Slashdot Mirror

Jeff K writes "Facts and science collide with tribal loyalties, the Washington Post reports: 'Scientists doing climate research for the federal government say the Bush administration has made it hard for them to speak forthrightly to the public about global warming. The result, the researchers say, is a danger that Americans are not getting the full story on how the climate is changing.'"

vitaly.friedman writes "While growth is slowing at most top Internet sites, it is skyrocketing at sites focused on social networking, blogging and local information. The dramatic success of those Internet categories is apparent from a recent online-traffic analysis provided by market research firm ComScore Media Metrix, which examined visitor growth rates among the 50 top Web sites over the past year."

CUShane writes "The Washington Post is running an article on the patent case between Tivo and EchoStar regarding Tivo's DVR technology. The article states that Tivo has a better than 70% chance of winning, while a loss would basically doom the company. Is there a possibility that the patent system is working right in this case?" From the article: "TiVo attorney Morgan Chu has been arguing in court that TiVo's inability to turn a profit, despite the popularity of its product, is partially because of EchoStar's infringing on its patent. TiVo co-founder Michael Ramsay testified that he showed EchoStar executives the TiVo product and pursued a licensing deal with them, but that a deal was never struck even though EchoStar began selling its own DVRs that used technology very similar to TiVo's."

Slashback tonight brings some corrections, clarifications, and updates to previous Slashdot stories including Microsoft denies Vista rewrite, Tuttle Oklahoma city manager still doesn't get it, MS Virtual Server slips and VMWare fills the gap, Samsung execs plead guilty to price fixing charges, Tux in retail part 2, a renewed bid to register the Linux trademark in Australia, OpenSPARC.net shades of the past, and a follow up on Mac botnets -- Read on for details.

Microsoft denies Vista rewrite. moochfish writes "Contrary to a heavily doubted feature earlier this week, Business 2.0 magazine reports that Microsoft will not be rewriting large portions of its operating system. From the article, 'Microsoft's own blogger Robert Scoble checked into the story and got a denial from an executive at Microsoft's PR firm, who says he's not aware of any Xbox programmers working on Windows.'"

Tuttle Oklahoma city manager still doesn't get it. gEvil (beta) writes "The Register has posted a followup to this past week's wonderfully humorous story about Tuttle, Oklahoma's technically inept city manager, Jerry Taylor. It appears that Mr. Taylor is not pleased with the publicity he has received due to the incident, despite his prior statement of, 'I have no fear of the media, in fact I welcome this publicity.' He sent an email to the Register's marketing team asking that people stop emailing him and making fun of him."

MS Virtual Server Slips and VMWare fills in the gap. nizo writes "On the heels of the announcement that Microsoft Virtual Server is slipping to 2007, VMware has announced the beta release of the VMware Virtual Machine Importer, which has the capability to convert system images stored in 3rd party formats (including Microsoft Virtual Server images) to VMware virtual machines. The good news is VMware released the importer as a free download."

Samsung execs plead guilty to price fixing charges. bdotcdot writes "Electronics News is running a story on Samsung executives who have plead guilty to the price fixing of DRAM. From the story 'According to the one-count felony charge filed in federal court in San Francisco, at various times during the period from April 1, 1999, to June 15, 2002, these three Samsung employees conspired with unnamed employees from other memory makers to fix the prices of DRAM sold to certain computer and server manufacturers in the U.S., in violation of the Sherman Act. The conspiracy directly affected sales to U.S. computer makers Dell Inc., Hewlett-Packard Company, Compaq Computer Corp., International Business Machines Corp., Apple Computer Inc. and Gateway Inc., the charge said.'"

Tux in retail part 2. silentbob4 writes "Mad Penguin brings us the second and final installment in their 'Tux in Retail' series, in which they interview Linspire CEO Kevin Carmony; Xandros CEO Andreas Typaldos; Mepis Linux founder Warren Woodford; and Kevin Jones, Micro Center Vice President of Merchandising, to get their take Tux's jump into big box retail. The first installment was run as an earlier Slashdot article."

Renewed bid to register Linux trademark in Australia? daria42 writes "A renewed bid to register the word 'Linux' as an Australian trademark must meet an early April deadline or face defeat." From the article: "'The deadline to file a response to the Examiner's rejection has not yet passed, and LMI and its attorneys are still determining if they will respond,' a spokesperson for the body told ZDNet Australia in an emailed statement."

