Slashdot Mirror

BoFiS writes: "Well it seems the MPAA (Motion Picture Association of America) was feeling left out of all the suing action going on between the RIAA and Napster because News.com reports that they have filed a suit against Scour for aiding in the transfer of illegal/bootleg copies of movies. The article also talks about the DivX format that many movies come in, but not much about the suit itself." Scour may raise privacy concerns, but isn't their service essentially content-agnostic?

NoWhere Man writes "According to TechWeb, Intel officials have said that they plan to ship a 1.13-GHz Pentium III in limited production quantities on July 31 >(which also happens to be the anniversary of AMDZone). Interestingly enough, at the same time, the schedule for the Itanium, the companys first 64bit processor, seems to have slipped from the 3rd quarter of next year to the 4th quarter."

Pointwood writes "CNET buys rival Ziff-Davis for $1.6 billion. The story is here." Will the day come when there are just three major online news sources -- AOL.com, News.com, and MSN.com -- and all the rest (including Slashdot) are just barking dogs chasing their wheels? Or will enough new, independent sources spring up and gain enough readers (and credibility) to keep the biggies from getting too much power?

"AOL wants your children to be safe online," using their Parental Controls. There's just one problem with their censorware. You can see any site you want by appending a "." to the hostname - and this has been true since at least 1997, when Mike Sklut of newriot.com discovered the simple exploit. At the time, he was 11 years old. Despite his having told a few thousand of his closest friends, AOL didn't wise up to the fact until yesterday morning. Mike's out of town at a baseball tournament, but we managed to trade e-mail with him about his early hacking years. Update: 07/17 02:59 PM by J : Other censorware suffers from the same vulnerability. Sheesh.

Slashdot:

What does Parental Controls do?

Mike Sklut:

Parental controls block certain Web sites that AOL lists on their system. When you type in a URL, tokens are sent through your client to the AOL proxy requesting a site. The screen name is verified, and if you are on any three of four settings, the proxy may or may not send you the information.

These settings not only block certain Web sites that AOL lists, but also certain features of AOL. For example: kids only can't access most main features of AOL such as instant messages, and many e-mails are blocked unless the controls are set further.

Also note that if you are not set on 18+ (the very highest setting), then no sockets applications are allowed to connect to anything. It does not give your computer any connection to the Internet except through the AOL client.

Can you describe the hole?

This hole affects all AOL users who are set on mature teen (16-17). This exploit (or trick if you will) is simply done by adding a "." at the end of the second level domain extension. For example: if you're trying to get into 'newriot.com' and it gives you the classic "Web restricted error," just type in 'newriot.com.'

How'd you learn about it?

Just over three years ago (I must have been in fifth grade at the time), a friend and I were trying to get into altavista.com to do research for a project. I was set on young teens at the time, and I believe he was on mature teens. (Note: this trick used to work on young teens as well as mature, but it now seems to only work on mature).

Anyway, we couln't get in, each of us, because altavista was believed by AOL to have adult ads or something, so it was blocked by AOL. We were just messing around with the URL, adding characters here, port numbers there, and all of a sudden I got into it. It happened unknowingly and it took me a minute to figure out how I actually did it.

A small thing, but it proved to be a popular trick for a time with my friends.

Is this useful for anything besides looking at porn?

I knew this question would come along. =] Research projects? Well, seriously, if you needed something that AOL didn't like (other than porn); warez, pages with cussing or swear words on them.

I never used it much at all; soon after that research project, I got into Web design and my parents had to change me to 18+ to use sockets applications for publishing to my site. It worked great for me though; I told all my friends (and more) who tried to take credit for it, and that really made me mad.

If you just needed to do research, why didn't you just talk to your parents about turning the controls off?

They had already gotten mad at me before. I had gone on my dad's screen name and changed my controls (back and forth multiple times) to do other stuff that required an Internet connection that was external from the AOL client. Once or twice he caught me and got mad, and he had refused to change them before because I had done it without his permission; he really didn't care if I had other stuff that I wanted to do (IRC, FTP, and I think that was all I did that required a connection at the time).

How many kids did you tell about this?

In the last three years I would guess I would have told at least 5000 people about it. Since I learned about the trick I have lived in three different states (IL, MA, and MI). I usually told a ton of my friends.

And, you have to add me publicly talking about it on my old Web site (emall2.com, which I am currently battling out with the owners of emall.com over trademark infringments). I posted it on there on a sub site (some AOL tricks thing) just about a month before it was taken down; I got about 500 "THANK YOU SO MUCH" e-mails about it, and my hit counters showed thousands of hits to that one page.

Did you know when you posted it on your site what would happen? (Are you sorry you tipped off the media, or are your friends ticked off at you for revealing the secret?)

I rushed into getting the site up, and I needed pretty quick publicity. The site is not 1/4 done yet, and the our first major staff meeting isn't until next Monday. I had to post about some big news that someone might be interested in and come to the site to look at, and this seemed to be the thing. It was horrible timing, and I wish I would have done this in two weeks from today, when most of the site is up. I got a ton of e-mail telling me about how good the site will be, and wondering where all the content was. I absolutely knew this would happen, and I'm very glad that I did it (but the timing was off, as you can see), and I'm very glad of the results.

I'm very happy I tipped off the media. I hate America Online, as I have for years (various reasons), and this just makes them look bad (bad in some people's eyes, horrible in others).

My friends (about 15 so far) e-mailed me screaming about how happy they were to see me on news.com, yet very mad at me for this is their only source for getting out of AOL's controls. Next week I'll post how to use proxies, so they can get around it once again.

I'm also working on getting a new NPH wrapper (if you can help I'd love it because I can't figure out how to do this) for the server so it can understand some of the commands in my cgi-based proxy app.

Has AOL patched it up yet?

Last night [Thursday, July 13] I called them (as a very concerned parent) asking them if my son (who I said was set on mature teen) was at risk.

