Slashdot Mirror

An anonymous reader recommends a Computerworld article on a new report from Australian security vendor PC Tools. The company released figures on malware detection by its ThreatFire product, and in its user base 27% of Vista machines were compromised by at least one instance of malware. From the article: "In total, Vista suffered 121,380 instances of malware from its 190,000 user base, a rate of malware detection per system [that] is proportionally lower than that of XP, which saw 1,319,144 malware infections from a user base of 1,297,828 machines, but it indicates a problem that is worse than Microsoft has been admitting to." Microsoft hasn't responded yet to this report.

yo_cruyff notes a Computerworld article on Google's recent annual shareholder meeting, which was dominated by argument over the company's human rights policies. Google's shareholders, on advice from their board, have voted down two proposals on Thursday that would have compelled Google to change its policies. "Google [has been] coming under fire for operating a version of its search engine that complies with China's censorship rules. Google argues that it's better for it to have a presence in the country and to offer people some information, rather than for it not to be active in China at all... [S]hareholders and rights groups including Amnesty International... continue to push Google to improve its policies in countries known for human rights abuses and limits on freedom of speech... Sergey Brin, cofounder and president of technology for Google, abstained from voting on either of the proposals. 'I agreed with the spirit of these proposals,' Brin said. But he said he didn't fully support them as they were written, and so did not want to vote for them."

N_burnsy points out an article in Computerworld which "profiles several youthful hackers, some still serving prison time, some free, who have been caught indulging in some fairly serious cybercrime, and looks at their crimes and the lessons they have (or have not yet) learned. Starting with Farid 'Diab10' Essebar, currently a guest of the Moroccan prison system, who wrote and distributed the Mytob, Rbot, and Zotob botnet Trojans. There's Ivan Maksakov, Alexander Petrov, and Denis Stepanov, all guests of the Russian penal system, sentenced to eight years at hard labor for creating a botnet to engage in DDoS (distributed denial-of-service) attacks to blackmail online gambling sites based in the UK, threatening to take the sites down during major sporting events. Then there's Shawn Nematbakhsh who was a little too eager to prove a point about the electronic balloting system that the University of California employed to hold student council elections, by writing a script that cast 800 votes for a fictitious candidate named American Ninja." Not everyone on the list is exactly youthful, and the range of offenses shows how lumpy this area is both to the law and in public perception.

jp_papin writes "The Chinese government is demanding that US-owned hotels there filter Internet service during the upcoming Olympic Games in Beijing, US Senator Sam Brownback has alleged. The Chinese government is requiring US-owned hotels to install Internet filters to 'monitor and restrict information coming in and out of China,' Brownback said Thursday. 'This is an insult to the spirit of the games and an affront to American businesses,' he said. 'I call on China to immediately rescind this demand.' US State Department spokesman Tom Casey said he wasn't aware of those specific requests from the Chinese government, but Brownback said he got the information on Internet filtering from 'two different reliable but confidential sources.' The State Department is apparently continuing dialog with China about freedom of expression."

distefano links to a story on Computerworld, excerpting: "E-mail users are receiving an increasing number of bounceback spam, known as backscatter, and security experts say this kind of spam is growing. The bounceback e-mail messages come in at a trickle, maybe one or two every hour. The subject lines are disquieting: 'Cyails, Vygara nad Levytar,' 'UNSOLICITED BULK EMAIL, apparently from you.' You eye your computer screen; you're nervous. What's going on ? Have you been hacked? Are you some kind of zombie botnet spammer? Nope, you're just getting a little backscatter — bounceback messages from legitimate e-mail servers that have been fooled by the spammers."

SkiifGeek writes "Early in March, Wintercore Labs published proof of a generic approach to defeating audio CAPTCHAs, using Google's as the case study for their demonstration. With claims of over 90% success rate and expectations that this can be significantly improved with the right mix of filtering algorithms, the in-house tool remains unreleased. But it shouldn't take long for other developers to create their own tools and start targeting not only Google, but other sites that use audio CAPTCHAs for the vision-impaired. It isn't the first time that major sites (significantly major webmail providers) have had their CAPTCHAs broken, but it is the first reporting of defeating an audio CAPTCHA using a generic software approach. News about the discovery is slowly starting to spread."

bob charlton from 66 tips us to a ComputerWorld story about FCC Chairman Kevin Martin, who has testified that Comcast's P2P traffic management occurred even when network congestion wasn't an issue, contrary to the ISP's claims. After defending its actions and being investigated by the FCC over the past few months, Comcast has tried to repair its image by making nice with BitTorrent and working towards a P2P Bill of Rights. Quoting: "'It does not appear that this technique was used only to occasionally delay traffic at particular nodes suffering from network congestion at that time,' Martin told the Senate Commerce, Science and Transportation Committee. 'Based on testimony we've received thus far, this equipment was typically deployed over a wider geographic area or system, and is not even capable of knowing when an individual ... segment of the network is congested.'