OpenSPARC.net, shades of the past. Andy Updegrove writes "In what must have seemed to many as a bold move, Sun Microsystems recently announced that it would release the source code for its UltraSparc T1 processor under the GPL, supported by a new organization that it calls OpenSPARC.net. But to those that have been around for a while, the announcement had an eerily familiar sound to it, and that sound was the echo of an organization called SPARC International. Formed 18 years ago to license the SPARC chip design to multiple vendors to ensure second sourcing for the hardware vendors that Sun hoped would adopt it, SPARC International seemed to be every bit as revolutionary for its time as Sun's new initiative does today. Motorola launched a somewhat similar group called 88open to support its own RISC chip design, and later IBM, Motorola and Apple launched the PowerOpen Association to promote the PowerPC. The Websites of the PowerOpen Association and 88open are long gone, and seem to have escaped even the WayBack Machine's reach. But SPARC International's site, looking very retro and neglected, can still be seen - at least for now."

Follow up on Mac botnets. An anonymous reader writes "Washingtonpost.com has an interesting follow up to skeptical claims as a result of a previous Slashdot story. Mac OS X systems have indeed been spotted in botnets, thanks largely to several worms going around that take advantage of Web-based applications running vulnerable PHP software. From the article: 'By leveraging this PHP flaw, the attackers were able to seed the Mac systems with several tools designed to turn them into drones for use in waging destructive distributed denial of service attacks.'

An anonymous reader wrote to mention a Washingtonpost.com article about an increase in attacks against IE users via a critical, unpatched flaw. The bug allows software to be downloaded to the vulnerable PC even if the only act the user takes is browsing to a web site. From the article: "[A] password-stealing program landed on the Windows PC belonging to Reaz Chowdhury, a programmer for Oracle Corp. who works out of his home in Orlando, Fla. Chowdhury said he's not sure which site he browsed in the past 24 hours that hijacked his browser, but he confirmed that the attackers had logged the user name and password for his company's virtual private network (VPN)."

OffTheLip writes "The US is planning to build a permanent lunar base which will support future visits to Mars. The living conditions on the moon presents a variety of challenges from medical to construction. Contingency planning would be critical but some feel the challenges presented on the moon will be less than Mars. The moon is closer to Earth, the atmosphere is less harsh and, unlike Mars, water does not exist. Is this the start of the next space race?"

anaesthetica writes "The Washington Post is carrying a story on a young man suspected to be the al-Qaeda hacker 'Irhabi 007'. From the article: 'Celebrated for his computer expertise, Irhabi 007 had propelled the jihadists into a 21st-century offensive through his ability to covertly and securely disseminate manuals of weaponry, videos of insurgent feats such as beheadings and other inflammatory material... The Internet has presented investigators with an extraordinary challenge. But our future security is going to depend increasingly on identifying and catching the shadowy figures who exist primarily in the elusive online world.'"

An anonymous reader writes "The Washington Post is running a pretty decent story about 'Shadowserver,' one of a growing number of volunteer groups dedicated to infiltrating and disabling botnets. The story covers not only how these guys do their work but the pitfalls of bothunting as well. From the article: 'Even after the Shadowserver crew has convinced an ISP to shut down a botmaster's command-and-control channel, most of the bots will remain infected. Like lost sheep without a shepherd, the drones will continually try to reconnect to the hacker's control server, unaware that it no longer exists. In some cases, Albright said, a botmaster who has been cut off from his command-and-control center will simply wait a few days or weeks, then re-register the domain and reclaim stranded bots.'"

An anonymous reader writes "Washingtonpost.com is running a story about a number of botnets and keylogger operations being controlled by Web-sites with point-and-click type front-end software interfaces. The sites mentioned in the story look like fairly slick PHP pages designed to sort through password data from keylog victims and update infected computers with new code or instructions. From the story: 'The hacking software also features automated tools that allow the fraudsters to make minute adjustments or sweeping changes to their networks of hacked PCs. With the click of a mouse or a drag on a pull-down menu, users can add or delete files on infected computers.'"

