MEDIA NOTES  By Jimmy Guterman, March 19, 2003 <a href=www.business2.com>Business 2.0 To: Managers of News Sites

On Sept. 11, 2001, few Americans got their breaking news online. Even after stripping ads, graphics, and scripts from their front pages, most major online news sources received so much traffic that visitors had to either wait minutes at a stretch for text to load or hit the "Refresh" button repeatedly until something other than an error message appeared on the screen.

That experience led you folks to reconsider how much bandwidth is adequate for times of emergency and what the role of online news is, compared with that of more entrenched electronic media like television and radio. In the 18 months since the 9/11 attacks, you have learned about features like "burst" capacity, additional bandwidth that becomes available when unexpected traffic threatens to slow a site to a crawl or take it down entirely.

I'm writing this column on Wednesday, March 19. By the time you read it, the United States and Britain may be at war with Iraq and people will be desperate for up-to-the-second information. Just keeping sites up in the early days of a war will be a challenge, but that's only the beginning. If you are to compete effectively with your more entrenched electronic brethren, you need to pay close attention to how you're using broadband and how broad your content sources are.

Deploy broadband sparingly. Even with additional capacity, your sites may be fighting to keep up with traffic, and there's nothing like a lengthy video file to slow access and send visitors elsewhere. And let's face it: No matter how you promote your broadband offerings, small, jerky streaming video feeds inside a RealPlayer or Windows Media Player are nowhere near as compelling as video seen on a 25-inch screen that was built for video. Some video files will be necessary to give your visitors a broad array of services, but if people want immediate access to breaking video, they will opt for television.

Use weblogs to jump-start discussion. The easiest way to get the greatest number of voices and the freshest opinions on a site is to point to the best of the thousands of diverse weblogs on the war being updated obsessively. To ward off potential charges of bias, give equal footing to all views; the least expensive way to do that is to provide a safe way through the minefield of independent opinion on the Net. Use tools like DayPop, the speedy weblog search engine, and its kin to keep up with war reports and opinions from unlikely places. The more voices, the better, particularly in the earliest days of the conflict, when much of the content you'll receive -- and perhaps all of the broadband content -- will be coming from or filtered through official sources. Best of all, the content's free. It's a great starting point for your visitors to join in the discussion. Those sites that foster active communities will come out of the next couple of weeks with a better reputation -- and more traffic.

Jimmy Guterman was the editor of Media Grok and its successor, Media Unspun. He has written or edited for more than 90 periodicals (some of which still exist), has written five books (half of which are still in print), and has produced CDs for every major record label (all of which have consolidated). He is the founder and president of a consultancy, the Vineyard Group.

Business 2.0 By Thomas Mucha, April 2003 Issue

Alan Pearson is replacing Soviet-era accounting ledgers with a 21st-century computer network.

When Afghanistan's fledgling government needed to rebuild part of the country's war-ravaged infrastructure, it didn't turn to the United Nations, a relief agency, or a military man. It went straight to a management consultant.

Alan Pearson is a 58-year-old Aussie who's leading an eight-person team from BearingPoint (BE) (formerly KPMG Consulting) to build a computerized financial-management system that will help Afghanistan rejoin the 21st century. To mark the start of Afghanistan's fiscal year, the new system will enter service on March 21.

The financial network will allow the war-torn nation to manage the $4 billion in foreign aid that's expected to arrive in coming years -- money that's needed to pay for roads, schools, hospitals, and other reconstruction projects. The computerized tools will be a vast improvement over the country's current approach to financial management -- a dusty handbook on accounting principles written in 1965.

Pearson has been working in Kabul's drab concrete Ministry of Finance building since August. There weren't any computers on hand when he arrived, so he bought a handful of PCs that had been cobbled together on Kabul's streets by crafty entrepreneurs. Electricity is spotty, so a generator was brought in to run the equipment. To maintain telephone service, Pearson installed a satellite dish.

His team also had to train local workers, most of whom had never before laid eyes on a computer. "You start with the on/off switch and take it from there," he says. But within three weeks, most workers were able to input data and perform basic tasks. The new system, which Pearson describes as "deliberately simple," is built around Windows 2000, a few Hewlett-Packard (HPQ) and Compaq servers, and a Cisco-based (CSCO) local area network.

Safety has been an ongoing concern. Two deadly car bombings have struck Kabul since Pearson arrived, yet the dangerous work is just beginning. The project's next phase will extend the system to Afghanistan's unruly provinces. And you thought you had to worry about job security.

