Richard Nicholson

If you really, really need to make sure those precious photos of yours last virtually forever - or at least longer than the average two- to five-year lifespan of consumer-grade DVDs, then start-up Cranberry LLC has the answer for you: a DVD that literally lasts a millennium. DiamonDiscs contain no dye layers, adhesive layers or reflective materials that could deteriorate. Cranberry's DiamonDisc product holds a standard 4.7GB of data, which roughly amounts to 2,000 photos, or 1,200 songs, or three hours of video, but the media is unharmed by heat as high as 176 degrees Fahrenheit, ultraviolet rays or normal material deterioration, according to the company. While only future generations may be able to prove DiamonDisc can last 1,000 years - never mind that DVD players will probably have been long forgotten by then - Cranberry claims its technology has been proved by researchers using the ECMA-379 temperature and humidity testing standards to outlast the durability of competitors that claim a 300-year shelf life.

However, instead of a silver or gold reflective surface, its disc is transparent, with no reflective layer. The Ferndale, Wash.-based company this week announced their product, which it says uses the same format as standard DVDs to store data. According to the company, unlike standard recordable DVDs, which use a 650 nanometer wavelength laser diode to etch a small pit into a disc's media surface, the DiamonDisc uses a higher-intensity laser to more deeply etch data into the "diamond-like" surface of its synthetic stone disc. The company is in talks with the U.S. government and the military, which are looking for archival media. "For the military, there's no heat, light, magnetic waves or environmental abuse that will have an impact on these discs," said Joe Beaulaurier, Cranberry's chief marketing officer. The DiamonDisc technology was invented by researchers at Brigham Young University and was first brought to market by Springville, Utah, startup Millenniata . While Millenniata performs the R&D on the product, Cranberry does the sales and marketing.

The company is also working on developing a Blu-ray version of their DVD product, Beaulaurier said. Cranberry performs the data-write for customers on the DiamonDisc they purchase. Photos, videos or other content that consumers want to store can be uploaded directly to Cranberry's Web site or mailed to the company. When compared to other consumer archive DVDs, such as Kodak Gold Preservation Write-Once DVD-R , which costs around $6, DiamonDisc carries a premium . A single DiamonDisc costs $34.95, two or more individual discs go for $29.95, and a five-pack is $149.75. Beaulaurier said prospective customers should factor in not only the longevity of the product, but the services provided. You burn a DVD once and it eliminates costs and energy down the road." Of course, the company is also happy to sell you its burner, but that will set you back $4,995. But, for $5,000 you get 150 DiamonDiscs to burn away until to heart's content. Cranberry checks the burn of each disc to ensure the quality of the finished product. "So [the consumer doesn't] need to monitor the burn process and make sure it took," he said. "This is also very green technology.

The burner plugs into any standard USB port and uses any standard DVD burning software, Beaulaurier said.

Microsoft is working on a tablet-style computer that could compete with Apple's rumored device, and may be in the final stages of prototyping, according to multiple reports on the Internet yesterday. Other features include the ability to use either a stylus or multi-touch gestures to operate the Courier, as well as a camera embedded in the device's case. The device, which Gizmodo first reported on, has been dubbed the "Courier" and resembles a book more than a traditional tablet, as it sports dual 7-inch screens that face each other when the system is opened. Gizmodo posted a concept video demonstration of the Courier as well as several images - although not photographs - of the device on its site Tuesday.

Others have confirmed the Gizmodo account. According to Gizmodo, the Courier is in the "late prototype" stage, and is being created by Pioneer Studios, a group within Microsoft's Entertainment & Devices division, which is also responsible for the Xbox, Zune and Windows Mobile. "Courier appears to be at a stage where Microsoft is developing the user experience and showing design concepts to outside agencies," said "The Paperboy," an anonymous writer for Gizmodo. CNET's Ina Fried , for example, said sources told her the Courier is legitimate, although it's only one of several design prototypes being explored by a team led by long-time Microsoft executive J. Allard, the Entertainment & Devices group's chief technology officer. "Very interesting idea," said Allan Krans, an analyst with Technology Business Research. "It combines a lot of technology that's been proven, including the Kindle, and the touch interface of the iPhone seems to be there." Krans noted that the Courier seems to blend several past and present Microsoft technologies, including its attempts at promoting pen-style computing in the 1990s and its much newer gesture-based, tabletop "Surface." But the reason why something like the Courier makes sense now - as opposed to the aborted efforts by Microsoft to back pen computing, and this decade's lackluster Tablet PC concept - is because of the company's rival. "The iPhone really changed the way that people interacted with a device like this," said Krans today. The latest round of speculation about Apple's entry came last week, after a Taiwanese publication cited industry sources who claimed that several component suppliers are building parts for an upcoming Apple tablet computer , which will launch in February 2010. Those sources said the Apple device would sport a 9.6-in. screen - considerably less display real estate than the Courier's two 7-in. screens - and will rely on a processor created by P.A. Semi, the Santa Clara, Calif. microprocessor design company that Apple purchased over a year ago . "The Courier looks like a really nice way to do this form factor," said Krans. "It won't have the screen limitations of an iPhone, and would be larger than Apple's rumored tablet." A Microsoft spokeswoman declined to react today to the Courier reports, saying, "Microsoft makes it a practice not to comment on rumors and speculation." Apple has also been the target of talk about tablets.

China called for a cleanup of mobile porn Web sites on Wednesday, blaming their rise on high-speed mobile data services, deployment of which has otherwise been a point of pride for the country. This year the country has also closed thousands of Web sites and arrested dozens in a campaign against online pornography that is increasingly shifting focus to mobile Web sites. "Lawless people have begun using the full commercial deployment of 3G and its faster download speeds for pictures and videos... to spread obscene and pornographic content," Su Jinsheng, an engineer in China's IT ministry, said in a speech, according to a transcript on the ministry Web site. China issued 3G (third generation) mobile network licenses to its three mobile carriers early this year, and the number of 3G users in China has slowly climbed since then.

A cleanup is needed to "protect the healthy growth of the next generation and purify the social environment," he said. But owners of mobile porn Web sites have been able to evade authorities through technical tactics such as frequently switching domain names and IP (Internet Protocol) addresses, Su said. China sees its long-delayed rollout of 3G services as a step toward its goal of becoming a global technology power. Counter-tactics being used by authorities include a blacklist to prevent pornographic Web sites from reappearing online and the design of content-filtering technology to help network operators themselves block obscene content, he said, giving a rare official glimpse into how Chinese regulators control information on the Internet. Earlier this year Google had a row with Chinese authorities over pornographic search results that ultimately led to Google.com and other Google services being briefly blocked in the country.

Pornography is illegal in China and authorities have long seen it as a scourge on the country's culture.

DENVER - Is cloud computing inevitable? FAQ: Cloud computing demystified Michael Dieckmann, CIO at the University of West Florida, thinks otherwise and the two spent Wednesday at the annual Educause conference debating the hype vs. the hope around commercial cloud computing that promises to cut IT costs and provide efficiencies. Maybe, but IT still has a lot of questions to ask before floating away on its promises, according to Melissa Woo, director of cyberinfrastructure and network and operations services at the University of Wisconsin-Milwaukee.

Woo's contention isn't so much that the cloud won't emerge as an option, but that IT still has a lot of questions to ask before floating away on its promises. "Why is the conversation always when, why are we not asking why," she said to a packed Educause session that with a raising of hands showed the audience of higher-ed IT pros are on the fence over cloud computing. "Gartner has cloud computing at the peak of inflated expectations on its hype cycle," she said. This week, cloud provider Rackspace reported its third outage since June. Woo noted recent reports of outages by large providers should grab attention. Last month, Microsoft reported it lost the data stored by users of T-Mobile's Sidekick service before eventually recovering most of the data. Where is that data being stored? And Google, which provides e-mail services for students, faculty and staff on Dieckmann's campus, has had numerous outages that have frustrated users so much that Google developed a Google Apps Status Dashboard and pumps updates to users via RSS. "And what about the privacy risks, security risks?

Where is research data being stored? Dieckmann countered that the cloud question is most relevant for commodity services, but the tricky part is that the definition of commodity services is constantly changing. "To many people e-mail is e-mail," he said. "Storage is becoming more of a commodity. How do you handle identity and access management, what happens if the cloud service falls out from under you?" Woo said. When that service can come externally just are reliably and with the same service levels we can provide why do we need to spend significant resources to run it in-house?" But on the cost issue, Woo's contention is that most universities don't have a true handle on costs and therefore can't determine if the cloud is saving money. "Another thing to think about is are we just cost shifting. But Dieckmann compared the cloud with what has been happening internally in IT over the past few years in terms of centralizing servers into data centers and adding virtualization for added efficiencies and benefits.