The man I spoke with "absolutely assured" me that he was safe and AOLs parental control system was "100% fullproof". I told him about newriot.com and news.com's articles on it, and he tried it out. He was very suprised to see that he could get into a restricted site with the account he had made set on mature teens. He told me this was the first he had seen of this, and that he would tell his supervisor of the incident. He then told me that he was very sorry about the problem and he was sure something would happen fast. I thanked him.

Today [Friday], around 10:38 AM EDT, I tried it, and was suprised to see that it was fixed. I never knew AOL was quick with anything these days.

Your site mentions "several other methods" but doesn't give details yet. Can you give us a hint?

Yea sure. =P

1 - proxies

2 - using staff tools to force certain tokens through the proxy. This gives you access to any Web site (and many staff areas on AOL that aren't on stratus)

3 - once again using staff tools to create hybrid forms that will go through other proxies that can be searched for

Proxies will always work and always be around for the rest of history; AOL won't get a work around these for many years. Even when they do get something to decode pictures and sites through proxies, there will still be encryption. Staff tools will let us get through easily on the 'younger' settings, but the kids that use them would be breaking the law by using the tools themselves (I think), and might not be technical enough to use them.

Your site also says you're going to put up a tutorial on forging e-mail. Do you like poking around computer security, do you think you'll keep doing it?

The tutorial for forging e-mail was already put up on the old design for newriot.com. I recently gave her a facelift, and deleted all the old stuff to put into the new template for the site. I have had it all ready to go for a while, I just can't upload it until I get to my house and out of this baseball tournament.

I've been messing with AOL's security for a while now, and about a year ago I got a little out of AOL and more into the main Internet thing. The first hackers conference I went to was this summer (rubi-con) and I hope to get to go to some others (the problem is my parents and transportion).

Poking around at online security is a blast. It just infuriates me all of the Internet users that think of themselves as "elite" just because they can scam a password from some staff AOL account, or the people that go around causing havok online and think they are the best. These are the idiots that ruin it for the all of us, and I'm also very sorry to see all the newbies looking to them, who will one day become one of them.

Anything you'd like to say to parents who have trusted Parental Controls to keep their teens safe on the Internet?

If your kid is half-way smart and is a quarter computer literate -- he'll get around it. There are plenty of sites that will show you how to use proxies that are very easy to understand.

What's the best (and only) way to make sure your teen (or kid) isn't looking at stuff online you wouldn't want him/her to be looking at? -- Don't have kids. In today's world many kids have external access to the Web; off-home surfing. Their friends have it, their school has it, their public library has it. So much access to this. If any or all of these are using filtering there are always ways around it.

Are your parents going to get mad when they see this interview?

My parents wouldn't ever see it without me telling them about it, and even if they did they wouldn't read it. And even if they read it, they wouldn't get mad. So all in all; no, they'll be fine. Thanks.

A reader wrote in with story on C|Net that Earthlink has said that it will *not* install Carnivore, the FBI mail snoop program. Earthlink has said that it will cause disruptions to their customers, and thus refuses to install it. I'd say that's valid. Cringley has a story where he suggests that Carnivore is really about giving the government the power to shut down the Internet.

Eric Harlow writes: "Microsoft's newly released Internet Explorer 5.5 is trying to do something Microsoft was worried that Netscape might do -- make the browser a platform. Of course, now that IE has 86% of the market, it can lure developers into using flashy new tools that leave Netscape users out of the dust since the new IE has all kinds of 'IE only' features -- and they haven't managed to fix standard items as CSS." Here's the CNET story; a snippet reads: "Together, the proprietary innovation and the purported faults in standards compliance mean that Web pages created to work for IE--widely considered to be the dominant browser--won't work with browsers from Netscape, Opera Software and other providers."

Similarly, jchristopher writes: "The Web Standards project has come out against Microsoft again, this time blasting them for the proprietary "enhancements" found in their recently released IE 5.5 Web browser. Microsoft is up to their tricks again. Meanwhile, the browser still does not fully support CSS1. Here is the press release from the Web Standards Project."

I wish companies would stop touting incompatibility with others as a desirable feature rather than a liability. Would you buy a wrench that said "Works only on Ford"?

Nostradumbass told us about HandHeldCrime. This is cool for people that like to read on their Palm. jleader shared a link to a revolutionary new airplane design being built at the Van Nuys airport in Los Angeles. As if you couldn't tell from his name, linuxsucks_dot_com thinks that Linux Sucks! Use it as a tool, not as flamebait. SEWilco told us about a little cyber kid-leashing, and while you?re making sure the kids are where they need to be, kawlyn told us about the x86 Still. Beinoni shared a link to some interesting nonlinear emergent phenomena. An Anonymous Coward sent in a link to an interesting Scientific American story about anti-aging. dolanh sent in a cool question: What was your first computer? Okay, you caught me. My first real computer of note was an Apple //c. Still have the monitor. Zeitgeist gave us a link to a tool for the paranoid, Mindguard.

Do you want an i-Opener, and for how much? Are space-vehicle rescues "your thing"? Does your cute iMac suffer from a video-game-violence deficiency? Do your Web habits stray to courtroom and crime-scene voyeurism? Do you think that online privacy agreements must of needs outlive the dot-com-ephemera which offer them? If Yes to any or all, you've come to the right place.

Money changes everything. After numerous writeups about the hacking potential of their iOpener device, Netpliance changed their service model and even the design of the product itself. Sounds like that wasn't enough: Cy Guy writes: "Netpliance has announced that they are raising the price of the i-Opener from the introductory price of $99 to $399 (neither price reflects the $21.95/month cost of Netpliance's Internet service which must be used with the device.) In a c|net interview Netpliance president Kent Savage dismissed hacker modifications to the device as a factor in the price increase." As Ioldanach puts it, "Think its 'cause they finally realised it was cheaper to raise prices then 'hack-proof' their product?"

