txpanhandlefilm.com

Here is a brief analysis of the offerings that recently caught my eye:

Obviously, there are many more offerings like these in the market today. However, it is interesting to note that the common theme here seems to be security, either through “isolation” via networking, and/or through the availability of enterprise-class firewalls, load balancers, and the like. The expansion of virtual data center offerings is also interesting, as I think it shows the early growth of what will likely be the true enterprise cloud-computing space.

Now, this doesn’t directly address security, compliance, or service levels, but it gives enterprise customers a level of control over network configuration that was previously unavailable from Amazon, which in turn enables the customer greater latitude to address those issues.

Access control and user account management was a little sketchy in most of the services I saw, although some showed real promise.

One of the most interesting aspects of the weeks leading up to and including this year’s VMWorld was the incredible innovation in cloud-computing service offerings for enterprises–especially in the category of infrastructure as a service. A variety of service providers are stepping up their cloud offerings, and giving unprecedented capabilities to their customer’s system administrators.

This is just the beginning of a long evolution, folks.

The video demonstrates wizard-based provisioning and drag-and-drop resource topology design, both of which are similar to features from GoGrid and Sun, though perhaps a little more aligned with the latter than the former.

Terremark’s new service complements its existing Enterprise Cloud service, which is targeted at larger, more sophisticated infrastructure needs.

Terremark vCloud Express: Terremark is one of the first out of the gate with a basic “one server at a time” offering based on VMWare’s vCloud Express infrastructure. Targeted at the same users who find Amazon’s EC2 so easy to use, the service is meant as a simple, low-risk way for customers to acquire compute capacity.

In this category, enterprises are most concerned about security, control, service levels, and compliance; what I call the “trust” issues. Most of the new services attempt to address some or all of these issues head on. Given that this is the infancy of enterprise cloud computing, I think these services bode well for what is coming in the next year or two.

However, one has to wonder as application architectures adjust to cloud computing, how much longer they are going to be tightly coupled to data center architectures. At what point will it no longer be advantageous for application owners to define infrastructure in terms of servers, storage, and security devices?

That being said, the independence of distributed applications from underlying architecture is a long way off, even from the enterprise perspective. I expect that by this time next year, we will see a stable of very strong enterprise public cloud offerings, with support for various compliance standards, sophisticated networking, and cloud-centric security services and technologies.

What I like about Project Spirit is its sense of configurability; something that I think has been missing from many IaaS offerings to date.

Amazon Web Services Virtual Private Cloud: There is no doubt that the smart people at Amazon continue to innovate at a breathtaking pace. The last three years have seen a whirlwind of new and upgraded services, ranging from storage and server capacity, to payment processing and content delivery.

Savvis “Project Spirit”: Available in beta “by the end of this year,” Savvis’s Project Spirit adheres to a “Virtual Private Data Center (VPDC)” concept very similar to the Virtual Data Center vision espoused by Sun. In a video providing an overview of the service, Savvis indicates that Project Spirit provides three tiers of service, each with an increasing set of capabilities and improved quality of service (QoS).

Amazon’s new Virtual Private Cloud offering is just another example of how they listen to their customers when they build solutions. Not so much unique and innovative, as a near perfect execution of a simple solution to a raft of thorny problems, Amazon’s VPC service is essentially a powerful VPN gateway which allows Amazon services to be added to the customer’s network.

Each network comes with eight public IP addresses (more can be added), and you can add resources such as servers, storage, and firewalls as you see fit. You can also create as many networks as you’d like for each account.

In a video recorded at VMWorld, Simon West, Terremark’s VP of marketing, demonstrates provisioning a server in the service. Like other services in its class, it focuses on allowing you to select a server image from a menu of possibilities, click a button, and boot the resulting server in a few minutes. Pricing starts at $.036/hr for a 1 “VPU,” 0.5GB server, but as Chris Flex of Citrix Systems notes in a blog post, Terremark charges differently than Amazon, so the CPU cost does not necessarily reflect cheaper overall operation costs.

OpSource Cloud: Hosting vendor, OpSource, is taking a more network-centric approach toward cloud definition, similar to the “subnets” that Amazon allows customers to create in its VPC offering. The OpSource cloud is in pre-beta now, with an October target for “public release.” When the OpSource team demonstrated their user interface to me, they showed me a metaphor that begins with the definition of a “network,” which is an isolated through custom routing capabilities at the OpSource data centers.

