from the it-will-all-be-accessible-by-train dept.
Stoobalou writes "Europe has proposed an Internet Treaty to protect the Internet from the political interference which threatens to break it up. The draft international law has been compared to the 1967 Outer Space Treaty, which sought to prevent space exploration being pursued for anything less than the benefit of all human kind. The Internet Treaty would similarly seek to preserve the Internet as a global system of free communication that transcends national borders."
oztiks writes: A vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. For instance, attackers can break into a system and exploit a hole in the web server to get complete root (also known as superuser) rights or permissions for a victim's system.
According to a report, the problem occurs because the 32-bit call emulation layer does not check whether the call is truly in the Syscall table. Ben Hawkes, who discovered the problem, says the vulnerability can be exploited to execute arbitrary code with kernel rights. An exploit (direct download of source code) is already in circulation; in a test conducted by The H's associates at heise Security on 64-bit Ubuntu 10.04, it opened a shell with root rights.
The kernel developers have remedied the flaw in the repository, and Linux distributors will probably soon publish new kernels to close the hole. Until then, switching off 32-bit ELF support solves the problem if you can do without this function. For instructions, see: "Workaround for Ac1db1tch3z exploit".
Hawkes says the vulnerability was discovered and remedied back in 2007, but at some point in 2008 kernel developers apparently removed the patch, reintroducing the vulnerability. The older exploit apparently only needed slight modifications to work with the new hole.
An anonymous reader writes: Microsoft's failures with the KIN phone (only two months on the market, less than 10,000 phones sold) are well-known to slashdot readers, but the New York Times has more. Apparently Microsoft has all but admitted that they have lost young developers to the lures of free software. “We did not get access to kids as they were going through college,” acknowledged Bob Muglia, the president of Microsoft’s business software group, in an interview last year. “And then, when people, particularly younger people, wanted to build a start-up, and they were generally under-capitalized, the idea of buying Microsoft software was a really problematic idea for them.” Others, however, laugh at the idea that Microsoft requires the start-ups to meet certain guidelines and jump through hoops to receive software, when its free software competitors simply allow anyone to download products off a Web site with the click of a button. Is this another sign of the old dinosaur not being nimble enough to keep up with free software?
An anonymous reader writes: One of the most frustrating things about laptops is the myriad power supplies used. On a PC, an ATX power supply for example will screw into certain mounting holes, have a maximum size and shape, and will take a standard 3-pin 'kettle cord' for incoming power. If it complies with these standards the PSU will be able to bolt into any manufacturer's ATX case. Laptop design, on the other hand, involves cramming a PC into a tiny chassis, which usually has its own thermal design and power distribution requirements. This has led to the somewhat bizarre situation where every manufacturer has its own laptop power supply design. It now appears that some of the major players in laptops are getting together to work on a standardized laptop power supply design. Not only are big players involved, but the IEEE (Institute of Electrical and Electronics Engineers) has created a team to work on the Power Supply standard.
ninjaguitar writes: If you’ve had your fill of apocalyptic scenarios, earthquakes, volcanoes and global warming, here comes a new threat which may wipe out the world in 2013.Imagine a scene from any of Hollywood’s disaster films. An eerie scene where mobile phones go on the blink, GPS is knocked out, TVs go blank and the world is plunged into chaos.
Looks like disaster flicks aren’t too removed from reality since all this could well be the potential result of a gigantic solar storm, according to a new report by NASA. The report, a warning, says Earth and space are coming together in a way that’s new to human history. A solar storm, which is essentially violent eruptions in the sun, can eject destructive radiation and charged particles into space. These are closely connected to magnetic fields – which are hazardous for satellites and space stations... Link to Original Source
An anonymous reader writes: EEE announced the ratification of IEEE 802.3ba 40Gb/s and 100Gb/s Ethernet, a new standard governing 40 Gb/s and 100 Gb/s Ethernet operations. An amendment to the IEEE 802.3 Ethernet standard, IEEE 802.3ba, the first standard ever to simultaneously specify two new Ethernet speeds, paves the way for the next generation of high-rate server connectivity and core switching. The new standard will act as the catalyst needed for unlocking innovation across the greater Ethernet ecosystem. IEEE 802.3ba is expected to trigger further expansion of the 40 Gigabit and 100 Gigabit Ethernet family of technologies by driving new development efforts, as well as providing new aggregation speeds that will enable 10 Gb/s Ethernet network deployments.
tsamsoniw writes: Fed up with companies failing to address security holes fast enough, white hats are turning up the pressure by quickly making the vulnerabilities public. First Goatse Security made public thousands of email addresses of iPad users that it swiped from AT&T's Web site — after AT&T failed to disclose the data theft fast enough. Next a Google security engineer publicized an exploit for Windows XP — which is now being used widely — after deciding Microsoft was moving to slowly to fix the problem. In both cases, the Goatse and the security engineer are claiming they did what they did for the greater good: Though their actions put users at risk, it forces the offending companies to worker faster to fix the problem. Do the ends justify the means?
An anonymous reader writes: Olympus Japan has issued a warning to customers who have bought its Stylus Tough 6010 digital compact camera that it comes with an unexpected extra — a virus on its internal memory card.
The Autorun worm cannot infect the camera itself, but if it is plugged into a Windows computer USB port it can copy itself onto the PC, and then subsequently infect any attached USB device. Olympus says it "humbly apologises" for the incident which is believed to have affected some 1700 units, and that it will make every effort to improve its quality control procedures in future.
Security company Sophos says that more companies need to wake up to the need for better quality control to ensure that they don't ship virus-infected gadgets. At the same time, consumers should learn to always ensure Autorun is disabled, and scan any device for malware, before they use it on their computer.
shadowmage13 writes: "This recent post estimates that uEFI will replace BIOS in the next three years. This isn't breaking news, but should we be concerned? EFI could be considered a "DRM BIOS" because its control system may give it power over your OS and fully-free BIOS projects would be useless since they would require proprietary binary-only code to run on EFI. Linus Torvals has said it would add more complexity without any real advantages, and he refers to it as "this other Intel brain-damage (the first one being ACPI)"."
TheReal_sabret00the writes: VP8 is now free, but if the quality is substandard, who cares? Well, it turns out that the quality isn't substandard, so that's not an issue, but neither is it twice the quality of H.264 at half the bandwidth. See for yourself.
An anonymous reader writes: After evolving over 15 years to get to 1.0, a mere 2 years later and Wine 1.2 is just about here. There have been many many improvements and plenty of new features added. Listing just a few (doing no justice to the complete change set)
— Many new toolbar icons.
— Support for alpha blending in image lists.
— Much more complete shader assembler.
— Support for Arabic font shaping and joining.
— A number of fixes for video rendering.
— Font anti-aliasing configuration through fontconfig.
— Improved handling of desktop link files.