Windows 7 Leaked To The Internet

A trial version of Microsoft (NSDQ: MSFT)'s forthcoming Windows 7 operating system showed up on the Internet over the weekend, according to numerous blog reports.
The beta version of the OS, reportedly Windows 7, build 7000, can be downloaded from several infamous torrent sites often used to share pirated content.

Microsoft isn't planning to officially release beta copies of Windows 7 until its MSDN developers' conference in January. A final version of the OS isn't expected until late 2009 or early 2010.

Microsoft may not be overly displeased with the leak.

The company is urging partners to begin work on Windows 7 product development as soon as possible to avoid the sort of compatibility problems that plagued the launch of Windows Vista in January 2007.

Earlier this month, Intel (NSDQ: INTC) released a pre-production version of Windows 7 drivers for graphics chipsets. The WDDM1.1 graphics driver is designed for "enabling the full Windows 7 experience," Intel said, noting that the driver is the result of ongoing collaboration with Microsoft.

Drivers allow hardware components to communicate with a computer operating system.

When Vista launched in January of last year, many hardware makers -- including Intel -- didn't have fully compatible drivers ready. The problems marked the beginning of a slew of bad press for Vista that ultimately led many businesses and consumers to reject the operating system.

To avoid a repeat of those problems, Microsoft earlier this year ordered computer and other hardware makers to begin testing their devices on Windows 7 as soon as the first beta version becomes available.

Microsoft for the first time unveiled Windows 7 features at its Los Angeles Professional Developers Conference in October and appears anxious to release the OS as soon as possible. The company has formally said that Windows 7 won't ship until early 2010, but the January release of a beta disk is the latest sign that Windows 7 could debut in late 2009.

Microsoft is hoping Windows 7, which includes native support for touch screens, will help erase memories of Vista, which has been a disappointment for the company.

Microsoft Scrambling To Thaw Zune Freeze

A surge of online complaints suggests widespread freezing problems with 30-GB version of Microsoft's Zune music player.

Online forum threads have sprawled to thousands of messages detailing what some Zune users are calling "Zune 2K9," a reference to the Y2K bug based on the as-yet-unconfirmed belief that the freeze is a time- or calendar-related programming flaw.

Others are referring to it as the Midnight Meltdown. A handful of YouTube videos uploaded on Wednesday attempt to document the problem. One of the better titles is "The Day The 30 G Zune Stood Still."

"My 30 GB Zune froze out of sleep mode," complained one Zune user. "It wasn't on the charger or connected to my computer. I turned it and rebooted, which isn't all that uncommon when I've turned it off. However, this time it didn't complete. I wonder how Microsoft is going to provide a fix for this because my computer doesn't recognize it as connected when I plug it in."

Microsoft has confirmed that its 30-GB Zunes are crashing and said it is addressing the issue.

"Early this morning we were alerted by our customers that there was a widespread issue affecting our 2006 model Zune 30-GB devices (a large number of which are still actively being used)," Microsoft said in an e-mail. "The technical team jumped on the problem immediately and isolated the issue: a bug in the internal clock driver related to the way the device handles a leap year. That being the case, the issue should be resolved over the next 24 hours as the time change moves to January 1, 2009. We expect the internal clock on the Zune 30-GB devices will automatically reset tomorrow (noon, GMT). By tomorrow you should allow the battery to fully run out of power before the unit can restart successfully then simply ensure that your device is recharged, then turn it back on. If you're a Zune Pass subscriber, you may need to sync your device with your PC to refresh the rights to the subscription content you have downloaded to your device."

The company added that customers can stay informed by monitoring the support page at Zune.net.

"We know this has been a big inconvenience to our customers and we are sorry for that, and want to thank them for their patience," the company said in its statement.

The incident is unlikely to help Microsoft gain ground against Apple's iPod, which accounts for about three-quarters of the digital music player market. And it may undo Microsoft's effort to restore consumer confidence in its hardware following problems with its Xbox 360 in 2007. That year, the company took a $1 billion charge to cover the cost of repairing its problem-plagued game consoles.

