- VoIP attacks in Australia lead to huge bills for victims, Slashdot
- Malware forces Firefox to save passwords, The Register
- HTML5 draws concerns over risks to privacy, Slashdot
- Using location tracking to help fight identity theft, ReadWriteWeb
- Another study revealing poor password practices, Slashdot
- Microsoft patches a record 49 security vulnerabilities, Krebs on Security
- Facebook rolls out security changes, ReadWriteWeb
- Java update closes 29 security holes, Krebs on Security
- Vulnerabilities in Xpdf affect several open source products, The H
- Microsoft looks to courts for botnet takedowns, Slashdot
- Home WiFi network security failings exposed, Slashdot
- New site aims to be iTunes for exploit info, code, Slashdot
- Google rolls out phishing URL alerts for admins, The Register
- Bjarne Stroustrop reflects on 25 years of C++ , Slashdot
- Wikileaks donations account shut down, Slashdot
- FCC approves changes to cable box rules
Slashdot links to a post at Hillicon Valley discussing this latest news in a long standing fight for competition and consumer choice. I can’t help but think that if the FCC, or Congress, had worked to keep DRM out of our media stack, as its embedding in the HDMI connector standard, that there would be less of a need for pushing Cablecard. On the flip side, with the first Google TV devices coming out, this could open the way to smarter set top devices being able to integrate much more seamlessly into our media ecosystem than ever before.
- French government may subsidize music downloads
There isn’t much more detail in the article to which Slashdot links, especially as to the detailed reasoning. This is an anti-piracy move but once the vouchers are spent, the effective prices will rise returning everything back to where it was. I’ll give them credit for trying but a more thorough shift is required, one that incents labels as much as young people to meet over legitimate online distribution sites.
- Blocker bugs snarl next Firefox 4 beta release, The H
- Firefox 4 beta for mobile devices
Ryan Paul at Ars Technica has a good run down of both improvements in the latest release of Fennec, now just simply referred to as Firefox 4, as well as the remaining challenges for the mobile version of Mozilla’s browser to stack up well against other mobile browsers. Still trying to get my hands on 4-5 inch Android MID for, among other things, testing these mobile builds my own self.
- Interactive fiction on an e-reader
Tim Carmody at Wired provides what I think is the most compelling reason to get a dedicated e-reader yet, the ability hacked together by some gamers to play interactive fiction. Carmody calls out the one downer that occurred to me too, the pain of entering text on some of these devices. All the same, it definitely is a good match in terms of display capabilities and processing power. Well, and it’s intensely nerdy fun.
- Caught spying, FBI wants its bug back, Wired
- Software evolution storylines, inspired by xkcd, Slashdot
- CBC bans use of Creative Commons music on podcasts
Michael Geist links directly to the discussion in the comments at the Spark site. He also explains that it is a consequence of some collective agreement with talent agencies. It is easy to speculate that this is specifically targeting CC but I suspect that it may be mere boiler plate language that includes exclusivity as part of the deal which would preclude any other licenses, not just CC. Still, how quickly do you think the parties involved might backpedal?
- A step closer to workable brain-computer interfaces, Technology Review
Slashdot links to this now concluded contest that sort of reminds me of the demo scene in terms of the constraint to bum down code as much as possible. The results are a bit more diverse, including many interactive games as well as passive animations. More so than a lot of recent and fairly contrived “HTML5” demos, the finalists in JS1K really showcase what modern browsers can do.
- Firefox Home adding more devices, social capabilities
Chris Cameron at ReadWriteWeb shares news of Mozilla’s plans for their Sync client for iPhone. Personally, I cannot wait to get an Android powered replacement for my iPod Touch and start running Fennec, their full mobile browser, but in the interim I’m happy that Home is getting such attention from the lizard wranglers. I especially cannot wait for the password sync support planned for a future release.
- Congress passes internet, smart phone accessibility bill, Washington Post
- Update to private cloud-based file system, Tahoe-LAFS, BoingBoing
- Android software piracy rampant, Slashdot
- A Review of Jason Scott’s “Get Lamp”
Text adventure games figured largely in my earliest experiences of computers. It was a no brainer for me to pick up a copy of Scott’s documentary on the subject. I enjoyed it immensely and am far from finished exploring all the material he has included in the two disc set. Jeremy Reimer at Ars Technica has a glowing review that resonates very strongly with my own experience of the work.
- EFF, others, support Microsoft in case trying to make patent invalidation easier, EFF
- Open HDCP software implementation released
Ars Technica, among others, has news of researchers using the recently leaked HDCP keys to build an open source program capable of decrypting encoded digital video streams. Peter Bright questions the utility of the effort as it would still require some sort of hardware to connect into your home media ecosystem. I think the overlooks the very strong tradition of these sorts of proofs of concept developed by security researchers interested in the system more so than its applications.
