Slashdot Mirror

mikesd81 tips news that a California jury has found two web hosting companies liable for "contributing to trademark and copyright infringement" after hosting web sites that sold counterfeit Louis Vuitton items. Both companies are owned by the same man, Steven Chen, and are being ordered to pay $32 million in fines. A similar judgment for $61 million went against eBay last year for facilitating the sale of counterfeit Louis Vuitton merchandise. "The US District Court for the Northern District of California is expected to issue a permanent injunction banning the internet service providers from hosting Web sites that selling fake Louis Vuitton goods in the future, the company said. Attorneys for the luxury goods maker said in a statement that the case is the first successful application on the internet of the theory of contributory liability for trademark infringement. Under this theory, companies that know, or should know, that they are enabling illegal activities have an obligation to remedy the situation. Entities that fail to do so, as Louis Vuitton alleged in this case, can be held legally responsible for contributing to the illegal activities."

Julefrokost writes "Computerworld has a story about eBay selling Skype. Marc Andreessen, co-founder of Netscape, along with a group of investors, are reported to have paid $2 billion for Skype. According to the New York Times, Google was also a potential buyer. Also, the original founders of Skype are said to have placed a bid, but Marc Andreessen & Co was the highest bidder."

BeckySharp writes "With the nearly simultaneous release of Apple's Mac OS X 10.6 'Snow Leopard' (available right now) and Microsoft's Windows 7 (available Oct. 22), you get the inevitable debate: Which is the better operating system, Windows 7 or Snow Leopard? To help determine that, Computerworld's Preston Gralla put both operating systems through their paces, selected categories for a head-to-head competition, and then chose a winner in each category." Relatedly, Phoronix has posted Snow Leopard vs. Ubuntu 9.10 benchmarks. They ran tests from ray tracing to 3D gaming to compilation. Their tests show Ubuntu 9.10 winning a number of the tests, but there are some slowdowns in performance and still multiple wins in favor of Snow Leopard, so the end result is mixed.

CWmike writes "The Free Software Foundation today launched a campaign against Microsoft Corp.'s upcoming Windows 7 operating system, calling it 'treacherous computing' that stealthily takes away rights from users. At the Web site Windows7Sins.org, the Boston-based FSF lists the seven 'sins' that proprietary software such as Windows 7 commits against computer users. They include: Poisoning education, locking in users, abusing standards such as OpenDocument Format (ODF), leveraging monopolistic behavior, threatening user security, enforcing Digital Rights Management (DRM) at the request of entertainment companies concerned about movie and music piracy, and invading privacy. 'Windows, for some time now, has really been a DRM platform, restricting you from making copies of digital files,' said executive director Peter Brown. And if Microsoft's Trusted Computing technology were fully implemented the way the company would like, the vendor would have 'malicious and really complete control over your computer.'"

CWmike writes "The Free Software Foundation today launched a campaign against Microsoft Corp.'s upcoming Windows 7 operating system, calling it 'treacherous computing' that stealthily takes away rights from users. At the Web site Windows7Sins.org, the Boston-based FSF lists the seven 'sins' that proprietary software such as Windows 7 commits against computer users. They include: Poisoning education, locking in users, abusing standards such as OpenDocument Format (ODF), leveraging monopolistic behavior, threatening user security, enforcing Digital Rights Management (DRM) at the request of entertainment companies concerned about movie and music piracy, and invading privacy. 'Windows, for some time now, has really been a DRM platform, restricting you from making copies of digital files,' said executive director Peter Brown. And if Microsoft's Trusted Computing technology were fully implemented the way the company would like, the vendor would have 'malicious and really complete control over your computer.'"

ericatcw writes "Apple Inc. may still be coy about whether it plans to launch a touch-screen tablet computer this year, but Windows PC makers are forging right ahead. In the past three weeks, five leading PC makers have announced or been reported to confirm plans to release touch-screen PCs in time for the multi-touch-enabled Windows 7, reports Computerworld. Many appear to be using technology from New Zealand optical touch vendor, NextWindow, which already supplies HP's market-leading TouchSmart line, and Dell's Studio One. NextWindow's CEO says the company is working with partners on 8-10 products set for launch within two months, in time for Windows 7's October 22nd release."

ericatcw writes "Apple Inc. may still be coy about whether it plans to launch a touch-screen tablet computer this year, but Windows PC makers are forging right ahead. In the past three weeks, five leading PC makers have announced or been reported to confirm plans to release touch-screen PCs in time for the multi-touch-enabled Windows 7, reports Computerworld. Many appear to be using technology from New Zealand optical touch vendor, NextWindow, which already supplies HP's market-leading TouchSmart line, and Dell's Studio One. NextWindow's CEO says the company is working with partners on 8-10 products set for launch within two months, in time for Windows 7's October 22nd release."

