News

HOME

Heise
Securiteam
Linux Kernel
theRegister.co.uk
SlashDot

Heise

Nachrichten nicht nur aus der Welt der Computer

Securiteam

Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.

Mozilla Firefox CSS font-face Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox.
Sun Java Runtime Environment JPEGImageDecoderImpl Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime.
Sun Java Runtime Environment Trusted Methods Chaining Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime.
Quicksilver Forums Cross-Site Request Forgery Vulnerability
A vulnerability was discovered in Quicksilver Forums, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Sun Java Runtime CMM readMabCurveData Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime.
Netifera - Modular Open Source Platform for Security Tools
WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems
Webshag - Web Server Audit Tool
Browser Fuzzer
FSpy - Linux Filesystem Activity Monitoring
HP Insight Control for Linux Multiple Vulnerabilities
Execution of Arbitrary Code, Denial of Service and Unauthorized Access vulnerabilities were identified on HP Insight Control for Linux.
Skype Client for Mac Chat Unicode Denial of Service vulnerability
A Denial of Service vulnerability was discovered in Skype for Mac.
Multiple Sourcefire Products Static Web SSL Keys Vulnerability
This vulnerability allows remote attackers to decrypt secure socket layer (SSL) communications directed to multiple Sourcefire products.
Samba 3.3.12 Memory Corruption Vulnerability
Remote exploitation of a buffer overflow vulnerability within Samba Project's Samba could allow an attacker to execute arbitrary code with root privileges.
HP-UX Running BIND compromise of NXDOMAIN Responses
A potential vulnerability was discovered on HP-UX running BIND.
HP Insight Software Installer for Windows Multiple Vulnerabilities
Unauthorized Access to Data and Cross Site Request Forgery vulnerabilities were identified on HP Insight Software Installer for Windows.
IBM SolidDB solid.exe Handshake Request Username Field Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB.
HP Insight Software Installer for Windows Multiple Vulnerabilities
Unauthorized access to data and cross Site request forgery vulnerabilities have been identified on HP Insight Software Installer for Windows.
HP Insight Control Power Management for Windows Multiple Vulnerabilities
Vulnerabilities were discovered affecting HP Insight Control Power Management for Windows.
HP Insight Orchestration for Windows Unauthorized Access Vulnerability
Vulnerabilities were identified affecting HP Insight Orchestration for Windows.
Trango Broadband Wireless Rogue SU Authentication Bug
Currently there is a flaw in the authentication mechanism of these radios which, if an attacker knows some details, can allow interception of ethernet packets broadcast from the Access Point to the Subscriber Unit and potentially allows injection into the communication from the Subscriber Unit to the Access Point.
Exposing HMS HICP Protocol and Intellicom NetBiterConfig.exe Remote Buffer Overflow
SCADA weaknesses created by HICP Protocol and NetBiter WebSCADA.
Family Connections Multiple Remote Vulnerabilities
Many fields are not properly sanitised and some checks can be bypassed.
VideoCache vccleaner Root Vulnerability
VideoCache is a Squid URL rewriter plugin written in Python for bandwidth optimization while browsing video sharing websites. Version 1.9.2 allows a user with the privileges of the Squid proxy server to append semi-arbitrary data to arbitrary files with root privileges, upon the administrator's execution of the 'vccleaner' utility.
QuickHeal Antivirus 2010 Local Privilege Escalation
All files under the install folder have Full control for BUILTIN\users and can be replace with malicious files.
Why Silent Updates Boost Security
Thomas Duebendorfer Google Switzerland GmbH and Stefan Frei Communication Systems Group, ETH Zurich, Switzerland looked into the performance of Web browser update mechanisms. The analysis of anonymized Google Web server logs allowed us to compare and rank the update strategies deployed by Google Chrome, Mozilla Firefox, Apple Safari, and Opera.
PDF Silent HTTP Form Repurposing Attacks
This paper sheds light on a modified approach to triggering web attacks through JavaScript protocol handler in the context of opening a PDF in a browser.
Frame Pointer Overwrite Demonstration (Linux)
This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please do so, because this read does not include key concepts but instead technical exploitation examples. That being said, enjoy. Knowledge is power.
Format String Exploitation Demonstration (Linux)
This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please do so, because this read does not include key concepts but instead technical exploitation examples. That being said, enjoy. Knowledge is power.
Hacking SOHO Routers
The purpose of this paper is to outline the security measures being taken by vendors to prevent such attacks in their home routing products, what those security measures accomplish, and where they fall short. We will use existing network tools to examine common vulnerabilities in a range of popular devices and demonstrate weaknesses in the security of those devices; additionally, we will examine common trends in security measures that have been duplicated across vendors, and examine how those trends help and hinder the security of their devices. In particular, we will examine the following home routers, which are some of the latest offerings from their respective vendors at the time of this writing: * Linksys WRT160N

