Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Wave Q2 Revenues Rose 34%, to $6.4 Million Driven by Continued Progress in Software License Activity
Market Wire
4:02 PM Eastern Daylight Time Aug 09, 2010
Wave Systems Corp.
LEE, MA, Aug 09 (Marketwire) --
Announces Recent Customer and OEM Progress
Wave Systems Corp. (NASDAQ: WAVX) (www.wave.com) today reported
operating results for the second quarter (Q2) and six months ended June
30, 2010. The company also reported on recent customer wins and OEM and
partner progress.
Benefiting from growth in royalties from enterprise software license sales
(previously referred to as "upgrade sales"), as well as increased
shipments of Wave's software bundled with enterprise PCs that include a
Trusted Platform Module (TPM) and/or a self-encrypting drive (SED),
Wave's Q2 '10 net revenues from software licensing rose 40% to $6.2
million from $4.4 million in Q2 '09. Including a modest decrease in net
services revenues related to government service contracts, Wave's Q2 '10
net revenues rose 34% to $6.4 million versus $4.8 million in Q2 '09 and
rose 10% over Q1 '10 net revenues of $5.9 million. Total billings
increased 38% to $6.3 million in Q2 '10, compared to total billings of
$4.6 million in Q2 '09, and rose 12% versus Q1 '10 total billings of $5.6
million. Net revenue is reconciled to billings below.
Reflecting increased investments in SG&A and R&D to support Wave's OEM
relationships, its expanding base of customers and an array of product
enhancements, Wave's Q2 '10 net loss increased to $1.0 million, or $0.01
per basic and diluted share, compared to a Q2 '09 net loss of $0.3
million, or $0.01 per basic and diluted share, and Wave's Q1 '10 net loss
of $0.7 million, or $0.01 per basic and diluted share. Per-share figures
are based on a weighted average number of basic shares outstanding in the
second quarters of 2010 and 2009 of 80.3 million and 66.4 million,
respectively, and on a weighted average of 77.2 million basic shares
outstanding at March 31, 2010.
Wave reported negative EBITDAS of $53,000 for Q2 '10 compared to positive
EBITDAS of $144,000 in Q2 '09 and negative EBITDAS of $118,000 in Q1 '10.
EBITDAS is a non-GAAP measure defined as earnings before interest income
(expense), income taxes, depreciation and amortization and stock-based
compensation expense. Net income is reconciled to EBITDAS below.
Giving effect to Wave's second quarter purchase of two U.S. patents on
core technology underlying SEDs for $1.1 million in cash, as of June 30,
2010, Wave's cash and cash equivalents declined to $4.5 million compared
to $5.1 million on March 31, 2010. As of June 30, 2010, Wave's total
current assets declined to $8.5 million as compared to $9.1 million at
March 31, 2010 and its total current liabilities declined to $7.1
million, including $3.1 million of deferred revenue, from $7.5 million at
March 31, 2010.
Steven Sprague, President and CEO of Wave Systems, commented, "Wave's
improved second quarter revenues reflected sequential and year-over-year
increases in both enterprise software sales activity, as well as a higher
volume of OEM software bundling with PCs incorporating TPMs. The increase
in bundling activity reflected a rebound in PC shipments by our OEM
partners.
"To support growing interest we are seeing in trusted computing solutions,
we have increased investments in sales and marketing and in R&D, generally
in line with our revenue performance. We believe these investments are
critical to the continued expansion of our business and to address OEM
partner and customer interest in our products. Significant developments
include Dell's plans to significantly enhance the user interface for
Wave's solutions in next year's commercial PCs and Acer's decision to
expand its relationship with Wave beyond enterprise desktops to include
business notebook systems.
"We are also seeing continued adoption of our enterprise solutions by
customers in new markets, including a national online brokerage services
firm and a large integrated healthcare delivery system. We review some new
customer developments below.
"We are also encouraged by our continued services work with the U.S.
government and are dedicating substantial resources to support this
project and are particularly encouraged by the visibility they will be
giving to trusted computing solutions at a conference in September."
Summary of Recent Progress/Developments:
OEM/Partner News:
-- Dell and Wave Are Developing the Next Generation Platform Security
Solution for Dell's 2011 Latitude(TM), Precision(TM) and Optiplex(TM)
Models. These platforms are to include an enhanced user interface designed
to make it easier for users to activate client-side security capabilities.
Wave will continue to supply Dell with authentication solutions (TPM,
biometrics and smart cards) and SED management. Dell PCs powered by Wave
security are currently in use in financial services, healthcare,
manufacturing, utilities, law firms, and government customer verticals.
-- Acer to Include Wave Security Solutions on Desktop and Notebook Systems
for Release in Q4 2010. On select platforms, Acer now plans to provide an
enhanced user interface that includes Wave's TPM authentication management
and optional SED management. The platforms will be targeted to the SMB
market, with the intention of building channel awareness of Acer platforms
with security installed at the factory. Acer also continues to be licensed
to resell Wave's EMBASSY(R) Remote Administration Server (ERAS) to end
users through its broad channel partner network.
-- Wave and Hitachi GST Announce Comprehensive Data Protection Solution.
Wave's EMBASSY security software is compatible with Hitachi Global Storage
Technologies' (Hitachi GST) Travelstar(TM) SEDs available through
Hitachi's worldwide distribution channels. The drives are among the first
commercially available based on the Trusted Computing Group's Opal
storage specification that defines a set of drive security features.
Wave's EMBASSY management software (available separately from Wave's
channel partners, resellers and direct from Wave) provides IT managers
with powerful capabilities for deploying, administering and managing
Hitachi SEDs.
Customer News:
-- A Big Four Accounting Firm Selected Wave to Roll out Strong
Authentication Using Trusted Platform Modules (TPMs) Throughout the
Enterprise. As previously reported by Wave in May, this accounting firm
selected Wave software for use in activating tens of thousands of TPMs for
VPN, network access and other security issues.
-- BNY Mellon Corporate Launched Innovative eVault Service. Wave's
eSignSystems division was integral in the launch, providing lifecycle
management tools for eMortgage processing that support the ongoing eVault
Service.
Other News:
-- Gartner Predicts All Hard Drives will be Shipped Pre-Loaded with
Industry Standard FDE within Five Years; Key Management Cited as Critical.
Citing the role of the Trusted Computing Group in defining and promoting
open standards for hardware-enabled trusted computing technologies,
Gartner "believes that, within five years, all HDDs will be shipped
preloaded with some kind of industry-standard FDE technology, just as all
mobile, desktop and enterprise HDDs shipped today are preloaded with some
kind of diagnostic software." The report also notes that key management
"is a crucial issue, and encryption is useless if there is weak key
management." A primary benefit of self-encrypting drives, according to
Gartner, was that the encryption key never leaves the drive and that key
management is generally handled by an independent software vendor with
some centralized management for password recovery and authentication. The
report, entitled "Gartner Hype Cycle for Storage Technologies, 2010" is
available for download here.
About Wave Systems Corp.
Wave provides software to help solve critical enterprise PC security
challenges such as data protection, strong authentication, network access
control and the management of these enterprise functions. Wave is a
pioneer in hardware-based PC security and a founding member of the Trusted
Computing Group (TCG), a consortium of over 100 companies that forged open
standards for hardware security. Wave's EMBASSY(R) line of client- and
server-side software leverages and manages the security functions of the
TCG's industry standard hardware security chip, the Trusted Platform
Module (TPM) and supports the self-encrypting drive standard, Opal. TPMs
are included on an estimated 300 million PCs and are standard equipment
on many enterprise-class PCs shipping today. Using TPMs and Wave software,
enterprises can substantially and cost-effectively strengthen their
current security solutions. Self-encrypting drives are a growing segment
of the data protection market, offering increased security and better
performance than existing software-based encryption solutions. For more
information about Wave and its solutions, visit http://www.wave.com.
The NSA/CSS Commercial Solutions Center (NCSC)
hosts the NSA Trusted Computing Conference and Exposition, September 14-16, 2010 in Orlando, Florida
Business today does not exclusively exist within the confines of one’s office. With the increasing popularity of using social networks, handheld devices, and internet kiosks to handle business, the need for secure computing has never been more important. The NSA Trusted Computing Conference and Exposition is dedicated to revealing Trusted Computing technologies that will create security in a connected world.
Government and Commercial IT Decision Makers - take advantage of this opportunity to learn how to start building Security in a Connected World:
Ø See live demonstrations of trusted computing solutions that stop malicious intruders
Ø Learn about practical solutions you can deploy now
Ø Hear how revolutionary new technologies are being used by leading organizations to protect their data and networks
Get a glimpse of upcoming technologies from cyber security experts in government and industry!
Each morning, the conference will begin with presentations from Senior Executive Government keynotes and Industry leaders. The afternoon will provide attendees an opportunity to attend four different breakouts tracks:
· TC Implementation Track: Provides attendees with recent, practical use cases of Trusted Computing along with an understanding of how the HAP framework and Trusted Computing solutions/technologies can be implemented in an enterprise.
· Technology Track: Build's attendees' understanding of Trusted Computing technologies from basic to advanced levels and emphasizes how they enhance security, why they are important and what enterprise benefits they possess.
· Demonstration Track: Offers attendees a firsthand look at real Trusted Computing technology demonstrations that present unique glimpses of the future state of certain key technologies.
· Industry Developer Track: Focused on technology solution developers' Trusted Computing products and the resultant value to enterprises looking to actively reduce their enterprise IT security and information-related risk(s).
To view the full agenda and register please visit www.ncsi.com.
Exhibit space and onsite promotional opportunities are also available! For the latest on TCG members participating in this event, please visit the TCG events page or follow us on LinkedIn, Twitter or FaceBook.
Highest Sales Growth in the Systems Software Industry
Detected in Shares of VMware (VMW, WAVX, ARST, ORCL, FIRE)
http://www.mysmartrend.com/news-briefs/news-watch/highest-sales-growth-systems-software-industry-detected-shares-vmware-vmw-wav
Below are the top five companies in the Systems Software industry in terms of sales growth.
VMware (NYSE:VMW) had sales growth of 47.9% during the last fiscal year. The company has reported $2.4 billion in sales over the past 12 months and is expected to report $3.3 billion in sales in the next fiscal year.
Wave Systems (NASDAQ:WAVX) had sales growth of 45.5% during the last fiscal year. The company has reported $20.7 million in sales over the past 12 months and is expected to report $45.7 million in sales in the next fiscal year.
ArcSight (NASDAQ:ARST) had sales growth of 40.6% during the last fiscal year. The company has reported $181.4 million in sales over the past 12 months and is expected to report $258.3 million in sales in the next fiscal year.
Oracle (NASDAQ:ORCL) had sales growth of 40.4% during the last fiscal year. The company has reported $26.9 billion in sales over the past 12 months and is expected to report $36.1 billion in sales in the next fiscal year.
Sourcefire (NASDAQ:FIRE) had sales growth of 38.1% during the last fiscal year. The company has reported $119.1 million in sales over the past 12 months and is expected to report $163.6 million in sales in the next fiscal year.
SmarTrend is bullish on shares of VMW and our subscribers were alerted to Buy on July 08, 2010 at $69.63. The stock has risen 17.6% since the alert was issued.
This seems like it was written for Wave!: http://www.nist.gov/itl/csd/upload/Cybersecurity_NOI_0722101.pdf
4. Authentication/Identity (ID) Management
In our listening sessions, several stakeholders urged the Task Force to promote more widespread uptake of state-of-the-art authentication and ID management systems to reduce the incidents of successful cyber intrusions and attacks. Effective authentication and authorization systems establish a user’s right to access resources. Many users currently rely on simple password systems for authentication. More sophisticated systems require multiple factors in the authentication process, for example, something the user knows, plus something that the user possesses (e.g., a physical credential or token).20
The Department seeks comment on the effectiveness of current identity management systems in addressing cybersecurity risks.
On June 25, 2010, the White House released the National Strategy for Trusted Identities in Cyberspace for public comment. This strategy promotes a set of options for enhancing on-line security and privacy so that individuals and organizations use trusted, interoperable identity solution as in a manner that promotes confidence, privacy, choice, and innovation to experience efficient and secure access to on line services.21
Beyond the measures recommended in the National Strategy for Trusted Identities in Cyberspace, what, if any, federal government support is needed to improve authentication/identity management controls, mechanisms, and supporting infrastructures? Do the authentication and/or identity management controls employed by commercial organizations or business sectors, in general, provide adequate assurance? If not, what improvements are needed? What specific controls and mechanisms should be implemented? What role should authentication and identity management controls play in a comprehensive set of cybersecurity measures available to commercial organizations? Are the basic infrastructures that underlie the recommended controls and mechanisms already in place? What, if any, new tools or technologies for authentication or identify management are available or are being developed that may address these needs?
How can the expense associated with improved authentication/identity management controls and mechanisms be justified financially? How can the
U.S. Government best support improvement of authentication/identity management controls, mechanisms, and supporting infrastructures? Is there a continuing need for limited revelation
identity systems, or even anonymous identity processes and credentials? If so, what would be the potential benefits of wide-scale adoption of limited revelation identity systems or anonymous credentialing from a cybersecurity perspective? What would be the drawbacks?
How might government procurement activities best promote development of a market for more effective authentication tools for use by government agencies and commercial entities? Could a private marketplace for ‘‘identity brokers’’ (i.e., organizations that can be trusted to establish identity databases and issue identity credentials adequate for authorizing financial transactions and accessing private sector components of critical infrastructures) fulfill this need effectively? What would be some of the issues or potential impacts of establishing standards and best practices for private sector identity brokers? Should the government establish a program to support the development of technical standards, metrology, test beds, and conformance criteria to take into account user concerns such as how to: (1) Improve interoperability; (2) strengthen authentication methods; (3) improve privacy protection through authentication and security protocols; and (4) improve the usability of identity management systems? What are the privacy issues raised by identity management systems and how should those issues be addressed? Are there particular privacy and civil liberties questions raised by government involvement in identity management system design and/or operations? What other considerations should factor into government’s efforts in this area?
