An ex- Intel employee accused of stealing $1 billion worth of trade secrets and using them to help rival AMD was indicted in Massachusetts Wednesday, according to news reports.

Biswamohan Pani, 33, of Worcester, Mass., was a design engineer at Intel's Hudson, Mass., offices before being hired away by AMD in June, according to the Worcester Telegram & Gazette . 

[ Keep up on the latest tech news headlines at InfoWorld News, or subscribe to the Today's Headlines newsletter. ]

Pani is accused of accessing Intel's network remotely and downloading 13 top-secret documents and other proprietary information related to methods for designing microprocessors, "including a document explaining how the encrypted documents could be reviewed when not connected to Intel's computer system," the Telegram reports.

Prosecutors say AMD was not aware of Pani's alleged thefts and did not benefit from them, the Associated Press reported. Instead, prosecutors say Pani planned to use the secrets to advance his career at AMD. The information Pani allegedly downloaded "was worth more than $1 billion in research and development costs," the Associated Press reported. Pani told investigators he downloaded the top-secret documents to help his wife, who works for Intel, the Telegram reports.

If convicted, Pani could face decades in prison and large fines for stealing trade secrets and committing wire fraud. He was first charged in August in U.S. district court in Boston with stealing trade secrets. He was indicted Wednesday by a federal grand jury on four additional counts of wire fraud. He is free on $100,000 bail.

As the industry's two leading chip-makers, Intel and AMD have a longstanding rivalry . Both Intel  and AMD plan to announce new multi-core chips later this month. ( Compare server products.)

Network World is an InfoWorld affiliate

Security researchers say they've developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks.

The attack, described as the first practical attack on WPA, will be discussed at the PacSec conference in Tokyo next week. There, researcher Erik Tews will show how he was able to crack WPA encryption, in order to read data being sent from a router to a laptop computer. The attack could also be used to send bogus information to a client connected to the router.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

To do this, Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu, the PacSec conference's organizer.

They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack

Security experts had known that TKIP could be cracked using what's known as a dictionary attack. Using massive computational resources, the attacker essentially cracks the encryption by making an extremely large number of educated guesses as to what key is being used to secure the wireless data.

The work of Tews and Beck does not involve a dictionary attack, however.

To pull off their trick, the researchers first discovered a way to trick a WPA router into sending them large amounts of data. This makes cracking the key easier, but this technique is also combined with a "mathematical breakthrough," that lets them crack WPA much more quickly than any previous attempt, Ruiu said.

Tews is planning to publish the cryptographic work in an academic journal in the coming months, Ruiu said. Some of the code used in the attack was quietly added to Beck's Aircrack-ng Wi-Fi encryption hacking tool two weeks ago, he added.

WPA is widely used on today's Wi-Fi networks and is considered a better alternative to the original WEP (Wired Equivalent Privacy) standard, which was developed in the late 1990s. Soon after the development of WEP, however, hackers found a way to break its encryption and it is now considered insecure by most security professionals. Store chain T.J. Maxx was in the process of upgrading from WEP to WPA encryption when it experienced one of the most widely publicized data breaches in U.S. history, in which hundreds of millions of credit card numbers were stolen over a two-year period.

A new wireless standard known as WPA2 is considered safe from the attack developed by Tews and Beck, but many WPA2 routers also support WPA.

"Everybody has been saying, 'Go to WPA because WEP is broken,'" Ruiu said. "This is a break in WPA."

If WPA is significantly compromised, it would be a big blow for enterprise customers who have been increasingly adopting it, said Sri Sundaralingam, vice president of product management with wireless network security vendor AirTight Networks. Although customers can adopt Wi-Fi technology such as WPA2 or virtual private network software that will protect them from this attack, there are still may devices that connect to the network using WPA, or even the thoroughly cracked WEP standard, he said.

Ruiu expects a lot more WPA research to follow this work. "Its just the starting point," he said. "Erik and Martin have just opened the box on a whole new hacker playground."

Sprint-Nextel has decided to sever its Internet connection with Cogent, another ISP, according to a statement from Cogent.

Internet health data supplied by Keynote Systems indicates that Cogent and Sprint are no longer exchanging traffic.

[ Keep up on the latest networking news with our Networking Report newsletter. And discover the top-rated IT products as rated by the InfoWorld Test Center. ]

As a result, it is no longer possible for many Sprint customers and Cogent customers to directly communicate across the Internet.

The two ISPs are currently engaged in litigation over their exchange of Internet traffic, so-called peering. In shutting down the peering between the two, Sprint violated a contractual obligation to exchange Internet traffic with Cogent on a settlement-free peering basis, according to Cogent.

