We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!
mlauzon (818714) writes "The following is taken from the article "VeraCrypt a Worthy TrueCrypt Alternative" and interviews the creator of VeraCrypt, now to be honest, it's not an in-depth interview or review, but at least it's a start and shows where VeraCrypt is headed:
A fork of TrueCrypt's code, VeraCrypt strengthens the open source encryption software's transformation process and addresses other weaknesses.
If you're reluctant to continue using TrueCrypt now that the open source encryption project has been abandoned, and you don't want to wait for the CipherShed fork to mature, one alternative that's well worth investigating is VeraCrypt.
VeraCrypt is also a fork of the original TrueCrypt code, and it was launched in June 2013. IT security consultant Mounir Idrassi, who is based in France, runs the project and is its main contributor.
Idrassi's motivation for developing VeraCrypt stems back to 2012 when he was asked to integrate TrueCrypt with a client's product. Before doing this he carried out a security audit of the code and discovered some issues. "There were no big problems, no backdoors or anything like that. But there were some small things, so we decided to start VeraCrypt," he said." Link to Original Source top
mlauzon writes "Seems a lot of companies are seeing the light and turning their subscription based games into the F2P model, or freemium as it's now being called:
For those of us who lack Batman's financial resources, maintaining several monthly MMO subscriptions can be a challenge. Sony Online Entertainment recognizes this, and as a result, the company has just announced that DC Universe Online will be officially joining the freemium revolution toward the end of October.
" Link to Original Source top
mlauzon writes "The antics by LulzSec over the past few weeks may have attracted a bit too much attention, at least for those involved in the group. Their veil of anonymity and fearlessness may be finally crumbling. Some unidentified individuals are taking matters into their own hands, feeding LulzSec a taste of their own medicine — revealing the identities of (suspected) LulzSec members to the world.
A new blog, LulzSec Exposed, began its first day on Blogspot with a mountain of IRC chat logs and personal information for a handful of LulzSec members: Kayla, BarretBrown, Joepie, Nakomis, and Topiary. Of these persons, Topiary admitted to being part of LulzSec via their official Twitter page. Three of these persons are from the United States, while one is from Sweden and one from the Netherlands. Mr. Brown has also contributed to various publications, including the Huffington Post and The Guardian.
Amongst the blog posts, there is also evidence that suggests some of the LulzSec members used to be part of Anonymous, based on similar IRC nicknames they use.
LulzSec has, not surprisingly, mocked the accuracy of the posted information. Despite that, the confident public face they put on while revealing their exploits on their site and in explaining their antics may be one giant facade, as members are being extra cautious thanks to the extra scrutiny they now face from the general public and authorities alike." Link to Original Source top
mlauzon writes "EW.com is reporting about a team up between Stan Lee & Arnold Schwarzenegger in a new cartoon to premier next year:
This week’s EW cover story is an exclusive interview with Arnold Schwarzenegger talking about his plan to return to movies and unleash an animated superhero TV series: The Governator. Below is a full three-minute trailer from the project, which teams Ah-nold with comic legend Stan Lee:
mlauzon writes "Google is launching a new way to interact with their web based mail app called Motion, it's very innovative and will free you from the constraints of the mouse & keyboard. From the info page:
The mouse and keyboard were invented before the Internet even existed. Since then, countless technological advancements have allowed for much more efficient human computer interaction. Why then do we continue to use outdated technology? Introducing Gmail Motion — now you can control Gmail with your body." Link to Original Source top
mlauzon writes "TorrentFreak is reporting that The Pirate Bay has purchased eBay. From the article:
Here’s an announcement we don’t read every day. As of today The Pirate Bay is the proud owner of eBay. The torrent site plans to use eBay technology to code a better rating system for torrents. How much was paid for the auction site is still a mystery.
TorrentFreak talked to one of The Pirate Bay crew members who told us that they had to find a legitimate investment for the billions of dollars they’ve made from annoying pop-under ads, and this appeared to be a decent option." Link to Original Source top
mlauzon writes "LOS ANGELES (Reuters) — Michael Jackson, the child star turned King of Pop who set the world dancing but whose musical genius was overshadowed by a bizarre lifestyle and sex scandals, died on Thursday. He was 50.
