Thursday, December 04, 2003

----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
1.  TROJ_PSYME.A
2.  TROJ_WINCAP.A

11:34:30 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  DVDs, drives don't mix, says government study. A study by the standards arm of the U.S. Commerce Department shows that DVDs and DVD drives are compatible a mere 85 percent of the time.
2.  Wireless carriers show porting piety. Some U.S. cell phone providers are reportedly offering refunds to customers who have experienced multiple-day delays getting old numbers switched to new phones.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Man to Pay in Counterfeit Software Case (AP). AP - A Virginia man has agreed to pay Microsoft Corp. $1.7 million as part of a guilty plea to federal charges related to selling counterfeit software.
4.  FCC May Act Against AT&T Wireless (washingtonpost.com). washingtonpost.com - The Federal Communications Commission is investigating problems at AT&T Wireless Services Inc. involving phone-number transfers as a prelude to possible action against the company, according to an FCC source.
5.  U.N. Summit to Focus on Internet (washingtonpost.com). washingtonpost.com - Leaders from almost 200 countries will convene next week in Geneva to discuss whether an international body such as the United Nations should be in charge of running the Internet, which would be a dramatic departure from the current system, managed largely by U.S. interests.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
6.  New rsync Released to Fix Vulnerability
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
7.  IBM submits EPAL to W3C

10:34:13 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Lessig tears SCO a new one. Larry Lessig, having heard about Darl "SCO" McBride's latest missive, has dropped everything to write a scathing response.

We should all believe that the "progress of science" is best advanced when "Authors" have the right to do with their property whatever it is they want to do -- consistent with the law, and so long as the property right is properly balanced. And we should all believe that the "progress of science" is best advanced when that right is "vigorously protect[ed]".

But the owners of GPL'd software are doing no more than exercising this right, just as Microsoft would exercise its right. They are profiting from the right to choose the terms under which they release their software, and the terms they have chosen also have a great benefit to other software innovation. They exercise their property right; they and we benefit.

But if we are to protect that property right "vigorously," then we should take steps to protect property owners from baseless lawsuits against their right to use their property as they wish. So when it comes to the matter of sanctions against the lawyers in this case, the judge might well want to consider how important it is that the property right of copyright owners be "vigorously" defended.

Link
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  Rescuing cybersecurity. Silicon Valley executives meet with U.S. government officials during a cybersecurity summit in an effort to enhance security programs, but regulations may follow if those efforts fail.
3.  Briefly: Avaya targets small business. Avaya targets small, midsize businesses...Toshiba, SanDisk fast-forward flash facility...Wyse, Transmeta in computer pact.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
4.  IBM CFO Says Businesses Ready to Spend (Reuters). Reuters - Companies are ready to start spending more on technology, International Business Machines Corp.'s (IBM.N) top finance executive said on Thursday.
5.  Intel Forecast Disappoints, Stock Drops (Reuters). Reuters - No. 1 computer chip maker Intel Corp. on Thursday disappointed investors when it failed to raise the top of its fourth-quarter sales forecast and unveiled a $600 million charge for a poorly performing wireless business.
6.  SBC, Yahoo Expand DSL Marketing to 2,000 Stores (Reuters). Reuters - Telephone carrier SBC Communications Inc. (SBC.N) on Thursday said it has struck deals to market high-speed Internet access service it offers with Yahoo Inc. (YHOO.O) at 2,000 retail stores across its operating territory.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
7.  AOL's $299 PC
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
8.  Re: [ANNOUNCE] glibc heap protection patch

9:33:50 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  New bizmodel: screw customers with phony charges. David Pogue takes up arms against "miscellaneous" charges on phone and banking bills, and against "innocent" mistakes where customers are repeatedly, routinely overcharged.

Phase 1 of this program was the proliferation of miscellaneous fees - for "regulatory assessment," "handling," "restocking," and so on. According to Business Week, newly concocted fees will generate $100 million for hotels this year, $2 billion for banks, $11 billion for credit-card companies - and an average of 20 percent extra on every phone bill.

Link

(via Smartpatrol)
2.  Infringement isn't terrorism. My colleague Jason Schultz has blogged some pithy remarks about the head of WIPO's comparison of copyright infringement to terrorism. God, how I hate the comparison of all things to terrorism, it's such shoddy rhetoric. Really: if copyright infringement is like terrorism, does that mean that our first line of defense against illicit music downloading shoud be the systematic confiscation of nailfiles and scissors from business travellers?

Mr Idris described how he had heard of children dying after using counterfeit baby shampoo and warned of the potentially disastrous consequences of relying on machines that had been made using an illicitly duplicated model.

Excuse me, but those aren't intellectual property/piracy problems. False advertising is a consumer protection issue and a problem that everyone supports eradicating...

However, there have been several documented instances where WIPO's own high protectionist patent and data registration policies are actively hurting patient access to AIDS-related drugs and other essential medicines in the third world, Africa in particular...

Link
3.  Cellphone charger also disinfects. A Korean outfit has announced a cell-hone charger that also disinfects the handset. I need one of these for airport touchscreen check-in kiosks, which always seem to be covered in a thin film of Burger King and mucous.

According to the company, the germ-killing products are equipped with an airtight container and a special lid on top of the normal charger’s body to sterilize the digital gadgets during recharging.

Link

(via Gizmodo)
4.  Homemade astrolabes and such.

Nice gallery of a hobbyist's efforts to reproduce ancient scientific instruments. I love the astrolabes.

Link

(via Making Light)
5.  Photos from amusement park trade-show.

The crew from Intercot have been attending the International Association of Amusement Parks and Attractions conference in Orlando and posting kick-ass photos as they go.

Link

(Thanks, Gary!)

6.  Reforming a garbage house. This is an inspiring story about an obsessive "hoarder" whose home had become a garbage house, so full of crap that he was in danger of going to jail for criminal violations of local ordinances. Then the county counsel cut a deal with the president of the local chapter of the National Assn. of Professional Organizers to help the craphound clean up his life -- and he allowed a news-crew to document the process.

Drum, wearing a wide-brimmed straw hat tied under his chin, will supervise from a chair near the garage. Breininger is jazzed. Drum has kept his promise not to bring anything back into the two rooms the crew cleared out a week ago.

Drum is nervous. He frets about the broken windows and rotting flooring, things that must be fixed to put him back on the right side of the law. And he wants shelves so he can have his books, now boxed, around him.

"First, we get you organized, then we'll figure out how to take care of the repairs and the beautification," Breininger reminds him.