The actual reasons for the row remain sketchy. Cogent staff in Europe wouldn't comment further, passing questions to the company's legal team in Washington. Sprint couldn't be reached for comment.

This isn't the first time Cogent has rowed with another carrier over Internet peering with another carrier. Back in 2005, it was involved in a similar dispute with Level 3, which also decided to shut down communications with Cogent. In the end, the two agreed on what they called a "modified" version of their original peering arrangement, which enabled the two providers to directly connect their networks and exchange Internet traffic across them without charge.

Earlier this year it was also embroiled in a battle with Swedish carrier TeliaSonera. That time it was Cogent that cut communications. They also settled their differences.

The dispute is unlikely to have an effect on the Internet as a whole, according to Kurt Erik Lindqvist, CEO at Netnod, which handles peering between carriers in Sweden.

In the short term, Sprint and Cogent costumers are stuck in middle, but in the end Lindqvist thinks they will be forced to work out their differences. "It's usually a question of who chickens out first," he said.

Three days into the previous standoff, Level 3 backed down and restored its peering connection to Cogent.

Carriers typically row over peering when they are unhappy with the amount of data traffic each carrier sends to the other, something usually covered by the peering agreement, according to Lindqvist. He doesn't know if that is the case here.

The conflict with TeliaSonera had to do with the cost for upgrading a peering point in the United States.

Researchers at McGill University in Montreal have discovered a new state of matter that they say could greatly extend Moore's Law.

Engineers at companies like Intel and AMD have long been cramming more and more transistors -- the building blocks of the processor -- onto a chip. Last fall, for instance, Intel announced that each of its new Penryn chips hold 820 million transistors. The Penryn chip keeps alive the 40-year-old prediction by Gordon Moore that the number of transistors on a chip will double every two years.

Some observers have long predicted that leakage and energy consumption will be significant roadblocks to the law at some point.

The McGill scientists, though, think they may have a way around those roadblocks.

The researchers say they've found a quasi-three-dimensional electron crystal that could enable them to harness quantum physics to make increasingly small computer chips. The crystal was discovered using a device cooled to a temperature that is 100 times colder than intergalactic space.

Dr. Guillaume Gervais, director of McGill's Ultra-Low Temperature Condensed Matter Experiment Lab, said that the material is not quite three-dimensional but it's something in between two- and three-dimensional.

"In a standard transistor, you have a gate, and the electron flow is controlled by it like a faucet would control a gas flow," Gervais said in a statement. "You can understand the particles as independent units, which lets us treat them as ones and zeroes or on and off switches in digital computing. However, once you get down to the nano-scale, quantum forces kick in and the electrons may condense into a collective state and lose their individual nature. Then all sorts of bizarre phenomena pop up. In some cases, the electrons may even split. Concepts of 'on' and 'off' lose all meaning under these conditions."

Dan Olds, principal analyst with the Gabriel Consulting Group, said the McGill scientists are working on far-reaching science, and even if their theories hold true it would be quite some time before they could be used in the chip manufacturing process.

"There also isn't any evidence to say that this is the answer to continuing Moore's Law. It's a possible answer, it's a potential answer, but only after we understand how these new materials work, which we don't yet," said Olds.

"From a higher perspective, this is the kind of experimental activity that is taking place all over the world. It's great, because we see these breakthroughs that others will build on. Many will fall by the wayside -- blind alleys that don't go anywhere interesting -- but a few will be found to be extremely useful over time. It's the law of the jungle in technology," Olds added. "There are many experiments. Some are interesting but useless. A very few are interesting and very useful. It's too soon to tell which camp this one will fall into."

In its work to shrink transistors and extend Moore's Law, IBM announced last February that they had hit a major milestone in nanotechnology, figuring out how to measure the amount of force needed to move an atom. Their new measurement capabilities could enable researchers to shrink the size of transistors used in computer chips.

Shrinking transistors cuts power requirements and boosts speed.

Computerworld is an InfoWorld affiliate.

One day after Microsoft issued a rare emergency Windows security patch, the bad guys have a few new ways to take advantage of the bug.

By Friday, security researchers had identified a new worm, called Gimmiv, which exploited the vulnerability, and a hacker had posted an early sample of code that could be used to exploit the flaw on the Web.

[ For earlier developments in this bug's progress, see "Microsoft to rush out emergency Windows patch" and "Attack code for critical Microsoft bug surfaces" ]

Microsoft issued the patch more than two weeks ahead of its next security updates because the bug could be used to create an Internet worm attack and Microsoft had already seen a small number of attacks that exploited the flaw.