Jackson was pronounced dead after arriving at a Los Angeles hospital in full cardiac arrest, Los Angeles coroner Fred Corral said. The cause of death was not known and an autopsy would likely take place on Friday, he said.
Jackson's sudden death had been reported earlier by U.S. media including the Los Angeles Times and the TMZ entertainment website, which said he was taken ill at his home and rushed to the hospital by paramedics who found him not breathing when they arrived.
Known as the "King of Pop," for hits that included "Thriller" and "Billie Jean," Jackson's dramatic, one-gloved stage presence and innovative dance moves were imitated by legions of fans around the world.
His lifetime record sales tally is believed to be around 750 million, which, added to the 13 Grammy Awards he received, made him one of the most successful entertainers of all time.
But Jackson's belief that "I am Peter Pan in my heart", his preference for the company of children, his friendship with a chimp, his high-pitched voice and numerous plastic surgeries also earned him critics and the nickname "Wacko Jacko."
Jackson, who had lived as a virtual recluse since his acquittal in 2005 on charges of child molestation, had been scheduled to launch a comeback tour from London next month.
Quincy Jones, who helped arrange the music on the album "Thriller" and produced the "Off the Wall" album, told MSNBC: "I am absolutely devastated at this tragic and unexpected news."
"For Michael to be taken away from us so suddenly at such a young age, I just don't have the words. I've lost my little brother today, and part of my soul has gone with him."
PARAMEDICS UNABLE TO REVIVE SINGER
TMZ said on its website that Jackson suffered a cardiac arrest on Thursday afternoon at his Holmby Hills home and paramedics were unable to revive him. "We're told when paramedics arrived Jackson had no pulse and they never got a pulse back," the site said.
The Los Angeles Times said paramedics performed cardiopulmonary resuscitation at the singer's home before taking him to the UCLA Medical Center hospital.
Jackson had been due to start a series of concerts in London on July 13 running until March 2010. The singer had been rehearsing in the Los Angeles area for the past two months.
The shows for the 50 London concerts sold out within minutes of going on sale in March.
There were concerns about Jackson's health in recent years but the promoters of the London shows, AEG Live, said in March that Jackson had passed a 4-1/2 hour physical examination with independent doctors.
Outside the hospital in Los Angeles about 200 fans and reporters gathered on Thursday, waiting for confirmation of Jackson's death or condition.
Some fans were crying and hugging each other, and others were climbing atop fences to get a better look at a microphone stand where a news conference was supposed to take place.
"I hope he's gone to God, and I hope that he's free of all the troubles he's been plagued with," Tonya Blazer, 50, who said she had been a fan going back more than four decades to his days as a child star.
"I just feel like I'm paying tribute to him," said Dawn Burgess, 42, a fan who said she had posters of Michael pinned to her bedroom wall when she was a child.
CHILD STAR TO MEGASTAR
Jackson was born on August 29, 1958, in Gary, Indiana, the seventh of nine children. Five Jackson boys — Jackie, Tito, Jermaine, Marlon and Michael — first performed together at a talent show when Michael was 6. They walked off with first prize and went on to become a best-selling band, The Jackson Five, and then The Jackson 5.
Jackson made his first solo album in 1972, and released "Thriller" in 1982, which became a smash hit that yielded seven top-10 singles. The album sold 21 million copies in the United States and at least 27 million worldwide.
The next year, he unveiled his signature "moonwalk" dance move while performing "Billie Jean" during an NBC special.
In 1994, Jackson married Elvis Presley's only child, Lisa Marie, but the marriage ended in divorce in 1996. Jackson married Debbie Rowe the same year and had two children, before splitting in 1999. The couple never lived together.
Jackson has three children named Prince Michael I, Paris Michael and Prince Michael II, known for his brief public appearance when his father held him over the railing of a hotel balcony, causing widespread criticism.
New Yorkers and tourists in the city's Times Square were shocked at the news of Jackson's death.
"I don't know what to say. It's sad, it's really, really sad," said Nicole Smith, an 18-year-old student from Brooklyn, New York, in Times Square. "My mother was a fan. I listened to his music."
"I'm shocked. I thought someone was lying to me when I first heard it. I was a fan from when he was a little boy and then he got weird," said Sue Sheider, 51, a teacher from Long Island." Link to Original Source top
mlauzon writes "After nearly three years of development, Panda Security today released the public beta of its Panda Cloud Antivirus, which the company claims is the first free cloud-based antivirus thin-client. By taking AV duties to the cloud and combining it with local detection technologies, Panda says it can do a better job at protecting your PC than a traditional virus scanner.
