Google has upgraded with a geolocation API its Gears browser plug-in, which is designed to let users work with Web-based applications when they aren't online.

The new API will let developers create applications that can obtain information from Gears about end users' geographic location, Google said Friday.

[ Keep up with app dev issues and trends with InfoWorld's Fatal Exception and Strategic Developer blogs. ]

To protect people's privacy, the Gears Geolocation API triggers an alert asking users if they wish to grant the application their location information.

Currently, the API allows mobile devices to obtain the location data from nearby cellular towers or on-board GPS systems, and later it will be able to detect Wi-Fi connection coordinates on both desktop PCs and mobile devices. For now, only some Windows Mobile devices that can do GPS or cellular tower identification are supported, but Google expects to bring more mobile platforms into the API's fold.

Knowing where a user is located opens the door to entirely new types of applications and allows developers to build additional functionality in existing Web applications.

The geolocation API is one of several enhancements in version 0.4 of Gears, a product Google released in May of last year to tackle the problem of offline access for Web applications.

While online applications have become increasingly popular as IT and business managers give more consideration to SaaS (software as a service) products, a big drawback has been the loss of functionality when users don't have an Internet connection.

Different options are available, but Google hasn't been particularly quick at adapting its Web services and software to Gears, making it available so far only for its RSS feed manager Reader and its Docs applications.

Zoho, a competitor to the Google Apps collaboration and communication hosted suite, also uses Gears for offline access in its suite, while Yahoo's Zimbra has its own technology called Desktop.

Other enhancements in Gears 0.4 include a Blob API for referencing arbitrary binary data, an extension of the desktop API, and localization of Gears dialogs in 40 languages.

Google also announced the AJAX API property that lets Web applications estimate users' locations using their IP address.

This story was updated on Aug. 22, 2008.

Congratulations, you won the lottery in a country whose name you can't even pronounce! A wealthy oil executive in a far-off land wants to give you millions of dollars, right now! Sexy girls want to meet you!

Now let's be honest. If someone came to your door and told you any of those things, you'd tell him to get lost. So why do people still fall for this stuff when it's in their e-mail, as if a poorly written message made a weird-sounding pitch any more legitimate?

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog. ]

The saddest part is, the only reason annoying e-mail keeps filing your inbox is because it works. No matter the number of reports detailing e-mail hoaxes gone bad and tales of spammers taking people for all they're worth, people just keep on clicking.

Why? It's the law of percentages. The response rate for snail-mail spam is between 0.5 and 1 percent. That might not sound like a lot, but if you apply it to e-mail, it means a spammer can send 1 million messages -- without the cost of paper and postage -- and 5,000 to 10,000 people will answer. In fact, a study out this month indicates that nearly 30 percent of Internet users confessed to purchasing something from spam e-mail.

In 100 years, the spam boxes on our brain-implant chips will be maxed out, and we'll still be asking: Who's clicking on this stuff?

Here's PC World's list, in no particular order, of the top e-mail hoaxes that have come through inboxes and fooled millions.

Raise Bonsai Kittens in BottlesIt's amazing how many people were willing to believe this e-mail about a breeder in New York who raised kittens in bottles. Perhaps it's the horrible detail that outraged the recipients so much: The small animals are given a muscle relaxant to pacify them and to allow the breeder to get them in the bottle. They're fed through straws. Their skeletons take on the shape of the bottle. "Latest trends In New York, China, Indonesia and New Zealand." A bizarre case of animal cruelty? A sick joke?

Actually, it started as a fake Web site, Bonsai Kitten, the product of MIT students. The idea was so outrageous, it spread like wildfire via e-mail. Plenty of people fell for it, many begging animal-welfare organizations to help the small furry creatures. Even the FBI investigated. Perhaps it could happen -- after all, you can miniaturize a tree by pruning it and shaping it. But cats? Last time we checked, it's more or less impossible (not to mention probably illegal) to stop an animal from growing simply by keeping it in a small container.

Sign a Petition to Ban Dihydrogen MonoxideE-mail alerts outlining the dangers of dihydrogen monoxide swept the Internet in the late 1990s and still pop up today. Many ask that you sign and forward a petition to ban the chemical, which contributes to global warming, is a major ingredient in acid rain, causes metals to rust more quickly, and has been found in cancerous tumors. The chemical also contributes to the greenhouse effect and to erosion of our natural landscapes. It's even in food. Sounds pretty dangerous. You're ready to sign right now, aren't you?

