Slashdot Mirror

51mon writes "Austrian CERT used data from one of their authoritative DNS server to measure the rate at which the latest DNS patch (source port randomization) is being rolled out to larger recursive name servers. While about half the traffic (PDF) they receive is now using source port randomization, their data suggest that this is due to ISPs who roll out such fixes immediately. The rate of patching has fallen to disappointingly low levels since. If your ISP isn't patched, perhaps it is time to switch." After details of the DNS vulnerability leaked, researchers |)ruid and HD Moore released attack code; ZDNet's security blog has an analysis.

Bobfrankly1 writes "The FBI, IRS, and the Rocky Mountain Safe Streets Task Force are helping the US Marshals search for escaped 'Spam King' Edward 'Eddie' Davidson. He apparently jumped in a car with his wife, changed clothes at home, and hasn't been seen since." Update: 07/24 22:20 GMT by T : It seems that Davidson has been found, victim of a murder-suicide which also left two others dead.

Grablets writes "Using a link analysis algorithm similar to Google PageRank, researchers at the SANS Institute and SRI International have created a new Internet network defense service that rethinks the way network blacklists are formulated and distributed. The service, called Highly Predictive Blacklisting, exploits the relationships between networks that have been attacked by similar Internet sources as a means for predicting which attack sources are likely to attack which networks in the future. A free experimental version is currently available."

get_Rootin writes "That didn't take long. ZDNet is reporting that HD Moore has released exploit code for Dan Kaminsky's DNS cache poisioning vulnerability into the point-and-click Metasploit attack tool. From the article: 'This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.' Here's our previous Slashdot coverage."

Roland Piquepaille found news of research out of Portugal that has resulted in the first paper-based transistors (the original article is less informative than Roland's blog). More precisely, they've made the first field effect transistors (FET) with a paper interstrate layer. According to the research team, such transistors offer the same level of performance as 'state-of-the-art, oxide-based thin film transistors produced on glass or crystalline silicon substrates.' Possible applications include disposable electronics devices, such as paper displays, smart labels, bio-applications or RFID tags. The research will be published in IEEE Electron Device Letters in September.

An anonymous reader writes "Reverse engineering expert Halver Flake has recently mused on Dan Kaminsky's DNS vulnerability. Apparently his musings were close enough to the mark to cause one of the Matasano team, who apparently already knew of the attack, to publish the details on the Matasano blog in a post entitled 'Reliable DNS Forgery in 2008.' The blog post has since been pulled, but evidence of it exists on Google and elsewhere. It appears only a matter of time now before the full details leak." Reader Time out contributes a link to coverage on ZDNet as well.

Corrupt brings us a ZDNet column by Jeremy Allison, who says Linux could benefit from more "tough love" in order to improve its functionality and popularity. Excerpting: "As Elie Wiesel said, 'the opposite of love is not hate, it is indifference.' LinuxHater really doesn't hate Linux, despite the name. No one takes that much time to point out flaws in a product that they completely loathe and despise. The complaints are really cries of frustration with a system that just doesn't quite do what is desired (albeit well disguised). A friend pointed out to me that the best way to parse LinuxHaters blog is to treat it as a series of bug reports. A perl script could probably parse out the useful information from them and log them as technical bug reports to the projects LinuxHater is writing about. Deep down, I believe LinuxHater really loves Linux, and wants it to succeed."

Da'Man writes "The Psystar saga takes another series of turns. Not only is the website down but an examination of the suit filed by Apple shows that the Cupertino Goliath wants Psystar to recall all Open Computer and OpenServ systems sold by the company since April. It seems that Steve Jobs is out to totally sink Psystar and put an end to Mac clones."

Da'Man writes "The Psystar saga takes another series of turns. Not only is the website down but an examination of the suit filed by Apple shows that the Cupertino Goliath wants Psystar to recall all Open Computer and OpenServ systems sold by the company since April. It seems that Steve Jobs is out to totally sink Psystar and put an end to Mac clones."