In the Spotlight Military Weapons U.S. troops are armed with the most advanced weapons systems the world has ever known. Backed by cutting-edge technology from familiar names like General Dynamics and Raytheon, as well as defense newcomers IBM and Hewlett-Packard, the military's current arsenal is faster, lighter, and smarter than ever. Our staff got the lowdown on some of the more impressive weapons in our recent story "The New Military-Industrial Complex." Our Web Guide features additional information on the military's top manufacturers of airplanes, combat vehicles, and weapons, plus essential research on biological and chemical warfare.

Code posted takes advantage of vulnerability in Windows 2000 By Paul  Roberts March 25, 2003      Just one week after Microsoft alerted the public to a serious security vulnerability in a component of its Windows 2000 operating system, a security researcher has posted code to exploit that vulnerability.

The code or "exploit" was posted to two online discussion lists frequented by the computer security experts on Monday by Rafael Núñez, a senior research scientist at Scientech de Venezuela in Caracas, Venezuela .

The actual code was written by an individual using the name "kralor," part of a group called Coromputer. Núñez verified and tested the exploit before posting it.

The exploit posted by Núñez could be dangerous, but it is similar to code that was already being developed and circulated among malicious hacker groups online, according to David Litchfield of Next Generation Security Software Ltd. in Sutton, U.K. (NGSS).

While posting an exploit to public forums such as the Bugtraq mailing list raises the profile of such code, it does not increase the risk of new worms or viruses being developed that target the Microsoft vulnerability, Litchfield said.

"Someone who would write a worm for this [vulnerability] would know how to without having exploit code provided," Litchfield said.

In fact, having the exploit code available could help "level the playing field" between network administrators and malicious [or "black hat"] hackers by providing administrators with detailed information about how attacks might be carried out, according to Litchfield.

The vulnerability concerns an unchecked buffer in a core Windows 2000 component called ntdll.dll that is used to handle the World Wide Web Distributed Authoring and Versioning (WebDAV) extensions to HTTP (Hypertext Transfer Protocol), according to the Microsoft Security bulletin MS03-007. (See www.microsoft.com.)

WebDAV allows users to edit and manage files on remote Web servers. The protocol is designed to create interoperable, collaborative applications that facilitate geographically dispersed "virtual" software development teams.

An attacker could use the vulnerability to cause a buffer overflow on the machine running Microsoft's Internet Information Server (IIS), creating a denial of service (DOS) attack against such machines or executing their own malicious code in the security context of the IIS service, giving them unfettered access to the vulnerable system, Microsoft said.

Microsoft quickly developed and released the patch for Windows 2000 after learning that one of its customers was already being attacked using WebDAV to target the ntdll.dll vulnerability.

However, the vulnerability can be exploited in many ways, with WebDAV just one prominent example, Litchfield said.

Litchfield released a paper on Friday announcing that NGSS uncovered new avenues of attack on ntdll.dll in addition to WebDAV. Some of those attacks could use IIS, while others might use other Java-based Web Servers, Litchfield said. (See: www.nextgenss.com.)

Despite Microsoft's security alert regarding possible attacks using WebDAV and IIS and Núñez's publication of exploit code for that particular scenario, users who are not running IIS or using WebDAV may also be vulnerable, Litchfield said.

"It's like the saying 'All roads lead to Rome .' There are lots of paths that lead to this problem and there will be other things like [the WebDAV exploit]," Litchfield said.

Litchfield encouraged administrators to assess their exposure to the vulnerability in the ntdll.dll component of Windows 2000, then download, test, and apply Microsoft's security patch as needed.

Administrators should also keep their eyes open for a more thorough patch for the ntdll.dll problem, following the problems that were reported by some customers who deployed the first patch, according to Litchfield.   Paul Roberts is a Boston-based correspondent for the IDG News Service, an InfoWorld affiliate.

Program exploits Windows 2000 flaw By Robert Lemos Staff Writer, CNET News.com March 24, 2003, 5:45 PM PT

A Venezuelan security consultant has released a small program designed to compromise Microsoft Internet Information Service servers that haven't had a recent security hole patched.

Monday's public release of the program's source code--known in security parlance as an exploit--will allow less technically knowledgeable system administrators to test for the existence of the vulnerability or allow less skillful miscreants to attack servers.