Well, let us tell you one more thing about dihydrogen monoxide: It's more commonly known as water. You know, the substance that every single living being relies on to survive? The origins of this item are multifold, from flyers circulated at the University of California at Santa Cruz in 1989 (so 20th century!) to a junior high school student who surveyed 50 classmates in 1997 and got 43 of them to sign his petition to ban the chemical. He then won a prize at his science fair for his project, called "How Gullible Are We?" Several Web pages touting the chemical's dangers are still live. Don't feel too bad if you've ever fallen victim to this hoax; even a government official in New Zealand took the bait last year.

Extreme Technophobia: Pop Popcorn With Cell PhonesWith all the talk of cell phone dangers, the idea of radiation from them being powerful enough to pop popcorn doesn't seem that far-fetched, at least on the surface. Why, just this summer the Pittsburgh Cancer Institute advised its employees to limit exposure to electromagnetic radiation from cell phones. So why wouldn't you believe the swarm of e-mail telling you to look at the incredible video of friends popping kernels of corn with their mobile phones?

The group allegedly did it by placing the kernels inside a ring of cell phones that then rang at the same time. The result: The kernels popped wildly as the cell phone owners shrieked in delight. It must be true -- it was on the Internet, and the video was fun to watch. The event set off a wave of imitators attempting to film themselves re-creating it or trying to disprove it. The best of these, in our opinion, was the video where the people replaced their cell phones with Barack Obama dolls and the popcorn popped anyhow. Watch out, Senator McCain!

Unfortunately, as you might expect, it was all fake. A company called Cardo Systems made the video to promote its cell phone headsets. Abraham Glezerman, Cardo's CEO, told CNN that the phones were real and the popping popcorn was real, but the video was a composite, with the footage of the popcorn heated over a kitchen stove digitally dropped into the video of the folks with their phones. Dang. Guess the e-mail about cell phones that can cook eggs isn't accurate either.

Bill Gates Wants to Give You MoneyThis summer an editor at PC World received a note from a relative asking if the e-mail she had received that told her Bill Gates wanted to send her $1,000 was real. Uh, no...

Although Gates is being very generous with his fortune now that he has retired from day-to-day work with Microsoft, you can get some of it only by applying to the Bill and Melinda Gates Foundation. But long before the foundation was created, back in the early days of the Internet, e-mail discussing Gates's or Microsoft's willingness to fork over free cash was widely circulated -- and clearly, it's still forwarded today. Snopes.com has a list of the urban legends circulating most widely and, despite the fact that Gates and Microsoft have been the subject of phony e-mail alerts and hoaxes since the 1990s, they are still in the top 25 this month.

One version says that Microsoft wants to make sure Internet Explorer remains the dominant browser (which we're sure is true). All you need to do to help out and get money from Microsoft is to forward an e-mail to your friends. Microsoft will track the e-mail for two weeks, and you get paid for every person who receives the e-mail through you. Among the attractive details is a list of differing amounts that will come to you depending on how many referrals you make -- one version of the scam says the sender received a check for $24,800 from Microsoft. Not chump change!

Hold on a second. First, if tracking an e-mail like that were even possible, the Electronic Frontier Foundation would be all over that faster than you can say "invasion of privacy." Oh, and did we mention that the technology to do such a thing probably doesn't exist? Of course, since you read PC World, you know that already. But if Microsoft ever really wanted to pay us just for forwarding an e-mail, we're game.

Launch a Nuclear Strike From Your PCIn 2002, Symantec supposedly issued an advisory about certain e-mail messages flying around the country about an "important virus to look out for." The anti-virus software maker, which does issue warnings on real viruses, allegedly instructed Internet users not to open any e-mail with the subject line "LAUNCH NUCLEAR STRIKE NOW." If you did open that e-mail, you would inadvertently end up sending nuclear warheads winging their way toward the former Soviet Union. That's right, you could start your very own nuclear war while in your slippers and bathrobe.