Commerce Department Seeks Advice On Cybersecurity
http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=226500291&cid=RSSfeed_IWK_All
Businesses, academics and the general public have been asked for input on cybersecurity's economic impact, authentication and identity-management technologies, research and development priorities and more.
By Elizabeth Montalbano, InformationWeek
Aug. 4, 2010
The Department of Commerce is looking for advice from businesses, academics and even the general public about how to maintain cybersecurity while fostering innovation in the commercial Internet space.
In a Notice of inquiry (PDF), the department asks for comment about, among other things, the economic impact of cybersecurity preparedness; authentication and identity-management technologies; how to raise awareness about threats; how to engage globally on cybersecurity; and where to invest in research and development.
The department said it's seeking comment outside of the usual government channels because cybersecurity affects a much broader scope than that. The trillion-dollar Internet commerce market in particular is vulnerable to threats, according to the notice.
"Companies continue to face significant challenges in their ability to appropriately protect their computer systems, secure their proprietary, personal and financial information, and safeguard the integrity of business and other transactions that they conduct over the Internet," the department said in the notice. "Reports of significant, persistent, individual cyber intrusions occur on a regular basis, as do reports of widespread, untargeted cyber incidents."
The department's Internet Policy Task Force -- created in April to help develop cybersecurity policy -- is overseeing the request.
Cybersecurity is a priority for the Obama administration, and several agencies -- including the Department of Homeland Security, the Department of Defense and the National Security Agency -- all have different roles in establishing processes and policy around it.
However, much of the administration's work to date has been focused on protecting the .gov domain and critical infrastructure on which the Internet runs.
The Commerce Department's task force, on the other hand, is primarily seeking feedback on how to identify and evaluate cybersecurity challenges that face commercial entities and consumers outside of critical infrastructure, according to the notice.
The department also wants advice on how it can improve its execution of core cybersecurity responsibilities, which does indeed include supporting critical infrastructure and the people using it.
Responses to the request will assist the task force in preparing a report on cybersecurity, innovation and the Internet economy, according to the notice.
Cloud Computing and Security-A Natural Match
http://www.trustedcomputinggroup.org/files/resource_files/1F4DEE3D-1A4B-B294-D0AD0742BA449E07/Cloud%20Computing%20and%20Security%20Whitepaper_July29.2010.pdf
Authentication in the Cloud
http://www.ctoedge.com/content/authentication-cloud
When it comes to cloud computing, the subject that seems to get the least attention is authentication and identity management.
While there is no single dominant approach to authentication in the cloud as of yet, it’s clear that at some juncture Microsoft’s Active Directory is going to play a significant role. After all, Active Directory dominates the enterprise in terms of authentication. So while we may not know yet what the standard for authentication in the cloud is going to be, the chances are very good that at the very least authenticating internal users in the enterprise to a public cloud computing is going to involve Active Directory.
None of this is lost on the major vendors such as Hewlett-Packard, EMC and its VMware subsidiary, Canonical that are lining up behind open source software Likewise Software to make sure their offerings can integrate with Active Directory.
Likewise Software CEO Barry Crist says the company is building an open source ecosystem around Microsoft’s Active Directory environment that focuses on first integrating non-Windows platforms with Active Directory and then automating the management of Active Directory.
While Microsoft has done a good job of proliferating Active Directory everywhere, as of late the company has not focused much on enhancing that franchise. That creates opportunities for companies such as Likewise to effectively turn Active Directory into a platform for heterogeneous authentication both within the enterprise and across the cloud, which is something that Microsoft is reluctant to do given its singular focus on putting Windows everywhere.
It’s still too early to say what Microsoft might ultimately do concerning Active Directory in the cloud. The company is working on a next-generation implementation of Active Directory, but has not articulated an authentication strategy in the cloud based on Active Directory.
In the meantime, other vendors such as Likewise appear to be effectively defining how Active Directory deployments within the enterprise are going to function as part of a cloud with or without Microsoft’s help.
Government Googled
http://datacenterjournal.com/index.php?option=com_content&view=article&id=3765:government-googled&catid=22&Itemid=100129
Thursday, 29 July 2010 08:10 Written by Rakesh Dogra
Google Inc, a behemoth in the world of cloud computing, has recently made the U.S. government one of its clients for its cloud-computing services.
The Google Apps for Government announcement came at a press event at Google headquarters after the company received FISMA (Federal Information Security Management Act) certification. To be precise, it has received the FISMA-Moderate rating, which implies that Google now has authority to store unclassified but sensitive data, which means up to 80% of government data. As Kripa Krishnan, Technical Program Manager at Google Apps for Government, clarifies, the FISMA review and certification makes for easier comparison between Google’s security features and those of Federal agencies. The company also goes on to say that most agencies have found Google’s security at least equal to their own, thus bolstering the government’s confidence in moving to the cloud.
Google Apps was designed with the framework provided by Federal agencies and is a suite of cloud offerings for word processing, special email, and collaboration applications. The cloud bundle consists of Gmail, Calendar, Google Sites, Groups, Postini, Video, and Google Docs.
Google Apps for Government is a modification of Google Apps Premier Edition and goes an extra step in ensuring a separation between government mail and calendar data and that of the general populace. Such a separation is necessary, since the product is aimed at widespread usage in the face of fears following the Google Street View incident.
The new edition also offers the promise of helping the government “redeploy” resources for public use, since the company’s community cloud does not necessitate installation and maintenance of hardware and software. Making its case even stronger, Google provides assurance that the information will be stored within U.S. borders. Gmail and calendar data will be stored in a separate storage system designed specially by Google’s government contractors.
The Google cloud can also deliver better operations than the existing systems, resulting in cost savings. By pushing a portion of their IT systems into the cloud, the government can take advantage of such cost savings. Reports suggest that the current U.S. administration is looking at annual savings of $76 billion for computing and software by way of moving into the cloud. Incidentally, Federal spending on hardware and software is approximately $120 billion every year.
Google is also emphasizing to the government the potential benefits of paperless offices; these benefits include not only cost savings, but also a sleeker IT DNA structure.
The near future will also see the in-the-pipeline Google Chrome OS being updated for government use. Eric Schmidt, CEO of Google, says FISMA certification and government support is a banner of trust that has gone a long way in breaking down another barrier to seeking new and more effective data-management practices. He also said that Google would also seek FISMA certification for its Chrome OS, because all the aforementioned apps will run incredibly “well and securely” on that OS.
The U.S. government has been a client of Google in the past. Consider, for instance, Berkeley Lab’s usage of Google Apps to share emails in the cloud. Berkeley Lab is a national laboratory of the U.S. Department of Energy. Business products like Google Earth and Google Apps are also widely used by Federal agencies and state governments. New Mexico, Kansas, and Florida are just some of the states that are Google Apps clients.
Interestingly, Microsoft is hot on Google’s heels in the FISMA race. Even though it is the biggest player for the government IT industry, its Microsoft Exchange email system has not yet received FISMA endorsement. The company is seeking certification for its Business Productivity Online Suite. Microsoft also has a few aces up its sleeve, one of which is its government-only cloud facility.
The FISMA seal should also give SMBs some confidence in Google’s services. Of course, they will still have to consider the nature of the data they will entrust to Google, but a FISMA certification does not hurt
WikiLeaks Tests Feasibility Of Government Data Security
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=226300143
Governments will always face the twin challenges of balancing the need for secrecy with the need to collaborate, say experts.
By Mathew J. Schwartz, InformationWeek
July 28, 2010
URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=226300143
In the wake of the release by WikiLeaks on Sunday of more than 90,000 documents pertaining to the war in Afghanistan, will government data ever be safe again? In other words, can the U.S. government -- or for that matter, any government, corporate entity, or organization -- prevent a similar mass document disclosure in the future?
"Of course not, because remember this isn't technical, this is a human problem," said Bruce Schneier, chief security technology officer of managed computer network security service provider BT Counterpane. "The technical thing is that WikiLeaks enables this to happen easily and relatively safely, but fundamentally, human beings read these messages." When they have concerns, such as over the missile attack in Iraq, or this release of documents [from Afghanistan], then the related information may well find its way public.
WikiLeaks founder Julian Assange, who has talked about the global network of servers and technology that make his site "uncensorable," hammered that ease-of-submission point home yesterday. "We never know the source of the leak," he told reporters in London, according to published accounts. "Our whole system is designed such that we don't have to keep that secret."
"Fundamentally, this is about a whistle-blower," said Schneier. "No government or company can ever protect or defend against that. You can make it harder -- disable print, e-mail forwarding -- but at worst, I can take a photograph of the screen and mail it to you," he said.
In other words, the WikiLeaks phenomenon is primarily about people, not technology.
"In general, at any company and any government agency, authorized insiders have access to information, and if they decide to violate laws and policy and make inside information public, there is no 100% foolproof way of stopping them," said John Pescatore, VP and research fellow at Gartner Research. "That is why companies and government agencies spend a lot of time on background checks and personnel vetting, but that is not foolproof either -- as just about every spy case points out."
If you overly restrict access to information, such as the from-the-battlefield communications released by WikiLeaks, people can die, and do. "A good example is how much information the U.S. actually had prior to the terrorist attacks of September 2001 that were strongly protected and weren't shared, leading to a major failure of the intelligence community," said Pescatore.
Even so, he predicts that the fallout from the WikiLeaks disclosure, like the Pentagon Papers before it, may lead government agencies toward "an over-reaction towards too much secrecy, which then impedes real need for collaboration."
The real lesson, he said, should be about always trying to find the right balance between "need to know" with "need to share," which the private sector seems to do relatively well, said Pescatore. "Notice you don't tend to see, say, Cisco or SAP having corporate secrets released, but they do a very good job of collaborating across their companies. They balance security with usability -- it is not impossible to do so."
Unfortunately, he said, "governments tend to not be able to easily define that middle ground."
When will they learn?:
Health Net Agrees to $250,000 Fine and "Corrective Action Plan" to Settle Loss of Protected Health Information
http://www.infolawgroup.com/2010/07/articles/hitech-1/health-net-agrees-to-250000-fine-and-corrective-action-plan-to-settle-loss-of-phi/
Corrective Action Plan. A substantial portion of the eighteen page Judgment is devoted to detailing the Corrective Action Plan (“CAP”) Health Net now operates under. And the ongoing costs, expenses and efforts of fulfilling this CAP will be added on top of the $7 million spent as of the Judgment. Notable items from the CAP include (among others):
• The encryption of all laptop hard drives and all desktop hard drives.
There's little doubt that while Connecticut's Attorney General has been the first to reach a settlement of this type the forty-nine other Attorneys General have taken notice. Stay tuned.
Data Security in Flash Devices
http://www.glgroup.com/News/Data-Security-in-Flash-Devices-49611.html
Summary
USB drives, SSDs and other flash-based storage devices are used for storing personal and other sensitive data. Eliminating data on flash devices is required to help protect sensitive data. Traditional secure erase on flash creates endurance issues, crypto-erase is preferred. By the use of enhanced secure erase (or crypto-erase) SSDs should be able to be qualified as FIPS 140 complaint, making them available for many military and government applications.
Analysis
Getting rid of sensitive data is an ongoing issue with digital storage devices. Hard disk drives have long been primary storage repositories and technologies have been developed to remove access to data on these drives. There are commands in the SATA interface that can cause a disk drive to erase all of the data on the drive (or drive partition). This erasure is performed by overwriting the prior recorded information. The commands used are “security erase” commands. NIST document 800-88 defines ATA drive secure erase as a method to “purge” data, which provides adequate protection for all but the most sensitive information. Secure erase on a large storage device like today’s 2+ TB HDDs can take a long time since each recorded region must be overwritten.
In the last few years an alternative to overwriting data in hard disk drives, as well as other storage devices, has been developed by the Trusted Computing Group. In this method data is encrypted within a storage device where the encryption key resides in a non-user accessible location. Storage commands, such as SATA commands, can be used to control access to this encrypted data and generally the data can only be accessed by use of a password that allows use of the encryption key to decrypt the data so the user can access and use it. Encrypted mobile HDD for laptops are made by several companies and many expect that encryption will eventually be incorporated into most HDDs.
In an encrypted hard disk drive a special command enabled in the SATA specifications, called “enhanced secure erase” can be invoked that causes the hard disk drive to erase (write over) the key to the encrypted data. After the key is overwritten the data cannot be accessed unless the encryption is broken. With a high enough level of encryption, 256 bit encryption is common today, the encrypted data cannot be decrypted and read by any computer now in existence. Thus although the encrypted data remains on the storage device, it cannot be read.
Compared to conventional secure erase, enhanced secure erase is very quick, only requiring microseconds, and provides good protection of user data. This cryptographic secure erasure is recognized in the latest version of the US government’s FIPS 140, rev. 3 document, which covers security requirements for cryptographic modules.
With the increasing use of flash memory devices such as USB drives and Solid State Drives (SSDs) for primary storage of data, methods are needed to effectively erase and protect sensitive data. Traditional data overwrite techniques will lead to significant endurance and product life issues in flash memory devices since each erase in a flash memory cells shortens the remaining number of times the cell can be erased and reused. For this reason enhanced secure erase using key erasure is the preferred method.
The Trusted Computing Group is working with flash memory companies to incorporate enhanced secure erase in SSDs using onboard encryption. SSDs that can support enhanced secure erase should be able to be certified as FIPS 140 compliant. This is very important to get these products approved for military and other governmental applications.
Analyses are solely the work of the authors and have not been edited or endorsed by GLG.Thomas Coughlin consults with leading institutions through GLGQuestions for the authorThomas Coughlin
President, Coughlin Associates
Kantara Initiative delivers new insights
http://www.digitalidnews.com/2010/07/20/kantara-initiative-delivers-new-insights-at-burton-catalyst-conference-2010
An Open Identity for Business Interopability demonstration and an Authorization Standards Workshop will take place in San Diego at the Burton Catalyst event on July 27.
Businesses are faced with more options and decisions when it comes to addressing secure identity solutions. The event comes from the Kantara Initiative, an open forum allowing secure identity software users to divulge the existing challenges of the industry. Collaborarors include the OpenID Foundation, the Information Card Foundation, the Open Identity Exchange and Identity Commons.