Microsoft Windows, IE Usage Declined In 2008

Microsoft (NSDQ: MSFT)'s browser and operating system market share suffered in 2008 while competitors' products thrived.

According to statistics provided by Net Applications, Microsoft Internet Explorer's global market share fell from 78.58% in December 2007 to 68.15% in December 2008.

During that same period, the 10.43 percentage points lost by Microsoft accounted for almost all the gains among competing browser makers. Mozilla's Firefox market share rose from 14.95% to 21.34%, an increase of 6.39 percentage points. Apple's Safari market share rose from 4.85% to 7.93%, a gain of 3.08 percentage points. Google (NSDQ: GOOG)'s Chrome browser, introduced in September, reached the end of 2008 with 1.04% market share.

Microsoft Windows remains the dominant operating system among the Internet users tracked by Net Applications, but it's a bit less so now than a year ago. The metrics company reports that the global market share for Windows fell to 88.68% in December 2008, down from 91.79% in December 2007.

Windows Vista use grew 16.06 percentage points during this period, from 5.06% in December 2007 to 21.12% in December 2008. Windows XP, however, lost 16.27 percentage points, dropping from 81.49% in December 2007 to 65.22% a year later. Windows 2000 went from 3.9% to 1.47%.

Apple's Mac OS X, meanwhile, gained 3.23 percentage points over the same period of time, rising from 6.4% to 9.63%. Simultaneously, the company's iPhone -- which, like the iPod touch, runs a version of Mac OS X -- saw its market share rise from 0.04% to 0.44%, taking Mac OS X as a whole past the 10% mark.

In terms of its share of the U.S. search market, Microsoft also fared poorly, declining from 9.8% in November 2007 to 8.3% in November 2008, according to ComScore. Yahoo (NSDQ: YHOO)'s search share also declined over the same period, from 22.4% to 20.4%. Google saw its search market share grow from 58.6% to 63.5% over the same span of time.

Recession Slams Global Semiconductor Sales

Worldwide semiconductor sales fell in November, as the economic downturn continued to hammer chipmakers, industry figures released Friday showed.

Sales of semiconductors declined 9.8% to $20.8 billion from November 2007, when revenue hit $23.1 billion, the Semiconductor Industry Association reported. Sales were 7.2% lower than the $22.4 billion in October.

Excluding memory products, which have suffered all year from overproduction and weak demand, the industry did much better, but still saw revenue fall. Sales excluding memory fell 4.8% year to year to $17.3 billion from $18.2 billion.

"The worldwide economic crisis is having an impact on demand for semiconductors, but to a lesser degree than some other major industry sectors," SIA president George Scalise said in a statement.

Overall sales for the first 11 months of 2008 were $232.7 billion, an increase of 0.2% from the same period last year, the SIA said. Excluding memory products, year-to-year sales for the same period rose 5.6%.

The SIA numbers were just the latest bad news for the semiconductor industry, which is reeling from a worldwide drop in consumer electronics and PC sales because of the economic recession.

The industry is expected to see its first revenue decline in seven years in 2008, according to market researcher iSuppli. Global revenue is expected to fall by 2% to $266.6 billion from $272 billion in 2007.

The new figure is a dramatic drop from the research firm's September forecast of 3.5% growth and will be the first year-to-year decline for the industry since the dot-com bust of 2001 that sent revenue plummeting by 28.7%.

Microsoft Confirms New SQL Server Threat

Microsoft (NSDQ: MSFT) has confirmed the existence of a new and potentially serious security threat to users of its SQL Server database software.

"Microsoft is aware that exploit code has been published on the Internet for the vulnerability addressed by this advisory," the company said in a bulletin published Monday.

The threat is essentially software code that hackers could use to access or alter corporate databases built with SQL Server. The malicious code could allow what's known in IT security as remote code execution, a process by which hackers could, for instance, alter figures in a bank account without ever setting foot on the bank's premises.

Microsoft said SQL Server 2000, SQL Server 2005, SQL Server 2005 Express Edition, SQL Server 2000 Desktop Engine, and Windows Internal Database (WYukon) are all potentially vulnerable to the threat. It added, however, that it's not aware of any attacks having actually been carried out.