"Thanks to Panda Security's Collective Intelligence malware and goodware online database, Panda Cloud Antivirus detects more malware than traditional signature-based solutions which take longer to detect the most recent, and therefore most dangerous, variants," Pedro Bustamanta, Panda Senior Research Advisor, wrote in a blog entry.
The local portion of the program takes up roughly 50MB of hard drive space while consuming about 17MB of RAM, according to a Cnet report. By the time Panda Cloud Antivirus exits the beta stage, Bustamante hopes to have the RAM consumption down to 12MB.
One potential downside to relying on the cloud for antivirus protection is that your PC would be left vulnerable without an internet connection. But not to worry, says Bustamante, who clarified that a local cache copy of Collective Intelligence is kept on the PC for just such scenarios.
mlauzon writes "If you told your spouse that the two of you would be together until Duke Nukem Forever hit shelves in an attempt to be absolutely precious, it might be time to start sweating. According to a tweet by 3D Realms man George Broussard, Duke Nukem Forever's unending development cycle may soon be leaving the death-and-taxes consistency club.
"Closing out a milestone this week. 71 more tasks to do and we started with probably 800-900. Been a good push. Next one starts Monday," he tweeted.
After some rudimentary math, we've determined that — assuming development continues at a nice clip — Duke will be back in business sometime next year. Guess the Mayans were a little off with their apocalypse calculations.
mlauzon writes "Windows 1.0, the original 16-bit operating system, was released on 20 November 1985 and today marks its 23rd Birthday.
55 programmers developed the system in a year, making the 1st edition a break from the norm in terms of usability. It enabled users to use a mouse to navigate the system and use its various functions and applications that were included.
Applications included were a set of desktop applications (MS-DOS File Management Program), a calendar, card file, notepad, calculator, clock and telecommunications programs allowing users to manage their day-to-day activites much like a PDA does today. It also allowed users to switch between programs without needing to quit and restart them.
The OS itself had 256 colours ability, re sizable windows, a reserved area of minimized programs (the original concept of the task bar) and the ability to customize the appearance of windows. Microsoft began to include what we now call a "Control Panel" in its first version of Windows (1.x). It came with a lot of interface controls that are still seen in versions of Windows today such as text boxes, radio buttons, scrolling bars and menu items.
In the interface of Windows 1.0, windows can be maximized, minimized or tiled. The active windows cannot be overlapped instead of tiled. There is no option to cascade windows, so it is inconvenient to show more windows at the same time.
Microsoft announced the idea of windows in spring 1983. But the first version of Windows, Windows 1.0 was not released until November 1985. Windows 1.x is based on MS-DOS 2.0. Due to the hardware and software limitations of MS-DOS 2.0, it was not successful compared to later versions of Windows such as Windows 3.1. However, Microsoft did have a good chance to market the operating system at fast
developing IBM compatible computers. Speaking of marketing, Microsoft's screaming CEO, Steve Ballmer, got behind a camera and recorded a hilarious advert for Windows 1.0. Shouting on the video, Ballmer gets excited about Windows Write, Windows Paint, Notepad and a clock feature! Thankfully even Paint has been updated these days with the introduction of the ribbon user interface in Windows 7. Checkout Ballmer's advert below. Also worthy of a special mention is Rafael Rivera, the author of Within Windows. Rafael is famous for creating UX theme patches for Vista and XP and recently unlocked the superbar in Windows 7. Rafael was born on the exact same day as Windows 1.0 was released. Happy Birthday Rafael & Windows!
mlauzon writes "Now I don't have a lot of money to spare, my friend who works as a Web Designer was helping me with a site, but he's up and disappeared. What I want to know, is where I can find free or semi-free web design help...as I need this site finished asap!" top
What I got out of [Chen's] comments was that YouTube's first priority is making sure everyone, everywhere, on any device, could view every video on the site. Steve actually said himself, as the commenters above are saying, that HD really doesn't make sense for the short, silly clips that are YouTube's bread and butter.
