When it comes to net neutrality, can we get along? Google and Verizon, antagonists on the question yet partners in Droid, say yes. The two companies have even teamed up to send the FCC ideas on how to handle network management disputes. 'Google/Verizon say that the Internet should function as an "open platform." That means, to them, that "when a person accesses cyberspace, he or she should be able to connect with any other person that he or she wants to—and that other person should be able to receive his or her message," they write. The 'Net should operate as a place where no "central authority" can make rules that prescribe the possible, and where entrepreneurs and network providers are able to "innovate without permission."'"
nine-times writes "After many years in IT, I've been surprised to notice how much of my traffic is still unencrypted. A lot of businesses that I interact with (both business and personal) are still using unencrypted FTP, and very few people use any kind of encryption for email. Most websites are still using unencrypted HTTP. DNSSEC seems to be picking up some steam, but still doesn't seem to be widely used. I would have thought there would be a concerted effort to move toward encryption for the sake of security, but it doesn't seem to be happening. I wanted to ask the Slashdot community, what do you think the hold up is? Are the existing protocols somehow not good enough? Are the protocols fine, but not supported well enough in software? Is it too complicated to manage the various encryption protocols and keys? Is it ignorance or apathy on the part of the IT community, and that we've failed to demand it from our vendors?"
Barence writes "Microsoft has issued a statement urging people to upgrade their browser to IE8, after the zero-day exploit that was used to attack companies such as Google went public. According to Microsoft's security advisory: 'the vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.' But, although IE6 has been the source of the attacks until now, Microsoft's advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7."
at_slashdot writes "The Perl CPAN Testers have been suffering issues accessing their sites, databases and mirrors. According to a posting on the CPAN Testers' blog, the CPAN Testers' server has been being aggressively scanned by '20-30 bots every few seconds' in what they call 'a dedicated denial of service attack'; these bots 'completely ignore the rules specified in robots.txt.'" From the Heise story linked above: "The bots were identified by their IP addresses, including 65.55.207.x, 65.55.107.x and 65.55.106.x, as coming from Microsoft."
An anonymous reader writes "Interesting video interview on silicon.com with Sheffield University's Noel Sharkey, professor of AI & robotics. The white-haired prof talks state-of-the-robot-nation — discussing the most impressive robots currently clanking about on two-legs (hello Asimo) and who's doing the most interesting things in UK robotics research (something involving crickets apparently). He also voices concerns about military use of robots — suggesting it won't be long before armies are sending out fully autonomous killing machines."
ChiefMonkeyGrinder writes "Key, then, to the Drumbeat project is openness, specifically openness as applied to the Internet. That fits in well with the original impulses behind Mozilla and Firefox. The former was about transforming the Netscape Communicator code into an open source browser, and the latter was about defending open standards from Microsoft's attempt to lock people into Internet Explorer 6 and its proprietary approaches. Both Mozilla and Firefox have succeeded, but the threats have now changed."
carusoj writes "An attack by a Chinese online game provider meant to cripple the servers of its rivals ballooned to cause an Internet outage in much of the country in May, according to police. The escalation began with a distributed denial-of-service attack on a domain registrar that serves many small gaming companies. While the national scale of the effects was unusual, such attacks are common among some small Internet businesses competing to draw customers in China, security researchers say. Police have arrested four people involved in the attack."
Anonymouse writes with this excerpt from SemiAccurate: "Apple keyboards are vulnerable to a hack that puts keyloggers and malware directly into the device's firmware. This could be a serious problem, and now that the presentation and code (PDF) is out there, the bad guys will surely be exploiting it. The vulnerability was discovered by K. Chen, and he gave a talk on it at Black Hat this year (PDF). The concept is simple: a modern Apple keyboard has about 8K of flash memory, and 256 bytes of working RAM. For the intelligent, this is more than enough space to have a field day. ... The new firmware can do anything you want it to. Chen demonstrated code which, when you put in a password and hit return, starts playing back the last five characters typed in, LIFO. It is a rudimentary keylogger; a proof of concept more than anything else. Since there is about 1K of flash free in the keyboard itself, you can log quite a few keystrokes totally transparently."
diegocgteleline.es writes "Valerie Aurora, a Linux file system developer and ex-ZFS designer, has posted an article with great insight on how Btrfs, the file system that will replace Ext4, was created and how it works. Quoting: 'When it comes to file systems, it's hard to tell truth from rumor from vile slander: the code is so complex, the personalities are so exaggerated, and the users are so angry when they lose their data. You can't even settle things with a battle of the benchmarks: file system workloads vary so wildly that you can make a plausible argument for why any benchmark is either totally irrelevant or crucially important. ... we'll take a behind-the-scenes look at the design and development of Btrfs on many levels — technical, political, personal — and trace it from its origins at a workshop to its current position as Linus's root file system.'"
Keldrin_1 writes "Researchers Alfredo Ortega and Anibal Sacco, from Core Security Technologies, have discovered a vulnerability in the 'Computrace LoJack for Laptops' software. This is a BIOS-level application that calls home for instructions in case the laptop is ever lost or stolen. However, what the application considers 'home' is subject to change. This allows the creation of malware capable of 'infecting the BIOS with persistent code that survive reboots and reflashing attempts.' Computers from Dell, Lenovo, HP, Toshiba, Asus, and others may be affected."
Krneki writes "I've been developing monitoring solutions for the last five years. I have used Cacti, Nagios, WhatsUP, PRTG, OpManager, MOM, Perl-scripts solutions, ... Today I have changed employer and I have been asked to develop a new monitoring solution from scratch (5,000 devices). My objective is to deliver a solution that will cover both the network devices, servers and applications. The final product must be very easy to understand as it will be used also by help support to diagnose problems during the night. I need a powerful tool that will cover all I need and yet deliver a nice 2D map of the company IT infrastructure. I like Cacti, but usually I use it only for performance monitoring, since pooling can't be set to 5 or 10 sec interval for huge networks. I'm thinking about Nagios (but the 2D map is hard to understand), or maybe OpManager. What monitoring solution do you use and why?"
duh P3rf3ss3r writes "The BBC is carrying a report from a team of researchers at Newcastle University who claim to have developed a the first 'artificial' human sperm from stem cells. The research, reported in the journal Stem Cells and Development, involved selecting meristematic germ cells from a human embryonic stem cell culture and inducing meiosis, thus producing a haploid gamete. The authors claim that the resulting sperm are fully formed, mature, human sperm cells but the announcement has been greeted with mixed reaction from colleagues who claim the procedure is ethically questionable and that the gametes produced are of inferior levels of maturation."
conspirator23 writes "Jon Hamilton of National Public Radio brings us a story about 'voodoo correlations' in fMRI studies that seek to learn more about emotional states, personality, and social cognition in the human brain. Many of us outside the scientific community have been treated to fascinating images of brain activity and corresponding explanations about how the images reveal which portions of the brain are engaged in certain kinds of thinking. But these images are not actual snapshots; they are visualizations of data generated by repeated scans during experiments. Flaws in the statistical methods used by researchers can result in false images with a variety of inaccuracies. Yet the images produced are so vivid and engaging that even other neuroscientists can be misled by them."
Ken Stanley writes "Just as interest in user-generated content in video games is heating up, a team of researchers at the University of Central Florida has released an experimental multiplayer game in which content items compete with each other in an evolutionary arms race to satisfy the players. As a result, particle system-based weapons, which are the evolving class of content, continually invent their own new behaviors based on what users liked in the past. Does the resulting experience in this game, called Galactic Arms Race, suggest that evolutionary algorithms may be the key to automated content generation in future multiplayer gaming and MMOs?"