Asked what an iPhone user can do when attacked, Miller replied: “Rebooting wouldn’t be a bad idea. It would stop all but the most sophisticated attacker. However, it doesn’t take but a second to grab all your personal info from the device, and as soon as you turn it back on, the bad guy could attack you again. That’s why I think this is so serious.”

(Credit:
Elinor Mills/CNET News)

For the attack to work, an attacker must send hundreds of SMS control messages, which are different from regular SMS messages, according to Miller. Only the initial SMS may be seen, he said.

Although an attacker could exploit the hole to make calls, steal data, send text messages, and do basically anything that I can do with my iPhone, the researchers were kind and merely rendered it temporarily inoperable.

There is no patch, despite the fact that Apple was notified of the problem about six weeks ago, he said. All current versions of the iPhone operating system are affected.

Updated July 30 at 4:45 p.m. PDT to include that phone attacked was not jailbroken and was running iPhone OS 3.0, and at 8:18 a.m. with Miller talking about what a victim can do when attacked.

The attack is enabled by a serious memory corruption bug in the way the iPhone handles SMS messages, said Miller, a senior security researcher at Independent Security Evaluators.

Previous iPhone attacks required an attacker to lure the iPhone user to visit a malicious Web site or open a malicious file, but this attack requires no effort on the part of the user and requires only that an attacker have the victim’s phone number, Miller said.

My iPhone is not jailbroken and it is running iPhone OS 3.0.

Once inside a victim’s phone, the attacker could then send an SMS to anyone in the victim’s address book and spread the attack from phone to phone, he said.

Previously, Miller discovered a hole in the mobile version of Safari shortly after the iPhone was launched in 2007 and earlier this year he won a contest at CanSecWest by exploiting a hole in Safari.

LAS VEGAS–Researchers have discovered a way to take complete control over an iPhone merely by sending special SMS messages and demonstrated it on my iPhone at the Black Hat security conference on Wednesday.

Researchers Collin Mulliner and Charlie Miller shortly before they proved they could attack my iPhone with a text message, even after a beer or two.

Meanwhile, a bug in the code written by HTC that controls the user interface on Windows Mobile devices could also be exploited via the SMS messages to make it so there are no buttons to push so the phone can’t be used, said Miller.

In the more recent research, Android-based phones were found to be similarly susceptible to an SMS attack, only an attacker could temporarily knock the phone off the cell network but not take control, according to Mulliner, who’s getting his PhD at the Technical University of Berlin. Google patched the hole last week within a day or two of being notified of the problem, he said.

The researchers will demonstrate the attack on an Android phone and an iPhone during their presentation on Thursday.

The attack is similar to an SMS attack demonstration CNET News wrote about in April in which mobile security firm Trust Digital was able to send an SMS to a phone that opened up a Web browser and directed the phone to a malicious Web site where malware could be downloaded.

Here’s what happened: While I was talking on the phone to Charlie Miller, his partner, Collin Mulliner, sent me a text message from his phone. One minute I’m talking to Miller and the next minute my phone is dead, and this time it’s not AT&T’s fault. After a few seconds it came back to life, but I was not able to make or receive calls until I rebooted.

But don’t lay those firefighters off just yet. Vecna is still working on the BEAR’s ability to navigate through complex environments and to elevate the level of human-robot interaction.

The challenge was to enhance search and rescue while reducing the time military, police, and emergency response personnel have to risk their lives each day. More than half of the Medals of Honor earned by medics are awarded posthumously, according to Vecna.

The humanoid BEAR (Battlefield Extraction-Assist Robot) can locate victims in a mine shaft, battlefield, toxic spill, or earthquake-damaged structure. And then it can lift them up and then carry them over long distances to safety, according to the manufacturer Vecna Robotics. And it does this without risking any more lives (PDF).

(Credit:
Vecna Robotics)

The project is sponsored by the U.S. Army’s Telemedicine and Advanced Technology Research Center, which is part of the U.S. Army Medical Research and Material Command.

The current prototype features a powerful upper body controlled by hydraulics that can lift 500 pounds, according to the developer. A “mobility platform” featuring two independent sets of tracked “legs” allows it to balance on the balls of its “ankles.”

While unmanned air vehicles are putting pilots out of business, a new U.S. Army-funded robot could do the same for rescuers and stevedores.

So far there are nine incarnations of BEAR–each a little more capable than its predecessor. Improvements to date include explosion- and fire-resistant treads; a ruggedized, high-speed, high-energy drive system; explosion- and fire-resistant battery cells; and enhanced dexterity.

