, which runs atop Avalon, earlier this month during the Windows Hardware Engineering Conference in Seattle.
Representatives from both Apple and Microsoft declined to comment on the patent application. Cupertino, Calif.-based Apple has yet to be granted the patent, a process that can take years and can end without a patent being issued.
While the patent could pit Apple against Microsoft, Rosoff said he doesn't expect an intellectual-property fight between the companies. More likely, he said, the companies would work out a cross-licensing arrangement.
"Microsoft in the last couple of years has been pretty judicious about patents and about having patents in place and arranging swaps," Rosoff said. "I would be surprised if this turns into any sort of fight."
Read more here about Microsoft's patent battles.
The two companies do have a history of battling over key aspects of their operating systems. More than a decade ago, in 1992, Microsoft and Apple faced off in a copyright case. Apple had sued Microsoft over its use of such elements as windows, icons and menus in its Windows operating system. Microsoft eventually won.
The two companies also reached an unexpected agreement in 1997, in which Microsoft invested $150 million in Apple and agreed to continue developing versions of its Office productivity suite and Internet Explorer Web browser for the Mac operating system.
That five-year deal ended almost two years ago, and Microsoft has since stopped developing IE for Mac but has continued updating its Office for Mac suite.
http://www.eweek.com/article2/0,1759,1594289,00.asp
New Security Hole Found in OS X
May 18, 2004
By Ian Betteridge
A newly discovered hole in the Mac OS X operating system that could potentially allow hackers to access a user's files—and even delete them—has raised fresh doubts about the security of the platform.
The issue revolves around two URI handlers, "help" and "disk." The first allows any AppleScript on the user's machine to be run, while the second allows users to mount a disk image automatically over a network. In theory, this allows malicious users to create a Web page that will either download a small disk image onto a Mac or mount it remotely, then execute an AppleScript on the mounted image, which could contain any Unix command— including ones to remove any file in the user's Home directory. The flaw works with any browser, including Safari, Internet Explorer, and Firefox.
Apple representatives could not be reached for comment on the issue. One Mac user claimed he had alerted the company to the problem in February and has yet to receive a response. In the past, Apple has declined to offer any public comment on security holes until it has released a patch.
The news caps six weeks that have highlighted the potential for security flaws in OS X, raising questions over its reputation for being more secure than Windows. In April, anti-virus company Intego announced it had discovered what it claimed was "the first Mac OS X Trojan Horse," called MP3Concept. However, the company received heavy criticism from users when it was revealed that no example of the Trojan, which exploited the potential for embedding code in the ID3 tag of an MP3 music file, had been found in the wild.
Last week, the British magazine MacWorld discovered the first genuine OS X malware, an AppleScript application disguised as a demo for Word 2004. The malware, dubbed AS.MW2004.Trojan by Intego, was a simple 108KB AppleScript that took advantage of AppleScript's ability to execute Unix applications, running a command to erase the user's Home folder when opened.
Although the newly discovered hole represents bad news for Apple users, the platform still remains relatively unexploited compared with Windows. Commenting on the earlier Word Trojan, Denis Zenkin, head of corporate communications for Russian anti-virus company Kaspersky Labs, pointed to the sheer number of exploits, both simple and complex, for Windows compared with OS X: "During 15 years of our experience of battling against viruses we have accumulated hundreds of such Trojans for Windows."
For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzer's Weblog.
Nik Rawlinson, editor of MacUser magazine in London, said that the spate of security scares on the Mac was mostly hot air. "The Web went mad when news of the first Mac Trojan emerged and the usual pack of detractors came out to gloat," he said. "For most of us, though, it was no surprise it turned out to be a lot of excitement over not very much at all. Mac OS X remains the most secure operating system you can buy."
However, Thomas Kristensen, chief technology officer of security company Secunia, of Copenhagen, Denmark, cautioned Mac users against overconfidence about the level of security on OS X compared with Windows. "All operating systems and software have flaws, and it's dangerous to categorize one OS as more secure than another."
And, Kristensen said, the fact that Apple has concentrated on ease of use may well work against it in the security stakes. "Unless a system is built from the ground up with its focus on security, you're going to have plenty of holes. Apple's focus with OS X is ease of use first and foremost."
Check out eWEEK.com's Macintosh Center at http://macintosh.eweek.com for the latest news, reviews and analysis about Apple in the enterprise.
Copyright (c) 2004 Ziff Davis Media Inc. All Rights Reserved.
hawkshaw, I am completely unqualified...
...to comment. Sorry.
This is a new and evolving market. If the iPod becomes the insertation point I suspect a lot more machines will be moving in behind them.
OT, but interesting IMO, Founder & Apple to Deliver World's Best Digital Music Experience to Chinese Customers
Tuesday May 18, 4:30 am ET
CUPERTINO, Calif. and BEIJING, May 18 /PRNewswire-FirstCall/ -- Founder, one of the largest PC suppliers to the Chinese market, and Apple® today announced that every Founder PC will come pre-installed with Apple's award-winning iTunes® digital music jukebox software beginning next month. iTunes works seamlessly with Apple's iPod®, the number one digital music player in the world, to deliver an unbeatable combination for music lovers in China. With iTunes, Founder PC users can easily import music from CDs, create custom playlists, burn custom CDs and take their entire music collection with them on their iPods.
"Digital music is becoming very important in the Chinese PC market, and Apple's iTunes is the runaway market leader," said Wei Xin, chairman of Founder Group and Founder Technology. "As the first Chinese company to bundle this innovative software with our PCs, we are excited to provide our customers with the world's best digital music experience."
"Around the world, iTunes has revolutionized the way people manage and listen to their digital music," said Rob Schoeben, Apple's vice president of Applications Marketing. "We are teaming up with Founder to deliver an easy-to-use, seamless music experience to millions of Chinese customers."
iTunes for Windows includes all the same great features that made it the best digital jukebox software for the Mac®-no hidden charges for extra features, MP3 and pristine quality AAC encoding from audio CDs, Smart Playlists, and the ability to burn custom playlists to CDs and MP3 CDs, burn content to DVDs to back-up an entire music collection and share music between computers via Rendezvous(TM) over any network, cross-platform. Further information about Apple's digital music products can be found at www.apple.com/itunes and www.apple.com/ipod.
As an IT group specialized in software and hardware, access equipment, solutions and services, Founder Technology is committed to high-tech, high-quality innovation and development. Supported by the Beijing University and Founder Group, Founder Technology has been actively innovating its existing products and business, and its vision is to become a large IT enterprise with specialized manufacturing facilities and product lines, effective management systems, as well as strong R&D capabilities. Founder Technology is engaging in various international cooperation projects and on the way to becoming an international group. Further information about Founder can be found at www.foundertech.com.
Apple ignited the personal computer revolution in the 1970s with the Apple II and reinvented the personal computer in the 1980s with the Macintosh. Apple is committed to bringing the best personal computing experience to students, educators, creative professionals and consumers around the world through its innovative hardware, software and Internet offerings.
NOTE: Apple, the Apple logo, Macintosh, Mac, Mac OS, iTunes, iPod and Rendezvous are either registered trademarks or trademarks of Apple. Other company and product names may be trademarks of their respective owners.
http://biz.yahoo.com/prnews/040518/sftu092_1.html
Why Windows is a Security Nightmare
by latif [May 16, 2004]
Security in all mainstream operating systems is non-existent; however, things are especially bad for Windows. Windows happens to be the favorite target of worm and virus writers. Conventional wisdom suggests that the huge installed base of Windows helps spread the worms and viruses, and also makes it a highly attractive target for worm/virus writers. The installed base of Windows certainly has an undeniable effect on the prevalence of malware on Windows, but this is not all there is to it.
Worms and viruses are so stunningly effective on Windows only because Windows provides some atrocious functionality which makes it easy for worms to strike. It might seem counterintuitive but Windows Registry, and a misdesigned Windows Update are the primary culprits that create a hospitable environment for worms and other malware.
A typical Windows system follows a simple lifecycle: it starts out with a clean Windows installation, which gradually deteriorates as programs are installed, and uninstalled. Eventually, the Windows registry accumulates so much crud that the user is forced to do a clean install. When a user does a clean install that user's system loses all the previously applied security updates, and becomes a sitting duck for worms and other malware.
Things wouldn't be so bad if the user was able to update the new system with security patches painlessly, but Windows Update makes it very hard to do so. My personal experience with the killer duo is an enlightening example of how all of this works.
I purchased a Thinkpad X21 with Windows 2000 Professional in January 2002, and since then have gone through three clean install cycles. After the second cycle I decided to stick with a deteriorating installation no matter what happened.
As expected, pretty quickly the registry started accumulating all sorts of rubbish, and the system started exhibiting strange bugs. First Mozilla stopped working; reinstallations, uninstallations, upgrades did not resolve the problem, so I switched to Opera.
A few months later Windows explorer started to hang on folder right click. I did my best to search for a solution to this problem on the internet, but never managed to find a solution. Resigned, I eventually learned to avoid right clicks on folders, and became adept at killing and reinvoking the explorer process after an inadvertent forbidden click.
