Archive | Technology

Investigating Internet Crimes

Written by experts on the frontlines, Investigating Internet Crimes provides seasoned and new investigators with the background and tools they need to investigate crime occurring in the online world. This invaluable guide provides step-by-step instructions for investigating Internet crimes, including locating, interpreting, understanding, collecting, and documenting online electronic evidence to benefit investigations.

investigating_internet_crimesThis year I served as technical editor for this excellent book by Todd Shipley and Art Bowker. Cybercrime is the fastest growing area of crime as more criminals seek to exploit the speed, convenience and anonymity that the Internet provides to commit a diverse range of criminal activities. Today’s online crime includes attacks against computer data and systems, identity theft, distribution of child pornography, penetration of online financial services, using social networks to commit crimes, and the deployment of viruses, botnets, and email scams such as phishing. Symantec’s 2012 Norton Cybercrime Report stated that the world spent an estimated $110 billion to combat cybercrime, an average of nearly $200 per victim.

Law enforcement agencies and corporate security officers around the world with the responsibility for enforcing, investigating and prosecuting cybercrime are overwhelmed, not only by the sheer number of crimes being committed but by a lack of adequate training material. This book provides that fundamental knowledge, including how to properly collect and document online evidence, trace IP addresses, and work undercover.

  • Provides step-by-step instructions on how to investigate crimes online
  • Covers how new software tools can assist in online investigations
  • Discusses how to track down, interpret, and understand online electronic evidence to benefit investigations
  • Details guidelines for collecting and documenting online evidence that can be presented in court

Blackhatonomics: An Inside Look at the Economics of Cybercrime

blackhatonomicsBlackhatonomics: An Inside Look at the Economics of Cybercrime explains the basic economic truths of the underworld of hacking, and why people around the world devote tremendous resources to developing and implementing malware.

The book provides an economic view of the evolving business of cybercrime, showing the methods and motivations behind organized cybercrime attacks, and the changing tendencies towards cyber-warfare.

Written by an exceptional author team of Will Gragido, Daniel J Molina, John Pirc and Nick Selby,  Blackhatonomics takes practical academic principles and backs them up with use cases and extensive interviews, placing you right into the mindset of the cyber criminal.

The Russian Software Pirates

Every day here and in dozens of other Russian cities, pirate dealers sell copies of the world’s most popular software titles at $5 per CD-ROM.

Despite fears about the economy, small and medium-sized businesses are flourishing in this elegant northwestern Russian city – and pirated software is installed on almost all of their computers.

Nearly all high-end computer games, Encyclopaedia Britannicas and other educational and reference CDs are distributed through illegal sources.Bootlegged software use is certainly not limited to Russia. Industry analysts say that 27 percent of the software running on American computers is pirated.

And the Business Software Alliance, which monitors business software piracy, says 43 percent of PC business applications installed in Western Europe are illegal copies.

In Russia, however, the piracy rates are a stunning 91 percent for business applications and 93 percent for entertainment software, according to Eric Schwartz, counsel to the International Intellectual Property Association, a Washington, D.C.-based organization that lobbies internationally on behalf of the copyright industry.

Schwartz said that piracy in Russia costs American entertainment software manufacturers $223 million a year and business software makers almost $300 million. The Business Software Alliance estimates worldwide revenue losses to the software industry from piracy at $11.4 billion.

Under the 1992 agreement with the United States that guaranteed Most Favored Nation trading status, Russia is required to effectively enforce anti-piracy laws, but actual enforcement is virtually nonexistent.

Meeting the Dealers
The dealers, who operate in stalls and kiosks around major transportation hubs or in full-scale markets usually 15 minutes from the city center, offer an enormous range of titles, usually bundled in a form their manufacturers would never dream of.

“That’s Windows 98, Front Page 98, Outlook 98, MS Office 97 SR1 and, uh, yeah, Adobe 5.0,” said Pyotr R., a student at St. Petersburg Technical University, of a single CD-ROM. “On the disk there are files, like ‘crack’or ‘serial’ or something, and that’s where you’ll find the CD keys,” he said, referring to the codes that unlock CD-ROMs and allow users to install the programs.

Pyotr (who spoke, as did all others interviewed for this article, on condition of anonymity) sold that disk, plus a second one containing Lotus Organizer 97, several anti-virus programs and some DOS utilities, for 60 rubles or about $10.

Another dealer was offering Windows NT 4.0 for $5, and Back Office for $10. According to Microsoft, the recommended retail prices for these products are $1,609 and $5,599.

Many Russians, who during the days of the Soviet Union bought most necessities through black market sources, think nothing of buying their software this way. They even defend the markets as providing a commodity that had been long-denied them.

After the collapse of the Soviet Union, inexpensive computers began to flood into the country from Taiwan, Germany and the United States, increasing the importance of these illegal software markets. Spending at least $800 on a computer was an enormous investment for Russians, even relatively well-paid St Petersburgians who earn an average salary of around $350 a month. Those who did buy one were in no position to consider purchasing software legitimately, even if it were readily available, which it often wasn’t.

These days, though, legitimate outlets for hardware and software are popping up everywhere in Russia; computer magazines offer licensed versions of everything available in the United States and Western Europe, and software makers advertise in the city’s well-established English-language media.

