Slashdot Mirror

First time accepted submitter kdogg73 writes "Jens Bergensten and the Mojang team have released the latest version of Minecraft — version 1.5, dubbed 'Redstone.' Changes and updates include an added redstone comparator, redstone block, hoppers and droppers, light and weight sensors, Herobrine removal, and many bug fixes. Videos detailing the changes and new redstone devices already litter YouTube."

stox writes "As many of you know, AT&T has implemented caps on DSL usage. When this was implemented, I started getting emails letting me know my usage as likely to exceed the cap. After consulting their Internet Usage web page, I felt the numbers just weren't right. With the help of Tomato on my router, I started measuring my usage, and ended up with numbers substantially below what AT&T was reporting on a day-to-day basis. Typically around 20-30% less. By the way, this usage is the sum of inbound and outbound. At this point, I decided to contact AT&T support to determine what exactly they were defining as usage, as their web pages never really define it. Boy, did I get a surprise. After several calls, they finally told me they consider the methodology by which they calculate bandwidth usage to be proprietary. Yes, you read that right; it's a secret. They left me with the option to contact their executive offices via snail mail. Email was not an option. So, I bring my questions to you, all-knowing Slashdotters: are there any laws that require AT&T to divulge how they are calculating data usage? Should I contact my state's commerce commission or the FCC to attempt to get an answer to this?"

New submitter dd1968 writes "Today IBM announced the release of a new set of Open Source development tools based on their EGL programming language. The announcement describes the tools as being built from the ground up on an 'open, extensible compiler and generator framework.' The one-language approach places an abstraction layer between the developer and target languages, frameworks, and runtime platforms."

meckdevil writes "If you're a cutting-edge geek with an interest in investigative journalism, there's a great job opening at the badly named Reporter's Lab, a project supported by Duke University's DeWitt Wallace Center for Media and Democracy. Headed up by former Washington Post editor and reporter Sarah Cohen, the Reporter's Lab is Duke's effort to extend what is known as 'computational journalism' into the realm of investigative reporting and thereby make investigative reporters more efficient and effective."

supersloshy writes "I'm a user of Ubuntu Linux and I have been for a little while now. Recently I've been trying to copy DVDs onto a portable media player, but everything I've tried isn't working right. dvd::rip always gets the language mixed up (for example, when ripping 'Howl's Moving Castle,' one of the files it ripped to was in Japanese instead of English), Acidrip just plain isn't working for me (not recognizing a disc with spaces in its name, refusing to encode, etc.), Thoggen is having trouble with chapters (chapter 1 repeated twice for me once), and OGMRip has the audio out of sync. What I'm looking for is a reliable program to copy the movie into a single file with none of the audio or video glitches as mentioned above. Is there even such thing on Linux? If you can't think of a decent Linux-based solution, then a Windows one is fine as long as it works."

David Burnett recommends an eWeek article on the leading contenders to make an iPhone out of an iPod Touch. Of course your newly phone-capable iTouch needs no activation and no binding carrier contract, just Wi-Fi. One of the companies working in this space, JaJah, is bundling the software with back-end services such as billing, so that carriers — or anyone really — can offer free-calling iTouch phones.

Space writes "The trailer for the upcoming movie Babylon 5: The Lost Tales — Voices in the Dark has been posted at the official Babylon 5 site. The movie's pre-production was mentioned in a previous discussion. For more on the creation of the film, the CG Society has an ongoing series of articles about the production's effects development."

radioweather writes "A couple of weeks ago, there was a nutty idea discussed in The Independent that claimed the electromagnetic radiation from cell phones was causing bees to become disoriented, preventing them from returning to the hive. The flimsy cell phone argument was used to explain Colony Collapse Disorder. Today the LA Times reports that researchers at UC San Francisco have uncovered what they believe to be the real culprit: a parasitic fungus. Other researchers said Wednesday that they too had found the fungus, a single-celled parasite called Nosema ceranae, in affected hives from around the country."

wattsup asks: "It seems that bootable IDE ports are disappearing on newer motherboards. I recently purchased an MSI G965M-FI motherboard for a system upgrade. Overall the board is pretty good with lots of features, but it had one unexpected 'feature' that I didn't know about when I bought it. The PATA100 IDE port won't allow you to install an operating system from an attached CD-ROM. Does anybody know if this is an issue that can be fixed by upgrading the BIOS, or is this hard-wired into the IDE controller?" "While its on their website, MSI doesn't tell you this on the retail packaging, until you break the seal on the static wrap and look at the motherboard. There, with a tiny label placed over the IDE connector, they inform you 'This IDE does not support OS installation in hard drive'.

