Me too Jakes dad,,,but I have to wait till Friday...may mean nothing or it may mean alot?

" "Fraud in identification is no longer just a problem of theft...sources of identification are the last opportunity to ensure that people are who they say they are and to check whether they are terrorists."

Take Note world!

:)Technology and the 9/11 Commission
September 23, 2004, 7:55 PM PT
By William Schneider Jr.




The 9/11 Commission report reaffirms the importance of protecting individual identities both from theft and from unauthorized use by criminals and terrorists--and the costs of failing to do so.
In its report, released in July, the panel said: "Fraud in identification is no longer just a problem of theft...sources of identification are the last opportunity to ensure that people are who they say they are and to check whether they are terrorists."

Identity authentication is the single most important measure to deny criminals or terrorists access to property, bank accounts, the commercial transportation infrastructure and similar crucial institutions of a modern state. This applies to both foreign visitors and U.S. citizens.

Some critics fear that authenticating individual identities will compromise privacy. In fact, the reverse is true. Identity authentication is becoming a widespread tool to prevent identity theft, which can facilitate criminal and terrorist activities. For example, terrorists have taken advantage of diminished scrutiny of low-balance bank accounts to move funds for support of terrorist operations. As a result, Congress has approved legislation requiring that financial institutions verify the identities of all new customers.

Nearly three years after Sept. 11, 2001, we have failed to close the most conspicuous gap in identity authentication, in the area of our greatest vulnerability: commercial air travel. The existing system, which depends on crude and easily foiled passenger profiling strategies, has failed catastrophically, as the commission's detailed report on the Sept. 11 hijackings confirms.

Setting up a modern information-based process to confirm individual identities is indispensable for any security system. This includes using advanced technologies that rely on unique physical (biometric) identifiers such as fingerprints, retinal patterns, facial images and other characteristics. Biometric identifiers are reliable only if these unique data are securely tied to a specific individual with a positively established identity. Biometric checks are just part of a broad strategy that should include information-based and token identity validation.

Biometric identification systems will increase our security significantly. However, identification systems based on unique biometric characteristics will probably be costly and require many years to complete.

Identity authentication techniques can be implemented now and can mitigate the air transport system vulnerabilities identified by the 9/11 Commission report. By compiling basic information from individuals in an information-based identity authentication system, the airport screener can ask the passenger for information to compare with personal data already available to the screener, such as date of birth, first residence and mother's maiden name.

The strength of the system is that a terrorist or criminal trying to steal another's identity probably cannot know every bit of information about the person whose identity is in question.

Moreover, statistical modeling and scoring techniques developed for the financial services industry to prevent credit card fraud can be applied to identify authentication. Doing so can provide high confidence about identity authentication in near-real time, reducing airport screening delays. Because commercial modeling and scoring techniques are applied via software, overall costs to both passengers and the government can be reduced.

Alas, plans for the Transportation Security Administration to set up a modern information-based identity authentication system for air travel have been delayed by disputes based on misunderstandings about such a system's nature. Some critics fear that authenticating individual identities will compromise privacy. In fact, the reverse is true.

Authenticating an individual's identity is one of the most important ways to assure privacy at a time when technologies to compromise that privacy are growing rapidly. Only by authenticating individual identities can we effectively protect the constitutional privacy rights of U.S. citizens, and the ability of visitors to travel freely.




biography
William Schneider Jr. is president of International Planning Services, a trade and finance advisory firm, and is an adjunct fellow of the Hudson Institute. He is a former undersecretary of state for security assistance, science and technology and a former associate director for national security and international affairs in the Office of Management and Budget.

WaveXpress should have dozens of these IMHO eom

Nice close-hey Kevin check it out:

The latest episode of HotlineTV presented by the U.S. Telecom Association is now available at

http://interface.audiovideoweb.com/lnk/avwebnjwin9536/hotlinetv/hotlinetv2.wmv/play.asx

WAVE SALES PITCH:On the Web, a new front in the terror battle
Published: September 23, 2004, 10:04 AM PDT
By Eric Lipton and Eric Lichtblau
The New York Times


CLIFTON, N.J.--The flags that sprouted after the Sept. 11 attacks still flap on lawns and flutter on poles outside well-tended homes here, about 15 miles from Manhattan. Looming above them is a concrete tower that houses a real-estate firm, an office supplies company--and, until recently, investigators fear, an outpost of al-Qaida.

On the second floor, an Internet company called Fortress ITX unwittingly played host to an Arabic-language Web site where postings in recent weeks urged attacks against American and Israeli targets. "The Art of Kidnapping" was explained in electronic pamphlets, along with "Military Instructions to the Mujahedeen," and "War Inside the Cities." Visitors could read instructions on using a cell phone to remotely detonate a bomb, and one even asked for help in manufacturing small missiles.

"How can this be?" asked Cathy Vasilenko, who lives a few doors away from the Fortress ITX office. "How can this be going on in my neighborhood?"

Federal investigators, with the help of a small army of private contractors monitoring sites around the clock and across the world, are trying to find out. Ever since the United States-led coalition smashed al-Qaida's training grounds in Afghanistan, online substitutes, which recruit terrorists and raise money, have proliferated.

While al-Qaida operatives have employed an arsenal of technical tools to communicate--from e-mail encryption and computer war games to grisly videotapes like the recent ones showing beheadings believed to have been carried out by Jordanian militant Abu Musab al-Zarqawi--investigators say they worry most about the Internet because extremists can reach a broad audience with relatively little chance of detection.






For the latest breaking news, visit NYTimes.com

Sign up to receive top headlines

Get Dealbook, a daily corporate finance email briefing

Search the jobs listings at NYTimes.com

Search NYTimes.com:
Today's NewsPast WeekPast 30 DaysPast 90 DaysPast YearSince 1996




By examining sites like those stored inside the electronic walls of the Clifton business, investigators are hoping to identify who is behind them, what links they might have to terror groups, and what threat, if any, they might pose. And in a step that has raised alarms among civil libertarians and others and so far proven unpersuasive in the courtroom, prosecutors are charging that those administering these sites should be held criminally responsible for what is posted.

Attempting to apply broad new powers established by the Patriot Act, the federal government wants to punish those who it claims provide "expert advice or assistance" and therefore play an integral part of a global terror campaign that increasingly relies on the Internet. Deputy Defense Secretary Paul D. Wolfowitz, in testimony before the House Armed Services Committee recently, called such Web sites "cyber sanctuaries."

"These networks are wonderful things that enable all kinds of good things in the world," Wolfowitz said of the Internet. "But they're also a tool that the terrorists use to conceal their identities, to move money, to encrypt messages, even to plan and conduct operations remotely."