These participants will host the Business Interop which will showcase open identity as a business enabler, drawing examples from different levels of assurance across multiple trust federations, new browser-based applications that use identity services to automate cross-site user experiences, and the newest mobile applications available.
Additionally Kantara is heading the Authorization Standards Workshop, which will explore the most current developments and trends in identity authorization, such as OAuth, User-Managed Access, and XACML
National Strategy for Trusted Identities in Cyberspace
http://www.nstic.ideascale.com/
TCG/Wave mention on NSTIC blog:
http://www.nstic.ideascale.com/a/dtd/TCG--Trusted-Computing-Group-has-worked-out-the-details/46754-9351
Use Full Disk Encryption to Secure Your Laptops
http://business.marko.us/use-full-disk-encryption-to-secure-your-laptops/
Nowadays, it seems that not many months will pass before we encounter yet another high-profile case of data theft or loss of entire laptops. With shipments of laptops surpassing those of desktops, we can expect the situation to worsen, not get better. Expensive enterprise solutions or convoluted configurations aside, is there a simple method or strategy that the SMB can adopt to better defend against data theft via the laptop? That was the question on my mind when I came across Seagate’s Momentus FDE (full disk encryption) hard disk drive. FDE incorporated into a hard disk drive means that all data written into the hard disk is transparently encrypted – and decrypted - without the need for operating system awareness or any form of intervention.
This latest generation of FDE hard disks from Seagate comes with capacities of between 160GB and 320GB, and with platter speeds of 5400rpm and 7200rpm, according to a recent PCWorld.com article. The hard disks encrypt data with military-grade 128-bit AES encryption; a drive of 500GB is expected to be available by the end of the year.
What is unique about Seagate’s FDE drives is that they incorporate the authentication mechanism at the firmware layer. Hence, the Momentus can be configured so that it will prompt for a secret password every time the laptop is booted up.
Just imagine how much better you would sleep in a scenario where all the laptops in your organization are equipped with FDE hard disks from Seagate. They can either be acquired together with laptops from vendors such as Lenovo, Fujitsu and NEC – or just purchased separately. Installing them is as simple as swapping the original hard disks with the FDE hard disks.
Obviously, the need to acquire the additional hardware does add to the cost of the solution. However, I believe this is the best solution for an SMB in terms of efficiency and ease of management.
P
UK OK on Trusted Computing?
Thomas Rosteck, Infineon Technologies and Paul Waller, CESG
http://www.security-news.tv/channel/vault
Trust and security in networked computing and communication is a major topic for governmental, commercial and private use of modern information and communication technology. Users, enterprises and governments are using digital processes for everyday and mission critical operations in trading, communication and banking amongst others, and they are assuming that the technology they are using is sufficiently secure.
The availability of information and access to data and systems has fundamentally changed over the last few years while the possibilities to attack systems have substantially increased. Most attacks against encryption for example, no longer focus on the encryption system itself but against the system integrity.
Since 1999 the standardization organization Trusted Computing Group (TCG; formally Trusted Computing Platform Alliance, TCPA) – has been working to define necessary components to improve security levels. The primary target being to establish trust and assurance that a system is working and acting as expected.
The results of this effort, known as Trusted Computing, has already found its way into hundreds of millions of PCs and notebooks, hard disk drives and other appliances (servers and mobile phones). The TCG also defines necessary infrastructure components that will build the basis to solve the aforementioned challenges.
With a broad membership of companies including Microsoft, Intel, AMD, HP, Dell, Infineon and Nokia, the TCG has already direct influence in a huge portion of today’s IT market. Government agencies like UK’s CESG and Germany’s Federal Agency for Information Technology (BSI) are also engaged in the work of TCG and provide valuable input into the specification work.
Core components of TCGs specifications are the “root-of-trusts” (RoT); the secure hardware components inside the devices. Depending on different appliances these RoT’s have different flavors. In this article we will focus on the TPM (Trusted Platform Module) for PCs and notebooks.
A TPM can help to make a PC more secure by providing the following functionalities:
•Support system integrity;
•Secure authentication and attestation;
•Secure storage.
Integrated within the TPM are measures to provide the basis for a system integrity check. During system start-up, the TPM securely collects information about the boot process. This information can be provided to authorized parties or systems to check whether the system is in the expected status. Additionally, it can provide strong authentication, which enables a PC to authenticate itself to a network with hardware-protected information. The secure storage provides additional possibilities to store system, user keys or secrets.
The security features allow the TPM to counter a huge variety of attacks. They have to be resistant against logical attacks of viruses, Trojan horses, or direct attacks over the network. TPM’s have countermeasures against Dictionary Attacks, so pass-phrases used for the authentication to the TPM cannot be broken by brute force attacks. However there are also countermeasures against certain physical attacks that have been implemented.
The TCG is following existing schemes and are standardizing the minimum level of security for a TPM based on the Common Criteria standard. However, there are no absolute guarantees to security - with enough time, effort and equipment, security measures can be broken. Therefore security measures have to be defined specifically for target markets, taking into account which levels of security are most appropriate and affordable. To reflect previously mentioned attack scenarios and to keep the cost sensitivity of the target devices in mind, TCG defined the Common Criteria level ‘EAL 4 moderate’ as appropriate for its mainstream target audience consisting of enterprise, government and consumer users.
The main applications currently utilizing TPM support are:
•Secure Boot: Systems are only providing full capabilities if the booting process was performed in the expected way;
•Hard drive encryption: The main key for the hard drive encryption is protected by the TPM. This especially protects the so-called data-in-rest. In combination with secure boot Microsoft’s Bitlocker it only allows access to the hard drives when the boot is performed in the expected way;
•Authentication to network: Protecting the authentication information necessary to enter corporate networks or WLAN environments;
•Integrity protection of software (e.g. virus scanner): The software can check its own integrity versus the information stored in the TPM.
Since TPM-based platforms have been widely available and have achieved a high threshold in organizations, enterprise system administrators are utilizing these additional protection methods. It is not however only private enterprises that have understood the value of Trusted Computing, governments are also starting to use TCG based products to fulfill the security tasks they are facing, which the following example of CESG shows.
CESG is the UK National Technical Authority for Information Assurance, with responsibility for providing technical advice and guidance to UK government departments on protecting their data and networks. Information Assurance is the confidence that information systems will protect the information they handle and will function as they need to, when they need to, under the control of legitimate users.
UK government networks span a huge variety of threat environments, from military deployments through to local authority administrative systems. CESG's remit covers all of these systems.
In the former case, the perceived threats are from highly motivated and very well resourced adversaries; therefore security critical network components must be extremely resilient to concerted, directed attack. Products designed to meet these demanding security requirements are very expensive, therefore tend not to be suitable for large scale commercial deployment. At the lower threat levels (healthcare, local government etc.), the number of users is much larger and lower cost security solutions are required; there is however still a significant threat to these networks from a variety of potential attackers. CESG therefore has a keen interest in commercially available technologies, which can provide an appropriate level of security to protect these systems.
Modern ways of working and financial pressures are increasing the demand for mobile working. Mobile working requires strongly authenticated remote access to networks and secure storage of data on mobile computing platforms. Potential uses of TCG technologies include helping to meet these requirements. For example, key material for storage encryption can be stored in the TPM when the platform is powered down, requiring an adversary to mount a physical attack on the TPM to retrieve data from a stolen platform. Also, the TPM can store authentication credentials and perform signing operations; it can hence be used to permanently protect those credentials in hardware. In future, measurement and attestation functions cold allow networks to restrict access if a platform is not in a known state. CESG is an active liaison member of the TCG, and works closely with other TCG members to realise the benefits of Trusted Computing technologies.
As well as the industry making this technology available to consumers, a degree of assurance is required that the products being deployed will actually provide the expected level of security. Gaining assurance in a product requires a certain level of independent analysis from design and development to deployment. The TCG Certification Program for TPMs provides a degree of assurance via the Common Criteria process. CESG conducts further assurance work where a higher level of confidence is required in a particular security mechanism.
In the case of the recently completed work on the Infineon TPM's secure storage capability, CESG worked closely with Infineon to analyse the design in detail and understand the approach to security throughout the development process. This builds confidence in the product and the development process to maintain/improve the level of security as the product evolves. Importantly, the product was assessed as suitable for use at low impact levels. There is a clear requirement in these environments for robust security measures to protect sensitive data (e.g. financial or personal records), however it is not necessary to invest in military-grade equipment designed to withstand highly sophisticated and costly attacks.
The TPM assessment is an example of working closely with key industry partners to gain assurance in key security technologies. Other components of the Trusted Computing ecosystem require similar analysis if they are to be deployed in UK government secure networks. Initiatives such as Trusted Computing offer an opportunity for the IT industry to 'raise the bar' in security terms; with appropriate assurance processes it will be possible to increase the level of trust we are able to place in our computing platforms.
Intel SSDs hit brick-and-mortar Best Buy stores en masse
http://www.computerworld.com/s/article/9178640/Intel_SSDs_hit_brick_and_mortar_Best_Buy_stores_en_masse?taxonomyId=19
Over the past two years, solid-state drives (SSD) have mainly been sold directly to laptop or portable device manufacturers or through specialty online consumer electronics retail sites that have only a few dozen brick-and-mortar outlets, like Fry's Home Electronics or CompUSA.
That changed last week when Intel Corp. announced that its flash drives will be the first to be sold traditional retail stores, in this case more than 800 Best Buy stores. Other companies, such as SanDisk Corp., said they will soon follow suit and sell their SSDs in brick-and-mortar stores.
The move to selling SSDs in brick-and-mortar stores is likely an indication that consumers are warming up to flash memory storage technology as the drives become affordable enough to either replace or supplement their computers' hard disk drives.
"The move to brick-and-mortar retail stores broadens the target consumer profile," said Gregory Wong, an analyst at market research firm Forward Insights. "Gaming and technically sophisticated users will continue to be the main consumers for SSDs, but retail will enable SSD vendors to reach mainstream consumers. Offering SSDs in mainstream retail outlets is a necessary step toward broadening the appeal of SSDs and enabling further adoption of SSDs as prices come down."
Jason Bonfig, Best Buy's vice president of computing, said last week that SSDs will become increasingly popular "as people realize how much faster they can boot up and run their favorite software or work-intensive applications."
"Our customers are looking for the latest and greatest in technology and entertainment experiences," Bonfig said in a statement. "Now they can purchase an Intel SSD and add it to a new or existing computer for a makeover that will improve their computing or gaming experience."
OCZ also sells its SSDs in computer retail outlets such as Micro Center, Tiger and Comp USA.
SSDs are still up to 10 times more expensive than hard disk drives, and they have increased in cost over the past year or so. The per-unit price of flash memory chips, which are stacked inside hard drive casings to create SSDs, rose to $4.10 in the second quarter of last year, representing a $1.80, or 127%, increase from the final quarter of 2008.
Hard disk drives sell for about 30 cents per gigabyte. Wong believes that for PC, notebook and netbook manufacturers, SSD prices will drop from about $1.90 per gigabyte today to about $1.70. Online shoppers shouldn't see any marked decrease in pricing and can expect to continue to pay $3.00 to $3.30 per gigabyte for SSDs on sites like Newegg.com.
Intel is offering its consumer-class SSD, the 80GB X25-M, in Best Buy stores for $229.
The typical SSD, with anywhere from 80GB to 120GB of capacity, costs from $215 to $400 on e-retail sites such as Pricegrabber.com or Newegg.com.
In comparison, a hard drive with up to 1TB of capacity can be had for as little as $90.
For mainstream consumers, SSDs beat out hard disk drives when it comes to performance, particularly for computer boot-up or application load times. In many cases, they offer more than twice the I/Os per second. In Computerworld's own benchmark tests, SSDs handily beat out hard disk drives in a cold boot contest -- 20 seconds for the SSD versus 40 seconds for the hard drive.
The SSD also beat the hard drive in the restart competition, taking 26 seconds to the hard drive's 37 seconds.
And because SSDs have no moving parts -- such as actuator arms or motors -- they are more durable than hard drives and therefore may be better choices for use in mobile devices.
While SSDs still cost 10 times more than hard disk drives, there is a crossover point where the base cost of a hard drive -- about $40 -- would buy an SSD with about 16GB of capacity.
Users could combine the technologies. For example, lower-capacity SSDs could be used to run a PC's operating system and key applications, while a secondary internal or external hard disk drive could be used to store files. SSD manufacturers have recognized that crossover point and have begun selling lower-capacity SSDs aimed at supplementing hard drives as boot drives.
For example, Intel is positioning its 40GB X25-V Value SSD as a boot drive. That drive will sell for $129 in Best Buy stores.
"When you upgrade to an Intel solid-state drive, you see a dramatic improvement in your computing experience," said Pete Hazen, director of marketing at Intel's NAND solutions group. "We've already shipped more than a million SSDs, and consumers are realizing that SSDs aren't just an alternate means of storage, but a performance enhancement that brings a new level of responsiveness to their computer."
Wong said one of the main obstacles to faster SSD adoption is that many consumers don't yet understand the benefits of solid-state drive technology. The decision to sell SSDs in brick-and-mortar stores should boost consumer awareness and understanding of the devices, because sales personnel will be able to help educate shoppers about the technology, he added.
In addition, Best Buy's Geek Squad user support operation "provides a broad service network that can help consumers and small businesses migrate their PCs to SSD solutions," Wong said.
Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian, or subscribe to Lucas's RSS feed . His e-mail address is lmearian@computerworld.com.
Interesting Article:
Warfighters on the digital battlefield require robust information technology for secure, reliable, real-time access to mission-critical information
http://www.militaryaerospace.com/index/display/article-display/3299990254/articles/military-aerospace-electronics/exclusive-content/2010/6/warfighters-on_the.html
“A lot of people are focusing on data assurance and drive encryption,” Lamb notes. “Customers want full drive encryption, or FDE. Everything from every application and the operating system itself becomes part of full-drive encryption.