YouTube will likely eventually support HD. But it's good to see that Steve Chen is skeptical about its utility in the present tense. For video to play in HD, it must first be shot in HD, edited in HD, and uploaded in HD. And barely anything on YouTube meets those criteria now.
mlauzon writes "YouTube co-founder Steve Chen, speaking at the NewTeeVee Live conference today, confirmed that high-quality YouTube video streams are coming soon. Although YouTube's goal, he said, is to make the site's vast library of content available to everyone, and that requires a fairly low-bitrate stream, the service is testing a player that detects the speed of the viewer's Net connection and serves up higher-quality video if viewers want it.
Why wouldn't they? Because the need to buffer the video before it starts playing will change the experience. Hence the experiment, rather than just a rapid rollout of this technology. On stage, he said the current resolution of YouTube videos has been "good enough" for the site untill now.
Chen told me he expects that high-quality YouTube videos will be available to everyone within three months.
Chen also confirmed that in YouTube's internal archive, all video is stored at the native resolution in which it was sent. However, he said, a large portion of YouTube videos are pretty poor quality to begin with — 320x240. Streaming them in high-quality mode isn't going to help much." Link to Original Source top
mlauzon writes "MDO Ltd. announces the release of eBoostr, a complete replacement for Microsoft ReadyBoost technology for Windows XP.
Upgrade the performance of your PC without upgrading its components. Get ReadyBoost-like technology in Windows XP. Overcome ReadyBoost limitations and use up to four inexpensive flash devices to speed up your system. Add more speed to your PC without upgrading!
If you could improve the performance of your computer by upgrading just one item, that would be memory. Adding more RAM speeds up Windows and applications, allowing the system to access the hard disk less often. This is especially true for older PCs with 256 or 512 MB of RAM, and laptop computers with slow hard drives.
Upgrading computer components can be costly, and is not always possible. Buying and plugging a USB flash memory stick, on the other hand, is neither expensive nor complicated. That is why Microsoft developed a new technology called ReadyBoost. ReadyBoost uses flash memory plugged into a computer to enhance operating system responsiveness, decrease loading time, and improve computer performance.
Unfortunately, Microsoft ReadyBoost is only available in Windows Vista. Since the day Microsoft announced its ReadyBoost technology for Windows Vista, the company made it clear that no ReadyBoost upgrade will be released to support Windows XP and older operating systems.
eBoostr is a third-party implementation of speed-enhancing technology based on using flash memory to enhance the responsiveness and performance of a Windows XP computer. eBoostr works similar to Microsoft ReadyBoost, providing many of the same benefits to the end user.
Improved Performance with No Costly Hardware Upgrades
eBoostr improves the performance of any PC without having to upgrade its components or the operating system. Using flash memory allows Windows XP to access hard drives less frequently, which results in improved performance and responsiveness of Windows XP and all applications.
No ReadyBoost Limitations
ReadyBoost is a great technology, but it has its limitations. Its current incarnation does not support more than one flash memory stick or card at a time. ReadyBoost requires using fast flash memory that can be more expensive than the typical flash drive found on everyone's desk. Finally, ReadyBoost helps the most to those with little amount of RAM installed, and provides slim benefits to PCs with a gigabyte or more of RAM.
eBoostr overcomes these limitations. While it works great with ReadyBoost Certified devices, eBoostr also supports slower, less expensive flash memory sticks and cards, allowing for a really inexpensive way to improve your computer performance. eBoostr is not limited to a single stick or card, and supports up to four flash units simultaneously. Finally, unlike ReadyBoost, eBoostr provides noticeable performance benefits even to PCs that are stuffed with RAM sticks to the max.
Laptop computers benefit from reduced hard drive activities even more than their desktop siblings. Notebook hard drives are slower than desktop disks, and system responsiveness rises to the new level with the use of flash memory and eBoostr. Less hard drive access results in reduced power consumption, which leads to improved battery life. Work faster and longer on your Windows XP laptop with eBoostr!
