marco_marcelli writes with a link to the founder and chairman of MPEG, Leonardo Chiariglione, replying to Steve Jobs on DRM and TPM. After laying the groundwork by distinguishing DRM from digital rights protection, Chiariglione suggests we look to GSM as a model of how a fully open and standardized DRM stack enabled rapid worldwide adoption. He gently reminds Jobs (and us) that there exists a reference implementation of such a DRM stack — Chillout — that would be suitable for use in the music business.

An anonymous reader asks: "I was talking with a co-worker today about how Google is so big, and how they make such great use of commodity hardware to do their business, and one of the topics that came up is what Google does with its old hardware. Google has been around for many years now, they have more machines than any sane person would own, and they are continually expanding. At some stage they have to push out old equipment, either when it starts entering into its MTBF limits or it's been depreciated down. Searching (using Google of course) wasn't particularly fruitful. Has anyone seen where Google's hardware goes when it dies?"

gloom writes "In 2000 the Finnish demoscene musician Janne Suni (also known as 'Tempest') won the Oldskool Music Competition at the Assembly demoparty with his four-channel Amiga .MOD entitled 'Acid Jazzed Evening.' A Commodore 64 musician called 'grg' remade the song on the C64 (using the infamous SID soundchip); it is this that was stolen. The producer's name is Timbaland and he is one of the hottest names in American music these days. The track in question is called 'Do it' and it is featured on the Nelly Furtado album 'Loose' on the Geffen label. Getting nowhere with Geffen, the demoscene has now risen to the aid of Tempest, first by creating a stir at SomethingAwful (files downloadable from the forum), then at Digg.com, then on YouTube, with a video demonstrating the blatant ripoff. Being an online-posting musician myself — what rights do I have if this should ever happen to me, and what can be done to raise awareness about such things?"

robustyoungsoul writes "Popular sports blog Deadspin established the Adam Knox Fund for the purpose of raising money in honor of the fallen soldier who was killed in Iraq. They took the donations through a PayPal account. Turns out now, however, PayPal will not release the money due to the way the account was set up on their end."

eldavojohn writes "The Month of Apple Bugs (MOAB) is well under way with a startling bug released Monday. From the description: 'Application Enhancer (APE) is affected by a local privilege escalation vulnerability which allows local users to gain root privileges.' APE is the same software used to deploy fixes during 'The Month of Apple Fixes' (MOAF). I know it's confusing but MOAB came first and MOAF was a developer's answer to the bugs — after all, the purpose of posting bugs is to have them identified, confirmed and eradicated. The article talks about potential remote root access by an intruder. Note that this is third party software that all of the bugs seem to be stemming from. I guess Apple has made a fairly secure system but they can't expect all third party developers to follow the same rigorous standards."

An anonymous reader writes "PC World Senior Editor Tom Spring signed up for 32 online accounts. Then tried to cancel all of them. The most difficult to cancel: NetZero. The easiest to cancel: Consumer Reports Online and The New York Times TimesSelect. His experience was rated on a number of criteria, and highlights the hoops that commercial enterprises put in place to keep their 'customers'. From the article: 'I had a hard time canceling my $5 monthly Gold Classmates.com account, too. I couldn't find any information on how to cancel until I entered the word cancel In the site's search engine. Classmates.com spokesperson John Uppendahl confirmed that there is no other way to find cancellation information. But that was only the first hoop I had to jump through to cancel my membership. Classmates.com also forced me to click through several Web pages reminding me of the benefits I'd lose. Finally my clicking ended at a generic Member Support e-mail contact page containing a blank 'Your Question' field. Though the form said nothing about cancellations, I used it to request that the service cancel my subscription. The next day I received an e-mail message confirming that the service had accepted my request.'"

