Slashdot Mirror

cxbrx writes "Mark Pothier's Boston Globe article, 'Please do not change your password,' covers a paper by Microsoft Researcher Cormac Herley, 'So Long, and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users,' from the 2009 New Security Paradigms Workshop. Herley argues 'that user's rejection of the security advice they receive is entirely rational from an economic perspective.' Herley discusses 'password rules,' 'teaching users to recognize phishing sites by reading URLs,' and 'certificate errors.' Users obviously choose bad passwords, but does password aging actually help? There was some discussion on TechRepublic. I'm especially interested in hearing about studies about password aging."

WeeBit writes "Researchers have different ideas as to why people fail to use security measures. Some feel that regardless of what happens, users will only do the minimum required. Others believe security tasks are rejected because users consider them to be a pain. A third group maintains user education is not working. [Microsoft Research's Cormac] Herley offers a different viewpoint. He contends that user rejection of security advice is based entirely on the economics of the process." Here is Dr. Herley's paper, So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users (PDF).

nerdyH writes "The Chinese government's 'Go Rural' program offers subsidies up to 13 percent for rural residents who purchase approved nettops or netbooks. The systems come with a version of Red Flag Linux built on the Moblin stack. Along with Internet access, the software is said to provide apps for crop and livestock management, farm production marketing, remote office access/automation, and even online tour and hotel booking systems. Of course, Windows dominates the China market, and if traditional patterns hold, about 30 percent of these subsidized systems could ultimately wind up re-installed with Windows."

nerdyH writes "The Chinese government's 'Go Rural' program offers subsidies up to 13 percent for rural residents who purchase approved nettops or netbooks. The systems come with a version of Red Flag Linux built on the Moblin stack. Along with Internet access, the software is said to provide apps for crop and livestock management, farm production marketing, remote office access/automation, and even online tour and hotel booking systems. Of course, Windows dominates the China market, and if traditional patterns hold, about 30 percent of these subsidized systems could ultimately wind up re-installed with Windows."

neutrino38 writes "This is an alert for all developers using Microsoft Visual Studio 2005. At the beginning of January, Microsoft issued a security fix for Visual Studio 2005 forcing the use of new dynamic libraries (DLLs) by all applications compiled with this IDE. Basically, applications compiled with Visual Studio 2005 will not work anymore on an ordinary (non-dev) PC unless the newer DLLs are installed. And we found out that this is true on fully updated PCs. I just posted some details and some suggested fixes." Read below for some more background on Microsoft's so-called "side by side assemblies."

For those unfamiliar with the Microsoft world, native microsoft applications written in C++ rely on dynamic libraries. Two of them are infamous: MSVCRT.DLL and MFCxx.dll. Because of software evolution and security fixes, multiple versions of these DLLs were often present in the system, causing application instability. Where Linux implemented a simple suffix notation on the dynamic libraries, Microsoft created a new beast in 2001: the Side By Side assembly. These are basically DLLs with a companion XML file that identifies them. The XML file contains a digital signature and when the system binds these DLLs dynamically to an application, it checks that the signature of the DLL matches the DLL itself. When everythings runs well, this is pretty transparent. But when issues arise, it becomes excruciatingly difficult to troubleshoot and fix. DLL hell is not over.

Eukariote writes "A paper and exploit code detailing a privilege escalation attack on Intel CPUs has just been published. The vulnerability, uncovered by security researchers Joanna Rutkowska (of Blue Pill fame), Rafal Wojtczuk, and, independently, Loic Duflot, makes use of Intel's System Management Mode (SMM). Quote: "The attack allows for privilege escalation from Ring 0 to the SMM on many recent motherboards with Intel CPUs. Rafal implemented a working exploit with code execution in SMM." The implications of this exploit are severe."

stm2 writes "As a long time fan of the stories, I watched as Star Wars transformed from one of the better sci-fi stories told to 'Whedon is my master now.' An article at the TechRepublic blog explores the weakness of the sequel trilogy and states that the Midi-chlorians are the culprit. Was it the Midi-chlorians, Jar Jar Binks, the actors? When did Star Wars jump the shark?. A bonus question: Did George Lucas redeem himself in Episode III?"

