Slashdot Mirror

The RIAA isn't just suing tens of thousands of music consumers; they've also begun filing lawsuits naming the directors of and investors in tech companies that they believe contribute to copyright infringement. NewYorkCountryLawyer writes: "ZDNet urges the big recording industries to stop suing tech investors, and cites the draft legislation that I posted, which would immunize from secondary copyright infringement liability any work done by a director in 'his or her capacity as a member of the board of directors or committee thereof,' and any conduct by an investor based solely upon his or her having 'invested in any such corporation, including any oversight, monitoring, or due diligence activities in connection therewith.'"

Hodejo1 writes "On the old Perry Mason TV shows, it was a common sight to see someone burst into the crowded courtroom at a dire moment and confess aloud that they, not the defendant, killed so-and-so. In reality, courts do not allow evidence to enter trial without a chance for the opposing council to view it and for a judge to rule on their admissibility. Yet, in the fifth day of the Pirate Bay trial, lawyers for the prosecution again tried to sneak in surprise evidence while questioning defendants. The judge put his foot down this time, telling lawyers for the state, 'If you have documents which you eventually plan to use, you need to hand them over now.' The prosecution continues to struggle in court. In one humorous moment, prosecutor Håkan Roswall tried to show how 'hip' he was with technology when he questioned defendant Peter Sunde. 'When did you meet [Gottfrid] for the first time IRL?' asked the Prosecutor. 'We do not use the expression IRL,' said Peter, 'We use AFK.' The defendants are not out of the woods yet. Lawyer and technology writer Richard Koman wonders aloud if the Pirate Bay's 'I-dunno' defense is all that much better."

nickull writes "Microsoft is tracking incompatible Web sites for its upcoming Internet Explorer 8 browser and has posted a list that now contains about 2,400 names — including Microsoft.com. Apparently, even though Microsoft's IE8 team is doing the 'right' thing by finally making IE more standards-compliant, they are risking 'breaking the Web' because the vast majority of Web sites are still written to work correctly with previous, non-standards-compliant versions of IE."

Windows Secrets writes "After two straight years of taking dead aim at Macbooks and Windows-powered machines, hackers at this year's CanSecWest conference will have shiny new targets: Web browsers and mobile phones. According to CanSecWest organisers, there will be two separate Pwn2Own competitions this year — one pitting hackers against IE8, Firefox 3 and Safari and another targeting Google Android, Apple iPhone, Nokia Symbian and Windows Mobile."

mjasay writes "The US Department of Defense, which has been flirting with open source for years as a way to improve software quality and cut costs, has finally burst the dam on Defense-related open-source adoption with Forge.mil, an open-source code repository based on Sourceforge. Though it currently only holds three projects and is limited to DoD personnel for security reasons, all code is publicly viewable and will almost certainly lead to other agencies participating on the site or creating their own. Open source has clearly come a long way. Years ago studies declared open source a security risk. Now, one of the most security-conscious organizations on the planet is looking to open source to provide better security than proprietary alternatives."

An anonymous reader writes "Google has unofficially announced the GDrive by source code. In an in-direct way, Google has publicly advertised the new, much-anticipated online storage drive called the GDrive. If you take a look at the source code of some javascript within the Google Pack, you will clearly see the GDrive referenced. The code categorizes the GDrive as an 'Online file backup and storage' device. It also provides the following descriptions; 'GDrive provides reliable storage for all of your files, including photos, music and documents' and 'GDrive allows you to access your files from anywhere, anytime, and from any device — be it from your desktop, web browser or cellular phone.'"

nandemoari writes "After flirting with open source development for some time, Microsoft has made another step towards real commitment with the release of source code for Web Sandbox, a program used to test and secure web site content. The Sandbox source code will be released under the Apache 2.0 license, an open source license agreement allowing the content creator to maintain copyright while permitting others to develop the product for their own use. Microsoft has gradually been increasing their involvement with the Apache Software Foundation (ASF) since 2008 when they agreed to fund development of certain ASF initiatives."

overheardinpdx writes "I'm sad to report that longtime HPC technology pundit Roland Piquepaille (rpiquepa) died this past Tuesday. Many of you may know of him through his blog, his submissions to Slashdot, and his many years of software visualization work at SGI and Cray Research. I worked with Roland 20 years ago at Cray, where we both wrote tech stories for the company newsletter. With his focus on how new technologies modify our way of life, Roland was really doing Slashdot-type reporting before there was a World Wide Web. Rest in peace, Roland. You will be missed." The notice of Roland's passing was posted on the Cray Research alumni group on Linked-In by Matthias Fouquet-Lapar. There will be a ceremony on Monday Jan. 12, at 10:30 am Paris time, at Père Lachaise.

