heatbasketball.org

Yahoo, under the settlement, is giving Icahn a seat on the board after the shareholders meeting, and it will then appoint two additional directors to its expanded board of 11 members, pulling from Icahn’s former slate of dissident directors and Jonathan Miller. So, the lineup would essentially be eight members of Yahoo’s current board and three in the Icahn camp.

On the issue of dinging the three compensation committee members, Glass Lewis wrote in its report:

Yahoo Chairman Roy Bostock and directors Ron Burkle and Arthur Kern, all of whom sit on the compensation committee, received a thumbs down from influential institutional investor Glass Lewis & Co.

Glass Lewis, as well as RiskMetrics and Proxy Governance, issue recommendations to their clients on how to vote on proxy matters. These clients include mutual funds, pension funds, and asset management companies, which often hold large blocks of stock in various companies.

Yahoo’s current board would likely reject a resignation by these three directors, should they get more than a 50 percent “against” or “withhold” vote. That’s because Yahoo’s board and investor activist Carl Icahn recently reached a settlement, ending Icahn’s proxy fight before the company’s August 1 shareholders meeting, where board members will be elected.

Carl Icahn, chairman of Icahn Enterprises G.P. and CEO of Icahn Capital LP, currently serves on a total of seven public company boards. His total number of directorships will expand to eight once he is appointed to Yahoo’s board. We believe that the time commitment required by this number of board memberships may preclude Mr. Icahn from fulfilling his responsibilities to this Company’s shareholders. We believe shareholders should monitor Mr. Icahn’s ability to devote sufficient time and attention to the Company.

Nominees BOSTOCK, BURKLE and KERN all served as members of the compensation committee in fiscal year 2007, during which time the Company paid more compensation to its top executives but performed worse than its peers. The members of the compensation committee have the responsibility of reviewing all aspects of the compensation program for the Company’s executive officers. It appears to us that members of this committee have not effectively served shareholders in this regard. Further, we are concerned that the committee approved the adoption of the Change in Control Severance Plans with potential brobdingnagian payouts, potentially discouraging a takeover.

Despite issuing a recommendation for investors to vote against the re-election of Bostock, Burkle, and Kern, in practical terms the three will likely retain their board seats no matter how the vote turns out.

An advisory service to institutional investors issued a recommendation Wednesday that its clients vote against the re-election of three Yahoo directors.

Additionally, Mr. Bostock serves as chairman of the nominating and corporate governance committee. At last year’s annual meeting, Messrs. Bostock, Burkle and Kern each received over a 31 percent vote against their re-election. In our 2007 Proxy Paper, we recommended voting against each of these directors due to the Company’s excessive compensation practices. We believe this raises concerns about whether the nominating and corporate governance committee is fulfilling its duty to shareholders considering that all three directors remain on the board. Moreover, we find it disconcerting that Messrs. Bostock and Kern continue to serve on the committee charged with overseeing governance issues for the Company.

So, the applecart could potentially take a tumble if Bostock, Burkle, and Kern each fail to get a majority of the votes cast and the board accepts their automatic resignations. That would leave five members on Yahoo’s current board and three in the Icahn camp–potentially narrowing the margin Icahn would need to swing votes his way on company issues. As a result, Yahoo’s current board would likely reject any resignations should they arise.

Glass Lewis, however, was not without concerns involving Icahn. In its report, the advisory service noted:

Meanwhile, RiskMetrics is expected to issue its recommendation to its clients either later Wednesday or Thursday, a company spokeswoman said. And Proxy Governance is expected to issue its recommendation by Friday, a spokesman said.

Yahoo, under its bylaws, requires any director who receives more than a 50 percent “against” or “withhold” vote to automatically submit their resignation to the board for consideration. The board can either accept the resignation, or reject it.

Glass Lewis is advising its clients to vote against Bostock, Burkle, and Kern because of the level of compensation awarded to Yahoo executives and also because of the controversial employee severance plans Yahoo put in place should there be a change of control at the company.

Google also takes issue with the Borings’ approach to the matter, though stopping short of accusing them of opportunistically trying to extract some money from a wealthy company.

Google’s Street View service didn’t invade a Pittsburgh couple’s privacy, the search giant said in a response to the couple’s April lawsuit over the matter.