Linux Kernel

Latest Linux Kernel Versions

next-20100730: linux-next

linux-next: next-20100730 2010-07-30 [Patch] [View Patch] [Gitweb]
2.6.35-rc6-git6: snapshot

snapshot: 2.6.35-rc6-git6 2010-07-31 [Patch] [View Patch]
2.6.35-rc6: mainline

mainline: 2.6.35-rc6 2010-07-22 [Full Source] [Patch] [View Patch] [View Inc.] [Gitweb] [Changelog]
2.6.34.1: stable

stable: 2.6.34.1 2010-07-05 [Full Source] [Patch] [View Patch] [Gitweb] [Changelog]
2.6.33.6: stable

stable: 2.6.33.6 2010-07-05 [Full Source] [Patch] [View Patch] [View Inc.] [Gitweb] [Changelog]
2.6.32.16: stable

stable: 2.6.32.16 2010-07-05 [Full Source] [Patch] [View Patch] [View Inc.] [Gitweb] [Changelog]
2.6.31.14: stable

stable: 2.6.31.14 2010-07-05 [Full Source] [Patch] [View Patch] [View Inc.] [Gitweb] [Changelog]
2.6.27.48: stable

stable: 2.6.27.48 2010-07-05 [Full Source] [Patch] [View Patch] [View Inc.] [Gitweb] [Changelog]
2.4.37.9: stable

stable: 2.4.37.9 2010-02-01 [Full Source] [Patch] [View Patch] [Gitweb] [Changelog]

theRegister.co.uk

Biting the hand that feeds IT

Reg Hardware Reviews Digest

Another chance to see our reviews from the last week

In the past seven days, Reg Hardware reviewed many products from the worlds of consumer electronics, photography, gaming, mobile communications and information technology.…
Free On-Demand Webcast - Virtualizing the Hard Stuff
iPhone 4: And now we are 3 (Mobile)

Cheap deals for all

3 Mobile is shipping iPhone 4 today - along with T-Mobile UK, it was the last UK network to announce availability.…
Sony Bravia KDL-32NX503 32in LCD TV

Smaller sized set with big screen extras

Review Monolithic is a desirable word, unless it’s applied to small things like a mobile phone, a peanut, a shrew. So does it fit a flatscreen TV, especially one at the lower end of screen sizes deemed suitable for a living room?…
Disney throws $763m at social gaming

Getting animated about Facebook

Disney has thrown over three quarters of a billion dollars to bring it up to Goliath status in the online gaming world, acquiring two and a half year old Playdom, which offers games for social networks – the new buzzword in gaming that has all the VCs on the planet hopping onto investments.…
Social-engineering contest reveals secret BP info

Hacking human gullibility at Defcon

Defcon A hacker competition that challenges contestants to trick employees of large companies into divulging potentially sensitive information aims to show how human gullibility is the biggest security vulnerability of all. During its first day at the Defcon hacker contest in Las Vegas, it had clearly achieved its goal.…
'Death to browsers!' cries Apple mobile-app patent

The camel's nose under Google's tent

A trio of Apple filings seek to patent mobile-application "systems and methods" for travel and online shopping — and to move us three steps closer to a Google-free world.…
Microsoft gets dirty with Gmail cloud cash fight

