Slashdot

goombah99 writes "While on vacation, I occasionally need to check my e-mail on a public terminal. What are some good techniques for avoiding keyloggers? Most of my ideas seem to have major drawbacks. Linux LiveCD can probably avoid software keyloggers, but it requires an invasive takeover of the public terminal, and is generally not possible. Kyps.net offers a free reverse proxy that will decode your password from a one-time pad you carry around, then enter it remotely. But, of course, you are giving them your passwords when you do this. You can run Firefox off a USB stick with various plugins (e.g. RoboForm) that will automatically fill the page in some manner they claim to be invulnerable to keyloggers. If that's true, (and I can't evaluate its security) it's getting close to a solution. Unfortunately, keeping the password file up-to-date is a mild nuisance. Moreover, since it will need to be a Windows executable, it's not possible for people without a Windows machine available to fill in their passwords ahead of time. For my business, I have SecureID, which makes one-time passwords. It's a good solution for businesses, but not for personal accounts on things like Gmail, etc. So, what solutions do you use, or how do you mitigate the defects of the above processes? In particular, how do people with Mac or Linux home computers deal with this?"

An anonymous reader writes "The editor of the Open Document Format standard has written a letter (PDF) that strongly supports recognizing Microsoft's OOXML file format as a standard, arguing that if it fails, ODF will suffer. 'As the editor of OpenDocument, I want to promote OpenDocument, extol its features, urge the widest use of it as possible, none of which is accomplished by the anti-OpenXML position in ISO,' Patrick Durusau wrote. 'The bottom line is that OpenDocument, among others, will lose if OpenXML loses... Passage of OpenXML in ISO is going to benefit OpenDocument as much as anyone else.'"

Hugh Pickens writes "Consumers, regulators, and businesses lack objective tools to compare the incidence of identity theft across financial institutions and without such tools, consumers cannot 'vote with their feet' and choose safer institutions. Now a study by Chris Hoofnagle has analyzed 88,000 complaints submitted by victims to the FTC over a three month period in 2006 and found that Bank of America ranked highest of all firms in the study, with an average of 1,117 incidents over a three-month period. AT&T had 763 incidents, followed by Sprint Nextel, JP Morgan, Chase and its Chase and Bank One, and Capital One. When the estimated events are divided by the total deposits, the data show that HSBC, Washington Mutual, and Bank of America have the highest rates of identity theft. Hoofnagle said lending institutions should publicly report information about identity theft events such as the rate of identity theft; the form of identity theft attempted; whether it was a mortgage loan or credit card; and the amount of loss suffered as a result. would help consumers choose safer financial institutions. The full study(PDF) is available from the Berkeley Center for Law and Technology."

Paul sends us word on a new exploit seen in the wild that attacks Windows systems completely outside of the control of the OS. "Unfortunately, all the Windows NT family (including Vista) still have the same security flaw — MBR [Master Boot Record] can be modified from usermode. Nevertheless, MS blocked write-access to disk sectors from userland code on VISTA after the pagefile attack, however, the first sectors of disk are still unprotected... At the end of 2007 stealth MBR rootkit was discovered by MR Team members (thanks to Tammy & MJ) and it looks like this way of affecting NT systems could be more common in near future if MBR stays unprotected."

kdean06 writes "Brandon Sanderson has been chosen by Tor Books to finish the best-selling Wheel of Time fantasy series by the late Robert Jordan. Harriet, Jordan's widow, chose him after reading his Mistborn series. An interview is also available via Dragonmount.com."

Nobo writes "CCP's latest major patch to the EVE-Online client, Trinity, comes with an optional DX9-enhanced graphics patch that dramatically improves the visual quality of the in-game graphics through remade models, textures, and HDR. It also has an unfortunate bug: the incredibly stupid choice of boot.ini as a game configuration file, coupled with an errant extra backslash in the installer configuration. The result is that anyone who installs the enhanced graphics patch overwrites the windows XP c:\boot.ini file with the EVE client configuration file, bricking the machine on the next boot. Discussion in a couple of forums threads is becoming understandably heated."

