Volume 9, Issue 08 Atari Online News, Etc. February 23, 2007 Published and Copyright (c) 1999 - 2007 All Rights Reserved Atari Online News, Etc. A-ONE Online Magazine Dana P. Jacobson, Publisher/Managing Editor Joseph Mirando, Managing Editor Rob Mahlert, Associate Editor Atari Online News, Etc. Staff Dana P. Jacobson -- Editor Joe Mirando -- "People Are Talking" Michael Burkley -- "Unabashed Atariophile" Albert Dayes -- "CC: Classic Chips" Rob Mahlert -- Web site Thomas J. Andrews -- "Keeper of the Flame" With Contributions by: Kevin Savetz To subscribe to A-ONE, change e-mail addresses, or unsubscribe, log on to our website at: www.atarinews.org and click on "Subscriptions". OR subscribe to A-ONE by sending a message to: dpj@atarinews.org and your address will be added to the distribution list. To unsubscribe from A-ONE, send the following: Unsubscribe A-ONE Please make sure that you include the same address that you used to subscribe from. To download A-ONE, set your browser bookmarks to one of the following sites: http://people.delphiforums.com/dpj/a-one.htm Now available: http://www.atarinews.org Visit the Atari Advantage Forum on Delphi! http://forums.delphiforums.com/atari/ =~=~=~= A-ONE #0908 02/23/07 ~ Classic Gaming Expo! ~ People Are Talking! ~ Chat Room Firing Suit! ~ New Data Security Laws ~ Curbing Online Bullying ~ Wii Tops, PS3 Last! ~ Dell Users Want Linux! ~ Hackers Take Over Snort ~ Gates Limits Own Kids! ~ Caverns of Lost Miner! ~ Curing E-mail Addiction ~ New Google Apps Out! -* Wikipedia Breaks Into Top 10 *- -* First Woman Honored With Turing Award *- -* Pharming Attack Goes After World Banking! *- =~=~=~= ->From the Editor's Keyboard "Saying it like it is!" """""""""""""""""""""""""" Well, another week, and the little snow that we had is still on the ground, with a little added insult last night - just as a friendly reminder that winter is still here. However, it's getting [relatively] warmer and the sun is setting a little later each day. Ahhhhh, Spring is just around the corner - I can feel it. Almost time to dust off the golf clubs and practice some putting in the house. I don't have a lot to say this week. Everything is pretty much status quo, from my perspective. So, rather that itemize everything I've been doing, or trying to do - along with the various issues going on, I'll let you off easy again this week. Odds are that there will be some interesting issues to discuss sooner, rather than later! Until next time... =~=~=~= Caverns of The Lost Miner Caverns of the lost miner is logical game inspired by SUPER MINER. You must guide the miner through 13 caves and collect all diamonds. Written in C and ASM. Source code available. URL: http://www.baktra.wz.cz/english.html =~=~=~= PEOPLE ARE TALKING compiled by Joe Mirando joe@atarinews.org Hidi ho friends and neighbors. I'll tell you right now that I don't really know how this column is going to turn out. I've had a huge upheaval in my life this past week, and my mind (and stomach) are swirling like you wouldn't believe. This past Tuesday I quit my job of more than 25 years. The amount of pressure and stress had recently built up to the point that the situation became untenable. To make a long story short, I'm now looking at the job market, saying to myself, "What the hell did I do to myself??". I'm hoping that, somewhere out there, there's a job for me, but anyone who's been out in the job market lately can tell you that it's tough out there. We'll have to see what happens. Hmmm... maybe I should pull a 'Soupy Sales'... "Hey boys and girls. Do you know where your mommy keeps her checkbook?" [grin] Well, anyway, let's get on with the news, hints, tips and info from the UseNet, okay? From the comp.sys.atari.st NewsGroup ==================================== Although 'Chuck B' is asking about files belonging to King's Quest, the info is good for just about any data file that's been compressed to a .st virtual disk file: "What I am trying to do is this. The files are in .st format. I need them to not be so I can read them on a pc or st." Daniel Mandic tells Chuck: "You can insert (open file, of course) them in 'Steem' Emulator and read and write. If you have problems making Disks with your PC-Floppy, greater than 720K: Sending the .st file with a Null modem Cable (PC-Atari) and writing then with the ATARI to a Disk is also a solution. But parting the .st file onto 2 or even 1 720K disk, with an archiver program for example, STZIP. So you don't need a serial cable connection and you can transfer over 720K formatted special ATARI Disks. Although, I don't know how much compressible the .st files are, in the worst case you have to use 2 disks to archive a greater than 720K Game/Disk. Zip can make verbose files, with 720k each or 1440K... Option -v720 or -v1440 for HighDensity or even -v500 should work and would make an archive, parted into 500K files. I say this, because I have heard about troubles with PC and making ATARI disks. In this case the ATARI itself is your help. Getting the .st file there, is hopefully well explained by me now :-) MS-DOS formatted disks 720K should work well on ST! In 'Steem 3.2' root directory is also some text to read.... DiskIMG program, how to use... etc etc... I think .st files can be read by any Computer. Atari or PC... Amiga, Apple OS, Linux and so on. Making floppies out of it, is best managed by a ST, of course, and recommendable to do so (to prevent I/O errors, due to floppy-drive differences, also PC's have known problems between two different PC Floppy drives, other Brand etc.)!!!." If you're one of those people who've become addicted to Sudoku, you'll be glad about Guillaume Tello's announcement: "I wrote a Sudoku solver. You can find it at http://perso.orange.fr/gtello/sudoku.zip It comes with ST and TT versions. The interface is as ugly as possible but the solver seems to be efficient. I tested it with very hard puzzles and the solution comes really quickly (0,01 second on my TT and 0,06 seconds on my Mega STE). Interface in French but a SUDOKU.TXT includes a short english explanation. Have fun!" Matthias Alles asks Guillaume: "Just out of curiosity: How do you implement the solver? I know that one can map the problem to an ILP problem. Do you do this or do you just perform all the things that a human does by hand iteratively?" Guillaume replies: "I don't know what ILP problem is, sorry, I'm not english... and never made computer studies. The solver has two levels: - the first one is close to the human behavior: eliminating wrong cases by row, column or bloc, and finding pairs to reduce the possible cases. - if this fails, the solver makes a "guess" on one unsolved position and tries to solve this new puzzle: if the puzzle appears to be impossible, then the guess was wrong and this eliminates a possibility. This is done recursively and works very well. I solved a puzzle named "the hardest sudoku in the world"... Don't know if one should believe it, but it's true that my solver had to make several levels of guesses before solving it. Here is the "hardest sudoku" (right window) and my solution (left window) under Anranym. http://perso.orange.fr/gtello/sudoku.jpg " Henk Robbers tells Guillaume: "Writing a solver apparently is much more fun than do the solving. I remember Rubik's cube. I only bought one when I discovered that they could easily be taken apart and reassembled. I never got the patience to actually