As Google and Microsoft battle for the hearts and minds of Internet users, a new question has cropped up: Which one can better save planet Earth?
Being portals and search engines, the companies are likely among the worst energy users because of the cooling and energy their data centers need to operate. When asked, company representatives did not say what, if anything, the data centers are doing to improve efficiency and reduce energy.
No doubt, Google and Microsoft, two of the top Internet sites in the world, use massive amounts of electricity to power and cool their data centers. But outside of the electricity that makes the businesses run, they are among the leading adopters of so-called green policies in corporate America.
Subsidies for buying Priuses? Check. Solar panels? Check. Hormone-free chicken in the corporate cafeteria? Check. Between them, they're doing a variety of things to try to make the Sierra Club, organic farmers and Al Gore proud.
"Any organization that looks at a way to become more efficient and reduce its energy consumption and emissions and makes facilities more human friendly and less toxic and more resource-conscious from the standpoint of sustainability is taking positive steps toward living in the environment in a more compatible way," said Stan Van Velsor, global warming program coordinator for environmental group Sierra Club's Loma Prieta Chapter office in Palo Alto, Calif.
So who is the greenest of them all? While it's nearly impossible to make a judgment, both tech titans seem to have made Earth-friendly policies a priority.
Microsoft's credentialsMicrosoft made a big splash when it installed more than 2,000 solar panels across more than 30,000 square feet on top of its Mountain View, Calif., campus on Earth Day in April. The panels, believed to be part of the largest solar power system in Silicon Valley, generate 480 kilowatts of power at peak capacity--enough energy to power 500 homes--and provide about 15 percent of the campus's total energy, said George Koshy, facilities manager. For the rainy Seattle area, where the company's headquarters is located, solar is not a feasible alternative, he said.
Installing solar power is an "excellent way" to help reduce the demand for electricity and thus curb greenhouse gas emissions created by the generation of that electricity, Van Velsor said.
Microsoft also has agreed to promote carbon-dioxide emission reduction among individual employees as part of the Cool It campaign, which helps people calculate their lifestyle's carbon dioxide emissions, Van Velsor said.
In addition, Cascade Investment, a venture firm funded by Microsoft Chairman Bill Gates, has invested $84 million in Pacific Ethanol, which manufactures a corn-derived ethanol that can be mixed with gas to power cars.
One of the most important things any company can do to promote earth-friendly practices is to get employees out of their cars, Van Velsor noted. Microsoft provides free mass-transit passes for its 35,000 employees in the Seattle area, subsidizes transit for its roughly 1,500 Silicon Valley employees, and offers free shuttles between train stations and offices, a Microsoft representative said. Employees get a discount when buying gas-electric hybrid cars, and Microsoft uses hybrid Toyota Priuses as shuttles on the main campus.
In 2005, Microsoft was recognized as one of the top five best workplaces for commuters by the U.S. Environmental Protection Agency, said Joan Krajewski, chief environmental counsel for the company. More than 11,000 workers commute to the Redmond, Wash., main campus via some "green" method such as mass transit, bike or car pool.
Microsoft's Silicon Valley campus, built in 1999, features dimmable and motion sensor-based lighting, carpets and doors that are made from recycled material (which can be recycled again), and drought-resistant landscaping, said site leader John Matheny.
An advanced irrigation management system on Microsoft's campuses replenishes the water when it detects weather changes, reducing the annual water usage by 11 million gallons, Krajewski said. The copiers and printers use paper that contains at least one-third recycled content, and the Redmond campus alone recycles 129 tons of material a month, she said.
Microsoft has a silver certification level for the U.S. Green Building Council's LEED program for environmental design. Microsoft also works with the Carbon Disclosure Project to track kilowatts of usage.
Monday, July 9, 2007
Google searches more sites more quickly, delivering the most relevant results.
Introduction
Google runs on a unique combination of advanced hardware and software. The speed you experience can be attributed in part to the efficiency of our search algorithm and partly to the thousands of low cost PC's we've networked together to create a superfast search engine.