Dressing up what you kill

Microsoft is so committed to the cloud that it's throwing everything at rivals like Google to crack open the door on sales and gain momentum online.…
Free On-Demand Webcast - Virtualizing the Hard Stuff
RIM answers Apple iPad with...The BlackPad*

* - offensive humor may vary

BlackBerry maker Research in Motion is preparing to launch an iPad competitor in November, and it will be called the BlackPad, according to a report citing two people familiar with the company's plans.…
AMD, GlobalFoundries, and the Intel gap

Gate not closing

When AMD spin-off GlobalFoundries broke ground on its fab in upstate New York last year, the chip manufacturer boasted it was "closing the gap" on Intel. "We were a year behind Intel at the 45nm node, and that difference will be cut significantly at the 32nm generation," said vice president of manufacturing systems technology Tom Sonderman. "By 22nm, there will be no difference. It will be in the noise level."…
Boffins authenticate Apple 'Antennagate'

Judas Phone 'death grip' proven fatal

More evidence has surfaced that Apple's beleaguered Judas Phone does, indeed, have serious reception challenges — and today's facts and figures come from a sophisticated source.…
MS preps emergency patch for Windows shortcut peril

Attacks on rise

Warning of an uptick in attacks, Microsoft plans to issue an emergency update to patch a critical Windows vulnerability that hackers are exploiting to seize control of PCs.…
Microsoft cries foul on Yahoo!-Google Japan deal

Hunts down Japanese FTC

Microsoft will try to stop Yahoo! from hooking up with Google in Japan.…
Free On-Demand Webcast - Virtualizing the Hard Stuff
3D Dot Game Heroes

The closest you’ll get to Zelda without dusting off your NES?

Review Feeling nostalgic for 8-bit gaming? Then 3D Dot Game Heroes will, no doubt, satisfy. There’s no need to drag out your NES as this square-edged upstart hails from the land of Sony and is exclusive to Playstation 3. With fervour for the 1980s increasingly present in popular culture (Hot Tub Time Machine, anyone?), 3D Dot Game Heroes buys into this sentimentalism and looks, plays and sounds like nothing else around since 1986.…
Microsoft Street Slide: Street View done properly

Take a peep

Leaving aside the creepy privacy aspects, Street View is one of Google's most valuable services. The ability to familiarise yourself with somewhere strange, before you arrive, is genuinely useful.…
Futurologist defends 'malevolent dust' warning

Dust up over supposed evil particles

A futurologist has defended his controversial warning that "smart dust" is liable to become a future information stealing threat.…
Unisys floats mainframe cloud

A ClearPath to the development skies

A mainframe cloud may seem oxymoronic like a lead Zeppelin ("a" included on purpose), or intuitively obvious (given the virtualization and metering capabilities that have been in mainframes for decades). But Unisys has nonetheless fluffed up a mainframe cloud for its ClearPath mainframe customers.…
BlueArc gets extra greenbacks

$20 million

BlueArc, the hardware-accelerated NAS array supplier startup, has pocketed another $20m in a seventh funding round, taking total funding to around $225m.…
US law to neuter libel tourism

Render foreign beatdowns unenforceable

The US House of Representatives has passed a law which will render libel rulings from the English courts unenforceable there. The bill has already been passed by the Senate and will go to US President Barack Obama to be signed into law.…
Free On-Demand Webcast - Virtualizing the Hard Stuff
UK supermarket starts contactless payments

No touching

Spar is going contactless, attracted by the four pence per transaction the company could save by not asking shoppers for their PINs.…
Microsoft should starve on radical penguin diet

Capitalism and open source

Open...and Shut When the mouthpiece of American capitalism calls a company a dog, it's time to re-evaluate that company's chances.…
Mozy insists: It's not a bug...

...it's a... yes, one of those!

Mozy says that the bugs reported by users concerning repeated full backups were not bugs at all, instead reflecting a feature of the product.…
Delegate hacks into Black Hat streaming video

What happens in Vegas...

