Microsoft Appeals EU Fine

Microsoft Corp. has filed an appeal against the latest antitrust fine imposed on it by the European Commission, a Microsoft spokesman said on Tuesday.

The Commission, Europe's top competition authority, fined the software maker $356 million in July failing to comply with its 2004 antitrust ruling.

"Microsoft filed the appeal yesterday, as it said it would back in July," said Tom Brookes, Microsoft's spokesman in Brussels.

The Court of First Instance in Luxembourg is already considering Microsoft's appeal of the 2004 ruling, which ordered it to sell a version of Windows in Europe without its media player software, release some of its server protocols to competitors, and pay a fine of almost ?500 million.

The court is likely to rule on the first appeal towards the end of this year or in the first half of next year. A conclusion to the latest legal challenge is likely to be years away.

Microsoft 'Foot-Dragging' Over
Microsoft has claimed from the beginning that it is committed to honoring the Commission's 2004 antitrust ruling. It paid the fine promptly and has offered a second version of Windows XP without Windows Media Player, although sales of that version have been almost nonexistent.

The Commission has been more concerned about what it sees as Microsoft's failure to submit the required protocol information. In July its patience ran out. Announcing the ?280.5 million fine, the European Commissioner in charge of competition, Neelie Kroes, said the documentation the company had submitted "fell significantly short of what was required".

Microsoft submitted new information to the Commission shortly after that, which the Commission is still studying.

Kroes has said she is confident that Microsoft's "foot-dragging" is over. "They are making constructive efforts now," she said, adding: "It's a shame they didn't do so two years ago."

To deter any further deliberate delays in complying with the 2004 ruling, the Commission has increased the future fines for failing to comply. The 280.5-million-euro fine was calculated using a daily fine of 1.5 millioneuros from December 16 last year to June 20, the day on which Microsoft made a more concerted effort to comply, according to the Commission.

Meanwhile, European antitrust officials have been busy studying Windows Vista, the next version of Microsoft's operating system due to go on sale later this year and early next.

They are concerned that some new features in Vista may break the same antitrust laws that formed the backbone of the 2004 ruling. Microsoft has warned that Vista's launch could be delayed in Europe due to problems with European regulators.

First Look: A Whole New Google Groups (Finally!)

Quick, what's Google's oldest service? In a very real sense, it's not the Google search engine--it's Google Groups, which began life back in 1995 as an independent service called Deja News, which provided a Web-based gateway to the array of conversations that went on in Usenet newsgroups.

More than a decade later, and five years after Google bought Deja's Usenet archive and built Google Groups around it, that's still mostly what this service is about--and with postings going back to 1981, it's a remarkable research archive that documents a quarter-century of online discussion. But with much Net chatter having moved to Web-based venues, newsgroups aren't what they used to be. And for the first time since 2004, Google is rolling out a significant update to Groups, one that's less about Usenet and more about creating shared content that lives on the Web. (Note: I'm writing this before the new version is live--Google gave me a sneak peek--but that link should take you to it.)

The 2004 upgrade to Groups added the ability to create very, very simple special-interest discussions that group members could participate in on the Web or via e-mail. It was kind of like Yahoo's venerable Yahoo Groups feature--except that Yahoo provides quite a few features (including customization, photo uploading, polls, and more) and Google's version was remarkably barebones.

This new version of Google Groups, however, offers something that Yahoo Groups doesn't: the abiity for group members to create Web pages collaboratively. This feature is a stripped-down variant of Google's Page Creator site designer--itself a pretty stripped-down offering. You can add text, photos, and hyperlinks and do some very basic formatting. Here's a page in progress:
Like I said, the tools are basic. For some reason, you don't get Google Page Creator's templates, and the pages all live within your Google Group, in a section called Pages; you aren't really creating a full-blown Web site. And the text-input feature was a little quirky in my experiments, especially in Firefox.

But as with other Google services such as Google Spreadsheets, Groups what's interesting about Groups' new version isn't its traditional tools so much as its collaborative features. The members of a group can edit pages as, well, a group--the group's creator decides who can see and edit each page, and every version of each page gets saved, so you can skip back to earlier iterations if need be.

And what's interesting about this collaborative functionality is not so much its existing form as the obvious question it raises: What if Google started incorporating all of its Web-based productivity tools into Groups as workgroup features? A Groups that lets teams work with Google Spreadsheets, Writely documents, Google Calendar schedules, Google Base data, and other types of information could be really useful, and distinctly different from Yahoo Groups' offerings.

You gotta think that Google is thinking in this general direction; I asked a company representative what its plans are, and while she said that it doesn't have any announcments about future functionality, integration between Groups and other Google services sounded like a good idea. We'll see.