The heart of our software is PageRank™, a system for ranking web pages developed by our founders Larry Page and Sergey Brin at Stanford University. And while we have dozens of engineers working to improve every aspect of Google on a daily basis, PageRank continues to play a central role in many of our web search tools.
PageRank Explained
PageRank relies on the uniquely democratic nature of the web by using its vast link structure as an indicator of an individual page's value. In essence, Google interprets a link from page A to page B as a vote, by page A, for page B. But, Google looks at considerably more than the sheer volume of votes, or links a page receives; for example, it also analyzes the page that casts the vote. Votes cast by pages that are themselves "important" weigh more heavily and help to make other pages "important." Using these and other factors, Google provides its views on pages' relative importance.
Of course, important pages mean nothing to you if they don't match your query. So, Google combines PageRank with sophisticated text-matching techniques to find pages that are both important and relevant to your search. Google goes far beyond the number of times a term appears on a page and examines dozens of aspects of the page's content (and the content of the pages linking to it) to determine if it's a good match for your query. Integrity
Google's complex automated methods make human tampering with our search results extremely difficult. And though we may run relevant ads above and next to our results, Google does not sell placement within the results themselves (i.e., no one can buy a particular or higher placement). A Google search provides an easy and effective way to find high-quality websites that contain information relevant to your search.
Google runs on a unique combination of advanced hardware and software. The speed you experience can be attributed in part to the efficiency of our search algorithm and partly to the thousands of low cost PC's we've networked together to create a superfast search engine.
The heart of our software is PageRank™, a system for ranking web pages developed by our founders Larry Page and Sergey Brin at Stanford University. And while we have dozens of engineers working to improve every aspect of Google on a daily basis, PageRank continues to play a central role in many of our web search tools.
PageRank Explained
PageRank relies on the uniquely democratic nature of the web by using its vast link structure as an indicator of an individual page's value. In essence, Google interprets a link from page A to page B as a vote, by page A, for page B. But, Google looks at considerably more than the sheer volume of votes, or links a page receives; for example, it also analyzes the page that casts the vote. Votes cast by pages that are themselves "important" weigh more heavily and help to make other pages "important." Using these and other factors, Google provides its views on pages' relative importance.
Of course, important pages mean nothing to you if they don't match your query. So, Google combines PageRank with sophisticated text-matching techniques to find pages that are both important and relevant to your search. Google goes far beyond the number of times a term appears on a page and examines dozens of aspects of the page's content (and the content of the pages linking to it) to determine if it's a good match for your query. Integrity
Google's complex automated methods make human tampering with our search results extremely difficult. And though we may run relevant ads above and next to our results, Google does not sell placement within the results themselves (i.e., no one can buy a particular or higher placement). A Google search provides an easy and effective way to find high-quality websites that contain information relevant to your search.
Is The iPhone Insecure?
With its science fiction features and high-end price tag, Apple's iPhone may be the ultimate executive toy. All the uber-gadget lacks, according to some security professionals, is executive-level security. And that, they worry, makes the iPhone a hacker's playground.
"It seems Apple is releasing a device with no thought to enterprise security," says Andrew Storms, director of operations of the computer security firm nCircle. "It's going to be entering enterprise networks whether we like it or not, and it's a nightmare for security teams."
Storms, like most everyone else anticipating the iPhone launch, admits that his worries are largely limited to speculation; Apple (nasdaq: AAPL - news - people ) did not return calls requesting information about security concerns. But given what the company has already said with regard to the super-smart phone, he and other security researchers predict a litany of shortcomings that may allow hackers to pilfer private data stored on or sent from iPhones.
The iPhone is capable of many of the same smart phone applications as business devices like Research In Motion's (nasdaq: RIMM - news - people ) BlackBerries. But unlike BlackBerries, Storms says, iPhones are unlikely to have a remote "lock and wipe" function that erases the device's data in the event that it's lost.