Many question the government's strategy of trying to combat terrorism by prosecuting Web site operators. "I think it is an impossible task," said Thomas Hegghammer of the Norwegian Defense Research Establishment, an agency that monitors the use of the Internet by al-Qaida. "You can maybe catch some people. But you will never, ever be able to stem the flow of radical Islamic propaganda."

He pointed out that it is difficult to distinguish between a real terrorist and a make-believe one online. "You would end up prosecuting a lot of angry young people who do this because it is exciting, not because they want to actually participate in terrorist attacks," he said. "I don't think it helps you fight al-Qaida."

The government faces many hurdles in pursuing virtual terrorists. While many militant Islamic message boards and Web pages reside on computer servers owned by North American Internet companies, outfits like Fortress ITX say it would be impractical--and unethical, given that the company sells server space to clients who then resell it--for them to keep track of all of the content stored within their equipment.

"It is hideous, loathsome," said Robert Ellis, executive vice president of Fortress, after viewing postings from the Abu al-Bukhary Web site his company hosted. "It is the part of this business that is deeply disturbing." His company shut down the site within the last month after learning of it from a reporter. The intense focus on Muslim-related sites like Abu al-Bukhary, in an era when domestically produced anarchist manuals are commonly available on the Web, has provoked charges that the effort to eliminate cyber sanctuaries is really a misguided anti-Muslim campaign that is compromising important First Amendment rights.

This effort "opens the floodgates to really marginalizing a lot of the free speech that has been a hallmark of the American legal and political system," said Arsalan Iftikhar, legal director for the Council on American-Islamic Relations. "Globally it really does nothing but worsen the image of America in the rest of the world."

Tracking Cyber-Terror
The detective work begins in a northeast city in a compact office set up by a self-proclaimed terrorist hunter. This is the headquarters of Rita Katz, an Iraqi-born Jew whose father was executed in Baghdad in 1969, shortly after Saddam Hussein's Baath Party came to power.

Finding terrorists has become a crusade for Katz, who began going to pro-Palestinian rallies and fund-raisers disguised as a Muslim woman in the late 1990's, then presented information to the federal government in an effort to prove there were ties between Islamic fundamentalist groups in the United States and terror organizations like Hamas or Al Qaeda.

Federal agencies, including the National Security Agency, the FBI and the Department of Homeland Security, monitor suspected terror sites on the Internet and sometimes track users. Private groups like Katz's Search for International Terrorist Entities Institute and The Middle East Media Research Institute are also keeping track of the ever-changing content of these sites. Katz's institute, which relies on government contracts and corporate clients, may be the most influential of those groups, and she is among the most controversial of the cyberspace monitors. While some experts praise her research as solid, some of her targets view her as a vigilante. Several Islamic groups and charities, for example, sued for defamation after she claimed they were terrorist fronts, even though they were not charged with a crime.

Sitting under wall maps of Europe, the Middle East and the United States--including one pinpointing locations of suspected terror cells or possible supporters--Katz and her team of computer technicians and researchers spend their days searching the Internet for any new messages from militant groups and new addresses for terror sites. Her institute, based in a city she does not disclose, also has a small crew in Israel, which allows the organization to monitor sites around the clock.

"We are trying to think the way terrorist organizations think," said Katz, "The Internet today has become a front in the war itself."

Keeping tabs on these jihadist sites--several hundred exist--requires vigilance, as videos and statements uploaded by different groups often appear only briefly. A recent Tuesday was a particularly busy day. The Islambouli Brigade, a militant Islamic group, turned to one popular message board site called islamic-minbar.com, operated out of the Netherlands, to release the names of two women it said were responsible for the Aug. 24 explosions of two Russian planes and to claim responsibility for an attack at a Moscow subway station. "When we pledge to avenge our Chechen brothers, we do not break our promise," the Aug. 31 posting said.

Jaish Ansar al-Sunna, a group that has surfaced in Iraq, posted a video on its Internet site showing the bodies of 12 Nepali contractor workers who it had taken hostage and killed. The site was taken down that same day, but then reappeared on a computer server of a Web hosting company in Utah.

While staffers at Katz's office rushed to translate these postings, others were busy snooping by using a special software program to electronically suck up more than 15,000 computer files from a Web site, or referring to a custom-made database to identify sites with common administrators, an assignment initiated by a government request. This week, they watched postings on the Web site Ansarnet.ws/vb alerting followers that a hostage had been killed, then directing them to a video showing the beheading of an American engineer held hostage in Iraq.

A crucial question, of course, is whether a site is simply offering inspirational rhetoric or is genuinely linked to terror strikes. Often, Web site exhortations are followed by acts of violence, but that doesn't necessarily mean they are connected.

In late May, for example, shortly after a kidnapping guide appeared on an online magazine called Al Battar, a wave of kidnappings and beheadings started in Saudi Arabia and Iraq. Last December, a 42-page essay published on a Web site called Global Islamic Media observed that "the Spanish government could not tolerate more than two, maximum three blows, after which it will have to withdraw as a result of popular pressure" from Iraq. Three months later, bombs tore apart trains in Madrid, resulting in the eventual departure of Spanish troops from Iraq.

In Clifton, the digital images and terrorist manuals from Abu al-Bukhary's site resided, like data from thousands of other Internet pages hosted at Fortress ITX, inside a sprawling computer room. Pointing to the wall of boxes with blinking lights, Fortress executives said they did not know who controlled most of the Web sites on their servers, as they sell space to clients who then resell it to countless others. "It is like an orange you buy at the supermarket," Ellis said. "Try figuring out what farm that came from."

Strategy of Prosecution
Knocking militant groups off the Internet for a day or two by urging individual Web hosting companies to shut down the sites didn't accomplish much, Katz believed. So the government, in an unusual alliance with Katz, has been testing a different strategy in the last year.

Sami Omar al-Hussayen would be their first target. The 35-year-old father of three had arrived at the University of Idaho in 1999 to pursue a doctorate in computer science. In his spare time, Hussayen, who lived in Moscow, Idaho, established a series of Internet sites with names like liveislam.net or alasr.ws ("the generation") and served as a regional leader of the Islamic Assembly of North America, a group that described itself as a charitable organization, but which prosecutors said recruited members and instigated "acts of violence and terrorism."

Along with news from the Middle East and interviews with scholars, the sites included more disturbing information. Videos displayed the bodies of dead suicide attackers as a narrator declared "we had brethren who achieved what they sought, and that is martyrdom in the cause of Allah." Requests were posted for donations to Chechen groups that were trying to "show the truth about Russian terrorism." Clerical edicts appeared on topics including "suicide operations against the Jews."

The Justice Department, which declined to comment for this article, did not claim that Hussayen had authored the most militant iteInstead, by registering the Web sites, paying for them and posting the material, he was charged with providing material support to a banned terrorist group.

