Monday, December 08, 2003

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  PeopleSoft trial scheduled for March
2.  Briefly: PeopleSoft trial scheduled for March. Shareholders look to halt a controversial money-back guarantee program... PayPal sets new fee for online music... Sony and Philips gain approval for a new radio frequency technology.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  S.Korea Eyes New Homegrown Wireless Web Plan (Reuters). Reuters - South Korea is considering requiring mobile phone operators to use locally developed software for downloading music and games, a government source said on Tuesday, a move which could prise open Qualcomm Inc's grip on the market.
4.  Recording Executives See Brighter Outlook (AP). AP - Online music piracy isn't likely to vanish soon, but the rise of paid online services and the growing popularity of portable digital music players portends greater demand for digital music next year and better fortunes for the embattled recording industry, music executives said Monday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  Australian Researchers Push Near-Broadband IP Over VHF
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  Spam bill headed to U.S. president
7.  Oracle patches SSL server bugs
8.  Yahoo Messenger Flaw allows injection of JavaScript into IM Windows
9.  RE: Intresting case of SQL Injection
10.  [CLA-2003:796] Conectiva Security Announcement - kernel
11.  Re: Apple Safari 1.1 (v100)
12.  RE: Websense Blocked Sites XSS
13.  Re: Intresting case of SQL Injection
14.  Re: netscreen flaw?
15.  Re: Hot fix for do_brk bug
16.  RE: Websense Blocked Sites XSS
17.  RE: Websense Blocked Sites XSS
18.  RE: Websense Blocked Sites XSS
19.  Re: Hot fix for do_brk bug
20.  Re: Intresting case of SQL Injection
21.  rpc.mountd Vulnerabilities update on IRIX
22.  Immunix Secured OS 7.3, 7+ rsync update
23.  Re: Hot fix for do_brk bug
24.  cdwrite 1.3 insecure tmp file handling vulnerability.
25.  eZ Multiple Packages Stack Overflow Vulnerability
26.  Patchmanagement.org announcement
27.  FAT32 directory auth bypass on Linux Abyssws < 1.2
28.  Land Down Under 601
29.  Re: [Fwd: Security Alert; possible buffer overflow in all Mathopd versions]
30.  [SCSA-022] Multiple vulnerabilities in Xoops
31.  Re: Websense Blocked Sites XSS
32.  Dell BIOS DoS

11:11:01 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  How much is digital music worth?. As the early buzz over new music services such as Apple Computer’s iTunes fades, record labels and technology companies are struggling to turn the services into profitable businesses.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  Congress OKs National Anti-Spam Bill (AP). AP - Congress on Monday approved the first national effort to stem the flood of unwanted e-mail pitches offering prescription drugs, cheap loans and other come-ons.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
3.  VoIP Gets A Big Backer And Another Lawsuit

10:10:39 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Variety launches porn blog (Peter Bart + AVN + blogs = WTF?).

Variety just launched its very own porn blog. Huh? Anyway: The Porning Report: Coverage of the Porn Industry's Move to Mainstream -- the scribe is Frank Meyer, who's also the Online Associate Editor of AVN. (thanks, Invisible Cowgirl)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  Managing Web services jargon
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  eBay Makes a Business of Its Online Auction Data (Reuters). Reuters - eBay Inc. (EBAY.O) has begun selling the price data generated by its popular Internet auction site in the hope that such information will set a benchmark for the value of a wide range of goods, a company executive said on Monday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
4.  Congress Sends Anti-Spam Bill To White House
----------------------------------------------------------------------
Hack the Planet
----------------------------------------------------------------------
5.  According to a Usenet post, Octigabay is using Infiniband as their cluster interconnect with a custom HCA that attaches directly to the HyperTransport port on the Opteron. This allows them to get under 2us MPI latency when stock IB HCAs get 6us.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  Rendez-vous aux membres présents sur paris jeudi 11/12

9:10:20 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  Time Warner Cable reaches VoIP deals. The cable company and two U.S. telephone service providers announce agreements that may help the cable company's attack on the local and long-distance phone service market.
2.  Congress OKs antispam legislation. The U.S. Congress gives final approval to the first federal law regulating spam, which President Bush has indicated he will sign before the end of the year.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Time Warner OKs 'Net Phone Service Deal (AP). AP - Time Warner Cable announced a deal Monday with Sprint Corp. and MCI Inc. to offer phone service using the up-and-coming voice-over-Internet technology, one of the surest signs yet that cable companies are assaulting the local phone industry.
4.  Experts Worried After Worm Hits Windows-Based ATMs (Reuters). Reuters - Automatic teller machines at two banks running Microsoft's popular Windows software were infected by a computer virus in August, the maker of the machines said on Monday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  Open Source Finally Hits Real Silicon
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
6.  Pivotal dumps Talisma for Chinadotcom unit. Pivotal Corp. said Monday it has signed a definitive merger agreement with Chinadotcom Corp. unit CDC Software, scrapping an earlier agreement with an investment firm that planned to merge Pivotal with Talisma Corp., another maker of midmarket CRM (customer relationship management) software.
7.  NetContinuum adds network firewall to NC-1000. Web application firewall maker NetContinuum Inc. said Monday that a new version of its NC-1000 Web Security Gateway adds network firewall features to the product's existing security features.
8.  ITU preparatory talks clear way for Internet summit. Government negotiators from nearly 200 countries narrowed their differences on how to manage the Internet and protect freedom of expression online in an important round of preparatory talks over the weekend in Geneva, but failed to agree on how to fund the Internet's expansion in developing countries.
9.  GPL is no hippie dream. Last Thursday, The SCO Group Inc. Chief Executive Officer Darl McBride posted an open letter on SCO's Web site arguing that Linux backers were threatening to undermine the copyright protections provided in U.S. and European law. McBride's posting was the latest in a series of public statements by SCO portraying the open-source operating system as a threat to the commercial software industry and an enemy of intellectual property. "There is a group of software developers in the United States, and other parts of the world, that do not believe in the approach to copyright protection mandated by Congress," McBride wrote.
10.  AdSubtract to snip paid search results. BOSTON - A new version of the AdSubtract ad-blocking software will hit Web search engine companies right in the cash register, blocking sponsored search engine results, sometimes known as "paid placement" advertisements, according to a statement from InterMute Inc., which makes AdSubtract.
11.  OASIS elects IBM, Nokia, Oracle staff to board.  Representatives from Nokia Corp., Oracle Corp. and IBM Corp. have joined the Organization for the Advancement of Structured Information Standards' (OASIS) board of directors, the organization announced Monday.
12.  SMBs gearing up for technology upgrades. About 40 percent of U.S. small and medium-size businesses (SMBs) are planning to spend more money on technology in 2004 than they did this year, but IT vendors will need to make sure they deliver appropriate technology at the right price, said analysts from The Yankee Group at the Boston company's SMB Forum Monday.
----------------------------------------------------------------------
InfoWorld: Security
----------------------------------------------------------------------
13.  Spam bill headed to U.S. president. WASHINGTON - The U.S. House of Representatives has approved an amended version of a bill that will allow penalties of up to $6 million and five years in jail for sending some e-mail spam, the last step before the bill can be signed into law by President George W. Bush.
14.  Oracle patches SSL server bugs. Oracle has issued a security alert and software patches for a set of serious vulnerabilities in the security protocols used by some of its server products.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
15.  AnVir Virus Destroyer v3.6
16.  The Cleaner Database v3423
17.  News: Congress approves first national anti-spam legislation
18.  eZ 'eZnet.exe' Stack Overflow Lets Remote Users Execute Arbitrary Code
19.  W32.HLLW.Gaobot.DK