Safe and secure
“As armies become more dependent on information technology, they will develop new kinds of vulnerabilities,” writes Berkowitz. The need to secure classified information has always been prevalent in military environments, and it is even more critical given the amount of data being gathered, exchanged, and stored across the battlefield among coalition forces.
Right now, a major shift is happening in the security realm. “It is mainly being driven by the need to communicate with a broader based coalition of allies,” Korecki notes. “As our customers want to communicate more information, with more allies, and even across the services, the need for integrated security has grown. With the need to connect and share comes the need for cross-domain products that can enable classified data to flow appropriately across boundaries between networks with different system security levels.”
By Courtney Howard
Bits and bytes of data and information are as important as bullets and bombs on today’s battlefield -- if not more so. Many defense organizations, in fact, understand well the competitive warfighting advantage gained through the efficient exchange of mission-critical data.
To that end, the U.S. Department of Defense (DOD) is pioneering network-centric operations (NCO) and network-centric warfare (NCW), intended to increase mission effectiveness through optimized information sharing and collaboration across a robust, distributed network. At the same time, the United Kingdom Ministry of Defence is striving toward network-enabled capability, or NEC, and the Swedish Armed Forces are adopting network based defense, abbreviated NBD.
“The ability to collect, communicate, process, and protect information is the most important factor defining military power,” writes Brian D. Berkowitz in The New Face of War: How War Will Be Fought in the 21st Century. “Information technology is so important in war today that it overwhelms everything else.”
Wars are increasingly digital; battlefields are transforming into robust networks of informed, geographically separated military personnel; and, the role of electronics and information technology is growing in military environments. The digital battlefield is not without its challenges, which the DOD and industry technology partners are working diligently to overcome.
Greater data
Growth in the number and the capabilities of “sensors and robotic platforms have accelerated the generation of data,” says Joe Miller, director of Joint Tactical Radio System (JTRS) Ground Domain for General Dynamics C4 Systems in Scottsdale, Ariz. “This data must be collected, processed into information, and disseminated in a timely fashion to improve situational awareness, command, and control.”
Aaron Frank, product marketing manager of switches and routing products at Curtiss-Wright Controls Embedded Computing in Kanata, Ontario, also notes an “increased awareness of the value of sharing of information from one system to another, and between systems. As we see and use more and more information on the battlefield, and as this information is increasingly shared between groups, it will enable better decisions to be made to ensure successful tactical missions.
“A key element in the digital battlefield is the value of situational awareness information, and this information needs to be shared among the various teams, whether they are on the ground, in the air, or at base camps,” Frank continues. “To achieve this information sharing, systems must communicate over a variety of mediums, and with absolute security to protect sensitive data. So we need to manage an ever-increasing volume of sensitive information, and to share it within and between systems.”
Mission-critical data also now takes many forms. “Voice no longer dominates the spectrum,” Miller adds. “It now shares bandwidth with video and packet data.” Everyone wants video and needs to distribute that video over a heterogeneous network, explains Jon L. Korecki, executive director of strategic development at ViaSat Inc. in Carlsbad, Calif.
The use of unmanned aerial vehicles (UAVs) for information generation and dissemination has significantly increased the demand for digital video solutions, while the vulnerability of analog UAV feeds has expanded the need for data security in military environments, Korecki continues. “A key challenge is providing the video feeds from UAVs to all the stakeholders in a secure, managed way.”
More cores
Sensor-laden unmanned vehicles are being fielded in ever greater numbers, generating a wealth of data and driving the need for faster, more secure networks, greater bandwidth, increased processing power, and data storage. Legacy systems are largely unable to handle the increased workload of the digital battlefield.
“The trend is to use more off-the-shelf products to solve the problem today,” Korecki explains. “Customers don’t want to spend their money on a system that requires many years in development, but rather one that can be fielded in days.”
Meeting warfighters’ needs, including requirements for more processing power and more storage, “involves keeping up with the latest commercial off-the-shelf (COTS) systems,” admits Russ Clark, vice president of partnered solutions for DRS Technologies in Parsippany, N.J. “For example, Nehalem processors are already migrating into Westmere processors (6 cores vs. 4 cores).
“Our customers want the latest most powerful equipment that they can get their hands on,” Clark continues. “The biggest challenge we see is synthesizing the data collected and quickly disseminating the result to those who need it.”
Technology firms and military organizations are also tapping more powerful, multicore devices to tackle multiple military applications on a single, compact computing platform. Multicore processors allow for more tightly integrated data and information processing, as well as provide a more efficient SWaP platform, observes Frank.
“The move to multicore architectures allows for consolidation of traditionally discreet hardware devices into single multifunction devices,” reveals Robert Day, vice president of marketing at LynuxWorks in San Jose, Calif. “This is much needed in the battlefield, where avionics and vehicles need to reduce size, weight, and power (SWaP). Having a multicore solution combined with a MILS (Multiple Independent Levels of Security/Safety) separation kernel is a way to implement this with increased information and data security.”
Frank sees software-based MILS as the way of the future in embedded computing applications. “Size, weight and power, performance, cost, and cooling (SWaP2-C2) constraints make it unfeasible to maintain separate security enclaves on independent and redundant computing platforms.”
Safe and secure
“As armies become more dependent on information technology, they will develop new kinds of vulnerabilities,” writes Berkowitz. The need to secure classified information has always been prevalent in military environments, and it is even more critical given the amount of data being gathered, exchanged, and stored across the battlefield among coalition forces.
Right now, a major shift is happening in the security realm. “It is mainly being driven by the need to communicate with a broader based coalition of allies,” Korecki notes. “As our customers want to communicate more information, with more allies, and even across the services, the need for integrated security has grown. With the need to connect and share comes the need for cross-domain products that can enable classified data to flow appropriately across boundaries between networks with different system security levels.”
The National Security Agency (NSA) has been driving a transition from traditional Type 1 high assurance protection to a common standard of Suite B and non-CCI (cryptographic controlled item) products. In fact, the NSA has defined a new product category for broad based use: Cryptographic High Value Product (CHVP). ViaSat worked with the NSA on the certification of what is being called the first CHVP device, the IPS-250 encryptor. The IPS-250, designed for all coalition use, is the first Suite B-based HAIPE (High Assurance Internet Protocol Encryptor) inline network encryptor. “ViaSat is focused on providing secure communications to the warfighter, and we want push the envelope with new innovations that continue to improve information sharing on the battlefield,” Korecki says.
Software-centric communiqué
One such information-sharing innovation, software-defined radio (SDR) is fast becoming the dominant technology in military radio communications, as the DOD seeks to replace traditional radio network elements with SDR components and systems on the battlefield. The Joint Tactical Radio System (JTRS), a high-profile SDR garnering significant attention, is designed to deliver reliable, flexible, and interoperable voice and data communications to meet diverse warfighter needs via handheld, vehicular, airborne, and dismounted radios and base stations.
JTRS is based on an international, open Software Communications Architecture (SCA), a standard that uses CORBA on POSIX operating systems and enables increased functionality, flexibility, and expandability. Via the SCA, JTRS removes communications barriers that have previously limited information sharing between different types of incompatible radios used in battlefield operations.
The secure radios handle classified information, as well as sensitive but unclassified (SBU) data. SBU or Type 2 certified radios employ new information assurance technology that enables them to be operated by soldiers without security clearances, lowering the cost of the radio and simplifying the logistics around it, Miller describes. Radios that handle classified data are certified to Type 1. Security Verification Testing on all radios is scheduled for later in 2010, which will lead to full NSA certification in mid-2011, he says.
“Joint Tactical Radio System Handheld, Manpack, Small Form Fit (JTRS HMS) is providing next-generation tactical networking radio products to the edge of the battlefield,” Miller says. “These radios provide the additional bandwidth needed for data-hungry applications.” Additional benefits include greater throughput, frequency agility, small size, and light weight. “Our smallest networking radio weighs approximately half a pound. The networking capability provides the reliable, secure exchange of data between any node within the network. They also provide the ad-hoc networking functions needed for mesh routing to maintain connectivity in challenging environments.”
Connectivity challenges
Battlefield dynamics are accelerating, bringing in not only urban areas and villages, but also rugged mountainous terrain and caves, Miller explains. “This diverse environment presents challenges for communications networks. These networks cannot rely on fixed infrastructure like towers and repeaters; they must self form and self heal.
“Each radio in the network must be able to act as a repeater to extend network coverage,” Miller continues. “Networks are often forced to split and then merge, reestablishing themselves as forces move through these areas. When local line-of-sight connections are lost, signals must be routed via other means including relays through Unmanned Aerial Vehicles or satellites.”
Engineers at Raytheon Co. in McKinney, Texas, have introduced a system for tactical network communications that automatically and continually adapts to network changes and challenging urban environments. The Enhanced Mobile Ad-Hoc Network Radio System is designed to provide netted communications and tactical data for coalition interoperability and seamless coalition use in vehicle and dismounted applications.
“Our new EMARS system supports a broad range of time-critical missions, such as air defense, command and control, and situational awareness, as well as user-defined host applications,” remarks Brian McKeon, vice president, Raytheon Network Centric Systems Integrated Communications Systems. “It supplies twice the data rate of our earlier system to enable EMARS' enhanced multifunction capability and provides even greater efficiency in secure wireless data exchange.”
EMARS combines Raytheon's Enhanced Position Location Reporting System-XF-I, MicroLight DH500 handheld radio, and MANET (mobile ad-hoc networking) technology. “It provides a wireless, Internet Protocol (IP) capability network that implements Advanced Encryption Standard encryption over an extended frequency range,” says a spokesperson. “The system also uses the most advanced EPLRS waveform available for simultaneous voice, video, data, and critical position location information.”
SDR with COTS
“The rapid migration to software-defined radios using advanced multicore platforms, like the [Texas Instruments] OMAP3530 chip,” is a trend on the digital battlefield, reveals Chip Downing, director of Aerospace & Defense at Wind River, a wholly owned subsidiary of Intel Corp. in Alameda, Calif.
Wind River has collaborated with PrismTech in Woburn, Mass., in the development of a high-performance SDR solution that combines Wind River's VxWorks 6 real-time operating system (RTOS) with PrismTech's Spectra SDR Operating Environment. It offers compliance with SCA 2.2.2 and POSIX PSE52 runtime libraries, and includes a small form factor core framework and embedded, object request broker (ORB) middleware. Harnessing the power of multiple Freescale and Intel processors, the SDR solution can achieve roundtrip times of less than 10 seconds to power up, initialize the platform, load waveform components, unload waveform components, and shut down the radio.
“This collaboration will help the shift from hardware-centric, proprietary radios, to software-controlled, reprogrammable, standards-based radios that offer maximum flexibility and value,” says Rob Hoffman, general manager of Aerospace and Defense at Wind River. “By using COTS platforms and tools, project managers can help manage the risks of one-off custom software developments by exploiting the tooling support and robust testing, packaging, standards compliance, and professional support of commercial software products.”
The solution aids SDR developers to use COTS components that adhere to SCA software radio standards, enabling radio manufacturers to meet stringent requirements of the military and public sectors, including standards mandated by the DOD for JTRS and validated by the JTRS Test and Evaluation Laboratory (JTEL).
“Many U.S. military communications suppliers are now looking at developing their next-generation communications system based upon this powerful combination of technologies,” says Downing. “The future is both challenging and bright. The challenge comes with making Common Criteria security documentation and supporting evidence for a COTS product. The bright spot is that the entire industry has the capability to do this, and we will rapidly enable this in a wide variety of future platforms with the cost and quality advantages of all COTS solutions.”
A win for WIN-T
The Warfighter Information Network-Tactical (WIN-T) is another element, along with JTRS, in the U.S. Army’s LandWarNet NCO initiative to deliver high-speed communications and combat-related information to networked soldiers in the field.
Lockheed Martin, the lead for the WIN-T Increment 3 Transmission Subsystem, has completed an In Process Review (IPR) for the critical design of the next phase of the Increment 3 Transmission Subsystem. The IPR assessed the design maturity of all hardware, software, and firmware elements of the Transmission Subsystem, which includes advanced components for both satellite and terrestrial communications at-the-halt and on-the-move, such as multichannel radios, antennas, and communications waveforms.
“The transmission subsystem provides the foundation for the network's dynamic capability to transfer data over a highly dispersed, noncontiguous area,” says a spokesperson. “Increment 3 continues development of the components needed to meet the full range of network capacity, security, and full on-the-move capabilities for the Army's modular force.”
The milestone, achieved last month, marked the culmination of more than five years of development for this subsystem, explains Jim Quinn, vice president with Lockheed Martin's Information Systems & Global Solutions-Defense in Gaithersburg, Md. “This review allows us to move into the corresponding implementation and test phases of the program, so warfighters can soon realize the substantial advantages WIN-T brings to the battlefield.”
General Dynamics C4 Systems is the prime systems integrator for WIN-T, the team members of which include: Lockheed Martin, BAE Systems, Harris Corp., and L-3 Communications. With the IPR complete, the team moves into the build-and-test phase for the Transmission Subsystem components that form the tactical communications network.
Airborne RTOS
Battlefield information technology tools, such computing and communications systems, are taking advantage of various commercial components, including both hardware and software. LynuxWorks’ Day is seeing this dual COTS trend, as well as the convergence of safety and security, in such areas as avionics.
“The requirements for fault-tolerant avionics systems to be connected and consolidated, and add security functionality to protect from malicious attacks, is starting to become reality,” Day explains. “This functionality really requires the use of modern separation and partitioned software RTOSs to be combined with more traditional desktop OSs and, at the same time, drives the need for multicore and virtualization-ready hardware platforms.”
Main flight control applications are not ready for this move yet, especially in commercial avionics; but, for other avionics subsystems and in some military applications, the time is right, according to Day. “LynxSecure was designed to be safety and security certified and, hence, can run OSs and applications at different levels of safety and security next to OSs and applications that are more general purpose, with the separation kernel managing the partitioning between them,” he says.