VoIP and PC-to-landline calls aren’t new to Yahoo Messenger, but the icon that calls out video chats is. Most of the major IM clients support voice-over-Internet calls with Webcams. It is Yahoo’s attention to video quality makes this build a closer competitor to Skype for Windows, which is a VoIP client first, enriched by chatting, file sharing, emoticons, and games. Yahoo Messenger (and Windows Live Messenger, and so on, for that matter,) are chat apps at the core that have layered on other P2P features.

In addition to both parties needing Yahoo Messenger 10 beta on their Windows computers, there are some basic system requirements. You’ll need Windows XP or better with a 1GHz CPU processor and 512MB of RAM. Your broadband internet will require a minimum of 300Kbps download speed and a minimum of 128Kbps upload (test both here). Then there’s the video card. You’ll need at least 96MB memory. A Webcam is mandatory to output video calls, but not to see a buddy’s video. However, you will receive an alert if you don’t have a Webcam. The final ingredient we’ll mention is that the latest version of Microsoft DirectX must be installed. Yahoo provides a full list of specs and tips in its help topics. Yahoo’s Messenger team provides some common FAQs and video tips here

(Credit:
Screenshot by Jessica Dolcourt/CNET)

One more complaint: The new Yahoo Messenger 10 beta doesn’t appear to play nicely with all third-party IM clients. We noticed when chatting with a buddy who uses Digsby, that each line we type was replicated in the chat window. Odd, yes, and also irritating over time. But not all users chatting between Yahoo Messenger 10 beta and a different chat client will encounter problems, but if you do, let us know.

(Credit:
Screenshot by Jessica Dolcourt/CNET)

You’ll be able to learn more about the social networking aspects from the photo gallery. This blog will focus on the video features.

Yahoo Messenger 10 beta–screenshots

Briefly, some of the other video features include toggling the sound on and off and shifting the position of the Webcam windows on your screen. These convenience tools worked well and gave the application some depth; we also liked being able to transfer files in full screen mode, even though photo transfers were slow.

It seems as if it were just yesterday that Yahoo’s Messenger team rolled out version 9 (it was a little less than a year ago, in fact.) The upgrade was so dramatic and overdue that it’s a little surprising Yahoo has already tweaked its chat client, now parading Yahoo Messenger 10 beta to testers and curious chatters. We’re glad they did. Even though the changes may not please everyone uniformly, nor should they incite ire. The features build off Yahoo Messenger 9, emphasize social networking, and improved video calling.

This bug reminders us that beta software is often a work-in-progress.

Proximity notwithstanding, there were some performance issues. The call quality was clear and the videos were as crisp as our hardware allowed. Chatting and file sharing, however, slowed to a crawl as the call progressed. This seems to be the reverse of Skype, in which chatting has, in the past, often transmitted faster than the voice packets. Again, being in the same city, let alone the same country, could at least partly explain the reversal.

Want to see more screenshots and feature details? We have plenty in the Yahoo Messenger 10 beta gallery. .

Skype is still ahead in terms of total features, like screen sharing, its most recent contribution to the VoIP community. However, the Web chatting experience was good enough on Yahoo Messenger 10 beta in our tests that we might prefer to use it to start a casual video call if the app is already running, rather than fire up Skype. Admittedly, our tests were limited by the callers’ proximity to each other, fast data connections, and strong computing configurations. We’ll need to keep up the calling with a cross-section of international users to get a more accurate litmus. Since the improved video calling only works with other Yahoo Messenger 10 beta users, we may have to wait for further adoption to test these theories.

Intel’s sales chief, Sean Maloney, has intimated in the past that Netbooks are not huge money makers. Speaking about the expected emergence of the ultrathin laptop category back in May he said that this is “an opportunity for upsell. We don’t need to give this stuff away. The industry doesn’t need to give this stuff away. We can reach new price points and we can also get paid for it.”

And I just don’t think performance is that much of an issue for many consumers. Some, of course, will return a Netbook because their expectations were too high (I heard this from a sales person at Frys Electronics), but a lot of people across all consumer segments (kids, students, business people) will continue to buy these things by the boatload (unless Intel intentionally sabotages the category–which I hope Intel is savvy enough not to do.)