Ant writes "The Linux Foundation's report (PDF) on who writes Linux — "... Linux isn't written by lonely nerds hiding out in their parents' basements. It's written by people working for major companies — many of them businesses that you probably don't associate with Linux. To be exact, while 18.2% of Linux is written by people who aren't working for a company, and 7.6% is created by programmers who don't give a company affiliation, everything else is written by someone who's getting paid to create Linux. From top to bottom, of the companies that have contributed more than 1% of the current Linux kernel, the list looks like this: ..."

CWmike writes "Microsoft can likely use an 'easy technical work-around' to sidestep a recent injunction by a Texas federal judge that bars the company from selling Word, a patent attorney said today. 'The injunction doesn't apply to existing product that has already been sold,' said Barry Negrin, a partner with the New York firm Pryor Cashman LLP who has practiced patent and trademark law for 17 years. 'Headlines that say Microsoft can't sell Word are not really true,' said Negrin, pointing out that the injunction granted by US District Court Judge Leonard Davis on Tuesday only prohibits Microsoft from selling Word as it exists now after Oct. 10. 'All Microsoft has to do is disable the custom XML feature, which should be pretty easy to do, then give that a different SKU number from what's been sold so it's easy to distinguish the two versions.'"

CWmike writes "Microsoft can likely use an 'easy technical work-around' to sidestep a recent injunction by a Texas federal judge that bars the company from selling Word, a patent attorney said today. 'The injunction doesn't apply to existing product that has already been sold,' said Barry Negrin, a partner with the New York firm Pryor Cashman LLP who has practiced patent and trademark law for 17 years. 'Headlines that say Microsoft can't sell Word are not really true,' said Negrin, pointing out that the injunction granted by US District Court Judge Leonard Davis on Tuesday only prohibits Microsoft from selling Word as it exists now after Oct. 10. 'All Microsoft has to do is disable the custom XML feature, which should be pretty easy to do, then give that a different SKU number from what's been sold so it's easy to distinguish the two versions.'"

CWmike writes "Microsoft can likely use an 'easy technical work-around' to sidestep a recent injunction by a Texas federal judge that bars the company from selling Word, a patent attorney said today. 'The injunction doesn't apply to existing product that has already been sold,' said Barry Negrin, a partner with the New York firm Pryor Cashman LLP who has practiced patent and trademark law for 17 years. 'Headlines that say Microsoft can't sell Word are not really true,' said Negrin, pointing out that the injunction granted by US District Court Judge Leonard Davis on Tuesday only prohibits Microsoft from selling Word as it exists now after Oct. 10. 'All Microsoft has to do is disable the custom XML feature, which should be pretty easy to do, then give that a different SKU number from what's been sold so it's easy to distinguish the two versions.'"

Lucas123 writes "This year at KansasFest, computer fans from around the world gathered to celebrate the Apple II — the computer that put Apple on the map. But the Apple-1 (a.k.a. the Apple I), the machine Steve Wozniak invented and first demonstrated at the Palo Alto Homebrew Computer Club in 1976, has always been near to my heart. In attendance at KansasFest was Vince Briel, who created an authorized reproduction the Apple-1 and showed others how to build their own. 'As a regular KansasFest attendee (and the conference's marketing director), I was one of his students. Follow along as I assemble a fully functional Apple-1 clone.'"

Lucas123 writes "This year at KansasFest, computer fans from around the world gathered to celebrate the Apple II — the computer that put Apple on the map. But the Apple-1 (a.k.a. the Apple I), the machine Steve Wozniak invented and first demonstrated at the Palo Alto Homebrew Computer Club in 1976, has always been near to my heart. In attendance at KansasFest was Vince Briel, who created an authorized reproduction the Apple-1 and showed others how to build their own. 'As a regular KansasFest attendee (and the conference's marketing director), I was one of his students. Follow along as I assemble a fully functional Apple-1 clone.'"

CWmike writes "On the same day a court banned sales of Microsoft Office for PCs, Microsoft and Nokia said they are working together to put Microsoft Office on Nokia handsets. It's a move that should give Microsoft leverage against Google and others that are attacking its Office business with free or low-priced Web apps. The aim of the deal is to bring an application called Microsoft Office Mobile to Nokia's Symbian devices, they said. They will also do the same for other Microsoft communications, collaboration and device-management software. The applications will be available first on Nokia's E-series phones, but eventually will extend to other Nokia handsets. The Microsoft-Nokia deal brings two competitors together, but could spell the end of Windows Mobile. Gartner analyst Nick Jones said he is becoming 'more concerned' about the future for Windows Mobile and added in a blog today that Windows Mobile 7 could be Microsoft's last update of the product."

CWmike writes "On the same day a court banned sales of Microsoft Office for PCs, Microsoft and Nokia said they are working together to put Microsoft Office on Nokia handsets. It's a move that should give Microsoft leverage against Google and others that are attacking its Office business with free or low-priced Web apps. The aim of the deal is to bring an application called Microsoft Office Mobile to Nokia's Symbian devices, they said. They will also do the same for other Microsoft communications, collaboration and device-management software. The applications will be available first on Nokia's E-series phones, but eventually will extend to other Nokia handsets. The Microsoft-Nokia deal brings two competitors together, but could spell the end of Windows Mobile. Gartner analyst Nick Jones said he is becoming 'more concerned' about the future for Windows Mobile and added in a blog today that Windows Mobile 7 could be Microsoft's last update of the product."

