Please create an account to participate in the Slashdot moderation system


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Interviews: Ask Florian Mueller About Software Patents and Copyrights 187

Florian Mueller is a blogger, software developer and former consultant who writes about software patents and copyright issues on his FOSSPatents blog. In 2004 he founded the NoSoftwarePatents campaign, and has written about Microsoft's multi-billion-dollar Android patent licensing business and Google's appeal of Oracle's Android-Java copyright case to the Supreme Court. Florian has agreed to give us some of his time in order to answer your questions. As usual, ask as many as you'd like, but please, one per post.

Facebook and Microsoft Disclose Government Requests For User Data 140

wiredmikey writes "Facebook and Microsoft say they received thousands of requests for information from U.S. authorities last year but are prohibited from listing a separate tally for security-related requests or secret court orders related to terror probes. The two companies have come under heightened scrutiny since reports leaked of a vast secret Internet surveillance program U.S. authorities insist targets only foreign terror suspects and is needed to prevent attacks. Facebook said Friday it had received between 9,000 and 10,000 requests for user data affecting 18,000 to 19,000 accounts during the second half of last year and Microsoft said it had received 6,000 to 7,000 requests affecting 31,000 to 32,000 accounts during the same period." Meanwhile, an article at the Guardian is suggesting the government may have better targets to pursue than Edward Snowden. "[U.S. director of national intelligence James Clapper] has come out vocally to condemn Snowden as a traitor to the public interest and the country, yet a review of Booz Allen's own history suggests that the government should be investigating his former employer, rather than the whistleblower."
Open Source

Patenting Open Source Software 60

dp619 writes "The tactic of patenting open source software to guard against patent trolls and the weaponization of corporate patent portfolios is gaining momentum in the FOSS community. Organizations including the Open Innovation Network, Google and Red Hat have built defensive patent portfolios (the latter two are defending their product lines). This approach has limitations. Penn State law professor Clark Asay writes in an Outercurve Foundation blog examining the trend, 'Patenting FOSS may help in some cases, but the nature of FOSS development itself may mean that patenting some collaboratively developed inventions is inherently more difficult, if not impossible, in many others. Consequently, strategies for mitigating patent risk that rely on FOSS communities patenting their technologies include inherent limitations. It's not entirely clear how best to reform patent law in order to better reconcile it with alternative models of innovation. But in the meantime, FOSS still presents certain advantages that, while dimmed by the prospect of patent suits, remain significant.'"

Microsoft Reads Your Skype Chat Messages 275

An anonymous reader writes "A Microsoft server accesses URLs sent in Skype chat messages, even if they are HTTPS URLs and contain account information. A reader of Heise publications notified Heise Security (link to German website, Google translation). They replicated the observation by sending links via Skype, including one to a private file storage account, and found that these URLs are shortly after accessed from a Microsoft IP address. When confronted, Microsoft claimed that this is part of an effort to detect and filter spam and phishing URLs."

Automated DMCA Takedown Notices Request Censorship of Legitimate Sites 192

Techmeology writes "Microsoft has sent automated DMCA notices to Google demanding the removal of several legitimate URLs from its search results that Microsoft claims were facilitating the distribution of illegal copies of Windows 8, including links to BBC news articles, Wikipedia pages, U.S. government websites, and even Bing! The erroneous DMCA notices are being sent automatically by rights holders, who are increasingly using such techniques."

Microsoft: Macs 'Not Safe From Malware, Attacks Will Increase' 290

An anonymous reader writes "Microsoft researchers have analyzed a new piece of Mac malware that uses a multi-stage attack similar to typical Windows malware infection routines. In a post titled 'An interesting case of Mac OSX malware' the Microsoft Malware Protection Center closed with this statement: 'In conclusion, we can see that Mac OSX is not safe from malware. Statistically speaking, as this operating system gains in consumer usage, attacks on the platform will increase. Exploiting Mac OSX is not much different from other operating systems. Even though Mac OSX has introduced many mitigation technologies to reduce risk, your protection against security vulnerabilities has a direct correlation with updating installed applications.'"

FTC Attorney Joins Microsoft 123

inode_buddha writes "Randall Long, a senior attorney who led several antitrust investigations against Google, has been hired by Microsoft. From the article: 'The software giant told the Wall Street Journal yesterday that it hired Randall Long, an official at the FTC's Bureau of Competition. When he joins the software giant at the end of the month, Long will head up Microsoft's regulatory affairs division in Washington. Long was involved in FTC reviews of Google's acquisitions of both DoubleClick and AdMob. According to the Journal's unnamed sources, Long was especially outspoken about Google's AdMob acquisition, saying that the FTC should challenge the deal. His reservations were eventually set aside and the deal was approved in 2010.'"

