Got an interesting release from Ovum’s Boston office about the energy-saving benefits of using GPON or gigabit passive optical networking to deliver broadband to customers, instead of DSL or Ethernet.

Why should we think about this? Because increased broadband speeds with DSL means more power has to be used. VDSL2 as rolled out by Vodafone and Orcon chews through more than twice as much power as the older ADSL, Ovum reckons. GPON is rather energy-efficient in comparison.

See table below for a comparison of power cost savings and reduced emissions for one million customers, using GPON.

Other interesting factoids in the release:

• In one European country, the incumbent service provider uses more than two terrawatt-hours (that’s 2,000,000 megawatt-hours of energy a year.
• A service provider with six million ADSL customers will use around 9,600kW at a cost of US$8 million a year.
• End of last year, some 250 million DSL customers required telco central offices or exchanges to deliver roughly 400MW of power.
• That figure doesn’t include airconditioning - for every 100W of equipment power usage, telcos have to use 60W on airconditioning, or a 60 per cent power premium.
• The 250 million DSL customers contribute over 771,100 kg of carbon dioxide every year, or the equivalent of buring 340,000,000 litres of petrol.

Comparison of GPON vs. other high-speed access technologies for power and emission

GPON vs. Power savings Power cost savings CO2 savings
ADSL2          ~11MWh               US$1.2M                  ~2.2M kg CO2  or 946,000l of petrol

VDSL2          ~29MWh               US$2.9M                  ~6.2M kg CO2  or 2,650,000l of petrol

E-FTTH        ~27MWh               US$2.7M                  ~5.8M kg CO2  or 2,480,000l of petrol

Source: “GPON: Reversing the Power-Bandwidth Trend,” Dan Parsons, IEEE Globecom 2007, Washington, D.C., November 28, 2007

Please note: I wrote this story last week for Computerworld New Zealand’s print edition and things have changed after publication. The original is on Computerworld’s website.

New Zealand ISPs are hurriedly patching their servers to avoid attacks from phishers and domain spoofers as the global DNS emergency rolls on.

The process has been far from smooth for some, however, as a premature disclosure of the flaw is forcing providers to apply patches with little time for testing.

Vodafone was testing a patch for its DNS servers last week, spokesman Paul Brislen told Computerworld. The patch was expected to be rolled out by Wednesday night, but a test on Thursday morning showed the servers remained unpatched.

Brislen says that Vodafone’s engineers have been aware of the issue for a while, but haven’t seen any attempts to exploit it yet.

As of Thursday, Vodafone’s DNS servers appeared to have poor source-port randomness in Computerworld’s testing. Brislen says, however, that Vodafone’s firewall would protect against the flaw being exploited.

Regional ISP Inspire Net patched its DNS servers as soon as remedies were available, says founder James Watts. There have, however, been issues with the quick-fix patch causing excessive load on Inspire’s DNS servers, Watts adds.

Inspire has had to move up to a beta version of the latest DNS code to deal with the load issue, he says, adding that the provider is currently working on implementing DNSSEC security extensions to mitigate future issues.

Telecom’s head of PR for consumer and business, Nick Brown, says Telecom has been working “swiftly” with its technical partners to protect against the vulnerability.

Brown says Telecom has patched its major DNS system and is doing further testing to ensure it is effective.

While it may appear from the outside that Telecom’s DNS isn’t patched, Brown says that Telecom is confident the measures put in place mean the company is secure from the vulnerability.

Paul Vixie, president of Internet Systems Consortium (isc.org), the non-profit organisation that develops and supports the Berkeley Internet Name Domain, or BIND, the most commonly used name server on the internet, says providers should “hurry up no matter what” and patch.

“We can infect a name server in 11 seconds now, which was never true before,” Vixie says.

Vixie says phishers will no longer have to make their domains appear like, for instance, paypal.com to steal your credit card details.

Instead, he says, the phishers can pollute the recursive name server you’re using with bad data for the actual paypal.com domain and just wait for you to go there in the normal course of your daily business.

By proxying all your input and the output from paypal.com, transactions will succeed and you’re none the wiser.

Vixie agrees that one major concern with the early disclosure of the flaw is that it puts millions of internet-connected devices such as home DSL routers and mobile phones at risk. Many of these run a DNS resolver and cache that could be poisoned by hi-jackers. Patching these devices is a long and arduous task.