An anonymous reader writes "Washingtonpost.com is running a story about a number of botnets and keylogger operations being controlled by Web-sites with point-and-click type front-end software interfaces. The sites mentioned in the story look like fairly slick PHP pages designed to sort through password data from keylog victims and update infected computers with new code or instructions. From the story: 'The hacking software also features automated tools that allow the fraudsters to make minute adjustments or sweeping changes to their networks of hacked PCs. With the click of a mouse or a drag on a pull-down menu, users can add or delete files on infected computers.'"

An anonymous reader writes "Washingtonpost.com is running a story about a number of botnets and keylogger operations being controlled by Web-sites with point-and-click type front-end software interfaces. The sites mentioned in the story look like fairly slick PHP pages designed to sort through password data from keylog victims and update infected computers with new code or instructions. From the story: 'The hacking software also features automated tools that allow the fraudsters to make minute adjustments or sweeping changes to their networks of hacked PCs. With the click of a mouse or a drag on a pull-down menu, users can add or delete files on infected computers.'"

An anonymous reader writes "For the third straight year, the Department of Homeland Security -- which is charged with charting the federal government's cyber security agenda -- earned a grade of "F" for computer security from a key congressional oversight committee, according to a story at Washingtonpost.com. Not only did the overall government-wide computer security grade remain flat (at a barely-passing "D+" but several agencies -- mostly those on the "front lines in the war on terror" -- actually managed to fare worse this year."

WerewolfOfVulcan writes "The Washington Post is carrying an article about a disturbing Senate bill that could make it illegal to publicly disclose even the existence of US domestic spying programs (i.e. NSA wiretaps)." An aide to the bill's author assures us it's not aimed at reporters, but the language is ambiguous at best. From the article: "Kate Martin, director of the Center for National Security Studies, said the measure is broader than any existing laws. She said, for example, the language does not specify that the information has to be harmful to national security or classified. 'The bill would make it a crime to tell the American people that the president is breaking the law, and the bill could make it a crime for the newspapers to publish that fact,' said Martin, a civil liberties advocate."

An anonymous reader writes "Washingtonpost.com's Security Fix blog has an interesting post profiling the activities of a kid named Witlog who controls a botnet of roughly 30,000 hacked Windows PCs. Even after the authorities manage to shut down the network Witlog uses to control his bots, he pops up somewhere else. From the article: 'Witlog may in fact be the product of a new generation of script kiddiez; the chief distinguishing feature of this generation being that instead of using Web site flaws to deface as many Web sites as possible, these guys are breaking into thousands of home and work PCs and taking them for a virtual joyride, often times all the way to the bank.'"

An anonymous reader writes "Script kiddies have been taking advantage of intrusion prevention features of Symantec's Norton Firewall and Norton Internet Security Suites to knock users offline in IRC channels, according to an amusing post at Washingtonpost.com. From the article: 'Turns out that if someone types "startkeylogger" or "stopkeylogger" in an IRC channel, anyone on the channel using the affected Norton products will be immediately kicked off without warning. These are commands typically issued by the Spybot worm, which spreads over IRC and peer-to-peer file-swapping networks, installing a program that records and transmits everything the victim types (known as a keylogger).' Makes you wonder what other magic keywords produce unexpected results with Symantec's software."

An anonymous reader writes "The Washington Post is running an article about corporate blogging and the headaches that come with it. From the article: 'Like anonymous blogs supposedly written by employees of Microsoft Corp. and Wal-Mart Stores Inc., the BearingPoint blog is, in many ways, just like happy-hour conversations that employees are apt to hold after work. They gripe about inane training programs, grouse about absurd corporate policies and ruminate about management incompetence. But transferred to cyberspace, where the audience is global, the management headaches associated with such grumblings become instantly more severe.'"

A Washington Post article explores the problems facing the games industry in this year of console generation turnover and lackluster PC game sales. From the article: "There are other potential problems. The new-generation consoles look best when plugged into high-definition TV sets -- and it is not clear how many people will buy a new television just for the latest version of the Madden football game. And the cost of the new gaming systems continues to rise. Perhaps no question haunts the industry more at the moment than the mystery of when Sony's PlayStation 3 will come out and how much it will cost."

Slashback tonight brings some corrections, clarifications, and updates to previous Slashdot stories, including Google's reasoning behind rejecting the DoJ motion, more fodder for the Chinese censorship fire, one of last weeks "first computers" brought to life, the New York Times backs network neutrality, hard drive death dance tracks, Serenity enters the black, and the USPTO issues a final rejection in RIM patent case -- Read on for details.