CWmike writes "On the same day a court banned sales of Microsoft Office for PCs, Microsoft and Nokia said they are working together to put Microsoft Office on Nokia handsets. It's a move that should give Microsoft leverage against Google and others that are attacking its Office business with free or low-priced Web apps. The aim of the deal is to bring an application called Microsoft Office Mobile to Nokia's Symbian devices, they said. They will also do the same for other Microsoft communications, collaboration and device-management software. The applications will be available first on Nokia's E-series phones, but eventually will extend to other Nokia handsets. The Microsoft-Nokia deal brings two competitors together, but could spell the end of Windows Mobile. Gartner analyst Nick Jones said he is becoming 'more concerned' about the future for Windows Mobile and added in a blog today that Windows Mobile 7 could be Microsoft's last update of the product."

ericatcw writes "Users hoping that Windows 7's arrival will mean less power drain on their MacBook laptops may be disappointed, writes Computerworld's Eric Lai. Running Windows 7 in Boot Camp caused one CNET reviewer's battery life to fall by more than two-thirds. But virtualization software such as VMware Fusion suffer from the same complaints. Some blame Apple's Boot Camp drivers (the last ones were released in April 2008); others lay the blame at Windows' bloated codebase. With Apple and Microsoft both trying to avoid responsibility for improving the experience, Windows 7's reported improvements in power management will be moot for MacBook users for a while."

ericatcw writes "Users hoping that Windows 7's arrival will mean less power drain on their MacBook laptops may be disappointed, writes Computerworld's Eric Lai. Running Windows 7 in Boot Camp caused one CNET reviewer's battery life to fall by more than two-thirds. But virtualization software such as VMware Fusion suffer from the same complaints. Some blame Apple's Boot Camp drivers (the last ones were released in April 2008); others lay the blame at Windows' bloated codebase. With Apple and Microsoft both trying to avoid responsibility for improving the experience, Windows 7's reported improvements in power management will be moot for MacBook users for a while."

ericatcw writes "Users hoping that Windows 7's arrival will mean less power drain on their MacBook laptops may be disappointed, writes Computerworld's Eric Lai. Running Windows 7 in Boot Camp caused one CNET reviewer's battery life to fall by more than two-thirds. But virtualization software such as VMware Fusion suffer from the same complaints. Some blame Apple's Boot Camp drivers (the last ones were released in April 2008); others lay the blame at Windows' bloated codebase. With Apple and Microsoft both trying to avoid responsibility for improving the experience, Windows 7's reported improvements in power management will be moot for MacBook users for a while."

CWmike writes "Microsoft will pay Yahoo $50 million a year for three years and will hire at least 400 Yahoo employees as part of the companies' recent search agreement, according to a filing with the US Securities and Exchange Commission. Yahoo's form 8-K, which appeared online on Tuesday, reveals a few additional details about the agreement. The deal, announced last week, will mean that Microsoft's Bing search engine will power Yahoo's search site and Yahoo will sell premium search ad services for both companies. Five years into the 10-year agreement, Microsoft can opt out of the exclusive engagement for Yahoo's ad sales services, according to the filing. If it does, Yahoo will then keep 93 percent of the search revenue generated on sites owned and operated by Yahoo, instead of 88 percent. But Yahoo can also decide to remain the exclusive premium ad sales provider, in which case it will settle for an 83 percent share of the revenue. If Microsoft doesn't end the exclusive arrangement, Yahoo's share of the revenue will go up to 90 percent."

CWmike writes "Microsoft will pay Yahoo $50 million a year for three years and will hire at least 400 Yahoo employees as part of the companies' recent search agreement, according to a filing with the US Securities and Exchange Commission. Yahoo's form 8-K, which appeared online on Tuesday, reveals a few additional details about the agreement. The deal, announced last week, will mean that Microsoft's Bing search engine will power Yahoo's search site and Yahoo will sell premium search ad services for both companies. Five years into the 10-year agreement, Microsoft can opt out of the exclusive engagement for Yahoo's ad sales services, according to the filing. If it does, Yahoo will then keep 93 percent of the search revenue generated on sites owned and operated by Yahoo, instead of 88 percent. But Yahoo can also decide to remain the exclusive premium ad sales provider, in which case it will settle for an 83 percent share of the revenue. If Microsoft doesn't end the exclusive arrangement, Yahoo's share of the revenue will go up to 90 percent."