Are we throwing things over the wall for others to worry about," said Woo, who wonders about the burden put on legal and purchasing departments. "We are not just looking at saving IT costs but costs across the institution." Dieckmann, in part, conceded Woo's point, saying he spends more time now with UWF's general counsel than he did before venturing out into the cloud. He said many of the same arguments IT made for centralization are now being turned against them via the cloud debate. "Part of what is uncomfortable here is that it is our apple cart that is now being upset," he said. "But we need not approach this as a poison pill. What if the cloud provider breaks the SLA, do we know how to measure harm if our storage disappears," she said. "We need to come to grips with the inevitability of the cloud," Dieckmann says. There are many advantages and we should be leading here rather than following." Woo contends the transfer to centralized IT has been based on trust, but questioned whether that same trust exists in the cloud. "Can we negotiate good service-level agreements (SLA). We don't have the maturity to negotiate those. The massive economy of scale involved in cloud computing can make it the most cost effective way to provide services for higher education, he contends. "Cost is not a minor concern today." When evaluating cloud services, he says users must focus on how the cloud alters the parameters on the old notion of outsourcing, an idea that was hot nearly a decade years ago but lost its sizzle for technological and other reasons.

He concedes the debate has many layers, but he points out that end-users have their own cloud choices now and that could eventually mean less IT control. "Our clients are voting with their feet," he said, in reference to students and faculty who go out on their own to online services. "Our challenge will be to combat the choices users make and to keep coherent IT enforcement," he said. "The next evolution of this is academic departments deciding to using the cloud and they are not doing that with IT or general counsel input. The cloud has benefits that can't be ignored, Dieckmann says, such as delivering infrastructure as a service, support for massive sharing, flexibility and a pay-as-you-go model. In some cases we have no control. We need to show some leadership." Follow John on Twitter.

There's no question that software piracy is a global problem with a heavy financial impact. A May 2009 report by the Business Software Alliance and IDC estimated that 20% of software programs installed in the U.S. last year were unauthorized copies. But just how heavy it is is a matter of debate.

Worldwide, the figure is 41%, with an estimated financial impact of $53 billion - a figure based on the retail value of the pirated PC software. If it were, the BSA's global loss figure of $53 billion would drop sharply, they maintain. "Obviously, not every piece of pirated software will be replaced immediately with legitimate software if underlicensing is addressed or sources of pirated stuff dry up," acknowledges Dale Curtis, the BSA's vice president of communications. But critics of the study say it fails to account for the possibility that pirated software could be replaced with Linux or other open-source options. But he says that over the years, IDC has found "a very strong correlation between piracy rates and software sales. One country that wasn't included is Canada - and that doesn't sit right with Michael Geist, a professor at the University of Ottawa. "What the BSA did not disclose is that the 2009 report on Canada (whose piracy rate declined from 33% to 32% in the study) were guesses since Canadian firms and users were not surveyed.

In country after country, as the piracy rate falls, legitimate sales go up." A second criticism of the report is that its country-by-country figures are partly based on the results of an annual survey that in 2009 covered 24 countries. While the study makes seemingly authoritative claims about the state of Canadian piracy, the reality is that IDC . . . did not bother to survey in Canada," Geist wrote in a May 27 blog post. Further, he says Canadian users were surveyed the previous year, and "there is no reason to assume large changes in results from one year to the next." Ivan Png, a professor of information systems and economics at the University of Singapore, says the BSA and IDC should explain how they applied the results from the 24 countries surveyed to all of the other countries not surveyed. "IDC should make the methodology transparent," Png says. Curtis responds that the study "is not a guess, nor is it a scientific measurement, nor is it based primarily on a survey of software users, as Geist suggests." A survey of 6,200 users is only a piece of the model, Curtis says.

Healthcare providers and others handling sensitive patient data are now finding the stakes raised if they suffer a data breach because of a new law known as the "Health Information Technology for Economic and Clinical Health Act," or HITECH Act. Depending on whether a data breach arises from a simple mistake to willful theft, fines will range in tiers from as low as $100 per violation for a slip-up regarding unencrypted data to $1.5 million or more for knowingly and willfully violating the data-breach rules, say those familiar with the HITECH Act. "Under the HHS rule, you have to figure out if you had a data breach," says Rebecca Fayed, attorney-at-law firm Sonnenschein, Nath & Rosenthal's healthcare group division in Washington, D.C.. But the new rules, which cover both electronic and paper formats, are far from simple.  Healthcare organizations find IT cures for identity and security  The HITECH Act, devised by Congress primarily to address electronic medical records, is being noted for its impact in adding a tough data-breach notification requirement to the long list of long-existing Health Information Portability and Accountability Act (HIPPA) security and privacy rules. Passed by Congress in February, the HITECH Act is now coming into enforcement by the U.S. Department of Health and Human Services (HHS) and the Federal Trade Commission (FTC), which each have been given a role to play under the law, potentially levying punishments and fines on organizations that stumble in protecting personal health information.

Like HIPAA, the HITECH Act covers healthcare providers, insurers, clearinghouses and also business associates handling personal information about patient health, as well as other protected information, including name, Social Security number, address and insurance account numbers. If the data breach "is only five people, HHS doesn't want you calling them," though you will have to inform the individuals impacted. Fayed says there's often the misperception that the HITECH Act will require public disclosure of any data breach of unencrypted personal health information (PHI) but the fine print actually says the data breach has to have impacted at least 500 people in one state. "Then you have to notify the media," she says. And it appears there's no need to report an employee unintentionally accessing a record by mistake in the course of doing his  job. The HHS guidelines set forth two basic ways to secure that data, "encryption" for electronic data and "destruction" applied as a means to destroy electronic data or paper. A lot of the talk about HITECH is centering on encryption because the breach notification only applies to "unsecured PHI," Fayed says.

When it comes to encryption and stored data security, guidelines from the National Institute of Standards and Technology are referenced, including NIST's FIPS 140-2 for certification of encryption products. So, the bottom line is the HHS-issued guidelines, now an interim final rule that went into effect Sept. 23 (though it won't be enforced until February 2010 by the office of civil rights at HHS), is a game-changer. Though encryption isn't mandatory under HITECH Act, just by bringing encryption technology into the discussion of a data breach the federal government is raising the bar about what's implied about best practices, Fayed notes. Wes Rishel, vice president and distinguished analyst at Gartner, calls the HITECH Act ground-breaking. "This is the first time there's been a federal regulation for data breach," Rishel says. Although there are now far fewer known instances of data breaches involving PHI than credit cards, for example, it doesn't mean that these cases don't happen, many say. It changes the balance in terms of security and puts an emphasis unknown before on encryption because a data breach of encrypted data is not going to have to be reported.

Fraud involving stolen patient healthcare data, primarily Medicare/Medicaid identity theft for making money off submitting fraudulent claims, is not uncommon, Fayed says. "The reason you haven't heard about these is because people haven't had to report these yet," she says. But encryption use to protect stored data is not typical today among HIPAA-regulated organizations and they are going to be struggling to encrypt and decrypt effectively among business partners. "Encryption can create a big mess, too." The HITECH Act has more healthcare providers crafting encryption strategies.  "They should be deploying encryption," says Forrester analyst Noel Yuhanna.

Google Docs received an overhaul this week that makes it easier for users to share items, upload documents, and stay organized. Shared Folders One of Google Docs best features is its ability to let you share and collaborate on documents with other users. The new tweaks also brought a slight change to the Google Docs homepage with a more uniform and simpler look. In the past, if you had multiple documents you needed to share with one workgroup, Google Docs required you to send out multiple sharing notices for each document.

Just drag and drop the files you need to share into a folder, and then click "share this folder" and invite members of your workgroup. The new shared folders feature solves this problem, by allowing you to set up sharing permissions for one folder. The people in your workgroup will get an e-mail notifying them you've shared this folder. The new feature is handy, but there is one few quirk you should keep in mind. Once they've logged on to Google Docs, members of your workgroup can see the files you've added to the folder, and also drop files into your folder to share with the same group.

Even though a document is in a shared folder, the access permissions for that document are attached to the folder-not the file. Managing Your Workflow Back by popular demand is the "Items Not In Folders" filter that allows you to see any documents you have that are not organized into folders. So if you pull a document that you own (i.e. you created it) out of the shared folder, your workgroup will no longer be able to access the document. Google brought back the feature because some people were using this as a workflow tool. Then you can move a document into a folder once it's ready for prime time.

One way to take advantage of this filter is to use it as a tool for tracking documents in draft stage. There is one detail you should be aware of when using this feature: Let's say John shares a report directly with Mary, but John doesn't have that report in a folder. The "Items Not In Folders" filter can be accessed under the "More Searches" menu in the left hand navigation pane. If Mary puts it into one of her folders, John will see the report has a folder tag, but it will still show up when John filters his documents by "Items Not In Folders." That way, Mary's actions don't interrupt John's workflow. Google Docs will also let you upload multiple files at once. You'll also notice Google Docs has a slightly different look.