solve one." Matthias Alles comes back and tells Guillaume: "The sudoku you solved has 23 numbers in it, but I think the hardest one's only have 17. Here is one with 20 numbers only: http://de.wikipedia.org/wiki/Bild:Sudoku_9-9-20.gif Maybe you want to try this. Anyway, nice to read that you did it in Assembler... Cool!" Guillaume replies to Matthias: "It seems that the number of numbers is not directly tied to the level of difficulty. Because, solving your puzzle with 20 numbers was made without any guess: only limitations with rows, columns, blocs and pairs. The one I tried before required 6 levels of guesses before being solved! Yes, in assembler it was the best I think because I use a lot of binary operations to make the eliminations and my puzzle only needs 324 bytes of memory with bit fields. So the cache of 256 bytes gives a real power." Ingo Schmidt tells Guillaume: "[This] Sounds very interesting. Since I love coding in asm I'd love to see the code. Why don't you include it in the zip? That would be nice!" Guillaume replies: "Ok! No problem. I'm working on the interface to make it more human. I'll upload the new version with the source code. I'll tell you when it's done." And a few days later, Guillaume adds: "Here is the SUDOKU solver with its GEM interface. It should run on any machine, any resolution and TOS or Multitos systems. http://perso.orange.fr/gtello/ in the 'download' section, in the English column. There's still a problem with the cursor under Aranym/Xaes. It's not displayed in the current edited box. Hard to find where we are... Some options: LOAD/SAVE puzzles, TEST (just says Ok or Error without displaying the solution, SOLVE (to get the solution). Well, that's all... A CREATE option will be available (I hope..)" 'Mark W' asks a question that we all used to hear often. Of course, that was 15 years ago! He asks: "I am looking into getting an Atari ST. I grew up and was in high school/college during those years and have a desire for a lot of the older computers. I'm actually getting a Apple II currently and am looking at a Amiga 500. With Atari being so big back then I want an Atari as well. Should I look at the 520 or the 1040 or is there another model? Since I only used Commodore back then I know little about Atari. As well, my main concern is the monitor. What type of monitor does the ST use? I have all LCD vga/dvi monitors now. I prefer to be able to share monitors so would it output to these? What are the best sources for ST software/games?" 'Nermal' tells Mark: "Go for the Mega 4STE. The video output on the Atari's was non standard. As for printers...start with one of the Epson dot matrix printers. You will not need any drivers." 'Aly' adds: "If you're in Europe, the output couldn't be more standard. 15.75Khz is what the RGB SCART/EUROCONNECTOR on the back of televisions uses. 31.5Khz is basic VGA. Things are brilliant are the moment with the new LCD televisions coming out, since they accept both SCART and VGA inputs. It's as if they're made for the ST. Unfortunately there is no SCART standard in the USA." 'Chuck B' adds his thoughts: "I would say the best st to get is a regular 1040 st. This is the most compatible of them all. I have 1 1040, 2 520's, and 1040STes, and thanks to a ebay jerk a free Mega STE. The mega has some compatibility problems with some games, but not much." 'Coda' adds an interesting thought: "Get Any STFM/STe. Try to get a 1mb machine. If you get the Amiga 500, and if you get it with a 1083/1084 monitor, you can get another cable and share it with the ST." 'Jammer' posts this as a 'to do' sheet for those working on add-ons for the ST: "This message is for all you techy types out there wondering about what to design next for the Atari. Here's my ideas on what mods/addons could be built for the ST/STE and Falcon. First off, I think they need to be something that makes the computers more usable for the majority of people. ST/STE - an adapter that will enable you to get low/med/high resolutions on a PC flat screen (not an LCD tele, they're too expensive) and a compact flash card (or SD etc) adapter that plugs into the hard disk port. Imagine your ST hooked up to a flat screen and with a 1Gb CF card drive, fantastic ! Falcon ? a simple adapter that would plug into the LAN port and allow you to network to a PC setup (I have heard that an Ethermac adapter may do this ???) There are probably plenty more addons that have been talked about, but I think these would be must haves for anyone with an Atari, and would encourage people to use their real Ataris more often, which is what its all about." James Dier replies to Jammer: "SD card that plugs into the HD port ACSI - Satandisk? http://joo.kie.sk/satandisk/ http://ihrisko.org/~mikro/sd_preorder/ LAN 'card' for Falcon and ST - NETUS-bee? http://hardware.atari.org/netusbee/netus.htm couldn't find anyone doing the connection to a PC flat screen, would need some sort of frequency doubler for the low (15khz I think) frequency the machines produce for low/medium res. High res is fine just needs a suitable cable." Halvard Tangeraas adds his own item to the wishlist: "A USB interface which would allow for any modern USB printer would be nice." Coda tells Hal: "I'm working on it as we speak. The idea is that you have a printer that's supported by your existing parallel port printer drivers (like NVDI) but you print to a file. Then, you drag this file and drop it on the printer icon on your desktop. The installed printer driver will pick it up, and pipe it to the USB printer. For this to work you will need drivers that support a protocol that is close to the USB printer that you have, like ESCP for an Epson, HPPCL for HP, for example. I only have Epson photo printers, but I'm sure that as soon as I get a working program out, and the bug reports come flying in, more printers will get supported. I know it's not the most elegant solution, but it's probably the most efficient way to implement a USB printer that will work on all configurations." Well folks, that's it for this time around. Tune in again next week, same time, same station, and be ready to listen to what they are saying when... PEOPLE ARE TALKING =~=~=~= ->In This Week's Gaming Section - Nintendo's Wii Tops the List! """"""""""""""""""""""""""""" Atari's Silverfall Completed! PS3 Last in Console List! And more! =~=~=~= ->A-ONE's Game Console Industry News - The Latest Gaming News! """""""""""""""""""""""""""""""""" Atari's Silverfall Goes Gold For PC Atari, Inc. , one of the world's most recognized brands and a third-party video game publisher, this week announced that development is complete on the 3D action role-playing game (RPG) Silverfall. Developed by Monte Cristo Games, Silverfall is rated 'T' for Teen and will be available in North America for the Windows platform on March 20, 2007 for a suggested retail price of $39.95. In a world of fantasy where technology and nature fight for power, Silverfall gamers must choose between these opposing forces in order to conquer quests and save the principal city from total destruction. Two companions will accompany them on their journey through the fascinating world of Nelwë and the decisions these characters make throughout the adventure and during each quest will be key as choices impact storyline, environment and accumulation of skills. "Silverfall is a fascinating hack and slash style action RPG that offers an immersive and original