The threat does not affect SQL Server 7.0 Service Pack 4, SQL Server 2005 Service Pack 3, or SQL Server 2008, Microsoft said.

"This vulnerability is not exposed anonymously. An attacker would need to either authenticate to exploit the vulnerability or take advantage of a SQL injection vulnerability in a Web application that is able to authenticate," Microsoft noted in its security bulletin.

Microsoft said it's continuing to investigate the problem and will issue a security patch if necessary -- either as a special download or as part of its regular monthly security update cycle.

In the meantime, Microsoft is urging customers who believe they've been targeted by hackers using the vulnerability to contact Microsoft customer service, as well as the Federal Bureau of Investigation and the Internet Crime Complaint Center.

Consumers Don't See Mobile Banking As Secure

Mobile banking is a common service in countries like Japan, though less than 10% of U.S. consumers use their cell phones to perform banking transactions. The single biggest factor for the low adoption rate is concerns over security, according to a new report by Javelin Strategy & Research.

The report, titled "2008 Mobile Banking Security Standards," said 47% of nonparticipants did not sign up because of security. Despite the lack of large-scale mobile phone attacks, 73% of consumers fear hackers could remotely access their phones. Those surveyed also expressed concern that their sensitive mobile banking data could be stolen with a wireless signal despite encryption, and more than half were worried about what would happen if their phone was stolen.

The report found these perceptions could possibly be improved, and the most effective way is by guaranteeing reimbursement of any fraudulent use of financial accounts. Other ways to tackle the security concerns include using a login method beyond user name and password, and providing e-mail alerts for particular conditions like a large withdrawal.

"With a well-designed security program in place, mobile has inherent safety advantages that make it one of the most protected channels for remote banking," the report said. "It can be used to improve overall security via the inherent speed and notification advantages of always-on, always-present mobile access."

Visa and MasterCard have ambitious mobile plans, and mobile banking is a major part of the companies' strategy. Both are already piloting programs across the country, and they are entering the mobile application space as well.

"While convenience is great, we want to make sure our moves in the mobile market cause no damage to the brand," said Simon Pugh, head of MasterCard's global mobile payments strategy. "We have, and will continue to implement, a comprehensive end-to-end security model."

The group identified a weakness in the public key infrastructure used on the Internet to issue digital certificates for Web sites that employ the secu

A municipal network held hostage, the hacking of a public official's private e-mail account, court battles to gag security researchers, and dire warnings about the Internet's Domain Name System were just a few of the highlights of the IT security landscape in 2008.
In separate but related incidents this year, Massachusetts Bay Transportation Agency and NXP Semiconductors lost court battles to gag security researchers. MBTA wanted to keep three MIT students from talking about security flaws in Boston's transit fare card system known for its "Charlie Card." NXP wanted to prevent researchers at Radboud University in the Netherlands from publishing details about security flaws in NXP's MIFARE Classic card, on which the Oyster card used by the London transit system is based.

Neither group succeeded in silencing the security researchers who identified holes in their respective systems, proof that the judicial system, often criticized for being out of step with technology, understands the value of security research. That bodes well for the future.

As Counterpane CTO and security rock star Bruce Schneider explained in an op-ed piece in The Guardian about the NXP case, "The notion that secrecy supports security is inherently flawed. Whenever you see an organization claiming that design secrecy is necessary for security -- in ID cards, in voting machines, in airport security -- it invariably means that its security is lousy and it has no choice but to hide it."

Hiding it, however, doesn't work anymore; only openness offers any real measure of security.

Sarah Palin's Rogue E-mail Account Hacked

In a case that highlighted the insecurity of online password recovery schemes, the risk of public officials going rogue and relying on consumer services for official communication, and the deductive power of the crowd, Alaska Gov. Sarah Palin saw the contents of herYahoo (NSDQ: YHOO) Mail account published all over the Web.