OpenStack Ditches Microsoft Hyper-V 73

judgecorp writes "The OpenStack open source cloud project has removed Hyper-V from its infrastructure as a service (IaaS) framework, saying Microsoft's support for its hypervisor technology is 'broken.' This will embarass Microsoft, as major partners such as Dell and HP support OpenStack, along with service providers such as Internap." Adds reader alphadogg, this "means the code will be removed when the next version of OpenStack, called Essex, is released in the second quarter."

Microsoft Pushes For Gay Marriage In Washington State 678

New submitter plsenjy writes "An article in the Atlantic outlines how Microsoft Corp. has submitted its support for a Washington State provision allowing gay couples to marry. Citing the company's inability to compete for top talent in the face of discrimination, Microsoft joins other firms such as Nike and Vulcan to effectively change moral policy from the top-down."

Jerry Yang Resigns From Yahoo 123

PattonPending writes "It seems that the long tenure of Jerry Yang at Yahoo has ended. Yahoo's board released a letter that Yang wrote announcing his retirement, saying, in part: 'My time at Yahoo!, from its founding to the present, has encompassed some of the most exciting and rewarding experiences of my life. However, the time has come for me to pursue other interests outside of Yahoo! As I leave the company I co-founded nearly 17 years ago, I am enthusiastic about the appointment of Scott Thompson as Chief Executive Officer and his ability, along with the entire Yahoo! leadership team, to guide Yahoo! into an exciting and successful future.'"
The Courts

Paul Allen Files Patent Suit Against Apple, Google, Yahoo, Others 219

mewshi_nya writes "A firm run by Microsoft co-founder Paul Allen filed suit alleging 11 technology companies are violating patents developed at a Silicon Valley lab that Allen financed more than a decade ago. Named in the lawsuit: Apple, Google, AOL, eBay, Facebook, Netflix, Office Depot, OfficeMax, Staples, Yahoo and Google's YouTube subsidiary. The suit doesn't name Microsoft, or other tech companies in Seattle where Allen is based, and it doesn't estimate a damage amount. The suit lists violations of four patents (PDF) for technology that appear to be key components of the operations of the companies — and that of e-commerce and Internet search companies in general."

Windows DLL Vulnerability Exploit In the Wild 178

WrongSizeGlass writes "Exploit code for the DLL loading issue that reportedly affects hundreds of Windows applications made its appearance on Monday. HD Moore, the creator of the Metasploit open-source hacking toolkit, released the exploit code along with an auditing tool that records which applications are vulnerable. 'Once it makes it into Metasploit, it doesn't take much more to execute an attack,' said Andrew Storms, director of security operations for nCircle Security. 'The hard part has already been done for [hackers].'"

When Is It Right To Go Public With Security Flaws? 126

nk497 writes "When it comes to security flaws, who should be warned first: users or software vendors? The debate has flared up again, after Google researcher Tavis Ormandy published a flaw in Windows Support. As previously noted on Slashdot, Google has since promised to back researchers that give vendors at least 60-days to sort out a solution to reported flaws, while Microsoft has responded by renaming responsible disclosure as 'coordinated vulnerability disclosure.' Microsoft is set to announce something related to community-based defense at Black Hat, but it's not likely to be a bug bounty, as the firm has again said it won't pay for vulnerabilities. So what other methods for managing disclosures could the security industry develop, that balance vendors need for time to develop a solution and researchers' needs to work together and publish?"

SFLC Wants To Avoid Death by Code 247

foregather writes "The Software Freedom Law Center has released some independent research on the safety of software close to our hearts: that inside of implantable medical devices like pacemakers and insulin pumps. It turns out that nobody is minding the store at the regulatory level and patients and doctors are blocked from examining the source code keeping them alive. From the article: 'The Food and Drug Administration (FDA) is responsible for evaluating the risks of new devices and monitoring the safety and efficacy of those currently on market. However, the agency is unlikely to scrutinize the software operating on devices during any phase of the regulatory process unless a model that has already been surgically implanted repeatedly malfunctions or is recalled. ... Despite the crucial importance of these devices and the absence of comprehensive federal oversight, medical device software is considered the exclusive property of its manufacturers, meaning neither patients nor their doctors are permitted to access their IMD's source code or test its security.'"

Mass SQL Injection Attack Hits Sites Running IIS 288

Trailrunner7 writes "There's a large-scale attack underway that is targeting Web servers running Microsoft's IIS software, injecting the sites with a specific malicious script. The attack has compromised tens of thousands of sites already, experts say, and there's no clear indication of who's behind the campaign right now. The attack, which researchers first noticed earlier this week, already has affected a few high-profile sites, including those belonging to The Wall Street Journal and The Jerusalem Post. Some analyses of the IIS attack suggest that it is directed at a third-party ad management script found on these sites."

"Spock, did you see the looks on their faces?" "Yes, Captain, a sort of vacant contentment."