The markets continue to thrive with an alarming degree of perceived legitimacy. Outside the Sennaya Square metro station in St. Petersburg, a police officer approached a pirate dealer (who offered, among other things, Adobe Font Folio and QuarkXPress) and angrily chastised him for not prominently displaying his license to operate the stall. When the dealer complied, the policeman moved on.

Customers feel secure that the pirated copies will work and that belief appears well-founded. Bootlegged titles come with a written guarantee – good for 15 days from the date of purchase – that they’re virus-free and fully functional.

And files on the CDs themselves boast of high-quality, code-cracking techniques: “When so many groups bring you non-working fakes, X-FORCE always gets you the Best of the Best. ACCEPT NO IMITATION!” boasts one.

“There’s a lot of viruses around in Russia,” said Dima V., a system administrator who runs several small company networks in St. Petersburg using bootlegged copies of Windows NT 4.0, “but most of the disks you buy in the markets are clean. The guys are there every day and if they give you a virus you’ll come back – it’s just easier to sell you the real thing.”

Foreigners get in on the action
Russians are not by any means the only people installing the pirated programs. While employees of multinational companies or representatives of American companies would never dream of risking their job by violating copyright laws, self-employed Westerners, or ones who have established small Russian companies have no qualms about doing so.

They also pose a question software manufacturers find difficult to answer: Who would buy a network operating system package for $5,000 when it’s available for $5?

“Nobody,” said Todd M., an American business owner in St. Petersburg, whose 24-PC network runs a host of Microsoft applications that were all bootlegged.

“There’s just no financial incentive for me to pay the kind of prices that legitimate software costs,” he said. “I mean, it would be nice to get customer service right from the source, but we have really excellent computer technicians and programmers in Russia and they can fix all the little problems that we have.”

Customer support and upgrades are just what the manufacturers point to as advantages of licensed software, even in markets like Russia.

“There are enormous incentives,” said Microsoft’s Mark Thomas, “to buying legitimate software, and they start with excellent customer support and service and upgrades. We spend $3 billion a year on research and development and the money that we make goes right back into making products better and better products. The pirates don’t make any investment in the industry.”

And local industry, Thomas pointed out, suffers disproportionately in the face of piracy.

“A huge amount of our resources are put into making sure local industry builds on our platform,” he said. “When a local company creates packages for, say, accounting firms, and somebody can come along and buy it for $5, these local companies can lose their shirts.”

Piracy getting worse
Despite heavy lobbying by industry representatives and government agencies, piracy has worsened. As CD copying technology becomes cheaper, large factories in Russia and other countries, including Bulgaria, churn out copies of software copied by increasingly sophisticated groups in countries around the world, especially in Asia.

Encyclopaedia Britannica wrote off Malaysia as a market effectively destroyed by pirates, who sold 98 out of every 100 copies of its flagship Encyclopaedia three-CD set for a fraction of its recommended retail price of $125. The same disks, which have not officially even been offered for sale in Russia, are readily available in the St. Petersburg markets for $10.

“For Encyclopaedia Britannica, the cost of piracy is millions a year,” said James Strachan, EB’s international product manager. “One hundred percent of the value of our product is an investment in the authority and depth of our content,” he said. “Piracy causes us extreme concern and we do everything we can to root it out and prosecute.”

Todd M., the businessman with the 24-PC network, offers little hope that the situation will soon change in favor of manufacturers.

“With all the problems I have running my business here in Russia, from armed tax police to Byzantine procedures and customs duties, software piracy just doesn’t register with me,” he said.

“It’s the one thing about doing business here that’s somebody else’s problem.”

Family Radios Keep You In Touch

It’s a holiday nightmare: your child, found tearfully tugging at the skirts of a grinning theme park employee, has ratted you out as the parents that lost him.

As hundreds of university students in air conditioned fur character suits have your description, the net closes in. Goofy’s speaking into his wrist and pointing at you!

Now you’ve got to face dozens at the dreaded Guest Relations, where you collect your wayward child and sheepishly explain that, “I only turned my back for a SECOND!” For families and groups of even two visiting American theme parks or malls, Walkie Talkies on the new US Family Radio Service can be a Godsend.

A new range of inexpensive handheld radios operate on the FRS, a set of US radio frequencies that are available to users without an FCC license. Hand-held CB radios, while powerful, couldn’t provide a traffic-free channel, and carrying a roaring pocket full of “good buddies” through the Magic Kingdom just didn’t seem practical.

So radio manufacturers Motorola and Radio Shack made the FCC a deal: loosen restrictions on the airwaves, and they would produce low-cost walkie talkies that would allow friends and families to communicate. Say, across the wilds of a theme park, shopping mall, park or forest.

The FCC passed the Family Radio Service act in 1995, clearing the way for Motorola, Radio Shack and other manufacturers to produce some of the coolest little handheld radios on the market.

Motorola’s main entry, selling at around US$89 a piece in shops (but listed as $129 by Motorola), is the neon-colored TalkAbout: very colorful and retro-modern looking (think Buck Rogers) two-way radios with a range, they claim, of up to two miles.

Radio Shack’s 2-Way Personal Radio models, which are actually built by Motorola and cost about the same as the TalkAbout, look somewhat more Mission Impossible. They’re clumsily marketed, but the Radio Shack models, along with FRS walkie talkies from companies including Kenwood and Midland, are very good products with just about the same technical specs as the Motorola branded models.