The Guardian Gamesblog has up a post noting that Gamestop will be rearranging stores to meet casual gamer needs. For example, they'll be creating a section just for music games (karaoke, guitar games, etc). They'll also be putting together a 'family-friendly' area, with a focus on titles like Nintendogs, Lego Star Wars, and the like. The post is based off of an interview in The New York Times with Daniel A. DeMatteo, Gamestop's vice chairman and chief operating officer. In his mind casual games are now so important to sales that the company is having to do some 'radical retail re-thinking': "There is a real breadth of properties now appealing to a much broader audience than we've seen before. Honestly, we are having to retool the way we think of things in our stores in terms of merchandising, layout and also customer service because it is no longer only the hardcore gamer walking in who knows exactly what he wants."

KingSkippus writes "In response to a complaint to the FCC filed by the Computer and Communications Industry Association (CCIA) to change copyright warnings before movies and sporting events, Executive Director Patrick Ross of the Copyright Alliance tells us in an editorial that 'fair use is not a consumer right.' The Copyright Alliance is backed by such heavy-hitters as the MPAA, RIAA, Disney, Business Software Alliance, and perhaps most interestingly, Microsoft, who is also backing the CCIA's complaint."

Nonillion writes "New Jersey attorney Evan M. Levow was finally able to get an order from the Supreme Court of New Jersey forcing the manufacturer of the popular Draeger AlcoTest 7110 to reveal the source code. Levow turned the code over to experts, Base One Technologies, to analyze. Initially, Base One found that, contrary to Draeger's protestations that the code was proprietary, the code consisted mostly of general algorithms: 'That is, the code is not really unique or proprietary.' In other words, the 'trade secrets' claim which manufacturers were hiding behind was completely without merit." Following up an earlier discussion here, the state of Minnesota has (without explanation) missed a deadline to turn over the code for a different breathalyzer.

mikesd81 writes "C|Net reports that a lawsuit filed by TorrentSpy against the MPAA, accusing it of intercepting the company's private e-mails, was tossed out of court this week. Even though a U.S District judge ruled that the MPAA broke no rules, the MPAA does admit it paid $15,000 to obtain private e-mails belonging to TorrentSpy executives. The MPAA's acknowledgment is significant because it comes at a time when the group is trying to limit illegal file sharing by imploring movie fans to act ethically and resist the temptation to download pirated movies. From the article: 'Ethically, it's pretty clear that reading other people's e-mail is wrong,' said Lorrie Cranor, an associate research professor and Internet privacy expert at Carnegie Mellon University. 'Being offered someone else's e-mails by a third party should have been a red flag.' TorrentSpy is appealing the decision." This is just not a good week for those guys.

An anonymous reader writes "Geek.com has an interview with Nick White, Microsoft's Vista Product Manager, covering the upcoming release of Vista SP1. The interview goes over some of the new features, how the change will affect admins, and how Microsoft decides if a change should be rolled out as an update or as part of the service pack. One of the most interesting questions asks whether people should feel that they have to wait until SP1 to upgrade to the operating system, a common practice with Windows users. White writes off this practice as no longer being necessary and notes how Windows Update has lessened the importance of the release of a service pack. Just the same, a News.com article explores the possibility that this update will finally begin driving users to Vista."

An anonymous reader writes "With Director of National Intelligence Mike McConnell acknowledging that the 'private sector' had a hand in assisting the president's warrantless wiretapping initiative, the DOJ is ever more strenuously demanding that the suit against Verizon be dropped. 'The Justice Department attorneys argue McConnell's statements did nothing to change the fact that it hasn't ever confirmed any of the activities alleged by the class action plaintiffs--and has, in fact, denied the existence of any sort of "dragnet." The arguments made by the class action plaintiffs rest on nothing but "speculation," the attorneys wrote. In the Justice Department's view, litigating the case would still require exposing how the program actually does work--which, it says, would in turn endanger national security.'"