This made my out-of-box experience rather maddening, as I had to get a USB based CD-ROM to install a fresh copy of XP. This seems like a pretty lame way to save money, disabling functionality on an IDE port that's included. Some research shows me that other manufacturers are doing the same thing. Why?"

wattsup writes "The LA Times reports that a single wrong command sent to the wrong computer address caused a cascade of events that led to the loss of the Mars Global Surveyor spacecraft last November. The command was an orientation instruction for the spacecraft's main communications antenna. The mistake caused a problem with the positioning of the solar power panels, which in turned caused one of the batteries to overheat, shutting down the solar power system and draining the batteries some 12 hours later. 'The review panel found the management team followed existing procedures in dealing with the problem, but those procedures were inadequate to catch the errors that occurred. The review also said the spacecraft's onboard fault-protection system failed to respond correctly to the errors. Instead of protecting the spacecraft, the programmed response made it worse.'"

SachiCALaw writes "It turns out that to use UnBox, the user has to download software from Amazon that contains a Windows service (ADVWindowsClientService.exe). Tom Merritt over at C|Net reports that the service tries to connect to the internet quite frequently. Even tweaking msconfig could not prevent it." From the article: "So, in summary, to be allowed the privilege of purchasing a video that I can't burn to DVD and can't watch on my iPod, I have to allow a program to hijack my start-up and force me to login to uninstall it? No way. Sorry, Amazon. I love a lot of what you do, but I will absolutely not recommend this service. Try again."

eastbayted writes "It starts off simply enough: Your company signs on an outside firm to help you finish an important app dev project on deadline. But then they convince you they can be of service in getting other work done at your company, and you agree. Before you know it, your organization has become far too dependent on this team of outsiders on whom you're wasting a ton of money and perhaps not getting much in the way of a return. InfoWorld has devised a 12-step program 'that can help wean you off unhealthy dependencies on service providers, consultants, and outsourcers — without having to check into the Betty Ford Clinic or make a tearful confession on Oprah.'"

eastbayted writes "According to InfoWorld.com, Sun CEO Jonathan Schwartz boasts in his public blog that his company has bought a life-size cardboard cut of the HP rival's founders, William Hewlett and David Packard, for $6,000. Sun staffers then went on to bedeck and photograph the dual portrait in pro-Sun paraphernalia. As a parting shot at HP, Schwartz notes in his post how popular a download Solaris is for HP server owners. Taking the bait, HP VP of Marketing Eric Kintz responds in his own blog that Sun's actions were 'a nice stunt' and that 'I never met Bill or Dave, but I bet neither of them would have approved paying thousands for representations of themselves.' He also cites an IDC report about how HP-UX dominates the Unix market over IBM and Sun." Update: 08/28 04:43 GMT by Z : Fixed confusing headline.

jshanman writes "Play the first Google Maps RTS! Online players (2-25) randomly receive a set of countries with troop hitpoints based on real world population data. To play: attack neutral and enemy countries in an effort to try to take over the world. You have a 20% chance of receiving more troops when you overtake an enemy country. More features to come! (currently in public beta status)."

segphault writes "Nokia has released the source code of it's S60 WebKit browser for mobile devices. Based on the HTML rendering components used in Konqueror and Safari, the S60 WebKit has a multitude of advanced features designed specifically for web navigation on devices with small screens. Nokia decided to release the source code under the permissive BSD license in order to promote adoption by other mobile device companies. From the article: 'the power and scalability of WebKit-based browsers and the highly permissive license under which the S60 WebKit source code is available make it a good choice for companies that want to add mobile web browsing to their devices. I think it will be particularly interesting to see how this affects Opera, whose revenue primarily comes from distribution of its own virtually ubiquitous embedded browser.'"

whawk640 writes "I came across this book via the author's website www.camerahacker.com. I was interested in making a pinhole lens at the time so I picked up the book. Disclaimer: I'm NOT a hacker by nature. I only did a hack on a lens cover. Most of the hacks in here are for those with a better relationship with screwdrivers, drills and soldering irons than I have. I don't think this book was intended for me, so keep that in mind when reading my review." Read the rest of Daniel's review. Hacking Digital Cameras author Chieh Cheng, Auri Rahimzadeh pages 519 publisher Wiley rating 8/10 reviewer Daniel LaFuze ISBN 978-0-7645-9651-3 summary Interesting and Fun

A quick list of the types of hacks in the book are as follows.

1: Hacking Cameras -- (triggers, tripods, raw data, power, remote control and updated firmware)
2: Hacking Lenses -- (accessory adapters, changing magnification, pinhole, lens extension, macro adapters)
3: Creative Photography Hacks -- (filters, infrared, and removing infrared blocking)
4: Building Fun Camera Tools -- (car mount, headrest mount, bicycle spy cam, stabilizer, flash bracket, monopod, and studio light)
5: Flash Memory Hacks -- (CF Type I to PC Card Type II, removing microdrives)
6: Appendices -- (Soldering Basics, Circuit Symbols, Glass Cutting Basics, Photographer's Glossary, Index)

This book has quite a few hacks and if you're interested in hacking, the step by step instructions presented in the book will be useful and interesting. Quite honestly, I've only performed one of the hacks myself. I followed the step by step instructions for making a pinhole lens and it worked just perfectly. My wife will tell you I'm no Bob Vila. About all I know about a drill is that one end is pointy and spins.

