hankwang writes "Security researcher Petko Petkov, who is known for his recent discovery of a vulnerability with Quicktime in Firefox, claims to have discovered an exploit that allows arbitrary code execution when a maliciously crafted PDF document is opened in any version of Adobe Reader. Petkov did not disclose any technical details other than a video, but claims on his blog that Adobe has acknowledged the vulnerability. If this exploit goes wild, it could cause some serious problems, as PDFs are usually automatically opened from web browsers and widely used and trusted by corporate users."

Gamespy had a chat with Chris Perkins, story manager for Dungeons and Dragons R&D, at this year's Gen Con. Though Chris had no more details to offer Gamespy than he did for us at the event, the piece puts a lot of information all into one place on what we can expect from D&D Fourth Edition. "GameSpy: We've been reading a lot about talent trees in 4th Edition ... Christopher Perkins: Talent trees aren't unique to MMORPGs. Wizards has produced other games that use talent trees, such as the d20 Modern Roleplaying Game and the Star Wars Roleplaying Game Saga Edition. The theory of game design, regardless of platform, is constantly evolving. We've taken our gaming experiences over the past decade, as well as player feedback on the games and supplements we've produced in that time period, to build a system for character creation and advancement in 4th Edition that draws inspiration from numerous sources, but isn't exactly like anything that's been done before."

JSM writes to tell us that Apple released a new version of their popular iPod music player today that boasts, among other things, an iPhone-like touch screen and Wi-Fi capabilities. "The iPod Touch will feature the Safari Internet browser and, like the iPhone, play YouTube videos. Apple also announced a new version of its iTunes music store that will allow users to buy songs wirelessly. iTunes will also sell customizable 99-cent ringtones for the iPhone."

UnHolier than ever writes "Apple may be planning to announce a 'revamp' of the iPod on Wednesday. Reporters from across Europe have been asked to view a broadcast presentation by Steve Jobs at the BBC headquarters. Theorized features for this new iPod include a full or wide-screen with touch controls, ala the ever-popular iPhone. '[An analyst with Goldman Sachs] believes that a new line of iPods will boost demand for the gadget from Goldman's present forecast of about 19.8 million units for Apple's key first quarter - the reporting period that covers Christmas. However, that still suggests that demand for iPods will be flat, at best, compared with the same period last year, when Apple sold about 21 million devices.'"

bsdphx writes "While Theo may have a reputation of being "difficult" in some circles, this response to the recent relicensing controversy is thoughtful and well penned. Through this whole process I've learned some new things about both GPL and BSD licensing, and especially about combining the two."

exploder writes "String theory is notorious for its lack of testable predictions. But if the MAGIC gamma-ray telescope team's interpretation is correct, then a delay in the arrival of higher-energy gamma rays could point to a breakdown of relativity theory. A type of 'quantum lensing effect' is postulated to cause the delay, which is approximately four minutes over a half-billion year journey." Ars's writeup is a little more fleshed-out than the Scientific American blog posting.

Cain writes to mention that a couple of MIT students would like to harness the mechanical power of large groups of people. "A Crowd Farm in Boston's South Station railway terminal would work like this: A responsive sub-flooring system made up of blocks that depress slightly under the force of human steps would be installed beneath the station's main lobby. The slippage of the blocks against one another as people walked would generate power through the principle of the dynamo, a device that converts the energy of motion into that of an electric current."

StonyandCher writes "SugarCRM is to adopt version 3 of the GNU general public license for the next release of its open-source CRM software after coming under pressure from its user community to move away from its own Sugar Public License. 'We just think it's a great license,' said John Roberts, SugarCRM CEO and co-founder. 'It's more copyleft, more liberal and less restrictive than our current license.' He added that when the beta version of Sugar Community Edition 5.0 ships within two weeks, it will be licensed under GPLv3."

AlexGr writes "We've heard conflicting tales regarding Linus Torvalds' acceptance of GPLv3. InformationWeek reports on comments by Mr. Torvalds that would seem to decide the issue: 'Torvalds said the authors of a new software license expected to be used by thousands of open source programmers are a bunch of hypocrites ... For Torvalds' part, it appears unlikely he'll ever adopt GPLv3 for the Linux kernel. He accused the Free Software Foundation leadership, which includes eccentric, MIT-trained computing whiz Richard Stallman, of injecting their personal morality into the laws governing open source software with the release of GPLv3. "Only religious fanatics and totalitarian states equate morality with legality," Torvalds wrote.'"

An anonymous reader writes in with the news, which isn't particularly new, that Microsoft's Internet Explorer sends typo domain names to a page of pay-per-click ads. In this endeavor Microsoft joins Charter and Earthlink in profiting from the dubious practice that Verisign pioneered but failed to make stick. The article is on a site whose audience is, among others, those who attempt to profit by typo-squatting, and its tone is just a bit petulant because individuals cannot hope to profit in this game on the scale Microsoft effortlessly achieves.

hcmtnbiker writes with news of a logic flaw shared by IE 7 and Firefox 2.0. IE 5.01, IE 6, and Firefox 1.5.0.9 are also affected. The flaw was discovered by Michal Zalewski, and is easily demonstrated on IE7 and Firefox. The vulnerability is not platform-specific, but these demonstrations are — they work only on Windows systems. (Microsoft says that IE7 on Vista is not vulnerable.) From the vulnerability description: "In all modern browsers, form fields (used to upload user-specified files to a remote server) enjoy some added protection meant to prevent scripts from arbitrarily choosing local files to be sent, and automatically submitting the form without user knowledge. For example, '.value' parameter cannot be set or changed, and any changes to .type reset the contents of the field... [in this attack] the keyboard input in unrelated locations can be selectively geared toward input fields by the attacker."

An anonymous reader writes "Mac users wanting to run Vista on their Macintosh, alongside Mac OS X programs, will have to buy an expensive version of Vista if they want to legally install it on their systems. The end-user license agreement for the cheaper versions of Vista (Home Basic and Home Premium) explicitly forbids the use of those versions on virtual machines (i.e., Macs pretending to be PCs)." Update: 02/08 17:50 GMT by KD : A number of readers have pointed out that the Vista EULA does not forbid installing it via Apple's Bootcamp; that is, the "tax" only applies to running Vista under virtualization.

xtracto writes "I just returned from buying certain Linux magazine. While looking at the 'Computing' stand in the library, and right after I grabbed a copy of the Linux magazine, a guy asked me if I used Linux. After that, the man told me he had tried to use Linux, but he had found it difficult. I told him the first things that came to my mind: that it depended on the distribution (he tried Kubuntu). I recommended him to look for a Linux User Group near his hometown (he told me he didn't live near a city). What would you tell these kinds of people? Not so long ago, and to my surprise, a relative who is completely computer illiterate started talking about Linux, but the general thought is that 'it is harder than Windows'. How do you advocate Linux to people who are more comfortable using Windows?"

An anonymous reader writes "According to a report MacScoop has obtained, Apple will charge current users of Mac OS X Tiger for the final version of Boot Camp that will be released at the same time as Mac OS X Leopard, this Spring."