The deal was that opening the e-mail would download a virus that would tell your PC to access NORAD computers in Colorado and instruct them to launch a full-scale attack on Russia and former U.S.S.R. states. OK, maybe Secretary of State Condoleezza Rice is thinking that way right now over the current crisis in Georgia, but let's leave that to the professionals, shall we?

Needless to say, the virus isn't real, Symantec didn't issue such a caution, and it should be painfully obvious that this one is a hoax. If that isn't clear to you, step away from your PC and don't ever touch it again.

Hello, My Name Is Mr. Paul Agabi, a Lawyer in Nigeria--Can You Help Me?Let us guess: At one time or another, you've received an e-mail from an earnest resident of Nigeria that starts with a hello and an introduction to the sender. The e-mail then suggests that your help is needed to claim an abandoned sum of money in a foreign account, or something similar. The message typically promises that you will receive a large amount of money if you simply send a smaller amount of money now.

You didn't fall for it, did you? These convincing missives, which may or may not be from Nigeria, are known as 419 scams (named after a section of the Nigerian criminal code that deals with fraud). Wikipedia says most of them are advance-fee frauds or confidence tricks. Not only will you not get rich, but you'll also have a very hard time getting back any money you wire the sender up front. We're sorry to report that these types of scams, which are based on versions dating back to the early 1900s, are still popular -- variants purporting to be from Russia, Spain, Nigeria, and many other countries still pour in to e-mail accounts around the world.

As a U.S. Postal Inspector once told us when we talked to him about U.S. mail fraud, "If it sounds too good to be true, it probably is."

'Video: Watch Angelina Jolie's Lips Explode!'Here at PC World, we've warned and warned readers, but still people click on dangerous and fake attachments that purport to be interesting photos or videos but actually turn out to be damaging viruses or Trojan horses. An early star of such e-mail scams was Madonna. Paris Hilton certainly had her day, as did Lindsay Lohan. Poor Britney Spears is still holding strong in this category. But we have to say that in 2008, the uncontested star of creepy download offers appears to be Angelina Jolie.

Just today in our spam-overflow folders, we found the above-mentioned subject line discussing Ms. Jolie's lips, as well as "Britney Spears and Brad Pitt Naked Video" (does Angelina know?), "Jolly Jolie Sex Scene," and -- with extra points for having both ladies in the same e-mail -- "Angelina Jolie and Britney Spears lesbian sex tape."

Speaking of jollies, you'll get a lot more than that after nasty viruses trash your PC. (You know deep in your heart, don't you, that the invitation to click on racy photos/videos just opens nasty executable files for malware?) You won't be so jolly when you get the bill to rehab your computer.

Work VirusThough an obvious joke, the Work Virus hoax reported last year by anti-virus company Symantec will likely bring a smile to any cube dweller's face. An excerpt from the e-mail tells the story: "There is a new virus going around called 'work.' If you receive any sort of 'work' at all, whether via e-mail, Internet, or simply handed to you by a colleague...DO NOT OPEN IT. This has been circulating around our building for months, and those who have been tempted to open 'work' or even look at 'work' have found that their social life is deleted and their brain ceases to function properly."

Pure genius. We'll have to send this one to our boss.

How to Spot a Hoax E-MailSeveral resources can tell you whether an e-mail claim you're interested in is a hoax. One is Hoax-Busters.org, which describes itself as the Big List of Internet Hoaxes; another is Snopes.com, which specializes in urban legends and hoaxes, and a third is Hoax-Slayer.com. Check out any of these sites before you forward that next petition, chain letter, or crazy photo.

Hoax-Busters also has a list of the "5 Telltale Signs of an Internet Hoax" that might useful.

PC World is an InfoWorld affiliate.

Dell posted the biggest gains in worldwide server revenue in the second quarter, helping it to nudge Sun Microsystems out of third place, Gartner said Thursday.

IBM retained the top spot but had slower revenue growth than Dell, while Hewlett-Packard stayed in second place with hardly any growth at all, according to Gartner's estimates .

[ Keep up with Windows Server and related developments in InfoWorld's Enterprise Windows blog. ]

Dell's server revenue climbed an impressive 15 percent from the second quarter last year, compared with 11.5 percent growth for IBM and 2.9 percent growth for HP, Gartner said. Sun's revenue declined 6.8 percent while Fujitsu/Fujitsu Siemens stayed flat.

