Slashdot Mirror

An anonymous reader wrote in with news of the latest release of ReactOS, a project to create a complete reimplementation of Windows. The highlights of this release are the integration of a new network stack based upon lwIP, the ability to build using Microsoft's C compiler, and Wifi support. There are a few options for trying it out (emulator image and a livecd amongst others) and source code over at Sourceforge.

New submitter Novin writes with exciting news from the Cinnamon project. Quoting the release announcements: "Cinnamon 1.2 is out! All APIs and the desktop itself are now fully stable! I hope you'll enjoy the many new features, the desktop effect, desktop layouts, the new configuration tool, the applets, changes, bug fixes, and improvements that went into this release. This is a huge step forward for Cinnamon." The release reintroduces desktop effects, fixes a slew of bugs, and introduces a new applet API (fixing a number of issues intrinsic to shell extensions).

First time accepted submitter aeturnus writes "A new attack on the GSM mobile communications protocol has been demonstrated by Karsten Nohl and Luca Melette of Security Research Labs, based off their previously published attacks around vulnerabilities in the GSM A5/1 encryption protocol. This new attack, which Nohl indicates already in use by criminals, allows an attacker to simulate a GSM mobile and use it to make calls and send text messages. Nohl also discussed protective measures users should take against these attacks, and others in use by intelligence communities around the world." This was just one of many presentations at the 28th Chaos Communications Congress.

An anonymous reader writes "The International Organization for Standardization (ISO) has published the new specifications for the C programming language. The standard is known unofficially as C1X and was published officially as ISO/IEC 9899:2011. It provides greater compatibility with the C++ language and adds new features to C (as indicated in the draft)."

Thinkcloud writes "In an open letter, the Apache Software Foundation has made its plans for OpenOffice clear, including an Apache-branded OpenOffice suite targeted at developers coming next year." From The H: "The ASF says it does not want to force any vision on the ODF community noting that 'it is impossible to agree upon a single vision for all participants, Apache OpenOffice does not seek to define a single vision, nor does it seek to be the only player' in the large ODF ecosystem. Instead, it wishes to offer a neutral 'collaboration opportunity' and notes that its permissive licensing and development model are 'widely recognised as one of the best ways to ensure open standards, such as ODF, gain traction and adoption.'"

jrepin writes with this quote from an article at The H: "The Amarok development team has released version 2.5 of its open source music player and organizer, code-named 'Earth Moving.' Among the changes highlighted by the developers are re-written support for USB mass storage devices, GPodder.net podcast synchronization and an integrated Amazon MP3 store. The GPodder.net support includes the ability to browse directly from Amarok through the list of recommended podcasts on GPodder.net. Users of playlists on Amarok will find the new playlist functionality in 2.5 such as the ability to use formatted strings in Playlist layout items as prefixes and suffixes, dragging and dropping tracks in an empty area in the list of playlists to create a new playlist, and, in that same empty area, the addition of a new 'create new playlist' action."

jrepin writes "In May 2003, Munich's city council resolved to migrate municipal workstations from Windows to Linux and open source. Munich's LiMux project has announced that it has exceeded its annual target for migrating the city's PCs to its LiMux client. To date in 2011, the project has migrated 9,000 systems; it had originally planned to migrate 8,500 of the 12,000-15,000 PC workstations used by city officials in Munich."

An anonymous reader writes "Firefox has gotten so large that it cannot be compiled with PGO on a 32-bit linker anymore, due to the virtual memory limitation of 3 GB. This problem had happened last year with 2 GB, which was worked around by adding a/3GB switch to the Windows build servers. Now the problem is back, and things aren't quite that simple anymore." This only affects the inbound branch, but from the looks of it new code is no longer being accepted until they can trim things from the build to make it work again. The long term solution is to build the 32-bit binaries on a 64-bit system.

rsk writes "Since the Ubuntu One desktop synchronization service was launched by Canonical it has always been powered by CouchDB, a popular document-oriented NoSQL data store with a powerful master-master replication architecture that runs in many different environments (servers, mobile devices, etc.). John Lenton, senior engineering manager at Canonical, announced that Canonical would be moving away from CouchDB due to a few unresolvable issues Canonical ran into in production with CouchDB and the scale/requirements of the Ubuntu One service. Instead, says Lenton, Canonical will be moving to a custom data storage abstraction layer (U1DB) that is platform agnostic as well as datastore agnostic; utilizing the native datastore on the host device (e.g. SQLite, MySQL, API layers, 'everything'). U1DB will be complete at some point after the 12.04 release."