An anonymous reader writes "ZDNet's Adrian Kingsley-Hughes tested the latest Win7 build against XP and Vista and came to a surprising conclusion: Win7 performs better than the other 2 OSs in the vast majority of the 23 tasks tested. Even installation. 'Rather than publish a series of benchmark results for the three operating systems (something which Microsoft frowns upon for beta builds, not to mention the fact that the final numbers only really matter for the release candidate and RTM builds), I've decided to put Windows 7, Vista and XP head-to-head in a series of real-world tests...'" This review shows only a 1-2-3 ranking for each test, so there's no sense of the quantitative level of improvement.

The other A. N. Other writes "It seems that Microsoft couldn't keep the lid on Windows 7 beta 1 until the new year. By now, several news outlets have their hands on the beta 1 code and have posted screenshots and information about this build. ZDNet's Hardware 2.0 column says: 'This beta is of excellent quality. This is the kind of code that you could roll out and live with. Even the pre-betas were solid, but finally this beta feels like it's "done." This beta exceeds the quality of any other Microsoft OS beta that I've handled.' ITWire points out that this copy has landed on various torrent sites, and while it appears to be genuine, there are no guarantees. Neowin has a post confirming that it's the real thing, and saying Microsoft will be announcing the build's official availability at CES in January."

silent wire writes "ZDNet is reporting on a pre-patch security advisory from Microsoft warning about an unpatched remote code execution vulnerability affecting its SQL Server line. Exploit code is publicly available so affected users should pay special attention to the workarounds from Microsoft."

phantomfive writes "The patent office has released some patent filings by Apple which indicate that the company is working on a 3D desktop of some sort. They call it a multi-dimensional desktop, according to the patent filing." There's also some commentary at ZDNet; both stories link to a detailed run-down at AppleInsider.

The Other A.N. Other writes "How does the latest build of Windows 7 stack up against Windows Vista? The answer seems to be very well if the benchmarks run by ZDNet are anything to go by. If Microsoft keeps up the good then Windows 7 should be head and shoulders better than Vista. 'What we have here is one set of data points for one particular system, but I think that the results are very promising. The fact that Windows 7 comes out on top in three out of four of these tests at this early stage is very promising indeed. The boot time and PCMark Vantage results are particularly good.'"

jazir1979 writes "ZDNet is reporting that Oracle has added code to the Linux kernel for ensuring data integrity. The code has been developed in partnership with Emulex and was recently accepted into the 2.6.27 kernel release." According to the article, "The code adds metadata to data at rest or in transit, to monitor whether that data has been corrupted. It helps make sure that I/O operations are valid by looking at that metadata — which acts as verification information — exchanged during data transmissions."

yaksha writes "Intel said on Wednesday that it has completed the development phase of its next manufacturing process that will shrink chip circuits to 32 nanometers. The milestone means that Intel will be able to push faster, more efficient chips starting in the fourth quarter. In a statement, Intel said it will provide more technical details at the International Electron Devices Meeting next week in San Francisco. Bottom line: Shrinking to a 32 nanometer is one more step in its 'tick tock' strategy, which aims to create a new architecture with new manufacturing process every 12 months. Intel is obviously betting that its rapid-fire advancements will produce performance gains so jaw dropping that customers can't resist."

Roland Piquepaille writes "University of Delaware (UD) scientists and engineers are currently working at the South Pole under very harsh conditions. This research team is one of the many other ones working on the construction of IceCube, the world's largest neutrino telescope in the Antarctic ice, far beneath the continent's snow-covered surface. When it is completed in 2011, the telescope array will occupy a cubic kilometer of Antarctica. One of the lead researchers said that 'IceCube will provide new information about some of the most violent and far-away astrophysical events in the cosmos.' The UD team has even opened a blog to cover this expedition. It will be opened up to December 22, 2008. I guess they want to be back in Delaware for Christmas, but read more for additional details and references, including a diagram of this telescope array built inside ice."