Barco in Kortrijk, Belgium, selected Wind River VxWorks 653 operating system as the foundation for its CDMS-3000 Control Display and Management System, employed in French armed forces aircraft. “The CDMS-3000 product family is a next-generation offering that provides openness and flexibility to customers, while also offering COTS certification to systems integrators,” says Jean-Christophe Monfret, product management director at Barco. “As a foundation for the future, we required an industry-leading, COTS DO-178B-certified RTOS. Barco chose Wind River VxWorks 653 to power the CDMS-3000, which has been selected for a variety of civil as well as military transport and surveillance aircraft.”
Separation kernels at sea
The U.S. Navy, concerned with the security of shipboard systems, launched the Open Architecture Computing Environment (OACE) initiative. Navy officials are partnering with technology firms to develop OACE, a compatible set of COTS computing infrastructure components, including hardware and software, that serves as the computational framework upon which tactical and support applications are built.
LynuxWorks’ LynxSecure separation kernel is incorporated in the U.S. Navy's Common Display System (CDS), an $83 million OACE project that supports the modernization of DDG1000 Zumwalt destroyers and Aegis guided missile destroyers. CDS, a survivable and configurable high-assurance workstation, provides operators access to multiple shipboard applications simultaneously.
The LynxSecure separation kernel and hypervisor enable multiple guest operating systems to run concurrently at different security levels, without compromising security, reliability, or data integrity, says a company spokesperson. “This is critical because military systems such the CDS display console system require adherence to rigid high-assurance security requirements.”
Open-source OS
Another operating system gaining military interest is Google’s Android, which uses a modified version of the Linux kernel, includes middleware and key applications, and is designed for mobile devices. Engineers at Raytheon Co. in Falls Church, Va., employed Android software tools to develop a mobile device application to facilitate faster intelligence sharing.
The Raytheon Android Tactical System (RATS) delivers multimedia content on a common mobile device to warfighters on the battlefield, potentially accelerating the decision-making process from hours to minutes or seconds. The RATS device disseminates vital intelligence data, which is instantly viewable and searchable via the Distributed Common Ground System (DCGS) Intelligence Backbone (DIB) architecture. Raytheon engineers continue to develop Android applications for intelligence collection and analysis—such as license plate reading, streaming video camera feeds, and facial recognition—intended to enhance warfighter safety with tactical alerts based on the intelligence collected.
Solutions exist to help engineers devise embedded applications for the Android OS on mobile devices. Google offers an Android Software Developers Kit (SDK), whereas Mentor Graphics in Wilsonville, Ore., provides its Nucleus RTOS, SimTest Android Emulator, expert services and support, and video tutorials, Webinars, and white papers on designing for the Android open-source platform.
“RATS provides U.S. military forces with a last mile of connectivity for delivering images and full motion video to our warfighters,” says Mark Bigham, vice president of Raytheon's Defense and Civil Mission Solutions. “We are providing an innovative technology that is available in the commercial market and applying it to warfighter needs. Utilizing existing technologies provides developers the ability to focus on requirements that our warfighters need now.”
Information at hand
“Applications are being distributed down to the soldier as display and processing technologies have significantly dropped in size, weight, and power,” Miller recognizes. “The trend to move data applications down to the individual soldier will continue. Much like the iPhone and Droid applications in commercial cellular, soldiers will have access to applications to increase their effectiveness and improve their safety.” Examples include mapping, chat, and command-and-control applications, all of which require data and further drive the need for networking and greater bandwidth, he says.
Lockheed Martin engineers in Orlando, Fla., have developed the Tactical Digital Assistant (TDA), a ruggedized, tactical handheld device providing situational awareness, command-and-control, and blue force tracking capabilities to brigade and below forces. Dismounted soldiers with the TDA can maintain secure communications and exchange vital position and situational awareness data with mounted forces in an operational environment. The TDA supports shared full-motion video and sensor command and control, can host Android, and sports an open architecture and a ruggedized design able to withstand harsh environments.
“The Lockheed Martin TDA leverages our systems integration experience to meet tactical-level warfighters' critical needs in a joint operational environment,” describes Rich Russell, director of Sensors, Data Links, and Advanced Programs at Lockheed Martin Missiles and Fire Control. “Our solution supports on-the-move communication and information sharing with vehicles and other platforms for improved intelligence, surveillance and reconnaissance, and enhanced combat readiness.”
Rugged data handling
Makers of portable computing platforms continue to enhance the capabilities of rugged laptops and handheld computers to meet military data demands. “The trend to continuously improve the performance in rugged computers does not show any sign of ending,” Clark admits.
Personnel at Getac Technology Corp., maker of rugged, mobile computing solutions in Irvine, Calif., gain many customer requests for faster processors and better graphics, says John Lamb, Getac’s director of marketing. In fact, Getac engineers have upgraded the company’s E100 tablet PC with such commonly requested features as a more powerful, 1.6GHz processor, a hot-swappable battery, and a 80-gigabyte solid-state drive.
“A lot of people are focusing on data assurance and drive encryption,” Lamb notes. “Customers want full drive encryption, or FDE. Everything from every application and the operating system itself becomes part of full-drive encryption.
“Long-range Wi-Fi—not consumer-grade, but 100-milliwatt Wi-Fi—is another common request,” Lamb adds. Distance is a challenge with Wi-Fi, because it fails and devices often lose the connection. “Customers are looking for longer-range Wi-Fi. Getac has developed, tested, and deployed systems with long-range Wi-Fi. It is an ongoing trend.”
Satellite communications
As the amount of information to be shared has grown, the demand for more bandwidth in battlefield communication systems continues to grow, Korecki says. “The continuing trend is to Internet Protocol (IP)-based networking for most new communication systems being developed or deployed. The shift to IP has been in response to the need to sharing situational awareness data, specifically video, across a unified digital battlefield.”
Also driving the requirement for more bandwidth on the battlefield are the increased demand for UAVs and video surveillance, and the need or mandate to secure video links and protect IP networks from cyber attack, Korecki explains. ViaSat is investing in the development of high-capacity satellites, such as the company’s deployable satcom terminals, to meet growing bandwidth needs and low-cost requirements, he says.
The company is building UAV feeds, based on its Enerlinks digital video data link system for UAV video transmission, that can use private and commercially available satellite capacity and distribute it anywhere on the battlefield.
GigE on the GIG
Battlefields and network-centric operations might soon require Gigabit Ethernet (GbE) network bandwidth to connect with the DOD’s Global Information Grid (GIG), given the rate at which data is being gathered and disseminated daily.
In particular, there is “growing interest in using Ethernet everywhere in an ISR [intelligence, surveillance, and reconnaissance] system, all the way up to the sensor,” says Ian Dunn, Ph.D., chief technology officer at Mercury Computer Systems in Chelmsford, Mass. “A few of our radar customers are probably on the cutting edge of this trend: They have many sensor elements, all producing gigabits of data, driving a large Ethernet network.”
“For now, customers are not talking about a single, converged network, but instead multiple independent networks used for distributing raw sensor data to a signal processing subsystem, for interconnecting signal processing, data exploitation, and information dissemination functions, and for command and control,” Dunn continues. “While separate networks allow for the isolation of the various traffic flows, Ethernet brings with it an expectation of ubiquity for data as well as command and control.” Nonetheless, he envisions a day when separate networks are virtualized and folded onto a single network or, at least, fewer networks.
Curtiss-Wright’s Frank, too, is seeing “an increasing desire to converge live video, data, and voice on one managed network within a platform, which is driving us toward 10GbE faster than expected.” As information is increasingly shared between groups, it will enable better decisions to be made to ensure successful tactical missions, he says. “We are seeing a move to GbE Networking versus MIL-STD-1553 for communications between platforms on the battlefield.”
OpenVPX on the battlefield
In the open standards arena, engineers and executives at Curtiss-Wright are witnessing a move to VPX/OpenVPX versus VME for information and data in the embedded battlefield. “This standards-based approach provides segmented backplane connectivity and facilitates separate data, control, management planes,” Frank mentions. “VPX systems provide higher intra-system, cross-sectional bandwidth and can support higher bandwidth sensor interfaces—both important in meeting the operational requirements of current programs and providing growth for the future.”
Mercury Computer Systems is announcing a line of rugged, OpenVPX servers to address the growing need for more netcentric operation, and to support the convergence of signal processing, mission computing, data exploitation, and dissemination in a rugged compute cluster. “With the exception of signal processing, very little is done at the sensor today,” Dunn says. “We believe these SWaP-efficient products could tip the balance in favor of doing as much processing as possible at the sensor, with goal of improving the time-to-information metric.”
Data on the move
From a hardware standpoint, solid-state storage (SSD) technology is dramatically affecting how system designers think about data acquisition and retention, explains Jaden Ghylin, technical director at Crystal Group in Hiawatha, Iowa. “SSDs are opening up a whole new realm of possibilities for capturing data that just wasn't possible with rotational hard drives,” he says. ”We are now able to capture terabytes of data in a matter of hours on mobile surveillance platforms. This capability allows for the capture of extremely high resolution images and video while on the move.”
Advances in SSD technology also increase the amount of data radar and video capture applications can collect in real time, enabling high-definition video capture and the addition of more cameras and sensors on surveillance platforms, Ghylin explains. Solid-state Rugged Drivepacks (RDp) from Crystal Group are designed to meet growing demands for high storage capacities and increased information security. Soldiers can transfer or secure data quickly by physically swapping out the drive packs.
”The ability to physically remove storage media from the computer system is an almost universal requirement from our customers and, thus, Crystal has designed all its systems with multiple, removable drive bays,” he says. Advances in SSD performance, along with the introduction of Intel's multicore Nehalem and Westmere CPU architectures, are providing massive bandwidth and processing capabilities, Ghylin describes. “System designers are now able to consolidate multiple systems into one or vastly expand the capabilities of the system.” Designers are also taking advantage of performance increases through virtualization, replacing multiple computers in a rack with one high-performance server, he continues.
Crystal Group’s RS378 SSD storage system is deployed on the CV-22 Osprey, described by Ghylin as one of the most challenging airborne platforms. ”The tilt-rotor design of the Osprey results in extremely high vibration levels during the transition from helicopter to airplane.” The RS378 with SSDs is designed to handle this type of environment and can be used to store maps or for real-time video and data capture, among other applications, he says.
DRS Technologies provides rugged servers designed for mobile military applications that run on military vehicle power and “operate under conditions that would destroy a commercial unit,” says Clark. One customer selected the company’s DC-powered servers to be installed into vehicles and used “on the move” to gather sensitive data and transmit it in real time to operations centers.
Exponential and continual growth
The strong trend of capturing more data to improve military intelligence capabilities will continue, Ghylin predicts. “The military is just beginning to experience the same explosion of data that has been seen in the enterprise world for the past 10 years. The challenge will be to provide systems with enough performance to process and store this data as it comes in.”
“Technology and applications need to address how to sort through all the sensor data being collected faster, easier, and using less manpower, as the DOD’s appetite for more data will only increase,” Clark forecasts. “Second, we need to solve the issues involved in sharing intel and data with those who need it on the battlefield—U.S. forces and its allies.”
Dr. Stephen Jarrett, chief technologist at the U.S. Navy Space and Naval Warfare (SPAWAR) Systems Center in Charleston, S.C., might tend to agree. “We are inundating the soldier with data, not information,” he said in his talk during the Military & Aerospace Electronics Forum in San Diego last month. “If you go into Walmart, they can tell you what you bought last time and anticipate what you are likely to buy this time. We need a similar solution to assist the soldier in the field who needs specific data; we need to anticipate his needs and deliver on them.”
Technology firms serving the mil-aero community will doubtless continue to innovate and deliver ever more rugged, secure, and high-performance information technology tools with which to manage and exploit what many describe as a military intelligence explosion.
New (German) court ruling:
http://www.huffingtonpost.com/christopher-burgess/three-good-reasons-to-loc_b_599945.html
A German court recently fined an owner of a wireless router for not appropriately securing a device and thus allowing the device to be used by a third party to connect to the internet via the router and engage in illegal download activity. The court in Karlsruhe, Germany noted "Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation." The court noted that owner could be fined up to 100 Euros. Regardless of the laws in your area, legal problems are only one of many reasons to ensure your router is secure.
Apple iPhone fails security 101
http://www.tgdaily.com/mobility-features/49972-report-apple-iphone-fails-security-101
A security researcher has claimed that Apple's iPhone fails to adequately protect user data from unauthorized access.
"People should understand that the iPhone 3GS fails to provide full disk encryption (FDE) which renders useless by how the phone manages the protection of the encryption key and that the authentication model for the FDE is also broken," Bernd Marienfeldt wrote in a recent blog post.
"Most of automatic sync and update features are built around Microsoft's Exchange Server. However, important security profile management and updates can be achieved by manual interaction of the user without using Exchange."
Marienfeldt also noted that the iPhone's operating system was specifically designed to "only run" software with an Apple-approved cryptographic signature.
"This should protect from malicious third-party applications but it certainly leaves authority and actual security management fully in the hand of Apple," he explained.
"There is no open source code involved and applications can only be chosen from Apples apps store. Apples recent removal of random content and apps makes users wonder if the trust in Apple is justifiable."
According to Marienfeldt, security restrictions can be easily "overcome" by jailbreaking the device, which involves replacing the iPhone's firmware with a slightly modified version that does not enforce signature checks.
"Jailbroken phones are at risk for an iPhone worm and system compromise through malicious applications...[And] there is no way to directly encrypt or sign your email."
Finally, Marienfeldt revealed that he had discovered a critical data protection vulnerability on PIN-code protected, non-jailbroken 3GS iPhones.
"This...flaw exposes music, photos, videos, podcasts, voice recordings, Google safe browsing database, game contents...in my opinion, [this is] the quickest compromising read/write access discovered so far, without leaving any track record by the attacker.
"It's about to imagine how many enterprises (e.g. Fortune 100) actually do rely on the expectation that their iPhone 3GS's whole content is protected by encryption with an PIN code based authentication in place to unlock it."
