Windows XP, Japan's PDA push, and the CIA's strange interest in SafeWeb

In their latest commentary on three topical issues, Robin Bloor and his colleagues weigh up the prospects of Microsoft's next-generation Windows XP OS, how Japanese hardware titans will tackle the PDA market, and the CIA's involvement with web anonymity specialists, SafeWeb.

Bill Gates says that Windows XP is the most important version of Windows yet to be launched. But he may be a little premature with his prediction. Admittedly, so far details have been scarce, but we do know the system will have a new interface called Luna and come in versions for home and business use. It is also meant to make internet connectivity, email access and system settings more intuitive. We also know the existing Windows interface will be available as an alternative, and server versions won't be branded Windows XP, and are likely to appear several months later. The new operating system is claimed to have cost Microsoft around $1bn to develop. All this must be causing puzzlement to early stage testers, who have had difficulty finding major new features in the system. Maybe the $1bn price tag includes the $200m spend on marketing. There has to be a limit to the number of times people can get excited about a new version of a desktop operating system. However good the technology, people have largely moved on to other interests. Windows remains by far the dominant desktop platform, but the exciting innovations are taking place elsewhere - out on the internet, in the wireless telecoms space or on games consoles perhaps. Naturally, desktop systems generate excitement within Microsoft, so long as the division generates about 69 per cent of the company's revenues. But for many people a desktop operating system is useful, sometimes frustrating, and generally taken for granted. It now seems that in this field, the more strident the message, the less notice will be taken. The Japanese do gadgets, again Only last month, we pointed out the European mobile phone makers couldn't assume the mobile market was theirs. And since then, the Japanese have been putting down more markers. The latest player is NEC, which coyly states it is "considering" entering the market for handheld computers with a wireless-enabled device. Late last month, Toshiba announced it would enter the market for devices more widely known as personal digital assistants (PDAs). Its choice of software was expected to be Microsoft's PocketPC. NEC is talking about a product launch in the summer or autumn, and says it has yet to decide between Palm software and PocketPC. Sony is already in the market with its version of a Palm software-based PDA. All are moving towards wireless capability, with NEC talking of building it in. The Japanese are aided by the fact that their mobile market is already developing rapidly on the back of i-mode. The NTT DoCoMo service has clearly met consumer needs far better than the over-hyped WAP services that have not done so well. Manufacturers are now putting their faith in moving Japanese consumers from tiny-screened gadgets into PDA-sized units with wireless capabilities. The Far East makers won't have it all their own way, though. Palm is keeping up the pressure with a Bluetooth development platform. Interoperability with an Ericsson mobile phone has been demonstrated as well as use of Bluetooth for synchronisation of schedules between Palm units. Some will want to make buying decisions to meet immediate needs. For many more, the appealing features just around the corner will suggest holding back for a while. But as the best of the innovations reach the real world, the scope for market growth is vast. The spooks get web safe? The Wall Street Journal last week published an article reporting a connection between the US Central Intelligence Agency and a small internet company, SafeWeb, whose mission in life is to allow users to access any website with total anonymity. On the face of it, one would be hard pressed to come up with a stranger coupling, but this is a world of espionage and thus one is forced to take a much closer look at what's going on here. SafeWeb provides a service whereby users can log onto http://www.safeweb.com and from there go on to access any other web address without leaving a trace. All that would be logged is a record of the traffic from SafeWeb's site to that of the unsuspecting target. The user's anonymity is completely preserved. In fact, not only is the objective site unable to track the user, but the user's own web server will be unable to record which sites have been visited; only the fact that he accessed SafeWeb can be determined. The transmissions are also encrypted between SafeWeb and the user thus ensuring complete security. It is obvious the use of such a service offers many potential benefits to end users, both commercial and private. It is equally clear how security agencies such as the CIA might exploit such tools. However, the CIA is reported as wishing to take a second, highly significant step by forming a close alliance with SafeWeb via In-Q-Tel, a venture capital company created by the agency two years ago. Under this alliance SafeWeb will supply the CIA with some customised software, including a new product named Triangle Boy. Triangle Boy is a package that allows any PC to become a surrogate web server. We now know that the CIA has expressed an interest in this type of technology but the question is how many other agencies are making use of these tools? It would be very surprising if the likes of MI6, Mossad et al aren't exploiting them already. How far the world at large will make use of these systems is questionable. Will employees make use of such sites to hide from their employers what sites they are visiting? It will be hard for companies to block completely the use of such sites as they may wish to exploit them themselves, for instance to keep tabs on the competition. The governments of the world need have few fears about most people using these publicly available systems. Most countries already have legislation in place to compel service providers to disclose computer records regardless of the published security policies of a company. As ever the question boils down to who guards the guards? What society needs to decide is how much influence and control "public" bodies should have over the use of the tools. This is just another area where we need to decide the boundaries over which we do not want to see the security services pass, and it receives very little public debate. This is a difficult area in which to obtain valid, useful information about the security services in general. This is especially true in the secretive UK. Even in the 'open' US, the CIA is far too experienced to release any information they would rather remain cloaked.