I recently took the Motorola radios on a little trip through Walt Disney World, the Sawgrass Mills Shopping Mall, the Kennedy Space Center and the entire state of Florida, and the Radio Shack radios through Orlando. I’m happy to report that when you’re in the theme parks or on the same floor of a mall, these things are absolutely fantastic.

Plop! One shortcoming was that despite the rugged looking case, the TalkAbout is by no means waterproof. While planning our day poolside, I read with interest the TalkAbout manual, which said, “Water Resistant…” and before I finished reading the sentence I tossed the little yellow box into the pool, expecting it to float.

I have never seen something sink so quickly.

I dived in after it, and when it surfaced, I turned the power switch on. It made the most pathetic electronic noise since R2D2 was deactivated: Beeeeeewooop. After an hour with a newly-bought six-point star socket wrench and a hair dryer, I’m happy to report it worked as good as new.

“Water resistant”, apparently, means it can be rained on lightly. Tempting as it may be, don’t expect the thing to work under water unless it’s in a waterproof plastic bag.

Vowing to use it only as intended, my wife Corinna and I set out for Orlando and the theme parks.

The thing to remember is that the range conditions stated on the box are optimal – as in, optimally you’ll use it at night, at sea level, with clear skies, and in Tahiti.

The actual range we found was just about a mile, which is perfect for, say, the whole family in the same Disney park. Across the Magic Kingdom, we were able to communicate perfectly, making this a natural for parents to let their kids run off with one radio while they keep the other.

We did a range test, with my wife on the monorail to Epcot. We were able to hear each other only for a little while before her comments became just about,

“Im gzzrbth with baazrrrb CRACK Epcot”

But within the parks themselves, the radios functioned absolutely as promised. We even had no interference – our own private channel – despite the sight of about seven or eight other families in the area using their FRS radios.

That’s because all brands of these radios allow you to broadcast subaudible tones which effectively multiply the available channel sets tremendously: there are 14 channels and 38 subtones from which to choose.

The Radio Shack model worked great throughout the Belz discount outlet mall. We had some fading in and out, but could always hear each other.

Since specs are all very similar, your choice is really which one you like best or, more likely, which one’s cheapest at the time you;re shopping for them.

The TalkAbout and TalkAbout Plus, while not water resistant, are certainly rugged, and stood up to drops and bumps. We saw a kid at the Kennedy Space Center kicking his radio and then speaking on it. The manual didn’t mention anything about this but I assume it is not recommended.

The best place to buy the radios – whichever brand you decide on getting – is in the States, where the prices are better than in Europe. They’re sold at many electronics shops, all Radio Shack locations and in ham and commercial two way radio shops. You can also buy them over the internet, and have them delivered to your hotel in the US, saving on international shipping and import duties.

Motorola’s website is Radio Shack’s website is at Midland and Kenwood FRS Radios are available through Northern Mountain,

Clinitrac’s Brick Could Save Pharmaceutical Companies Millions

The development cost of a pharmaceutical drug can easily run between $500 million to $800 million, and clinical trials alone can cost between $1 million and $2 million per day in lost future revenues. So imagine a service that could reduce by a year the time it takes to perform a clinical trial, analyze the results and submit them to the US Food and Drug Administration (FDA).

That’s the dream of Stockholm-based Clinitrac, which has produced a working prototype of its GSM-based wireless solution geared to the problem of initiating, gathering, analyzing and accessing the information generated through medical clinical trials. The time to market is, of course, dependent on loads of factors, but probably refers to larger, longer trials.

VCs Believe
Clinitrac received $3 million in seed funding in May 2000, mainly from BrainHeart Capital and HealthCap, but also netted stakes by the Swedish Industry Fund and others. The company is currently entering a second round with the original funders, to the tune of an additional “three to four times that amount,” and are seeking to bring in an additional, US-based venture partner to the fray.

The company has yet to produce revenues, but its working prototype is impressive. It has already cut a deal with Psion for the Netpad and is in discussions with a major PDA manufacturer. And it has had meetings with US GSM operators to ensure that Clinitrac’s product will have all the GSM network coverage it needs when it offers its product to US markets in 2001.

Patients enter information on a half-brick-sized Psion NetPad, which has a wireless Internet connection, a touch-activated screen and enough shock absorption around its edges to tolerate a month in a New York City public secondary school. The information is then transferred back to the company performing the testing, and made immediately available to doctors, scientists, product managers and developers.

“This sounds like an interesting technology,” said Nick Woolf, biotech analyst for ABN AMRO. “There are other companies in clinical trial services who claim to have various systems – voice recognition systems and others – but it’s certain that real-time information on a clinical study is valuable.”

Clinical Trials Today
The process is, in a word, revolutionary. Today, patients are asked to fill in paper forms, and they often forget, fill them in late or inaccurately. This information is delivered to a doctor after 30 days, which means that a patient who repeatedly misses his noontime dosage or has an adverse reaction to a drug would not be identified until after at least a month.

“The biggest problem with clinical trials,” said Clinitrac CEO Andreas Segerros, “is keeping the patient in the trial. Once they blow the protocol a certain number of times, you need to take them out. Our product would allow monitors to see, on a daily basis, that Mr. Thompson over there keeps missing his 3 p.m. pill, and call him early enough to keep him in the study by making sure he took the drug.”

That indicates a level of involvement and monitoring of tested subjects unheard of today. Currently, paper forms are stacked up from around the world, flown to central data processing facilities and keypunched into systems before anyone can even have an idea of the nature of the data.

