Gregg's Security News Aggregator

Currently, this "blog" is nothing more than a news aggregator which

gets security information from over 30 sources. As you'll note,

a number of the sources are not specific to security. Advanced

filtering is definitely needed.






Subscribe to "Gregg's Security News Aggregator" in Radio UserLand.

Click to see the XML version of this web page.

Click here to send an email to the editor of this weblog.
 

 

Saturday, May 01, 2004
 

----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
1.  As a Center for Outsourcing, India Could Be Losing Its Edge. Wages in India's major outsourcing sectors have been rising by close to 15 percent per year because of increased competition for labor. By Noam Scheiber.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  Companies Change the Way CEOs Are Paid (AP). AP - Last year, Steve Jobs received a pay package worth nearly $75 million. But the Apple Computer CEO's pay had a catch — all but $1 was in stock that he can't touch until 2006. There's been a big shift in the way America's top executives are being paid, as once-ubiquitous stock options are replaced by restricted stock and other forms of pay.
3.  Senate OKs Bill to Ban Web Access Tax (AP). AP - The Senate voted overwhelmingly to restore a ban on taxing Internet connections for four years, stopping short of the permanent ban approved by the House.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
4.  Sasser Worm Exploits MS04-011 Vulnerability
5.  WORM_SDBOT.AM
6.  WORM_PROTORIDE.N
7.  WORM_PROTORIDE.B
8.  MI5 plugs in terror website
9.  Veritas NetBackup Buffer Overflow and Format String Flaws Let Local Users Gain Root Privileges
10.  Web Wiz Forums Input Validation Hole in 'pop_up_ip_blocking.asp' Lets Remote Users Inject SQL Commands
11.  MS04-011 LSASRV Exploit; Sasser Worm Update: Sasser.b

11:24:29 PM    comment []

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Build Your Own Heavy Metal Server
----------------------------------------------------------------------
SecurityFocus Vulns
----------------------------------------------------------------------
2.  BugTraq: Will the Sasser worm become the next Blaster?. Sender: kers0r [root at asylum-nz dot com]
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  Apple QuickTime Bug Lets Remote Users Execute Arbitrary Code
4.  Alerte virus: Sasser

10:24:07 PM    comment []

----------------------------------------------------------------------
Boing Boing
----------------------------------------------------------------------
1.  PacManhattan: LARPing Pac Man. X-NAS-Bayes: #0: 1.5019E-059; #1: 1 X-NAS-Classification: 0 X-NAS-MessageID: 258 X-NAS-Validation: {E681C936-E9F0-4DDC-9901-74301AF33E67}

PacManhattan is a live-action version of PacMan, played around Washington Square Park, in which people in Pac Man and ghost suits chase each other through the streets, seeking out power-pellets.

Link

(via Kottke)


----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
2.  Yesterday's Back! At Last, an I.P.O. to Drool Over. The interest that Google's planned stock offering has generated is the latest piece of evidence that investors have shrugged off one of the worst bear markets in history. By Alex Berenson.
3.  See the Big Picture? Don't Forget to Examine the Fine Print. When it comes to technology, consumers often must decide between buying something new and cool, or waiting until the engineers turn the schematics right side up. By Matt Richtel.
4.  Is a Do-Gooder Company a Good Thing?. Supporters and critics agree that the public would do well to scrutinize the effects of Google's influence, whether or not it adheres to its promises of trustworthiness. By Amy Harmon.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
5.  Signs Point to Worm Attack on SSL Vulnerability
6.  Trend Micro Pattern File April 28, 2004
7.  Microsoft hole spawns real attacks, false alarm
8.  Norton Virus Definitions April 29, 2004
9.  Kaspersky Anti-Virus Update April 30, 2004
10.  Norton AntiVirus Virus Definitions April 30, 2004
11.  Sasser worm begins to spread
12.  The Cleaner Database v3563
13.  TROJ_OSTRA.A
14.  WORM_SASSER.B

9:23:48 PM    comment []

----------------------------------------------------------------------
CNET News.com
----------------------------------------------------------------------
1.  New worm's got sass, but not much else. The latest worm will likely spread widely, leaving behind an open file server on each victim, but security experts believe the Internet got lucky with the poorly coded program.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  Buffett Pleased by Promises of Google's Founders (Reuters). Reuters - Warren Buffett on Saturday said he was encouraged by the promises of the founders of Google Inc. to communicate openly with investors as the search engine prepares for a much anticipated initial public offering.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
3.  PacManhattan
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
4.  Sun Solaris TCP/IP Stack DoS
5.  lftp Username/Password Disclosure
6.  Re: Will the Sasser worm become the next Blaster?