David Ulevitch, founder of domain name service provider OpenDNS doesn’t mince his words when talking about the flaw: “It’s the most serious flaw to hit the internet,” he says.

There hasn’t been anything similar to the current flaw for the DNS in the last ten years, he says.

Lambasting the early disclosure as “irresponsible” and “everything that’s wrong with this industry”, Ulevitch says there are remedies available and that providers should patch now. He was, however, not aware of the flaw being exploited last week.

There are several tests for the vulnerability available on internet sites such as Dan Kaminsky’s doxpara.com and the DNS Operations, Analysis and Research Centre (dns-oarc.net).
Snapshot: Is your ISP patched? (Note: these tests were conducted on Wednesday and Thursday, some of the ISPs are reporting they are now patched.)

ISP	Vulnerable
Vodafone/Ihug	Yes
Vodafone 3G	Yes
Xtra	Yes
Telecom T3G	No
Inspire	No
Orcon	No
ICONZ	Yes
WorldXChange	No
Compass	No
Maxnet	Partially
(Note: some providers do not offer recursion on their DNS servers, which means Computerworld’s tests do not work.)

Update: UK website VNU reports first attack here.

Unfortunately, the snazzy Premium New Theme that looks great, and has masses of features suffers from a fatal bug: it’ll sort posts with the oldest one on top. That doesn’t work, so back to the standard WP theme until a fix has been found.

Update: James @Inspire worked out which file to hack, and there we have it… A New Blogpost Order. Excellent.

In the US at least. There have been a few bank failures in recent years, something I thought just didn’t happen anymore. However, this Business Week story is talking about 90 US banks about to keel over - admittedly, a small amount of the total number of banks - and how much you can expect the FDIC to cover if it happens. (Shame Business Week doesn’t have embedded videos, actually.)

New Zealand doesn’t have an FDIC like the US or elsewhere in the OECD, so if a bank carks it, or there’s a run on one, your money is probably lost.

Umm, should we start to worry? Just a little?

Bluetoothsome for your brain

What’s wrong with the picture on this NZ Herald story, originally from AP?

The story is about cellphones causing cancer - or “frying your brain” as the Herald subs have it. To avoid it, the person interviewed in the story says to use a hands-free kit, which the person in the picture does. It’s a Bluetooth headset, a wireless one that operates in the 2.4GHz spectrum.

Umm. Right.

The Process

Via Ben Kepes.

Update How annoying. The video has been pulled from YouTube, and there’s no other copy anywhere.

Update II Ben found another copy here.

Keith in a mood

The Ngsty One, or Keith as he’s also known, is going away to work at the Prime Minister’s office. Before that, Peter Griffin, the Herald’s prolific tech writer and tech editor, gave up on churning out the words and disappeared off to the Science Media Centre.

Maybe it’s just me, but it seems good journos are dropping out of the media biz well before they reach the Old Farts stage. Who can blame them though? Working as a low-salaried drone in a republishing factory isn’t what most people setting out on a journalistic career had in mind.

Guess PR trolls will have to start pitching stories at one another soon, as there’s not much life left in the media corpose after years of hack’n’slash management. No, I don’t think blogs will make for an adequate replacement, for a variety of rather obvious reasons.

X Windows Logo

I just ran X Windows on a Macbook Pro. It just started up, fast and without any configuration file hacking or whatever. Really, there was nothing to it. It started up, just like that, and then I had the apps (admittedly only a few) in the menu.

What’s more, I can Command-Tab between X and the Mac OS X desktop, and copy/cut and paste text between apps running in the two.

If you don’t know what I’m talking about, you haven’t tried a Linux (or *BSD) desktop.

Hmm. Am I becoming iJobsified?

Got a press release today about Lenovo (neé IBM) launching some new notebooks, so I went to the www.lenovo.co.nz site as per the email. Fail.

The correct URL for Lenovo’s NZ site is http://www.lenovo.com/nz/en/ if anyone wants to take a look. Might just do that, as I need a new laptop for work.

The New Blog swings into action. Wordpress this time, which has a huge array of features to play with. James @ Inspire has kindly organised some professionally designed themes for Techsploder.com and is also hosting the blog.

While I muck around with things, the blog will be in various stages of brokenness. Feel free to flame me or better yet, tell me what’s good or bad.