MDO (Moscow Development Office) was founded in 1994 and since then through creative work of its team of developers has gained a stable position in the field of software and internet development, as well as high acclaim from users all over the world for its digital photography product line, FirmTools. Its new product, eBoostrTM, was developed by the company division organized specially for this project. For more information about the company and products, visit http://www.eBoostr.com/." Link to Original Source top
mlauzon writes "Confundos is a discussion platform for the exchange and development of ideas. It's based on open source and open knowledge — all ideas on the site must be licensed under a Creative Commons license. The site relies on transparency and accountability to foster enriching discussions. Here's a basic rundown of how it functions: someone needs an open source software or plugin; he/she proceeds to describe on the site; from there, the description is enhanced by community input and comments; next, users who need such a project bid for its completion; specialists capable of accomplishing the project pitch their services after which competitive bids are received once the project runs beyond original bid; offers are then accepted and the project is completed.
"Cofundos helps to realize bright ideas, by providing a platform for their discussion & enrichment and by establishing a process for organizing the contributions and interests of different stakeholders in the idea."
"Cofundos helps to realize bright ideas, by providing a platform for their discussion & enrichment and by establishing a process for organizing the contributions and interests of different stakeholders in the idea."
mlauzon writes "A Swedish hacker tells how he infiltrated a global communications network used by scores of embassies over the world, using tools freely available on the internet.
In August, Swedish hacker Dan Egerstad gained access to sensitive embassy, NGO and corporate email accounts. Were they captured from the clutches of hackers? Or were they being used by spies? Patrick Gray investigates the most sensational hack of 2007.
IT WASN'T supposed to be this easy. Swedish hacker Dan Egerstad had infiltrated a global communications network carrying the often-sensitive emails of scores of embassies scattered throughout the world. It had taken him just minutes, using tools freely available for download on the internet.
In time, Egerstad gained access to 1000 high-value email accounts. He would later post 100 sets of sensitive email logins and passwords on the internet for criminals, spies or just curious teenagers to use to snoop on inter-governmental, NGO and high-value corporate email.
The question on everybody's lips was: how did he do it? The answer came more than a week later and was somewhat anti-climactic. The 22-year-old Swedish security consultant had merely installed free, open-source software — called Tor — on five computers in data centres around the globe and monitored it. Ironically, Tor is designed to prevent intelligence agencies, corporations and computer hackers from determining the virtual — and physical — location of the people who use it.
"Tor is like having caller ID blocking for your internet address," says Shava Nerad, development director with the Tor Project. "All it does is hide where you're communicating from."
Tor was developed by the US Navy to allow personnel to conceal their locations from websites and online services they would access while overseas. By downloading the simple software, personnel could hide the internet protocol address of their computers — the tell-tale number that allows website operators or intelligence services to determine a user's location.
Eventually the navy realised it must take Tor beyond the armed forces. "The problem is, if you make Tor a tool that's only used by the military . . . by using Tor you're advertising that you're military," Nerad says.
So Tor was cast into the public domain. It is now maintained and distributed by a registered charity as an open-source tool that anyone can freely download and install. Hundreds of thousands of internet users have installed Tor, according to the project's website.
Mostly it is workers who want to browse pornographic websites anonymously. "If you analyse the traffic, it's just porn," Egerstad told Next by phone from Sweden. "It's kind of sad."
However, Dmitri Vitaliev, a Russian-born, Australian-educated computer security professional who lives in Canada, says Tor is a vital tool in the fight for democracy. Vitaliev trains human-rights campaigners on how to stay safe when online in oppressive regimes. "It's incredibly important," he said in a Skype chat from the unrecognised state of Transnistria, a breakaway region in Moldova where he's assisting a local group working to stop the trafficking of women. "Anonymity is a high advantage in countries that perform targeted surveillance on activists."
It's also used to bypass website censorship in more than 20 countries that censor political and human rights sites, he says.
Tor works by connecting its users' internet requests, randomly, to volunteer-run Tor network nodes. Anyone can run a Tor node, which relays the user's traffic through other nodes as encrypted data that can't be intercepted.
When the user's data reaches the edge of the Tor network, after bouncing through several nodes, it pops out the other side as unencrypted, readable data. Egerstad was able to get his mitts on sensitive information by running an exit node and monitoring the traffic that passed through it.
The problem, says Vitaliev, is some Tor users assume their data is protected from end to end. "As in pretty much any other internet technology, its vulnerabilities are not well understood by those who use it (and) need it most," he says.
The discovery that sensitive, government emails were passing through Tor exit nodes as unencrypted, readable data was only mildly surprising to Egerstad. It made sense — because Tor documentation mentions "encryption", many users assume they're safe from all snooping, he says.