NAC standards wars end in truce
http://www.businessweek.com/idg/2010-05-24/nac-standards-wars-end-in-truce.html
The Trusted Computing Group's Trusted Network Connect (TNC) is an industry-supported working group developing NAC architecture documents and standards. The first public documents came out of TCG's TNC in 2005 after a year of work, and the group has continued to publish NAC standards and fill out its NAC architecture every year.
Cisco's approach to NAC leaves customers confused
One of the main attributes of the TNC architecture for NAC is that it combined authentication and end-point security posture checking into a single unified protocol. TNC defined the protocol to run over 802.1X (most useful in a one-device-per-switch-port or wireless environment) as well as SSL (useful in more generic environments, such as over VPN tunnels or in routed networks where switch management is undesirable).
When Microsoft released Windows Server 2008, the Microsoft NAP (Network Access Protection) and TNC NAC protocols were linked so that Windows Vista, Windows XP (with service pack 3, which includes the NAC client), and Windows 7 are all interoperable with products that follow the TNC NAC protocols.
This gave TNC significant legitimacy; because it means that every contemporary Windows client is now "TNC compatible" out of the box, which removes the need to install a specific NAC client on Windows devices. No additional client means faster and simpler deployment for network managers.
When TNC first started working on NAC architectures and protocols, Cisco refused to participate, insisting instead that it should take place in the IETF. This led to the founding of the IETF Network Endpoint Assessment (NEA)??working group, co-chaired by Susan Thomson (of Cisco) and Stephen Hanna (of Juniper). Slowly, NEA has built their own NAC architecture and protocols, and released three RFCs. All the NEA work is being closely linked to the TNC work, so that the RFCs are compatible with the TNC protocol specifications.
Last month, TNC announced a certification program, which will allow participating vendors to receive a stamp of approval verifying that their products implement the TNC protocols correctly, and that their products are interoperable with other certified products.
Although we didn't find unanimous support for TNC standards among the vendors who participated in our head-to-head NAC testing, the work of the TNC (and the IETF NEA working group) is still important for two key reasons. First, it represents the main path forward for interoperable NAC products. With enterprise networks hosting more non-Windows devices than ever before, the need to have a multi-vendor approach to NAC continues to gain in importance.
The second reason is that these architectures are designed by security and network experts who are more interested in solving problems than getting a product to market quickly. While there are always commercial interests in any modern standards development, network managers can look to TNC and IETF-based products with some confidence that the primary design goal was security.
The standards wars that were so inflammatory five years ago have settled down to truce on all sides, and technically outstanding solutions from the best minds of Cisco, Microsoft, and the members of the TNC.
Experience TCG’s Security Solutions at Gartner Security and Risk Management Summit, TCG Booth # 49
Thinking about attending the upcoming Gartner Security & Risk Management Summit taking place June 21 – 23 in National Harbor, MD? Register now and save $300 on the standard registration fee! As a summit sponsor, we’d like to invite you to participate in these special on-site activities, including experiencing security solutions based on TCG implementations, which will be showcased by TCG member companies, Juniper Networks and Wave Systems. Stay up-to-date with the latest offerings by visiting the Gartner Security & Risk Management Events page.
potentially disruptive or market changing intellectual property?
Check out VH's post!!!
Photocopier fallout: SKS responds
See his blogged comments below the article....
http://news.cnet.com/8301-1009_3-20005277-83.html
A CBS News investigation last month found that nearly every digital copier built after 2002 stores an image of documents copied, scanned or e-mailed by the machine on hard drives. CBS News chief investigative correspondent Armen Keteyian reports parents and students at Dos Palos High School in California found out the hard way recently, when CBS affiliate KOVR pulled hundreds of student names, home addresses, cell phone and Social Security numbers off the hard drive of an old school copier.
"The fact that information that we treat very, very carefully somehow got out of our system and is out there is a huge concern to us," said Brian Walker, Dos Palos school district superintendent.
Massachusetts Congressman Ed Markey is of the same mind. Citing our report, he called for an investigation by the Federal Trade Commission--concerned that most Americans don't know their information can be compromised.
"We have to do a lot more to ensure that the public and corporations know this," Markey said, "and that absolute security is applied to copy machines across our country."
Our investigation last month revealed how easy it is to buy used copiers at a warehouse and remove the hard drive packed with personal data.
Using software available free on the Internet, our expert, John Juntunen of Digitial Copier Security, downloaded thousands of documents in less than 12 hours.
From the Buffalo Police Department we found lists of domestic-violence complaints, and targets in a major drug raid.
From a New York construction company, we found 95 pages of pay stubs with names, addresses, and Social Security numbers.
And from a health care company, we found hundreds of pages of personal medical records. As a result of our story, Affinity Health was required to notify more than 400,000 people of a potential breach of their privacy.
"I think the copy machine industry has to step up, provide the leadership and technology that insures this information is scrubbed from copy machines," Markey said.
Now the Federal Trade Commission has jumped onboard (PDF), looking for ways to better protect the public from a simple office copier that we now know can leave behind a digital trail of secrets.
by skswave May 18, 2010 12:28 PM PDT
this can be solved by using a Trusted Computing Group Self Encrypting Hard Drive. Every copy manufacturer should be switching ASAP. This technology has been on the market for 3 years and is perfect for this type of embedded system. It is an open standard with multiple large manufacturers of drives today..
It is time that every laptop every desktop, every copy machine every car, every drone, every .... uses a self encrypting hard drive.
It is amazing how we have to keep learning lessons over and over.
you don't buy a car without air bags you shouldn't buy a hard drive that does not encrypt.
steven sprague
Managing a Network of Self-Encrypting Hard Drives
This article was written by Aidan Herbert, Senior Product Manager, Wave Systems Corp. (Lee, MA) 05/01/2010.
Good article/three pages: http://www.embeddedtechmag.com/component/content/article/7904
waverider... 1:30 e/
WAVE SYSTEMS CORP <WAVX.O> Q1 SHR LOSS $0.01
Wave Strengthens IP Position With Acquisition of Storage Security Patents
Market Wire
4:02 PM Eastern Daylight Time May 10, 2010
Wave Systems Corp.
LEE, MA, May 10 (Marketwire) --
Wave Systems Corp. (NASDAQ: WAVX), a leading provider of management
software for hardware-based security, announced today that it has
acquired two U.S. patents pertaining to security subsystems for storage
devices. The patents describe certain elements of core technology
underlying self-encrypting hard drives (SEDs). The purchase price was
$1.1 million in cash.
These patents (U.S. patents #7,036,020 and #7,426,747) were acquired by
Wave from a company owned by Robert Thibadeau, Ph.D., a noted computer
security expert who joined Wave in February 2010 as Senior Vice President
and Chief Scientist. The patents were issued in 2006 and 2008 and are
valid until 2021.
"These patents cover certain core specifications of self-encrypting hard
drives, making them an important addition to our existing IP portfolio,"
said Steven Sprague, CEO & President of Wave. "We believe that these
assets can help to strengthen our position in the emerging hardware
security market and that it furthers Wave's strategic and commercial
interest to have these as part of our IP portfolio."
Wave offers industry-leading management software for self-encrypting hard
drives.
About Wave Systems Corp.
Wave is a pioneer in hardware-based PC security
that provides software to help solve critical enterprise PC security
challenges such as data protection, strong authentication, network access
control and the management of these enterprise functions. Wave is a
founding member of the Trusted Computing Group (TCG), a consortium of
more than 100 companies that forged open standards for hardware security.
Wave's EMBASSY(R) line of client- and server-side software leverages and
manages the security functions of the TCG's industry standard hardware
security chip, the Trusted Platform Module (TPM) as well as hard drives
that comply with TCG's "Opal" self-encrypting drive (SED) standard.
Self-encrypting drives are a growing segment of the data protection
market, offering increased security and better performance than most
existing software-based encryption solutions. TPMs are standard equipment
on many enterprise-class PCs shipping today and have shipped on an
estimated 300 million PCs worldwide. Using TPMs and/or SEDs and Wave
software, enterprises can substantially and cost-effectively strengthen
their current security solutions. Visit http://www.wave.com for more
information.
Today's CC contact info:
WEBCAST/REPLAY: available at http://www.wave.com/news/webcasts and archived for 30 days.
TELEPHONE: via (212) 231-2905 or (415) 226-5361.
That drop was worth 172 points
on the Dow.
Is Apple Getting Serious About Security?
http://blogs.forbes.com/firewall/2010/04/28/is-apple-getting-serious-about-security/
The one sign of hope in all of this is Apple's recent hiring of Window Snyder, the former head of security at Mozilla and an alumna of Microsoft's security organization. Snyder was deeply involved in the Trustworthy Computing program, which, while by no means perfect, has made a major difference in the security and reliability of Microsoft's products. She also was instrumental in making Mozilla more open and communicative about its security practices, bringing in the concept of threat modeling, as well.
Dennis Fisher is the editor of ThreatPost
Information security is an unpredictable, fluid discipline. There are very few absolute truths, but for the last few years, one of those has been that Apple isn't paying much attention to software security. At least that's the received wisdom.
This theory is based mainly on the fact that security researchers have been breaking OS X, Safari and the iPhone OS on a regular basis. Thanks to incomplete or nonexistent implementations of memory protections such as DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization), researchers have found a number of innovative techniques for exploiting Apple's flagship products. None of this is much different from what's been said about Microsoft's software in the past, or even now, for that matter. Researchers continue to find serious weaknesses in Windows, Internet Explorer and Office on a monthly basis, and attackers continue to exploit those vulnerabilities.
The difference, however, is that we have a pretty good idea what Microsoft is doing to correct those problems. The company has been very public about its software security program, to the point of publishing its threat modeling process and tools and exporting the program to its partners and other third parties. Its executives and internal security experts such as Michael Howard and Adam Shostack talk openly about the specifics of the Trustworthy Computing effort, its limitations and even its failures.
This has had an undeniably positive effect on both the security of Microsoft's products and its public image among security researchers and customers.
Apple, on the other hand, is a black box. Its employees say virtually nothing of consequence about security, the development process in general or the security response process. Security researchers say dealing with the company can be an incredibly frustrating experience, a one-way street leading to Cupertino. But that's nothing new for Apple; that's essentially how the company conducts business in general, not just in the security world.
Last year, I wrote a column asking where Apple's version of Trustworthy Computing was. Since then, little has changed in the company's public stance. Silence is still the order of the day, and that's the main problem. Apple could have an extensive software security program in place, with advanced training and development methodologies. But we have no way of knowing. This isn't to say that Apple needs to give up intimate details of its efforts the way that Microsoft has, because that's clearly never going to happen. But the company is doing a disservice to its customers as well as itself by not speaking publicly at all about this problem.
The one sign of hope in all of this is Apple's recent hiring of Window Snyder, the former head of security at Mozilla and an alumna of Microsoft's security organization. Snyder was deeply involved in the Trustworthy Computing program, which, while by no means perfect, has made a major difference in the security and reliability of Microsoft's products. She also was instrumental in making Mozilla more open and communicative about its security practices, bringing in the concept of threat modeling, as well.
But, Apple has said nothing about what Snyder will be doing. The likeliest scenario is that she was hired to put together a software security program and stop the flood of bad PR. Apple is among the more image-conscious companies on the planet, and while the vast majority of its customer base is in the consumer sector, the iPhone has made serious inroads in the enterprise and Apple's executives can't like seeing a constant stream of stories about new attacks on the iPhone and Mac.
So this may be the beginning of a new day for software security at Apple. Or not. It's Apple, so there's no telling. We may not know until a year or two or three from now when the company puts out a new version of OS X or the iPhone OS and the attackers and researchers and pen testers take their runs at it and find the game has changed.
But until then, as The Wire's Marlo Stanfield might say, you want it to be one way, but it's the other way.
Bruce Schneier on security for cloud computing:
http://searchsecurity.techtarget.com/video/0,297151,sid14_gci1508484,00.html?track=NL-102&ad=760881&asrc=EM_NLN_11342618&uid=9200780
EPS estimate for Wave....
Oberweiss is estimating revenues of $28mm and EPS of $0.05 for 2010.
No link.
Intel on our future lives: processors everywhere; connected together
http://www.thinkdigit.com/Features/An-interview-with-Intel-on-our-future_4321.html
1. In many ways bringing processor "intelligence" to everyday objects seems obvious. What were the challenges getting to this point? And what are the challenges moving forward?
The internet is bringing transformative changes to the embedded world. The era of intelligent connectivity for everyday objects has started & will pick up pace rapidly. According to a recent IDC study, there will be 15 billion devices connected to the internet by 2015, most of which will be embedded devices such as cars, home media phones, digital signs and shopping carts, medical devices, factory robots, intelligent wind turbines, etc etc.
These kinds of products require chips with high-performance to be able to run the applications and new usage models that naturally come about once a device is connected to the internet. At the same time, the devices require small form-factor & low thermals, thereby implying a higher level of integration. With the launch of our embedded Atom family of processors, we are now able to achieve all of these requirements.
And we are only just getting started...
2. With processors come complexity, and complexity brings device failure or breakdown to the picture. Would we need to reboot our fridge and install more RAM along with defrosting it? How do you design everyday "intelligent" equipment we rely on, to not fail?
This is an excellent question. It all boils down to software; today, a refrigerator or a washing machine doesn’t really require an operating system, because it is a single function device with specific hard-coded functions. The moment you connect these devices to the internet, there are a host of new functions these devices can perform. The key is to make sure that the device has a robust OS. In addition, hardware assisted manageability features are a major factor in keeping these device up and running. For example, Intel’s vPro technology allows a device to be remotely managed from an external location, independent of the state of the OS. So a refrigerator manufacturer could conceivably run a remote- management center to support all the “connected” devices that have been deployed.
3. The next obvious step would be to connect these disparate, innumerable devices together. You call this the Embedded Internet and Mr. Patrick Gelsinger was quoted as saying that there will be "15 billion intelligent, connected devices by 2015". What kind of a network do you foresee connecting these smart devices? Is it going to be the Internet we are familiar with? Will our Toaster tweet our bakery to order bread?