Security shortcomings in Black Hat's newly established streaming media service allowed a security consultant to hack into the system and see presentations for free.…
Czechs toast Bud-beating beer win

Na zdraví!

Beer drinkers in the Czech Republic, and that's most of country, will be raising a glass today to celebrate a local victory against Anheuser-Busch, the maker of US "beer" Budweiser.…
Free On-Demand Webcast - Virtualizing the Hard Stuff
Xiotech forging secret Katana project

HDD & SSD hybrid craftsmanship?

Word has reached us of a development project codenamed Katana inside Xiotech, with hints that the project involves HDD and SSD hybrid craftsmanship.…
Cyber Security Challenge winner announced

Quickest crypto off the mark

The UK's Cyber Security Challenge has announced the winner of its prologue crypto puzzle, as well as the solution - for anyone still struggling to find an answer.…
TalkTalk talks up SIM only mobile deals

Signs Voda UK for heavy lifting

TalkTalk is to launch its own mobile phone service, thanks to a deal with Vodafone UK.…
UK.gov sticks to IE 6 cos it's more 'cost effective', innit

Stunned web developers die a little inside

Computers in Whitehall will largely continue to run Microsoft’s Internet Explorer 6, which will make web coders spit out their cheese‘n’pickle sarnies this lunchtime.…
T-Mobile UK pumps out the iPhone 4

Shaves tariffs

Last month, we reported T-Mobile UK's price-plans for the iPhone 4. Today the telco start shipping the iphone, and has come in with lower tariffs .…
Free On-Demand Webcast - Virtualizing the Hard Stuff
Polaroid 300 instant print camera

Fun retro-snapper revived

Review The news that Polaroid has a new instant camera, after we thought it was done with all that frivolity, is likely to be greeted with squeals of nostalgic joy. While digital is superior in almost every sense there's a real warmth about those 80s prints that we remember adorning fridges and noticeboards. The Polaroid 300 (tsk, these unwieldy techie names) takes you straight back to your childhood, making a spontaneity-encouraging break from all that DSLR refinement.…
NatWest dumps O2 Money

So who gets the DVD collection?

A year after leaping into bed with O2, NatWest is no longer backing the operator's pre-paid credit card offering, citing differences in strategic goals as the cause of the breakup.…
YouTube ups video time limit

Generosity knows no bounds

YouTube has bumped its upload limit to 15 minutes for users of the Google-owned video sharing website.…
Alleged expenses fiddlers to face justice

Parliamentary privilege claim kicked out

The four politicians facing fraud charges over their expenses today failed in their bid to avoid prosecution by using ancient Parliamentary privilege laws.…
Nude trampolinist bounces free from court

Hey, Mr Trampoline Man... what's that in your hand?

A 55-year-old described by the BBC as a 'man' and by Scotland's Daily Record as a 'pervert' has avoided jail after being spotted by neighbours having too much fun with too few clothes on a trampoline.…
Nexus One phone rockets to 28,000ft

Android in spaaace

If you've ever wondered what happens when you stick a Google Nexus One phone in a rocket and blast it to 28,000ft from the Nevada desert, then here's your answer:…
Free On-Demand Webcast - Virtualizing the Hard Stuff
UK.gov drops £6m on Google

Fat dollar spent on health advice sites

Four Whitehall departments gave Google and similar search engines more than £6m in two years to encourage web users to do more exercise, emit less CO₂ and stop smoking, among other initiatives.…
Fake Firefox update used to sling scareware

Watch where you click

Online con artists have developed a strain of scareware that poses as a Firefox update.…
Happy Sysadmin Day!

Today's the day to pat yourselves on the back

It’s the last Friday in July, so that can mean only one thing - happy SysAdmin Day!…
Chaos surrounds New Zealand iPhone 4 day

Launch? What launch!

Apple's iPhone 4 went on sale today in New Zealand. But Vodafone NZ's handling of the launch left much to be desired, with hundreds of customers left in the lurch.…
Nvidia and HPC's second act

Sitting pretty - but for how long?