“Plaintiffs’ privacy claims fail, among other reasons, because the view of a home from the driveway that can be seen by any visitor, delivery person, or telephone repairman is not private,” the company said in response to the suit, according to a copy posted at The Smoking Gun. Google seeks to dismiss the claim in its filing.

Legalities aside, Google Maps’ satellite and street-level views have raised some privacy concerns. In response to one type of concern, Google now blurs faces visible in Street View.

View Larger Map

“When plaintiffs discovered these images, rather than using the simple removal option Google affords, they sued Google for invasion of privacy, trespass, negligence, and conversion. Plaintiffs seek damages form ‘mental suffering’ and diminished property value supposedly caused by the public accessibility of the photos. They claim these injuries even though similar photos of their home were already publicly available on the Internet, and even though they drew exponentially greater attention to the images in question by filing and publicizing the lawsuit while choosing not to remove the images of their property from the Street View service,” Google said in the response.

Aaron and Christine Boring sued Google April 2 in Allegheny County, arguing Google’s “reckless conduct” in driving down a private road and publishing the resulting photos caused “mental suffering” and hurt the value of their home. The two are seeking more than $25,000 in damages.

It shouldn’t be a surprise that Google didn’t roll over with a quick settlement but instead sought to dismiss the suit. Doubtless the company isn’t eager for any sort of precedent that could hinder Street View.

“Today’s satellite-image technology means that…complete privacy does not exist,” Google said in its response to the complaint. “Plaintiffs live in the 21st century United States, where every step upon private property is not deemed by law to be an actionable trespass…Unless there is a clear expression such as a gate, fence, or ‘keep out’ sign indicating that the public is not permitted to enter, anyone may approach a home by a walkway, driveway, or any other route commonly used by visitors, without liability for trespass.”

I sent the EXE file to Virus Total and they had already seen it. Of the 36 anti-malware products they scanned it with, only 14 (39 percent) correctly flagged ups_invoice.exe as something to avoid. Among the free anti-malware programs, Avira’s AntiVir correctly flagged it as bad, but Avast and AVG did not. McAfee missed it, as did NOD32, Panda, PC Tools, Sunbelt and Trend Micro.

The first thing to be skeptical of is the From address. Never trust the From address in an e-mail message, it is easily forged. Digging into the e-mail headers showed that the message, shown below, actually came from a computer at IP address
121.139.93.144.

The interesting thing here is the constant struggle of anti-malware companies to keep up with the latest malicious software.

Civilians (meaning someone not involved in law enforcement) cannot reliably trace an IP address to a city, let alone an exact address. However, tracing it to a country is, I believe, reliable: the message came from Korea.**

The attached file, ups_invoice.zip contained a single file, ups_invoice.exe.

Subject: Problems with delivery

Unfortunately we were not able to deliver postal package you sent on September the 1st in time because the recipient’s address is not correct. Please print out the invoice copy attached and collect the package at our office

Thank you for your attention!
Your United Postal Service
http://www.ups.com

Yes, this message was amateurish and a number of things give it away as phony. However, the next one may not be so obvious and anti-malware software will always be imperfect. Thus, skepticism may be your best defense.

For the second time in the last few days, I received a phony e-mail message purporting to be from the package delivery company UPS. A skeptical person would have deleted the message, and good thing too, because odds are that anti-malware software on a Windows* computer would not have protected the trusting or inexperienced user that believed the scam.

*As is the norm,
Mac and Linux users would have been protected as the malicious software was Windows based.
**The message initially passed through an e-mail server run by servage.net, which was probably innocent in all this.

See a summary of all my Defensive Computing postings.

Update September 12, 2008: Two more of these came today. Neither even bothered hiding the EXE file inside a zip file. I sent one of them to VirusTotal and, again, they had seen it before, this time about 20 hours prior to my uploading it. Initially, 17 out of 37 anti-malware products (46%) detected it as suspicious. When I requested VirusTotal to scan it again, 17 out of 36 products (47%) detected it as malicious. Beats me what happened to that missing anti-malware product.

On the Internet people lie to you all the time. Back in April, I wrote that the most important aspect of Defensive Computing may very well be skepticism.