Oleg.salenko points out a ComputerWorld story with some bad news for Russia's wireless users, which starts out "Business travelers to Russia might want to keep their laptops and iPhones well-concealed — not from muggers, necessarily, but from the country's recently formed regulatory super-agency, Rossvyazokhrankultura (short for the Russian Mass Media, Communications and Cultural Protection Service)... Rossvyazokhrankultura's interpretation of current law holds that users must register any electronics that use the frequency involved in Wi-Fi communications, said Vladimir Karpov, the deputy director of the agency's communications monitoring division, according to an English commentary provided by website The Other Russia." It gets worse: "Aside from public hotspots, the registration requirement also applies to home networks, laptops, smart phones and Wi-Fi-enabled PDAs, Karpov reportedly said. Registration only permits use by the owner. Registration for personal devices is said to take 10 days, but registering a hotspot — including a home network — is more complicated, involving a set of documents and technological certifications akin to putting in a cell tower."

StonyandCher writes "The Australian government is pushing a bill to force all telecommunications providers to facilitate lawful data interception across fixed and mobile telephone systems, Voice over Internet Protocol (VoIP), Instant Messaging (IM) and chat room discussions. Sweeping reforms will make it easier than ever for law enforcement to intercept communications if amendments to the Telecommunications (Interceptions) Act are agreed upon by a Senate standing committee. This follows from a story earlier this week where the Australian government is legislating to allow employers to snoop on employees' email and IM conversations."

Last summer we discussed twin announcements from Intel and IBM/AMD about a new chip manufacturing technology dubbed high-k/metal gate. Intel is using the tech to improve speed and power consumption in its 45-nm chips. IBM, along with its manufacturing partners, just demonstrated chips it says show that high-k/metal gate technology at 32 nm can result in performance gains up to 30% and power savings up to 50%, compared to 45-nm process. IBM plans to be manufacturing 32 nm parts by the end of 2009. (AMD is not using high-k/metal gate yet, but it has access to the technology by virtue of its agreements with IBM.)

kingston writes ""As I say to my students 'if you had to have brain surgery would you prefer someone who has been through medical school, trained and researched in the field, or the student next to you who has read Wikipedia'?" So says Deakin University associate professor of information systems, Sharman Lichtenstein, who believes Wikipedia, where anyone can edit a page entry, is fostering a climate of blind trust among people seeking information. Professor Lichtenstein says the reliance by students on Wikipedia for finding information, and acceptance of the practice by teachers and academics, was "crowding out" valuable knowledge and creating a generation unable to source "credible expert" views even if desired. "People are unwittingly trusting the information they find on Wikipedia, yet experience has shown it can be wrong, incomplete, biased, or misleading," she said. "Parents and teachers think it is [okay], but it is a light-weight model of knowledge and people don't know about the underlying model of how it operates.""

spacefiddle writes "Computerworld has an article about a presentation from Gartner analysts in Las Vegas claiming that Windows is 'collapsing', and that Microsoft 'must make radical changes to the operating system or risk becoming a has-been.' Michael Silver and Neil MacDonald provided an analysis of what went wrong with Vista, and what they feel Microsoft can and must do to correct its problems. Larry Dignan of ZDNet has his own take, and while he agrees, he suggests that the downfall of Windows will be slow and drawn-out. As an interesting tangent to this, there's also a story from a few days prior about Ubuntu replacing Windows for a school's library kiosks, getting good performance out of older hardware. '[Network administrator Daniel] Stefyn said he was "pleasantly surprised" to discover that the Kubuntu desktops ran some applications faster with Linux than when they ran on Windows. An additional benefit of Windows' departure from student library terminals saw the students cease 'hacking the setup to install and play games or trash the operating system.'"