Just select all the files you want using the "shift" or "ctrl" ("command" on a Mac) keys, and then start your upload. The new layout is a little boxier, and the visual icons (like starred, share, upload and delete) have been removed in favor of a text-only look. Live Mesh, launched last year, allows you to create a network of devices and sync folders between them. Sharing Alternative If Google Docs isn't for you, Microsoft also has two document sharing options. Live Mesh also gives you your own online desktop, called Live Desktop, where you can share folders with people outside of your network or Mesh.

Live Mesh works on both PC and Mac systems. To use Live Mesh you have to download a small program, but people you share items with only need to sign up for the Live Desktop. Microsoft's other alternative is its online storage space called Skydrive. However, Skydrive's sharing permissions are a little too complicated, so I recommend going with Live Desktop and Live Mesh if you are a Windows Live user.

Everybody bring out the noisemakers, confetti, and party poppers. We've already covered 1Password 3 through its public beta. Fresh out of public beta, the one-stop password-managing shop known as Agile Web Solutions 1Password 3 is now available to one and all.

Needless to say, this is a very substantial upgrade to a highly-regarded Mac OS X app. 1Password 3 features 1PasswordAnywhere to view your 1Password Agile keychain in any modern Web browser on any operating system to copy and paste passwords, just as you would in the app itself. You can also attach and encrypt any file to any 1Password item to easily secure sensitive images or mission-critical files. It also has a brand new section for software licenses, allowing users to attach their own icons or drop in their own icon art to easily locate serial numbers. Other new features include the ability to edit 1Password items from the browser, metadata organization with tags, better control over syncing with 1Password Touch, new categories for accounts and financial information, improved searching, and a brand new interface. It is a paid upgrade for existing users of 1Password 2, but if you bought 1Password any time after February 1st, 2009, your existing license will work just fine with 1Password 3. If you bought it before then, there's an early bird discount through November 30th where single licenses can be upgraded for $20 and family packs for $30. Otherwise, 1Password 3 costs $40 for one user and $70 for a five user family pack.

As of today, 1Password 3 is available to try out for 30 days. Should you be unhappy with 1Password in any way, the developers are also offering a 30 day money-back guarantee-how nice! 1Password 3 requires Mac OS X 10.5 Leopard and is fully compatible with Mac OS X 10.6 Snow Leopard.

It's not a very good day when a security report concludes: Disruptive cyber activities expected to become the norm in future political and military conflicts. From the GAO: "The growing connectivity between information systems, the Internet, and other infrastructures creates opportunities for attackers to disrupt telecommunications, electrical power, and other critical services. But such was the case today as the Government Accountability Office today took yet another critical look at the US federal security systems and found most of them lacking.

As government, private sector, and personal activities continue to move to networked operations, as digital systems add ever more capabilities, as wireless systems become more ubiquitous, and as the design, manufacture, and service of information technology have moved overseas, the threat will continue to grow. " Within today's report, the GAO broadly outline the groups and types of individuals considered to be what it called key sources of cyber threats to our nation's information systems and cyber infrastructures. According to the Director of National Intelligence, a growing array of state and nonstate adversaries are increasingly targeting—for exploitation and potential disruption or destruction—information infrastructure, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers in critical industries. From the GAO: Foreign nations: Foreign intelligence services use cyber tools as part of their information gathering and espionage activities. Criminal groups: There is an increased use of cyber intrusions by criminal groups that attack systems for monetary gain. While remote cracking once required a fair amount of skill or computer knowledge, hackers can now download attack scripts and protocols from the Internet and launch them against victim sites.

Hackers: Hackers sometimes crack into networks for the thrill of the challenge or for bragging rights in the hacker community. Thus, attack tools have become more sophisticated and easier to use. These groups and individuals overload e-mail servers and hack into Web sites to send a political message. Hacktivists: Hacktivism refers to politically motivated attacks on publicly accessible Web pages or e-mail servers. Disgruntled insiders:The disgruntled insider, working from within an organization, is a principal source of computer crimes.

The insider threat also includes contractor personnel. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a victim system often allows them to gain unrestricted access to cause damage to the system or to steal system data. Terrorists: Terrorists seek to destroy, incapacitate, or exploit critical infrastructures to threaten national security, cause mass casualties, weaken the U.S. economy, and damage public morale and confidence. The Central Intelligence Agency believes terrorists will stay focused on traditional attack methods, but it anticipates growing cyber threats as a more technically competent generation enters the ranks. However, traditional terrorist adversaries of the United States have been less developed in their computer network capabilities than other adversaries.

Testifying before the Senate Judiciary Committee, Subcommittee on Terrorism and Homeland Security today, FBI Deputy Assistant Director, Cyber Division said that while the FBI has not yet seen a high level of end-to-end cyber sophistication within terrorist organizations, it is aware of and investigating individuals who are affiliated with or sympathetic to al Qaeda who have recognized and discussed the vulnerabilities of the U.S. infrastructure to cyber attack; who have demonstrated an interest in elevating their computer hacking skills; and who are seeking more sophisticated capabilities from outside of their close-knit circles. "In addition, it is always worth remaining mindful that terrorists do not require long term, persistent network access to accomplish some or all of their goals. The likelihood that such an opportunity will present itself to terrorists is increased by the fact that we, as a nation, continue to deploy new technologies without having in place sufficient hardware or software assurance schemes, or sufficient security processes that extend through the entire lifecycle of our networks," Chabinsky said. Rather, a compelling act of terror in cyberspace could take advantage of a limited window of opportunity to access and then destroy portions of our networked infrastructure.

European Union lawmakers renewed efforts Thursday to tackle the politically charged issue of whether governments can bar people from using the Internet, the same day that a new study was released claiming that Internet blocking by national governments is increasingly commonplace in Europe. The laws, dubbed the telecoms package, were scuppered in the summer, when the European Parliament voted overwhelmingly to insert a clause into one of the laws that would make it illegal for a national government to ban a European citizen from accessing the Internet. National governments and the European Parliament announced that they would open formal conciliation talks in a bid to overcome the obstacle to a wide-ranging group of new laws for the telecoms sector. National governments refused to accept the Parliament's amendment and the whole package of laws has been held up as a result.

A copy of the proposed new text was leaked by Christian Engstrom, a Swedish computer programmer and free speech activist who was elected to the European Parliament in the summer as a representative of the fledgling Pirate Party. The European Parliament, the Council of national governments represented by Sweden, and the author of the telecoms laws, the European Commission held a three-way meeting Thursday, agreeing to reconvene on Nov. 4. "Parliament's delegation has agreed on a compromise proposal that will serve as a basis for negotiations and towards which the Council and the Commission will be able to converge," said French social democrat MEP Catherine Trautmann, describing Thursday morning's informal meeting as "a promising start" to the official phase of conciliation. Government attempts to block access to the Internet are mounting throughout Europe, but look set to backfire, according to a new study funded by financier George Soros' Open Society Institute. In Germany, Britain, Italy and Scandinavia, the measures are intended to block pages containing child pornography, while in France the proposed "three strikes" law would cut access to users who download pirated content. Entitled "Internet Blocking: Balancing Cybercrime Responses in Democratic Societies," the study shows how efforts to block Internet content are spreading throughout Europe. In Turkey, which borders the E.U. in the southeast and is trying to join the group, the telecommunications ministry has blocked more than 6,000 Web sites, including YouTube, Geocities, DailyMotion and WordPress, the study found.

Attempts to block offensive content all too often backfire, said one of the study's authors, Cormac Callanan, CEO of Irish consultancy, Aconite Internet Solutions. "Technically, it is difficult. It concludes that the measures are ineffective in achieving their stated goals because many technical ways exist to get around blocking technologies. Legally, it is problematic. Both politicians have in the past sat on the European Parliament's civil liberties committee, and were involved in debating Internet access issues contained in the proposed telecoms package. Above all, it represents a real threat to the free transfer of information and conflicts with basic democratic principles," he said in a statement The study has already been endorsed by two members of Parliament: British liberal Graham Watson and German social democrat Birgit Sippel. "Protection of children is a matter of the utmost importance, but this does not mean that the Commission can propose measures that may well be entirely ineffectual but which will have long-term consequences for the right of freedom of communication in Europe," Watson said.

About fifteen years ago, my husband and his colleague had their laptop computers stolen out of a car. A $14,000 hit to the departmental budget was a serious blow. They were fearful of reporting the incident to their boss, largely because the laptops had cost the company about $7,000 each.

