Following up on last week’s announcement that it would soon be opening up to U.S. users, popular music-streaming service Spotify today said its stateside launch is happening tomorrow morning. “Spotify, the award-winning digital music service loved by millions of Europeans, will become available tomorrow morning in the United States by invitation and subscription,” the company said in a statement. It has promised to deliver more details about the launch at tomorrow at 8 a.m. ET. As CNET noted last week, eyes have been on Spotify to announce a U.S. version of its service for months, though particularly after the company began signing licensing deals with the four major record companies in the U.S. The first of those deals was struck with Sony back in January. AllThingsD notes that the U.S. version of the service will be invite-only at first, opening up for general use later on. There will also be multiple versions of the service: a free, ad-supported version that’s time limited, along with $5 and $10 monthly plans that take away the limits and let you access music tracks on mobile devices. The U.S. launch paves the way for Spotify to integrate with a number of other services based here, notably Facebook. Earlier this month, sources told CNET that the two companies recently held discussions about integrating the music service into Facebook, which last week noted that it’s topped 750 million active users. Spotify opened up to the public in late 2008, and has attracted a following by offering free, ad-supported music streaming of its catalog. The service currently touts some 13 million music tracks.
Vpn
BOSTON, USA: It will likely take more than a quick reorganization for Cisco Systems Inc Chief Executive John Chambers to turn around the troubled technology bellwether.Chambers, a Silicon Valley icon who has run the company for 16 years, put his job on the line last month when he told investors that Cisco had lost its way in recent years as it spent heavily to expand into dozens of new markets. Since the rare admission, he has trimmed the company’s bloated management structure, offered early retirement to some employees, killed the Flip camcorder and laid off 550 workers. More changes are in the works. Wall Street analysts will grill him about what’s next on Wednesday when Cisco holds its quarterly earnings conference call. Expectations are low as the company has disappointed for the past three quarters. Its shares have lost 20 percent of their value since the company’s last quarterly report, on Feb 9. Analysts want to hear how Chambers intends to revive his bread-and-butter business of selling the plumbing of the Internet and corporate networks. They will zero in on its switching business, where sales dropped 7 percent in its most-recent quarter. “They’ve been under margin pressure and share pressure and it’s only going to get worse,” said Joe Skorupa, an analyst with Gartner. The research firm recently issued a report advising clients who had long used Cisco switches to diversify their networks to include products from other manufacturers including Hewlett-Packard Co and Juniper Networks. MULTIPLE RIVAL PROVIDERS Conventional wisdom has been it was cheaper to build a network with equipment from a single provider — Cisco — because those switches were designed to work together. But Gartner told its clients they were better off using multiple vendors — summing up the trend of past years in the $21 billion-a-year market for switching equipment, where Cisco commands a 67 percent market share. Rivals such as Juniper and HP have caught up with Cisco in terms of features, sell their products for less and provide software for operating their switches that is easier to manage than Cisco’s offering, Gartner told its clients. “Folks are nipping at their heels from a technology perspective,” said Gerard Gibert, CEO of Mississippi-based Venture Technologies, a firm that sells Cisco equipment. One area where Cisco has fallen behind is in manageability. The company sells several lines of switches, which run on different operating systems. HP and Juniper, by contrast, offer their customers one piece of software for managing all their switches. That means customers need to spend less training IT staff. Cisco has begun to address the issue through a new product dubbed Cisco Prime, which it recently introduced. “I do think there are some improvements they could make in some of their products,” said Rolf Versluis, CEO of Adcap Network Systems, another Cisco reseller.
BANGALORE, INDIA: ATMs going out of order and networks going down at bank branches and reservation counters are a common scene. With roads being dug every now and then in the name of infrastructure development, the underground telecommunication network is the worst hit and its impact is experienced by every one of us. However, you may not have to face such hardships anymore, thanks to BSNL which has come up with integration of different networks such as CDMA and MPLS cloud to offer an extraordinary solution to customers on a different media using omnipresent CDMA network. “Bangalore being the hub of IT business and Enterprise services, the expectations of Enterprise customers are very high on service availability and service back up. Provision of service in technically non feasible areas and in areas where underground cables are impacted, in a cost effective manner, in lieu of VSAT for low bandwidth customers has been a constant challenge,” said a senior official in the Enterprise Data services divison of Bangalore Telecom, BSNL. “From operations perspective, BSNL has observed three areas of challenge in Enterprise services, namely, keeping SLA commitments, cost effective ways to deploy low bandwidth services in non feasible areas and emergency deployment of bandwidth services for back up in highly fault prone areas due to developmental works,” he said. “In order to enable real time connectivity 24/7 to our enterprise customers, especially the BFSI sector, the Bangalore Telecom started working on integrating different networks such as CDMA and MPLS cloud on the CDMA network. It took almost 11 months of constant effort to integrate and stabilize the solution and deployed it for the first time in the country in BSNL,” he informed. He further added: “This initiative opened up new solution on alternate media to offer SLAs in a cost effective manner. The banking and corporate customers are eager to have this solution in place, and we want to deploy this solution all over the country.” BSNL Bangalore has completed proof of concept (POC) for this solution for various banks, corporate customers and oil companies. The solution has been tested in over ten banks and two of them have already placed a commercial order to deploy in branch locations as back up solution. “The feedback from already deployed branches has been very good,” he added. “Though there is back up service in banks in the form of ISDN it is prone for isolation during cable cuts as the ISDN and main link are both available on the same cable. But the CDMA solution provides a stable back up, through its Radio media in a cost effective manner,” the official explained. Low bandwidth ATM functionality was tested in the initial phase and BSNL graduated to leased circuit back up for Banks’ branches up to 256 kbps in areas where there is EVDO coverage, he added. Now, BSNL is proactively encouraging bulk customers to take back up service on CDMA back up so that Location Isolations can be minimized leading to enhanced customer satisfaction and business efficiency.