"People think they're protected just because they use Tor. Not only do they think it's encrypted, but they also think 'no one can find me'," Egerstad says. "But if you've configured your computer wrong, which probably more than 50 per cent of the people using Tor have, you can still find the person (on) the other side."
Initially it seemed that government, embassy, NGO and corporate staffers were using Tor but had misconfigured their systems, allowing Egerstad to sniff sensitive information off the wire. After Egerstad posted the passwords, blame for the embarrassing breach was initially placed on the owners of the passwords he had intercepted.
However, Egerstad now believes the victims of his experiment may not have been using Tor. It's quite possible he stumbled on an underground intelligence gathering exercise, carried out by parties unknown.
"The whole point of the story that has been forgotten, and I haven't said much about it, (is that) many of these accounts had been compromised," he says. "The logins I caught were not legit users but actual hackers who'd been reading these accounts."
In other words, the people using Tor to access embassy email accounts may not have been embassy staff at all. Egerstad says they were computer hackers using Tor to hide their origins from their victims.
The cloaking nature of Tor is appealing in the extreme to computer hackers of all persuasions — criminal, recreational and government sponsored.
If it weren't for the "last-hop" exit node issue Egerstad exposed in such a spectacular way, parties unknown would still be rifling the inboxes of embassies belonging to dozens of countries. Diplomatic memos, sensitive emails and the itineraries of government staffers were all up for grabs.
After a couple of months sniffing and capturing information, Egerstad was faced with a moral dilemma: what to do with all the intercepted passwords and emails.
If he turned his findings over to the Swedish authorities, his experiment might be used by his country's intelligence services to continue monitoring the compromised accounts. That was a little too close to espionage for his liking.
So Egerstad set about notifying the affected governments. He approached a few, but the only one to respond was Iran. "They wanted to know everything I knew," he says. "That's the only response I got, except a couple of calls from the Swedish security police, but that was pretty much all the response I got from any authority."
Frustrated by the lack of a response, Egerstad's next step caused high anxiety for government staffers — and perhaps intelligence services — across the globe. He posted 100 email log-ins and passwords on his blog, DEranged Security. "I just ended up (saying) 'Screw it, I'm just going to put it online and see what happens'."
The news hit the internet like a tonne of bricks, despite some initial scepticism. The email logins were quickly and officially acknowledged by some countries as genuine, while others were independently verified.
US-based security consultant — and Tor user — Sam Stover says he has mixed feelings about Egerstad's actions. "People all of a sudden (said) 'maybe Tor isn't the silver bullet that we thought it was'," Stover says. "However, I'm not sure I condone the mechanism by which that sort of information had to be exposed in order to do that."
Stover admits that he, too, once set up a Tor exit node. "It's pretty easy . . . I set it up once real quick just to make sure that I could see other people's traffic and, sure enough, you can," he says. "(But) I'm not interested in that sort of intelligence gathering."
While there's no direct evidence, it's possible Egerstad's actions shut down an active intelligence-gathering exercise. Wired.com journalist Kim Zetter blogged the claims of an Indian Express reporter that he was able to access the email account for the Indian ambassador in China and download a transcript of a meeting between the Chinese foreign minister and an Indian official. In addition to hackers using Tor to hide their origins, it's plausible that intelligence services had set up rogue exit nodes to sniff data from the Tor network.
"Domestic, or international . . . if you want to do intelligence gathering, there's definitely data to be had there," says Stover. "(When using Tor) you have no idea if some guy in China is watching all your traffic, or some guy in Germany, or a guy in Illinois. You don't know."
Egerstad is circumspect about the possible subversion of Tor by intelligence agencies. "If you actually look in to where these Tor nodes are hosted and how big they are, some of these nodes cost thousands of dollars each month just to host because they're using lots of bandwidth, they're heavy-duty servers and so on," Egerstad says. "Who would pay for this and be anonymous?"
While Stover regards Tor as a useful tool, he says its value is greatly overestimated by those who promote and use it. "I would not use or recommend the tool to hide from people between you and your endpoint. It's really purely a tool to hide from the endpoint," he says.
As a trained security professional, Stover has the nous to understand its limitations, he says. Most people don't.