universe," said Stephen Baer, senior product manager, Atari, Inc. "In each element of this mass environment, from graphical style to storyline, the unique dichotomy of technology and nature pervade to completely engross the player." Silverfall offers a unique character building system of advancement and equipment that allows for complete customization of characters. Gamers can develop distinctive characters such as scientist troll magicians, elemental elf warriors, or mercantile goblins. Fighting and magic are employed throughout the game, and vary from melee, ranged and technical to light, elemental and dark. Gamers will play through a 25-hour main quest, numerous side quests and two multiplayer modes, player-versus-player and co-operative. With four races to choose from, nine skill sets encompassing more than 130 individual skills, over 100 monsters, and advanced 3D graphics, Silverfall replenishes the RPG genre with a memorable hack-and-slash action adventure. Nintendo's Wii Top U.S. Seller In January Nintendo Co. Ltd.'s Wii was the best-selling video game console in the United States in January, and the Japanese company also boasted four of the top 10 games, data released on Wednesday showed. The figures from market research firm NPD showed that U.S. shoppers snapped up 436,000 of the Wii, which debuted in November for $250 and features a motion-sensing controller that has helped build buzz for the machine. The second best-selling console was Sony Corp.'s older PlayStation 2, which moved 299,000 units and outsold Microsoft Corp.'s Xbox 360 and Sony's newer but more expensive PlayStation 3, the data showed. Xbox 360 sales were 294,000 while those for the PS3 were 244,000. High-end versions of those machines retail for $400 and $600, respectively. In December, the biggest month for video game sales due to the holiday shopping season, Microsoft sold 1.1 million Xbox units, while Nintendo sold 604,000 Wii consoles and Sony sold 490,700 PS3 machines. NPD receives data representing about two-thirds of U.S. retail sales and makes projections for the remainder of the market based on a sampling of consumers. The figures do not include Canadian sales or those from "mom and pop" retailers. Total sales of video game hardware and software hit $1.3 billion in January, with game sales jumping more than 50 percent to $549 million, though NPD added that was somewhat inflated due to its January 2007 data covering several more days than January 2006. U.S. game sales charts were topped by "Lost Planet: Extreme Condition," a game from Japanese publisher Capcom in which players fight aliens across an icy world. "Lost Planet" was one of three games for the Xbox 360 that made the top 10, the other two being Microsoft's "Gears of War" at No. 3 and French publisher Ubisoft's "Tom Clancy's Rainbow Six: Vegas" at No. 9. Nintendo had four games in the top 10: two for the Wii, one for its DS handheld and one for its last-generation console, the Gamecube. The PlayStation 3 had one game, "Resistance: Fall of Man," at No. 8, and PlayStation 2 placed two titles, a guitar simulator and a football game, at No. 3 and No. 6. NPD did not provide further details about unit shipments or dollar sales of the top January games. PS3 in Last, Sony Says January Successful Sure, the PlayStation 3 got off to a rocky start and is now only number 3 in next-gen console sales, but Sony Computer Entertainment Inc. claims that things couldn't be better. Well, it could definitely be better, but in any case, Sony is happy with its current status in the market. NPD sales data reported Thursday that the sale of 243,443 units in North America during the month of January contributed to a record $550 million in revenues. Strong sales of the PlayStation 2 and the PlayStation Portable, which earned sales of 299,352 and 210,719 units respectively, was also a major factor. "We are pleased with the numbers from January as they demonstrate overall sales improvements for our legacy systems year over year and continued momentum for PS3," claimed David Karraker, SCEA's director of corporate communications. "With supply levels stabilizing, you can expect to see increased marketing for PS3 and PS2 in weekly retail circulars, which should garner strong numbers, boosted by big software launches, such as MotorStorm and Virtua Fighter 5." Another bright spot in Sony's near future will be the release of the heavily-awaited God of War 2, which comes out in stores next month for the PS2. Sony is also expecting strong results from PSP titles such as Ratchet & Clank: Size Matters, which has already debuted this month. Karraker also claimed that the PSP's impressive January hardware sales are "quickly closing the gap on the leading competitor." All in all, Sony is pleased with the overall performance of the PlayStation brand, claiming last month's figures to be "the biggest January sales in the history of the company in North America." =~=~=~= ->A-ONE Gaming Online - Online Users Growl & Purr! """"""""""""""""""" Classic Gaming Expo Returns to Vegas This July The Classic Gaming Expo has announced that registration for this year's event, the show's tenth anniversary, is open. The event takes place on July 28 - 29, 2007 at the Riviera Hotel and Casino in Las Vegas, Nevada. The Classic Gaming Expo gathers enthusiasts from around the world who are fans of "classic" video games. Guests scheduled to talk at this year's event include Atari founder Nolan Bushnell; Ralph Baer. considered by many to be the "father of home video games" for his creation of the Magnavox Odyssey; Don Bluth, the animator behind Dragon's Lair and Space Ace; Jay Smith, designer of the Vectrex home game console; and many others. The event will feature 'the CGE Museum,' which includes more than 1,000 items including many one-of-a-kind artifacts, a "Classic Arcade" featuring dozens of coin-op machines set to free play; classic game consoles such as the Atari 2600, Vectrex, NES, Genesis and more; live musical entertainment; prizes and tournaments. =~=~=~= A-ONE's Headline News The Latest in Computer Technology News Compiled by: Dana P. Jacobson First Woman Honored With Turing Award One of the most prestigious prizes in computing, the $100,000 Turing Award, went to a woman Wednesday for the first time in the award's 40-year history. Frances E. Allen, 75, was honored for her work at IBM Corp. on techniques for optimizing the performance of compilers, the programs that translate one computer language into another. This process is required to turn programming code into the binary zeros and ones actually read by a computer's colossal array of minuscule switches. Allen joined IBM in 1957 after completing a master's degree in mathematics at the University of Michigan. At the time, IBM recruited women by circulating a brochure on campuses that was titled "My Fair Ladies." When Allen joined Big Blue, an IBM team led by John Backus had just completed Fortran, one of the first high-level programming languages. The point of Fortran was to develop a system that could operate a computer just as efficiently as previous "hand-coded" approaches directly assembled by programmers. Allen recalled Wednesday that her task at IBM was to replicate the achievement on multiple kinds of computers. "I had the good fortune to work on one big project on good machines after another," she said. Her work led her into varied assignments, including writing intelligence