Dell made the most of an upswing in x86 server replacements during the quarter, which was the biggest driver for the market as a whole, according to Gartner. Sales were also lifted by data center build outs and growth in emerging markets.

Server revenue overall grew 5.7 percent from the second quarter last year, to $13.8 billion, which Gartner called a solid performance given the economic woes in the U.S. and elsewhere.

The results looked different in terms of server units shipped. HP led by that measure with about 30 percent of the market, down slightly from last year. Dell came second with 22.3 percent and IBM was third with 13.2 percent, Gartner said.

IBM's Unix servers sell in relatively small volumes but at higher prices than x86 systems, which explains why it came first in revenue but third in shipments. Sun and Fujitsu took fourth and fifth place, growing server unit shipments 1.6 percent and 3.3 percent, respectively.

Unit shipments of servers based on Intel's Itanium processor fell 7.9 percent, although revenue climbed 9.4 percent, meaning higher-end systems are driving the sales of Itanium servers, Gartner said.

Overall the vendors sold 2.3 million servers during the quarter, up 12 percent from the same period in 2006.

A Brazilian man has been charged for trying to rent out a botnet that would be used to send spam, U.S. authorities said Thursday.

Leni de Abreu Neto, 35, of Taubate, Brazil, was charged with one count of conspiracy to cause damage to computers worldwide after being indicted by a federal grand jury in the U.S. District Court for the Eastern District of Louisiana.

[ Read the related story Dutch police, FBI rein in large botnet and learn how to secure your systems with Roger Grimes' Security Adviser blog. ]

Neto was arrested in the Netherlands on July 29 by the Dutch High-Tech Crime Unit, with assistance from the U.S. Federal Bureau of Investigation. The U.S. is seeking his extradition.

Neto was arrested along with a 19-year-old Dutch man, Nordin Nasiri, and Nasiri's 16-year-old brother. Nordin Nasiri, of Sneek, Netherlands, had built a network of some 100,000 hacked computers.

Such networks, known as botnets, are valuable for cybercriminals, who can route their hacking through the compromised computers, making it difficult for investigators to follow. The controlled PCs are used to send spam or perform other malicious actions such as a denial-of-service attack, which can cripple a Web site.

Between May and June, Neto agreed with Nasiri to act as a mediator to rent out the botnet to another party for ¬25,000 ($37,290), according to the indictment. Neto expected the third party to use the botnet to send spam.

The botnet, called "Shadow" by Nasiri, was spread entirely through social engineering. The malicious code was distributed on Microsoft's Windows Live Messenger instant messaging network.

Once on a PC, the malicious code would send instant messages to people on the victim's contact list. The messages contained a link to what appeared to be a harmless file but could actually gave Nasiri control over the PC.

If convicted Neto faces up to five years in prison plus three years of probation. He could also be fined as much as $250,000 or more depending on the losses from victims or his own profits from the scheme.

Nasiri will be prosecuted by Dutch authorities.

Solid-state drives are fast becoming popular replacements for hard drives, especially in laptops, but experts caution that SSDs aren't as secure as commonly thought.

SSDs may offer better data security than traditional hard drives, but they do not completely erase data and are vulnerable to physical hacks from light sources like an ultraviolet laser, experts say.

[ Get the latest on storage developments with InfoWorld's Storage Adviser blog and Storage Report newsletter. ]

Despite their relatively high cost and concerns about durability, SSDs are gaining popularity, particularly for use in laptops, because they consume less power and access data more quickly. Securing data on SSDs could become a larger issue when the technology becomes more widely used and reaches other portable devices like smart phones, experts said.

Many SSDs use industry-standard NAND flash chips that were designed for cameras and MP3 players, so they have no physical security hooks that prevent them from being removed from enclosures, said Jim Handy, director of Objective Analysis, a semiconductor research and consulting firm. A hacker could easily unsolder NAND chips from an SSD and read the data using a flash chip programmer.

Once the data is read, the files could be reassembled using data recovery software, Handy said. "There's really nothing sophisticated about this process," he said.

