Amid a boom in social-network-friendly handsets, Motorola prepares a new entry, but its Android may not debut until 2009's second quarter

Photo: Getty Images; Illustration: Angelos Dosoulas

As the wireless world awaits the Oct. 22 debut of the first phone based on the Google-backed Android software, engineers at Motorola (MOT) are hard at work on their own Android handset. Motorola's version will boast an iPhone-like touch screen, a slide-out qwerty keyboard, and a host of social-network-friendly features, BusinessWeek.com has learned.

Motorola has been showing spec sheets and images of the phone to carriers around the world in the past two months and is likely to introduce the handset in the U.S. sometime in the second quarter of 2009, according to people familiar with Motorola's plans. Building a phone based on the highly anticipated Android operating system is part of Motorola's effort to revive a loss-making handset division that has forfeited market share amid a drought of bestselling phones. Motorola stock, which on Oct. 17 rose a penny to 5.62, is hovering near a 16-year low.

The phone will appear among a new class of social smartphones designed to make it easy for users to connect quickly and easily to mobile social networks such as Facebook and News Corp.'s (NWS) MySpace (BusinessWeek, 10/10/08). Such phones let users message in-network friends directly from phone contact lists, for example. A Facebook representative declined to comment on the company's work with Motorola. MySpace.com didn't respond to a request for comment.

Motorola declined to elaborate on its plans, but said in a statement: "We're excited about the innovation possibilities on Android and look forward to delivering great products in partnership with Google (GOOG)" and the community of developers known as the Open Handset Alliance that are working on the Android operating system.

Mobile Networking Wave

In the next year, social networking phones are expected to be a hit with the 16- to 34-year-old crowd, analysts say. According to consultancy Informa (INF), the number of mobile social-networking users will rise from 2.3% of global cell-phone users at the end of 2007 to as many as 23% of all mobile users by the end of 2012.

The Android handset will feature a touch screen about the size of those on Apple's (AAPL) iPhone, people familiar with the phone say. While it takes some of the design cues from Krave ZN4, the first touch-screen phone from Motorola launched with Verizon Wireless on Oct. 14, it's not certain whether the Android phone screen will feature Krave's distinctive and interactive clear flip screen.

Like the world's first Android phone, from HTC, Motorola's Android-based device will offer a slide-out Qwerty keyboard. People who've seen the pictures and spec sheets for the device say it looks like a higher-end version of the HTC phone, called the T-Mobile G1. But it's expected to sell for less, at prices similar to the Krave, which is available for $150 with a two-year contract. After carrier subsidies, the G1 will retail for $180 with a two-year contract.

Slow Off the Mark

Motorola's new phone likely won't be ready to launch in the U.S.  

T-Mobile has said the buyers of the new G1 Android phone will be able to unlock it 90 days after purchase so it can be used on other networks. But U.S. buyers who think this will let them escape T-Mo’s shaky 3G service are going to be disappointed.

The reason for this is that U.S. carriers in general, and T-Mobile in particular, are in their own world when it comes to 3G technology. To understand what this means, you’ll have to put up with a lot of detail about who does what at which frequencies.

In countries where GSM technology is the standard, that is to say nearly everywhere except the U.S., Canada, Japan, and Korea, things are simple. Voice and low-speed data services are at 900 and 1800 MHz and 3G runs at 2100.

In countries where GSM technology is the standard, that is to say nearly everywhere except the U.S., Canada, Japan, and Korea, things are simple. Voice and low-speed data services are at 900 and 1800 MHz and 3G runs at 2100.

In the U.S., T-Mobile and AT&T both use GSM technologies, but there are fundamental incompatibilities in their 3G services. AT&T runs its 2G and 3G services at 850 and 1900 MHz. T-Mobile's 3G service uses 2100 MHz to transmit and 1700 MHz to receive.