The embedded Internet will bring transformative changes to the techology world. Just like the internet grew into a global human network, stimulating new usage models & unleashing new opportunities for businesses, a similar transformation can be expected in the embedded internet era. For example, a medical device in a rural area of India, connected to the internet using wimax, allows doctors in the cities to monitor & treat rural patients remotely, increasing their quality of life.
At Intel, we are working with customers to envision the innovative possibilities and capture such unprecedented opportunities for industry growth. Driven by breakthroughs in microarchitecture and process technology, the same Intel® architecture that is at the heart of the majority of today’s Internet applications can now deliver scalable intelligence and connectivity to billions of new intelligent, connected devices.
Yes, when you go shopping for groceries in the near future, your “intelligent” connected shopping cart could check the refrigerator in your house, realize that you are out of milk, and recommend that you take a trip into the milk aisle! J
4. How are you tackling the power issues -- power requirement vs. thermal envelope vs. battery life, etc.
Intel’s Atom processor family was designed specifically for small devices and low power, while maintaining the Intel® Core™ 2 Duo instruction set compatibility which consumers are accustomed to when using a standard PC and the Internet. This is Intel’s smallest chip & is built with the worlds smallest transistors. Future versions of the Atom will include a significant level of integration & lower thermals thereby supporting portable devices with long battery life requirements.
5. What is Intel's vision for the more consumer devices vis-a-vis embedded processors: cell phones, notebooks, etc.
As mentioned earlier (with ref to Q1) there will be 15 billion devices connected to the internet by 2015; most of which will be embedded devices such as cars, home media phones, digital signs and shopping carts, medical devices, factory robots, intelligent wind turbines, etc.
As the first step towards fulfilling this vision, Intel Corporation and Nokia have recently merged Moblin and Maemo to create ‘MeeGo’, a Linux-based software platform that will support multiple hardware architectures across the broadest range of device segments, including mediaphones, connected TVs, in-vehicle infotainment systems, pocketable mobile computers, netbooks and tablets.
6. Do you foresee some game-changing products coming out of this? Any new product category or something currently ordinary, extraordinarily transformed?
There are several fascinating products which we envision which will run on Embedded Intel Atom architecture:
Digital surveillance systems (DSS): these devices today are “intelligent systems” with the capability to run huge number complex applications like image comparison and motion detection. The focus is on “intelligent surveillance where strategically- placed monitoring cameras paired with software intelligence are able to signal an alert if baggage is left unattended over period of time, people moving suspiciously in a parking lot, etc. The DSS captures real time images, runs the specified algorithm, identifies objects that are out of place and triggers an alarm based on predefined states; We have several customers building these DSS systems with Intel Embedded Atom.
In Vehicle Infotainment (IVI): Imagine if you could download your favorite movie, access the internet, get navigation directions, have your children play video games - all while you are driving in the car. This is possible with an Intel Atom-based IVI system in your car. Some of the interesting apps are location based services, state-of-the-art navigation systems, driver assistance, vehicle-to-vehicle communication etc. On the multimedia side, we are looking to enable the car to become a part of the digital home where content can be seamlessly be syncd between the car & the home entertainment system. Obviously, this is in very early stages in India but we are pretty excited about the long term prospects.
7. In the embedded space in India, is Intel working with any noteworthy names in the industry? Any government agencies? Can you give me 5 of the most interesting projects happening in the embedded space in India?
To cater to the rapidly growing embedded market in India, we launched the “India Design House Program” which is an ecosystem program for the lndia market. We work with all the big names in the Indian design services industry, including Wipro Technologies, TCS, Infosys etc.
We are very excited about the Embedded space in India. There are several interesting projects that we are working on with our customers/ecosystem. Here are some recently announced products:
Portable Embedded Devices for Financial Inclusion: A large part of India resides in rural areas, which are not very well served by bank branches. In order to allow rural India to participate in the banking system, we are working with financial inclusion firms on some unique technology needs. We recently announced a portable embedded banking device with a local OEM (Analogics) in Hyderabad. The device is a ruggedized portable device with a biometric scanner & integrated printer/card reader. A bank employee goes into the village with this device, meets villagers, enrolls them with a bank account & handles transactions. Everything is synchronized with the bank servers over GPRS.
Medical devices for the Rural market: Our of our design house members Ktwo Technologies has announced a device which allows villagers to get access to quality pathology labs. Their embedded device has a microscope with a camera, connected to a ruggedized medical device. When a villager goes for a blood test, the technician places the blood sample under the microscope. The device automatically provides information on blood cell count etc. A pathologist from the city can also log in and provide his/her opinion.
These are ways where Intel embedded technology is transforming life in rural India.
8. Who do you see as your biggest competitors in India?
We don’t comment on competition. We do believe that with the embedded Intel Atom product family, we are uniquely positioned in various embedded market segments such as retail, digital signage, in-vehicle infotainment etc where customers can take advantage of the large installed SW base in the PC ecosystem.
9. Anything new and exciting we can expect to see this year? We’re talking about both innovations and finished products.
We are actively looking at the energy space. We recently announced a concept of a home energy management dashboard which communicates directly with various appliances & smart-meters in the house. The concept platform monitors the performance of each device & recommends usage patterns to save energy. When users are away from home, they can remotely view and control home thermostats and appliances from their work PC.
RSA'S ART COVIELLO: EMBED SECURITY IN VIRTUAL INFRASTRUCTURE
Michael S. Mimoso, Editorial Director
RSA President Art Coviello made a bold statement during his RSA Conference keynote three years ago when he proclaimed that the security industry would cease to exist, and that security technologies would be embedded into computing infrastructure. The days of standalone security bolted on to the network perimeter are numbered, he said. Coviello said his vision is becoming reality. He wants to see the same technologies that enable cloud computing and virtualization be used to secure it as well.
In this interview, Coviello discusses his desire to embed security into the cloud so that enterprises may effectively manage and control access to data while still reaping the cost savings and efficiencies of cloud services.
Read more: http://go.techtarget.com/r/11234766/9200780
Trusted magnetic tape?
Several magnetic tape manufacturers have announced that LTO-5 media is now available. LTO-5 media will support 1.5 TB native capacity and up to 140 MB/s data transfer rates. The tape also supports 256 bit AES encryption per the Trusted Computing Group Specification. With the introduction of LTO-5 drives a higher capacity tape format will allow low cost storage of digital content archives
http://www.glgroup.com/News/New-generation-of-magnetic-tape-to-aid-in-archiving-47314.html
Wave Systems Corp (WAVX) president Sprague to sell shares
UIN
11:47 AM Eastern Daylight Time Mar 22, 2010
A Form 144 filed shows that Steven Sprague, president of Wave Systems Corp, disclosed intentions to sell on March 17, 2010, 40,000 shares of company stock valued at roughly $150,660.
Sprague, based on a Form 4 filed on March 17, 2010, controls 120,989 shares (93,805 held directly and 27,184 indirectly).
In the last two years, in addition to the current filing, Sprague has made a sale of 40,000 shares for $150,660.
In the same 24 months, Wave Systems Corp insiders have made one sale of (40,000 shares for $150,660).
A Form 144 must be filed with the Securities and Exchange Commission by insiders prior to a sale of restricted stock. It is effective for 90 days from the filing date and provides the insider's best estimate of the proposed sale. Most insiders file a Form 144 just prior to or on the same day of a sale.
All aggregate transaction activity reflects directly held shares only
Wave Q4 Revenues Grew 58% to $5.2 Million, Q4 -2-
DJ Press Release Wire
4:08 PM (GMT-05:00) Eastern Time (US & Canada) Mar 11, 2010
This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company's financing plans; (ii) trends affecting the company's financial condition or results of operations; (iii) the company's growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company's ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors. Wave assumes no duty to and does not undertake to update forward-looking statements.
All brands are the property of their respective owners.
WAVE SYSTEMS CORP. AND SUBSIDIARIES
Consolidated Statements of Operations
(Unaudited)
Three Months Ended Twelve months ended
December 31, December 31,
2009 2008 2009 2008
---------- ---------- ----------- -----------
Net revenues:
Licensing 5,140,132 3,248,746 18,013,043 8,691,576
Services 73,120 41,990 875,836 118,239
---------- ---------- ----------- -----------
Total net revenues $5,213,252 $3,290,736 $18,888,879 $ 8,809,815
---------- ---------- ----------- -----------
Operating expenses:
Cost of sales - licensing 293,661 169,207 876,723 736,429
Cost of sales - services 65,298 30,955 521,168 87,752
Selling, general, and
administrative 3,723,901 3,785,985 12,992,715 16,375,372
Research and development 2,127,320 2,126,563 7,825,058 11,702,776
Write-off of impaired
assets - 447,128 - 447,128
---------- ---------- ----------- -----------
Total operating expenses 6,210,180 6,559,838 22,215,664 29,349,457
---------- ---------- ----------- -----------
Operating loss (996,928) (3,269,102) (3,326,785) (20,539,642)
Net interest expense (3,626) (25,437) (19,466) (9,572)
---------- ---------- ----------- -----------
Net loss (1,000,554) (3,294,539) (3,346,251) (20,549,214)
Accretion of non-cash
beneficial conversion
feature on Series J and
Series K Preferred Stock - (657,000) - (657,000)
---------- ---------- ----------- -----------
Net loss attributable to
common stockholders (1,000,554) (3,951,539) (3,346,251) (21,206,214)
Loss per common share -
basic and diluted $ (0.01) $ (0.07) $ (0.05) $ (0.38)
========== ========== =========== ===========
Weighted average number
of common shares
outstanding during the
period 73,893,750 58,707,897 68,526,572 55,379,118
WAVE SYSTEMS CORP. AND SUBSIDIARIES
Consolidated Supplemental Schedule
(Unaudited)
Three months ended Twelve months ended
12/31/09 12/31/08 12/31/09 12/31/08
------------ ----------- ----------- ------------
Total net revenues $ 5,213,252 $ 3,290,736 $18,888,879 $ 8,809,815
Increase in deferred
revenue 1,901,162 433,484 2,016,817 1,195,019
------------ ----------- ----------- ------------
Total billings
(Non-GAAP) $ 7,114,414 $ 3,724,220 $20,905,696 $ 10,004,834
=========== =========== =========== ============
Net loss as reported $(1,000,554) $(3,294,539) $(3,346,251) $(20,549,214)
Interest expense 3,626 25,437 19,466 9,572
Income tax (benefit)
expense - - - -
Depreciation and
amortization 68,260 115,925 259,210 395,253
Stock-based
compensation expense 415,408 399,694 1,724,874 2,105,941
------------ ----------- ----------- ------------
EBITDAS (Non-GAAP) $ (513,260) $(2,753,483) $(1,342,701) $(18,038,448)
============ =========== =========== ============ Non-GAAP Financial Measures:
As supplemental information, we provide the non-GAAP performance measures that we refer to as total billings and EBITDAS. Total billings is provided in addition to, but not as a substitute for, GAAP total net revenues. Total billings means the sum of total net revenues determined in accordance with GAAP, plus the increase or minus the decrease in deferred revenue. We consider total billings an important measure of our financial performance because it includes deferred revenue related to our software license upgrades. Total billings is not a measure of financial performance under GAAP and, as calculated by us, may not be consistent with computations of total billings by other companies. EBITDAS is defined as net income (loss) before interest income (expense), income taxes, depreciation and amortization and stock-based compensation. EBITDAS should not be construed as a substitute for net income (loss) or net cash provided by (used in) operating activities (all as determined in accordance with GAAP) for the purpose of analyzing our operating performance, financial position and cash flows, as EBITDAS is not defined by GAAP. However, we regard EBITDAS as a complement to net income (loss) and other GAAP financial performance measures, including an indirect measure of operating cash flow.
WAVE SYSTEMS CORP. AND SUBSIDIARIES
Consolidated Balance Sheets
(Unaudited)
December 31, December 31,
2009 2008
------------ ------------
Assets
Current assets:
Cash and cash equivalents $ 1,900,014 $ 951,563
Accounts receivable, net of allowance for
doubtful accounts of $-0- and $16,364 at
December 31, 2009 and 2008, respectively 3,850,020 1,701,829
Prepaid expenses 207,343 227,967
------------ ------------
Total current assets 5,957,377 2,881,359
Property and equipment, net 237,237 408,440
Other assets 133,311 139,975
------------ ------------
Total Assets 6,327,925 3,429,774
============ ============
Liabilities and Stockholders' Equity (Deficit)
Current liabilities:
Accounts payable and accrued expenses 4,441,658 7,655,834
Current portion of capital lease payable 61,857 63,537
Deferred revenue 3,500,861 1,484,044
------------ ------------
Total current liabilities 8,004,376 9,203,415
Long-term portion of capital lease payable 183,505 245,362
------------ ------------
Total liabilities 8,187,881 9,448,777
------------ ------------
Stockholders' Equity (Deficit):
8% Series I Convertible Preferred stock, $.01
par value. -0- shares issued and outstanding
(liquidation preference of $968,000) in 2009
and 2008 - 2
Series J Convertible Preferred stock, $.01 par
value. -0- shares issued and outstanding
(liquidation preference of $364,000) in 2009
and 2008 - 1
8% Series K Convertible Preferred stock, $.01
par value. -0- shares issued and outstanding
(liquidation preference of $1,276,800) in
2009 and 2008 - 5
Common stock, $.01 par value. Authorized
150,000,000 shares as Class A; 75,211,054
shares issued and outstanding in 2009 and
58,877,968 in 2008 752,110 588,780
Common stock, $.01 par value. Authorized
13,000,000 shares as Class B; 38,232 shares
issued and outstanding in 2009 and 2008 382 382
Capital in excess of par value 345,423,667 338,081,691
Accumulated deficit (348,036,115) (344,689,864)
------------ ------------
Total Stockholders' Equity (Deficit) (1,859,956) (6,019,003)
------------ ------------
Total Liabilities and Stockholders' Equity
(Deficit) $ 6,327,925 $ 3,429,774
(MORE TO FOLLOW)
Wave Q4 Revenues Grew 58% to $5.2 Million, Q4 Billings Rose 91% to $7.1 Million and 2009 Revenues Rose 114% to $18.9 Million
DJ Press Release Wire
4:08 PM (GMT-05:00) Eastern Time (US & Canada) Mar 11, 2010
Wave Q4 Revenues Grew 58% to $5.2 Million, Q4 Billings Rose 91% to
$7.1 Million and 2009 Revenues Rose 114% to $18.9 Million
LEE, MA -- (MARKETWIRE) -- 03/11/10 --
Wave Systems Corp. (NASDAQ: WAVX) a leading provider of management software for hardware-based security, today reported improved results for the fourth quarter (Q4) and year ended December 31, 2009, and reviewed recent corporate progress.
