Computers

On January 7 2006 Google announced a video store service on top of Google Video. You were able to purchase videos such as NBA games, Charlie Rose interviews, or shows like CSI: Crime Scene Investigation (in the US at least). You were also able to set a purchase price for videos you uploaded yourself. Today, Google started sending out mails like the following, announcing the end of this program:

<<As a valued Google user, we’re contacting you with some important information about the videos you’ve purchased or rented from Google Video. In an effort to improve all Google services, we will no longer offer the ability to buy or rent videos for download from Google Video, ending the DTO/DTR (download-to-own/rent) program. This change will be effective August 15, 2007.

To fully account for the video purchases you made before July 18, 2007, we are providing you with a Google Checkout bonus for $2.00. Your bonus expires in 60 days, and you can use it at the stores listed here: http://www.google.com/checkout/signupwelcome.html. The minimum purchase amount must be equal to or greater than your bonus amount, before shipping and tax.

After August 15, 2007, you will no longer be able to view your purchased or rented videos.>>

As this case shows, “download-to-own” is a lie when it comes to DRM content. Digital Rights Management is an euphemism for copy-protection services that (mostly) treat consumers like criminals, and deprive them of their fair use of acquired content; in this case, Google indicates you won’t own the movies you purchased after all. When a DRM-based services ceases to exist, so may your purchases.

Jennifer Feikin in May this year was reported to have resigned from her job as Google Video chief. Google by now is using YouTube for much of the officially released Google content, like videos posted in their blogs. An internal Google goal from 2006 ordered to count the “total number of Google products and reduce by 20%”. I wonder if the technically superior but less community-oriented YouTube alternative by YouTube-owner Google ended up on the 20% list – or at least parts of it?

[Thanks Shivan, Jon Henshaw and Pacificdave!]

[By Philipp Lenssen | Original post | Comments]

Tadeusz Szewczyk is a freelance search engine optimizer, blogger at the SEO 2.0 blog and journalist. Born in Poland, he’s living in Germany for two decades now.

In the SEO industry agencies, experts and even bloggers have adopted a special mode of speech not to say slang that might be misunderstood by outsiders like clients, website visitors or the general public. To help you understand what search engine optimization experts really mean I devised this real glossary of SEO speak:

If you have SEO terms that you do not understand feel free to ask me in the comments!

[By Tadeusz Szewczyk | Original post | Comments]

(InfoWorld) - The data that we send over wires travels between two-thirds and three-quarters the speed of light, depending on the medium. Within the LAN, transfers from point A to point B appear to be immediate, with less than a millisecond delay.

However, if we stretch the length of those wires to thousands of miles, even at those speeds, we'll begin to see delays, a hundred milliseconds perhaps. The routers, gateways, and other gears found along the route may add a few more milliseconds.

Why is that a problem? Because when we combine that infinitesimal hiccup with a talkative protocol such as TCP/IP, which demands an acknowledgment for nearly each fragment of data sent, those milliseconds are compounded with each exchange, fast adding up to a serious annoyance.

As a consequence, the copying of a file, which takes only seconds between neighboring PCs, ends up taking minutes if not hours to crawl across a continent. As more and more companies tend to work and exchange files long-distance, it's not a surprise that companies such as Brocade and Cisco are proposing WAFS (wide area file system) solutions.

WAFS doesn't make those electrons move faster, but it minimizes the delays by using a shrewd combination of more efficient transport protocols and intelligent data mirroring.

For customers with deep pockets and needs that go beyond simple file transfers, a WAFS solution may be the ticket, but it could be too expensive if you only want to move files faster than TCP/IP and allow FTP over long distances.

RocketStream's eponymous application suite could fill that gap. The suite is founded on RocketStream's proprietary PDP (Parallel Delivery Protocol), which harvests the best characteristics of TCP and UDP (User Datagram Protocol) and adds features such as on-the-fly data encryption and compression.

RocketStream claims its suite provides better than 100 times the performance of FTP. I haven't had the chance to observe how the application works over a link with heavy latency, but the results of some local tests I ran are quite promising.

