Ditesh Kumar tips us to a blog entry by Sam Hiser noting a bill filed in Texas that would require state agencies to conduct their work in an open document format. After Microsoft's grueling battle against ODF in Massachusetts, bluest of blue states, it must be galling to face te same fight in the reddest of the red. Hiser notes that the bill includes a rigorous and sound definition of an open document format, which ODF would meet but Microsoft's current OOXML submission would not.

liquidat and others wrote in with the news that the DNS Root Servers were attacked overnight. It looks like the F, I, and M servers felt the attack and recovered, whereas G (US Department of Defense) and L (ICANN) did less well. Some new botnet flexing its muscle perhaps? AP coverage is here.

cj writes in with news of a vulnerability in Firefox's stock popup blocker discovered by Michal Zalewski. The vulnerability can allow a malicious user to read files from an affected system. The attacker would "need to plant a predictably named file with exploit code on the target system. This sounds hard, but isn't," according to the article.

AlexGr points out an article in ACM Queue, "Open vs. Closed," in which Richard Ford prods at all the unknowns and grey areas in the question: is the open source or the closed source model more secure? While Ford notes that "there is no better way to start an argument among a group of developers than proclaiming Operating System A to be 'more secure' than Operating System B," he goes on to provide a nuanced and intelligent discussion on the subject, which includes guidelines as to where the use of "security through obscurity" may be appropriate.