Apple leaves Chamber of Commerce, citing green policies

Don't look for any Apple executives at the next U.S. Chamber of Commerce mixer wearing any of those "Hello, My Name is..." stickers. The trade group has been a very vocal opponent of current legislative efforts to reduce greenhouse gasses Apple's resignation comes in the wake of comments last week from Chamber of Commerce president Thomas J. Donohue who said that his group supported federal legislation to reduce carbon emissions but criticized a bill passed by the House of Representatives this summer "because it is neither comprehensive nor international, and it falls short on moving renewable and alternative technologies into the marketplace and enabling our transition to a lower carbon future." That was apparently the final straw for Apple, which has made a strong push to reduce the environmental impact of its products in recent years. The computer maker has resigned its membership in the business trade organization, citing opposition to the U.S. Chamber of Commerce's stance on greenhouse gasses. In a letter to Donohue, Catherine A. Novelli, the company's vice president of worldwide government affairs wrote: As a company we are working hard to reduce our own greenhouse gas emissions by relying on renewable energy at our facilities and designing more energy-efficient products for our customers. ... For those companies who cannot or will not do the same, Apple supports regulating greenhouse gas emissions, and it is frustrating to find the Chamber at odds with us in this effort.

The Washington Post reports that three other companies have pulled out of the group because of its climate policy-Pacific Gas and Electric, PNM Resources, and Exelon. Apple's not the only company to part ways with the U.S. Chamber of Commerce over this issue. A fourth company, Nike, resigned from the Chamber of Commerce board, but remains a member. [Hat Tip: SFGate.com's Bottom Line blog]

TwitterPeek: The World's First Twitter-only Device

Mobile e-mail device maker Peek has partnered with Twitter to bring you the world's first dedicated Twitter device: TwitterPeek. TwitterPeek features a 2.7-inch by 4-inch color screen, a full QWERTY keyboard, and no-contract nationwide unlimited wireless coverage. The new handset lets you send and receive tweets and direct messages, follow new users, and view images sent via Twitpic. Available now from Amazon or TwitterPeek.com, this Twitter-only handset sells for $100. That price includes six months of free wireless service; monthly access will set you back $7.95 per month after that.

What TwitterPeek doesn't have From the sounds of it TwitterPeek leaves a lot to be desired. Big spenders, though, can pay $200 up front for TwitterPeek and get lifetime wireless coverage. TwitterPeek allows you to send and receive tweets, but lacks a search function. TwitterPeek is also lacking a Web browser, which means you'll be left out of any conversations happening around a particular blog post or news item. So if plan on using this device to track tweets about your business, you will miss out on any conversations using hashtags-a user-created system of cataloging tweets by subject-or other conversations that don't include an @reply to your company's Twitter account. So a tweet like, "Dog Lovers - you'll Dig this! bit.ly/4prwrb" will be useless on TwitterPeek.

Better Alternatives With so many other Twitter-capable devices out there, I have to wonder about TwitterPeek's appeal. Plans are in the works to allow you to preview Web pages within TwitterPeek, but that will still leave the device crippled if you won't be able to get a complete view of what others are looking at. You can already get Twitter on any smartphone or feature phone with Internet access, and you can also send and receive tweets using SMS. If you don't want to be stuck with high data fees typical of most smartphone plans, there are cheaper alternatives from Peek such as the Pronto for $60. This email-centric device will also let you send text messages, and access Twitter via Ping.fm. So what do you say? It's still a stripped-down device, but at least you can use it for three different functions, all with a cheaper price tag.

Has TwitterPeek got you excited? If I had to guess, I'd say not that many. How many of you out there plan on grabbing one of these devices?