But Hussayen's lawyers said their client was expressing his free-speech rights. The Internet is the modern equivalent of the soap box, said David Z. Nevin, one of the lawyers. "They were wildly too zealous," Nevin said about Katz and the Justice Department. "This was not within a country mile of the kind of behavior that this nation has any business trying to criminalize."

The jury was unconvinced by the government's case, and acquitted Hussayen in June after a monthlong trial. "We went through files and files and files of evidence--transcripts of telephone calls, bank statements, all the e-mails, information from the Internet--and we could not substantiate that he was directly involved with a terrorist organization," said Claribel Ingraham, one of the jurors. "It just wasn't there."

The setback in Idaho has not stopped the government from pursuing similar cases. In late July, a warrant was issued in Connecticut for Babar Ahmad, resulting in his arrest in London on Aug. 5. The 30-year-old computer technician at a London college is accused of setting up Internet sites from 1997 to 2003, most prominently azzam.com, to recruit terrorists and raise money for them. "If you're going to use cyberspace, we're there and we're paying attention," said Kevin J. O'Connor, the United States Attorney from Connecticut, after Ahmad's arrest.

The trial has not started--the United States is trying to persuade British authorities to extradite him--but already Muslim groups and civil libertarians in Britain are assailing the case. In a letter from his prison cell that was posted on the Internet, Ahmad asserted that he was imprisoned "to strike terror and fear into the hearts of the docile, sleeping Muslim community."

Katz said she was not discouraged by the criticism of the prosecutions. "When you call for the death of people and then it results in actions--that is beyond the First Amendment," she said. "You are organizing a crime."

Entire contents, Copyright © 2004 The New York Times. All rights reserved.

MSFT & IE If you're one of about 200 million people using older versions of Windows and you want the latest security enhancements to Internet Explorer, get your credit card ready.

Microsoft this week reiterated that it would keep the new version of Microsoft's IE Web browser available only as part of the recently released Windows XP operating system, Service Pack 2. The upgrade to XP from any previous Windows versions is $99 when ordered from Microsoft. Starting from scratch, the operating system costs $199.


News.context

What's new:
People using older versions of Windows can't get an important security update to the Internet Explorer browser without paying for an XP upgrade.
Bottom line:
Microsoft's policy could drive XP upgrades, but it also risks alienating Web surfers and prompting them to turn to free alternatives such as Firefox.

More stories on this topic
That, analysts say, is a steep price to pay to secure a browser that swept the market as a free, standalone product.

"It's a problem that people should have to pay for a whole OS upgrade to get a safe browser," said Michael Cherry, analyst with Directions on Microsoft in Redmond, Wash. "It does look like a certain amount of this is to encourage upgrade to XP."

Microsoft affirmed that its recent security improvements to IE would be made available only to XP users.

"We do not have plans to deliver Windows XP SP2 enhancements for Windows 2000 or other older versions of Windows," the company said in a statement. "The most secure version of Windows today is Windows XP with SP2. We recommend that customers upgrade to XP and SP2 as quickly as possible."


The Internet's security mess has proved profitable for many companies, particularly antivirus firms. Microsoft has declared security job No. 1.

By refusing to offer IE's security upgrades to users of older operating systems except through paid upgrades to XP, Microsoft may be turning the lemons of its browser's security reputation into the lemonade of a powerful upgrade selling point.

That lemonade comes in the midst of a painfully dry spell for the company's operating system business.

Three years have passed since Microsoft introduced its last new operating system, and its upcoming release, code-named Longhorn, has been plagued by delays. Microsoft last month scaled back technical ambitions for Longhorn in order to meet a 2006 deadline.

While Wall Street anxiously awaits an operating system release that can produce revenues until Longhorn appears, Microsoft is eyeing the nearly half of the world's 390 million Windows users who have opted to stick with operating systems older than XP, including Windows versions 2000, ME, 98 and 95.

"Ancient history"
Microsoft denied it was deliberately capitalizing on the Internet's security woes to stimulate demand for XP.

"Microsoft is not using security issues or any security situation to try to drive upgrades," said a company representative. "But it only makes sense that the latest products are the most secure."



"Should Ford have gone back and retrofitted every Pinto with anti-lock brakes when the technology came out? Should OnStar be available for 1989 Dodge Aries K cars? If you want the new technology, you have to stay current with the new products."
--unknown

Microsoft has maintained that the browser is part of the operating system, a point of contention in its antitrust battle with the U.S. government.

Last year, the company ruled out future releases of IE as a standalone product. This week, the company reiterated that stance.

"IE has been a part of the operating system since its release," said the Microsoft representative. "IE is a feature of Windows."

When asked about IE's origin as a free, standalone product, the representative said, "You're talking in software terms that might be considered ancient history."

Microsoft promised "ongoing security updates" for all supported versions of Windows and IE.

The ongoing security updates do not, as Microsoft points out, include the latest security fixes with Service Pack 2, released last month. Those include a new pop-up blocker and a new system of handling ActiveX controls and downloaded content.

And it's those more substantial changes, rather than the bug fixes that come with routine upgrades for supported products, that security organizations have lauded for addressing IE's graver security concerns.

Now it's unclear whether even half the Windows world will have access to the shored up IE.

"It's particularly bothersome if a product is in mainstream support, because what does mainstream support mean then?" said Directions on Microsoft's Cherry.

Microsoft currently commands about 94 percent of the worldwide operating system market measured by software shipments, according to IDC. (That number factors in revenue-producing copies of the open-source Linux operating system, but not free ones).

Of Microsoft's approximately 390 million operating system installations around the world, Windows XP Pro constitutes 26.1 percent, Windows XP Home 24.7 percent, IDC said.

The remaining 49.2 percent is composed of Windows 2000 Professional (17.5 percent), Windows 98 (14.9 percent), Windows ME (6.5 percent), Windows 95 (5.4 percent), and Windows NT Workstation (4.9 percent).

That 49.2 percent of Windows users are left out in the cold when it comes to significant updates to IE and other software.

People running Internet Explorer without SP2 face an array of security scenarios, many of them linked to lax security associated with the ActiveX API, or application programming interface.

SP2 also brought IE up to date with its competitors with a robust pop-up blocker.

"Although I can understand the reasons why Microsoft would like to simplify its internal processes, I'm not in favor of bundling security patches, bug fixes and new features into one package," said IDC Vice President Dan Kusnetsky. "Organizations wanting only security-related updates or just a specific new feature are forced to make an all-or-nothing choice."

Firefox in the hunt
While organizations and individuals weigh the merits of all and nothing with respect to Windows and IE, a competing open-source browser may benefit from Microsoft's decision to reserve SP2's browser upgrades for XP users.