Reader The other A.N. Other, among others, alerts us to the news that Apple has filed suit against Psystar, the unauthorized clonemaker. (We've been discussing Psystar from the start.) The suit alleges violation of Apple's shrink wrap license and trademarks, and also copyright infringement. News of the lawsuit, filed on July 3, first surfaced on a legal blog. There's speculation that the case has been sealed.

Talinom writes "ZDNet has an article sure to raise the hackles of any self-respecting geek. They report that housewives buying small laptops like the Asus EE are causing Linux usage for that demographic to spike. A reporter for Tech-On states that 'Retailers and contract manufacturers in Taiwan say that novice PC users there, like students and housewives, tend to buy the Linux version of the Eee PC701, while geeks go for Windows XP.'"

Earthweb passes along a ZDNet article which notes, "In partnership with indie security consultant Rich Mogull, Mozilla has launched a valuable Security Metrics Project that — we can only hope — could help to put an end to the silly notion that patch-counting helps to determine a product's security posture. The idea is to develop a metrics model that goes beyond simple bug counts to reflect accurately the effectiveness of secure development efforts and the relative risk to users over time. Mogull has released a spreadsheet (.xls) with a preliminary version of the model and Mozilla's Window Snyder is actively seeking feedback to make the project open and meaningful."

ruphus13 writes "Now that Gates has 'retired' from Microsoft, ZDNet is speculating that Microsoft will become much more Open Source friendly. From the article, 'We already see quite a different approach to dealing with OSS and OSS companies from Sam Ramji's group [which is] doing a great job in establishing dialog,' said Rafael Laguna, CEO of Open-Xchange and a former marketing exec at SUSE Linux. 'With Gates' departure, the only mammoth remaining is Ballmer. With him away in a near future, Microsoft will definitely open up. They have to.'" Microsoft could become the world's largest open source company; they've certainly made some concessions to it lately.

SecureThroughObscure writes "ZDNet Zero-Day blogger Nate McFeters has asked the question, 'Should vulnerabilities be treated as defects?' McFeters claims that if vulnerabilities were treated as product defects, companies would have an effective way of forcing developers and business units to focus on security issue. McFeters suggests providing bonuses for good developers, and taking away from bonuses for those that can't keep up. It's an interesting approach that if used, might force companies to take a stronger stance on security related issues."

eXchange writes "Well-known hacker Dino Dai Zovi has written an article at ZDNet discussing last week's discovery of a critical threat to Mac OS X, and another announcement of a Trojan horse exploiting this discovery. He suggests that Snow Leopard, or Mac OS X 10.6, should integrate more robust means of preventing malware attacks. Some of the suggestions he has include mandatory code-signing for kernel extensions (so only certified kernel extensions can run), sandbox policies for Safari, Mail, and third-party applications (so these applications cannot do anything to the system), and some lower-level changes, such as hardware-enforced Non-eXecutable memory and address space layout randomization."

snydeq writes "The Linux kernel development community has released a statement emphasizing the need for open source drivers. The statement, signed by 135 developers, is aimed at preventing future vendors from following the closed source path. One holdout cited is Nvidia. The Linux Foundation has also released a statement in support: 'The Linux Foundation recommends that hardware manufacturers provide open source kernel modules. The open source nature of Linux is intrinsic to its success. We encourage manufacturers to work with the kernel community to provide open source kernel modules in order to enable their users and themselves to take advantage of the considerable benefits that Linux makes possible.'"

SecureThroughObscure writes "Just a short time after Apple's recent acknowledgment of and patch for the Safari Carpet Bomb 'blended' IE flaw, Microsoft researcher Billy Rios shows that Safari is still useful in a blended attack, this time with Firefox 2/3. (ZDNet's Nate McFeters also spread the word.) Rios claimed that he is able to use Carpet Bomb, despite the recent patch, to steal arbitrary files from victims who also have Firefox 2/3 installed. Both Rios and McFeters pointed out that Apple, which took some heat for not originally patching, actually did a good job of addressing the issue, as the code execution angle was not originally understood (the details came out later). Rios is withholding details of the new attack vector until Apple has had time to patch or respond to this issue."