Anyway, if you want to tinker with digital cameras, pick up the book and read through the contents. If the specific hack you want to do is not in the contents, look for something close. If it's not there or the book doesn't give you any ideas on anything to do, then it may not be for you. Read one more paragraph to find out.

In addition to the hacks, this book covers quite a bit of introductory concepts in photography in general and the math behind it. I found it easy to read as a beginner and it gave me an appreciation for why there are professional photographers and 'the rest of us'. Concepts covered in the book include focal length, magnification, filters, softness, ambient light, field of view, white balance, infrared, ultraviolet, depth of field and many more. These sections are brief and provide only an introduction though. If you're an experienced photographer, you probably won't find anything new in these sections. One down side about this is that since an introduction to photography is not the focus of the book, these introductions are scattered throughout the book whenever they tie in with a specific hack. On the upside, it gives you the information when you need it to decide if a hack is right for you.

Now, the hacks in the book are step by step with loads of pictures, schematics where necessary and tips. What you need to perform each hack is identified clearly before you start. Additional ideas about how the hack could be modified in function or in fit are available after each hack.

In my opinion, the disclaimer telling you not to take apart your $400.00 brand new camera is not quite strong enough. People like me are rightly afraid of that sort of thing. From what I hear, your average hacker though is much more adept and less fearful.

This is not the type of book most people would pick up and read cover to cover. It is more like a reference you would want to have handy if you spend a lot of time taking creative pictures or messing with your camera.

Negatives: Hacks seem to apply to specific cameras, if you want to apply them to other cameras, the author's experience may not help you... be careful! I found section 3 very interesting and would have liked to see more chapters on fun camera hacks. Unfortunately, it was the smallest section in the book.

Are you a propeller head who loves to take things apart?
Are you a techno-junkie who has 9 or 10 digital cameras lying around because you always buy the newest one?
Are you an amateur or professional photographer who just can't quite get all the features you want in a single camera?
Do you have a specific need for a hack that the book covers?
Do you have an interest in this sort of hack and a desire to learn some photography basics?"
If you answered yes to any of the previous questions, then this book is for you.

You can purchase Hacking Digital Cameras from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

segphault writes "Ars Technica examines the implications of Red Hat's recently announced plan to get Linux running on Intel Macs. 'Red Hat representative Gillian Farquhar announced last week that the company plans to add support for Apple's new Intel Macs to its popular distribution. Fedora and several other commonly used Linux distributions support the PowerPC architecture used by Apple in the past, and Red Hat wants to ensure that its software will continue to run on new Apple hardware in the future.'" The real question is will Windows or Linux be first?

segphault writes "Ars Technica is covering Motorola's acquisition of Kreatel, a European company that designs Linux-based Internet Television Protocol (IPTV) technologies, including a set-top box powered by embedded Linux." From the article: "I'm not big on television (I generally prefer to wait for the shows I like to be released on DVD), but the sheer extensibility of Linux-based IPTV technologies is more than enough to capture my imagination. If provided with a good on-demand service that lets me watch what I want, when I want to watch it, I would definitely be interested. As tantalizing as this Kreatel stuff is, it appears as though the SDK isn't available to average consumers yet. I hope that Motorola has the sense to realize that a devoted fan base of eager Linux device junkies will be a good thing for the platform."

segphault writes "Ars Technica takes a look at the results of two different surveys about open source software adoption." From the article: "The survey also addresses the most important question: what motivates organizations to adopt open source software? According to Optaros, cost savings is one of the most significant factors. Optaros says that companies with over US$1 billion annual revenue reported average savings of $3.3 million in 2004 as a result of open source technology, and companies with annual revenue between $50 million and $1 billion reported an average savings of $1.1 million."