And back in those days, no one gave much thought to exposure of the data on the stolen devices. Today, companies don't sweat much over the loss of the hardware, which has dramatically come down in price. My, how times have changed! The real cost of a lost laptop is in the potential or actual exposure of the data on the PC, especially if it is customer records or intellectual property. The cases represented missing or stolen computers belonging to companies in a wide range of industry classifications. Laptop Losers Hall of Fame In April 2009, Ponemon Institute released an Intel-sponsored report entitled "The Cost of a Lost Laptop." Ponemon interviewed 29 organizations that had experienced 138 separates cases of a lost laptop that was used by an employee, temporary employee or contractor.

In this study, the average value of a lost laptop is $49,246. This figure is derived from a calculation involving seven cost components, including: laptop replacement; detection and escalation; forensics and investigation; data breach reporting and mitigation; intellectual property loss; lost productivity; and other legal or regulatory costs. The top four industries with the highest average cost of a lost laptop are services, financial services, healthcare and pharmaceutical. The study reveals that the cost of a lost laptop varies greatly by industry. The bottom four industries are manufacturing, consumer products, retail and communications. In the cases covered by this study, the occurrence of a data breach accounted for 80 percent of the total cost.

Since the hardware costs don't vary much by industry, it's obvious that the data loss costs are the differential. And while the average cost is just over $49,000, it's possible for actual costs to reach much higher if the loss involves a data breach of thousands of sensitive records. The study reports that if a company becomes aware of the loss the same day it happens, the average cost is only $8,950. If it takes more than a week to discover the loss, the cost jumps to an average of $115,849. There are many other interesting - and some surprising - bits of information in this study. (See the full report here.) If your organization is looking for good statistics and other information to help you justify an investment in stronger laptop security measures, do have a look at this report. One factor in the cost of a lost laptop is how fast the company discovers and reacts to the loss. As I mentioned, Intel Corporation sponsored this study, although Ponemon Institute conducted the research independently. Certain laptops powered by the Intel Centrino 2 chipset have a core set of technologies known as the the vPro technologies.

Of course, Intel has a big interest in protecting lost or stolen laptops. One such technology is the Intel Anti-Theft Technology - PC Protection (Intel-AT), which uses a set of programmable and interdependent hardware-based triggers and responses to identify unauthorized attempts to access encrypted data or the operating system. One product you can use in conjunction with Intel-AT is the Altiris Manageability Toolkit for Intel vPro Technology from Symantec. Third-party software products, such as those described below, can send signals to the lost laptop to disable it from use by unauthorized people. Another is Computrace from Absolute Software, which allows you to delete data on missing computers and produce an audit log of the deleted files to prove your compliance with government and corporate regulations.

This BIOS update allows for the remote shut down of a lost or stolen PC when an SMS message is sent via a designated cell phone. Certain models of Lenovo ThinkPad laptops offer a technology called Constant Secure Remote Disable. This solution also requires an embedded wireless WAN card in the PC as well as a mobile communications subscription to allow the PC to receive text messages. Should the PC turn up again, you can unlock it without loss of data. If the computer is lost or stolen, your text message will lock it down at the hardware level, turning it into a brick.

SystemTrack is a managed service offered by Dell. If you report a stolen device to Dell, Dell can forensically mine the PC over the Internet using a variety of procedures. SystemTrack links with a missing PC the next time it connects to the Internet and enables IT administrators to perform data and device security activities, including deletion of sensitive data, system lockdown and emergency retrieval of key files. All the solutions I've just described take some forethought to prepare a PC before it's ever lost or stolen. Still, as the old saying goes, an ounce of prevention is worth a pound of cure. What's more, these solutions often rely on multiple services or technologies to work just right.

Perhaps a little forethought on what to do about sensitive data on a lost or stolen laptop is better than the experience of a costly data breach.

A new agreement between the Internet Corporation for Assigned Names and Numbers (ICANN) and the U.S. Department of Commerce that creates international oversight of the nonprofit operator of the Internet's domain name system may not provide enough accountability, some critics said. ICANN and the U.S. Department of Commerce (DOC) announced the new agreement on the day an 11-year series of agreements expired. The agreement, announced Wednesday, seemed to enjoy widespread support, but some critics questioned how new review teams overseeing ICANN would be independent and whether the new agreement represented average Internet users.

Under those agreements, the U.S. government provided primary oversight of ICANN. One of the main changes in the new agreement, called an Affirmation of Commitments, is the creation of new review panels, which would check ICANN's compliance with the agreement every three years. They're likely to produce the politics that already exist within ICANN." ICANN has a long history of disagreement among stakeholder groups and calls by other nations for the U.S. to give up its oversight role. Volunteers would serve on those review teams, as would independent experts and representatives of the ICANN board of directors and the DOC. The problem is that ICANN's chairman or CEO and the chairman of ICANN's Governmental Affairs Committee (GAC), selected by all the nations involved with ICANN, would have the final say on the makeup of those review teams, said Brenden Kuerbis, operations director the Internet Governance Project, a group of academics focusing on Internet governance issues. "The review panels are not external to ICANN," Kuerbis said Thursday at an ICANN forum hosted by the Congressional Internet Caucus. "They're selected by the very people responsible for what ICANN does. ICANN's major problem isn't a lack of oversight, it's a lack of clearly defined rules for the organization and standards to measure performance, Kuerbis added. "If these rules don't exist - and they still don't - the review panels ... can just become another layer of politics and second-guessing, superimposed on what is already a messy and pretty diffuse process," he said. There will be public comment on membership of the review teams, and ICANN's board and CEO don't control GAC, he said. "It's going to be extremely hard [for ICANN] to game the process," he said.

However, ICANN Vice President Paul Levins disagreed that the review teams will be made up of ICANN allies. Another criticism of the new agreement is that it was negotiated between ICANN and DOC in secret, even as the agreement calls on ICANN to be accountable and transparent to the public and to use a bottom-up decision-making process. "Whatever deliberation occurred prior to the approval of this 'affirmation of commitments' was entirely secret - except for those favorite friends ICANN chose to invite into the smoke-filled room, or to whom the deliberations or decisions were leaked," Edward Hasbrouck, a travel blogger and ICANN critic wrote on ICANNwatch.org, an ICANN watchdog site. "In fact, the completely secret, nontransparent and unaccountable way in which these 'commitments' were adopted is clear and compelling evidence of ICANN's continuing 'lack' of any actual commitment to these principles, or indeed to any transparency or accountability; its continuing commitment to lie - as loudly and as prominently as it can - about its lack of accountability and transparency; and the continuing need for 'real' transparency and accountability," the blog post continued. It's clear that ICANN received input from outside groups, and the agreement addressed major concerns about U.S. control over ICANN, said Steve DelBianco, executive director of NetChoice, an e-commerce trade group and frequent ICANN critic. But other ICANN watchers offered support for the new agreement. The new agreement gives the U.S. government a continued role in ICANN oversight, but it spreads out the oversight to other governments and the private sector, he said. "ICANN's independence day will be known as Sept. 30, 2009," DelBianco said. "[The agreement] is very clever in the way it balances some of those forces that were speaking out." GAC, which has complained of not having enough oversight of ICANN, will now have more control, he said. "The way we relieved the pressure [on ICANN] was to give governments more say," he said.

Other supporters of the new agreement included registrar Go Daddy, the Software and Information Industry Association, and U.S. Representative Henry Waxman, a California Democrat and chairman of the House Energy and Commerce Committee. "This agreement is a perfect example of how a public-private partnership can work to the advantage of all stakeholders," Waxman said in a statement. "It will help insure that the Internet remains stable and secure for the people around the world who use it for work, study, entertainment, or to stay in touch with family and friends."

A look back at the week's biggest Google-related news stories:   Apple severs board ties with Google  The final ties have been cut between Apple's and Google's board, with Arthur Levinson (he had been serving as an independent member on both the Apple and Google board of directors) resigning from the Google board. Not to be confused with the Google Books project, but possibly a threat to Amazon.com and other online booksellers.   Google bullish on economy The company posted increases in Q3 revenue and earnings, beating Wall Street expectations. This follows the departure of Google CEO Eric Schmidt from Apple's board in August shortly after Google announced it would be competing head on with Apple in the operating system market with Chrome OS just as it was competing with the iPhone with Android.   Amazon, meet Google Google revealed plans for Google Editions, an online store offering digital books to users of various devices, from e-book readers to laptops and cellphones. Google CEO Eric Schmidt said in a statement. "While there is a lot of uncertainty about the pace of economic recovery, we believe the worst of the recession is behind us and now feel confident about investing heavily in our future."   Google's cloud security double talk  Computerworld reported that a group called Consumer Watchdog fired off a letter to the head of the Los Angeles City Council's Budget and Finance Committee, claiming that Google was talking out of both sides of its mouth in pitching its Google Apps to the city.