In a lot of ways, Nvidia is the belle of the GPU/accelerator ball these days. (Make your reservations early for the upcoming "GPU Fancy Dress Cotillion" later on this year; tuxedo t-shirts encouraged.) Intel withdrew Larrabee, IBM isn't pushing Cell, FPGAs aren't gaining a lot of traction yet, and AMD is late to the party with Fusion.…
Free On-Demand Webcast - Virtualizing the Hard Stuff
French operator pooh-poohs iOS4

Dismissed with a 'non' and a Gallic shrug

Updated French network operator SFR is thumbing its nose at Apple by telling customers to think carefully before upgrading to iOS 4.…
Beware the blizzard of torrents of Starcraft 2

Expense accounts

Starcraft 2 was released this week and at the hefty RRP of £45. Many games sites are hopping mad at this, although typically retailers are selling Blizzard's strategy game at £10 less than RRP.…
Street View spooked by 10 Rillington Place?

Orwellian black Opel scoots past infamous murder site

Until now, we at El Reg have assumed that Google's Street View spymobiles are as fearless as they are all-seeing, but it appears this may not be entirely true.…
Gaming sites bet on merger

In time for US welcome?

PartyGaming and Bwin have agreed to merge, just as moves to make online gambling legal in the US get a little closer.…
Hitachi details unified management

Running the stack from one screen

Hitachi's Unified Compute Platform (UCP) integrated IT stack idea is gathering momentum.…
Free On-Demand Webcast - Virtualizing the Hard Stuff
Data.gov.uk chief admits transparency concerns

Raw info may be too confusing

The head of the government's website for the release of public sector data has said it is a challenge to ensure that users can understand the statistics.…
Pioneer BDP-330 Blu-ray player

Pure and simple

Review If a recent survey for HP is to be believed, Britons remain committed to packaged media, with 75 percent wanting hard copies of films in a box. So despite the advance of video streaming and downloading, perhaps it’s not yet time to write off conventional disc players, like Pioneer’s latest Blu-ray offering, the BDP-330.…
Google site fools interwebs into China blockage scare

It's ~~fully blocked~~!

Google's China search is working just fine, despite breathless claims from countless news organizations that it's "fully blocked."…
'Suspicious' Android wallpaper app nabs user data

Up to 4 million downloads

An Android wallpaper application that collected data from users' phones and uploaded it to a site in China was downloaded "millions of times", according to mobile security firm Lookout.…
Data for 100m Facebook accounts published to BitTorrent

Forever is a mighty long time

Underscoring the permanence of data published on the internet, a security researcher has compiled the names and URLs of more than 100 million Facebook users and made them available as a BitTorrent download.…
Uncle Sam sues Oracle (again) for alleged fraud

DoJ doubles down on whistleblower suit

The US Department of Justice has filed a fresh lawsuit against Oracle, three months after intervening in a whistleblower suit that accuses the software giant of overcharging the government by "tens of millions of dollars."…
Free On-Demand Webcast - Virtualizing the Hard Stuff

SlashDot

News for nerds, stuff that matters

Who Is Downloading the Torrented Facebook Files?
eldavojohn writes "Gizmodo's got an interesting scoop on a list of IPs acquired from Peer Block revealing who is downloading the Facebook user data torrented this week: Apple, the Church of Scientology, Disney, Intel, IBM and several major government contractors just to name a few. The article notes that this doesn't mean it's sanctioned by these companies or even known to be happening, but the IP addresses of requests coming to one of the users' machines match to lists of IP blocks for each company."