8:10:00 PM    

----------------------------------------------------------------------
Penny Arcade!
----------------------------------------------------------------------
1.  Santa's Little Helpers.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  PayPal Announces New Fee for Online Music Firms (Reuters). Reuters - Online payment provider PayPal, a unit of online auctioneer eBay Inc. (EBAY.O) on Monday announced new payment processing fees for high-volume online digital music companies.
3.  U.S. Edges Out Finland in Info Technology Rankings (Reuters). Reuters - The United States edged out Finland to become the top-ranked country for the way it uses information technology like the Internet to speed economic development, according to a report released on Tuesday.
4.  Parents Beware: 'Killographic' Video Games (Reuters). Reuters - A public interest group had a holiday warning and a new word on Monday for parents of video game users: Beware of "killographic," defined as the "graphic depiction of brutal violence."
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  Finding Holiday Discounts on iPods?
----------------------------------------------------------------------
SecurityFocus News
----------------------------------------------------------------------
6.  News: Congress approves first national anti-spam legislation. The Associated Press By Ted Bridis
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
7.  Vulnerabilities: SGI rpc.mountd Unspecified Denial of Service Vulnerability. rpc.mountd is an RPC server that handles NFS file system mount requests.

SGI has announced the existence of an unspecified denial of service vulnerability in rpc.mountd....
8.  Vulnerabilities: SGI rpc.mountd Unauthorized Drive Mounting Vulnerability. rpc.mountd is an RPC server that handles NFS file system mount requests.

SGI has announced the existence of a vulnerability in rpc.mountd that could lead to the unauthor...
9.  Vulnerabilities: Multiple Vendor rpc.mountd File Disclosure Vulnerablity. rpc.mountd is an RPC server that handles NFS file system mount requests. A vulnerability has been discovered with mountd which, if exploited, allows the attacker to obta...
10.  Vulnerabilities: Apple Safari Web Browser Null Character Cookie Stealing Vulnerability. Apple Safari 1.1 is a web browser application available exclusively for the Mac OS Panther release.

An issue has been discovered in Apple Safari 1.1 which may allow an a...
11.  Vulnerabilities: Linux Kernel do_brk Function Boundary Condition Vulnerability. do_brk() is a function called indirectly by a number of kernel procedures, including the brk() system call and the ELF and a.out loading mechanisms. The do_brk() function...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
12.  NetContinuum adds network firewall to NC-1000
13.  Congress OKs First National Anti-Spam Bill
14.  8 Dec W32/Agobot-BD

7:09:40 PM    

----------------------------------------------------------------------
A CTO's UNIX/Linux Blog
----------------------------------------------------------------------
1.  Yahoo DomainKeys system might dent spam. Yahoo Takes Aim at SpamYahoo's DomainKeys is designed to let receiving e-mail systems confirm that a message in fact originated from a user authorized to send e-mail for the domain stated in the header. DomainKeys uses public cryptography technology to...
----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
2.  Tart cards: illicit ads from London, chronicled in new book.

A fine stocking stuffer idea for literate, wired pervs. On sale for under $20. Warning: do not confuse tart cards with tarot cards. Any attempt to read your future with tart cards may bring about truly hazardous results.

"This amusing, enlightening, and beautifully designed book explains the history and graphic/technical development of tart cards with over 400 examples in color. Tart cards are the means by which providers of sexual services advertise in London, and they have become as ubiquitous a symbol of that city as the red telephone boxes where they are found. The book also contains an eye-opening, comprehensive glossary of the suggestive and coded language they use. 128 pages, trade paperback."

Link (Thanks, Bruce Sterling!). update: Fleshbot picks up on our hot tartcard-on-tartcard action, and provides more links to images.

3.  Civil rights hero Rosa Parks sues Outkast. ...over their song "Rosa Parks," claiming the band violated her publicity and trademark rights and defamed her. Link (thanks claytonjamescubitt)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
4.  Yahoo launches paid service package. The Yahoo Plus package pulls together a number of paid services and Internet-based applications with a revamped version of the company's customizable My Yahoo Web page.
5.  Vonage drops Cisco VoIP adapter. The broadband telephone service provider replaces Cisco Systems with Motorola as its exclusive telephone adapter supplier.
6.  Euro PC makers in Dutch with Microsoft. Microsoft expands its trademark dispute with Lindows to Europe, putting pressure on the Linux seller and its PC partners to stop distributing the company's open-source operating system.
7.  SeeBeyond slims down integration software. The integration-software specialist introduces an "enterprise service bus" as a stripped-down alternative to its pricier integration software.
8.  VMware connects with storage companies. The company, which makes software designed to make server computers more efficient, says its code is compatible with data storage gear from several corporations.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
9.  Sun Life: SEC to Recommend Enforcement (AP). AP - Sun Life Financial Inc. said Monday that the Boston office of the Securities and Exchange Commission will recommend an enforcement action against one of its subsidiaries, Massachusetts Financial Services Co.
10.  PeopleSoft Refund Trial Set for March (AP). AP - A trial over PeopleSoft Inc.'s customer-refund program is scheduled for late March and early April, the software company says in a regulatory filing.
11.  IBM Wins Skirmish in SCO Battle (NewsFactor). NewsFactor - In a development that court observers call a victory for IBM (NYSE: IBM), a federal judge has ruled that the SCO Group has 30 days to provide details of how the company believes IBM has infringed its intellectual property rights.
12.  Congress OKs National Anti-Spam Bill (AP). AP - Congress on Monday approved the first national effort to stem the flood of unwanted e-mail pitches offering prescription drugs, cheap loans and other come-ons.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
13.  Detoxing With Magnets for Fun and Profit
14.  SmoothWall 2.0 Linux-Based Firewall Released
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
15.  IBM hails nano chip-making method. IBM says self-assembly molecules could soon be used to make chip components even smaller.
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
16.  Vulnerabilities: Linux Kernel Fragment Reassembly Remote Denial Of Service Vulnerability. The Linux kernel is the core of all Linux operating systems. It is community-maintained.

A problem in the kernel network code could make a remote denial of service possi...
17.  Vulnerabilities: Linux Kernel Route Cache Entry Remote Denial Of Service Vulnerability. The Linux kernel is the core of all Linux operating systems. It is community-maintained.

A problem in the kernel routing code could make a remote denial of service poss...
18.  Vulnerabilities: Linux TTY Layer Kernel Panic Denial Of Service Vulnerability. The TTY layer is used to process input and output supplied to and from the console.

A vulnerability has been reported in the TTY layer that may result in a kernel panic....
19.  Vulnerabilities: Linux 2.4 Kernel execve() System Call Race Condition Vulnerability. The Linux execve() system call is used to invoke target binaries on the system.

A race condition vulnerability has been discovered in the Linux execve() system call, aff...
20.  Vulnerabilities: Websense Enterprise Blocked Sites Cross-Site Scripting Vulnerability. Websense Enterprise is a filtering software that allows access to be restricted to web sites, instant messaging and peer-to-peer networks.