SkiifGeek writes "After news at the end of last year that mobile phones could be remotely eavesdropped, and there being a long history of remote eavesdropping possible on normal telephones, it was only a matter of time until VoIP devices were found to be eavesdropable (whether intentionally or not). In the last week there have been several exploit code releases, and it seems that some vendors who chose to write their own SIP networking stacks are at risk of their devices being easily eavesdropped on."

JimBobJoe writes "On Monday, Cnet published the findings I made as an Ohio poll worker regarding a major oversight in my state's election's system: Using a combination of public records, plus the voting machine paper trails, you can figure out how people voted. Though most agree that voting machine paper trails are a necessity, they can cause privacy problems which aren't easily mitigated. 'It's an especially pointed concern in Ohio, a traditional swing state in presidential elections that awarded George Bush a narrow victory over John Kerry three years ago. Ohio law permits anyone to walk into a county election office and obtain two crucial documents: a list of voters in the order they voted, and a time-stamped list of the actual votes. "We simply take the two pieces of paper together, merge them, and then we have which voter voted and in which way," said James Moyer, a longtime privacy activist and poll worker who lives in Columbus, Ohio.'"

willdavid writes "Via CNet, a link to a blog post with the top 25 most active open-source projects on Microsoft's Codeplex site. As the CNet blogger notes, 'Codeplex is interesting to me for several reasons, but primarily because it demonstrates something that I've argued for many years now: open source on the Windows platform is a huge opportunity for Microsoft. It is something for the company to embrace, not despise.'"

News.com has an interesting stroll down memory lane with a look at the "DigiBarn", a collection of technology from early mechanical calculators to modern web appliances. NASA contractor Bruce Damer and partner Alan Lundell run this "museum in transition" from a 19th-century farmhouse deep in the Santa Cruz mountains. In addition to notable success milestones, the company also includes some of the industry failures, like an Apple III Damer acquired from Apple's legal department.

An anonymous reader writes "News.com has an article on the announcement of Microsoft and Universal to introduce watermarking technology into audio files. The technology could serve several purposes including tracking file sharing statistics and inserting advertisements into audio tracks. The article goes on to suggest that watermarking could possibly replace DRM in the near future."

hackingbear writes "News.com reports that China is building the largest and most sophisticated people-tracking network in the world, all to track citizens in the city of Shenzhen. This network utilizes 20,000 intelligent digital cameras and RFID cards to keep track of the 12.4 million people living in the Southern port city. The key to the system is the new residency cards fitted with powerful computer chips. 'Data on the chip will include not just the citizen's name and address but also work history, educational background, religion, ethnicity, police record, medical insurance status and landlord's phone number. Even personal reproductive history will be included, for enforcement of China's controversial "one child" policy. Plans are being studied to add credit histories, subway travel payments and small purchases charged to the card.' While I lived in Shenzhen, there indeed were (and still are) plenty of crimes. One of my friend who lived at the 20th floor of a condo building in a nice neighborhood saw an intruder in the middle of one night while he was sleeping. Still, this will clearly raise the fear of human rights abuses. And ... 'one of the most startling aspects of this plan is that this project is mostly made possible by an American company with solid venture fundings.'"

MyrddinBach writes "CNet's Police Blotter column looks into a Minnesota drunk driving defendant case with a twist. The defendant says he needs the source code to the Intoxilyzer 5000EN to fight the charges in court. Apparently the company has agreed to turn over the code to the defense. 'A judge granted the defendant's request, but Michael Campion, Minnesota's commissioner in charge of public safety, opposed it. Minnesota quickly asked an appeals court to intervene, which it declined to do. Then the state appealed a second time. What became central to the dispute was whether the source code was owned by the state or CMI, the maker of the Intoxilyzer.'"