Read more of this story at Slashdot.
Fossil Fuel Subsidies Dwarf Support For Renewables
TravisTR sends word of research from Bloomberg New Energy Finance which found that direct subsidies for renewable energy from governments worldwide totaled $43-46 billion in 2009, an amount vastly outstripped by the $557 billion in fossil fuel subsidies during 2008. "The BNEF preliminary analysis suggests the US is the top country, as measured in dollars deployed, in providing direct subsidies for clean energy with an estimated $18.2bn spent in total in 2009. Approximately 40% of this went toward supporting the US biofuels sector with the rest going towards renewables. The federal stimulus program played a key role; its Treasury Department grant program alone provided $3.8bn in support for clean energy projects. China, the world leader in new wind installations in 2009 with 14GW, provided approximately $2bn in direct subsidies, according to the preliminary analysis. This figure is deceptive, however, as much crucial support for clean energy in the country comes in form of low-interest loans from state-owned banks. State-run power generators and grid companies have also been strongly encouraged by the government to tap their balance sheets in support of renewables."

Read more of this story at Slashdot.
Microsoft To Issue Emergency Fix For Windows<nobr> <wbr></nobr>.LNK Flaw
Trailrunner7 writes "Microsoft will issue an out-of-band patch on Monday for a critical vulnerability in all of the current versions of Windows. The company didn't identify which flaw it will be patching, but the description of the vulnerability is a close match to the LNK flaw that attackers have been exploiting for several weeks now, most notably with the Stuxnet malware. The advance notification from Microsoft on Friday said that the company is patching a critical vulnerability that is being actively exploited in the wild and affects all supported Windows platforms. The LNK flaw in the Windows shell was first identified earlier this month when researchers discovered the Stuxnet worm spreading from infected USB drives to PCs. Stuxnet has turned out to be a rather interesting piece of malware as it not only uses the LNK zero day vulnerability to spread, but it had components that were signed using a legitimate digital certificate belonging to Realtek, a Taiwanese hardware manufacturer."

Read more of this story at Slashdot.
UK Government Rejects Calls To Upgrade From IE6
pcardno writes "The UK government has responded to a petition encouraging government departments to move away from IE6 that had over 6,000 signatories. Their response seems to be that a fully patched IE6 is perfectly safe as long as firewalls and malware scanning tools are in place, and that mandating an upgrade away from IE6 will be too expensive. The second part is fair enough in this age of austerity (I'd rather have my taxes spent on schools and hospitals than software upgrade testing at the moment), but the whole reaction will be a disappointment to the petitioners." Update: 07/31 11:43 GMT by S : Dan Frydman, the man who launched the petition, has posted a response to the government's decision.

Read more of this story at Slashdot.
The Canadian Who Holds the Key To the Internet
drbutts writes "The Toronto Star has an interesting story on how they are securing DNS: 'It's housed in two high-security facilities separated by the North American landmass. The one authenticated map of the Internet. Were it to be lost — either through a catastrophic physical or cyber attack — it could be recreated by seven individuals spread around the globe. One of them is Ottawa's Norm Ritchie. Ritchie was recently chosen to hold one of seven smartcards that can rebuild the root key that underpins this system' called DNSSEC (Domain Name System Security Extensions). In essence, these seven can rebuild the architecture that allows users to know for certain where they are and where they are going when navigating the Web."

Read more of this story at Slashdot.
US Ability To Identify Source of Nuclear Weapons Decays
Hugh Pickens writes "The NY Times covers a report released by the National Research Council, which says the ability of the US to identify the source of a nuclear weapon used in a terrorist attack is fragile and eroding. The goals of the highly specialized detective work, known as nuclear attribution, is to clarify options for retaliation and to deter terrorists by letting them know that nuclear devices have fingerprints that atomic specialists can find and trace. 'Although US nuclear forensics capabilities are substantial and can be improved, right now they are fragile, under-resourced and, in some respects, deteriorating,' the report warns. 'Without strong leadership, careful planning and additional funds, these capabilities will decline.' The report calls on the federal government to take steps to strengthen its forensic capabilities and argues for the necessity of better planning, more robust budgets, clearer lines of authority and more realistic exercises."