When a blocked site is visit...
21.  Vulnerabilities: Multiple Linux 2.4 Kernel Vulnerabilities. Red Hat has released an advisory reporting the existence of multiple vulnerabilities in the Linux 2.4 kernel. The following issues were reported:

/proc/tty/driver/seria...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
22.  Intel toasts Itanium's success by giving servers away. Display of confidence
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
23.  Europe now most likely virus target
24.  Fortune 500 firms pick smartcard security
25.  Talks Seek Global Internet Ground Rules
26.  Netilla eyes European expansion
27.  CyberGuard completes game of SnapGear
28.  True Integration – Fact or Fiction?
29.  Supermicro: Itanium 2 Moves into Sleek New Home
30.  Infocus: Home User Security: Personal Firewalls
31.  WORM_SPYBOT.AX

6:09:20 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Blogshares coming back?. Recently-departed website Blogshares may return:
The Bad News: The BlogShares database was corrupted and it's taking a few days to get things back together.

The Good News: A solid agreement has been reached between BlogShares founder Seyed Razavi and technologist Jay Campbell -- the site is coming back! Premium memberships will be extended one month to make up for this downtime. If you had 8 months left, now you have 9. The reconstituted BlogShares team is doing cartwheels over the possibilities that 2004 brings. Check back for more notices, and soon a working site.

Link
2.  Coke's music downloads: the real thing?. Coca-Cola is launching a digital music download service in the UK:

Coca-Cola will become the first high-profile consumer brand to get involved directly in the music business, launching what it claims will be the largest collection of tracks yet available. (...) The site, MyCokeMusic.com, will launch in January next year offering a catalogue of over 250,000 new and recent hits from more than 8,500 artists with all four major record labels represented.

It also promises back catalogue hits from established artists, although some major acts such as The Beatles have yet to allow their songs to be sold digitally. Given the ongoing controversy over the apparent conflict between its claim it would not market its drinks to under-12s and its sponsorship of the chart, Coca-Cola today made it clear only those over 18 would be able to buy music through the site. It plans to back the launch with a year-long campaign to promote legal music downloads, including promotions on its cans and bottles to win free tracks.

Link
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
3.  Microsoft revamps CRM software. The company's second version of its customer relationship management package promises expanded language coverage and tighter links to its latest Office and server software.
4.  BlackBerry aims to go Wi-Fi. Research In Motion is working to allow its BlackBerry devices to connect to Wi-Fi wireless networks, anticipating demand for the feature from its target corporate customers.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
5.  IBM Tells Court It Doesn't Owe Back Pay (AP). AP - International Business Machines Corp. said Monday that it doesn't owe retroactive benefits to people covered by a pension plan that is the subject of a class-action lawsuit.
6.  Broadcasters Feel Left Out of Net Summit (AP). AP - The representatives of 192 nations expected here this week for summit on the Internet's future are neglecting vital issues tied to TV and radio, say international broadcasters who are holding a parallel meeting.
7.  Yahoo to Launch Cut-Rate Broadband Service Package (Reuters). Reuters - Yahoo Inc. will offer its long-awaited bundle of premium services for people who already have high-speed Internet connections this month at a price below its major competitors, the company said on Monday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
8.  The Death Throes of crypt()
9.  Sun Negotiating With Wal-Mart Over Java Desktop
----------------------------------------------------------------------
InfoWorld: Security
----------------------------------------------------------------------
10.  NetContinuum adds network firewall to NC-1000. Web application firewall maker NetContinuum Inc. said Monday that a new version of its NC-1000 Web Security Gateway adds network firewall features to the product's existing security features.
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
11.  BugTraq: Re: Websense Blocked Sites XSS. Sender: Eric MightyE Stevens [trash at mightye dot org]
12.  BugTraq: Dell BIOS DoS. Sender: James Evans [jae7 at lehigh dot edu]
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
13.  Coke floats music download service. Want some DRM with your cavity?
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
14.  Hiding Secrets with Steganography
15.  Backdoor.Dister
16.  Backdoor.Xibo

4:19:53 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Tart cards: illicit ads from London, chronicled in new book.

A fine stocking stuffer idea for literate, wired pervs. On sale for under $20. Warning: do not confuse tart cards with tarot cards. Any attempt to read your future with tart cards may bring about truly hazardous results.

"This amusing, enlightening, and beautifully designed book explains the history and graphic/technical development of tart cards with over 400 examples in color. Tart cards are the means by which providers of sexual services advertise in London, and they have become as ubiquitous a symbol of that city as the red telephone boxes where they are found. The book also contains an eye-opening, comprehensive glossary of the suggestive and coded language they use. 128 pages, trade paperback."

Link (Thanks, Bruce Sterling!). update: Fleshbot picks up on our hot tartcard-on-tartcard action, and provides more links to images.

2.  BBC warblogger, mine blast survivor Stuart Hughes videoblogs in Cambodia.

BBC war correspondent Stuart Hughes' courageous, first-person blog testimonial on surviving a land mine accident in Iraq brought home the personal reality of war to readers worldwide. At left, a snapshot of Stuart taken in the hospital, as he recovered from the loss of his leg earlier this year.

Stuart is now traveling to Cambodia and reporting -- through the BBC and through his blog -- on the human impact of mines, during conflicts and long after the conflicts end. He writes to BoingBoing:

"Greetings from London. Me and my artificial leg have just returned from northwestern Cambodia, where I carried out my first experiments in videoblogging. You can view my efforts on my blog here. See what you think!"

Link
3.  Photo of a little fish in the mouth of a big fish. Who says fish can't convey emotions with their faces? See the look of doom in this little guy's eyes?. Link (via Reality Carnival)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
4.  Intel researchers open 'learning library'. The chipmaker's research arm is offering the Open Source Machine Learning Library, a free collection of software that can help computers learn from experience.
5.  New wireless technology gets standards nod
6.  Is bulked-up HP ready for battle?. Hewlett-Packard has shaved costs and returned its businesses to profitability following the Compaq merger, but analysts say it's unclear whether it can compete against IBM or Dell.
7.  Briefly: PalmSource makes foray into China. The operating system developer licenses software to Chinese device maker...The chipmaker offers free trial servers with its Itanium 2...A report says Oracle may top its quarterly estimates.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
8.  AdSubtract Blocks Paid Search Results (PC World). PC World - Updated software will filter out links that are actually advertisements.
9.  Poor need knowledge not only technology to bridge digital divide: experts (AFP). AFP - Developing countries need to gain knowledge rather than technology to latch onto the booming information society, experts said ahead of a major conference on bridging the digital divide between rich and poor.
10.  Coke to Launch UK Music Download Service Next Month (Reuters). Reuters - Coca-Cola (KO.N) is launching an Internet music download service in Britain next month, the first consumer brand to jump into Europe's crowded Internet music market, the company said on Monday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
11.  Andreessen Interview Discusses Post-Crash Innovation
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
12.  Vulnerabilities: Glibc Getgrouplist Function Buffer Overrun Vulnerability. The GNU C library, glibc, contains standard C libraries called by various applications.

The getgrouplist function in glibc does not perform adequate bounds checking on d...
13.  Vulnerabilities: Spoofed Kernel Netlink Interface Message Denial of Service Vulnerability. The Linux kernel includes the use of an optional netlink driver, which when used creates the netlink device. This device can be used to allow a channel between the kernel...
14.  Vulnerabilities: Virtual Programming VP-ASP shopdisplayproducts.asp Cross-Site Scripting Vulnerability. VP-ASP is a Web-based shopping cart system designed for online retailers.