spacefiddle writes "Computerworld has an article about a presentation from Gartner analysts in Las Vegas claiming that Windows is 'collapsing', and that Microsoft 'must make radical changes to the operating system or risk becoming a has-been.' Michael Silver and Neil MacDonald provided an analysis of what went wrong with Vista, and what they feel Microsoft can and must do to correct its problems. Larry Dignan of ZDNet has his own take, and while he agrees, he suggests that the downfall of Windows will be slow and drawn-out. As an interesting tangent to this, there's also a story from a few days prior about Ubuntu replacing Windows for a school's library kiosks, getting good performance out of older hardware. '[Network administrator Daniel] Stefyn said he was "pleasantly surprised" to discover that the Kubuntu desktops ran some applications faster with Linux than when they ran on Windows. An additional benefit of Windows' departure from student library terminals saw the students cease 'hacking the setup to install and play games or trash the operating system.'"

Puskas writes "Joe Stewart is the director of malware research at SecureWorks, and presented a dire view of the current botnet landscape at the RSA conference this week. He conducted a survey of the top spamming 'nets, extrapolating their size from the volume of emails that flow across the internet. By his calculations, the top 11 networks control just over a million machines, hitting inboxes with some 100 billion messages a day. 'The botnet at the top of the chart is Srizbi. According to Stewart, this botnet — which also goes by the names "Cbeplay" and "Exchanger" — has an estimated 315,000 bots and can blast out 60 billion messages a day. While it may not have gotten the publicity that Storm has during the last year, it's built around a much more substantial collection of hijacked computers, said Stewart. In comparison, Storm's botnet counts just 85,000 machines, only 35,000 of which are set up to send spam. Storm, in fact, is No. 5 on Stewart's list.'"

Dixie_dean writes "Microsoft researchers are developing a way to enable you to capture every moment of your life and store it on your computer. The principal researcher with Microsoft's research arm, Gordon Bell, is developing a way for everyone to remember those special moments. 'The nine-year project, called MyLifeBits, has Bell supplementing his own memory by collecting as much information as he can about his life. He's trying to store a lifetime on his laptop. He's gone on to collect images of every Web page he's ever visited, television shows he's watched, recorded phone conversations, and images and audio from conference sessions, along with his e-mail and instant messages. Calculating that he saves about a gigabyte of information every month, he noted that he tries to only save photos of a megabyte or less. Bell figures one could store everything about his life, from start to finish, using a terabyte of storage." This is a project we've been talking about for a long time.

bergkamp writes "Hewlett-Packard has been selling USB-based hybrid flash-floppy drives that were pre-infected with malware, the company said last week in a security bulletin. Dubbed "HP USB Floppy Drive Key," the device is a combination flash drive and compact floppy drive, and is designed to work with various models of HP's ProLiant Server line. HP sells two versions of the drive, one with 256MB of flash capacity, the other with 1GB of storage space. A security analyst with the SANS Institute's Internet Storm Center (ISC) suspects that the infection originated at the factory, and was meant to target ProLiant servers. "I think it's naive to assume that these are not targeted attacks," said John Bambenek, who is also a researcher at the University of Illinois. Both versions of the flash-floppy drive, confirmed HP in an April 3 advisory, may come with a pair of worms, although the company offered few details. It did not, for instance, say how many of the drives were infected, where in the supply chain the infections occurred or even when they were discovered."

An anonymous reader writes "Google is giving a handful of web programmers the opportunity to create and run their own Web applications on their servers. Today's launch of a preview release of Google App Engine signals a new era of collaboration with third-party software developers. 'The goal is to make it easy to get started with a new Web app, and then make it easy to scale when that app reaches the point where it's receiving significant traffic and has millions of users," said Google product manager, Paul McDonald in a blog post."

eldavojohn writes "While the number of cases dropped, the amount of money lost to internet fraud reached an all-time high in 2007, a new government report states. 'According to the 2007 Internet Crime Report, the Internet Crime Complaint Center (IC3) received 206,884 complaints of crimes perpetrated over the Internet during 2007. Of the complaints received, more than 90,000 were referred to law enforcement around the nation, amounting to nearly $240 million in reported losses. This represents a $40 million increase in reported losses from complaints referred to law enforcement in 2006.' The top ruses used by the fraudsters involved pets, romance and secret shoppers. The original report[Large PDF] is available online, and it contains some interesting graphs. One indicates that the two largest types of fraud are Auction Fraud and Non-delivery, which combine for over 60% of all cases. As Computerworld notes, men are more likely to fall for scams than women, and over 30% of losses are between $1,000 and $5,000. The report also contains data about the location of the perpetrators (Nigeria only accounts for 5.7%), age demographics, and contact methods."