The major risk, Woolf said, is getting the product out there and recognized as a clinical trial service. Most large pharmaceutical companies, he said, contract out much of the work of clinical trials to Contract Research Organizations (CROs).

“Today there are CRO subcontractors that do nothing but take dirty paper forms filled in by patients and scan in the results,” said Henrik Linder, Clinitrac’s clinical research operations senior director. “[Our] system gives you clean data, digitally, directly where you need it and in real time. And when we approach the pharmaceutical companies, they’re like, “Finally! Thank you!””

There are potentially several areas in the pharmaceutical industry where a product like this could be used to affect both savings for the end user as well as increased profits for the manufacturers. Traditionally, on approval of a drug, the onus is on the drug companies to appeal to the FDA in order to maintain a high price – the FDA is in effect negotiating on behalf of the American Medicaid system, which will pay or not pay for a drug based on the assessment of the FDA.

The pharmaceutical company will argue that a) the thing took them years and billions of dollars to research, b) it meets an immediate, and heretofore unaddressed, need of the general public, and c) the quality of life improvement, or simply the decrease in necessary medical attention required by a patient taking this drug, is so compelling as to justify a higher dose or daily cost of the drug.

Clinitrac said its product can help in this process as well, by allowing pharmaceutical manufacturers to have access to a broader-than-ever range of quality-of-life questions, or information above and beyond the physical effects of the drug.

For example, in addition to hard medical questions of efficacy to a patient on a clinical trial for a drug that attacks skin rash, they would also be asked questions such as: “In the last week, how often did embarrassment about your condition cause you to make more conservative clothing choices?”

The answers to questions such as these would enable pharmaceutical makers to argue that in addition to straight efficacy, the drug in question has a positive impact on the patient’s quality of life – a compelling argument for a higher price for the drug.

“As a monitoring tool it could be extremely effective,” said ABN AMRO’s Woolf, although he stopped well short of saying that the technology alone would amount to a stronger negotiating position. “Whether you can correlate the monitoring tool to a gain of negotiating points with the FDA, HMOs and other reimbursement agencies would be difficult to claim.”

He added: “These guys need to team up with a Quintiles or a Covance,” referring to two of the larger CROs. “Because those are the ones that already have the relationships and access to clinical hospitals.”

Absolutely true, Clinitrac agreed. For now.

But the company is convinced that eventually pharmaceutical companies will see the savings involved in their real-time offerings, and Clinitrac won’t be keeping many friends in the CRO world for long.

A sample network access policy

In order to protect our network, computers and the confidential data of our clients, [Firm Name] (the “Firm”) has instituted this Network And Computer Access Policy. We’re protecting against not just the damages and liability created when unauthorized access occurs, but also against viruses and physical damage to our systems.

This document sets forth standards which must be adhered to by all employees, contractors and any user granted access to any machine on the Local Area Network (LAN) at any time, whether physically present at the Firm or via remote access.

Failure to comply with the policies set forth in this document will result in disciplinary action, and may result in termination of employment.

For the purposes of this document, an “Employee” is any employee, contractor, agent, temporary worker, vendor and any other person in a position to know or obtain information about computers or devices on the LAN.

The firewall is a hardware or software device which protects the ports of computers on the LAN. For the purposes of this document, “Remote Access” shall mean access to the Local Area Network from any location outside the firewall by any method, including but not limited to Virtual Private Network (VPN), dial-in modem, frame-relay, SSH, cable-modem and any other method of accessing the LAN from outside the firewall.

Policy Scope
The Policy applies to any person granted authorization to access any computer or device on the Firm’s LAN (an “Authorized User”). This includes but is not limited to contractors, temporary workers, vendors, sub-contractors, employees, attorneys and partners authorized to access any of the Firm’s computers, locally or via Remote Access, for any reason, including email and Internet or intranet web browsing.

Physical Security
All computers and devices on the LAN must be physically secured when leaving them unattended. All servers must be additionally secured with locking devices such as keyboard locks.

Any notebook or laptop computer, Personal Digital Assistant (PDA), Internet-capable cellular device, Wi-Fi-enabled device or other device capable of connecting via Remote Access to the LAN (A “Mobile Device”) must be secured with a BIOS password, and user authentication. Any Mobile Device must run up-to-date anti-virus protection and properly configured software firewall (see __ below).

Any Authorized User must take reasonable steps to ensure that any Remote Access to the LAN is treated with the same security approach as a connection made within the Firm.

Information Security
It is essential that each Employee be instructed never to tell even the most seemingly innocuous detail about the Firm’s Information Technology (“Sensitive Information”) to a third party. While it may seem inconvenient or rude, all Employees – from temporary receptionist to senior Partner – must treat as suspicious any request from any third party person not personally Known to that Employee. Private detectives and others who specialize in information retrieval may call several people in a firm, asking each for a seemingly innocuous detail, which combined can result in a breach of the Firm’s security. Employees must jealously protect any information about the Firm’s Information Technology, including but not limited to:

  • Never telling a caller any details including but not limited to server names, Internet Service Providers, telephone provider, email server information (including email server name), printer type, computer brand, router type or brand;
  • Never telling a caller the name of your Information Technology specialist, whether that Information Technology person is in-house or contracted;
  • Never telling a caller the name of any Wireless Access Point (WAP) SSID; never confirming the presence of a Wi-Fi WAP;

Any caller not personally known to the Employee who requests Sensitive Information must be referred to the appropriate department head or Partner, without giving such person the name of such appropriate department head or Partner. If such referral is not possible or practical, then the Employee must request from the caller a callback number, to be given to the appropriate department head or Partner, without giving such person the name of such appropriate department head or Partner.

