Hackers hit Scientology with online attack

A group of hackers calling itself "Anonymous" has hit the Church of Scientology's Web site with an online attack.

The attack was launched Jan. 19 by Anonymous, which is seeking media attention to help "save people from Scientology by reversing the brainwashing," according to a Web page maintained by Anonymous.

Anonymous claims to have knocked the Church's Web site offline with a distributed denial-of-service attack, in which many computers bombard the victim's server with requests, overwhelming it with data in the hope of ultimately knocking the system offline. True to its name, Anonymous does not disclose the true identities of its members.

The attacks were spurred by the Church's efforts to remove video of movie star Tom Cruise professing his admiration for the religion, according to an Anonymous video manifesto posted to Youtube.

"For the good of your followers, for the good of mankind and for our own enjoyment, we shall proceed to expel you from the Internet and systematically dismantle the Church of Scientology in its present form," a creepy computerized voice states in the video. Anonymous followed up this dispatch with a second video blasting the media for failing to completely report the group's criticisms of the church. This video was taken down Friday by Youtube, citing a "terms of use violation."

Anonymous has managed to generate a measurable attack against the Scientology.org Web site. Over the past few days, the site was hit with several DDOS (distributed denial-of-service) attacks, which flooded it with as much as 220M bps of traffic, according to Jose Nazario, a senior security engineer with Arbor Networks, whose company compiles data on Internet attacks.

The Anonymous campaign shows some level of organization. "220M bps is probably about in the middle of attack sizes," Nazario said. "It's not just one or two guys hanging out in the university dorms doing this."

On average, the attacks lasted about 30 minutes and used up 168M bps of bandwidth. In the past year, Arbor has seen attacks on other sites hit 40G bps, or 200 times the strength of the Anonymous event.

Shortly after it was hit with the DDOS flood, the Scientology.org Web site was moved to a server hosted by Prolexic Technologies, according to data compiled by Netcraft, an Internet monitoring company. Prolexic specializes in protecting companies from DDOS attacks.

A Prolexic spokeswoman confirmed that the Church of Scientology is one of the company's clients, but declined to offer more details on the matter. The Church of Scientology did not return a phone call and e-mail seeking comment.

The secretive Church of Scientology's practices, including its efforts to use copyright law to restrict the dissemination of information about the church, have engendered a lot of criticism within the Internet community. But one Web site set up to criticize Scientology -- called Operation Clambake -- called the DDOS attacks a bad idea. "Attacking Scientology like that will just make them play the religious persecution card," wrote Andreas Heldal-Lund, the Web site's owner. "They will use it to defend their own counter actions when they try to shatter criticism and crush critics without mercy."

If publicity was Anonymous' ultimate goal, the group has had some success. Late in the day Friday, seven of the top 10 stories on the Digg.com news-linking site related to Scientology or to Anonymous' communiques.

Palm to close retail stores

Palm plans to close its retail stores in an effort to focus on fewer programs and better compete, the company said on Thursday.

All of Palm's eight branded retail stores, as well as its 26 stores within Airport Wireless shops, will close.

The move may stem from increased competition from Research In Motion's BlackBerry products. Prior to about a year ago, BlackBerry dominated the enterprise market and Palm was popular among prosumers, who typically buy devices in retail outlets, said Bill Hughes, an analyst at In-Stat. But since then, BlackBerry has grown more successful at selling its handhelds at retail, encroaching on Palm's traditional prosumer market, he said.

The stores didn't make much sense for Palm from the beginning, according to Hughes. "This doesn't really surprise me," he said. Usually, manufacturers open their own stores when their retail distribution strategy isn't working, he said. But Palm has reported a string of quarterly losses and may have decided to close the stores and boost its efforts to sell through other retail outlets as a way to cut costs.

Palm said the store closings come as the company continues to focus on core business initiatives, consolidating resources behind fewer programs. For a similar reason, it cancelled its controversial smartphone companion product, the Foleo, that was scheduled for release in the middle of 2007.

Palm has struggled over the past couple of years as the smartphone market grows increasingly crowded, and as it tries to phase out its PDA (personal digital assistant) business. The company is building a new Linux-based operating system that is scheduled to be released at the end of this year, with commercial products hitting the market shortly after. The software, which many thought would hit the market at the end of last year, will compete with Google's Android Linux-based smartphone operating system. Phones based on Android are expected to ship starting in the second half of this year.