Da Massive writes "The number of open-source projects that use the GNU General Public License Version 3 has grown to more than 2,000, according to Palamida, which sells software and services for tracking open-source code within a customer's code base. 'Our database now contains over 2,000 projects that are using the GPL v3. "At this rate the GPL v3 is being adopted by 1,000 projects every 4-5 months, and if the trend continues, the license will be used by 5,000 projects by the end of the year," states a recent posting on Palamida's blog.'"

An anonymous reader writes "Microsoft has submitted the follow-up to Windows Vista to the committee that oversees its US antitrust compliance, to ensure the operating system is meeting the terms of the company's agreement with the government. According to last week's status report on the US antitrust case, Microsoft "recently supplied" the Technical Committee (TC) with a build of the OS, code-named Windows 7, and the TC will "conduct middleware-related tests on future builds" of the software. The move was revealed in papers filed in the US District Court for the District of Columbia. Those on the TC so far are the only ones privy to what the follow-up to Vista will look like, and Microsoft is mum on details of the software. But recent company moves and revelations hint at what can be expected from the software, which is due for release in late 2009 or early 2010. Lets hope Microsoft learns some lessons from the "Vista Capable" dilemma!!"

An anonymous reader writes "ComputerWorld has up a story on casino security technology, exploring the world of facial recognition technology and various other systems in casinos such as the Bellagio, Treasure Island, and Beau Rivage. Industry veteran Jeff Jonas reveals some of the secret scams he learned from the casino industry such as the infinite hundred dollar bill, the hollowed out chip cup, the palm (trading cards), the specialty code (inserted by rogue programmer into video poker machine) and the cameraman, as well as detailing how casinos strike back against fraudsters and cheats.'"

mr sanjeev notes that Computerworld is running a story about Cyber Storm II, set to run from March 11th until the 14th. The exercise will test the security of the US, Australia, the UK, New Zealand, and Canada. The organizers' goals are to test preparedness and responsiveness in relation to real-time threats. The previous Cyber Storm test identified "eight specific areas in need of improvement." We recently discussed the details of the tests themselves. From Computerworld: "Security experts said the first Cyber Storm event last year improved participants' understanding of who to call in the event of an attack, but did not identify specific vulnerabilities in the nation's computer systems. 'What they're trying to do is highlight the inefficiencies in the process,' according to Marcus Sachs, deputy director with research group SRI International's Computer Science Laboratory. 'They're not really looking for technical solutions.'"

An anonymous reader writes "James Cameron is an engineer working on the OLPC project, specifically testing the wireless network capabilities of the OLPC XO laptop. Cameron lives in a small town called Tooraweenah in a remote region of the Australian outback. There is little noise in the spectrum in the area, so it's perfect for testing the wireless networking capabilities of the XO as it mirrors the kind of rural, spacious environment the XO is intended to be deployed in. Cameron breaks down exactly how the OLPC XO's mesh networking works, including the cheap US$35 solar powered mesh nodes that can be mounted on top of a tree to further the network's reach. Testing in the Australian outback, Cameron discovered that the range of the XO could go up to 1.6km 'quite easily' at 1.5m above ground. 'Assuming a range of 1.6km holds true, (the mathematical formula for area of a circle) Pi R squared tells us one well placed mesh node will cover up to eight square kilometers.' The article also includes numerous pictures of the mesh nodes and testing of the XO."

Ward D points out a story about a recent study that predicts significant economic growth through increased broadband adoption in the U.S. The study is based on a program in Kentucky that has, through the increased use of broadband, "saved an average of more than $200 per person per year" on health-care services, and decreased the average amount of time residents spent driving by 100 hours per month. From Computerworld: "The Connected Nation model ... focuses more on broadband adoption and local needs than huge, government-funded programs. Several Kentucky businesses have benefited from the increased access, according to Connected Nation. Geek Squad, the Best Buy subsidiary, moved its headquarters to Bullitt County, Kentucky, in late 2006 because of the broadband availability."

