snitch writes "Last week Mozilla released Bespin, their web-based framework for code editing, and only a few days later Boris Bokowski and Simon Kaegi implemented an Eclipse-based Bespin server using headless Eclipse plug-ins. With the presentation of the web-based Eclipse workbench at EclipseCon and the release of products like Heroku, a web-based IDE and hosting environment for RoR apps, it seems that web-based IDEs might soon become mainstream."

sturgeon and other readers let us know that Arbor Networks has released their annual survey of tier-1 / tier-2 ISP security engineers. This year they got responses from 70 lead engineers. While DDoS attacks are reaching new heights of backbone-crushing traffic — 40 Gbps was seen this past year — the insiders are also worried about emerging threats to DNS and BGP. The summary notes that "Most believe that the DNS cache poisoning flaw disclosed earlier this year was poorly handled and increased the danger of the threat," but doesn't spell out what a better way of handling it might have been. All in all, the ISPs sound a bit pessimistic — one says "fewer resources, less management support, and increased workload." You can request the full PDF report here, but it will cost you contact information. In related news, an anonymous reader passes along a survey by Secure Computing of 199 international security experts and other "industry insiders" from utilities, oil and gas, financial services, government, telecommunications, transportation and other critical infrastructure industries. They are worried too.

Glenn Fleishman writes "The reports earlier today on WPA's TKIP key type being cracked were incorrect. I spoke at length with Erik Tews, the joint author of the paper that discloses a checksum weakness in TKIP that allows individual short packets to be decrypted without revealing the TKIP key. I wrote this up for Ars Technica with quite a bit of background on WEP and WPA. Tews's paper, co-written with Martin Beck, whom he credits as discovering and implementing a working crack (in aircrack-ng as a module), describes a way to use a backwards-compatible part of TKIP to exploit a weakness that remains from WEP. ARP packets and similarly short packets can be decoded. Longer packets are likely still safe, and TKIP hasn't been cracked. Don't believe the hype, but the exploit is still notable."

sparky1240 writes "While Americans are currently fighting the net-neutrality wars, spare a thought for the poor Australians — The Australian government wants to implement a nation-wide 'filtering' scheme to keep everyone safe from the nasties on the internet, with no way of opting out: 'Under the government's $125.8 million Plan for Cyber-Safety, users can switch between two blacklists which block content inappropriate for children, and a separate list which blocks illegal material. ... According to preliminary trials, the best Internet content filters would incorrectly block about 10,000 Web pages from one million."