The G1 can handle 2G service at 850, 900, 1800, and 1900 MHz, which pretty well covers the world's markets. But 3G comes only at 1700 and 2100 MHz. That takes care of T-Mobile in the U.S. and everyone else in the rest of the world. But it leaves out AT&T's 3G service.

So the bottom line in that you may be able to get your G1 unlocked, but using it for high-speed data in the U.S. on anything but T-Mobile is a non-starter.

Investors were undeniably nervous heading into Nokia's third-quarter earnings release on Oct. 16. Against a global backdrop of volatile trading in stock markets, shares in the Finnish mobile-phone giant had lost nearly a third of their value in the past two months—outpacing a 24% decline for the S&P Europe 350 index over the same period.

Some of the blame fell on a Sept. 5 warning from Nokia (NOK) that it expected to lose market share and report lower profits (BusinessWeek.com, 9/5/08) for the quarter. But investors also worried that the ongoing global economic turmoil could pull the rug out from under Nokia's sales—a concern now facing the broader consumer electronics industry as it heads into the crucial holiday season (BusinessWeek.com, 10/16/08).

Yet when the third-quarter results finally were revealed, showing a 5% year-over-year decline in revenues and 30% drop in net income, investors were sufficiently gratified to drive up Nokia's New York-traded shares by nearly 10%. That such soft numbers provoked a relief rally indicates how pessimistic shareholders were. "The fact that guidance remained by and large unchanged gave some comfort to the market," says Richard Windsor, a London-based technology analyst with brokerage Nomura Securities.

Consumers Are Still Buying Handsets

It's not merely a matter of seeing the glass as half-full. Though revenues, at €12.24 billion ($16.48 billion) came in 3.9% shy of market expectations, earnings per share were spot on the mark, gross profit margins for handsets grew slightly, and operating margin was better than in the previous quarter. In other words, Nokia wasn't even close to a meltdown: In a tough market environment, the company managed to keep profitability on track despite a decline in volume.

More important, Nokia reassured the market that there's no wholesale collapse taking place in handset demand. Its own unit shipments in the quarter grew by 5%, even as revenues slipped, and executives repeated their prediction that the mobile-phone market as a whole will grow 10.5% this year, to 1.26 billion units. That implies 14% unit growth in the fourth quarter compared to the third—somewhat lower than historical norms, but still a huge vote of confidence in consumer spending at a time when many indicators are pointing downward. Nokia promises to maintain or grow its estimated 38% third-quarter market share in the last three months of the year.

To be sure, there are trouble spots. Sales in Europe—traditionally Nokia's stronghold, although China is now its largest single market—fell by a worrisome 5.5% vs. last year's third quarter. (Sales in the U.S. were even worse, down 16.7%, but that was due primarily to the company's exit from CDMA phones; units were flat vs. the second quarter.) "The financial crisis has affected U.S. and European markets," said Nokia Chief Executive Olli-Pekka Kallasvuo in an interview.

Cheaper Models Are Selling Better

At the same time, Kallasvuo noted, "many economies are still experiencing rapid GDP growth, even as we speak." The proof is in the numbers: Year-over-year unit sales growth in Latin America was 14.6%, while the Asia-Pacific region, excluding Greater China, grew 13.9% and the Middle East and Africa climbed 11.4%. These aren't piddling markets, either: The three regions together accounted for 56% of Nokia's total volume.

Wikipedia defines DST as follows:
Daylight saving time (DST), also known as summer time in British English, is the convention of advancing clocks so that evenings have more daylight and mornings have less. Typically clocks are adjusted forward one hour in late winter or early spring and are adjusted backward in autumn. Details vary by location and change occasionally; see When it starts and stops below.

Do I need to apply the DST patch on my server?

DST patch is only required in few countries such as North America countries (e.g. United States. DST is not required in India and Asia (China, Hong Kong, Macau, Taiwan) at all (however once we had DST). Please see this wikipedia article. It display usage and a short history of daylight saving time by location in alphabetic order.

