Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
). I'd be interested to know what IT can offer in that context.I expect mouser to come up with an entrySurely we can't expect such an accomplished individual to code in something like Java...</troll>-f0dder (September 11, 2009, 02:21 AM)
Ehtyar: In my opinion, this shouldn't be the solution.So why aren't your poarent using Linux? I presume because Linux package management is not quite as a simple and easy to use as it sounds...
I continue to think that an update manager integrated in windows would make sooo much more sense.
I know I love it in linux, it's keeping me from using windows anymore, and I've always been a windows fan.-jgpaiva (September 09, 2009, 08:33 AM)
Perhaps if developers could add their owns applications to the Microsoft Update infrastructure already there? But then who would take on the burden of managing it, especially from the point of security.Precisely...-Eóin (September 09, 2009, 09:04 AM)
#8: Oscar. Metro. Golf.@ your post, first I was like WTF?, then I was like
At first I was like
And then I was like-Edvard (September 09, 2009, 12:13 PM)
| Hi all. Sorry for the lateness, was on a snow trip with work. Also, tech news has sucked pretty hard lately...sorry about that, I hope it picks up soon  As usual, you can find last week's news here. |
Upcoming versions of Mozilla's Firefox browser will automatically warn users running versions of Adobe's Flash Media Player that contain known security bugs, according to a published report.
The check will be invoked each time the popular open-source browser is updated, according to the report which was published Thursday by The H. Users who have out-of-date versions of the Adobe application will be notified in the "What's New" browser page that automatically opens each time an update is installed.
The block was imposed by a Texan court following a ruling that its use of formatting language XML in Word 2003 and 2005 infringed patents.
Under the ruling Microsoft was ordered to pay Canadian patent owner i4i $290m (£177m) damages and also told to stop sales of the relevant versions of Word.
The ban on sales was due to come in to force in mid-October.
The best feature of the much-maligned Digital Millennium Copyright Act (DMCA) is its "safe harbor" for Internet service providers, who can't be held liable for what customers do using their networks. Mostly. There are limits, and Louis Vuitton found them this week in a federal court. The luxury goods maker won $32 million from two ISPs and the man who ran them after proving to a jury that the ISPs had full knowledge that they hosted mainly websites for counterfeit goods—and refused to take action.
The two ISPs are Akanoc and Managed Solutions Group, both run out of Fremont, California by one Steven Chen. According to Louis Vuitton's July 2008 complaint, Chen's companies "were formed for and exist primarily to facilitate the promotion and advertisement of offers for counterfeit and infringing merchandise." The ISPs hosted a huge array of sites offering fake Vuitton purses, wallets, and bags—sites like Luxury2us.com, Louis-vuitton-bags.org and HandBagSell.com.
Diebold announced on Thursday that it has sold its voting machine division to Election Systems & Software (ES&S), a former competitor. Diebold's unceremonious departure from the electronic voting machine business will be welcomed by critics of the company's controversial direct-recording electronic voting products.
Diebold, which is primarily an ATM maker, decided to unload its voting machine subsidiary—Premier Election Solutions—for roughly $5 million and change. As a consequence of the deal, the company expects to report a loss of over $45 million. According to a statement issued by Diebold, the company has been looking for a way out of the voting machine racket ("pursuing strategic alternatives to ownership") since 2006 when it realized that the whole endeavor was intractably dysfunctional ("identified its US elections systems business as non-core to its operations").
Attackers have begun actively targeting an unpatched hole in Microsoft's Internet Information Services webserver using new exploit code that greatly expands the number of systems that are vulnerable to the bug.
In an updated advisory published Friday, Microsoft researchers said they are seeing "limited attacks" exploiting the vulnerability, which resides in a file transfer protocol component of IIS. Exploit code publicly released in the past 24 hours is now able to cause vulnerable servers to crash even when users don't have the ability to create their own directories.
A security researcher has vowed to reveal technical details of a series of cross-site scripting vulnerabilities involving Facebook applications during September.
theharmonyguy plans to give developers 24 hours' advance notice about flaws involving their web applications before exposing them publicly. The project takes its cue from July's Month of Twitter Bug project, during which security researcher Aviv Raff applied a similar idea to the disclosure of security flaws involving Twitter and associated services.
Some computer viruses have a crude but scary ability to spy on people by logging every keystroke they type. Now hackers and potentially law enforcement have another weapon: a virus that can eavesdrop on voice conversations that go over computers instead of a regular phone line.