The lesson remains but the data Egerstad captured is gone, the Swedish hacker insists. He's now focusing on his career as a freelance security consultant. "I deleted everything I had because the information I had was belonging to so many countries that no single person should have this information so I actually deleted it and the hard drives are long gone," he says." Link to Original Source top
SCO found guilty of lying about Unix code in Linux
mlauzon writes "In the United States, SCO's Linux/Unix litigation has been stalled out while the company's bankruptcy trial is being dealt with. In Germany, however, several court cases have found SCO Group GmbH, SCO's Germany branch, guilty of lying about Linux containing stolen Unix code.
In the first case, reported on by Heise Online, the pro-Linux German companies, Tarent GmbH and Univention found that SCO was once more making claims that Linux contained Unix IP (intellectual property). Specifically, SCO GmbH made the familiar claims that "As we have progressed in our discovery related to this action, SCO has found compelling evidence that the Linux operating system contains unauthorized SCO UNIX intellectual property (IP)." This was followed by the usual threat "If a customer refuses to compensate SCO for its UNIX intellectual property found in Linux by purchasing a license, then SCO may consider litigation."
The German Linux companies had already successfully protested against these statements in 2003. Then they were granted an injunction against SCO from making its claims that Linux contains illegally obtained SCO IP, a.k.a. Unix source code. If SCO violated this injunction, SCO would have to pay a fine of 250,000 Euros.
Since Tarent and Univention brought the matter to the attention of the courts, SCO has taken down the offending page with its claims.
Tarent's managing director told Heise Online that he found "It disconcerting, though not surprising, to see SCO trying to do towards the end what it is really being paid for by its supporters: spreading falsities as disparaging as possible about Linux." Unlike 2003, where Linux companies had to nip things in the bud, exercising vigilance is due now where things are coming to an end: "Even though SCO has reached the end of the line in our opinion, one should not let them get away with this."
In a similar case, Andreas Kuckartz, a German Linux advocate, had been publicly stating since 2003 that "SCO IP Licenses for Linux" amounted to little more than "protection money pricelists" and that SCO is "spreading rumors about copyright violations in Linux." Further, Kuckartz claimed that "The SCO Group Inc. is probably is involved in crimes such as stock manipulation and filing a fraudulent complaint against IBM."
SCO took him to court over these claims and SCO has lost (German PDF document). The Higher Regional Court in Munich ruled, Kuckartz said in e-mails to Linux-Watch, "that my statements are allowed because none of the factual statements I made to support those accusations are false. I can now even go to a business partner of The SCO Group GmbH and tell him or her that SCO is probably involved in the named crimes."
Kuckartz claim that he believes is the most important one is that in the four years the case has dragged out, SCO never objected "to my statement that SCO has not presented any proof of copyright violations in the lawsuit SCO vs. IBM."
mlauzon writes "A Microsoft executive calls the ease with which two British e-crime specialists managed to hack into a Windows XP computer as both "enlightening and frightening."
The demonstration took place Monday at an event sponsored by Get Safe Online — a joint initiative of the U.K. government and industry. At the event, which was aimed at heightening security awareness among small businesses, two members of the U.K. government intelligence group Serious Organized Crime Agency connected a machine running Windows XP with Service Pack 1 to an unsecured wireless network. The machine was running no antivirus, firewall, or anti-spyware software and contained a sample target file of passwords to be stolen.
The SOCA officials wished to remain anonymous. One of them, "Mick," remained behind a screen while carrying out the hack into the unpatched computer of a fellow officer, "Andy."
"It's easy to connect to an unsecured wireless network," said Mick. "You could equate Andy with being in his bedroom, while I'm scanning for networks outside in my car. If I ordered or viewed illegal materials, it would come back to Andy."
Mick used a common, open-source exploit-finding tool he had downloaded from the Internet. SOCA asked ZDNet UK not to divulge the name of the tool.
"You can download attack tools from the Internet, and even script kiddies can use this one," said Mick.
Mick found the IP address of his own computer by using the XP Wireless Network Connection Status dialog box. He deduced the IP address of Andy's computer by typing different numerically adjacent addresses in that IP range into the attack tool, then scanning the addresses to see if they belonged to a vulnerable machine.
Using a different attack tool, he produced a security report detailing the vulnerabilities found on the system. Mick decided to exploit one of them. Using the attack tool, Mick built a piece of malware in MS-DOS, giving it a payload that would exploit the flaw within a couple of minutes.