A journal entry by twitter alerts us that the US Free Flow of Information Act cleared the House Judiciary Committee last week. It is designed as a shield for the confidential sources of journalists, and the bill's sponsors intend that the definition of "journalist" be broad enough to encompass at least some bloggers. The language voted out of the Judiciary Committee stipulates that protections apply only to those who derive "financial gain or livelihood from the journalistic activity" — this could cover anybody with a blog and an AdWords account, and this worries some opponents. The Register's coverage notes "several exceptions regarding terrorism, national security, imminent death and trade secret leaks." If this act becomes law, it would override all state shield laws, some of which may now provide stronger protections. The bill seems unlikely to go anywhere any time soon as its counterpart in the Senate has received no attention, and in its present form it would likely be opposed by the Bush administration.

cayenne8 writes "During the 2000 election, some sites were set up for people across the nation to agree to swap votes, among them voteswap2000.com and votexchange2000.com. They were established mainly to benefit the third-party candidate Ralph Nader without throwing local elections to George Bush. The state of California threatened to prosecute these sites under criminal statues, and many of them shut down. On Monday the 9th Circuit Court of Appeals ruled that the vote-swap sites were legal (ruling here, PDF). The court held that '...the websites' vote-swapping mechanisms as well as the communication and vote swaps they enabled were constitutionally protected' and California's spurious threats violated the First Amendment. The 9th Circuit also said the threats violated the US Constitution's Commerce Clause.'"

C|Net reports that a 3D software version of the space shuttle Endeavor is in the works, thanks to a collaboration project between Microsoft and NASA. The Photosynth viewer will allow fans of the space program an unprecedented level of detail in examining the shuttle and its surrounds at the Kennedy Space Center. ""It's much like a 3D video game--people can explore, walk around or fly around the shuttle," said Adam Sheppard, group product manager for Microsoft Live Labs, which developed the viewer. NASA said that the project could lead to more initiatives with the software giant. Chris Kemp, director of strategic business development at NASA's Ames Research Center, said that, for example, NASA could use the Photosynth technology on future space missions for activities such as inspecting the International Space Station and viewing landing sites on the moon."

CNet is reporting that Japanese car manufacturers are teaming up to develop a standard automotive operating system. "Just as computer operating systems [...] allow multiple applications to communicate with one another, an automotive operating system enables different driving systems to work together. The standard automotive operating system from Japan will include everything from fuel injection, brakes and power steering to power windows. Currently, certain mechanical car parts are interchangeable from model to model. Smart car parts that operate off a common software standard would enable that kind of convenience to continue, while allowing them to communicate more easily with other smart components in a car."

kripkenstein notes an analysis up on TechRepublic detailing how Microsoft beat Linux in China, and the consequences of that victory: "With the soon-to-be largest economy standardized on Windows desktops, desktop Linux does seem to have an uphill battle ahead of it." "Linux has turned out to be little more than a key bargaining chip in a high stakes game of commerce between the Chinese government and the world's largest software maker... The fact that... Linux failed to gain a major foothold in China is yet another blow to desktop Linux. After nearly eight years of being on the verge of a breakthrough, Linux seems more destined than ever to be a force in the server room but little more than a narrow niche and an anomaly on the desktop."

prostoalex writes "Microsoft has launched a site dedicated to collaboration between Microsoft and open source community. The site helps developers, IT administrators, and IT buyers find out what Microsoft's product offerings are, and read articles about open source such as 'Open Source Provider Sees Sales Doubling After Moving Solutions to the Windows Platform.'" Relatedly, CNet has the news that the company has submitted its shared-sources license to the OSI for approval.

CRE writes "An article at the OS News site details how Microsoft could best avoid Windows 7 becoming another Vista-esque release. The author advises Microsoft to basically split Windows in two. Windows 7 would be a new operating system based on the proven Windows NT kernel, but with a completely new user interface, with backwards compatibility provided by VMs. In addition, to please business customers and other people concerned with backwards compatibility, Microsoft should create 'Windows Legacy', basically the current Windows, which will receive only security and bug fixes. Relatedly, APCMag is reporting that Microsoft has moved Julie Larson-Green (the driving force behind Office 2007's Ribbon UI) over to work on Windows 7's interface."