What I'd like to see is Netpliance package the LCD and CPU of the i-Opener and sell those packages to OEMs, so they could create custom housings, new uses, etc -- after all, lots of people would like a small LCD X-terminal.

MacGuyver, The A-Team, NASA ... Grave writes: "Looks like NASA got DS1 functioning again. A probe that was almost entirely made up of experimental technologies can be salvaged, yet two hopefully-soon-to-be-routine flights to Mars can't be. Ah, well, at least we know that Ion Engines are workable. Bring on the TIEs!"

TRUSTe dusts off the white hat for a bit? Last week, a story appeared which noted the alarming news that failed web-merchant Toysmart planned to sell its customer information in an effort to recover some money. According to this Standard story, "The nonprofit organization TRUSTe announced Friday it is planning to file a brief in bankruptcy court that will decide whether Toysmart.com can sell its customer lists." Jamie raises two points to consider:

1. Time will tell what effect (if any) TRUSTe's planned brief will have on the Toysmart bankruptcy proceedings.
2. The company that bought Boo.com insists they will continue to honor the old privacy policy for old customers.

Maybe we could combine this with 'Survivor'? jgalvin222 writes "APB Online, Inc. has filed for bankruptcy. This web site is known for offering in-depth breaking news, tons of information on ongoing investigations, and you can listen to live police scanners. This web site will surely be missed, and if you read the article, you can see that some of their techs have volunteered to post crime and safety articles over the next couple of weeks - without pay. If anything, you should peruse their video library, some of the clips are both amusing and interesting."

The Devil will find work for idle hands to do. Ryan writes: "Here is something to keep us Mac fans happy. Go2Mac reports that Diablo II has gone gold for Mac version, making this one of the quickest PC to Mac conversions ever." Here is the official announcement from Blizzard.

Every once in a while, it's good to have someone slap you with a reminder that conflicts which look simple or clear-cut from a distance may not be quite so simple to those in the thick of the action. In this case, artist Baptist Death Ray spills his guts about the problems that widespread MP3 traffic poses to small musicians, in the context of an industry dominated by giants (and remember, not yet equipped for convenient micropayments). Meanwhile, ewhac serendipitously points out one faltering step toward the encryption which is sure to be common in the future MP3 marketplace, and perhaps has a bearing on the musicians' plight Mr. Death Ray describes.

I think that if you spoke with most musicians, you'd be surprised to find out that we hold big record labels in very low regard. Big record labels, owned by larger companies, run by stockholders, are interested in only one thing, and it ain't music. And it ain't musicians, neither. It is, quite simply, profit, and whatever they can do to maximise that profit, they'll do it. I know I'm sounding like Jon Katz here, but in truth a lot of what he says about corporatism fits the music industry perfectly. At the top are rich fat white guys churning out pablum, or thinking up new and creative ways to turn good acts into pablum, because pablum sells more records.

The problem with record labels is, quite simply, that in order to ensure that they make the kinds of money they want to make, they won't take chances. And because they happen to control all the methods of physical music distribution, they're the only game in town. When the only game in town won't take chances, that means that if you want to play, you have to play their game, and you can't take chances either.

Before the Internet, it wasn't even possible to compete against the major labels -- but in the 80s there were still plenty of minor labels willing to cater to your needs. In fact, once upon a time there was a thriving indie music scene -- there were bands able to make a living doing what they did by working with labels who didn't mind challenging music. But something happened: the big labels found out about these small labels, thought they could produce more pablum, and bought most of them out.

Meanwhile, the record industry lumbers merrily along, stepping on all the talent it can find, robbing them blind, making them sign ridiculous contracts that give up most of their rights and bleeding them dry. And a few musicians get fabulously rich in the process -- that's the carrot -- but the rest of the musicians wonder what the hell happened.

That's the problem with the record industry. And one of the biggest problems with a record label is that, despite how much they suck in general, they are phenomenally good at distribution. They know how to get the word out to record stations, they know how to put your CDs in stores, they know how to schedule you on talk shows, they know how to promote -- and they can reach a much, much larger area than you can. One of the biggest selling points a record label has is saying "our distribution network can put your CD in stores worldwide." Every musician wants his music heard worldwide, even if he tells himself he doesn't care. It's part of being a musician.

Here's the theory: the Backstreet Boys have thousands upon thousands of fans in every town they stop in. The Baptist Death Ray, on the other hand, does not. The Backstreet Boys play music that is likely to be played in every city and every town all over the world. The Baptist Death Ray, on the other hand, is a more cultivated taste. So while thousands upon thousands of people in every town might like the backstreet boys, only fifty to a hundred people in every town might like the Baptist Death Ray.

With the Internet, however, this can cease to be a problem. No longer does the Baptist Death Ray have to worry about finding 100 fans at a time. The Internet is distributed, which means among other things that although in reality all of the Baptist Death Ray fans are scattered across the globe, the perception is that they're all hanging out at the Baptist Death Ray's Web site, the Baptist Death Ray pages on Listensmart.com, Mp3.com, MusicBuilder.com, Riffage.com, and Garageband.com. In effect, the Baptist Death Ray has found a viable audience for his music over the Internet that he could not necessarily find via geography.

That is what the Internet should do for independent musicians. And this, my friends, is a genuine threat to the big record labels.

So right now you have musicians like me who make some of our music freely available. We say "listen to this! This is what I sound like. If you like it, why don't you buy the CD?" Pretty simple, not sophisticated, but all new movements start out simple and unsophisticated. In time, this could grow into something the major labels can't stop, and that scares them a lot, a lot, a lot, a lot. Once upon a time MP3.com talked a lot about this, before they tried to become another music label themselves. They called it a revolution. They were right, but then they went public and stopped talking about it.

But here's the truth: to support yourself on the Internet all you need to do is sell 10,000 CDs a year at $8 a CD. If you're selling through a model like MP3.com's, you can make 40K a year -- not bad for a musician! 10,000 CDs is nothing to a major label. 10,000 CDs sold in a year means the label drops you and never talks to you again. Your album doesn't even go aluminum at 10,000 CDs.