CWmike writes "Intel has confirmed that its new consumer-class X25-M and X18-M solid state-disk drives (SSDs) suffer from data corruption issues and said it has pulled back shipments to resellers. The X25-M (2.5-inch) and X18-M (1.8-inch) SSDs are based on a joint venture with Micron and used that company's 34-nanometer lithography technology. That process allows for a denser, higher capacity product that brings with it a lower price tag than Intel's previous offerings, which were based on 50-nanometer lithography technology. Intel says the data corruption problem occurs only if a user sets up a BIOS password on the 34-nanometer SSD, then disables or changes the password and reboots the computer. When that happens, the SSD becomes inoperable and the data on it is irretrievable. This is not the first time Intel's X25-M and X18-M SSDs have suffered from firmware bugs. The company's first generation of drives suffered from fragmentation issues resulting in performance degradation over time. Intel issued a firmware upgrade as a fix."

CWmike writes "Intel has confirmed that its new consumer-class X25-M and X18-M solid state-disk drives (SSDs) suffer from data corruption issues and said it has pulled back shipments to resellers. The X25-M (2.5-inch) and X18-M (1.8-inch) SSDs are based on a joint venture with Micron and used that company's 34-nanometer lithography technology. That process allows for a denser, higher capacity product that brings with it a lower price tag than Intel's previous offerings, which were based on 50-nanometer lithography technology. Intel says the data corruption problem occurs only if a user sets up a BIOS password on the 34-nanometer SSD, then disables or changes the password and reboots the computer. When that happens, the SSD becomes inoperable and the data on it is irretrievable. This is not the first time Intel's X25-M and X18-M SSDs have suffered from firmware bugs. The company's first generation of drives suffered from fragmentation issues resulting in performance degradation over time. Intel issued a firmware upgrade as a fix."

Groo Wanderer writes "Normally, a well-crafted fake ATM would skim a lot of card information before it was noticed, if it was ever noticed at all. Because it is safer for the criminals and harder to prosecute, financial crimes like this are spreading fast. If you are smart, you don't try to pull one off in the middle of a computer security convention where the attendees are very good at spotting such scams. That said, some not-so-bright criminal tried to plant a fake ATM at Defcon. He now has one less fake ATM and a whole lot of investigators on his tail."

A week after Microsoft agreed to include a browser ballot screen in Windows 7 systems sold in Europe, then announced that those systems would initially include no browser at all — specifically, no Internet Explorer — Microsoft has changed its mind again and dropped talk of a European Windows 7 E edition. Here is the official Microsoft blog announcement, which includes a screen shot of the proposed ballot screen. The browsers are listed left-to-right in order of market share, with IE therefore having pride of place. PC Pro notes that, since the ballot screen would not appear if IE were not pre-installed, Microsoft's proposal opens the door for Google to work with PC manufacturers to get Chrome on new machines. Note that the browser ballot screen has not yet been accepted by the EU, though the initial reaction to it was welcoming.

suraj.sun writes with an update to the news from a few days ago about Apple pulling Google Voice apps for the iPhone. Their actions have raised the interest of the FCC, which is now beginning an investigation into the matter. "In a letter sent to Apple, the FCC asked the company why it turned down Google Voice for the iPhone and pulled several other Google Voice-related programs from the iPhone's only sanctioned online mart. The FCC also sent similar letters to both AT&T — Apple's exclusive carrier partner in the US — and Google, asking both firms to provide more information on the issue. The FCC's letter asked Apple whether it rejected Google Voice and dumped other applications on its own, or 'in consultation with AT&T,' and if the latter, to describe the conversations the partners had. In other questions, the FCC asked Apple whether AT&T has any role in the approval of iPhone applications, wants the company to explain how Google Voice differs from any other VoIP software that has been approved, and requested a list of all applications that have been rejected and why."

Lucas123 writes "The location of the safe house used in times of emergency for the First Family was leaked on a LimeWire file-sharing network recently, a fact revealed today to members of the House Oversight and Government Reform Committee. Along with the safe house location, the LimeWire networks also disclosed presidential motorcade routes, as well as sensitive but unclassified document that listed details on every nuclear facility in the country. Now lawmakers are considering a bill to ban P2P use on government, contractor networks."

Lucas123 writes "The location of the safe house used in times of emergency for the First Family was leaked on a LimeWire file-sharing network recently, a fact revealed today to members of the House Oversight and Government Reform Committee. Along with the safe house location, the LimeWire networks also disclosed presidential motorcade routes, as well as sensitive but unclassified document that listed details on every nuclear facility in the country. Now lawmakers are considering a bill to ban P2P use on government, contractor networks."

CWmike writes "Russia's launch of Sputnik in 1957 triggered a crisis of confidence in the US that helped drive the creation of a space program. Now, Russia is comparing the US's achievements in supercomputing with theirs, and they don't like what they see. In a speech on Tuesday, Russia's President, Dmitry Medvedev, criticized his country's IT industry almost to the point of sarcasm for failing to develop supercomputing technology, and urged a dramatic change in Russia's use of high-performance computing. Medvedev, at the opening address of a Security Council Meeting on Supercomputers in Moscow, told attendees that 476 out of the 500 supercomputers on the Top500 list were manufactured in the United States. 'Therefore, in general, our situation is very difficult,' he said."

