Tuesday, January 16, 2007

Is It Illegal To Disclose a Web Vulnerability?. Scott writes "I'm submitting my own story on an important topic: Is it illegal to discover a vulnerability on a Web site? No one knows yet, but Eric McCarty's pleading guilty to hacking USC's web site was 'terrible and detrimental,' according to tech lawyer Jennifer Granick. She believes the law needs at least to be clarified, and preferably changed to protect those who find flaws in production Web sites [~] as opposed to those who 'exploit' such flaws. Of course, the owners of sites often don't see the distinction between the two. Regardless of whether or not it's illegal to disclose Web vulnerabilities, it's certainly problematic, and perhaps a fool's errand. After all, have you seen how easy it is to find XSS flaws in Web sites? In fact, the Web is challenging the very definition of 'vulnerability,' and some researchers are scared. As one researcher in the story says: 'I'm intimidated by the possible consequences to my career, bank account, and sanity. I agree with [noted security researcher] H.D. Moore, as far as production websites are concerned: "There is no way to report a vulnerability safely."'"[Slashdot] 9:14:51 PM      Google It!.

Apple Charges For 802.11n, Blames Accounting Law. If you have a Core 2 Duo Macintosh, the built-in WLAN card is capable of networking using (draft 2) 802.11n. This capability can be unlocked via an update Apple distributes with the new AirPort Extreme Base Station. Or, they will sell it to you for $4.99. Why don't they give it away for free, say with Software Update? Because of the Sarbanes-Oxley Act (which was passed in the wake of the Enron scandal). iLounge quotes an Apple representative: "It's about accounting. Because of the Act, the company believes that if it sells a product, then later adds a feature to that product, it can be held liable for improper accounting if it recognizes revenue from the product at the time of sale, given that it hasn't finished delivering the product at that point."[Slashdot] 8:30:22 PM      Google It!.

The Hidden Engineering Gender Gap. ifindkarma writes "Joyce Park, CTO of invitation site Renkoo.com, has written a two-part essay exploring why there is no pipeline of self-taught female engineers entering the tech industry via Open Source or other individual efforts. In The Hidden Engineering Gap, she asks why there are so many self-taught male software engineers in startups, but no similar pool of women. In A Modest Proposal, she discusses a potential short-term fix to the problem: a one-year, co-op, certificate-granting program for women set up and sponsored by Silicon Valley companies." dgilik notes that his unscientific survey suggested that 93% of Linux users are male.[Slashdot] 8:27:35 PM      Google It!.

Two Charged in Payments From Wagers on Internet. Two founders of a company that processes Internet gambling transactions were arrested and charged with laundering billions of dollars in gambling proceeds. By THE ASSOCIATED PRESS. [NYT > Technology] the wild internet is beginning to be domesticated --BL 8:24:39 PM      Google It!.

Skype Founders Develop Media Streaming Tech. [RnP]Venom writes "It appears that after selling Skype to Ebay, Skype founders Janus and Niklas haven't been resting on their laurels. As reported by ZDNet, and the International Herald Tribune, they have been hard at work developing a new TV streaming application called Joost. With as little as 6,000 people currently testing the project details are a bit scarce, but if it does remotely as well as their Phone/IM success, it could be a real treat. From the IHT article: 'Joost may eventually try to move onto television sets, but the company said it will initially focus on making it easier and more fun to watch TV on a computer. Similar to the Skype model, Joost users will download free software -- this time to help them browse for channels and clips they're interested in. One of the company's executives, Henrik Werdelin, said in a videotaped interview that Joost aims to keep the quality of television programming, its picture quality and its ease of use, but improve other aspects.'" [Slashdot] 11:55:05 AM      Google It!.

Memories are made of this molecule. European scientists have isolated a receptor molecule called TrkB that initiates a signalling pathway for long-term potentiation (LTP) in the brain of a living mouse.... [KurzweilAI.net Accelerating Intelligence News] 9:00:53 AM      Google It!.

Humans, Neanderthals 'interbred'. Read full story for latest details.[CNN.com] 8:59:15 AM      Google It!.

Fluendo To Sell Proprietary Codecs For Linux. Several readers wrote in to tell us that the open source media software development company Fluendo has announced plans to sell native Linux implementations of proprietary video codecs such as Windows Media, MPEG-2, and MPEG-4. (Press release here.) From the article: "Currently, many Linux video applications facilitate Windows Media video playback using Windows DLL files and Wine, which provides suboptimal performance, particularly with streaming video. Fluendo's codecs could potentially provide better integration for streaming Windows Media playback in Linux web browsers as well as through GStreamer-based desktop applications like Totem."[Slashdot] 8:56:49 AM      Google It!.

Second Life is starting to grab me. I[base ']ve kinda sat on the fence with Second Life. But really, there[base ']s no arguement about it. SL is an intensly engaging and inspiring space to be working in. Ever since the Future of Learning in a Networked World and talking more with Jo Kay and Sean FitzGerald I can see it more clearly. With surprisingly little effort, IT here opened the communication port to allow access into SecondLife. Gotta hand it to the IT crew here at Otago Poly, for all my moaning about the profession generally (mostly legacy attitude from a gestapo like IT department in NSW DET), they have mostly been very responsive in taking off filters, allowing me to install software and try out things like Second Life. Anyway, today I pulled a group of Occupational Therapy lecturers and others, to meet and watch as I met Jo in Second Life. In an intense hour of moving around, riding a balloon, visiting Harvard Law[base ']s SL school, and a Medical Library, not to mention bringing up a heap of Youtube videos, related websites, wikis and blogs, I think the group began to see how all this stuff can tie in together. (Links follow) But, the usual overwhelmed feeling still pervades - that I fear will paralise anyone from moving into trialing out new practices with this teachnology. I[base ']m ready, give me a project, I[base ']d like to get iinto this I think[sigma] Great links: Jo Kay[base ']s BlogHud - where she is intergrating Blogging in with SecondLife Jo Kay[base ']s Flickr photos - a bunch of screengrabs from Jo[base ']s SL experiences SAE in Second Life - an excellent wiki page by Sean and Jo to support their presentations about edu use of SL NMC Campus: Seriously Engaging - Youtube vid Second Life Medical Library - an amazing range of information in a virtual library! A Masters in Digital Media course blog - that also has a campus in Second Life Cyber One - Harvard Law course that has a blog, wiki and Second Life campus This work is licensed under a Creative Commons (Attribution) license.[Learn Online] 8:41:12 AM      Google It!.

Netflix to Deliver Movies to the PC. Netflix is introducing a service to deliver movies and television shows directly to PCs, not as downloads but as streaming video. By MIGUEL HELFT. [NYT > Technology] 8:38:45 AM      Google It!.