8:23:30 PM    comment []

----------------------------------------------------------------------
Ars Technica
----------------------------------------------------------------------
1.  California bans the use of some e-voting machines. Ca. Sec. of State bans the use of some electronic voting machines. It is not likely that paper receipts will be available for Ca. voters in time for the Nov 2 elections. By Fred "zAmboni" Locklear.
----------------------------------------------------------------------
CNET News.com
----------------------------------------------------------------------
2.  Oracle, DOJ exchange preliminary witness lists. Larry Ellison and Craig Conway, chief executives at rival companies Oracle and PeopleSoft respectively, are expected to face off next month in the U.S. Department of Justice antitrust trial.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Sasser worm hits three leading Microsoft operating systems - experts (AFP). AFP - A new Internet worm spreading worldwide hits computers with certain Microsoft operating systems and causes no apparent damage, but closes down the operating system and sends it into a re-boot loop, two US computer security firms said.
4.  Slain Ex-NFL Player's Memorabilia on EBay (AP). AP - Pat Tillman memorabilia have become hot items on the online auction site eBay. Some people are offended that sellers are trying to profit from the former NFL player who was killed in combat in Afghanistan.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  Gosling on Opening Java

7:23:10 PM    comment []

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Siemens mobile phones to go on sale throughout China: report (AFP). AFP - The German technology giant Siemens is poised to sign a deal with China which will allow it to sell its mobile phones throughout the country, it was reported.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Engaging Debate on Piracy and Videogaming
----------------------------------------------------------------------
SecurityFocus Vulns
----------------------------------------------------------------------
3.  BugTraq: Re: Will the Sasser worm become the next Blaster?. Sender: Gadi Evron [ge at linuxbox dot org]
4.  Vulns: Jordan Windows Telnet Server Username Stack Based Buffer Overrun Vulnerability. Jordan Windows Telnet Server is a Telnet server for Microsoft Windows platforms. X-NAS-Bayes: #0: 1.54682E-050; #1: 1 X-NAS-Classification: 0 X-NAS-MessageID: 255 X-NAS-Validation: {E681C936-E9F0-4DDC-9901-74301AF33E67}

Jordan Windows Telnet Server has been reported prone to a remote buffer overrun vulnerab...

5.  Vulns: YoungZSoft CMailServer Buffer Overflow Vulnerability. CMailServer is an mail server program for Microsoft Windows systems. It is maintained by YoungZSoft.

It has been reported that an exploitable buffer overrun condition e...

----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  paFileDB Installation Path Disclosure
7.  Coppermine Photo Gallery Include File Flaw Lets Remote Users Execute Arbitrary Code on the Target System
8.  plem.tar.gz
9.  lboeg.pl.txt
10.  cge-13.tar.gz
11.  hydra-4.0-palm.zip
12.  hsftpexpl.tgz
13.  HOD-ms04011-lsasrv-e..>
14.  04252004.ms04011lsas..>
15.  mplayerRTSP.html
16.  hap-linux-2.2.26-1.d..>
17.  jailed-1.0.0.tar.gz
18.  aexpl-1.0.tar.gz
19.  etherdam-0.2.tar.gz

6:22:50 PM    comment []

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Open Source Part of Mainstream IT in Canada
----------------------------------------------------------------------
SecurityFocus Vulns
----------------------------------------------------------------------
2.  BugTraq: New LSASS-based worm finally here (Sasser). Sender: Ben Ryan [ben at bssc dot edu dot au]
3.  Vulns: EType EServ Resource Exhaustion Denial Of Service Vulnerability. EServ is a proxy software package distributed by EType. It is available for Microsoft Windows operating systems. X-NAS-Bayes: #0: 2.50133E-092; #1: 1 X-NAS-Classification: 0 X-NAS-MessageID: 254 X-NAS-Validation: {E681C936-E9F0-4DDC-9901-74301AF33E67}

A denial of service vulnerability has been reported for ...

