Slashdot Mirror

mask.of.sanity writes "Anonymous members have taken responsibility for launching a denial of service attack against WikiLeaks this week using a custom-built tool that exploits an SQL server flaw. Field tests of the tool dubbed RefRef were launched against several websites including WikiLeaks, Pastebin and 4Chan. In a Twitter account linked to the Anonymous blog, the users were described as hacktivists with 'a personal vendetta against WikiLeaks,' adding that 'we are sorry we took you down. We are even.'"

CWmike writes "Hackers may have obtained more than 200 digital certificates from a Dutch company after breaking into its network, including ones for Mozilla, Yahoo and the Tor project — a considerably higher number than DigiNotar has acknowledged earlier this week when it said 'several dozen' certificates had been acquired by attackers. Among the certificates acquired by the attackers in a mid-July hack of DigiNotar, Van de Looy's source said, were ones valid for mozilla.com, yahoo.com and torproject.org, a system that lets people connect to the Web anonymously. Mozilla confirmed that a certificate for its add-on site had been obtained by the DigiNotar attackers. 'DigiNotar informed us that they issued fraudulent certs for addons.mozilla.org in July, and revoked them within a few days of issue,' Johnathan Nightingale, director of Firefox development, said Wednesday. Looy's number is similar to the tally of certificates that Google has blacklisted in Chrome."

CWmike writes "A 43-year-old former Akamai employee has pleaded guilty to espionage charges after offering to hand over confidential information about the Web acceleration company to an agent posing as an Israeli consular official in Boston. Starting in September 2007, Elliot Doxer played an elaborate 18-month-long game of cloak-and-dagger with James Cromer, a man he thought was an Israeli intelligence officer. He handed over pages and pages of confidential data to Cromer, providing a list of Akamai's clients and contracts, information about the company's security practices, and even a list of 1,300 Akamai employees, including mobile numbers, departments and e-mail addresses. Doxer delivered the information to a dead drop box 62 times. His motivation: To help Israel and to get information on his son and estranged wife, who lived outside the U.S., prosecutors said in court filings. Doxer faces 15 years in prison on the charges."

tekgoblin writes "Google plans to use data from its +1 button to re-order search results and keep spammers at bay. While this would bring Google’s search engine into the social networking era, it would also create a new avenue for blackhats to manipulate search results. From the article: '"Google will study the clicks on +1 buttons as a signal that influences the ranking and appearance of websites in search results," a spokesman wrote. "The purpose of any ranking signal is to improve overall search quality. For +1's and other social ranking signals, as with any new ranking signal, we'll be starting carefully and learning how those signals are related to quality."'"

CWmike writes "Microsoft said today it will 'ribbonize' the file manager in next year's Windows 8, adding Explorer to the short list of integrated applications that already sport the interface in Windows 7. Microsoft's Alex Simons, director of program management, released screenshots of the new ribbon interface planned for Explorer (scroll way down). 'We evaluated several different UI command affordances including expanded versions of the Vista/Windows 7 command bar, Windows 95/Windows XP style toolbars and menus, several entirely new UI approaches, and the Office style ribbon,' explained Simons. 'Of these, the ribbon approach offered benefits in line with our goals.' Plans by Microsoft and others to ribbonize applications have often met resistance. 'We knew that using a ribbon for Explorer would likely be met with skepticism by a set of power users, but there are clear benefits,' Simons said."

After 14 years and over 15,000 stories posted, it's finally time for me to say Good-Bye to Slashdot. I created this place with my best friends in a run down house while still in college. Since then it has grown to be read by more than a million people, and has served Billions and Billions of Pages (yes, in my head I hear the voice). During my tenure I have done my best to keep Slashdot firmly grounded in its origins, but now it's time for someone else to come aboard and find the *future*. Personally I don't have any plans, but if you need to get ahold of me for any reason, you can find me as @cmdrtaco on twitter or Rob Malda on Google+. You could also update my mail address to be malda at cmdrtaco dot net. Hit the link below if you want to read some nostalgic saccharine crap that I need to get out of my system before I sign off for the last time.

It was the summer of '97 and I was a college kid working part time as a programmer at an ad agency. I wrote a simple CMS: practically my first perl program (I was so happy to not have to write in anything Microsoft!). I got an old DEC Alpha Multia in exchange for some freelance Java work. I stuffed it under my desk at work and registered the domain name in October. Jeff "Hemos" Bates chipped in on the registration fee. Within months we were serving thousands of people per day on a system that looked remarkably similar to the Slashdot you see today. It was simple: I just was sharing stories that I stumbled on with a small group of friends.

When I wrote the essay "Simple Solutions" a few months later, we doubled in traffic almost overnight. New hardware had to be purchased. Soon we exceeded the bandwidth capacity of our ISP and had to start co-locating. This meant banner ads. I barely made it through the end of college, working night and day on a site that was growing so fast, it was all I could do to keep up. We started making a little money and I eventually was able to quit my job and dedicate myself full-time to Slashdot. I barely graduated. Soon my friends followed me, eventually forming our company Blockstackers.

As my little hobby became a full blown business, it became clear that we needed help. The burden of running Sales and Marketing and HR it was to much for us. Slashdot was sold to Andover in '99. Since Slashdot was founded, my business card has read Blockstackers, Andover, Andover.net, VA Linux Systems, VA Software, OSDN, OSTG, SourceForge, and finally Geeknet. My title has changed several times: from my first card which read "Lies and Misinformation", until today when my title read "Editor-in-Chief of Slashdot.org". During that entire time, my job has been some version of the same thing: Make Slashdot Great. I always did my best, and I'd like to think that I got it right more often than not.