A vulnerability has been reported to exist in the software that may allow a remote user to laun...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
15.  HP would be better off without Compaq drain - Analyst. Did the musician know more than Carly?
----------------------------------------------------------------------
Help Net Security
----------------------------------------------------------------------
16.  Security fears push users to open source
17.  New authentication system tries to block spam
18.  "Invasion of Privacy" author speaks with Help Net Security
19.  Hackers steal from pirates, to no good end
20.  The next Windows: Microsoft's big challenge
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
21.  Le photocopieur en savait trop
22.  Wi-Fi: secure or not? debate rages
23.  Moving beyond passwords
24.  Cybersecurity worries keep many from banking online
25.  Fortune 500 firms pick smartcard security
26.  Securing your Linux environment
27.  Security fears push users to open source
28.  New authentication system tries to block spam
29.  "Invasion of Privacy" author speaks with Help Net Security
30.  Hackers steal from pirates, to no good end
31.  The next Windows: Microsoft's big challenge
32.  LANDesk Ships Patch Manager 8

3:19:33 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  More Linux Robot Photo Galleries. BoingBoing buddy Roland Piquepaille says:

Following this LinuxInsider.com story, "Japan's Robot Developers Go Linux," Linux Devices decided to publish its own "Linux-powered Robots Quick Reference Guide." And Paul Baron spent some time shooting pictures during the 2003 International Robot Exposition in Tokyo about two weeks ago. So here is a photo gallery gathered from these two different sources. You'll meet for example TMSUK04 from Meiji University, able to communicate via e-mail, or Isamu, which climbs stairs like Asimo.
2.  Kevin Sites: back *from* Iraq, here's his latest.. Blogger and MSNBC combat correspondent Kevin Sites posted a final dispatch from Iraq before returning home to the US for a brief break. He returns to Iraq shortly after the holidays.
It is the eve of Eid or the end of the Ramadan and the end of the month long dawn to dusk fasting for many Muslims. It is a time of celebration on par with Christmas for Christians. But the night has begun with a bang. Literally. An IED (improvised explosive device) has exploded just outside the north gate of the 4th Infantry Division's headquarters. I hop in the back of Bressette's Humvee as the patrol heads out to investigate. Bressette gets on his two-way and in the guise of a flight attendant giving the pre-flight briefing, tells the squad the plan. (...)

I videotape Bressette as he walks back to his Humvee with the 1-22's commanding officer Lt. Col. Steve Russell. They at the curb to discuss what's next, when Bressette looks down. He sees something strange; wires sticking out of a concrete block. Suddenly this inert object is filled with potential energy.

"Sir, we better back up," Bressette says, already doing the moonwalk away from the block. "We're standing next to an IED!" The Humvee shoots forward away from the bomb, while the rest of back away. The concrete block has been hollowed out and is packed with enough plastic explosives to kill us. Bressette just shakes his head, still in disbelief that all of us, the Colonel, Bressette and his squad, myself and reporter named Betsy Heil from the Pittsburgh Tribune, were all standing next to a device that could've taken our lives within a fraction of a second.

Link
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
3.  Shoppers flip flop their Web strategy. A survey attributes an increase in retail sales to a new trend in which consumers are doing an interesting combination of online and traditional shopping.
4.  Sun Linux gets U.K. health service exam. Britain's National Health Service plans to begin trials of a Sun desktop Linux suite, a move it says could save U.K. taxpayers millions of pounds.
5.  PalmSource makes foray into China
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
6.  UK Police Switchboard Swamped by iPod E-Mail Scam (Reuters). Reuters - Cambridgeshire police said on Monday a wave of phone calls from irate consumers swamped the police switchboard late last week and through the weekend after the department got hit by an e-mail hoax.
7.  Internet Divisions Loom Over U.N. Summit (AP). AP - Moves to give the United Nations a say in control of the Internet loom over a global summit on expanding technology to developing countries, officials said Monday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
8.  Unix Network Programming, Vol. 1
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
9.  Vulnerabilities: Jason Maloney's Guestbook HTML Injection Vulnerability. Jason Maloney's Guestbook is a CGI web guestbook application.

A vulnerability has been reported in the software that may allow a remote attacker to execute HTML and scri...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
10.  Liste de logiciels P2P
----------------------------------------------------------------------
Internet/Network Security
----------------------------------------------------------------------
11.  National Strategy to Protect Lobbyists. I know I shouldn't be surprised. Its politics as usual. I guess I tend to operate on some naive level and live in some utopian wonderland where our elected representatives actually care about the greater good more than they do...

2:19:13 PM    

----------------------------------------------------------------------
A CTO's UNIX/Linux Blog
----------------------------------------------------------------------
1.  Measuring the data mountain. According to a study summarized in The Economist, there were up to 5 exabytes (that's 5,000,000,000 gigabytes) of data created world wide in 2002, up from 2 exabytes in 1999. The study, published a two researchers at Berkeley, attempts to...
----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
2.  Ergonomic shirt folding video. This is an amazing (Japanese? Korean?) video showing an ergonomic method for folding shirts that exploits the unique topology of a hollow fabric vessel to allow for neat-as-a-neurotic folds that look like they came off a Gaparista's folding-board.

6.3MB WMV Link
3.  Data Quality Act opens doors to psuedoscience DoS attacks. The Data Quality Act, which sets standards for the quality of data used in US law-making, has turned out to be a great tool for forcing pseudoscience (asbestos isn't that bad for you) into the lawmaking process -- a way to filibuster the scientists by requiring them to disprove whatever woo-woo notions you want to raise.

As the testimony of former Clinton administration Energy official and George Washington University epidemiologist David Michaels shows, the guidelines are very troubling. Michaels' complaint is that under the guise of "peer review," industry sponsored or funded attempts to undermine good science are going to get a big boost. That's for a number of reasons, one of them being the key question of who will be doing the peer reviewing.

The current guidelines say that as far as peer review goes, scientists who have worked for government have a conflict of interest and can't participate, but scientists who have worked for industry have carte blanche. As Michaels puts it, the suggestion "that academic scientists are more beholden to public funding agencies than corporate funders is on face ludicrous." And there's more. The peer review guidelines play into clever industry strategies for using the system of science to advance their economic interests.

Link

(Thanks, Henry!)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
4.  Briefly: Intel revs up for chip challenge. The chipmaker offers free servers with its new Itanium chip as part of a campaign to win new customers...An SG Cowen report suggests Oracle may top its quarterly revenue and earnings estimates...Video game companies IGN, GameSpy unite for news, downloads..
5.  Yahoo launches high-end service package. The Yahoo Plus package pulls together a number of paid services and Internet-based applications with a revamped version of the company's customizable My Yahoo Web page.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
6.  Report: China Game Makers to Earn $250M (AP). AP - China's Internet game makers are expected to make $250 million this year, earning respectability for an industry once "despised and scorned," the official Xinhua News Agency said Monday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
7.  SETI Project Scientist Discusses Prospects
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
8.  BugTraq: Patchmanagement.org announcement. Sender: Adam Shostack [adam at homeport dot org]
9.  BugTraq: Land Down Under 601. Sender: [gdayworld at hotmail dot com]
10.  BugTraq: Re: [Fwd: Security Alert; possible buffer overflow in all Mathopd versions]. Sender: Peter Geissler [blasty at geekz dot nl]
11.  BugTraq: FAT32 directory auth bypass on Linux Abyssws < 1.2. Sender: Luigi Auriemma [aluigi at altervista dot org]
12.  Vulnerabilities: AppleShare IP FTP Server RMD Command Denial Of Service Vulnerability. AppleShare IP is a network server suite for Mac OS. The suite provides an FTP server component.