For now, Yahoo Groups still does multiple worthwhile things that Google Groups doesn't, such as let you create photo albums, polls, and basic databases. (Google Groups did add customizable color themes that are similar to Yahoo's.) Other than page creation, the biggest points in Google Groups' favor are its storage allowance (100MB--that may seem skimpy in an era of multi-gigabyte Gmail accounts, but it's 5X Yahoo Groups' 20MB) and the fact that it doesn't carry any advertising (on Yahoo Groups, ads abound).

Groups may still be pretty darn basic, but Google is on to something here. Let's just hope that the service evolves more quickly than it has in its first half-decade as a Google offering...

(Side note: I've mentioned before that Google Groups may have held some sort of record for staying in beta--a half-decade after Google acquired Deja, Groups was still labeled a beta. At some point in recent months, it lost that disclaimer...but with this new update, it's once again a beta.)

Dunn and Four Others Named in Criminal Complaint in HP Spy Scandal

Ousted Hewlett-Packard chairman Patricia Dunn and four others were named today in a criminal complaint filed by the state of California. The felony charges in the complaint are keyed to the spying scandal that has hit the technology company, according to the New York Times.

Also named in the complaint filed in Santa Clara County Superior Court were Kevin T. Hunsaker, a former senior lawyer at HP; Ronald R. DeLia, managing director of Security Oursourcing Solutions, an outside security contractor for HP; Matthew DePante, manager of Action Research Group, a Melbourne, Florida, information broker; and Bryan C. Wagner, a Colorado-based employee of ARG, according to a news release from the office of California Attorney General Bill Lockyer.

"One of our state's most venerable corporate institutions lost its way as its board sought to find out who leaked confidential information to the press," said Lockyer in a statement. "In this misguided effort, people inside and outside of HP violated privacy rights and broke state law."

Lockyer's office has been investigating the spying allegations because HP is based in Palo Alto, California. The U.S. Attorney's Office in San Francisco and the Federal Bureau of Investigation have been conducting separate investigations of HP.

All five defendants were charged with fraudulent wire communications, wrongful use of computer data, identity theft, and conspiracy to commit each of those crimes, according to the attorney general's office. All of the charges are felonies.

Background
The scandal has attracted the attention of the U.S. Congress. On Sept. 28, Dunn told the Oversight and Investigations Subcommittee of the House Energy and Commerce Committee that she believed employees and lawyers who said that the HP's leak investigation complied with the company's standards of conduct.

The subcommittee was holding hearings into the use of pretexting. The committee passed a federal ban on pretexting but the Congress adjourned before the full House or the Senate voted on the legislation.

When questioned about the techniques used to track down the leaks arose in the latter part of the investigation, Dunn said, she passed concerns to company Chief Executive Officer Mark Hurd. Before then, the company's lawyers had assured her the techniques were being done "legally and properly," she said.

"At no time in the investigation did I authorize its methods," Dunn said. "I asked this to be done in the HP standard way."

On his part, Hurd told the subcommittee that he was not aware of the details of the techniques being used. He said he did not read a report from the investigating team that detailed the use of pretexting.

HP said today it was continuing to cooperate with state and federal investigators.

Vista Will Get Antipiracy Functions

Microsoft will introduce a new system for fighting software piracy with its upcoming Windows Vista and Windows Longhorn Server operating systems, company representatives said Wednesday.

Called the Microsoft Software Protection Platform, it's a collection of technologies that aims to do better at detecting pirated versions of Windows, and will also force unauthorized versions of its software into a limited-functionality mode, encouraging users to obtain a legal copy.

Messages for the Unlicensed
People using unlicensed copies of Vista will be blocked from accessing certain features, including a new interface design called Windows Aero, and software for fighting pop-up advertisements called Windows Defender, Microsoft said. The company has already used a reduced functionality mode with Windows XP.

Users with an unlicensed versions of Windows will also see a persistent reminder message in the corner of their screen, reading "This copy of Windows is not genuine."

The new software is bound to come under scrutiny. Microsoft's previous attempt to reduce unauthorized use of its software, Windows Genuine Advantage, was partially rolled back after it was criticized as "spyware" for stealthily installing itself on users' PCs and reporting information back to Microsoft.

Microsoft said the new technologies are necessary to fight software piracy, and said end users can also benefit because they are less likely to be exposed to faulty or compromised software.

End users installing pirated Vista copies, or who don't register their software using a product key within 30 days, will have their OS functionality reduced. The product key is an ID number assigned to customers for each purchase of Windows. The company said it will also be able to track more easily when products are activated with product keys that have been stolen from a business.