This means that if the public could get used to buying music online, the major labels would be screwed. They're not willing to sell CDs at $8 a pop, and plenty of musicians are willing to sell them for less. That is a revolution -- a revolution where musicians are suddenly supporting themselves based on whether or not their audience likes what they do and buys their work.

Then there's Napster. Napster seems to follow the model where the plucky indie musicians put their music online and compete against the big labels toe-to-toe. The problem is, Napster doesn't compete against the record labels. Maybe the record labels don't know this, but it's true... Napster doesn't compete against the record labels, it competes against those plucky indie musicians.

It's no secret that despite the "rampant piracy" of people trading MP3s last year, the big labels sold more CDs than ever before. People tend to like buying CDs; there's a psychological difference between downloading an MP3 and going to a store and buying a CD. Consumers aren't buying music -- they're buying CDs, with cover art and liner notes and a little poster inside and a few hidden tracks and a few spoken tracks and perhaps a limited edition signed thingie wedged in between the cover art and the CD itself. The record industry makes big stars, and owning the things that a big star sells is part of the job of being a fan. Trading bootlegs is also part of the job of being a fan, but buying the posters, the CDs, the T-Shirts, all that stuff is as well. Record companies will always make lots of money from CDs, DVDs, and any other physical format that comes after.

So yes, while there may be a billion people trading Metallica songs online, Metallica's fans will still buy Metallica CDs, because to their fans, Metallica is the greatest band that has ever lived. Despite piracy, record labels will be able to make money, gobs and gobs of it. Napster doesn't compete with the major labels -- Napster promotes them, whether either side wants to admit it or not.

Who Napster does compete with, however, are the independent musicans. While independent musicians are trying to convince people that they don't need to buy from major labels, that they can buy direct (for less!) instead, Napster is showing people that they don't need to buy music at all. So on the one hand, you could buy ABCDEffigy at MP3.com, on the other hand, you could scour Napster for all the MP3s and have it anyway. After all, the Baptist Death Ray doesn't sell CDs, he sells music. CDs are freakin' expensive. Liner notes and posters and colored cds and limited edition doodads are the kind of promotional, artistic things that record labels excel at, that they use to justify jacking up the price.

Meanwhile, the consumer looks at a Web site where he or she can spend $8 for a CD, and then looks at Napster and sees the entire contents of the album online, free. Pay, or free. It's entropy, people, it all depends on what requires less energy. Right now, maybe spending the $8 is more convenient than waiting two days on a 33.3 modem. When high bandwidth lines are commonplace, however, that will no longer be the case. The worst part is not that Napster makes it easy to pirate music -- No, the worst part is the overwhelming feeling among Napster users that pirating that music is somehow morally justifiable. Most of the arguments I see say that they're not stealing from artists, they're stealing from record labels who don't pay the artists enough anyway. Well, I have news for you, the artists, even if they don't get the amount that they deserve, still get something with every music sale.

So how does the artist make money? Well, the common response from the free music movement is "touring." But you all need to know about touring. Touring is not a good way to make money unless you have a core audience of a certain size. A "core audience" is an audience that of fans who love your stuff, and will go out of their way to see you play. Now, go back to the top of this article and read the bit about the geographical limitations the Baptist Death Ray has, versus the geogrpahical limitations the Backstreet Boys do not have.

Ideologically speaking, the people who defend Napster may very well be on stronger ground than I am. Perhaps copyright and intellectual property has run its course. Perhaps its abuses call for the complete and absolute revocation of any claim that any artist has to his or her work. Perhaps pirating music through Napster is the just the kind of direct action that we need in order to show the labels who, in fact, is boss.

What I see, however, is the death of a revolution before it even had the chance to get off the ground. I feel that even if Napster loses its court case, it's too late to stop the way things are going. Napster and its supports will, one way or another, win. However, the result of that victory will be that artists will depend more than ever on rich sponsors, which is all that a record label really is. You thought mainstream music sucked now? Wait a few years after you've won. It'll suck worse.

Signed,

The Baptist Death Ray
(bdr@baptistdeathray.com)

And in related news, ewhac writes: "CNet reported about a week ago that AOL has announced it will incorporate copy-protection measures into an upcoming release of WinAmp, the hugely popular music player (upon which XMMS is modeled). The copy protection technology, intended to deter music "piracy," is to be provided by InterTrust Technologies, and is also intended to be part of the upcoming AOL 6.0 release. WinAmp was developed by NullSoft, which was acquired by AOL a little over a year ago for about $100 million in stock.

Personal Observation: May we now conclude that AOL is no longer a customer-driven company? Because I can't imagine a single user actually asking, "Please take away my ability to share stuff with my friends." Sounds like it may be time for a Windows port of XMMS ..."

jonnythan writes: "CNet apparently had a talk with Ari Schwartz of the Center for Democracy and Technology. The result is this story, which paints a terribly frightening picture of what Your Rights Online really are. It's a very informative story nonetheless, and puts the fiascos with Real Networks et al in a somewhat different light." Covers a wide variety of online situations, and how you have little to no recourse against corporate or government snooping. Not very in-depth, but maybe it will start people thinking.

jonnythan writes: "CNet apparently had a talk with Ari Schwartz of the Center for Democracy and Technology. The result is this story, which paints a terribly frightening picture of what Your Rights Online really are. It's a very informative story nonetheless, and puts the fiascos with Real Networks et al in a somewhat different light." Covers a wide variety of online situations, and how you have little to no recourse against corporate or government snooping. Not very in-depth, but maybe it will start people thinking.

goingware writes: "This article at C|Net tells how Intel canceled plans to produce an 800 MHz Xeon. They had feedback from major OEMs telling them they wanted fewer speedbumps with larger incremental improvements. I think that's a positive step, actually. I know from doing performance analysis of software that simply making a speedbump to a processor doesn't win the end-user that much, it's mainly for marketing reasons. This is because the performance of real systems these days is limited so much by memory access times and other factors. It would be better if manufacturers concentrated on engineering improvements that would result in real performance gains rather than notching up the clock speed."

goingware writes: "This article at C|Net tells how Intel canceled plans to produce an 800 MHz Xeon. They had feedback from major OEMs telling them they wanted fewer speedbumps with larger incremental improvements. I think that's a positive step, actually. I know from doing performance analysis of software that simply making a speedbump to a processor doesn't win the end-user that much, it's mainly for marketing reasons. This is because the performance of real systems these days is limited so much by memory access times and other factors. It would be better if manufacturers concentrated on engineering improvements that would result in real performance gains rather than notching up the clock speed."