The AppleShare IP FTP server has been reported prone to a denial of servi...
13.  Vulnerabilities: FVWM fvwm-menu-directory Command Execution Vulnerability. FVWM is a virtual desktop window manager for the X Window system.

A vulnerability has been reported to exist in the software that may allow an attacker to execute malici...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
14.  Aladdin's eSafe 4 Gains Certification
15.  Elsewhere: Feds, CIOs Unite on IT Security
16.  Elsewhere: Microsoft making patchwork CD?
17.  News: NatWest warns of dodgy email
18.  NatWest warns of dodgy email
19.  Alan Ward Acart Plaintext Passwords Vulnerability
20.  Alan Ward Acart msg Parameter Cross Site Scripting Vulnerability
21.  Alan Ward Acart register.asp Cross Site Scripting Vulnerability
22.  Alan Ward Acart Improper Authentication Check Vulnerability
23.  Linux 4inarow Game Multiple Vulnerabilities
24.  Appleshare IP FTP Server Denial of Service Vulnerability
25.  PLDaniels Ebola Remote Buffer Overflow Vulnerability
26.  VP-ASP Cross Site Scripting Vulnerability

1:18:53 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Man phones in tag renewal, avoids the tow. A man who'd been pulled over for driving with expired tags called a friend while the tow was on the way and had the friend update his registration online. Before the tow arrived, the car had been registered, and the cop let him go with a ticket.

Leach took the renewal form the commission had sent him from his visor, which contained the access code he needed to renew. While Zier issued the summons and ordered the tow, Leach called a friend who took his credit card number and other information and renewed the registration for him, Conry said.

When Zier came back with the ticket, Leach told him the car was now registered. The computer inside Zier's patrol car confirmed it.

Link

(via Gizmodo)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  Microsoft to drop older products. The software maker says it is retiring several of its older products, including Windows 98, to comply with a court order related to Sun Microsystems and Java.
3.  Upturn seen for IT spending in 2004. Small and medium-size companies are set to lead a recovery of IT spending in 2004, with software taking priority, according to Gartner and SoundView.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
4.  IBM researchers move toward smaller chips (SiliconValley.com). SiliconValley.com - IBM researchers said they have successfully used a nanotechnology technique to enable continued miniaturization of computer chips.
5.  Venture Capitalists Expand Investment in India (Reuters). Reuters - India's growing political stability and rapid economic growth are proving attractive for venture capitalists, who are looking beyond their traditional investment areas of software and back-office services.
6.  Online Holiday Sales Dulled by Discounts (Reuters). Reuters - Web shoppers are expected to spend more money than ever during the annual holiday shopping season, but online retailers could face a tough time making much of a profit out of the $12 billion in projected sales.
7.  The High Cost Of Making an Anthrax Drug (washingtonpost.com). washingtonpost.com - A year ago, Gil H. Choi stood in the Rockville laboratories of Human Genome Sciences Inc., nervously watching a group of white rats. Injected with synthetic anthrax spores an hour and a half earlier, the rats should have been dead. But there they were, scurrying around in a sealed glass case.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
8.  Hiding Secrets With Steganography On FreeBSD
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
9.  Sub-1-inch hard disk drives on the horizon. The growing demand for low-cost, high-capacity, and compact storage for mobile devices is pushing development of small form-factor hard-disk drives and the first of a new generation of sub-1-inch (2.5 centimeters) drives should hit the market in 2004.
10.  Court rules for IBM in preliminary SCO hearing. A judge ruled in favor of IBM Corp. in two motions argued in a Utah district court Friday in its ongoing legal dispute with The SCO Group Inc., a SCO spokesman confirmed.
11.  NTT DoCoMo to invest $10M in China fund. NTT DoCoMo Inc. will invest $10 million later this month in a venture capital fund that targets digital media and information technology start-ups in China, it said Monday.
12.  IBM lets polymers assemble nanoscale structures. IBM Corp. has come up with a method of letting molecules assemble themselves inside chip structures to form nanoscale structures that add redundancy and performance improvements to chips, the company said Monday.
13.  Microsoft aims for a seamless digital world. MOUNTAIN VIEW, Calif. -- Microsoft Corp.'s "seamless computing" vision is about making software and devices work in sync with consumers' lives, John O’Rourke, consumer strategy director at Microsoft, said Friday.
14.  Candle tools target app performance - Infoworld Staff. Helping infrastructure architects ready more reliable products for production environments, Candle this week rolled out six packages targeted at J2EE-based WebSphere environments.
15.  EDS awaits tax decision. LONDON -- Electronic Data Systems Corp. (EDS) and Accenture Ltd. should hear this week whether they have lost their contracts with the U.K. Inland Revenue, according to an Inland Revenue spokeswoman Monday.
16.  U.K. gov't considers Sun in open source software push. LONDON -- The U.K. government has signed a five-year agreement with Sun Microsystems Inc. to potentially offer the company's new Java Desktop System (JDS) and Java Enterprise System (JES) software to public sector agencies as part of an overall open source push.
17.  HP merges operations, names new executives. Hewlett-Packard Co. (HP) has merged its Global Operations and Information Technology divisions and named a 14-year HP veteran to lead the operation.
18.  Wi-Fi concerns shift gears - Infoworld Staff. The arrival of wireless networking in the enterprise has been without question one of the biggest stories of 2003. According to many, it will be an important story next year as well.
----------------------------------------------------------------------
SecurityFocus News
----------------------------------------------------------------------
19.  Infocus: Home User Security: Personal Firewalls. This article discusses personal firewall alternatives, including freeware firewalls, firewalls included with current Microsoft and Apple OSes, and various commercial offerings of interest to the home user.
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
20.  BugTraq: rpc.mountd Vulnerabilities update on IRIX. Sender: SGI Security Coordinator [agent99 at sgi dot com]
21.  BugTraq: Immunix Secured OS 7.3, 7+ rsync update. Sender: Immunix Security Team [security at immunix dot com]
22.  Vulnerabilities: OpenSSL ASN.1 Parsing Vulnerabilities. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. OpenSSL does not directly implement ASN.1 but does use ASN.1 objects in X.509 certificates a...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
23.  Microsoft CRM goes global. Well, 47 countries
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
24.  Feds, industry form security alliance
25.  Récupération des clés WEP sur les Access Point Cisco Aironet
26.  JAVA_STARTPAGE.E
27.  Neue Sicherheitslücke im Apple-Browser Safari
28.  User-Level Firewalling with Nufw
29.  Windows-to-Linux roadmap: Part 3: Intro to Webmin

12:18:34 PM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  How many years does an Azeri have to work to buy a copy of WinXP?. Over at FirstMonday, Rishab Aiyer Ghosh has published a table showing how many years an average wage-earner in various countries around the world will have to work if they are to buy a copy of Windows. 

Country     GDP/cap  PCs ('000s)  Piracy   WinXP Cost [3]
                                        Effective $ GDP months
Albania     1300     24           n.a.     15196    5.17
Algeria     1773     220          n.a.     11140    3.79
Angola      701      17           n.a.     28184    9.59
Argentina   7166     3415         62%      2757     0.94
Armenia     686      24           n.a.     28806    9.80
Australia   19019    10000        27%      1039     0.35
Austria     23186    2727         33%      852      0.29
Azerbaijan  688      n.a.         n.a.     28708    9.77

Link
2.  New story of mine online. My short story, "Beat Me Daddy (Eight to the Bar)" (which wasn't included in the collection, but is still a personal favorite of mine) was originally published in the print magazine Black Gate last winter. Now, thanks to the good graces of Fortean Bureau, an excellent webzine, the story is online for free in its entirety. This story is my tribute to Wyndham's post-apocalyptic literature. Here's a taste:
We were the Eight-Bar Band: there was me and my bugle; and Timson, whose piano had no top and got rained on from time to time; and Steve, the front-man and singer. And then there was blissed-out, autistic Hambone, our "percussionist" who whacked things together, more-or-less on the beat. Sometimes, it seemed like he was playing another song, but then he'd come back to the rhythm and bam, you'd realise that he'd been subtly keeping time all along, in the mess of clangs and crashes he'd been generating.