It didn't take long for Internet sleuths to link online nicknames associated with the person claiming responsibility for the breach with a suspect, 20-year-old David Kernell, son of Tennessee Democratic state Rep. Mike Kernell. Coming at a time when the contentious presidential election had yet to be decided, the compromise of Palin's e-mail account stoked partisan passions, stirring interest in the case far beyond the significance of the crime.

Kernell's trial has been pushed back from December 2008 to May 2009. The indictment against him looks shaky. In the end, he's likely to plead to a misdemeanor and face no serious punishment, apart from a hefty legal bill.

200 Sony PS3s Harnessed To Crack Secure Site Certification

Using 200 Sony (NYSE: SNE) PlayStation 3s for crypto cracking, a group of security researchers has found a way to forge certain digital certificates used to identify secure Web sites, a technique that could be used to create fake versions of popular e-commerce and banking sites.

The researchers -- Jake Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Alex Sotirov, Marc Stevens, and Benne de Weger -- presented their work Tuesday at the Chaos Computing Congress, a four-day computer hacking conference held annually in Berlin.

The group identified a weakness in the public key infrastructure used on the Internet to issue digital certificates for Web sites that employ the secure HTTPS protocol.

"Our attack takes advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messages with the same MD5 hash," the researchers said on their Web site. "This is known as an MD5 'collision.' Previous work on MD5 collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios. Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the Web to realistic threats."

Discussing the research, Princeton computer science professor Edward Felten explained on his blog that the hash is a 128-bit code that's supposed to represent a unique digest of the digital certificate in question. "To be secure, the hash method has to have several properties, one of which is that it should be infeasible to find a collision, that is, to find two values A and B which have the same hash," he wrote.

But as the researchers have shown, it's not infeasible. In theory, at least, that means someone could create a fake HTTPS banking site, for example, using a forged certificate to hijack a trusted brand name.

The group identified six certification authorities that issued certificates signed with MD5 in 2008: RapidSSL, FreeSSL, TC TrustCenter AG, RSA Data Security, Thawte, and verisign.co.jp.

Shortly after the research was presented, Tim Callan, a product manager for VeriSign's SSL business, said in a blog post that his company had taken steps to eliminate the vulnerability. He said that VeriSign has "been in the process of phasing out the MD5 hashing algorithm for a long time now."

Microsoft (NSDQ: MSFT) also responded, issuing a security advisory Tuesday. "This new disclosure does not increase risk to customers significantly, as the researchers have not published the cryptographic background to the attack, and the attack is not repeatable without this information," Microsoft's advisory says. "Microsoft is not aware of any active attacks using this issue and is actively working with certificate authorities to ensure they are aware of this new research and is encouraging them to migrate to the newer SHA-1 signing algorithm."

The research group goes further, advising that certification authorities stop using MD5 and move to more secure hash functions, such as SHA-2. While collision attacks have not yet been shown to be practical against SHA-1 hashes, work along these lines is progressing.

The Trouble With Netbooks

Rumor has it that Google (NSDQ: GOOG) would like to see its Android operating system powering more than mere mobile phones.

VentureBeat and others claim that Google is positioning Android as an operating system for netbooks, the curious category of device that's somewhere between an underpowered laptop and an obese mobile phone.

That would certainly be consistent with Google's philosophy that increased Internet usage benefits the company. But Google won't say if it has plans for Android-powered netbooks.

"Google collaborated with members of the Open Handset Alliance, which includes hardware manufacturers, semiconductor companies, software companies, carriers, and commercialization partners, to make Android available as open source," a Google spokesperson said via e-mail. "This has freed the platform to be used as the industry sees fit, without restriction. We believe the platform can and will be used in wireless and other embedded devices, and we encourage the community to use it in other applications. We have nothing to announce at this time, and we are not in a position to comment on the activities of other OHA members."

Even so, I find the growing popularity of Net-centric devices troubling because they have the potential to disempower the user.

Netbooks, of course, are less powerful from a processor standpoint than notebooks. They're not intended for computationally intensive tasks like high-end gaming, professional content creation, or scientific number crunching.

