CWmike writes "Few tears were shed when alleged spam and malware purveyor McColo was suddenly taken offline last Tuesday by its upstream service providers. But behind the scenes of the McColo case and another recent takedown of Intercage, a ferocious struggle is taking place between the purveyors of Web-based malware and loosely aligned but highly committed groups of security researchers who are out to neutralize them. Backers claim that the effort to shut down miscreant ISPs is needed because of the inability of law enforcement agencies to deal with a problem that is global in nature. But some question whether there is a hint of vigilantism behind the takedowns — even as they acknowledge that there may not be any other viable options for dealing with the problem at this point."

rsiles writes "When security professionals are dealing with huge amounts of information (and who isn't nowadays?), correlation and filtering is not the easiest path (and sometimes enough) to discern what is going on. The in-depth analysis of security data and logs is a time-consuming exercise, and security visualization (SecViz) extensively helps to focus on the relevant data and reduces the amount of work required to reach to the same conclusions. It is mandatory to add the tools and techniques associated to SecViz to your arsenal, as they are basically taking advantage of the capabilities we have as humans to visualize (and at the same time analyze) data. A clear example is the insider threat and related incidents, where tons of data sources are available. The best sentence (unfortunately it is not an image ;) that describes SecViz comes from the author: 'A picture is worth a thousand log entries.'" Read on for the rest of rsiles's review.

Valve has announced that their upcoming horror game Left 4 Dead will have a demo available for play on November 11th. They've also released an impressive four-minute cinematic to show off the game's theme. Left 4 Dead is set to launch on November 18th, and if pre-order numbers are any indication, it will be even more popular than the Orange Box. CVG put together a short survival guide for dealing with those troublesome Infected, and Firing Squad did an interview with Turtle Rock Studios' Michael Booth, in which he mentioned that they want to be able to track stats through Steam so players are able to build a "reputation."

Miah Clayton writes "In the past, installing Mac OS X, Linux, and Windows on an Intel mac meant that you were forced into only having 3 usable partition slots due to the MBR/GPT hybrid limitations. Steven Noonan figured out a way to avoid dealing with the MBR partition limit and have a Linux install that isn't performance-crippled by having a swap file instead of a swap partition."

An anonymous reader writes "After attending DEFCON in August and seeing the overwhelming interest in this book, I was eager to dive into The IDA Pro Book by Chris Eagle. Chris Eagle's team, School of Root, won the 'Capture the Flag' event at DEFCON this year and Chris gave a presentation on CollabREate, a tool that integrates with IDA Pro to allow collaboration in reverse engineering (RE). All of that — together with the fact that the book sold out — screamed that this book should quickly make it to the top of my list." This review originally appeared on The Ethical Hacker Network.

An anonymous reader writes "You can find six new online sources of info about hot topics in modern physics at the 'What We Research' outreach page of Perimeter Institute. The info includes text, graphics and online presentations dealing with Cosmology, Superstring Theory, Quantum Gravity, Quantum Foundations, Quantum Information and Particle Physics. The resource section at the bottom of each page recommends a wealth of interesting online lectures by some famous scientists. PI is an independent, nonprofit scientific research and outreach organization."

couchslug writes in with a Reuters account of a Federal raid on a California-based motorcycle club, the Mongols, on charges "ranging from murder and robbery to extortion, money laundering, gun trafficking and drug dealing." The interesting twist is that the authorities are asking the courts to seize the IP of the biker club — specifically, their trademarked name "Mongols." "Federal agents and police in seven states arrested more than 60 members of the Mongols motorcycle gang on Tuesday in a sweep that also targeted for the first time an outlaw group's 'intellectual property,' prosecutors said. The arrests cap a three-year undercover investigation in which US agents posed as gang members and their girlfriends to infiltrate the group, even submitting to polygraph tests administered by the bikers ... [T]he name 'Mongols,' which appears on the gang's arm patch insignia, was trademarked by the group. The indictment seeks a court order outlawing further use of the name, which would allow any police officer 'who sees a Mongol wearing this patch ... to stop that gang member and literally take the jacket right off his back' ..."