I think he may be a genius.

Why the Eight-Bar Band? Thank the military. Against all odds, they managed to build automated bombers that still fly, roaring overhead every minute or so, bomb-bay doors open, dry firing on our little band of survivors. The War had been over for ten years, but still, they flew.

So. The Eight-Bar Band. Everything had a rest every eight bars, punctuated by the white-noise roar of the most expensive rhythm section ever imagined by the military-industrial complex.

We were playing through "Basin Street Blues," arranged for bugle, half-piano, tin cans, vocals, and bombers. Steve, the front-man, was always after me to sing backup on this, crooning a call-and-response. I blew a bugle because I didn't like singing. Bugle's almost like singing, anyway, and I did the backup vocals through it, so when Steve sang, "Come along wi-ith me," I blew, "Wah wah wah wah-wah wah," which sounded dynamite. Steve hated it. Like most front-men, he had an ego that could swallow the battered planet, and didn't want any lip from the troops. That was us. The troops. Wah-wah.

Link
3.  SaveDisney: support the dissident Disney board members. SaveDisney.com is a fan-site devoted to promoting the agenda of Roy Disney and the other dissident ex-Disney board members.

Link

(Thanks, Caines!)
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
4.  Intel launches Itanium 2 trial
5.  CA enters Web services management. Computer Associates releases its first Web services management products to market and announces an array of related partnerships.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
6.  Sammy to Buy 22.4 Percent Stake in Sega (AP). AP - Sammy Corp., a major Japanese "pachinko" pinball-machine maker, said Monday it plans to buy a 22.4 percent stake in Sega Corp., to become the largest shareholder in the videogame software maker.
7.  Scrubbing Away the Stain of Spam (washingtonpost.com). washingtonpost.com - As e-mail becomes an ever more indispensable tool for companies and consumers, the scourge of spam continues to grow exponentially. The junk e-mail problem has evolved into such a stain on Internet communications that the nation's largest Internet service providers and technology companies are devoting unprecedented resources to try to stop it.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
8.  Linux Localization And E-governance
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
9.  Pinball firms snaps up Sega stake. A manufacturer of slot machines buys one-quarter of the games firm, in what some hope may signal its rescue.
----------------------------------------------------------------------
SecurityFocus News
----------------------------------------------------------------------
10.  Elsewhere: Feds, CIOs Unite on IT Security. In a major change of heart for both sides, government representatives and corporate CIOs are for the first time pledging to share more information with each other in an e...
11.  Elsewhere: Microsoft making patchwork CD?. Microsoft is planning to begin testing this week a security CD designed to allow users of older Windows systems to easily bring their PCs up to date--a new attempt to cha...
12.  News: NatWest warns of dodgy email. The Register By Tim Richardson [tim dot richardson at theregister dot co dot uk]
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
13.  Vulnerabilities: Novell NFS Server Hostname Alias Access Control Bypass Vulnerability. Novell has reported a vulnerability in how hostname aliases (from sys:etchosts) are handled for NFS Server (XNFS.NLM) in the trusted hosts configuration. NFS Server den...
14.  Vulnerabilities: Apache mod_ssl/Apache-SSL Buffer Overflow Vulnerability. Mod_SSL and Apache-SSL are implementations of SSL (Secure Socket Layer) for the Apache webserver.

A buffer overflow vulnerability exists in mod_ssl and Apache-SSL that...
15.  Vulnerabilities: OpenSSL CBC Error Information Leakage Weakness. OpenSSL is an open source implementation of the SSL protocol.

A side-channel attack against implementations of SSL exists that, through analysis of the timing of certain...
16.  Vulnerabilities: Yahoo! Messenger IMVironment Cross-Site Scripting Vulnerability. Yahoo! Messenger allows IMVironments to be specified from within 'ymsgr:' URIs, essentially permitting a particular IMVironment to be loaded when such a URI is visited. ...
17.  Vulnerabilities: OpenSSL Bad Version Oracle Side Channel Attack Vulnerability. It has been reported that OpenSSL (and possibly other implementations of SSL and TLS) are vulnerable to an information leakage when outputting error messages in response ...
18.  Vulnerabilities: OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability. OpenSSL is an open source implementation of the SSL protocol.

A side-channel attack in the OpenSSL implementation has been published in a recent paper that may ultimatel...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
19.  Yahoo! Messenger IMVironment Cross-Site Scripting Vulnerability
20.  Yahoo! Messenger IMVironment Cross-Site Scripting Vulnerability
21.  Xoops SQL Injection and Banner Manipulation Vulnerabilities
22.  Xoops SQL Injection and Banner Manipulation Vulnerabilities
23.  Webgate Web Eye Exposure of Users and Passwords
24.  Webgate Web Eye Exposure of Users and Passwords
25.  Sun Solaris dtprintinfo Privilege Escalation Vulnerability
26.  Sun Solaris dtprintinfo Privilege Escalation Vulnerability
27.  Mathopd Remotely Exploitable Buffer Overflow
28.  Mathopd Remotely Exploitable Buffer Overflow
29.  Abyss Web Server Directory Protection Bypass Vulnerability
30.  Abyss Web Server Directory Protection Bypass Vulnerability

11:18:22 AM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  Avaya to simplify video calling. The Internet Protocol phone maker teams with the voice and video products manufacturer to facilitate videoconferencing with a click from a desktop or laptap.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  Siemens claims 500 million dollars over Argentinian ID software (AFP). AFP - The German industrial group Siemens is claiming about 500 million dollars from Argentina, alleging that it broke a contract for identificiation softwares, the company has said in a filing to the US SEC stock market authorities.
3.  C&W uses bankruptcy laws for cheaper US exit (FT.com). FT.com - Cable and Wireless, the UK-based telecommunications operator, on Monday said it would use bankruptcy laws to exit its ailing US business, selling the US assets to Gores Technology for $125m.
4.  NEC Recalls Laser Printers (PC World). PC World - Overheating problem could cause a fire, company says.
5.  Talks Seek Global Internet Ground Rules (AP). AP - Negotiators from 192 countries have narrowed differences on setting the global ground rules for expanding use of the Internet, but remain undecided on whether rich nations should help their poor counterparts pay for the increase.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
6.  Europe Begins Noise Mapping Effort
7.  World Summit On The Internet And IT
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
8.  Could Segways replace soldiers as hired killers?. If DARPA says so
9.  UK 'not ready' for e-voting. There's a surprise
10.  NatWest warns of dodgy email. Fraud alert
11.  Inland Revenue poised to ditch EDS. The price of failure
12.  Acer TravelMate 661LMi laptop. Reg Review Great price, great features, shame about the keyboard
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
13.  500 attaques par mois dans les PME
14.  La France poursuivie pour non respect de la directive Internet

10:17:52 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Report: China Game Makers to Earn $250M (AP). AP - China's Internet game makers are expected to make $250 million this year, earning respectability for an industry once "despised and scorned," the official Xinhua News Agency said Monday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Viewing Inside the Earth
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  Security Watch
4.  Moving beyond passwords
5.  How much security do you need?
6.  Navy eases network access
7.  Security chiefs get council
8.  Feds, industry form security alliance
9.  Récupération des clés WEP sur les Access Point Cisco Aironet
10.  JAVA_STARTPAGE.E
11.  Routeur Linksys WRT54G vulnérable a un déni de service

9:17:33 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  How many years does an Azeri have to work to buy a copy of WinXP?. Over at FirstMonday, Rashid Aiyer Ghosh has published a table showing how many years an average wage-earner in various countries around the world will have to work if they are to buy a copy of Windows.