Link

(via Making Light)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
7.  IBM takes aim at more corporate spending. Big Blue accelerates its strategy of using industry-specific business expertise to get a larger portion of corporate spending, IBM executives say.
8.  Cybersecurity task forces push for results. Five working groups formed at the National Cyber Security Summit release initial reports and focus on delivering results within a year.
9.  What's up, Doc? Not the number of science Ph.D.s. A survey shows that the number of doctoral degrees awarded in U.S. science and engineering programs continues to drop. Women, however, are earning a growing share.
10.  Should ISP subscribers pay for P2P?. Several proposals to collect money from ISP subscribers to pay for online music swapping are bubbling to public attention in the United States and Canada.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
11.  AT&T Wireless Asked About Cell Transfers (AP). AP - Federal regulators on Thursday asked AT&T Wireless to respond to complaints that it's taking too long to switch customers who want to transfer their cell phone service to another company.
12.  Google Asks Court for Ruling on Trademarks (Reuters). Reuters - No. 1 Web search service Google Inc. has asked a court to rule on whether its keyword searches infringe company trademarks, a move that lawyers said could set the stage for a landmark ruling over online advertising.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
13.  Slashback: Matrix, Terminology, Topology
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
14.  IDC predicts 'tech resurrection' in '04. An improving U.S. economy and pent-up demand after years of austerity will combine to fuel IT spending growth in 2004, research firm IDC predicts.
15.  AOL offers $300 PC with one-year subscription. America Online Inc. (AOL) now sells a cheap PC designed to boost its shrinking user base with a one-year commitment to AOL's Internet access service required at purchase.
16.  Sun looks to lead Linux onto desktop. BERLIN - Sun Microsystems Inc. has just rolled out its first Linux-based desktop software and is working to secure deals with governments and businesses to deploy it, but the company isn't targeting Microsoft Corp., a Sun executive said Thursday.
17.  HP to expand Debian Linux support. BANGALORE, India --In an effort to cater to vertical markets and customers who want customized applications that require changes to the Linux kernel, Hewlett-Packard Co. is planning to expand support offerings to customers who run the Debian Project's version of the operating system.
18.  SD card to add Wi-Fi capability to smart phones. SAN JOSE, CALIF. - Chip design company SyChip Inc. is testing software for its SDIO (secure digital I/O) WLAN (wireless LAN) card so it can be used to add Wi-Fi capability to smart phones.
19.  Study: Carbon nanotubes make the best semiconductors.  Carbon nanotubes, the experimental materials seen as possible replacements for conventional chip-making materials, conduct electricity better than any other material at room temperature, according to researchers at the University of Maryland in College Park.
20.  IBM submits EPAL to W3C. IBM Corp. has submitted a draft of its EPAL (Enterprise Privacy Authorization Language) to the World Wide Web Consortium (W3C) to develop, the company announced this week.
----------------------------------------------------------------------
InfoWorld: Security
----------------------------------------------------------------------
21.  IBM submits EPAL to W3C. IBM Corp. has submitted a draft of its EPAL (Enterprise Privacy Authorization Language) to the World Wide Web Consortium (W3C) to develop, the company announced this week.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
22.  [RHSA-2003:398-01] New rsync packages fix remote security vulnerability
23.  SuSE: Rsync heap overflow vulnerability
24.  Fedora: Xboard predictable file-write exploit
25.  Red Hat: rsync heap overflow
26.  WORM_AGOBOT.DJ
27.  Linksys Router 'WRT54G' DoS Vulnerability
28.  GNU's FSF Savannah project hacked
29.  Desktop Computers and Wlans: Similar in Security

8:33:35 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Update on Star Wars and Photoshop. At least a hundred (well, OK, 30) of you wrote to say that the MacWorld story about Photoshop's relationship to Star Wars is bogus. Here's a link, decide for yourself.

Link
2.  Walt Disney's FBI files.

Walt Disney's FBI files are a hoot -- all 450 pages worth. Mostly, they consist of various Feebs (all the way up to Hoover, whom field agents call "The Boss") fretting that Disney's farce comedies like That Darn Cat (which was based on a novel written by a retired Agent who was a constant thorn in the Bureau's side) would cast a disparaging light on the Bureau and speculating about how to convince Walt to change the FBI agents to a different species of Fed cop -- SS, Park Ranger, anything but the G-Men. Also noteworthy: trying to figure out if Walt is a Commie, debating whether they should let Walt film the crime-lab as part of a Mickey Mouse Club "future careers" spot.

2.8MB PDF Link, 3MB PDF Link, 2.7MB PDF Link
3.  Tapestries for the 21st Century.

Wonderful Something Awful photoshopping contest to create medieval tapestries with modern themes.

Link (Thanks, Gnat!)

4.  Recreating Toad Hall in CGI.

The Mr Toad's Wild Ride at Walt Disney World's Fantasyland has been gone for years, shoved aside to make way for the Pooh ride. One Toad truefan is bringing the ride back as a detailed 3D VR experience, a la the virtual Journey Thru Innerspace.

Link

(Thanks, Caines!)
5.  Anti-Terror Line: audblogging The Man. The Anti-Terror Line is the reverse of a Fed snitch line -- it's a number you can call when The Man is giving you a hard time in the name of defending the homeland from terrorists -- your call (and anything you can get your attacker to utter into the handset) is recorded and published on a webserver where you can annotate it. Natalie Jermijenko, the project's originator, has used it to record herself being put off an airline for using the first class toilet.

Link
6.  Stephen King: forget piracy, boomers are just tired of buying crap. Stephen King's editorial in the new Entertainment Weekly (not online, but the best part is below) opines that the real crisis in the entertainment industry isn't piracy, it's mental fatigue among moneyed baby boomers.

So what happened in the '90s? I think we're seeing an entire generation -- my generation, the baby-boom generation -- turning off the lights upstairs and putting a sign on the door: SORRY, BUT I'M TAKING A NAP. MIND CLOSED UNTIL FURTHER NOTICE. Pretty much the same deal is going on with music sales. Piracy and illegal downloads, although covered to a fare-thee-well in the press, account for only a fraction of the drop in $$. I think what's happening is all too clear: We baby boomers are just too pooped to party. Oh, we do buy some records -- you may have heard that we love the Beatles, Rod Stewart, and those funksters the Rolling Stones. Just don't try to get us to listen to anyone who isn't registered with AARP! Bob Seger was probably correct when he told us rock & roll never forgets, but it sure gets tired.

Movie-ticket sales have remained strong, but only because the studios are selling a product aimed almost solely at Gen-X and Gen-Y. Most R-rated movies go in the tank. PG-13 rules. A film like ''The Fast and the Furious'' strikes box office gold, while Clint Eastwood's ''Mystic River'' muddles along at the box office. I'd argue that 20 years ago, ''Mystic River'' would have done ''Chinatown'' box office numbers. Now the baby boomers look at the previews on TV and think, Nah, that looks too serious. Too hard. Guess I'll stay home and watch ''Jeopardy!'' And the ''Jeopardy!'' answer is ''Just about the saddest thing Steve King can think of.'' The question is ''What do you call a whole generation going to sleep?''