perlow (Jason Perlow of ZDNet) suggests that the current crop of netbooks might be missing the boat when it comes to getting maximum battery life and small-screen usability, and asks "Could Mac OS X iPhone or Google's Android be the key to mass adoption of the next generation of netbooks?" Android looks pretty nice, I admit, but so far I like having full-fledged Ubuntu on my own small computer. He's not the first one to think that the iPhone would be well-employed as the guts of an ultra-portable, though. (Note: it's only a model.)

perlow writes "Just how many books a year would you need to read before the cost of Amazon's Kindle is justified? The answer is not so cut-and-dried. If you're a college student and all of your texts were available on Kindle (possible but unlikely), you could recover the cost of the reader in a semester and a half. For consumers to break even with Kindle's cost in that time, they would have to be in the habit of buying and reading four new hardback books per month — if the convenience factor wasn't part of the equation. At two books per month, breakeven would be in three years." Here is the spreadsheet if you want to play with the numbers.

perlow writes "Just how many books a year would you need to read before the cost of Amazon's Kindle is justified? The answer is not so cut-and-dried. If you're a college student and all of your texts were available on Kindle (possible but unlikely), you could recover the cost of the reader in a semester and a half. For consumers to break even with Kindle's cost in that time, they would have to be in the habit of buying and reading four new hardback books per month — if the convenience factor wasn't part of the equation. At two books per month, breakeven would be in three years." Here is the spreadsheet if you want to play with the numbers.

pasokon writes "ZDNet reports on an Android bug in T-Mobile G1s with early versions of the firmware: 'When the phone booted it started up a command shell as root and sent every keystroke you ever typed on the keyboard from then on to that shell. Thus every word you typed, in addition to going to the foreground application would be silently and invisibly interpreted as a command and executed with superuser privileges. ... open the keyboard tray on your G1, ignore anything you see on the screen, and type these 8 keystrokes: (enter)-r-e-b-o-o-t-(enter). Poof, your phone will reboot.'"

CurtMonash writes "Barack Obama promised to appoint the United States' first Chief Technology Officer. Naturally, the blogosphere is full of discussion as to who that should be. I favor American Management Systems founder and former IRS Commissioner Charles Rossotti. Richard Koman thinks it should be one of the better state CTOs. John Doerr, going in a different direction, thinks it should be his partner Bill Joy. We can bandy names back and forth all month, but first a more fundamental question needs to be answered: What do we need most — a get-things-done CIO (Chief Information Officer), or a more visionary true CTO? I think it's a CIO, and based on his campaign statements it appears Obama agrees. Management of government IT is a huge, generally unsolved problem, and we need somebody deeply experienced to have a fighting chance. Of course, that doesn't preclude recruiting a visionary CTO in addition, but the highest priority is a CIO. What do you think?"

unassimilatible writes "As new features of Windows 7 continue to trickle out, ZDNet is now reporting that it will scale to 256 processors. While one has to wonder, like with Vista, how many of the teased features will actually make it into the final OS, I think we can all agree, 256 cores is enough for anybody." This Mark Russinovich interview has some technical details (Silverlight required).

dtjohnson writes "A Harvard law school professor has submitted arguments on behalf of Joel Tenenbaum in RIAA v. Tenenbaum in which Professor Charles Nesson claims that the underlying law that the RIAA uses is actually a criminal, rather than civil, statute and is therefore unconstitutional. According to this article, 'Nesson charges that the federal law is essentially a criminal statute in that it seeks to punish violators with minimum statutory penalties far in excess of actual damages. The market value of a song is 99 cents on iTunes; of seven songs, $6.93. Yet the statutory damages are a minimum of $750 per song, escalating to as much as $150,000 per song for infringement "committed willfully."' If the law is a criminal statute, Neeson then claims that it violates the 5th and 8th amendments and is therefore unconstitutional. Litigation will take a while but this may be the end for RIAA litigation, at least until they can persuade Congress to pass a new law."

Amazon has announced several major improvements to its EC2 service for cloud computing. The service is now in production (no longer beta); it offers a service-level agreement; and Windows and SQL Server are available in beta form. ZDNet points out that all this news is intended to take some wind out of Microsoft's sails as MS is expected to introduce its own cloud services next week at its Professional Developers Conference.