In the last 14 years, Slashdot has covered so many amazing events: The explosion of Linux. The rise of Google. The return of Apple. The Dot Com Bubble. The DMCA. 9/11. Wars. Elections. Numerous successful Shuttle Launches and one Disaster. Scientific Breakthroughs galore. Cool toys. Web2.0! Social Networking. Blogging! Podcasting! Micro-Blogging! The Lord of the Rings being filmed and an entire trilogy of new Star Wars. OMG Ponies!! So many moments that I could run this paragraph for hours with moments where we shared something important, meaningful, or just stupid. But the most important to me was my marriage proposal to Kathleen. Slashdot has posted Over 114,000 stories so far. And there will be many more to come. I just won't be the one picking them.

Slashdot has been read by kernel engineers and billionaires. By sys-admins and CEOs. By high school kids and government bureaucrats. But what brings so many of them together is that we are nerds. It never ceases to amaze me the similarities that I find between us all when I climb out of my dungeon and go meet readers. From the inside of some of the most wonderful places on earth, to conference halls with useless wireless connections, to cube farms, you guys always reminded me of why I started this thing in the first place. We share something important and unquantifiable.

The internet has changed dramatically since I started here, and that's part of my reason for leaving. For me, the Slashdot of today is fused to the Slashdot of the past. This makes it really hard to objectively consider the future of the site. While my corporate overlords and I haven't seen eye to eye on every decision in the last decade, I am certain that Jeff Drobick and the other executives at Geeknet will do their best. I am unquestionably confident in the abilities of the Slashdot editors and engineers- some of whom have been here just short of forever. They have proven themselves in the best and worst of conditions to be capable and dedicated.

As part of my resignation, after this story appears I will lose the ability to post. For me, this is the most bitter pill to swallow. Posting stories has always been my favorite part of the job. I created Slashdot to share these stories with my friends from IRC and school. It was never 'work'. Now I will have to go cold turkey. I'm walking away from the soapbox I built. I wish I could continue to post stories forever, but those closest to me know that if I maintained the ability to post, I'd never move on. I'll continue to read Slashdot and hopefully my occasional story submissions will make the cut. My old mantra: News for Nerds, Stuff that Matters still holds true here today. Nobody does it better.

As for what's next, I really don't know. I don't have a job lined up. I have no plans. I'm gonna spend some time with my boys and my wife. Read some books that have been on my shelf forever. Maybe it's time to write a book of my own.

If you want to get ahold of me, my email is now malda at cmdrtaco dot net. Geeknet has graciously agreed to continue to forward malda at slashdot dot org forever, but you should still update your address books if you care. I'm available on twitter as @cmdrtaco and Google+. My homepage hasn't been updated in a decade, but it's still CmdrTaco.net. And since I'm going to have to find a job in a few months, I'm on LinkedIn as well.

Thanks to everyone who helped build Slashdot over the years: the list is far to long to fit in this textfield but you know who you are, and you all know that I've got your back in a knife fight. Lastly, thanks to every Slashdot reader for giving me your time all these years. I hope I've wasted it efficiently and enjoyably.

Pants are optional.

After 14 years and over 15,000 stories posted, it's finally time for me to say Good-Bye to Slashdot. I created this place with my best friends in a run down house while still in college. Since then it has grown to be read by more than a million people, and has served Billions and Billions of Pages (yes, in my head I hear the voice). During my tenure I have done my best to keep Slashdot firmly grounded in its origins, but now it's time for someone else to come aboard and find the *future*. Personally I don't have any plans, but if you need to get ahold of me for any reason, you can find me as @cmdrtaco on twitter or Rob Malda on Google+. You could also update my mail address to be malda at cmdrtaco dot net. Hit the link below if you want to read some nostalgic saccharine crap that I need to get out of my system before I sign off for the last time.

It was the summer of '97 and I was a college kid working part time as a programmer at an ad agency. I wrote a simple CMS: practically my first perl program (I was so happy to not have to write in anything Microsoft!). I got an old DEC Alpha Multia in exchange for some freelance Java work. I stuffed it under my desk at work and registered the domain name in October. Jeff "Hemos" Bates chipped in on the registration fee. Within months we were serving thousands of people per day on a system that looked remarkably similar to the Slashdot you see today. It was simple: I just was sharing stories that I stumbled on with a small group of friends.

When I wrote the essay "Simple Solutions" a few months later, we doubled in traffic almost overnight. New hardware had to be purchased. Soon we exceeded the bandwidth capacity of our ISP and had to start co-locating. This meant banner ads. I barely made it through the end of college, working night and day on a site that was growing so fast, it was all I could do to keep up. We started making a little money and I eventually was able to quit my job and dedicate myself full-time to Slashdot. I barely graduated. Soon my friends followed me, eventually forming our company Blockstackers.

As my little hobby became a full blown business, it became clear that we needed help. The burden of running Sales and Marketing and HR it was to much for us. Slashdot was sold to Andover in '99. Since Slashdot was founded, my business card has read Blockstackers, Andover, Andover.net, VA Linux Systems, VA Software, OSDN, OSTG, SourceForge, and finally Geeknet. My title has changed several times: from my first card which read "Lies and Misinformation", until today when my title read "Editor-in-Chief of Slashdot.org". During that entire time, my job has been some version of the same thing: Make Slashdot Great. I always did my best, and I'd like to think that I got it right more often than not.