Wave's Q4 2009 net revenues rose 58% to $5.2 million, compared with Q4 2008 net revenues of $3.3 million, reflecting an increase in bundled software royalties, as well as growth in software license upgrades. Q4 2009 net revenues rose 7.6% over Q3 2009, as higher software licensing sales more than offset a modest decline in services revenues related to a government consulting contract. For the full year 2009, net revenues grew 114% to $18.9 million compared to 2008 net revenues of $8.8 million due primarily to higher per-unit royalty rates earned during 2009.
Reflecting continued increases in Wave's software license sales activity, Q4 2009 billings (a non-GAAP measure of demand, which reflects shipments and upgrade contracts signed during the period, but which may be recognized as revenue over future periods) rose 91% to $7.1 million versus Q4 2008 billings of $3.7 million, and rose 37% versus Q3 2009 billings of $5.2 million. For the full year 2009, billings grew 109% to $20.9 million, compared with 2008 billings of $10 million. A reconciliation of net revenue to billings is provided below.
Wave's software upgrade sales are recorded as deferred revenue and recognized generally over a 365-day period. As a result of this treatment and the growth in Wave's upgrade sales activity, deferred revenue (net of revenue recognized) increased 119% to $3.5 million at December 31, 2009, compared with deferred revenue of $1.6 million at September 30, 2009, and increased 136% as compared to deferred revenue of $1.5 million at December 31, 2008.
As a result of planned investments in the company's sales and marketing efforts to support OEM partners and related sales opportunities, Wave's Q4 '09 SG&A rose to $3.7 million as compared to $2.9 million in Q3 '09, but was in line with Q4 '08 SG&A of $3.8 million. Wave's increased SG&A expenses included higher professional fees and sales commissions, expanded product development and marketing outreach, as well as targeted sales team additions to support a major new PC OEM relationship.
Wave reported a reduced Q4 2009 net loss attributable to common stockholders of $1.0 million, or $0.01 per basic and diluted share, compared with a Q4 2008 net loss attributable to common stockholders of $4.0 million, or $0.07 per basic and diluted share. The Q4 2008 net loss included a charge of $657,000 related to the non-cash beneficial conversion feature on the Series J and Series K convertible preferred stock issued during that quarter. Per-share figures are based on a weighted average number of basic shares outstanding in the fourth quarters of 2009 and 2008 of 73,893,750 and 58,707,897, respectively.
Wave reports EBITDAS, a non-GAAP measure defined as earnings before interest income (expense), income taxes, depreciation and amortization and stock-based compensation expense, in order to highlight its operational performance on a cash-flow basis. Principally reflecting a $782,000 sequential increase in SG&A investment in the period, Wave reported negative EBITDAS of $513,000 for Q4 '09 compared to essentially breakeven EBITDAS in Q3 '09 and negative EBITDAS of $2.8 million in Q4 '08. For the 2009 year as a whole, Wave reported a substantial improvement to negative EBITDAS of $1,343,000 as compared to negative EBITDAS of $18,038,000 in 2008. A reconciliation of net income to EBITDAS is below.
For the full year 2009, Wave reported a net loss attributable to common stockholders of $3.3 million, or $0.05 per basic and diluted share, compared with a 2008 net loss attributable to common stockholders of $21.2 million, or $0.38 per basic and diluted share. Per-share figures are based on a weighted average number of basic shares outstanding in 2009 and 2008 of 68,526,572 and 55,379,118, respectively.
As of December 31, 2009, Wave had cash and cash equivalents of $1.9 million, total current assets of $6.0 million and total current liabilities -- including $3.5 million of deferred revenue -- of $8.0 million.
"The fourth quarter of 2009 was a watershed period for Wave as we continued to increase sequential revenue for the quarter and full year, completed our largest-ever enterprise upgrade sale and worked to expand our PC OEM business through a software reseller agreement with HP," commented Steven Sprague, Wave's CEO. "In addition to the financial significance of the $5.7 million multi-year software license and maintenance orders we secured from a 'Big Three' U.S. automaker ($1.9 million of which was recorded as billings in Q4 '09), we believe their adoption of Wave's management solution for self-encrypting drives demonstrates the value and performance benefits of our approach to data protection."
Sprague continued, "On the distribution side, our new HP reseller agreement allows HP to offer Wave software to their customers through VAR and direct sales channels, opening up a new base of prospective enterprise customers. I'm pleased to report that in Q1 2010 we have already filled our first order as a result of this relationship."
"As part of our strategy, we have hired several seasoned PC industry sales and marketing team members who will focus solely on HP initiatives," Sprague added. "We are also furthering investment in our sales and marketing programs to support this and other OEM opportunities as we continue to pursue customers interested in the data protection and identity protection solutions we provide. Supporting this interest is domestic and international legislation that imposes, in some cases, financial penalties for companies who experience data breach or loss."
Auditor's Opinion Letter Disclosure
Pursuant to Rule 4350 of the FINRA Marketplace Rules, Wave is announcing, as it has done the past five years at this time, that its auditors' opinion letter, which will be contained in Wave's Form10-K for the year ended December 31, 2009, raises substantial doubt about Wave's ability to continue as a going concern given its recurring losses from operations, working capital position and its accumulated deficit.
Summary of recent progress/developments:
-- Wave Received $5.7 Million in Orders for Global Automaker -- In late
December, Wave received multi-year license and maintenance orders
for its EMBASSY(R) Remote Administration Server (ERAS) software for
a U.S.-based automotive company. The customer is deploying Wave's
solution on a global basis in conjunction with new laptop computers
equipped with self-encrypting drives for the protection of sensitive
customer financial, competitive and other confidential data. The
initial orders valued at $1.9 million were delivered and invoiced in
December and paid in Q1 2010. The remaining orders are scheduled to
be delivered and invoiced over the next few years (through 2013).
Non-invoiced orders are cancelable by the customer.
-- Wave Software Becomes Available through HP's Direct Sales Force and
VAR Channel in November -- Wave signed a license agreement that
permits HP to offer Wave's security solutions on a resale basis
through HP's Software Licensing and Management Solutions
(SLMS)/Third Party Solutions (3PS) Group. In Q1 2010, Wave filled
the first order from an HP customer. The reseller agreement does
not provide for guaranteed minimum shipped quantities or royalties.
-- Trusted Strategies LLC Issues Report Which Shows Significant
Performance Advantages for Hardware-based Encryption over Software
Solutions -- In its research, Trusted Strategies ran tests on three
leading software FDE solutions and one hardware FDE solution,
Seagate self-encrypting drives, putting them through a battery of
tests such as virus scanning and reading and writing files. Among
the results: software FDE slowed PC performance and can take as
long as 24 hours to configure and encrypt the data on a single PC. About Wave Systems Corp.
Wave provides software to help solve critical enterprise PC security challenges such as strong authentication, data protection, network access control and the management of these enterprise functions. Wave is a pioneer in hardware-based PC security and a founding member of the Trusted Computing Group (TCG), a consortium of more than 100 companies that forged open standards for hardware security. Wave's EMBASSY(R) line of client- and server-side software leverages and manages the security functions of the TCG's industry standard hardware security chip, the Trusted Platform Module (TPM) and supports the TCG's "Opal" self-encrypting drive standard. Self-encrypting drives are a growing segment of the data protection market, offering increased security and better performance than many existing software-based encryption solutions. TPMs are included on an estimated 300 million PCs and are standard equipment on many enterprise-class PCs shipping today. Using TPMs and Wave software, enterprises can substantially and cost-effectively strengthen their current security solutions. For more information about Wave and its solutions, visit http://www.wave.com.
Safe Harbor for Forward-Looking Statements
(MORE TO FOLLOW)
--------------------------------------------------------------------------------
Category Codes:
New York(R=USNY), North America(R=NAMR), United States of America(R=US), Americas(R=AMR), Technology (Industry)(I=TEC), Software(I=SOF), Software & Computer Services(I=SS), Technology (Supersector)(I=ET), Money & Finance(G=MF), Stock Price Index(G=SPI), Stocks & Bonds(G=SAB), Economics & Trade(G=ET)
Companies:
WAVE SYSTEMS CORPORATION(WAVX)
Email Print
FIFTY BILLION CONNECTED DEVICES
http://www.reuters.com/article/idUKLDE6291AB20100311?type=companyNews&symbol=AMZN.O
Smartphones will shake up paid content debate
8:41am EST
By Georgina Prodhan - Analysis
ABU DHABI (Reuters) - Media companies longing to bring a paid-for culture to the Internet might just get what they want if they pay more attention to the smartphone revolution that is changing the way people access the Web.
Huge numbers now use mobile phones instead of desktop computers to get online -- a development that has spawned whole new business models in China, the world's biggest Internet market.
Paying to read content on the Web, an outlandish idea as recently as a year ago, is slowly but surely establishing itself as the next business model in the Western media mainstream, spearheaded by Rupert Murdoch's News Corp <NWSA.O>.
But meantime, sales of smartphones -- part of a telecoms economy very different from the PC Web -- are set to outpace sales of desktop computers by 2012, IT research firm Gartner said this week. Some believe it could be as early as this year.
And in China -- which has more Internet users than any other nation -- paid content is a non-starter, says Kai-Fu Lee, a former head of Microsoft's <MSFT.O> and then Google's <GOOG.O> China operations who recently quit to run his own company.
"Chinese consumers have a stronger conviction that things should be free, so efforts to charge for premium content have basically completely failed," Lee said at the Abu Dhabi Media Summit this week.
INTERNET'S STRENGTHS
Traditional publishing groups like News Corp, the New York Times <NYT.N> and Axel Springer <SPRGn.DE> have decided recently to take the plunge and start charging for news online, risking smaller audiences for potential gains in subscription revenues.
Their decisions, taken after much agonising, are as yet largely untested on consumers, but a consensus is growing that there is no alternative because advertising revenues that were devastated in the recession will not return to previous levels.
"We certainly believe there needs to be dual income-stream business models -- both advertising and subscription," said Jon Miller, head of digital media at News Corp.
Publishers argue that they need consumers to rethink their presumption that Web content must be free in order to fund the creation of high-quality news and entertainment.
Lee, on the other hand, said the qualities of the Internet itself rather than the needs of media companies would drive how content was delivered and paid for. He cited in particular the Web's ability to offer both marketing and sales at one click.
Asked about the feasibility of generating subscription alongside advertising revenues, he said: "It's not the single or multiple that really matters to me but whether the model leverages the growth of the Internet and the strengths of the Internet."
"It can have either premium subscription or advertising or app store or other kinds of business models."
FIFTY BILLION CONNECTED DEVICES
App stores -- online shops for small software applications that run anything from games to dictation tools to fitness aids on phones -- have proliferated since Apple <AAPL.O> launched the original App Store for the iPhone in 2008.
In the 18 months to January, consumers downloaded more than 3 billion iPhone applications, most of them free and the rest typically costing less than $1 each.
Despite the low price, high volumes mean the market will grow to $6.8 billion (4.5 billion pounds) in 2010, IT research firm Gartner predicts. The software creators, whether newspaper publishers or geeks in their garage at home, get a 70 percent revenue share from Apple.
Sales of smartphones like the iPhone are forecast to grow by about 50 percent this year to 250 million units, compared with 20 percent growth to 366 million units for PCs.
New mobile connected devices like Amazon's <AMZN.O> Kindle e-reader and the soon-to-be-launched Apple iPad tablet computer, aimed at a market somewhere between laptops and smartphones, will also increase the scale of the opportunity.
E-readers, still a nascent business, so far offer terms that publishers find friendlier than advertising-funded models.
Hans Vestberg, chief executive of mobile equipment maker Ericsson <ERICb.ST>, repeated his prediction this week that there will be 50 billion connected devices by 2020.
"Mobile Web adoption is growing eight times faster than the first wave of PC Internet adoption," Google's CEO Eric Schmidt told the conference this week. "There may be some limits, but we're not anywhere near them."
ABERRATIONS
In China, more than half the nation's Internet users -- who totalled 384 million by the end of last year -- are already accessing the Web from a mobile device, and Lee told Reuters that would grow to 800 million in five years.
China's largest online retailer Taobao, part of leading e-commerce group Alibaba <1688.HK>, plans to launch mobile phones preloaded with applications this year to bring more users to its online shops.
And, unlike its U.S. counterpart eBay <EBAY.O>, it does not charge sellers to list items for sale, but funds operations through advertising -- although advertising will not be the answer to everything.
Lee also gave the example of a Chinese browser, gaining in popularity, that removes all visuals and advertising from Web pages to cut the bandwidth needed by cost-conscious consumers.
"These kinds of unusual aberrations will happen as a result of specific things that happen in each country, so if you want to develop your content for the whole world it's important not to assume that the whole world is the same," he said.
NIH First to Use OpenID
http://www.executivegov.com/2010/03/nih-first-to-use-openid/
The National Institutes of Health is one of the first federal agencies to use OpenID. This service will allow researchers, as well as other visitors, to access privacy-protected sites by entering one password at a time. Users can easily switch between different secure sites without having to continually enter a login credentials.
According to NextGov, Peter Alterman, senior advisor to the NIH chief information officer for strategic initiatives, “It’s a real advantage for the user, who doesn’t have to get another password and try to remember it.”
“The less personal information that we have to keep, the safer things are,” said Alterman. An advantage of this new service is that government agencies will not have to maintain a list of all IDs and passwords.
The General Services Administration has approved the Open Identity Exchange Technology, which is the coalition of providers including Google, PayPal and Equifax.