Windows Home Server vulnerable to critical bug, too

Microsoft revises January security bulletin again to add WHS to risk list

• Small businesses moving to Vista fastest, report says
  
  
  
  
  
  
• Microsoft narrows scope of Home Server bug
  
  
  
  
  
  
• Microsoft's Windows Home Server corrupts files
  
  
  
  
  
  
• Microsoft and Open-Source Backers Eye Each Other Warily
  
  
  
  
  
  
• Sellers price Windows Home Server OEM at $165-$189
  
  
  
  
  
  

For the second time in three days, Microsoft Corp. added another product to the list of those vulnerable to a critical bug patched nearly three weeks ago.

Windows Home Server, the company's newest operating system, is also at risk to the vulnerabilities spelled out by the MS08-001 security bulletin, according to a Friday update. The advisory, first issued Jan. 8 -- and fingered then by researchers as the month's most pressing -- was revised Wednesday, when Microsoft announced that Windows Small Business Server was at risk. Neither Windows Home Server or Small Business Server had been among the versions called out by the original bulletin.

"Supported editions of Windows Small Business Server 2003 and Windows Home Server contain the same affected code as Windows Server 2003," Microsoft said in the revised notice. "[However] Windows Small Business Server and Windows Home Server configurations have IGMP [(Internet Group Management Protocol] enabled by default and will result in a greater exposure to the same vulnerability."

The initial bulletin had pegged the threat to Windows Server 2003 as "Important," the second highest rating in Microsoft's four-step scoring system. But it was later rated as "Critical" for Windows Home Server and Small Business Server.

According to Microsoft, the vulnerability can be exploited by sending malicious data packets to unsuspecting users, who could find their PCs infected with malware or under the control of others. Within 10 days of Microsoft posting its first patches, researchers had produced proof-of-concept exploits, claiming that the company had overestimated the difficulty in crafting attack code.

"It's apparently possible to create a reliable exploit for this issue," agreed Symantec Corp. on Jan. 18.

Windows Home Server owners have been offered the patch via the software's update mechanism, Microsoft said in the revised bulletin. "Customers should apply the update to remain secure," it urged.

Microsoft did not say why it had not identified Windows Home Server or Small Business Server as vulnerable and requiring repair when it first issued updates earlier this month.

Apple's MacBook Air Laptop: First Lab Tests

Apple's new laptop is thin and light, but not particularly fast in Macworld's preliminary testing.

It was clear from the moment the MacBook Air was unveiled at Macworld Expo that it was a Mac laptop unlike any we've seen recently, if ever.

In exchange for dramatically lighter weight and an extremely thin profile, Apple has definitely compromised when it comes to the MacBook Air's tech specs. And the results of Macworld Lab's preliminary tests of the MacBook Air reflect those compromises.

For this first set of tests, we used a default-configuration MacBook Air powered by a 1.6GHz Intel Core 2 Duo processor with a 4200 rpm, 1.8-inch 80GB parallel ATA hard drive. The MacBook Air's processor clock speed lags well behind current MacBook (2.0GHz or 2.2GHz) and MacBook Pro (2.2GHz, 2.4GHz, and 2.6GHz) models, and its hard drive is also slower than those used in the other models.

Slower

Our tests reveal that the slower processor and disk make the MacBook Air quite a bit slower than the other portables in Apple's product line. The MacBook Air was also outpaced in our tests by the its closest desktop cousin, the ultra-compact 1.83GHz Mac mini Core 2 Duo.

Although none of our test results seem horribly out of whack with what one might expect from the MacBook Air given its modest specs, it's necessary to provide some caution for these preliminary numbers. Testing a brand-new piece of Apple hardware is always a challenge, usually introducing wrinkles into our test procedures that require us to carefully plot out the best way to test a system.

In the case of the MacBook Air, we discovered that one of our base assumptions--a series of tests involving startup and data loading over an ethernet network--might be an issue with this system, which can connect to wired ethernet networks only via a $29 add-on USB adapter.

We've tested the system with and without the adapter, and will continue to investigate any effects the MacBook Air's unique networking characteristics might have on our tests.

