ubuwalker31 - Slashdot User

Submission + - Germans reject file-sharing paranoia (arstechnica.com)

Submitted by

athloi

on Friday August 03, 2007 @09:39AM

athloi writes: "German prosecutors have begun denying requests to force ISPs to identify the subscribers behind IP addresses, saying that the alleged file-sharing was a "petty offense." According to German-language Heise Online, the court said that the labels did not explain how a "criminally relevant damage" could have arisen from the alleged file-sharing. Unlike the US legal system, German law has no provision allowing for civil proceedings to obtain ISP subscriber info.

http://arstechnica.com/news.ars/post/20070802-file -sharing-is-a-petty-offense-say-german-prosecutors .html"

Submission + - New York Jumps into Open Formats Fray (infoworld.com)

Submitted by

cyrusmack

on Thursday June 07, 2007 @04:07PM

cyrusmack writes: "Hot on the heels of the bad news regarding the defeat of all open formats bills (erroneously reported by the mainstream media as "ODF" bills), New York has become the latest in an area that has seen a flurry of activity already this year. In the article on InfoWorld, it's pretty clear that this bill is significantly watered down from what other states have attempted to do this year. You can Microsoft will be there in force, just as it has been elsewhere."

Submission + - Court Santions 'Anti-RIAA' Lawyer (com.com)

Submitted by

uolamer

on Wednesday June 06, 2007 @04:51PM

uolamer writes: "Last year, an attorney representing a woman sued by the Recording Industry Association of America claimed his client is innocent and asked a federal judge to levy sanctions against the association's lawyers.

Instead, in an unexpected legal twist, U.S. District Judge Terry Means ruled on May 16 that it was entirely likely that the woman was violating copyright law via the Kazaa file-sharing program — and ordered that her attorney be sanctioned for wasting the court's time with "frivolous" arguments.

CNET Story"

Submission + - Vi Implemented In Javascript (internetconnection.net)

Submitted by smak on Thursday May 31, 2007 @04:36AM

smak writes: You love Vi. You love JavaScript. Now you have both, with Vi implemented in JavaScript.

Sci-fi Writers Join War on Terror 793

Posted by samzenpus on Thursday May 31, 2007 @04:23AM from the lie-detecting-phase-shifting-terrorist-hating-alien-monkeys dept.

yoyoq writes "Homeland Security is looking for suggestions from sci-fi writers. "Looking to prevent the next terrorist attack, the Homeland Security Department is tapping into the wild imaginations of a group of self-described "deviant" thinkers: science-fiction writers." Here's a suggestion: 9-11 could have been prevented with locks on the cockpit door."

Submission + - Fired Employee Can Sue Company For Stolen Data

Submitted by ubuwalker31 on Wednesday May 30, 2007 @09:29PM

ubuwalker31 writes: Plaintiff Louis Thyroff was an insurance agent for defendant Nationwide Mutual Insurance Company. In 1988, the parties had entered into an Agent's Agreement that specified the terms of their business relationship. As part of the arrangement, Nationwide agreed to lease Thyroff computer hardware and software to facilitate the collection and transfer of customer information to Nationwide. In addition to the entry of business data, Thyroff also used the AOA system for personal e-mails, correspondence and other data storage that pertained to his customers. On a daily basis, Nationwide would automatically upload all of the information from Thyroff's AOA system, including Thryoff's personal data, to its centralized computers.

The Agent's Agreement was terminable at will and, in September 2000, Thyroff received a letter from Nationwide informing him that his contract as an exclusive agent had been cancelled. The next day, Nationwide repossessed its AOA system and denied Thyroff further access to the computers and all electronic records and data. Consequently, Thyroff was unable to retrieve his customer information and other personal information that was stored on the computers. Thyroff initiated an action for conversion (civil theft) against Nationwide Insurance in the United States District Court for the Western District of New York, alleging that Nationwide stole his business and personal information stored on the company's computer hard drives, which had been leased to him.

Shockingly, New York State's highest court ruled for the little guy, and agreed that an action for conversion could be pursued in Federal Court.

How will this effect corporate data policies and practices in the future? Do you think this legal ruling was correct?

Read the entire court opinion in Thyroff v. Nationwide

Submission + - ISPs willingly accepting abuse?

Submitted by beh on Wednesday May 30, 2007 @11:49AM

beh writes: Yesterday, at 2:30pm GMT someone started ssh scanning my servers — thanks to fail2ban, there's not much chance of anything happening there, but nevertheless, when I finally saw all the fail2ban messages about it 2 1/2 hours later, I reported the issue to theplanet.com, the provider from which the attack originated.

At first, there was no response apart from 'This is an auto-response'. A further 12 hours later, finally an answer "we will investigate", in the meantime, the attack continues.

By now, it has been 23 hours since the attack started, and over 20 since I reported it to the ISP; no further reaction, the ssh scans continue to come in from 70.87.55,194; and since the attack goes again all IP addresses of both of my servers, I can only assume it will go against the entire subnet of those servers (especially since a third server belonging to the same domain, with another ISP is not the target).

I've just had a quick online chat with their support desk, and all they tell me is "I can't do anything about it; my hands are tied. Mail the abuse desk again, but please note, the investigation and actions from it can take between 24 and 72hours.".