Class Act Dynamo writes "A sports fantasy league company has asked a federal court to decided whether baseball statistics belong in the public domain as history or are the property of major league baseball. Basically, they had been licensing the statistics for nine cents (US) per gross from the Major League Baseball Players Association. But MLB recently bought the rights to be the sole licensor and has refused to renew the license of the fantasy league company. From the article: 'Major League Baseball has claimed that intellectual property law makes it illegal for fantasy league operators to commercially exploit the identities and statistical profiles of big league players.' What does the Slashdot community think? Shoud Barry Bonds' record 73 single season homeruns be in the public domain, or should I worry about having to pay royalties for the first part of this compound sentence?"

segphault writes "Ars Technica has an article about the new partnership between Sun and Oracle, designed to provide an alternative to .NET." From the article: "According to Ellison and McNealy, their mutual goal is the production of a complete Java-centric enterprise datacenter architecture that leverages Solaris 10 and Oracle's Fusion middleware. Designed specifically as an alternative to Microsoft's .NET technology stack, the new platform is competitively priced and based on robust frameworks."

segphault writes "Ars Technica has an article about some of the financial and technological challenges associated with implementing the Real ID Act." From the article: "Opposed by more than 600 independent organizations (including the National Governors Association) and hidden in the depths of a military spending bill in order to make passage easier, the Real ID Act has received heavy criticism from concerned citizens and state government agencies. Despite the fact that relatively sound and effective improvements to driver's license security had already been implemented as part of the Intelligence Reform and Terrorism Prevention Act, the federal government felt that it was necessary to go well beyond the recommendations of the 9/11 Comission Report by passing a costly and invasive law."

Fibonasty_Sequence wrote to mention a piece on Gamespy looking into the Achievement addiction that the 360 can provoke in gamers. Playing games with specific goals in mind can be lots of fun. In related news, these heady post-launch days have seen a lot of rumors that need to be sorted out. One that keeps turning up is the possible support of the Blue-Ray standard by the 360. From that article: "Microsoft clearly - and very understandably - doesn't want to risk lumbering Xbox 360 with an internal drive format consumers don't want, and while it's favouring HD DVD by announcing an external drive that can read that disc format, it wants to ensure it's free to support the BD if it has to."

segphault writes "Ars Technica reports that Mirus has teamed up with Linspire and plan to ship budget desktop PCs with Linspire preinstalled. From the article: 'Designed specifically for optimal Linux compatibility, the Mirus Koobox line computers feature AMD processors and Linspire preinstallation. The Koobox systems, which start at US$299, will come with a variety of open source applications, including Firefox and OpenOffice. [...] At this point it is hard to assess the potential of the Koobox systems. If it succeeds, the product could help legitimize desktop Linux and bring it further into the mainstream. Regardless of how many get sold, the availability of yet another budget Linux PC illuminates the growing popularity of the Linux platform, and contributes to the perception that Linux is applicable to desktop computing. With Dell selling low-cost computers sans OS, and Apple selling the popular Mac Mini at a price that doesn't look as much like typical Apple extortion, Mirus is going to have to fight an uphill battle to pick up a worthwhile chunk of the desktop PC market.'"

segphault writes "The Chinese government has shut down nearly 600 pornographic web sites, and arrested over 200 people for distributing "obscene" content. The Chinese government has also started performing covert surveillance of mobile phone text messages in order to crack down on banking fraud and prostitution organized and perpetrated with text messages. Ars Technica has the story: 'With more than 100 million Internet users, China has the second largest population of web content consumers after the United States. Although the Chinese government promotes web use for business, education, and government activity, the communist regime has committed its resources to crushing web sites that challenge government authority, or distribute content that the government considers to be detrimental to society'"

segphault writes "Ars Technica provides some insight into technology legislation scheduled for congressional review in 2006. From the article: 'Congress plans to cover some important tech issues in 2006 [...] like digital communication, intellectual property law, and computer security. [...] Patent reform is also on the menu. Industry groups have requested that the government allow them to participate in the patent review process, and some legislators have discussed imposing stricter constraints upon patent related injunctions..'"

Slashback tonight brings some corrections, clarifications, and updates to previous Slashdot stories, including the exoneration of Peter Quinn, the debut of Honda's new ASIMO robot, Vonage customers now all have 911 access, Nathan Peterson pleads guilty to copyright infringement, an interesting follow up to the recent Wikipedia articles, the Citizen e ink clock makes its first real world debut, and a response for criticism of the $100 laptop - read on for details.

Peter Quinn exonerated. An anonymous reader writes "Groklaw is reporting that Peter Quinn, the man who terrified Microsoft by moving part of the Massachusetts government to ODF, has been exonerated of any alleged impropriety concerning his trips to tell others about Massachusetts' move to ODF."

Honda debuts new ASIMO robot. Tomo Hiratsuka writes "Honda's ASIMO robot has received his annual refit and now has the power to carry objects with a cart, serve drinks, and run with both feet off the ground at up to 10mph."

911 now available to Vonage users. Ben writes "Only a month after Vonage 911 Deadline Passed the VoIP phone service announced today that all of its customers now have access to 911 services."

Nathan Peterson pleads guilty to copyright infringement. Chris Bradshaw writes "iBackups' owner Nathan Peterson pled guilty to two counts of criminal copyright infringement for illegally copying and selling nearly $20 million worth of computer software. The FBI was first alerted to possible software piracy by the Software Information Industry Association (SIIA) back in 2003. iBackups was selling pirated copies of software over the internet claiming that they were "backup copies" to be used by software owners in case of system crashes."