Security Updates Allowed
Regardless of the authenticity of their Vista copy, all users will have access to Microsoft security updates, the company said.

For businesses that use volume license keys for Vista and Longhorn Server, Microsoft will introduce new, policy-based tools for activating those systems. The new tools, called Microsoft Volume Activation 2.0, won't be linked to Microsoft's software billing systems, the company said.

Windows Vista and Windows Server Longhorn--the code name for the next version of Microsofta??s server software--will be the first products to ship with the antipiracy technologies, but they'll eventually be used in more of its products.

Around 35 percent of all software installed worldwide in 2005 was pirated or unlicensed, Microsoft said, citing a figure from the Business Software Alliance, an industry group.

Prototype Fuel Cell Debuts

CHIBA, JAPAN -- NTT DoCoMo is showing at this week's Ceatec show here a prototype fuel cell that it's developing with a Japanese start-up for use as a cell-phone recharger.

The polymer electrolyte fuel cell (PEFC) uses hydrogen gas as a fuel to produce electricity and is a compact 1 inch square and 2.8 inches long, and weighs 1.5 ounces.

The fuel cell is under development by Aquafairy, a startup spun out of Japanese firm Nitto Denko to work on the technology. NTT DoCoMo recently acquired a 36.5 percent stake in the company for an undisclosed sum.

The fuel cell can deliver enough power to recharge a cell phone three times before requiring a hydrogen refill. It is among a growing field of alternative battery sources being developed, in search of longer battery life.

Different Approach
While it's still some way from being a commercial product, the fuel cell is completely different to what NTT DoCoMo showed at Ceatec 2005. A year ago the company was displaying a direct methanol fuel cell (DMFC) that was developed by Fujitsu Laboratories and built into a cradle, into which a cell phone could be placed for recharging.

DMFCs are based on a different chemistry from the PEFC on show this year. They typically work by mixing methanol with air and water to produce electrical power.

For companies like NTT DoCoMo a future goal remains a fuel cell small enough and safe enough to be built directly into a cell phone. But the technology isn't at that stage yet so the first commercial fuel cell devices will likely be recharges that replenish the Lithium Ion battery inside of the phone but offer the advantage of being able to do so anywhere--not just within a couple of yards of a wall socket.

McAfee Warns Against Vista Security Features

NEW YORK -- McAfee top executives went on the offensive Monday against Microsoft, saying Vista will be even less secure for customers than previous versions of Windows.

The day after McAfee took out a full-page advertisement in the Financial Times to publicly air its grievances over the security of Vista, McAfee Chair and CEO George Samenuk, Vice President and Chief Scientist George Heron, and Chief Security Architect John Viega delivered the same message in person here.

"We are disturbed by the fact that with Vista, end customers will be less secure," Samenuk said. "Customers trust us ... To erode that trust would hurt all Internet users, all PC users. I don't think Microsoft wants that, nor does McAfee want that."

Limits System Access
Two security elements in Vista fare chief among McAfee's concerns, executives said.

In Vista, Microsoft is locking down the kernel of the OS through a feature called PatchGuard on 64-bit versions. Microsoft's argument is that this will keep miscreants out of the OS and prevent the incidence of attacks, and it is something for which customers have been asking.

"Fooling around with the kernel while it's running is like changing the sparkplugs on your car when the engine is running," said Stephen Toulouse, a senior product manager at Microsoft. "It's never been a good thing for users."

But the McAfee officials say that since PatchGuard also prevents third-party security companies from getting inside the OS, Vista prevents them from activating crucial security measures in their own software to protect the OS from intruders.

PatchGuard is not new in Vista, said Bruce McCorkendale, a distinguished engineer with McAfee competitor Symantec, which shares McAfee's consternation over the feature. He said Symantec has been petitioning for Microsoft to change the feature since the company introduced it in its 64-bit version of Windows XP, but the company will not budge.

"If you ask any security vendor that offers advanced protection, you'd get the same answer [about PatchGuard]," McCorkendale said. "It's just inhibiting the way security vendors do their jobs."

However, according to Jupiter Research, only 5 percent of companies with 100 employees or more are running Windows XP in its 64-bit version, and that adoption is not supposed to ramp up significantly anytime soon, said analyst Joe Wilcox.

"If this new [feature] affects 64-bit only and nobody is using 64-bit, what's the problem?" he said.

Squash Third Party Products?
The other big concern with Vista for McAfee lies in a new security interface called Windows Security Center. Microsoft will not allow this interface to be turned off, so McAfee and other developers can't install their own security-management consoles on Vista machines, executives said.

