Ian Lamont writes "A security researcher calling himself porkythepig has published attack code that can supposedly brick most HP and Compaq laptops. The exploit uses an ActiveX control in HP's Software Update. It would 'let an attacker corrupt Windows' kernel files, making the laptop unbootable, or with a little more effort, allow hacks that would result in a PC hijack or malware infection.' The same researcher last week outlined a batch of additional vulnerabilities in HP and Compaq laptops, for which HP later issued patches."

Invisible Pink Unicorn writes "University of Toronto researchers have uncovered widespread misinformation in videos on YouTube related to vaccination and immunization. In the first-ever study of its kind, they found that over half of the 153 videos analyzed portrayed childhood, HPV, flu and other vaccinations negatively or ambiguously. They also found that videos highly skeptical of vaccinations received more views and better ratings by users than those videos that portray immunizations in a positive light. According to the lead researcher, 'YouTube is increasingly a resource people consult for health information, including vaccination. Our study shows that a significant amount of immunization content on YouTube contradicts the best scientific evidence at large. From a public health perspective, this is very concerning.' An extract from the Journal of the American Medical Association is available online."

An anonymous reader alerts us to a story out of Israel in which Google (its Israeli subsidiary) gave up the IP address of a Blogger user without being compelled to do so by a court. A preliminary ruling was issued in which a court indicated that the slander the blogger was accused of probably rose to the level of a criminal violation. Google Israel then made a deal with the plaintiffs, local city councilmen whom the blogger had been attacking for a year. Google disclosed the IP address only to the court, which posted a message (Google says the anonymous blogger got it) inviting him/her to contest the ruling anonymously. When no response was received within 3 days, Google turned over the IP address to the plaintiffs' lawyers.

Anenome writes "Google has a track record of buying startups and integrating them into its portfolio. But sometimes those acquisitions go terribly wrong, as Ars Technica argues has been the case with Google's 2005 purchase of web-analytics firm Urchin Software Corp. 'In the wake of Google's purchase of the company, inquiring customers (including Ars Technica) were told that support and updates would continue. Companies that had purchased support contracts were expecting version 6 any day, including Ars. What really happened is this: Google focused its attention on Google Analytics, put all updates to Urchin's other products on the back burner, and rolled out a skeleton support team. Everyone who forked over for upgrades via a support contract never got them, even though things weren't supposed to have changed. The support experience has been awful. Since the acquisition, we have had two major issues with Urchin, and neither issue was solved by Google's support team. In fact, with one issue, we were helped up until the point it got difficult, and then the help vanished. The support team literally just stopped responding.'"

stry_cat submitted a story about selecting a good DNSBL. It talks about some of the problems with DNS blacklists and the sorts of things that you should be looking for. Things like Speed, Selection Criteria, and Goals make the list. And of course not requiring payment to be removed from the blacklist.

amigoro writes "A court in Germany today banned Google from using the name 'Gmail' for its popular webmail service following a trademark suit filed by the founder of G-Mail. Daniel Giersch, started using the name G-Mail in 2000, four years before Google released 'Gmail'. "Google infringed the young businessman's trademark that had been previously been registered," said the Hanseatic Higher Regional Court in its judgement."

J Tomas writes "Google has quietly made its first anti-malware acquisition, snapping up GreenBorder Technologies, a venture-backed company that sells browser virtualization security software. GreenBorder's software creates a DMZ (demilitarized zone) between the Windows desktop and programs downloaded from Web pages or opened from e-mail messages in Microsoft Outlook. The early speculation is that Google will add the sandbox technology to the Google Toolbar or release a rebranded version as a standalone download."

An anonymous reader writes "The New York Times is covering FTC interest in Google's purchase of the DoubleClick service. The investigation is in response to privacy group concerns over the amount of information Google will have available to it via its ad service and DoubleClick. Between a few days and a week from now the FTC should either declare the all clear, or elevate the process to a 'second request' stage. That would indicate more serious issues the federal body has an interest in. Google stated it was confident the purchase would hold up under scrutiny. 'In the complaint, the groups noted that Google collects the search histories of its users, while DoubleClick tracks what Web sites people visit. The merger, according to their complaint, would give one company access to more information about the Internet activities of consumers than any other company in the world.'"