Back for more already? Good. Today's early dinner of information includes humble pie baked by NASA, quantities of penguins rescued from roiling in oil, a morsel about sex discrimination in the computer world, and a take-out order of XF86 for the diners in our Slackware booth.

Absolutely no danger whatsoever at all. Contradicting the BBC story reported last week on Slashdot, NASA officials deny that a 1997 shuttle mission was ever in danger because of communication interruptions. Signal 11 writes: "NASA has a press release out which refuses a previous story from the BBC stating that an unknown 'hacker' was able to disrupt communications between mission control and the shuttle." Aardwolf64 pointed to MSNBC coverage of the NASA denial.

The NASA release reads, in part:

"NASA's Inspector General's office found that during the STS-86 mission in September of 1997, the transmission of routine medical information was slightly delayed due to a computer hacker. However, the transmission was successfully completed.

At no time was communication between NASA and the astronauts compromised. The communication interruption occurred between internal ground-based computer systems."

Fly away little birdies! Fly away! Errr, swim away, little birdies! Swim away! Errr ... come back later! An unnamed correspondent writes: "follow up on recent story about penguins caught in oil spill. After being cleaned, the penguins were flown to Port Elizabeth and released to swim the +/- 800 km's back to Cape Town. This will give enviromnetal cleaners a short space of time to clean the oil from the beaches where they live. Two of the penguins are being tracked. This site tracks their progress via satellite. Can't someone novelize this rescue attempt under the title "Penguin's Progress"?

Sir, please stop hitting me with the 'No Discrimination' sign. fegg writes: "Emmett recently posted a story in which there was a reference to an AP article which discussed gender bias as regards women and computer science. This was put -- I thought cavalierly --i nto the "this-has-nothing-to-do-with-gender-dammit dept." Unfortunately, the evidence suggests that it has everything to do with gender or, at least, how the world is presented to young boys and girls.

This is a rather important topic to me, especially now that I have two daughters (not to mention a wife who is a professional computer scientist). I view this as a must read for anyone who wants to develop a reasonable understanding of why there is such an imbalance of men and women in computing.

The gender bias situation is real, and it has been known for quite a while by many in education and technology circles. I would like to refer the Slashdot community to Ellen Spertus, who, in 1991, wrote "Why Are There So Few Female Computer Scientists?" Particularly compelling, IMHO, is the piece therein on stereotyping.

Spertus's "Women and Minorities in Science and Engineering" provides an excellent set of pointers for people interested in this topic."

Isn't this what killed John Belushi? strredwolf writes "If you haven't heard, XFree86 4.0.1 is out in full force, with binaries and docs online. Slackware users can get the "Slackballs" via the Linux Mafia, along with other goodies." (Here's the direct link to the 4.0.1 files, but linuxmafia.org is worth exploring anyhow. Warning: it is an unabashed Pro-Slack Zone.)

This would be worth more than my car. Dredd13 writes "Empeg, Ltd., a UK company, shipped the first of its Mark 2 MP3 car-stereo to customers this past week. This is the same stereo that runs Linux and has won awards. The Mark2 is expected to be a full production run, (as opposed to the initial Mark1, which only had about 300 units) with enough to satisfy ample demand. As a former MkI owner (and one of the guys who got a Mark2 today from Mr. FedEx), I can say its worth every penny!" Slashdot's been following the Empeg saga for a while now; check out this item Rob posted in 1998. I hope they can bring the price down a bit, to better compete with the various mainstream MP3 players now emerging.

krautt writes: "AMD's desperate plight for technical superiority looks like it has caught up with them according to this article from CNET. I guess that's what happens when you ignore your Q&R engineers and release improperly tested hardware to market." According to the article, the "chip itself is not the likely cause. Instead, the flaw probably results from the overall design of the system or other components." Sounds more like a kink like a showstopper, but a disappointment for anyone in line for a Thunderbird.

krautt writes: "AMD's desperate plight for technical superiority looks like it has caught up with them according to this article from CNET. I guess that's what happens when you ignore your Q&R engineers and release improperly tested hardware to market." According to the article, the "chip itself is not the likely cause. Instead, the flaw probably results from the overall design of the system or other components." Sounds more like a kink like a showstopper, but a disappointment for anyone in line for a Thunderbird.

Nightspore writes: "David Boies, the lawyer recently seen cleaning Microsoft's clock for the DOJ is going to bat for Napster, and he is bringing a curious bit of law with him. It seems that if one uses enforcement of a copyright in an anti-competitive fashion -- which Napster says it has documents proving members of the RIAA cartel have done -- you lose your ability to legally enforce that copyright . Oops! More here." You can read the actual brief in pdf format as well. Boies lays out all his arguments on page three...