(Thanks, Jason!)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
7.  Buyers in line for VOIP gear next year. Corporations will increase spending on network gear in the first half of 2004 in several product categories, according to a new report.
8.  Report: Keep broadband in companies' hands. The broadband industry may be dominated by phone and cable companies, but that doesn't mean the government needs to get involved, according to the Congressional Budget Office.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
9.  IBM CFO Sees Long-Term Growth (Reuters). Reuters - IBM will grow more quickly than the technology industry and the overall economy in the long-term, a top executive said on Thursday, saying business spending is starting to show signs of improvement.
10.  Intel Sales Forecast Disappoints (Reuters). Reuters - No. 1 computer chip maker Intel Corp. (INTC.O) on Thursday disappointed investors when it failed to raise the top of its fourth-quarter sales forecast and took a $600 million charge for poor performance in its wireless business.
11.  Qwest to Launch Internet-Based Calls Monday -CEO (Reuters). Reuters - Qwest Communications International Inc. (Q.N) will launch on Monday in Minnesota consumer telephone service via high-speed Internet lines.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
12.  California Bans Genegineered Fish
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
13.  IT giants fingered over links to China. 'Responsible for the plight of China's embattled Internet users'
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
14.  TROJ_WINFAVS.A

8:03:23 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  What's in store for Wi-Fi standards?. At the Wi-Fi Planet conference, key industry groups give an update on upcoming wireless networking standards to improve security, higher throughput and VoIP.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  Microsoft hit by DoCoMo 3G choice (FT.com). FT.com - NTT DoCoMo on Thursday made bullish predictions for its third-generation service, saying half of its forecast 50m subscribers would be using its 3G service by 2006.
3.  Peer-To-Peer Group Floats Scheme to Pay for Music (Reuters). Reuters - Internet users who copy music through "peer-to-peer" networks should pay a flat fee to compensate musicians and record labels whose songs they download, a technology trade group proposed on Thursday.
4.  U.N.: Statistics on Internet Use Flawed (AP). AP - The extent of the technology gap between richer and poorer nations may be smaller than believed because of flawed statistics on Internet use, the U.N. communications agency said Thursday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  TunA and Socializing via MP3 Player
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
6.  BugTraq: Re: [ANNOUNCE] glibc heap protection patch. Sender: Jim Knoble [jmknoble at pobox dot com]
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
7.  The growing problem of identity theft
8.  VanDyke Streamlines Secure Server Access
9.  GLSA:kernel (200312-02)
10.  Linux 4inarow game multiple vulnerabilities.
11.  [CLA-2003:794] Conectiva Security Announcement - rsync
12.  Conectiva update for rsync
13.  Conectiva update for rsync
14.  EnGarde update for rsync
15.  EnGarde update for rsync

6:33:00 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  The Smalley vs. Drexler "Battle of the Nano Scientists" rages on. Nobel Laureate nanotechnologist Richard Smalley and pioneering nano visionary Eric Drexler have taken their firey debate about the scientific probability (and exact definition) of molecular assemblers to the front page of Chemical & Engineering News magazine. Here's the Foresight Institute's summary. Ray Kurzweil has jumped into the fray too. Link
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  Tech spending to rise in 2004, says IDC. In the coming year, tech spending will increase, IBM will indemnify customers in the SCO suit, and offshore outsourcing will double, the market analysis firm predicts.
3.  FCC seeks to overturn cable broadband ruling. The agency files a petition requesting a rehearing in a case that could bring new federal regulations to the cable broadband industry.
4.  Bush signs nanotech bill. President Bush approves a bill that will provide $3.7 billion over four years to research and promote the commercial evolution of nanotechnology.
5.  Intel update reveals higher revenue but also a charge. The industry bellwether raises its revenue outlook for the fourth quarter, citing strong chip sales, but it also expects to take a $600 million charge related to communications products.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
6.  Intel Corp. Narrows 4Q Revenue Estimates (AP). AP - Buoyed by the holiday season's strong demand for personal computers and consumer electronics, Intel Corp. narrowed its fourth-quarter revenue estimate toward the high end of its previous forecast.
7.  Web Site Removes Ad Selling Human Kidney (AP). AP - Auction Web site eBay removed a listing Thursday from a British man who was attempting to sell one of his kidneys to finance medical treatment for his sick daughter.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
8.  The Most Incorrect Assumptions In Computing?
9.  2003 Videogame Holiday Gift Guide
10.  Mame on the Nokia N-Gage
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
11.  BugTraq: [CLA-2003:794] Conectiva Security Announcement - rsync. Sender: Conectiva Updates [secure at conectiva dot com dot br]
12.  BugTraq: Linux 4inarow game multiple vulnerabilities.. Sender: Shaun Colley [shaunige at yahoo dot co dot uk]
13.  BugTraq: [RHSA-2003:398-01] New rsync packages fix remote security vulnerability. Sender: [bugzilla at redhat dot com]
14.  Vulnerabilities: Applied Watch Command Center Authentication Bypass Vulnerability. Applied Watch Command Center is an application used to command and control Snort IDS. The Command Center package is composed of an agent to grab Snort logs, a server and...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
15.  Gentoo: Rsync heap overflow vulnerability
16.  Gentoo: Kernel buffer overflow vulnerability leading to root
17.  EnGarde: 'rsync' heap overflow vulnerability
18.  Websense XSS güvenlik açýðý
19.  [VIRUS] W32/Mimail.M
20.  Redhat 9.0 üzerine Snort IDS ve Acid Kurulum Klavuzu
21.  Release: AiroPeek NX Expert WLAN analyser v2.0
22.  [ESA-20031204-032] 'rsync' heap overflow vulnerability
23.  Intresting case of SQL Injection
24.  GLSA: exploitable heap overflow in rsync (200312-03)
25.  Debian update for rsync
26.  Debian update for rsync
27.  SuSE update for rsync
28.  SuSE update for rsync
29.  Gentoo update for rsync
30.  Gentoo update for rsync
31.  OpenPKG update for rsync
32.  OpenPKG update for rsync
33.  Fedora update for rsync
34.  Fedora update for rsync

5:32:49 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  Avaya targets small, midsize businesses
2.  Briefly: Avaya targets small, midsize businesses. The company announces the latest customer for its IP Office product...Toshiba, SanDisk fast-forward flash facility...Wyse, Transmeta in computer pact.
3.  Commentary: Cutting to the chase on blade servers. The server industry is in a blade frenzy. But will the thin machines really pay off for customers who don't need high-density racks of servers? Yes--eventually.
4.  AOL unveils a $299 PC deal. The company is offering a PC, monitor and color printer for $299 to subscribers who sign up for one year of Internet access, the latest effort to prop up its subscriber base.
5.  Oracle joins grid effort. The database giant will join Hewlett-Packard and IBM in a European project aimed at advancing grid computing technology.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
6.  Siebel, BT Join Forces on CRM OnDemand (NewsFactor). NewsFactor - Siebel (Nasdaq: SEBL) Systems announced that BT is the first UK-based company to sell, market, host and support its CRM OnDemand product in the UK. BT will begin selling CRM OnDemand in the first quarter of 2004 to small and mid-size businesses and divisions of larger organizations as either a hosted system or integrated with on-site deployments of Siebel enterprise applications.
7.  Sun Snubs Eclipse (NewsFactor). NewsFactor - There will be no Eclipse for Sun, as the networking giant has opted out of joining IBM's (NYSE: IBM) applications-development platform. Instead, Sun is forging ahead with its own open-source Java tools framework.
8.  Peer-To-Peer Group Floats Scheme to Pay for Music (Reuters). Reuters - Internet users who copy music through "peer-to-peer" networks should pay a flat fee to compensate musicians and record labels whose songs they download, a technology trade group proposed on Thursday.
9.  Trojans on the Rise, Say Computer-Security Experts (NewsFactor). NewsFactor - The Greeks are at the door, according to Internet-security company Sophos, which has sounded the warning of a sharp increase in the number of Trojans being used to infect and attack computers.
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
10.  BugTraq: [ESA-20031204-032] 'rsync' heap overflow vulnerability. Sender: EnGarde Secure Linux [security at guardiandigital dot com]
11.  BugTraq: Intresting case of SQL Injection. Sender: Martin Sarsale (runa at sytes) [runa at runa dot sytes dot net]
12.  BugTraq: GLSA: exploitable heap overflow in rsync (200312-03). Sender: Daniel Robbins [drobbins at gentoo dot org]
13.  BugTraq: GLSA: kernel (200312-02). Sender: Rajiv Aaron Manglani [rajiv at gentoo dot org]
14.  Vulnerabilities: NFS-Utils Xlog Remote Buffer Overrun Vulnerability. nfs-utils provides various NFS tools, including a daemon for handling RPC requests. It is available for Unix and Linux variants.