4.  Vulns: LSH Remote Buffer Overflow Vulnerability. lsh is a free software implementation of the ssh version 2 protocol. It is available for multiple platforms including Linux, Unix and Apple.

lsh has been reported prone ...

5.  Vulns: Roger Wilco Remote Server Side Buffer Overrun Vulnerability. Roger Wilco is a net-based communication client designed to allow users to speak in real-time. Multiple clients may connect to a single server allowing remote users to in...
6.  Vulns: TerminatorX Multiple Command-Line and Environment Buffer Overrun Vulnerabilities. terminatorX is a freely available, open source music manipulation program. It is available for the Linux platform.

It has been reported that TerminatorX may be prone to ...

7.  Vulns: Ifenslave Argument Local Buffer Overflow Vulnerability. ifenslave is a tool designed to attach and detach slave network interfaces to a bonding device. The bonding device will act like an Ethernet network device to the Linux k...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
8.  LNSA-#2004-0014: X-Chat vulnerability in Socks-5 proxy
9.  Computer User: The security shopping list "The bare essentials you'll need to keep your business...

5:22:27 PM    comment []

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Going Back to the Moon and Mars
----------------------------------------------------------------------
SecurityFocus Vulns
----------------------------------------------------------------------
2.  Vulns: Samhain Labs HSFTP Remote Format String Vulnerability. hsftp is an ftp emulator, designed to provide the look and feel of ftp, while providing secure network communication via the ssh protocol. The application is freely avai...
3.  Vulns: XFree86 Direct Rendering Infrastructure Buffer Overflow Vulnerabilities. XFree86 is a freely available open-source implementation of the X Window System. X-NAS-Bayes: #0: 1.39839E-043; #1: 1 X-NAS-Classification: 0 X-NAS-MessageID: 253 X-NAS-Validation: {E681C936-E9F0-4DDC-9901-74301AF33E67}

It has been reported that XFree86 is prone to a denial of service. The condition repor...

4.  Vulns: Util-Linux Login Program Information Leakage Vulnerability. Login is a component of the util-linux package. It is available for the Linux platform.

A problem has been identified in the handling of information by the login compon...

----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
5.  New worm possibly infecting millions of computers: experts (AFP)

4:22:18 PM    comment []

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  New worm possibly infecting millions of computers: experts (AFP). AFP - A new Internet worm is spreading automatically worldwide and has probably already infected millions of computers, a Finnish anti-virus expert told AFP.
----------------------------------------------------------------------
SecurityFocus Vulns
----------------------------------------------------------------------
2.  BugTraq: LNSA-#2004-0014: X-Chat vulnerability in Socks-5 proxy. Sender: Vincenzo Ciaglia [ciaglia at netwosix dot org]
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  BKDR_WISDOOR.H
4.  W32.Sasser.Worm - LSASS Worm
5.  Sasser Worm Spreads Automatically Through Windows Hole
6.  Sasser Worm Update
7.  News in Brief

3:21:48 PM    comment []

----------------------------------------------------------------------
Boing Boing
----------------------------------------------------------------------
1.  Chick-Fil-A's lawyers fried to a crisp by smart alecks at attrition.org. Hilarious line-by-line retort to a nastygram sent by Chick-FIl-A's lawyers, X-NAS-Bayes: #0: 1.65158E-083; #1: 1 X-NAS-Classification: 0 X-NAS-MessageID: 251 X-NAS-Validation: {E681C936-E9F0-4DDC-9901-74301AF33E67}

: It has recently come to our attention that your website, : tor.at/resources/fun_stuff/www.attrition.org/gallery/other/tn/
: eat_mor_chikin.jpg.html>, includes a picture of the "EAT MOR CHIKIN" cows.
: This picture is an exact duplicate of CFA's U.S. copyright registration
: (Registration No. VA 760-668), and use of it is an unauthorized infringement
: of the CFA's intellectual property.

Oohh, your mail was going SO good until this part! But, unfortunately you "screwed the pooch" as the saying goes. Not only do you demonstrate you know jack and shit about how the Internet works, you prove that you are not legally competant to defend your client's intellectual property rights. If you feel you are competant, then you must be doing this to fraudently bill your client for additional wasted hours. Which is it, i'm curious?