DAldredge was one of a huge number of people that wrote in with the news that the BBC has reported that a cracker(s) endangered the lives of astronauts in 1997 by "overloading NASA's communication system". Charming.

goingware writes: "This article at CNet describes how troubled Internet companies are selling off customer data in an effort to pay off creditors or keep themselves afloat, in violation of stated privacy policies. Among the sites that are doing this are Boo.com and Toysmart. These companies were Truste approved sites before their failure. Note that when a company is bankrupt, its assets are divided up and sold off according to what the court orders, and may not have much to do with what the company tried to promise. I also noticed when checking out the articles that CNet uses doubleclick so you may want to browse the articles with cookies off."

goingware writes: "This article at CNet describes how troubled Internet companies are selling off customer data in an effort to pay off creditors or keep themselves afloat, in violation of stated privacy policies. Among the sites that are doing this are Boo.com and Toysmart. These companies were Truste approved sites before their failure. Note that when a company is bankrupt, its assets are divided up and sold off according to what the court orders, and may not have much to do with what the company tried to promise. I also noticed when checking out the articles that CNet uses doubleclick so you may want to browse the articles with cookies off."

goingware writes: "This article at CNet describes how troubled Internet companies are selling off customer data in an effort to pay off creditors or keep themselves afloat, in violation of stated privacy policies. Among the sites that are doing this are Boo.com and Toysmart. These companies were Truste approved sites before their failure. Note that when a company is bankrupt, its assets are divided up and sold off according to what the court orders, and may not have much to do with what the company tried to promise. I also noticed when checking out the articles that CNet uses doubleclick so you may want to browse the articles with cookies off."

goingware writes: "This article at CNet describes how troubled Internet companies are selling off customer data in an effort to pay off creditors or keep themselves afloat, in violation of stated privacy policies. Among the sites that are doing this are Boo.com and Toysmart. These companies were Truste approved sites before their failure. Note that when a company is bankrupt, its assets are divided up and sold off according to what the court orders, and may not have much to do with what the company tried to promise. I also noticed when checking out the articles that CNet uses doubleclick so you may want to browse the articles with cookies off."

"Something old, something new, something borrowed, something blue." No, that's for a wedding. For Slashback, try something more like "Something about Intel, something about Mattel, something about TiVO,something about England." Much less romantic, but quite a bit more fun to read.

Alright mister, I'll see your accusatory bluster and raise you a page of cogent explanation. Our own Jamie McCarthy points out: "[Matthew Scala, one] of the authors of cphack has written a very extensive FAQ about the program and his settlement with Cyber Patrol/Mattel." Here's the link to the Cyber Patrol break FAQ.

This just in from Georgetown: Pat Ramsey, omniscient Mac-support guru at Southwestern University (The original University of Texas) participated in the recent ResNet 2000 conference, and wrote with some clarification about the recent Slashdot story on Simson Garfinkle's recommendations on ftp, telnet and other common protocols.

I submitted a blurb on Sunday about Simson Garfinkle keynoting the Resnet 2000 Symposium in Philadelphia. Being there at the conference, I can say that Rob's take on the Chronicle article is a little off. Garfinkle gave a presentation intended to raise awareness of how insecure most campuses are.Telnet and ftp protocols are just two examples of services that use clear-text passwords. He believes that that practice should be banned. Clear-text passwords are too easily sniffed.

But telnet and ftp were just two examples of things that campuses should look at. Even bigger, and the article didn't convey this with it's somewhat sensational headline, is the lack of policies that say in writing what is done with data that is inconspicuously gathered. Search engine queries, cookies, packet sniffs, Cisco Netflow logs, tcpdumps, etc.

This seemed to be of more importance then eliminating telnet and ftp.

Especially good for anyone who didn't read the full text of the article linked to; ftp and telnet may be great protocols, but Garfinkel is arguing they're less suitable than their more secure counterparts. Thanks, Pat!

14 hours ought to be enough for -- oh, nevermind. undef24 writes: "A followup to a slashdot story posted earlier this week. They've published a way to upgrade a 14-hour Tivo to 52 hours on the AVS Forum." The directions are thorough, but these guys make no bones about what TiVO will think of your mucking about in the guts of your previously-sealed machine. And it raises the inevitable, recurrent question: how close is an off-the-shelf Linux hobbyist version that has the same function?

For once, technical information is slightly flashier than the product name. Maro Shim writes "What's Up With Willamette? (Part 1, Part2), a two-part article, is a good one for understanding Willamette, (i.e. Pentium 4) architecture, which is the next generation x86 processor design from Intel. It includes a description of the development roots of Willamette and the basics of how its organization and operation differs from earlier P6 generation processors. In Part 2, he examines the new technology and features of Willamette in more detail and speculate on its implementation, operational characteristics, and performance. This is a must read for CPU enthusiast."

Flashes of Doh from the other side of the pond. Builder writes "Hi. A while back I used the stand.org.uk service to fax my MP. Today I got a reply back. Some things scare me about the reply. It is almost as if my MP refuses to believe the things we and other large groups of people (ISP's, Consumer groups, etc.) have been saying. ... I've posted the letter, as well as a quick disection about why this whole thing (The bill, my reply and the attitude in general) scares me so much. It can be found at http://www.penguinpowered.org.uk/stand/index.html

If you haven't got involved yet, please do so now! Lobby your MP. Make a noise! Remember, the squeaky wheel gets the grease..."

Tell me this wasn't inevitable. nutty writes pointing out that the Connectix lawsuit dropped by Sony has been refiled. Legal maneuvering? War of attrition against those who dare oppose the marketing might of the PlayStation behemoth? Sony!? I wish this one were tougher to believe.

Gridle writes "According to this CNet article, Sony has voluntarily taken back the patent infringement case against Connectix, the makers of Virtual Game Station, a Playstation emulator for Macs and PCs. Here's the press release from Connectix."

It seems that Miss Boo and other failed dot-com businesses are finding that the one thing they have that creditors value is personal information. TrustE, on the other hand, is finding that their threat to yank the noble TrustE seal off of a failed Web site does not provide a whole lot of deterrence... see the CNet story.

scoobysnack writes "MSNBC is reporting that IBM has once again created the world's fastest computer -- it will be used for simulating real-world nuclear tests. With 12 teraflops it would still take it 3 months to simulate the first 1/100th of a second of a nuclear bomb explosion." There's coverage at CNET as well.

cwebster writes "Linux running on IBM Netfinity servers will be replacing Sun Enterprise 450 servers at weather.com. Sun will still have a place though, running IBM's websphere application as a back-end on Sun E4500 servers. You can read about it here at CNet." This is actually more than it sounds like, and gives a little glimpse into what IBM is thinking.