CWmike writes "Russia's launch of Sputnik in 1957 triggered a crisis of confidence in the US that helped drive the creation of a space program. Now, Russia is comparing the US's achievements in supercomputing with theirs, and they don't like what they see. In a speech on Tuesday, Russia's President, Dmitry Medvedev, criticized his country's IT industry almost to the point of sarcasm for failing to develop supercomputing technology, and urged a dramatic change in Russia's use of high-performance computing. Medvedev, at the opening address of a Security Council Meeting on Supercomputers in Moscow, told attendees that 476 out of the 500 supercomputers on the Top500 list were manufactured in the United States. 'Therefore, in general, our situation is very difficult,' he said."

CWmike writes "More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won't patch until Thursday, Danish security company Secunia says. According to Secunia, 92% of the 900,000 users who have recently run the company's Personal Software Inspector (PSI) utility have Flash Player 10 on their PCs, while 31% have Flash Player 9. (The total exceeds 100% because some users have installed both.) The most-current versions of Flash Player — 9.0.159.0 and 10.0.22.87) — are vulnerable to hackers conducting drive-by attacks hosted on malicious and legitimate-but-compromised sites. Antivirus vendors have reported hundreds, in some cases thousands, of sites launching drive-bys against Flash."

CWmike writes "More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won't patch until Thursday, Danish security company Secunia says. According to Secunia, 92% of the 900,000 users who have recently run the company's Personal Software Inspector (PSI) utility have Flash Player 10 on their PCs, while 31% have Flash Player 9. (The total exceeds 100% because some users have installed both.) The most-current versions of Flash Player — 9.0.159.0 and 10.0.22.87) — are vulnerable to hackers conducting drive-by attacks hosted on malicious and legitimate-but-compromised sites. Antivirus vendors have reported hundreds, in some cases thousands, of sites launching drive-bys against Flash."

CWmike writes "More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won't patch until Thursday, Danish security company Secunia says. According to Secunia, 92% of the 900,000 users who have recently run the company's Personal Software Inspector (PSI) utility have Flash Player 10 on their PCs, while 31% have Flash Player 9. (The total exceeds 100% because some users have installed both.) The most-current versions of Flash Player — 9.0.159.0 and 10.0.22.87) — are vulnerable to hackers conducting drive-by attacks hosted on malicious and legitimate-but-compromised sites. Antivirus vendors have reported hundreds, in some cases thousands, of sites launching drive-bys against Flash."

ericatcw writes "'NoSQL' alternatives such as Hadoop and MapReduce may be uber-cheap and scalable, but they remain slower and clumsier to use than relational databases, say some. Now, researchers at Yale University have created a database-Hadoop hybrid that they say offers the best of both worlds: fast performance and the ability to scale out near-indefinitely. HadoopDB was built using PostGreSQL, though MySQL has also successfully been swapped in, according to Yale computer science professor Daniel Abadi, whose students built this prototype."

ericatcw writes "'NoSQL' alternatives such as Hadoop and MapReduce may be uber-cheap and scalable, but they remain slower and clumsier to use than relational databases, say some. Now, researchers at Yale University have created a database-Hadoop hybrid that they say offers the best of both worlds: fast performance and the ability to scale out near-indefinitely. HadoopDB was built using PostGreSQL, though MySQL has also successfully been swapped in, according to Yale computer science professor Daniel Abadi, whose students built this prototype."

Frequent Slashdot contributor Bennett Haselton writes "A judge rules that IP addresses are not 'personally identifiable information' (PII) because they identify computers, not people. That's absurd, but in truth there is no standard definition of PII in the industry anyway, because you don't need one in order to write secure software. Here's a definition of 'PII' that the judge could have adopted instead, to reach the same conclusion by less specious reasoning." Hit the link below to read the rest of his thoughts.

US District Court Judge Richard Jones's recent ruling in Johnson v. Microsoft has been much ridiculed for saying that IP addresses are not "personally identifiable information" (PII) because they identify computers, not individual users. Legions of critics have pointed out that this is like saying home addresses are not PII because they identify houses, not people. And it was pretty silly for Jones to say that "the only reasonable interpretation" of PII would be to exclude IP addresses from the definition — when, as the plaintiffs pointed out, Microsoft's own website defined PII to include IP addresses. (Microsoft has since removed from that definition from their online glossary and replaced with a link to their privacy statement.)

But the open secret in the privacy tech industry is that nobody knows exactly what "personally identifiable information" means anyway, and nobody cares, either. This is not because industry leaders don't care about privacy and security. They do. But being a good, privacy-conscious software architect has nothing to do with nit-picking the details of what counts as PII. If you're designing the new Hotmail, you should just know that passwords should be encrypted when users log in over the Web, that third parties should not be able to query the Hotmail database and harvest e-mail addresses, that users shouldn't be able to extract personal data such as birthdates that are associated with another user's e-mail address, etc. If you don't instinctively know those things already, then memorizing a definition for "PII" is not going to make you a good security-conscious programmer.

