Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Could be a head fake... to open an opportunity to print more money.
I believe this is largely an address space issue. In the mid-90's I worked for a growing telecom which had the largest Oracle 7 database in North America ( close to 10 terabytes as I recall.) The peculiar thing (to me as a POSIX engineer) was Oracle was running on an IBM 3090 MVS sled. No other platform (at that time) could provide the address space needed. (Note that in the later 90's we moved to an HP T500 system with robotic cart library to meet the required archival requirements... Moores law in action.)
-R
LOL- I am embarrassed to admit that for too long I've wondered what people on this board meant when they said "such-and-who is on the BID". I'm sure my slumber will be much improved with that resolved.
Thank you very much!
-R
Microsoft to Launch Biggest Ad Campaign
http://apnews.myway.com/article/20050418/D89HK6H00.html
Apr 18, 1:18 AM (ET)
By ALLISON LINN
SEATTLE (AP) - Microsoft Corp. (MSFT) is launching one of its biggest and costliest advertising campaigns ever - but don't expect the big splash to accompany a new product.
Instead, the campaign premiering Monday is aimed at revitalizing consumer interest in Microsoft's dominant Windows operating system.
A new version of Windows has not been released since Windows XP debuted nearly four years ago. And although Microsoft plans to launch a new version in late 2006, the company said Friday that this new campaign will not be geared toward that product, code-named Longhorn.
Scott Lennard, director of advertising for Microsoft's consumer marketing group, would not say whether Microsoft is concerned that the aggressive television, print and Internet campaign focused on Windows XP could spur consumers to buy the older product - effectively snagging sales from Longhorn when it's released.
Instead, he characterized the campaign as being generally about Windows, with a focus on Windows XP because that's the company's best current version.
Lennard also would not say how much the campaign will cost Redmond-based Microsoft, although he characterized the 15-month, international effort as one of the largest in the corporation's history.
Microsoft spent $200 million on a four-month marketing campaign when Windows XP was launched.
The campaign will focus on specialized tasks consumers can do with Windows, like making music or learning about astronomy. These aren't new functions to Windows, but Lennard said people may not know about them - a complaint critics have echoed.
Microsoft's Windows operating system enjoys incredible dominance on the world's computers. Research firm IDC estimates that 94.4 percent of new computer operating systems sold in 2003 were Windows products.
Good... very good. I just wish that mgmnt would say this. I'm still NO until something substantive is shown to me. I really felt pi$$ed on when I learned of the PP after the last CC... Snackman, Doma, Eamonshute(???), EVERYBODY is doing much of the work (IR wise) that's management's responsibility. All IMHO. I really hope that we can move on to other things (DD) until we get closer to the SHM. Hopefully SKS and the BOD will take heed and share some insite between now and then.
-R
Well, Wave is up on an otherwise very bloody day. My undies are in a bunch and my martini is ready. I'm done for the weekend... I hope we all feel better on Monday. I swear I will not log in from home!
Ciao,
-R
Good point. I just posted a response to TGiff focused on dillution of the monetary value of shares...
TGiff- If the issue is inadequate voting power for B shares increase the voting rights of those shares (10 votes v 5 votes). I'm willing to go for this (with trepidation). I will not (currently) vote for dillution of my shares.
-R
Actually, I did! Can I ask for another though?
-R
Maybe 1/3 aren't reading now... but when the proxies reach the mailbox? Most of the investors/traders I know are keen to do their own DD even in stocks with broad coverage. At any rate, even if my speculation about the potential hit counts turns out to be inaccurate I believe (and hope) that your postulation that this board is of no consequence is even more inaccurate. (The latter ruffles my feathers a bit.)
-R
I hub has 525k registered users (adserv.stocksite.com/media_kit.html) and Waves board is very often among the most active.
Doma- I would like to see some evidence of Wave gaining traction. The update on the USMA implementation is just the kind of thing I hope to see (assuming positive results.) Revenues for Q1. And a statement of how/why the shares are to be used/needed similar to Snackmans post but from mgmnt.
Is this too much to ask? I disagree with Snackmans proposition that this board couldn't muster the votes to effect the outcome it desired.
-R
I want to hear this from Wave... not the internet. This may (and I believe) all be true and factual. But it needs to come from Wave.
-R
I believe there are around 36k shareholders. When the proxies go out I wouldn't be surprised if at least 1/3 of those wouldn't be inclined to lurk on the board for a day or two to find out what is going on. Hopefully the rest would be inclinded not to potentially devalue their investment. It would be interesting (and is tempting) to launch a "NO NEW SHARES WITHOUT SOME INSIGHT" campaign.
