Slashdot Mirror

eweekhickins writes "Corvil has unveiled a new tool to help network managers cope with increasing pressure to improve performance. This appliance, from the Dublin-based company (with backing from Cisco), passively monitors traffic across networks in segments below 1 microsecond in length and correlates monitoring data with remote appliances and gives a complete picture of latency, jitter, packet loss and other phenomena that affect network and application performance. Corvil CEO Donal Byrne noted that 'If you can drop a millisecond [of latency] off, you're a hero.'"

eweekhickins writes "Corvil has unveiled a new tool to help network managers cope with increasing pressure to improve performance. This appliance, from the Dublin-based company (with backing from Cisco), passively monitors traffic across networks in segments below 1 microsecond in length and correlates monitoring data with remote appliances and gives a complete picture of latency, jitter, packet loss and other phenomena that affect network and application performance. Corvil CEO Donal Byrne noted that 'If you can drop a millisecond [of latency] off, you're a hero.'"

eweekhickins writes "A report written by a tech worker in China describes the pervasive censorship, abetted by ample manpower and funding estimated at $27 billion in US dollars. The author, who calls himself Mr. Tao, also writes that plenty of Chinese are finding ways to resist censorship, and offers tips on how to keep evading Big GeGe (that's Older Brother). Not surprisingly, self-censorship is very prevalent. Also not surprisingly, the authorities are starting to catch on to things like RSS feeds. It's another race for survival between the tiny mammals and the lumbering dinosaurs." Here's Mr. Tao's report (PDF), written under the auspices of Reporters Without Borders.

eweekhickins writes "A report written by a tech worker in China describes the pervasive censorship, abetted by ample manpower and funding estimated at $27 billion in US dollars. The author, who calls himself Mr. Tao, also writes that plenty of Chinese are finding ways to resist censorship, and offers tips on how to keep evading Big GeGe (that's Older Brother). Not surprisingly, self-censorship is very prevalent. Also not surprisingly, the authorities are starting to catch on to things like RSS feeds. It's another race for survival between the tiny mammals and the lumbering dinosaurs." Here's Mr. Tao's report (PDF), written under the auspices of Reporters Without Borders.

eweekhickins writes "After two laptops were lost containing the personal data of 3,900+ truckers who handle HAZMATs, the Transportation Security Administration has ordered its contractors to encrypt any and all data. 'After the second theft or loss, the TSA conducted an IT forensic investigation that ascertained that the (previously) deleted information could be retrieved if a thief had the proper training. "So even though [there's only a] small chance of [the data being misused], we did notify all affected individuals and advised them of what steps to take to protect themselves, and we mandated that contractors need to encrypt any and all data in addition to any deletion procedures that might be in place," Davis said.'"

eweekhickins writes "After two laptops were lost containing the personal data of 3,900+ truckers who handle HAZMATs, the Transportation Security Administration has ordered its contractors to encrypt any and all data. 'After the second theft or loss, the TSA conducted an IT forensic investigation that ascertained that the (previously) deleted information could be retrieved if a thief had the proper training. "So even though [there's only a] small chance of [the data being misused], we did notify all affected individuals and advised them of what steps to take to protect themselves, and we mandated that contractors need to encrypt any and all data in addition to any deletion procedures that might be in place," Davis said.'"

eweekhickins writes "The Governator has killed a recent data protection law in California, and it won't be back. Using a tried-and-true argument, that the bill would have 'driven up the costs of compliance, particularly for small businesses,' California Governor Arnold Schwartzenneger vetoed what some are calling one of the nation's most stringent proposed e-tail data breach security laws."

eweekhickins writes "The Governator has killed a recent data protection law in California, and it won't be back. Using a tried-and-true argument, that the bill would have 'driven up the costs of compliance, particularly for small businesses,' California Governor Arnold Schwartzenneger vetoed what some are calling one of the nation's most stringent proposed e-tail data breach security laws."

mrcgran writes "Eweek is reporting on Red Hat's assurances that can continue to deploy Linux without fear of legal retribution from Microsoft. This, despite the increasingly vocal threats emanating from Redmond. 'In a scathing response to Ballmer's remarks, Red Hat's IP team said the reality is that the community development approach of free and open-source code represents a healthy development paradigm, which, when viewed from the perspective of pending lawsuits related to intellectual property, is at least as safe as proprietary software. "We are also aware of no patent lawsuit against Linux. Ever. Anywhere," the team said in a blog posting.'"