Link
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  New Windows Worm on the Loose
----------------------------------------------------------------------
SecurityFocus Vulns
----------------------------------------------------------------------
3.  Vulns: Multiple IBM AIX Unspecified LVM Utilities Symbolic Link Vulnerabilities. IBM AIX ships with Logical Volume Manager (LVM) management and administration utilities.

IBM has reported that multiple undisclosed LVM utilities are prone to symbolic l...

4.  Vulns: PAFileDB ID Variable Cross-Site Scripting Vulnerability. paFileDB is a PHP based database of files. It supports accounts to control the accessibility of these files and password protection of downloads.

paFileDB is reported to...

5.  Vulns: Multiple IBM AIX Unspecified Console Commands Symbolic Link Vulnerabilities. IBM has reported that multiple undisclosed console commands are prone to symbolic link attacks. Although few details are currently known regarding these vulnerabilities, ...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  Re: http://www.smashguard.org
7.  LNSA-#2004-0013: Multiple Vulnerabilities in Samba
8.  RE: IE Certificate Stealing (Phising) bug
9.  Props 0.6.1 XSS and Remote File Viewing Vulnerability
10.  Re: http://www.smashguard.org
11.  CNet: Time to ban MP3 players from work?
12.  Microsoft NetMeeting Malformed String DoS
13.  IPSwitch IMail SMTP Server Overflow
14.  FOLDOC template.cgi Execute Arbitrary Command

2:21:28 PM    comment []

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Looking for the Key to SMB (Ziff Davis). Ziff Davis - SAP, PeopleSoft and Microsoft go after the vertical-industry SMB market.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Intel Chief: Don't Call Us Benedict Arnold CEOs
----------------------------------------------------------------------
SecurityFocus Vulns
----------------------------------------------------------------------
3.  Vulns: AIX Getlvcb Command Line Argument Buffer Overflow Vulnerability. AIX getlvcb is a utility used to display logical volume control block information. X-NAS-Bayes: #0: 5.62243E-081; #1: 1 X-NAS-Classification: 0 X-NAS-MessageID: 250 X-NAS-Validation: {E681C936-E9F0-4DDC-9901-74301AF33E67}

getlvcb has been reported to be prone to a buffer overflow vulnerability. The issue pr...

4.  Vulns: AIX Putlvcb Command Line Argument Buffer Overflow Vulnerability. AIX putlvcb is a utility used to rebuild logical volume control block information.

putlvcb has been reported to be prone to a buffer overflow vulnerability. The issue pr...

----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
5.  Re: http://www.smashguard.org
6.  Re: http://www.smashguard.org
7.  Problèmes de correctifs et exploitation de la faille lsass sur Windows

1:21:08 PM    comment []

----------------------------------------------------------------------
Boing Boing
----------------------------------------------------------------------
1.  What would Jesus say about Pete the Porno Puppet?. Newsweek's Brian Braiker says,
X-NAS-Bayes: #0: 6.51915E-200; #1: 1 X-NAS-Classification: 0 X-NAS-MessageID: 249 X-NAS-Validation: {E681C936-E9F0-4DDC-9901-74301AF33E67}

This is a story i wrote this week about Pete the Porno Puppet, a truly bizarro PSA campaign that XXXchurch ("the #1 Christian porn site") launched -- it's an ad designed to convince parents to get rid of their porn stash so that children aren't exposed to it. The irony is that the anti-porn ad was filmed by smut peddler Jimmy D. Also, it's creepy as all getout.

Indeed. When I first ran accross the site a month or two ago, I was surprised to see they were (without permission) posting excerpts from an article about Hustler publisher Larry Flynt that I wrote for Wired News. Seeing your work snipped out of context to promote a political agenda you're not part of is almost as disturbing as... um... a talking, evangelical sock puppet that wants your porn.