Read more of this story at Slashdot.
New PS3 Firmware Causing HDD Upgrade Problems?
Channard writes "While there have been occasional reports of previous PS3 firmware upgrades causing system crashes and so forth, Sony's new firmware upgrade for the system, 3.41, is apparently stopping PS3 owners from upgrading their hard disks. This problem has been encountered by many users on Sony's forums and occurs when you try to put a new hard disk into a PS3 that already has the firmware upgrade installed. The general course of action for upgrading a PS3's drive is that you download the latest PS3 firmware onto a memory stick and, after swapping the hard drive in the PS3, plug the stick in, allowing the PS3 to properly prepare the disk for use. But as of upgrade 3.41, the PS3 fails to recognize the firmware on the stick, complaining that it can't proceed until you insert the correct firmware. Repeating the process and re-downloading the firmware does not fix the problem, as I can confirm, having encountered the problem myself. Users can put the old hard disk back in, provided they've not reformatted it for some other purpose, so all is not lost. Sony have apparently told gaming website CVG that 'The information available to our Consumer Services Department does not suggest that this is a problem PlayStation owners are likely to experience when upgrading the HDD with 3.41 update.' This seems to fly in the face of the currently available information — although whether or not this statement was issued by Kevin Butler is unclear. Either way, PS3 owners encountering this problem will likely have to wait a few days for a fix and use their old HDDs for now."

Read more of this story at Slashdot.
FCC Gives Thumbs-Up To First LTE Phone
eagledck tips news that the FCC has "finally approved the first 4G Long Term Evolution (LTE) phone for sale in the US." The Samsung device will use MetroPCS as a carrier, but tech specs, software details and a launch timetable are still uncertain. Meanwhile, Verizon is ramping up testing of their own LTE infrastructure, hoping to launch in 25 to 30 markets by the end of the year. An anonymous reader notes that LTE rollouts could be hampered by a confused and conflicted patent situation. "It is impossible to know where all the patents are but we have identified more than 60 companies holding essential patents. It is a very large landscape and fragmented. If there was one major patent pool and a handful of individual companies to deal with, that would be possible. But signing license deals with 40 plus [entities] is not. A unified patent pool is best," said a representative for one of three patent pool organizations trying to accomplish that.

Read more of this story at Slashdot.
DefCon Contest Rattles FBI's Nerves
snydeq writes "A DefCon contest that invites contestants to trick employees at 30 US corporations into revealing not-so-sensitive data has rattled nerves at the FBI. Chris Hadnagy, who is organizing the contest, also noted concerns from the financial industry, which fears hackers will target personal information. The contest will run for three days, with participants attempting to unearth data from an undisclosed list of about 30 US companies. The contest will take place in a room in the Riviera hotel in Las Vegas furnished with a soundproof booth and a speaker, so an audience can hear the contestants call companies and try to weasel out what data they can get from unwitting employees." The group organizing the contest has established a strict set of rules to ensure participants don't violate any laws. Update: 07/31 04:45 GMT by S : PCWorld has coverage of one of the day's more successful attacks.

Read more of this story at Slashdot.
How Should a Non-Techie Learn Programming?
CurtMonash writes "Nontechnical people — for example marketers or small business owners — increasingly get the feeling they should know more about technology. And they're right. If you can throw up a small website or do some real number-crunching, chances are those skills will help you feed your family. But how should they get started? I started a thread with the question on DBMS2, and some consistent themes emerged, including: Learn HTML + CSS early on; Learn a bit of SQL, but you needn't make that your focus; Have your first real programming language be one of the modern ones, such as PHP or Python; MySQL is a good vehicle to learn SQL; It's a great idea to start with a project you actually want to accomplish, and that can be done by modifying a starter set of sample code (e.g., a WordPress blog); Microsoft's technology stack is an interesting alternative to some of the other technology ideas. A variety of books and websites were suggested, most notably MIT's Scratch. But, frankly, it would really help to get more suggestions for sites and books that help one get started with HTML/CSS, or with MySQL, or with PHP. And so, techie studs and studdettes, I ask you — how should a non-techie go about learning some basic technological skills?"