SecureThroughObscure writes "Just a short time after Apple's recent acknowledgment of and patch for the Safari Carpet Bomb 'blended' IE flaw, Microsoft researcher Billy Rios shows that Safari is still useful in a blended attack, this time with Firefox 2/3. (ZDNet's Nate McFeters also spread the word.) Rios claimed that he is able to use Carpet Bomb, despite the recent patch, to steal arbitrary files from victims who also have Firefox 2/3 installed. Both Rios and McFeters pointed out that Apple, which took some heat for not originally patching, actually did a good job of addressing the issue, as the code execution angle was not originally understood (the details came out later). Rios is withholding details of the new attack vector until Apple has had time to patch or respond to this issue."

SecureThroughObscure writes "Just a short time after Apple's recent acknowledgment of and patch for the Safari Carpet Bomb 'blended' IE flaw, Microsoft researcher Billy Rios shows that Safari is still useful in a blended attack, this time with Firefox 2/3. (ZDNet's Nate McFeters also spread the word.) Rios claimed that he is able to use Carpet Bomb, despite the recent patch, to steal arbitrary files from victims who also have Firefox 2/3 installed. Both Rios and McFeters pointed out that Apple, which took some heat for not originally patching, actually did a good job of addressing the issue, as the code execution angle was not originally understood (the details came out later). Rios is withholding details of the new attack vector until Apple has had time to patch or respond to this issue."

Roland Piquepaille writes "University of Michigan (U-M) researchers have developed an ultra low power microchip which 'uses 30,000 times less power in sleep mode and 10 times less in active mode than comparable chips now on the market.' It only consumes 30 picowatts in sleep mode, which means that a simple watch battery could power the chip for more than 200 years. Of course, this is not a processor for your next computer. It is designed for sensor-based devices such as medical implants, environment monitors or surveillance equipment. However, the design is very clever." Roland's blog has some more information, including a die picture of the chip, known as the Phoenix.

I Don't Believe in Imaginary Property writes "The folks at Kaspersky labs are turning to distributed computing to factor the RSA key used by the GPcode virus to encrypt people's files and hold them for ransom. There are two 1024-bit RSA keys to break, which should require a network of about 15 million modern computers to spend a year per key factoring them. Unfortunately, there appear to be no vulnerabilities in the virus' use of RSA, unlike some previous cases. Perhaps more interestingly, there's some debate over whether people should bother cracking it. After all, what if they were trying to trick us into factoring the key for a root signing authority? Besides, there's a more direct method of breaking the encryption: track down the people who wrote the virus and force them to talk."

Roland Piquepaille writes "In recent years, we have become increasingly dependent on applications using the Global Positioning System, such as railway control, highway traffic management, emergency response, and commercial aviation. But the American Geophysical Union warns us that we can't always trust our GPS gadgets because 'electrical activity in the... ionosphere can tamper with signals from GPS satellites.' However, new research studies are under way and 'may lead to regional predictions of reduced GPS reliability and accuracy.'" Roland's blog has useful links and a summary of a free introduction, up at the AGU site, to a special edition of the journal Space Weather with seven articles (not free) regarding ionospheric effects on GPS.

Roland Piquepaille writes "Many of today's underwater robots need to periodically come up to the surface to communicate with their human supervisors. But researchers at the University of Washington (UW) have developed a new kind of underwater vehicle. The 'Robofish' can work cooperatively with each other. 'The Robofish, which are roughly the size of a 10-pound salmon, look a bit like fish because they use fins rather than propellers.' According to the researchers, such robots 'could cooperatively track moving targets underwater, such as groups of whales or spreading plumes of pollution, or explore caves, underneath ice-covered waters, or in dangerous environments where surfacing might not be possible.' Further information and more pictures are also available for these autonomous fin-actuated underwater vehicles."