A remote buffer overrun vulnerability ha...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
15.  Slackware: Rsync heap overflow vulnerability
16.  Debian: Rsync heap overflow vulnerability
17.  Wireless Network Security Concerns Dominate Wi-Fi Show
18.  Re: FreeBSD arp poison patch
----------------------------------------------------------------------
Internet/Network Security
----------------------------------------------------------------------
19.  Book Review: The Effective Incident Response Team. The Effective Incident Response Team is a great book to help managers or administrators understand the function of a CIRT (computer incident response team). It is written in English that non-techies can understand and is designed to provide a conceptual...

4:32:25 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  No Parking Tree. Picture of a tree that has assimilated a No Parking sign. Link (thanks, Pete!)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  Commentary: McNealy doesn't get off scot-free
3.  Dell flies Red Flag Linux in China. The computer maker starts selling servers running a version of Linux from Red Flag, a Chinese company seen as an important ally in gaining customers in that country.
4.  Sun plots push for open-source tools. The company plans to grab a bigger slice of Java tools business by overhauling its NetBeans software and by improving how tools and code work together.
5.  BT expands budget broadband for businesses. British Telecommunications is expanding the reach of SDSL, a popular form of high-speed Internet access for businesses, giving more small U.K. companies a cheaper alternative to leased lines.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
6.  China Pushes Network Encryption Standards (AP). AP - China has ordered equipment makers to use the country's own encryption standards for wireless networks, ensuring stronger government control and giving domestic manufacturers a slight respite from some foreign competition.
7.  Video Gaming Companies IGN, GameSpy to Merge (Reuters). Reuters - Two of the Internet's leading video game companies, IGN Entertainment and GameSpy Industries, on Thursday said they will merge to create a company offering gaming news, information, downloads, data services and community features.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
8.  The Blind Men and the Elephant
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
9.  Vulnerabilities: Sun Cluster TCP Port Conflict Denial Of Service Vulnerability. Sun Cluster is the high-availability software package maintained and distributed by Sun Microsystems. It is available for the Unix platform.

A vulnerability has been di...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
10.  Suse: Rsync heap overflow vulnerability
11.  GNU's FSF Savannah project hacked
12.  SuSE No Longer Providing Security Support for 7.3 after Dec 15, 2003
13.  56% of All Email was Spam this November
14.  AntiOnline Spotlight: VLAN Intro
15.  4 Dec W32/Sdbot-L
16.  Re: [ANNOUNCE] glibc heap protection patch
17.  Re: speedtouch 510 DOS
18.  Re: [ANNOUNCE] glibc heap protection patch
19.  Re: Linksys WRT54G Denial of Service Vulnerability
20.  Re: [ANNOUNCE] glibc heap protection patch
21.  Re: Altova XMLSpy "phones home" user data
22.  SUSE Security Announcement: rsync (SuSE-SA:2003:050)

3:32:01 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  McNealy dodges crisis talk. At Sun's first European user conference, CEO Scott McNealy says the only challenge facing the company is getting its message across to customers.
2.  Intel wants partners for new Wi-Fi part. Chipmaker Intel is working on partnerships with consumer electronics and content providers to help consumers make better use of its upcoming component based on the latest Wi-Fi standard.
3.  SBC Yahoo DSL expands retail presence. SBC Communications and Yahoo plan to promote their broadband service in more retail stores, as part of an ongoing effort to boost subscriber growth.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
4.  Hollywood Accuses Norwegian Hacker of Burglary (Reuters). Reuters - A Norwegian hacker who has angered Hollywood by cracking a DVD copy protection code is a cyberspace version of a burglar, plaintiffs told an Oslo appeals court Thursday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  Stealth Inflation
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
6.  BugTraq: SUSE Security Announcement: rsync (SuSE-SA:2003:050). Sender: [thomas at suse dot de (Thomas Biege)]
7.  BugTraq: Re: [ANNOUNCE] glibc heap protection patch. Sender: Troed Sångberg [troed at sangberg dot se]
8.  Vulnerabilities: GNU Screen Escape Sequence Integer Overflow Array Indexing Vulnerability. GNU Screen is prone to an integer overflow vulnerability that may be triggered by including 2-gigabytes or more of semi-colons (;) or colons (:) in an escape sequence.

..
9.  Vulnerabilities: Xinetd Scheduled Retry Double Free Vulnerability. Xinetd is intended as a secure replacement for inetd. It is designed for use with Linux and Unix variant operating environments.

A double free has been fixed in Xinetd. ...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
10.  RIAA Keeps Heat On Music Downloaders
11.  Gartner To Corporations: Don't Rely On CAN-SPAM
12.  Group Launches Patch Management Mailing List
13.  XSS Vulnerabilities in Alan Ward Acart
14.  Plaintext Vulnerability in Alan Ward Acart
15.  XSS vulnerabilities in register.asp in Alan Ward Acart
16.  Re: [ANNOUNCE] glibc heap protection patch
17.  [slackware-security]rsync security update (SSA:2003-337-01)
18.  TSLSA-2003-0048 - rsync
19.  rsync security advisory (fwd)
20.  Improper authentication checking in Alan Ward Acart
21.  [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)
22.  Linux kernel do_brk(), another proof-of-concept code for i386
23.  Re: [ANNOUNCE] glibc heap protection patch
24.  SuSE Security Announcement: Kernel brk() vulnerability (SuSE-SA:2003:049)
25.  [SECURITY] [DSA 404-1] New rsync packages fix unauthorised remote code execution

2:31:51 PM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Voting Machines Vs. Slot Machines
2.  Review of Squeezebox MP3 Player
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
3.  Online shopping soars during 2002. Online shopping and other forms of e-commerce grew by 39% in the UK last year, a new report suggests.
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
4.  BugTraq: SuSE Security Announcement: Kernel brk() vulnerability (SuSE-SA:2003:049). Sender: Olaf Kirch [okir at suse dot de]
5.  BugTraq: [SECURITY] [DSA 404-1] New rsync packages fix unauthorised remote code execution. Sender: [joey at infodrom dot org (Martin Schulze)]
6.  BugTraq: Re: [ANNOUNCE] glibc heap protection patch. Sender: Adam Shostack [adam at homeport dot org]
7.  Vulnerabilities: Alabanza AlaCart Administration Authentication Bypass SQL Injection Vulnerability. Alabanza AlaCart is a full-featured Shopping Cart software suite, developed by Alabanza.