The capability has been shown in a new "Trojan horse" virus that records Voice over Internet Protocol (VoIP) calls through the popular Skype service. Skype calls are free or low cost and can work between two computers or between one computer and a phone.
| Hi all. Not a ton of good news this week (a lot of torrent-related news in the TPB article though). As usual, you can find last week's news here. |
No longer the province of teens and chat-obsessed netizens, instant messaging is being adopted by a growing number of banking malware applications, which zap pilfered credentials to thieves in real time.
The latest entrant is Zeus, a trojan that monitors an infected PC for passwords entered into banking websites and other financial services. Over the past three months, investigators from RSA FraudAction Research Lab have observed the program, which also goes by the name Torpig and Mebroot, using the Jabber IM protocol to make sure the most valuable credentials don't get lost in the shuffle.
Networking nerds claim to have devised a way of breaking Wi-Fi Protected Access (WPA) encryption within 60 seconds.
The technique, developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, is based on the established Becks-Tews method, which involves making minor changes to packets encrypted with TKIP - Temporal Key Integrity Protocol, a WPA security mechamism - and then sending those packets back to the access point.
he Chaos Computer Club has told the FT that in the couple of months it will be releasing code capable of cracking GSM with just a laptop and an antenna.
In comments made to the German edition of the Financial Times, the hacking group claims that governments, and criminals, are already using the technique which can break the encryption used to protect 2G GSM calls in near-real time using existing systems. The group says a public exposure of the technique will take place in the next month or two and allow anyone equipped with a laptop and an antenna to listen in to GSM phone calls.
Stockholm district court made the order on 21 August, saying ISP Black Internet would be fined 500,000 kronor (£43,000) if it did not comply.
The court order was the result of legal action brought against The Pirate Bay by the music and film industry.
However, TPB was back online within a few hours with a new carrier.
In a press release, parodying Winston Churchill's famous speech of 1940, the Pirate Bay team said they would keep the site running "for years if necessary".
Fresh off a set of legal wins against The Pirate Bay, the music and movie industries have just scored another court victory against the massive BitTorrent search engine Mininova. A Dutch judge in Utrecht has given Mininova three months to purge all links to copyrighted content from its site—or pay up to €5 million in penalties.
As with The Pirate Bay, Mininova's operators weren't accused of copyright infringement. In a peer-to-peer system, the actual files being transferred reside on millions of computers around the globe, and thus any direct infringement would be the responsibility of those users. But, like most countries, the Netherlands recognizes "contributory copyright infringement," which was the charge in this case.
Apple and China Unicom have finally succeeded in reaching an agreement to bring the iPhone to China. Details are scarce at this point, but China Unicom officials revealed during a press conference on its recent financial results that it has made a three-year deal to sell the iPhone, and it should go on sale later this year. "This will provide users with brand new communication and information experience," according to a statement released by China Unicom.
The deal is the result of a long and winding process. Apple originally hoped to work out a deal with China Mobile, the country's largest carrier. However, China Mobile balked at Apple's original revenue sharing model. When Apple launched the iPhone 3G and moved to a more common subsidized model, negotiations began again with China Mobile, but supposedly broke down over operation and control of the App Store.
The website of Apache was taken offline for several hours on Friday after the SSH remote administration key on one of its servers was compromised.
SSH is a widely used technology for remote administration, so in the worst scenario the compromise created a means for hackers to upload Trojanised code onto the download section of Apache's website. Around 50 per cent of webservers run Apache, according to the latest stats from Netcraft, so any problem would be extremely widely felt.
It's unclear at present whether any code on the Apache website was actually modified. Nor do we know how the attack was carried out or who was behind it.
Whether you're searching for a storefront in a strange neighborhood or drunks passed out on the curb, Google Street View can be an extremely helpful tool. Street View has drawn its share of critics, however, and we can now add the government of Switzerland to that list. Just days after launching Street View in Portugal, Switzerland, and Taiwan, the search giant has been told by the Swiss Government that it needs to yank the Street View from its Swiss maps, a development that has left the search giant "surprised."
Hanspeter Thür, the Swiss Federal Data Protection and Information Commissioner (FDPIC), has accused Google of not having taken the necessary steps to safeguard the privacy of Swiss citizens. Thür has demanded that "Google Inc. immediately withdraw its online service Google Street View concerning Switzerland," according to a statement.
I hope you're doing OK.
| Hi all. Enjoy As usual, you can find last week's news here. |
Amazon, Microsoft and Yahoo will sign up to the Open Book Alliance being spearheaded by the Internet Archive.
They oppose a legal settlement that could make Google the main source for many online works.
"Google is trying to monopolise the library system," the Internet Archive's founder Brewster Kahle told BBC News.