D Ninja writes "Yesterday, Google released Gmail Labs, which allows Gmail developers to decide what to include in the next feature releases of Gmail based on user feedback. As ZDNet has pointed out, essentially users are guinea pigs for these new features. Participants will vote on their favorite new features, and the ones that are voted the highest will stick around and the ones that are least popular will disappear." Reader physman_wiu points out an article at the BBC about the experiments on offer, writing: "Some of the features are really nice — like the option to use additional star icons, mouse gestures, and custom keyboard shortcuts. Others ... well, let's just say Old Snakey made it in."

Wormfan writes to share ZDNet's brief mention of and a link to "Apple's release of a ~250 page PDF of security best-practices and tips to protect Mac OS X Leopard clients. The guide is aimed at experienced users, Apple says, familiar with the Terminal application and its command-line interface."

ruphus13 takes us to ZDNet for an analysis of comments by Microsoft's Chief Software Architect, Ray Ozzie, about how open source is "much more potentially disruptive" to Microsoft's business strategy than Google. Ozzie also spoke about the future of Microsoft's search technology, which will develop with or without Yahoo. There is a related interview at OStatic with several Microsoft employees about how they view and interact with the open source community. The head of Microsoft's global open source and Linux team is quoted saying: "The other thing I think is missing is implementation of a basic principle of economic fairness. Thousands of developers have put very hard work into building software used by millions of people and companies, yet only a fraction of these developers are rewarded financially. Currently there are perfectly good projects that have been abandoned by their developers despite being used by large corporations. Subsequently the projects fall out of use. This is unnecessary waste that would often be prevented by making it easy for companies to pay the developers directly. I think it's important to solve this so that the sustainability of open source projects is improved."

sawky puck writes "Researchers at Secunia have flagged a 'highly critical' vulnerability in Samba, the widely deployed open-source software for networked file sharing and printing. Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an 'smb://' link) or by sending specially crafted packets to an 'nmbd' server configured as a local or domain master browser. This issue affects both Samba client and server installations."

Robellus writes "Security researchers have found evidence of a previously unknown Adobe Flash vulnerability being exploited in the wild. The zero-day flaw has been added to the Chinese version of the MPack exploit kit and there are signs that the exploits are being injected into third-party sites to redirect targets to malware-laden servers. From the article: 'Continued investigation reveals this issue is fairly widespread. Malicious code is being injected into other third-party domains (approximately 20,000 web pages) most likely through SQL-injection attacks. The code then redirects users to sites hosting malicious Flash files exploiting this issue.'"

SecureThroughObscure writes "Security researcher Robert 'RSnake' Hansen discusses numerous concerns with Google's new Google Health application, which aims to integrate user's medical records online. We discussed Google Health's opening to the public earlier this week. RSnake mentions that Google has found a loophole allowing them to provide this service without having to follow HIPAA regulations, which, combined with Google's track record of having numerous flaws leading to private information disclosure, draws serious concern. Security researcher Nate McFeters of ZDNet's Zero-Day Security Blog also commented on the article, mentioning several past vulnerabilities: ownership of content issues, Google Docs theft, a cross-domain hole, Google XSS, and a Google Picasa protocol handler issue leading to the theft of user images. He and fellow researcher Billy Rios disclosed these issues to Google, including the ability to steal GMail contact list information. McFeters says it's likely that similar unpatched bugs would allow an attacker to view medical records if a user was also using Google Health. Both McFeters and Hansen tend to agree that Google's vulnerability disclosure/notification is non-existent and really needs to be improved. Currently, Google does not report vulnerabilities it has fixed to its user base, for the obvious reason of trying to hide the fact that user data could have been stolen."