My question now is this — when does an ISP become an accomplice to an attacker, by willingly leaving him to continue to attack other systems, even though the provider knows full well about what's going on?

Where are the rights of those people that are on the receiving end of those attacks — I can hardly 'take my business elsewhere', since I'm not a customer of theplanet.com... For the moment, I'm 'happy' with the attacks to continue, as the attacker seems to be using dictionary based attacks and hasn't hit on any accounts that could be vulnerable; but obviously, I can't say how safe other systems on the same subnets, or on other subnets that are being attacked might be. Leaving this unchallenged for 24-72 hours seems a sure-fire way to exacerbate the problem, as any additional host someone might be able to break into, will only make future attacks worse.

So, what can/should be done?

Novell Worries About GPL v3 157

Posted by CmdrTaco on Wednesday May 30, 2007 @10:14AM from the deliver-the-code-and-nobody-cares dept.

An anonymous reader writes "In its annual report for the fiscal year ended October 31, 2006, Novell expressed concerns over how the new version of the GPL may affect their business. Microsoft might stop distributing Suse coupons if the GPL version 3 interferes with their agreement or puts Microsoft's patents at risk, ultimately causing Novell's business and operating results to be adversely affected."

Submission + - Windows Vista No Safer Than XP, Researchers Find

Submitted by somethinginmyeye on Wednesday May 30, 2007 @09:54AM

somethinginmyeye writes: Users of Windows Vista and Windows XP are equally at risk to viruses and exploits, according to the CRN Test Center, which took two notebooks, stripped them bare of all security applications, and sent them out to face all the perils of the internet. Check out how the systems stood up and how they were tested. http://crn.com/software/199701019

Submission + - A Remote Vulnerability in Firefox Extensions

Submitted by MitmWatcher on Wednesday May 30, 2007 @09:42AM

MitmWatcher writes: A vulnerability exists in the upgrade mechanism used by a number of high profile Firefox extensions. These include Google Toolbar, Google Browser Sync, Yahoo Toolbar, Del.icio.us Extension, Facebook Toolbar, AOL Toolbar, Ask.com Toolbar, LinkedIn Browser Toolbar, Netcraft Anti-Phishing Toolbar, PhishTank SiteChecker and a number of others, mainly commercial extensions. The Google Security Team was notified of the problem on April 16th. They were given a full explanation of the vulnerability. An additional four emails were sent between April 20th and May 24th. These included additional information on the problem, offers to provide help as well as offers to delay publication of the vulnerability. The Google Security Team replied on May 25th stating that they were working on a fix, and expected to have it ready and deployed before May 30th. At the time of publishing this vulnerability disclosure, it does not appear that Google has rolled out an update yet. http://paranoia.dubfire.net/2007/05/remote-vulnera bility-in-firefox.html

Submission + - Court:: breaking copy protection permissible

Submitted by

Erik Norgaard

on Wednesday May 30, 2007 @08:16AM

Erik Norgaard writes: "ArsTechnica reports that the district court of Helsinki, Finland, has ruled that CSS is not an effective copy protection mechanism. The EU copyright directive prohibits the creation and distribution of code that can circumvent effective copyright protection schemes. The court have found that CSS is ineffective. No other court have previously tried to interpret the term "effective technological protection"."

Submission + - Dell to Preload Ubuntu Linux on Consumer Machines

Submitted by

TechDock

on Tuesday May 01, 2007 @05:13PM

TechDock writes: "According to this EWeek article, Dell and Canonical will announce a partnership on May 1 that will see the hardware giant ship Ubuntu Linux preinstalled on some of its desktop and laptop computers. The move, which has been expected for some time, makes Dell the first major desktop vendor to release consumer desktops and laptops with preinstalled Linux"

Submission + - Learning Assembly programming

Submitted by

intelinsight

on Monday March 19, 2007 @07:48AM

intelinsight writes: "How relevant or useful is it to learn Assembly programming language in the current era? Consider this question in the lieu of the current s/w development needs and also the claims of the Assembly lovers for it being a language giving one insights of the internal working of a computer."

Submission + - Interview - James Gosling, father of Java

Submitted by Minaloush on Monday March 19, 2007 @07:15AM

Minaloush writes: Interesting Q&A with Sun's James Gosling on silicon.com. The father of Java field questions on the GPL, security, the role of Java in the enterprise — and even reveals his — albeit limited — views on Windows Vista ("I tend to stay away from Microsoft [software] because it tends to be so toxic").

From the article:
If you come up with a good software development tool, that makes life easier for the developers and they can get their job done quicker, then the first thing the manager says is 'oh you've got free time on your hands. Do this extra thing'.

The Business Case for Open Source Software 158

Posted by Zonk on Monday March 19, 2007 @07:11AM from the exciting-time-to-like-penguins dept.

An anonymous reader writes "An InfoWorld blog entry makes a business case for open source software, and attempts to explain the business benefits of OSS to management and business owners. The primary benefits the piece uses to argue in favor of OSS include no licensing fees, and no license keys. The article also argues that OSS results in freedom from 'ownership' by software vendors. 'Never again will you fear the BSA (Business Software Alliance) knocking on your door wanting to perform a software audit. The BSA even takes out advertisements on Google search pages for and up to $200,000 reward a disgruntled ex-employee can receive for reporting your company to the BSA! That's quite a powerful motivator...'"

Slashdot Top Deals