I respect you greatly Snackman and am greatful for your management of this board... but this is business. Sorry if I offended with the five solas post last night. It is frustrating to see such wonderful potential unrealized for so long.
-R
Suppose your college aged daughter asks for an increase in her credit limit on the credit card you gave her for "emergencies" while at school. Wouldn't you consider how that card had been used in the past (the new dress for the house dance, the airfare to Barbados, etc) and ask how it might be used in the future?
I'm not quite yet a member of the club but my shares are NO until I hear more information. An inside purchase of >25k shares by SKS may suffice.
Escrow, interesting. On today's CNBC Powerlunch they will be discussing what to look for in a new laptop/notebook computer... wouldn't it be nice.
-R
What To Look For In Enterprise Storage Security
www.networkingpipeline.com/showArticle.jhtml?articleID=160700388
April 08, 2005
What To Look For In Enterprise Storage Security
You wouldn't hire any old security service to guard your company's important physical assets, would you? We outline areas of vulnerability and present questions to get you thinking about the level of protection your organization needs.
By Don MacVittie Courtesy of Network Computing
Storage security is gaining importance in the enterprise. Increasingly, regulations require organizations to take "reasonable" steps to protect data; we believe that reasonable includes the standard security topics of authentication, access control and/or encryption.
If you haven't been thinking about storage security, you'd better start. The safeguards you put in place to protect data in storage--whether in a database, on a SAN (storage-area network) or on disk in a flat file--might be your last line of defense against those who threaten your customers' sensitive data and your company's reputation.
Our readers are taking the problem seriously. In a recent Network Computing poll, 70 percent of respondents said storage-specific security is a must for their organizations, and only 4 percent said their storage-security budgets would decrease in the next 12 months. The bad news is that the vast majority of SAN engineers, network analysts and database administrators are not security experts. Although most know the basics, and many can find their way around in a secure environment, security is not what they do for a living.
It's a situation ripe for turf warfare: Government regulations, best practices and corporate policies put data-access control in the hands of security staffers. Database administrators and SAN engineers no longer hold the keys to the kingdom. Neither will network engineers, as IP storage continues to grow in popularity. We're betting the reliability of our SANs and databases on the skills of people outside our departments or teams. Indeed, when we asked poll participants to identify the chief barriers to enterprise storage security, half cited a lack of communication between security and SAN groups.
Dig Deeper
Storage Security
Read On
Review: Storage Security Products
Storage Market Poised For Growth In 2005
Don't Skip A Beat With Backup
Lost Or Stolen Identities Make Waves
Security professionals are largely unfamiliar with the SANs and databases they're supposed to be protecting. Although they surely realize that Fibre Channel is not a new health-food spin-off of Food TV, they're less aware that data running over an FC SAN is as readily readable as data running over an IP network.
Lemonade, Anyone?
Smart storage pros will make the most of this situation by working with their security teams to build a storage-security system that will protect data with minimal impact on uptime.
The first step in locking down your critical stored data is to determine which type of security best suits your organization. Stored data is vulnerable in more places than you might think, including at the application, host, switch, and LUN or block levels. Fortunately, there are plenty of products to address these problem areas. With offerings from vendors like Ingrian and Protegrity, you can encrypt select database columns. Alternatively, you can implement SAN access control from switch vendors, or SAN encryption and access control from vendors such as Cisco Systems, Decru, Kasten Chase and NeoScale. Some products also limit access by application (see "Securely Stowed,").
Fact is, there's no single solution. Generally, data still comes to the host unencrypted--even products that encrypt and decrypt right on the host or database server must hold unencrypted data in memory. And access control at the host, application, database and SAN levels can only mitigate risk.
So what does good enough storage security look like? Compliance requirements are growing in every field, but if your enterprise works with the federal government, is a financial institution, hospital or credit-card issuer, or maintains a presence in California, you could be under the gun. For example, you may be required to produce records of what access rights were changed, when they were changed and who changed them. You may also need to prove you took steps to limit access and protect data if a breach does occur.
The following questions will help you get to the heart of storage security--what you are trying to protect, and at what points in the architecture.
• Do you need encryption, or just access control? If you encrypt data on the SAN, must you encrypt it across the entire SAN? If the decryption is performed off-host, can your network handle the additional traffic? If the decryption is performed on-host, are you willing to touch each server that must act as a host for encrypted data to install either client software or a decryption accelerator card?