theodp writes "Nine months after the Los Angeles Unified School District launched SAP HR and Payroll as part of a larger $132M ERP rollout, LAUSD employees are still being overpaid, underpaid or going unpaid. In June, about 30,000 paychecks were issued with errors, falling somewhat short of the Mission Statement 'to effectively deliver services to meet the payroll needs of all District employees serving our students.' Meanwhile, a $17M PeopleSoft-based payroll implementation has been making life miserable for Chicago Public Schools teachers and staff since last April, including June retirees who were stiffed for more than $35M. It's been a bad computer year for CPS staff, who also had to contend with a new $60M system that wasn't up to the task of taking attendance."

An anonymous reader writes "Here's a story about what can happen to any enterprise IT department that overestimates the intelligence of its users. Only in this case, the enterprise in question is the U.S. Department of Homeland Security. The spokesman says there's no Jack Bauer mentality. No kidding!"

paleshadows writes "A year and a half has passed since SubVirt, the first VMM (virtual machine monitor) based rootkit, was introduced (PDF), covered in the tech press, and discussed here. Later Joanna Rutkowska made news by claiming she had a VMM-based attack on Vista that was undetectable — a claim that was roundly challenged. Now in this year's HotOS workshop, researchers from Stanford, CMU, VMware, and XenSource have published a paper titled Compatibility Is Not Transparency: VMM Detection Myths and Realities (PDF) showing that VMM-based rootkits are actually easily detectable."

Xenographic writes "The OSI has identified two significant flaws in the Microsoft Permissive License, and is unlikely to approve it as an OSI license in its current state. Specifically, the OSI is worried about the way the MS-PL is incompatible with so many other OSI-approved licenses and how misleading that makes the term 'permissive' in the license's name. Now the ball is in Microsoft's court and they can choose to amend or withdraw it from consideration. From the article: 'The MPL is also particularly restrictive, and is uniquely incompatible with the maximum number of other open-source licenses, [president of OSI Michael Tiemann] said, noting that in its examination of license proliferation, the OSI had encouraged experimentation with license terms to encourage new ones to be written that were better than what currently existed.'"

theodp writes "Maybe you shouldn't get too attached to those new Windows Live services. On Tuesday, the USPTO granted Microsoft a patent for privacy policy change notification, which describes how to threaten users with the loss of their accounts and access to web sites and services should they refuse to consent to changes in a privacy policy. This includes the case where a user might object to allowing personal information, collected earlier with a promise of confidentiality, to be shared in the future with third parties. Also described is a 'Never Notify Me' option so you won't have to 'worry' over privacy policy changes."

TechGeek sends us to eWeek, where Mark Shuttleworth is quoted to the effect that Microsoft has succeeded in fracturing the Linux and open-source community with its patent indemnity agreements. Quoting: "Microsoft's strategy was to drive a wedge into the open-source community and unsettle the marketplace, Shuttleworth said. He also took issue with the Redmond, Wash., software maker for not disclosing the 235 of its patents it claims are being violated by Linux and other open-source software. 'That's extortion and we should call it what it is,' he said." Shuttleworth added, "I don't think this will end well for the companies that slipped up and went down that road."

oDDmON oUT writes "An article on the Computerworld site quotes polling results from a potentially-divisive PatchLink survey. The poll shows that the majority of enterprise customers feel there are no compelling security enhancements in Windows Vista, that they have no plans to migrate to it in the near term and that many will 'either stick with the Windows they have, or turn to Linux or Mac OS X'. A majority, 87%, said they would stay with their existing version of Windows. This comes on the heels of a dissenting view of Vista's track record in the area of security at the six month mark, which sparked a heated discussion on numerous forums."

eldavojohn writes "Microsoft CEO Steve Ballmer claimed yesterday that there will be a billion machines running Windows within a year. 'The install base of Windows computers this coming 12 months will reach 1 billion. If you stop and just think about that, parse that for a second, by the end of our fiscal year '08, there will be more PCs running Windows in the world than there are automobiles, which is at least to me kind of a mind-numbing concept.'"