Unfortunately, Google didn't get all the bugs out first.   Google on the prowl for website malware  Google on Monday rolled out a service to help Webmasters identify malware that may have been slipped into their sites. The watchdog group said Google assured the city its cloud-based apps were safe, but separately acknowledged risks in a financial filing with the federal government.   Google Docs get upgraded, but bugs surface  Google pleased users of its Docs offerings by introducing folder sharing, an ability to upload multiple items to Docs simultaneously and by improving the interface. The new tool uses automated scanners to show Webmasters of sites flagged as "unsafe" just what the offending code is.   Google Voice gets friendly Google has started allowing early adopters of Google Voice  to invite friends to join them.   Google's Postini goes on the fritz  Users of the messaging security and archiving service were festering when service problems emerged during the week. For more on Google, visit Network World's independent Google community, Google Subnet. By week's end, Google had fixed the delayed e-mail delivery issues, but some customers were unhappy with a lack of communication on Google's part, Computerworld reports.   Also, here's a look back at the previous week in Google news.

Google is reportedly working to make its settlement with book publishers more palatable to the court, but even if the deal goes through, consumers are likely a long way from getting out-of-print "orphaned" books onto their e-readers. The government and other parties have raised privacy concerns, worrying about Google's observation of what people read. (And not all authors and publishers are satisfied, although their associations signed on to the deal.) But what really has Amazon, Microsoft and other competitors in a tizzy is the part of the settlement that lets Google sell online access and subscriptions to orphaned books. The settlement, in its current state, would allow Google to make large passages of these books, which are in copyright but whose authors can't be found, searchable on the Web. As the e-reader market heats up, Amazon argues, the Google book settlement would create "a cartel of authors and publishers" who could set pricing and availability without restrictions.

On Friday, the U.S. Department of Justice dealt a blow to Google, the Authors Guild, and the Association of American Publishers, saying the settlement between the three parties violates antitrust and copyright laws. These opponents would have a harder time setting up their own market of orphaned materials because they'd have to create an agreement with publishers and authors from scratch, instead of making a settlement in court. The DOJ advised a U.S. District Court not to approve the settlement unless it is modified. Google and its settlement partners are motivated to quickly address the DOJ's concerns, but delays are inevitable. Though the government seems to want the settlement to go through in the end, the slow pace of government and courts means we could be waiting a long time. It seems unlikely that the deal will be approved on October 7, when the United States District Court for the Southern District of New York has scheduled a hearing on the matter.

All this could take awhile. All parties must agree to any settlement, and even then, the opponents could still make legal challenges. Maybe it's not all bad. With any luck, Google will start selling the orphaned books just as the e-reader glut hits full swing.

Teradata unveiled a range of data warehousing products and initiatives on Monday, including new public and private cloud deployment options and an upcoming appliance that employs solid-state disks. It employs a free Elastic Mart Builder tool alongside Teradata's workload management software, and is meant to help companies quickly create data marts and analyze information, as well as "control data mart proliferation," Teradata said. The company's new Agile Analytics Cloud is a set of products and services for quickly creating virtualized data marts inside a company's private cloud. Teradata also announced versions of its Teradata Express software for Amazon's Elastic Compute Cloud (EC2) and VMware Player.

It is meant for use by developers in nonproduction environments. "We want to make it easier for people to develop analytic applications on the Teradata platform," said CTO Stephen Brobst. Teradata Express provides a feature-limited version of the company's database at no charge. Porting Express to pay-as-you-go cloud infrastructure services like EC2 makes doing so more attractive because companies, particularly smaller ones, don't have to acquire additional hardware, he said. Teradata's appliance uses Intel chips and will scale from between 7 and 200 terabytes of user data. In addition, Teradata announced an upcoming data warehousing machine called Extreme Performance Appliance 4555. Like Oracle's Exadata 2 product, it uses solid-state drives, which offer better performance than traditional hard disks but are more expensive, although prices are dropping.

Teradata is looking for early adopters now and plans to release the appliance in the first half of 2010, according to Brobst. This is "only fair," since Greenplum's initiative echoes what eBay has already done using Teradata technology, Monash added. "It also provides major support for what I think is an extremely sensible trend." Each vendor will bring relative strengths to the table, Monash added. With Monday's announcements, Teradata "hopes to leapfrog" its competitor Greenplum, which recently launched its own "Enterprise Data Cloud" strategy, analyst Curt Monash said in a blog post. Teradata should have an edge in managing virtual data marts versus just physical ones, but Greenplum may do better in regard to pricing and deployment options, he said.

AT&T on Friday accused Google of violating the U.S. Federal Communications Commission's net neutrality rules by blocking Google Voice calls to some rural areas. By doing this, Google can reduce its access expenses, according to AT&T. The FCC in 2007 prohibited traditional carriers from blocking calls because it said the practice might degrade the reliability of telecommunications networks, Quinn wrote. In a letter to the FCC, the carrier said Google is claiming an advantage over other telecommunications providers by blocking calls, a cost-saving measure that traditional carriers are prohibited from using. "We urge the Commission to level the playing field and order Google to play by the same rules as its competitors," wrote Robert Quinn, a senior vice president for AT&T's federal regulatory issues, in a letter to the FCC. Google systematically blocks calls to certain areas from consumers using Google Voice, AT&T said, citing press reports.

AT&T charges that Google's call blocking violates the fourth principle of the FCC's Internet Policy Statement, which says consumers should be able to reap the benefits of competition among network, application, service and content providers. And even if it's an application and not a phone service, Google Voice is still governed by that principle because it covers application providers, the letter said. Though Google has claimed that Google Voice is not a traditional phone service, it effectively is, AT&T says. The carrier also accused Google of violating the fifth principle of the Internet Policy Statement, on nondiscrimination, which says one provider can't block fair access to another. Google itself is discriminating when it blocks calls to certain local exchange carriers, AT&T said.

EventBox, the one-stop shop for many of your social media needs, is taking a big step up in the world of Mac software. Last July, Macworld's James Dempsey dove into EventBox and all the socializing it has to offer, and I picked it as part of my $300 Student Challenge last month. Realmac Software, makers of RapidWeaver and LittleSnapper, announced Tuesday morning that it has acquired EventBox from its developers, The Cosmic Machine. Instead of visiting separate websites to get your daily dose of Facebook, Digg, Twitter, Google Reader, Reddit, Flickr, Identi.ca, and even plain ol' RSS feeds, EventBox wraps them all into one polished, centralized application.

You can create smart folders to organize your friends and information for the way you, erm, "work," upload photos to compatible services, and even send links to Instapaper for reading later. It even makes a few services work together in useful ways, such as letting you post Google Reader headlines to Facebook or Twitter right from inside the app. Realmac Software's acquisition means that EventBox will have more resources and room to grow, as Realmac is no stranger to bringing solid products to market. EventBox is now huddling into a cocoon, undergoing a transformative process that should finish in November. RapidWeaver has long been known as a sort of "iWeb Pro" upgrade, and LittleSnapper quickly gained traction as a powerful "iPhoto for designers and web developers." EventBox doesn't currently have much in the way of competition as far as tackling such a broad sample of the social media space, so The Cosmic Machine and Realmac are already a step or three ahead of the game. When it reemerges, it will be renamed as Socialite.

EventBox owners who purchased a license in the past will get a free Socialite 1.0 license, which will cost everyone else $20. Customers who scored licenses through MacHeist will receive an email with the option of purchasing a license upgrade at a discounted price. Realmac is soliciting feedback in its forums for what users want out of version 1.0 and beyond.

Calling it the "most significant" upgrade in a decade, Microsoft Corp. today revealed details for its project management application, Project 2010. The new version will include tighter integration with Microsoft Outlook e-mail and new collaboration features for buyers of the mid-range Project Professional version. Final release is due by the first half of next year, about the same time Microsoft Office 2010 is released, according to Chris Capossela, senior vice president of the Microsoft Business Division. "This is the most significant release in more than 10 years," he said. Project 2010 will also be the latest Microsoft application to adopt the Office "Fluent" user interface, better-known as the controversial "Ribbon." Finally, Microsoft is cutting the number of versions of Project from four to three, injecting portfolio management capabilities from the short-lived Project Portfolio Server into Project Server 2010. Microsoft is making the public beta of Project 2010 available later this fall, though it is taking sign-ups today.

Microsoft made the announcement during its Microsoft Project conference, which is taking place in Phoenix this week. Though relatively unknown, Project is used by about 20 million workers, according to Microsoft. Capossela, who was general manager for the Project product earlier this decade, is giving a keynote speech at the conference. It is one of the company's 10 largest revenue generators, Capossela said. "It's a wonderful, quieter business," he said. One new feature is user-controlled scheduling, which is aimed at users who don't require rigid, automatically generated deadlines.