Link to Newsweek story on XXXchurch

----------------------------------------------------------------------
CNET News.com
----------------------------------------------------------------------
2.  Sasser worm begins spreading. A worm starts spreading through the Internet using a vulnerability in a widely used component of the Windows operating system.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
3.  Blender 2.33 Re-enables Game Engine
----------------------------------------------------------------------
SecurityFocus Vulns
----------------------------------------------------------------------
4.  BugTraq: Re: http://www.smashguard.org. Sender: Coleman Kane [cokane at cokane dot org]
5.  BugTraq: Re: http://www.smashguard.org. Sender: Nicholas Weaver [nweaver at CS dot berkeley dot edu]
6.  BugTraq: LNSA-#2004-0013: Multiple Vulnerabilities in Samba. Sender: Vincenzo Ciaglia [ciaglia at netwosix dot org]
7.  BugTraq: RE: IE Certificate Stealing (Phising) bug. Sender: Michael Wojcik [Michael dot Wojcik at microfocus dot com]
8.  Vulns: Linux Kernel EXT3 File System Information Leakage Vulnerability. An information leakage vulnerability has been reported to exist in the Linux kernel when writing to an ext3 file system. This issue is due to a design error that causes ...
9.  Vulns: Linux Kernel JFS File System Information Leakage Vulnerability. A vulnerability has been reported in the Linux Kernel that is related to how JFS file systems are cleaned up. In particular, a root user may potentially gain to private ...
10.  Vulns: Common Desktop Environment DTLogin Unspecified Remote Double Free Vulnerability. The dtlogin application is implemented with the Common Desktop Environment (CDE) that implements the X-Display Manager Control Protocol (XDMCP). The dtlogin process make...
11.  Vulns: XFree86 Font Information File Buffer Overflow Vulnerability. XFree86 is a freely available open-source implementation of the X Window System.

It has been reported that the XFree86 X Windows system is prone to a local buffer overf...

12.  Vulns: XFree86 CopyISOLatin1Lowered Font_Name Buffer Overflow Vulnerability. XFree86 is a freely available open-source implementation of the X Window System.

It has been reported that the XFree86 X Windows system is prone to a local buffer overf...

13.  Vulns: XFree86 Unspecified Fontfile Buffer Overrun Vulnerability. XFree86 is a freely available open-source implementation of the X Window System.

XFree86 has been reported prone to an unspecified local buffer overrun vulnerability (C...

----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
14.  Sasser Worm Spreads Automatically Through Windows Hole
15.  New Netsky Variant Blames Users
----------------------------------------------------------------------
About Internet/Network Security
----------------------------------------------------------------------
16.  Sasser Worm Exploits MS04-011 Vulnerability. A new worm is spreading rapidly and has been bumped up to a Medium criticality ranking by most antivirus vendors. Dubbed "Sasser" because it exploits a buffer overflow in LSASS (Local Security Authority Server Service), the worm can spread from...

12:20:49 PM    comment []

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Wall Street Adopts New Technology (Ziff Davis). Ziff Davis - The financial industry flocks to Linux and service-oriented architecture.
2.  Investors May Not Dig Google's Quirks (Reuters). Reuters - Internet lovers rave about Google's irreverent company attitude, but the No. 1 search service will find it is hipper to be square when it comes to Wall Street, analysts said on Friday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
3.  Green Tea Cleans Hard Drive Heads
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
4.  WORM_SASSER.A
5.  YELLOW ALERT: WORM_SASSER.A
6.  Infocon: yellow
7.  -UPDATE- Sasser Worm , Week in Review; LSASS Exploit Analysis; SANSFIRE 2004

11:20:28 AM    comment []

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Sun Mulling GPL for Solaris
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
2.  Wall Street cool on Google plans. Finance experts question whether the internet firm is right to pick an unconventional method for selling its shares.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  Pourquoi le Libre va changer le monde

10:20:08 AM    comment []

----------------------------------------------------------------------
CNET News.com
----------------------------------------------------------------------
1.  How VCs earn their keep. An upcoming research paper suggests some venture capital firms offer intangibles, such as experience and contacts, that are worth their weight in gold.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  Livewire: the Good, Bad and Ugly - Plastic Surgery Stories (Reuters). Reuters - The Internet can't make you beautiful, but it does cater to a host of vanities, from the search for the perfect eye shadow to the ultimate makeover, plastic surgery.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
3.  Beyond Megapixels - Part II
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
4.  Çàâåðøåí ïðèåì ñòàòåé íà êîíêóðñ
5.  W32.Sasser.Worm

9:19:49 AM    comment []