We've been buried in submissions about Microsoft's new programming language. Here's one of them. Brohamm writes: "Microsoft has created a new language called c# (pronounced C-Sharp). It's supposed to look like C but has the same concepts as Java. Looks like they gave those J++ developers something to do. Check it out at CNet."

ytsejam-ppc writes "C|Net has this story on a new MP3 player that will be part of your home stereo system, but use a connection to your PC to get MP3 files." $199 if bought with a PC configured with home networking capabilities and $249 if bought separately. Not bad, although I'm not seeing how much disk space, or what sort of UI you get.

ytsejam-ppc writes "C|Net has this story on a new MP3 player that will be part of your home stereo system, but use a connection to your PC to get MP3 files." $199 if bought with a PC configured with home networking capabilities and $249 if bought separately. Not bad, although I'm not seeing how much disk space, or what sort of UI you get.

[Xorian] us a coverage on c|net (and here's a AP story on Yahoo) saying that Jackson has referred the Microsoft Case to the Supreme Court, skipping the appellate courts. 'Course, the Supreme Court doesn't have to take it if they don't want it, and since it's close to the end of the term, they might not get to it this term even if they did take it.

Blastercbi1 asks: "I have an e-mail account with Hotmail and use it for all my personal e-mails and some business e-mails. The last time I was able to Log in was last Thursday. I waited two days (got used to the frequent short outages that Hotmail had) and still nothing. Finally I decided to contact Hotmail support. Well... I just couldn't. They just had one phone line which was down. And a bunch of automated e-mail support. I just would like to know if someone else had this problem and how they dealt with it. The only information I could find on this topic was at: news.cnet.com . And from what I read, I have a feeling I'm in for a bad surprise! (First thing I'll do when and if I get my account back is backup all my stuff and get an account with Yahoo!!)" Sounds like a good idea. Anyone have any more news about recent Hotmail outages?

bradlauster writes: "As Reported on InfoWorld.com: Intel will be announcing new mobile processors on Monday. One is claimed to run at 500 MHz and consume less than two watts! How's that compare to Transmeta's Crusoe ... and has anyone used one?" yomahz points to additional coverage at news.com. Isn't it nice what price/performance battles can do?

An Anonymous Coward writes: "According to an article on CNET.com, a group of programmers at iCast have created a free alternative to MP3, named Vorbis. According to the article, they're planning on showing a beta of Vorbis "at next week's MP3.com summit in San Diego," that it will be released without IP restrictions, and that it will provide equal or better quality than MP3. Gotta love free software!"

An Anonymous Coward writes: "According to an article on CNET.com, a group of programmers at iCast have created a free alternative to MP3, named Vorbis. According to the article, they're planning on showing a beta of Vorbis "at next week's MP3.com summit in San Diego," that it will be released without IP restrictions, and that it will provide equal or better quality than MP3. Gotta love free software!"

asonthebadone writes: "The online video firm SightSound.com plans to distribute feature movie content with Gnutella. The film content will be 'protected' by Microsoft's Digital Rights Management System. The article from CNET goes on to quote various security 'experts' as stating that Gnutella is "fundamentally insecure" and that its usage would sow the "seed of one's destruction". If you're looney enough to run a file of unknown origin with a .vbs extension, that would be referred to as Darwinism." (More)

Carnage4Life writes with more details: "Sightsound has put up for grabs on the Gnutella network a dozen encrypted movie files from Miramax Films, for which SightSound has secured online distribution rights. Once people obtain the file, they are required to rent or purchase a license to view the movie. [...] If this works this could spell the beginning of the embrace of online digital distribution of movies, music and other forms of IP by the entertainment industry. Maybe then all the Napster madness will be over."

So long as it's a greater inconvenience (or a large enough moral dilemma) to crack such files for a critical mass of people, it seems like everybody could win here.

asonthebadone writes: "The online video firm SightSound.com plans to distribute feature movie content with Gnutella. The film content will be 'protected' by Microsoft's Digital Rights Management System. The article from CNET goes on to quote various security 'experts' as stating that Gnutella is "fundamentally insecure" and that its usage would sow the "seed of one's destruction". If you're looney enough to run a file of unknown origin with a .vbs extension, that would be referred to as Darwinism." (More)

Carnage4Life writes with more details: "Sightsound has put up for grabs on the Gnutella network a dozen encrypted movie files from Miramax Films, for which SightSound has secured online distribution rights. Once people obtain the file, they are required to rent or purchase a license to view the movie. [...] If this works this could spell the beginning of the embrace of online digital distribution of movies, music and other forms of IP by the entertainment industry. Maybe then all the Napster madness will be over."

So long as it's a greater inconvenience (or a large enough moral dilemma) to crack such files for a critical mass of people, it seems like everybody could win here.

crazy_speeder writes: "Musicrypt.com is developing a biometric identification system that captures user keystrokes to verify the user's purchase of specific copyrighted materials (i.e. downloaded music), and only that user can use it." I'm really skeptical about them getting something like this to work, I mean, I make typos in my 12 charachter password, but to be expected to type a sentence with the same rhythm? I still want retina scanners.

barjam wrote to us with the news from the MP3 front. Apparently the RIAA has filed to have Napster pull all major-label songs from Napster. There's another take from Canoe on the story. The Canoe article states that the RIAA has gone a step further and wants to have Napster shut down on a preliminary injunction.

rhyder writes: "This article from CNET explains the increasing chances that the nations power grid will not be able to support the growing high tech economy. Maybe it is time for those of you running e-commerce servers out of your home to check out Home Power and generate your own electricity."

rhyder writes: "This article from CNET explains the increasing chances that the nations power grid will not be able to support the growing high tech economy. Maybe it is time for those of you running e-commerce servers out of your home to check out Home Power and generate your own electricity."