An anonymous reader writes "Why have a key to open your front door when you can have an RFID tag implanted in your arm that will do the trick? Computerworld has a story up about the outgoing Linux Australia group president's hacked home, in which just about anything from watering the lawn, to opening his blinds, or checking the mail can be controlled through a software environment. Jonathan Oxer is an electronics and coding whiz who apparently has an RIFD tag implanted in his arm that opens his front door, and his front gate is hooked up with gigabit Ethernet — able to tell him when someone enters the property or send him a virtual email or sms to say he has real mail. Apparently the iPod Touch has just inspired him to begin linking all his little hardware hacks together into the one single, software controlled handheld touch device. I wonder if Steve Jobs ever thought the Touch would end up being used this way?"

DaMassive writes "Computerworld Australia is running a story with a response from Microsoft to Infoworld's SAVE XP petition Web site, which has gathered over 75,000 signatures so far. Apparently Microsoft is aware of the petition, but says it is "listening first and foremost to feedback we hear from partners and customers about what makes sense based on their needs, that's what informed our decision to extend the availability of XP initially, and what will continue to guide us" — a somewhat strange response given that the vast majority of people signing the petition ARE Microsoft customers! The Save XP movement has attracted the attention of the software giant, despite its claims that Vista has sold more than 100 million copies and its adoption rate is in line with the company's expectations. "We're seeing positive indicators that we're already starting to move from the early adoption phase into the mainstream and that more and more businesses are beginning their planning and deployment of Windows Vista," the company said. Nevertheless vendors such as Dell, Hewlett-Packard, Lenovo, Fujitsu, and more recently NEC, all offer the opportunity to downgrade to XP Pro."

DaMassive writes "Computerworld Australia is running a story with a response from Microsoft to Infoworld's SAVE XP petition Web site, which has gathered over 75,000 signatures so far. Apparently Microsoft is aware of the petition, but says it is "listening first and foremost to feedback we hear from partners and customers about what makes sense based on their needs, that's what informed our decision to extend the availability of XP initially, and what will continue to guide us" — a somewhat strange response given that the vast majority of people signing the petition ARE Microsoft customers! The Save XP movement has attracted the attention of the software giant, despite its claims that Vista has sold more than 100 million copies and its adoption rate is in line with the company's expectations. "We're seeing positive indicators that we're already starting to move from the early adoption phase into the mainstream and that more and more businesses are beginning their planning and deployment of Windows Vista," the company said. Nevertheless vendors such as Dell, Hewlett-Packard, Lenovo, Fujitsu, and more recently NEC, all offer the opportunity to downgrade to XP Pro."

An anonymous reader writes in with news from the International Solid State Circuits Conference in San Francisco of a new energy-efficient chip designed by researchers at MIT. It's said to be able to run on 1/10 the power of current chips. Texas Instruments worked with MIT on the design, which is maybe five years from production. "The key to the chip's improved energy efficiency lies in making it work at a reduced voltage level, according to... a member of the chip design project team. Most of the mobile processors today operate at about 1 volt. The requirement for MIT's new design, however, drops to 0.3 volts."

Da Massive writes "Speaking at the linux.conf.au event in Melbourne, Australia, independent open source consultant Ricardo Gonzalez has told of how he has helped bring 23,000 Linux PCs to over 1000 schools in the Philippines: 'Ministers in the Filipino government now understand Linux can do so much for so little outlay.'" The slow process of educating a government that knew only Microsoft is especially well described in this piece.

An anonymous reader writes "Following the success of Elephants Dream, the Blender Foundation is developing a follow-on open movie called Peach, set for completion later this year. Computerworld has up an interesting interview with Matt Ebb, lead artist from Elephants Dream (the interview is split over 5 pages). Ebb talks about the making of the world's first open movie and offers some advice to others wanting to start such a project."

Many users wrote to alert us that KDE 4.0 has been released. Here's Computerworld Australia's take on the release KDE 4.0 is based on the Qt4 toolkit, which brings significant enhancements in the way memory is used. "So it ends up making KDE less resource intensive than KDE 3, which is quite an improvement," according to Australian KDE developer Hamish Rodda, who calls the new architecture "future-proof." Computerworld notes that developers are already at work porting the new environment to Windows and the Mac.