Country     GDP/cap  PCs ('000s)  Piracy      WinXP Cost [3]
                                        Effective $     GDP months
Albania     1300     24           n.a.     15196        5.17
Algeria     1773     220          n.a.     11140        3.79
Angola      701      17           n.a.     28184        9.59
Argentina   7166     3415         62%      2757         0.94
Armenia     686      24           n.a.     28806        9.80
Australia   19019    10000        27%      1039         0.35
Austria     23186    2727         33%      852          0.29
Azerbaijan  688      n.a.         n.a.     28708        9.77

Link
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  Report: Oracle may top revenue estimates
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Japanese pachinko maker Sammy to buy 22.4 percent stake in Sega (AFP). AFP - Sammy Co. Ltd., a major Japanese maker of pinball pachinko slot machines, said it has decided to buy a 22.4 percent stake in Sega Corp, one of Japan's leading game software developers.
4.  Humbled Cable and Wireless exits from US (AFP). AFP - British telecommunications group Cable and Wireless marked another step in its humbling retreat from global ambition by announcing it has agreed a deal to sell its US assets under bankruptcy laws.
5.  Africa must log on to bridge yawning digital divide (AFP). AFP - Africa needs to log on immediately if it wants to connect to the rest of the world -- a formidable task in a region where vast areas do not have electricity, telephones or computers.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
6.  108 Ways To Do The Towers of Hanoi
7.  Download Anaconda for Debian
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
8.  Chinese net use rising fast. New figures show 78 million people in China now use the internet, up by a third in a year.
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
9.  Computer Associates set for Web services battle - Infoworld Staff. Computer Associates on Monday will face off against smaller companies in the Web services management field when it ships its Unicenter WSDM (Web Services Distributed Management) product.
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
10.  Microsoft aiming IBM-scale patent program at Linux?. Just at the little fish, we reckon
11.  KaZaA shuts down KaZaA Lite. Legal threats
12.  Internet showdown side-stepped in Geneva. Probably for the best
13.  C&W flogs US ops by way of Chapter 11. Gores is buyer
14.  UK NHS trials Sun Linux, threatens 800k user defection from MS. European open source worries get serious for Microsoft?
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
15.  Securing Your Linux Environment
16.  Improving the Database Logging Performance of the Snort Network Intrusion Detection Sensor

8:17:13 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Borribles: fine, dark English kids' trilogy. Michael de Larrabeiti's classic children's trilogy, "The Borribles," is back in print in an omnibus edition incorporating all three volumes of the story. "Borribles" is not only one of the finest children's adventure stories ever penned, it's also an epic love poem to London, in the same way that China Mieville's King Rat is -- dark and glorying in the decadent, intestinal twistings and turnings of London's sooty, crowded, vibrant streets. I've just started re-reading the trilogy, and I'm astonished anew at how good this is.

Link
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  States scrutinize e-voting as primaries near. Some states raise last-minute security concerns over e-voting as much of the country prepares to move from mechanical to electronic ballots for the upcoming U.S. presidential election.
3.  Feds should hang up VoIP regulations. A tax-hungry band of bureaucrats at state and federal agencies is trying to figure out how to levy those fees on voice conversations carried across the Internet.
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
4.  Uzbek gamers pick up PC skills. Computer games in developing nations can be an entry point into technology, researchers have found.
5.  Brits scoop gaming shoot-out. British pro-gamers beat the French in the first round of an exhibition tournament fought out in virtual environments.
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
6.  Cyberkiosk assaults Spanish teenager. Rise of the Machines Part II
7.  Cambodian data entry outfit provokes 'sweatshop' slur. Global philanthropy or exploitation?
8.  Man arrested in Cambs Police iPod email phone jam scam. Thousands of callers
9.  'Dial 9' scam snares Wilts Police. It's a hoax
10.  A smaller CeBIT?. More firms cancel
11.  Micron ships 1Gb DDR 2 chips. DIMM designs too
----------------------------------------------------------------------
Internet/Network Security
----------------------------------------------------------------------
12.  Generate Difficult Passwords. You've been told a hundred times not to use your name, birthday, dog's name, wife's name, firstborn child's middle name or any other information that can be deduced or discovered with a minimum of effort as your password. Your company...
13.  Unwitting Users Propagate Email Spam. As much as one third of the spam invading your inbox may be from personal computers that have been compromised with a remote access Trojan. The user may have no idea that they are unwittingly contributing to the deluge of...

7:16:52 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  C&W uses bankruptcy laws for cheaper US exit (FT.com). FT.com - Cable and Wireless, the UK-based telecommunications operator, on Monday said it would use bankruptcy laws to exit its ailing US business, selling the US assets to Gores Technology for $125m.
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
2.  Go ahead for UN internet summit. Rich and poor countries settle most of their key differences ahead of this week's UN digital divide summit in Geneva.
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
3.  IBM draws first blood in SCO Linux battle. Proof is in the pudding. So show us the pudding
4.  Wicked Sun forces final death of Win98, Office 2000, etc. But will DARPA keep polluted Java spores for 'research'?
----------------------------------------------------------------------
Wired News
----------------------------------------------------------------------
5.  Keep It Down! Euro Noise Assault. A new European program is mounting a fight against noise pollution. The first step is to map noise levels in cities in 25 nations, followed by plans to dampen the din and quiet public grumbling about the non-stop rumble.
6.  Get It in Writing: Travel Info. Thousands of travelers still buy printed guides listing every flight to and from each city. Far from being driven out of business by the Internet, airline and auto guides are still popular with frequent travelers who want an edge.
7.  Will Global Warming Cool Europe?. As the melting Arctic ice cap chills the warm ocean current responsible for Western Europe's mild weather, temperatures could take a sharp dip -- after the continent adapts to being almost tropical.
8.  Go Tell It on the Mountain. During this week's U.N. tech summit, 500-foot-tall messages submitted over the Web from anyone with something to say will be projected by lasers at four global landmarks, including New York's U.N. building. By Kari L. Dean.
9.  Thoughts at the End of the Road. The geek-seeking journey down Route 1 ends at the 'southernmost point in the United States.' Now it's time to reflect on what it all meant. Michelle Delio reports from Key West, Florida.
10.  Holiday Ad Dollars Head Online. It's not just retailers who are raking in cash from holiday spenders. News sites are also profiting nicely as advertisers spend more of their promotional budgets online. By Joanna Glasner.