For 2010, Microsoft will offer Project Desktop, Project Professional and Project Server. Another feature lets managers whose companies have Project Server assign tasks to employees and then lets them respond and provide updates, fill out timesheets, all through their Outlook e-mail client. Another example are collaboration abilities, such as viewing task lists for groups and timeline views of multi-worker projects that are part of the Project Professional application. Those workers must be covered by Client Access Licenses (CALs) for Project Server, but do not need to have purchased Project Desktop. "We're trying to widen the funnel down to team participants," Capossela said. This data is hosted on any version of SharePoint, including the free version known as SharePoint Foundation. Microsoft is also changing the Project user interface to Office 2007's "Ribbon." Capossela said the move was necessary because of the many Project commands, which he said "numbered in the thousands."

Previoulsy, such features required users to buy the higher-end Project Server.

Microsoft's ZuneHD, set to go on sale Tuesday, will not feature an open application store like its competitor the iPod Touch. Those capabilities will determine whether the ZuneHD sells well - and whether Microsoft decides to keep selling its own music player, said Matt Rosoff, an analyst at Directions on Microsoft. It will come with some unique features, though, like an HD radio tuner, and with software that has been well-received by users. After observers noticed a Marketplace folder during earlier demos of the ZuneHD, many had hoped the new device would feature an open application store like the one accessible from the iPhone and the iPod Touch.

But the Zune Marketplace will be a closed store, meaning third-party developers won't be able to easily build applications for it. Marketplace is the name of the open app store that will be available on Windows Mobile 6.5 phones, to be released in early October. The new device will include the same casual games that came with earlier Zunes, plus a few other applications like an MSN weather application and a calculator, said Brian Seitz, group marketing manager for Zune. Zune customers will be able to download the applications they like for free. In November, Twitter and Facebook applications will become available, as well as a "Project Gotham" racing game, he added.

Seitz said the timing wasn't right to include the Windows Mobile Marketplace application, which isn't due out until next month, with the ZuneHD, but he also said it's not certain that a similar open Marketplace will come to the Zune in the future. "Down the line, if there's an opportunity for us to snap into what they're doing from a mobile application perspective, I'm sure it's something we'll look at," he said. He acknowledged that people are likely to criticize the decision. "I'm not saying we won't get dinged for that because I know we will," he said. However, Microsoft may decide it makes more sense to limit the applications in the Zune market and offer them all free, he said. That's for good reason, Rosoff said. "When you look at it as a head-to-head comparison with the iPod Touch, people will see it as a shortcoming," he said. It will feature the "smart DJ," which allows the user to pick an artist and then automatically creates a playlist of similar songs.

Microsoft will also debut new Zune software on Tuesday that customers use on their PCs to manage their music. Microsoft will also start offering people who subscribe to Zune Pass a way to access the Zune music collection from a browser. A Zune Pass subscription lets users stream any song from the entire Zune catalog and download 10 songs each month. That means subscribers will be able to listen to music from the entire catalog from any PC, including one at work, rather than only from a PC running the Zune software. Microsoft also revealed a few more details about a Zune feature that will start showing up in Xbox Live later this year. That's part of a strategy to move the Zune software experience into other products from Microsoft, Seitz said. "Going forward, we hope more people think of a 'holistic Zune business,' as opposed to how many of these things we sell," he said, pointing to the Zune hardware.

Xbox users will be able to buy or rent movies from a new Zune store that will be featured in Xbox Live. The most important upcoming product that will include Zune software will be Windows Mobile phones, Rosoff said. "The Zune interface will show up in Windows Mobile," he said. Rosoff suspects that Microsoft will eventually get out of the MP3 player market altogether. "We'll just see the Zune as a consumer component of Windows Mobile," he said. "This is sort of the last [Zune], if it doesn't sell." Even Zune hardware elements, like the touch screen and the form factor of the device, will likely make it into Windows Mobile phones, he said.

A U.S. company whose software code was allegedly stolen in China by a controversial, government-backed Internet filtering program will hit back by launching a rival product for a low price in China, the company said late Sunday. The Solid Oak program, called CyberSitter and targeted at parents, will be offered in languages including Chinese in a version due out next month. Solid Oak Software, which has said its code was copied in a program that China ordered be bundled with all new PCs, is exploring ways to offer its own Web filter for free or at a very low price in China, company President Brian Milburn, said in an e-mail.

A Chinese version of the product would compete with Green Dam Youth Escort, the program that Solid Oak says copied its code and that China originally ordered PC makers to include with all new computers sold in the country from July this year. But under heavy pressure from foreign PC makers and the U.S. government, China indefinitely postponed the mandate just hours before it was set to take effect. The Chinese government had paid the program's developers to allow all PC buyers to use the software for free for one year. Major PC makers including Lenovo and Acer began bundling Green Dam with new PCs until this month. The program also used blacklists apparently lifted from Solid Oak's software, according to the company and a group of U.S. researchers. The program, which China said was meant to protect children from online pornography, was also found to block politically sensitive material such as negative references to a former Chinese president.

One file found in the Chinese program contained an encrypted version of a years-old Solid Oak news bulletin, according to the researchers. Green Dam came under fire for concerns about system stability in addition to user privacy and freedom of speech. Solid Oak, which is based in Santa Barbara, California, is preparing legal action against PC makers that shipped Green Dam, though an update to the program in June removed some of the allegedly infringing elements. One Beijing high school recently removed the program from its computers after finding that it conflicted with software used for grading and attendance tracking. Bryan Zhang, general manager of Jinhui Computer System Engineering, one of the designers of the Chinese software, declined to comment on the allegations of code theft.

Green Dam "is a conglomeration of whatever components [the developers] managed to steal ... or otherwise appropriate from various sources, and duct tape together in the form of an alleged piece of software," Milburn wrote in his e-mail. "They should be utterly humiliated, not just because they stole much of the core functionality, but even more so because they intentionally inflicted such a miserable product on a population of innocent computer users," Milburn wrote. The new Solid Oak product will have a Chinese user interface available and a filtering function that the company reworked after much of its old proprietary code appeared online. That is the ultimate goal," company spokeswoman Jenna DiPasquale said in an e-mail. The filtering will be entirely URL-based, avoiding the need to translate keywords into Chinese. "We are working on a way to release it for free.

NEC Corp. today unveiled several upgrades to its flagship HYDRAstor grid-storage system , adding write-once, read many (WORM) capabilities and the ability to encrypt data in transit. NEC officials said that the upgraded software will increase performance by 67%, while boosting security by improving HYDRAstor's ability to archive mission-critical data. "Over 70% of even high I/O data from source applications such as databases have not been touched after 6 months. The upgraded system also provides deduplication capabilities for more third party backup applications. A lot can be off loaded onto more efficient platforms," said Gideon Senderov, director of product management for NEC's IT Products Group.

The new RepliGrid in-flight data encryption capability protects data as it's being transmitted between HYDRAstor grids and data centers, he added. The new HYDRAlock WORM capability allows administrators to lock out any changes to documents or other records, maintaining a chain of custody for regulatory purposes, Senderov said. NEC also announced that it will allow users to license additional physical capacity that can be activated without adding additional components. A new quota management system allows administrators to set limits to the maximum effective capacity allocated for each file system and its associated application. For example, can now license as little as 12TB of capacity in a 24TB configuration and then pay a fee to activate additional capacity as needed.

The quota management system also offers threshold notifications as well as the ability to set aside a capacity reserve for other applications, such as critical archive data. The upgraded system can deliver up to 1.8TB per hour per accelerator node and up to 90TB per hour for the largest supported configuration of 55 accelerator nodes and 110 storage nodes, according to the company. Previously, the HYDRAstors grid architecture had a default capacity of 256 petabytes for all applications. "We are really looking forward to taking advantage of the new in-flight encryption and quota management functions," said Scott Ashton, a LAN/WAN specialist at TLC Engineering for Architecture Inc., an Orlando, Fla.-based engineering firm. "We've really seen the return on our initial investment as we've been able to take advantage of each new upgrade with HYDRAstor since our early adopter installation in 2007." NEC said that the performance boost comes from software enhancements and more efficient inter-node data transfer and communication protocols. Accelerator nodes are the controller blades with the CPU processing power and storage nodes are the system blades with disk storage capacity. NEC today also introduced lower-capacity, or "entry-level" models of HYDRAstor offering raw storage capacities of 12TB (or over 150 TB effective capacity); 24TB (or over 300 TB effective capacity) and 36 TB (or over 450 TB effective capacity). "A highly resilient storage solution primed for archiving, that self-evolves with the ability to intermix several generations of technology, offers global deduplication, great scalability, and automates provisioning, migration, workload balancing and system management will be the key features of a storage solution that the market will demand," said Dave Russell, a vice president at researcher Gartner Inc.

The new application-aware deduplication feature allows newly-supported third-party backup applications such as IBM's Tivoli Storage Manager and EMC's NetWorker, as well as previously previously supported Simpana from CommVault and NetBackup from Symantec, to take advantage of the data reducing feature. With the exception of WORM capability, the customers can install the latest HYDRAstor upgrades for free. The WORM upgrade costs $14,000 per accelerator node.