"I released (the code) to enlighten the public and to promote system security for administrators unfamiliar with these exploits," said Rafael Nunez, information security consultant for Scientech de Venezuela and a former hacker who used the handle "RaFa."

The release of the code on two security lists--BugTraq and VulnWatch--is the latest twist in the story of the Windows 2000 flaw that Microsoft announced a week ago.

The flaw, which Microsoft said could be exploited through the World Wide Web Distributed Authoring and Versioning (WebDAV) component of Internet Information Service (IIS) 5.0, allows an attacker to take control of the server. The flaw was discovered March 12 by the U.S. military after a public Web server was compromised by the vulnerability.

Microsoft declined to comment on the issue, except to say that customers should patch their systems. Nunez also stressed that system administrators need to patch their systems before a virus writer uses the vulnerability as a vector for a computer worm.

"This exploit is very serious," Nunez said. "Any unpatched system can allow a remote intruder to obtain full administrator privileges. This exploit can be used by some malicious programmers to write worms that can automate Web site defacements and other malevolent operations."

Nunez said that he got the code from other hackers on the Internet and cleaned it up before sending it to the two security lists to be published.

www.latintrade.com 03/19/2003 - Source: Business News Americas

(BNamericas.com) - German telecoms vendor Siemens (NYSE: SI) beat out Ericsson, Alcatel and Nortel to win a US$54mn contract to provide the GSM network equipment for startup PCS operator Colombia Movil, local daily Portafolio reported. Siemens will deploy a network to cover all of Colombia's departmental capitals and main urban areas, in addition to the country's major thoroughfares.

The US$54mn bid was "very aggressive" given such coverage objectives, Pyramid Research analyst Carlos Rodriguez told BNamericas. Rodriguez noted that the contract represents about half of what Colombia Movil had budgeted for capex this year.

Siemens probably bid near or below the real cost of deploying the network, with the idea to recoup the investment with future contracts in coming years, he said. However, Rodriguez said other contracts would not be just around the corner. The current deployment would yield a network good for at least three years, unless growth far exceeds what is expected, he said.

Yankee Group analyst Wally Swain told BNamericas that Siemens' bid might not be undervalued, depending on what is included in the contract. "A switch is around US$5mn. Cell sites are US$150,000-250,000. This could be as little as one switch and 200 cell sites which should give enough coverage," he said.

Swain also noted that the contract does not cover transmission between sites, most of which they will rent from their parents, which are Colombia's two largest fixed line operators. "It is not clear because we have no details, but it is likely [the contract] doesn't cover the physical tower work or electrical work," he added.

Rodriguez saw the bid as part of a wider market expansion strategy in Latin America. "Siemens knew that this is one of the last opportunities it has to enter a large Latin American mobile market," he said, adding that the company is also playing hard to gain the contract with Ecuador's new PCS concessionaire, Andinatel.

Siemens will also look to benefit its handset division from the Colombia Movil contract, Swain said. The German vendor can now leverage the contract to push into the local handset market as well, he said.

Rodriguez agreed, noting that Siemens does not have any handset presence in the region except through its GSM network agreements with Telecom Italia Mobile (TIM) in Brazil and Venezuela.

According to the paper, Siemens would have the infrastructure in place by mid-year. Earlier estimates by Colombia Movil executives had the network up and running by October of this year.

However, Swain said such a time frame would be very aggressive. The existing cellular carriers take an average two months per cell site to find sites, negotiate contracts and obtain permission from the authorities to install, before installation can begin, he said.

It should be easier to get approval for PCS sites from Colombia's civil aviation board and the municipal environmental agencies because their towers are lower, and in many cases antennas can be flush-mounted on the side of a building. However, Swain said it would still be a considerable logistical challenge to mount a sufficiently extensive network for an adequate service launch.

A more realistic objective is to have a network running before the Christmas holiday season kicks in, Swain said, noting that the Colombian market has traditionally seen a big end-year push, with as much as 40-50% of sales occurring in the second half of the fourth quarter. Colombia Movil must have a stable network before then, or it will miss this critical sales period, he said.

Colombia Movil, a joint venture between Colombia's two largest fixed line operators, Bogota-based ETB and Medellin-based EPM, won its PCS license in January.

The PCS operator has indicated it will invest US$550mn over the next five years for GSM network buildout, and ETB has already approached the capital markets to finance its part of the cost.