« February 2005 | Main | April 2005 »
March 30, 2005
Europeans worry about online banking security
By John BlauPhishing, keystroke logging and other types of scams are increasingly worrying users of online banking services in Europe while scaring others away, according to a report issued Tuesday from Forrester Research Inc. To retain online customers and win new ones, banks will need to change many consumers' belief that online banking isn't safe. That means, according to Forrester, banks can't rely solely on governments or ISPs (Internet service providers) to make the Internet a safe place to do business but must deploy or strengthen two-factor authentication -- such as PIN (personal identification number) and TAN (transaction authorization number) -- and educate Net users about security precautions, such as firewalls.
European consumers are losing trust in the Internet as a channel for doing business as computer attacks on them and the companies they do business with mount, according to Forrester.
Just 30 percent of the 22,907 Europeans polled by Forrester said they are confident of the security of personal financial information, such as credit and debit card numbers, when used to make transactions online. Two-fifths of the interviewed Net users who don't use online banking said they have no plans to do so in the future because of security concerns.
Equally troubling, security fears don't just keep some consumers from signing up for online banking services, they cause some existing online banking users to stop. In the U.K., for instance, 1 million Net users tried online banking and gave it up by 2002, according to Forrester. Nearly 30 percent cited security worries. Similarly, in the U.S., around 3 million Net users have stopped using online banking services, with a third of them also citing security concerns, the market researcher said.
Many European consumers, according to Forrester, think online banking is less safe than paying by card in a restaurant.
However, online banking security fears are noticeably lower in countries, such as Germany, the Netherlands and Sweden, where banks have introduced two-factor authentication policies. In Germany, for instance, most banks require online banking customers to have their own confidential PIN and a list of TANs to make money transactions online. Some, in fact, now require a third identification number.
Banks also need to educate their online banking customers about security precautions, Forrester recommended in the report. Many customers, it said, have only a vague understanding of the complex range of security risks they face, such as phishing and keystroke logging. Banks need their customers to help fight these attacks because they are more difficult to spot and defend against than direct attacks on the banks' own systems.
Posted by Chad Dickerson at 03:40 PM
March 24, 2005
File swappers use iPods, IM to trade tunes
By Paul RobertsRecording industry lawsuits against file swappers and P-to-P (peer-to-peer) software companies may be forcing Internet users onto informal networks to exchange songs and videos, according to a new study by the Pew Internet & American Life Project. A Pew survey of 1,421 U.S. adult Internet users found that informal file-sharing networks are used by 19 percent of music and video downloaders, with MP3e-mail and IM (instant message) products popular mediums for transferring files between friends and family. The results of the survey suggest that legal action by the Recording Industry Association of America (RIAA) and others is shifting file swapping to other online avenues, even as file-sharing activity recovers from recent declines, Pew said.
Around 27 percent of Internet users surveyed by Pew said they downloaded either music or video files over the Internet, and 48 percent of all those who downloaded said they use sources other than P-to-P networks or premium online services, such as Apple Computer Inc.'s iTunes, to get music or video files. Pew estimates that about 18 million Americans are swapping files using nontraditional means based on the survey results.
Approximately 19 percent of the adult Internet users in the survey admitted to downloading files using an MP3 player, such as an Apple iPod. That translates into about 7 million adults, and is surprising, because products like the iPod are not designed to support file sharing between devices, said Mary Madden, a research specialist at Pew who wrote the report.
Exchanging music and video files over e-mail or IM networks was even more common. Twenty-eight percent of downloaders, or an estimated 10 million adult Internet users in the U.S., said they got files that way. Other alternative sources included music and movie Websites, blogs and online review sites.
The informal file-sharing on networks that also serve other purposes is harder to monitor and show that Internet users are just finding workarounds and alternative ways to trade files, Madden said.
"With the everyday use of e-mail and IM, it's interesting to see that around one in four downloaders get their files that way," she said.
File sharing through those means doesn't approach the scale of swapping on P-to-P networks, but does show that those who want to share songs or get a file are persistent, she said.
"People aren't sending entire albums, but if they hear a song and want to share it with a friend, they might be more comfortable sending it over IM (than using P-to-P software)," she said.
However, movie and music industry lawsuits and legal online music services may be dampening illegal P-to-P file trading. Almost twice as many survey respondents, 43 percent, said they use paid online music services compared with just 24 percent in a similar survey in 2004. The survey found that file downloaders are actually more likely to say they use paid services than P-to-P, Madden said.