Ho Kooshy Fly writes "It seems that at least one software group has seen the use of Red Hat substantially increase over Novell as of late. EWeek theorizes that this may be backlash from the patent deal with Microsoft. From the article: 'The survey's findings can also be extrapolated to the broader open-source software industry and are not limited to those enterprise customers using Alfresco software "because of the wide range of open-source and proprietary software use cases captured and the large sample size of the survey," [Ian Howells, Alfresco's chief marketing officer] said. "We think these findings accurately reflect the broad technology trends across modern stacks in organizations of all sizes." Gallup polls about U.S. presidential candidates typically survey about 1,000 likely voters, while Alfresco surveyed more than 10,000 people, he said.'"

pilsner.urquell writes "Microsoft yesterday issued a statement proclaiming that it isn't bound by GPLv3. Groklaw has a very humorous rejoinder to the company's claim. From that article: 'They think they can so declare, like an emperor, and it becomes fiat. It's not so easy. I gather Microsoft's lawyers have begun to discern the GPL pickle they are in. In any case it won't be providing any support or updates or anything at all in connection with those toxic (to them) vouchers it distributed as part of the Novell deal ... These two -- I can't decide if it's an elaborate dance like a tango or more like those games where you place a cloth with numbers on the floor and you have to get into a pretzel with your hands and feet to touch all the right numbers. Whichever it is, Novell and Microsoft keep having to strike the oddest poses to try to get around the GPL. If they think this new announcement has succeeded, I believe they will find they are mistaken. In other words, not to put too fine a point on it, GPLv3 worked.'" EWeek has further analysis of this proclamation.

prostoalex writes "FastTCP technology, developed by researchers at CalTech, is being commercialized. A company called FastSoft has introduced a hardware appliance that delivers 15x-20x faster FTP transmissions than those delivered via regular TCP. Says eWeek: 'The algorithm implemented in the Aria appliance senses congestion by continuously measuring the round-trip time for the TCP acknowledgment and then monitoring how that measurement changes from moment to moment.'"

Jonas Maebe writes "Someone thought up another way to profiteer from the software patent system: when a security hole is discovered, they'll try to patent the fix in order to collect money when the affected vendors close the hole in their product. The company in question is not shy about its intentions: Intellectual Weapons will only consider vulnerabilities in high-profile products from vendors with deep pockets. Let's be thankful for yet another way software patents are used to promote science and the useful arts."

turnitover sends us to eWEEK for an appreciation of the Apple II on the 30th anniversary of its shipping. An overview of the history of the Apple II puts it in context. A nice tidbit: how important the floppy drive was to sales. The article quotes Sellam Ismail, the proprietor of VintageTech, which maintains archives of computers, documents, and software: "You could think of the Apple II's importance on two levels — the Woz level and the Steve Jobs level." The former refers to its allure to hackers, and the latter to its appliance-like polish, a first for its time, There is also an interview with Woz, who says, "[A]t the start there were no computers in the home — we had to make the word computer compatible with homes."

turnitover sends us to eWEEK for an appreciation of the Apple II on the 30th anniversary of its shipping. An overview of the history of the Apple II puts it in context. A nice tidbit: how important the floppy drive was to sales. The article quotes Sellam Ismail, the proprietor of VintageTech, which maintains archives of computers, documents, and software: "You could think of the Apple II's importance on two levels — the Woz level and the Steve Jobs level." The former refers to its allure to hackers, and the latter to its appliance-like polish, a first for its time, There is also an interview with Woz, who says, "[A]t the start there were no computers in the home — we had to make the word computer compatible with homes."

DigDuality writes "Microsoft, shrugging off licensing moves to prevent it from repeating its controversial patent deal with Novell, has signed a set of broad collaboration agreements with Linux provider Xandros that include an intellectual property assurance under which Microsoft will provide patent covenants for Xandros customers."

An anonymous reader writes "The most notable changes found in this latest draft include making GPLv3 compatible with version 2.0 of the Apache license, ensuring that distributors who make discriminatory patent deals after March 28 may not convey software under GPLv3, adding terms to clarify how users can contract for private modification of free software or for a data center to run it for them, and replacing the previous reference to a U.S. consumer protection statute with explicit criteria for greater clarity outside the United States. The draft also does not prohibit Novell from distributing software under GPLv3 'because the patent protection they arranged with Microsoft last November can be turned against Microsoft to the community's benefit,' FSF executive director Peter Brown said."