SecureThroughObscure writes "Security researcher Robert 'RSnake' Hansen discusses numerous concerns with Google's new Google Health application, which aims to integrate user's medical records online. We discussed Google Health's opening to the public earlier this week. RSnake mentions that Google has found a loophole allowing them to provide this service without having to follow HIPAA regulations, which, combined with Google's track record of having numerous flaws leading to private information disclosure, draws serious concern. Security researcher Nate McFeters of ZDNet's Zero-Day Security Blog also commented on the article, mentioning several past vulnerabilities: ownership of content issues, Google Docs theft, a cross-domain hole, Google XSS, and a Google Picasa protocol handler issue leading to the theft of user images. He and fellow researcher Billy Rios disclosed these issues to Google, including the ability to steal GMail contact list information. McFeters says it's likely that similar unpatched bugs would allow an attacker to view medical records if a user was also using Google Health. Both McFeters and Hansen tend to agree that Google's vulnerability disclosure/notification is non-existent and really needs to be improved. Currently, Google does not report vulnerabilities it has fixed to its user base, for the obvious reason of trying to hide the fact that user data could have been stolen."

SecureThroughObscure writes "Security researcher Robert 'RSnake' Hansen discusses numerous concerns with Google's new Google Health application, which aims to integrate user's medical records online. We discussed Google Health's opening to the public earlier this week. RSnake mentions that Google has found a loophole allowing them to provide this service without having to follow HIPAA regulations, which, combined with Google's track record of having numerous flaws leading to private information disclosure, draws serious concern. Security researcher Nate McFeters of ZDNet's Zero-Day Security Blog also commented on the article, mentioning several past vulnerabilities: ownership of content issues, Google Docs theft, a cross-domain hole, Google XSS, and a Google Picasa protocol handler issue leading to the theft of user images. He and fellow researcher Billy Rios disclosed these issues to Google, including the ability to steal GMail contact list information. McFeters says it's likely that similar unpatched bugs would allow an attacker to view medical records if a user was also using Google Health. Both McFeters and Hansen tend to agree that Google's vulnerability disclosure/notification is non-existent and really needs to be improved. Currently, Google does not report vulnerabilities it has fixed to its user base, for the obvious reason of trying to hide the fact that user data could have been stolen."

Roland Piquepaille writes "The St. Petersburg Times, Florida, reports that a well-known robot designer, Robin Murphy, a professor of computer science and engineering at the University of South Florida (USF), 'plans to add a heart to robot rescuers.' As says USF, the goal is to develop 'a robot that will be a companion to a person who may be trapped after a car crash or in building ruins following an earthquake, or someone pinned down by sniper fire.' As said Murphy, 'robots can provide not only a sense of being a 'buddy' by playing soothing music or providing other entertainment, the robot also can be the audio and video link between survivor and family.' Murphy will develop this robot with some money coming from Microsoft. But read more for additional references and a picture of Murphy with her robot rescuers."

SecureThroughObscure writes "Security blogger and researcher Nate McFeters blogged about a 0-day exploit affecting IE7 and IE8 beta on XP that was released by noted security researcher Aviv Raff. The flaw is a 'cross-zone scripting' flaw that takes advantage of the fact that printing HTML web pages occurs in the Local Machine Zone in IE rather than in the Internet Zone. Quoting McFeters's post: 'This is currently unpatched and in all of its 0-day glory, so for the time being, beware printing using the "print table of links" option when printing web pages.' McFeters and others will be presenting at Black Hat on the link between cross-site scripting and cross-zone. Rob Carter has been hitting this hard over at his blog, pointing out cross-zone weaknesses in Azureus, uTorrent, and the Eclipse platform."