About 30 percent of respondents who said they were former file swappers admitted giving file sharing up because of fears about getting in trouble or RIAA lawsuits. But those who took the survey were divided on the legal questions that surround file swapping on the Internet, she said.
Forty-nine percent of survey respondents said firms that own and operate file-sharing networks should be held responsible for the pirated music and movie files traded on the networks. However, a majority was divided about whether individual file traders or a combination of companies and individuals should be held responsible. Eighteen percent of those surveyed said they didn't know who should take the blame for pirated music and video content.
Illegal Internet file swapping has received much attention in recent years, following entertainment industry lawsuits that shuttered the original Napster music swapping service and hobbled its descendents, such as Kazaa and Grokster.
The U.S. Supreme Court will hear arguments next week in MGM vs. Grokster. The case has pit technology trade groups and consumer advocates against the entertainment industry, with technology companies arguing that P-to-P software, like many other technologies, has legal applications that should be allowed.
The Pew survey suggests that technology besides P-to-P software could eventually become embroiled in the file-sharing controversy, Madden said.
"What this study shows is that people download music and video files from a wide array of sources. One thing that technology companies fear is that their products will get caught in the crossfire if the court rules in favor of the entertainment industry," she said.
Posted by Chad Dickerson at 02:03 AM
March 21, 2005
Symantec: spam, phishing grow, botnets shrink in '04
By Paul RobertsA new report released by security company Symantec Corp. found that incidents of online identity theft scams, also known as 'phishing attacks,' skyrocketed in the second half of 2004, as did spam and new software vulnerabilities. But other Internet blights, such as zombie networks of compromised computers, or 'bots,' actually declined. The number of phishing e-mail messages intercepted by Symantec grew 300 percent since June 2004, while spam e-mail traffic intercepted by Symantec increased by 77 percent and reports of serious software vulnerabilities grew by 13 percent, according to the Symantec Internet Security Threat Report. Online fraud may be driving many of the trends, as attackers turn to strategies that are useful for identity theft and other online scams, said Alfred Huger, senior director of engineering at Symantec Security Response.
The Symantec Internet Security Threat Report is a semi-annual report that brings together data from Symantec's global DeepSight network, customer networks and networks of decoy servers and e-mail accounts that the company maintains.
Symantec anti-fraud filters blocked 33 million phishing e-mail messages each week by the end of the year, compared with just 9 million a week in mid July. The problem is not likely to abate, as online criminals get more sophisticated about spoofing legitimate e-mail traffic, the report said.
Phishing scams use spam to direct Internet users to Web sites that are controlled by thieves, but designed to look like legitimate e-commerce sites. Users are asked to provide sensitive information such as a password, bank account information or a credit card number, often under the guise of updating an account.
The growth is part of a larger trend in fraud-related e-mail, said Huger. "We're seeing a financial motive behind the creation of malware," he said.
In all, Symantec noted a 64 percent increase in all types of malicious software, including viruses and Trojan horse programs in the period covered by the report, a number that excludes both spyware and adware, Huger said.
One exception to that trend was PCs belonging to zombie "bot" networks. After surging in the first half of the year, the number of computers in bot networks (or botnets) decreased, from more than 30,000 bot systems scanning the Internet each day in July to fewer than 5,000 a day by the end of the year, Symantec said.
Symantec did not cite a reason for the reduction, but said that action to shut down bot activity by large, international Internet service providers and the release of Microsoft Corp.'s Windows XP Service Pack 2 update could account for the decline. However, other explanations are possible, including a shift away from huge and persistent botnets, towards smaller networks that stay online for shorter periods, Symantec said.
Behind the scenes, there is still plenty of interest in bot software. The number of new variants for bot software increased dramatically in the period covered by the study. For example, Symantec collected 4,288 unique variants of Spybot, a family of bot software, in the second half of the year -- around 23 new variants of the software every day, Huger said.
"That's the biggest leap we've ever seen, and it tells us that people are iterating the code to make it more successful, and also that there are more people in the game of writing (bot) variants," he said.
Bots and bot networks that are used in attacks for financial gain will continue to be a problem in the next six months, Symantec said. The company also predicted that worms and viruses that target vulnerabilities on software clients will become a bigger problem, and that attacks on mobile device platforms and the heretofore ignored Apple Computer Inc.'s Mac operating system.
A growing number of software vulnerabilities are also fueling the rise in malicious code, Huger said.