Things don't look good for NASA when the opening sentence of a report outlining its future begins: "The US human spaceflight program appears to be on an unsustainable trajectory."

'[NASA] is perpetuating the perilous practice of pursuing goals that do not match allocated resources. Space operations are among the most complex and unforgiving pursuits ever undertaken by humans. It really is rocket science. Space operations become all the more difficult when means do not match aspirations," the report continued.

That was just the beginning of the Review of US Human Space Flight Plans Committee summary report which was handed to the White House today after months of expert review and testimony. A bleak report was expected by many observers but ultimately how its results are interpreted will determine the future of any manned space flights. Keep in mind too that NASA has spent almost $8 billion of a planned $40 billion to develop systems for a lunar return.

President Obama initiated the "Review of United States Human Space Flight Plan Committee" which was led by Norman Augustine, the former CEO of Lockheed Martin to examine ongoing and planned NASA development activities, as well as potential alternatives, and offer options for advancing a safe, innovative, affordable, and sustainable human space flight program in the years following Space Shuttle retirement.

The report offered a number of interesting findings and space exploration options, chief among them was the fact that NASA should basically get out of the low orbit business and focus on deeper space research.

Another option, called Flexible Path by the committee, would have humans and robots visiting sites never visited before while traveling greater and greater distances from Earth. Successive missions would visit: lunar orbit; the Lagrange points (special points in space that are important sites for scientific observations and the future space transportation infrastructure); near-Earth objects (asteroids that cross the Earth's path); and orbit around Mars. Most interestingly, humans could rendezvous with a moon of Mars, then coordinate with or control robots on the Martian surface, the report stated.

The Flexible Path represents a different type of exploration strategy, the committee stated. "We would learn how to live and work in space, to visit small bodies, and to work with robotic probes on the planetary surface. It would provide the public and other stakeholders with a series of interesting firsts to keep them engaged and supportive. Most important, because the path is flexible, it would allow many different options as exploration progresses, including a return to the Moon's surface, or a continuation to the surface of Mars," the committee stated.

Additional findings included:

• NASA's budget should match its mission and goals. NASA should be given the ability to shape its organization and infrastructure accordingly, while maintaining facilities deemed to be of national importance.

• International partnerships: The U.S. can lead a bold new international effort in the human exploration of space. If international partners are actively engaged, including on the "critical path" to success, there could be substantial benefits to foreign relations, and more resources overall could become available.

• Short-term Space Shuttle planning: Under current conditions, the gap in U.S. ability to launch astronauts into space will stretch to at least seven years. The Committee did not identify any credible approach employing new capabilities that could shorten the gap to less than six years. The only way to significantly close the gap is to extend the life of the Shuttle Program.

• Extending the International Space Station: The return on investment to both the United States and our international partners would be significantly enhanced by an extension of ISS life. Not to extend its operation would significantly impair U.S. ability to develop and lead future international spaceflight partnerships.

• Heavy-lift: A heavy-lift launch capability to low-Earth orbit, combined with the ability to inject heavy payloads away from the Earth, is beneficial to exploration, and it also will be useful to the national security space and scientific communities.

• Commercial crew launch to low-Earth orbit: Commercial services to deliver crew to low-Earth orbit are within reach. While this presents some risk, it could provide an earlier capability at lower initial and lifecycle costs than government could achieve. A new competition with adequate incentives should be open to all U.S. aerospace companies. This would allow NASA to focus on more challenging roles, including human exploration beyond low-Earth orbit, based on the continued development of the current or modified Orion spacecraft.

• Technology development for exploration and commercial space: Investment in a well-designed and adequately funded space technology program is critical to enable progress in exploration.

• Exploration strategies can proceed more readily and economically if the requisite technology has been developed in advance. This investment will also benefit robotic exploration, the U.S. commercial space industry and other U.S. government users.

• Pathways to Mars: Mars is the ultimate destination for human exploration; but it is not the best first destination. Both visiting the Moon First and following the Flexible Path are viable exploration strategies. The two are not necessarily mutually exclusive; before traveling to Mars, we might be well served to both extend our presence in free space and gain experience working on the lunar surface.

• Human exploration beyond low-Earth orbit is not viable under the FY 2010 budget guideline.

• Meaningful human exploration is possible under a less constrained budget, ramping to approximately $3 billion per year above the FY 2010 guidance in total resources.

• Funding at the increased level would allow either an exploration program to explore Moon First or one that follows a Flexible Path of exploration. Either could produce results in a reasonable timeframe.

Typhoons are generally loathed for the havoc they wreak in many parts of East Asia, where torrential rains, flooding and heavy wind often kill people and cause millions of dollars in damage.

But Typhoon Morakot, just off the coast of Taiwan, is bringing welcome relief from a drought affecting parts of the island.

Droughts don't often affect tropical Taiwan, where rain falls almost every day in the summer. But when a lack of rainfall causes water shortages, it can be a real headache for technology companies such as chip and LCD panel makers, because they require a lot of water for production.

Taiwan's drought had become so bad in some places, such as the northern port city of Keelung and in southern Taiwan near the Tainan Science-based Industrial Park, home to chip factories owned by Taiwan Semiconductor Manufacturing (TSMC) and United Microelectronics (UMC), that the government announced water restrictions early this week.

But rain ahead of Morakot's arrival has already prompted officials to lift those restrictions.

"The typhoon has already brought enough rain to refill reservoirs to adequate levels in some of our most affected areas, including Tainan and Keelung," said Wu Yue-si, deputy director general of Taiwan's Water Resources Agency. "We've already lifted water restrictions in those areas."

"This is a major typhoon, and it will bring a lot of rain water," he added.

Typhoon Morakot should hit Taiwan Friday evening if it maintains its present course, according to Taiwan's Central Weather Bureau, which shows the typhoon's projected path on its Web site.

The last major drought to hit Taiwan's tech industry was in the spring of 2002 when a lack of rainfall caused reservoirs in the island's Silicon Valley, the Hsinchu Science-based Industrial Park, to fall dangerously low. Companies trucked water to their factories at great expense.

UMC, the world's second largest contract chip maker, estimated at the time that it needed hundreds of truckloads of water each day to supply its factories. LCD panel makers needed even more.

The water restrictions put in place early this week - and already lifted - had no effect on chip makers in Tainan.

"We haven't seen any impact there," said J.H. Tzeng, deputy director of public relations at TSMC. Two of the company's most advanced chip factories are located in Tainan, while the rest of its Taiwan-based chip factories are in Hsinchu.

The Digital Entertainment Group released its midyear report today, and Blu-ray Disc is a noteworthy bright spot. The DEG's industry report echoes the rosy picture of Blu-ray that the Blu-ray Disc Association presented at a press conference at the Consumer Electronics Show in January, and it reinforces the data offered by Adams Media Research this spring-namely, that Blu-ray Disc sales doubled in the first quarter of 2009 over the first quarter 2008.

Consumer spending on Blu-ray discs was up by 91 percent, to $407 million. More consumers have been renting Blu-ray discs, too: Revenues from rentals are up by 62 percent.

This news comes in spite of a recent Harris Poll report indicating that consumers were uninterested in adopting Blu-ray Disc.

According to DEG, consumer spending on prerecorded entertainment as a whole (including DVD, Blu-ray Disc, and digital distribution) during the first half of 2009 was off by 3.9 percent against last year's numbers. Blu-ray Disc sales are up at a time when HDTV household penetration has increased by 13 percent since the end of 2008. Sales of Blu-ray players have grown by 25 percent, and hardware prices continue to decline-a testament to the format's strength in the weak economy. The market success of Blu-ray also reflects the robust trend seen at the theatrical box office: Even tough times don't stop people from consuming entertainment. The DEG numbers note that U.S. households now have more than 2 million stand-alone player units. That brings the total installed base of Blu-ray players-including Sony PlayStation 3 consoles-to 11 million. Of that number, nearly 75 percent are BD-Live capable, meaning that they can handle discs with special Internet-connected content.

More than 40 million Blu-ray titles have now been sold in the United States, and more than 1600 titles are available. Over 190 titles offer BD-Live content.