Roland Piquepaille writes "The Times of London reports that seven robotic craft will compete in a race across the Atlantic Ocean in October 2008. One of them, 'Pinta the robot sailing boat,' has been designed at Aberystwyth University in Wales. Pinta is expected to sail for three months at a maximum speed of four knots (about 7.4 kph). Its designers hope the Pinta will become the first robot to cross an ocean using only wind power. This 150-kilogram sailing robot costs only $4,900. The transatlantic race will start between September 29 and October 5, 2008 from Portugal. The winner will be the first boat to reach a finishing line between the northern tip of St. Lucia and the southern tip of Martinique in the Caribbean. Here are additional details and links."

Roland Piquepaille writes "According to a Michigan State University (MSU) news release, 'Made-to-order isotopes hold promise on science's frontier,' nuclear physicists can now start a new career as isotope designers. These scientists can build specific rare isotopes to solve scientific problems and open doors to new technologies. The lead researcher says this approach has already given us the Positron Emission Tomography (PET) scan technology. He's now going further, saying that he wants to build objects 100,000 times smaller than the atomic nucleus. He calls this 'femtotechnology.' Also available are additional details and pictures of the tools used for this kind of research, picked from a 415-page design paper." Update: 05/11 14:30 GMT by SS: Readers have noted that the summary inaccurately portrays the scale of the 'femtotechnology.' The MSU researcher refers to "the capacity to construct objects on an even more minute scale, that of the atomic nucleus 100,000 times smaller."

Ian Lamont writes "Terrence Russell has outlined an interesting theory about what industry Apple intends to break into next. He points to games. Forget Pippin II, or an iMac gaming rig — he thinks the mobile realm is where Apple will make a big product push. It's not the first bit of speculation about Apple's renewed interest in gaming, but Russell's theory may have more legs, considering Apple's invitation to develop games on the iPhone SDK, its strong mobile product line, and a Apple trademark extension filed three months ago."

SecureThroughObscure writes "ZDNet Zero-Day security blogger Nate McFeters got an exclusive look at the Microsoft Blue Hat conference. This is an invite-only conference that few media get to attend, but apparently McFeters was brought in with co-worker Rob Carter to talk about some vulnerabilities they had discovered with a few product security teams in attendence, and was also asked to do a guest blog posting about the conference at the Microsoft Blue Hat blog. McFeters also included several pictures of the conference and after conference events."

SecureThroughObscure writes "ZDNet Zero-Day security blogger Nate McFeters got an exclusive look at the Microsoft Blue Hat conference. This is an invite-only conference that few media get to attend, but apparently McFeters was brought in with co-worker Rob Carter to talk about some vulnerabilities they had discovered with a few product security teams in attendence, and was also asked to do a guest blog posting about the conference at the Microsoft Blue Hat blog. McFeters also included several pictures of the conference and after conference events."

perlow writes "Using the free System Rescue CD you can perform bare-metal backups and restores of many types of computer systems. In this article, ZDNet columnist Jason Perlow explains the multi-step procedure in detail on an LVM-based system."

Roland Piquepaille writes "The California Energy Commission is funding a research effort named CAPPS, short for California AUAV Air Pollution Profiling Study. CAPPS will use autonomous unmanned aerial vehicles (AUAVs) to gather meteorological data as the aircraft fly through clouds over Southern California. The goal is to study smog and its consequences as well as better understand the sources of air pollution. The first flights started in April 2008 and data collection will continue until January 2009. But read more for additional references and photos of these autonomous unmanned aircraft."

Roland Piquepaille writes "Networks are used to represent the structure of complex systems, including the Internet or social networks, but often these descriptions are biased or incomplete. Now, researchers at the Santa Fe Institute (SFI) have shown that it's possible to extract automatically the hierarchical structure of networks. The researchers say their results 'suggest that hierarchy is a central organizing principle of complex networks, capable of offering insight into many network phenomena.' They also think that their algorithms can be applied to almost every kind of networks, from biochemical networks (protein interaction networks, metabolic networks or genetic regulatory networks) to communities in social networks. But read more for additional references and some pictures about hierarchical networks and their applications."