But their strength -- lightweight computing like e-mail access, Web browsing, and online applications -- threatens to further weaken the ability of users to process and control their own data. By emphasizing the cloud computing model, netbooks push users toward dependence on online service providers, a relationship inevitably more constrained than the personal computing model.

Not that there's anything wrong with that, provided local computing and content creation remains an option. While it sounds paranoid to suggest that local computing power would ever disappear, there are plenty of powerful media companies that would be happy to see consumers with less access to the computational brute force required to crack digital locks, to the ability to install ad-blocking software, or to the local storage that enables the accumulation of massive content libraries.

For many, the cloud represents an appealing deal, thanks to the insecurity of desktop operating systems and the maintenance burden that comes with owning desktop and portable computers. While netbooks aren't yet substantially different, many in the industry see them as a way to bring the mobile phone subsidy model to computers. In that vision of the future, users would have less control but would be freed from many of the security and maintenance issues.

Apple has proven the appeal of the managed computing experience with its iPhone and iTunes Store ecosystem. There's money to be made when you're a gatekeeper. That's why Google has followed suit with its Android Market, and the BlackBerry will get a store of its own eventually.

The question is whether netbooks will retain their computing heritage or become more like phones, more restrictive.

As a Linux-based system, Android at least is open, and it may be premature to worry that a more locked-down computing environment is inevitable. Indeed, it would be fair to say that open source software stands to benefit from a central organizational force like Google, if the company can provide a more user-friendly experience.

Netbooks are becoming more popular, with third-quarter sales increasing by 160% over second-quarter sales, according to NPD's DisplaySearch. Hopefully, that popularity won't marginalize higher-horsepower computers and their many uses.

Verbatim Unveils Quad-Interface Desktop Hard Drives

The latest products' multi-interface support simplifies file sharing for designers collaborating on projects from different systems.
Hardware manufacturer Verbatim Americas on Friday launched two external, quad-interface desktop hard-disk drives.

The drives, one 500 GB and the other 1 TB, offer Mac and PC users "plug-and-play" support for the leading interfaces, USB 2.0, FireWire 400, FireWire 800, and eSATA II, the company said. The drives are aimed at digital content professionals, consumers, and small businesses looking to store audio, video, photos, and graphics files.

"Our new 500-GB and 1-TB Desktop HDDs offer many advantages for editing and storing high-density applications, compared to using two or three smaller HDDs," Charles Klinker, director of marketing for Verbatim, said in a statement.

The 3.5-inch drives feature spindle speed at 7,200 revolutions per minute and 32 MB of cache memory. The drives are housed in a black aluminum case, weigh 3.3 pounds, and measure roughly 9 inches by 6 inches by 1.5 inches.

The latest products' multi-interface support simplifies file sharing for designers collaborating on projects from different systems. The bus-powered drives have transfer speeds of up to 50 MBps for FireWire 400 connections, up to 100 MBps for FireWire 800, and up to 3 GBps for eSATA II.

The drives also include Nero's BackItUp 2 Essentials software for automatic backup for Windows systems.

The hard drives support Windows 2000, XP, or Vista, and Mac OS X 10.1 or higher. The products, which come with a three-year warranty, have a manufacturer suggested retail price of $180 for the 500-GB model and $250 for 1-TB version. The drives include cables for the four supported interfaces.

Verbatim also offers hard drives with only USB interfaces, as well as products with USB/FireWire and USB/eSATA interfaces.

2008: The Year In Pictures

The year was notable for high-profile security breaches -- Obama, McCain, and Palin got hacked -- NASA's big news from Mars, and the comedic gifts of Bill Gates.

NASA Finds Martian Ice

Two Big Science stories gave us remarkable images this year. The first was the discovery in June of ice on the Martian surface and analysis of soil samples retrieved by the craft gave NASA scientists hope that life may have once existed on the planet.

Cautioning against rumors and tinfoil hat speculation, NASA scientists rejoiced over

the quality of data beamed back by the Phoenix Mars Lander.