Google's reasoning behind rejecting the DoJ motion. xandroid writes "Google's blog has an explanation of their response to the DoJ motion." They have also provided a link to the entire 25 page response [PDF] sent to the DoJ.

Chinese censorship continues to be a hot topic. Mercury News is running an interesting article about the recent scolding top tech companies received from Washington with regards to assisting in censoring the internet in China. However, the Washington Post also has an interesting article regarding a senior editor at the China Youth Daily who posted a 'blistering letter on the newspaper's computer system attacking the Communist Party's propaganda czars and a plan by the editor in chief to dock reporters' pay if their stories upset party officials.' And finally, Wikipedia remains blocked in China despite the continued efforts of fans to correct the problem.

1960's Digicomp toy computer back in production. Larry Groebe writes "With all the talk last week about "first computers" on Slashdot and around the net, I was surprised to see only one mention of the Digicomp. A group of us keep the memories alive on Yahoo's 'Friends of Digicomp' group, and one enterprising member has managed to reconstruct the computer and is now selling them again for the first time in three decades. Its' a nostalgia trip for some of us; an eye opener for people who never experienced it; and still carries more than a bit of educational value. After all, even in these days of MAKE magazine, how many other true build-it-from-scratch computer kits are there?"

New York Times backs network neutrality. joshdick writes "In a recent editorial, The New York Times voices strong support for legislation requiring network neutrality. From the article: 'Some I.S.P.'s are phone and cable companies that make large campaign contributions, and are used to getting their way in Washington. But Americans feel strongly about an open and free Internet. Net neutrality is an issue where the public interest can and should trump the special interests.'"

Hard drive death dance tracks. daithedragon writes "A while back Gizmodo awarded the prizes in a competition to make a dance tracks out of the recorded noises of hard drives dying."

Serenity enters the black. stuart1310 writes "According to sliceofscifi.com the DVD sales of Joss Whedon's Serenity have recently climbed out of the red and started making profit for Universal. Beware, these numbers are estimates and even if accurate we've still a sight to go before seeing Serenity on TV or in the theaters again. Here is to hoping we do."

USPTO issue final rejection in RIM patent case. tsalaroth writes "ABC News is reporting that the USPTO has officially rejected at least one of the patents in the Blackberry infringement case. From the article: 'The U.S. patent office on Wednesday issued its first of several anticipated final rejections of patents held by NTP Inc. related to Research in Motion's BlackBerry device, two days before a judge will hear arguments on an injunction on the wireless e-mail service.'"

Slashback tonight brings some corrections, clarifications, and updates to previous Slashdot stories, including Google's reasoning behind rejecting the DoJ motion, more fodder for the Chinese censorship fire, one of last weeks "first computers" brought to life, the New York Times backs network neutrality, hard drive death dance tracks, Serenity enters the black, and the USPTO issues a final rejection in RIM patent case -- Read on for details.

Google's reasoning behind rejecting the DoJ motion. xandroid writes "Google's blog has an explanation of their response to the DoJ motion." They have also provided a link to the entire 25 page response [PDF] sent to the DoJ.

Chinese censorship continues to be a hot topic. Mercury News is running an interesting article about the recent scolding top tech companies received from Washington with regards to assisting in censoring the internet in China. However, the Washington Post also has an interesting article regarding a senior editor at the China Youth Daily who posted a 'blistering letter on the newspaper's computer system attacking the Communist Party's propaganda czars and a plan by the editor in chief to dock reporters' pay if their stories upset party officials.' And finally, Wikipedia remains blocked in China despite the continued efforts of fans to correct the problem.

1960's Digicomp toy computer back in production. Larry Groebe writes "With all the talk last week about "first computers" on Slashdot and around the net, I was surprised to see only one mention of the Digicomp. A group of us keep the memories alive on Yahoo's 'Friends of Digicomp' group, and one enterprising member has managed to reconstruct the computer and is now selling them again for the first time in three decades. Its' a nostalgia trip for some of us; an eye opener for people who never experienced it; and still carries more than a bit of educational value. After all, even in these days of MAKE magazine, how many other true build-it-from-scratch computer kits are there?"