Conversely, the major security threats facing Windows users — malware infection through security holes in Windows and Internet Explorer — have nothing to do with the definition of PII or the finer points of Microsoft's privacy policy. There may even be public relations gurus at Microsoft who are glad to see the "IP addresses as PII" controversy in the headlines, if that relatively minor privacy issue distracts the public from the vastly more serious threats posed browser security holes.

There are indeed published definitions of "PII" — the US Office of Management and Budget Memo 07-16 defines PII as:

"information which can be used to distinguish or trace an individual's identity, such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother's maiden name, etc."

But that doesn't pass the test of what makes a good definition, which is: If two different people read that definition, and then you gave them an example of a piece of data (such as the school that someone graduated from), would they usually be able to agree on whether that data counts as "PII?" How about IP addresses? From the written definition alone, there's no way to tell for sure.

I actually worked as a contractor at Microsoft at the onset of the PII craze, and in order to commence working on what would eventually become Windows Live, we all had to watch a streaming video about PII, what it was, how to secure it, etc. Near the beginning, the narrator gave some examples of PII, including e-mail addresses, and mentioned that PII should be encrypted when transmitted over the Internet. (I'm not violating any confidentiality; these standards were all publicly released later.) Full of first-week-on-the-job idealism, I looked up the narrator in the company directory and earnestly typed out an e-mail raising some points, such as: Doesn't Hotmail display your e-mail address over an unencrypted connection when you're signed in to Hotmail? And anyway, because the standard e-mail protocols always transmit To: and From: addresses unencrypted over the Internet, how would it ever be possible to "encrypt e-mail addresses in transit" anyway? Wouldn't it make more sense to specify that individual e-mail addresses can be transmitted in the clear one at a time, but if we're ever transferring a large number of them in bulk, it would be wise to encrypt the list, to reduce the chance of it falling into the hands of a spammer?

Then the video kept rolling, and making more statements that seemed to contradict earlier ones, or that were too vague to give me any idea of what I was actually supposed to do in a given situation, and eventually I got the point: We do care about privacy and security. But, there is no algorithm that can determine unambiguously what counts as "PII" or what you're supposed to do in order to safeguard it. You just have to use your common sense and ask around if you're not sure. The main point of the video is to reinforce how important this is, not to impart any actual information.

So Judge Jones could have picked from many possible definitions of "PII," and nobody would be able to call him "wrong," as long as the industry doesn't know what it means, either. What he was really trying to decide was whether Microsoft violated its promise "not to collect PII" during the Windows Update process, because the IP addresses of users doing the downloads were visible to Microsoft's servers. The plaintiffs made some other claims in Johnson v. Microsoft that I think have more merit (basically, arguing that the "Windows Genuine Advantage" anti-piracy tool should not have been foisted on users without their consent as part of the Windows Update process), but on this particular point, I think they were bound to lose on the claim that collecting IP addresses during a download was a privacy violation. After all, if the judge had ruled in their favor on this point, Microsoft would have had to discontinue Windows Update in order to comply with the ruling, and I don't think anybody wants that.

So, maybe Judge Jones just decided that he didn't want to be known as the judge who outlawed Windows security updates, so he determined in advance that he was going to rule that Microsoft did not violate users' privacy by collecting IP addresses during Windows Update. Then he worked backwards from there to find reasoning that supported this conclusion. That's not really how it's supposed to work, but at least he could have had good intentions.

Unfortunately, the reasoning that he hit on was the absurd argument that IP addresses are not PII because they identify computers, not the people who own them. Here's something that he could have said instead:

"I'm not counting IP addresses as PII, because in order to find out who was using an IP address at a particular time, you have to subpoena the ISP. That's what makes them different from names and home addresses, which can be matched to individual people without a subpoena. As long as Microsoft isn't subpoenaing ISPs to find out who was using a particular IP address, for all practical purposes they are not 'personally identifiable.'"

Judge Jones actually started out in that direction by quoting from another case, Klimas v. Comcast Cable Communications, Inc., where the court wrote, "We further note that IP addresses do not in and of themselves reveal 'a subscriber's name, address, [or] social security number.' That information can only be gleaned if a list of subscribers is matched up with a list of their individual IP addresses." And that list matching up subscribers with the IP addresses they were using at a given time, can only be obtained with a subpoena. Jones could have quit while he was ahead and stuck with that reasoning, and he would have avoided all the ridicule that came from his statement about IP addresses.

Or maybe Judge Jones could have just said,

"Look, you don't have a standard definition for PII anyway. You adapt it to each individual situation, in order to determine what privacy protections should be built into each program, by using your common sense. So that's what I'm doing to do in this situation too. And my common sense tells me that having IP addresses visible to Microsoft's servers during the Windows Update process, is not a privacy violation, because that's how downloads work."