The agency's Mars news was tempered by a setback to its space shuttle program

. A revised budget announced in August is delaying the first next-generation Constellation spa

ce shuttle launch until 2014, a year later than planned. With Discovery, Atlantis, and Endeavor expected to retire in 2010, the shuttle program will go four years without a launch. That should give NASA's IT department time to put anti-virus software onto all its laptops.

N ASA photos of ice on Mar s.

Particularly Smashing: CERN's Large Hadron Collider

The other big story with great visuals came in the Fall when scientists powered up the world's largest particle accelerator, a massive underground device designed to conduct particle physics experiments. Scientists working in a 17-mile tunnel 300-feet beneath the French/Swiss border hope to use the LHC to test the Big Bang theory and other beliefs about how matter and mass formed. The massive project is expected to produce roughly 15 million GB of data annually for analysis by scientists around the globe.

Reassurances from scientists notwithstanding, the tin-foil hat brigade railed against the search for the so-called "God particle," fearing researchers would form black holes large enough to bring on doomsday.

But we'll have to wait and see if they were right.

Just as scientists began testing the LHC, hackers made a mockery of the European lab's network security. Days later, a liquid helium leak brought research to a halt until at least next spring when repairs are completed.

Microsoft (NSDQ: MSFT) Goes For The Funny

The biggest software company on the planet made some cringe-worthy videos of its own in 2008.

To "reintroduce Microsoft to viewers in a consumer context" it brought in funnyman Jerry Seinfeld and paired him with company co-founder and video veteran Bill Gates in two ads.

The first ad featured Seinfeld and Bill Gates shopping for shoes. The second ad found the two men living with a "regular" family, prompting Dave Methvin to write, "we've finally found something that's much worse than Vista: Vista commercials."

VeriSign Announced It Has Transitioned To Stronger Crypto

Last week the IT security community lit up with the news that a team of researchers demonstrated how they could force digital certificates – those digitally signed files that make it possible for software to vouch for its publisher, and Web sites to safely identify themselves.
If you’re not familiar with the news last week, colleague Mike Fratto summed up the mportance of this research into digital forgery in this post.

On New Year’s Eve, VeriSign announced that as of Tuesday, it’s making the transition from the weakened (MD5) algorithm to the stronger SHA-1 algorithm:

VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure services for the networked world, today announced an immediate transition to the SHA-1 algorithm on new RapidSSL brand certificates as of 11:00 a.m. Pacific on Tuesday, December 30. Additionally, VeriSign is offering free re-issuance of RapidSSL Certificates on the SHA-1 algorithm to replace those created with MD5.

The transition to the SHA-1 algorithm came within a few hours of the public unveiling of an MD5 flaw presented by researchers during the 2008 Chaos Communication Congress (CCC) in Berlin, rendering the MD5 flaw ineffective for all new RapidSSL Certificates.

During the Berlin event, researchers presented findings that highlighted an MD5 collision attack using substantial computing power to create a false SSL Certificate using the RapidSSL certificate brand. The attack was a potential method to create a new, false certificate from scratch and required the issuance of new certificates, meaning existing certificates were not targets for this attack.

VeriSign also made a point to note that it had already been well underway phasing out the MD5 algorithm by the end of this January.

Overview of Mercury

Overview of Mercury Introduction

Mercury/32 is a Mail Transport System — a suite of programs designed to move electronic mail messages from one computer system to another (possibly different) system. Unlike a user agent, or client such as Pegasus Mail, with which individual users interact to read and send mail, Mercury is seldom directly encountered by users; its operation is largely invisible — it is a “black box” running in the background, performing tasks autonomously.

Mercury/32 is divided into a core processing module (MERCURY.EXE) and a set of “service” components, called protocol modules. Each protocol module supplies a specific service to the core processing module – for instance, the Mercury SMTP Server Module, MERCURYS, ac- cepts incoming mail delivery connections and submits them to the core module for process- ing. The core module is responsible for routing mail (that is, deciding whether messages are local or need to be sent to the outside world), and for providing core services such as the au- tonomous mail server, mailing list management and error handling.