An anonymous reader writes "'E-mail is, like, soooo dead' is the headline at News.com, where a piece looks at youth attitudes towards communication mediums. A group of teenage internet business entrepreneurs confessed that they really only use email to 'talk to adults'. Primarily, these folks are using social networks to communicate. 'More and more, social networks are playing a bigger role on the cell phone. In the last six to nine months, teens in the United States have taken to text messaging in numbers that rival usage in Europe and Asia. According to market research firm JupiterResearch, 80 percent of teens with cell phones regularly use text messaging. Catherine Cook, the 17-year-old founder and president of MyYearbook.com, was the lone teen entrepreneur who said she still uses e-mail regularly to keep up with camp friends or business relationships. Still, that usage pales in comparison to her habit of text messaging. She said she sends a thousand text messages a month.'"

CNet has the news that Microsoft is currently aiming to release the next version of the Windows operating system in about three years. Previously known as Vienna, the OS is now simply known internally as '7'. After achieving a quality product, the article states, Microsoft's big goal with 7 is to recapture a regular release schedule for their operating system product. From the article: "Like Vista, Windows 7 will ship in consumer and business versions, and in 32-bit and 64-bit versions. The company also confirmed that it is considering a subscription model to complement Windows, but did not provide specifics or a time frame. Next up on Microsoft's agenda is Service Pack 1 for Windows Vista, which is expected before year's end. The discussion of Windows' future isn't surprising, given that Microsoft has been criticized by business customers for delays related to Vista. Many business customers pay for Microsoft's software under a license agreement called Software Assurance."

cnet-declan writes "There have been rumors for years about the FBI remotely installing spyware via e-mail or by exploiting an operating system vulnerability from afar — and now there's confirmation. Last month, the FBI obtained a federal court order to remotely install spyware called CIPAV (Computer and Internet Protocol Address Verifier) to find out who was behind a MySpace account linked to bomb threats sent to a high school near Olympia, Wash. News.com has posted a PDF of the FBI affidavit, which makes for interesting reading, and a summary of the CIPAV results that the FBI submitted to a magistrate judge. It seems as though CIPAV was installed via e-mail, as an article back in 2004 hinted was the case. In addition to reporting the computer's IP address, MAC address, and registry information, it also gave the FBI updates on which IP addresses the user(s) visited. But how did the FBI get the spyware activated and past anti-virus defenses? Two obvious ways are for the Feds to find and exploit their own operating system backdoors, or to compromise security vendors..."

cnet-declan writes "A recent appeals court case dealt with Drug Enforcement Administration agents using a key logger to investigate a suspect using PGP and Hushmail. That invites the obvious question: Will security companies ever intentionally overlook police spyware? There were somewhat-muddled reports in 2001 that Symantec and McAfee would do just that, so over at News.com we figured we'd do a survey of the top 13 security firms. We asked them if it is their policy to detect policeware. Notably, Check Point said it would 'afford law enforcement' the courtesy of whitelisting if requested. We've also posted the full results, with the companies' complete answers. Another question we asked is if they have ever received a court order requiring them to overlook police key loggers or spyware. Symantec, IBM, Kaspersky, and others said no. Only Microsoft and McAfee refused to answer."

cnet-declan writes "A recent appeals court case dealt with Drug Enforcement Administration agents using a key logger to investigate a suspect using PGP and Hushmail. That invites the obvious question: Will security companies ever intentionally overlook police spyware? There were somewhat-muddled reports in 2001 that Symantec and McAfee would do just that, so over at News.com we figured we'd do a survey of the top 13 security firms. We asked them if it is their policy to detect policeware. Notably, Check Point said it would 'afford law enforcement' the courtesy of whitelisting if requested. We've also posted the full results, with the companies' complete answers. Another question we asked is if they have ever received a court order requiring them to overlook police key loggers or spyware. Symantec, IBM, Kaspersky, and others said no. Only Microsoft and McAfee refused to answer."