TheLink writes "The story about an exploding phone breaking a korean worker's spine and ribs was incorrect:

http://www.smh.com.au/news/technology/exploding-phone-coworker-confesses/2007/11/30/1196037111096.html"
http://www.smh.com.au/news/technology/exploding-phone-coworker-confesses/2007/11/30/1196037111096.html

TheLink writes "Indonesia will not share bird flu virus samples unless richer countries agree to give developing nations control over their use and access to cheap vaccines, a spokeswoman from the nation's health ministry said on Monday (from: New Scientist http://www.newscientist.com/article/dn12961-indonesia-fights-for-rights-to-bird-flu-samples.html )."
http://www.newscientist.com/article/dn12961-indonesia-fights-for-rights-to-bird-flu-samples.html

boaz112358 writes "Mark Cuban, Dallas Mavericks owner, HDNet CEO, and noted gadfly is publishing on his blog that Comcast and other ISPs should block all P2P traffic, because as he says, "As a consumer, I want my internet experience to be as fast as possible. The last thing I want slowing my internet service down are P2P freeloaders." He complains that commercial content distributors instead of paying for their own bandwidth, are leeching off consumers who are paying for the bandwidth. As an alternative distribution method (at least for audio and video), he suggests Google video."

A survey by King Research has found that Ninety percent of IT professionals have concerns using Vista, with compatibility, stability and cost being their key reasons. Interestingly, forty four percent of companies surveyed are considering switching to non-Windows operating systems, and nine percent of those have already started moving to their selected alternative. "The concerns about Vista specified by participants were overwhelmingly related to stability. Stability in general was frequently cited, as well as compatibility with the business software that would need to run on Vista," said Diane Hagglund of King Research.

babyshiori writes "Users of Microsoft Windows Vista can rejoice in the fact that Microsoft just released a preview of the Windows Vista Service Pack 1 Release Candidate! The build is the lead-up to the actual service pack, which will be made available to even more testers at a later date. 'In our early tests with the beta, we saw some small improvements in boot time on an HP Compaq 8710p Core 2 Duo notebook. Before SP1, the laptop took 1 minute, 51 seconds to boot. After the update, that figure dropped by almost 20 seconds. Microsoft is also touting improvements in "the speed of copying and extracting files," so we tested a few of those scenarios. We noted a slight increase in the time required to copy 562 JPEG images totaling 1.9GB from an SD Card to the hard drive of the aforementioned HP Compaq notebook.'"

CRISTAROL writes "Comcast has been sued by a California resident for blocking BitTorrent and other traffic. 'John Hart describes himself as a Comcast customer who has seen performance hits when using "Blocked Applications" targeted by Comcast's traffic management application, Sandvine. In his complaint, Hart says that Comcast severely limits "the speed of certain internet applications such as peer-to-peer file sharing and lotus notes [sic]." Comcast accomplishes this by "transmitting unauthorized hidden messages" to the PCs of those using the applications.' The lawsuit comes on the heels of an FCC complaint over the same issue."

The regular Game Mag Weasling column at the blog GameSetWatch usually runs down the contents of publications that recently hit the newsstands. This week, blogger Kevin Gifford tackles the thorny subject of falling subscriptions as they apply to game magazines. He references a discussion of falling subscriptions in the magazine publishing industry at large, which notes that a metric just as important as real subscribers is the number of readers-per-copy. Re-reading among friends and the appearance of a magazine in a doctor's office is another important factor to consider in a magazine's success. "Game Informer's [readers-per-copy] audience is 'only' about 68% larger than EGM's, despite having over four times the paid circulation. If you put enough credence to the numbers, it means that GameStop is spending a lot of money printing, mailing, and distributing those two million-odd copies of GI each month, yet not being as efficient in attracting an audience with those printed copies as EGM and GamePro is."

iritant writes "As we were discussing, Gran Paradiso — the latest version of Firefox — is nearing release. Gran Paradiso includes a form of malware protection that checks every URL against a known list of sites. It does so by sending each URL to Google. In other words, if people enable this feature, they get some malware protection, and Google gets a wealth of information about which sites are popular (or, for that matter, which sites should be checked for malware). Fair deal? Not to worry — the feature is disabled by default."

The Telegraph is reporting on efforts by PC manufacturers to give customers buying systems pre-installed with Windows Vista a much-sought way to downgrade to Windows XP. ( A few months back we discussed Microsoft's similar concession for corporate customers.) "It took took five years and $6 billion to develop, but Microsoft's Vista operating system, which was launched early this year, has been shunned by consumers — with computer manufacturers taking the bizarre step of offering downgrades to the old XP version of Windows."