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Programs: a Game to Fire Up Adventure Lovers (Reuters). Reuters - After spending the last few days on the PlayStation 2, I have a new nickname: Toast. That's what I became after repeatedly taking on the numerous conflagrations in "Firefighter F.D. 18."
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
2.  Cyberdetective's Handbook Issued

8:19:28 AM    comment []

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Rules of thumb to calculate company's value (SiliconValley.com). SiliconValley.com - Is search engine leader Google really worth five times as much as Apple Computer and twice General Motors?
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  The FragBook
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  Namazu Hit Number File Name XSS
4.  Cisco IPSec VPNSM IKE Packet DoS
5.  Multiple E-mail Client Long File Name MIME Overflow
6.  NetWin Authentication Module Weak Password Encryption
7.  Agora.cgi Path Disclosure

7:19:09 AM    comment []

----------------------------------------------------------------------
Wired News
----------------------------------------------------------------------
1.  Senior Challenge: Price This Drug. A new Medicare website details the prices for prescription drugs under its new drug discount card plan -- but several pharmacies say its information is incorrect. The errors add to confusion about coverage under the new plan.
2.  Wal-Mart Turns to Smart Tags. The retail giant begins sticking RFID tags on some of its products, looking to the day when the technology replaces bar codes as the way of tracking inventory. The tags may also help cut down on counterfeiting and theft, Wal-Mart says.
3.  California Bans E-Vote Machines. Secretary of State Kevin Shelley decertifies all touch-screen voting machines and recommends charges against Diebold. By Kim Zetter.
4.  Playing With Sounds in Your Head. A sound-design firm claims it can evoke particular responses in people by playing specific sounds. The technology, based on neurosensory algorithms, could be used in movies or video games. But at least one expert says more research has to be done. By Katie Dean.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
5.  Netsky Tops April Virus List (TechWeb)
6.  Netsky Remains Big Dog In April (TechWeb)
7.  Re: http://www.smashguard.org
8.  Re: http://www.smashguard.org
9.  [product-security@apple.com: APPLE-SA-2004-04-30 QuickTime 6.5.1]
10.  Re: http://www.smashguard.org
11.  Security Tracker: libpng Memory Access Violation When Creating Error Messages "May Cause Denial ...
12.  Security Tracker: ProFTPD Access Control Bug With CIDR Addresses "May Let Remote Authenticated U...
13.  Bugtraq: IE Certificate Stealing (Phising) bug
14.  Inquirer: Microsoft SSL patch slows systems down [Microsoft KB] "MS04-011 apparently causes some...
15.  CNet: Google denies FBI link to Gmail "Google on Thursday denied that it has had any contact wit...
16.  ZDNet: Virus alert - Netsky.ab "Netsky continues to harvest e-mail addresses and remove recent B...
17.  Security Focus: Zonet Wireless Router NAT Implementation Design Flaw Vulnerability "issue may re...
18.  InterFax: China to install special surveillance systems in all Internet cafes by end of 2004 "ne...

6:18:48 AM    comment []

----------------------------------------------------------------------
Boing Boing
----------------------------------------------------------------------
1.  Animal-shaped rubber bands. X-NAS-Bayes: #0: 2.18587E-013; #1: 1 X-NAS-Classification: 0 X-NAS-MessageID: 237 X-NAS-Validation: {E681C936-E9F0-4DDC-9901-74301AF33E67}

I never thought I'd find myself drooling over a premium rubber-band, but these animal-shaped rubber bands from the Japanese design firm Plus-D are super-cool.

Flash Link


----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
2.  Mohegan Sun won't gamble on insider threats
3.  Mohegan Sun won't gamble on insider threats
4.  Barnesandnoble.com hit with fine for online security breach
5.  FDA to bolster IT architecture to fight bioterrorism

5:18:29 AM    comment []

