Linux wormed, UK offline, and a PC market prognosis

In their latest assessment of three topical issues, Robin Bloor and his colleagues weigh up a worm targeting Linux users, how some employees are being denied web access, and the case for PC market consolidation...

There are now news stories of Linux systems being compromised by a worm, named Ramen. Security experts have noticed an increase in the number of internet scans for security loopholes common to default installations of versions 6.2 and 7.0 of Redhat's Linux distribution. The IT world long ago recognised the default installation of any operating system is not secure. For this reason system managers have to take additional steps to make safe the server in question. It is also common for other loopholes to come to light over the lifetime of any product and the manufacturer to issue corrective patches in response. Unfortunately, there are many occasions when the patches are not implemented, either because the end users are unaware of both the threat and the cure or simply do not have the required amount of time and skills. In the case of the Ramen worm, patches to cover the targeted flaws have been available for around six months. Ramen appears to be a collection of freely available scripts that have been cobbled together by vandals. We are fortunate that Ramen does little in the way of damage. The worm gets onto the server, fixes the back door after gaining entry and then replaces the home page of the infected web server with a message extolling a particular instant noodle dish. It then delivers the all-important calling card. What we are witnessing here is not just the migration of malicious code into the Linux world but yet another example of how low a priority IT security really has in the every day world of business, despite claims to the contrary. Either security is addressed as a whole or weaknesses will still be able to cause havoc. It is not enough to consider only technological solutions. We must remember that people are an integral component in every system. There are very few professionals that have the breadth of knowledge of IT, business and people to ensure that systems are secure. However, they can go a long way if instilled with the fundamentals. Loading the software is not the end of the job. Systems have to be configured with a security mindset and developing such a mindset takes time and effort. *UK offline* According to a survey of 200 large UK businesses, many workers are being denied access to the web. Those that do have access are, in the main, higher paid managers. This is doing little to bridge the digital divide that denies the facilities of the web to those who cannot afford them. The survey was carried out by Klegal - the legal business associated with KPMG - and showed that 30 per cent of the 200 businesses surveyed did not offer internet access to employees below middle management levels. Removing the IT businesses from the figures (where access is very highly available) raises the figure for those without access to 40 per cent. What this means is that those families who cannot afford web access from home are also being denied it at work. The reluctance to give free access comes from concerns about the potential cost in terms of resources used and lost productivity as well as fears raised by high profile cases of web misuse. The results of the KLegal survey back up figures produced by the UK Office of National Statistics in December 2000. That survey was more wide ranging but its headline figures showed that 32 per cent of UK households had access to the internet while only 45 per cent of adults had ever accessed the web. Given that many will share the same household, it means that there is a very small proportion who have internet access from other sources. Despite the obvious conservatism of Brits and the earlier adoption of internet technology in the US, it is clear that the UK is still lagging behind its North American counterparts when it comes to getting access to the net. *PC problems* A recent publication from Bear Stearns suggests PC manufacturers should consider consolidation to combat the general slow down in the market. While some manufacturers have been reporting weaker figures for the last year, there is optimism about future increases in activity. Our analyst friends might just have missed this fact. It all started when Andrew Neff, PC analyst at Bear Stearns, took a look at various profit warnings that were being released by big name PC vendors. He identified a problem with over-capacity and suggested consolidation could be the solution to the problems at this critical stage for the industry. It does seem, however, that Neff is out on his own on this one. Other analysts have poured scorn on his ideas, calling them "the height of stupidity" and "insanity". For example, Neff suggests Dell should be buying out both Gateway and IBM's PC businesses. He also raises the view that HP should be seeking to acquire Compaq in order to improve the market for its printers and that Apple should scrap the PowerPC processor and move onto an Intel platform. The whole idea that some of these big name businesses will give up their hard-earned market positions is ludicrous. Why would HP feel the need to buy Compaq? It's not as if it's struggling to sell its printers. Similarly, Gateway and IBM may not be doing as well as they would like but the idea that they might merge with Dell - or anybody else - doesn't make sense. The only gain to come from consolidation would be reduced competition, increased margins and better stock valuations. This seems to be the only reason for Neff's suggestions. Other market commentators are expecting a 10 per cent growth in PC sales in 2001 and further improvements beyond then. Their view is that the stock values will rise as a result of this growth and that no knee-jerk reactions are required to address the current dip.