Security Alerts for the Week Ending 8/29/2010

I should have posted these yesterday, going by my usual schedule. Being on hiatus from the podcast is disrupting my usual force of habit though.

Quick Security Alerts for Week Ending 3/14/2010

Shepard Fairey Comes Clean, SCO Eliminates McBride’s Job, and More

  • PulseAudio creator responds to criticism
    I don’t use PulseAudio myself but am well familiar with some of the common complaints. I am partly sympathetic to his explanations but think that at least some of the purpose for a framework like PA should be to better handle edge cases and errors to guide developers to more correct usage of the framework and anything it attaches to.
  • Picking apart the rhetoric of net neutrality opponents
    Art Brodsky of Public Knowledge has a good, if incensed, piece that de-constructs the rhetoric and even some of the influences of opponents to the FCC adoption network neutrality.
  • OpenBSD 4.6 released
    Another release from the operating system from which the wonderful security swiss army knife, OpenSSH, is ported. A good opportunity to support development of either or both of the OS and the network tool by purchasing a CD or some swag with the release artwork.
  • The truth about the Shepard Fairey copyright case
    Mike Masnick of Techdirt has the official press statement as well as some quick analysis. He may be right, that Fairey can still make a serviceable fair use defense but I cannot imagine the damage his shredded credibility will do to that defense, regardless.
  • SCO eliminates McBride’s job
    At Groklaw, PJ has an excerpt from the latest bankruptcy filing. It explains that the CEO and President positions were eliminated and seems to position doing so as part of the financial re-structuring. The fact that the company plans to continue its infamous anti-Linux litigation unfortunately supports a less vindictive interpretation of McBride’s departure.

PATRIOT Act Reform Stumbles, Jamming Junk Mail, and More

  • Reform of PATRIOT Act gutted during mark-up
    According to the EFF, one of the author’s of the amendment that would help restore some privacy protections acted to weaken the very same amendment at the last minute. The only rationale offered is that the original text of the amendment would interfere with ongoing investigations.
  • Humorous, anarchistic pamphlet designed for reply mailers
    Cory points out a clever hack of those ubiquitous pre-paid business reply envelopes that come with every junk offer for a credit card or subscription. The social commentary is priceless, suggesting a collapse of corporate culture into a neo-savage utopia. Doesn’t appear to be a print form of the work, though, so more of a gag than something you could actually use.
  • Court invalidates the top patent EFF has been working to bust
    According to Mike Masnick at Techdirt this was not a direct result of the EFF’s patent busting work. Mike also hints at the cold comfort to those trolled with this patent, that they still had to pay fees and endure legal hassle. The win is encouraging, though, but tempered by how long the process ultimately took.
  • Tenth anniversary of OpenSSH celebrated with a new release
    It definitely is a work horse, indispensable to anyone dealing with remote administration of even a single *nix machine. Here’s to ten years more, or however long until someone comes up with something not only better but provably more secure.
  • Still much to be concerned about US-Canada border searchers
    According to The Globe and Mail, it isn’t just the search powers and policies on the US side that are problematic. According to the article, the border patrols mandate extends well into your electronics and with precious little oversight. It also reminds me of a recent Spark story about not just a physical search, but a Google search causing problems.
  • Proving a computer kernel correct
    This is a pretty astonishing accomplishment. Schneier uses to demonstrate the scale of the problem for the operating system kernels you and I use every day. He estimates something on the order of 20,000 man years to accomplish that task.
  • Federal judge upholds first-sale doctrine for software
    The EFF tweeted this link, which details a suit against Autodesk by a user trying to resell his software on eBay. The article mentions another, similar case where the judge there also ruled in favor of the consumer’s right to resell.