Wolfier writes "For wireless carrier Rogers in Canada, it seems that 'Customer Safety' only becomes a concern after months of neglect. Rogers is the only GSM carrier in Canada and so the only choice for Android users. Months ago, a customer called Rogers to report a firmware bug that was preventing users from making 911 calls under certain circumstances, and informed the carrier that Google had fixed the bug (recording of that call). But Rogers is only doing something about it now — namely, cutting data access of paying customers until they accept a mandatory firmware upgrade that not only fixes the 911 problem, but also contains 'extra' features that prevent users from ever gaining root access to their phones — even non-subsidized ones. And some phones are also getting bricked by this 'official' update. The moral: we really need to open up the competition here up North."

mikepery writes with a followup to last month's mention of a security vulnerability affecting Gmail accounts, which it seems understated the problem. "I figure the Slashdot readership is the best place to reach a large number of slacking admins and developers, so I want to announce that it's been 30 days since my DEFCON presentation on HTTPS cookie hijacking, and as such, it's now time to release the tool to a much wider group. Despite what was initially reported, neither the attack nor the tool are gmail-specific, and many other websites are vulnerable. So, if you maintain any sort of reasonable looking website secured by any SSL certificate (Sorry Rupert, you lose on both counts), even if it is just self-signed, you can contact me and I will provide you with a copy of the tool. Be sure to put 'CookieMonster' in the subject, without a space." (More below.)