The phone will use an operating system and a Web browser that have already been available in some form for years, so hackers will have a head start in finding entry points to exploit even before the phone is released. And the iPhone's "closed" operating system makes it impossible to install protection software from security companies like McAfee (nyse: MFE - news - people ) or Symantec (nasdaq: SYMC - news - people ).
Paradoxically, that closed system was partly intended to make the iPhone more secure, preventing cybercriminals from writing malicious code onto the device. But Rob Enderle, a security consultant who heads the Enderle Group, thinks Apple's lockdown strategy will backfire.
"Apple’s not going to make it easy to write on this thing," he says. "But making it easy and making it impossible are two different things."
In fact, David Maynor, another security researcher with Errata Security, writes in his blog that he's already discovered a bug in the new version of Safari browser that will be used on the iPhone. He says that backdoor can be exploited to hijack the iPhone with hidden software, just as hackers have corralled millions of unwitting PCs with malware that sends spam, attacks Web sites or steals bank codes. Given that the Mac OS and the version of Safari to be used on the iPhone are already available for experimentation, Maynor guesses that he won't be the only one poking at the iPhone's weaknesses.
"The more things a device does, the more vectors an attacker can use," he says. "With the iPhone, the initial barrier to finding vulnerabilities has been overcome because the browser has already been out there."
Maynor's criticisms go on: He predicts that data sent from the iPhone, like text messages sent from most consumer-oriented cellphones, won't be encrypted to the same degree as data sent from business-level devices like RIM's Blackberry. RIM also allows businesses to lock or delete data remotely from lost devices. Like Andrew Storms, Maynor says he's "95% certain" that the iPhone won't share that remote data protection feature.
"These abilities just aren't built in to consumer phones, and that's what the iPhone was created to be," he says.
But Rob Enderle thinks those vulnerabilities won't stop business executives from putting corporate data on their iPhones. "It’s very trendy and very attractive, an obvious executive gadget," he says. "We’ve seen executives getting this sort of gadget before and then trying to put business e-mail on it. That’s a real security exposure."
According to Scott Weiss, the CEO of e-mail and Web security firm Ironport, the risk of exploits targeting iPhones depends on how much market share the phones can achieve; Cybercriminals typically point their weapons at whatever machines can be found in the greatest volume, a tendency that has largely shielded Apple products, particularly its Mac line, in the past.
But the iPhone may hold a special allure for ambitious hackers trying to gain notoriety. David Maynor, for one, is looking forward to trying out his own signature iPhone crack.
"I can’t wait for one," he says. "I’m going to be in line on June 29, cash in hand."
Google: A Hacker's Best Friend?
When Johnny Long wants information online, he turns to the same tool as most people: Google. But unlike the average Web user, Long isn't usually looking for Paris Hilton news and movie reviews. He's digging for credit card information, Social Security numbers and other private data stashed on corporate servers.
Long isn't a cyber-criminal--he just plays one in his day job, as a researcher for the information technology services company Computer Sciences (nyse: CSC - news - people ). But he is a hacker, one with a talent for innovating new ways to penetrate corporate servers, albeit for testing purposes only. He's also the author of Google Hacking for Penetration Testers, a best-selling book that shows how to use seemingly harmless Google (nasdaq: GOOG - news - people ) searches to uncover surprisingly sensitive information.
Long spoke with Forbes.com about his forthcoming book, a more general kind of "Hacking for Dummies" guide to hacking without technical knowledge, and the tricky question of whether to publicize hacking techniques that require little more than a search engine and two hands.
Forbes: What is "Google hacking"?
Long: Google hacking is really just a subset of something I call "no-tech hacking." You use un-technological methods to break technology. After 10 years of trying, I've discovered a whole pile of ways to do that. Dumpster diving (looking in office trash for security information); tailgating someone into a secured facility; pretending to be a UPS guy or a repair guy or a delivery guy ... these things work almost all the time and require very little technical knowledge.
So where does Google come in?
In the beginning, we'd use Google to case the companies we'd be trying to penetrate. But we discovered that the Google searches we were running were returning more information about the company than they might realize. Just by doing a search on a Web site, we'd find a password or usernames that would grant us access.