Password Security
All Authorized Users must use strong passwords. Unacceptable passwords include but are by no means limited to,

  • first or last names, or combinations thereof;
  • names of an Authorized User’s children or pets;
  • words found in a dictionary, combinations of dictionary words with a sound alike digit (second2, etc);
  • use of the words or variants on the word password, admin, update, access, login, computer, terminal, workstation, work, home, etc.

Strong Passwords are a string of at least eight characters of upper and lower case letters and numbers.

Authorized Users should change their password regularly.

No Employee may leave a password written down in proximity to the computer or device which the password accesses.

No Employee may ever provide their login or email password to anyone, including family members.

Acceptable Use
Authorized User may access the Internet for Firm business or personal information provided that they:

  • do not jeopardize the security of any Firm or confidential client information which may be present on the computer being used to access the Internet;
  • do not violate any of the Firm’s policies;
  • do not engage in illegal or prurient activities;
  • do not engage in outside business interests;

Wi-Fi Security
Any Wi-Fi Access Point (WAP) must be configured to comply with the four-step Proposed Standard of Reasonable Wireless Network Security in Law Firms available at This proposed standard provides four steps to securing a WAP, which includes:

  • Changing the WAP defaults (administration password, router name, router IP address, SSID name, etc);
  • Encrypting the signal using the best available encryption method, in order from most to least desirable, WPA2, WPA, 128-bit WEP;
  • Requiring VPN access into the LAN from anywhere outside the Firewall;
  • Implementing a written access policy, such as this one

Wireless (Wi-Fi) Access
Any access to any computer or device on the LAN behind the firewall must be via VPN. Any Authorized User accessing the LAN via VPN from their home or other WAP (a, “Remote WAP”) must apply all four steps above to the Remote WAP.

Remote Devices
Any Employee using any Remote Device must ensure that such device is updated with the most recent security patches for their Operating System.

All machines on the LAN and any Remote Device must run current versions of anti-virus software with regularly updated virus definitions. Note that new viruses are introduced every hour; “regularly updated virus definitions” means at a minimum of once each week. It could be argued it is reasonable to update every 24 hours.

Any Remote Device must be running a properly-configured firewall program such as Zone Alarm or Computer Associates eTrust. Users at Public Hotspot must be aware that, if such Remote Device is not running a firewall, a malicious user can gain access to the Remote Device and install software or remove files from the Remote Device’s hard drive.

Any Authorized User using a Remote Device outside the firewall must use the VPN to send and receive Firm email. No Firm email may be sent using third-party email services (including but not limited to gmail, hotmail, etc).

Any Authorized User accessing any computer or device on the LAN for remote management or administration must use SSH or VPN. For remote file transfer, SCP, SFTP or VPN must be used. Under no circumstances shall Telnet, FTP or other un-encrypted access method be used.

No Employee using any Remote Device shall access the LAN while connected to any other network, except a personal network over which such Employee has complete control.

Also in this series…
A proposal for Reasonable Wireless Security for law firms

A sample network access policy

Wifi encryption standards

“There’s nothing on my desk worth stealing”

…and free hotspots for all

There’s Money In Them Thar Parts

When you find your 14 year-old son in the middle of the living room with a guilty look on his face, a screwdriver in his hand and your nifty new UMTS cell phone in a million pieces on the floor, hold off on blowing up for a second – the pieces you see represent the achievements of some of today’s greatest European start-ups. And there’s opportunity in them thar parts.

“We make the software that runs OC layers one through three of the handset,” said Clifford Dong, CTO at Zesium, a Munich start-up that last year received a seed investment of €2 million from 3i. He’s referring to the “seven layer” stack concept which includes level 1, the ‘physical layer’ which actually sucks and blows bits into the airwaves; layer 2, responsible for guaranteeing the safe delivery and receipt of data, and layer 3, which deals with what data will be transferred along with mobility management, radio resources and call control.

3i says that because Zesium’s business is personnel, not finance, intensive, they don’t expect to have to sink any further money into Zesium any time soon – even though the company is making extraordinary headway and faces little competition to date. “They have very specialized know-how,” said Peter Boehringer, investment manager at 3i, “and there are several large manufacturers who would rather buy the software than build it, and Zesium is very good at building this software.”

Some larger handset manufacturers, Boehringer said, are committed to building it themselves, but Boehringer thinks that those companies might not have the manpower they would like, and therefore even they might end up at Zesium’s door. “We’ll just build it and see what happens,” Boehringer said.

VCs say that this kind of guts-building is exactly where small start-ups can benefit best from the spending frenzy as European telcos prepare to invest what Commerzbank estimates will be &euro87.5 billion over the next four years and a total of €175 billion over ten years.

“We see a trend,” said Max Oppersdorff, Vice President of EM Warburg Pincus in Munich, “that hardware vendors are acting more like general contractors. The major part of what they supply they make in house, but they’re trying to buy from third parties that are out on the edges of advanced technilogy where perhaps the vendors are not as advanced – and sometimes the customers themselves are even demanding this.”