analysis software for the National Security Agency. More recently she helped design software for IBM's Blue Gene supercomputer. She retired in 2002 but has stayed active in programs that encourage girls and women to study computer science. "It's a very tough problem overall," she said. "Constant attention to it is important." Since the Turing Award was first given in 1966 by the Association for Computing Machinery, previous winners have included luminaries in encryption, artificial intelligence, hypertext, networking and other vital elements of modern computing. All were men, including Backus, the 1977 winner. Allen called it "high time for a woman," though she quickly added: "That's not why I got it." Wikipedia Breaks Into U.S. Top 10 Sites Wikimedia Foundation popular Wikipedia online encyclopedia cracked the top ten list of most popular Web sites in the U.S. for the first time in January, according to comScore Networks. Wikipedia sites ranked ninth with 42.9 million unique visitors last month, ahead of the sites from The New York Times (No.10), Apple (No.11) and Viacom International (No.12), comScore reported Thursday. Wikipedia, which already ranked in the top 10 list of most popular Web sites globally, has been quickly gaining popularity in the U.S., where its parent company, the non-profit Wikimedia Foundation, is based. In January of last year, Wikipedia sites ranked in the 33rd spot with 18.3 million unique visitors. By July, it had climbed to the 18th spot on the list with 28.1 million unique visitors, and in November it ranked 12th with 39.1 million unique visitors, according to comScore. In doing its tally for Wikipedia, comScore also counts visits to other Wikimedia sites, such as Wiktionary, Wikiquote, Wikibooks and Wikinews, but most of the traffic comes from the Wikipedia encyclopedias, a comScore spokesman said. Wikipedia started in January 2001 with its English-language site, which currently has more than 1.6 million articles. The Wikipedia project has since grown significantly and has more than 5 million articles in more than 200 languages, according to WikiMedia. Access to Wikipedia is free. Volunteers contribute the encyclopedia's content, which can be edited by anyone accessing the sites. Globally, Wikipedia sites ranked sixth in December with almost 165 million unique visitors, according to comScore. Flaw Allows Malicious Hackers To Take Control of Snort A flaw in Snort, the popular open-source intrusion detection system, could be used by attackers to run malicious code on vulnerable machines, several security organizations reported Monday. The stack buffer overflow bug is in the Snort (or Sourcefire) DCE/RPC preprocessor, said Neel Mehta, a member of IBM's Internet Security Systems X-Force research team. Mehta discovered the vulnerability, which could result in compromised or hijacked computers. Danish vulnerability tracker Secunia rated the threat as "highly critical," the second-most-serious ranking in its 1-through-5 scoring system. Several versions of Snort, which is the foundation of Sourcefire's security appliance line, are at risk, according to other advisories posted by US-CERT and the SANS Institute's Internet Storm Center. The vulnerable versions include Snort 2.6.1, 2.6.1.1, 2.6.1.2, and 2.7.0 Beta 1. Sourcefire urged users of Snort 2.6.1.x to update to Version 2.6.1.3 "immediately"; if upgrading isn't feasible, the DCE/RPC preprocessor should be disabled. Instructions for disabling the preprocessor are available online. No working exploit for the vulnerability has been spotted yet, Sourcefire said. Pharming Attack Targeted Bank Customers Worldwide An attack this week that targeted online customers of at least 50 financial institutions in the U.S., Europe and Asia-Pacific has been shut down, a security expert said Thursday. The attack was notable for the extra effort put into it by the hackers, who constructed a separate look-alike Web site for each financial institution they targeted, said Henry Gonzalez, senior security researcher for Websense Inc. To be infected, a user had to be lured to a Web site that hosted malicious code exploiting a critical vulnerability revealed last year in Microsoft Corp.'s software, Websense said. The vulnerability, for which Microsoft had issued a patch, is particularly dangerous since it requires a user merely to visit a Web site rigged with the malicious code. Once lured to the Web site, an unpatched computer would download a Trojan horse in a file called "iexplorer.exe," which then downloads five additional files from a server in Russia. The Web sites displayed only an error message and recommended that the user shut off their firewall and antivirus software. If a user with an infected PC then visited any of the targeted banking sites, they were redirected to a mock-up of the bank's Web site that collected their login credentials and transferred them to the Russian server, Gonzalez said. The user was then passed back to the legitimate site where they were already logged in, making the attack invisible. The technique is known as a pharming attack. Like phishing attacks, pharming involves the creation of look-alike Web sites that fool people into giving away their personal information. But where phishing attacks encourage victims to click on links in spam messages to lure them to the look-alike site, pharming attacks direct the victim to the look-alike site even if they type the address of the real site into their browser. "It takes a lot of work but is quite clever," Gonzalez said. "The job is well done." The Web sites hosting the malicious code, which were located in Germany, Estonia and the U.K., had been shut down by ISPs as of Thursday morning, along with the look-alike Web sites, Gonzalez said. It was unclear how many people may have fallen victim to the attack, which went on for about three days. Websense did not hear of people losing money from accounts, but "people don't like to make it public if it ever happens," Gonzalez said. The attack also installed a "bot" on users' PCs, which gave the attacker remote control of the infected machine. Through reverse engineering and other techniques, Websense researchers were able to capture screenshots of the bot controller. The controller also shows infection statistics. Websense said at least 1,000 machines were being infected per day, mostly in the U.S. and Australia. New Laws Target Data Security Problem As more details emerge about the recently disclosed security breach at TJX Companies, lawmakers in Massachusetts are considering new laws that would put the onus for paying for such breaches on retailers and merchants, rather than banks and credit unions, the Wall Street Journal reported Thursday. In Massachusetts, Attorney General Martha Coakley is hoping to force significant changes to the manner in which companies are allowed to collect, store, and protect sensitive consumer data. "[Coakley] is looking at a number of issues and working with the legislature to see what types of measures we can implement to better protect consumers," said Melissa Sherman, Coakley's press secretary. But security and privacy experts agree that new laws, in themselves, won't prevent a repeat of the data breach experienced by TJX, which continues to increase in scope. And that the hack of that retailer's network should provide a chilling lesson to businesses that are failing to adequately safeguard their sensitive information. As illustrated by the retailer's continued discovery of new incidents of IT systems intrusion, enterprises that don't have sufficient security tools in place will have a hard time simply piecing together the details of what has happened when their data is attacked, industry watchers observed. On Feb. 21, Framingham, Mass.