In the last 14 years, Slashdot has covered so many amazing events: The explosion of Linux. The rise of Google. The return of Apple. The Dot Com Bubble. The DMCA. 9/11. Wars. Elections. Numerous successful Shuttle Launches and one Disaster. Scientific Breakthroughs galore. Cool toys. Web2.0! Social Networking. Blogging! Podcasting! Micro-Blogging! The Lord of the Rings being filmed and an entire trilogy of new Star Wars. OMG Ponies!! So many moments that I could run this paragraph for hours with moments where we shared something important, meaningful, or just stupid. But the most important to me was my marriage proposal to Kathleen. Slashdot has posted Over 114,000 stories so far. And there will be many more to come. I just won't be the one picking them.

Slashdot has been read by kernel engineers and billionaires. By sys-admins and CEOs. By high school kids and government bureaucrats. But what brings so many of them together is that we are nerds. It never ceases to amaze me the similarities that I find between us all when I climb out of my dungeon and go meet readers. From the inside of some of the most wonderful places on earth, to conference halls with useless wireless connections, to cube farms, you guys always reminded me of why I started this thing in the first place. We share something important and unquantifiable.

The internet has changed dramatically since I started here, and that's part of my reason for leaving. For me, the Slashdot of today is fused to the Slashdot of the past. This makes it really hard to objectively consider the future of the site. While my corporate overlords and I haven't seen eye to eye on every decision in the last decade, I am certain that Jeff Drobick and the other executives at Geeknet will do their best. I am unquestionably confident in the abilities of the Slashdot editors and engineers- some of whom have been here just short of forever. They have proven themselves in the best and worst of conditions to be capable and dedicated.

As part of my resignation, after this story appears I will lose the ability to post. For me, this is the most bitter pill to swallow. Posting stories has always been my favorite part of the job. I created Slashdot to share these stories with my friends from IRC and school. It was never 'work'. Now I will have to go cold turkey. I'm walking away from the soapbox I built. I wish I could continue to post stories forever, but those closest to me know that if I maintained the ability to post, I'd never move on. I'll continue to read Slashdot and hopefully my occasional story submissions will make the cut. My old mantra: News for Nerds, Stuff that Matters still holds true here today. Nobody does it better.

As for what's next, I really don't know. I don't have a job lined up. I have no plans. I'm gonna spend some time with my boys and my wife. Read some books that have been on my shelf forever. Maybe it's time to write a book of my own.

If you want to get ahold of me, my email is now malda at cmdrtaco dot net. Geeknet has graciously agreed to continue to forward malda at slashdot dot org forever, but you should still update your address books if you care. I'm available on twitter as @cmdrtaco and Google+. My homepage hasn't been updated in a decade, but it's still CmdrTaco.net. And since I'm going to have to find a job in a few months, I'm on LinkedIn as well.

Thanks to everyone who helped build Slashdot over the years: the list is far to long to fit in this textfield but you know who you are, and you all know that I've got your back in a knife fight. Lastly, thanks to every Slashdot reader for giving me your time all these years. I hope I've wasted it efficiently and enjoyably.

Pants are optional.

CWmike writes "Developers of the Apache open-source project warned users of the Web server software on Wednesday that a denial-of-service (DoS) tool is circulating that exploits a bug in the program. 'Apache Killer' showed up last Friday in a post to the 'Full Disclosure' security mailing list. The Apache project said it would release a fix for Apache 2.0 and 2.2 in the next 48 hours. All versions in the 1.3 and 2.0 lines are said to be vulnerable to attack. The group no longer supports the older Apache 1.3. 'The attack can be done remotely and with a modest number of requests can cause very significant memory and CPU usage on the server,' Apache said in an advisory. The bug is not new. Michal Zalewski, a security engineer who works for Google, pointed out that he had brought up the DoS exploitability of Apache more than four-and-a-half years ago. In lieu of a fix, Apache offered steps administrators can take to defend their Web servers until a patch is available."

CWmike writes "Facebook is making a series of design changes to the site to make it clearer to users who can see the content that they post, an issue Google has been criticizing Facebook about since it launched its own social network, Google+, in June. 'You have told us that "who can see this?" could be clearer across Facebook, so we have made changes to make this more visual and straightforward,' Facebook said in a blog post on Tuesday. The main change is that Facebook will now display the intended audience for a photo, a text post, a tag or any other piece of content right next to it. Until now, those controls have been on a separate Settings section of the profile. 'Your profile should feel like your home on the web — you should never feel like stuff appears there that you don't want, and you should never wonder who sees what's there.' Another change Facebook is introducing is allowing users to modify the audience of a post after it's published, which they couldn't do before."

At 1:51 p.m. EDT a 5.8 magnitude earthquake hit Virginia (map of reported tremors). Reports indicate it was felt along most of the east coast (my monitor and floor definitely wobbled a bit down here in Raleigh NC) with reported evacuations of government buildings at least in DC. QuantumPion noted that the North Anna Nuclear Generating Station is located only a few miles from the epicenter, and the NRC has confirmed the plant automatically shut down with no apparent damage. For folks who like that sort of thing, there is a hashtag on Twitter, and the WSJ has a page with live updates on the situation.

CWmike writes "Taking advantage of Hewlett-Packard's departure from the tablet and smartphone market, Microsoft has offered webOS developers free phones, tools and training to create apps for Windows Phone 7. Brandon Watson, Microsoft's senior director of Windows Phone 7 development, made the offer on Twitter on Friday, and has been fielding queries ever since. 'To Any Published WebOS Devs: We'll give you what you need to be successful on #WindowsPhone, incl. free phones, dev tools, and training, etc.,' Watson said a day after HP's announcement. Before Friday was out, Watson said he had received more than 500 emails from interested developers, and later, that the count was closing in on 600."