Then I made the mistake of installing VMWare 30 day demo on my system. As soon as I booted Linux under it as a guest OS, the the sound card went bonkers, and started producing high pitched screeching sounds. I tried reboots which didn't work; as a last resort I uninstalled VMWare but that didn't work either. This forced me to lower the volume of the speakers to muffle the screeching, but I continued using the same setup.
Finally, I had the bright idea of downloading a registry cleaner to fix things. The product I downloaded turned out to be some pathetic crippleware, and I uninstalled it. Well, that was the fatal fatal mistake; the next time I rebooted, Windows refused to load. Safe mode, last known good configuration, etc., all failed, and so I was forced to do a clean install.
As expected the clean install took care of the bugs. However, it also got rid of all the security updates. I immediately connected to Windows update to download the service packs, and the critical updates. Rather quickly I was welcomed by Messenger Service spam. The Messenger Service spam was only a minor inconvenience as I knew how to turn it off; however, within a short while I got a message from Windows saying that svchost.exe had crashed: the Blaster worm had struck.
The Blaster worm attacks Windows XP, and Win2K systems. In order to infect a system the worm needs to send the correct payload for the respective OS. The worm is not able to differentiate between the XP and Win2K so it randomly guesses the OS type; however, if it guesses wrong the RPC service crashes, and Windows reports it as a crash of svchost. The Blaster attack was quite a surprise as the major outbreak of the worm occurred back in August 2003, and I was expecting all infections of the worm to be fixed by now.
I was in no position to do anything about the Blaster attack, so I continued downloading the 35 MB service pack 4 over my dialup connection. It took me a couple of hours to download it, but Windows Update refused to install it; Windows Update probably needed some functionality provided by the crashed svchost.exe.
I rebooted and connected to the internet, which was a mistake as I was giving the worm a second chance to infect my system. Anyway, I proceeded to Windows Update, and tried the same download again. Alas, Windows Update had forgotten all about the 35 MB it had downloaded previously, and started downloading the same stuff all over again. Worse, the Blaster worm crashed svchost again, and I had to discontinue the download.
I knew about the existence of a standalone security update to patch the vulnerability Blaster exploits, so I decided to bypass Windows Update and download it directly. The download was small less than 1MB, but as soon as I tried running it I learned that it requires at least service pack 2 to install, which I didn't have.
Microsoft provides a separate download for service packs as well, and I decided to download the latest service pack, service pack 4. Well, the standalone service pack 4 distribution turned out to be a mammoth 129 MB download. This is about the maximum I have ever downloaded over a dialup connection; a download of this size can easily take 10 or more hours to complete.
Downloading a large file over dialup requires the ability to resume downloads which Internet Explorer does not provide, so I downloaded Wget to acquire that ability. Wget is a commandline tool and is invoked by calling it with the URL name. I tried pasting the URL on the command line, but it turns out that the cut and paste functionality disappears after a blaster attack, so I was forced to manually type the URL.
Normally, typing a URL is not a big deal. Everyone types URLs all the time, and I do too, but I do mind typing gibberish strings of 95 characters like the following:
http://download.microsoft.com/download/E/6/A/E6A04295-D2A8-40D0-A0C5-
241BFECD095E/W2KSP4_EN.EXE
To cut a long story short I managed to download and install the service pack, and the Blaster security update. Finally, the Windows Update started working and after another 30-40 MB of downloads, and 3 or so reboots, I managed to installed the 18 security updates available there (another 5 have been added to that number as of now).
After this experience I cannot help but laugh at the 'usability' problems Windows users are reporting about GNOME and KDE. It has become pretty clear to me that Windows users are so accustomed to usability problems that they don't even recognize them as usability problems. But, as soon as these people move to a different environment they start complaining simply because the new environment does not replicate the features and bugs of Windows exactly.
The other big lesson from all this is that most Windows users are incapable of 'securing' their systems. This is precisely why an unprotected system gets attacked in a matter of seconds, and spammers are still sending out Messenger service spam. Worse, Microsoft is directly responsible for this state of affairs. Windows encourage users to reinstall it every once in a while, and when they do, Windows Update actively prevents users from updating their systems.
The whole idea of Windows Update is a joke. Using an unreliable and insecure network as the primary means of distributing security updates is simply idiotic. This is like asking people to walk through a minefield to get to a shelter. I was able to download security updates off the internet only because the current generation of worms are not particularly malicious; they are just minor irritants.
If Microsoft is serious about Windows security it needs to fix Windows Update, and get rid of the damned Registry for good. Unfortunately, Microsoft's approach is to layer half baked fixes over utterly broken things to keep them going for as long as possible. Microsoft knows that there is a problem with the Registry, but the way it is dealing with it is by offering Registry rollbacks, and similar worthless functionality.
I did a search on Google for "System Restore Does Not Work" and as anticipated there are plenty of complaints about XP's System Restore functionality. Furthermore, such approaches even if they somehow became reliable would still not work. There is a very simple reason for that, users cannot reliably associate the problems they are experiencing with changes in the Registry. For instance, if svchost crashes how is a user to know whether changes in the Registry caused it or a worm caused it? The extra functionality will likely lead to futile rollbacks and additional frustration for the users.
The upcoming SP2 update for Windows XP is another good example of a clueless fix. According to the reports I have read SP2 will enable the XP firewall by default, and will also include many nifty features to protect the system. It is pretty obvious that such updates cannot work in the presence of the Windows Registry. Windows users who install any kind of software will sooner or later be forced to downgrade because of registry problems, and when they do they will get fried.
I am not saying Microsoft should not do what is doing, but it should focus on the more important things first. For the short term the correct approach is to fix Windows Update so that users aren't forced to connect to a network to get security updates. Windows update should encourage users to create a Windows Update CD that contains all the security updates the user has downloaded so far. The CD should contain a setup routine that is capable of installing all the updates in an automated fashion without requiring user intervention. Inevitably, when the user downgrades he/she can use that CD to update the system, and then connect to a network to download any further updates. Such a CD should be shareable amongst users, so that if someone doesn't have an update CD, he/she can simply get one from a friend or an acquaintance.
Actually, Microsoft does offer a security update CD, and is willing to ship it to customers free of charge. But, as always Microsoft has made a mockery of a decent idea. First of all, 2-4 weeks are needed to deliver the CD. Then there is the problem of availability, the CD is not available everywhere (I live in Pakistan, and the CD is not available for Pakistan). Also, the CD Microsoft is offering is horribly out of date. There is no fix for this last problem, if Microsoft starts updating the CD every other week, then people will start asking for a new CD every other week. Obviously, shipping a CD to every customer every few weeks is quite an expense, and Microsoft doesn't want that. So, the Microsoft Update CD is there just for moral support.
Overall, Microsoft is flat-out confused about how to deal with Windows security problems. The recent decision to disallow pirates access to Windows XP SP2 is another action reflective of that confusion. I can't understand why Microsoft is so jittery about supporting pirates. Microsoft's paying customers are suffering because of insecure Windows systems; therefore, Microsoft's first priority should be to get the worm infected systems fixed. If this requires distributing security updates to pirates so be it.
Microsoft really needs to look beyond short term remedies to solve security problems. The company has to move away from its Windows roots in order to create a secure operating system environment. Microsoft has a huge research and development budget, and it just doesn't make sense why it cannot develop a security centered OS.
http://www.techuser.net/index.php?id=47
hawkshaw, and that is exactly why I...
...have been known to split 10's when the dealer has a 3, 4, 5, or 6 showing.
I play to win. Many play not to loose. Why play if you are just protecting and not seeking to win?
However, this is easy for me to say...
If you haven't seen it, you might be interested...
Transmeta Efficeon Defends Against Virus and Worm Attacks on Microsoft Windows XP
Monday May 17, 6:00 am ET
First Energy-Efficient Processor to Provide 'No Execute' Support
SANTA CLARA, Calif.--(BUSINESS WIRE)--May 17, 2004--Transmeta Corporation (Nasdaq:TMTA - News), the leader in efficient computing, today announced that its Efficeon microprocessor family will offer increased protection against many of the most common types of virus and worm attacks. This capability will be provided in conjunction with the Execution Protection feature shipping from Microsoft in the forthcoming Windows XP Service Pack 2 (SP2). New Efficeon processors scheduled to ship in mid-year 2004 and beyond will include "No Execute" (commonly known as "NX") support as a standard feature.
In response to the growing threat of malicious virus and worm attacks on the Internet, Microsoft has announced plans for an upcoming release of Windows XP SP2, which will feature an integral virus protection feature known as Execution Protection, enabled only on systems with specific processor support. The Efficeon processor will provide this capability to protect against the execution of code from memory regions intended for data.
"Transmeta's support for 'No Execute,' working in conjunction with the safety features of Microsoft's Windows XP SP2, will significantly reduce computer vulnerability to some of the most prevalent malicious code attacks," said Matthew R. Perry, President and CEO of Transmeta Corporation. "Our release of cutting edge features aligned with Microsoft's release of Windows XP SP2 yields a crucial solution for the future of computer security."
