KrispyRasher writes "Even internally, Microsoft couldn't agree on what the base requirements to run Vista were, but that didn't stop it from inaccurately promoting the OS as running on some hardware. 158 pages of Microsoft internal emails reveal scandalous truths about the squabbles that took place in the lead up to Vista's launch."

willdavid writes "Paul McDougall reports in InformationWeek on Microsoft's new online comic. The Heroes Happen Here comic strips are being created by Jordan Gorfinkel, a former DC Comics editor who helped revitalize the Batman series. 'Tech workers who in the middle of the night fix a downed server or take on a computer virus don't really have extraordinary powers. It just seems that way. But a new comic book has debuted in which IT pros literally are superheroes. The daily Web comic, called Heroes Happen Here, features tech savvy crime fighters like Lord Firewall, who "stands between chaos and order" and says things like "begone vermin!"'" And because it's never easy, in order to read the archives of the comic you're going to need to install Microsoft's Silverlight.

Geoffrey.landis writes "Microsoft apologized to rival software vendor Corel Corp. for saying that Corel's file format posed a security risk, and issued a set of tools to unblock file types that had been blocked by default in the December Office 2003 service pack. In his blog on the Microsoft site, David Leblanc says 'We did a poor job of describing the default format changes.' He goes on to explain, 'We stated that it was the file formats that were insecure, but this is actually not correct. A file format isn't insecure — it's the code that reads the format that's more or less secure.' As noted by News.com, 'it is the parsing code that Office 2003 uses to open and save the file types that is less secure.' Larry Seltzer at pcmag.com also blogs the story."

SirLurksAlot sends us to Ars Technica for an article about the Warner Music Group's decision to allow DRM-free music downloads through Amazon. This reversal of Warner's former position has been underway for some time, and it boosts the number of DRM-free songs available from Amazon to 2.9 million. Quoting: "Warner's announcement says nothing about offering its content through other services such as iTunes, and represents the music industry's attempt to make life a bit more difficult for Apple after all the years in which the company held the keys to music's digital kingdom.

An anonymous reader noted a fun follow up to the Star Trek Home Theater we disussed not that long ago. "A retired naturalist thought that her cellar would be a great Batcave, and transformed it into the ultimate home theater. That's right, a Batcave themed home theater created by New Hampshire-based installer DC Audio Video Systems. The set-up includes prop bats which hang from above, a motorized 110 16:9 Stewart Electriscreen, Triad Silver THX Speakers, and a Sony G90, a $36,000 commercial 1080p 2500 x 2000 CRT projector. The room also features eight black, motorized leather recliners and a LiteTouch LC5000 System for Lighting Control." Update 18:16 GMT by SM: updated link to the original story.

An anonymous reader sends us to The Register for this security news. The problem is compounded by the fact that some of the most popular Web development tools for generating SWF produce files containing the recently disclosed vulnerabilities. "Researchers from Google have documented serious vulnerabilities in Adobe Flash content which leave thousands of websites susceptible to attacks that steal the personal details of visitors. A web search reveals more than 500,000 vulnerable applets on major corporate, government and media sites. Removing the vulnerable content will require combing through website directories for SWF files and then testing them one by one. Updates in the Adobe software that renders SWF files in browsers are also likely, but they probably wouldn't quell the threat completely... No patch in sight from Adobe, that's the price to pay for depending on proprietary solutions."

Takichi writes "A federal judge in Vermont has ruled that prosecutors can't force the defendant to divulge his PGP passphrase. The ruling was given on the basis that the passphrase is protected under the 5th amendment to the United States Constitution (protection against self-incrimination)." The question comes down to, is your password the contents of your brain, or the keys to a safe.

Lost_my_regs writes "I had a .com domain name relevant only to me, no legal trademark, registered and hosted at a provider that went bust. When attempting to re-host the domain I discovered, to my unpleasant surprise, that the domain is now registered by a domain farming company (name removed). My question is: Is there any way to claim back my domain?"

mlimber sends us to the NYTimes for a story about flying people who jump from planes or other high locations wearing a wing suit akin to a flying squirrel's. Their efforts have potential military and Xtreme sports applications. The story profiles, with video, one guy who wants to be the first to jump from a plane and land without a parachute (and live). Here's a YouTube video of another of these fliers skimming six feet above skiers in the Swiss Alps. Quoting: "Modern suit design features tightly woven nylon sewn between the legs and between the arms and torso, creating wings that fill with air and create lift, allowing for forward motion and aerial maneuvers while slowing descent. As the suits, which cost about $1,000, have become more sophisticated, so have the pilots. The best fliers, and there are not many, can trace the horizontal contours of cliffs, ridges and mountainsides."

Joanna Karczmarek sends us news of a massive privacy breach in the Government of Canada passport website. "A security flaw in Passport Canada's website has allowed easy access to the personal information — including social insurance numbers, dates of birth and driver's license numbers — of people applying for new passports. ... The breach was discovered last week by an Ontario man completing his own passport application. He found he could easily view the applications of others by altering one character in the Internet address displayed by his Web browser."

An anonymous reader writes "The rumor mill is already raging over the potential functionality and capacity for Google's online storage service we talked about earlier this week (the company says 'it makes sense' to put all its Web apps under the same umbrella). But Internet rights advocates are now crying foul over liability issues, a probable lack of encryption and a cash-cow model that could scan all your personal data for advertising keywords. From the article: "'Google would be wise to offer users an option to encrypt your information,' says Nimrod Kozlovski, a professor of Internet law at Tel Aviv University. 'It really needs to have really detailed explanations of what the legal expectations are for storing your info.'""

d0ida writes on the continuing troubles at the OLPC Association. Adding to the recent difficulties — the BBC has picked up the litany — a US-based, Nigerian-owned company has now filed a patent-infringement lawsuit against OLPC. Lagos Analysis Corp. claims that OLPC "made unauthorized use of LANCOR's multilingual keyboard technology invention in XO laptops." The suit was filed in Lagos.

netbuzz writes "First we learn from Bruce Schneier that the NSA may have left itself a secret back door in an officially sanctioned cryptographic random-number generator. Now Adi Shamir is warning that a math error unknown to a chip makers but discovered by a tech-savvy terrorist could lead to serious consequences, too. Remember the Intel blunder of 1996? 'Mr. Shamir wrote that if an intelligence organization discovered a math error in a widely used chip, then security software on a PC with that chip could be "trivially broken with a single chosen message." Executing the attack would require only knowledge of the math flaw and the ability to send a "poisoned" encrypted message to a protected computer, he wrote. It would then be possible to compute the value of the secret key used by the targeted system.'"

teknopurge writes "Apparently Hushmail has been providing information to law enforcement behind the backs of their clients. Billed as secure email because of their use of PGP, Hushmail has been turning over private keys of users to the authorities on request. 'DEA agents received three CDs which contained decrypted emails for the targets of the investigation that had been decrypted as part of a mutual legal assistance treaty between the United States and Canada. The news will be embarrassing to the company, which has made much of its ability to ensure that emails are not read by the authorities, including the FBI's Carnivore email monitoring software.'"