CWmike writes "Taking advantage of Hewlett-Packard's departure from the tablet and smartphone market, Microsoft has offered webOS developers free phones, tools and training to create apps for Windows Phone 7. Brandon Watson, Microsoft's senior director of Windows Phone 7 development, made the offer on Twitter on Friday, and has been fielding queries ever since. 'To Any Published WebOS Devs: We'll give you what you need to be successful on #WindowsPhone, incl. free phones, dev tools, and training, etc.,' Watson said a day after HP's announcement. Before Friday was out, Watson said he had received more than 500 emails from interested developers, and later, that the count was closing in on 600."

tekgoblin writes "A very important and functional feature has been added to Apple's iOS 5 for Japanese users: an earthquake warning system. This new feature may allow the people of Japan to be warned early enough to get out of harm's way and ultimately save lives. Most phones sold in Japan have some way to warn the user of Earthquakes."

CWmike writes "With HP spinning off its PC business, rivals will be looking for a way to get a bigger piece of the hardware pie. HP's PC unit news, among other industry-rattling announcements, including pulling out of the tablet market and shuttering webOS, rocked the hardware industry since HP is by far the dominant maker in the world. So while HP decides what to do, rivals should be plotting their next move, say industry analysts. Who could benefit the most from any change-up in PC sales? The obvious suspects: Dell, which passed Acer in the second quarter of this year; and Acer is looking to make up some lost ground and could see HP's shake up as an opportunity. And don't forget Lenovo, which holds the third-largest market share. Despite the general downshift for PCs, Lenovo is riding some great momentum right now, reports Gartner. In the second quarter of 2011, the company saw 22.5% growth in its PC shipments." A related article ponders the fate of webOS, looking at a number of potential buyers as well as the unlikely possibility that HP will open source it.

tekgoblin writes with a quick bit about new words in the COED. From the article: "Concise Oxford English Dictionary is the smaller but most widely recognized derivative of the official Oxford English Dictionary, which is celebrating this August its 100th anniversary. To celebrate, the lexicon published its 12th edition today that adds more than 400 new entries – many of which reflect the technological vocabulary found in today's society, like 'woot,' 'mankini,' and 'jeggings.'"

CWmike writes "A U.S. trade judge has rejected Google's move to block the testimony of a Microsoft expert witness in the dispute with Motorola over patents allegedly used by Android. Last week, Google accused Microsoft of violating a confidentiality agreement struck between Microsoft, Motorola and Google in the ITC case. The judge rejected Google's motion on Monday. 'The ALJ [Administrative Law Judge] finds no basis to discern from Google's statement whether Google made a reasonable, good-faith effort to resolve the matter with Microsoft,' he wrote in his ruling."

CWmike writes "Apple isn't just going after the Samsung Galaxy Tab in Europe, it's also attacking the Motorola Xoom. Apple's lawsuit, which was filed in Germany and led to Tuesday's injunction barring sales of the Samsung Galaxy Tab 10.1 in Europe, makes reference to a separate complaint against the Motorola Xoom. Patent expert Florian Mueller, who told Computerworld on Tuesday that the mounting patent cases could cast a cloud over Android licensing, found the original lawsuit, filed in Dusseldorf, Germany, and pointed out the Motorola action. The reference in the suit says that Apple has also filed a complaint over the design of the Motorola Xoom, which runs the Android operating system. But it's unclear if Apple is seeking an injunction that would immediately prevent Motorola from importing the tablets into Europe."

CWmike writes "The tech industry's answer to this week's stock market roller coaster was delivered on Tuesday by the mighty Apple Inc. Apple saw its stock price rise enough — gaining more than 5% — to briefly surpass Exxon Mobil as the most valuable company in the U.S., according to an AP analysis of its market cap. (Exxon Mobile wound up the day slightly ahead of Apple.) Most of the other major tech companies — including Intel, IBM, Dell, Microsoft and Hewlett-Packard — all finished in positive territory yesterday, as markets made up ground lost in the big sell-off on Monday that also hit oil prices and other commodities.Tuesday's rally may be all that's needed to shake away, at least temporarily, some of the economic concerns the IT industry still faces. By closing in on Exxon, Apple effectively affirmed that there are few limits to tech growth. CW blogger Jonny Evans posits that ideas are why Apple beats Exxon on market cap, noting, 'While Exxon drills, hammers and crushes its way to find its billions, Apple's mind-miners explore myriad complexities to develop and understand new technologies.'"

CWmike writes "Microsoft on Tuesday issued 13 security updates that patched 22 vulnerabilities in Internet Explorer, Windows, Office and other software, including one that harked back two decades to something dubbed 'Ping of Death.' While other patched vulnerabilities we more serious, one marked 'CVE-2011-1871' brought back memories for nCircle's Andrew Storms. 'This looks like the Ping of Death from the early-to-mid 1990s,' he said. 'Then, when a specially-crafted ping request was sent to a host, it caused the Windows PC to blue screen, and then reboot.' Two decades ago, the Ping of Death (YouTube video demonstration) was used to bring down Windows PCs remotely, often as a way to show the instability of the operating system."

tekgoblin writes "Verizon, like AT&T has now started blocking jailbroken phones from using un-sanctioned tethering apps. Verizon will now require users to be subscribed to a mobile tethering plan to be able to use tethering at all." So which mobile company's actually any good for 3G tethering, voice service aside? My Virgin Mobile MiFi (bought under a plan no longer available) is theoretically unlimited and "only" $40/month, but has had too much downtime for my taste, and atrocious customer service.