New York Times backs network neutrality. joshdick writes "In a recent editorial, The New York Times voices strong support for legislation requiring network neutrality. From the article: 'Some I.S.P.'s are phone and cable companies that make large campaign contributions, and are used to getting their way in Washington. But Americans feel strongly about an open and free Internet. Net neutrality is an issue where the public interest can and should trump the special interests.'"

Hard drive death dance tracks. daithedragon writes "A while back Gizmodo awarded the prizes in a competition to make a dance tracks out of the recorded noises of hard drives dying."

Serenity enters the black. stuart1310 writes "According to sliceofscifi.com the DVD sales of Joss Whedon's Serenity have recently climbed out of the red and started making profit for Universal. Beware, these numbers are estimates and even if accurate we've still a sight to go before seeing Serenity on TV or in the theaters again. Here is to hoping we do."

USPTO issue final rejection in RIM patent case. tsalaroth writes "ABC News is reporting that the USPTO has officially rejected at least one of the patents in the Blackberry infringement case. From the article: 'The U.S. patent office on Wednesday issued its first of several anticipated final rejections of patents held by NTP Inc. related to Research in Motion's BlackBerry device, two days before a judge will hear arguments on an injunction on the wireless e-mail service.'"

chris-chittleborough writes "When Beijing tried to make a journalist's pay at one newspaper depend on official reactions to their stories, a web-savvy reporter was able to create a groundswell of public opinion and reverse the move." From the article: "Just before the meeting, Li had posted a blistering letter on the newspaper's computer system attacking the Communist Party's propaganda czars and a plan by the editor in chief to dock reporters' pay if their stories upset party officials. No one told the editor in chief. For 90 minutes, he ran the meeting, oblivious to the political storm that was brewing. Then Li announced what he had done."

n.e.watson writes "The AP has run an article that addresses recent rumors on the internet about Apple Legal shutting down the OSx86 Project, with a statement from an OSx86 administrator. From the article: 'The OSx86 Project Web site stated Apple had served it with a notice on Thursday citing violations of the 1998 Digital Millennium Copyright Act, and the site was reviewing all of its discussion forum postings as a result. The site has always aimed to adhere to copyright laws and is working with Apple to ensure no violations exist, according to a statement by the site administrator.'"

Rick Zeman wrote to mention a Washington Post article about an incident at a Bethesda library. Two uniformed men from a Homeland Security detachment made an announcement stating that pornography was not acceptable viewing at the library. They then questioned a patron's choice of reading material. From the article: "A librarian intervened, and the two men went into the library's work area to discuss the matter. A police officer arrived. In the end, no one had to step outside except the uniformed men. They were officers of the security division of Montgomery County's Homeland Security Department, an unarmed force that patrols about 300 county buildings -- but is not responsible for enforcing obscenity laws."

An anonymous reader writes "The Washington Post is running a fascinating feature profiling a couple of botnet operators who make thousands of dollars each month installing adware on machines they infect. This is by far the most detailed examination of this issue I've seen so far -- and includes an interview with the CEO of 180Solutions, as well as interviews with some of the botmasters' victims. From the story: 'Most days, I just sit at home and chat online while I make money,' 0x80 says. 'I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days.' He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.'"

An anonymous reader writes "The Washington Post is running a fascinating feature profiling a couple of botnet operators who make thousands of dollars each month installing adware on machines they infect. This is by far the most detailed examination of this issue I've seen so far -- and includes an interview with the CEO of 180Solutions, as well as interviews with some of the botmasters' victims. From the story: 'Most days, I just sit at home and chat online while I make money,' 0x80 says. 'I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days.' He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.'"

An anonymous reader writes "The Washington Post is running a fascinating feature profiling a couple of botnet operators who make thousands of dollars each month installing adware on machines they infect. This is by far the most detailed examination of this issue I've seen so far -- and includes an interview with the CEO of 180Solutions, as well as interviews with some of the botmasters' victims. From the story: 'Most days, I just sit at home and chat online while I make money,' 0x80 says. 'I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days.' He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.'"