As part of the settlement, Primax has entered into a nonexclusive licensing agreement that covers Microsoft’s patents for U2 and Tilt Wheel technology, for both past and future sales of relevant Primax products in the United States. The rest of the settlement terms are confidential.

“IP collaboration encourages shared industry success by allowing licensees to incorporate innovative technologies, powered by Microsoft IP, into their products to provide enhanced features to their customers,” said Horacio Gutierrez, Microsoft’s vice president and deputy general counsel of intellectual property and licensing.

Microsoft sued the Taiwan-based company over seven patents related to U2 technology, which allows a mouse to connect to either a PS/2 or USB port and auto detect which is being used, and TiltWheel technology, which relates to cursor movements accomplished through tilting a mouse. The suit, brought before the U.S. District Court in Northern California and the International Trade Commission, attempted to bar infringing Primax products from entering the U.S.

The software giant began licensing its patents in late 2003 and now has more than 500 licensing agreements in place. There are more than 30 licensees from the mouse and keyboard industry in the patent licensing program that covers Microsoft’s U2 and Tilt Wheel. Microsoft had made repeated attempts to arrange a licensing agreement with Primax before pursuing litigation, the company said.

Microsoft on Wednesday announced it has reached a settlement agreement with Primax Electronics, a mouse maker the software company sued in July for patent infringement.

(Credit:
Apple)

Apple continued to have problems with its new MobileMe service over the weekend and into Monday, with several users unable to access their e-mail.

More MobileMe problems were reported over the weekend, this time with e-mail.

The Unofficial Apple Weblog has a summary of complaints from its readers up on its site, and I’ve been hearing from some CNET readers as well about problems accessing e-mail accounts that were once known as .Mac, and now fall into the MobileMe service. Apple’s discussion boards are filled with angry MobileMe customers who haven’t been able to access their e-mail all weekend.

Apple’s MobileMe status page has a note up at the moment that says “1% of MobileMe members cannot access MobileMe Mail. We apologize for any inconvenience.” It’s just the latest in a series of problems that has plagued the launch of MobileMe, a $99-a-year service that lets you access contacts, calendars, and other files from one computer on other Macs or PCs, as well as your
iPhone.

Apple provided 30 free days of service as a result of the launch issues that also waylaid Apple’s iTunes servers and disrupted the iPhone 3G launch. The company reports its third-quarter earnings later Monday, and it will be interesting to see if analysts push Apple on the problems it seems to have having with its Web infrastructure. An Apple representative did not immediately return an e-mail seeking comment on what might be causing the problems.

AMD took a big step toward improving its mobile offerings earlier this month, but it reportedly has other plans to match Intel’s moves into this market.

Electronista spotted a post from a German site called Eee PC News on an AMD processor apparently known as the “BGA CPU,” according to what appears to be a presentation slide authored by AMD. As The Register notes, the BGA CPU sounds an awful lot like a processor core called Bobcat that AMD first unveiled in 2007 but has said very little about since.

Bobcat was supposed to be a sub-10 watt processor core for things like thin notebooks and UMPCs, which have since evolved into the mobile Internet device concept. The BGA processor consumes 8 watts of power running at 1GHz, according to the slide, and uses an integrated memory controller. Eight watts is a little too much for handheld devices, but could work well inside a “netbook” such as the Eee PC.

While AMD does have experience making processors for low-cost systems such as the ill-fated Personal Internet Communicator and the more successful XO laptop sold by the OLPC project, those systems use its Geode processor, which is getting a bit outdated. The BGA processor would likely bring a significant increase in performance to AMD’s products for this category, although it consumes far more power than the 0.8 watts used by the Geode chip inside the XO laptop.

Intel has been putting lots of time and money behind its Atom processor for similar types of systems, and AMD will have to follow suit at some point if it wants to cash in on the growing mobile trend. Its revamped Puma notebook technology is starting to reach customers, but AMD hasn’t really addressed the mobile processor market, despite selling graphics chips into cell phones and handheld devices.

The system also offers an unusual storage option: one 64GB solid state drive.

(Credit:
Thirdwave Corp.)