McAfee's argument is that third-party security products can better detect potential or existing security problems that Vista inherently can, and unless those can be surfaced through the interface, users will not be alerted to them, Viega said.

Some believe security vendors are crying foul over Vista because Microsoft's ability to control security features of the OS is a threat to their livelihood. Companies such as McAfee and Symantec have all but built their businesses on the fact that Windows is inherently insecure, and add-on security software is needed to protect it from intrusion.

"Historically, when Microsoft has gotten into a market, the number of competitors goes down," Wilcox said.

However, he said there is a legitimate concern, supported by precedence, that not only will vendors be pushed out of the market, but there will be less innovation in Windows security products and more problems will arise.

Wilcox cited Internet Explorer as an example of an area in which Microsoft beat competitors, but then did not innovate on the product until it faced competition once again.

"Microsoft won the browser war and for years abandoned the territory," Wilcox said.

If Microsoft successfully reduces the number of competitors by building security into Windows, it might also become lackadaisical about security improvements, thus opening the OS up to more attacks.

Faster HomePlug Power-Line Networking Gear--Finally

BURLINGAME, California -- Power-line networks--networks that use the existing electrical wiring in your residence or small office--may yet prove the dark horse of home networking technologies.

That's the message emerging from the HomePlug Powerline Alliance's annual technology conference here, which wrapped up today. Taking center stage this year were the first products based on the group's HomePlug AV standard, which was ratified more than a year ago. Promising theoretical throughput of up to 200 megabits per second (and real-world speeds approaching 100 mbps), HomePlug AV will be competing with other technologies as the best way to stream multimedia--specifically, high-definition video--throughout the home.

Competing With Wireless
Power-line networking supporters are hoping to gain traction as people begin to acknowledge wireless networking's limitations for high-bandwidth applications that require quality-of-service features--meaning the ability to prioritize packets so that streamed video or audio plays smoothly. The problems with products based on the first draft of the high-speed 802.11n Wi-Fi standard may also play to power-line networking's advantage.

Due in stores by year's end, the first HomePlug AV products will be simple ethernet adapters, small bricks that plug into an ethernet port on one end and a standard electrical outlet on the other. Setting up a network requires at least two such adapters: one to plug into an Internet-connected router, and another to plug into the ethernet port of whatever device you wish to put on the network.

First AV Products
Zyxel, one of the exhibitors at the HomePlug conference, will be among the first companies to offer HomePlug AV adapters. Product manager Alex Wei says the Zyxel PLA-400 will have a suggested retail price of $99.

Zyxel is also working on a HomePlug AV adapter targeting telephone companies that are gearing up to compete with cable and satellite TV providers. The concept adapter at Zyxel's booth supported both ethernet and coaxial cable, with a small switch to toggle between the two. The idea is that you'd be able to stream incoming video from its point of entry (wherever your phone line comes in) to a HomePlug AV adapter connected to a TV's coaxial input port.

Wei says that in his own informal tests transferring files via FTP, he saw throughput of up to 90 mbps with the HomePlug ethernet adapter.

Competing Technologies
HomePlug AV is not the only power-line technology--in fact, it's the third of three competing technologies promising similar speed, all over existing electrical wires. Panasonic introduced its HD-PLC power-line adapters earlier this year, and Netgear has recently introduced Powerline HD adapters based on the Universal Powerline Association's Digital Home Standard technology from a Spanish company called DS2.

But while HomePlug AV may be late to the power-line party--it was announced in October 2002--neither of its competitors (both of which started out as candidates to become the next-generation HomePlug standard) appear to have as much backing. The HomePlug Powerline Alliance's membership roster includes such high-profile companies as EarthLink, Intel, Linksys (which had prototype products at the HomePlug conference and has promised commercial products by year's end), Motorola, Samsung, and Sony.

The HomePlug Powerline Alliance's conference documents included descriptions of coming HomePlug AV adapters from ActionTec, Delta Electronics, and GigaFast. But the biggest display of products was in the booth of Intellon, a principal contributor to the technology.

Optimized for Video
Presentations at the conference focused on applications that can best benefit from HomePlug AV, almost all of which involved some kind of multimedia streaming: distributing IPTV throughout the home, monitoring for security with video cameras, and networked set-top boxes such as TiVo or Sling Media's SlingBox. In fact, power-line networking is nothing new for some existing SlingBox owners: Sling Media's SlingLinks power-line adapters, accessories that connect SlingBoxes to network routers in homes that do not have ethernet cabling, are based on the original 14-mbps HomePlug 1.0 standard.