It has been reported that AlaCart Shopping Cart is prone to SQL injection attack...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
8.  IT giants fingered over links to China. 'Responsible for the plight of China's embattled Internet users', apparently
9.  2 February 2004 is Prescott Day. Current prices to fall the week after
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
10.  BKDR_SPYBOT.AX
11.  Review: Antivirus Products
12.  Update: Yahoo Instant Messenger contains security flaw
13.  Gartner: U.S. law won't deter spammers
14.  Websense Input Validation Flaw in Blocked Site Error Message Permits Cross-Site Scripting Attacks
15.  XBoard Unsafe Temporary Files May Let Local Users Gain Elevated Privileges

2:01:41 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  Accenture on hiring spree in India. The information technology consulting and services giant announces that within the year it plans to double its work force in India, for a total of 10,000 employees.
2.  Gateway turns PC into entertainment gizmo. The computer maker has unveiled a PC that is more of an audio-visual entertainer, complete with an FM radio, DVD burner and other gadgets.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Final Cut Pro to take center stage at Macworld Expo (MacCentral). MacCentral - Next month's Macworld Conference & Expo will highlight the use of Apple's Final Cut Pro video editing software, thanks to the efforts of Final Cut Pro user groups participating in the event.
4.  AOL Offers New Subscribers $299 PC Kit (AP). AP - In its latest attempt to stem declining subscriber numbers at its flagship Internet service, America Online is offering new customers a computer for $299.
5.  Streisand loses fight against online aerial photo (SiliconValley.com). SiliconValley.com - Not even Hollywood royalty is above the First Amendment, a Los Angeles judge ruled Wednesday.
6.  Help Fix Cyber-Security Or Else, U.S. Tells Industry (washingtonpost.com). washingtonpost.com - SANTA CLARA, Calif., Dec. 3 -- Top homeland security officials Wednesday challenged the technology industry to help improve the nation's ability to thwart attacks on computer networks, warning that regulation looms if cyber-security is not improved.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
7.  New BattleStar Galactica Premieres Monday
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
8.  Longhorn piracy provokes Malaysian riposte. The Malaysian government is making renewed efforts to combat software piracy, spurred into action by the recent appearance of pirated copies of Microsoft Corp.'s Longhorn operating system on sale for under M$10 (US$3) in the south of the country.
9.  HP taps Transmeta for blade PCs. Hewlett-Packard Co. (HP) will begin shipping blade PC systems using Transmeta Corp.'s Efficeon processors beginning in March of 2004, the company will announce Thursday. HP also plans to begin offering pay-per-use plans for its business printers and Itanium 2 servers.
10.  Gartner: U.S. law won't deter spammers. Enterprises should not rely on the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) law to prevent the flow of spam into their mailboxes, research company Gartner said Wednesday.
11.  SuSE Linux, IBM launch software integration center. Enterprises needing server software support from SuSE Linux AG running on IBM Corp. middleware can turn to a new software integration center launched Thursday in Toronto by the two vendors.
----------------------------------------------------------------------
InfoWorld: Security
----------------------------------------------------------------------
12.  Gartner: U.S. law won't deter spammers. Enterprises should not rely on the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) law to prevent the flow of spam into their mailboxes, research company Gartner said Wednesday.
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
13.  BugTraq: Re: [ANNOUNCE] glibc heap protection patch. Sender: Stefan Esser [se at nopiracy dot de]
14.  BugTraq: rsync security advisory (fwd). Sender: Andrea Barisani [lcars at gentoo dot org]
15.  BugTraq: Linux kernel do_brk(), another proof-of-concept code for i386. Sender: Julien TINNES [julien at cr0 dot org]
16.  BugTraq: [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync). Sender: OpenPKG [openpkg at openpkg dot org]
17.  Vulnerabilities: Computalynx CMail POP3 Server DELE Function Denial Of Service Vulnerability. CMail is a commercially available email server distributed by Computalynx. It is available for Microsoft Windows operating systems.

A problem with CMail could make it p...
18.  Vulnerabilities: MoinMoin Unspecified Cross-Site Scripting Vulnerability. MoinMoin is a Wiki-type program written in Python. It is available for the Unix and Linux platforms, and is freely-available and open source.

Problems have been identif...
19.  Vulnerabilities: Virtual Programming VP-ASP shopsearch.asp SQL Injection Vulnerability. VP-ASP is a Web-based shopping cart system designed for online retailers.

A vulnerability has been reported to exist in the software that may allow a remote user to inj...
20.  Vulnerabilities: Virtual Programming VP-ASP shopdisplayproducts.asp SQL Injection Vulnerability. VP-ASP is a Web-based shopping cart system designed for online retailers.

A vulnerability has been reported to exist in the software that may allow a remote user to inj...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
21.  Veritas and NetApp snuggle up. Deeper ties
22.  Subdermal RFID chip provokes furore. Black helicopters disgorging lizard invasion army, etc, etc
23.  Fifty more exchanges to get SDSL. Some people like it fast both ways
24.  Phone scam warning exposed as hoax. Urban myth number 352
25.  Humans struggle for supremacy in online robot wars. AI rolls inexorably towards world domination
26.  What Big Bird knows about Sun. Sometimes you have to be a big, tall, yellow freak
27.  e-Minister will make every public library a Wi-Fi hotspot. 'I'm very keen on the idea' - Timms
28.  Broadreach scoops up roaming partners. Boingo, iPass, Gric and more
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
29.  Expert exposes security flaws
30.  Elsewhere: MS exec: Virus authors are winning big
31.  Elsewhere: Cisco airs out Wi-Fi vulnerability
32.  eZphotoshare Buffer Overflow Vulnerabilities
33.  eZphotoshare Buffer Overflow Vulnerabilities
34.  Trustix update for rsync
35.  Trustix update for rsync
36.  L'auteur présumé du ver Raleka arrêté en Espagne
37.  Suse: Kernal buffer overflow leading to root
38.  Wireless Mesh Standard Snares Startup Concerns
39.  Cisco Acknowledges Access Point Security Breach

12:31:12 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  Utility computing reaches HP PCs, printers. Hewlett-Packard announces several new hardware and software products that expand the utility computing idea for servers and extend the technology to printers and PCs.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  Hong Kong's Hutchison may need further 2bn euros for 3G ops (AFP). AFP - Hong Kong conglomerate Hutchison Whampoa may need to spend an extra two billion euros on its third generation (3G) mobile phone business due to a delay in the delivery of new handsets to Europe.
3.  A Case of Internet Security Anxiety (washingtonpost.com). washingtonpost.com - Let the arm-twisting begin. President Bush launched a national cybersecurity plan earlier this year that tells businesses what they should do to protect their critical networks and the Internet -- but now the administration says that they had better batten down their hatches or else Congress will force them to do it.
4.  Wait Until Next Year to Buy That Flat Panel TV (Reuters). Reuters - If a reasonably-priced flat panel TV is on your holiday wish list, you might want to wait until next year.
5.  AOL Hawks Cheap PC to Lure Subscribers (Reuters). Reuters - America Online, the online unit of Time Warner Inc. (TWX.N), began selling a $299 home computer system on Thursday in another attempt to stem subscriber defections.
6.  Mobile Phone Makers Coming Up Short of Supplies (Reuters). Reuters - Mobile phones are flying off the shelves before Christmas and sales are heading for record highs this year as the global economy recovers and low-priced models go on the market.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
7.  Economic Analysis of the Nanotech Future
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
8.  Elsewhere: MS exec: Virus authors are winning big. WIESBADEN, Germany--Creators of computer viruses are winning the battle with law enforcers and getting away with crimes that cost the global economy some $13 billion this...
9.  Elsewhere: Cisco airs out Wi-Fi vulnerability. Cisco Systems is warning of a vulnerability in some of its Aironet Wi-Fi access points that could allow attackers to snoop on corporate networks. Vulnerable access point...
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
10.  Vulnerabilities: My_EGallery Module Remote Include Command Injection Vulnerability. My_eGallery is a freely available, open source PostNuke module. It is available for the Unix and Linux platforms.

