Fred writes, "HNS is running a story about Web 2.0 and the new attack vectors it opens up. Worms of the Yamanner, Samy, and Spaceflash types are exploiting client-side AJAX frameworks, providing new avenues of attack and compromising confidential information. On the server side, XML-based Web services are providing distributed application access through Web services interfaces and opening up new vulnerabilities in the process." The article is spread over 6 short pages and there is no printer-friendly URL.

Gamasutra has up an article, their latest in the 'Analyze This' series, exploring whether gamers are really clamoring for the HD era ... or if the only people looking forward to HD gaming are the game makers. All three analysts seem to think HD is very important, but with varying levels of fervency. From the article: "On the Nintendo front, Nintendo has sacrificed graphics that can be viewed by the minority for a price that can benefit the majority. So, no, I don't think that they've made a mistake in the short run. Over the long run, we'll have to see: If HDTV adoption rates accelerate, the differences between the Wii and the Xbox 360 and PS3 may become more important, and it may end up that sell-through of the Wii begins to decline. That's a couple of years away, and my crystal ball isn't quite that clear."

Ravi writes "It is a fact that GNU/Linux has grown from a hackers operating system to be a viable alternative to any commercial proprietary operating system. And the plethora of books on Linux that are being published underlines the popularity of this OS. There are hundreds of flavors of Linux distributions — some of them more popular than the others. Ubuntu Linux is one such distribution which has caught the fancy of many Linux enthusiasts and which enjoys the number one position in the popularity rating chart." Read the rest of Ravi's review.

The Illinois court that told Spamhaus to stop blocking the spammer filing suit against them — an order which Spamhaus ignored — is now considering ordering ICANN to pull Spamhaus's domain records. While Gadi Evron, whose blog posting is linked above, urges everyone to beat the judge with a clue stick, a guest writer on his blog counsels much greater restraint. Anti-spam lawyer Matthew Prince explains how Spamhaus got into its current pickle — apparently by following conflicting legal advice at two points in the process — and what they might have to do to get out. One spamfighter of my acquaintance says that Spamhaus's SBL and XBL blocklists knock out 75% of the spam at his servers before it hits and requires more CPU-intensive filtering. If ICANN is ordered to unplug Spamhaus from the DNS, and does so, is the Net prepared to deal with a 4-fold increase in spam hitting MTAs overnight?

The New York Times is running a long piece by Steven Johnson, author of "Everything Bad Is Good For You." In 'The Long Zoom', Johnson describes just what is so special about Will Wright's Spore . From the article: "Despite the fictions, many of the themes of Spore are immensely valuable ones, particularly in an age of environmental crisis: the fragility of life, the connection between micro- and macro- scales, the complex networks of ecosystems and food webs, the impact of new technology on social systems. Spore's players will get to experience firsthand how choices made on a local scale -- a single creature's decision to, say, adopt an omnivorous lifestyle -- can end up having global repercussions. They will detect similarities between one level of the game and another, the complex balancing act of global trade mirroring the complex balancing act of building a sustainable environment. And traveling through a simulated universe, from cells to constellations, will, ideally, make them more curious about the real-world universe they already inhabit -- and show them that they have the power to shape that universe as well."

jcatcw writes, "Scot Finnie continues his love — hate relationship with Windows Vista. He installed the latest beta, RC2, on three machines. First problem: drivers — too many of them that should be available just aren't. User Access Control remains annoying and Vista's Software Protection Platform puts antipiracy above user security. Software compatibility is still in need even at this late date. However, previous problems with the Media Center were absent." And turnitover writes to point us to PC Mag's RC2 review. Their bottom line is that they expect an RC2+ or even an RC3 before it goes final. Here is PC Mag's slide show.

Update: 10/09 19:33 GMT by kd : michigano writes: "This late in the game and Microsoft has pulled firewire support from their OS! No one knows if its permanent."

Arian writes "Phantom Entertainment (formally Infium Labs) are set to finally release their first product after years of investors trust and years on John Public's distrust. The product is the Phantom Lapboard, a wireless keyboard/mouse combo designed so you can frag from the comfort of your couch. It is designed to work with the upcoming Phantom Game Service, if and when the service is released. Preorders for the Lapboard are available on the Phantom Entertainment website. It is due out in November, at a full retail price of $129.99.