Transmeta is providing advance versions of Efficeon-based systems with "No Execute" support to Microsoft this month for internal evaluation and use.
"Transmeta's unique software-based architecture can be rapidly extended to include new processor enhancements," Perry explained. "We were able to support Microsoft's Execution Protection functionality without silicon changes, entirely within our Code Morphing Software -- the proprietary software that provides complete X86 functionality on our efficient VLIW processor hardware. Our architectural flexibility and the time-to-market benefits it enables are unique advantages that Transmeta provides, offering leading edge features to consumers and corporate customers more rapidly."
"Microsoft is always working to perfect our code, but with Windows XP SP2 we felt we needed a more holistic approach -- one that involved hardware," said Jim Allchin, Group Vice President of Platforms at Microsoft Corporation. "By putting some of our best engineers together, Microsoft and companies like Transmeta have implemented Data Execution Protection. Customers using Transmeta's new Efficeon processors will be much safer from attacks, since the processors and Windows XP SP2 will help prevent a whole class of malicious code from running at all."
Some of the most devastating attacks, such as the recent Sasser worm and last year's Blaster and Welchia worms, as well as many other malicious programs, attack computers by attempting to insert and execute code from data regions. The Execution Protection feature in Windows XP SP2 leverages the Efficeon processor's "No Execute" support to stop this malicious code immediately if it attempts to execute. This combination of features will offer significant improvements against software worms and viruses, providing increased security for end users.
"'No Execute' support guards against many of the most common and most devastating viruses and worms to date," said Rob Enderle, Principal Analyst for the Enderle Group. "These threats include the Blaster worm, which infected 1.4 million computers, racking up a cost of over $1 billion, and the Code Red which US Today estimated cost approximately $1.2 billion."
Transmeta's Efficeon microprocessor will be the first energy-efficient processor to provide support for the "No Execute" capability, fully leveraging all virus and worm security improvements in Windows XP SP2.
About the Transmeta Efficeon Processor
The Transmeta Efficeon processor is designed to provide power efficiency, design flexibility, performance-on-demand and low cost to meet the need of the next generation of mobile, wireless, and embedded devices. It includes three new high performance bus interfaces: an on-chip HyperTransport(TM) bus interface for increased input/output efficiency, an on-chip Double Data Rate (DDR) SDRAM memory interface for increased throughput, and an on-chip AGP graphics interface for high performance graphics solutions. These new interfaces allow Efficeon to achieve more work per clock, which results in greater energy efficiency and longer battery life for mobile computer users. The Transmeta Efficeon processor's dynamic LongRun® power management features and integrated architecture are designed to give system designers and marketers a wide range of choices in creating products that deliver added value, functionality, security, comfort, reliability, and cost savings to end users.
http://biz.yahoo.com/bw/040517/175306_1.html
The Testimony of Mr. George Gilder
Senior Fellow, Technology and Democracy Project, Discovery Institute
Mr. Chairman and Senator Hollings, thank you for the opportunity to appear before your committee today. Your selected topic is crucial to the well-being of the U.S. and global economies, and I appreciate your deep interest in the subject.
Overthrowing matter and media with the new worldwide web of glass and light and air should be a happy and defining event in the history of man. Global information networks offer unprecedented potential opportunities for economic growth, cultural revival, and individual freedom and empowerment. Yet the United States has in large part blocked the path of the technologies and companies needed to consummate this vast new infrastructure of chips, fiber optics, antennae, digital storage, and software.
Although American companies invented almost all the technologies crucial to the Internet, we have fallen behind many other nations in the deployment of these technologies.
The U.S. now ranks eleventh internationally in residential “broadband” access. Using the FCC’s silly 200-kilobit-per-second definition, some now say that 25 percent of American homes have broadband. But by the standards of Asia—where most citizens enjoy access speeds 10 times faster than our fastest links—U.S. residences have no broadband at all. U.S. businesses have far less broadband than South Korean residences. South Korea, for instance, has 40 times the per capita bandwidth of the U.S. Japan is close behind Korea, and countries from China to Italy are removing obstacles to the deployment of vDSL, fiber-to-the-home, and broadband wireless networks.
Asian broadband also proves there was no Internet “bubble.” Today, Korea runs over the net between a three and five times larger share of its economy than we do. Riding the bus to work, Koreans watch television news and exchange video mail over their mobile phones. They enjoy full-motion video education and entertainment in their homes. Many of the dot-coms that failed in America due to the lack of robust broadband links are thriving in Korea. Consider that by this time next year Verizon Wireless’s 38 million customers will enjoy faster Internet access via their mobile phones than through their Verizon DSL connections to their homes. Only the most severe disincentives to invest could have yielded such a result, which defies the laws of physics. The American Internet “bubble” was actually a crisis of policy.
The Telecom Act of 1996 was meant to “deregulate” America’s telecom infrastructure and technologies, the most dynamic sectors in the entire world economy. But after the usual lobbying and horse-trading, the Act turned into a million-word re-regulation of the industry. Regulatory actions by the FCC and the 51 state utility commissions greatly exacerbated the bad parts of the Act and distorted many of the good parts. As I predicted the day after it was enacted, the result was a carnival of lawyers, micro-mis-management by bureaucrats, price controls, the socialization of infrastructure, the screeching halt of innovation and investment in the “last-mile” local loop—and the Great Telecom and Technology Crash of 2000-2003.
In the last year or so, the FCC has partially reversed some of its most egregious errors. Some are still being adjudicated in the courts. But U.S. telecom remains a highly regulated, highly taxed sector of our economy. The mistakes of the last 10 years have greatly harmed the U.S. economy, and continued gridlock and inaction threaten to shift American leadership in technology to Asia, which has embraced the Internet with open arms.
Today, just as the telecom and technology sectors exit a three-year depression, we are in danger of repeating the very worst mistakes of the 1996 Telecom Act, but this time on an even grander scale. In today’s testimony I will address and refute one particular proposal that is being offered as the basis for the new telecom legislation. In doing so I hope also to offer an alternative vision.
The new “big idea” in telecom regulation comes from a host of learned and experienced telecom thinkers: the likes of former FCC authority Kevin Werbach, Stanford law professor and technology author Lawrence Lessig, industry analyst Roxanne Googin, and IPioneer Vint Cerf, to name just a few.
The idea is mandated “open access” to the logical layers of the network, and it is embodied in a new legislative proposal by MCI, “A Horizontal Leap Forward: Formulating a New Public Policy Framework Based on the Network Layers Model.” A horizontal layers approach would supposedly be a radical shift from the “vertical silos” approach now used, where telephony, cable, and wireless, for example, are regulated based on historical industry definitions, not generic functional categories. The common denominator of Internet Protocol (IP)—supposedly the basis for all future communications networks—is said to necessitate the new layered regulatory approach.
Barely recovering from the FCC’s TELRIC and UNE-P “open access” mandates that chopped up and assigned ownership rights to the physical infrastructure—the hardware—of the Net, we now face the prospect of rigid reassignment of content, applications, services, and protocols, too.
Whatever it is called, it represents more micromanagement of a dynamic industry in the midst of major technological transitions.
The new proposal feeds on fear—fears that cable TV companies or the Bells might seek to leverage their broadband networks by wrapping content into their conduits, or that Microsoft might keep “tying” new applications into Windows, or that Google might monopolize information on the Net (yes, there is already an organized effort to turn Google into a public utility). MCI’s layering proposal defines rigid boundaries between content (voice, text, video), applications (e-mail, browsers, VoIP), protocols (TCP/IP, HTTP, FTP), and infrastructure (wires, switches, spectrum, PCs, handsets). In a paper entitled “Codifying the Network Layers Model,” MCI proposes to “quarantine” major providers of one of the layers within that layer, and to prohibit them from vertically integrating into another layer unless they offer wholesale open access to all competitors. Lessig, MCI, and company worry that the “end-to-end” nature of the Internet—where any terminal attached to the net can be reached from any other terminal--will be threatened if these new layering rules are not adopted.
Layering proponents, however, make a fundamental error. They ignore ever changing trade-offs between integration and modularization that are among the most profound and strategic decisions any company in any industry makes. They disavow Harvard Business professor Clayton Christensen’s theorems that dictate when modularization, or “layering,” is advisable, and when integration is far more likely to yield success. For example, the separation of content and conduit—the notion that bandwidth providers should focus on delivering robust, high-speed connections while allowing hundreds of millions of professionals and amateurs to supply the content—is often a sound strategy. We have supported it from the beginning. But leading edge undershoot products (ones that are not yet good enough for the demands of the marketplace) like video-conferencing often require integration.