A vulnerability has been identified in the handling of...
11.  Vulnerabilities: IlohaMail User Parameter Cross-Site Scripting Vulnerability. IlohaMail is a freely available, open source web e-mail package. It is available for the Unix and Linux platforms.

A problem in the handling of user-supplied parameters...
12.  Vulnerabilities: Surfboard Web Server File Disclosure Vulnerability. Surfboard is a freely available web server implementation for Unix/Linux variants.

Surfboard is reported to be prone to directory traversal attacks. By submitting direc...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
13.  Top-Level-Registry Ziel von Hackern
14.  Yahoo Instant Messenger YAUTO.DLL Buffer Overflow Vulnerability
15.  XBoard Pxboard Insecure tmp File Handling Vulnerability
16.  Websense Blocked Sites Cross Site Scripting Vulnerability
17.  Linksys WRT54G Denial of Service Vulnerability
18.  La distribution LINUX de l'auditeur
19.  Computer security in focus
20.  Computer Virus Variant Hits No-Spam Sites
21.  Keep Data Security in Check
22.  Tech firms urged: Secure cyberspace
23.  Cisco issues wireless Lan security alert
24.  TROJ_RUNET.A

11:30:54 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Battlestar Erotica: Alien Sex! Bombs! Robots! Pathos!. I filed this story for Wired News about the new Battlestar Galactica miniseries:

"We realized the only way we could improve on the original is if the Cylons could have sex," quipped co-executive producer David Eick at Tuesday night's Los Angeles premiere. The chrome-domed "walking toasters" from the original TV series are succeeded by -- well, really hot blond chicks, who infiltrate human society to engineer its doom.

One of the newly humanized enemy androids, Number Six, is played by former Victoria's Secret model Tricia Helfer (so that's Victoria's big secret! -- we always knew there was a sinister purpose behind those ubiquitous catalogs). While in the throes of sex, her spine glows a luminescent, otherworldly, X-ray crimson.

Episode No. 1 of the two-part miniseries, which debuts Dec. 8, explodes with a jaw dropper of a scene that blends Cylon eroticism with equal parts pants-wetting apocalyptic terror and blast-tacular deep-space warfare. None of this should work, but under the nuanced direction of Michael Rymer, it does, spectacularly, and the rest of the episode never disappoints.

Link
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  Cisco airs out Wi-Fi vulnerability. The network equipment maker says a flaw in some of its Aironet wireless access points could allow attackers to snoop on corporate networks.
3.  Hacked Gentoo Linux server taken offline. A server used by the open-source project has been compromised by attackers and subsequently pulled offline for a full forensic analysis.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
4.  Sweden proposes drastic fines for spammers (AFP). AFP - The Swedish government tabled a draft law that would allow it to to crack down on people who flood email inboxes with unwanted advertisements, so-called spam.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  Microsoft to Charge for FAT File System
6.  NYT on Game Mods
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
7.  Firms helping China 'spy on web'. A press freedom group, has accused top companies of helping China censor internet access.
8.  Eye implant to tackle blindness. A new design of eye implant is being constructed by US researchers that may replace a damaged retina.
9.  Google changes anger web firms. Tweaks to the way the world's biggest search engine works mean many firms no longer show up on rankings.
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
10.  MS tightens IP grip on Cleartype and FAT- calls it liberalisation. Pay for WHAT? No, pay for FAT...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
11.  Présentations Microsoft au salon de la sécurité informatique
12.  La solution Mistral de Thales renforce la securisation des echanges sur reseaux IP
13.  Yellow Dog: Kernal buffer overflow leading to root
14.  Trustix: rsync heap overflow vulnerability
15.  Slackware: Rsync heap overflow vulnerability

10:30:31 AM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  PeopleSoft to tweak software fees. The company plans a new pricing structure for its line of business applications as part of its postmerger integration with J.D. Edwards.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  Web Crime Ignites Debate on Privacy Rights (Reuters). Reuters - Germany is floating the idea of easing its cherished privacy laws, designed in part to banish its Nazi and Communist past, in order to combat rising Internet crime.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
3.  Canadian Supreme Court To Define ISP Role
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
4.  BT strikes blow in cable blowing patent case. Broadwing coughs
5.  BT to offer a week's free Wi-Fi access. Wireless Broadband Week to kick off on 26 January
6.  Roll up for the MS UK Win2k backdating updating system. We think maybe there's something they're not telling British businesses...
----------------------------------------------------------------------
Help Net Security
----------------------------------------------------------------------
7.  Sobig-F wins 2003 war of the worms
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
8.  4 Dec W32/Mimail-M
9.  GnuPG HTTP Keyserver Protocol Interface Format String Vulnerability
10.  SuSE update for gpg
11.  Sobig-F wins 2003 war of the worms
12.  Most virulent worms of November
13.  Crackers Strike Gentoo Linux Server, Code Unharmed
14.  Former Intel exec sets Wi-Fi crowd straight
15.  US challenges IT industry on cybersecurity

9:30:21 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Crank letters to corporate America and its response. Consumer Joe is a collection of crank/prank letters sent by screenwriter Paul Davidson to a variety of giagantic corporations, asking, for example, if he should call poison control after swallowing toothpaste, or if the Barbie hot-tub would be suitable for a garden party. The letters are genuinely funny, and the clueless bureaucratese in the responses is often equally good, but best of all are the responses from corporate letter-answerers who have winkled out his game and are playing along with their own sly humor:

Our research and development department went to work right away in the smoothie lab experimenting with your concoctions.

The Tuna Melt smoothie looks promising. We found the key to be white albacore tuna in oil, lots of mayonnaisse and some powdered cheese. However, the Thanksgiving smoothie (turkey, cranberry, and gravy) is posing some challenges. Your recommendation to heat it up would require us to install microwave ovens at all locations.

Link
2.  Photoshop was invented for Star Wars. Photoshop was developed as part of the SFX efforts for Star Wars:

Thomas was a programmer, while John was in charge of special effects for the first Star Wars film. Brown confirms: "Photoshop is here today because of that movie." Thomas developed software to add effects and painting tools to images at John's request.