That's as good a definition of PII as any. Now let's get back to the real work of stopping Russian porno spammers from pwning our machines in the first place.

CWmike writes "They sometimes call national security the third rail of politics. Touch it and, politically, you're dead. The cliché doesn't seem far off the mark after reading Mark Klein's new book, Wiring up the Big Brother Machine ... and Fighting It. It's an account of his experiences as the whistleblower who exposed a secret room at a Folsom Street facility in San Francisco that was apparently used to monitor the Internet communications of ordinary Americans. Amazingly, however, nobody wanted to hear his story. In his book he talks about meetings with reporters and privacy groups that went nowhere until a fateful January 20, 2006 meeting with Kevin Bankston of the Electronic Frontier Foundation. Bankston was preparing a lawsuit that he hoped would put a stop to the wiretap program, and Klein was just the kind of witness the EFF was looking for. He spoke with Robert McMillan for an interview."

CWmike writes "They sometimes call national security the third rail of politics. Touch it and, politically, you're dead. The cliché doesn't seem far off the mark after reading Mark Klein's new book, Wiring up the Big Brother Machine ... and Fighting It. It's an account of his experiences as the whistleblower who exposed a secret room at a Folsom Street facility in San Francisco that was apparently used to monitor the Internet communications of ordinary Americans. Amazingly, however, nobody wanted to hear his story. In his book he talks about meetings with reporters and privacy groups that went nowhere until a fateful January 20, 2006 meeting with Kevin Bankston of the Electronic Frontier Foundation. Bankston was preparing a lawsuit that he hoped would put a stop to the wiretap program, and Klein was just the kind of witness the EFF was looking for. He spoke with Robert McMillan for an interview."

CWmike writes "Mozilla has confirmed the first security vulnerability in Firefox 3.5, saying that the bug could be used to hijack a machine running the company's newest browser. A noted Firefox contributor called the situation 'self-inflicted' and said it was likely that the hacker who posted public exploit code Monday became aware of the flaw by rooting through Bugzilla, Mozilla's bug- and change-tracking database. The vulnerability is in the TraceMonkey JavaScript engine that debuted with Firefox 3.5, said Mozilla. '[It] can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code,' Mozilla's security blog reported Tuesday."

CWmike writes "Mozilla has confirmed the first security vulnerability in Firefox 3.5, saying that the bug could be used to hijack a machine running the company's newest browser. A noted Firefox contributor called the situation 'self-inflicted' and said it was likely that the hacker who posted public exploit code Monday became aware of the flaw by rooting through Bugzilla, Mozilla's bug- and change-tracking database. The vulnerability is in the TraceMonkey JavaScript engine that debuted with Firefox 3.5, said Mozilla. '[It] can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code,' Mozilla's security blog reported Tuesday."

CWmike writes "Attacks exploiting the latest Microsoft vulnerability are quickly ramping up in quantity and intensity, several security companies warned today as they rang alarms about the developing threat. Symantec, Sunbelt Software, and SANS' Internet Storm Center bumped up their warnings yesterday after Microsoft announced that attackers were exploiting a bug in an ActiveX control used by IE to display Excel spreadsheets. There is no patch for the vulnerability; Microsoft didn't release one in today's Patch Tuesday. A temporary fix that sets the 'kill bits' of the ActiveX control is available, but experts believe it's likely most users won't take advantage of the protection. Symantec raised its ThreatCon ranking to the second of four steps. "We're seeing it exploited, but currently on a limited scale," said Symantec's Ben Greenbaum. Sunbelt also bumped up its ranking, to high." Firefox users can't be too complacent; Secunia is warning of a 0-day in version 3.5.

CWmike writes "Attacks exploiting the latest Microsoft vulnerability are quickly ramping up in quantity and intensity, several security companies warned today as they rang alarms about the developing threat. Symantec, Sunbelt Software, and SANS' Internet Storm Center bumped up their warnings yesterday after Microsoft announced that attackers were exploiting a bug in an ActiveX control used by IE to display Excel spreadsheets. There is no patch for the vulnerability; Microsoft didn't release one in today's Patch Tuesday. A temporary fix that sets the 'kill bits' of the ActiveX control is available, but experts believe it's likely most users won't take advantage of the protection. Symantec raised its ThreatCon ranking to the second of four steps. "We're seeing it exploited, but currently on a limited scale," said Symantec's Ben Greenbaum. Sunbelt also bumped up its ranking, to high." Firefox users can't be too complacent; Secunia is warning of a 0-day in version 3.5.