Different products decrypt at different locations, with most of them passing data unencrypted from the switch to the host. Only 11 percent of readers surveyed don't use encryption, saying it's not worth the bandwidth; 32 percent prefer to encrypt on the host. Encryption on the host is CPU-intensive unless you have dedicated encryption processor cards in each host. Encryption on the SAN, be it on the switch or on an appliance, puts unencrypted data on the SAN when it's passed to and from the encryption engine.
• If you encrypt database columns, where should they be decrypted, and where should the keys be stored? If the keys are in the database and double-encrypted, is that good enough? We don't like storing keys with the data they protect, but if the encryption keys are encrypted, many professionals think that's acceptable. If encryption and decryption are done in the database with stored procedures, be careful about access controls to those procedures. Putting keys, the encryption engine and data all on one box does ensure that you won't lose data if the network goes down midtransaction.
• If you limit access to specific LUNs by host, do you need protection from WWN spoofing, where the World Wide Name of a host with access is copied onto a host without access so an attacker can pretend to be on a valid host? Do you need logging of attempted access by unauthorized hosts? Do you need to tie a specific port to a specific device's WWN? Are you willing to maintain this association throughout time, across the entire SAN? Tying ports to specific WWNs is a good way to protect against WWN spoofing, but the maintenance is higher because you must keep those relationships live.
• Do you need role-based access control? Access control to data on the SAN is implemented by 60 percent of poll respondents, with authentication and management access control close behind, at 55 percent and 57 percent. Role-based access control does make management of rights much easier, but you'll incur more overhead.
• Do you need to ensure that an attacker who gets physical control of your disks or tapes won't be able to read them? Don't dismiss this possibility--in February, Bank of America announced that tapes were lost during shipment to a backup data center. The tapes contained unencrypted customer and account information for 1.2 million federal employees, including some very unhappy senators. Encryption of a tape introduces complexity because you have to ensure the decryption key will be available should you ever need the data on that tape. But storing the key on the tape is counterproductive.
When asked which areas of storage security they want to bolster, a whopping 73 percent of our poll respondents named hosts. These, along with applications residing on hosts and IP gateways, were considered the weakest links in SAN security.
Nearly all enterprise SANs run on optical Fibre Channel networks. FC is designed to handle high-speed, high-volume data transfers. For our purposes, we're focused on high-speed, high-volume transfers between disk subsystems (targets) and servers (hosts), generally through an FC switch that behaves much like an IP switch.
The competing iSCSI is a protocol that wraps SCSI commands and responses in IP packets. Because of the overhead of IP and differences between the IP protocol's expectations and those of SCSI, iSCSI's performance can't match FC's. 10-Gigabit Ethernet will bring performance in line with Fibre Channel, and consequently, we think iSCSI will grow in popularity.
Here's a breakdown of other vulnerable areas, beyond hosts and applications, in both Fibre Channel and iSCSI storage infrastructures. See our diagrams for visuals.
Fibre Channel
• Fibre Channel switches: An FC switch is a networked switch. Although the mechanics aren't as well understood, they suffer from all the vulnerabilities plaguing other switches. WWNs can be spoofed, the switch can be physically replaced, and IP management ports can be broken into. Gaining administrative access to a switch through the management port can open the entire SAN to intrusion.
Fibre Channel
Click to Enlarge
• Fibre Channel management host: With the advent of Web-based management, dedicated management hosts are used less frequently. However, Web-based administration systems are prone to the thousands of attacks that can happen on any TCP/IP-based network. Gaining administrative access to the management host or interface can allow an attacker to turn off all security on your SAN.
• Fibre Channel storage arrays: Physical storage can be threatened by several different routes. Because most LUN masking and virtual routing is done in the switch, replacing the switch can allow access to the drives on the physical array. Someone walking out of the building with your physical array is also within the realm of possibility.
• Tape backups: As mentioned, tapes are a point of vulnerability because they leave your building and are stored off-site.
iSCSI
Click to Enlarge
iSCSI
• iSCSI switches: These are prone to all the vulnerabilities you're used to in IP. For example, an unauthorized user who gains administrative access can turn off VLANs (virtual LANs) and security. This is more of an issue with iSCSI than with FC because iSCSI uses off-the-shelf IP switches that don't have specialized storage security built in.
• iSCSI storage arrays: These can be more vulnerable to attack than FC storage arrays, for no other reason than that any machine on the IP network can see them. If there's a route between a given host and an IP storage box, there's a direct attack vector. ISCSI storage arrays suffer from the same physical access problems that affect FC storage. And in an iSCSI network, more security information is on the array, so gaining administrative access is more of a threat than in FC.