AlexGr writes "According to Eweek's Peter Galli, Microsoft sees no contradiction between its open-source community building efforts and the more-than-thinly-veiled legal threats at Linux and other projects. Horacio Gutierrez, Microsoft's vice president of intellectual property and licensing, actually states: 'One makes the other possible, especially at a time like this, when interoperability is so important. Microsoft recognizes the importance of interoperability, which is why we are doing the things we are in our products, why we created the Interoperability Executive Customer Council, and why we are listening to customers.'"

yuna49 writes "News from last week, but still worth noting: Mark Shuttleworth told eWeek in a May 3rd interview that Dell will not include open-source software such as Wine with the PCs it plans to bundle with Ubuntu Linux. Says Shuttleworth: 'I do not want to position Ubuntu and Linux as a cheap alternative to Windows ... While Linux is an alternative to Windows, it is not cheap Windows. Linux has its own strengths, and users should want it because of those strengths and not because it's a cheap copy of Windows ... Often we see proprietary software companies just completely fail to understand not only the motivations of the Linux community, but also the processes. It's very practical, there's a way to get things done, and it's different. The VMware guys have really engaged with us completely and worked to the agenda set by the Linux community, which is not an ideological agenda but a practical one.' Does that mean Wine won't even be listed in the package manager?"

jb.cancer noted an article running on eweek about plans in Iran to censor phone messages sent within the country. At least it's not quite that bad here yet. But give it a few years!

techdirtfeed writes "For years, plenty of folks (including the Government Accountability Office) have been pointing out that the way the FCC measures broadband competition is very flawed. It simply assumes that if a single household in a zip code is offered broadband by provider A, then every household in that zip code can get broadband from provider A. See the problem? For some reason the FCC still hasn't changed its ways, but at least they're starting to realize the problem. They're now saying they need to change the way they measure competition. Commissioner Michael Copps points out: 'Our statistical methodology seems almost calculated to obscure just how far our country is falling behind many other industrialized nations in broadband availability, adoption, speed and price.'"

Kelson writes to mention Microsoft, Mozilla, Opera and Google took the stage this week at the Web 2.0 expo and in addition to discussing pressing issues have declared their intent to avoid another browser war. All the panelists agreed that security was the largest concern currently facing browser developers. "Brendan Eich, the chief technology officer at Mozilla, said that security was hard and always will be. 'I don't think we should take security lightly; it's an end-to-end problem and we have to step outside the current model to win on this front,' he said. For his part, Chris Wetherell, a software engineer at Google, said one of the scenarios that kept him awake at night was offline access to the browser and what that meant from a security perspective, particularly on the user-to-user front."

Microsoft Delenda Est writes "After ACT, a Microsoft front group, started claiming that the GPLv3 was legally 'risky' and could give rise to anti-trust liability, eWeek has published a rebuttal by Bruce Perens. Aside from the fact that IBM, HP, Red Hat, and a couple dozen corporate lawyers are watching over the creation of the GPLv3, there is already precedent that shows the GPL is unlikely to give rise to any significant liability — Daniel Wallace v. FSF. In that case, pro se litigant Daniel Wallace was all but laughed out of the courtroom for alleging the GPLv2 violates anti-trust law, and the GPLv3 clauses in question are simply clarifications and extensions of clauses in the GPLv2. Presumably, that is why the ACT neglected to cite any precedent substantiating their allegations."

theodp writes "Debunking claims to the contrary, a new study from Duke University asserts that it is purely cost savings, and not the education of Indian and Chinese workers, or a shortage of American engineers that has caused offshore outsourcing. 'The key advantage of hiring Chinese entry-level engineers was cost savings, whereas a few respondents cited strong education or training and a willingness to work long hours. Similarly, cost savings were cited as a major advantage of hiring Indian entry-level engineers, whereas other advantages were technical knowledge, English language skills, strong education or training, ability to learn quickly, and a strong work ethic.' The article goes on to point out that despite this, outsourcing will continue to be a problem for US workers in coming decades; new elements of traditional corporations like R&D may in fact be next on the outsourcing chopping block."

yuna49 writes to let us know that the US Federal Communications Commission last week announced a Notice of Inquiry (PDF) into: "...the behavior of broadband market participants, including: (1) How broadband providers are managing Internet traffic on their networks today; (2) Whether providers charge different prices for different speeds or capacities of service; (3) Whether our policies should distinguish between content providers that charge end users for access to content and those that do not; (4) How consumers are affected by these practices." eWeek reports that the study is targeted at whether broadband providers are treating some content providers more favorably than others. Distinctly absent is any discussion about port filtering or other restrictions on Internet usage. The two Democrats on the Commission pressed for a broader "Notice of Rulemaking" to move more quickly towards a policy of non-discrimination. The Republican majority ignored these arguments and voted for an Inquiry, to which the Democrats acceded.

rah1420 writes "Microsoft has announced that it will open-source the core portions of the Visual FoxPro DBMS software to its CodePlex community development site. At the same time, Microsoft has announced that it will no longer be making new versions of the FoxPro DBMS."