An anonymous reader writes, "Microsoft plans to push out Internet Explorer 7 as a 'high priority update' when it ships security patches tomorrow, according to Washingtonpost.com's Security Fix blog. That means anyone who has Windows configured to download and install patches automagically from Redmond will be greeted with IE7 next time they boot up their machines. In related news, it appears IE's worldwide market share actually increased a couple of points since July, despite a number of high profile zero-day attacks this year." The article notes that the IE7 "containment wall" protected mode will not be available on XP, but only to those who purchase Vista.

Update: 10/09 21:26 GMT by kd : An anonymous reader points to this Microsoft blog posting where it is revealed that the article linked above is incorrect. IE7 will not be pushed tomorrow.

Alex Pontin writes, "This article from the BBC shows how vulnerable XP Home really is. Using a highly protected XP Pro machine running VMWare, the BBC hosted an unprotected XP Home system to simulate what an 'average' home PC faces when connected to the internet." From the article: "Seven hours of attacks: 36 warnings that pop-up via Windows Messenger. 11 separate visits by Blaster worm. 3 separate attacks by Slammer worm. 1 attack aimed at Microsoft IIS Server. 2-3 "port scans" seeking weak spots in Windows software." The machine was attacked within seconds of being connected to the Internet, and at no time did more than 15 minutes elapse between attacks.

alphadogg writes "If everyone started watching '24' or 'CSI' on video iPods or streamed over the Internet — instead of on TV in their living rooms — these top-rated shows would probably go the way of 'Cop Rock.' This is because Nielsen Media Research cannot collect data about what people watch on handheld video-viewing gadgets or from PCs streaming network TV shows. While Nielsen estimates around 90% of TV viewing still happens in homes, it's this burgeoning 10% that TV networks and advertisers are desperate to delve into." Note that this story is obnoxiously spanning 6 pages. For a publication named "Network World" you'd think they'd know better.

Baldrson writes "Within the first week of the announcement of The Netflix Prize a team has already beaten Netflix's own movie recommendation algorithm. This is pretty impressive given the previously quoted researcher who said: 'You're competing with 15 years of really smart people banging away at the problem.' The team is WXYZConsulting.com apparently registered by a data mining professor named Yi Zhang. Congratulations are in order for Netflix and Prof. Zhang's team who are demonstrating, yet again, the power of prizes to accelerate progress."

Josh Fink writes "Space.com is reporting that President Bush has unveiled his new space policy. From the article: 'U.S. assets must be unhindered in carrying out their space duties,' the Bush space policy says, stressing that 'freedom of action in space is as important to the United States as air power and sea power.'... As a civil space guideline, the policy calls upon NASA to 'execute a sustained and affordable human and robotic program of space exploration and develop, acquire, and use civil space systems to advance fundamental scientific knowledge of our Earth system, solar system, and universe.' While this policy does seem to push for more civil involvement in space for exploration and research, the article does go on to say, 'The policy calls upon the Secretary of Defense to "develop capabilities, plans, and options to ensure freedom of action in space, and, if directed, deny such freedom of action to adversaries."' So it will push into the intelligence community, and will supercede a similar policy from 1996. You can read the entire policy."

An anonymous reader writes "International Business Times reports that not all online social networks are the same, according to new research released this week. Internet research firm, comScore Networks, said on Thursday that significant age differences exist between the user bases of these websites. "While the top social networking sites are typically viewed as directly competing with one another, our analysis demonstrates that each site occupies a slightly different niche," commented Jack Flanagan, executive vice president of comScore Media Metrix."

Kranfer writes "The register has an article about how the Chinese have recently launched an attack against the US Department of Commerce. From the article: '...attacks originating from computer crackers largely located in China's Guangdong province are aimed at extracting sensitive information from targets such as the Commerce Department's technology export office. Security consultants and US government officials reckon the assaults have at least the tacit support of the Chinese government...' This is not the first time Chinese hackers have attempted to gain access to US Government systems."

holy_calamity writes "Entering passwords using a tactile interface would remove two of the main vulnerabilities of using keyboards and alphanumeric passwords say UK researchers. They're using sequences of tactile icons on a VTPlayer tactile mouse instead. Shapes are displayed using the 16-pin tactile displays under the user's fore and middle fingers. As well as being almost impossible for anyone else to observe, tactile passwords can't be guessable in the same way as many conventional ones, they say. A video shows it all in action." Not that the video really helps explain it very well.