Wikipedia still just as effective as normal encyclopedia. AxelBoldt writes "The Australian newspaper The Age reports that Nature has run a formal comparison of the science coverage of Wikipedia and Encyclopedia Britannica. From the article: 'The exercise revealed numerous errors in both encyclopedias, but among 42 entries tested, the difference in accuracy was not great: the average science entry in Wikipedia contained around four inaccuracies; Britannica, around three.'"

Citizen e ink clock makes its debut. Tim Jones writes "The flexible e ink clock that Citizen announced what seems like ages ago is finally making an appearance in the real world. It's apparently going to be displayed at a Tokyo exhibition this week."

$100 laptop not quite so ineffectual. segphault writes "Ars Technica posted a response to Intel chairman Craig Barret's criticism of MIT's $100 laptop. From the article: 'Despite Barret's criticism, interest in the $100 laptop remains as strong as ever, and lightweight, affordable technology continues to weave its way into the classroom with great results. Young students in Olathe, Kansas now read their textbooks on Palm handheld computers. According to survey statistics, 28 percent of American school districts offer handheld computers for student and teacher use. A study done at a high school in South Dakota in 2001 found that the the availability of school-provided handhelds actually improved student grades. Eric Johnson, educational sales director for Palm, says the public schools represent a US$300 million market. If handheld computers can do so well in the public school system, surely the $100 laptop can too.'"

segphault writes to pass along that Ars Technica has an interesting article about the recently released Google Analytics. Analytics is Google's new traffic analysis service that helps you to know everything from "how your visitors found you [to] how they interact with your site." Analytics is also built to integrate with AdWords if you are already utilizing that service.

Ryan Paul writes "The Mozilla Foundation reveals that remote attackers infiltrated the SpreadFirefox server by exploiting a site vulnerability. While it appears as though no personal information was accessed, e-mails were sent to inform all registered SpreadFirefox users of the breach. Ars Technica has the complete story." From the Ars article: "Preliminary analysis indicates that the exploit was limited to SpreadFirefox exclusively, meaning that other Mozilla Foundation web sites were not attacked or compromised. The vulnerability, which was exploited by 'unknown remote attackers,' could potentially have enabled the forces of computing darkness to obtain the username and password of every registered SpreadFirefox user, as well as any other optional information that users may have provided, including: real name, web site URL, e-mail address, IM screename, and home address."

danscript writes "Samsung hopes that falling prices for flash-memory chips will mean solid-state memory can eventually replace hard-disk drives in Apple PowerBooks and iBooks as well as other devices, Macworld UK is reporting. The benefits? - silent; less power; reliable and faster."

Modesitt writes "Corpnews offers some thoughts on how E3 has changed for the worse. Several factors are mentioned, but the increased number of people sporting 'Exhibits Only' badges courtesy of Best Buy, CompUSA, and EB Games is focused on as a cause of the descent of E3." From the article: "The only legitimate purpose to E3 is as a media event, for companies to show off their products to the public via the media (after all, such a tiny sliver of the gaming public could go to E3, even if it was open to the public, that the press must inevitably mediate this process), and it is failing terribly at that. Companies are no longer courting the press, or even attempting to develop new contacts among them; now, it is an established siege war between giant website network and shitty magazines, and arrogant companies who divulge the merest crumbs and act as if this were a thunderous pronouncement from Yahweh."

Class Act Dynamo writes "I was browsing for a video clip I saw the other day, and I came across this clip from 15 years ago of Steve Ballmer pitching windows 1.0 in a television commercial. All I can say is WOW. Apparently, there was a big demand for integrating "LOTUS 1-2-3 with Miami Vice." You'll understand when you see the clip." Let it not be said that Microsoft has no sense of humor.

caswelmo asks: "My company has recently moved from Solaris workstations to Windows workstations (Ohhh, the humanity). As an engineering focused company, we use our computers to run many in-house (command line) codes to analyze and design our products. We currently use NAS storage to store everything and use batch files and init scripts to run the correct codes over the network. This makes sure everyone is running the latest version. This also stinks. I know this isn't an original problem, so what are some other solutions for rolling out lots of simple codes like this?"

dba599 (Mark McKinnon) submits this review of Harlan Carvey's Windows Forensics and Incident Recovery, writing "This book takes an unusual approach to computer forensics in that it deals only with live analysis of the system: the compromised computer is left powered on and everything is running. (Compare to a dead analysis, for which the computer is powered off and the hard drive's contents are then analyzed.)" Read on for the rest of McKinnon's review. Windows Forensics and Incident Recovery author Harlan Carvey pages 460 publisher Addison Wesley rating 9 reviewer Mark McKinnon ISBN 0321200985 summary Forensic analysis and incident recovery on a live Microsoft Windows is explained for the system administrator, security administrator and knowledgeable home user.