CWmike writes "Start-up Millenniata and LG plan to soon release a new optical disc and read/write player that will store movies, photos or any other data forever. The data can be accessed using any current DVD or Blu-ray player. The M-Disc can be dipped in liquid nitrogen and then boiling water without harming it. It also has a Defense Department study (PDF) backing up the resiliency of its product compared with other leading optical disc competitors. The company would not disclose what material is used to produce the optical discs, referring to it only as a 'natural' substance that is 'stone-like.' Like DVDs and Blu-ray discs, the M-Disc platters are made up of multiple layers of material. But there is no reflective, or die, layer. Instead, during the recording process a laser 'etches' pits onto the substrate material."

CWmike writes "After the hacking gang Anonymous took credit for defacing Syria's Ministry of Defense website, a Syrian group retaliated on Monday by posting gruesome photos on Anonymous' embryonic social network. The defacement of AnonPlus — the site Anonymous set up last month when it was booted off Google+ — did not include the name of the group responsible. The University of Toronto's Citizen Lab, however, credited the AnonPlus defacement to the 'Syrian Electronic Army' in a message posted to Twitter. 'In response to your hacking to the website of the Syrian Ministry of Defence, the Syrian people have decided to purify the internet of [y]our pathetic website,' the defacement read."

CWmike writes "After the hacking gang Anonymous took credit for defacing Syria's Ministry of Defense website, a Syrian group retaliated on Monday by posting gruesome photos on Anonymous' embryonic social network. The defacement of AnonPlus — the site Anonymous set up last month when it was booted off Google+ — did not include the name of the group responsible. The University of Toronto's Citizen Lab, however, credited the AnonPlus defacement to the 'Syrian Electronic Army' in a message posted to Twitter. 'In response to your hacking to the website of the Syrian Ministry of Defence, the Syrian people have decided to purify the internet of [y]our pathetic website,' the defacement read."

jfruhlinger writes "Protests against a police shooting in the poor London neighborhood of Tottenham escalated into rioting and looting this past weekend. Initial reports have it that the activity was coordinated not by Twitter or Facebook but by the relatively old-tech method of BlackBerry messaging. Now the official Twitter account of RIM's UK division has announced that it is 'engaged with the authorities to assist in any way we can,' which presumably means that it's handing over messages sent by rioters. Is BlackBerry being a responsible part of British society, or is it overstepping its bounds?"

msmoriarty writes "The second-ever federal CIO (the first, Vivek Kundra, resigned in June) will be Steven VanRoekel, who worked with Microsoft for 15 years, running the company's Web Services and Platform Strategy and Windows Server Solutions groups. He went to the FCC in 2009, where he then advocated for open government and open platforms. VanRoekel's title on his twitter feed has already been changed to 'United States Chief Information Officer.'" According to reader dcblogs, VanRoekel is also a hefty political donor, having given $50,000 toward Obama's inauguration festivities.

trawg writes "A small Australian software company — backed by almost AUD$2 million in government assistance — is claiming they've developed a new technology which is '100,000 times better' for computer game graphics. It's not clear what exactly is getting multiplied, but they apparently 'make everything out of tiny little atoms instead of flat panels.' They've posted a video to YouTube which shows their new tech, which is apparently running at 20 FPS in software. It's (very) light on the technical details, and extraordinary claims require extraordinary evidence, but they say an SDK is due in a few months — so stay tuned for more." John Carmack had this to say about the company's claims: "No chance of a game on current gen systems, but maybe several years from now. Production issues will be challenging."

tekgoblin writes "IEEE has just announced a new Wireless standard, 802.22, that can cover up to 12,000 square miles. The standard is actually for Wireless Regional Area Networks (or WRAN), which use the white spaces left in the TV frequency spectrum."

CWmike writes "Machines running the decade-old Windows XP make up a huge reservoir of infected PCs that can spread malware to other systems, a Czech antivirus company said. Windows XP computers are infected with rootkits out of proportion to the operating system's market share, according to data released Thursday by Avast Software, which surveyed more than 600,000 Windows PCs. While XP now accounts for about 58% of all Windows systems in use, 74% of the rootkit infections found by Avast were on XP machines. Avast attributed the infection disparity between XP and Windows 7 to a pair of factors: The widespread use of pirated copies of the former and the latter's better security. Vlcek assumed that many of the people running XP SP2, which Microsoft stopped supporting with security patches a year ago, have declined to update to the still-supported SP3 because they are running counterfeits."

tekgoblin writes "PayPal was attacked by Anonymous last year when they had blocked the Wikileaks accounts transactions. Now PayPal has finally come up with enough evidence to strike back at Anonymous with the help of the FBI. PayPal has come up with a list of over 1,000 IP Addresses left behind when they were attacked by Anonymous."

CWmike writes "Almost anyone can snoop the secure data traffic of unpatched iPhones and iPads using a recently-revised nine-year-old tool, a researcher said as he urged owners to apply Apple's latest iOS fix. If iOS devices aren't patched, attackers can easily intercept and decrypt secure traffic — the kind guarded by SSL, which is used by banks, e-tailers and other sites — at a public Wi-Fi hotspot, said Chet Wisniewski, a security researcher with Sophos. 'This is a nine-year-old bug that Moxie Marlinspike disclosed in 2002,' Wisniewski told Computerworld on Wednesday. On Monday, Marlinspike released an easier-to-use revision of his long-available 'sslsniff' traffic sniffing tool. 'My mother could actually use this,' he said."