Much of the spending flurry will be focused on issues of infrastructure, and while much of the backbone and base station action is likely to be taken up by the Nokias, Lucents and Ericssons of the world, there are literally dozens of niche areas in which small, independent and fast moving technology companies can move in and own the space.

Take, for example, base station amplifiers. The frequency and bandwidth used by the next generation of mobile phones pushes the envelope of the specs of existing base station transmitter equipment, and there is an enormous and immeiate need for more efficient linear amplifiers. Amps, in the boxes at the bottom of base stations, currently require fans and other cooling technology, and must be constantly monitored. The infrastructure cost associated with all this coddling can add up.

“Telecoms spend tens of millions of pounds in any year on electricity,” said Dave Cheesman at Advent Venture Partners, “and a lot of that goes to wasted power in amplifiers .”

Advent is backing, along with Deutsche Bank and 3i, a company called Wireless Systems, which makes range of patented, next generation, wide-band linear, high efficiency amplifiers. Wireless just closed its third funding round for $23 million.

Opportunities Everywhere
New hardware and software technologies – or even new applications of existing technologies – are also absolutely essential. Squeeze any portion of the mobile world and an opportunity just might pop out: the next generation of mobile phones, and their increased bandwidth, means that handset range given the available power will decrease. To combat this, handsets require far more efficient antennas in order to provide services without sucking dry batteries in the dialing process.

Consider, too, the humble handset. The amount of technology crammed into those tiny little buggers is astounding: aside from the chips, switches and other hardware, today’s typical handset already contains around 2MB of code. That is expected to quadruple in size as mobile devices become more complex.

Or ponder the very deployment of base stations. New generation mobile cells will be smaller, and therefore more will be required. Companies that make a new generation of network planning software will be of intense interest to telecoms looking to maximize the efficiency of physical placement of base stations, and even the angle at which to point the antennas to squeeze every gram of coverage possible out of the new systems.

Even backlighting technology is being reconsidered: Advent’s Cheesman says that current systems, which use light emitting diodes (LEDs) and molded acrylic light guides to sorta – shove the light where it’s needed are less than perfect. “They use lots of power and don’t supply even lighting,” said A. Kianin, Technical Director for Elumin in Wales. Elumin uses electro-luminescent material for a range of applications, from private jet refurbishments to escape lighting on aircraft, to night vision devices and, of course, mobile telephone handsets.

EL’s nothing new in the world, but it is relatively new to handsets. It uses a light-emitting phosphor sandwiched between layers of insulation and conducting electrodes which are then laminated together. The result is a light that can produce various brightness with negligible heat. Advent has recently invested more than €2.5 million into Elumin, which Kianin says, expects to begin production for “a big company” of their backlighting products as early as November.

Germans Flip Over Tax Reform (In A Good Way)

German business leaders are euphoric over a tax overhaul that lets them redirect investment once tied up in other German companies, and funnel it into high-growth sectors like high-tech. But there is growing concern among German retail investors that the package, introduced by the German government after years of debate may pose more questions than it answers.

The tax scheme, expected to reduce by almost DM60 billion German tax receipts by 2005, includes a provision that removes corporate long-term capital gains taxes. This ends the post-war German tax regime which effectively required German companies to hold stock in one another.

Business leaders hail the long-debated reform, and are almost counting their earnings already from investments in euro-dot.coms and high-tech ventures. But according to an n-tv poll published in the Abendzeitung, 51% of Germans surveyed said they felt that the tax package would hurt, not help them, despite a personal income tax cut for both low and high income earners.

Some labor leaders worry that a mass shift of funds by banks and insurers away from more esoteric or even merely poorly performing holdings and into industry consolidation and mergers and acquisitions could threaten German jobs, and the decades-long peace between German industry and labor unions.

But business leaders insist that freeing up their investment capital will allow them to invest in high growth sectors. “This decision increases strategic development for German corporations,” said Stefan Radloff, Senior Vice President Accounting & Financial Controlling, for Infineon Technologies, “However, we do see further discussion necessary regarding individual points of the decision, particularly within the area of corporate income tax law and tax write-off regulations.”

The funding from capital gains “will allow companies to focus on their core competencies ,” said Peter Klostermeyer, senior analyst at VMR, “German old economy companies, for example, in steel and mining, already have in place an IT business or Internet division, so they’ll probably take money out of cross-investments and use it to build up and possibly spin-off these divisions.” The value-adding investments would garner the attention of investors and increase stock prices.

Cross-holding was introduced after WWII as a means to promote consensus among German corporate management, which had to maintain holdings in diverse industries – such as insurance companies investing in tire manufacturers, construction firms and banks. The velvet hammer of compliance with this system, widely credited with smoothing the course of the German Wirtschaftswunder – economic wonder – was that corporations would be hit with earth-shattering capital gains taxes should they sell their cross-holdings.

All that changed when the compromise, a mainstay of parliamentary debate in Germany since before the Kohl era, was passed.

German Business Ready To Rock
Though the Financial Times has reported that Deutsche Bank Chairman Rolf Breuer plans aggressive divestment of Deutsche Bank’s estimated €23 billion in industrial holdings (including DaimlerChrysler and until last month, insurance group Allianz), Breuer has made clear the bank “…will try to avoid overcrowding the market with potential sellers. We will have to do it smartly.”