Another physical hack involves using an ultraviolet laser to wipe out lock bits -- or encryption locks -- from fuses on chips that secure SSDs, said a chip hacker who prefers to be called Bunnie and runs the blog site bunnie studios. Data arrays from SSDs can be read using standard means after the lock bits are wiped.

"No fancy equipment is required to read the [data] array once it is unlocked," Bunnie said. For example, the data arrays can be read using conventional ROM readers, devices typically meant to burn and verify unsecured ROM devices.

To lessen chances of hackers stealing data, encryption keys could be integrated inside the SSD controller device to handle disk encryption at the hardware level, said Craig Rawlings, marketing director at Kilopass. Kilopass sells products using XPM (extra permanent memory) technology that stores keys in system-on-chip devices.

Encryption keys can be hacked, but experts agreed that encryption is the necessary first step to secure data on SSDs. Many companies, including Safend and Encryptx, have products that encrypt data on storage devices including SSDs.

Encryption adds another barrier so that hackers have to bypass encryption layers, the controller and then reassemble raw data for a successful hack, said Sean Barry, senior data recovery engineer at Kroll Ontrack. This takes time, during which data may become invalid or useless.

Encryption also makes files on SSDs a lot easier to erase. Like hard drives, SSDs create multiple file copies, but encryption software can help erase secured files, said Kyle Wiens, CEO of iFixIt.

"Every time you write data it might write ... to a different part of the disk and then change the directory table around. So it forgets where the data was written before," Wiens said. Users may delete one file, but a replica could remain untouched in another sector.

The wear-levelling feature of SSDs -- based on an algorithm that erases and writes data evenly across all the cells on a memory chip to prevent some from wearing out faster than others -- makes files harder to completely erase, Wiens said.

Some encryption software monitors the wear-levelling process to track file remnants, which can then be deleted using the secure erase command, said Knut Grimsrud, an Intel Fellow. Secure erase is a command for secure file deletion that needs to be supported by the encryption software.

"If all the software does is write over the top of the LBAs, I don't think it'll be as [effective] on an SSD as it may have missed remnants from the previous wear-levelling or something like that because the software doesn't know about that," Grimsrud said. LBA (logical block addressing) specifies the location of data blocks on storage devices.

Overall, it's easier to delete data from SSDs than from hard drives, which can be a good or bad. Data is stored on electrons in SSDs, and getting rid of electrons flushes out the data, Kroll Ontrack's Barry said. In hard drives, the data has to be overwritten or physically damaged to prevent it from being read.

The data flush could have its own advantage in terms of quickness, but in the wrong hands data on SSDs could be carelessly and easily lost, Barry said.

Debate is reaching a fever pitch over a new security feature in Firefox 3.0 that throws out a warning page to users when a Web site's SSL certificate is expired or has not been issued by a trusted third party.

Critics say that Firefox 3.0 is putting undue fear and confusion into everyday Web surfers, makes it difficult to set exceptions for certain Web sites, and is forcing Web site operators to do business with specific vendors of SSL certificates or risk the appearance that their Web sites are broken.

[ See the slideshow: Must-have Firefox add-ons. ]

Browsers require SSL certificates to initiate encrypted communications and to validate the authenticity of a site.The Mozilla.com Web site, where Firefox 3.0 can be freely downloaded, defends the new feature, saying SSL certificates not issued by a validated certificate authority -- so-called self-signed certificates (SSC) -- don't provide even basic validation; and expired certificates should not be viewed as "harmless" because they open avenues for hackers.

Mozilla officials say the new feature helps curb electronic eavesdropping or so-called "man in the middle" attacks.

The certificate issue is cropping up on such major sites as the U.S. Army's, which uses certificates issued by the Department of Defense. In the Army's case, Firefox does not recognize the DOD as an authorized certificate provider. Firefox, therefore, rejects the Army site's certificate and defaults to a Web page showing a traffic-cop icon and proclaiming "secure connection failed" and that the site's certificate can not be trusted.

The problem also has surfaced with expired SSL certificates on such sites as Google Checkout and LinkedIn. The issue also could crop up on intranet sites that use SSCs and force IT administrators to configure exceptions within the browser or other workarounds.

Some are saying that Firefox 3.0 is out of line.