-based TJX announced that it had discovered a new set of IT systems intrusions that exposed the personally identifiable information of an undetermined number of its customers. Company officials said that in addition to the IT systems break-ins TJX detailed in January 2007 -- which occurred during 2003 and between May and December 2006 - it now believes that intruders also infiltrated its databases repeatedly during 2005. TJX offered no further details regarding the nature or volume of the information that was accessed by outsiders during the newly reported intrusions, and said that the firm only recently discovered the additional incidents, which started in July 2005 and continued over a period of time that the company classified only as "subsequent dates," in a statement. The fact that TJX - which has already been publicly chided by MasterCard International, among others, for failing to meet established data security standards - is still unraveling the exact details of the attack serves as testament to the notion that ill-prepared businesses will struggle just to understand how and when they've been penetrated, experts said. "The scary thing is that we are learning that this type of situation is not uncommon. It's like someone broke into your house by picking the lock and only took items you wouldn't notice were missing," said Richard Mogull, an analyst with Gartner, in Stamford, Conn. "Companies such as retailers are collecting tons of information and not securing it properly, and if they don't have sufficient monitoring technology in place, which most firms do not, it's surprising that they can figure out what has happened at all," he said. Makers of security software designed to help companies fight such data loss contend that IT executives, when they first try out one of the programs, are typically shocked to find out where all their sensitive data is located and how it is being handled by employees and business partners. "Most people are really surprised by what they see. We were even shocked when we turned on the ILP technology for the first time," said Devin Redmond, director of security products at San Diego-based Websense, which acquired information leakage prevention (ILP) specialist PortAuthority Technologies for $90 million in December 2006. "It is amazing to see how much data is moving around the network and being used in ways that existing security policies don't cover," Redmond said. "For companies who haven't addressed the problem that are attacked, the biggest challenge is simply figuring out where your sensitive data might reside to begin with, and what was done to it." Privacy watchdogs said that many businesses, specifically retailers such as TJX, have been aggregating vast amounts of sensitive consumer data for years with little regard for its security. Because businesses struggle just to understand the parameters of such an attack, there is little hope that large companies will soon be able or willing to more intelligently defend their data, said Lillie Coney, associate director at the Electronic Privacy Information Center (EPIC) in Washington, DC. - even when faced with glaring examples of what can go wrong. "Incidents like the one experienced by TJX provide the best argument for not holding onto large amounts of sensitive information, but there's no evidence yet that these events have pushed other companies to improve their own data security efforts," Coney said. "This is exactly the situation that the criminals want; they can move in and steal the data and it's hard to tell what they made off with, which lets them keep doing business longer." One of the major problems in convincing companies to invest in technologies to defend information from internal and external threats, experts said, is that security workers still have a hard time justifying the cost of expensive new tools to senior executives, who want to know why the systems they've already installed aren't enough. Making a case for how a data breach could affect a company's bottom line should be simple, but many business leaders are unwilling to dip into their coffers for new IT defense systems, EPIC's Coney contends. "If you consider the problem in terms of risk analysis and the potential cost of an incident that exposes sensitive information, including the damage to a company's reputation, it shouldn't be a hard case to make," Coney said. "But getting companies to think like that is still a challenge, as the IT workers don't have a way to position the issue from a bottom-line standpoint; eventually someone will make a case for liability with one of these breaches, and that's when people will really get it." Research company, Ponemon Institute, based in Elk Rapids, Mich., estimates that information losses cost U.S. companies an average of $182 per compromised record in 2006. However, other industry watchers, including Gartner's Mogull said there's no real way to quantify the long-term damage done to a firm's reputation by a TJX-like event. The analyst said that such incidents are causing many enterprises to reconsider their data protection policies and look into new security technologies, but few companies are taking a comprehensive approach to addressing the problem of information security and are instead focused on potential return on investment (ROI) - a serious mistake, he said. "Companies are trying to do ROI analysis to decide what they need to spend or what they'll lose in an incident, but that's a silly way to do it. The estimates that are out there for the cost of a breach are mostly worthless because they can't take into account the long-term effect," Mogull said. "What they really need to do is find where the data is and how it is being used in their business and try to create smarter policies," he said. "Trying to piece things together after an attack has already happened clearly isn't going to cut it." Twelve-step Program Aims To Cure E-mail Addiction Alcoholics have one, and so do drug abusers. Now people addicted to e-mail also have a 12-step program designed to tackle their obsession. An executive coach in Pennsylvania has devised a plan to teach people how to manage the electronic tool, which some users say can be as much an intrusive waste of time as it is fast-paced and efficient. Developed for cases such as a golfer who checked his BlackBerry after every shot, and lost a potential client who wanted nothing to do with his obsession, Marsha Egan's plan taps into deepening concern that e-mail misuse can cost businesses millions of dollars in lost productivity. "There is a crisis in corporate America, but a lot of CEOs don't know it," Egan said. "They haven't figured out how expensive it is." One of Egan's clients cannot walk by a computer - her own or anyone else's - without checking for messages. Other people will not vacation anywhere they cannot connect to their e-mail systems. Some wait for e-mails and send themselves a message if one hasn't shown up in several minutes, Egan said. The first of Egan's 12 steps is "admit that e-mail is managing you. Let go of your need to check e-mail