First, unless you're using ksplice, you have to reboot. So it may download and install the new kernel, but unless the user reboots they're still vulnerable.

Yes, but the latest version(s) of Ubuntu ask if you want to reboot after installing kernel updates. So the user at least knows they're supposed to reboot as soon as they can.

many hackers sit on exploits to these kinds of programs so they can use them when a big flaw like this one is exposed,

Except that flaws like this one are discovered quite regularly. Just look through security updates for stable distributions like Debian.

Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this.

C'mon now. As others have pointed out, and has been mentioned earlier on /., this is a local root exploit. It's bad, it affects a lot of users (in theory), but to write this is to simply spread fear for most of those using Linux.

Why? Because the systems that inexperienced users run also happen to be those with a few, generally trusted users. Think netbooks. Sure, all local root exploits are bad and should be patched asap. But that doesn't mean "you're probably being rooted as I type this". It means that a remote attacker needs user-level privileges (say, with a browser or plugin vulnerability) first. Since Ubuntu and probably other major distros have already patched this, and the default settings for updates on these systems is to check fairly frequently, most end users will have the patched kernel quickly.

That leaves multi-user systems. The admins of these servers certainly benefit from finding out about the vulnerability asap, and they did (including through previous stories here). By now, though, most admins should have something in place if they don't have full trust in their users. If they don't, they should definitely be looking at whether this was exploited.

The bottom line is that there are many local root exploits which come out every year. This is the latest one, with a patch already available. Responsible admins of multi-user systems are used to dealing with this, and home users are almost certainly going to be patched before it causes any issues. For them, the latest Flash vulnerability is more worrisome. Even the extremely rare remote exploit of a service isn't usually an issue, since most modern distros don't start much of anything by default (including ssh, IIRC).

When you upload the video, if it finds a content match it tells you and explains what that means for you. I did a music video for "Crazy" by Gnarls Barkley and it identified the audio track, told me that it identified the audio track, and placed a link to buy the song under the video. I assume had it been from an artist/label/etc who doesn't want any unauthorized use of their content, it would have blocked the audio (or entire video) and notified me in the same way that it had done so.

Okay, so the uploading person knows, but what about the viewer? If nothing else, I'd be really curious to know which artists/labels/studios/etc like their content on Youtube and which still send takedown notices. It's certainly possible to figure it out on a case-by-case basis, but a little note on the video would make things easier.

The main point of the article is how Youtube is enabling a shift in how copyright holders deal with unauthorized content. They scan new videos for content matching that provided by content owners and split ad revenue with them. It's certainly less confrontational than DMCA takedown notices, but I imagine it's full of gray areas: what if the video I upload uses 15 seconds of a music video for commentary but is otherwise 9 minutes of my own contribution? Does Youtube still show more-than-usual ads and split the revenue with the artist?

Is there any way we can reliably well which videos have this revenue sharing? Some things are obvious - official music videos often have more ads and big "VEVO" logos everywhere. But how about these user-uploaded videos?

Agreed that the iTunes requirement is stupid. I've only used iTunes a few times, mostly to back up the ipad and update the software. But this requirement rules out using the ipad as a computer replacement for older users.

Regarding photo software, have you tried some of the other apps for getting and displaying photos? It's not my use, so I haven't tried them; but it looks like flickr has a decent app for one. Since I almost never connect my ipad via usb, I use Dropbox regularly to move content (mostly PDFs) around.

That video is really damning. Choppy scrolling before the flash video loads, and horrible framerate. By contrast, the ABC app on the ipad is quite robust and the hardware acceleration of video playback means that it is quite smooth.

That said, HTML5 isn't a panacea - if a Youtube video is HD, the ipad can only load the HD version of it, not the lower quality options available on the flash site. This means that if you have a slightly slower connection (say, 3Mbps or so), you'll get tons of buffering trying to play those videos. The dynamic bitrates of Netflix and ABC work great though. It's a little ironic that the Youtube app included with the ipad is relatively poor, though.

Personally, I hate flash. I use noscript to block it most of the time, and even on a Core 2 Duo running Linux the performance can be pretty choppy sometimes (thanks to a lack of hardware acceleration). Unfortunately, with Hulu trying to make money off the ipad (insanely priced relative to Netflix), we won't be seeing an HTML5 version of that site any time soon.

Unless there's something seriously wrong with this demonstration, though, it's clear that Flash support is not a strong bonus of going Android over iOS.

There's already several apps out there that turn the iPad into a networked wifi printer, or you can just use the OS X Print to PDF feature and sync the PDF over via any one of a number of mechanisms and apps (dropbox, iDisk, iTunes/iBooks, etc.)

Sure - I use Dropbox regularly and have no problem generating PDFs from the apps I care about. But the ipad really needs multitasking to enable wifi printer emulation all the time. The idea is to reduce the number of steps to get your documents to the ipad down to one: just print, and it's there.

Nice to know that there are apps to do the emulation part, now we just need multitasking. Done right it's easier than even the 20 seconds required to use Dropbox.

Actually, printing to the iPad is already dead simple (at least if you're on a Mac). Just drop an alias of the iTunes application in your ~/Library/PDF Services folder and name it "Print PDF to iPad". Then in the print dialog box, the PDF dropdown will have an entry to print to the iPad. It automatically creates the PDF and imports it to iTunes, ready to upload to your iPad the next time you sync.

No, the whole point is to eliminate itunes, an unnecessary and annoying intermediary (requiring a cable no less). This is about wifi-based printing.