Metaphors from the Telecosm help explain the fluid nature of these layers that MCI wants to preserve in concrete. Consider Corvis, our favorite optical equipment company and national fiber optic bandwidth provider. It blows apart the MCI approach on several fronts. First is CEO David Huber’s architecture of an all-optical network, devoid of electronic regenerators and protocol readers, which unites content and conduit by using colors of light both to bear the message and to determine the path of the circuit. It radically collapses the top layers of the OSI (Open Systems Interconnection) stack used in the Sonet voice and data networks of the past, not so much redefining the interfaces as transcending them. A “switchless” web of always-on fixed lambdas (wavelengths of light) can function as both the physical and logical layers of the Net because the intelligence is embedded in the path. There will be some controlling devices at the edge of the network, and IP will still be widely used, but the heyday of IP packet switched networks may well be over. Typically government enshrines the past in the name of progress. In uniting Corvis, a cutting edge equipment provider, with Broadwing, an infrastructure builder and service provider, Huber is also betting that IP networks are not inherently modular, where equipment from a thousand providers can easily be cobbled together to deliver high-bandwidth, low-latency services, but that networks are still in fact in an era of undershoot where an integrated provider can deliver a superior product at a much lower cost.
Our favorite digital chip company, EZchip, also explodes the idea that the layers of the Net can always be defined and “quarantined.” Where until now data flowing through the seven layers and numerous sub-layers were parsed and modified by a gaggle of hundreds of chips connected by thousands of wires and glue-logic galore, EZ puts all seven layers of the OSI stack onto one-chip, performing all the essential functions of an Internet router on a single sliver of silicon. The “layers” are once again transcended when EZ’s software tools allow programmers to tell the chip what to do without even referring to the rigid layers, channelizations, protocols, and interfaces used in the previous software environment. Is this fair? Should EZchip be allowed to invade someone else’s turf, perhaps that of Cypress’s high-end content addressable memories (CAMs) or Broadcom’s Silicon Spice communications processors or the sacred code of the OSI idol? Or to blow apart someone’s whole field, like EZ could one day do to the many providers of communications ASICs (applications specific integrated circuits), or to Internet router king Cisco itself? It might be said that the “layering” proposals now in circulation are yet another (if more clever) attempt by competitors to target the Bell telephone and cable TV companies. Indeed, MCI’s own paper implies the cable companies (bundling network, ISP, and content) and the Bells (bundling network, ISP, and voice) are already stomping all over the layers, creating a muddy (and hopefully one day illegal!) mishmash of vertical integration. What a coincidence that the activities of its rivals violate MCI’s framework and cry out for cleansing and re-ordering (read structural separation, consent decrees, price controls, divestiture) by new teams of FCC horizontalawyers and IPolice.
But if the proposals are meant as anything more than political lobbygagging of rivals, if the proponents really mean their model legislation as a principled, generic set of rules, then we must consider the logical consequences of such new laws. If applied dispassionately, how would such general rules affect the rest of the Internet, communications, and technology industries?
Should Google be able to leverage search into Gmail, or to supply content using its proprietary algorithms and its physical network of 100,000 servers? Shouldn’t any rival search provider be able to feed off of Google’s advanced infrastructure? After all, wouldn’t it be impossible to recreate Google’s massive web of global intelligence? Doesn’t Google’s superior infrastructure exhibit “market power”? Might Google actually evolve into a general provider of web-based information management services, rivaling the PC-based Microsoft, or should Google be “quarantined” as a search provider? Or maybe we should structurally separate Google into three companies: an infrastructure provider (its 100,000 networked servers plus algorithmic IP), a content/advertising company, and an information services company (Gmail plus future knowledge management applications). Surely FCC bureaucrats can make these easy distinctions and explain the resulting penalties to weary entrepreneurs who have just spent 10 years of their life building a new service that people really like.
Should Sony be able to demand that its PlayStation gamers get access to Microsoft’s Xbox Live online video game network? Should Amazon be able to aggregate and make searchable the text of hundreds of thousands of books? Should Sprint PCS or Verizon Wireless be allowed to develop specialized content delivery platforms or applications that take advantage of their superior wireless data networks? Sprint was the first to build its own photo-sharing platform, and it is apparently the most user-friendly wireless photo-sharing system. Can we let such infrastructure-leveraging stand? What if Equinix (the data center company that almost defines of the integration of the physical, protocol, application, and content layers of the Net) succeeds in becoming the overwhelming meeting place (peering point) for the world’s network, e-commerce, and content providers? Network economics suggest the concentration of all the largest Internet players in Equinix facilities is possible, or even likely. If Equinix achieves such “market power,” are we to assume that other “virtual data centers,” like the CLECs before them, could force Equinix to “open up” its hosting facilities so that the new virtual competitors can offer services over infrastructure they did not build? Why should anyone build risky and expensive new infrastructure if it can be readily used by competitors. What about Microsoft integrating easy-to-use voice-over-IP software into its next operating system? Should Microsoft rival Real Networks be barred from aggregating music and video for download with its RealPlayer multimedia suite? All of these are, to one degree or another, inter-layer integrated products and services.
Proponents of “layering, or “Net neutrality,” or a free Internet “commons,” assume there is one network, that it is sufficient and timeless, that no new networks are possible or needed. They want innovation on the edge, in the form of software apps and Wi-Fi attachments. Innovation in the core is either assumed or ignored. The logical conclusion, however, is that since the “best network”—the free commons—cannot make any money, there will be no network. And just how much innovation at the edge will there be if there is no innovation—no bandwidth—in the core? MCI’s “horizontal leap” asks authorities to pursue vigilantly those who would exploit “network choke points” or take advantage of “network effects.” In industries where “entities seek to obtain market power” (i.e., seek to make money in a business enterprise), policymakers need to ensure four things: “open architecture, open access, universal access, and flexible access.” When imposed by regulators or courts in a national capital, these four euphemisms boil down to one hard reality: socialization and micromanagement of the “architectures” and “access” networks built by others.
The ability to tie and merge and break apart and outsource products, services, and technologies are the very stuff of business. As is the ability to pursue an unguaranteed return on one’s risky investment. As is the decision how to price these products and services. Some services will be bundled. Some will be free, loss leaders to leverage the purchase at another point of sale. But the entire system cannot be free. Everybody else’s product or service, except one’s own, cannot be a commodity, barred from bundling or profit.
The companies that enable this broadband world will be able to charge for it during the years that they provide the optimal service. Their initial margins will be high. When communications becomes a commodity, as it eventually will, the margins will drop. This is not a catastrophe. No one has a right to high margins for a commodity service. But the Telecosm is still an arena of innovators, such as Corvis, EZChip, Qualcomm, Verizon Wireless, Essex, AFCI, Agilent, and hundreds of others, who will enjoy large monopoly rents until their inventions are standardized and commoditized and the leading edge moves elsewhere. The telecom industry is nowhere near some mythical paradox of perfection or cul de sac bargain basement of commoditization. It is still engaged in a thrilling adventure of putting together worldwide webs of glass and light that reach from your doorstep or teleputer to every other person and machine on the planet. It is long distance and it is local, it is packetted and circuited, it is multithreaded and aggregated, it is broadband and narrowcast, all at once. These crystal palaces of light and air will be hard to do and the world will reward the pioneers who manage to build them. The real threat to monopolize and paralyze the Internet is not the communications industry and its suppliers, but the premature modularizers and commoditizers, the proponents of the dream of some final government solution for the uncertainties of all life and commerce.
http://commerce.senate.gov/hearings/testimony.cfm?id=1166&wit_id=3340
Paltrow gives birth to baby girl [named Apple]
Saturday, May 15, 2004 Posted: 8:03 AM EDT (1203 GMT)
LOS ANGELES, California (AP) -- Oscar-winning actress Gwyneth Paltrow has given birth to her first child, a baby girl named Apple Blythe Alison Martin.
http://www.cnn.com/2004/SHOWBIZ/Movies/05/15/paltrow.baby.ap/index.html
Blue, thank you very much! eom
Tidalwave, actually I have not read the posts on this thread for a day or two. I have been rather busy.
Rest assured that had some information come to light that would have resulted in the "hockey stick" chart I would not have posted. I have been busy with something else and I have been 100% committed in that direction.
There is nothing more I can do regarding Wave. The die is cast and it is either execution or not.
So, as far as the company, technology, marketplace, or future, please do not put much stock in anything I have to say. I am not giving this the attention I once did.
Tidalwave, you asked me to make a public statement about the cc...
...Well, I have not heard it so I can't comment on it.
As for Wave's fate - you can be sure if I knew the answer I would be smarter than I am. There are a few here that can attest to my lack of intellect in things related to wave.
So to answer your second question - I have no comment.
Wave Systems Corp · 10-Q · For 3/31/4
http://www.secinfo.com/d11MXs.1e6k.htm
Mac Trojan Set Loose—More to Come?
May 13, 2004
By Ian Betteridge
The first malicious Trojan for Mac OS X has been found in the wild, leading some to claim the platform may be on the verge of increased attention from virus writers.
The Trojan—dubbed AS.MW2004.Trojan by anti-virus company Intego—was first discovered by a reader of British Mac magazine MacWorld. It takes the form of a file purporting to be a version of the newly released Office 2004 for Mac and is available on download services such as LimeWire.
However, despite appearing with a legitimate-looking icon, the Trojan is in fact a simple AppleScript application that, when run, erases the contents of the user's Home folder. And, unlike the real release of Office 2004, the application is only 108KB in size.
For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzer's Weblog.