think_nix writes "After the resignation of Apache from the Java SE/EE Executive Committee, the time has now come for Harmony to be added to the Apache Attic. Harmony was 'the project to produce an open source cleanroom implementation of Java.' An open vote was taken within the Project Management Committee, which resulted in a 20-2 majority to discontinue development."

xororand writes "H-Online reports that 'researchers at the Münster University of Applied Sciences have discovered that it is possible to use electricity usage data from smart electricity meters to determine which programmes consumers are watching on a standard TV set. By analysing electricity consumption patterns, it is, in principle, also possible to identify films played from a DVD or other source.' It's time for some clever EEs to come up with a countermeasure. Unfortunately alumfoil hats have already been dismissed."

suraj.sun tips this report from the H Online: "The hopes that the VP8 codec at the heart of Google's open source WebM video standard would remain unchallenged in the patent arena are diminishing after the MPEG LA says 12 parties hold patents that its evaluators consider essential to the codec. ... No VP8 patent pool has been formed yet; the MPEG LA says it met with the patent holders in late June and is 'continuing to facilitate that discussion' but the decision to form a pool is up to the patent holders. ... Google responded to the MPEG LA's interview saying it is 'firmly committed to the project and establishing an open codec for HTML5 video' and noting the April launch of the WebM CCL, a community cross-licencing agreement for essential WebM related patents."

moonbender writes "The Linux kernel has received birthday wishes from an unexpected direction — a video animation from Microsoft. Quoting The H: 'The video picks up on the strained relationship between Microsoft and Linux by displaying the phrase "Microsoft Vs. Linux" and then showing Tux, the Linux mascot, turning his back on the offer of a birthday cake from Microsoft. After a brief outline of the history between Microsoft and Linux, the video ends with a conciliatory gesture: Tux accepts the birthday cake in his igloo and the video ends with "Happy Birthday" and the editing of the initial phrase to "Microsoft and Linux?' The Linux Foundation has more stuff celebrating the kernel's 20th birthday."

sfcrazy sends this quote from the H: "The 343 changes made by Microsoft developer K. Y. Srinivasan put him at the top of a list, created by LWN.net, of developers who made the most changes in the current development cycle for Linux 3.0. Along with a number of other 'change sets,' Microsoft provided a total of 361 changes, putting it in seventh place on the list of companies and groups that contributed code to the Linux kernel. By comparison, independent developers provided 1,085 change sets to Linux 3.0, while Red Hat provided 1,000 and Intel 839."

sfcrazy writes "Debian now has concrete plans to bring GNU Hurd to the larger community. GNU Hurd is expected to be released with the release of Debian 7.0 Wheezy towards the end of 2012 or beginning of 2013. Debian maintainer Samuel Thibault has already produced a Debian GNU/Hurd CD Set with a graphic installer which is available to download."

jfruhlinger writes "When challenged directly by Oracle over Android intellectual property, Google has proven itself a feisty opponent. So why is it sitting back and letting Microsoft shake down OEMs over its claims to own patents that Android infringes? A disheartened Tom Henderson thinks it's because Microsoft has been smart to go after the vendors rather than poke at Google directly. Still, he wonders when Google will get into the fight." Glyn Moody thinks Google should join the fight as well.

An anonymous reader writes "Inspired by a proposal by Beth Noveck, professor of law at New York Law School, the Minister for Intellectual Property, Baroness Wilcox, launched a UK 'Peer To Patent' pilot project to identify prior art in patent applications by harnessing the wider community of experts and engaged citizens." We could use something like that, too. Perhaps Noveck could get together with Carl Malamud to hash out a system that encourages participation.

Julie188 writes "Researchers are warning that the WebGL standard undermines existing operating system security protections and offers up new attack surfaces. To enable rendering of demanding 3D animations, WebGL allows web sites to execute shader code directly on a system's graphics card. This can allow an attacker to exploit security vulnerabilities in the graphics card driver and even inject malicious code onto the system."