The intended audience, according to the author, is "anyone with an interest in Windows security, which includes Windows system and security administrators, consultants, incident response team members, students and even home users." The author assumes the reader is familiar with basic networking (including TCP/IP) and has some Windows administration skills. Some programming ability, though not actually required, will help out greatly with reading and understanding the many examples provided, and will let you make your own modifications (this is encouraged by the author throughout the book).

The chapter on data hiding was a real eye-opener -- it's amazing the things Microsoft has implemented as part of the operating system (and included applications) that can be used to hide things. Discovering the hidden information is talked about, as well how it is hidden. Sample topics include file attributes, alternate data streams, OLE and stenography. This is an excellent chapter with many examples; I found myself stopping after each subject to try out each of the discussed techniques.

The next chapter delves into incident preparation. Carvey addresses some of the things that administrators can do to harden their systems. He goes over the application of security policies in general, as well as intelligent assignment of file permissions. He then covers Windows File Protection and how it is implemented, and includes a perl script to implement your own file watcher. He touches briefly on patch management and anti-virus programs, then moves into monitoring. He provides quite a few scripts, and discusses other means by which you can monitor your system.

The next chapter describes tools that can be used in incident response. This chapter has quite a lot of information and took me the longest to get through, because of all the tools mentioned that I had to download and check while I was reading the book. Carvey uses a mixture of his own perl scripts and programs that can be downloaded from places like Sysinternals, Foundstone, DiamondCS and others. All of the tools used are open source (or are at least freely available). That equips the reader with a low-cost toolkit, especially important to the home user or small business owner who cannot afford to buy the commercial equivalent. Carvey does acknowledge, though, that there are quite a few commercial tools with great functionality out there.

The first part of the incident-response tools chapter deals with the collection of volatile information (processes, services, etc.); this is a vital part of live analysis. The second part deals with the collection of non-volatile information (the content of the Windows registry, file MAC times and hashes, etc.) and tools for analyzing files. Carvey also shows how some of the tools complement each other, and that there is not one almighty tool that will find all the data you need. (This is also proven by example in a later chapter when he talks about rootkits.)

The next chapter deals with developing a security methodology, and it's handled differently than in most books: the author presents the material as a series of dreams that a Windows system administrator has, showing how an individual can come up with and fine tune a methodology as incidents happen. Carvey has used this approach before in a series of articles entitled "No Stone Unturned" for SecurityFocus.com, and the creative approach appeals to me. As he moves from dream to dream, you can relate to the admin's circumstances (and mistakes), and how be and becomes better at responding to different incidents.

The next chapter talks about what to usefully look for with the tools the book has introduced. It discusses infection vectors, types of malware and rootkits, and demonstrates tools and techniques for detecting them. This is where the author makes a clear point of why you would need to run several different tools, even if some overlap. His example uses an installed rootkit; running a particular program from a previous chapter, he shows that it fails to find that anything untoward is running -- it takes another program from the same chapter to actually reveal the rootkit's presence. By cross referencing the output for both programs, you can see why you should run more then one type of analysis tool for certain areas to make sure you are not missing anything.

Finally, the author dedicates an entire chapter to his own Forensic Server Project, a two-pronged approach to live forensic analysis which uses two machines simultaneously. The first piece, the Forensic Server Module, is the listener software; this runs on a clean PC where the data will be sent from the compromised system. The other piece, called the First Responder Utility, runs several of the programs and scripts from the incident tools chapter on the compromised system . After installing everything needed for both parts of this system, I followed the author's instructions on how to run it. What a slick tool! I ran it from a couple of PCs on my home network and was able to get a lot of the information that was described in the book as well as hash values for each log file that was produced, and a general log of everything the First Responder Unit did. The whole principle of this is that when you have an incident there will be very little interaction with the compromised system, since everything is scripted to begin with.

The framework that this software constitutes is very flexible. I was able to add two new features to the Forensic Server Module and the First Responder Utility with very little code. The first addition I made was to mark all the logs as read-only on the file system after they were written from the Forensic Server module. The next addition I made was to add a perl script to scan the c:\ drive of the PC that the First Responder Utility was running on. After I made both additions, I tested everything out, and it worked great. I had my extra log files and they were all read-only. My hat goes off to the author for coming up with and including this in the book, a really nice piece of software.