Link
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  NTT DoCoMo upbeat on 3G business (FT.com). FT.com - NTT DoCoMo on Thursday made bullish predictions for its third-generation service, saying half of its forecast 50m subscribers would be using its 3G service by 2006.
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
4.  Ringing tunes come to UK mobiles. T-Mobile is the first to launch the service that lets mobile users pick what sound callers hear when they call.
5.  Google changes anger web businesses. Tweaks to the way the world's biggest search engine works mean many firms no longer show up on rankings.
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
6.  Sun to spruce up NetBeans tools initiative - Infoworld Staff. Sun Microsystems and the netbeans.org tools organization on Thursday are releasing a road map for the open source NetBeans tools technology, outlining advances to extend development for the Web and Web services.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
7.  rsync Unspecified Heap Overflow Vulnerability
8.  Slackware update for rsync
9.  Security Flaw Found in Yahoo Messenger
10.  Sobig Wins the War of the Worms

8:30:01 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  What happens when you give gamers intelectual property rights?. James Grimmelmann has penned a bloody brilliant essay about the issues raised by allowing (or not allowing) players to hold an intellectual property right to objects they create in games. Inspired by the Second Life announcement at last month's State of Play conference, Grimmelmann presents and synthesizes the positions of a variety of the world's leading thinkers on IP, game economics, and playability, and comes up with more questions than answers. There's fodder for a dozen sf novels here -- and just when I thought that stories about VR worlds where anything can happen (and hence nothing is interesting) were narratively dead in the water...

# Castronova cares about the game society, but not so much about the platform. He's thinking about these in-game values as things that we ought to encourage, perhaps by giving appropriate economic incentives to game owners. It's okay with him if the owners keep their game platforms locked down. As long as some owners give their players a rule-set that preserves in-game freedom, fairness, and community, it's all good.

# Benkler is more or less the opposite. He'd love to see some games ripped open at the level of the platform -- developed by distributed groups and run without a single centralized owner-god-wizard. In his writings on the regulation of communications infrastructure and media concentration, Benkler has consistently emphasized the view that avoiding such concentrations of power at the infrastructure level is the most important act -- from it, everything good flows.

# The agoraXchange people want both the platform and the game world to be open. Now, the question above tugs at apotential tension between these two forms of openness. When push absolutely comes to shove, the agoraXchange team will assert control at the platform layer if their core values are threatened in the game universe; otherwise, they walk the walk and quack the quack of freedom at every level.

# Bartle really doesn't care about either form of freedom. My caricature of him lives in what might be caricatured as the "game designer" paradigm: I want to be free to create whatever strange and twisted world I want. If players like it, they'll join and stay; if they don't like it, they'll go somewhere. Now, Bartle is a great designer, and as with the other great designers, his writings involve an exquisite level of sympathy for (and understanding of) players. But his is basically a "game"-centric view: if you build it, they will play. There aren't political questions here, except potentially if stupid lawyers come barging in and start treating games as something other than games.

Link
2.  Turn NSFW into SFW. BadBlue allows you to interpret your workplace (or school) sysadmin as damage and route around him. The way it works is, you install an app on your home, broadband-connected PC, and then when you get to the office or school, you run a complimentary app on your PC there. The app disguises and forwards all of your Web traffic to your home PC, which fetches and sends back the pages you're looking for, free from automatic monitors, filters, and workplace snoopers.

If this sounds familiar, that's because it's based on the principles underpinning Peek-a-Booty and other "hactivist" apps intended to give Chinese dissidents and other prisoners of censoring proxies free access to the net. Of course, the killer app for this is looking at porn at the office.

OfficeSurfer lets you surf in privacy from your office, bypassing corporate restrictions on specific web sites, defeating monitoring software, and preventing routine logging of your online activities.

Check personal email accounts... visit your favorite web sites... worry-free and hassle-free.

Link

(via Infoanarchy)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
3.  RIAA lawsuits yield mixed results. Millions of computer users are still swapping songs, but record industry says people are slowly learning their lesson.
4.  A dual digital life. Olaf Olafsson, Time Warner's executive vice president of technology, sheds light on his twin roles as a best-selling literary author and a technology strategist.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
5.  Malaysia's Maxis selects Ericsson for 3G system (AFP). AFP - Swedish telecoms giant Ericsson has won a contract for a high-speed third-generation (3G) mobile network from Malaysia's second-biggest cell phone operator Maxis Communications, the companies said in a statement.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
6.  Japanese P2P Users Arrested, Creator Targeted
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
7.  ASA slaps Nodots scam. EU Registry Services also cautioned
8.  Round 3: RIAA sues more file swappers. Sends out warnings too
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
9.  Tech industry works to stem new security rules
10.  Crackers strike Gentoo Linux server, code unharmed
11.  Heckenkamp challenges computer ban
12.  Cisco Wi-Fi kit in minor security flap
13.  Linux security expert defends Debian
14.  Microsoft official: Web virus authors winning battle
15.  Cybersecurity talk is cheap
16.  Security flaw found in Yahoo Messenger
17.  XBoard Insecure Temporary File Creation Vulnerability
18.  HP Tru64 UNIX CDE libDtHelp Privilege Escalation Vulnerability
19.  Les virus travaillent pour les spammeurs
20.  Un aperçu de NGSCB
21.  eBay 'hacker' challenges PC ban
22.  GAO sees weak discipline of DOD purchase offenders
23.  Corpus Christi port buys security technology
24.  Hardware coming for defense credentialing pilot
25.  Trojaner sorgen für ein Drittel aller Spams

7:29:42 AM    

----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
1.  eBay 'hacker' challenges PC ban. Ever-slipping trial date
2.  On the Google Deskbar. Search the Web without a browser
----------------------------------------------------------------------
Wired News
----------------------------------------------------------------------
3.  Ohio Halts E-Voting Machines. Fears of vote tampering cause the state to delay implementation of new touch-screen systems until after the November 2004 election. Meanwhile, state officials will work with manufacturers to make the systems more secure.
4.  Game Makers Get Star Treatment. If you judge mainstream popularity by the frequency of awards shows, the gaming industry is moving up. Spike TV jumps on the bandwagon Thursday with a gala hosted by David Spade. By Dustin Goot.
5.  TunA Lets Users Fish for Music. Media Lab Europe is on to the next wave of peer-to-peer music sharing. TunA software for mobile devices turns everyone into a mobile radio station, ready for wireless jacking on the street. By Kari L. Dean.
6.  Fiber to the People, Right On. When customers own the network, everyone wins. A commentary by Lawrence Lessig from Wired magazine about the economic benefits of socialist networks.
7.  Alien Sex! Bombs! Robots! Pathos!. The Sci Fi Channel's new Battlestar Galactica miniseries blasts the cheese from the classic '70s TV show. Remember those chrome-domed Cylons? They've been reborn as hot babes bent on wiping out humanity. Xeni Jardin reports from Los Angeles.
----------------------------------------------------------------------
Help Net Security
----------------------------------------------------------------------
8.  Cisco Wi-Fi kit in minor security flap
9.  Linux security expert defends Debian
10.  Microsoft official: Web virus authors winning battle
11.  Cybersecurity talk is cheap
12.  Security flaw found in Yahoo Messenger
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
13.  Review - antivirus products
14.  Tech industry put on security notice
15.  Linux Security Expert Defends Debian

6:29:23 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Hong Kong's Hutchison may need further 2bn euros for 3G ops (AFP). AFP - Hong Kong conglomerate Hutchison Whampoa may need to spend an extra two billion euros on its third generation (3G) mobile phone business due to a delay in the delivery of new handsets to Europe.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Paraphrasing Sentences With Software
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
3.  Brazil bets on Linux cybercafes. Cyber cafes using Linux in Sao Paulo are providing computer training to some of Brazil's poorest people.
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
4.  Council accused of gagging Web site. Freedom of speech v defamation
5.  BT and Siemens dance the light fantastic. Ultra-fast optical networking breakthrough
6.  Cisco Wi-Fi kit in minor security flap. WEP schlep
7.  Spam epidemic gets worse. But you knew that already
8.  Sketching in space. Europe in brief
9.  Wi-Fi/Flash combo drives proliferate. Plug'n'play WLAN access
10.  Sex and gambling drive mobile content sales. How old are you?
11.  Nvidia expands workstation graphics line. Quadro FX 1100 available now
12.  The growing problem of identity theft. Europe catching up with USA
----------------------------------------------------------------------
Help Net Security
----------------------------------------------------------------------
13.  Review - antivirus products
14.  Tech industry put on security notice