Lally Singh recommends a ZDNet piece predicting the imminent demise of RAID 5, noting that increasing storage and non-decreasing probability of disk failure will collide in a year or so. This reader adds, "Apparently, RAID 6 isn't far behind. I'll keep the ZFS plug short. Go ZFS. There, that was it." "Disk drive capacities double every 18-24 months. We have 1 TB drives now, and in 2009 we'll have 2 TB drives. With a 7-drive RAID 5 disk failure, you'll have 6 remaining 2 TB drives. As the RAID controller is busily reading through those 6 disks to reconstruct the data from the failed drive, it is almost certain it will see an [unrecoverable read error]. So the read fails ... The message 'we can't read this RAID volume' travels up the chain of command until an error message is presented on the screen. 12 TB of your carefully protected — you thought! — data is gone. Oh, you didn't back it up to tape? Bummer!"

palmsolo writes "Want to see the biggest and most in-depth review of the T-Mobile G1 Google Android device from a person who has been using it for a week? Check out over 260 photos and 5 videos of the device and just about every screen of the Google Android OS. Find out how well HTC, T-Mobile and Google did with this first-generation device." I played with one for a few minutes and found it a solid unit. It feels less polished than the iPhone, but the screen and keyboard are great. It'll be a real test of Open Source to see what happens with the iPhone App Store's closed system vs. Android's open one.

An anonymous reader writes "'According to an email sent out by Asus, PC Advisor reports, the Eee Box's 80GB hard drive has the recycled.exe virus files hidden in the drive's D: partition. When the drive is opened, the virus activates and attempts to infect the C: drive and any removable drives connected to the system.'"

On Friday someone posted a false rumor that Steve Jobs had suffered a heart attack on CNN's unverified citizen journalism site, iReport. Apple's stock price went vertical, losing 9% before Apple stepped in and denied the rumor; the stock then recovered most of its loss. The SEC is investigating. PCWorld looks at the hit taken by citizen journalism as a result of this incident. "[The] increasingly blurred line between journalism and rumor is a serious concern for Al Tompkins, the broadcast/online group leader at The Poynter Institute — a specialized school for journalists of all media forms. 'How could you possibly allow just anybody to post just anything under your [CNN] label unless you have blazing billboards that say, "None of this has been verified, we've not looked at any of this, we have no idea if this is true"?' he asks."

ruphus13 writes "Time-shifting via Tivo changed the way we consume television programming. Now, Open Source enters the fray. Roku, the streaming-media set-top box has decided to Open Source its software. Roku had received praise for its streaming solution, and was in the press recently for its deal with Netflix, allowing users to stream Netflix movies directly to the box. From the article, 'Roku will release an open source version of its software by the end of the year. The CEO says he's looking for deals with content providers to stream their products through his device, and hopes to sell a bunch of them as a result.'"

Shipment Date writes "ZDNet's Zero Day blog has some new information on what looks like a scary new browser exploit/threat affecting all the major desktop platforms — Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Opera and Adobe Flash. The threat, called Clickjacking, was to be discussed at the OWASP conference but was nixed at the last minute at hte request of affected vendors. From the article: 'In a nutshell, it's when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you.'"

jriding writes "The $222,000 verdict against Jammy Thomas for copyright infringement by P2P is no more. US District Court Judge Michael Davis dismissed the verdict, saying it was based on the faulty 'making available' theory of distribution."

isBandGeek() writes "After a few reasonable App Store bans, such as the ones on I Am Rich and NetShare, developers started complaining about excessive restrictions on applications like Podcaster and MailWrangler, supposedly because they provided 'duplicate functionality.' In response, Apple rubbed salt in their wounds by slapping non-disclosure agreements on application rejection notices. Now developers are not even allowed to tell their fanbase that Apple decided to withhold approval for an application. Is Apple confident that Google's open platform Android won't be much of a threat?"

fetusbear writes with a ZDNet story that says "'Microsoft and Cray are set to unveil on September 16 the Cray CX1, a compact supercomputer running Windows HPC Server 2008. The pair is expected to tout the new offering as "the most affordable supercomputer Cray has ever offered," with pricing starting at $25,000.' Although this would be the lowest cost hardware ever offered by Cray, it would also be the most expensive desktop ever offered by Microsoft."

hansoloaf writes "The NY Times is running an article about a business, Sourcetool.com that seem to be in a sort of a doghouse with Google. Initially Sourcetool uses AdWords to help build up its business. The business centers around providing links for business that sell industrial products. The owner, Dan Savage, explains in detail how Google over time used its AdWords bidding system to limit or reduce Sourcetool's ranking and revenue because the site's landing page is not 'googly' enough. Savage wrote a letter to the Justice Department as they are reportedly looking into Google and Yahoo's proposed deal." The article is nuanced in its observations about the complexity and ambiguity of anti-trust law. Even if Sourcetool and similar businesses aren't "Googly" — which is a Google proxy for "what the customer wants to see in search results" — should Google be able to pick winners and losers among industries and business models?