An anonymous reader writes "Washingtonpost.com has an article about the first successful tests of an Ebola vaccine on human subjects." From the article: "Nabel and colleagues at the NIH's Vaccine Research Center developed a vaccine made of DNA strands that encode three Ebola proteins. They boosted that vaccine with a weakened cold-related virus, and the combination protected monkeys exposed to Ebola. The first human testing looked just at the vaccine's DNA portion; the full combination will be tested later. At a microbiology meeting in Washington on Friday, Nabel and colleagues reported seeing no worrisome side effects when comparing six people given dummy shots with 21 volunteers given increasing doses of the DNA vaccine."

An anonymous reader writes "iDefense, a Verisign company, is offering $10,000 to any researchers who find and report to it information on a previously unknown Windows flaw for which Microsoft later issues a "critical" advisory, according to a story over at Washingtonpost.com. Not really surprising, considering that Russian hacking groups are now paying thousands of dollars for exploits that attack unpatched holes in Windows. From the article: "Details of the flaw must be submitted exclusively to iDefense by March 31. There is no limit on the number of prizes that can be paid: if five researchers find and report five different Windows flaws for which Microsoft later issues critical advisories, all five will get paid...iDefense will change the focus of the challenge with each quarter -- the next challenge may focus on another vendor, or it may just center on particular class of vulnerabilities.""

The Washington Post has a piece looking at the U.S. military's increased reliance on gaming for training the next generation of soldiers. From the article: "'The technology in games has facilitated a revolution in the art of warfare,' says David Bartlett, the former chief of operations at the Defense Modeling and Simulation Office, a high-level office within the Defense Department and the focal point for computer-generated training at the Pentagon. 'When the time came for [a solider in training] to fire his weapon, he was ready to do that. And capable of doing that. His experience leading up to that time, through on-the-ground training and playing 'Halo' and whatever else, enabled him to execute. His situation awareness was up. He knew what he had to do. He had done it before -- or something like it up to that point.'"

UnderAttack writes to tell us the Washington Post SecurityFix blog has an interesting article about a new and rather sophisticated phishing scheme. The email not only used the first few digits of the users card number to look more plausible (even though the first part of the number is the same for all cards), but it also used a valid SSL certificate for its domain name."

An anonymous reader writes "According to a story over at Washingtonpost.com, the latest definitions file for Microsoft's Anti-Spyware beta flags Symantec's Norton Antivirus products as a password-stealing trojan and prompts users to delete portions of the program. Users who follow the instructions hose their installation of Norton, requiring delicate Windows registry edits and a complete removal/reinstall of Norton. Microsoft's support forum is quickly filling up with complaints about this problem, many from businesses that have been pretty hard hit. This should be a cautionary tale about deploying beta products in production environments."

ILikeRed writes to tell us the Washington Post is reporting that Verizon is becoming much more vocal about internet firms using "their" lines to do business without paying extra. From the article: "The network builders are spending a fortune constructing and maintaining the networks that Google intends to ride on with nothing but cheap servers," Thorne told a conference marking the 10th anniversary of the Telecommunications Act of 1996. "It is enjoying a free lunch that should, by any rational account, be the lunch of the facilities providers." This, as lawmakers are approaching new legislation that could let telcos charge internet companies much more for the use of high speed connections.

An anonymous reader writes "Washingtonpost.com's Security Fix blog has published the results of a look back at three years worth of critical patches from Mozilla, and found that Mozilla typically ships updates for critical flaws in about three weeks, though in more than a third of the cases it pushed out a fix in ten days or less. The data comes just a few weeks after The Post published data from a similar study that found Microsoft averaged 130+ days to fix critical flaws. Slashdot also covered that study in a previous post."

An anonymous reader writes "Washingtonpost.com's Security Fix blog has published the results of a look back at three years worth of critical patches from Mozilla, and found that Mozilla typically ships updates for critical flaws in about three weeks, though in more than a third of the cases it pushed out a fix in ten days or less. The data comes just a few weeks after The Post published data from a similar study that found Microsoft averaged 130+ days to fix critical flaws. Slashdot also covered that study in a previous post."