Torus Kas writes "Debian GNU/Linux 4.0 was supposed to be due by December 4 and development is currently frozen. Apparently the saga was triggered by disenchantment towards funding of $6,000 for each of the 2 release managers to work full-time in order to speed up the development. Many unpaid developers simply put off Debian work to work on something else."

gr00ve writes "Eweek is reporting that all the major OEMs will enable DEP/NX in their BIOSes by default to allow Address Space Layout Randomization (ASLR), a new security feature in Windows Vista, to work as advertised. ASLR, which is used to randomly arrange the positions of key data areas to block hackers from predicting target addresses, is meant to make Windows Vista more resilient to virus and worm attacks." From the article: "Because most CPUs that ship today support DEP/NX, Howard explained that Vista users on older hardware can use the control panel to manually verify that PCs have DEP enabled. With full support from OEMs, Microsoft is effectively using ASLR to create software diversity within a single operating system, a move that is widely seen as Redmond's attempt to address the monoculture risk. The memory-space randomization technique will block the majority of buffer overflow tricks used in about two-thirds of all worm and virus attacks."

Itninja writes, "Having used RAC several times in the past (as a buyer), I was shocked by a recent experience. I did a bit of looking around to see if I was the only one having problems with Rent-A-Coder. Apparently, I'm not." From the article: "This unfairness of RAC fees motivates the majority of coders to negotiate payment outside the scope of RAC which amounts to you and coder getting a better deal. For example, I have several coders that I fully trust willing to work on projects on a monthly basis because it is easier for him to deal with established clients than to have to bid for projects all the time. It saves me time and trouble because I can work with a person that I trust and he knows what is expected." A comment to this posting links a discussion of RAC at Google Groups, and there the service has its defenders. What has your experience of RAC been, either as a buyer or as a coder?

An anonymous reader writes "There's a great blog post about how World of Warcraft can ruin lives, it's written by a person that was for a long time a member of the largest council on what is now one of the oldest guilds in the world." This is a story that is very familiar to a lot of folks. I know people who are actively wrecking their lives and risking their jobs by playing too much of a video game.

Two different devices intended to slow the nerd obesity epidemic just came to our attention. PoconoPCDoctor writes about the Geek-A-Cycle, which is a workstation with built-on exercise bike that you have to pedal to run the computer. And several readers pointed out the FP Gamerunner (mirror), reviewed here: think treadmill meets Quake 4. Again, you have to keep moving to stay in the game.

Goodfellas writes, "This document aims to demonstrate a design weakness found in the handling of simply linked lists used to register binary formats handled by the Linux kernel. It affects all the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel space that can be used by malicious users to create infection tools, for example rootkits. Proof of concept, details, and proposed solution (in PDF form): English, Spanish.

An anonymous reader asks: "What display device should I get for a conference room? It can't be a front projection and it should be >= 50" and somewhat slim. If I go plasma, it seems like the burn-in problem could be serious if the unit is used as a monitor -- I don't want to look at either a 'Start' or 'KDE' button until the end of time. LCDs don't impress me since I can only get them in sizes of 45" or less. What about DLP? They make noise, but will it drown out a person trying to make a presentation to a room of 10-20 people? Overall, am I really stuck with a max vertical resolution of 768? Are rear projection LCD's or DLP's slim enough to not dominate a room?"

Ravi writes "Any one who has had the opportunity to manipulate images would be aware of Adobe's Photoshop - considered to be the market leader in image manipulation software. But with its high price tag, buying Photoshop is akin to putting strain on your bank balance. What is interesting is that there is a very popular free alternative to Photoshop in GIMP. For those in the dark, GIMP is a state of the art image manipulation software which runs on multiple architectures and OSes and which is released under the GNU free License (GPL). I have been using GIMP exclusively for touching up images for many years now and it has met all my graphics manipulation needs." Read the rest of Ravi's review

Gimble writes "eWeek has an article up that looks at the performance of portals using open source stacks and comparing them to their MS equivalents. The article's conclusion is that .Net outperforms the open source stacks, mainly because of its tighter integration, but also notes that running the open source stacks on Windows (WAMP) delivered strong performance." From the article: "Based on our forays into user forums for many top open-source enterprise applications, there are many IT managers attempting to run open-source products on Windows servers--attracted, no doubt, to the benefits and efficiencies of using open source without having to become Linux administrators. The results of our WAMP stack tests indicate that these folks might be on to something."