CWmike writes "A brewing legal dispute between Sony and one of its insurers over data breach liability claims highlights the challenges that companies can sometimes face in getting insurance providers to cover expenses arising from cybersecurity incidents. Zurich American Insurance Co. asked the court last week to absolve it of any responsibility for defending or indemnifying Sony against claims arising from the recent data breaches at the company. The data breaches at Sony's PlayStation Network, Sony Entertainment Online and Sony Pictures resulted in account data on close to 100 million individuals becoming exposed and over 12 million credit and debit cards being compromised. The breaches have so far resulted in at least 55 putative class-action lawsuits being filed against Sony in the U.S and another three lawsuits filed against it in Canada. Sony expects to spend close to $180 million in the next year alone on breach-related costs. But analysts say insurance might not have even been worth it in Sony's case: 'There aren't many success stories where cyber insurance [has played] a significant role in reducing the cost of incidents,' said Gartner analyst John Pescatore. Um, better security as an insurance policy maybe?"

CWmike writes "Amazon bowed on Monday to Apple's newest App Store rules, and removed a link in its iPhone and iPad Kindle apps that took customers directly to its online store. The move was required to comply with new rules designed to block developers from evading the 30% cut that Apple takes from in-app purchases. In February, Apple CEO Steve Jobs laid down the law. 'Our philosophy is simple — when Apple brings a new subscriber to the app, Apple earns a 30% share,' said Jobs in a statement released Feb. 15. 'When the publisher brings an existing or new subscriber to the app, the publisher keeps 100% and Apple earns nothing.' Rhapsody updated its iPhone app last week to, among other things, remove the in-app subscribing link. Also on Monday, Google complied with Apple's new rules when it re-released Google Books — which had been yanked from the App Store — minus an in-app purchasing button."

CWmike writes "Oracle has been ordered to lower its multibillion-dollar claim for damages in its patent infringement lawsuit against Google and its Android operating system, court papers show. Oracle's expert 'overreached' in concluding that Google owed up to $6.1 billion in damages for alleged infringement of Oracle's Java patents, U.S. District Court Judge William Alsup said Friday in a sternly written order. The 'starting point' for Oracle's damages claim should be $100 million, adjusted up and down for various factors, he said. At the same time, Google was wrong to assert that its advertising revenue is not related to the value of Android and should therefore not be a part of Oracle's damages, the judge wrote. He also warned Google, 'there is a substantial possibility that a permanent injunction will be granted' if it is found guilty of infringement."

CWmike writes "With an eye toward helping tomorrow's data-deluged organizations, IBM researchers have created a super-fast storage system capable of scanning in 10 billion files in 43 minutes. This system handily bested their previous system, demonstrated at Supercomputing 2007, which scanned 1 billion files in three hours. Key to the increased performance was the use of speedy flash memory to store the metadata that the storage system uses to locate requested information. Traditionally, metadata repositories reside on disk, access to which slows operations. (See IBM's whitepaper.)"

CWmike writes "U.S. Marine Corps Gen. James 'Hoss' Cartwright, vice chairman of the Joint Chiefs of Staff, was sharply critical Tuesday of the Defense Department's IT systems and said he sees much room for improvement. the department is pretty much in the Stone Age as far as IT is concerned,' Cartwright said. He cited problems with proprietary systems that aren't connected to anything else and are unable to quickly adapt to changing needs. 'We have huge numbers of data links that move data between proprietary platforms — one point to another point,' he said. The most striking example of an IT failure came during the second Gulf War, where Marines and the Army were dispatched in southern Iraq, he said. 'It's crazy, we buy proprietary [and] we don't understand what it is we're buying into,' he said. 'It works great for an application, and then you come to conflict and you spend the rest of your time trying to modify it to actually do what it should do.'"

tekgoblin writes "Back in May there was a class action lawsuit filed against the rental company Aaron's, which had secretly installed spying software that would turn on a laptop's webcam, take pictures and then send them back to the company. Overall it seemed like a large invasion of privacy, which should at least warrant an injunction to stop use of the software until the case is settled, right? Not to the judge, who refused to order an injunction on the grounds that the family was no longer in possession of the laptop. As for everyone else still using their Aaron's laptops, the judge had this to say to them (PDF): 'Moreover, it is purely conjecture that the other members of the putative class will be subjected to remote access of personal information.'"

CWmike writes "Apple approved the Google+ app for the iPhone on Tuesday, and posted it to the App Store. It's unclear whether Google has created an iPad-specific app. Two weeks ago, a Google employee said that the company had submitted Google+ to the App Store ... on July 4. According to that timeline, Google's app took twice as long as the majority of submitted apps to win Apple's approval."

nk497 writes "LulzSec have come out of retirement to target Rupert Murdoch's News International, hacking the website of The Sun, redirecting it first to a spoofed page reporting his death and then to Lulz's Twitter feed. 'The Sun's homepage now redirects to the Murdoch death story on the recently-owned New Times website,' the hackers said via Twitter. 'Can you spell success, gentlemen?' The hackers also started to post email addresses and passwords they claimed were from Sun staff, and said to have accessed a mail server at now-defunct News of the World."

CWmike writes "In a wide-ranging discussion Friday with President Barack Obama's top science advisors, Federal CIO Vivek Kundra warned of the dangers of open data access and was sharply critical of government IT contracting, telling the committee: '...We almost have an IT cartel within federal IT' made up of very few companies that benefit from government spending 'because they understand the procurement process better than anyone else.' He added: 'It's not because they provide better technology.'"