An anonymous reader writes "Washingtonpost.com is running a story that looks at the total mess that the anti-virus companies made in naming the latest overhyped virus threat. According to the article, 'Blackworm' or the 'Kama Sutra worm' was the first major test of a new U.S.-government funded initiative to introduce some sanity into the virus-naming business. From the article: 'For most of [the antivirus vendors], this is like Esperanto: You can speak it if you want to, but everyone else is going to carry on babbling in their own native tongue, so it doesn't really matter.'"

pinkUZI writes "Apparently, the FBI is investigating reports of NASA Inspector General Cobb doing a poor job with safety inspections and 'retaliating against whistleblowers.' Complaints have been filed by current and former employees." From the article: "The complaints are being reviewed by the Integrity Committee of the President's Council on Integrity and Efficiency. The complaints describe efforts by Cobb to shut down or ignore investigations on issues such as a malfunctioning self-destruct procedure during a space shuttle launch at the Kennedy Space Center, and the theft of an estimated $1.9 billion worth of data on rocket engines from NASA computers."

dotc writes "After a bunch of sci-fi stories and rumors, now it looks like the future has become a reality -- a reliable, unbiased test using functional MRI brain scan to detect lying. The article author details a first-person account of undergoing the MRI 'deception task'. And the test is available now - use it to prove your innocence." From the article: "Laken said he's aiming to offer the fMRI service for use in situations like libel, slander and fraud where it's one person's word against another, and perhaps in employee screening by government agencies. Attorneys suggest it would be more useful in civil than most criminal cases, he said."

Ironsides writes "The Washington Post is reporting the the Bush Administration is planning to re-enrich spent nuclear fuel so that it can once again be used in nuclear reactors. Included in the plan is a proposal to take spent fuel from other countries and re-enrich it for use as well as domestic spent fuel. This would be a break with a policy set forth by President Carter in an attempt to discourage nuclear proliferation. Currently $250 Million as been proposed for FY 2007 to start developing the technology."

An anonymous reader writes "The Washington Post has an interesting article on what they label 'The Coming Tug of War Over the Internet. From the article: 'Do you prefer to search for information online with Google or Yahoo? What about bargain shopping -- do you go to Amazon or eBay? Many of us make these kinds of decisions several times a day, based on who knows what -- maybe you don't like bidding, or maybe Google's clean white search page suits you better than Yahoo's colorful clutter. But the nation's largest telephone companies have a new business plan, and if it comes to pass you may one day discover that Yahoo suddenly responds much faster to your inquiries, overriding your affinity for Google. Or that Amazon's Web site seems sluggish compared with eBay's.'" Seems like the idea of the 2-tier internet is really catching on with the market-droids.

Rick Zeman writes "The Washington Post is reporting that election officials in Florida have manipulated election results in controlled tests. From the article: 'Four times over the past year Sancho told computer specialists to break in to his voting system. And on all four occasions they did, changing results with what the specialists described as relatively unsophisticated hacking techniques. To Sancho, the results showed the vulnerability of voting equipment manufactured by Ohio-based Diebold Election Systems, which is used by Leon County and many other jurisdictions around the country.'"

Billosaur writes "C|Net has an article by Katharine Q. Seelye of The New York Times, which indicates that the Washington Post is having to close one of its blogs, due to 'too many personal attacks, profanity and hate mail directed at the paper's ombudsman.' It seems that Deborah Howell, the newspaper's ombudsman, wrote an article on the Jack Abramoff scandal which elicited a storm of protest and led to readers using profanity and making unprintable comments, which the paper had to take extra care in removing. This was apparently more based on the issue at hand, as the Post's other blogs have not experienced similar problems." What kind of precedent does this set for other mainstream news sites? What we'd consider a normal day around here has to look fairly intimidating to the average newspaper editor. Will this dissuade news sites from blogging in the future?

mikeisme77 writes "According to the Washington Post, Pixar Studios is in discussions with Disney for a possible merger/buy out. Disney would own Pixar in exchange for $6.7 billion worth of stock in the Walt Disney Corp. Speculation has also arisen that such a deal may lead to Steve Jobs earning a position on Disney's board of directors. He would likely become Disney's largest individual share holder. Further speculation sees Jobs using his new found power to leverage Disney into releasing more content to the iTunes media service." Details also available from the Time Magazine site. We touched on this issue near the end of last year as well.