Google Books Won't Hit Digital Shelves Anytime Soon

Google is reportedly working to make its settlement with book publishers more palatable to the court, but even if the deal goes through, consumers are likely a long way from getting out-of-print "orphaned" books onto their e-readers. The government and other parties have raised privacy concerns, worrying about Google's observation of what people read. (And not all authors and publishers are satisfied, although their associations signed on to the deal.) But what really has Amazon, Microsoft and other competitors in a tizzy is the part of the settlement that lets Google sell online access and subscriptions to orphaned books. The settlement, in its current state, would allow Google to make large passages of these books, which are in copyright but whose authors can't be found, searchable on the Web. As the e-reader market heats up, Amazon argues, the Google book settlement would create "a cartel of authors and publishers" who could set pricing and availability without restrictions.

On Friday, the U.S. Department of Justice dealt a blow to Google, the Authors Guild, and the Association of American Publishers, saying the settlement between the three parties violates antitrust and copyright laws. These opponents would have a harder time setting up their own market of orphaned materials because they'd have to create an agreement with publishers and authors from scratch, instead of making a settlement in court. The DOJ advised a U.S. District Court not to approve the settlement unless it is modified. Google and its settlement partners are motivated to quickly address the DOJ's concerns, but delays are inevitable. Though the government seems to want the settlement to go through in the end, the slow pace of government and courts means we could be waiting a long time. It seems unlikely that the deal will be approved on October 7, when the United States District Court for the Southern District of New York has scheduled a hearing on the matter.

All this could take awhile. All parties must agree to any settlement, and even then, the opponents could still make legal challenges. Maybe it's not all bad. With any luck, Google will start selling the orphaned books just as the e-reader glut hits full swing.

Microsoft delivers massive Patch Tuesday, fixes 34 flaws

Microsoft today delivered a record 13 security updates that patched 34 vulnerabilities in every version of Windows, including the not-yet-for-sale Windows 7, as well as in Internet Explorer (IE), Office, SQL Server and other parts of its software portfolio. The closest competitor was December 2008, when the company quashed 28 bugs . "To anyone following Apple, this isn't a big surprise," said Andrew Storms, director of security operations at nCircle Network Security, referring to Microsoft's operating system rival, which typically issues security updates that include scores of fixes. "But this is certainly an unprecedented month for Microsoft." Microsoft ranked 8 of the 13 updates and 21 of the 34 vulnerabilities as "critical," the top rating in its four-step scoring system. The 34 flaws were also a record number for Microsoft, the most holes patched in one sitting since Microsoft switched to a regular monthly update schedule six years ago.

The remainder of the bulletins were judged "important," the next threat level down, while nine of the flaws were also pegged important, and the final 4 were tagged as "moderate." Among today's patches were several for zero-day vulnerabilities - bugs for which exploit code had already gone public. Microsoft patched three vulnerabilities in SMB (Server Message Block) 2, a Microsoft-made network file- and print-sharing protocol that ships with Windows; two bugs in the FTP server that's included with older editions of its Internet Information Services (IIS) Web server; and two in the Windows Media Runtime. One of the zero-day vulnerabilities was undisclosed until today. The flaws in SMB 2 and IIS had been public knowledge since early September, but the Windows Media vulnerabilities included one that Microsoft said was already in the wild, but had not leaked to the usual public sources, such as security mailing lists. More important, it can be exploited in drive-by attack situations, just be getting people to go to a [malicious] Web site." Early last month, Microsoft revealed the SMB 2 vulnerability , but although attack code went public, security researchers have not seen any actual attacks. For that reason, Storms urged everyone to deploy the MS09-051 update, which patches the Windows Media bugs, as soon as possible. "At first glance, [MS09-]051 should be patched immediately," he said. "What's interesting today is that we're learning it's in the wild.