CWmike writes to point out that Steven J. Vaughan-Nichols is one of many people questioning where Oracle may land once the acquisition of Sun is complete. One concern that I have heard many people express is that there may be a good chance of OpenSolaris getting the axe for not fitting in with the overall corporate vision. "People outside of IT seldom think of Oracle as a Linux company, but it is. Not only does Oracle encourage its customers to use its own house-brand clone of RHEL (Red Hat Enterprise Linux), Oracle Unbreakable Linux, Oracle has long used Linux internally both on its servers and on some of its desktops. So, what does a Linux company like Oracle wants to do with its newly purchased Sun's open-source operating system, OpenSolaris? The answer appears to be: 'Nothing.' Sun, Oracle and third-party sources are telling me that OpenSolaris developers are afraid that they'll be either moved over to working on Linux or let go once the Sun/Oracle merger is completed."

CWmike writes to point out that Steven J. Vaughan-Nichols is one of many people questioning where Oracle may land once the acquisition of Sun is complete. One concern that I have heard many people express is that there may be a good chance of OpenSolaris getting the axe for not fitting in with the overall corporate vision. "People outside of IT seldom think of Oracle as a Linux company, but it is. Not only does Oracle encourage its customers to use its own house-brand clone of RHEL (Red Hat Enterprise Linux), Oracle Unbreakable Linux, Oracle has long used Linux internally both on its servers and on some of its desktops. So, what does a Linux company like Oracle wants to do with its newly purchased Sun's open-source operating system, OpenSolaris? The answer appears to be: 'Nothing.' Sun, Oracle and third-party sources are telling me that OpenSolaris developers are afraid that they'll be either moved over to working on Linux or let go once the Sun/Oracle merger is completed."

cheezitmike writes "Researchers at Oregon State University are testing a new type of wave-energy converter to generate electricity from ocean waves: 'Even when the ocean seems calm, swells are moving water up and down sufficiently to generate electricity. ... For decades the challenge has been to build a device that can withstand monster waves and gale-force winds, not to mention corrosive saltwater, seaweed, floating debris and curious marine mammals. ... In the most recent prototypes, a thick coil of copper wire is inside the first component, which is anchored to the seafloor. The second component is a magnet attached to a float that moves up and down freely with the waves. As the magnet is heaved by the waves, its magnetic field moves along the stationary coil of copper wire. This motion induces a current in the wire — electricity.'" Meanwhile, researchers at Stanford are working to design "turbine kites" that operate at 30,000 feet, where air currents flow much faster than they do close to the ground. Ken Caldeira, a Stanford associate professor, said, "If you tapped into 1% of the power in high-altitude winds, that would be enough to continuously power all civilization."

BBCWatcher writes "Computerworld's Steven J. Vaughan-Nichols reports that the London Stock Exchange is abandoning its Microsoft Windows-based trading platform: 'Anyone who was ever fool enough to believe that Microsoft software was good enough to be used for a mission-critical operation had their face slapped this September when the LSE's Windows-based TradElect system brought the market to a standstill for almost an entire day .... Sources at the LSE tell me to this day that the problem was with TradElect ...'"

ericatcw writes "The inaugural NoSQL meet-up in San Francisco during last month's Yahoo! Apache Hadoop Summit had a whiff of revolution about it, like a latter-day techie version of the American Patriots planning the Boston Tea Party. Like the Patriots, who rebelled against Britain's heavy taxes, NoSQLers came to share how they had overthrown the tyranny of burdensome, expensive relational databases in favor of more efficient and cheaper ways of managing data, reports Computerworld."

ericatcw writes "The inaugural NoSQL meet-up in San Francisco during last month's Yahoo! Apache Hadoop Summit had a whiff of revolution about it, like a latter-day techie version of the American Patriots planning the Boston Tea Party. Like the Patriots, who rebelled against Britain's heavy taxes, NoSQLers came to share how they had overthrown the tyranny of burdensome, expensive relational databases in favor of more efficient and cheaper ways of managing data, reports Computerworld."

CWmike writes "The chairman of the House Committee on Homeland Security, Bennie Thompson (D-Miss.), has given the Transportation Security Administration (TSA) until July 8 to explain how the agency plans to ensure the security of private data collected by a recently shuttered company that offered a registered traveler program. In a letter to the TSA's acting assistant secretary, Thompson expressed his concern over the abrupt closure of Verified Identity Pass (VIP), which offered a service called Clear for a $199 annual fee that helped air travelers get through airport security checks faster by vetting their identities and backgrounds in advance. VIP has left open the possibility that the data could end up being acquired or sold to a third-party, but only if it was going to be used for a registered traveler program."

CWmike writes "The chairman of the House Committee on Homeland Security, Bennie Thompson (D-Miss.), has given the Transportation Security Administration (TSA) until July 8 to explain how the agency plans to ensure the security of private data collected by a recently shuttered company that offered a registered traveler program. In a letter to the TSA's acting assistant secretary, Thompson expressed his concern over the abrupt closure of Verified Identity Pass (VIP), which offered a service called Clear for a $199 annual fee that helped air travelers get through airport security checks faster by vetting their identities and backgrounds in advance. VIP has left open the possibility that the data could end up being acquired or sold to a third-party, but only if it was going to be used for a registered traveler program."