"If this deal goes ahead, they're making a real shot at being 'the' library and the only library."
Getting caught file sharing in Finland apparently carries far fewer financial repercussions than in the US. A man who was found sharing 164 albums' worth of music (768MB) and had illegally downloaded 1,850 tracks will be forced to pay fines of €3,000, or about US$4,230. Needless to say, that's a far cry from the penalties handed to American file sharers as of late.
A district court had ruled in February of 2008 that the unnamed man was guilty of various copyright violations and would have to fork over the cash for damages. During his appeal, the man argued that while he was aware the file sharing took place on his machine, it wasn't him who did it (was it the cat?). The appeals court in Helsinki, however, didn't buy this excuse and upheld the lower court's ruling.
Organic light emitting diodes, or OLEDs, promise to bring a great deal of flexibility to where we can put a display—literally. Because of their organic components, it should be possible to create flexible and transparent displays, opening up a large number of potential uses. But now, just as OLEDs may finally be ready for the consumer market, some engineers have figured out a way to get many of the same properties using inorganic LEDs (ILEDs), using a method that's so simple, even a biologist could understand it. It's a few years away—at least—from commercialization, but it's a significant advance.
The paper that describes the process will be published today in Science. The basic idea is that, since LEDs are so efficient at converting electrical charges to light, the human eye can detect the light of very small LEDs. As a result, it's possible to make a display out of a surface where only a small fraction is occupied by the actual LEDs, which can be small enough to be invisible to the naked eye. Under these conditions, the display will take on the properties of whatever material the LEDs are embedded in: bendable, transparent, etc.
Symantec is out with its "Dirtiest Web Sites of Summer 2009," which it's calling "the worst of the worst" when it comes to malware threats.
The security vendor says that "48 percent of the Dirtiest Web Sites are, well, dirty--sites that feature adult content." That means that more than half the sites cover a wide range of other categories including legal services, catering, figure skating, and electronics shopping, according to the report.
On average, sites on the dirtiest list have 18,000 threats per site, but 40 of the sites have in excess of 20,000 threats. One site that appears to offer restaurant catering services has 23,414 computer threats
Australian Federal police have been humbled after boasting of taking over an underground cybercrime forum - only for hackers to break into a federal police computer system, the Sydney Morning Herald reports.
Police computer security experts claimed responsibility for taking over the r00t-you.org cybercrime forum as part of a sting operation on ABC's Four Corners TV programme on Monday night entitled Fear in the Fast Lane. The Feds had reportedly configured their own systems as a honeypot designed to track and trace denizens logging into the forum. Police gained access to the forum not through infiltration but after raiding the Melbourne home of the forum's alleged administrator last Wednesday.
Over the years, Kevin Mitnick has gotten used to the attacks on his website and cell phone account that routinely result from being a convicted hacker turned security expert. What he finds much harder to stomach is the treatment he's getting from his providers.
Over the past month, both HostedHere.net, his longtime webhost, and AT&T, his cellular provider since he was released from prison more than nine years ago, have told him they no longer want him as a customer. The reason: his status as a celebrity hacker makes his accounts too hard to defend against the legions of script kiddies who regularly attack them.
The $7.4bn (£4.5bn) deal was agreed by the two in April this year, but still needs approval from the European Commission before it can be concluded.
The acquisition gives Oracle control over Java, a key programming language used in its products.
The takeover had been held up over questions about licensing Java.
PayPal has generated its fair share of controversies over the years, but it has begun to stir up another one by adding new transaction fees that affect all customers—without telling anyone about them. The company slipped the fees in with a more general update to its "send money" service in June, but because the changes were so well hidden, the Internet has been slow to wake up to what amounts to a good increase in PayPal's income.
Under the previous system, fees were charged based on the type of account the receiver was using as well as where the money was coming from. If the receiver was a premium or business account owner, he or she was charged 30¢ plus 2.9 percent of the transaction—the same applied to all accounts if the money was coming from a credit or debit card instead of a PayPal balance or directly from a bank account. People using personal accounts could make all these payments to anyone else for free.
A Miami man and two unidentified computer hackers were charged with stealing 130 million credit and debit card numbers in what the Justice Department said was the largest such prosecution in U.S. history.