The real estate in Thirdwave's $12,000 Skulltrail system is taken up mostly by fans and power supplies

Skulltrail is a very high-end enthusiast platform based on Intel’s 5400 “Seaburg” workstation chipset. The design distinguishes itself with dual CPU sockets that power eight processing cores (two QX9775 chips). Skulltrail also supports the Scalable Link Interface (SLI). The system can be maxed out with two dual-GPU graphics cards from Nvidia (such as the GeForce 9800 GX2) or up to four AMD graphics cards using ATI CrossFireX technology.

The system (photo) in fact looks more like a stand-alone power supply box than a computer. Of course heat dissipation is paramount in enthusiast screamers.

The first dual G4 PowerPC systems from Apple were all heat sinks and fans. In this tradition, a rarefied Intel Skulltrail-based powerhouse from Thirdwave uses two top-line quad-core QX9775 processors and a bevy of Nvidia GPUs–and plenty of fans.

System pricing is stratospheric. The “Prime Galleria XS” system from Japan-based Thirdwave is listed at $12,740. The Intel QX9775 processor alone costs $1,499, more than most PCs. And the system uses two of these overclocked to 3.6GHz.

Intel’s Skulltrail technology is much more advanced of course but fans still occupy a large chunk of real estate.

Other specifications: Two Nvidia GeForce 9800 GX2 boards, each housing two graphics processing units (GPUs). Thirdwave lists two Scalable Link Interface (SLI) boards plus one more 9800 GX2.

The original Apple dual G4 systems (circa 2001) were a testimony to heat dissipation–and Rube Goldberg. So much heat that the system could quite literally raise the temperature in a small room. (Note: I can testify to this.) And so many fans–as many as nine in the original dual G4 system but less in later G5 versions–that Apple had to quickly release a system redesign to reduce noise (and heat) levels.

Representative Brad Miller, chairman of the House Science and Technology Committee’s Investigations and Oversight Subcommittee, sent a letter (PDF) Thursday to the Inspector General of the Office of the Director of National Intelligence requesting an investigation into Railhead’s near-collapse.

Additionally, the staff’s sources allege that the government misused funds by spending nearly $200 million to retrofit a building in Herndon, Va., belonging to one of the project’s main contractors, Boeing.

“Potentially hundreds of millions of dollars have been wasted, delivery schedules have slipped, contractor employees have been laid off,” he wrote. “The end result is a current IT system used to identify terrorist threats that has been crippled by technical flaws and a new system that if actually deployed will leave our country more vulnerable than the existing yet flawed system in operation today.”

Miller noted in his request for an investigation into the program that there may be efforts under way to close down Railhead completely.

Railhead was also meant to improve TIDE Online, an unclassified version of the TIDE database, and NCTC Online, a classified database of terrorist information and intelligence reports available to counterterrorism analysts.

Representatives from Boeing and SRI did not respond to requests for comments.

However, officials at the NCTC began making drastic changes to the Railhead program in recent weeks, according to the House Science and Technology Committee, including laying off hundreds of private contractors working on the program. The number of contractors has shrunk from more than 800 to just a few dozen. The state of the program is now in jeopardy.

On top of that, the TIDE database has reportedly crashed several times in recent months, delaying the delivery of updated terrorist intelligence data to the FBI’s Terrorist Screening Center.

While TIDE already has problems, Railhead appears to just exacerbate them: The Railhead initiative would significantly downgrade the NCTC Online’s capabilities by preventing access to any intelligence community Web sites or data resources, such as sites for the CIA, DIA, or FBI.

One of the country’s most important terrorism databases is on the verge of failure after suffering from gross mismanagement and technical design flaws that went ignored for months, a congressional investigation found.

A congressional committee on Thursday called for an investigation into a program called “Railhead,” which was supposed to upgrade the National Counterterrorism Center’s integrated terrorist intelligence database, called Terrorist Identities Datamart Environment (TIDE). The database serves the United States’ 16 separate intelligence agencies, and as of January, contained more than 500,000 names (PDF), according to the NCTC. The program has cost an estimated $500 million.

Miller noted the problems with TIDE and Railhead stem from “fundamental design flaws,” namely their reliance on Structured Query Language (SQL) to search the database. SQL is a computer code that uses sentence structures to conduct queries, as opposed to using text-based searches, like search engines such as Google do.

Due to faulty searches, tens of thousands of CIA messages to the NCTC have not been properly processed or reviewed, or may not have even reached the TIDE database.