- Behind the scenes and inside workings of a CERT, Slashdot
- Microsoft investigates IE CSS XSS flaw, Ars Technica
- Safari, Firefox updates close critical holes, The Register
- The long term effects of snake oil security products, Slashdot
- Apple plugs drive by flaws in Safari, Zero Day
- Mozilla fixes DLL vulnerability in Firefox on Windows, Zero Day
- Firefox 3.6 update fixes click-jacking vulnerability, The H
- How Firefox 3.6 protects against click-jacking, Mozilla
- Adobe Reader zero day flaw under active attack, The Register
- PDF exploit bypasses protective measures, Zero Day
- DHS cybersecurity group misses over a thousand holes in its own network, Wired
- Django update fixes XSS flaw, The H
- New German ID card turns out to be hackable, Schneier on Security
- Apple patches FaceTime redirect security hole, Zero Day
- Security flaws persist in Cisco’s wireless LAN controller, Zero Day
- Microsoft advises of 13 vulnerabilities, patches 9, Zero Day
- What you need to know about malvertising, ReadWriteWeb
- New email worm in the wild, Slashdot
- Another Android SMS trojan, The Register
- JaegerMonkey now in Firefox nightly builds, ReadWriteWeb
- Google moves beyond map/reduce for new index system
The Register has some surprisingly good crunchy technical detail on how and why Caffeine works they way it does. If BigTable is similar to the other, large scale post-relational databases I’ve been exploring, then the transition makes sense to accomplish the goal of faster, more accessible updates to the index. I am eager to see the promised research paper when that is available.
- Original Navajo Code Talker and code developer dies at 91, BoingBoing
- Pirate Party leaks EU surveillance plan, Slashdot
- More research on alternate topologies for the internet, Ars Technica
- Darpa project aiming at child equivalent intelligence in AI
As Katie Drummond at Wired explains, their plan from there is to instruct such a software agent consistent with how we do our own children. It makes a certain amount of sense, in terms of a more tractable goal and leveraging learning capabilities that might be augmentable once running.
- Online censorship as a trade barrier, Google
I am back from Dragon*Con but thoroughly wiped out. It looks like I will return to my usual blogging routine tomorrow. For now, here are some more links.
- Gnu debugger adds D language support, The H
- Pirate Bay down, police raids across Europe, TorrentFreak
- Wikileaks caught in Swedish police raids, The Register
- Separating hope from hype in quantum computing, Slashdot
- NSA director says US must secure the internet, Slashdot
- Google, Yahoo come together on OpenID, ReadWriteWeb
- ACLU sues over warrantless laptop border searches, Wired
- Firefox 4 beta 5 is out, Mozilla
I am still on the road, returning from Dragon*Con in Atlanta. There four more hours between me and DC, which will be tackled tomorrow, bright and early. My blogging should return to normal either tomorrow or Wednesday.
- Mozilla Bespin renamed Skywriter, The H
- Google to simplify its privacy policies, New York Times
- Brazil considering legalizing file sharing, Slashdot
- Mozilla starts culling Firefox 4 features to focus release, The H
- Programming knowledge that is more useful to know earlier rather than later, Slashdot
- Cheap, portable 3D printer, Boing Boing
I should have posted these yesterday, going by my usual schedule. Being on hiatus from the podcast is disrupting my usual force of habit though.
- phpMyAdmin updates close vulnerabilities
- Anti-virus products struggling against more recent styles of exploits
- More details on DLL load hijacking
- Microsoft confirms DLL load hijacking flaw
- ATM makers patch flaws demonstrated at Black Hat
- OpenSSH 5.6 arrives
- A convention for those who author malware
- Private info of 126K students exposed online
- Windows DLL vulnerability exploit in the wild
- Testing Android anti-malware apps
- Apple patches 13 OS X vulnerabilities
- Critical security holes in Adobe Shockwave
- Single botnet responsible for 40% of spam on the net
- Many hackers inadvertently send malware code to Microsoft
- Researchers cripple botnet
- VLC 1.1.4 fixes Windows DLL vulnerability
- Firefox adds support for HTTP strict transport security
This is news cast 223, an episode of The Command Line Podcast.
In the intro, an obligatory reminder there will be no new shows on the 29th, the 1st and the 5th because of Dragon*Con. Also, if you are in the north west of the UK, check out U^3 an UnWorkShop being held the 28th of August.
This week’s security alerts are a Firefox bug bypasses URL protection for embedded frames and an old Linux Kernel flaw allows exploits to acquire root privileges.
In this week’s news the end of privacy, a new probabilistic processor design, a thirty year old crypto system is resistant to quantum cryptanalysis, and privacy concerns (among others) over Facebook’s new Places feature. The EFF already has a guide to protecting your privacy against it.
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.