Intellon has claimed that HomePlug AV's technology is superior to its power-line competitors in part because it is better able to handle circuit noise resulting from the presence or introduction of other electrical devices on the same circuit as the networked devices.

A demonstration at the Intellon booth sought to prove the claim. It consisted of side-by-side notebooks displaying a couple of video streams, which Intellon said were being transmitted from another notebook over a HomePlug AV network on one system, and either a DS2 or Panasonic HD-PLC network on the other.

The video streams looked great on both displays--until a lamp was plugged into the same power strip. The HomePlug AV video played on uninterrupted, but artifacts appeared on the display showing video streamed over the competing technologies.

Symantec's Norton Confidential to Ship Next Week

Symantec's new Norton Confidential identity-protection software is set to ship on Monday.

The product is designed to make Web surfing more secure by thwarting phishing and pharming attacks and disabling "crimeware or malicious applications that are designed to steal your confidential information," says Bill Rosenkrantz, director of product management with Symantec.

Norton Confidential will warn users when they are visiting suspected phishing sites and will verify that legitimate Web sites are trustworthy by displaying a "Trust Mark" icon on the browser's toolbar. It also will detect keystroke loggers and prevent password information from being sent to unauthorized Web sites.

Built Into New Norton Security Suite
The product will be of particular interest to people who have already been the targets of identity theft, says Chris Swenson, director of software industry analysis with the NPD Group. "If an identity thief captures their personal information while they're shopping online, or enters their PC because they don't have a firewall, this limits that type of abuse," he says. "What it doesn't protect the customer from is the bank or the university whose server gets compromised."

A subset of Norton Confidential has been shipping in Symantec's Norton Internet Security 2007 product, and it will be built into the upcoming Norton 360 security suite.

Norton Confidential has a list price of $50 for a one-year subscription, but it is available for purchase from Symantec's Web site for $35 per year. A shrink-wrapped version of the product will ship in November.

How Do You Spend Time on Your PC at Work?

WASHINGTON, D.C. -- Employees at the U.S. Department of the Interior (DOI) spend significant time on sexually explicit and gambling Web sites and even more time shopping and playing online games while at work, according to a report released this week.

Employee time spent at Internet auction and gaming sites cost the agency an estimated 104,221 hours in lost productivity in a year, according to the report, released by the agency's Office of Inspector General. The estimated cost in lost productivity to the DOI is more than $2 million a year, the inspector general's report said.

In reviewing one week of computer-use logs at DOI, the inspector general found more than 4700 log entries to sexually explicit or gambling Web sites, which are prohibited in the DOI's Internet use policy. In addition, the inspector general found more than 1 million log entries from 7763 DOI employees who accessed online gaming and auction sites, the report said.

The continued access to porn and gambling sites is "due to a lack of consistency in department controls over Internet use," Earl Devaney, DOI inspector general, wrote in the report.

Dangerous Time Wasters
Surfing porn and gambling sites not only wastes time but also could expose the agency's computers to malware such as viruses or keystroke loggers, says Yuval Ben-Itzhak, chief technology officer of Web security firm Finjan. Porn and gambling sites "usually are the first ones to distribute malicious code," he says.

A DOI spokesperson didn't immediately return a phone call seeking comment on the report. The agency sent a memo to all employees last week, reinforcing its Internet use policy.

The DOI, the agency that focuses on protecting U.S. natural resources, does not expressly prohibit employees from going to online auction and gaming sites, the report said.

How Much Time?
One employee computer had spent close to 14 hours at two Internet gaming sites during the week, another had spent about 12 hours at one gaming site, and a third had spent nearly 10 hours at a gaming site, the report said.

Despite three recent cases in which child pornography was found on DOI employees' computers, the agency has no systemwide infrastructure for Internet monitoring and blocking, the report said. Four of the agency's six bureaus surveyed in the report are using monitoring and blocking software programs "to varying degrees and with some success," the report said.

In the Bureau of Reclamation, the value of the blocking and monitoring software is "questionable," the report said. The inspector general found 148 computers in the bureau that had accessed sexually explicit Web sites during the week.

In the DOI's Office of Surface Mining, Internet-use reports are apparently generated only when a supervisor requests one, "rendering the system useless for any real proactive measures," the inspector general said.

Little Risk
The DOI has taken only 177 disciplinary actions against employees for inappropriate Internet use since 1999, the report said. "The low number of disciplinary actions reportedly taken ... compared to the thousands of hits we found indicating user activity at inappropriate sites suggests that employees are not being held accountable," the report said.

The DOI should develop a unified approach to address inappropriate Internet use, including a more consistent use of disciplinary action, the inspector general recommended.