An anonymous reader writes "Tens of thousands of Web sites have been compromised by an automated SQL injection attack, and although some have been cleaned, others continue to serve visitors a malicious script that tries to hijack their PCs using multiple exploits, security experts said this weekend. Hacked sites included both .edu and .gov domains, the SANS Institute's Internet Storm Center reported in a warning posted last Friday. The ISC also reported that several pages of security vendor CA's Web site had been infected. Roger Thompson, the chief research officer at Grisoft, pointed out that the hacked sites could be found via a simple Google search for the domain that hosts the malicious JavaScript. On Saturday, said Thompson, the number of sites that had fallen victim to the attack numbered more than 70,000. 'This was a pretty good mass hack,' said Thompson, in a post to his blog." By Sunday a second round of the same attack had infected over 90,000 servers.

StonyandCher writes "IBM has released its second annual set of 'Next Five in Five' predictions. The company's crystal ball also revealed that the long-simmering trend toward "smart energy" devices will proliferate wildly. "Dishwashers, air conditioners, house lights, and more will be connected directly to a 'smart' electric grid, making it possible to turn them on and off using your cell phone or any Web browser," a company statement asserts."

inkslinger77 writes "A team of ten MIT students powered a supercomputer for twenty minutes by pedaling bicycles. They duly claimed the world record for human-powered computing (HPC). They powered a SiCortex SC648 supercomputer with a Linux cluster of 648 CPUs and almost 1TB of main memory in a single cabinet. The system is low-powered and draws 1,200 watts without needing special power supplies or cooling..."

Bergkamp10 writes "Australia's University of Technology in Queensland has created a groundbreaking new system that can detect invisible intruders on wireless LANs. Wireless networks have been almost impossible to thoroughly secure as they possess no clearly defined boundaries, instead they are defined by the quality and strength of the receiving antenna. QUT Information Security Institute researcher Dr Jason Smith has invented a new system to detect eavesdropping on unencrypted networks or active hijackings of computer sessions when a legitimate user who is logged onto the network leaves the connection. Smith has created a series of monitoring techniques that when used together can detect both attackers and configuration mistakes in network devices."

Bergkamp10 writes "A Computerworld article is reporting that IBM is suing Shentech for selling laptop batteries that catch on fire and sport allegedly fake IBM logos. IBM apparently followed up on a claim by a customer that an 'IBM' laptop battery bought at Shentech caught on fire and damaged his laptop. The customer reported the problem to Lenovo (who license Big Blue's trademark) who subsequently ordered 12 batteries from Shentech and found them all to be fakes. IBM is asking for US$1 million in damages for each dodgy battery sold."

Bergkamp10 writes "State antitrust regulators have dismissed companies such as Google and Mozilla Corp, and software technologies such as AJAX and SaaS as "piddling players that pose no threat to Microsoft's monopoly in the operating system and browser markets". According to the report ten US states, including California, New York and the District of Columbia have called for an extension of monitoring of Microsoft's business practices until November 2012. They claim that little has changed in the OS and browser spaces since the 2002 antitrust case ruled against Microsoft. In their most recent brief, the states countered Microsoft's contention that Web-based companies — Google, Salesforce.com, Yahoo, eBay and others — and new Web-centric technologies constitute what Microsoft dubbed a "competitive alternative to Windows." Not even close, said the states, claiming that while these companies' products provide functionality for users they still rely on Operating Systems and browsers — the two spaces where Microsoft dominates. Experts were apparently even more damning, claiming competition in the market has not been restored since 2002 and that the collective powers of Google, Firefox and Web 2.0 are about as effective as a one legged man in a butt-kicking contest when it comes to unsettling Microsoft's monopoly of the market."

StonyandCher writes to mention that a University of Ottawa grad student is creating a search engine for visual images that will be powered by a system mapped from the human brain. "Woodbeck said he has already created a prototype of the search engine based on his patent, which apes the way the brain processes visual information and tries to take advantage of currently-available graphics processing capabilities in PCs. 'The brain is very parallel. There's lots of things going on at once,' he said. 'Graphics processors are also very parallel, so it's a case of almost mapping the brain onto graphics processors, getting them to process visual information more effectively.'"

Bergkamp10 writes "As Microsoft's Office Open XML document format waits in ISO limbo, South Africa, Korea, and the Netherlands are now actively pursuing the alternative Open Document Format instead, said the ODF Alliance. The Alliance now claims 500 members, and by their count 13 nations have announced laws or rules that favor the use ODF over Microsoft's Office formats. Those nations include Russia, Malaysia, Japan, France, Belgium, Croatia, Denmark, Germany, and Norway. The French have been the most aggressive in their rejection of Microsoft's standard; nearly half a million French government employees are being switched to OpenOffice. There has been no similar move in the US, though in a speech at Google last week Democratic presidential candidate Barack Obama called for data to be stored in 'universally accessible formats.'"