Michael J. Ross writes "Most Web developers are familiar with one or more content management systems (CMSs), and how they can be used to create Web sites more efficiently than by hand. These developers may have deep knowledge of how to install, configure, customize, and extend a CMS. But far more rare is knowledge of how to develop a CMS of one's own, and the programming considerations required to do so successfully. These are the main themes of Martin Brampton's book PHP5 CMS Framework Development." Read below for the rest of Michael's review.

Last week we asked you to submit questions for several Blizzard employees on a wide range of issues. Since we undertook the pilgrimage to Blizzcon in person this year, we decided to use the question ideas as a guide rather than an absolute, so that it could be a little more conversational in tone. Below we have included the responses from Chris Sigaty, lead producer on StarCraft II; Jeffrey Kaplan (aka Tigole), game director for World of Warcraft; Leonard Boyarsky, lead world designer on Diablo III; and Paul Sams, Blizzard's COO. One interesting point: Paul Sams indicated in his interview that, with enough interest, Blizzard would be willing to entertain the idea of open sourcing some of their older games. He suggested that if you are interested in this to contact them directly (please be at least semi-coherent and polite). Update 19:00 by SM: Bob Colayco from Blizzard just contacted us to mention that if users wish to leave feedback about open sourcing games, support for Linux, or anything else you would like to express to them, you should do so in the comments section of this story. They plan on perusing the comments below for user feedback and interest, so don't be shy.

This year's Blizzcon saw 15,000 gamers descend from 27 different countries to take part in two days of discussions, tournaments, and sneak peaks at upcoming releases. Several big announcements were scattered among a raft of new details about Diablo 3, Starcraft 2 and Wrath of the Lich King. The new information went a long way toward drumming up interest for what already appear to be worthy successors to old favorites. Read on for more.

jgoguen writes "Nagios, originally known as Netsaint, has been a long-time favourite for network and device monitoring due to its flexibility, ease of use, and efficiency. Nagios provided, and still provides today, a low-cost, versatile alternative to commercial network monitoring applications. Nagios 3 takes a huge step forward compared to Nagios 2, providing improved flexibility, ease of use and extensibility, all while also making significant performance enhancements. Due to its extensibility and ease of use, no device or situation has yet been found that cannot be monitored using Nagios and a pre-made or custom script, plug-in or enhancement." Read on for the rest of jgoguen's review.

Rock, Paper, Shotgun interviewed Bethesda's Pete Hines about the upcoming release of Fallout 3. He talks about dealing with misunderstandings about the game prior to launch, violence in modern games, and the fact that the game won't launch with mod tools. "Folk probably took for granted that every time we make a game, there's a mod tool. We explained to folk that it takes a lot of time and effort to get that tool ready for release, and it's not on our schedule right now. We need to get the game done and out. ... Right now, we can't say definitively 'there will be mod tools, and here is when they'll be out.' We discussed some Fallout 3 gameplay videos a few weeks ago. That work remains to be done." In related news, Interplay has picked up Chris Taylor, designer of the original Fallout, to help develop their Fallout MMOG.

h4rm0ny writes "Last Friday, staff at the European Patent Office went on strike. They protested outside for several hours and issued a statement claiming that 'the organisation is decentralising and focusing on granting as many patents as possible to gain financially from fees generated.' They also declared this as being disastrous for innovation and that their campaign was not for better wages, but for better quality patents. Meanwhile, an article on it discusses the US's own approach to dealing with the increasing flood of patent applications: a community patent project to help identify prior art. It might sound like a grass-roots scheme, and maybe it is, but those roots include such patent behemoths as IBM. So it looks like on both sides of the Atlantic, some signs of sanity might be emerging in the patent world from those people right in the thick of it." Note, this was a half-day strike, not ongoing.