(See DST heat map)

Do I need to apply the DST patch on AIX/UNIX/Linux/HP-UX/Solaris/Windows servers running in IST (Indian) timezone?

I’ve received at least 8-10 email regarding IST timetonze. Short answer is no (see heat map).

Task: Verify if you need DST update i.e. display timezone data

Use the zdump utility to display timezone data.
# zdump -v Australia/Queensland
# zdump -v /etc/localtime | grep 2007

If you see date “Sun Mar 11” your system is already patched and no need to read further.

Many of our servers located in north America and all of these server powered by RedHat enterprise Linux or Debian Linux or MS-Windows server 2003.

If you are running RHEL 4.0...

Update tzdata package:
# up2date -u tzdata
# system-config-date
OR
# cp /usr/share/zoneinfo/ America/NewYork /etc/localtime
# zdump -v /etc/localtime |grep 2008

If you are running Debian/Ubuntu Linux...

Use apt-get to update tzdata package:
$ sudo apt-get install tzdata
OR
# apt-get install tzdata

Run tzconfig to update your configuration:
# tzconfig
# zdump -v /etc/localtime |grep 2008


Microsoft Window Server / XP DST

Please see - how to configure daylight saving time for the United States in 2007

Sun Java and DST

A few servers running Sun Java requires update as well.

Manually update DST under Linux

You can manually update your configuration by following these inductions as well.

Check DST using a Webbrowser

You can also check your Linux or Windows workstation by visiting the University of Minnesota's DST time check site (browser with javascript support required).

(CNET) -- Purists might not like it, but mobile phones and MP3 players are converging at a record pace.

Even reputable professional audio companies are starting to take notice, as evidenced by Shure's latest personal earphone offering, the SE102 MPA.

The $99 sound isolating set comes bundled with an extension cable with an inline mic and call button, so it's designed to play nice with your iPhone or other music phone.

The SE102s aren't the best Shure earbuds we've laid ears on -- the type and number of ear fittings is limited and audio is a bit brittle at times -- but they're still a big improvement over the sets that come with most music mobiles.

The Shure SE102 MPA earphones are fairly standard in design. Each black earpiece is bulbous and conical with an angled arm that fits into the ear.

Shure includes four sets of silicone ear tips -- one small, two medium, and one large -- but no flanged or foam set, which prevented us from getting a completely secure fit. We really had to shove them in our ear to hear any bass and as the ear pieces are fairly large, this did not make for a particularly comfortable experience.

Also, the apertures of the arms are a bit larger than other SE models, so you can't use any of the tips designed for other Shure sets. Still, those with average-to-large ears shouldn't have too much trouble. When you're not wearing the earphones, you can store them in the soft travel pouch included in the box.

The SE102's cord style is typical of the SE line. The initial 18-inch Y-cable terminates in a 3.5mm gold-plated straight plug with the dual-band design accepted by the majority of MP3 players. (Each band outputs a channel--left or right--combined for stereo audio.)

Shure then includes a 3-foot extender cable--a necessity for any listening scenario where you're not wearing your device around your neck or carrying it in a shirt pocket. As the SE102 MPA's name suggest, the extender is a music phone adapter with an inline mic and call answer/end button.

The MPA terminates in another gold-plated straight plug, this one with a triple band design--the extra one is for the input from the mic. (Note that triple-banded plugs won't work properly with many standard MP3 players.)

Calls taken through the Shure SE102 sound quite good on both ends, as well they should given the wired design. Music audio quality is also good, for the most part.

The SE102s provide a nice thump on the low-end, but only if you can get a really good seal with the ear. In fact, we noticed some distortion on one bass-heavy track, so they may be a bit too heavy at times. Also, some fast electronic and alternative can have a tendency to come across slightly brittle and harsh, but some may find the extra crispness at the high-end appealing.