Google hacking grew out of that. You perform a Google search looking for sensitive information that either gives direct access to a network, or something subtle that could be used in conjunction with other finds.
What kinds of vulnerabilities in Web sites have you found through Google hacking?
We have examples where you can put in a Google query and immediately get access to part of a site that already has you logged in as an administrator. We discovered that just by searching for certain terms, you could find personal information like credit card numbers, Social Security numbers, anything an attacker would need for identify theft. On some education institution sites, we'd find entire Excel spreadsheets with students' names, Social Security numbers and even grades. But that's low-hanging fruit.
Without getting too technical, what's an example of a more subtle case, where you combine Google hacking with more advanced hacking?
For example, Google can help you find where an SQL server is vulnerable. SQL is basically the language of databases. Just by putting the right terms into a form on the Web, like a registration form on a site, you can do something called "SQL injection." Basically, your input into the form is confused with SQL code, and that can allow you to read data directly from a database, simply by typing into a Web login form.
Google allows you to find those vulnerabilities. If you type "MySQL error with query" into Google, some of the results will tell you which Web sites have had this error message, and that's the first step to an SQL injection. It's a nice way to do reconnaissance. It probes the Web very broadly without interacting directly with any target site, so it's difficult to detect.
Is Google becoming a more powerful tool for hackers?
Search engine popularity in general has been growing. But more importantly, the Web 2.0 movement means that everything is moving out to the Web. There's an absolute explosion of corporate and personal information out there.
Do you worry about the ethics of publicly discussing these tricks?
It's a huge debate in our industry. There are two camps: One camp says that when you talk about vulnerabilities you give bad guys ideas, but another camp says that you're helping good guys protect against bad guys. In the case of Google hacking, certain queries, like credit card queries, are very deadly stuff. So I've never talked about how to do a credit card query, though I've talked about the risk. It's a very fine line. I have to leave out enough information to avoid getting someone into trouble, but give the audience an idea of what's going on. So I always try to think about what it would mean to be on the other side of getting hacked, and I keep my professional clients in mind.
Long isn't a cyber-criminal--he just plays one in his day job, as a researcher for the information technology services company Computer Sciences (nyse: CSC - news - people ). But he is a hacker, one with a talent for innovating new ways to penetrate corporate servers, albeit for testing purposes only. He's also the author of Google Hacking for Penetration Testers, a best-selling book that shows how to use seemingly harmless Google (nasdaq: GOOG - news - people ) searches to uncover surprisingly sensitive information.
Long spoke with Forbes.com about his forthcoming book, a more general kind of "Hacking for Dummies" guide to hacking without technical knowledge, and the tricky question of whether to publicize hacking techniques that require little more than a search engine and two hands.
Forbes: What is "Google hacking"?
Long: Google hacking is really just a subset of something I call "no-tech hacking." You use un-technological methods to break technology. After 10 years of trying, I've discovered a whole pile of ways to do that. Dumpster diving (looking in office trash for security information); tailgating someone into a secured facility; pretending to be a UPS guy or a repair guy or a delivery guy ... these things work almost all the time and require very little technical knowledge.
So where does Google come in?
In the beginning, we'd use Google to case the companies we'd be trying to penetrate. But we discovered that the Google searches we were running were returning more information about the company than they might realize. Just by doing a search on a Web site, we'd find a password or usernames that would grant us access.
Google hacking grew out of that. You perform a Google search looking for sensitive information that either gives direct access to a network, or something subtle that could be used in conjunction with other finds.
What kinds of vulnerabilities in Web sites have you found through Google hacking?
We have examples where you can put in a Google query and immediately get access to part of a site that already has you logged in as an administrator. We discovered that just by searching for certain terms, you could find personal information like credit card numbers, Social Security numbers, anything an attacker would need for identify theft. On some education institution sites, we'd find entire Excel spreadsheets with students' names, Social Security numbers and even grades. But that's low-hanging fruit.