The Pingdom.com blog this week took Mozilla to task, saying the issue could affect tens of thousands of sites. "People most in need of a clear and explicit warning regarding SSL certificates are inexperienced users, and those are not very likely to understand the error message that Firefox 3 is displaying. A large portion will simply be scared away, thinking that the Web site is broken," according to the blog.

Developer Nat Tuck called the Firefox feature bad for the Web in a blog post he wrote July 31: "Mozilla Firefox 3 limits usable encrypted (SSL) Web sites to those who are willing to pay money to one of their approved digital-certificate vendors. This policy is bad for the Web."

Tuck concedes that the SSCs provide no value for authenticating a Web site, but he says Firefox is ignoring the encryption capabilities of SSL certificates, which thwart snooping on Web traffic.He even goes so far as to suggest perhaps open source advocates should create a derivative of the open source Firefox code that includes full SSL functions.

Mozilla.com officials says SSCs have been treated as "disconcerting" for some time by the open source browser and what changed in Firefox 3.0 is an attempt to make users understand the potential consequences of accepting such certificates.

The officials directed inquires on the certificate topic to a blog penned by Mozilla developer Jonathan Nightingale, who wrote that one reason for the changes is that man-in-the-middle attacks "used to be the stuff of scary security fiction, but now they are point-and-click." Some of these attacks were highlighted at the recent Black Hat conference.

Home cable and DSL routers, and Wi-Fi access points can be compromised easily by hackers, who can reconfigure the boxes and route traffic anywhere they want, Nightingale wrote. "The only thing that will tell you whether the sites you are visiting are real is the existence of a trusted certificate, which only the legitimate site can have," he added.

Nightingale wrote that SSCs are not evil, but the question is can they be trusted? "So we ask the user," he wrote. He also pointed out that users can create exceptions, in essence telling the browser to trust specific site certificates.

Nightingale did admit the SSL feature isn't above questioning. "I don't think the approach in Firefox 3 is perfect, I'm not sure any of us do," he wrote. And he invited input and solicited help making browsing safer: "It sure would be nice if we didn't start from the assumption that changes are motivated by greed, malice, or stupidity."

Amazon's Web Services operation Thursday launched a persistent storage service for its  Elastic Cloud Compute (EC2) cloud computing service.

The new Amazon Elastic Block Store (EBS) allows users to create storage volumes attached to Amazon EC2 instances as a raw block storage device and backed up with a snapshot to the Amazon Simple Storage Service (S3), Amazon said.

[ For more news on developments in cloud computing,  see InfoWorld's special report. ]

Before ESB, storage within an instance of EC2 was tied to EC2 itself. Therefore, when an instance was terminated, the data within it was lost. Now users can choose to allocate storage volumes that persist independently from EC2.

"It basically looks like an unformatted hard disk," wrote Amazon CTO Werner Vogels in a blog post . "Once you have the volume mounted for the first time you can format it with any file system you want or if you have advanced applications such as high-end database engines, you could use it directly."

As Amazon EC2 instances are started and stopped, the information saved in the database or application is preserved in much the same way it is using traditional physical servers, according to the company.

Developers, Vogels added, can create multiple volumes of storage ranging from 1 GB to 1TB. He added that Amazon EBS isn't just a massive volume storage array, but that it allows companies to create snapshots and store those in Amazon S3.

"We see developers using this feature for long term backup purposes, for use in rollback strategies, for (world-wide) volume re-creation purposes," Vogels added. "Snapshots also play an important role in building fault-tolerance scenarios when combined with managing applications using Elastic IP addresses and availability zones."

Nik Cubrilovic, a blogger for TechCrunchIT, noted that persistent block-level storage for EC2 is long overdue .

"One of the criticisms of EC2 when it first launched was the inability to run a fast data store across snapshots, which made running databases or other data-intensive applications slightly more complicated," he noted. "The difference between EBS and S3 is that EBS allows block-level access, so that it can be mounted just like any other local storage device from within EC2 and can be accessed across servers and between instances."

EBS will provide higher performance comparable to high-grade local storage in terms of access times and availability, he added.

Om Malik , a blogger at GigaOm, added that Amazon is " turning up the heat on everyone from storage area network vendors, server companies and of course data center operators" with the announcement of ESB.