The flaw affects Windows Vista, Windows Server 2008 and preview releases of Windows 7, but not the final edition slated for retail release next week. Microsoft also fixed a slew of flaws today that go back to a programming error in one of its code "libraries," Active Template Library (ATL). The company had acknowledged the error last summer. The FTP flaw , on the other hand, was disclosed by Microsoft Sept. 1, when the company confirmed that its security team was investigating attack code that hit the street on the last day of August. Today's patches quashed three ATL-related bugs in Office and set "kill bits" to disable four or more Microsoft-made ActiveX controls for Windows Live Mail, the MSN Photo upload tool, and various Office document viewers used by Internet Explorer (IE) to display spreadsheets, charts and databases on the Web. "And we have the token IE patches today, too," noted Storms, talking about MS09-054, which plugs four holes, all critical, in Microsoft's browser. As part of today's record update, Microsoft also patched eight vulnerabilities in GDI+, (Graphics Device Interface), a component that debuted in Windows XP and is a core part of Windows Vista and Windows 7, as well as the server-side operating systems, Windows Server 2003 and Windows Server 2008. Hackers could exploit the GDI+ bugs by sending specially-crafted image files in a variety of formats - including BMP, PNG, TIFF and WMF - to a user via e-mail, or by convincing users to visit sites that contain malicious image files.

Included in the four, said Storms, was one apparently accidently disclosed at the Black Hat security conference several months ago. By triggering the vulnerabilities, attackers could then follow up with additional malware to hijack a system or steal data. The audio codec bugs [in MS09-051] will be so much easier to exploit," he reasoned. "I would put the two items in the public domain, MS09-050 [the SMB 2 flaws] and MS09-053 [the FTP bug in IIS] at the top of the list," said Storms. "And then MS09-051 and the IE updates, the latter because those kind of client-side bugs get a lot of attention from attackers." This month's security updates can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services. Storms, however, discounted exploits of the GDI+ vulnerabilities.

China clamps down on Internet ahead of 60th anniversary

Security forces with black masks and machine guns on the streets of China's capital are just the more visible side of a security clampdown in the country this month: there is also its secretive battle to control the Internet. China's newest nuclear missiles will be included in the arsenal of weapons and equipment shown off in the parade, according to state-run media. The heightened security comes ahead of a massive military parade Beijing will hold in the heart of the city next week to celebrate China's 60th anniversary of communist rule, an event the government hopes will showcase the country's development and go untarnished by security threats or shows of dissent. Security measures have included a crackdown this month on online tools that help users circumvent the "Great Firewall," the set of technical measures China uses to filter the Internet, according to providers of the tools. "They put more resources into the blocking," said Bill Xia, president of Dynamic Internet Technology, which makes a widely used anti-censorship program called Freegate. "It has been getting worse and worse this month," he said.

But accessing some of those tools has become more difficult in recent weeks. Many expatriates and savvy locals in China rely on Freegate as well as proxy servers and virtual private networks (VPNs) to bypass blocks that China places on Web sites like YouTube, Facebook and Twitter. China has always blocked IP (Internet Protocol) addresses it believes are used by Freegate, which routes users' communication through foreign IP addresses to grant access to Web sites blocked in China. The moves have left most users unable to use the program, prompting Xia's company to ready an updated version of Freegate that will be available in a few days. But this month it became more aggressive and began blocking a wider range of IP addresses, risking taking down unrelated targets in order to hit more Freegate users, Xia said. China also cranked up its efforts to stifle Freegate ahead of another sensitive date this year: the 20th anniversary of its bloody crackdown on student democracy protests in Beijing's Tiananmen Square in June 1989. Measures China uses to limit access to certain Web sites include altering entries in the DNS (domain name system), which translates URLs like www.google.com into the numeric IP addresses used to relay information online, and resetting a computer's connection when it tries to visit a banned site.

Authorities appear to have stepped up efforts to block other circumvention tools as well. The country's police force also patrols the Internet for sensitive or pornographic content. China-based users of Hotspot Shield, another popular program that encrypts and reroutes online activity, have had problems accessing the program's Web site since last month, a representative of developer AnchorFree said in an e-mail. The company had to switch to a new tunneling protocol when some users recently became unable to connect to any servers, the representative said. "I'm unable to tell you with a 100 percent guarantee what [technical] measures are taken in China to interfere with our service, but these measures are being taken," the representative said. China last month also started blocking the Web site of Blacklogic, a VPN provider, a company representative said, though the Web site can currently be accessed from China.