Alien54 writes "In the simplest terms: too many IT workplaces have become Dilbertized -- micromanaged, bureaucratic and stifled creatively. It's become an environment where busy work is praised and morale is low. How is it possible to bring IT's appeal back? 'IT professionals that have worked in the field for a long time often speak about a shift in their work where they have gone from tossing ideas back and forth to make for better technology solutions to fighting fires all day. "There's less emphasis on creativity, and more on maintenance. Tweak this, work on this ... In being reactive not proactive, everything is a crisis. Something has to be done right now, putting out fire after fire, going a long way to making IT a less pleasant environment," said Skaistis. Beyond making for a unpleasant work environment for the techies already in-house, this firefighting serves as a warning to potential recruits: you will not like this job.'"

RLiegh writes "Ars Technica reports that Sun has joined the FSF Corporate Patron program. The article explains that the FSF corporate program allows companies to provide financial assistance to the FSF in return for license consulting services. The article goes on to observe that this move is doubtlessly motivated by Sun's interest in GPL3's direction. Now that Sun has opened up Java and become an FSF corporate sponsor...could the move to dual license OpenSolaris under the GPL3 be far behind?"

An anonymous reader writes "A U.S. federal jury found that Microsoft Corp. infringed audio patents held by Alcatel-Lucent and should pay $1.52 billion in damages, Microsoft said Thursday. The news comes after reports that U.S. Supreme Court justices expressed doubts about whether Microsoft Corp. should be liable for infringing AT&T Inc. patents in Windows software sold overseas."

An anonymous reader writes "eWeek has a story describing a talk by former Microsoft developer Adam Bosworth, now a VP at Google, entitled 'Physics, Speed and Psychology: What Works and What Doesn't in Software, and Why.' Bosworth depicts issues with processing, broadband, natural language, and human behavior; and he dishes on Microsoft." Quoting: "'Back in '96-'97, me and a group of people... helped build stuff that these days is called AJAX,' Bosworth said. 'We sat down and took a hard look at what was going to happen with the Internet and we concluded, in the face of unyielding opposition and animosity from virtually every senior person at Microsoft, that the thick client was on its way out and it was going to be replaced by browser-based apps. Saying this at Microsoft back in '96 was roughly equivalent to wandering around in a fire wearing matches,' he said. 'But we concluded we should go and build this thing. And we put all this stuff together so people could build thin-client applications... Now you hear about AJAX all the time, but this was built in '97,' Bosworth said. Yet, AJAX failed for a variety of reasons, including some 'big mistakes.'"

An anonymous reader writes to mention that sources inside Sun Microsystems claim that OpenSolaris may see the GPLv3 added to its list of licenses soon. From the article: "While Sun officials would not confirm the plan to dual-license OpenSolaris under the CDDL and GPLv3, Tom Goguen, vice president of Solaris software at Sun, told eWEEK that other open-source technologies will play a big role in Solaris going forward. 'Take the GNU Userland, which is an interesting piece of technology that Sun is looking at closely, and we may do something similar with, say, a container flavor,' he said. 'You can also expect to see a renewed focus on the needs of developers and system administrators with Solaris going forward, while individual pieces of the next version will also likely be increasingly delivered first as components or technologies targeted at vertical markets,' he said."

rchris1172 writes "VeriSign's iDefense Labs has placed an $8,000 bounty on remote code execution holes in Windows Vista and Internet Explorer 7. As part of its its controversial pay-for-flaw VCP (Vulnerability Contributor Program), iDefense said it will pay the reward for each submitted vulnerability that allows an attacker to remotely exploit and execute arbitrary code on either of the two Microsoft products. In addition to the $8,000 award for the flaw, iDefense will pay between $2,000 and $4,000 for working exploit code that exploits the submitted vulnerability."