AC Dude writes "Will an anti-DRM flash mob that's determined to give EA's latest sim game Spore a rock bottom rating on Amazon.com sink the game, or will Spore evolve and shed the DRM? Is this the beginning of the end for DRM-laden games? 'Over the past few years we've focused a lot on the music industry and how it has attempted to use DRM to control distribution. While DRM in this market segment has been unpopular, anti-DRM campaigns have largely fallen flat when it comes to attracting widespread public attention because of the fragmented nature of music. Games are a much easier target given the monolithic nature of their release — campaigners only need to spread the word on a handful of specific online outlets to reach a wide audience. A quick read through the Amazon reviews of Spore seems to suggest that the negative comments are already putting people off from buying the game.'"

Much ink and many electrons are being spilled over Google's Chrome browser (discussed here twice in recent days): from deep backgrounders to performance benchmarks to its vulnerability to a carpet-bombing flaw. The latest angle to be explored is Chrome's end-user license agreement. It does not look consumer-friendly. "By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any content which you submit, post or display on or through, the services. This license is for the sole purpose of enabling Google to display, distribute and promote the services and may be revoked for certain services as defined in the additional terms of those services."

An anonymous reader notes that Microsoft has been granted a patent on "Page Up" and "Page Down" keystrokes. The article links an image of an IBM PC keyboard from 1981 with such keys in evidence. "The software giant applied for the patent in 2005, and was granted it on August 19, 2008. US patent number 7,415,666 describes 'a method and system in a document viewer for scrolling a substantially exact increment in a document, such as one page, regardless of whether the zoom is such that some, all or one page is currently being viewed.'... The company received its 5,000th patent from the US Patent and Trademark Office in March 2006, and is currently approaching the 10,000 mark."

Anti-Globalism points out an analysis of India's CAPTCHA-solving industry posted at ZDNet. It begins: "No CAPTCHA can survive a human that's receiving financial incentives for solving it, and with an army of low-waged human CAPTCHA solvers officially in the business of data processing while earning a mere $2 for solving a thousand CAPTCHAs, I'm already starting to see evidence of consolidation between India's major CAPTCHA solving companies. The consolidation, logically leading to increased bargaining power, is resulting in an international franchising model recruiting data processing workers empowered with do-it-yourself CAPTCHA syndication web based kits, API keys, and thousands of proxies to make their work easier and the process more efficient."

Tech Groupie writes "The US Computer Emergency Readiness Team (CERT) has issued a warning for what it calls 'active attacks' against Linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to gain root access. Once root access has been obtained, a rootkit known as 'phalanx2' is installed."

Support Code writes "ZDNet's Zero Day blog is reporting that a DNS server of one of China's largest ISPs has been poisoned to redirect typos to a malicious site rigged with drive-by exploits. The DNS poisoning attacks are affecting customers of China Netcom (CNC) and are using a malicious iFrame to launch exploits for known vulnerabilities in RealNetworks' RealPlayer, Adobe Flash Player and Microsoft Snapshot Viewer. In this interview with CNet, Dan Kaminsky confirms that attacks are definitely going on in the field."

bullyBEEF writes "Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks. In the Web attacks, which affect Mac, Windows, and Linux users running Firefox, IE, and Safari, bad guys are seizing control of the machine's clipboard (probably using the Flash command setClipboard) and inserting a hard-to-delete URL that points to a fake anti-virus program. A number of legitimate sites have been seen to host ads carrying the attack — including Newsweek, Digg, and MSNBC.com. Researcher Aviv Raff offers a harmless demo of how it's done."

perlow tips his blog entry over at ZDNet on why the Internet didn't melt when millions of users streamed 480i video for a week. The short answer is Limelight Networks of Tempe, Arizona. "[W]hy the Internet didn't 'melt' is quite simple — [Limelight is] completely 'off the cloud.' In other words, unlike Akamai and similar content caching providers, their system isn't deployed over the public Internet... Limelight has partnered with over 800 broadband Internet providers worldwide... so that the content is either co-located in the same facility as your ISP's main communications infrastructure, or it leases a dedicated Optical Carrier line so that it actually appears as part of your ISP's internal network. In most cases, you're never even leaving your Tier 1 provider to get the video."

ruphus13 writes "As the mobile space heats up, Sun has released the source code for Java Lightweight UI Toolkit under the GPL v2 license. ZDNet quotes Sun's senior director of embedded software saying, 'By creating LWUIT, Sun is reaffirming its commitment to the mobile development community and by open-sourcing the LWUIT code, we are enabling mobile developers to quickly and easily create rich, portable interfaces for their applications -- functionality that they have been requesting for some time.' Will Adobe follow suit?" Sun is also working on some fixes to holes in their mobile Java platform, which were discovered by a Polish researcher who demanded €20,000 to disclose the information.

