Cisco Systems, the dominant networking equipment provider, in recent years has made a major push into security, buying security companies and adding a variety of features into its switches and routers. So it was a bit embarrassing last week when the company had to reset all of the passwords to its Web site because of a vulnerability in the search tool at www.cisco.com.
Registered users who tried to log on were greeted with a page that began "Cisco has determined that Cisco.com password protection has been compromised." The warning instructed users to E-mail Cisco for a new password. One Cisco customer says he phoned technical support and was told that the system had suffered a "security breach" and that Cisco was working on the problem.
A Cisco spokesman wouldn't confirm that a breach took place, saying, "A potential vulnerability was reported by a third party that could expose passwords for registered users. We researched and fixed the problem and, as a precautionary measure, reset all passwords. We don't believe any passwords were compromised." Cisco denied that the password problem could be traced to a product vulnerability.
It's the second black eye for Cisco in as many weeks. The week before, a former researcher with Internet Security Systems, speaking at the Black Hat conference, revealed new exploit techniques on existing vulnerabilities within Cisco's routers and switches. Cisco sought, and was given, an injunction to muzzle the researcher and took a public-relations beating at the hands of security researchers and analysts.
-- Gregg Keizer, TechWeb
FCC OKs Sprint-Nextel Merger
The Federal Communications Commission gave its blessing last week to Sprint Corp.'s acquisition of Nextel Communications Inc., cementing Sprint's position as the nation's third-largest cellular-service provider. The move transfers Nextel's wireless licenses to Sprint, including slots in the 800- and 900-MHz bands, the 1.9-GHz band, and the 2.1- and 2.5-GHz bands. Nextel is the nation's fifth-largest wireless carrier and best known for its push-to-talk wireless technology.
Microsoft Goes Shopping
Microsoft went to Wal-Mart and bought a chief operating officer last week. Kevin Turner, a 40-year-old Wal-Mart Stores Inc. executive who started there as an hourly employee, was named Microsoft's new chief operating officer. Turner, who was a Wal-Mart executive VP and president and CEO of the retailer's Sam's Club division, will start at Microsoft on Sept. 8 and oversee Microsoft's worldwide sales, marketing, and service staffs, as well as its distribution and IT operations. Turner started at Wal-Mart in 1986 and rose through the company's ranks. He became Wal-Mart's CIO in 2000.
-- Aaron Ricadela
Time Warner, AOL Opt To Settle
Time Warner's merger with America Online has long been described as the prime example of the mistakes of the dot-com era, and both companies and their shareholders still are paying the price. Time Warner last week set aside $3 billion to settle fraud claims by shareholders who lost money after the 2001 merger. And Advertising.com, a unit of AOL, agreed to settle charges that it offered people free security software without telling them it also included adware that allowed pop-up ads.
In a separate move, Advertising.com's settlement with the Federal Trade Commission requires it to "clearly and prominently" disclose that consumers who install the program SpyBlast will receive pop-up ads based on their Internet browsing habits. The settlement also requires Advertising.com to comply with standard record-keeping provisions to allow the FTC to monitor compliance with the order.
-- Paul Travis
Yahoo Branches Out
Internet portal Yahoo Inc. last week unleashed a host of services and tools that are designed to make its music, publishing, and shopping services more useful to customers and business partners. The company released APIs for its shopping database, offered self-service tools to make it easier to publish text-based ads, and started testing a new search engine to help users find songs.
The APIs are designed to help developers who want to search the portal's shopping database and display prices and other information for products on their Web sites. The APIs also can be used for merchant and price comparisons. The technology includes sample code and documentation, and it covers millions of products and thousands of merchants in Yahoo's shopping database. The APIs present results in XML and provide access through HTTP.
The company also began testing a service to let small and medium-sized Web sites publish text-based ads and share in the revenue from Yahoo advertisers. The service, which is available during the testing phase by invitation only, is meant to broaden the reach Yahoo can provide advertisers. It also lets publishers feed content to people with personal Yahoo home pages. The content distribution is handled through RSS, or Really Simple Syndication, a format for distributing news and other content updates. For offering an RSS feed, Yahoo provides the code in the form of an "Add to My Yahoo" button that publishers can post on their Web sites. Yahoo also is offering small and medium-sized Web sites the option of adding Yahoo search.
Yahoo began testing a new search-engine capability that can look through millions of songs that are available from Internet music services such as iTunes, Napster, and Rhapsody. The free service can look through more than 50 million audio files, including newscasts, speeches, and interviews posted online, as well as the Internet's deepening pool of podcasts, recordings made to be played on a computer or digital MP3 players. Other Internet search engines can find audio files, but Yahoo believes its is the most comprehensive because it can legally index songs that most of the Internet's top music services offer.
-- Antone Gonsalves, TechWeb
Linux Code Has Fewer Defects
The open-source crowd will be pleased to know that an analysis of the latest Linux kernel found that, despite growing in size, it contains fewer critical defects than the previous version. Source-code analysis firm Coverity Inc. found six potentially critical defects in the core file systems and networking code of Linux kernel 2.6.9 when it did an analysis six months ago. A follow-up analysis of the latest kernel of the open-source operating system, 2.6.12, has shown that all critical defects have been fixed. About 6 million lines of software were analyzed. Seth Hallem, chief executive of Coverity, said in a statement that although Linux kernel contributors introduced new defects, they were primarily in noncritical device drivers.
-- TechWeb News
Apple's Multibutton Mouse
The company that introduced the computer mouse two decades ago finally discovered that one button may not be enough. Apple Computer last week began shipping its first multibutton mouse, nearly 21 years after debuting the one-button mouse that made the Mac famous. Dubbed Mighty Mouse, the input device offers users four programmable buttons and something Apple calls a Scroll Ball, essentially a scrolling wheel that lets users browse through long Web pages or large photos vertically, horizontally, or diagonally.
Programmable mice and scrolling wheels that move in more than one direction aren't new; they've been around the Windows world for years. Although the new mouse boasts four programmable buttons, it looks like a unibutton device. Four touch-sensitive areas under the shell respond to pressure to act as the "buttons." Some of the areas can be programmed to give users one-click access to Mac OS X 10.4.2 features such as Spotlight or Dashboard. The USB mouse is available for $49 and works with Mac and Windows systems.
-- TechWeb News
Top Photo by Stone