This vulnerability lies in the Windows Server service used to connect with other devices on networks. Although the firewall software that ships with Windows will block the worm from spreading, security experts are worried that the flaw could be used to spread infections between machines on a local area network, which are not typically protected by firewalls.

And that's exactly what the Gimmiv worm is designed to do, according to Ben Greenbaum, a senior research manager with Symantec. "It is downloaded onto a target machine via social engineering and then proceeds to scan and exploit machines on the same network, using this newly disclosed vulnerability in the Server service," he said.

The worm then loads software that steals passwords, security experts say.

Both Symantec and McAfee said Friday that they had seen only a very small number of attacks based on this exploit, but Symantec says that, starting Thursday evening, they found a 25 percent jump in network scans looking for potentially vulnerable machines. That could be a sign that more attacks are coming.

That scenario becomes more likely, too, as more tools that exploit the flaw are released to the public. On Friday, sample exploit code was posted to the Milw0rm.com hacker site, and over the next few days hackers are expected to move that code into attack tools that are easy to use.

Greenbaum predicted that the attack code will soon be used to build botnet networks of infected computers. "What we are going to see is this attack being added to the arsenal of botcode," he said.

"Once it evolves to the point where people really don't have to know much about the exploit ... those are the situations where people write the worms that do a lot of [damage]," said McAfee researcher Craig Schmugar.

Does he expect a damaging worm to emerge from this latest bug? "If history is a lesson, then yes," he said.

Google this week continued to hone its effort to push its Google Analytics service into corporate IT shops by adding a slew of new features, including custom report generation, advanced segmentation and integration with Google AdSense.

The new features will let larger companies using Google Analytics ditch any third-party tools they are using for segmentation or custom reporting of data generated from Google Analytics, noted Brett Crosby, group manager for Google Analytics.

[ Discover the top-rated IT products as rated by the InfoWorld Test Center. ]

"This is an enterprise class feature launch," he said. "[Users have] been spending a lot of time and money trying to squeeze out this information from a lot of other tools. We think this will solve the dueling tool problem within these organizations."

The free hosted Google Analytics service was launched three years ago to demand so great Google had to temporarily suspend taking on new users.

The integration with Google's AdSense advertising network lets users see which pages of their site are driving the most revenue from AdSense ads. Integrating AdSense and Google Analytics will allow users to determine what content people like, which referring sources are driving the most revenue and which geographies are driving the most revenue, Crosby added.

"There are a lot of sites that use AdSense to drive revenue, and that is their primary source of revenue," he noted. "They can see what their return on investment is."

The update also adds support for advanced segmentation, allowing users to isolate and analyze subsets of their Web traffic -- like visitors who came through an e-mail marketing campaign or those who can from a company buying keywords, Google said. "It allows you to basically zero in on any segment of traffic you want to look at," Crosby said.

Once a company creates a segment for analysis, the tool can be used to compare the past behavior of that subset to the rest of the traffic on the site, Crosby added.

"The idea is to create segments of customer so you can see that buyers behave really differently than my 'looky loo' customers," Crosby noted. "You can start to identify the differences in those sorts of traffic."

Another new feature in Google Analytics allows users to create custom reports using any metrics, Crosby added. This feature could also be used in conjunction with advanced segmentation so users can have more options on how to analyze data.

New advanced visualization capabilities, which provide motion charts of data -- bubble charts that can be animated to show trends over time -- can help users find aspects of data that might not otherwise be apparent, Crosby added.

Finally, Google unveiled a beta of a new Google Analytics API, which will allow developers to pull data out of the analytics service to build new applications. Crosby said that "renegade developers" have already written scripts or created other ways on their own to build new applications that use Google Analytics data. Examples, he said, include iPhone applications that display Google Analytics data on the iPhone, and a Flash-based desktop version of the analytics service.

"I think this is one of the most significant things we can do is allow people to pull data out of Google Analytics and build applications for it that we might never have dreamed of," Crosby noted. "We have a very large customer base, and a lot of these people are developers and want to do things with the data."

Google plans to roll out most of the new features to users over the next several weeks. Crosby noted that the integration with AdSense may take longer than a few weeks, and that the API is available by invitation only.

A year ago Google updated Google Analytics by adding internal search and event tracking capabilities. The latter feature allows Web site operators to more accurately measure how visitors are using interactive Web site elements like AJAX (Asynchronous JavaScript and XML), JavaScript, Flash movies, page gadgets, and other multimedia tools, Crosby said.

Computerworld is an InfoWorld affiliate.