Loopback writes "It appears that I'm not the only one waiting for my NetFlix movies. It seems they are being bitten in the rear by their home-grown proprietary inventory management system. 'Netflix has been facing shipping delays and outages in its distribution centers for the last two days and is fumbling to find a fix. The tab is roughly $1.8 million to $3.6 million in revenue a day.'"

doctorfaustus writes "I first picked this up in bits and pieces last week off Daily Rotation. A more in-depth story is available at ZDNet, which reports 'a week's worth of speculations around Russian Internet forums have finally materialized into a coordinated cyber attack against Georgia's Internet infrastructure. The attacks have already managed to compromise several government web sites, with continuing DDoS attacks against numerous other Georgian government sites, prompting the government to switch to hosting locations to the US, with Georgia's Ministry of Foreign Affairs undertaking a desperate step in order to disseminate real-time information by moving to a Blogspot account.' There is a question whether the computer work is being done by the Russian military or others. ZDNet's story offers further analysis of the attacks themselves and their origins. Some pretty good reporting." And reader redbu11 contributes the news that Georgia seems to be censoring access to all Russian websites, as confirmed by a Georgian looking glass/nslookup tool. The access is blocked on DNS level (Italy censored the Pirate Bay in the same way). Here are a couple of screenshots (in a language other than English) as of Aug 12th 5:40 pm: www.linux.ru nslookup — FAIL, www.cnn.com nslookup — OK.

ComputerWorld guy CWmike adds "In an intriguing cyberalliance, two Estonian computer experts are heading to Georgia to keep the country's networks running amid an intense military confrontation with Russia. Poland has lent space on its president's Web page for Georgia to post updates on its ongoing conflict with Russia. Estonia is also now hosting Georgia's Ministry of Foreign Affairs Web site."

An anonymous reader writes "In what seems to be a repeat of what happened in July, a few news sites have mentioned that there is evidence of a campaign against Georgia. For example, both the government's and the president's sites are inaccessible, among other official websites. For some analysis, the RBN Exploit blog demonstrates various traceroutes that have failed to several sites. They also claim that the RBN (Russian Business Network cyber-crime organisation) are behind the attacks, and that 'Many of Georgia's internet servers were under external control from late Thursday,' before the actual war began. Finally, according to this Twitter account of someone in Georgia (written in Russian), he claims that 'Russia has blocked access to Georgian websites from within Russia' (rough translation)."

Bridge to Nowhere writes "ZDNet is reporting that Microsoft will start sharing details on software vulnerabilities with security vendors ahead of Patch Tuesday under a daring new program aimed at reducing the window of exposure to hacker attacks. The new Microsoft Active Protections Program (MAPP) will give anti-virus, intrusion prevention/detection and corporate network security vendors a head-start to add signatures and filters to protect against Microsoft software vulnerabilities."

Various gadget/toy venues are writing about the Toyota Winglet, a diminutive Segway-like personal transporter. (Toyota took over Sony's robot division a year back.) It comes in three sizes and offers about a third the speed and a quarter the range of the Segway; on the upside, it charges in an hour vs. Segway's 10 hours. Wired writes: "The Winglet is the first gadget to duplicate the celebrated, and often mocked, navigation system of the Segway Transporter."

Almost Live writes "Oracle has released an out-of-cycle alert to offer mitigation for a zero-day exploit that's been posted on the Internet. The emergency workaround addresses an unpatched remote buffer overflow that's remotely exploitable without the need for a username and password, and can result in compromising the confidentiality, integrity, and availability of the targeted system." Whoever published the vulnerability and matching exploit code did not contact Oracle first.

perlow writes "While Solid State Drives are expensive and shouldn't be used exclusively for primary storage, they perform exceedingly well for things like MySQL databases, provided you tweak your kernel, BIOS, and filesystems accordingly. Here's a few tips to get excellent performance out of your new $500-$900 investment on a Linux system."