The Mozilla Foundation's Firefox browser is potentially eroding Microsoft's overwhelming market share even prior to its final version 1.0 release. Last week's release of the first preview release of Firefox 1.0 blew past its 10-day goal of 1 million downloads in just more than 4 days.



"Who says that Microsoft isn't trying to monopolize the browser/os market? If it weren't for the fact that I provide tech support to the less technical members of my family, certain friends and work contraints, I'd probably have dumped Windows long ago for a different os."
--Jeanine Jeffrey

Firefox, Apple Computer's Safari browser and Opera Software's desktop browser together command a mere sliver of market share. But features such as tabbed browsing and earlier adoption of pop-up controls have won them adherents among potentially influential early adopters and technology buffs.

Even some Microsoft bloggers have admitted to liking Firefox.

With Longhorn still years away, Microsoft is feeling the heat to produce a browser.

That heat has come in many forms, from grassroots campaigns by Web developers urging people to switch from IE to Firefox and other alternatives, to Mozilla's own marketing push, to a steady drumbeat of lacerating Web log and newsgroup posts decrying IE's years of stagnation.

"I've always wondered what the problem is with the IE team," one respondent wrote in a feedback thread on IE evangelist Dave Massy's blog. "I mean, it's just a browser. You need to render a page based on well-documented standards...and that's it! You've opted to not have tabbed browsing or any other personalization. It's just a window shell and the browser content...I wonder if there are only like four people who work on IE or something? I seriously don't get it."

Massy and others have defended the company by explaining that recent development efforts have been geared at security improvements.

A representative for Firefox, which will face security scrutiny of its own should it make good on its competitive threat to IE, said any pressure it was exerting on Microsoft to update IE was evidence of its success.

"IE users need all the help they can get," said Mozilla Foundation spokesman Bart Decrem. "And we're trying to help them. If Microsoft will help them, all the better. At the end of the day, the mission of the Mozilla Foundation is to provide meaningful choice, and the reason there hasn't been a lot of innovation from the dominant provider is because of their monopoly position. So if they are forced to innovate and respond to the success of Firefox, we are achieving our mission."

Some analysts say Microsoft's reluctance to issue SP2's browser security features to non-XP users has as much to do with being shorthanded as wanting to drive XP adoption.

"Their main focus now is on Longhorn IE," said Matt Rosoff, another analyst with Directions on Microsoft. "It's a staffing and a cost issue."

Rosoff agreed that Firefox and other second-tier browsers might benefit from Microsoft's IE distribution policies, but he noted that the vast majority of consumers are far less likely to download a browser than the typical Firefox early adopter.

"From a consumer standpoint, I think evaluating other browsers makes sense," Rosoff said. "And Microsoft is going to face more and more users who are on dual platforms, who won't see any reason to upgrade once they see that Firefox offers the pop-up blocker and other features they'd have to pay for in IE? But most consumers don't download anything if they can avoid it."


Have an opinion on this story? Share it with other News.com readers.

Hope all are enjoying our lil show strength-MAY IT CONTINUE! Too
busy for another month+ but I sure hope to be enjoying a Wavx
Winter :)

Wassup Guys??? :) eom

154K already .97 x .99...eom

Nice close folks -up 25% and 2,100,000 sh traded! eom

Expect an effort to get us below $1 by COM...Yaya going to do his part to make sure it dont happent but busy busy and may miss it-vigilence and a lil powder for the next 25 mins is the Wavoid Mission.

Tomorrrow is another Day

Scarlett

IMHO, the IBM/NSM (DELL, HP) Safekeeper news is enough for Adams Harkness & Hill to initiate coverage-or anyone really.

Fingers crossed!

+31% yee HA!! :) EOM

"IBM worked with National Semi to develop the chip, which replaces a dual-chip approach Big Blue previously used. Another National Semi representative, Jeff Weir, said Hewlett-Packard and Dell ARE expected to use the chip also."

:))

IBM protects passwords with PC chip
Published: September 16, 2004, 6:18 AM PDT
By Ina Fried
Staff Writer, CNET News.com


update IBM plans to start shipping its PCs with a new chip designed to thwart hackers by safeguarding passwords and other sensitive identity information.

Big Blue will be the first computer maker to use National Semiconductor's SafeKeeper Trusted I/O Device, which stores a computer's identity in silicon, making it harder for outsiders to access, the companies announced Thursday. It's adding the technology as part of an upgraded input-output chip, which is a secondary PC chip that shuttles data from various parts of a PC.

"Security, encryption and password management are key components of IBM ThinkVantage Technologies, which simplify the PC user experience and reduce management costs for organizations of all sizes," Clain Anderson, program director in IBM's PC division, said in a statement.

National Semi said that storing such information in hardware makes it inherently more secure than software-based approaches. The chip encrypts information using a code key only accessible to a specialized processor, protecting the information from outside hackers and user error and essentially locking it to the PC.

Such technology, commonly referred to as trusted computing, are part of an ongoing effort to better secure systems and protect digital information. Companies throughout the technology world have been working on a variety of methods to improve the reliability of authentication, including biometric approaches such as fingerprint readers and iris scanners. Microsoft, for example, last week introduced a keyboard that includes a fingerprint reader.

Some digital rights activists believe that the technology could stop the free flow of information among digital citizens.

The desktop chips cost about $5 in volume and are available now, National Semi said. A notebook processor, which costs $7 in 1,000-unit volumes, is expected to be available next quarter, the chipmaker said.

The security chip, used in IBM desktop computers that are shipping today, is now standard on almost every IBM PC instead of a special feature, National Semi spokeswoman Gayle Bullock said. The chipmaker also has a version for laptop computers, but she declined to comment on when it might be used.

IBM worked with National Semi to develop the chip, which replaces a dual-chip approach Big Blue previously used. Another National Semi representative, Jeff Weir, said Hewlett-Packard and Dell are expected to use the chip also.

CNET News.com's Stephen Shankland and Rob Lemos contributed to this report.

YES!!! :) EOM

Major graphics flaw threatens Windows PCs
Published: September 14, 2004, 1:24 PM PDT
By Robert Lemos
Staff Writer, CNET News.com


Microsoft published on Tuesday a patch for a major security flaw in its software's handling of the JPEG graphics format and urged customers to use a new tool to locate the many applications that are vulnerable.

The critical flaw has to do with how Microsoft's operating systems and other software process the widely used JPEG image format and could let attackers create an image file that would run a malicious program on a victim's computer as soon as the file is viewed. Because the software giant's Internet Explorer browser is vulnerable, Windows users could fall prey to an attack just by visiting a Web site that has affected images.

The severity of the flaw had some security experts worried that a virus that exploits the issue may be on the way.