Carriers worried about the cost of deploying fiber should concentrate primarily on lowering their installation costs and driving up their adoption rates, according to Boston-based research firm the Yankee Group.During a web seminar today on deploying fiber-to-the-home (FTTH ) connections, Yankee Group analysts said that the best way for carriers to quickly recoup their fiber investments would be to focus more on upping fiber adoption and less on generating more average revenue per user (ARPU). While the analysts said that increasing ARPU was indeed important, it did not provide as much of a return on investment as getting more users to subscribe to the technology and reducing the cost of connection per user."If you have a choice between ARPU and penetration, choose penetration," said Yankee Group senior vice president Wally Swain. "To this end, carriers should also reconsider offering wholesale services as a way to get people onto the same platform. If you can get more people selling your service that's got to be better than having to do it yourself."Yankee Group principal analyst Benoit Felten echoed Swain's view that carriers should be more open to wholesaling access to their networks, although he acknowledged that many carriers have in the past been enthusiastic about opening up network access to their competitors. He noted, however, that Dutch telco KPN and Swiss telco Swisscom had both created successful business models where they offered wholesale fiber services."We think economically it makes sense," he said. "Opening up your network is a way to deliver more value to shareholders… carriers should explore ways to generate wholesale revenues from lines that are not subscribing to a commercial service."Wholesale access to  fiber and copper services in generally more common in countries that have retain common carrier rules where an incumbent telecom company are required to allow smaller ISPs to buy space on their broadband networks at discount prices. The idea is to have incumbents wholesale access to their networks to other ISPs to compete with each other to sell Internet services to consumers and businesses. The practice has become less common in the United States after the Federal Communications Commission discarded bandwidth-sharing rules in 2005.In terms of cutting costs to connect new subscribers, the Yankee Group analysts recommended that carriers carefully decide which areas will connect the most users for the least investment. This inevitably means building out fiber in areas that have a high density of buildings or areas that already have extensive underground duct systems that will lower the costs of putting fiber into the ground. The analysts also said that carriers could lower their costs per connection by charging users connection fees when they sign up. Thus, a connection that would cost $1,000 for the carrier would be lopped down to $800 after users paid a $200 connection charge.While only building in areas with high population density generally implies that FTTH networks will be built out in large cities, some carriers have said that FTTH connections could be feasible for certain rural areas that have relatively high population densities.

For instance, Patrick Knorr, the COO of Kansas-based cable and broadband provider Sunflower Broadband, has said that there are some suburban communities in his vicinity that have been sprouting up in rural areas that would have enough population density to justify building out FTTH infrastructure.Looking at the big picture, the Yankee Group analysts said that it's only a matter of time before all major telcos start offering Web access over fiber to the home. The only dilemma for carriers isn't whether to build out more fiber, they said, but how to deploy it without seeing their profits take a nosedive."The copper networks that all broadband services rely on its more than 50 years old and it's dying," said Felten. "Soon or later it will need to be replaced with fiber. Fiber is the endgame and the telcos know it."

Microsoft Corp. is preparing to launch a public beta of Morro, the free antimalware it announced last November, according to a report by the Reuters news service.

Morro will use the same scanning engine as Windows Live OneCare, Microsoft's first consumer-grade antivirus package, and the software that the free software replaces. OneCare is to get the boot June 30, when Microsoft stops selling the program.

According to a Microsoft spokesman who spoke with Reuters, Morro is being tested internally at the company, and will be posted as a public beta "soon." The spokesman didn't offer the news service any further details about a timetable.

The company was not immediately available today to confirm the Reuters story, but it has e-mailed technology reporters offering more information in a briefing with executives if they agree to abide by a nondisclosure agreement.

Others, however, seemed to confirm that Morro was close at hand. Prominent Windows blogger Paul Thurrott noted the Reuters story, but begged off providing details.

"This puts me in an awkward spot. I can't really discuss this too much further at the moment, but since Reuters dropped the ball ..." he said. Thurrott also hinted that the news of Morro's imminent beta had leaked prematurely. "Let's just say it wasn't supposed to be today," he added.

Microsoft has been mum about Morro since November 2008, when it announced that it was dumping OneCare and would instead give away streamlined software that would sniff out PC viruses, worms, Trojans, rootkits and spyware.

At the time, Amy Barzdukas, a senior director of product management at Microsoft, only promised that Morro would launch sometime in the second half of this year. She also denied claims by security software rivals that Microsoft had thrown in the towel on OneCare because the software had flopped.

Microsoft's other consumer security software, the antispyware Windows Defender program, is bundled with Vista, will be included with Windows 7 and is a free download for Windows XP users.

Last year, John Pescatore, an analyst at Gartner Inc., questioned whether users would step up to Microsoft's Morro even if it was free. "Consumers are hesitant to pay for a Microsoft security product that will remove problems in other Microsoft products," he said. "Think of it this way. What if you smelled a rotten egg odor in your water and the water company said, 'Sure, we can remove that, but it will cost you $50.' Would you buy it?"

Not surprisingly, competitors have dismissed Morro's threat to their business and downplayed its ability to attract users. "We like our chances," said Todd Gebhart, vice president in charge of McAfee's consumer line, last year.

"Consumers have already rejected OneCare," added Rowan Trollope, senior vice president of consumer software at Symantec. "Making that same substandard security technology free won't change that equation."

OneCare isn't the only Microsoft program to get the ax at the end of the month. Yesterday, the company confirmed that it would also ditch Microsoft Money, its 18-year-old personal finance program, on June 30.

Microsoft today said it will deliver 10 security updates next week to patch serious bugs in Windows, Internet Explorer (IE), Word and Excel.

If the company follows through on its plans - sometimes Microsoft ditches an update at the last minute - next week's Patch Tuesday will be the largest since October 2008.

"We're back to a normal load," said Andrew Storms, director of security operations at nCircle Network Security. "Some may think of it as pretty big, but really, for anyone who's dealt with Patch Tuesday for the last five years, it's what we should be expecting."

Last month, Microsoft issued just one security update, a 14-patch fix for PowerPoint.

Of the 10 updates Microsoft announced today in its monthly advance notification, six will affect Windows, and one each will patch problems in Internet Explorer (IE), Word, Excel and Microsoft Office. Six of the 10 were marked "critical," Microsoft's highest threat ranking, while three were judged "moderate" and one as "important."

The six critical updates will patch Windows (which gets two of the updates), IE, Word, Excel and Office.

"The red flag is going to be [the] IE [update]." said Storms. "It's critical, it's on all versions [of Windows], and it's even critical in Vista for IE7 and IE8."

IE8, which was released in March, is Microsoft's most security-conscious browser yet. Tuesday's update will provide the first-ever production patches for IE8.

Storms also pointed out that it looks like Microsoft won't protect Mac users this month. "We don't have the PowerPoint for the Mac patches," he said after reviewing the advance notice. Last month, Microsoft took the unusual step of patching the Windows versions of PowerPoint, but not the Mac editions, saying that it didn't want to postpone the update to await Mac fixes.

Attackers had been exploiting the PowerPoint bug in Windows since at least early April. "[But] none of the exploit samples we have analyzed will reliably exploit the Mac version, so we didn't want to hold the Windows security update while we wait for Mac packages," Jonathan Ness, an engineer at the Microsoft Security Response Center, explained last month. Some criticized Microsoft's decision. Swa Frantzen, an analyst at SANS Institute's Internet Storm Center (ISC), said Microsoft was breaking its own rules about "responsible disclosure" by letting the Mac patches slide. "We all know from past experience [that] the reverse engineering of patches back into exploits starts at the time - if not before - the patches are released," said Frantzen four weeks ago. "So in the end, Microsoft just released what hackers need to attack."

Other recently-acknowledged bugs may or may not get fixed next week, said Storms. He was pessimistic about Microsoft patching a problem in DirectX that the company confirmed only last week; the bug is actively being exploited by hackers, according to Microsoft. None of the updates' revealed today seemed to fit the affected software profile of the DirectX vulnerability, Storms said.

But another outstanding advisory, which Microsoft reported two weeks ago and which involved its Internet Information Services (IIS) Web-server software, may get patched. "It's not called out as IIS, so it's hard to say if it will be patched, but I could see them putting it under one of the [six] Windows updates," said Storms. Microsoft has downplayed the IIS bug, which could be used by criminals to steal data from Web servers, because only some configurations are at risk.

Next week's update will be the largest by bulletin count since Microsoft issued 11 on Oct. 14, 2008, but users and IT administrators won't really know the extent of their patching job until the total CVE (Common Vulnerabilities and Exposure) count is revealed Tuesday, Storms argued. Microsoft often bundles multiple patches - each identified by a specific CVE number assigned to the flaw that it fixes - in each update. "The workload will depend on the CVE count out of this," said Storms. "We may get 60, or we may get 20."

While the CVE count doesn't affect the testing companies do on Microsoft's security updates, it can affect the amount of work if, as is often the case, an organization is unable to patch immediately and so implements the workarounds that Microsoft recommends. In its update bulletins, Microsoft lists separate workarounds for each CVE; in other words, if an update includes five patches for five CVEs, it could list five different workarounds.

"So it could go either way next week," said Storms. "But it's going to be an all-eyes forward on the IE update. That's the red flag for June."

Microsoft will release the 10 security updates at approximately 1 p.m. ET on June 9.