After being alerted to the existence of the Trojan, Microsoft Corp. issued a statement saying, "Microsoft does not currently offer any Web downloads for Office 2004. When looking for product enhancements from Microsoft customers should always download from www.microsoft.com/mac or use the new auto-update tool in Microsoft Office 2004 for Mac."
And Apple Computer Inc. was quick to respond, seeking to reassure Mac users concerned over the potential of the Trojan. "This is not a virus, does not propagate itself and has only been found on a peer-to-peer network," said a company spokesman. "This is an example of the perils of seeking illegal software."
This view of AS.MW2004.Trojan was backed by Denis Zenkin, head of corporate communications at anti-virus vendor Kaspersky Labs. "It is definitely not a virus because it has no ability for infecting other files. Ability to propagate is a feature inherent to other types of malicious programs—worms," he said.
However, some commentators said Mac users should not become complacent. "A small number of virus writers are showing an increased interest in Unix, and there have been Unix worms that have spread in the wild," said Graham Cluley, senior technology consultant at anti-virus company Sophos. "For this reason Mac OS X users should not think they have nothing to worry about moving into the future."
Zenkin, though, downplayed the Mac's potential as a future virus target: "We believe there are three conditions for malware to exist within an operating environment," he said. "Firstly, it should be widespread in order to cover a number of virus writers. Secondly, it should be well-documented and provide easy-to-use tools for development of user applications. Thirdly, it should not be well-protected. With Mac OS X, the first condition is not really fulfilled—this operating system is mainly used by professionals who have more important things to do than creating viruses. So we do not expect Mac OS to be a platform for future virus development."
http://www.eweek.com/article2/0,1759,1591850,00.asp?kc=ewnws051304dtx1k0000599
Nestle leads the way, and now I suspect others will step up to the plate. eom
PinzaTodd, re: Supercomputer...
Through a formal call for applications, Apple will award five fully-provisioned, all-inclusive Apple Workgroup Clusters for Bioinformatics to five scientific researchers in the United States. A panel of distinguished scientists will help Apple review and select the five best applications. The recipients will be announced at Apple’s Worldwide Developers Conference (WWDC) on June 29, 2004. The application deadline is midnight PDT on June 13, 2004, per the Terms and Conditions of this program.
Panel of Application Judges
Erik Lindahl, Ph.D., Assistant Professor, Stockholm Bioinformatics Center, Stockholm University
Michael Athanas, Ph.D., Principal, The BioTeam, Inc.
William van Etten, Ph.D., Principal, The BioTeam, Inc.
Elizabeth Kerr, Ph.D., Director, Science and Technology Markets, Apple Computer, Inc.
Robert Kehrer, Partnership Manager, Apple Computer, Inc.
Matt MacInnis, Research and HPC Manager, Apple Computer, Inc.
Pear Urushima, Manager, Science and Technology Markets, Apple Computer, Inc.
We’ll select the best applications based on the applicant’s scientific record, the likelihood that this project will discover something novel using the award and the likelihood that this research focus would yield methods or discoveries applicable to the broader life science community.
http://www.apple.com/science/clusteraward/
United States Patent Application
20040055446
Kind Code
A1
Robbin, Jeffrey L. ; et al.
March 25, 2004
Graphical user interface and methods of use thereof in a multimedia player
Abstract
In a portable multimedia device, a method, apparatus, and system for providing user supplied configuration data are described. In one embodiment, a hierarchically ordered graphical user interface are provided. A first order, or home, interface provides a highest order of user selectable items each of which, when selected, results in an automatic transition to a lower order user interface associated with the selected item. In one of the described embodiments, the lower order interface includes other user selectable items associated with the previously selected item from the higher order user interface.
Inventors:
Robbin, Jeffrey L.; (Los Altos, CA) ; Jobs, Steve; (Palo Alto, CA) ; Wasko, Timothy; (High River, CA)
Correspondence Name and Address:
BEYER WEAVER & THOMAS LLP
P.O. BOX 778
BERKELEY
CA
94704-0778
US
Assignee Name and Adress:
Apple Computer, Inc.
Cupertino
CA
Serial No.:
282861
Series Code:
10
Filed:
October 28, 2002
U.S. Current Class:
84/615
U.S. Class at Publication:
084/615
Intern'l Class:
G10H 001/18; G10H 007/00
Claims
What is claimed is:
1. A method of assisting user interaction with a multimedia asset player by way of a hierarchically ordered user interface, comprising: displaying a first order user interface having a first list of user selectable items; receiving a user selection of one of the user selectable items; and automatically transitioning to and displaying a second order user interface based upon the user selection.
2. A method as recited in claim 1, wherein the second order user interface includes a second list of user selectable items associated with the selected item.
3. A method as recited in claim 1, wherein the second order user interface is a proper subset of the first order user interface.
4. A method as recited in claim 1, wherein the first list of user selectable items includes at least a playlists item, an artists item, and a songs item.
5. A method as recited in claim 4, wherein when the selected item is the playlists item, then the second list of user selectable items includes a list of configurable playlists.
6. A method as recited in claim 4, wherein when the selected item is the artists item, then the second list of user selectable items includes a list of all artists and a list of particular artists.
7. A method as recited in claim 4, wherein when the selected item is the songs item, then the second list includes a list of all songs.
8. A method as recited in claim 1, wherein the transitioning is pathwise bidirectional.
9. In a portable media asset player, a method of selecting and playing a media asset from a group of media assets stored therein, comprising: displaying at a first user interface displayed on the portable media asset player a first number of items each of which is associated with a particular grouping of the stored media assets; receiving a selection of one of the first number of items; automatically transitioning to a second user interface displayed on the portable media asset player based upon the selected one of the first number of items wherein the second user interface includes a second number of items each of which is associated with the selected item.
10. A method as recited in claim 9, further comprising: selecting one of the second number of items; automatically transitioning to a third user interface displayed on the portable media asset player based upon the selected one of the second number of items wherein the third user interface includes a third number of items each of which is associated with the selected one of the second number of items.
11. A method as recited in claim 10, wherein when each of the second number of items corresponds to a particular media asset, then the second interface includes selected media asset information.
12. A method as recited in claim 9, wherein when the selected media asset is an MP3 file, then the selected media asset information includes a song title, a song artist, a song album, a song length, and a stack position indicator indicative of the relative position of the selected MP3 file with regards to other stored MP3 files in the media asset player.
13. In a portable, pocket-sized multimedia asset player, a method of selecting and playing an multi media asset from a group of multimedia assets stored therein, comprising: displaying at a home interface, a playlist list item corresponding to a number of playlists stored in the multimedia asset player, wherein each playlist is a user customizable group of multimedia assets, an artists item corresponding to all of a number of artists each of which is associated with at least one of the stored multimedia assets, and a songs list item associated with each of the stored multimedia assets; highlighting a desired one of the playlist list item, the artists item, or the songs list item; receiving a selection of the highlighted item; and automatically transitioning to a second interface based upon the selected item.
14. A method as recited in claim 13, wherein when the selected item is the playlist list item, then the second interface is a playlist interface that includes at least one selectable playlist item associated with at least one playlist, wherein the playlist points to a group of songs or a group of artists or a group of albums or any combination thereof.
15. A method as recited in claim 14, further comprising: receiving a selection of the playlist item; automatically transitioning to a third interface that includes a selectable list of songs corresponding to the song playlist when the selected playlist item corresponds to a song playlist that points to the group of songs; automatically transitioning to a third interface that includes a selectable list of artists corresponding to the artists playlist when the selected playlist item corresponds to an artists playlist that points to the group of artists; and automatically transitioning to a third interface that includes a selectable list of albums corresponding to the selected playlist when the selected playlist item corresponds to an albums playlist that points to the group of albums.
16. A method as recited in claim 15, further comprising: at the third interface, when the songs playlist is displayed, selecting one of the songs from the songs playlist; and playing the selected song by the multimedia player.
17. A method as recited in claim 15, further comprising: when the artists playlist is displayed, selecting one of the artists from the artists playlist; automatically transitioning to a fourth interface that includes a list of artist songs; selecting one of the songs from the list of artist songs; and playing the selected song by the multimedia asset player.
18. A method as recited in claim 17, further comprising: when the albums playlist is displayed, selecting one of the albums from the albums playlist; automatically transitioning to a fourth interface that includes a list of albums; selecting one of the albums; automatically transitioning to a fourth interface that includes a list of album songs; selecting one song from the list of album songs; and playing the selected song by the multimedia asset player.
19. A method as recited in claim 13, wherein when the selected item is the artists item, then the second interface is an artists interface that includes an all item corresponding to all songs stored in the multimedia asset player and a list of named artists each of which has at least one associated song stored in the multimedia asset player.
20. A method as recited in claim 19, further comprising: selecting the all item; and automatically transitioning to an albums interface that includes the all item and a list of albums associated with each of the named artists.
21. A method as recited in claim 20, further comprising: selecting the all item; and automatically transitioning to an all songs interface that includes a list of all songs stored in the multimedia asset player.