cnet-declan writes "A recent appeals court case dealt with Drug Enforcement Administration agents using a key logger to investigate a suspect using PGP and Hushmail. That invites the obvious question: Will security companies ever intentionally overlook police spyware? There were somewhat-muddled reports in 2001 that Symantec and McAfee would do just that, so over at News.com we figured we'd do a survey of the top 13 security firms. We asked them if it is their policy to detect policeware. Notably, Check Point said it would 'afford law enforcement' the courtesy of whitelisting if requested. We've also posted the full results, with the companies' complete answers. Another question we asked is if they have ever received a court order requiring them to overlook police key loggers or spyware. Symantec, IBM, Kaspersky, and others said no. Only Microsoft and McAfee refused to answer."

First, Gypsy2012 writes with a highly critical security flaw involving both Firefox 2.0 and Internet Explorer, which could allow a malicious attacker to gain remote control of a user's system. It exploits the "firefoxurl://" URI handler. ... Next, reader dsinc sends word that the beta for Firefox 3 has slipped by 6 weeks. The new target date is September 18 at the earliest. The article wonders whether the final release will slip into 2008. ... Finally, reader jktowns points out new anti-phishing features in the latest nightly build of Firefox 3. One of them was added into the code base by the guy who developed the LocationBar² extension.

News.com is reporting that a security system modeled after London's "Ring of Steel" is coming to New York City. The plan, to include license plate readers and over 3,000 public and private security cameras, aims to aid officials in tracking and catching criminals. "But critics question the plan's efficacy and cost, as well as the implications of having such heavy surveillance over such a broad swath of the city. [...] The license plate readers would check the plates' numbers and send out alerts if suspect vehicles were detected. The city is already seeking state approval to charge drivers a fee to enter Manhattan below 86th Street, which would require the use of license plate readers. If the plan is approved, the police will most likely collect information from those readers too, Kelly said."

An anonymous reader writes "A new federal rule set to take effect Friday could mean that software radios built on 'open-source elements' may have trouble getting to market. Some US regulators have apparently come to the conclusion that, by nature, open source software is less secure than closed source. 'By effectively siding with what is known in cryptography circles as "security through obscurity," the controversial idea that keeping security methods secret makes them more impenetrable, the FCC has drawn an outcry from the software radio set and raised eyebrows among some security experts. "There is no reason why regulators should discourage open-source approaches that may in the end be more secure, cheaper, more interoperable, easier to standardize, and easier to certify," Bernard Eydt, chairman of the security committee for a global industry association called the SDR (software-defined radio) Forum, said in an e-mail interview this week.'"

Zack Melich writes with news of a new front about to open in the war printer manufacturers wage with cartridge counterfeiters, refillers, and hardware hackers. A San Francisco company, Cryptography Research Inc., is designing a crypto chip to marry cartridges to printers. There's no word so far that any printer manufacturer has committed to using it. Quoting: "The company's chips use cryptography designed to make it harder for printers to use off-brand and counterfeit cartridges. CRI plans to create a secure chip that will allow only certain ink cartridges to communicate with certain printers. CRI also said that the chip will be designed that so large portions of it will have no decipherable structure, a feature that would thwart someone attempting to reverse-engineer the chip by examining it under a microscope to determine how it works. 'You can see 95 percent of the [chip's] grid and you still don't know how it works,' said Kit Rodgers, CRI's vice president of business development. Its chip generates a separate, random code for each ink cartridge, thus requiring a would-be hacker to break every successive cartridge's code to make use of the cartridge."

An anonymous reader writes "Rumors said the release wouldn't be until late Q4 but an August ship date is now promised for AMD's quad-core chips. They're only releasing up to 2.0 GHz processors at first, with the top speed devices coming out later in the year. 'AMD's Barcelona puts four cores on a single slice of silicon, an approach AMD calls native quad-core, and the company has argued that Barcelona will outperform the Xeon 5300. The only problem: that comparison soon will become obsolete. Intel's second-generation quad-core server processors, Harpertown a server member of Intel's Penryn family, will arrive this year, too, with the promise of better performance, lower power consumption and lower manufacturing costs by virtue of a manufacturing process with 45-nanometer features. AMD is only just now moving to a 65-nanometer process.'"