In fact, even on my LAN where the latency delay is very low, RocketStream moved files between two Windows XP machines much faster than Windows Explorer -- nearly twice the speed. Obviously, PDP had an impact, but to dig a little deeper and pinpoint the differences between the two file transfer methods, I used a protocol analyzer. The results were quite surprising.

File transfers performed by Windows Explorer generated nearly all TCP transactions. By contrast, only 35 percent of the packets RocketStream created to move the same file were TCP, while the majority (65 percent) was UDP. That difference translates into fewer conversations between end points, greatly reducing one of the annoyances of TCP/IP, while maintaining the same reliability, RocketStream assures.

The amount of data sent over the wire is another interesting difference uncovered by the protocol analyzer. In fact, the compression algorithms of RocketStream shrank a 160MB file to little more than 84 million bytes, which obviously means less burden on the connection. Another nice touch: To prevent sucking your pipe dry, you can limit the amount of bandwidth used by RocketStream.

Although quite usable as is, the application is still evolving, and in a future release, RocketStream plans to add support for Mac and Linux to its user-friendly Windows GUI.

RocketStream estimates that its suite will cost between $20 and $10,000 per year, depending on the bandwidth and the complexity of the installation, which could be bad news for the more expensive WAFS solutions on the market -- that is, if you need it for file transfers only.

Join me on The Storage Network with questions or comments.

(InfoWorld) - Talk to anyone who attends Black Hat USA conferences and you'll hear about how boring the talks are, how nobody learned anything new, how the hacks were known last year — not to mention the ridiculous posers. Ask those same attendees if they plan to attend next year, and they say "yeah" as fast as a poker player pushing all in with pocket aces.

I learned that pushing all in with pocket 5s in Las Vegas apparently isn't nearly as smart, but that's another topic.

While many of this year's Black Hat sessions were ultraboring — I walked out of more talks than I stayed in — I learned all sorts of interesting factoids. And although there wasn't, as in the past, any raw meat flying into the audience, some of the speakers were superknowledgeable and entertaining. Here are the ones that seemed to impress the audiences in the sessions I attended:

Hacking Macs is easy
And my Microsoft, Windows-loving self didn't say this. It was self-proclaimed Mac enthusiast and security researcher, Charles Miller, Ph.D., principal security analyst with Independent Security Evaluators. He talked about how easy it was to hack Leopard and iPhones, which share a common root OS.

Essentially, Dr. Miller said that Apple was falling down on the job and making its OS way too easy to hack. He said he found more than 50 OS X programs that run in the SUID (Set User ID) context, most of which had been made non-SUID by most Unix and Linux distros years ago. He said that OS X doesn't randomize memory, the stack, heap, or kernel instruction pointers, which are simple antibuffer overflow mechanisms deployed in Windows, Linux, BSD, and many other OSes.

He continued by listing dozens of old programs and libraries patched in other OSes that Apple is still installing by default, or just getting around to patching. Dr. Miller showed the crowd two recent JavaScript exploits (one on OS X and the other for the iPhone) and shared all the great reasons why the Mac OS X is an easy platform to exploit. He also shared his techniques for hacking iPhones and discussed several other tools that made finding Apple exploits easier. He was absolutely giddy about some of the new changes Apple is making that will simplify the life of a hacker, er, researcher in the coming months.

Ultimately, Dr. Miller lamented Apple's growing market share as matched against its current state of security design. A member of audience put it this way: "Apple is like this little ole, family-town sheriff who's moved to inner-city D.C. and is attempting to spread the love. It won't be pretty."

Hacking RFID
For my money, Chris Paget, director of R&D for IOActive, provided great entertainment from his RFID hacking demos and gun-shooting videos. Paget and his company developed a low-cost, handheld device for cloning RFID cards. Paget held up several RFID cards, waved them close to his cloning device, and in seconds created a usable copy of the original RFID card. He even placed one of the RFID cards into a protective sleeve that is advertised to keep the RFID card safe from cloning. Within 3 seconds, his device successfully read the information stored on the RFID card. In conclusion, Paget said, "If you use 125KHz proximity cards, your doors are highly insecure!"

At the back of the audience, another vendor, Identity Stronghold, was handing out free "secure sleeves" to help protect security cards from malicious cloning. I asked if the card sleeve would prevent the cloning that Paget was demoing. "No," was the reply, "not 125KHz cards." Maybe it's time to investigate your company's RFID frequencies.