Banking analysts also believe that the odds of a fast-paced sell-off are slim. “As far as I can see, this will encourage some divestiture, but on balance I think this issue may be overblown,” said an analyst at Commerzbank. “Banks have really enjoyed the earnings smoothing capacity of these cross holdings, which has allowed them to realize profits that can offset costs such as restructuring – without this, the volatility in the German banking climate over the last few years would have been very significant. And dumping the shares would dilute the price, and banks aren’t dumb.”

Analysts also say that in addition to pure financial motives that would encourage a steady and slow sell off as opposed to a rapid money move, there is also a very real sense of tradition.

“These are legacy positions,” said the Commerzbank source, “and there are some very strongly-held views that these are the family shield, so you won’t see a wholesale sell off within a short space of time, but rather a slow, gradual process.”

But the overhang – the market’s sense of “waiting for the other shoe to drop” on releases of chunks of stock, may in itself provide downward pressure on German stock prices over the long term.

Changing Insurance Landscape
For the insurance industry, at least for insurers with large portfolios, the newly found freedom from cross-holding would seem to be an equal shake. While German companies in other industries will surely divest themselves of some of their insurance holdings, German insurers will be free to consolidate further within Germany as well as to expand across European borders.

“This won’t mean any immediate change in ratings,” said Karin Clemens, Associate Director at Standard & Poors, “but this will speed up the consolidation process within the German insurance market. And it would mean opportunities to broaden. For example, Allianz can’t further expand in Germany, so we would expect them to try to build their positions outside Germany – but we also expect further that it will allow foreign insurers the chance to get in to the German market.”

Labor Unions
Some have expressed concern that shifting capital out of certain sectors could threaten German jobs, and the peaceful relations between industry and labor unions that has been a hallmark of the German post-war success.

“We support the tax reform package in general, and think it is good for Germany and for Europe” said Claus Eilrich, a spokesman for IG Metall, Germany’s largest labor union, “but we have some problems with the corporate capital gains cut. Germans must pay a tax for everything, so we question why large corporations should get what amounts to a present from the government – this even took the insurance and banking industries by surprise.”

Personal Income Tax
The German plan also provides a healthy tax cut for the wealthy, and much smaller cuts for middle and lower income earners. Some believe that this “Supply side” approach creates an unbalanced economic model, but German economists feel confident the mixture is a prudent one.

“That supply-side issue is always a problem,” said Rudiger Parsche, Expert for Financial and Tax Matters at Munich’s IFO Institute for Economic Research, “but I think this package has a good mix, reducing tax rates significantly and increasing the minimum amount of tax free income to DM15,000 by 2005. So taken altogether we suppose that the package will also increase the demand side.”

Visiting The Front Lines

The future is wireless, or at least that is what Nokia, Ericsson and a host of startups and network operators are earnestly hoping. But the quick success of 3G – The Third Generation of mobile telephony – is more than profitable icing for these companies; it has now become a matter of survival….

This article, which ran in the February, 2001 issue of Tornado Insider magazine, looks at the overall climate in European development of 3G, and then explores how each of Europe’s largest telecom networking manufacturers, Ericsson and Nokia, is coping with the challenge.


For some time, both Ericsson and Nokia have vigorously embraced the role of global industry hothouse by developing new divisions and enhancing old ones to deal with the 3G challenge. But it is about more than money.

“For a fraction of what the operators spent on 3G licenses, they could buy 10 application startups to help with rollout,” says Martti Malka, a partner in Nokia Venture Partners, which is independent from parent Nokia. “It’s not the money; it’s the business model, and the successful operator is going to look to third parties to come up with the innovative business propositions.”

Resources for innovation, too, are only part of the problem. Ericsson has established itself as a curious anomaly. The heavily bureaucratic, press release-driven monolith commands a sensational ability to introduce and gather support for industry-wide protocol initiatives, like Bluetooth and OSGI, its home gateway protocol. Nokia, meanwhile, has made huge progress in end-user customer loyalty through its desirable handsets, capturing 30 percent of the worldwide handset market. Nokia is claiming great gains in GPRS and 3G networking contracts as well.

Nokia and Ericsson realize that in order to give their customers, the operators, the return they’re demanding, they must aggressively court small startups working on applications, services, and hardware for 3G. They’ve partnered with VCs for some, and will continue to do so for others. They have also spent considerable time and money making sure that when 3G rolls out it will live up to the hype.

Enter the startups
“We know we have to develop this market and the key issue is getting the right applications,” says Bengt Larsson, marketing manager for Ericsson Business Innovations (EBI), an independent subsidiary of Ericsson. “It’s not until we have the applications on board that we will see the 3G market take off.”

Nokia Venture Partners, with $500 million under management, concentrates on early stage mobile Internet companies, and looks specifically toward those creating enabling technologies. A perfect example is AVS Technologies, an Espoo, Finland, company whose MVQ (motion vector quantization) method is a high-end video compression and transfer technology that compresses video streams 10 times more effectively than RealPlayer or Windows Media.

For its part, EBI, as well as main divisions of Ericsson such as its Mobile Location Services, work closely with small startup companies developing applications that would eventually work with an Ericsson 3G network. For instance, Ericsson Mobile Location Services works and co-markets with It’sAlive, a startup games-maker funded by Speed Ventures in Stockholm. It’sAlive just rolled out its first product, a location-based game called BotFighters, in which SMS messages appear when opponents are in firing range.