Arashtamere sends in a Computerworld story on a security flaw in the Windows 2000 pseudo-random number generator published by Israeli researchers earlier this month. Microsoft has now admitted that the flaw is present in XP too. Microsoft denies that the bug is a security vulnerability, since an attacker would have to have gained administrative access to a system before exploiting it. (The Israeli researchers point out that many common exploits provide admin access.) This stance apparently lets them off the hook for patching Win2K, which is in "extended support" mode, though it powers about 9% of US and EU business computers. Microsoft said that XP SP3, due in the first half of next year, will fix the bug. The company said that Vista, Windows Server 2003 SP2, and the new Windows Server 2008 are not vulnerable.

Bergkamp10 writes "Microsoft's Office Open XML document format attracted 3,522 comments from the national standards bodies that participated last summer in balloting that has so far derailed the effort to certify the format as an ISO standard. Brian Jones, an Office program manager at Microsoft and the sole Microsoft employee on the Ecma Technical Committee, revealed the total number of comments that had been received in a blog posting this week. Ecma International is a Swiss standards body that already ratified Open XML and is guiding the format through the ISO. According to Jones many of the 3,500-plus comments, consisting mainly of objections and suggested changes to Ecma's standards proposal, overlap with one another. "When you group them into similar buckets, it narrows down pretty quickly into a more manageable list," he said. Still, he apparently acknowledged that the number of comments was "still pretty impressive." Open XML just missed out on a fast-track to approval as an ISO standard in the initial balloting that concluded in early September. Ecma's proposal won a majority of the votes that were cast but not enough to meet the requirements for approval. Ecma has until January 14 to provide responses and rebuttals to the comments submitted by the national standards bodies. The issues raised will then be debated at a so-called ballot resolution meeting that ISO will hold starting February 25, after which the various national standards bodies will have a chance to amend their vote — the last chance for Open XML to be approved."

Gustoman writes with news that the California Secretary of State has sued ES&S, a vendor of e-voting machines, for selling machines that were modifications of the model that has been certified. Apparently ES&S relocated two circuit boards, rerouted several internal cables, and changed some mounting bracket supports in their AutoMark A100 devices, named the modified version AutoMark A200, and sold 972 of them to five California counties. The changes sound somewhat trivial, but the certification contract specified that no "substitution or modification of the voting systems shall be made with respect to any component of the voting systems... until the secretary of state has been notified in writing and has determined that the proposed change or modification does not impair the accuracy and efficiency of the voting systems sufficient to require a reexamination and approval." The state is seeking a penalty of $10,000 per machine sold, plus the cost of the machines to the counties — almost $15 million in all.

Gustoman writes "A new device that hit the market this week may not be able to help you put in fewer hours in the office, but it can help you get a good cardio workout while you're troubleshooting that laptop or reviewing that spreadsheet. Gamercize, a British company, this week launched the GZ PC-Sport & Power Steppe, which is designed to fit underneath a standard-sized desk so someone can sit at their computer or talk on the telephone while using the stepper. Gamercize officials note that the machine is not just a small version of a StairMaster machine that you'd find at the gym. The machine can be hooked up to a keyboard or mouse through a USB port. The user can set it up so they can use the stepper whenever they want, or they can prevent their keyboard or mouse from working unless they're exercising. There are five settings on the under-desk step machine. The lowest setting lets workers simply exercise their legs at an easy pace whenever they want. At the top level, the work out is much harder and the user must exercise to keep his or her keyboard or mouse working. At the lowest setting, a user could burn 100 to 200 calories an hour. At the top level, it is possible to burn as many as 500 calories an hour. (That's like burning off the equivalent of an entire milk shake.)"