"With EBS, new storage can be essentially created on the fly, attached to the EC2 instances, and make the cloud services behave more like the traditional machines people are used to," Malik added. "Think about it this way - Amazon has taken one more step (a big one) toward turning servers into a service, a prospect that should keep the chiefs of big server makers awake at night."

A tech trade group and a handful of news organizations have asked a U.S. court to lift its order to seal documents in the pending antitrust lawsuit brought against Intel by Advanced Micro Devices, saying the gag order has "unnecessarily and unjustly" withheld information from the public.

The Computer and Communications Industry Association (CCIA), along with five news organizations including The New York Times and The Washington Post, filed a motion Thursday in U.S. District Court for the District of Delaware, asking the court to unseal several records related to the case. The groups also asked for a new judge to rule on their request.

[ Stay ahead of advances in hardware technology with InfoWorld's Ahead of the Curve blog and newsletter. ]

AMD filed the antitrust lawsuit against Intel in June 2005, and in mid-2006, the two companies negotiated a court-approved agreement that closed some transcripts of hearings and teleconferences, as well as some court filings, to the public. AMD alleges in the lawsuit that Intel has used its dominant market share in the x86 microprocessor market to intimidate and discourage computer makers and retailers from buying AMD chips.

In the case, AMD has issued subpoenas for documents from dozens of companies, including computer makers Hewlett-Packard and Dell and retailer Best Buy. Some of the companies subpoenaed refused to share the documents, saying disclosure would expose trade secrets. In response, AMD and Intel negotiated a protective order that was approved by Judge Joseph Farnan Jr.

But the protective order was overly broad, CCIA and the news organizations argued in Thursday's filing. "Protective orders, which govern the exchange of information outside of a public docket are obtained pursuant to a 'good cause' standards," wrote David Finger, a lawyer for CCIA. "When such information is filed with a court, however, it becomes part of a public document subject to the right of public access, absent showing a compelling justification and a clearly defined and serious injury."

Some information that's been protected describe events that "took place so long ago that there is no likely reason their disclosure would cause competitive disadvantage," Finger wrote. In some cases, redacted information appears to be employee lists, he wrote.

"Litigants may not seal information merely because public disclosure will be embarrassing or will otherwise reflect poorly on them," Finger added.

An AMD spokesman said the company is aware of the filing. "AMD does not oppose the motion," said Michael Silverman, the spokesman.

AMD has told reporters they'd have to file a motion with the court to get information beyond the redacted documents the company has supplied them, Silverman said.

Intel, however, would have concerns about lifting the protective order, said spokesman Chuck Mulloy. The groups wanting the protective order to be lifted have "no right of access" to those documents, Intel lawyer Richard Horwitz wrote to Finger earlier this month. The documents in question were related to a discovery dispute, and those materials are not public records, Horwitz wrote.

Intel is open to discussions about what documents are closed, but the company is not ready to agree to open all documents in the case, Mulloy added. Several companies have been subpoenaed, and several participated in negotiations to decide which documents should be closed, he said.

"It's not a simple issue," he said. "There are scores of OEMs [original equipment manufacturers] that have skin in the game."

The U.S. Federal Trade Commission is investigating Intel's business tactics, and South Korea and Japan have ruled that Intel has violated antitrust law. The European Union is also investigating Intel, and a ruling there is expected soon.

"We trust the court can find a way to protect the companies' trade secrets, without blocking all information on the allegations in this case," Ed Black, CCIA's president and CEO, said in a statement. "We'd also hope that in reviewing our motion the court decides that providing trade secret protection to evidence related to illegal business practices and behavior would be adverse to the public interest."

CCIA has long advocated against anticompetitive behavior in the tech industry.

Windows Vista users jumped at Microsoft Corp.'s troubled operating system's first service pack, but people running Windows XP haven't been in much of a hurry to install its newest service pack update, a Windows performance and metrics researcher said today.

According to Devil Mountain Software Inc., by the end of July, 86 percent of the machines in its community-based exo.performance.network (Xpnet) running Vista had been upgraded to Service Pack 1 (SP1).

[ Get the analysis and insights that only Randall C. Kennedy can provide on PC tech in InfoWorld's Enterprise Desktop blog. And download our free Windows performance-monitoring tool. ]

That was a 17-point increase over the 69 percent who reported running Vista SP1 at the end of April, six weeks after Microsoft released the major update.