"The potential is very high for an attack," said Craig Schmugar, virus research manager for security software company McAfee. "But that said, we haven't seen any proof-of-concept code yet." Such code illustrates how to abuse flaws and generally appears soon after a software maker publishes a patch for one of its products.

The flaw affects various versions of at least a dozen Microsoft software applications and operating systems, including Windows XP, Windows Server 2003, Office XP, Office 2003, Internet Explorer 6 Service Pack 1, Project, Visio, Picture It and Digital Image Pro. The software giant has a full list of affected applications in the advisory on its Web site. Windows XP Service Pack 2, which is still being distributed to many customers' computers, is not vulnerable to the flaw.

"The challenge is that (the flawed function) ships with a variety of products," said Stephen Toulouse, security program manager for Microsoft's incident response center.

Because so many applications are affected, Microsoft had to create a separate tool to help customers update their computers. Users of Windows Update will also be directed to the software giant's Office Update tool and then to the tool that will find and update imaging and development applications. The tools are a preview of what may come from the company in the future, Toulouse said.

"We know one of the most important things that we hear from customers is to make the software update process easier," he said. "A goal of a unified update mechanism is what we are looking at."

Out of necessity, Linux distributions have already developed such unified update software, which not only updates the core operating system but also other applications created by the open-source community. The majority of Windows applications, however, are created by companies other than Microsoft, making such a unified update system more politically difficult to create.

The JPEG processing flaw enables a program hidden in an image file to execute on a victim's system. The flaw is unrelated to another image vulnerability found in early August. That vulnerability, in a common code library designed to support the Portable Network Graphics, or PNG, format, affected applications running on Linux, Windows and Apple's Mac OS X. Both the JPEG, which stands for Joint Photographic Experts Group, and PNG formats are commonly used by Web sites.

As part of a notification program that has been in place since April 2004, any customer that had signed a nondisclosure agreement with Microsoft received a three-day advance warning about the JPEG flaw.

"Some customers wanted to get more information, for planning purposes," Toulouse said, responding to media reports that premium customers were getting advanced notice of security issues. He directed interested customers to their Microsoft sales representative to get more information on the program. The information given to participants in the program is limited to the number of flaws, the applications affected and the maximum threat level assigned to the flaws.

The JPEG image-processing vulnerability is the latest flaw from Microsoft and the source of the company's 28th advisory this year. Microsoft frequently includes multiple issues in a single advisory; four advisories in April, for example, contained more than 20 vulnerabilities.

A second patch released by Microsoft on Tuesday fixes a flaw in the WordPerfect file converter in Microsoft Office, Publisher, Word and Works. That flaw is rated "important," Microsoft's second-highest threat level, just below "critical." The vulnerability would let an attacker take control of the victim's PC, if that user opened a malicious WordPerfect document.

More information on the second flaw can be found in the advisory on Microsoft's Web site. The software giant recommends that customers use Office Update to download the fix.

Have an opinion on this story? Share it with other News.com readers.

(Next-I Hope Qt Report:

Lee, Mass., Nov. 12 /PRNewswire-FirstCall/ -- WAVX Corporation , a leading developer, marketer and integrator of Trusted Computing, today reported its financial results for the third quarter 2004.

Revenue for the third quarter of 2004 was $918,000, up 1400% compared to $6,000 in the second quarter of 2004,


Perhaps yaya perhaps

Oh No


I hope were not going after another 3 million...

Dang Doma...so well put yet we drop 9%???eom

Longhorn to put squeeze on gadgets
Published: September 9, 2004, 4:00 AM PDT
By Ina Fried
Staff Writer, CNET News.com


SAN FRANCISCO--Windows makes it easy to quickly download files to iPods and other portable storage devices--a little too easy in the minds of many IT managers.

In the next version of Windows, Microsoft will give big companies an easy way to block use of such devices, while making it easier for consumers to connect their home systems to them, a company representative told CNET News.com.

News.context

What's new:
Longhorn, the next version of Windows, will let big companies block access to iPods and other tiny storage devices in the name of tighter security.
Bottom line:
The new feature should make it harder for employees to grab sensitive corporate data from business PCs or to introduce malware onto local area networks.

More stories on Longhorn
Much has been made of the security risks posed by portable storage devices known as USB keys, or flash drives, music players like the iPod, and other small gadgets that can store vast amounts of data. Some fear that such tiny devices can be used to quickly copy sensitive data off business PC hard drives, or to introduce malicious software onto corporate networks.

"It's a real problem," said Padmanand Warrier, a developer in Microsoft's Windows unit. "That's the feedback we've gotten from IT folks."

To put the new features in place, Microsoft is hoping to move to a common model for how wired and wireless devices connect to a PC in 2006, around the time that it releases the next version of Windows, code-named Longhorn. For consumers, that means that wireless printers, networked music players and other wireless devices should be able to connect to a PC as easily as the USB drives today.

Microsoft showed that technology, known as "Plug and Play Extensions," at this week's Intel Developer Forum.




special coverage
Intel Developer Forum 2004
Dual-core chips are a highlight
of the three-day gathering. For
all stories from the event, plus
video, click here.




For businesses, it means regaining some control over portable devices. "It's not just USB keys," Warrier said, noting that devices can just as easily link to PCs through Bluetooth short-range wireless or another connection.

By including tools to prevent workers from connecting portable storage devices to corporate PCs, Microsoft is offering big companies another option in addition to the outright banning of such devices, as some government agencies and other high-security installations have done.

"USB keys have become ubiquitous," said, Alan Brill, a senior managing director at Kroll OnTrack, a technology services firm that does security consulting. "You can pop them into any computer after Windows 95 and all the software that's needed is already in there. It's a tool that can be both used and abused very easily."

Companies have been slow to react to the threat posed by digital storage devices in general, Brill said.

"It's one that companies have turned a blind eye to for a very long time," Brill said. "If you think back, it used to be that stealing significant secrets was difficult because it was hard to get away with that much paper."

Intel, for example, used to check the bags of employees, but eventually such searches became impractical. With roughly, 80,000 employees, the company found it didn't have the resources to prevent against someone putting files onto a flash drive or iPod, a representative said.

"You take a better approach--you make sure people understand the need to protect company information and you hold them accountable," the representative said.

Market research firm Gartner has advised big companies to disable certain "plug and play" functions in Windows as a security precaution.

IT managers do have access to tools that would allow them to block USB ports, but such tools are little-known, and little-used. "There are tools that are available to...manage USB ports, but 99.9 percent of all machines in corporations don't have anything like that," Brill said.

Longhorn in the headlights
Of course, Microsoft's changes aren't coming until Longhorn, which isn't scheduled to arrive until 2006, and it is likely to take more time before the new operating system is widely adopted by companies.