Best Buy to Launch Apple iTunes Competitor

NEW YORK -- Best Buy, in cooperation with RealNetworks and SanDisk, is the latest company to join the growing list of competitors challenging Apple Computer's iTunes music service.

Best Buy today unveiled an online music service called Best Buy Digital Music Store that allows customers to find, manage, and purchase music online. It is powered by RealNetworks' Rhapsody 4.0 music service and lets users purchase and permanently download songs and albums, as well as subscribe monthly to listen to an unlimited number of songs, the company says.

As part of the offering, Best Buy will carry and promote SanDisk Sansa e200R Rhapsody MP3 players, which have been optimized to work with the new music service. Both the players and the service will be available starting October 15, the company says.

Exclusive Content
Jennifer Schaidler, vice president of music for Best Buy, says the company is differentiating its service from Rhapsody by offering exclusive artist content and tailoring that to what Best Buy customers are purchasing.

"Look at it as Rhapsody 4.0 plus," she says. "You get all the stuff that's there [on Rhapsody], plus more exclusive content."

Selling CDs and MP3 players in its stores and online is already a successful part of Best Buy's business, so offering a music service was a logical next step for the company, Schaidler says. "Customers expect Best Buy to provide them with quality entertainment in an easy way," she says.

Per Song or Subscription
Songs on the Best Buy Digital Music Store will cost 99 cents, with monthly subscriptions that allow users to play an unlimited number of songs for $15 a month.

The news comes on the heels of the formal unveiling last week of the availability and pricing for Microsoft's forthcoming Zune Player and Zune Marketplace service. Microsoft will make the digital media players and service available in the United States on November 14.

Like Best Buy's new service, songs on the Zune Marketplace will cost about 99 cents each, though the charges will be according to a points system (namely, 79 points a song) that will allow users to purchase items on other Microsoft properties, such as Xbox Live. Zune Marketplace's unlimited monthly subscription also costs $15 a month. Songs on Apple's iTunes service cost 99 cents, but no monthly subscription is available.

Pricing for the SanDisk music player that works with the new Best Buy service is higher than that of comparable iPod or Zune devices, however. The Zune digital media player, which has 30GB of storage, will cost $250, the same as 30GB video iPods already available from Apple. SanDisk Sansa e200r MP3 players come in two models: a 2GB model for $140 and an 8GB model for $250. However, while the Zune player and the SanDisk Sansa players include an FM radio tuner in addition to the ability to play digital music, videos, and photos, the iPod has only the latter features.

To promote its new service, Best Buy will launch with an exclusive track from recording artist Diddy from his new CD, Press Play. The CD will be on sale October 17.

Windows, Office Security Flaw Fixes to Come in Next Patch Tuesday

With hackers exploiting unpatched vulnerabilities in its Windows and Office software, Microsoft plans to issue 11 security updates next Tuesday.

Some of the updates will be for critical flaws that attackers could exploit with no action on the part of users. Six of the patches will be for Windows and four will be for Office, Microsoft said today in a note on its Web site.

The eleventh update will be for a flaw in Microsoft's .Net framework that is considered less severe than the critical Windows and Office patches.

Microsoft Security Busy This Month
Hackers have been keeping Microsoft's Security Response Center busy this past month.

Microsoft generally issues its security patches on the second Tuesday of every month, but last week the company was forced to issue a rare, "out-of-cycle" security patch after criminals began exploiting a flaw in Internet Explorer's VML (Vector Markup Language) rendering engine.

And security experts have also warned of cyberattacks based on unpatched flaws in PowerPoint, Word 2000, and an ActiveX control (called WebViewFolderIcon) used by Windows' graphical user interface software.

The WebViewFolderIcon flaw will be patched Tuesday, Microsoft says. Attacks that take advantage of this flaw have been seen on the Internet, the SANS Internet Storm Center warned earlier this week.

Google Reportedly in Talks to Buy YouTube for $1.6 Billion

Google is in discussions to acquire YouTube for about $1.6 billion, although the deal is far from done and the talks could collapse, The Wall Street Journal reported today, citing an unnamed source familiar with the matter.

Google's reported interest in YouTube would reflect a sense of urgency on the part of the search engine giant to improve its position in the red-hot online video market.

Google entered this market in early 2005, at about the same time YouTube was founded. But so far the success has gone to the scrappy startup, not Google.

YouTube Tops in Video Sites
In September, YouTube nabbed almost 46 percent of all U.S. visits to video Web sites, while the video section of News Corp.'s MySpace.com came in second with 21.2 percent, according to Hitwise. Google Video came in third with 11 percent, followed by Microsoft's MSN Video with 6.8 percent, and Yahoo's Yahoo Video with 5.6 percent.