(Credit:
Hewlett-Packard)

That is circuitous way to get to my point. The Intel Netbook is not going away and is just getting more popular as this marketing research report indicates. Apple’s Tim Cook dissed Netbooks back in April for what seemed like acceptable reasons: cheap, “junky hardware” (Cook’s words) equates to downmarket, shoddy products. But that Apple reasoning needs an update–the fall 2009 version: a lot of the newer Netbooks coming out now are not shoddy or cheap feeling. (And I am hereby updating my previous pessimistic take on Netbooks too per this post.)

Best Buy has a large Netbook selection

A typical flow of people passed through the laptop section in the 20 minutes I was there. Toward the end, all of the remaining customers (a few men and women, each) were marveling at all the cute, inexpensive laptops. Cute, inexpensive laptops to them, Netbooks to us in the media who like cut-and-dried categories.

HP 'Mini' promo: more than a few of the newer Netbooks are not low quality

(Credit:
Best Buy)

People like cute, light, and cheap–especially in a laptop. This sentiment won’t be overcome, as Intel believes, by the emerging ultrathin laptop category, which ranges from about $500 to $1,000 (formerly called CULV or consumer ultra-low-voltage). Certainly not this year. Ultrathins are not different enough in appearance from a standard laptop and not cheap enough. (And recent reports indicate that the ultrathin category is not taking off as expected.)

I was mildly shocked to see these people ignore the 50 or so standard laptops behind them and focus solely on Netbooks. So, I began querying the sales guy and one of the customers. It came down to essentially two things: price and selection (surprise, surprise). Best Buy now has a large selection of Netbooks–10 or so on display. A far cry from the Best Buy display of six months ago: a single, tiny, neglected Asus Eee PC pushed into a corner.

And I visited a second Best Buy where a sales guy gushed about Netbooks. “They’re extremely popular,” he said, adding that “almost all of my customers” just want to do e-mail and surf the Web.

But there is just too much marketing momentum now behind Netbooks at large PC makers–and in retail. Hewlett-Packard, Dell, Toshiba, Sony, and Acer all are pushing Netbooks. And in Japan, easily one the largest PC markets in the world, the Netbook is a hit–despite initial resistance from Japanese PC makers–for all of the same reasons cited above: small, light, inexpensive–and add fashionable. Major Japanese tech Web sites (such as ASCII) and large retailers (like Yodobashi Camera) have a significant Netbook focus now because that’s what readers and consumers are demanding.

Apple’s products and marketing are good but not infallible. And the lack of a Netbook may come back to bite Apple at some point. Maybe not tomorrow. Maybe not next month. But maybe next year. One of the Best Buy customers eying a Netbook made a comment that was a powerful counterpoint to all the Apple Mac-PC ads. To paraphrase: “You have to pay an arm and a leg for Apple (pointing to the Apple corner), I’m trying to make a practical business decision here.”

Intel will never admit in a thousand years that it has created, in the Netbook, a Frankenstein monster of sorts. Intel will, of course, take credit (which it should) for the creation of a new category of computing devices, but my sense is that the company is not head over heels about the Netbook business model–and this is also a reason for Apple’s very conscious decision not to make a Netbook. And, as many people are predicting, its reason for pursuing a more upscale tablet-like touch device.

Friday night at a Best Buy in Southern California–maybe not the hippest place to be, but some interesting dynamics were at work.

According to COO Joe Kelly, most datasets are very small, so the cost to the average user is negligible. But at a cost of about 20 cents a gigabyte, he explained, there are some datasets that could bring in big bucks.

The company, in fact, is building a marketplace for collections of data, which could include anything from weather information to the number of people who have appeared in Rambo movies to the full collection of words in the Scrabble dictionary. And everything in between. Users who buy them can then plug the data into their own applications, for whatever purposes they have in mind.

Infochimps is looking to build a business around a marketplace for sets of data like those in this picture.

(Credit:
Infochimps)

SAN DIEGO–It might not make immediate sense to everyone why someone would want to buy datasets, but to an early-stage start-up called Infochimps, there’s an entire business to be built around the market for such products.

On Infochimps, anyone can add a dataset that they hope to sell, and anyone can search for set of data they’d like to buy. If a match is made, the company gets a commission.

Though the company is only getting off the ground, Kelly explained that Infochimps has already landed one big client. He said that well-known political pollster John Zogby has agreed to put some of the data he collects on the site for sale. Another initial client is FootballOutsiders.com, a leading fantasy football data analysis site.

But there’s no doubt once you realize the full breadth of datasets that are possible that there’s potential here. Only time will tell if Infochimps can survive long enough to get the kind of critical mass necessary for this kind of business to flourish.