every 10 minutes." Other steps include "commit to keeping your inbox empty," "establish regular times to review your e-mail" and "deal immediately with any e-mail that can be handled in two minutes or less but create a file for mails that will take longer." Egan says she hosts no 12-step meetings but is planning a monthly teleconference for "e-mailers anonymous." Michelle Grace, an insurance agent in Lehighton, Pennsylvania, said she receives up to 60 e-mails a day and uses Egan's program to make it less time-consuming and less stressful. "E-mail had me by the throat," she said. "When you can't find what you need, then it becomes a problem." Now that her e-mails are transferred - some manually and some automatically - into files, Grace said she spends less time hunting for them. On average, workers who receive an e-mail take four minutes to read it and recover from the interruption before they can resume working productively, Egan said. She also recommends checking e-mails not more than three or four times a day. Some employees resist the lure of e-mail during the regular workday, only to find themselves putting in extra hours at home to clear the backlog, she said. One of Egan's clients said he had 3,600 e-mails in his inbox. Part of the problem is senders who copy messages too widely and are too vague in their subject lines, so recipients don't know what they need to open right away, Egan said. For Grace, relief from her e-mail addiction means she is not checking her computer every five minutes. She said she has let her colleagues know that if they need to reach her immediately, e-mail is not the way to do it. "I told them, 'If you need me urgently, pick up the phone,"' she said. Man Sues IBM Over Adult Chat Room Firing A man who was fired by IBM for visiting an adult chat room at work is suing the company for $5 million, claiming he is an Internet addict who deserves treatment and sympathy rather than dismissal. James Pacenza, 58, of Montgomery, says he visits chat rooms to treat traumatic stress incurred in 1969 when he saw his best friend killed during an Army patrol in Vietnam. In papers filed in federal court in White Plains, Pacenza said the stress caused him to become "a sex addict, and with the development of the Internet, an Internet addict." He claimed protection under the American with Disabilities Act. His lawyer, Michael Diederich, says Pacenza never visited pornographic sites at work, violated no written IBM rule and did not surf the Internet any more or any differently than other employees. He also says age discrimination contributed to IBM's actions. Pacenza, 55 at the time, had been with the company for 19 years and says he could have retired in a year. International Business Machines Corp. has asked Judge Stephen Robinson for a summary judgment, saying its policy against surfing sexual Web sites is clear. It also claims Pacenza was told he could lose his job after an incident four months earlier, which Pacenza denies. "Plaintiff was discharged by IBM because he visited an Internet chat room for a sexual experience during work after he had been previously warned," the company said. IBM also said sexual behavior disorders are specifically excluded from the ADA and denied any age discrimination. Court papers arguing the motion for summary judgment will be exchanged next month. If it goes to trial, the case could affect how employers regulate Internet use that is not work-related, or how Internet overuse is categorized medically. Stanford University issued a nationwide study last year that found that up to 14 percent of computer users reported neglecting work, school, families, food and sleep to use the Internet. The study's director, Dr. Elias Aboujaoude, said then that he was most concerned about the numbers of people who hid their nonessential Internet use or used the Internet to escape a negative mood, much in the same way that alcoholics might. Until he was fired, Pacenza was making $65,000 a year operating a machine at a plant in East Fishkill that makes computer chips. Several times during the day, machine operators are idle for five to 10 minutes as the tool measures the thickness of silicon wafers. It was during such down time on May 28, 2003, that Pacenza logged onto a chat room from a computer at his work station. Diederich says Pacenza had returned that day from visiting the Vietnam Veterans Memorial in Washington and logged onto a site called ChatAvenue and then to an adult chat room. Pacenza, who has a wife and two children, said using the Internet at work was encouraged by IBM and served as "a form of self-medication" for post-traumatic stress disorder. He said he tried to stay away from chat rooms at work, but that day, "I felt I needed the interactive engagement of chat talk to divert my attention from my thoughts of Vietnam and death." "I was tempting myself to perhaps become involved in some titillating conversation," he said in court papers. Pacenza said he was called away before he got involved in any online conversation. But he apparently did not log off, and when another worker went to Pacenza's station, he saw some chat entries, including a vulgar reference to a sexual act. He reported his discovery to his boss, who fired Pacenza the next day. Pacenza says he would have understood if IBM had disciplined him for taking an unauthorized break, but firing him was too extreme. He argues that other workers with worse offenses were disciplined less severely, including a couple who had sex on a desk and were transferred. Fred McNeese, a spokesman for Armonk-based IBM, would not comment. Pacenza claims the company decided on dismissal only after improperly viewing his medical records, including psychiatric treatment, following the incident. "In IBM management's eyes, plaintiff has an undesirable and self-professed record of psychological disability related to his Vietnam War combat experience," his papers claim. Diederich says IBM workers who have drug or alcohol problems are placed in programs to help them, and Pacenza should have been offered the same. Instead, he says, Pacenza was told there were no programs for sex addiction or other psychological illnesses. He said Pacenza was also denied an appeal. Diederich, who said he spent a year in Iraq as an Army lawyer, also argued that "A military combat veteran, if anyone, should be afforded a second chance, the benefit of doubt and afforded reasonable accommodation for combat-related disability." Dell Users Demand Linux on Laptops The new team of leaders at Dell is weighing a request to give customers the option to purchase PCs with the Linux OS, instead of the default Windows, after thousands of users voted for that idea on a company blog. The idea appeared Friday on a company-hosted blog called Dell Idea Storm. CEO Michael Dell unveiled the blog Feb. 16 as part of his effort to reinvigorate the struggling company. Dell said he hoped to use the blog to collect users' feedback and improve customer service. Since then, company executives and department heads have been monitoring the site, paying closest attention to the ideas winning the most votes, Dell spokeswoman Caroline Dietz said. The most popular threads yesterday included demands for Linux-based laptops, consumer PCs that are not pre-loaded with unsolicited applications, and requests for Sun Microsystems' OpenOffice applications instead of Microsoft's Office suite. Popular requests