CWmike writes "A judge at the U.S. International Trade Commission has made an initial determination that HTC infringed two Apple patents, HTC said late Friday. If the judgment is made final, HTC could be banned from importing phones to the U.S. It's the latest blow to Google's Android operating system, which is being attacked by competitors including Apple, Microsoft and Oracle. The initial determination will now be reviewed by a larger panel of ITC judges, who can uphold or reject it. The two patents appear to be fundamental to Android, according to Florian Mueller, a patent expert. 'They are very likely to be infringed by code that is at the core of Android,' he wrote in a blog post. The same patents are also at the heart of a dispute between Apple and Motorola, he said."

CWmike writes "It has been years since the banking industry made any large investments in core IT systems, but some of the largest financial services firms in the U.S. are now in the midst of rolling out multi-million dollar projects, say industry experts. About a decade ago, they began replacing decades-old Cobol-based core systems, with open, Web-enabled apps. Now, they are spending more than $100,000,000 to replace aging systems, converting to real-time mobile applications for retail services such as savings and checking accounts and lending systems. The idea behind going real-time: Grab more business — and money — from customers. 'Five of the top 20 banks are engaged in some sort of core banking replacement and we expect to see another three or four in next 12 months,' said Fiaz Sindhu, who leads Accenture's North American core banking practice. 'They're looking at those upgrades as a path to growth.'"

CWmike writes "Hoping to further sharpen OpenOffice's competitive viability against Microsoft Office, IBM is donating the code of its Symphony open source office suite to the nonprofit Apache Software Foundation. Apache could fold this code into its own open source office suite OpenOffice, on which Symphony was based. In June, Oracle donated the OpenOffice suite to Apache. 'Prior to Apache's entry, there really hasn't been enough innovation in this area over the past 10 years,' said Kevin Cavanaugh, an IBM vice president. 'It's been constrained because we haven't had a true open source community with a mature governance model.'"

tekgoblin writes "An interesting study was just released by Retrevo which indicates that a startling 34% of iPhone 4 owners are confused to what '4' actually means. iPhone owners who had an iPhone 3G knew that the 3G actually stood for 3G so that is where the confusion has stemmed from. iPhone 4 owners think that the 4 means 4G."

Several readers submitted stories about Google+ today. CWMike writes in with an article about the lack of developer APIs from Computerworld "Currently, external developers don't have any Google+ APIs or tools to tinker with. A Google spokeswoman said, 'We definitely plan to involve developers and publishers in the Google+ project, but we don't have specific details to share just yet. Please stay tuned.' The spokeswoman declined to say specifically if Google+ will be compatible with the company's OpenSocial set of common APIs for social networking applications." Anita Khanna writes "Facebook is trying real hard to block users migrating to google+. Although the recently announced Google+ social platform is still in private beta, it has generated enough excitement to have Facebook making some preemptive measures. Shortly after the announcement, Facebook made a peculiar change to their TOS that resulted in the ban of popular Chrome extension Facebook Friend Exporter. Over the weekend, another personal data migration tool, Open-Xchange, has also been deactivated." Finally, an anonymous reader notes that Google is requiring real names for profiles, and may have already suspended some users for using aliases.

An anonymous reader writes "I project that Google will easily pass 10 million users tomorrow and could reach 20 million user by this coming weekend if they keep the Invite Button available. As one G+ user put it, it is easy to underestimate the power of exponential growth." I bet if people post in the discussion that they need invites, we can scratch each other's backs here. I've been using Google+ for a few days now (Yes I will put you in a circle ;) and have a lot to love, but unless I can gate twitter and Facebook, the best interface in the world won't help me until I can convince my kids' grandparents to move.

jjp9999 writes "Anonymous Operations posted 90,000 military email addresses and passwords to the Pirate Bay on July 11, in what they're calling 'Military Meltdown Monday.' They obtained the emails while hacking government contracting and consulting firm Booz Allen Hamilton. They hinted at other information obtained during the breach, which they describe as 'maps and keys for various other treasure chests buried on the islands of government agencies, federal contractors and shady whitehat companies.' The breach comes just days after Anonymous hacked government contractor IRC Federal. Both breaches are linked to the new AntiSec movement, which LulzSec joined forces with shortly before disbanding."

CWmike writes "Microsoft disabled the search tool on its Safety & Security Center on Saturday after attackers poisoned results with links to pornographic URLs. The company restored the website's search field early Monday afternoon ET. Alex Eckelberry, the general manager of GFI Software's security group and CEO of Sunbelt Software, said search poisoning is not unusual — but this is different. 'This is crafty,' Eckelberry said. 'This isn't normal search poisoning. It's poisoning the results with actual searches. Users were getting back a prior search as a search result.'"

tekgoblin writes "Google has taken the attack on malware into its own hands today as it blocks the entire co.cc subdomain. The block removed about 11 million results from the Google search index which should dramatically clean up much malware in search results."

CWmike writes "It's true that IT systems have become essential to business operations, but the successful functioning of the IT department shouldn't rest on any one person's shoulders. All told, vacations serve as mini tests to prove if a department can function when key players are away. That's the theory, anyway. In reality, IT departments sometimes flunk. The results can either be comical or turn out to be a serious wake-up call to organizations that need a better Plan B. To prime your mental pump before your own vacation, Computerworld compiled anecdotes about good vacations gone bad."

brothke writes "Surveillance or Security?: The Risks Posed by New Wiretapping Technologies is a hard book to categorize. It is not about security, but it deals extensively with it. It is not a law book, but legal topics are pervasive throughout. It is not a telecommunications book, but extensively details telco issues. Ultimately, the book is a most important overview of security and privacy and the nature of surveillance in current times." Read below for the rest of Ben's review. Surveillance or Security?: The Risks Posed by New Wiretapping Technologies author Susan Landau pages 360 publisher MIT Press rating 10/10 reviewer Ben Rothke ISBN 9780262015301 summary Definitive text on the topic of surveillance, security and privacy read. Surveillance or Security? is one of the most pragmatic books on the topic in that the author never once uses the term Big Brother. Far too many books on privacy and surveillance are filled with hysteria and hyperbole and the threat of an Orwellian society. This book sticks to the raw facts and details the current state, that of insecure and porous networks around a surveillance society.