Not all VPN providers appear to have been affected. Accessing blocked Web sites is fairly easy in China and many users do so through free Web-based proxies. China has mainly blocked free VPNs and proxies while allowing similar paid services, a representative of VPN provider 12vpn said in an e-mail. Most VPN users in China are expatriates, but more local Chinese may be signing up as well. 12vpn and other tool providers said their number of China-based users rose after early July, when China blocked Facebook and Twitter. The southern city of Guangzhou this month ordered Internet service providers to install "security monitoring" software on all servers and threatened punishment for failure to do so, according to government notices posted on the blog of one data center management company. Some VPN providers declined to comment for a news story for fear of drawing China's attention and potential restrictions on VPNs. At least one Chinese city has adopted a further measure to monitor Internet traffic.

Two such software programs, called Blue Shield and Huadun, were recommended in one of the government notices. The software is meant to "create a favorable online environment" for China's National Day celebration next week, the government orders said. Huadun's Web site says the program helps server owners remove illegal and pornographic content from their systems. A representative of the data center company reached by phone said it put the orders on the blog for reference by clients and that the order applied only to Guangzhou. China has long gone through cycles of blocking and allowing access to Web sites such as YouTube and Wikipedia, and updates to Freegate have repeatedly allowed the tool to bypass evolving government security measures against it. Some of China's new security measures could remain in place long after the 60th anniversary celebrations, but others are likely to be lifted.

Still, Chinese users have posted skeptical notes on Twitter about China's newest Internet controls. When asked if Twitter and Facebook would be unblocked after the National Day celebration next week, one user said they would not. "Last year we had the Olympics, this year is National Day (which actually happens every year), and next year is the World Expo," the user wrote. "Actually, every year and every month and every day are sensitive."

The OpenBlockS 600 is a Linux server that fits in your palm

Forget the netbook or the net-top PC: How about a net-server? At 5.2-inches-by-3.1-inches in size - and 1.2 inches thick - the OpenBlockS 600 is about the size of two cigarette packs side-by-side. A Japanese vendor is touting a lilliputian Linux Web server that weighs 8 ounces and consumes just 8 watts.

For non-smokers, that's two iPhones stacked on top of each other. Detailed specs are available online . It comes installed with Plat'Home's own embedded SSD/Linux distribution by default, though customers can also request others such as Debian, Ubuntu, Fedora, Java SE for Embedded and NetBSD. The OpenBlockS 600 is actually the latest in Plat'Home's line of Linux 'micro-servers' first introduced in 2000. The 16-year-old company - headquartered in Tokyo's famed electronics district, Akihabara, and with a sales office in the Silicon Valley - has sold more than 50,000 OpenBlockS devices. Starting at $600, the OpenBlockS 600 from Plat'Home Co. Ltd. includes a 600 MHz PowerPC CPU, 1 GB of DDR2 SDRAM and a CompactFlash slot and 3 USB 2.0 ports for internal and external storage. According to a spokeswoman, customers include banks telecom firms and universities. Its 8-watt draw is about a tenth of even the most-efficient rack servers, claims the company, and lets the device run without a fan. Plat'Home is targeting the latest, fastest OpenBlockS 600 at companies looking for a small-footprint Web server as a more-secure alternative to sending their data outside to a cloud or Web service.

To emphasize the OpenBlockS 600's green cred, Plat'Home is also donating money to a wind energy project in India to offset 1,000 metric tons of carbon dioxide emissions. That means customers "can put them anywhere, or even hide them," the spokeswoman said. The server is encased in a tight aluminum-alloy shell to protect it against drops, cold temperatures and fluctuating humidity.