Read more of this story at Slashdot.
Justice Department Joins Fraud Lawsuit Against Oracle
suraj.sun writes with news that the US Department of Justice has joined a lawsuit alleging Oracle of overcharging the federal government for its software products. Quoting: "In a nutshell, the lawsuit argues that Oracle's government customers — a wide array of agencies, including the State Department, the Energy Department, and the Justice Department itself — got deals 'far inferior' to those the enterprise software giant gave to its commercial clients. The allegations stem from a software deal between Oracle and the federal General Services Administration that the Justice Department says involved 'hundreds of millions of dollars in sales' and that ran from 1998 to 2006. Under the contract, Oracle was required to inform the GSA when commercial discounts improved and to offer those same discounts to government buyers. Oracle misrepresented its true commercial sales practices and thus defrauded the US, the lawsuit contends.

Read more of this story at Slashdot.
ISC Offers Response Policy Zones For DNS
penciling_in writes "ISC has made the announcement that they have developed a technology that will allow 'cooperating good guys' to provide and consume reputation information about domains names. The release of the technology, called Response Policy Zones (DNS RPZ), was announced at DEFCON. Paul Vixie explains: 'Every day lots of new names are added to the global DNS, and most of them belong to scammers, spammers, e-criminals, and speculators. The DNS industry has a lot of highly capable and competitive registrars and registries who have made it possible to reserve or create a new name in just seconds, and to create millions of them per day. ... If your recursive DNS server has a policy rule which forbids certain domain names from being resolvable, then they will not resolve. And, it's possible to either create and maintain these rules locally, or, import them from a reputation provider. ISC is not in the business of identifying good domains or bad domains. We will not be publishing any reputation data. But, we do publish technical information about protocols and formats, and we do publish source code. So our role in DNS RPZ will be to define 'the spec' whereby cooperating producers and consumers can exchange reputation data, and to publish a version of BIND that can subscribe to such reputation data feeds. This means we will create a market for DNS reputation but we will not participate directly in that market.'"

Read more of this story at Slashdot.
Google Adds Licensing Server DRM To Android Market
eldavojohn writes "According to AfterDawn, Google has given app makers the option to use a license server as DRM to ensure the user has paid for an app before they can download it. Reportedly, the Market app will communicate with a Google license server using RSA encryption. It is important to note this is only available for non-free apps (built with SDK 1.5 and later), and it was instituted to provide a better solution to the old and widely criticized copy protection scheme that was susceptible to Android app piracy (like sideloading). For better or for worse, Android's Marketplace appears to now have an optional, phone-home form of DRM." Following news of the new licensing service, Hexage Ltd, makers of a popular Android game called Radiant, released the data they had collected on piracy of Radiant over a 10-month period beginning last October. A series of charts shows total users, paid users and the piracy rate, by region.

Read more of this story at Slashdot.
Tribalism Is the Enemy Within, Says Shuttleworth
climenole points out a post from Canonical founder Mark Shuttleworth about internal strife in the free software community. He wrote, "Tribalism is when one group of people start to think people from another group are 'wrong by default.' It's the great-granddaddy of racism and sexism. And the most dangerous kind of tribalism is completely invisible: it has nothing to do with someone's 'birth tribe' and everything to do with their affiliations: where they work, which sports team they support, which Linux distribution they love. ... Right now, for a number of reasons, there is a fever pitch of tribalism in plain sight in the free software world. It's sad. It's not constructive. It's ultimately going to be embarrassing for the people involved, because the Internet doesn't forget. It's certainly not helping us lift free software to the forefront of public expectations of what software can be."

Read more of this story at Slashdot.
What's Wrong With the American University System
ideonexus writes "The Atlantic has an excellent interview with Andrew Hacker — co-author with Claudia Dreifus of a book titled Higher Education? — covering everything that's wrong with the American university system. The discussion ranges from entrenched tenured professors more concerned with publishing and parking spaces than quality teaching; to 22-year-old students with unrealistic expectations that some company will put them in a management position after graduating with six-figures of debt; to football teams siphoning money away from academic programs so that student tuitions must increase to compensate. It really lays out the farce of university culture and reminds me of everything I absolutely despised about my college life. Dreifus is active in the comments section of the article as well, lending to a fantastic discussion on the subject."

Read more of this story at Slashdot.