BotFighters is currently running in Sweden on regular public networks. “Ericsson would welcome any application developer who would like to try out a 3G application to come and use it on our demo network in Kista. It’s one of the few places in the world where you can actually test 3G applications in a practical environment,” says EBI’s Larsson.

The first step taken by application startups is a visit to the Ericsson and Nokia developers’ websites, which allow any company to register to receive technical specifications, assistance, emulators, and limited access to the developers’ community for the particular product in which they’re interested. Companies that push past that point and go for a more formal partnership, like It’sAlive, are given co-marketing support and access to live research and development projects, not out-of-the-box technology.

While Ericsson and Nokia are both taking to their roles with gusto, developing deals with laundry lists of third parties from startups to global players, there are subtle differences in their approaches. The following profiles look at the efforts by each of the vendors, and compare and contrast their approaches.

Dell? He’s All Wrong In Europe…

To hear Hermann Oberlehner tell it, Michael Dell has got it wrong in Europe. “We’ve looked at this very carefully,” he said, “and in Europe outside the U.K., the Dell model just won’t work.”

This statement might ordinarily be dismissed as having come from a jealous also-ran. But Oberlehner is founder and chief executive of Gericom AG, based in Austria, which has quietly become the leading vendor of personal notebook computers in Germany. Last quarter, Gericom shipped 111,000 units in Europe, beating out such heavyweights as Dell Computer Corp., Toshiba Corp., International Business Machines Corp. and Acer in Germany.

In Europe overall, Gericom is the No. 5 vendor in mobile computing, according to International Data Corp., with a 9 percent market share.

“They are a very aggressive vendor in the consumer portable market, with a very strong focus on the lower-end consumer market,” said Stefania Lorenz, senior analyst for European personal computing at IDC.

But Oberlehner said he realized in the mid-1990s there was a hole in the European mobile computing space. As manufacturers struggled to make ever-slimmer notebooks for the lucrative corporate market, consumers were being left behind.

Gericom discovered that, with modifications, cheaper Intel Corp. chips designed for desktop computers would work in notebooks. While the company had initial quality control problems and a high rate of return – some say as high as 30 percent – new heat dissipation methods were employed, and the problems were worked out.

“Where before everyone had thought ‘smaller,’” said Ranjit Awtal of Gartner Inc., “Gericom asked, ‘Just how much mobility do you need to move your computer from the kitchen to bedroom?’

“They took risks when other vendors were reluctant. By providing a cheaper, slightly heavier and less mobile PC, Gericom actually paved the way for much of the mobile growth in the European home market today.”

By about 1996, Oberlehner, looking to cut costs and frankly tired of contending with retailers, took a hard look at Dell’s U.S. mail-order business and seriously considered emulating it in Europe.

“We tried to compete using the Dell model here in Europe,” said Oberlehner, who established Gericom in Linz in 1991, “but we discovered that we just didn’t need to – in fact, that it just wouldn’t work here.”

Of course, Dell has been doing just fine in Europe, with about 10 percent of the overall PC market, trailing only Hewlett-Packard Co.

Oberlehner believes that on the Continent, the customer’s buying experience differs drastically from that in North America. In Europe, customers prefer a more intimate sales environment, and they trust that salespeople have experience with the machines they proffer. The selection process is heavily geared toward comparison shopping by cost, brand and features, especially local-language and culture-based add-ons.

This, Oberlehner said, is unlike the experience in North America and Britain. “Americans are poor computer buyers,” he said. “They don’t look at specs – they look at the brand, the size, and buy. Dell works so well because the entire American retail system is set up with enormously costly pitfalls.”

Since no one cares about the specs, the logic goes, the sales team does not need – and often does not have – much information. Customers buy the name, and when they have a problem or the machine does not do something they need it to, they can bring it back to the retailer because of the generous U.S. return policies.

Oberlehner says that while profit margins in the United States are higher than in Europe so are costs. So Oberlehner stopped looking at retailers as adversaries and began seeing them as a symbiotic necessity: Where the retailers can provide marketing access to a customer base, Gericom can get the product quickly to market. As long as Gericom is willing to move quickly and provide post-sales support and service, the model works, he says.

But to succeed, he said, you must be willing to take razor-thin margins and produce using small teams working around the clock. Gericom, which outsources much of the assembly-line production of its notebooks to the Taiwan-based assembler Uniwell and some other Asia-Pacific companies, employs fewer than 300 people in Austria.

Gericom’s home-turf advantage also means that it can, for example, ship 7,000 units overnight to the main distribution centers for leading European retailers such as MediaMarkt, Lidl, Carrefour or Dixons without breaking a sweat.

And relying on local sales support and marketing initiatives rather than trying to centralize or even regionalize means that local buyers feel that the machines cater to them – whether the band name on the box is Gericom, Gerico, a Dixon line or something else.

“We can’t possibly compete with big vendors in the corporate market,” Oberlehner said, “where you have multinational needs. But likewise, the multinationals can’t compete with us in providing local support and computers that local people need. It’s not a question of price; it’s a question of tuning the products to meet the needs of each local market.”

Gericom keeps its focus on mobility. It was the first notebook maker to introduce a GPRS-enabled notebook computer, and it followed up with partly “ruggedized” notebooks aimed at the upper portion of its lower-end market.

Into the future, Oberlehner is counting on an “enormous potential” for replacing desktop computers with laptops in Europe. It cites research that says that fewer than 60 percent of German households own a computer, for example, and of those, only 15 percent have a laptop.