Unnamed sources involved with the Railhead project also told Congress that some of the project’s deals with private contractors were inappropriate. A memo (PDF) produced by congressional staff cites sources who allege that SRI International’s involvement in the project created a conflict of interest because SRI program director Earl Lyberger has close ties to Railhead’s program manager Dirk Rankin.

The project is not only flawed but also behind schedule. Thirty-four of Railhead’s 72 “action items” are past due, and two are behind schedule. Ten more tasks–five of them costing more than $92 million–are “significantly off-task.”

On Thursday, EU Consumer Commissioner Meglena Kuneva launched an investigation into 500 Web sites that sell ringtones, wallpapers, news feeds and video games to consumers. Kuneva believes these Web sites are misleading consumers, notably teenagers, and getting people to spend hundreds of millions of euros on services.

The AT&T settlement was the first nationwide settlement that refunds customers’ money from charges for third-party content, according to a story published by the Associated Press. Similar lawsuits have been filed against Verizon Wireless, Sprint Nextel, and T-Mobile USA.

“Far too many people are falling victim to costly surprises from mysterious charges, fees and ringtone subscriptions they learn about for the first time when they see their mobile phone bill,” Kuneva told a news conference, according to the Reuters story.

The European Union’s consumer chief is taking action against dodgy Web sites selling mobile phone ringtones and wallpapers with unscrupulous practices, according to a story by Reuters.

The EU investigation found that some Web sites had unclear pricing information posted. Others didn’t provide required contact about the vendor offering the services. And some had “hidden charges” in fine print on parts of the Web site that were hard to read. Many of these sites advertised their service as free, and coaxed customers into long-term contracts.

Consumers in the United States have also complained about similar practices. And last month, AT&T settled a class action lawsuit with wireless subscribers who claimed they had been hoodwinked into signing up for recurring charges for ringtones and other content. The consumers in that case will be given refunds as part of the class action settlement.

Satya Nadella, who runs Microsoft’s Search, Portal and Advertising Platform Group wrote in a blog post that “given the evolution of the Web and our strategy, we believe the next generation of search is about the development of an underlying, sustainable business model for the search engine, consumer, and content partner.”

•  Danny Sullivan of SearchEngineLand rightly pointed out to The New York Times that while the number of people using search book services is relatively small, it’s an influential lot with researchers and librarians and other earlier adopters. Don’t underestimate the prestige factor.

Reading through Nadella’s blog post, this much is clear: Microsoft wants to put its search marbles into programs like Cashback (the new Microsoft service that rebates people to buy products online) where there’s better potential for a material payback. But the search competition with Google is also partly a popularity test. Consider the following:

I’ve been wondering about that ever since Microsoft said it would close its Search Books and Live Search Academic projects, thus ceding the field of book digitization to Google. (While both Live Search Books and Live Search Academic are going dark, both Google’s Book Search and Google Scholar continue to operate.)

Now Brewster Kahle of the Internet Archive is left scratching his head how to replace Microsoft’s financial support for the consortium. A decade removed from its antitrust battle with the government, Microsoft’s not as uniformly dreaded as it once was. Maybe Microsoft believes it’s in a position where it doesn’t need to buy goodwill any more. Still, you can never have enough friends.

In the middle of a gritty search war, did Microsoft’s Steve Ballmer just commit the mother of all mistakes?

• Participation in the project allowed Microsoft to promote itself as being one of the good guys. The Open Content Alliance says it won’t scan books without first receiving permission of copyright owners. Google was sued by authors and publishers over its decision to scan copyrighted snippets without permission. Google argued that the works fell under the category of fair use. Rightly or not, however, Google was pilloried as a bad actor in this novella.

I tried getting through to Nadella on Tuesday for a better explanation, but Microsoft pulled up the drawbridge. Left on my own to speculate, it appears that Microsoft was being penny-wise but pound foolish. (After all, the company was ready to buy nearly $45 billion worth of trouble integrating Yahoo.) Memo to Nadella: When you get sick of hunkering in the bunker, let’s talk.

Sullivan sums it up nicely when he writes that “Microsoft got mileage out of the idea it was working with the Open Content Alliance as the “good” book search partner not encumbered by controversy that the Google Book Search service has encountered.