Phil Zimmerman showed off his new Zfone VoIP security software. It adds solid encryption protection to any software-based VoIP security software simply by installing the free software and pointing your VoIP software to a new host port. It doesn't use persistent keys or PKI. Mr. Zimmerman spent lots of time answering the audience's questions about the Zfone and encryption software in general. But he had me at "Today, what I really care about is making sure democracy continues to thrive." You have to admire a guy with a 30-year burning desire for the betterment of the commons.

Bruce Schneier gave a great second-day keynote on the psychology of security. If you've been following any of Bruce's writings over the last year, you're already intimately familiar with the topic. I think I've read more than half a dozen of his essays on the subject, but he still managed to bring fresh information to the table and was a good speaker. I believe everyone, involved with security or not, should read Bruce's provocative information.

Brandon Baker of Microsoft spoke on Windows Server 2008's new virtualization model used in the Windows Virtualization Server (WSV) server role. Although I'm unsure if the new security changes apply to just WSV or virtualization in general, here's the gist of the newer security implementation: In older-style VMs, Guest OSes ran their kernel in the processor's Ring 1 (instead of Ring 0) and their applications in Ring 3. This necessitated that VM software fake the Guest OSes' kernel into thinking it was running in Ring 0, as it expected. This requires virtualization tricks and special VM drivers.

The newer VM security model uses Intel and AMD hypervisor processor extensions to separate memory, CPU, and other resources into one or more partitions. The software portion of the hypervisor and the VM software run in the root partition. All Guest OSes run in separate partitions with separate resources, but with access to Ring 0 and above. This means no special VM drivers are needed. However, Guest OSes are prevented from directly accessing hardware by the extensions built into the CPUs.

Baker went on to summarize the threat-modeling scenarios and assumptions used to secure the next-generation virtualization software. He even covered threats they didn't address (for example, utilization DoS attacks, covert channels, and so on) inside of each partition and where the biggest risks were. This was nothing new for those who follow virtualization, but it offered a nice, short presentation of the implemented changes.

Former chief counterterrorism advisor Richard Clarke gave the first day's keynote. I've seen him speak twice this year, and both times he thoroughly entertained the audience. I was upset that he took both opportunities to shamelessly hawk his latest book — the guy's being paid to speak about security issues near and dear to our hearts, not to plug his writing. I have to say that my opinion of him has dropped considerably. I'm shocked. (In an unrelated story, my seventh book on computer security, "Windows Vista Security: Securing Vista Against Malicious Attacks," written with Dr. Jesper Johansson, is finally out and sold well at Black Hat. I'm shocked, I tell you.)

To wrap up the mystery of the increased Gmail storage many of you saw today: Google just released a shared storage program. This new offer merges the storage of different Google products into a single storage back-end. At this time, the Picasa Web Albums photo application as well as Gmail are part of the mix. But we can expect more services to be added to this program in the future. Google Documents (containing word processing documents, spreadsheets, and likely presentations soon, too) is a likely contender. Separate premium accounts, like the one Picasa offered before, are being removed in the meantime.

Now, if you need more storage for any particular application which is part of the shared storage program, you can buy some. “With a Google shared storage plan, you won’t have to worry about deleting files, pictures, or emails. After purchasing a storage plan, some of your individual Google services (e.g. email and photos) will share a single new storage space,” Google’s page reads.

The offers range from 6 gigabyte for $1 $20/ year up to 250 gigabyte for $500/ year, as the table below shows (your payment will be processed with Google Checkout; note you will not receive the upgrade instantly, and Google says it may take “up to 24 hours" for your new storage amount “to appear in all services”). This storage will be extra to the free storage you already got through different Google services. Especially for those of you for whom Gmail’s “you’ll never need to delete another message” claim was false as the inbox was overflowing, the additional 6 or 25 gigabytes may be worth it.

Digg this?

[Thanks everyone! Image by Haochi.]

Update: Google just released a blog post on this. They say the purchasing feature will be rolled out “in a few hours” and that they will update their post as soon as they’re “ready to take your order.”

[By Philipp Lenssen | Original post | Comments]