High tech, an industry that once seemed shielded from the U.S. financial crisis, has grown increasingly vulnerable. Evidence will begin arriving of just how much impact the meltdown has had on some of the nation's biggest tech companies when they release results for the third quarter and issue outlooks for the make-or-break yearend period.

The Nasdaq stock market has tumbled, and analysts have slashed growth and share-price forecasts for a range of tech bellwethers, from chipmakers to consumer electronics giants to vendors of telecommunications gear, as customers tighten their belts and slash spending plans. Companies reporting in the coming days and weeks include Intel (INTC), eBay (EBAY), Apple (AAPL), and Google (GOOG).

Falling demand for computers and the chips needed to run them is likely to show up in results released by Intel, the world's largest semiconductor maker, which reports on Oct. 14. Analysts expect Intel to report a 34¢ per-share profit on sales of $10.27 billion, but they'll be on the lookout for any signal that they should reduce fourth-quarter projections for profit of 40¢ per share on sales of $10.87 billion. Intel rival Advanced Micro Devices (AMD) reports on Oct. 16; analysts see it posting third-quarter sales of $1.4 billion and a loss of 40¢ a share. They expect a 25¢-per-share loss on sales of $1.6 billion for the fourth quarter.

A Lower-Cost Apple Laptop?

On Oct. 9 market researcher iSuppli trimmed its forecast for 2008 worldwide semiconductor revenue growth by a half-percentage point, to $280 billion. "We had already begun to see signs of problems among chip companies before the credit crisis hit," says iSuppli analyst Dale Ford. Gartner (IT) said sales of semiconductor capital equipment, the gear chipmakers use in their factories, will decline more than 25% this year and continue to slide in 2009.

The first big computer maker to release figures for the September quarter is Apple (AAPL), which reports on Oct. 21. There's growing concern that Apple may be experiencing a slowdown (BusinessWeek.com, 09/24/08) in Mac sales. "Cracks may be starting to form in its PC business, where the firm has enjoyed growth driven by the iPod and iPhone halo effect, and by broad-based share gains," wrote FBR Research analyst Craig Berger in a research note issued on Oct. 8. Berger estimates that Apple has cut its orders by 17%. The company is expected to report sales of $8.07 billion and per-share profit of $1.11. For the December period, Apple is expected to record $10.83 billion in sales and a $1.70 per-share profit.

Apple is also set to take the wraps off a new line of notebooks on Oct. 14. Piper Jaffray analyst Gene Munster says he expects Apple to reveal, among other things, a notebook that sells for $899 to $999, less than the company's other computers. A lower-priced notebook would help explain a drop in gross margins that the company warned about (BusinessWeek.com 07/22/08) when it last reported earnings in July.

Fine Tuning: Reducing False Positives

You can fine-tune your Snort installation to reduce false positives. The single largest, easiest way to approach that goal is to turn off unneeded rule processing.

alert tcp $EXTERNAL_NET any -> $SMTP_SERVERS 25 (msg:"EXPLOIT x86 windows 
               MailMax overflow"; flow:to_server,established; content:"|eb45 eb20 
               5bfc 33c9 b182 8bf3 802b|"; reference:bugtraq,2312; 
               reference:cve,CVE-1999-0404; classtype:attempted-admin; sid:310;  
               rev:5;)

# cd /usr/local/snort/rules
# grep "CVE-1999-0494" *.rules
pop3.rules:alert tcp $EXTERNAL_NET any -> $HOME_NET 110 (msg:"POP3 USER overflow attempt"; flow:to_server,established; content:"USER"; nocase; content:!"|0a|"; within:50; reference:bugtraq,789; reference:cve,CVE-1999-0494; reference:nessus,10311; classtype:attempted-admin; sid:1866; rev:5;)

Preprocessing Punk Packets

Snort relies on a packet-sniffing subprocess using the pcap library of functions, which it gets from either the Linux libpcap library (see Chapter 4) or the Windows WinPcap driver (see Chapter 5). Snort is a network packet sniffer, so it works by detecting well-defined patterns (signatures) as network traffic flows by. As Figure 9-1 shows, preprocessing is the first stop on the long train ride for a packet through Snort’s systems.