22. A method as recited in claim 20, further comprising: selecting a particular album from the list of albums; automatically transitioning to an all songs interface that includes a list of all songs of the selected album.
23. A method as recited in claim 19, further comprising: selecting a particular artist from the list of artists; and automatically transitioning to a third interface corresponding to the selected artist that includes a list of artist albums that are stored in the multimedia player and an all item associated with all songs of the selected artist stored in the multimedia asset player.
24. A method as recited in claim 23, further comprising: selecting a particular album from the list of artist albums; and automatically transitioning to a fourth interface having a list of all songs of the selected artist.
25. A method as recited in claim 23, further comprising: selecting the all item; and automatically transitioning to a fourth interface having a list of all songs of the selected artist.
26. In a portable, pocket-sized multimedia asset player, a hierarchically ordered graphical user interface accessible to a user suitable for receiving user supplied inputs that facilitate selecting a multimedia asset stored therein, comprising: a first order interface having a first number of user selectable items; a user activated first selection tool suitable for selecting at least one of the first number of user selectable items; a second order interface having a second number of user selectable items based upon the selected at least one of the first number of user selectable items; and a user activated second selection tool suitable for selecting at least one of the second number of user selectable items, wherein when the first selection tool selects the at least one of the first number of user selectable items, the first order interface automatically transitions to the second order interface.
27. A hierarchically ordered graphical user interface as recited in claim 26 further comprising: a third order interface having a third number of user selectable items based upon the selected at least one of the second number of user selectable items; and a user activated third selection tool suitable for selecting at least one of the third number of user selectable items, wherein when the second selection tool selects the at least one of the second number of user selectable items, the second order interface automatically transitions to the third order interface.
28. A hierarchically ordered graphical user interface as recited in claim 26 further comprising: a fourth order interface having a fourth number of user selectable items based upon the selected at least one of the third number of user selectable items; and a user activated fourth selection tool suitable for selecting at least one of the fourth number of user selectable items, wherein when the third selection tool selects the at least one of the third number of user selectable items, the third order interface automatically transitions to the fourth order interface.
29. A hierarchically ordered graphical user interface as recited in claim 26, wherein the first order interface includes at least, a user selectable playlist list item corresponding to a number of playlists stored in the multimedia asset player, wherein each playlist is a user customizable group of multimedia assets; a user selectable artists list item corresponding to a number of artists each of which is associated with at least one of the stored multimedia assets; and a user selectable songs list item associated with at least some of the stored multimedia assets that are songs.
30. A hierarchically ordered graphical user interface as recited in claim 26, wherein the first, the second, the third, and the fourth user activated selection tools are each formed by highlighting portion of the display.
31. A hierarchically ordered graphical user interface as recited in claim 26, wherein when the selected item is the playlist list item, then the second interface is a playlist interface that includes at least one selectable playlist item associated with at least one playlist.
32. A hierarchically ordered graphical user interface as recited in claim 31, wherein the playlist is associated with a group of songs or a group of artists or a group of albums or any combination thereof.
33. A hierarchically ordered graphical user interface as recited in claim 26, wherein when the selected item is the artists list item, then the second interface is an artists interface that includes an all item corresponding to all songs stored in the multimedia asset player and a list of specific artists item each of which has at least one associated song stored in the multimedia asset player.
34. A hierarchically ordered graphical user interface as recited in claim 33, wherein when the selected item is the all item, then the third interface is an albums interface that includes an all songs item corresponding to all songs stored in the multimedia asset player and a list of albums for all artists each member being selectable and associated with at least one album stored in the multimedia asset player.
35. A hierarchically ordered graphical user interface as recited in claim 34, wherein when the selected item is the all songs item, then the fourth interface is a songs interface that includes a list of all songs each member being selectable and associated with at least one song stored in the multimedia asset player.
36. A hierarchically ordered graphical user interface as recited in claim 35, wherein when the selected item is at least one of the list of all songs corresponding to a selected song, further comprising: a fifth order interface having a song information list corresponding to the selected song that includes, a song title of the selected song, a song artist of the selected song, and a song album title corresponding to a song album in which the selected song is included, if any.
37. A hierarchically ordered graphical user interface as recited in claim 36, wherein based upon a received interface backward jump event, the fifth order interface automatically transitions to the first order interface, and wherein based upon a received forward jump event, the first order interface automatically transitions to the fifth order interface.
38. A hierarchically ordered graphical user interface as recited in claim 34, wherein when the selected item is one of the list of albums for all artists, then the fourth interface is a songs interface that includes a list of all songs of the selected album each member being selectable and associated with at least one song included in the selected album.
39. A hierarchically ordered graphical user interface as recited in claim 38, wherein when the selected item is at least one of the list of all songs of the selected album corresponding to a selected song, further comprising: a fifth order interface having a song information list corresponding to the selected song that includes, a song title of the selected song, a song artist of the selected song, and a song album title corresponding to the selected album.
40. A hierarchically ordered graphical user interface as recited in claim 33, wherein when the selected item is one of the list of specific artists, then the third interface is a selected artist interface that includes an all songs item corresponding to all songs stored in the multimedia asset player associated with the selected artist and a list of albums for the selected artist each member being selectable and associated with at least one album stored in the multimedia asset player.
41. A hierarchically ordered graphical user interface as recited in claim 40, wherein when the selected item is the all songs item, then the fourth interface is a songs interface that includes a list of all songs of the selected artist each member being selectable and associated with at least one song stored in the multimedia asset player associated with the selected artist.
42. A hierarchically ordered graphical user interface as recited in claim 41, wherein when the selected item is at least one of the list of all songs of the selected artist corresponding to a selected song, further comprising: a fifth order interface having a song information list corresponding to the selected song that includes, a song title of the selected song, a song artist label of the selected song, and a song album title corresponding to a song album in which the selected song is included, if any.
43. A hierarchically ordered graphical user interface as recited in claim 40, wherein when the selected item is one of the list of albums of the selected artist, then the fourth interface is an all songs interface that includes a list of all songs of the selected album each member being selectable and associated with at least one song stored in the multimedia asset player associated with the selected album.
44. A hierarchically ordered graphical user interface as recited in claim 42, wherein when the selected item is at least one of the list of all songs of the selected album corresponding to a selected song, further comprising: a fifth order interface having a song information list corresponding to the selected song that includes, a song title of the selected song, a song artist label of the selected song, and a song album title corresponding to the selected album.
45. A hierarchically ordered graphical user interface as recited in claim 26, wherein the multimedia asset is a MP3 type multimedia asset.
http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2FPTO%2Fsea...
Apple wins iTunes interface patent
By John Borland
Staff Writer, CNET News.com
http://news.com.com/2100-1041-5210733.html
Story last modified May 11, 2004, 6:50 PM PDT
Apple Computer has won a patent for the interface of its iTunes music software, underscoring the growing importance of the multimedia business for the company.
The U.S. Patent and Trademark Office issued Apple a patent for its media player software interface on May 4, along with several other features of the company's high-profile products. Other parts of the iTunes software, including the ability to stream songs over a network to another copy of the program, had been the subject of earlier patents.
Apple has been the recipient of thousands of patents, ranging--in just in the last month alone--from the iTunes software components to the swivel arm joint supporting the latest iMac's flat-panel screen.
Interface elements have been a key point of concern for the company stretching as far back as the release of the Macintosh operating system, however. The company sued Microsoft for copyright infringement after early releases of Windows proved similar in conception to the Macintosh desktop concept, which itself was predated by work done at the Xerox PARC research facility.
Apple lost that copyright case, and has since relied more heavily on patenting components of its technology, as well as its hardware designs. Early in March, for example, the federal patent office published the company's application for a patent on the interface for its popular iPod digital music player.
An Apple spokeswoman said the company does not comment on its patents or patent applications, which are public record.
While software patents have become increasingly common in the past few years--leading to long and contentious strings of litigation over seemingly basic computing techniques--not all companies are taking Apple's approach.
A RealNetworks spokesman said his company does not hold any directly comparable interface patents for its 10-year-old media player software, for example.
http://news.com.com/2100-1041_3-5210733.html?tag=nefd.top
Microsoft warns of 'important' Windows flaw
Wednesday, May 12, 2004 Posted: 9:15 AM EDT (1315 GMT)
Windows XP Pro $146.49 - XP Home $92.49
Huge savings on Windows XP Professional and Home edition. Save up to 70%. Sale...
www.thesoftwareking.com
SAN FRANCISCO, California (Reuters) -- A flaw in Microsoft's almost universally used Windows operating system could allow hackers to take control of a PC by luring users to a malicious Web site and coaxing them into clicking on a link, the company warned on Tuesday.
The world's largest software maker issued the warning as part of its monthly security bulletin, along with a patch to fix the problem.
The security warning was rated "important," the second most serious on Microsoft's four-tiered rating scale for computer security threats. The highest is "critical."
Anti-virus software company Symantec Corp. called the vulnerability a "high risk" due to the impact the flaw could have if successfully exploited.
The security flaw affects the latest versions of Windows, including Windows XP, and software for networked computers such as Windows Server 2003, Microsoft said.