An anonymous reader writes "Oracle has stated they will give back the OpenOffice.org productivity suite to the community. Edward Screven, Oracle's Chief Corporate Architect, said the company intends upon 'working immediately with community members to further the continued success of Open Office.' Because there was a 'breadth of interest in free personal productivity applications,' the company believes the OpenOffice.org project would be 'best managed by an organization focused on serving that broad constituency on a non-commercial basis.'"

theweatherelectric noted an article on the H. From the article "Nokia has confirmed that it has closed the source code for the Symbian smartphone operating system. It says that despite it describing its new model for Symbian smartphone operating system development as 'open and direct' the 'open' part did not refer to 'open source' but to being 'open for business'. The 'open and direct' model is designed, according to Nokia, to 'enable us to continue working with the remaining Japanese OEMs and the relatively small community of platform development collaborators we are already working with.''"

Udo Schmitz writes "Heise's UK site has the English translation of an article from the latest issue of their magazine c't about Anonymous's HBGary hack. It shows that there was much more involved than just social engineering to get passwords, and how anonymous evolved following OpTunisia and OpEgypt."

mvar writes to point out a report from h-online about the Red Hat kernel source controversy. From the article: "Red Hat has changed the way it ships the source code for the Linux kernel. Previously, it was released as a standard kernel with a collection of patches which could be applied to create the source code of the kernel Red Hat used. Now though, the company ships a tarball of the source code with the patches already applied. This change, noted by Maxillian Attems and LWN.net, appears to be aimed at Oracle, who like others, repackage Red Hat's source as the basis for its Unbreakable Linux. Although targeted at Oracle, the changes will make work harder for distributions such as CentOS."

An anonymous reader writes "The H reports on an interesting development in the United Kingdom's procurement policy. From the article: 'New procurement guidance from the UK government has defined open standards as having "intellectual property made irrevocably available on a royalty free basis." The document, which has been published by the Cabinet Office, applies to all government departments and says that, when purchasing software, technology infrastructure, security or other goods and services, departments should "wherever possible deploy open standards."'"

An anonymous reader writes "The H has a damning piece on Nokia's open source smart phone projects, Maemo and MeeGo, and why they failed. 'They did dumb stuff like re-writing the whole networking stack, duplicating as they went. So instead of re-using NetworkManager and improving it, and getting to market fast – they re-wrote, got something that still doesn't work well, failed to push Linux forward, and failed. Repeat that for every technology pick and you get the idea,' said Andrew Wafaa. 'The N900 was a great product. Immediately [after] it was launched it was announced that it was a dead product, ISV-wise. They announced a Qt re-write/project re-set. Then they merged Maemo into MeeGo, giving another project re-set. Then, when they were coming up to release in September 2010, there was another project reset to switch to a different Qt technology (even the Qt groups in-fight in Nokia). In consequence they have no shipping product.' At the same time, 'both Nokia and Intel were working on separate handset UIs using Qt, the former proprietary, the latter open-source. A better worked example of squandering your leadership role and wrestling yourself to the ground is hard to see. Nokia deserve their trial by fire – and I hope the people who truly screwed up the amazing Linux opportunity that was the N900 get shut down in the process.'"

vbraga writes "The German government has confirmed that the German Foreign Office is to switch back to Windows desktop systems. The Foreign Office started migrating its servers to Linux in 2001 and since 2005 has also used open source software such as Firefox, Thunderbird and OpenOffice on its desktop systems. The government's response to the SPD's question states that, although open source has demonstrated its worth, particularly on servers, the cost of adapting and extending it, for example in writing printer and scanner drivers, and of training, have proved greater than anticipated. The extent to which the potential savings trumpeted in 2007 have proved realizable has, according to the government, been limited – though it declines to give any actual figures. Users have, it claims, also complained of missing functionality, a lack of usability and poor interoperability."

Evil-G writes "In an email on Friday, SCO informed its partners that UnXis Inc. was chosen as the successful bidder for SCO's Unix software business on 26 January. The slightly convoluted phrasing is probably due to SCO's current reorganization under Chapter 11. On 16 February, the transaction is to be submitted for approval to the bankruptcy court where SCO's case is pending."

mvar writes "The source code of an older version of 'Kaspersky Internet Security' has been circulated on the internet. The code was created in late 2007 and was probably stolen in early 2008. Names contained in the source indicate that the stolen code was probably a beta version of the 2008 software package – the current release is Kaspersky Internet Security 2011. According to a Russian language report by CNews (Google translation), the code was copied by a disgruntled ex-employee. The thief has reportedly been trying to sell the code on the black market for some time, and Kaspersky says that the code archive already appeared in various private forums last November."

crabel writes with this quote from the H Online: "At the 27th Chaos Communication Congress in Berlin security researcher Julia Wolf pointed out numerous, previously hardly known security problems in connection with Adobe's PDF standard. For instance, a PDF can reportedly contain a database scanner that becomes active and scans a network when the document is printed on a network printer. Wolf said that the document format is also full of other surprises. For example, it is reportedly possible to write PDFs which display different content in different operating systems, browsers or PDF readers — or even depending on a computer's language settings."