Ultimately, whether this kind of marketplace can be profitable depends on the source material and whether the site can do a good job matching up sellers with buyers.

At DemoFall 09 here Tuesday, Infochimps got its chance to explain what the market for datasets is and how it works.

On Tuesday, IBM will give a presentation on its next-generation server chip, the Power7. IBM documentation describes the chip as having up to eight cores. A dual-chip module holds two processors for a total of 16 cores, according to IBM.

Power7 will be used in the National Center for Supercomputing Applications “Blue Waters” supercomputer, the first system of its kind to sustain one petaflop performance on a range of science and engineering applications, according to the NCSA. A petaflop is one quadrillion floating point operations per second.

The Hot Chips conference in Palo Alto, Calif this week is focusing on high-end chips for servers and scientific computers, with IBM’s upcoming Power7 as a standout.

Other chips to be described at the conference include the Sparc64 VIIIfx: Fujitsu’s new 8-core processor for Peta scale computing. Sun will discuss its “next-generation multi-threaded processor Rainbow Falls” and AMD will spell out its Magny Cours processor, 12-core chip.

Intel will also discuss Moorestown, an upcoming version of the Atom processor targeted at mobile Internet devices and smartphones. Intel will also give a presentation entitled “Understanding the Intel Next Generation Microarchitectures (Nehalem and Westmere) transitioning into the Mainstream.”

Intel will present a paper on its upcoming Nehalem server processor.

Each core has a rated performance of 32 gigaflops, providing 256 gigaflops per processor–one of the fastest chips to date based on this scientific-centric performance benchmark.

Power7 “will be the first of a powerful new system design from IBM. The design includes extensive research and development in new chip technology, interconnect technology, operating systems, compiler, and programming environments,” according to the NCSA.

In his blog, Howard acknowledged the need to clean up the company’s coding process. He said that Microsoft will update the tools it uses to find these types of errors. The company will also require its programmers to use the newer ATL code. In the past, Microsoft never told its programmers what to use. But says Howard in his blog, “We’re going to change that!”

A security hole in Internet Explorer that opened the browser to hackers since early July was caused by a single typo in Microsoft’s code.

Development tools like Microsoft’s own Visual Studio use the same library of code, known as Active Template Library (ATL). On the same day it released the emergency patch for IE, the company also released a Visual Studio fix.

And his riddle for readers:
“I’ll give you one more clue - it’s a one character typo. Give up? Look at the last line. The first argument is incorrect. It should be: hr = pStream->Read((void*)pbArray, (ULONG)cbSize, NULL);”

In his blog, Howard played a high-tech version of “Where’s Waldo?” by challenging readers to find the typo amid a few short lines of code, even hinting that it was a single character.

The hole was originally uncovered earlier this month by a pair of German researchers. Thomas Dullien (also known as Halvar Flake), CEO of Zynamics GmbH, and his friend Dennis Elser detailed their discovery in a blog. After the exploit became known, the two did some digging into the code and found the unwanted “&” character.

Howard said the typo would have been difficult to spot in a review of the code, and that none of Microsoft’s code analysis methods would have uncovered it either.

Michael Howard, a security program manager at Microsoft, explained in his blog that the typo corrupted the code of an ActiveX control used by the browser. The control was created by Microsoft using an older library of code, which Howard admitted has flaws. Because of those flaws, the typo caused the code to write untrusted data, exposing the browser to the bad guys.

An errant ampersand (”&”) took the blame for the exploit, admitted Microsoft in a blog published Tuesday at its Security Development Lifecycle (SDL) Web site.

So what will Microsoft do to guard against future typos?

Outside of its regular Patch Tuesday routine, Microsoft issued an emergency fix for IE, which it said would block attempts to exploit the flaw in ActiveX controls.

The code lines he listed were:
__int64 cbSize;
hr = pStream->Read((void*) &cbSize, sizeof(cbSize), NULL);
BYTE *pbArray;
HRESULT hr = SafeArrayAccessData(psa, reinterpret_cast(&pbArray));
hr = pStream->Read((void*)&pbArray, (ULONG)cbSize, NULL);

Basically, the Cisco access points generate an unencrypted multicast data frame that is sent over the air and includes unencrypted data like the MAC address and the IP address of the wireless controller, as well as some configuration options, he said. The controller is used to manage the access points.