Albert Gonzalez, a 28-year-old Miami resident, and two hackers living “in or near Russia” were indicted yesterday by a federal grand jury in Newark, New Jersey, for stealing data from Heartland Payment Systems Inc., 7-Eleven Inc., Delhaize Group’s Hannaford Brothers Co. and two unidentified national retailers.
| Hi all. Enjoy As usual, you can find last week's news here. |
Gills Onions, which both grows the eponymous crop and claims to operate the largest onion processing facility in the US, doesn't do things on a small scale. The cost of removing the onion waste left over after packaging was costing it over $400,000 a year, so the company looked for a way to reduce or eliminate that waste. Through a partnership with the Southern California Gas Company, Gills eventually found a way to turn this waste stream into 600kw of electricity. We talked with Hal Snyder, the VP of Customer Solutions for SoCalGas, to get the details on this project.
Snyder said that Gills had a history of working with SoCalGas on energy efficiency work, and the collaboration on this project was an extension of that relationship. The onion waste—the tops, bottoms, and skins left over after an onion is cut for packaging—provided a tempting target. "Any organic material has the potential for creating energy," as Snyder put it. The initial thought was that all of the onion could be processed for fuel, but cellulose bioreactors are still very much at the developmental stage.
When planning first started for the completion of the human genome, some argued that we would need an entirely new approach to DNA sequencing in order to get things done within a reasonable time span. Instead, success came via a brute force approach: robots prepared DNA samples 24 hours a day and fed the results to machines that could perform a hundred traditional sequencing reactions in parallel.
Now, one machine can do the job in a single month.
RealNetworks suffered a serious blow late Tuesday night in its ongoing DMCA drama with the movie studios. Judge Marilyn Patel granted a temporary injunction against the company, barring it from selling its RealDVD copying software thanks to language in Real's license with the DVD Copy Control Association (DVD CCA). Patel did not directly include the issue of fair use as part of her ruling, though she did make an observation about its relevance to the DMCA, asserting that it can't be used as a defense against DMCA circumvention violations.
This case addresses both RealDVD (a software package) and, to a lesser extent, a prototype hardware product that would have ripped DVDs directly to a hard drive and hosted the files as a media server. Real originally tried to launch RealDVD in September of 2008 as a product which could rip DVDs to a user's hard drive and play them back, while leaving CSS encryption intact. The software did not modify or change the files, and—unlike similar software packages—Real had even obtained an official license from the DVD CCA to do so. Sounds like everything was on track, right? Wrong.
Yesterday, a judge issued an injunction that, if it remains in force, would compel Microsoft to stop selling recent versions of its phenomenally popular program, Word.
The injunction is the latest round in an intellectual property battle that's been brewing since May, when a jury found Microsoft guilty of infringing a patent held by a Canadian company called i4i. Ironically, the patent in question covers a method of separating formatting information from runs of text when documents are written to files—something Microsoft itself received a patent for just this week. Unfortunately, the folks in Redmond filed theirs six months behind the competition.
The i4i patent in question was filed in June of 1994 (and granted in 1998), whereas Microsoft's dates from December of that year. It describes a general method of handling the formatting information in documents by separating it out from the text that's being formatted. In this sense, it's a superset of Microsoft's new patent, which claims similar capabilities but is exclusively targeted to XML file formats.
A Washington state man who admitted using the LimeWire file-sharing program to steal tax returns and other sensitive documents has been sentenced to more than three years in federal prison.
Frederick Eugene Wood of Seattle was ordered to serve 39 months for a fraud scheme that prosecutors said was a "particularly pernicious and devious one." In it, Wood would search the hard drives of LimeWire users for files that contained words such as "statement," "account" and "tax.pdf." He would then download tax returns, bank statements, and other sensitive documents and use them to forge counterfeit checks and steal the identity of the individuals who filled out the documents.
Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.
The bug involves the way kernel-level routines such as sock_sendpage react when they are left unimplemented. Instead of linking to a corresponding placeholder, (for example, sock_no_accept), the function pointer is left uninitialized. Sock_sendpage doesn't always validate the pointer before dereferencing it, leaving the OS open to local privilege escalation that can completely compromise the underlying machine.
Many expected Google or even Twitter to buy the company, which has been praised for its "real-time" search engine.
This type of search is valuable because it lets you know what is happening right now on any given subject.
"Google look out, Facebook knows the real money is in real-time search," said respected blogger Robert Scoble.
Although still in the testing phase, the firm says it is the "first step in improving the speed, accuracy and comprehensiveness of search results".
The new engine will replace Google's current one after tests are complete.
Martin McNulty of search marketing specialist Trafficbroker said the upgrade threatened to put Microsoft's new engine, Bing, "in the shade".
The company issued a statement after one owner discovered his phone was sending data every day back to Palm.
The information included the current location of the phone and how long each application was used for.
In its statement, Palm said it took users' privacy "seriously" and said it gave phone owners ways to turn features on and off.