5:29:02 AM    

----------------------------------------------------------------------
Dilbert
----------------------------------------------------------------------
1.  Dilbert for 04 Dec 2003.
----------------------------------------------------------------------
Non Sequitur
----------------------------------------------------------------------
2.  Non Sequitur for 04 Dec 2003.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Lindows.com Ships Linux For Laptops (TechWeb). TechWeb - The OS has laptop-specific power management capabilities, wireless card compatibility and support for shortcut keys found on some notebooks' keyboards.
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
4.  Brazil bets on Linux cybercafes. Cyper cafes using Linux in Sao Paulo are providing computer training to some of Brazil's poorest.

4:28:51 AM    

----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
1.  U.S. Pressing Industry on Technology Security. Private industry must make progress in voluntarily complying with the Bush administration's national cybersecurity plan or face new legislation requiring compliance. By John Markoff.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Longest Physics Lecture in History?
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  BadBlue has a new "secret" office web surfing feature

3:28:32 AM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  AOL offers PCs for $299. The Internet service provider is offering a PC, monitor and color printer for $299 to subscribers who sign up for one year of Internet access, the latest effort to prop up its subscriber base.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  BPL Buys AT&T Wireless Mobile Stake (Reuters). Reuters - India's BPL group has bought out AT&T Wireless Services Inc.'s stake in their joint mobile phone venture, kicking off an anticipated restructuring of the industry following a controversial new competition policy.
3.  Spike TV Eyes Male Gamers with Video Game Kudofest (Reuters). Reuters - There's been a lot of debate recently over where the male TV viewers ages 18-34 have gone.
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
4.  News: New computer virus variant floods Web sites of anti-spam activists. The Associated Press By Anick Jesdanun
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
5.  Vulnerabilities: CuteNews Debug Query Information Disclosure Weakness. CuteNews is a news management system implemented in PHP.

An information disclosure weakness has been reported in CuteNews 1.3, that may expose sensitive server configura...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  Significant rsync 2.5.6 Security Vulnerability
7.  Apple offers DHCP security workaround
8.  Windows ATMs raise security concerns
9.  Spammers unleash e-mail worm to disable critics
10.  Cisco exec: Wi-Fi is ready for the enterprise
11.  Yahoo Instant Messenger contains security flaw
12.  DHS challenges IT industry to take responsibility for cybersecurity
13.  News: New computer virus variant floods Web sites of anti-spam activists

2:27:43 AM    

----------------------------------------------------------------------
A CTO's UNIX/Linux Blog
----------------------------------------------------------------------
1.  Microsoft Linux? Could be.... Steven Vaughan-Nichols writes in this eWeek article, MS-Linux? It Could Happen, some pretty insightful observations about SCO, Microsoft and a specific Microsoft product called Sevices for Unix (SFU). SFU is essentially a POSIX layer for Windows NT based operating systems...
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
2.  News: Heckenkamp Challenges Computer Ban. Accused eBay hacker has been banned from the Internet for years without being convicted of a crime.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  Apple offers DHCP security workaround
4.  Spammers unleash e-mail worm to disable critics
5.  Yahoo Instant Messenger contains security flaw
6.  DHS challenges IT industry to take responsibility for cybersecurity

1:27:23 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Dude Where's My Blogshares?. Blogshares.com is no more. Founder Seyed Razavi says:

Dear BlogShares players, I am sorry to announce that BlogShares will not be reopening after the current technical difficulties are resolved. Currently, the database server is dead and looks to be for the next few days. The latest system crash has highlighted to me that deliverying a fun, useful service for the BlogShares community requires an active operator and developer. As most of you are no doubt aware I've been neither for the past couple of months. That has led to a decline of quality service, new features and ultimately income for the site and it looked likely that there wouldn't be enough to pay for next month's hosting.

It's been an interesting and very rewarding nine months bringing a bit of entertainment to bloggers (and blog lovers). I'd like to thank especially all those people who donated money or their valuable time, those who became premium subscribers, those who worked on cool toys which made use of the fledgling API and all those who could be found on the forums and IRC channel. You turned a silly fun idea of a mad monkey coder in London into something worthy of the attention by thousands of bloggers and the press. (...) My goal with the project was always to embrace the power law and to provide a new way of highlighting blogs with a little bit of fun. I've been pleasantly surprised of how well it did and stupefied it did it for so long. Now, however, it is time to move on to other things. I'm sure you'll be hearing from me in the not so distant future. You can also find me at my perpetual home: monkeyx.com.

Link
----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
2.  10 Charged With Illegal Drug Sales Online. Federal prosecutors have indicted 10 people and 3 companies that they say made $125 million from illegally selling controlled substances over the Internet.
3.  Microsoft Eases Policy on Licensing Its Technology. Microsoft announced it would adopt a more liberal policy for licensing its intellectual property, opening the doors to its patents and copyrights. By Steve Lohr.
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
4.  Utility computing reaches HP PCs, printers. Hewlett-Packard plans to announce several new hardware and software products that expand the utility computing idea for servers and extend the technology to printers and PCs.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
5.  Hong Kong's Hutchison may need further 2 bln euro's for 3G ops: report (AFP). AFP - Hong Kong conglomerate Hutchison Whampoa may need to spend an extra two billion euros on its third generation (3G) mobile phone business due to a delay in the delivery of new handsets to Europe, a report said.
6.  Multinational firms accused of aiding Chinese Internet censorship (AFP). AFP - An international press freedom group has accused some of the world's leading Internet-related multinational firms of assisting or turning a blind eye to a Chinese government crackdown on Internet access.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
7.  President Bush To Call For Return To Moon?
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
8.  Sun hails Java Studio Creator tool - Infoworld Staff. Sun Microsystems on Wednesday reiterated its intentions to increase the number of Java developers by unveiling a preview release of its so-called easy-to-use Java development tool, now named Java Studio Creator.
9.  Sun drops out of Eclipse negotiations. SAN FRANCISCO - Discussions aimed at merging Sun Microsystems Inc.'s NetBeans Java development framework with the IBM Corp.-backed Eclipse group have broken down, Sun said on Wednesday. The news ends months of speculation about whether Sun, the company that created Java, would join forces with IBM, one of Java's biggest supporters, and unify the two companies' efforts to create a standard open-source development environment for Java.
10.  Former Intel exec sets Wi-Fi crowd straight. SAN JOSE, CALIF. - Vendors of wireless LAN (WLAN) equipment must work much harder to make their products more user friendly and to improve security features, a former Intel Corp. executive said Wednesday.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
11.  NEW 'OFF THE HOOK' ONLINE

12:25:53 AM    

© Copyright 2004 Gregg Doherty .
Last update: 2/10/2004; 8:52:03 AM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "Gregg's Security News Aggregator" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.