Without getting too technical, what's an example of a more subtle case, where you combine Google hacking with more advanced hacking?
For example, Google can help you find where an SQL server is vulnerable. SQL is basically the language of databases. Just by putting the right terms into a form on the Web, like a registration form on a site, you can do something called "SQL injection." Basically, your input into the form is confused with SQL code, and that can allow you to read data directly from a database, simply by typing into a Web login form.
Google allows you to find those vulnerabilities. If you type "MySQL error with query" into Google, some of the results will tell you which Web sites have had this error message, and that's the first step to an SQL injection. It's a nice way to do reconnaissance. It probes the Web very broadly without interacting directly with any target site, so it's difficult to detect.
Is Google becoming a more powerful tool for hackers?
Search engine popularity in general has been growing. But more importantly, the Web 2.0 movement means that everything is moving out to the Web. There's an absolute explosion of corporate and personal information out there.
Do you worry about the ethics of publicly discussing these tricks?
It's a huge debate in our industry. There are two camps: One camp says that when you talk about vulnerabilities you give bad guys ideas, but another camp says that you're helping good guys protect against bad guys. In the case of Google hacking, certain queries, like credit card queries, are very deadly stuff. So I've never talked about how to do a credit card query, though I've talked about the risk. It's a very fine line. I have to leave out enough information to avoid getting someone into trouble, but give the audience an idea of what's going on. So I always try to think about what it would mean to be on the other side of getting hacked, and I keep my professional clients in mind.
How to invest long-term capital gains
The Income Tax Act contains exemption provisions from long-term capital gains tax if the taxpayer were to invest in a residential house property. This provision has helped countless taxpayers to first own and thereafter move into bigger and better houses at the cost of the exchequer by saving income tax on their long term capital gains.
There are two sections in the IT Act that deal with the exemption - section 54 and section 54F. The first one deals with capital gain on sale of one house property and reinvestment of the capital gains of that property into another residential house property.
The second section deals with capital gains on any asset other than house property (for example gold) and investment of the net consideration (sale proceeds reduced by the direct expenses on the sale).
In other words, the second section demands investment of a larger amount into the property compared to the first one where only the capital gain is to be invested in the property. Let us understand these two sections with examples.
Mr A who had purchased his flat in 1990 for Rs 10 lakh (Rs 1 million) sold it for Rs 25 lakh (Rs 2.5 million) in 2005. He is required to invest only Rs 15 lakh (Rs 25 lakh less Rs 10 lakh) in another residential property under section 54.
Compare this with Mr B's situation who had purchased jewellery for Rs 10 lakh for his wife in the year 1990 and sold it in 2005 for Rs 25 lakh. Mr B is required to invest Rs 25 lakh under section 54F in another residential property in order to save tax on the identical amount of capital gain of Rs 15 lakh (Rs 1.5 million).
The time limit for investment in the other residential property is identical under both the sections:
For outright purchase of residential property it has to be within a period of one year before the sale or two years after the sale; or within a period of three years after the sale construct the residential house. The rationale behind the different time limits is that an outright purchase takes lesser time compared to building a house.
Needless to state is the fact that the reinvestment must be in a residential house property. By implication commercial property or vacant plot of land are not eligible. Similarly, short term capital gains enjoy no exemption. So if you sell your house within 36 months of purchase, you will not have any tax benefits.
If the long-term capital gain or the net consideration under the above two sections is not invested in the purchase of a new house within one year before the date of sale of the earlier house or other asset; or not utilised for purchase or construction of the new house before the due date of filing the return of income, this capital gain or net consideration is required to be deposited, before filing the return, in a separate deposit account.
The central government has designated nationalised banks like State Bank of India [Get Quote], Bank of India, Bank of Baroda [Get Quote] etc to open such a special deposit account. From these deposits the taxpayer is expected to issue cheques for the purchase or construction of the property. These deposits earn a nominal interest also.
There is one more aspect of section 54, which is a subject matter of some controversy with the Income tax Department. The controversy centres around the use of the word 'a' before residential house while referring to the reinvestment of the gain.