News.com reports that the immigration reform bill bouncing around in the Senate for the last few weeks has finally been defeated. The site speculates that, perhaps, one of the reasons it was finally defeated was a measure intended to expand the use of Real ID cards. If passed, the bill would have effectively turned the Real ID system into a National ID card. "The American Civil Liberties Union, another longtime foe of Real ID, said the Real ID requirements were a 'poison pill that derailed this bill, and any future legislation should be written knowing the American people won't swallow it.' Another section of the immigration bill would have given $1.5 billion to state officials to pay for Real ID compliance. Even if the immigration bill is goes nowhere, however, the Real ID Act is still in effect. It says, starting on May 11, 2008, Americans will need a federally-approved ID card to travel on an airplane, open a bank account, collect Social Security payments or take advantage of nearly any government service." As we've discussed before, several states have rebelled against the implementation of Real ID.

mytrip writes "Google was set to launch late on Wednesday a beta version of Google Desktop search for Linux in a sign of encouragement by the search giant for Linux on the desktop. Google Desktop allows people to search the Web while also searching the full text of all the information on their computer, including Gmail and their Web search history. Because the index is stored locally on the computer, users can access Gmail and Web history while offline."

News.com reports that despite earlier rumblings that addiction to videogames could be classified a mental disorder similar to alcoholism, experts have stepped back from that analysis. The decision by the AMA is that psychiatrists should make further efforts to study the phenomenon, while addiction experts strongly opposed the idea at the organization's annual meeting. "Even before debate on the subject began, the committee that made the proposal backed away from its position, and instead recommended that the American Psychiatric Association consider the change when it revises its next diagnostic manual in 5 years. The psychiatrist group has said if the science warrants, it could be considered for inclusion in the next diagnostic manual, which will be published in 2012. While occasional use of video games is harmless and may even help with some disorders like autism, doctors said in extreme cases it can interfere with day-to-day necessities like working, showering or even eating."

MattHock writes "Wowhead (a WoW information database) has been sold to ZAM (Affinity Media) for the price of $1 million. ZAM is the owner of several other WoW databases, including Thottbot and Allakhazam. Until recently Affinity was also the owner of IGE, a highly controversial company that sold in-game wealth for real life money. Affinity recently sold IGE, which Wowhead claims as the reason they allowed the sale to go through. But did ZAM really sell IGE? The blogger who put this story online doubts that IGE and ZAM have actually distanced themselves. He believes that the supposed sale was just actually a means of restructuring to hide the relationship, similar to how IGE's relationship to Thottbot was hidden for a number of months through a convoluted set of parent companies."

News.com has the word that congress is set to re-visit taxing virtual goods, a concept they shelved a while back in order to consider the matter more fully. That's given the Congress' Joint Economic Committee time to come to a decision about what exactly the value of virtual goods means for players and game-makers. An economist with the group told CNet to expect their report sometime next month. "What that report will say is unknown, as the committee has kept entirely quiet about its thoughts. However, it's clear that something will happen. 'Given growth rates of 10 to 15 percent a month, the question is when, not if, Congress and IRS start paying attention to these issues,' [senior economist Dan] Miller, who is a fan of virtual worlds and economies, told CNET News.com in December. 'So it is incumbent on us to set the terms and the debate so we have a shaped tax policy toward virtual worlds and virtual economies in a favorable way.'"

It's been tit for tat for some time; eBay bans Google payments, Google tries to throw a party mocking eBay, in response to which the service pulls all of its ads, fun corporate shenanigans. It seems as though, for the moment, the two companies have made up. News.com is reporting that eBay ads will once again be serviced via Google's adwords service, but that they will also be using alternative methods to a greater extent in the future. "Hani Durzy, a spokesman for San Jose, California-based eBay, said his company later on Friday would begin advertising on Google, but at reduced levels than previously. eBay had been buying tens of millions of keyword ads on Google each year. 'I will tell you it will be in a much more limited way than it was before,' Durzy told Reuters. 'What we found is that we were not as dependent on AdWords as some people thought.'"