As we mentioned, most readers are worried about the security of their hosts and the applications running on them. The bad news is that once an attacker has access to a host on the storage network--be it Fibre Channel or iSCSI--he or she has access to all the data the host can see. Luckily, many of the products we looked at in "Securely Stowed" limit access rights by LUN, to limit what each host can see. Database encryption tools offer the added security of knowing your data is not accessible to any users except the ones that certain applications run as.
This is not a cure-all, but it does mean that an attacker taking over a box does not necessarily have access to all the data the box can "see." Decru offers an add-on application that lets admins limit which applications can run on a host, and what storage--down to the individual file level--each application can see. This is useful to keep an attacker from using applications like SQL*Net to access data in your database, even if the intruder has compromised the login of a database user.
The recent bad press about SHA-1, even though the attacks were mostly contrived in situations where the keys or data had to conform to a certain set of criteria, guarantees that you'll be using one of the new hashing standards. Make sure the product you choose is expandable--in security, the only certainty is change.
Costly, but Prudent
Overall, there are no real surprises in the cost of data security. Encryption of data costs you in terms of bandwidth and latency, though not as much as you might expect. Access control and authentication cost you in terms of the management hours required to set up and maintain access-control lists, though group-based management does save you time. Choosing a product that mitigates the cost through support for RADIUS is a good idea if you're maintaining a large network.
In fact, not securing your data at rest could end up costing you more than even a fleet of expensive encryption appliances. By the end of next year, failure to encrypt credit-card numbers stored in databases will be considered negligence in civil cases arising from unauthorized disclosures, according to Gartner.
Already, ChoicePoint shareholders are suing after the company's shares plummeted on news that consumers' personal data had been stolen. Identity theft costs U.S. businesses and consumers $50 billion to $60 billion a year, according to the Federal Trade Commission. It's not a stretch to expect more consumers to sue the companies that let their data be pilfered. What's more, the California Database Security Breach Act, which applies to any business with customers in that state, requires disclosure even if a break-in is only suspected.
Just the thought of the adverse publicity such a notification would generate should be a wake-up call to any organization not taking protection of data at rest seriously.
Don MacVittie is a technology editor at Network Computing. He previously worked at WPS Resources as an application engineer. Write to him at dmacvittie@nwc.com.
It's crucial that storage pros work closely with their security counterparts to protect data at rest. This is no time to get territorial: Given the recent rash of personal-data theft, today's data-security regulations may be only a taste of what's to come. Sen. Dianne Feinstein (D-Calif.), for example, has introduced a bill that would set national standards for database security, require businesses and government entities to notify individuals if they even suspect an attacker has obtained unencrypted personal data, and empower the Federal Trade Commission to impose fines of $5,000 per violation or up to $25,000 per day.
In this cover package, you'll learn what network engineers, database administrators, SAN engineers and security professionals can do to store data more securely. "Who's Minding the Storage" outlines areas of vulnerability and provides a list of questions to get you thinking about the level of storage security that's right for your organization.
"Securely Stowed,", examines encryption products and storage switches from Brocade Communications Systems, Cisco Systems, Decru Systems, Ingrian, Kasten Chase, McData Corp., NeoScale Systems and Protegrity, which we tested in our Green Bay, Wis., Real-World Labs®. We didn't issue a report card or pick an Editor's Choice, though we did take a special shine to Cisco's MDS 9216i Storage Switch. Rather, we sought to outline what vendors can do for you in the storage-security arena. We liked what we saw overall and look forward to delving deeper into some of these products in the coming months.
There's New York in Las Vegas, too! /e
FBI Teaches Lesson In How To Break Into Wi-Fi Networks
www.networkingpipeline.com/showArticle.jhtml?articleID=160700382
April 07, 2005
FBI Teaches Lesson In How To Break Into Wi-Fi Networks
By Humphrey Cheung, Tom's Networking Courtesy of Security Pipeline
Millions of wireless access points are spread across the US and the world. About 70% percent of these access points are unprotected — wide open to access by anyone who happens to drive by. The other 30% are protected by WEP (Wired Equivalent Privacy) and a small handful are protected by the new WPA (Wi-Fi Protected Access) standard.
At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes. Special Agent Geoff Bickers ran the Powerpoint presentation and explained the attack, while the other agents (who did not want to be named or photographed) did the dirty work of sniffing wireless traffic and breaking the WEP keys.
This article will be a general overview of the procedures used by the FBI team. A future article will give step-by-step instructions on how to replicate the attack.
WEP Cracking - The Next Generation
WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver.
Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of "strong" encryption while a 128 bit key has 104. The IV is placed in encrypted frame's header, and is transmitted in plain text.
Traditionally, cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets—a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP cracking program such as Aircrack would be used to find the WEP key.
Fast-forward to last summer, when the first of the latest generation of WEP cracking tools appeared. This current generation uses a combination of statistical techniques focused on unique IVs captured and brute-force dictionary attacks to break 128 bit WEP keys in minutes instead of hours. As Special Agent Bickers noted, "It doesn't matter if you use 128 bit WEP keys, you are vulnerable!"
On With The Show
Before we get into the steps that the FBI used to break WEP, it should be noted there are numerous ways of hacking into a wireless network. The FBI team used publicly available tools and emphasized that they are demonstrating an attack that many other people are capable of performing. On the other hand, breaking the WEP key may not necessarily give an attacker complete access to a wireless network. There could also be other protection mechanisms such as VPNs or proxy servers to deal with.
For the demonstration, Special Agent Bickers brought in a NETGEAR wireless access point and assigned it a SSID of NETGEARWEP. He encrypted the access point with a 128 bit key—made by just keying in random letters and numbers.
Note that normally, you have to find wireless networks before you can crack them. The two wireless scanning tools of choice are Netstumbler for Windows or Kismet for Linux. Since the other WEP cracking tools are mainly Linux-based, most people find it easier to stick with Kismet, so they don't have to switch between Windows and Linux.
Another FBI agent started Kismet and immediately found the NETGEARWEP access point. Just for fun, a third agent used his laptop and ran FakeAP, a program that confuses scanning programs by putting up fake access points.
Attack!
After a target WLAN is found, the next step is to start capturing packets and convert them into pcap (short for packet capture) format. These pcap files will then be processed by other programs. Many programs, both commercial and open source, can be used to capture packets, but the two favorites seem to be Kismet or Airodump (now part of Aircrack). Ideally, one laptop should be scanning, while another laptop will be running the attack—which is what the FBI team did.
About half a dozen different software tools were then used by the FBI team, and they are listed—along with their download links—at the end of the article. Thankfully, the Auditor's Security Collection, which we reviewed last year, is a live CD that has all of these tools already installed. Even the FBI likes this distribution.
If a hacker is lucky enough to find an extremely busy wireless network, passive sniffing should provide enough good packets to allow the WEP key to be recovered. In most cases, however, an active attack or series of attacks are needed to jump start the process and produce more packets. Note that active attacks generate wireless traffic that can itself be detected and possibly alert the target of the attack.
The FBI team used the deauth feature of void11 to repeatedly disassociate the laptop from the access point. Desired additional traffic was then generated as Windows XP tried to re-associate back to the AP. Note that this is not a particularly stealthy attack, as the laptop user will notice a series of "Wireless Network unavailable" notifications in the taskbar of their desktop screen.
Another attack method the FBI team used is a replay attack. The basic premise of this attack is to capture at least one packet traveling from the victim laptop to victim access point. This packet can then be replayed into the network, causing the target AP to respond and provide more traffic to capture.
Aireplay (also part of Aircrack) can perform a replay attack based on captured ARP (Address Resolution Protocol) packets, which are broadcast at regular intervals in wired and wireless networks and are easy to spot. Aireplay automatically scans a captured pcap file, pulls out the suspected ARP requests, and replays them to the access point.
After about three minutes of capturing and cracking, the FBI team found the correct WEP key, and displayed it on a projected notebook screen. Agent Bickers, still speaking to the audience, turned around, looked at the screen and was surprised, "Usually it takes five to ten minutes."
Countermeasures & Conclusion
So what can you do to prevent hackers from getting into your network? Special Agent Bickers and his team have some tips for wireless users. He stresses that these are mainly for home users and should not be considered as official FBI best practices for businesses.
1) Network segregation Put your access point on a separate subnet, with a firewall separating the wireless and internal users
2) Change the default settings on your access point Default settings (SSID, administrator password, channel) are well known and even included as part of some WLAN attack tools
3) Use WPA with a strong key WPA is a definite improvement over WEP in providing wireless security. But the version intended for home and SOHO use—WPA-PSK—has a weakness shared by any passphrase security mechanism. The choice of simple, common and short passphrases may allow your WPA-protected WLAN to be quickly compromised via dictionary attack (more info here).
4) Update your firmware This is helpful if your AP or client doesn't currently support WPA. Many manufacturers have newer firmware for 802.11g products that add WPA support. You may also find this for 802.11b gear, but it's not as common. Check anyway!