"(USB keys are) a tool that can be both used and abused very easily."
--Alan Brill of consulting firm Kroll OnTrack
The moves do shed more light on Microsoft's intentions for Longhorn. Much of the attention recently has been on Microsoft's decision to pull a key feature out of Longhorn--a new file system known as WinFS.

In addition to the new device architecture, Microsoft on Wednesday said it also still plans to include in Longhorn a controversial new security architecture called the Next Generation Secure Computing Base.

The company's most detailed outline of Longhorn came at a developer conference last fall, when they spoke of three main pillars--WinFS, a Web services architecture known as Indigo, and a presentation subsystem dubbed Avalon.

Microsoft is making changes to all three pillars. WinFS will be available as a beta when the Longhorn release comes out as a client. Avalon and Indigo will be part of Longhorn, but also made available separately for Windows XP and Windows Server 2003.

Microsoft has also promised improvements in manageability and ease of use, though the company has not gone into great detail on how those new features will work.

In an interview last moth, Windows chief Jim Allchin identified a few Longhorn features, including version 2.0 of the .Net framework, a new user interface, more resilience to malware and "a new photo experience."


Have an opinion on this story? Share it with other

Teenager admits eBay domain hijack(is nothing sacred :) TPM TPM!
Published: September 8, 2004, 9:59 AM PDT
By Martin Fiutak
Staff Writer


German police said on Saturday that a 19-year-old from Helmstedt, Lower Saxony, has admitted to hijacking the domain of the eBay Germany Web site and is likely to face charges of computer sabotage.

The domain hijack attack happened at the end of August when visitors to the eBay.de site were redirected to a different domain name server (DNS), meaning that they could not access auctions.

According to Frank Federau, a spokesman for the Lower Saxony police, the 19-year-old is not a computer expert. The boy claims to have merely stumbled across Web sites that described how to do a DNS transfer.

He claimed that "just for fun" he requested a DNS transfer for several sites including Google.de, Web.de, Amazon.de and eBay.de. Most of these transfers were denied, but the transfer for eBay went ahead. It is unclear how the domain could have been transferred without the consent of the owner.

The teenager said he did not want to cause damage. Indeed, according to Federau, he was shocked when he was told that he had become the new owner of the eBay.de Web address. The domain has now been returned to its rightful owner.

eBay said that user data was not endangered by the domain hijacking.

Maike Fuest, a spokeswoman for eBay, said on Tuesday that the company is not taking any action until it has investigated the incident.

"We want to carefully check all the facts, before we do anything," said Fuest.

The teenager is likely to face charges of spying on data and computer sabotage, Federau said.

In May this year, another teenager from Lower Saxony was arrested on suspicion of creating the Sasser computer worm that infected millions of computers worldwide. The case against the Sasser suspect is due to start soon.

The full news report (in German) on the eBay domain hijacking can be found here.

Internet Sales Tax? Don't Hold Your Breath

Most consumers won't have to worry about being charged sales tax on stuff they buy online anytime soon, thanks to the sluggish pace of federal legislation that would give states the power to collect taxes on all Internet sales.

The states and their allies in Congress had hoped to hold hearings on the tax plan this year, but a crowded election-year legislative agenda has dimmed prospects for action on the issue until sometime in 2005.

The states -- united under the banner of the "Streamlined Sales Tax Project" -- are building the legal and technical foundations for a system in which online merchants would be required to collect taxes on all Web sales and forward the money to the state where the buyer lives. The states are working to harmonize their tax laws in effort to convince Congress to overturn a 1992 U.S. Supreme Court ruling that said such a plan would overburden out-of-state sellers with a confusing patchwork of tax regulations.

Keep in mind that when you buy something over the Internet, even though many online retailers don't collect taxes at the point of sale, you probably are still required by law to report the purchase to your state's bean-counters. Most states have so-called "use tax" laws on the books that require citizens to report and remit taxes on items they buy out-of-state and online, but such laws are notoriously tough to enforce and very few consumers bother to comply with them.

Congress also has yet to reconcile two separate bills passed by the House and Senate to extend a moratorium on taxing consumer access to the Internet. Under the Senate version, the 27 states that tax high-speed digital subscriber line (DSL) Internet services would have two years to phase out their taxes, while another 10 states that taxed Net access before the original ban was passed in 1998 would continue to be exempted from the ban. The House version would ban the taxes permanently and bar states from taxing phone calls made over the Internet. The Bush administration also has signaled its support for extending the ban.

--Brian Krebs, washingtonpost.com Staff Writer

Trees 1, Voter Advocates 0

Most Maryland voters are now even more likely to have two choices on Election Day: vote by touch screen or stay home. That's after an Anne Arundel County circuit judge struck down a challenge to the state's new voting machines.

The plaintiffs, led by TrueVoteMD.org co-founder Linda Schade, had asked that Maryland voters be given a choice between using the touch-screen machines -- which, they argue, are vulnerable to tampering -- or a more traditional paper ballot.

Though Judge Joseph Manck said the machines' potential security holes raised a "very real fear," he agreed with Maryland elections chief Linda H. Lamone that the state had taken reasonable steps to make the election secure. In his ruling, Manck also pointed out that it would be exorbitantly expensive for the state to make paper ballots available to voters in November.

The plaintiffs vowed to appeal the ruling.

The Feds Never Sleep

Most of official Washington may have been on vacation, but the high-tech industry's two most influential regulatory bodies -- the Federal Trade Commission and the Federal Communications Commission -- apparently had enough people in the office to make a couple big headlines last week.

The FCC honed plans to slap CBS with a record-setting $550,000 fine for airing a Super Bowl halftime show in which Janet Jackson's bare, pierced breast made an unexpected cameo. The amount comes to $27,500 for each of the 20 CBS-owned stations that ran the MTV-produced song, dance and striptease extravaganza. Entertainment giant Viacom owns both MTV and CBS.

Meanwhile, over on Pennsylvania Avenue, the FTC announced its first stab at suing a telemarketer for violating the terms of the federal Do-Not-Call list. The FTC said that Braglia Marketing Group LLC broke federal rules by making unsolicited calls to 300,000 prohibited phone numbers. The telemarketer could be hit with more than $3 billion in penalties under the agency's rules.

--David McGuire, washingtonpost.com Staff Writer

Come on ZEE DOLLAR!! :) EOM

.95 :) eom

yes Willem ps :For Intel, the future has two cores
Published: September 7, 2004, 12:20 PM PDT
By Ina Fried and Stephen Shankland
Staff Writer, CNET News.com


SAN FRANCISCO--Intel is trying to make the case that a collection of chips is worth more than the sum of its parts.