YouTube, in typical startup fashion, approached the market aggressively, opening up its service to anyone wanting to upload their videos, and quickly became a phenomenon. It embraced tagging and sharing features, creating the most popular online video community.

Meanwhile, Google took a much more conservative approach, at first only featuring videos obtained through formal agreements with professional production houses. Consequently, users had to pay to view many of the videos in the catalogue. Months later, it added an upload feature for regular users, but closely policed submissions. It wasn't until recently that the company opened wide the service's door and added tagging and sharing capabilities.

Video Popularity
AOL, Microsoft, and Yahoo are also playing catch-up to YouTube, whose model these large Internet companies are adopting.

AOL, Google, Microsoft, and Yahoo need a strong position in this market, due to the increasing popularity of online video. Collectively, traffic to the top ten video Web sites increased 164 percent between February and May of this year, according to Hitwise. As traffic to online video sites increases, so does the interest of advertisers, who in turn generate most of the revenue for Google, Yahoo, Microsoft, and AOL.

For many years, online video remained an unfulfilled promise, hobbled by high broadband prices, inferior image quality, and the reluctance of TV networks and film companies to put their shows and movies on the Web. However, in the past 18 months, video on the Web has gained momentum, helped by a critical mass of users with broadband access, improved quality, and a willingness by production companies to distribute their films and programs online.

Merger Results?
The deal clearly would strengthen Google's position in online video, but it might also saddle Google with potential copyright liability issues, said analyst Greg Sterling of Sterling Market Intelligence, in an interview.

Critics have blasted YouTube for being lax about ridding its catalogue of copyrighted videos uploaded without permission. Some predict entertainment companies will sue YouTube out of business.

Thus, Google needs to walk a fine line between copyright protection and preserving the appeal of YouTube's rich catalogue, Sterling said

However, gaining YouTube's audience gives Google an enormous opportunity to boost its fledgling efforts in video advertising, of which it has done very little, Sterling said.

Most of Google's revenue comes from text ads that run along with Web search results. Google is trying to diversify its business with other types of ads, such as banners and video.

However, its video ad efforts have been hurt by Google Video's relatively weak position in the market, Sterling said.

For YouTube, getting bought by Google would mean salvation from death by copyright litigation, wrote Josh Bernoff, a Forrester Research analyst, on his blog.

Google has the technical resources YouTube lacks to implement a system to automatically detect and remove copyrighted material, Bernoff wrote.

If dealing with lawsuits, Google--unlike YouTube--can negotiate with plaintiffs and reach amicable resolutions to ligitation, according to Bernoff. "By itself, I still think YouTube is toast. But with Google--maybe not," Bernoff wrote.

Google and YouTube declined to comment.

Microsoft Delivers Vista's Final Test Version

Microsoft today released what it believes will be the last test version of Windows Vista before the product goes to manufacturing.

The company made Vista Release Candidate 2 (RC2), or build No. 5744, available to participants in its Customer Preview Program, as well as to TechBeta, TechNet, Technology Adoption Program, and MSDN members.

The previous test release of Vista, RC1, received "excellent feedback" from the estimated 3 million people who tested it, according to Microsoft. The company is using that feedback to put the finishing touches on the overall quality and performance of the operating system, it said.

Microsoft said that it is still on target to release Vista to business customers next month and to consumers in January 2007, though the company continues to give itself an out to miss those dates by saying that the quality of the product is its highest priority. The release of Vista has already been delayed several times.

Vista on Time?
Still, leading financial analyst Rick Sherlund of Goldman Sachs Group said in a research note this week that he believes all indicators point to a timely release for Vista.

"We had been skeptical of the launch schedule after Beta 2 shipped with problems in May, but the team seems to be making great progress in addressing issues of performance, reliability and compatibility," he wrote in his note.

Sherlund also said in his report that he expects Microsoft will soon be releasing discount coupons for Vista to customers who purchase PCs that are capable of running Vista before the OS is available. Microsoft has confirmed it has plans to do this, but has officially remained mum on the time frame.

In his report Sherlund wrote that Goldman Sachs has recently updated its financial outlook for Microsoft based upon both a timely release date for Vista and the imminent release of upgrade coupons.

Nokia's GPS Patents May Help Resolve Qualcomm Dispute

Nokia's patent licensing deal with Trimble Navigation this week could give the phone maker an important boost in an ongoing dispute with CDMA developer Qualcomm.

The deal gives Nokia a license for 700 Trimble technologies for delivering location-based services, as well as exclusive rights to sublicense them to other companies in the wireless industry. That means any company that wants to license Trimble's patents must now do so through Nokia.