The signature analysis that most people associate with a network IDS comes into play with Snort’s detection systems, which are built by using the rules files explored in Chapter 8. Snort has a robust and flexible system of rules; that flexibility puts a lot of bullets in the belts of security administrators.

This low overhead and plug-in architecture gives Snort such a remarkable efficiency. You can turn on or off different elements as needed for every installation, which is one reason why Snort fits “just right” in most environments. If you don’t need certain functions, turn them off. Preprocessing is one of the shining examples of that philosophy in action.

Figure 9-1: Follow Snort’s nose as data packets travel through its many systems.

Understanding the benefits of preprocessing

Preprocessing performs lots of useful tasks for a well-oiled Snort IDS. It provides a clearer picture of a stream of communications between the computers, instead of just relying on a single packet without any context. When two computers are exchanging information, the “conversation” that they’re engaged in is usually called a session. Sessions have a well-defined beginning and end, as well as rules for who can speak and at what time.

Session analysis reduces both false positives and false negatives and gives the detection engine more visibility of the kind of behavior that is actually occurring. Packet inspection with preprocessing can reveal a lot about what tricks those wily hackers are employing to subvert the integrity of network communications, and possibly evade network security sensors.

 Technical Stuff   Statefulness explained

The most useful preprocessor plug-ins are the ones that involve stream reassembly and stateful inspection. Because the normal method of communication using TCP/IP can be likened to a bucket brigade (little pails of info with “to:” and “from:” addresses being carried back and forth) they’re considered a “conversation” only when viewed all together, in a stream. Stateful inspection allows Snort to understand that this stream of packets is a conversation, rather than just random, individual packets.

Because Snort’s original operation was as a packet scope, inspecting each pail being carried, none of the context the communication was ever imparted on the detection engine. In other words, some of the information was lost. You’ve probably heard of state preservation or stateful inspection more from firewall vendors than from IDS vendors. But the term means the same thing whether you’re talking about firewalls or intrusion detection. You can figure out a lot of problems simply by tracking what kinds of packets are transmitted, what flags are set, and what the different elements of the envelope (the packet header) are.

By using stateful inspection, Snort can determine whether someone is portscanning (a process that usually is part of a hacker’s initial reconnaissance while getting the lay of the land). Also, Snort can detect stealth or malformed packets, which are more likely indications of probes sent out from a would-be attacker. By comparing some of the basic building blocks of a packet across time and across different hosts, the preprocessor plug-in can get a tidy view of what would otherwise be invisible behavior. This powerful benefit is one of the many imparted by using preprocessing to round out your Snort installation.

preprocessor stream4: detect_scans, keepstats machine

preprocessor stream4_reassemble: both ports 21 23 80 110

preprocessor frag2: timeout 60

http://www.somewhere.tld/cgi-bin/form-mail.pl?execstuff
http://0/%63g%69%2d%62in/%66%6fr%6d%2d%6d%61%69l%2e%70l?%65%78%65%63%73%74uf%66

preprocessor http_inspect: global iis_unicode_map unicode.map 1252
preprocessor http_inspect_server: server default profile all ports { 80 }
preprocessor http_inspect_server: server 172.16.1.1 profile all ports { 80 }

preprocessor telnet_decode: 23

preprocessor rpc_decode: 111 32711

preprocessor portscan: 172.16.100.0/24 10 30 /var/log/snort/portscan.log

preprocessor portscan: <network> <# of ports> <time period> <logfile>

preprocessor portscan-ignorehosts: network/netmask

preprocessor portscan-ignorehosts: 192.168.4.0/24 10.10.10.66/32

preprocessor bo