Websites that have been up and running for a while tend to get tinkered with by well-intentioned marketing and technical staffs. Although businesses should encourage innovation, many common website practices can, if implemented in the wrong way, invite legal problems. Here’s a rundown on five common website mistakes. 1. “Guiding” user comments on social networking pages Websites generally have immunity under Section 230 of the Communications Decency Act for liability for defamatory statements posted by users on social networking pages of a site. However, recent cases have begun to chip away at that immunity in cases where the website has gotten too involved in “shaping” the user-generated content. Too much shaping and a website risks becoming the publisher itself, thereby losing the Section 230 immunity. 2. Testimonials in blogs Many bloggers are unaware that the Federal Trade Commission (FTC) has guidelines regarding endorsements and testimonials in blogs. In general, the guidelines require that bloggers disclose any material connections between themselves and the products that they are reviewing or discussing. Similarly, if a blog offers a testimonial, it should state whether its results are “representative” of what consumers will experience from using the product. This area is particularly perilous because the FTC has brought very few enforcement actions and, therefore, it is unclear where the agency may seek to draw lines. 3. Not updating the privacy policy When was the last time your website’s privacy policy was updated? How many changes has the site implemented since then? A website’s privacy policy should never be set in stone; it should evolve as practices change. Did the site review its privacy policy when it introduced that exciting new data-sharing tool? Did it make changes when implementing a new “just-in-time” notice? Not all changes on the site require revising the privacy policy. But if evolving website practices turn out to conflict with what the privacy policy states, the site could face charges that it is misleading or deceptive. 4. Offering a mobile application without thinking through the data flows Everyone wants to offer a mobile application these days, often linking to a website. However, questions are beginning to arise about the information that apps collect and the devices on which they appear, who handles it and what happens to that data. Knotty legal problems can emerge where these issues have not been vetted. 5. Copyright infringements Copyright infringement is as old as the Internet. Federal law governing online copyright violations – the Digital Millennium Copyright Act – has been in place for a decade and the rules are fairly well understood. Nonetheless, pirated material still often appears on websites, posted by users. Websites must maintain their procedures in order to earn the protections of the DMCA “safe harbour”. A website that loses its DMCA safe harbour protection due to inattentiveness may face substantial losses.
Virtual private networks, or VPNs, extend the reach of LANs without requiring owned or leased private lines. Companies can use VPNs to provide remote and mobile users with network access, connect geographically separated branches into a unified network and enable the remote use of applications that rely on internal servers. VPNs can use one or both of two mechanisms. One is to use private circuits leased from a trusted communications provider: alone, this is called a trusted VPN. The other is to send encrypted traffic over the public Internet: alone, this is called a secure VPN. Using a secure VPN over a trusted VPN is called a hybrid VPN. Combining two kinds of secure VPN into one gateway, for instance IPsec and Secure Sockets Layer (SSL), is also called a hybrid VPN. Trusted VPNs Over the years, implementations of trusted VPNs have moved from raw private circuits leased from telecommunications vendors to private IP network circuits leased from Internet providers. The major technologies used for implementing trusted VPNs over IP networks are ATM circuits, frame-relay circuits and Multiprotocol Label Switching (MPLS). ATM and frame relay operate at the data link layer, which is Layer 2 of the OSI model. (Layer 1 is the physical layer; Layer 3 is the network layer.) MPLS emulates some properties of a circuit-switched network over a packet-switched network, and operates at a layer often referred to as “2.5″ that is intermediate between the data link and the network. MPLS is beginning to replace ATM and frame relay to implement trusted VPNs for large corporations and service providers. Secure VPNs Secure VPNs can use IPsec with encryption, IPsec inside of Layer 2 Tunnelling Protocol (L2TP), SSL 3.0 or Transport Layer Security (TLS) with encryption, Layer Two Forwarding (L2F) or Point-to-Point Tunnelling Protocol (PPTP). Let’s go over each of these briefly. IPsec, or IP security, is a standard for encrypting and/or authenticating IP packets at the network layer. IPsec has a set of cryptographic protocols for two purposes: securing network packets and exchanging encryption keys. Some security experts, for instance, Bruce Schneier of Counterpane Internet Security, have considered IPsec the preferred protocol for VPNs since the late 1990s. IPsec is supported in Windows XP, 2000, 2003 and Vista; in Linux 2.6 and later; in Mac OS X, NetBSD, FreeBSD and OpenBSD; in Solaris, AIX and HP-UX; and in VxWorks. Many vendors supply IPsec VPN servers and