5) Turn off the WLAN when not in use A $5 lamp timer from your local hardware store is a simple, but effective way to keep your WLAN or LAN from harm while you're sleeping.
Bickers also said that if you have an access point that can swap keys fast enough, you may be able to stay ahead of an attacker. "Most likely they will get bored and attack someone else." But for most WLAN owners, this method isn't practical.
The FBI demonstrated this attack to the computer security professionals at the ISSA meeting in order to show the inadequate protection offered by WEP. It is one thing to read stories of WEP being broken in minutes, but it is shocking to see the attack done right before your eyes. It was fast and simple.
Thankfully, the FBI are the good guys.
Not sure about the car. But wireless (and secure wireless) marine (yachting) intruments are coming into there own.
www.westmarine.com/webapp/wcs/stores/servlet/ProductDisplay?storeId=10001&langId=-1&catalogId=10001&productId=142080
If I recall correctly I have a couple of articles from Practical Sailor and Ocean Navigator discussing marine WiFi from last fall (paper and ink). I'll try to find links to these and post them if anyone is interested.
-R
Howard: You may be expecting a bit much from "yet another conference". Good or bad, IMHO NO PR by itself will launch this rocket. The Dutton coverage may stir things up a bit. However, I'm wondering if Dutton isn't waiting for something to PROVE a realization of this company's potential. I, personally, plan to hold judgement until Q2 results are out (barring really negative coverage or a failure to show at least some progress in Q1.) The road to ubiquity has had many switchbacks. I believe we are on our final stretch on what has been a long road... IT MAY END AT A CLIFFS EDGE... on the other hand it could well be the valley of gold. It seems to me that at sub $1 shares the risk involved isn't much greater than to buy (either call or put) options on AIG, PFE or whatever and (IMHO) the potential reward is far greater. In the 90's I remember everyone contributing "dots" to the board... well we really don't have anymore room for dots. New investors need to do there best to learn the history of Wave (painful though it may be) and evaluate how the markets have changed in concert with the mission of the company. To some, all of the "dots" placed thoughout the market place over the years may seem meandering. To others (me) it demonstrates the integration (ie acceptance) of Wave's conceptual solution into the marketplace. Please note that I am careful to distiguish "Wave's conceptual solution" from "Wave's solution". You pay your money and you take your chances. If you are long you need to be a strong long or go somewhere else.
-R
sola scriptura
To find more shares in the mid .90's perhaps? If I had dry powder I would.
-R
for barge only: Perhaps you happenned upon a salt to an open wound (I am stuggling to recall if a "barge" wasn't a hardcore short in late 98 through perhaps early 00's?). I didn't see anything in the (your) original post particularly pointed or sharp. You must have struck a nerve... everybody (that I haven't ignored) contributes more to the board than they detract from the board (all IMHO). In the words of the sage Rodney King can't we ALL just get along. This board is about relevant DD to WAVX. Your point was well taken here... I thought it more a wink and a nod than a jab and a dig. I can't believe it and sheesh! Please note that I mention no names other than barge... Soli deo gloria.
-R
Sola fide
10Q in a week? I thought early/mid May.
-R
go: No longer emerging. IMHO Wave has emerged from its chrysalis. Carrying this metaphor a bit further... I don't think it will (or can) take 18 mos for our wings to dry. Too many predators looking to occupy the territory (many are recognizing its desirability). The Dutton coverage is the sunlight which will help in our pursuit of flight. But it is still up to Wave. Q1 and Q2 must IMO display progress toward our (or mine anyway) expectations.
-R
(The WAVX board as a creative outlet?)
Wildman: Some very salient points:
<snip>
The security risks of these incidents could be minimized if the caretakers of the personal information encrypted the sensitive information — a process that makes it virtually impossible to read the data without a special code.
The laptop stolen from UC Berkeley was supposed to be encrypted this month, Felde said. The computer, which required a password to operate, was left unattended for a few minutes in a restricted area of a campus office before someone walked in and stole it, Felde said. A campus employee witnessed the theft and reported it to university police.
<snip>
-R
smackdog: a thesis not a dissertation?
Who's program are you in... University of Pheonix? If you just started you should be aware that your doctoral review board could (should IMHO) have an unfavorable opinion of your use of unknown other's research. If you're not simply a poser I seriously caution your pursuit of research developed by unknown others. How would you reference us?