In this densely packed work, Susan Landau, a fellow at the Radcliffe Institute for Advanced Study at Harvard University details the myriad layers around surveillance, national security, information security and privacy. Landau writes that her concern is not about legally authorized law enforcement and nationally security wiretapping; rather about the security risks of building surveillance into communications infrastructures.

Landau details numerous reasons why communications security is hard to do right; but an imperative for our ultimate security, privacy and digital wellbeing.

In 250 pages, Landau makes a compelling case. In addition to her superb handle on the topic, the book has over 80 pages of footnotes, where everyquote, statement and claim is verified and confirmed. The book is a great launching pad for a much deeper analysis on the topic.

The main theme of the book is that digital communications have revolutionized the way in which society interacts. The Internet is now the lifeblood of many businesses and governments, including a significant part of our critical infrastructure. The fact that this infrastructure lacks comprehensive security and privacy controls are a troubling concern.

In 11 dense chapters, Landau notes that since security and privacy have not been fully integrated into this infrastructure; this leaves us exposed and vulnerable to cyberattacks.

In the introduction, Landau notes that with this new computing and telecommunications paradigm, the job of law enforcement has become much more challenging. In previous years, surveillance was relatively easy. Once law enforcement had physical access to a phone line, they were in. Today, with cell phones, VoIP, Internet cafes, anonymizing services and more, the dynamics have changed and this has caused quite a shock for law enforcement; who are often struggling to deal with this new paradigm.

Landau notes that the surveillance and eavesdropping technologies that have been deployed since 9/11 are being used to catch one set of enemies. But other antagonists may be posed to turn these tools against us, and we are putting into place something for our enemies to use that they could not afford to do on their own. As to this and other difficult questions that Landau brings up; there are no simple answers.

Chapter 3 — Securing the Internet is Difficult — notes that the original creators of TCP/IP did not have security in their design. Their concerns were more along the lines of traffic breakdowns, packet loss, robustness and more; but not security and privacy. In some ways, this may be been a blessing, as Dennis Jennings, who ran the NFSNET; states that "had we known what was to come, we'd have been terrified and the Internet would never have happened.

In chapter 5 — The Effectiveness of Wiretapping– Landau notes that the biggest use of wiretapping tools is not actually the capture of conversation. But something that is not really wiretapping at all: the capture of transactional information.

Chapter 7 – Who are the Intruders? What are They Targeting?– is one of the best chapters in the book. Landau details both the internal threat and industrial espionage, and it is not a pretty picture. Landau provides numerous cases where nation-states used networks, rather than people to infiltrate US interests, governmental, industrial and scientific areas. She notes that these insider attacks are often the most difficult to detect; the reason being that insiders know the systems, know where the important data is, and what the auditors are looking at. This ultimately makes insiders attack particularly pernicious.

So how significant are nation-states infiltrating US networks? Landau quotes a confidential government source that the NASA network was "completely open to the Chinese".

Landau makes her message loud and clear in chapter 8 when she notes that it does not help to tell people to be secure; rather security must be built into their communications systems. Security must be ubiquitous, from the phone to the central office and from the transmission of a cell phone to its base station to the communications infrastructure itself.

In chapter 9 – Policy Risks Arising from Wiretapping – Landau details how deep packing inspection (DPI) is used by ISP's. It is the ISP's who have the capability to know what you are browsing, what your email says, your VoIP conversation and much more. In a short amount of time, the ISP can develop a dossier on the user, and as noted, it has the ability to amass data to an amount that the Stasi could only dream of. This surveillance ability is what is most troubling to the author.

Landau continues that the only way for a person to avoid the risk from ubiquitous uses of DPI by an ISP would be to encrypt everything. While not completely done now, Gmail and Skype do bulk encryption.

The book closes with chapter 11 – Getting Communications Security Right– and there are no easy answers. Landau notes that across the globe, there are projects on clean-slate network architectures. But our current infrastructure is quite insecure and porous.

Surveillance or Security?: The Risks Posed by New Wiretapping Technologies is an extremely important book on the topic of the many risks posed by new wiretapping technologies. Landau has the remarkable talent of taking very broad issues and detailing them in a concise, yet comprehensive manner. The book should be seen as the starting point for discussion on a most important topic.

Landau does an excellent job of detailing how unwarranted surveillance can undermine security and affect our rights, while noting that security for every citizen is paramount to the very spirit of the Constitution.

The book closes with the very principles of what it means to get communications security rightand that adhering to these principles cannot guarantee that we will be completely secure. But failure to adhere to them will guarantee that we will not.

As to Surveillance or Security?: The Risks Posed by New Wiretapping Technologies, required reading it is, but that term does not do justice to the importance of this book. Simply put, this book is the definitive text on the topic and it is a title that needs to be read.

Reviewer Ben Rothke (@benrothke) is the author of Computer Security: 20 Things Every Employee Should Know

You can purchase Surveillance or Security?: The Risks Posed by New Wiretapping Technologies from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.