Panaqqa writes "It appears that Fenner Investments, a Texas based patent troll, is at it again. This time, they are suing Microsoft, Sony and Nintendo for infringing a patent they hold on joystick ports. Perhaps they felt they needed a "Plan B" now that their lawsuit against Juniper Networks, Nokia, Cisco, Alcatel and Ericsson is not going so well."

bungee jumper writes "Microsoft released four bulletins with patches for 10 vulnerabilities but there are no fixes for known MS Word zero-day flaws that are under active attack, eWeek.com reports. The January batch covers critical bugs in Excel, Outlook, and Windows. The first confirmed Windows Vista flaw, a denial-of-service issue that was publicly released on an underground hacker site in Russia, also remains unpatched." eWeek notes that Microsoft originally scheduled eight bulletins for release, but pulled four last Friday without explanation.

espera un momento writes "eweek.com picks the five hackers who made a significant impact on security and vulnerability research in 2006. These are some interesting choices of the guys (and gal) who dominated the media headlines. The topics covered included Wi-Fi bugs, browser flaws and rootkits."

Datamation writes "Exploit code for Windows Vista (though at this point only proof-of-concept code) has been published to a Russian hacker site, Eweek reports. Certain strings sent through the 'MessageBox' API apparently cause memory corruption. Though this is obviously cause for concern, at the moment it would seem access to the system would already be required to make use of the exploit. Determina has an analysis of the bug. Just last week, Trend Micro reported that Vista zero-days are being sold at underground hacker sites for $50,000."

Snakepit Bit writes "Underground hackers are hawking a zero-day exploit for Windows Vista at $50,000 a pop, according to computer security researchers at Trend Micro. The Windows Vista exploit, which has not been independently verified, was just one of many zero-days available for sale at an auction-style marketplace infiltrated by the anti-virus vendor. Prices for exploits for unpatched code execution flaws are in the $20,000 to $30,000 range. Bots and Trojan downloaders that typically hijack Windows machines for use in botnets were being sold for about $5,000." From the article: "According to [Trend Micro CTO Raimund] Genes, the typical price of a destructive exploit has increased dramatically, driving an underground market that could exceed the value of the legitimate security software business. 'I think the malware industry is making more money than the anti-malware industry,' Genes said."

gr00ve writes "Eweek is reporting that all the major OEMs will enable DEP/NX in their BIOSes by default to allow Address Space Layout Randomization (ASLR), a new security feature in Windows Vista, to work as advertised. ASLR, which is used to randomly arrange the positions of key data areas to block hackers from predicting target addresses, is meant to make Windows Vista more resilient to virus and worm attacks." From the article: "Because most CPUs that ship today support DEP/NX, Howard explained that Vista users on older hardware can use the control panel to manually verify that PCs have DEP enabled. With full support from OEMs, Microsoft is effectively using ASLR to create software diversity within a single operating system, a move that is widely seen as Redmond's attempt to address the monoculture risk. The memory-space randomization technique will block the majority of buffer overflow tricks used in about two-thirds of all worm and virus attacks."

gregleimbeck writes "Exploit code for a third, unpatched vulnerability in Microsoft Word has been posted on the Internet, adding to the software maker's struggles to keep up with gaping holes in its popular word processing program. The attack code, available at Milw0rm.com, contains sample Word documents that have been rigged to launch code execution exploits when the file is opened."

0xbl00d writes "Eweek.com is reporting a new Microsoft Word zero-day attack underway. Microsoft issued a security advisory to acknowledge the unpatched flaw, which affects Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word. Simply opening a word document will launch the exploit. There are no pre-patch workarounds or anti-virus signatures available. Microsoft suggests that users 'not open or save Word files,' even from trusted sources."

mellow marsh writes "EveryDNS, sister company to OpenDNS (which runs the PhishTank anti-phishing initiative), has been hit by a massive distributed denial-of-service attack. The attack started sometime Friday afternoon and, from all indications, was targeting Web sites that used free DNS management services provided by EveryDNS. At the height of the DDoS bombardment, EveryDNS was being hit with more than 400mbps of traffic at each of its four locations around the world. From the article: '"We were collateral damage," Ulevitch explained... Because law enforcement is involved, Ulevitch was hesitant to release details of the actual target but there are signs that some of the targets were "nefarious domains" that have since been terminated.'" OpenDNS, which makes use of EveryDNS services, was affected for a time, until they spread their authoritative DNS more broadly. The EveryDNS site is now reporting that the attack is continuing but has been mitigated and is not affecting operations.

An anonymous reader writes "Microsoft's long-awaited Windows Vista release Thursday for business customers will get more than just the passing attention of network administrators. That's because hackers will be eagerly waiting to do what hackers do best: start some mischief." Some folks on the Black Hat set got a sneak peek at Vista earlier this year, so they've had time to prepare.