But why would you want to print to the iPad?

Actually, from a ease-of-use perspective, printing to the ipad might actually be a really good idea. If you want a document from any application to be available for reading on the ipad, simply add a printer driver to the system that treats the ipad like a networked printer (and generates postscript or PDF versions of files). It's an interface that most computer users are familiar with, and it eliminates the need to worry about the file system or file transfer (especially via iTunes, ick).

I will still with Dropbox, but the premise of printing to the ipad actually makes a lot of sense to me.

I saw some of the original props at the Children's Muesum in Indianapolis several months ago, and close up, to be honest, they look like crap. You might not want to use the original movie props as your standard to aim for.

That doesn't surprise me. Yet there are some movie props which should have really intricate detail. I'd love to see some of the miniatures used in Lord of the Rings; perhaps without the camera effects they'd still seem underwhelming, but given the budget involved I think they have a better chance to impress.

One thing that does amaze me about this movie is the fact there there doesn't seem to be any real middle-ground. People either love it to the point of excess (which I'll admit- I do), or they hate it and call it self-indulgent garbage that ripped-off other movies.

I disagree. I think a lot of people (myself included) enjoyed watching the movie once in the theatre. Sure, the story was highly familiar from any number of places and even more predictable. It was pretty with nice special effects and a worthwhile imax/3D experience (though a little pricey compared to what I'm used to paying). I have no interest in paying much to see it again; I certainly won't buy the blu-ray disc, but somewhere down the line I may get it via Netflix.

A casual survey of people I know who watched the movie suggests that many are of my view; we aren't talking about the fanatical response where people went to see Titanic 5x in the theatre. It was an enjoyable action flick with really well done special effects that we'll see much more of in the next 10 years.

You want a truly love-or-hate movie? Try Lost in Translation, or Napoleon Dynamite.

Other cities, like CmdrTaco's nearby Ann Arbor are using positive reinforcement to encourage recycling. It offers "points" for recycling. "Points can be redeemed for rewards - such as discounts and offers -- from local and national businesses".

It will be interesting to see which approach works better in terms of improving recycling, though I suspect that Ann Arbor's recycling rate is already pretty high.

The article mentions internet router, file storage, and print server. Really? That's the best you can do?

A decent dd-wrt compatible router is pretty inexpensive, and will give you a few port switch and a decent set of wireless antennas. Most people aren't so constrained on space that they can't tuck one away somewhere. They often include the capability of handling USB hard drives as well for file or print sharing. Many printers these days have built in ethernet or wireless to handle their own print serving capability.

Devices of this size do have possibilities, but the article doesn't mention anything really interesting. Apple has had its airport express base station for a while, and while it's mostly an ordinary wireless N router, it does provide music sharing via airtunes which works well if you happen to use the Apple/iTunes ecosystem for music.

So what do you do with a tiny Linux box? mpd or a squeezebox client would provide music sharing (though you can get Logitech's own radio for $100-$150, and it comes complete with a screen and controls). It would either need a good quality sound chip on it (unlikely) or a decent USB sound card (added expense, though).

What would be really neat is if they had an HDMI port for a thin client. Maybe an install of Android and its browser to turn a smaller LCD monitor into a little internet browsing box in otherwise cramped spaces (e.g. kitchen). Or have something powered off 12V and use it as the basis for a car computer.

Even with the current offerings, I'm sure there are much more interesting ideas that people could come up with (probably involving more significant hacking) than a file or print server.

On a related note, does anyone know if the new WebKit browser on the now-$139 Kindle is any good?

We'll find out in a few weeks when they ship, but there's only so much you can do with modern eink screens. If I were getting a Kindle, though, I'd almost certainly spring the $50 for the 3G + wifi version if I had any thoughts of trying the browser. I don't find myself away from wifi too often, but when I do it would sometimes be convenient to look up a phone number or address or something very simple, and a free lifetime 3G web browser (even if it's painful) sounds pretty awesome.

The Nook, on the other hand, doesn't offer web browsing over 3G. So if I was getting one of those, I'd just get the wifi version; I'm told by someone who owns it that despite using the built-in LCD screen in the browser interface, it's quite painful to use.

When the ipad was first announced, many commentators predicted that there would be a deluge of Android-based competitors with more features (Flash!) for less money. Here we are almost seven months later and frankly, this article sums up the sorry state of competition. Most of the devices are unavailable and many don't even have firm release dates (others are late). The predictions about beating Apple's pricing fell through (e.g. the JooJoo is $499, though it's a larger and significantly different device).

Eventually we will have a nice selection of tablets, just like we now have a nice selection of smartphones. But you may have to wait a year or two for them; meanwhile, Apple will sell lots and lots of ipads, establishing a solid market for which developers will make lots of apps.

Frankly, if I was waiting for one of these competitors I'd be getting pretty frustrated. The Notion Ink Adam has been hyped up all over the place, and keeps getting pushed back. The currently available devices (like the one from KMart) get pretty horrible reviews; it's clear that trying to go too cheap on the tablets leads to some huge sacrifices in quality of the screen, for example.

What's interesting to me is that the major ereaders have responded to the ipad. Amazon and BN released apps for the ipad (Amazon on launch day!), while they both substantially dropped their ereader prices (responding to each other, too). They're carving out a niche - dedicated ereaders with eink screens getting down to the price points where people can buy them as gifts for each other in this coming holiday season. BN's nook actually runs Android, though it has to be jailbroken to make use of it.