clients. Microsoft has included PPTP clients in all versions of Windows since Windows 95 OSR2; PPTP clients are in Linux, Mac OS X, Palm PDA devices and Window Mobile 2003 devices. The company has also included PPTP servers in all its server products since Windows NT 4.0. PPTP has been very popular, especially on Windows systems, because it is widely available, free and easy to set up. However, as implemented by Microsoft, it has not always been the most secure of the secure VPNs. Schneier, with “Mudge” of L0pht Heavy Industries, found and published security flaws in Microsoft PPTP in 1998; Microsoft quickly fixed these issues with MS-CHAPv2 and MPPE, and Schneier and Mudge published an analysis confirming the improvements in 1999, but they pointed out that the security of Microsoft PPTP still depended on the security of each user’s password. Microsoft has addressed this issue by enforcing password strength policies in its operating systems, but Schneier and Mudge still recommend IPsec rather than PPTP for secure VPNs as inherently safer. An older protocol developed by Cisco, L2TP combines ideas from L2F and PPTP to create a data link layer protocol. This provides a tunnel, but no security or authentication. L2TP can carry PPP sessions within its tunnel. Cisco implements L2TP in its routers. There are several open-source implementations of L2TP for Linux. L2TP/IPsec combines L2TP’s tunnel with IPsec’s secure channel, which allows for easier secure Internet Key Exchange than pure IPsec. Microsoft has provided a free L2TP/IPsec VPN client for Windows 98, ME and NT since 2002, and ships an L2TP/IPsec VPN client with Windows XP, 2000, 2003 and Vista. Windows Server 2003 and Windows 2000 Server include L2TP/IPsec servers. SSL and TLS are protocols for securing data flows at Layer 4 of the OSI model. SSL 3.0 and TLS 1.0, its successor, are commonly used with HTTP to enable secure Web browsing, called HTTPS. However, SSL/TLS can also be used to create a VPN tunnel. For example, OpenVPN is an open-source VPN package for Linux, xBSD, Mac OS X, Pocket PCs and Windows 2000, XP, 2003 and Vista, which uses SSL to provide encryption of both the data and control channels. Several vendors supply SSL VPN servers and clients. Benefits and security risks of VPNs A VPN can erase geographical barriers for a company, enable employees to work efficiently from home and allow a business to connect securely with its vendors and partners. A VPN is usually much cheaper to own and operate than private lines. On the other hand, the use of a VPN can expose a company to potential security risks. While most VPNs in use are now fairly secure in and of themselves, a VPN can make it more difficult to secure the perimeter of a network properly. It is incumbent upon network administrators to apply the same security standards to computers connecting to the network via VPN as computers directly connected to the LAN. Combining the use of two VPNs simultaneously can potentially expose one company’s network to another’s. In addition, using remote control software such as PC Anywhere, GoToMyPC or VNC in combination with a VPN can expose the company’s network to the malware present on a remote computer that is not itself connection to the VPN. Reliability, scalability and performance of VPNs Because secure VPNs rely on encryption and some of the cryptographic functions used are computationally expensive, a heavily used VPN can load down its server. Administrators typically manage the server load by limiting the number of simultaneous connections to what the server can handle. When the number of people attempting to connect to the VPN suddenly peaks, for example, during a storm that disrupts transportation, employees may find themselves unable to connect because all VPN ports are busy. That gives administrators motivation to make key applications work without requiring the VPN, for instance, by setting up proxy servers or Internet Message Access Protocol servers to enable employees to access e-mail from home or from the road. Deciding between IPsec and SSL/TLS for a given scenario can be complicated. One consideration is that SSL/TLS can work through a NAT-based firewall; IPsec cannot, but both protocols work through firewalls that do not translate addresses. IPsec encrypts all IP traffic that flows between two computers. SSL/TLS is specific to an application. SSL/TLS uses expensive asymmetric encryption functions to establish a connection, and more efficient symmetric encryption functions to secure a running session. In a real-world remote application, administrators may decide to mix and match protocols for the optimum balance of performance and security. For example, clients might connect to a Web-based front end through a firewall using a browser secured by SSL/TLS; the Web server might connect to an application server using IPsec; and the application server might connect to a database server across another firewall using SSL. The scalability of VPNs can sometimes be improved by the use of dedicated server hardware. To cover that, however, we’d have to wade through the competing claims of VPN vendors: perhaps a subject for another day. VPN resources The Virtual Private Network Consortium maintains a list of its members, a table of IPsec VPN features supported by each vendor, and a table of SSL VPN features supported by each vendor. VPNC also supplies SimpleCA, a free, open-source certificate authority package for VPN administrators.