Getting onto the unsecured wireless network, pinging possible IP addresses of other computers on the network, finding Andy's unpatched computer, scanning open ports for vulnerabilities, using the attack tool to build an exploit, and using the malware to get into the XP command shell took six minutes.
"If you were in (a cafe with Wi-Fi access), your coffee wouldn't even have cooled down yet," said Sharon Lemon, deputy director of SOCA's e-crime unit.
Mick then went into the My Documents folder and, using a trivial transfer protocol, transferred the document containing passwords to his own computer. The whole process took 11 minutes.
A SOCA representative said that the demonstration was "purely to point out that, if a system hasn't had patches, it's a relatively simple matter to hack into it." SOCA stopped short of recommending small businesses move to Vista; a SOCA representative said that applying Service Pack 2 to XP, with all the patches applied, and running a secured wireless network is "perfectly sensible way to do it."
Nick McGrath, head of platform strategy for Microsoft U.K., was surprised by the incident.
"In the demonstration we saw, it was both enlightening and frightening to witness the seeming ease of the attack on the (Windows) computer," said McGrath. "But the computer was new, not updated, and not patched."
McGrath said that having anti-spyware installed was not as important as having the software updated. He added that Microsoft works closely with original equipment manufacturers to encourage the preloading of antivirus and anti-spyware on a 30-day trial basis. McGrath also said that Service Pack 2 for XP had a firewall and that Vista was not as "accessible to the average hacker" due to "operating system components."" Link to Original Source top
MIT releases the source of MULTICS, father of UNIX
mlauzon writes "This is extraordinary news for all nerds, computer scientists and the Open Source community: the source code of the MULTICS operating system (Multiplexed Information and Computing Service), the father of UNIX and all modern OSes, has finally been opened.
Multics was an extremely influential early time-sharing operating system started in 1964 and introduced a large number of new concepts, including dynamic linking and a hierarchical file system. It was extremely powerful, and UNIX can in fact be considered to be a "simplified" successor to MULTICS (the name "Unix" is itself a hack on "Multics"). The last running Multics installation was shut down on October 31, 2000.
From now on, MULTICS can be downloaded from the following page (it's the complete MR12.5 source dumped at CGI in Calgary in 2000, including the PL/1 compiler):
Unfortunately you can't install this on any PC, as MULTICS requires dedicated hardware, and there's no operational computer system today that could run this OS. Nevertheless the software should be considered to be an outstanding source for computer research and scientists. It is not yet know if it will be possible to emulate the required hardware to run the OS.
Special thanks to Tom Van Vleck for his continuous work on www.multicians.org, to the Group BULL including BULL HN Information Systems Inc. for opening the sources and making all this possible, to the folks at MIT for releasing it and to all of those who helped to convince BULL to open this great piece of computer history.
mlauzon writes "(TITLE SHOULD READ: Mozilla Still Flummoxed by Firefox' Appetite for Memory)
Anyone who uses Firefox on Windows knows the browser has an almost insatiable appetite for memory, and it's not unheard of for PCs to allocate a half GB or more of memory just to the browser alone.
Mozilla continues to deny that Firefox leaks much memory, but Christopher Blizzard, a member of Mozilla's board, says fixing the issue is a priority — - especially now that the browser developers are seeking to plow directly into the mobile space.
As Mozilla starts down the path to running in the mobile space we are spending time looking at memory pressure issues more closely. . . (I)t sounds like the early data suggests that Mozilla really doesn't leak that much memory at all. But it does thrash the allocator pretty hard and that's what causes the perception of memory leaks.
Blizzard refers to findings of developer Stuart Parmenter, which contains more information about memory and browser use than you'd probably ever want to know. Parmenter attributes the problem to "memory fragmentation." Whatever it is, it can cause a PC to grind to such slow performance that sometimes it's just easier to "X" out of Firefox or reboot altogether.
Now, imagine that happening on a smart phone, and getting in the way of your ability to make or receive phone calls. This is just one of the many challenges Mozilla and its developers face as they try to move from the PC to the handheld arena.
"Over the next few months it will be very interesting to see what happens with both memory usage and perceived performance especially as we connect those numbers to a successful mobile strategy," Blizzard writes." Link to Original Source