"There was pent-up demand for Vista SP1," said Craig Barth, chief technology officer at Devil Mountain. "If users are frustrated with a platform, they're going to be more likely to go out and snag any update that purports to fix the problems."

Meanwhile, Windows XP users have apparently felt less pressure to download and install that aged operating system's Service Pack 3 (SP3), which was released in early May.

The service-pack uptake difference between Vista and XP has been dramatic. Where more than two-thirds of the network's Vista users had grabbed SP1 within six weeks, fewer than half -- just 47 percent -- of XP users had updated to SP3 by the end of July, more than 12 weeks after Microsoft first posted it for download.

"Windows XP users were generally happy with Service Pack 2," Barth said. "There was not a huge clamor for [Windows XP] SP3 like there was for Vista SP1, and that shows in the results. It's pretty clear that a lot of XP users are very content with SP2."

The well-publicized troubles that some users had with XP SP3 -- including endless reboots after installing the service pack on PCs equipped with processors made by Advanced Micro Devices Inc. (AMD) -- may have had some impact on its uptake, Barth acknowledged.

But Microsoft's own emphasis may also have played a part. "Microsoft didn't promote XP SP3," he said. "They heavily promoted Vista SP1, and went out of their way to put a good foot forward for it. But they barely mentioned XP SP3."

Devil Mountain's Xpnet collects data from more than 3,000 PCs, 70 percent of which run Windows XP, Barth said. Users can join the network by downloading and installing a small utility, DMS Clarity Tracker Agent, from Devil Mountain's site.

Comcast has made no final decisions on how to manage network congestion, despite news reports Wednesday that it will slow traffic for heavy users for up to 20 minutes during times of peak network use.

Comcast has been looking into new network management practices after the furor caused by an Associated Press report last October that said the cable modem service provider was quietly slowing BitTorrent P-to-P (peer-to-peer) traffic as a tool to fight network congestion.

[ Learn more about this issue in the related stories "FCC moves toward prohibiting Comcast traffic management" and "Comcast welcomes FCC inquiry into traffic management." ]

Net neutrality advocates called on the U.S. Federal Communications Commission to take action against Comcast, and early this month, the FCC voted 3-2 to prohibit broadband providers from blocking or slowing specific applications on its network.

Comcast has been conducting tests on new network management techniques since the end of May, said Charlie Douglas, a Comcast spokesman. Among the leading options is to slow all Web traffic from heavy users for up to 20 minutes during times of heavy network traffic.

When the congestion is resolved in under 20 minutes, the heavy users' traffic would be slowed for shorter times, sometimes for only a minute or two, he said. Heavy users' traffic would still move over the Internet, but it would "become de-prioritized" during times of congestion, Douglas said.

This approach would be "protocol agnostic," Douglas added. By not blocking specific applications, Comcast likely would comply with the FCC's Aug. 1 vote.

Asked why Comcast doesn't slow all users' traffic during times of congestion, Douglas said it's not fair to subscribers who aren't clogging up the pipes. "It's the heaviest of users that are directly contributing to the degradation of the service for the other people on the network," he said.

Representatives of Free Press and Public Knowledge, two digital rights advocacy groups that filed a complaint against Comcast for slowing P-to-P traffic, expressed reservations about Comcast's apparent new direction.

"It's an interesting reflection on the claim that there is a free market for broadband," said Art Brodsky, a spokesman for Public Knowledge. "If there was competition, could you slow down your best customers?"

Comcast was "dishonest" in the past about its network management practices, added Ben Scott, Free Press policy director. The broadband provider originally denied it was degrading BitTorrent streams.

"We have to be skeptical and vigilant," Scott said. "The FCC has required them to disclose all the details -- so we look forward to seeing that before we can fully evaluate. Any move that doesn't involve blocking consumers' access to the Internet is a positive step -- but we won't know for sure about this particular practice until we see the details."

On Wednesday, the FCC released the full text of its Aug. 1 order prohibiting Comcast from blocking legal Web applications. Public Knowledge and Free Press praised the order, with Scott calling it "a major milestone in Internet policy."