You can purchase Windows Forensics and Incident Recovery from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

sgant writes "So says the 18th-century French mathematician Joseph-Louis Lagrange about Sir Isaac Newton. The New York Times has a piece on 'The Newtonian Moment: Science and the Making of Modern Culture' which is a new exhibit at the NY Public Library. It includes a number of Newton's manuscripts from the Cambridge University Library, including a first edition of his most famous work, "Principia," bearing the author's corrections and additions for the next printing, have never before been shown in the United States."

thejoelpatrol writes "Bad news for Apple fanatics but good news for all the crazy slashdotters who want an iPod but feel dirty using Apple's DRM: the labels are getting together and insisting that online stores standardize their DRM methods. Being the providers of the music, the labels clearly wield a lot of power, but so does Apple: without iTunes, the online music business is next to nothing. Will Apple give in? Not if they can help it -- they're on top of the world. Before anyone messes it up, AAC is an open format, while the Fairplay DRM standard is not."

Class Act Dynamo writes "CNN does a story on some of the finer points of making the Star Wars flicks. I like the part where Mark Hamill discusses the theoretical logistics of employing janitorial staff for the entire Death Star. Enjoy."

thejoelpatrol writes "So did Slashdotters call this one? Windows XP SP2 seems not to be so secure after all. A Register reporter goes in depth to find out just how safe a fresh install is. He provides a list of which dangerous ports are left open and which services are left on by default. I guess now we know why Microsoft's security timetable is 10 years." Reader ack154 writes "ZDNet is reporting that many Dell Inspiron users are reporting an extreme performance decrease since installing Windows XP SP2 - decreases as much as from 2.6ghz down to 300mhz. Dell claims no responsibility, claiming it is 'externally loaded software' and they don't support it. In the mean time there has been a fix posted on Dell's forums, which rolls back the processor driver." Finally, Marxist Hacker 42 writes "Amid complaints of too much XP Service Pack 2 coverage on ZD Net, David Berlind writes that Service Pack 2 deserved the scrutiny it got- and charges that it failed to live up to Gates' Trusted Computing Initiative." Finally, Microsoft warns that installing SP2 on a spyware-infested PC is a bad idea.

Class Act Dynamo writes "Recently, my keyboard stopped working, so I bought a new one (nice cordless number, really excellent). I was about to throw the old keyboard out when I thought it would be interesting to take all the keys out of it and turn them into refrigerator magnets in order to have a simple 'megnetic poetry' type of thing going. As the fumes from the industrial strength glue went to my head during this project, I began to wonder what other types of craft-type projects people had undertaken with their unusable old perpherals and such. Then I began to wonder why there was a purple octopus on my couch. I decided to ask slashdot readers the first of these questions."

Swifti writes "Ever since Windows XP was released, the classic games, TIE Fighter 95 and X-Wing 95 [the X-Wing Collector Series and X-Wing Trilogy versions of X-Wing & TIE Fighter], were left incompatible with the new operating system. The issue refused to be addressed by LucasArts whose basic solution was 'Deal with it.' Luckily, a fix was recently released for these two PC games over at LucasFiles, obviously made by a fan. These great games are now compatible with NT/2000/XP systems." Elsewhere, an anonymous reader points to a movie-annotated fan report on the previously mentioned "LEGO Star Wars game being demo'ed" at last week's Comic-Con, including footage of a whirlin' Lego Yoda.

thejoelpatrol writes "The Senate Judiciary Committee, led by everybody's favorite senator, Orrin Hatch, is moving to outlaw P2P entirely by making it illegal to produce such applications. Hatch says such firms 'think that they can legally profit by inducing children to steal. Some think they can legally lure children into breaking the law with false promises of "free music."' So, when was the last time that Kazaa told kids to steal music? Shouldn't the parents be the ones looking out for their kids? The RIAA is (surprise!) in favor of this, while P2P groups are (surprise!) opposed."

crimethinker asks: "I am an embedded systems engineer for a small division of a large company. Up to now, we have managed to get by with little more than a 'team lead' position, but as our division grows, they are looking to hire a full-on engineering manager. I was one of the candidates, with my current boss's favorable recommendation, but I withdrew my resume when they told me the job was all paper and schedules; I'd never touch code or hardware again. Now the VP has a 'short list' of candidates, and has invited me to be one of the interviewers. Yes, you read that correctly: I will be interviewing the person who will become my boss. So, I put the question to you, Slashdot: what questions should I ask my prospective boss?"

kormoc writes "It all started with a ebay auction when the seller got a email from a dude who wanted to scam him. It was a normal setup and it went horribly wrong... for the scammer. This has turned from a awful plight for a ebay user to a wonderful prank on the scammer. Throw in some crazy brits with digicams and you have the making of a great story. Mirror Mirror" That should get the coffee out your nostrils on a fine sunday morning. Note that you have to download the PDF to read the story.

nick0909 writes "Years in the making, the FCC is finally close to deciding if they will allow Nextel to pay for the reorganization of the 800mhz bandplan. In return the FCC will give Nextel a new band in which to operate their phones, where they won't destroy public safety communications. Other cell companies are angry because they had to pay millions for their GHz frequencies, and argue Nextel is getting off cheap. On top of this, if the 800MHz band gets re-sliced, will the FCC continue to push TV broadcasters out of 700MHz, which was supposed to go all to public safety in the coming years?"