Nokia Gains Upper Hand
Nokia officials stopped short of calling the deal just what it needs to end its acrimonious renegotiation talks with Qualcomm. But they acknowledged that it will strengthen Nokia's hand in licensing talks with all wireless companies that include GPS capabilities in their products.

"It will improve our negotiating position," said Ulla James, director of intellectual property rights strategic marketing for Nokia.

Trimble has one of the biggest portfolios of patents for location-based technologies, and any company that offers such capabilities will now need to talk to Nokia, she said.

Qualcomm Cautious
Qualcomm integrates GPS capabilities in many of its chipsets, including its gpsOne product. The company has shipped tens of millions of such chipsets in the past few years, said Nitesh Patel, a senior analyst at Strategy Analytics.

"Given that Nokia can sublicense to whoever it wants to and on whatever terms it wishes to, it has a strong bargaining position with Qualcomm with respect to GPS," Patel wrote in an e-mail.

He cautioned that Qualcomm might already have a long-term contract with Trimble that could supersede the arrangement between Nokia and Trimble.

Qualcomm declined requests for comment, and Nokia would not discuss how the deal might affect its negotiations with Qualcomm specifically.

April Deadline
Nokia and Qualcomm are engaged in a bitter renegotiation of a patent licensing agreement that ends in April 2007. The companies license a variety of patents from each other relating to mobile phone standards. Qualcomm is well-known for developing the CDMA standard and Nokia patents contribute to the WCDMA and other standards. Qualcomm has launched several lawsuits against Nokia for alleged patent infringement and Nokia, along with five other mobile vendors, has filed an anticompetitive complaint against Qualcomm with the European Commission.

Nokia played down the significance of the April deadline. If the two sides don't reach agreement by then, they will both be able to continue selling their respective products in any case, James said. It is "normal practice" for two companies in a renegotiation process to continue selling products even if the contract expires, with an eye to settling payments once a new contract is agreed to, she said.

Patent Share
Today, Nokia contributes 25 percent of the patents that make up the GSM standard and 28 percent of WCDMA patents, James said. It also holds 130 essential patents for CDMA. Despite announcing an exit from the CDMA market, Nokia intends to hold onto those patents as a revenue generator, she said.

Employers Prepare For Flu Season--And Possible Pandemic

With October being the official kickoff of the annual flu season, some organizations are taking steps to prepare for a pandemic of the seasonal or avian flu by beefing up communications capabilities and planning for employees to work remotely.

High Rate of Absence Possible
While IT administrators might be inclined to look at preparing for a pandemic much as they would for any other disaster, pandemics are different in several ways, said Steve Bittinger, an analyst at Gartner in Stamford, Conn.

First, pandemics occur over a much longer period of time -- weeks and months compared with the hours and days involved in a natural disaster or terrorist attack -- but this also provides weeks in which to prepare, Bittinger said. Second, they can have a severe impact on employees' attendance and customer purchases either because of sickness, fear of sickness or other limitations such as travel restrictions and quarantines, he said. Bittinger advises organizations to be prepared for absenteeism rates of more than 25 percent if a pandemic strikes.

Telecommuting Policies Will Help
Organizations are preparing for a potential pandemic in different ways. For commercial real estate company Cadillac Fairview in Toronto, the focus this flu season is primarily on how to enable its 1,600 employees to work from home, said Scot Adams, CIO of business innovation and technology services. Adams said his company recently began using MobiKey, a wireless service from Route1, also in Toronto, that allows end users use a Universal Serial Bus device for remote computing.

The product has two components, Adams said. The first component is the MobiKey itself -- a USB device that turns a home computer into a thin client. The other component is a wireless service brokered by Route1. While an end user is connected to his office PC through MobiKey, the computing, applications and data remain behind the corporate firewall. "If we needed to, we could quickly set up a telecommuting policy ... that's easy and affordable for us to turn on quickly," Adams said.

Pricing for the MobiKey product, which supports up to five users, starts at $399 and includes the device and one year of access to the service.

University Pandemic Planning
A number of universities, which are concerned about infectious disease in general because of the large number of people in close proximity, are planning for pandemics as well.

For example, for Stanford University in Palo Alto, Calif., the focus is primarily on how to deal with the loss of personnel in the short term, long term and possibly forever, said Lawrence Gibbs, associate vice provost for environmental health and safety. The university, which performs disaster planning and disaster recovery tests regularly, has also tested scenarios involving outbreaks from bioterrorism.

"Pandemic planning was not in the realm of planning even a couple of years ago," Gibbs said.