Similarly, one of our base tests-encoding an H.264 movie from DVD using HandBrake--requires the use of an optical drive. For this test, we used Apple's optional $99 USB SuperDrive. And now that a Mac exists with no built-in ethernet or optical drive, we'll have to re-evaluate our use of those tests when we build the next update to our Speedmark test suite.

More Testing

In the meantime, keep in mind that we will continue to test the MacBook Air as well as reference systems, and as a result future test scores for these systems may vary from what's reported here.

Speaking of Speedmark, the MacBook Air's score of 123 is the lowest score we've recorded for any Intel-based Mac laptop, but it does handily beat our PowerPC laptop reference system, the 1.67Ghz 15-inch PowerBook G4.

Of course, the MacBook Air's appeal is not about blazing speeds, but about small size and weight. However, these tests do give some indication about what level of performance users will have to give up if they've decided to forego a MacBook or MacBook Pro for the thin embrace of the MacBook Air.

There's a whole lot more MacBook Air coverage coming from Macworld.com. Stay tuned in the coming days for more hands-on commentary, lab testing, and a full review of both the base model and--when it arrives in our Lab--the high-end 1.8GHz model powered by the 64GB solid-state drive.

OneCare upgrade brings headaches

Since November, Microsoft has been slowly rolling out an update to its Windows Live OneCare security software. Although the update was designed to bring in new features, such as the ability to monitor the health of multiple PCs, some say the new version has brought only headaches.
Robert Webb of North Carolina said he started having problems from the moment his software was upgraded in early December.
"My main problem has been that OneCare does not always start when the computer is booted," Webb said in an e-mail interview. "It has to be manually started."
Microsoft's online forums are buzzing with a host of complaints about the new version, with many people unable to get the software to work.
Microsoft confirmed that it is working on that problem.
"We are aware that some users are experiencing an issue with Windows Live OneCare when they start up the service after installing (version) 2.0," Microsoft said in a statement to CNET News.com. "The issue is being worked on and currently affects a very limited number of customers (about 1 percent of the install base), each of whom we thank for their patience."
In an interview Thursday, Microsoft lead product manager Larry Brennan said that, in total, the problems aren't causing a significant disparity compared with users' experience with the older version.
"We do monitor the overall status of the service," he said. "We can see that the servicing statistics for 2.0 are comparable to the servicing statistics for (version) 1.6."
Brennan touted the new features, such as automated printer sharing and centralized backup, as key improvements and said that with any upgrade, there are bound too be some people who have problems. Brennan said Microsoft is about halfway through migrating OneCare users to version 2.0 and that the company is continuing to automatically upgrade customers, despite the complaints.
OneCare, which was introduced in May 2006, is Microsoft's first entry in the consumer antivirus software business and competes with consumer software from Symantec, McAfee, and others.
Stephen Boots, the Microsoft Most Valued Professional who moderates the OneCare forum, has been trying to address many of the issues online, but has been suggesting those with other issues contact Microsoft's customer care.
"There were too many problems with the v2 upgrade and too many remain now," Boots wrote in a post on Friday.
For Webb, the problems have shifted his OneCare experience from positive to negative.
"I liked OneCare before these problems appeared because it was hassle free and not a resource hog," said Webb, who has been using the program for a year and a half and renewed his paid subscription last July.
Update: A Microsoft representative said on Friday that the company is planning to push out an update to version 2.0 on January 31 that it hopes will fix many of the problems that users have been encountering.

Head over heels for tomorrow's personal robots

If you never thought you could own a companion robot--one that could chat with you, snuggle when you're glum, rub up against you for attention, and coo when you stroke it--think again.