The following protocol modules are supplied with Mercury:

MercuryS – SMTP server module This module is responsible for handling incoming mail de- livery connections from the outside world. It accepts mail and places it in the core module’s mail queue for processing. MercuryS implements the Internet SMTP standard (Simple Mail Transfer Protocol) and supports several Extended SMTP extensions.

MercuryC – SMTP client module MercuryC is responsible for sending mail to the outside world using the Internet SMTP mail protocol. MercuryC is what is known as a relay mailer – it does not attempt to deliver mail directly to the recipient; instead, it asks a larger SMTP implementation (often a unix host) to deliver it on its behalf. This relay model makes Mercu- ryC particularly suitable for use behind firewalls, since it can ask the firewall system to send mail on its behalf.

MercuryE — SMTP direct delivery module MercuryE is an alternative SMTP client module for Mercury; like the MercuryC module, it is responsible for sending mail from your system to the outside world. Unlike MercuryC, though, MercuryE can perform complete end-to-end delivery without requiring a relay host. MercuryE is typically used in situations where you have either a permanent Internet connection, or one with fast establishment, such as an ISDN connection. You can choose to install either MercuryC or MercuryE, depending on your needs, but you can only install one, not both.

MercuryP – POP3 server module MercuryP listens for connections from POP3 client pack- ages, such as Pegasus Mail, Eudora or Outlook Express, and provides access to new mail waiting on the server via the POP3 protocol. MercuryP conforms to Internet Standards Document RFC1939, including support for advanced commands such as APOP and UIDL.

MercuryD – POP3 client module MercuryD acts as a POP3 client on behalf of one or moreusers on your system. Using MercuryD to download mail for your users from an Internet Service Provider allows you to centralize your Internet connection to the single machine where Mercury runs – users can see their mail without their own workstations actually being connected to the Internet or having modems. MercuryD can also retrieve mail from Domain Mailboxes – that is, single mailboxes where all mail destined for a specific domain gets de- livered – and route the contents to the local users on your system.

Reporting the results

Reporting the results

* Time to complete / MHz per iteration
* CPU and bus frequency
* Tested platform type
* Cache arrangement / sizes etc
* Number of ‘processors/threads’ available in the hardware
* Processor die area
* Code image size
* Memory type and performance / latency
* AAL implementation version
* (this is the thread API abstraction layer)
* OS version
* Tools version and flags etc.
* Number of thread used by the benchmark (user defined)

Example Benchmarks

Example Benchmarks

* Single task decomposition
* Decoding MPEG4 using existing benchmark data sets
* Using mid-grain parallelism
* High-pass grey filter from the image processing benchmark
* Working at a fine-grain level of parallelism
* Multiple data set
* Decoding of multiple different jpeg images
* As may occur when viewing a web page
* Decoding of multi-channel audio
* Uses a coarse-grain parallelism
* Multiple Algorithm
* Concurrent execution of the tasks within a video/data conference
* cjpg/djpg, mpeg encode/decode
* STB/PVR - maybe….

But then many aspects to SMP

But then many aspects to SMP

* Decomposition of a single task
* This is where you take a single algorithm and parallelize it to share its workload between the
multiple processors.
* Execution of multiple different algorithms concurrently
* This looks more at how the bigger system, including the OS, handles the workloads from
multiple concurrent algorithms.
* Execution of a single algorithm over multiple data sets
* This looks again at the bigger system, but concentrates more on the data throughput, and how
a system can handle multiple 'channels' of data.

Conclusion, We’d apply these three SMP techniques to individual and groups of existing EEMBC consumer benchmarks

The Complexity of MP Benchmarking

The Complexity of MP Benchmarking

* First hurdle, to classify the various forms of what is called MP?
* SoC Multiple heterogeneous processor cores (eg MPSoC)
* Uniprocessor with accelerators allowing synchronous offloading
* Homogeneous multiple processor ‘farms / seas / nets / etc’
* Multiple register-banked ‘threaded’ uniprocessors
* Symmetric multiprocessors (of various forms)


Conclusion, benchmarking is about the costs of running software, so need to focus around a
software model that encompasses MP - initial focus will be using the Symmetric Multiprocessors (SMP) software threading and shared data model. This also allows comparison with current uniprocessor solutions

The Industry Problem

*Something MPSoC has known for years…
*Processors happy to work together get more done!