To illustrate: Mr A, having a large house, sells it for Rs 2 crore (Rs 20 million) making a capital gain of Rs 1 crore (Rs 10 million). Out of the capital gain of Rs 1 crore, Mr A purchases two flats each of Rs 50 lakh (Rs 5 million) on the seventh and eighth floors of a building within the time laid down by the law.
Strict interpretation of Section 54 leads to the view that Mr A will be entitled to exemption of only Rs 50 lakh being purchase of 'a' residential property on the seventh floor.
In other words, the purchase of the second residential property on eighth floor will not be eligible. He should have purchased one large flat on either seventh or eighth floor. This view of the Income tax Department has been recently upheld by the Income Tax Appellate Tribunal, Pune Bench. Coming to section 54F, the section permits investment of consideration in maximum two properties and not more.
There are two sections in the IT Act that deal with the exemption - section 54 and section 54F. The first one deals with capital gain on sale of one house property and reinvestment of the capital gains of that property into another residential house property.
The second section deals with capital gains on any asset other than house property (for example gold) and investment of the net consideration (sale proceeds reduced by the direct expenses on the sale).
In other words, the second section demands investment of a larger amount into the property compared to the first one where only the capital gain is to be invested in the property. Let us understand these two sections with examples.
Mr A who had purchased his flat in 1990 for Rs 10 lakh (Rs 1 million) sold it for Rs 25 lakh (Rs 2.5 million) in 2005. He is required to invest only Rs 15 lakh (Rs 25 lakh less Rs 10 lakh) in another residential property under section 54.
Compare this with Mr B's situation who had purchased jewellery for Rs 10 lakh for his wife in the year 1990 and sold it in 2005 for Rs 25 lakh. Mr B is required to invest Rs 25 lakh under section 54F in another residential property in order to save tax on the identical amount of capital gain of Rs 15 lakh (Rs 1.5 million).
The time limit for investment in the other residential property is identical under both the sections:
For outright purchase of residential property it has to be within a period of one year before the sale or two years after the sale; or within a period of three years after the sale construct the residential house. The rationale behind the different time limits is that an outright purchase takes lesser time compared to building a house.
Needless to state is the fact that the reinvestment must be in a residential house property. By implication commercial property or vacant plot of land are not eligible. Similarly, short term capital gains enjoy no exemption. So if you sell your house within 36 months of purchase, you will not have any tax benefits.
If the long-term capital gain or the net consideration under the above two sections is not invested in the purchase of a new house within one year before the date of sale of the earlier house or other asset; or not utilised for purchase or construction of the new house before the due date of filing the return of income, this capital gain or net consideration is required to be deposited, before filing the return, in a separate deposit account.
The central government has designated nationalised banks like State Bank of India [Get Quote], Bank of India, Bank of Baroda [Get Quote] etc to open such a special deposit account. From these deposits the taxpayer is expected to issue cheques for the purchase or construction of the property. These deposits earn a nominal interest also.
There is one more aspect of section 54, which is a subject matter of some controversy with the Income tax Department. The controversy centres around the use of the word 'a' before residential house while referring to the reinvestment of the gain.
To illustrate: Mr A, having a large house, sells it for Rs 2 crore (Rs 20 million) making a capital gain of Rs 1 crore (Rs 10 million). Out of the capital gain of Rs 1 crore, Mr A purchases two flats each of Rs 50 lakh (Rs 5 million) on the seventh and eighth floors of a building within the time laid down by the law.
Strict interpretation of Section 54 leads to the view that Mr A will be entitled to exemption of only Rs 50 lakh being purchase of 'a' residential property on the seventh floor.
In other words, the purchase of the second residential property on eighth floor will not be eligible. He should have purchased one large flat on either seventh or eighth floor. This view of the Income tax Department has been recently upheld by the Income Tax Appellate Tribunal, Pune Bench. Coming to section 54F, the section permits investment of consideration in maximum two properties and not more.
Subscribe to:
Posts (Atom)