-R
Stolen UC Berkeley laptop exposes personal data of nearly 100,000
By MICHAEL LIEDTKE, AP Business Writer
Tuesday, March 29, 2005
sfgate.com/cgi-bin/article.cgi?f=/n/a/2005/03/28/financial/f151143S80.DTL
(03-29) 00:04 PST San Francisco (AP) --
A thief recently walked into a University of California, Berkeley office and swiped a computer laptop containing personal information about nearly 100,000 alumni, graduate students and past applicants, highlighting a continued lack of security that has increased society's vulnerability to identity theft.
University officials waited until Monday to announce the March 11 crime, hoping that police would be able to catch the thief and reclaim the computer. When that didn't happen, the school publicized the theft to comply with a state law requiring consumers be notified whenever their Social Security numbers or other sensitive information have been breached.
The law is meant to alert people that their personal information could be used by scam artists to obtain loans or conduct other business under an assumed identity.
UC Berkeley plans to advise the 98,369 people affected by the laptop theft to check their credit reports, although there has been no indication any of he personal information has been used illegally, university spokeswoman Maria Felde said.
"The campus really regrets this happened and is taking steps to strengthen security in the future," Felde said. The university has set up a hotline, 1-800-372-5110, and a Web site,
to answer questions about the laptop theft.
The UC Berkeley incident follows several other high profile instances in which businesses and schools have lost control of personal information that they kept in computer databases.
Recent breaches have occurred at: ChoicePoint Inc., a consumer data firm duped into distributing personal information about 145,000 people; Lexis-Nexis, a data storehouse where computer hackers obtained access to the personal information of 32,000 people; and Chico State University, where a computer hacking job exposed 59,000 people to potential identity theft.
Universities have accounted for 28 percent of the 50 security breaches of personal information recorded by California since 2003, said Joanne McNabb, the chief of the state's Office of Privacy Protection. That's more than any other group, including financial institutions, which have accounted for 26 percent of the breaches affecting Californians.
This is the second time in six months that UC Berkeley has been involved in a theft of personal information. Last September, a computer hacker gained access to UC Berkeley research being done for the state Department of Social Services. The files contained personal information of about 600,000 people. That security breach hasn't been linked to any cases of identity theft, Felde said.
The risks of identity theft have risen in recent years as technological advances make it easier for businesses, schools and other organizations to create vast databases containing Social Security numbers, credit card account numbers and other personal information.
All that valuable data has turned the computer storehouses into inviting targets for thieves who frequently don't have to work too hard to pull off their crimes.
Computer hackers create some of the mischief by circumventing high-tech firewalls, but 58 percent of the breaches recorded by California officials have occurred after a computer or other device containing personal information is lost or stolen, McNabb said.
The security risks of these incidents could be minimized if the caretakers of the personal information encrypted the sensitive information — a process that makes it virtually impossible to read the data without a special code.
The laptop stolen from UC Berkeley was supposed to be encrypted this month, Felde said. The computer, which required a password to operate, was left unattended for a few minutes in a restricted area of a campus office before someone walked in and stole it, Felde said. A campus employee witnessed the theft and reported it to university police.
Authorities suspect the thief was more interested in swiping a computer than people's identities. Felde said there been no evidence so far to indicate the stolen information has been used for identify theft.
The stolen laptop contained the Social Security numbers of UC Berkeley students who received their doctorates from 1976 through 1999, graduate students enrolled at the university between fall 1989 and fall 2003 and graduate school applicants between fall 2001 and spring 2004. Some graduate students in other years also were affected.
The stolen computer files also included the birth dates and addresses of about one-third of the affected people.
newscenter.berkeley.edu/security/grad/
TCO: Perhaps 7 yrs is a bit long. Then again, maybe not. TC is very nearly a paradim shift when veiwed in the light of current IT implementation. (Centalized authentication and authorization.) In '99 (and 2000) Wave had a solution looking for a problem. Unfortunately the "tech frenzy" led to the now infamous (in chairman Greenspans words) "irrational exuberance" and Wave Systems, myself, and I am sure many others on this board where caught up in the unfortunate serious of events from the burst of the "tech bubble".
I bailed on Wave 1/2 in the 30's and the remainder mostly in the teens. I was away for a few years... the cry from the market (to my ears from the potential market for TC) began with an increasing volume a little less then a year ago. I've now re-established a position stronger than before (as measured by shares held.) Wave offers a robust solution... I do have potential issues with management although I believe that past indiscretions may have provided the team with a clarified understanding of their roles and responsibilities. If you have been invested with WAVX consistantly for seven years it would be foolish for you to leave now.
All of this is my most humble and ill informed opinion.
-R
ullr: Please accept my apology.
