Schneier has pointed out an excellent series of blog posts about threat modeling by Microsoft's Larry Osterman. The series focuses on the PlaySound API as an example. "As you go about filling in the threat model threat list, it's important to consider the consequences of entering threats and mitigations. While it can be easy to find threats, it is important to realize that all threats have real-world consequences for the development team. At the end of the day, this process is about ensuring that our customer's machines aren't compromised. When we're deciding which threats need mitigation, we concentrate our efforts on those where the attacker can cause real damage."

Theovon writes, "It's only been two days since the announcement of the official release of Ubuntu 6.10 (Edgy Eft), and the fallout has been very interesting to watch. By and large, fresh installs of Edgy tend to go well. Many people report improved performance over Dapper, improved stability, better device support, etc. A good showing. But what I find really interesting is the debacle that it has been for people who wanted to do an 'upgrade' from Dapper (6.06). Installing OS upgrades has historically been fraught with problems, but previous Ubuntu releases, many other Linux distros, and MacOS X have done surprisingly well in the recent past. But not Edgy." Read on for the rest of Theovon's detailed report.

cloudmaster writes "Apparently they were watching me to see when I downloaded the 6.10-rc release isos, as I did that last night, and the full release happened this morning. :) Neat stuff, including Firefox 2.0, Gnome 2.16, myth 0.20, faster booting thanks to upstart (sort of a replacement for init, among others), etc. The announcement and download pages are up. I've got *my* torrent running..."

GDI Lord writes "The Microsoft Internet Explorer Team sent the Firefox team a cake for the release of Firefox 2! "P.S.: No, it was not poisoned" " That they know of anyway.

AcidAUS writes "Google is being accused of refusing to remove racist blogs targeting minority groups in Australia. Google, whose corporate motto is "don't be evil", says it will take the blogs in question offline only if ordered to do so by a court."