The recent launch of Pleo, a dinosaur "life form" from Emeryville, Calif.-based Ugobe is one of the more high-profile releases of a companion robot to date. And its $350 price may be just low enough to lure a mainstream audience.
But this is just the beginning.
In fact, suggests a group of industry insiders, Pleo is likely to be a jumping-off point for ubiquitous, inexpensive robots with capabilities far beyond what is possible today, including offering people a level of empathetic companionship that has so far been strictly the province of science fiction.
And while robots like Pleo may be seen--in spite of their makers' marketing plans--as toys, the very meaning of the term "toys" could be up for a major reinterpretation.
"Pretty soon, they're not going to be called 'toys' anymore, or they'll redefine what 'toys' mean," said David Hanson, the founder and chief scientist of Hanson Robotics. His Richardson, Texas-based company specializes in what it calls "conversation character robots," and its Zeno robot-boy can recognize, understand, and respond to human facial features.
"These devices are changing toys into a much more flexible information-processing medium…a revolutionary character medium (that is) becoming increasingly aware of humans," Hanson said.
Personal robotics is a wide-open field, and one that ABI Research analyst Philip Solis recently estimated will be worth $15 billion annually by 2015. But the term "personal robotics," as Solis defines it, encompasses and is currently dominated by devices like iRobot's Roomba vacuum cleaners. Roombas, while extremely handy, are hardly companions.
If you watch someone play with the Pleo, however, you can quickly see why an empathetic robot--one that responds to human input, makes pet-like noises, and appears to be eager to interact--is desirable and has a vast amount of room to evolve.
That's the territory where companies like Hanson Robotics, WowWee, and Ugobe are planting their flags. They are hoping to capture significant portions of the business by bringing to market the types of robot toys and companions that haven't been seen before.
"Pretty soon, they're not going to be called 'toys' anymore, or they'll redefine what 'toys' mean."
--David Hanson,chief scientist,Hanson Robotics
A much bigger name, Sony, attempted to do the same back in 1999 with the release of its famed Aibo robot dog. Sony made great strides in advancing the concept of realistic pet-like companions. But Aibo's price was steep--$2,000--and it was never a commercial hit.
The much-smaller robotics companies like Hanson, WowWee, and Ugobe are hoping that by releasing products in the $200 and $300 range they can win over previously interested but uncommitted customers.
One of the biggest driving forces behind the market's expansion--which will likely take at least a few more years to bear truly impressive fruit--will be the tumbling of component prices that will lead to lower price tags on the products, a number of industry insiders said.
That's especially true when it comes to the processors--such as the ARM7 and ARM9 used in many of these devices--and the cameras that enable these robots to be both intelligent and interactive.
The prices of camera controllers and other components are dropping quickly, said Hanson. "I would say definitely by 2010, 2011, 2012, we'll see these kinds of robots go below the $200 price range."
Others agree.
"It's beginning to really take off right now," said Bob Christopher, Ugobe's CEO. "2008 is going to be a big catalyst for robotics...So you have this kind of convergence happening in the market demand and the ability to meet that."
By 2010, Christopher said, the market will likely be rife with robots with more highly advanced feedback systems that can more readily react to people.
"Applications that draw us in emotionally will be more evident in personal robotics," Christopher said. "And the price points will be more affordable in (building-block) technologies that will allow these robots to be more feature rich."
Of course, not everyone buys the argument that the price tags will tumble in the next few years.
In fact, said, Davin Sufer, chief technology officer of San Diego-based WowWee, the overall cost of materials is actually going up.
"If you look at the costs of metals and plastics, (they're going up) because of the cost of petroleum," Sufer said. "Overall, I don't see that downward trend."
Sufer acknowledged that the cost of electronic components is likely to drop but that this will be offset by the higher costs of the metals and plastics. He predicted that prices will stay in the range they are today, with high-end personal robots--albeit ones much more technologically advanced than today--still costing in the $300 range

Bug Labs: Build your own dream gadget

Snap up to four modules onto the BugBase, and you've got your own custom gadget.(Credit: Bug Labs)
It's the rare product that excites CNET editors across all categories. The Bug Labs platform, which has been the subject of several conversations around the CNET booth, is one such rarity.
Described as "the Lego of gadgets" by Webware's Rafe Needleman, the Bug Labs platform starts with a minicomputer, the Bug Base, onto which you can snap multiple modules, such as a digital camera or an LCD screen. You can then program your own software to run your custom gadget or download software others have written from the Bug Labs site. Need a GPS-enabled digital camera that will automatically upload your images to Flickr? With the Bug Labs platform, you can build one.
Aside from being eager to tinker with the product, we're thrilled to see such an innovative approach to consumer electronics. The Bug Platform is totally open source, highly configurable, and designed to go wherever consumers' imaginations take them. Plus, the company has a unique "early adopter" pricing scheme, in which the price is lower during the first 60 days; this is a great way to encourage people to start developing software to share.