SecureThroughObscure writes tells us about a hack broken by MacOSRumors: you can get free Wi-Fi at Starbucks, Barnes & Noble, and other AT&T hotspots if you know how to set your browser's user agent string (trivial on Safari), and know a valid iPhone phone number. ZDNet blogger Nate McFeters gives some more details and links. This can't last.

An anonymous reader sends word that Microsoft Windows XP SP3, which had been scheduled to hit the Web today, was pulled back at the last minute. SP3 apparently broke a Microsoft application, Microsoft Dynamics Retail Management System. Their solution is to set up a filter to make sure that no system running the affected software will get automatically updated; once the filter is in place, SP3 will be released to the Web. A fix for the incompatibility will follow.

perlow writes "Yesterday, the Open Source community took an emotional hit when veteran Linux programmer Hans Reiser was convicted of first degree murder in the suspicious disappearing of his wife, Nina. While I won't go into the details of the case, as this has been covered extensively in the press, I would like to talk a little bit about how this verdict will impact the technology in play for file system dominance in our favorite Open Source operating system, Linux."

Roland Piquepaille writes "As you can guess, hardwired computer systems are much faster than general-purpose ones because they are designed to do a single task. But when they fail, they need to be totally reconfigured. This can be just a costly problem in a lab on Earth, but it can be vital in space. This is why a University of Arizona (UA) team is working with NASA to design self-healing computer systems for spacecraft. The UA engineers are working on hybrid hardware/software systems using Field Programmable Gate Arrays (FPGAs) to develop these reconfigurable processing systems. As the lead researcher said, 'Our objective is to go beyond predicting a fault to using a self-healing system to fix the predicted fault before it occurs.'"

evanbro writes "ZDNet is reporting on ksplice, a system for applying patches to the Linux kernel without rebooting. ksplice requires no kernel modifications, just the source, the config files, and a patch. Author Jeff Arnold discusses the system in a technical overview paper (PDF). Ted Ts'o comments, 'Users in the carrier grade linux space have been clamoring for this for a while. If you are a carrier in telephony and don't want downtime, this stuff is pure gold.'" Update: 04/24 10:04 GMT by KD : Tomasz Chmielewsk writes on LKML that the idea seems to be patented by Microsoft.

perlow writes "ZDNet blogger Jason Perlow and Centrify's Tom Kemp discover that 80 percent of all Microsoft server protocols are un-patented. What exactly then, did SAMBA license? Are Microsoft's patent and intellectual property threats simply the growls of a paper tiger?"

Roland Piquepaille writes "Researchers working for NASA's Lunar Reconnaissance Orbiter mission have discovered that the Earth's magnetic tail could be harmful to future astronauts. The moon stays inside Earth's 'magnetotail' for six days every month — during full moon. This can have consequences ranging from lunar 'dust storms' to strong electrostatic discharges, according to one researcher quoted by NASA in 'The Moon and the Magnetotail.' So far, this is pure speculation: no man has been on the moon when the magnetotail hits. As added the same scientist, 'Apollo astronauts never landed on a full moon and they never experienced the magnetotail.' But read more for additional details about how Earth's magnetotail could affect men on the moon."

Anonymous Coward writes "After 8 years of effort, InPhase Technologies is shipping the world's first holographic disk drive next month. They showed it at this week's NAB. With a 300GB 5.25" disk cartridge and a 50-year media life, the Tapestry 300r is aimed at the video and film archive market. They've been promising this thing for so long I'd given up hope that they'd ever ship it!"

Roland Piquepaille writes "Pacific Northwest National Laboratory (PNNL) researchers have used supercomputers to simulate how common ceramics could repair themselves after radiation-induced damages. This is an important discovery because 'materials that can resist radiation damage are needed to expand the use of nuclear energy.' These ceramics, which are able to handle high radiation doses, could improve the durability of nuclear power plants. They also might help to solve the problem of nuclear waste storage. But read more for additional references about how this research could improve nuclear safety."