also included a preference for Mozilla's Firefox Web browser instead of Microsoft's Internet Explorer, and pleas for Dell to stop routing service calls to operators in overseas countries such as India. Dell leaders have heard those ideas "loud and clear," and plan to post a statement on the blog this week explaining how they will react, Dietz said. But she warned that the company would judge ideas on more than just their popularity. "Just because an idea is number one or number two doesn't necessarily mean Dell will do it, but it does mean it will receive the highest level of attention," she said. Dell has already changed the blog rules to make the voting more accurate, after the site was flooded over the weekend by certain users clicking multiple times on their favorite links, Dietz said. Beginning Wednesday, Dell required users to register, ensuring that each person can vote just once for each posting. Another misleading aspect of popular threads is that each vote awards postings 10 "points," meaning that the Linux thread has about six thousand supporters, not the posted number of 67,703. The second-most popular thread - the request for OpenOffice - has 40,572 points, and a plea to avoid unwanted software applications has 27,476 points. Most other ideas on the 95-page blog have won only a handful of votes. Despite the blog's problems, Dell will someday decide to sell Linux-based PCs in their consumer market, experts say. "Look, they already have a strong partnership with Red Hat and Oracle to move Linux into the enterprise server space. I think what they're waiting for is some more compelling applications to show up on Linux for personal use. Think about what you use your laptop for - it's usually office, games, music and Internet access. When all of these things come together in a consumer-friendly, seamless way there will be a case for Dell to adopt Linux on portables to sell to the masses," said Joe Clabby, president of Clabby Analytics. "My 84 year-old father-in-law only needs his PC for light word processing and for AOL access. He can get plenty of Linux word processors - but where's AOL Linux? When the right applications show up, and when they are integrated, it will all come together," Clabby said. Fixing Dell's finances could call for such a bold move. Once a Wall Street darling thanks to its innovative "direct sales" business model, Dell has struggled in recent months with falling profits, an accounting investigation by federal stock regulators, a lawsuit by disgruntled investors, a notebook battery recall and finally the resignation on Jan. 31 of Dell's hand-picked successor as CEO, Kevin Rollins. Since resuming his job as CEO of the company he founded in 1984, Dell has moved quickly to restore investors' confidence by ousting several long-time executives and replacing them with leaders from outside technology companies including Motorola and Selectron. Google Gives Office a Web 2.0 Spin Against the backdrop of the YouTube drama, Google on Thursday launched an enhanced version of its hosted business applications suite in what can only be called true Web 2.0 style. Dubbed Google Apps, the suite launched as a free service in August 2006. It includes Gmail, Google Calendar, Google Talk, and a Start Page feature for creating a customizable home page on a specific domain. The new version, called Google Apps Premier Edition, isn't free. The search giant is charging $50 per user account, per year for the communication and collaboration software. That fee buys users phone support, additional storage, and a new set of administration and business integration capabilities. Google Apps Standard Edition and Google Apps Education Edition will remain free, supported by advertising. Dave Girouard, vice president and general manager at Google Enterprise, promised business users the ability to use the new Premier Edition suite at a "fraction of the cost" of installed software. According to Google, more than 100,000 small businesses are already using the free service, and the company is wooing big-name enterprises to its paid version. Procter & Gamble Business Services and General Electric are among the charter enterprise customers for Google Apps. Salesforce.com and Prudential Preferred Properties are also early adopters. In a published statement, Laurie Heltsley, director of Procter & Gamble Business Services, said the company would "work closely with Google in shaping enterprise characteristics and requirements" for the application suite. And GE CTO Gregory Simpson gave Google credit for "understanding how people interact together over the Web." That understanding might be attractive enough to cause business users to eventually abandon Microsoft Office, or at least use it alongside Google's new offering, according to Greg Sterling, principal analyst at Sterling Market Intelligence. "Employees in larger organizations who want to share resources internally may opt for this because it provides online collaboration tools accessible to anyone using any computer - and it's password-based," Sterling noted. What's missing from the suite that might end up being a hindrance to some business users, Sterling said, is a PowerPoint alternative. But Google Apps now supports Gmail for mobile on BlackBerry handheld devices. And it also incorporates Google Docs & Spreadsheets. Google Docs & Spreadsheets lets teams collaborate on documents and spreadsheets without the need to e-mail documents back and forth. Multiple employees can work on a document at the same time, and all revisions are recorded for editing, with administrative controls to allow organizations to define limits on document sharing. In addition, application-level control allows administrators to adapt services to business policies, such as sharing of calendars or documents outside of the company. In a move to make Google Apps Premier Edition even more relevant to business users, the company has invited its professional partners, including Avaya and Postini, to develop several solutions based on the Google Apps APIs, including e-mail gateways, enhanced security, Google Calendar synchronization, third-party integration with Google Talk, as well as deployment, migration, and additional support services. "Enterprises need proof that Google Apps is secure," Sterling concluded. "But this bundle offers a nice package of features and the Web-based nature of this make it appealing. It is a clear alternative to Office." States Seek Laws To Curb Online Bullying Ryan Patrick Halligan was bullied for months online. Classmates sent the 13-year-old Essex Junction, Vt., boy instant messages calling him gay. He was threatened, taunted and insulted incessantly by so-called cyberbullies. In 2003, Ryan killed himself. "He just went into a deep spiral in eighth grade. He couldn't shake this rumor," said Ryan's father, John Halligan, who became a key proponent of a state law that forced Vermont schools to put anti-bullying rules in place. He's now pushing for a broader law to punish cyberbullying, often done at home after school, and wants every other state to enact laws expressly prohibiting it. States from Oregon to Rhode Island are considering crackdowns to curb or outlaw the behavior in which kids taunt or insult peers on social Web sites like MySpace or via instant messages. Still, there is some disagreement over how effective crackdowns will be and how to do it. "The kids are forcing our