Wister285 writes: "In a rather intersting turn of events, Netscape co-founder Jim Clark said that he would rather see Microsoft's Internet Explorer stay with the Windows software, should the company be broken up as planned, despite Microsoft's promised appeals. He says that the Microsoft-Other-Software-Company could use the software in a more harmful manner than Microsoft-Windows-Company would. Makes sense... Microsoft-Other Software-Company has a larger grasp on the market (which would most likely be all OSs)." The difficulty with directed outcomes raises its ugly little head again. Where's Harry [that's "Hari" -- mea culpa. timothy] Seldon when you need him?

CoreDump writes: "Just ran across this story at News.com about IBM announcing that they will demo a Crusoe based Thinkpad at PC Expo. This is what I've been waiting for, not an "appliance", but an actual full-blown system that can be used every day. They aren't planning products until the fourth quarter, but I know what *I* want to find under the tree on Dec. 25th. "

Beating plows into ploughshares, turning lead into gold, casting new light through windows opened only just last week, it's another spellbinding outbreak of Slashback. Stand back, breathe slowly as the scent of humble correction wafts over you, mingling with the essence of new and perhaps intriguing information. Bruce Perens, too.

"That's not censorship, mate. This is censorship!" Carnage4Life writes: "After causing a murder trial to be aborted last month CrimeNet has been ordered by the attorney general of the Australian state of Victoria to be shut down. If the site operators refuse to shut down they will face jail time. The story can be found here. In news which can only be considered related, an anonymous kangaroo wrote: "Found a reference to this article on LISNews. Seems the Aussie Parliament pitched a hissy fit when their internet access got filtered. Oh gee, how the fsck do you think the rest of the country feels?" How indeed. That's what happens when you start introducing clashing premises, I guess. Geese, ganders, sauce.

To the moon, Alice -- To the moon! We've frequently linked to NASA photos from Slashdot; what if they said "(registration required)" after them like links to the New York Times? MousePotato writes: "NASA announced today that it has entered into an agreement with Dreamtime Holdings to provide multimedia coverage of astronaut activities. The press release details "creating a state-of-the-art multimedia portal, www.Dreamtime.com, that will, with the click of a mouse, open the door to thousands of images, sounds, documents, blueprints and plans from NASA's currently underused archives. " Interesting to note about it is the fact that they will be using HDTV to give us as well as NASA engineers high quality video." Interesting, too, that billions of space research tax dollars are being used "to create new market opportunities in the multimedia arena."

Does this mean I can watch my -- errr ... "classics" again? The DVD-under-Linux story continues, specifically with an update on LinDVD; soon, the MPAA's claims that there are legal DVD players for Linux users may hold at least a sprinking of water; johnnick writes: "Another update in the DeCSS saga. One of the arguments for DeCSS was that there was no legal DVD decoder for Linux boxes. CNET reports that InterVideo, a licensee of the software that enables DVD information to be decoded, plans to release beta software called LinDVD this month that allows people to watch DVDs on Linux machines."

Microsoft not making a run for the border: Calz writes: "Both Microsoft and B.C.'s Investment Minister have denied that Microsoft is considering moving, as reported in this Yahoo article."

In other news from planet Microsoft, the indefatigable Bruce Perens has this to say about mixed-case licensing:

"Microsoft has been caught in a trivial, easily remedied, GPL violation, which is detailed here. They have been contacted, and their response was, well, dumb.

Why do companies get involved in trivial GPL violations? Because the company picks up Free Software as part of one of their products without making a commitment to do the simple, easy, inexpensive things that are required to comply with the Free Software license. Folks, if you can't comply with license requirements as easy as those in the GPL, find other software, please.

One of these examples comes up at least once a month, and I'm going to keep submitting these stories until the situation improves. Maybe that means forever. Today's wakeup call goes to Microsoft corporation, read the account from Tim Burlowski. "

As Bruce says, this looks like a relatively easy one to fix. It could be explained by the complexities of mergers and acquisitions, general confusion, alignment of planets etc, but eternal vigilance is the price of liberty, including as applied to software. Unless Microsoft would like to declare all EULAs null and void ...

The Mutant writes "Some good information here - the proposed purchaser will pay 900,000 US a month while the business plan is being reviewed - is that what ist costs MoTo to run Iridium? Also, they apparently will get Iridium for about two cents on the dollar. How could not you make money with a deal like that? Even if you were NOT planning on replacing satellites as they deorbit due to age. "

Snibor Eoj writes "There's an article at CNet about the desire of some to reduce or eliminate anonymity on the Internet. There is a fine line, so it seems, between respecting privacy, and providing anonymity behind which crimes may be committed without fear of reprisal. "

Snibor Eoj writes "There's an article at CNet about the desire of some to reduce or eliminate anonymity on the Internet. There is a fine line, so it seems, between respecting privacy, and providing anonymity behind which crimes may be committed without fear of reprisal. "

Matrium writes: "News.com (owned by CNet) is running an article on how the makers of Gnutella have turned their decentralized model of information swapping away from music and porn, and are now looking at search engines. InfraSearch is still in beta, but it does offer an interesting look in the evolution of the Internet." InfraSearch presently paws through only a few search sites, but as a concept really intrigues me. For one thing, it introduces the long-overdue concept of "how long to search" right into the query dialogue.

CitizenC writes: "ACK! According to this C|Net story, RAM prices are expected to go up again this week, due to the low supply and high demand. Buy your RAM now!"

djmagic writes "SourceForge has opened it's IA-64 portal for porting projects to Linux running on (surprise) IA-64. " It's still a tad sparse, but you should be able to compile on the Compilefarm if you're interested in porting something. There's also a news.com story on the thing.