The chipmaker presented its argument in several ways on Tuesday. For one, Intel said it has seen a benefit in marketing several chips together, as it has done with Centrino, its bundle of technology for wireless notebook PCs.

Speaking at the Intel Developer Forum here, Intel President Paul Otellini said the next target for such a bundle will be the home PC, which is being transformed from a productivity machine into a home entertainment center that demands both speed and new featuressuch as content protection.

Intel also believes that its future lies in dual-core chips, a single piece of silicon with two multiprocessor cores. The company scrapped plans for a faster traditional Pentium 4 in favor of the "two is better than one" approach. By 2006, the company expects about half its chips will have such a design, with all future products being designed around multiple cores. As expected, Otellini discussed some of Intel's dual core plans during his presentation.

The various moves are aimed at giving Intel a prime position in the digital home and to help the company protect its traditional stronghold in the business market.

The plan for the long term comes as Intel is warning that the near-term PC market may not be all that strong. The company on Thursday cut its financial outlook for the current quarter, sending shivers down the spines of some of its Wall Street watchers.

Otellini said the chip industry has recovered from the dot-com bust, with 2004 likely to set a new record for communications chip sales and possibly for microprocessors.

"We are seeing the surge after the bubble," he said.

"A better way"
But there's lots of work to do still. As part of its overall effort, Intel is increasingly working to shift the focus--that of its own designers and also of its customers--from raw clock speed to improvements by way of adding new features, including releasing so-called dual-core processors and technology like Vanderpool, which will work to allow PCs to run multiple independent operating systems at the same time.

"This is a better way to think about our products," Otellini said in his keynote. "It is a better way to market our products."

"This is not a race. This is a sea change in computing, and we ought not to look at this as a race."
--Paul Otellini, president, Intel
Dual-core chips, which Intel has pledged to bring out in significant numbers next year, will boost the overall performance of PCs and allow them to run different jobs simultaneously--such as watching a video and surfing the Web at the same time.

"We are dedicating all of our future product development to multicore designs," Otellini said. "We believe this is a key inflection point for the industry."

He said 40 percent of desktop chips and 70 percent of notebooks chips that Intel ships in 2006 will be dual-core. Of server chips, 85 percent will be dual-core, he added.

The dual-core mobile processor is code-named Yonah, Otellini said in a meeting with reporters.

During the speech, Abhi Talwalkar, vice president of Intel's enterprise platforms group, joined Otellini to show off a dual-core version of Montecito, Intel's next Itanium chip.

The Montecito chip includes two cores that will each be capable of executing two simultaneous instruction threads. Thus when Talwalker showed a server with four Montecito processors running Windows, the machine was running 16 independent tasks at the same time, as each chip had two cores and so sported four threads.

Right now, dual-core chips are standard in high-end servers, but not the mainstream machines, most of which use Intel chips. IBM began the dual-core drive in 2001 with its Power4-based servers, while Sun Microsystems and Hewlett-Packard followed suit this year.

Dual-core chips are useful, said IDC analyst Jean Bozman. "It's a way for computers to walk and chew gum at the same time," Bozman said. That's particularly important in servers, which by their nature are trying to serve up many applications at the same time.

And Montecito could help convert some Itanium holdouts. "Having Montecito will be another powerful incentive for customers that have been holding off," Bozman said.

However, Otellini did not show a dual-core Xeon chip. He declined to detail when Intel would demonstrate such a chip and bristled at the assertion that rival Advanced Micro Devices, which showed off a dual-core Opteron chip last week, has the lead in technology development.

"This is not a race. This is a sea change in computing, and we ought not to look at this as a race," Otellini said during a post-keynote question-and-answer session. Still, the first demonstration of a dual-core Xeon would be considered important as its design will likely also mirror that of Intel's dual-core desktop chips.

Intel's dual-core Xeon plans were keenly scrutinized. "It sounds to me like they're terrified of saying something definitive and then having to backtrack, which implies that there's still some fluidity in their road maps," said Illuminata analyst Gordon Haff. "They just sat back and let AMD make its 'first with dual-core' claims without rebuttal."

Looking at Vanderpool
Vanderpool will allow PCs to do even more by simultaneously splitting one PC into multiple partitions, each of which can have a different purpose. One partition could be scanning for viruses, while another runs a person's applications, such as word processing or computer games.

Vanderpool will be a way for Intel to encourage companies to buy new PCs, Otellini said: "By putting virtualization and reliability and security into the platform, it can accelerate corporate replacement cycles because it is (offering) a better, cheaper environment," he said.

Otellini demonstrated one PC using Vanderpool to run office applications, games and voice over Internet Protocol, a computer-aided design application running on Linux and also a virus scanner.

Intel cautioned that Vanderpool, as well as a set of security technologies known as LeGrande, won't come until Microsoft ships the next version of Windows, code-named Longhorn, in 2006.

As for the digital home, Otellini used his speech to talk up a proposed standard for sending protected content over traditional IP networks. He noted that Microsoft has issued a statement saying it will support the technology, known as DTCP-IP (Digital Transmission Content Protection over Internet Protocol) in future Windows Media products. Intel said it is working to get Apple Computer on board as well.

"Maybe you can get them to help get a better name for it," Otellini quipped.

Intel also confirmed that it had hired Eric Kim, a Samsung Electronics executive, to head up corporate marketing for Intel. "We don't recruit from the outside very often," Otellini said to reporters. "We were trying to get someone who has not just a technical backgronnd but also a background in consumer electronics."

The chipmaker's series of recent product delays and its overenthusiastic expectations for the third quarter also made their presence felt at the show.

"We had some fumbles," he said while talking with reporters after the speech. To address the issues, he said, "we went back to the basics."

For example, Intel reinstituted its traditional requirement for 90 percent confidence in its ability to meet its schedules and re-evaluated design programs so that it uses consistent standards for conservatism or aggressiveness, he said.

Wireless and more
But Intel isn't only looking to big leaps in technology to make its products more attractive.

• The chipmaker will beef up product platforms such as Centrino with things as simple as new ways of connecting with other computers to share data. The chipmaker plans to make WiMax, the wireless broadband technology, an option in its Centrino platform, for one.

Intel has already begun sampling the chip, code-named Rosedale and based on the 802.16-2004 standard, to its key customers. It's expected to ship the chip in volume late this year or early in 2005.

"Starting in 2006, we have made a commitment we will integrate as an option WiMax silicon into the Centrino notebook platform," Otellini said.

By later in 2006 or 2007, adding the highly anticipated WiMax to a computer will mean only a small increase in component costs, a cost that's comparable to that of Wi-Fi today, Otellini said.

• Otellini on Tuesday also unveiled an initiative, the Intel Cross Platform Manageability Program, designed to help create ways for companies to better administer to computer hardware, ranging from cellular phones and notebooks to servers.