“Any clients attempting to register to the AP (access point) will be unable to access network resources, but the AP is still unable to authenticate wireless clients,” the company said in a statement. “There is no risk of data loss or interception. Cisco believes the vulnerability is easily avoided or mitigated and has provided techniques for this purpose.”

Updated 11:02 a.m. PDT August 25: Cisco released an alert on Tuesday that describes the finding as a low-risk vulnerability that could allow unauthorized control of a wireless access point and which could allow an unauthenticated, remote attacker to cause a denial of service condition.

Someone could skyjack a corporation’s access point and “use the wireless LAN to create a wired path into your network,” Williamson said.

Cisco Systems wireless local area network equipment used by many corporations around the world is at risk of being used in denial-of-service attacks and data theft, according to a company that offers protection for WLANs.

Software updates and patches were not yet available, Cisco said.

“As a matter of policy, Cisco takes security vulnerabilities very seriously and we continue to take active measures to safeguard the security and reliability of our equipment,” a Cisco spokesperson said.

However, the access point could end up connecting to an outside controller if it hears multicast data from that network instead, and thus it would be under someone else’s control, he said.

“What this really shows is that more and more companies have to have 7/24 monitoring of their LANs,” he said. “They can’t just periodically walk around the facility with a laptop and check to see if there’s a problem.”

An attack on a wireless LAN would be particularly dangerous for hospitals, which are increasingly moving critical apps onto the network for use by doctors and nurses with Wi-Fi-enabled handhelds, Schatt said. “A denial-of-service attack could impact mission critical phone systems,” he said.

AirMagnet has informed Cisco about the problems and Cisco is working on a solution, Williamson said.

“Our standard practice is to issue public Security Advisories or other appropriate communications that include corrective measures so customers can address any issues,” he said. “For that reason we do not provide comment on specific vulnerabilities until they have been publicly reported, consistent with our well-established disclosure process.”

Cisco has 65 percent to 70 percent of the install base for wireless LANs, according to Stan Schatt, security practice director at ABI Research.

“We found it in our labs,” Wade Williamson, director of product management at AirMagnet, said on Monday. “We don’t know about it being exploited in the wild.”

If an access point has the OTAP enabled, the wireless LAN is also at risk of a “skyjack” exploit, Williamson said. With the OTAP feature enabled, a newly deployed Cisco access point will listen to the multicast data being broadcast to find the address of its nearest controller.

“Someone out in the parking lot or a neighbor can look at the packets and see information about the controller on the wired side,” he said. “This is giving anybody that’s listening to the environment some pretty detailed information about the wired network that we want to keep protected.”

Researchers at AirMagnet, which makes intrusion-detection systems for WLANs, discovered the vulnerability, which affects all lightweight Cisco wireless access points, as well as the exploit that could be used against networks that have the Over-the-Air-Provisioning (OTAP) feature turned on.

With that information, someone listening to the network could easily find the internal addresses of the WLAN controllers in the network and potentially target them with a denial-of-service attack, Williamson said.

To mitigate against any attacks, Cisco customers should disable the OTAP feature and use a separate intrusion detection system that can detect whether someone is snooping on the network, as well as monitor that all access points on a network are authorized, AirMagnet said.

But for those who were confirmed friends of the deceased, they can continue to leave “wall” posts in remembrance.

To “memorialize” a profile, members are encouraged to use a feedback form that asks for some proof of a relationship to the person in question (knowledge of an e-mail address and birthday, for example), as well as a link to proof of death (like a news article or obituary). When a profile has been memorialized, “sensitive” information, like phone numbers, are removed, and the profile is locked up to anyone who was not already a confirmed friend (non-friends can’t find the profile in search queries, either).

With over 300 million active users around the world, it’s a legitimate concern for social network Facebook to come up with a solution for what happens when members die. The company has now spelled out the process on its official blog (in a post that’s a little bit awkwardly close to Halloween, considering the sensitivity of the subject matter).

Memorialized profiles are also locked to future log-ins to prevent hacking–something that highlights how Facebook will have to be very vigilant about making sure that mean-spirited members don’t try to “memorialize” one another’s profiles as a macabre prank.

Facebook’s Max Kelly explains in the blog post: “Obviously, we wanted to be able to model people’s relationships on Facebook, but how do you deal with an interaction with someone who is no longer able to log on? When someone leaves us, they don’t leave our memories or our social network. To reflect that reality, we created the idea of ‘memorialized’ profiles as a place where people can save and share their memories of those who’ve passed.”