Skuto writes "NIST just announced the final selection of algorithms in the SHA-3 hash competition. The algorithms that are candidates to replace SHA-2 are BLAKE, Grøstl, JH, Keccak and Skein. The selection criteria included performance in software and hardware, hardware implementation size, best known attacks and being different enough from the other candidates. Curiously, some of the faster algorithms were eliminated as they were felt to be 'too fast to be true.' A full report with the (non-)selection rationale for each candidate is forthcoming."

TJNoffy writes "The H Security's H-online reports that 'Hacker Dmitry Sklyarov has succeeded in extracting the secret signing key from numerous digital SLR cameras and has used it to sign modified images which Canon's latest OSK-E3 security kit verifies as legitimate. Canon's Original Data Security System is intended to show whether changes have been made to photographs and to verify date and location information. The system is primarily used for ensuring the integrity of evidence, for reporting accidents and for construction records.'"

Responding to yesterday's post indicating that Ubuntu might move to a rolling release schedule, reader ddfall writes "This is wrong! Engineering Director of Ubuntu Rick Spencer says 'Ubuntu is not changing to a rolling release.' He goes on to say, 'We are confident that our customers, partners, and the FLOSS ecosystem are well served by our current release cadence. What the article was probably referring to was the possibility of making it easier for developers to use cutting edge versions of certain software packages on Ubuntu. This is a wide-ranging project that we will continue to pursue through our normal planning processes.'"

CheerfulMacFanboy writes with a link to Heise Online which says "'Security researchers have demonstrated two vulnerabilities that allow attackers to install apps on Android and its vendor-specific implementations without a user's permission. During normal installation, users are at least asked to confirm whether an application is to have certain access rights. Bypassing this confirmation request reportedly allows spyware or even diallers to be installed on a smartphone.' One vulnerability was identified when a security specialist analysed HTC devices and found that the integrated web browser has the right to install further packages (used to automatically update its Flash Lite plug-in). Attackers can exploit this if they have found another browser hole. 'Android specialist Jon Oberheide demonstrated another hole which involved misusing the Account Manager to generate an authentication token for the Android Market and obtaining permission to install further apps from there. However, this initially requires a specially crafted app to be installed on the smartphone. Nothing could be easier: Oberheide released the allegedly harmless "Angry Birds Bonus Levels" app into the Android Market and, upon installation, this app downloaded and installed three further apps ("Fake Toll Fraud," "Fake Contact Stealer," and "Fake Location Tracker") without requesting the user's permission.'"

oztiks writes with this excerpt from The H: "A vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. For instance, attackers can break into a system and exploit a hole in the web server to get complete root (also known as superuser) rights or permissions for a victim's system. According to a report, the problem occurs because the 32-bit call emulation layer does not check whether the call is truly in the Syscall table. Ben Hawkes, who discovered the problem, says the vulnerability can be exploited to execute arbitrary code with kernel rights. ... Hawkes says the vulnerability was discovered and remedied back in 2007, but at some point in 2008 kernel developers apparently removed the patch, reintroducing the vulnerability. The older exploit apparently only needed slight modifications to work with the new hole."

An anonymous reader writes "The H Online writes: 'Microsoft has placed its process for secure software development under a Creative Commons License. The company hopes that this will lead to more developers utilising its process for programming software more securely across the entire product lifecycle ...'"