JasdonLe writes "In a move that significantly changes the game's goals, I just saw on the official Star Wars Galaxies site that plans are in the works to 'revamp' the entire Jedi system, including removing Jedi permadeath." The plan is to "rebuild the Jedi system to be quest-oriented; and to include the familiar elements of Force Sensitivity, Jedi-oriented quests, as well as many other elements the developers and the community feel should make up the process of becoming a Jedi." SWG Stratics also has word that the holocrons, previously needed to be come a Jedi in the PC MMORPG, "won't be in the new system", but may still have value as rare in-game items.

simeonbeta2 writes "The San Francisco Chronicle is running a story about Pac Bell's dsl partnership with Yahoo. Initially touted as a new service, Pac Bell is apparently now mailing existing dsl customers to urge them to install additional client software that will enable 'incredible new features and services'. While SBC's privacy policy is not excessively intrusive, use of the new software is covered by Yahoo's privacy policy, which is just a bit more Orwellian." The story's a little overblown - Yahoo's privacy policy reads that way because they offer financial services and the like, where they may well need financial information from you to provide the service. The reporter needed to investigate this new software DSL users are being asked to install, and find out what sort of user tracking it enables.

Slashback brings you word on open courseware, The Big Switch as seen by Tim O'Reilly, another update on the man-made "moon," more on the in-progress clampdown on Chinese Internet searchers, and a disheartening note about hard drive warranties. Get 'em before they disappear completely ;) Read on for the details.

But will they distribute diploma blanks as PDF files? perlmunger writes "Linux Journal highlighted this in the 'up front' section of the June 2001 issue (I knew I keep these old issues around for a reason). Apparently, MIT will (finally) be opening their Open Course Ware initiative on September 30th to the public. Looks like a great start from many departments."

Answer: it's a strong possibility. skinfitz writes "Following on from Google returning to China, New Scientist is reporting in this article that Chinese surfers searching Google are finding their Internet connection dropped for five minutes if they enter "politically sensitive" keywords, such as the Chinese president's name! Will this new technology find uses elsewhere? Is this the future of the web?"

My human transporter is still a station wagon. An anonymous reader writes with the text which by now many people have seen regarding the status of the world's most famous unavailable scooter; apparently it's not necessarily as far from available as an automated message from Amazon implied.

"Greetings from Amazon.com.

You recently received an e-mail from us regarding the Segway Human Transporter (also known as "Ginger" or "IT"). This e-mail was sent accidentally by an automated system and the information in it is incorrect.

In fact, there is no new information on Segway's availability. Consumer versions of Segway Human Transporters are currently being piloted in various communities throughout the U.S. The Segway HT is expected to be released to the general consumer market in 2003.

We apologize for the confusion. We will keep your e-mail address on our list of customers who wish to be notified about this item.

Sincerely,
Amazon.com Customer Service

Strong Opinions softsign writes "Apparently, Tim O'Reilly's recent article addressing the topic of Switchers was so popular and generated so much response that he felt compelled to respond to reader comments in his MacDevCenter column this week. It reads almost like the Apple Switch website, but there are some really insightful emails peppered with Tim's comments. Worth a read."

The moon's been asking for this for years. cscx writes "The mysterious space junk, or apparent "other moon" reported a few weeks ago, now is more likely to be an old Saturn V (from the Apollo program) rocket booster. Bad thing is, there is a 20% chance it could strike the moon sometime next year. More details at MSNBC."

We'll let you you borrow it for a while, sign here. An anonymous reader writes "Microsoft has scrapped plans for subscription-based licensing of consumer products following the end of a 12-month trial in several countries including New Zealand. The Story says people were getting confused as to why they had to pay after the 12 months had gone by."

I find your lack of confidence disturbing. Longinus writes "Ars Technica is reporting that Western Digital is going to follow Maxtor's recent decision to cut their warranty of future drives from three years to one, with an extended warranty being offered at an additional price. The article goes on to mention that Seagate is rumored to also be considering such a cut, but nothing official has been confirmed. One can only wonder if this increase in price is to due to corporate cost saving measures or the fact that hard drives are becoming less stable magnetically as they increase in storage space."

Longinus writes "Yahoo! News is reporting that hard drive manufacturer Seagate has "overcome a significant challenge in magnetic memory with a new technology capable of achieving far beyond today's storage densities -- up to as great as 50 terabits per square inch. Currently, the highest storage densities hover around 50 gigabits per square inch, but Seagate said its heat-assisted magnetic recording (HAMR) technology could break through the so-called superparamagnetic limit -- a memory boundary based on data bits so small they become magnetically unstable." Perhaps the near future of storage technology lies, for now, not in nanotech or holography, but still in magnetic recording."