Vincent Gullotto, vice president of the anti-virus emergency response team at Network Associates Inc., said he did not believe the vulnerability was a high risk but said computer users should retrieve security patches from Microsoft's Web site.
Stephen Toulouse, a manager at Microsoft's Security Response Center, said that while the vulnerability would not allow for the automatic spread of a virus in the way the recent Sasser worm spread across global networks, it could still have serious consequences.
"The net result of an attack would be for an attacker to be able to do anything you already do on your computer," he said.
To exploit the vulnerability, an attacker would have to host a Web site that contains a Web page used to exploit the vulnerability and then persuade the user to visit the Web site and perform several actions before the attacker could take over a computer, Toulouse said.
The fast-moving Sasser computer worm hit PC users running the ubiquitous Microsoft Windows 2000, NT and XP operating systems a little over a week ago, afflicting computer users around the world by causing automatic reboots and slowing down Internet connections.
The suspected author of the Sasser worm was caught in Germany this past weekend.
Tuesday's security bulletin is the 15th issued so far this year by Microsoft, of which seven have identified "critical" flaws in its software. Redmond, Washington-based Microsoft issued 51 security bulletins in 2003.
Last year, Microsoft adopted a new monthly patch release program, which it said would let customers apply software fixes for security bugs more easily.
http://www.cnn.com/2004/TECH/internet/05/12/microsoft.flaw.warning.reut/index.html
24601, Thanks for confirming that these numbers have remained unchanged.
I agree that it seems the SEC has allowed this filing.
Authorized and Outstanding Shares
Our authorized capital stock consists of 120,000,000 shares of Class A common stock, $.01 par value per share; 13,000,000 shares of Class B common stock, $.01 par value per share; and 2,000,000 shares of preferred stock, $.01 par value.
As of March 1, 2004, a total of 67,133,415 shares of our Class A common stock and 205,725 shares of our Class B common stock were issued and outstanding.
Common Stock
Wave's Class A common stock and Class B common stock are equal in all respects except for voting rights, conversion rights and restrictions on transferability, as discussed more fully below.
Voting Rights
The voting powers, preferences and relative rights of the Class A common stock and the Class B common stock are identical in all respects, subject to the following provisions. Holders of Class A common stock have one vote per share on all matters submitted to a vote of the stockholders of Wave. Holders of Class B common stock have one vote per share on all matters submitted to a vote of the stockholders, except that holders of Class B common stock will have five votes per share on the following matters: (i) any election of directors where one or more directors has been nominated by any person or persons other than Wave's Board of Directors or in the event of an "Election Contest" (as described in Rule 14a-11 promulgated under the Securities Exchange Act of 1934, as amended) or other solicitation of proxies or consents by or on behalf of any person or persons other than Wave's Board of Directors for the purpose of electing directors; and (ii) any vote on a merger, consolidation or reorganization of Wave or similar business combination or transaction, or any sale, lease, exchange
10
or other disposition of all or substantially all of the assets of Wave to or with any other person, if the particular business combination or other transaction has not been recommended by Wave's Board of Directors. In addition, holders of Class B common stock will have five votes per share on all matters submitted to a vote of the stockholders of Wave in the event that any person or group (within the meaning of Section 13(d)(3) of the Securities Exchange Act of 1934, as amended) acquires beneficial ownership of 20% or more of the outstanding voting securities of Wave (provided that this provision will not apply to any person who beneficially owns 3% or more of the outstanding voting securities at the time of the closing of this offering or any group including any such person). No class of outstanding common stock alone is entitled to elect any directors. There is no cumulative voting with respect to the election of directors.
Under Wave's Restated Certificate of Incorporation and the Delaware General Corporation Law, the holders of Class A common stock and Class B common stock are entitled to vote as separate classes with respect to any amendment to Wave's Restated Certificate of Incorporation that would increase or decrease the aggregate number of authorized shares of any class, increase or decrease the par value of the shares of any class, or modify or change the powers, preferences or special rights of the shares of any class so as to affect such class adversely.
USE OF PROCEEDS
Except as may be otherwise set forth in the prospectus supplement accompanying this prospectus, we will use the net proceeds we receive from sales of the securities offered hereby for general corporate purposes, including the development and support of our sales and marketing organization, support for our continuing research and development efforts and the funding of acquired related businesses and technologies.
We own or have rights to trademarks or tradenames that we use in conjunction with the offering of our products. Embassy®, WaveMeter®, WaveNet®, Great Stuff Network™, Second Shift® (the Wave juggler logo), WaveCommerce™, Wave Interactive Network™, WINPublish™, WINPurchase™, CablePC™, WaveDirect®, MyPublish™, CharityWave®, SmartSignature™, SmartSafe™, SignOnLine™ and N*Click™ are trademarks or registered trademarks used by us. All other trademarks and tradenames referred to in this prospectus are the property of their respective owners.
A formal investigation by the Securities and Exchange Commission could affect our operations.
The SEC has commenced a formal investigation into certain matters relating to Wave. The SEC investigative order relates to certain public statements made by Wave during and around August 2003, as well as certain trading in Wave's securities during such time. The SEC has not concluded that there has been any wrongdoing and Wave is cooperating fully with the SEC on this matter. An adverse resolution of the investigation may have a negative effect on our financial condition and operating results.
Class action lawsuits could affect our operations.
Several (9 known) similar purported class action complaints have been filed between January 23, 2004 and February 23, 2004 in the United States District Court for the District of Massachusetts. Seven (7) of which name Wave, its Chief Executive Officer and its Chief Financial Officer and two (2) of which also name Wave's Chairman, as defendants. The purported class action complaints have been filed by alleged purchasers of Wave's Class A common stock during the purported class period July 31,
8
2003 through February 2, 2004. The complaints claim that Wave and the named individuals violated the federal securities laws by publicly disseminating materially false and misleading statements regarding Wave, relating to Intel and IBM agreements, resulting in the artificial inflation of Wave's Class A common stock price during the purported class periods. The complaints do not specify the amount of alleged damages plaintiffs seek to recover.
Wave has learned of three (3) other complaints filed in the United States District Court for the District of Massachusetts. Wave believes that the complaints name all of its directors as defendants and allege claims for breach of fiduciary duties and other claims. The allegations are very similar to the allegations made in the purported securities class actions because the allegations concern the very same alleged statements alleged in the purported class actions. Wave is also named as a nominal defendant, although the actions are derivative in nature and purportedly asserted on behalf of Wave.
At this time, Wave is unable to predict the outcome of these actions.
DESCRIPTION OF WARRANTS
We have warrants to purchase 1,318,058 shares of our Class A common stock outstanding. We may in the future issue warrants for the purchase of our Class A common stock. Warrants may be issued independently, together with any other securities offered by any prospectus supplement or through a dividend or other distribution to our stockholders and may be attached to or separate from the related securities. Warrants may be issued under a warrant agreement to be entered into between us and a warrant agent specified in the applicable prospectus supplement. The warrant agent will act solely as
11
our agent in connection with the warrants of a particular series and will not assume any obligation or relationship of agency or trust for or with any holders or beneficial owners of warrants. The following sets forth certain general terms and provisions of the warrants that may be offered under this prospectus. The applicable warrant agreement and form of warrant certificate will be filed as exhibits to or incorporated by reference in the registration statement. Further terms of the warrants and the applicable warrant agreement will be set forth in the applicable prospectus supplement.
The applicable prospectus supplement will describe the terms of the warrants in respect of which this prospectus is being delivered, including, where applicable, the following: (a) the title of the warrants; (b) the aggregate number of the warrants; (c) the price or prices at which the warrants will be issued; (d) the designation, number and terms of the shares of our Class A common stock purchasable upon exercise of the warrants; (e) the designation and terms of the other securities, if any, with which the warrants are issued and the number of the warrants issued with each security; (f) the date, if any, on and after which the warrants and the related Class A common stock, if any, will be separately transferable; (g) the price at which each share of Class A common stock purchasable upon exercise of the warrants may be purchased; (h) the date on which the right to exercise the warrants will commence and the date on which that right will expire; (i) the minimum or maximum amount of the warrants which may be exercised at any one time; (j) information with respect to book-entry procedures, if any; (k) a discussion of federal income tax considerations; and (l) any other terms of the warrants, including terms, procedures and limitations relating to the transferability, exchange and exercise of the warrants.
PLAN OF DISTRIBUTION
We may sell the securities offered pursuant to this prospectus and any accompanying prospectus supplements to or through one or more underwriters or dealers or we may sell the securities to investors directly or through agents. Each prospectus supplement will describe the number and terms of the securities to which such prospectus supplement relates, the name or names of any underwriters or agents with whom we have entered into arrangements with respect to the sale of such securities, the public offering or purchase price of such securities and the net proceeds we will receive from such sale. Any underwriter or agent involved in the offer and sale of the securities will be named in the applicable prospectus supplement. We may sell securities directly to investors on our own behalf in those jurisdictions where we are authorized to do so.