SlinkySausage writes "Microsoft has admitted, in an email to the press, that 'some customers may be waiting to adopt Windows Vista because they've heard rumors about device or application compatibility issues, or because they think they should wait for a service pack release.' The company is now pleading with customers not to wait until the release of SP1 at the end of the year, launching a 'fact rich' program to try to convince them to 'proceed with confidence'. The announcement coincides with an embarrassing double-backflip: Microsoft had pre-briefed journalists that it was going to allow home users to run Vista basic and premium under virtual machines like VMWare, but it changed its mind at the last minute and pulled the announcement."

Waaay back in 2003, Microsoft settled with Immersion over the rumble technology found in their Xbox game controllers. Now, Microsoft is filing suit against Immersion, claiming that the company has not paid Microsoft 'based on certain business and IP licensing arrangements.' CNet has the release, and links over to a Seattle PI blog entry with some investigative digging by Todd Bishop. "One provision of the Microsoft-Immersion settlement wasn't reported widely at the time, if at all: Microsoft negotiated rights to a payment from Immersion -- a refund, of sorts -- if Immersion settled its case with Sony ... Here's where the new dispute arises: On March 1, nearly four years after the Microsoft settlement, Sony and Immersion announced that they had 'agreed to conclude their patent litigation at the U.S. Court of Appeals for the Federal Circuit and have entered into a new business agreement to explore the inclusion of Immersion technology in PlayStation format products.' ... while Immersion and Sony have agreed to conclude their patent litigation, they don't use the word 'settlement,' describing it instead as a business agreement."

xk0der writes "Danny Weitzner, one of the W3C's policy directors and event co-chair, repeatedly claimed in a follow up telephone conversation that, by "public," the W3C actually means "closed to the public." Weitzner was the person who personally barred my colleague from entering the conference." The story is worth a read- it's very strange. Personally I think this guy is just vying to replace Tony Snow at the White House.

CNet is reporting that a blogger from the Courier-Journal of Louisville, KY was recently ejected from an NCAA game for live-blogging. "According to the Courier-Journal, staff blogger Brian Bennett was approached by NCAA officials in the fifth inning of a game between the University of Lousville and Oklahoma State, told that blogging 'from an NCAA championship event "is against NCAA policies (and) we're revoking the (press) credential and need to ask you to leave the stadium."'"

A News.com story discusses the increasing trend towards adding metadata to casually created content. Their discussion centers around vacation photos taken with increasingly sophisticated cameras, and uploaded to ever more feature-rich websites. These photos, taken on a whim by snap-happy tourists, become invaluable for people wanting to follow in their footsteps. "It's the odd juxtapositions of randomly plotted photos that may be the most surprising--and useful--to travelers with more obscure interests. For example, fans of graffiti can search the word, 'graffiti,' and 'New York City' at Flickr.com/map, and pull up photos of freshly painted tags, all plotted with pushpins on a clickable Yahoo map. A search for 'Dumbo Brooklyn graffiti,' for example, finds some 99 photos, including the infamous 'Neck Face' tag, spray-painted on a brick warehouse at Jay and Front Streets in Brooklyn. Try finding that in a guidebook."

palewook writes "On June 7th, Yahoo, RealNetworks, Pandora, and Live365 sent letters to US lawmakers emphasizing they owe SoundExchange 'administrative fees' of more than $1 billion dollars a year. These fees would be paid for the 'privilege' of collecting the increased CRB royalties effective July 15th, unless the Internet Radio Equality Act passes Congress. SoundExchange, the non-profit music industry entity, admits the levied charge of $500 per 'channel' is supposed to only cover their administrative costs. Last year, SoundExchange collected a total of $20 million dollars from the Internet radio industry. Under the new 'administrative fee' RealNetworks, which hosted 400,000 unique subscribed channels in 2006, would owe an annual administrative charge of 200 million dollars in addition to the retroactive 2006 rate hike per song played."