Lars T. writes "The H has a story about a Linux kernel bug that allows root level access. 'According to a report written by Rafal Wojtczuk (PDF), a conceptual problem in the memory management area of Linux allows local attackers to execute code at root level. The Linux issue is caused by potential overlaps between the memory areas of the stack and shared memory segments.' SUSE maintainer Andrea Arcangeli provided a fix for the problem in September 2004, but for unknown reasons this fix was not included in the Linux kernel. The bug is not related to the X Server bug found by Brad Spengler." As the linked article notes: "SUSE itself has the fix and SUSE Linux Enterprise 9, 10 and 11 as well as openSUSE 11.1 through 11.3 do not exhibit this vulnerability."

adeelarshad82 writes "Latest reports indicate that the website that 'jailbreaks' iPhones, iPads, and iPod Touches does so by means of a PDF-based vulnerability in OS X. PDF parsing and rendering is a core feature of OS X, and there have been several other vulnerabilities in the past in iOS CoreGraphics PDF components." As Gruber points out, the proper term for this is not "jailbreak," but "remote code exploit in the wild."

suraj.sun writes "The Lightspark project has released version 0.4.2 of its free, open source Flash player. According to Lightspark developer Alessandro Pignotti, the alternative Flash Player implementation is 'designed from the ground up to be efficient on current and (hopefully) future hardware.' The latest release of Lightspark features better compatibility with YouTube videos, sound synchronization support and the ability to use fontconfig for font selection. Other changes include plug-in support for Google's Chrome/Chromium web browser and support for Firefox's out of process plug-in (OOPP) mode, which was added in version 3.6.4 of the browser."

TSHTF writes "Just weeks after Skype unveiled a public API for the service, a group of cryptographers led by Sean O'Neill have successfully reverse engineered the encryption used by the Skype protocol. Source code is available under a non-commercial license which details Skype's implementation of the RC4 cipher." The linked article cautions, however, that "initial analysis suggests that O'Neill's publication does not mean that Skype's encryption can be considered 'cracked'. Further study will be needed to determine whether key expansion and initialisation vector generation are secure."

Julie188 writes "Greg Kroah-Hartman has released five new stable Linux kernels, correcting minor errors of their predecessors and including improvements which are unlikely to generate new errors. As so often with kernel versions in the stable series, it remains undisclosed if the new versions contain changes which fix security vulnerabilities, although the number of changes and some of the descriptions of those changes certainly suggest that all the new versions contain security fixes."

Back in 2008, the US Federal Trade Commission filed a restraining order against CyberSpy Software, makers of a commercial spyware program that logged keystrokes, took screenshots, monitored IM conversations, and sent all the collected data back to the company's servers. Reader suraj.sun tips news that the order has now been lifted, allowing CyberSpy to sell its software, but with a few restrictions. "According to the US District Court settlement, the company must not provide users with the means to disguise the software as an innocent file or email attachment. Users must also be advised that doing so may violate US state or federal law. Additionally, all recorded information sent over the Internet must be encrypted and older legacy versions of the software must be removed from computers on which it was previously installed. ... RemoteSpy is said to employ rootkit techniques to hide from virus scanners."

Back in 2008, the US Federal Trade Commission filed a restraining order against CyberSpy Software, makers of a commercial spyware program that logged keystrokes, took screenshots, monitored IM conversations, and sent all the collected data back to the company's servers. Reader suraj.sun tips news that the order has now been lifted, allowing CyberSpy to sell its software, but with a few restrictions. "According to the US District Court settlement, the company must not provide users with the means to disguise the software as an innocent file or email attachment. Users must also be advised that doing so may violate US state or federal law. Additionally, all recorded information sent over the Internet must be encrypted and older legacy versions of the software must be removed from computers on which it was previously installed. ... RemoteSpy is said to employ rootkit techniques to hide from virus scanners."

ddfall writes "Four months after the release of version 4.0 for Windows, Google has announced the availability of Chrome 5.0 for Windows, Mac OS X, and Linux — the first stable release to be available on all three major platforms. Chrome 5.0.375.55 is available to download from google.com/chrome. Users who currently have Chrome installed can use the built-in update function."

Glyn Moody sends in what could be a watershed article, if the recording and movie industries are paying attention. "People have been making money from free software ever since Richard Stallman started selling GNU Emacs on tapes for $150 a pop. That's been good for hackers, who have often managed to make a living from their coding by working for one of the startups based around free software. And as companies like Red Hat and Google have grown in size and profitability, so have the credibility and clout of free software. But there is another reason why the success of these new kinds of businesses is so crucial: in many respects they offer a glimpse of coming shifts in other industries that need to grapple with the conundrum of how to make money from goods that are freely available. In particular, they offer the music and film industries an example of an alternative to fighting people's natural instinct to share digital abundance, by making money from new scarcities."