An anonymous reader writes "The BBC is running a piece noting that the EU is scrutinizing Google's privacy policy this month. The company's policy of keeping search information on their servers for up to two years may be violating EU privacy laws. A data protection group that advises the European Union has written to the search giant to express concerns. The EU has a wide range of privacy protections that set limits to what information corporations may collect and what they may or may not do with it. In the US on the other hand privacy laws generally cover government actions while the business sector remains largely unregulated. Is it perhaps time to follow the European example and extend privacy laws to include corporations?"

prostoalex writes "At the annual shareholder meeting, Google put forth for voting a proposal for the company not to engage in self-censorship, resist by all legal means the demands to censor information, inform the user in case their information was provided to the government, and generally not to store sensitive user data in the countries with below average free speech policies. As this proposal, if passed, would effectively mean the end of Google's China operations, the shareholders rejected the document at the recommendation of the Board of Directors."

An anonymous reader writes "Google's motto is "Don't Be Evil" — but they sure have an evil non-disclosure agreement! In order to be considered for employment there, you must sign an agreement that forbids you to 'mention or imply the name of Google' in public ever again. Further, you can't tell anyone you interviewed there, or what they offered you, and you possibly sign away your rights to reverse-engineer any of Google's code, ever. And this NDA never expires. Luckily, someone has posted excerpts from the NDA before he signed it and had to say silent forever." At the bottom of the posting are links to a few other comments on the Web about Google's NDA, including a ValleyWag post that reproduces it in its entirety.

food4thought writes "The Economic Times reports that Orkut has signed a pact with Indian Cyber Crime Cell. They have now pledged to block any 'defamatory or inflammatory content', or hand over IP address information to police if asked.' Deputy Commissioner of Police (enforcement) Sanjay Mohite said the pact means they do not have to go through the lengthy process of asking the Central government to communicate with Orkut. The practice so far has been to first send a request to the Centre's computer emergency response team in New Delhi. This team processes the request through its channels and even if a forum is finally blocked, the "culprits" still remain untraceable as no IP addresses can be obtained ... "Now we can do away with the process and not just directly ban content but also obtain details of IP addresses and service providers quickly," Mohite said.' How long before we see these 'informal arrangements' elsewhere?"

whoever57 writes "Forbes has up an article on the consequences of being dumped into a claimed 'supplemental index', also known as 'Google Hell'. It uses the example of Skyfacet, a site selling diamonds rings and other jewelery, which has dropped in Google's rankings and saw a $500,000 drop in revenue in only three months after the site owner paid a marketing consultant to improve the sites. The article claims that sites in the supposed 'supplemental index' may be visited by Google's spiders as infrequently as once per year. The problem? Google's cache shows that Google's spiders visited the site ss recently as late April. 'Google Hell is the worst fear of the untold numbers of companies that depend on search results to keep their business visible online. Getting stuck there means most users will never see the site, or at least many of the site's pages, when they enter certain keywords. And getting out can be next to impossible--because site operators often don't know what they did to get placed there.'"

An anonymous reader writes passed us a link to a PC World article about attempts by Google to curb malicious ads via their popular service. The article is somewhat bleak, though, because researchers see the fix as nothing more than temporary. "'Search engines are just too easy a target for bad guys,' says Roger Thompson of Exploit Security Labs. On April 25, Exploit Prevention Labs reported that malware distributors were using advertisements placed via Google's automated AdWords system to infect unsuspecting end-users with spyware designed to capture bank login user names and passwords."

An anonymous reader noted that "Google has released its internally developed enhancements to MySQL to the open source community this week. Changes include improvements in replication, high availability configuration, and performance." It'll be interesting to see if the changes they made are of interest to other places using MySQL.