Underwriters may offer and sell the securities at a fixed price or prices, which may be changed, at market prices prevailing at the time of sale, at prices related to the prevailing market prices or at negotiated prices. We also may, from time to time, authorize dealers or agents to offer and sell these securities upon such terms and conditions as may be set forth in the applicable prospectus supplement. In connection with the sale of any of these securities, underwriters may receive compensation from us in the form of underwriting discounts or commissions and may also receive commissions from purchasers of the securities for whom they may act as agent. Underwriters may sell the securities to or through dealers, and such dealers may receive compensation in the form of discounts, concessions or commissions from the underwriters or commissions from the purchasers for which they may act as agents. The maximum compensation or discount to be received by any member of the National Association of Securities Dealers or any independent broker-dealer will not be greater than 8% for the sale of any securities registered pursuant Rule 415 under the Securities Act of 1933.
Shares may also be sold in one or more of the following transactions: (a) block transactions (which may involve crosses) in which a broker-dealer may sell all or a portion of the shares as agent but may position and resell all or a portion of the block as principal to facilitate the transaction; (b) purchases by a broker-dealer as principal and resale by the broker-dealer for its own account pursuant to a prospectus supplement; (c) a special offering, an exchange distribution or a secondary distribution in accordance with applicable Nasdaq National Market or other stock exchange rules; (d) ordinary
12
brokerage transactions and transactions in which a broker-dealer solicits purchasers; (e) sales "at the market" to or through a market maker or into an existing trading market, on an exchange or otherwise, for shares; and (f) sales in other ways not involving market makers or established trading markets, including direct sales to purchasers. Broker-dealers may also receive compensation from purchasers of the shares, which is not expected to exceed that which is customary in the types of transactions involved.
Any underwriting compensation paid by us to underwriters or agents in connection with the offering of these securities, and any discounts or concessions or commissions allowed by underwriters to participating dealers, will be set forth in the applicable prospectus supplement. Dealers and agents participating in the distribution of the securities may be deemed to be underwriters, and any discounts and commissions received by them and any profit realized by them on resale of the securities may be deemed to be underwriting discounts and commissions.
Underwriters, dealers and agents may be entitled, under agreements entered into with us, to indemnification against and contribution toward certain civil liabilities, including liabilities under the Securities Act of 1933. Unless otherwise set forth in the accompanying prospectus supplement, the obligations of any underwriters to purchase any of these securities will be subject to certain conditions precedent, and the underwriters will be obligated to purchase all of the series of securities, if any are purchased.
Underwriters, dealers and agents may engage in transactions with, or perform services for, us and our affiliates in the ordinary course of business.
In connection with offering securities pursuant to this prospectus, certain underwriters, and selling group members and their respective affiliates, may engage in transactions that stabilize, maintain or otherwise affect the market price of the applicable securities. These transactions may include stabilization transactions effected in accordance with Rule 104 of Regulation M promulgated by the SEC pursuant to which these persons may bid for or purchase securities for the purpose of stabilizing their market price.
The underwriters in an offering of securities may also create a "short position" for their account by selling more securities in connection with the offering than they are committed to purchase from us. In that case, the underwriters could cover all or a portion of the short position by either purchasing securities in the open market following completion of the offering of these securities or by exercising any over-allotment option granted to them by us. In addition, the managing underwriter may impose "penalty bids" under contractual arrangements with other underwriters, which means that they can reclaim from an underwriter (or any selling group member participating in the offering) for the account of the other underwriters, the selling concession for the securities that are distributed in the offering but subsequently purchased for the account of the underwriters in the open market. Any of the transactions described in this paragraph or comparable transactions that are described in any accompanying prospectus supplement may result in the maintenance of the price of the securities at a level above that which might otherwise prevail in the open market. None of the transactions described in this paragraph or in an accompanying prospectus supplement are required to be taken by any underwriters and, if they are undertaken, may be discontinued at any time.
The Class A Common stock is listed on the Nasdaq National Market under the symbol "WAVX". Any underwriters or agents to or through which securities are sold by us may make a market in the securities, but these underwriters or agents will not be obligated to do so and any of them may discontinue any market making at any time without notice. No assurance can be given as to the liquidity of or trading market for any securities sold by us.
PROSPECTUS $25,000,000
WAVE SYSTEMS CORP.
Class A Common Stock
Warrants
By this prospectus, we may offer, from time to time:
•
shares of our Class A common stock;
•
warrants to purchase shares of our Class A common stock; or
•
a combination of the foregoing.
We will provide specific terms of each issuance of these securities in supplements to this prospectus. You should read this prospectus and any supplement carefully before you decide to invest.
This prospectus may not be used to consummate sales of these securities unless it is accompanied by a prospectus supplement.
Our Class A common stock is traded on the Nasdaq National Market under the symbol "WAVX." On April 13, 2004, the last reported sale price of our Class A common stock was $2.14 per share.
We may sell these securities to or through underwriters, dealers or agents, or we may sell the securities directly to investors on our own behalf.
Investing in our Class A common stock involves a high degree of risk.
See "Risk Factors" beginning on page 2
Neither the Securities and Exchange Commission nor any state securities commission has approved of these securities or determined if this prospectus is accurate or complete. Any representation to the contrary is a criminal offense.
The date of this prospectus is May 10, 2004.
ABOUT THIS PROSPECTUS
This prospectus is part of a registration statement that we filed with the Securities and Exchange Commission, or SEC, using a "shelf" registration process. Under this process, we may offer and sell Class A common stock, warrants to purchase our Class A common stock or a combination of both in one or more offerings for total proceeds of up to $25,000,000. This prospectus provides you with a general description of the securities we may offer. Each time we offer to sell securities, we will provide a supplement to this prospectus that will contain specific information about the terms of that offering. The prospectus supplement may also add, update or change information contained in this prospectus. It is important for you to consider the information contained in this prospectus and any prospectus supplement together with additional information described under the heading "Where You Can Find More Information."
OT, awk...
I don't I have a fish dinner or two coming too?
vacationhouse, OT or Not OT...this is important in my opinion...
Microsoft is making the Janus DRM available as C language source code that can be ported to most processors. Chip makers Cirrus Logic, PortalPlayer, Sigmatel and Texas Instruments are porting the new DRM software to their processors used in MP3 players, said Cutter. They will likely optimize the source code by putting key sections into assembly language.
MSFTs trusted computing endeavor is...
...over, but its not.
Where oh where are they going to get their solution?
SEC and Ragingbull and SI boards...
Securities and Exchange Commission (Internet Related Litigation SB)
Litigation Release No. 18690 / May 4, 2004
Securities and Exchange Commission v. Dean S. Thomassen, Civil Action No. A03 CA 297H (W.D. Tex.) (May 14, 2003)
Court Enters Final Judgment Against Dean S. Thomassen for Internet Securities Fraud
On April 28, 2004, the Honorable Harry Lee Hudspeth, Senior United States District Court Judge for the Western District of Texas, entered a Final Judgment against Dean S. Thomassen ("Thomassen") for violating the antifraud provisions of the federal securities laws. In its Complaint filed on May 14, 2003, the Commission alleged that for almost two years, from August 1998 to May 2000, Thomassen made repeated fraudulent misrepresentations on the Internet for the purpose of manipulating the stock price of at least nine microcap companies. According to the Complaint, Thomassen sent numerous fraudulent unsolicited "spam" e-mail messages touting the stock and business prospects of each of the companies. Using several aliases, the Complaint further alleged, Thomassen also posted false and misleading information about these microcap companies on the Silicon Investor and Raging Bull websites. The Complaint alleged that, after the dissemination of the false information, the stock price and trading volume of many of the issuers increased significantly in the short term. According to the Complaint, on three occasions, Thomassen quickly sold his personal stock holdings in these companies into the resulting inflated market. The Complaint alleged that through his trading in the issuers' stocks, Thomassen realized illegal profits of $8,302, which constituted a return on his original investment of between 32% to 132%, depending upon the particular stock.
Thomassen, without admitting or denying the allegations of the Commission's Complaint, consented to entry of the Final Judgment, which permanently enjoins him from violations of Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder, Section 17(a) of the Securities Act of 1933, and permanently bars him from any future participation in the offering of penny stocks, under Section 603 of the Sarbanes-Oxley Act of 2002. The Final Judgment also orders disgorgement of $8,302, but waives such amount, and waives civil penalties and prejudgment interest based on Thomassen's sworn statement of financial condition. For additional information about this matter, see also Litigation Release 18137 (May 14, 2003).
For tips on how to avoid Internet "pump-and-dump" stock manipulation schemes, visit http://www.sec.gov/investor/online/pump.htm.
For more information about Internet fraud, visit http://www.sec.gov/divisions/enforce/internetenforce.htm.
To report suspicious activity involving possible Internet fraud, visit http://www.sec.gov/complaint.shtml.
vickers, I can't imagine why. eom
Does anyone know what the...
...compensation numbers were last year? I heard one officer had a $750K bonus? I don't have time to read the freakin' filings... so darned busy....
M&A = merger and acquisition.
I have no idea what the IP might be worth. I thought ITRU was worth $10/sh and only went for $4.25 (nearly 400% return though).
So what do I know?