Dj writes to let us know that Microsoft has regained its FAT patent in Germany. (We discussed it three years ago when the German Federal Patent Tribunal ruled that Microsoft's patent on the FAT file system, with short and long names, was not enforceable.) "The [German] appeal court's decision brings it into line with the US patent office's assessment of the FAT patent. In early 2006, after lengthy deliberations, the latter confirmed the rights to protection conferred by [US] patent number 5,579,517, claiming that the development was new and inventive."

Glyn Moody writes "Here's a problem for free software: most social networks are built using it, yet through their constant monitoring of users they do little to promote freedom. Eben Moglen, General Counsel of the Free Software Foundation for 13 years, and the legal brains behind several versions of the GNU GPL, thinks that the free software world needs to fix this with a major new hardware+software project. 'The most attractive hardware is the ultra-small, ARM-based, plug it into the wall, wall-wart server. [Such] an object can be sold to people at a very low one-time price, and brought home and plugged into an electrical outlet and plugged into a wall jack for the Ethernet, and you're done. It comes up, it gets configured through your Web browser on whatever machine you want to have in the apartment with it, and it goes and fetches all your social networking data from all the social networking applications, closing all your accounts. It backs itself up in an encrypted way to your friends' plugs, so that everybody is secure in the way that would be best for them, by having their friends holding the secure version of their data.' Could such a plan work, or is it simply too late to get people to give up their Facebook accounts for something that gives them more freedom?"

mikrorechner writes "The H Online has a writeup of the problems encountered by LiMux (Wikipedia entry), one of the most prominent Linux migration projects in the world, trying to introduce free software into the highly heterogenous IT infrastructure of the City of Munich. Quoting: 'Florian Schiessl, deputy head of Munich's LiMux project for migrating the city's public administration to Linux, has, for the first time, explained why migrating the city's computing landscape to open source software has taken longer than originally planned.'" Here is Shiessl's blog, in which he details some of the transition problems.

blozza2070 notes the news that Jeff Jaffe has been appointed CEO of the World Wide Web Consortium. Until January Jaffe was CTO at Novell and, while his name hasn't come up very often in this community, he is one of the architects of the Novell-Microsoft patent deal. A reading of Jaffe's blog while at Novell tends to paint him as a software patent supporter, Microsoft apologist, and no fan of the FSF. This strongly worded page at Boycott Novell features copious links to support the above characterization.

solanum writes "On March 2nd Crossover 9.0 was released. CrossOver 9 features a new user interface that focuses on making installation of Windows software quicker and easier than previous versions. Another new feature is CrossOver's ability to download installation 'recipes' directly from CodeWeavers online Compatibility Database. 'If another CrossOver user has figured out how to use CrossOver to install a Windows application, they can upload that installation recipe to our database,' said Jeremy White, CodeWeavers chief executive officer. 'As we go forward, and build this online storehouse, CrossOver will begin to automatically install that same application for other users. This enables us to move closer to a world where CrossOver will begin to run the majority of Windows apps, and not just an officially supported subset. In other words, our diabolical plot for world domination is going exactly as planned,' he added. Early reviews and comments are positive, and my own experience is that many more Windows applications work in this new version than previously."

An anonymous reader writes "The H has an article about some researchers who found a new way to de-anonymize people. Compared to the EFF's Panopticlick, the goal of this experiment is not to identify a user's browser uniquely, but to identify individual users. The test essentially exploits the fact that many social network users are identifiable by their membership of various groups. According to the researchers, it's very unlikelly that two people on any social network will belong to exactly the same groups. A 'group fingerprint' can thus allow websites to identify previously anonymous visitors. They describe the setup and all details and the results look very interesting. They also have a live demo for the social network Xing that was able to de-anonymize me."

at_slashdot writes "The Perl CPAN Testers have been suffering issues accessing their sites, databases and mirrors. According to a posting on the CPAN Testers' blog, the CPAN Testers' server has been being aggressively scanned by '20-30 bots every few seconds' in what they call 'a dedicated denial of service attack'; these bots 'completely ignore the rules specified in robots.txt.'" From the Heise story linked above: "The bots were identified by their IP addresses, including 65.55.207.x, 65.55.107.x and 65.55.106.x, as coming from Microsoft."