An anonymous reader writes "Brian Krebs of the Washington Post has written about the recent spate of hijackings at Six Apart's popular LiveJournal service. Hundreds of journals have now been taken over by a notorious group called 'Bantown' using a series of complicated cross-site-scripting vulnerabilities. Krebs details the recent security changes made by LiveJournal in response to the takeovers." From the article: "It is unclear whether LiveJournal has managed to close the security holes that the hackers claim to have used. The company says it has, but the hackers insist there are still at least 16 other similar JavaScript flaws on the LiveJournal site that could be used conduct the same attack. [Bantown] group members said they plan to turn their attention to looking for similar flaws at another large social-networking site. "

An anonymous reader writes "Washingtonpost.com is reporting from the 2nd annual Shmoocon hacker conference about the release of a previously undocumented vulnerability in Windows. The flaw takes advantage of a feature on Windows laptops that have wireless cards built-in. Security researcher Mark Loveless found that Windows laptops which cannot find a wireless connection are configured to broadcast the name of the last SSID they associated with. They assign themselves an ad-hoc 'link local' (think 169.254.x.x.) address, and an attacker can configure his machine to broadcast an SSID of the same name. Thus, the attacker associates with that 'network' and communicates directly with the victim's machine. The funny part from the Post blog entry is that Microsoft helped author the RFC for link local."

An anonymous reader writes "A look back at the last three years of security patches from Microsoft shows Redmond is taking at least 25 percent longer to issue patches for "critical" vulnerabilities, now averaging around 135 days to issue a fix. The exception appears to be with "full disclosure" flaws, for which Redmond issued fixes in an average of 46 days last year."

An anonymous reader writes "Researchers have found several security holes in Blackberry handheld devices and the servers that power them, according to a story at Washingtonpost.com. The research points out serious flaws in the BlackBerry server, which could be exploited by convincing Blackberry handheld users to click on an image file attachment. From the article: 'Lindner's slides from his presentation -- which he agreed not to release until RIM has fully fixed this problem -- show that the Blackberry server which manages all of the encryption keys needed to unscramble e-mail traffic to and from all Blackberry devices registered on the network stores them on a Microsoft SQL database server in plain, unencrypted text. Lindner found that by convincing a Blackberry user to click on a special image attachment, that handheld device could be made to pass on malicious code to the Blackberry server, which could then be taken over and used to intercept e-mails or as a staging point for other attacks within the network.'"

An anonymous reader writes "Marriott International has admitted that it is missing backup computer tapes containing credit card account information and the Social Security numbers of about 206,000 time-share owners and customers, as well as employees of the company." From the Washington Post story: "Officials at Marriott Vacation Club International said it is not clear whether the tapes, missing since mid-November, were stolen from the company's Orlando headquarters or whether they were simply lost. An internal investigation produced no clear answer. The company notified the Secret Service over the past two weeks, and has also told credit card companies and other financial institutions about the loss of the tapes."

An anonymous reader writes "Security researchers uncovered nearly 5,200 software vulnerabilities in 2005, almost 40 percent more than the number discovered in 2004, according to Washingtonpost.com. From the article: 'According to US-CERT...researchers found 812 flaws in the Windows operating system, 2,328 problems in various versions of the Unix/Linux operating systems (Mac included). An additional 2,058 flaws affected multiple operating systems.'"

scottott wrote to mention a Washington Post article with the news that the security hole we mentioned on Wednesday has widened. Computers can now be infected just by visiting infected web sites, or looking at images in the preview panel of older versions of Outlook. From the article: "At first, the vulnerability was exploited by just a few dozen Web sites. Programming code embedded in these pages would install a program that warned victims their machines were infested with spyware, then prompted them to pay $40 to remove the supposed pests. Since then, however, hundreds of sites have begun using the flaw to install a broad range of malicious software. SANS has received several reports of attackers blasting out spam e-mails containing links that lead to malicious sites exploiting the new flaw, Ullrich said."

An anonymous reader writes "...All 123 pages of it. Public comment period runs thorough February 27th, so if you're thinking of joining the latest class of jet-setters, better get your opinions in now. The FAA mentions the possibility of incorporating the "no-fly" list of the TSA into security requirements for space travel."

woodchuck writes "Washington Post reports that another Windows hole has been found and exploit code is now running lose that makes swiss cheese of current patches and security measures. From the article: "Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied. Anti-virus company Symantec warned of the new exploit, which it said uses a vulnerability in the way Windows computers process certain image files (Windows Meta Files, or those ending in .wmf). Symantec said the exploit is designed to download and run a program from the Web that downloads several malicious files, including tools that attackers could use to control vulnerable computers via IRC.""