Symantec documented more than 1,403 new vulnerabilities between July 1, 2004 and Dec. 31, 2004, an average of 54 vulnerabilities per week, compared with 48 per week in the first half of the year, Symantec said.
That growth is significant for companies that are already trying to compensate for a large number of vulnerabilities each day, Huger said.
Web applications were a rich new source of security holes, Symantec said. In the second half of 2004, 48 percent of all the vulnerabilities reported were found in Web applications, he said.
To address the growth in reported vulnerabilities, companies that develop software have to do a better job educating developers to write more secure code, Huger said.
Companies and individuals also need to follow "best practices," such as cutting of unneeded services, staying on top of software patches and enforcing password use, Symantec said.
Posted by Chad Dickerson at 03:37 PM
March 17, 2005
Gamers are gluttons for music
By Paul RobertsCare for an MP3 with that frag? Companies that want to boost sales of music and portable music players should consider marketing to a growing, but untapped audience -- hard-core gamers -- according to the results of a survey by IDC and IGN Entertainment Inc. Gamers are spending hours each week playing computer games, but are also big consumers of music and audio devices, the survey of over 6,000 gamers found. However, rather than trying to pry gamers away from the warm glow of their LCD (liquid crystal display) screens to go see a show, the music industry should look for ways to integrate music with video games, such as tying audio devices and services into games or marketing online music and gaming services together, according to an IDC report.
The Web-based surveys were conducted in the August 2004 through gaming Web sites like GameSpy.com, TeamXbox.com and other game community sites and online forums. IDC and IGN asked gamers about their gaming and music listening habits.
The bulk of respondents reported spending between four and 20 hours a week playing video games. The biggest group, almost 20 percent, said they spent between six and 10 hours a week gaming.
Despite spending an inordinate amount of time playing video games, serious gamers said they were not immune to the sound of the lyre. Almost 35 percent of those responding to the survey reported owning between 100 and 299 music CDs. Sixteen percent said they owned 300 to 499 CDs, according to the published report, IDC said.
That's encouraging news for music publishers, who have been fighting flat sales of CDs and music singles in recent years. But the folks managing heart throb Justin Timberlake should think twice before streaming his latest single to the World of Warcraft set: 93 percent of those who took the survey were male, cementing the reputation of the "serious gamer demographic" as an all-boys club, IDC said.
Gamers are a tech-savvy bunch and ready adopters of digital music and digital music players, the survey found. Eighty-three percent said that they had music stored on PCs in their household, with 23 percent saying they had 1,000 or more songs stored on their PCs. However, few of those responding, just over 16 percent, said they used a paid online music service such as Apple Computer Inc.'s iTunes Music Service, suggesting that ripping CDs and downloading music from free online services is a common way for gamers to obtain digital versions of music.
Companies, such as Apple, that are looking to expand their market should consider partnering with gaming companies. Online music services could also be linked to subscription-based online gaming services like Xbox Live, or massively multiplayer online role playing games (MMORPGs) like EverQuest, whose users are already accustomed to using and paying for online services, IDC concluded.
For companies like Nokia Corp. that are chasing the "killer app" that combines portable gaming and music, the path is less clear. The gamers surveyed had only lukewarm interest in playing games on MP3 music players. To be successful in the market for combined gaming-music players, companies should position their devices to be clearly one thing or the other -- for example, an iTunes with limited gaming functionality as a distant second feature, IDC recommended.
IDC's report, "3Q04 Gamer Survey: Digital Audio Technologies and the Gamer," is the latest in a series of studies focused on the gaming industry. A summary of the report is available online. (See: http://www.idc.com/getdoc.jsp?containerId=32997.)
Posted by Chad Dickerson at 06:34 PM
March 08, 2005
Sweden leads EU in offering online public services
By Simon TaylorSweden has the best record in offering online public services among the 25 members of the European Union, according to a survey published by the European Commission on Tuesday. The survey, carried out by IT consultancy Capgemini SA in October 2004 into the availability of services online, found that Sweden was the most advanced country, scoring an 89 percent rating for sophistication of available services. Austria was a close second with an 87 percent rating, followed by the U.K. and Ireland, both with 84 percent.
The rating measures to what extent it is possible to use a public service online, with 100 percent meaning that an entire transaction such as registering for VAT (value add tax) can be done electronically.