----------------------------------------------------------------------
Dilbert
----------------------------------------------------------------------
1.  Dilbert for 01 May 2004.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  PDA Sales Drop; Microsoft Gains In Operating-System Share (TechWeb). TechWeb - Gartner says year-over-year worldwide shipments fell nearly 5% in the first quarter, with Microsoft pulling into a dead heat with Palm in sales of handheld operating systems.
3.  Interview: JBoss CEO Marc Fleury (TechWeb). TechWeb - JBoss CEO and founder Marc Fleury recently spoke with CRN Senior Editor Elizabeth Montalbano about why he's committed to open source as a lucrative business model and how things have changed between his company and Java steward Sun Microsystems since JBoss Inc. became an official J2EE licensee.
4.  RIAA Files 477 New Lawsuits (TechWeb). TechWeb - The latest round of legal assaults targeted 69 individuals accused of using university networks at schools in 11 states to distribute copyrighted music on unauthorized peer-to-peer services.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  CA Secretary of State Bans Diebold Machines
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  Mohegan Sun won't gamble on insider threats
7.  Barnesandnoble.com hit with fine for online security breach
8.  1 May W32/Sasser-A

4:18:12 AM    comment []

----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
1.  Microsoft will deliver better security any day now
2.  Clearing up the Euro-security picture
3.  Make spam wait

3:17:47 AM    comment []

----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
1.  Analysts Doubt Public Offering of Google Is a Bellwether. Many analysts say that Google is unlikely to provide a blueprint for going public for other start-up companies. By Matt Richtel.
2.  Wal-Mart's Tracking Tags Are Getting First Field Test. Wal-Mart will be using radio frequency identification to track goods as they are sent out to its Supercenter stores. By Barnaby J. Feder.
3.  High-Tech Voting System Is Banned in California. California has banned the use of more than 14,000 electronic voting machines made by Diebold Inc. in the November election because of security and reliability concerns. By John Schwartz.
4.  Silicon Valley Looks to Google Public Offering for Signs of a New Boom. The men and women of Silicon Valley on Friday expressed guarded joy that two more technology entrepreneurs have punched capitalism's lottery ticket. By Matt Richtel and Carolyn Marshall.
5.  Google Poses a Challenge for Usual Ad Outlets. Unlike conventional advertising, to which vast creative effort is devoted, a search engine like Google already has access to users looking for something in particular. By Saul Hansell.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
6.  OpenBSD 3.5 Released
----------------------------------------------------------------------
Hack the Planet
----------------------------------------------------------------------
7.  I just finished Richard K. Morgan's Altered Carbon; what a thrill ride.
8.  InfoWorld: Newisys 4300 Opteron server is a screaming success. Heh.
9.  Somebody took a look at the TypeKey protocol; it looks similar to Passport (since I guess there are only so many ways to do this stuff).
10.  Newswire is a peer-to-peer, fully decentralized system that brings news to your desktop, within seconds after it is published. (My apologies if you already saw this one of the first ten times I posted it.)
11.  InfoWorld: Sun considers GPL license for Solaris. I wouldn't mind getting my hands on Zones or ZFS. I'm still trying to figure out what "a free licensing model where Solaris revenue would come from a paid subscription" means, though.
12.  The Register: Tennessee rejects Napster/RIAA tax. I didn't realize that Napster was selling indemnification.
13.  Dan Gillmor: GoogleMania: Using Clout, So Far the Right Way.
14.  Reading the notes from the X11 Developer Conference, I can't help but think that the path they're taking is massively over-engineered compared to Quartz Compositor. Sure it's flexible and extensible and backwards-compatible and has no policy, but it's just so big.
15.  The BBC's R&D division is working on a modern video codec called Dirac. Unfortunately there are no docs about how it works.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
16.  Apple patches QuickTime flaw
17.  ProFTPD Access Control Bug With CIDR Addresses May Let Remote Authenticated Users Access Files

2:17:28 AM    comment []

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Tennessee Rejects Napster's Music Offer (AP). AP - Napster, the company that popularized illegal music downloads in dorm rooms across the country, is now trying to sell music legally to colleges and universities.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Robosaurus
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
3.  New Xeon unearthed as Intel's first all-India chip. Exclusive Welcome 'Whitefield' By Ashlee Vance .
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
4.  Week in Review; LSASS Exploit Analysis; SANSFIRE 2004

12:24:18 AM    comment []


Click here to visit the Radio UserLand website. © Copyright 2004 Gregg Doherty.
Last update: 6/1/2004; 12:28:58 AM.
This theme is based on the SoundWaves (blue) Manila theme.
May 2004
Sun Mon Tue Wed Thu Fri Sat
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          
Apr   Jun