Arashtamere writes "The shadowy hacker and malware hosting network that only recently fled Russia to set up operations in China has now pulled the plug there and vanished yet again. An analyst at VeriSign's iDefense Labs unit said iDefense had tracked RBN's migration earlier in the week from servers based in Russia to ones running in China, after obtaining at least seven net blocks of Chinese IP addresses. As of Wednesday, RBN controlled 5,120 IP addresses assigned to Chinese service providers; known RBN clients were even seen using those addresses that day. But with its China move putting the spotlights of the media and the security community on the organization, RBN suddenly went offline on Thursday. 'They severed connections to six of the seven net blocks on November 8,' the analyst said. RBN as a single organization may be dead and gone; it may even now be breaking up into smaller pieces farmed out to multiple countries' Internet infrastructures."

Bergkamp10 writes "Over the weekend Intel launched its long-awaited new 'Penryn' line of power-efficient microprocessors, designed to deliver better graphics and application performance as well as virtualization capabilities. The processors are the first to use high-k metal-gate transistors, which makes them faster and less leaky compared with earlier processors that have silicon gates. The processor is lead free and by next year Intel is planning to produce chips that are halogen free, making them more environmentally friendly. Penryn processors jump to higher clock rates and feature cache and design improvements that boost the processors' performance compared with earlier 65-nm processors, which should attract the interest of business workstation users and gamers looking for improved system and media performance."

Bergkamp10 writes "Microsoft CEO Steve Ballmer tried to shoot down Google's new mobile platform at a press conference in Tokyo. Ballmer called Android a mere 'press release' at present, and said the mobile platform market is 'Microsoft's world.' Ballmer dodged requests to comment on specifics of the Android software platform, preferring instead to highlight the successes of the Windows Mobile platform which he said is on 150 different handsets and is available from over 100 different mobile operators. 'Well of course their efforts are just some words on paper right now, it's hard to do a very clear comparison [with Windows Mobile],' Ballmer said. 'Right now they have a press release, we have many, many millions of customers, great software, many hardware devices and they're welcome in our world,' he added."

Arashtamere writes "A study on consumer perceptions about online privacy, undertaken by the Samuelson Clinic at the University of California and the Annenberg Public Policy Center, found that the average American consumer is largely unaware that every move they make online can be, and often is, tracked by online marketers and advertising networks. Those surveyed showed little knowledge on the extent to which online tracking is happening or how the information obtained can be used. More than half of those surveyed — about 55 percent — falsely assumed that a company's privacy polices prohibited it from sharing their addresses and purchases with affiliated companies. Nearly four out of 10 online shoppers falsely believed that a company's privacy policy prohibits it from using information to analyze an individuals' activities online. And a similar number assumed that an online privacy policy meant that a company they're doing business with wouldn't collect data on their online activities and combine it with other information to create a behavioral profile."

An anonymous reader writes "Supercomputers small enough to fit into the palm of your hand are only 10 or 15 years away, according to Professor Michael Zaiser, a researcher at the University of Edinburgh School of Engineering and Electronics. Zaiser has been researching how tiny nanowires — 1000 times thinner than a human hair — behave when manipulated. Apparently such minuscule wires behave differently under pressure, so it has up until now been impossible to arrange them in tiny microprocessors in a production environment. Zaiser says he's figured out how to make them behave uniformly. These "tamed" nanowires could go inside microprocessors that could, in turn, go inside PCs, laptops, mobile phones or even supercomputers. And the smaller the wires, the smaller the chip can be. "If things continue to go the way they have been in the past few decades, then it's 10 years... The human brain is very good at working on microprocessor problems, so I think we are close — 10 years, maybe 15," Zaiser said."

An anonymous reader writes "The One Laptop Per Child Project (OLPC) is toying with a novel source of power for its low-cost XO laptops: cows. "We plan to drive a dynamo (taken from an old Fiat) through a system of belts and pulleys using cows/cattle," wrote OLPC's Arjun Sarwal, in an October 21 e-mail posted to one of the group's discussion lists. Sarwal and others are now finalizing the design of the cow-powered generator."

inkslinger77 writes to mention that MySQL has published their software roadmap out through 2009 and it includes an injection of code from Google. Google remains relatively secretive about how their systems work but they are one of the largest users of MySQL. Earlier this year Google signed a Contributor License Agreement which provides a framework for them to contribute code to MySQL. "The search company has done a lot of work customizing MySQL to meet its special needs, which include better database replication, and tools to monitor a high volume of database instances, Axmark said in an interview at MySQL's user conference in Paris. MySQL will include some of those capabilities in future versions of its database, probably in point upgrades to MySQL 6.0, which is scheduled for general availability in late 2008, Axmark said."