• Intel plans to offer a Pentium 4 processor with 2MB of performance-enhancing cache by the end of this year, Otellini said. Right now, most Pentium 4s have 1MB.

• NASA representatives also were on hand to tout Itanium. The U.S. space agency is building a 10,240-Itanium supercomputer, called Project Columbia, that's expected to have performance of 60 trillion calculations per second, or 60 teraflops, when it's complete by the end of the 2004. By contrast, the fastest supercomputer today is NEC's Earth Simulator at 35.8 teraflops.

CNET News.com's John Spooner contributed to this report.

Thanks ole buddy eom

secur...+20% is a blue light special to me? :<

ps STM is a 14Billion dollar market Cap comp...weez selling to the gorrillas! (Finally :)

STM;s news(sure nice to see another bluelight):
ST's Trusted Platform Module Provides Complete Trusted Computing Group-Enabled Security Solution for Desktop and Laptop PCs
STMicroelectronics Completes Trusted Computing Group 1.2 Solution, Available with Licensed Software from Wave Systems and NTRU GENEVA, Switzerland - PRNewswire-FirstCall - Sept. 7
GENEVA, Switzerland, Sept. 7 /PRNewswire-FirstCall/ -- STMicroelectronics announces the availability of its complete Trusted Computing Group (TCG) 1.2 Solution -- the ST19WP18-TPM -- which is backward compatible with ST's TCG 1.1b Solution. The new TCG 1.2 solution features an integrated Core TCG Software Stack from NTRU Cryptosystems, along with the Embassy Security Center and Cryptographic Services Provider from Wave Systems as well as all necessary BIOS and Windows(R) drivers.

The ST19WP18-TPM solution, based on ST's Trusted Platform Module, combined with the software stack (BIOS and Windows drivers, NTRU Core Trusted Computing Group Software Stack, and Wave Embassy(R) Security Center and TCG Cryptographic Service Provider), delivers an off-the-shelf TCG-enabled security solution for desktop and laptop PCs.

Backward compatible with the earlier 1.1b specification already used on motherboards by leading PC manufacturers, the ST19WP18-TPM solution is TCG v1.2-ready and provides support for new functions, such as Delegation, Transport Protection, and Locality. The firmware relies on an optimized and flexible software architecture, which anticipates the integration of future TCG enhancements and the implementation of dedicated functions.

"Trusted Computing is set to become the major IT issue for companies and governments as computer systems become increasingly complex and vulnerable. ST's secure technology, combined with advanced software from proven partners, provides a complete system-on-chip solution around which trusted systems can be built," according to Alain Jarre of the Smartcard ICs Division, STMicroelectronics.

ST has completed commercial licensing terms with Wave Systems Corp. for the Embassy Security Center (ESC), a powerful Trusted Platform Module management utility that allows easy set up and configuration of the TPM. The Wave ESC provides multi-factor authentication functions to users and key management. In addition, TPM administrators can easily define custom security policies.

The license also includes the TCG-enabled Wave Cryptographic Service Provider (CSP), which supports any application requiring cryptographic services taking full advantage of the TPM. It is fully compliant with Microsoft's crypto-API specification.

NTRU Cryptosystems' Core TCG Software Stack (CTSS) provides the essential core interface and security services for any application that wants to use the Trusted Platform Module. It also interfaces with the Cryptographic Service Provider for ease of use by higher-level applications.

The ST19WP18-TPM solution includes the BIOS and Windows(R) drivers necessary for use on Windows(R) 2000 and XP systems. This includes the Memory Absent and Memory Present BIOS drivers, the Windows Kernel-mode driver (TDD), and the Windows user-mode driver (TDDL).

The basis of ST's TCG 1.2 solution is the ST19WP18 single-chip Trusted Platform Module -- a full-featured 8-bit microcomputer from the company's ST19W family of security-proven MCUs with an advanced 1088-bit cryptographic co-processor supporting Public Key Infrastructure functions and dedicated to smart card and other secure applications. It includes a 33MHz Low Pin Count (LPC) Interface compliant to the Intel specification as recommended by TCG PC Client Specific Trusted Platform Module (TPM) Implementation Specification for communication with the host processor.

The ST19WP18-TPM solution, packaged in TSSOP28 is available now, at $4 in quantities of a few hundred units.

Go to http://www.wave.com/ for more information about Wave Systems Corporation and to http://www.ntru.com/ for more information about NTRU Cryptosystems.

About the Trusted Computing Group

The Trusted Computing Group (TCG) is a not-for-profit organization -- of which ST is one of around 45 members -- which exists to develop and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals and devices. Its primary goal is to help users protect their information assets such as data, passwords and keys from compromise due to software attack and physical theft.

The Group was formed as a successor to the Trusted Computing Platform Alliance (TCPA), which was founded in 1999 by Compaq, HP, IBM, Intel and Microsoft. TCG has adopted the existing TCPA specifications, including the Main (TPM 1.1) specification, and PC Specific Implementation specification. A TSS (TCG Software Stack) specification was announced on September 15, 2003, and the TPM 1.2 specification on November 5, 2003. Work groups have been formed for server, PDA, and digital phone implementation specifications.

Further information is available at http://www.trustedcomputinggroup.org/ About STMicroelectronics

STMicroelectronics is a global leader in developing and delivering semiconductor solutions across the spectrum of microelectronics applications. An unrivalled combination of silicon and system expertise, manufacturing strength, Intellectual Property (IP) portfolio and strategic partners positions the Company at the forefront of System-on-Chip (SoC) technology and its products play a key role in enabling today's convergence markets. The Company's shares are traded on the New York Stock Exchange, on Euronext Paris and on the Milan Stock Exchange. In 2003, the Company's net revenues were $7.24 billion and net earnings were $253 million. Further information on ST can be found at http://www.st.com/.

STMicroelectronics

UP16%---#1 on Nas is up 13%-we dont qualify YET! :)

.90 271K Traded!

Most excellent! eom

Boom Boom, the third qtr is coming to its last month...I expect a release with NUMBERS relating to a client(s)...we shall see but as they say the ninth inning approacheth!

I have a dream..."Sept will be ours!" (fwiw)eom

Jaybeaux


Have you ever experienced a more exciting week as an investor
of Wave Systems?


ps trying to arrange to go down to the big game next week
but may be hard to get away...first Im going to go spy on Snacky's team at Fed Ex field this week...:)

LD we just call them LRC's! We have had so much experience with them! :<

Someone wants 15K at .77---bullish (relatively of cose)eom

Well someone's accumulating 4k blocks at .78 it appears to anyone who wants to sell and there doesnt appear to be many takers.