-R
I’m extremely pleased with the investment in Dutton coverage. After reading ronle’s (?) posted link to the basher’s handbook (thanks!) I think it makes perfect sense (if a company is confident in there business) to make an investment to counter “bashers”. The coverage can serve as conduit for good information to the broader retail (and wholesale) investment community. Not every investor reads this (or any “public”) investment board (I would like to draw a distinction between trader and investor on this point). If numbers come in over the next couple of quarters many potential wave investors will be looking for info and many of those same investors are wont to distrust internet investment boards.
It is entirely up to the company IMVHO. I believe Q1 will be an important glimpse into what actually happened the last quarter. For me and my money Q2 MUST demonstrate traction on solid ground. External events (the market) seem to me to be crying out for Wave’s solutions. Certainly the investment is very risky. But the potential reward…
I often have hope that good people can hold tight (or just not read the board) for another 4 months. Although I value this board highly, at this point I don’t think it will matter much in the end. It is up to Wave to deliver.
Sola fide,
-R
Barons- Local Paper?
Where are you? Yemen?
-R
Ramsey2: Thanks.
I've wondered... I figured that it was something that traders (vice investors) used to make their money. (Not something I've worried about -just wondered about.)
Can anybody explain the odd 5,000 +/- share trades occurring the last twenty minutes? The are all "green" from .929 to .93. I happened to catch one on my live chart (one minute) and it looked like a trade at .929 with a cap of .93. Who can trade .001? Just curious and interested.
-R
ronle: Thanks...
First time I've seen that. I believe we may have some of the authors as contributors to our board.
-R
The link you posted showed a buy (100k) at $1.59 in November of 2003.
Maybe a new Dell page: SKU A0436206 Spec sheet.
http://www.dell.com/downloads/global/solutions/Wave_Systems_TPM_SW.pdf
I found this when I googled a cross search for Credant and Wave. I recieved an invitation to an HP webinar on wireless and mobile security. It mentioned Credent and I was (am still) determining if they are a competitor or a complimentor. https://h30046.www3.hp.com/campaigns/2005/events/wm_webinars/
I'll continue my research this weekend... but my daughter has a non-competative band competition (Orwellian double-speak?) today so I'm booked for most of the rest of the day.
Ciao,
-R
Wave to Host Q4 Webcast/Conference Call Tuesday, March 15th at 4:30 P.M. EST
March 09, 2005 08:00:00 AM ET
Wave Systems Corp. WAVX announced today that on Tuesday, March 15, 2005 at 4:30 P.M. EST it will host a webcast/conference call reviewing recent corporate and industry progress as well as Wave's results for the fourth quarter ended December 31, 2004. Wave's results will be issued after the market's close.
WEBCAST/REPLAY: available at http://www.wave.com and archived for 30 days.
TELEPHONE: via 212-271-4563 or 415-537-1870. Please call five minutes in advance.
About Wave Systems
Consumers and businesses are demanding a computing environment that is more trusted, private, safe and secure. Wave is the leader in delivering trusted computing applications and services with advanced products, infrastructure and solutions across multiple trusted platforms from a variety of vendors. Wave holds a portfolio of significant fundamental patents in security and e-commerce applications and employs some of the world's leading security systems architects and engineers. For more information about Wave, visit http://www.wave.com.
Contact Information: Wave Systems Corp.
Gerard T. Feeney, 413-243-1600 info@wavesys.com
or Jaffoni & Collins
David Collins/Richard Land, 212-835-8500 wavx@jcir.com
© 2005 BusinessWire
A nervous short? At this point we just need to be (not too) patient. Lately the news from the IT world has led to some rather fanciful dreams on my part of what the YE 2004 may portend. Q1 '05 numbers (for me and only for me) will be a maker/breaker. The demand for secure computing (even if only in government) is such that we will either see vindication or rejection of Wave's products in the Q1 numbers (IMHO- and this won't be huge numbers unto themselves -I will look for them to show the interest and intent of customers). The time is right, the market is ripe and the product is ready. NOW... for the BIG revenues, royalties, fees, and such it may take some time (it won't be '08). However: if Wave produces, the analysts notice and the market responds we may be able to meet in Las Vegas in the not too distant future.
All of this is in my poorly informed and most humble opinion!
-R
Iam: did you write "This Moment"? Very moving.
-R
When I was looking to re-establish my position in Wave I wondered if Yaya would still be at RB. Well, RB went but Yaya remained! May God bless his soul and watch over his family. I grieve that he missed the opportunity to toast the sweet success of a common adventure we share.
Sola fide,
-Richard