hands to do something legislatively," said Rhode Island state Sen. John Tassoni, who introduced a bill to study cyberbullying and hopes to pass a cyberbullying law by late 2007. But others argue that legislation would be ineffective. George McDonough, an education coordinator with Rhode Island's Department of Education, concedes that the Internet has become an "instant slam book" but questions whether laws can stem bad behavior. "You can't legislate norms, you can only teach norms," he said. "Just because it's a law they don't necessarily follow it. I mean, look at the speed limit." The Internet allows students to insult others in relative anonymity, and experts who study cyberbullying say it can be more damaging to victims than traditional bullying like fist fights and classroom taunts. Legislators and educators say there's a need for guidelines outlining how to punish cyberbullying. They say the behavior has gone unchecked for years, with few laws or policies on the books explaining how to treat it. Cyberbullying is often limited to online insults about someone's physical appearance, friends, clothing or sexuality. But some cyberbullies are more creative. In Washington state, a bully stole a girl's instant message username and used it to send out insulting messages. In New York, two high school boys were accused of operating an Internet site that listed girls' "sexual secrets." Prosecutors decided not to charge the boys because of free-speech concerns. Steven Brown, executive director of the Rhode Island branch of the American Civil Liberties Union, said it will be difficult to draft a cyberbullying law that doesn't infringe on free-speech rights. "The fact that two teenagers say nasty things about each other is a part of growing up," he said. "How much authority does a school have to monitor, regulate and punish activities occurring inside a student's home?" In Arkansas, the state Senate this month passed a bill calling on school districts to set up policies to address cyberbullying only after it was amended to settle concerns about students' free-speech rights. States are taking different approaches to the problem. A South Carolina law that took effect this year requires school districts to define bullying and outline policies and repercussions for the behavior, including cyberbullying. One school district there has proposed punishments from warnings up to expulsion for both traditional bullying and cyberbullying. Some of Oregon's most powerful lawmakers have lined up behind a proposed bill that would require all of the state's 198 school districts to adopt policies that prohibit cyberbullying. Some local school districts aren't waiting for the state to take action: The Sisters school district in Central Oregon adopted rules that allow it to revoke cyberbullies' school Internet privileges, or even expel a student in egregious cases. Ted Thonstad, superintendent of the rural school district of 1,475 students, said it was important to clarify by policy how to treat cyberbullying, now prohibited under strict school hazing rules. Previously, the district had guidelines for what types of Internet sites students could visit, he said, but no policy specifically dealt with cyberbullying. Thonstad said no case prompted the policy, although there were some minor incidents of cyberbullying before it went into place at the beginning of the school year. Nothing has been reported since then. "It's difficult to monitor if you don't have the right software," he said. "So you rely on students to let you know when it's going on." Other schools are also being proactive. Rhode Island's McDonough sent both public and private school superintendents information and resources on cyberbullying. One school is designing lesson plans to help stop cyberbullying and protect children from Internet predators. "I think it would be a good idea if there was a law, but I really believe it has to start at home," said Patricia McCormick, assistant principal of the private St. Philip School in Smithfield, R.I. McCormick said all the teachers in the school have been trained on Internet safety, and students now receive at least 15 classes on the subject, which includes cyberbullying. But she said stopping the problem will require parental participation. "Cyberbullying isn't going on in school," she said. "It is going on at home, and I think there needs to be more programs to educate parents about the dangers." News Corp.'s social-networking site MySpace prohibits cyberbullying and tells users to report abuse, to the company as well as parents and law enforcement, according to a statement issued by Hemanshu Nigam, the company's chief security officer. John Halligan, whose son's suicide has turned him into an advocate for broader cyberbullying laws that would allow victims and their families to pursue civil penalties against bullies, said something must be done to stop the problem. "I didn't simply want it to be Ryan's school that agreed to do something," he said. "At the end of the day this wasn't just a problem in Ryan's school." Gates Sets Limits on Kids' Online Time Just because you're the daughter of Bill Gates does not mean you get to play on your computer all day long. The Microsoft founder said his 10-year-old daughter, his oldest child, was not a hard-core Internet and computer user until this year, when she started at a school where the students use tablet computers for almost everything. "She became very avid and discovered a lot of computer games, including one that runs on the Xbox 360 called Viva Pinata, where you take care of your garden," he told a business audience in Ottawa. "She could spend two or three hours a day on this Viva Pinata, because it's kind of engaging and fun." Gates said he and his wife Melinda decided to set a limit of 45 minutes a day of total screen time for games and an hour a day on weekends, plus what time she needs for homework. Microsoft's new Vista software enables parents to control the Web sites their kids go to but also includes an audit log that records sites they have visited and whom they've been Instant Messaging. "Up to some age, to be determined, it's very appropriate for a parent to get a sense of what they're seeing out there and be able to have conversations about it," he said. "My son said, 'Am I going to have limits like this my whole life?', and I said, 'No, when you move away you can set your own screen limits'," Gates recounted, to audience laughter. =~=~=~= Atari Online News, Etc. is a weekly publication covering the entire Atari community. Reprint permission is granted, unless otherwise noted at the beginning of any article, to Atari user groups and not for profit publications only under the following terms: articles must remain unedited and include the issue number and author at the top of each article reprinted. Other reprints granted upon approval of request. Send requests to: dpj@atarinews.org No issue of Atari Online News, Etc. may be included on any commercial media, nor uploaded or transmitted to any commercial online service or internet site, in whole or in part, by any agent or means, without the expressed consent or permission from the Publisher or Editor of Atari Online News, Etc. Opinions presented herein are those of the individual authors and do not necessarily reflect those of the staff, or of the publishers. All material herein is believed to be accurate at the time of publishing.