*Today, most embedded solutions have some form of MP, and many general processor sockets are also now moving to MP architectures.

*But….
*How can I know really what performance I’ll get from the solution?
*How can I compare different hardware solutions?
*What’s the cost tradeoffs
*..and what about the efficiency of the middleware ?

Measuring SMP

With symmetric multiprocessing (SMP) being asked to answer the hardware's challenge of power consumption and design cost, directly comes the question of logical vs. physical performance from the software designer. This talk takes a peak into the ongoing work inside www.eembc.org to bring a cross-platform industry standard benchmark suite for SMP devices. The comparison with uniprocessors, the challenge of portability and the layers of abstraction needed to show that your SMP device is the best!

Consumer Electronics: Innovate or Die

In May 2008, The Wall Street Journal reported that 11%-20% of all electronics goods are returned. Sony's (SNE) senior vice-president, Mike Abary, explained that defects "aren't even the top three reasons for returns." The top reason? The products "didn't meet expectations." According to the article, an Accenture report shows that it costs the U.S. electronics industry $13.8 billion to rebox, restock, and resell the returned items, eroding the industry's ability to attract and then create loyal customers. Quite a high price to pay for a problem that has a solution.

This becomes especially poignant given the current decrease in spending on consumer electronics (CE). Data from MasterCard Advisor's retail service showed holiday sales for this sector plummeted 26% from 2007. To survive the market shifts long-term, CE companies need to view this extraordinarily challenging period as an opportunity to innovate, to fix what was already broken, and revamp their business strategies. It'll take a lot more than blanketing the media with clever ads. Here are four recommendations to consider:

Know your customer

The problem at the heart of the industry today is that CE companies still design for their original, early adopter geek audience. Tech geeks drove the development of the CE industry when it was new and there was a steep adoption curve. But, now that grade schoolers and hockey moms carry iPhones, consult their GPS for driving directions, bank online, and share family photos on Flickr, CE companies need to do more than rely on consumer curiosity to stay alive. The digital lifestyle is no longer one-size-fits-all, and today's impatient and fickle mass consumer expects more than the complicated, unsatisfying out-of-the box experiences that have become an industry norm.

Create a 360-degree experience

CE brands need to match the right product to the right consumers and then connect with them meaningfully at every point of contact. The "360-degree experience" includes everything from packaging, design, and marketing to after-market support such as programs to help customers discover product benefits, end-of life recycling programs, and user support executed with the care of a concierge service, rather than with the complication and delay of an overwrought bureaucracy.

It's true, we need an example other than Apple (AAPL) to demonstrate a successful 360-degree experience, but Apple nails it every time. They do not try to be everything to everybody. Packaging is elegant. The product is beautifully designed. Set-up is simple. Support is available (though there is room for improvement here). Messaging is consistent and clear at every touch point.

Make meaning: Right now, CE companies start losing before they've even said "hello." Research for our own CE clients, such as Logitech (LOGI), has revealed that consumers are overwhelmed and confused at retail stores like Circuit City (CCTY.Q) (no doubt a contributing factor in its recent bankruptcy filing). People we tracked on "shop-along" research trips found it impossible to discern the meaningful difference between, say, a $40 mouse and a $70 one, let alone penetrate the chaos that is the flat-screen TV section. Navigating the many dozens of options marketed with buzzwords like "plasma," "digital," or "720p LCD" was daunting, and many potential customers we tracked left the store without making a purchase. So the industry can add "loss of sale" to their return losses as well.

Few of our shoppers visited manufacturer Web sites for information. Rather, they used third party sources such as CNET, customer reviews on Amazon (AMZN) or the advice of their peers. It's no surprise, then, that there is little-to-no brand loyalty. Except, of course, for Apple who has succeeded in translating geekspeak, like "120GB," to terms anyone can understand, like "30,000 songs." The CE industry needs to stop talking techspeak and speak in terms that mean something to the rest of us.