Although the 10 mainly central and east European countries that joined the EU in May 2004 scored a lower rating on average than the 15 "old" EU countries (65 percent compared to 72 percent), Estonia was in the top 10 best performers, scoring 73 percent and beating countries like France, the Netherlands and Germany.
The study was carried out as part of the EU's eGovernment program, which aims to ensure that public services are as widely available online as possible. It looked at 14,000 Web sites in the 25 European member states plus Norway, Iceland and Switzerland.
Furthermore, the study looked at 20 services for individual citizens and businesses, including paying income taxes, looking for jobs, registering for social security benefits, registering cars, and applying for building permission. For companies, the services include dealing with corporate tax and VAT, registering new companies, making customs declarations and applying for environmental permits.
The study's sophistication index makes an assessment of the level of interactivity of a particular services. Ratings were awarded depending on the level of interactivity with a score of 100 percent where services can be fully carried out online and 25 percent to 50 percent where information is simply available online. On this basis, the average performance across the EU was 65 percent with a rating of 72 percent in the old 15 members.
Posted by Chad Dickerson at 04:25 PM
March 03, 2005
Mobile phones sales jump in '04; Nokia regains footing
By Scarlet PruittWorldwide mobile phone sales jumped 30 percent in 2004, boosted by replacement buys and strong growth in emerging markets, Gartner Inc. said this week. Sales surpassed 674 million units last year compared to around 520 million in 2003, the researcher said. A solid fourth quarter helped boost last year's performance beyond Gartner's previous forecasts. Sales in the final quarter reached 195 million units, a 24 percent increase from 157 million units in the same period a year earlier.
"Growth came from everywhere and was much faster than we predicted at the beginning of the year," said Gartner analyst Carolina Milanesi.
The momentum should continue through 2005, leading to sales of more than 730 million units this year, Gartner predicted.
Nokia Corp. had a difficult start to the year but recovered somewhat during the second half. The Finnish mobile phone giant took 30.7 percent of the market in 2004, down from 34.8 percent in 2003. Fierce competition from Motorola Inc. and Samsung Electronics Co. Ltd. took the ring out of its bell, pulling its sales down in the first half, Gartner said. But its broadening portfolio of products and still popular low-end phones helped it regain footing for 2005, the researcher said.
Nokia ended up in better shape than it was at the start of the year, helped by price cuts in the second quarter and new product releases, Milanesi said. However, the company isn't out of the woods yet, and 2005 could be even tougher as Nokia goes up against new, stylish models from competitors, including phones that play music, the analyst said.
Meanwhile, Motorola regained its second-place position from Samsung in 2004, grabbing 15.4 percent of the market, thanks to a revitalized brand and competitive pricing in emerging markets, Gartner said. Motorola not only attracted attention with its super-thin RAZR V3 phone, it also spiced up its image by announcing a new music-focused and clamshell phones, Milanesi said.
Samsung took 12.6 percent of the market, compared to 10.5 percent in 2003, as it siphoned off some sales from Siemens AG. Siemens landed 7.2 percent of the market, down from 8.4 percent a year earlier, Gartner said.
Samsung's efforts to raise brand awareness in China and concentrate on multi-megapixel camera phones paid off, although going forward the company will have to broaden its portfolio into the low end to compete against Nokia and Motorola, the analyst group said.
LG Electronics Inc. ended the year with 6.3 percent of the market, compared to 5.0 percent last year, while Sony Ericsson Mobile Communications AB notched its share up to 6.2 percent from 5.1 percent a year earlier.
Sales grew in mature markets like North America, Hong Kong, Singapore and Australia thanks to mobile phone replacements. Western Europeans were lured by fourth-quarter holiday sales and snazzy new camera phones with color screens, and camera phones were also snapped up in China.
Latin America continued to grow its base of new subscribers, particularly in Brazil, Gartner said.
While some emerging markets, like Russia, will see a comparative slowdown in 2005, that may change if mobile operators edge prices down, Milanesi said. A sub-US$40 phone could be key in netting further sales in those regions, she said.
Phone vendors will continue to ring in strong sales in 2005, Gartner predicted, but to match the benefits from last year's replacement buys they will have to compete for new customers in emerging markets. In Western Europe, upgrades to 3G (third-generation) phones may also aid growth, according to Milanesi.
If the phone makers play their cards right, offering a sub-$40 phone for emerging markets and hot 3G offerings in more mature regions, sales in 2005 could even top 770 million units, Milanesi predicted.
Posted by Chad Dickerson at 03:38 PM