6:16:34 AM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Linux: the GPL and Binary Modules

5:16:13 AM    

----------------------------------------------------------------------
Dilbert
----------------------------------------------------------------------
1.  Dilbert for 08 Dec 2003.
----------------------------------------------------------------------
Non Sequitur
----------------------------------------------------------------------
2.  Non Sequitur for 08 Dec 2003.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Cable/Wireless Uses Bankruptcy to Exit US (Reuters). Reuters - Cable & Wireless Plc finally managed to exit its loss-making U.S. businesses on Monday in a deal that will cost the British telecoms group much less than feared, sending its shares sharply higher.
4.  Internet dissident sentenced to two years in prison in north China (AFP). AFP - Internet dissident Yan Jun, 32, has been sentenced to two years in prison on a subversion charge for posting essays online calling for change, including a free press and free expression, his family said Monday.
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
5.  Uzbek gamers pick up computer skills. Computer games in developing nations can be an entry point into technology, researchers have found.
6.  Cambodians share in the digital economy. Poor or disabled Cambodians are finding jobs in the global digital economy thanks to a non-profit company.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
7.  Linux Security Week - December 8th 2003

4:15:53 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Not to be read by Metafilter Matt. Matt Haughey, if you're reading this, stop, right now.















All right. The members of MetaFilter are teaming up to buy Matt an Xmas present -- a trip to Iceland -- to thank him for all his hard work on MeFi. If you've enjoyed the fruits of Matt's labor, go on and chip in.

Link
2.  Rubber duckie keychain drives.

This Japanese company is selling glowing rubber duckie USB keychain drives. Capacity caps out at 16MB -- someone should make a 1GB version of this. That plays MIDI jingles. And has a fingerprint-reader-based encryption scheme. You would be the coolest kid in the Internet cafe when you plugged in your fingerprint-reading lightup singing duckie and used it to transfer your ssh keypair-halves to gain acess to your cage. Seriously.

Link

(via Gizmodo)

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Africa must log on to bridge yawning digital divide (AFP). AFP - Africa needs to log on immediately if it wants to connect to the rest of the world -- a formidable task in a region where vast areas do not have electricity, telephones or computers.

3:15:33 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  LayerOne geek festival call for proposals. Boogah Smalls and his pals are putting on a low-cost geek festival in LA on June 12, called LayerOne -- looks wonderful! They've just put out a call for papers; got something you want to say?

LayerOne is now officially accepting papers and presentations for our first session, tentatively scheduled for June 12th and 13th, 2004. We are looking for people to speak on a broad range of topics, however we encourage all submissions. Since the target audience will consist of mainly technophiles we've gathered a list of some of the topics we'd love to see covered below... 
    :: Peer To Peer Networks
          :: Securing
          :: New models
    :: Network Security
          :: Flaws with current protocols
          :: Techniques for hardening
    :: Community based tools 
          :: Social software models
          :: Weblogs
    :: Encryption
          :: Securing your files
          :: Implementation
    :: Telephony 
          :: VoIP
    :: Copyright Issues
          :: Releasing works into the public domain
          :: Creative Commons

Link

(Thanks, Boogah!)
----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
2.  Nations Chafe at U.S. Influence Over the Internet. A powerful nonprofit group and the United States government are expected to come under heavy fire at an Internet conference in Geneva this week. By Jennifer L. Schenkerinternational Herald Tribune.
3.  A New Use for a CD's Flip Side. OneDisc Technologies of Dallas is in talks with major and independent labels to begin making a combination single-disc product that plays DVD video on one side and CD audio on the other. By Chris Nelson.
4.  Study Rebuts E-Mail Claims Made for Growth Hormones. Many of the human growth hormone products sold over the Internet, a new report says, are bogus. By Anahad O'connor.
5.  I.B.M. Set to Unveil Chip-Making Advance. I.B.M. plans to describe successful efforts to create silicon memory chips using a new nanoscale manufacturing technique. By Barnaby J. Feder.
6.  The Cylons Are Back and Humanity Is in Deep Trouble. The Sci-Fi Channel has combined retro-futurism with politics to create a new dawn of television adventures into outer space. By Ned Martel.
7.  School Away From School. For the outcasts and oddballs, virtual high school can seem like an ideal solution. But for all that online students gain, what do they lose? By Emily White.
8.  A Believer Despite Long Odds. Brian Appel's goal - to build a machine that turns animal byproducts into oil - was something of a long shot. By Betsy Cummings.
9.  Making a Fortune, Losing It and Moving On. Rabbi Blech, 70, turned a relatively small nest egg of around $50,000 into $7 million and then into nothing - ashes to ashes, dust to dust. By Claudia H. Deutsch.
10.  Who Wins and Who Loses as Jobs Move Overseas?. The outsourcing of jobs to China and India is not new, but lately it has earned a chilling new adjective: professional. By Erika Kinetz.
11.  Getting a Refund After the Scandal: Gauging the Odds. If Eliot Spitzer has his way, investors will receive tens of millions of dollars in refunds from mutual fund managers who allowed improper trading in their funds. By Riva D. Atlas.
12.  A Tall Decaf, Mocha Cappuccino and the Wi-Fi Selection of the Month, Please. Anticipating the day when Wi-Fi alone may not distinguish one retailer from another, Starbucks is experimenting with the equivalent of Wi-Fi flavors of the month. By Roy Furchgott.
13.  Foes of Bush Enlist Google to Make Point. There is another example of a form of cyber-graffiti known as "Google bombing." By Saul Hansell.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
14.  British Health System Looks at Linux

2:15:13 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  IBM Claims Nanotech Breakthrough (AP). AP - Researchers at IBM Corp. claim they have made an important breakthrough in the race to design circuitry at the molecular level: a system that works with existing methods of electronics manufacturing.
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
2.  Vulnerabilities: PLD Software Ebola Buffer Overflow Vulnerability. Ebola is a utility for making virus-scanning on Unix-based systems more efficient.

It has been reported that a buffer overflow condition is present in the authentication...

1:14:53 AM    

----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
1.  Last-Minute Shipping for Online Buyers. Hear this, procrastinators. More online merchants say they can deliver the goods for last-minute shoppers. By Bt Bob Tedeschi.
2.  Dell Moves Some Customer Service Operations Back to the U.S.. Companies sending work abroad are learning cultural sensitivity - to their American customers. By Laurie J. Flynn.
3.  Heads-Up Displays Move From Cockpits to Cyclists' Helmets. Soon recreational motorcyclists and bicyclists will be able to take advantage of data projected into their line of sight. By John Markoff.
4.  Hackers Steal From Pirates, to No Good End. The tactic that made music pirating programs so effective is now spreading to rogue programs that take over computers from afar. By John Schwartz.
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
5.  CA enters Web services management. Computer Associates is expected to deliver its first Web services management products to market and announce an array of related partnerships.
6.  IBM gets chip circuits to draw themselves. Big Blue is tinkering with a new material that could drastically slash the costs of “drawing” circuits on semiconductors, and the stuff is a close relative to tennis shoe glue.
7.  Flash-drive makers forming group. Several companies are creating an industry group to promote a kind of portable data storage device that's small enough to fit on a keychain.
8.  Micron puts new memory into action. The company is set to announce that it has begun producing and shipping large numbers of next-generation DDR2 memory chips, which promise better performance for PCs and servers.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
9.  NEC develops world's smallest transistor (AFP). AFP - Japan's computer giant NEC Corp. has developed the world's smallest transistor in a breakthrough which could lead to the production of a supercomputer the size of a desktop PC, a report said.
10.  China to Have 78 Million Web Surfers by End 2003 (Reuters). Reuters - The number of Internet surfers in China is expected to hit 78 million by the end of 2003, the China Daily newspaper said on Monday, citing a report by the Internet Society of China.

12:14:32 AM    

© Copyright 2004 Gregg Doherty .
Last update: 2/10/2004; 8:52:07 AM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "Gregg's Security News Aggregator" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.