mikkl666 writes "The Sydney Morning Herald runs an interesting story dealing with a study about email user behavior, explaining how and why email can be a terrible distraction: 'It takes an average of 64 seconds to recover your train of thought after interruption by email. So people who check their email every five minutes waste 8 1/2 hours a week figuring out what they were doing moments before.' Email is also compared to slot machines in the way it works psychologically: 'So with email, usually when I check it there is nothing interesting, but every so often there's something wonderful — an invite out or maybe some juicy gossip — and I get a reward.' There are also some hints offered on how to keep control of the inbox, for those of us already addicted."

The hype leading up to Spore was excessive. But then, so is the scope of the game; following the growth of a species from the cellular level to galactic domination was an ambitious goal, to say the least. Bringing evolution into the realm of entertainment was something Will Wright hoped and gambled he could do after the success of the Sim franchise. But rather than evolution, Spore became more about creation — creation that allows a single-player game to include the community, as well. It ties the various parts of the game together to make Spore very entertaining as a whole. Read on for my thoughts.

CWmike writes "As Hurricane Gustav approaches the US Gulf Coast, IT lessons learned from the devastating Hurricanes Katrina and Rita that smashed New Orleans and other areas in 2005 are on the minds of many worried IT managers. David Avgikos, president of Digimation Inc., a 3-D digital animation software company in St. Rose, Louisiana, said, 'We don't have to be told twice.' Meanwhile, the nation's major cellular network providers say that they too are prepared, having learned from the devastation of Hurricane Katrina. Still, they offer some helpful tips for dealing with what is expected to be a category-three hurricane when it hits: use text vs. calling on your cell phone, and if you use a cordless for your landline, ditch it for a corded model so that it will still work if there are power outages."

Blizzard had a playable demo of StarCraft 2 running at Leipzig, and Kotaku's Michael McWhertor had a chance to sit down and spend some time playing the Zerg. The Zerg weren't available in previous demos; the Protoss and Terran campaigns were showcased earlier. GameSpy took the opportunity to interview two Blizzard employees about what people can expect from the game. Gameplay footage is also available which shows a Terran vs. Zerg battle. Blizzard PR rep Bob Colayco had this to say: "One thing that's new, as you go through the campaign... you know, normally in RTS games how they start you off with a couple of units and then it's like, 'Okay, two missions later we're going to give you tanks...' One of the things we're looking at doing with StarCraft II's campaign is putting the choice more in the players' hands. So maybe you like dealing more with infantry? You can purchase those upgrades and make your marines and other infantry stronger. Or else you'll save up the credits you get from the missions to get tanks sooner than you normally could."

An anonymous reader brings news that the Software Freedom Law Center has published a guide for compliance with the GNU General Public License. The purpose of the guide is to prevent "common mistakes" the SFLC has encountered during its various GPL violation investigations. Their suggestions include close scrutiny of software acquisitions, more precise tracking of changes and updates, and avoiding "build gurus." They also provide tips for dealing with a violation. The full guide is available at the SFLC's website.

You asked Cliff Schmidt, founder and executive director of Literacy Bridge, about charity, education, and the "talking book", and he has answered your questions with a fair amount of detail. Cliff asks that if you are interested in getting involved please don't hesitate to donate either your time or your hard earned cash.

imus writes "Just wondering how most IT shops secure sensitive data (customer records). Most centrally managed databases seem to be monitored and maintained very well and IT workers know when they are tampered with or when unauthorized access occurs. But what about employees who do legitimate selects from these databases and then load CSV files and other text files onto their laptops and PDAs? How are companies dealing with situations where the database is relatively secure, but end-use devices contain bits and pieces of sensitive business data, and sometimes whole segments? Does anyone use sensitive data discovery software such as Find_SSNs or Senf or other tools? Once found, how do you deal with it? Do you force encryption, delete it or prevent extracts?"