diegocg writes "Linux 3.1 has been released. The changes include support for the OpenRISC opensource CPU; performance improvements to the writeback throttling; some speedups in the slab allocator; a new iSCSI implementation; support for NFC chips; bad block management in the generic software RAID layer; a new 'cpupowerutils' utility for power management; filesystem barriers enabled by default in Ext3; Wii Controller support; and [the usual] new drivers and many small improvements."

Coop's Troops writes "An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft's Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations — DEP, SafeSEH and ASLR — to exploit the Windows operating system. As a result, some applications with bugs that are not exploitable when running in a not-virtualized operating system are rendered exploitable if running within a guest OS in Virtual PC."

MileHighScience writes to mention that a new type of sauropod has been discovered by scientists from Utah's Brigham Young University. Dubbed Abydosaurus mcintoshi, the new addition to the long necked dinosaur family was discovered at Dinosaur National Monument. "The circumstances of its discovery were both unusual and dramatic. The researchers stumbled on four skulls in a quarry at the preserve. Two were still intact. Sauropod skulls are rarely found in the fossil record because the soft tissue from which they are constructed is unlikely to be preserved after death. 'Their heads are built lighter than mammal skulls because they sit way out at the end of very long necks,' Brooks Britt, a BYU paleontologist said in a news release. 'Instead of thick bones fused together, sauropod skulls are made of thin bones bound together by soft tissue.' Of more than 120 known species of sauropods, there have been only eight instances in which scientists have been able to recover intact skulls."

pkrumins writes "The ldd utility is more vulnerable than you think. It's frequently used by programmers and system administrators to determine the dynamic library dependencies of executables. Sounds pretty innocent, right? Wrong! It turns out that running ldd on an executable can result in executing arbitrary code. This article details how such executable can be constructed and comes up with a social engineering scenario that may lead to system compromise. I researched this subject thoroughly and found that it's almost completely undocumented."

Last Friday Bryce Byfield gave us a little insight into the fallout surrounding his article on sexism in the FOSS world. Unfortunately it seems that FOSS junkies did little better than the rest of the world with respect to sexism, displaying similar levels of denial, abuse, and ignorance. "But the real flood of emotion comes from the anti-feminists and the average men who would like to deny the importance of feminist issues in FOSS. Raise the subject of sexism, and you are met with illogic that I can only compare to that of the tobacco companies trying to deny the link between their products and cancer. Because I took a feminist stance in public, I have been abused in every way possible — being called irrelevant, a saboteur, coward, homosexual, and even a betrayer of the community. I know that many women in the community have been attacked much more savagely than I have, so I'm not complaining. Nor am I a stranger to readers who disagree with me, but the depth of reaction has taken me back more than once. I think the reaction is an expression of denial more than anything else."

suraj.sun sends in this excerpt from CNet: "One of the most recognizable brands in the history of illegal downloading is due to officially resurface, perhaps as early as next week, sources close to the company told CNET News. Only this time the name Kazaa will be part of a legal music service. Altnet and parent company Brilliant Digital Entertainment attached the Kazaa brand to a subscription service that will offer songs and ringtones from all four of the major recording companies. For the past few months, a beta version has been available. The company tried recently to ratchet up expectations with a series of vague, and what some considered misguided, press releases. The site will open with over 1 million tracks." The NYTimes has a related story about how the music industry is trying to convert casual pirates by offering more convenient new services.

tunersedge writes "Yesterday I dug out of my parents' basement a PC they had bought brand new in 1984: Epson Equity I personal computer; 512K RAM; 82-key keyboard; 2 (count 'em!, 2) 5.25" floppy disk drives; 13' RGB monitor (with contrast/brightness knobs); handy on/off switch; healthy 25-year-old yellowed plastic; absolutely no software. (My mom ran a pre-school, and they used it to keep records and payroll. I cut my programming teeth on this thing. GW-Basic was my friend. Kings Quest screens took 2 minutes to load when you walked into a new one.) When I resurrected this machine I pulled the case off, dusted out a little, and plugged it in. It actually fired up! I'm stoked, except the disks we had are missing. What I'm looking to do is either buy some old working disks with whatever I can find (MS-DOS 3.22, GW-Basic, whatever), or try and recreate some using a USB-based floppy drive and some modern software. Has anyone tried to resurrect a PC this old before?"

The LA Times is running a story about Earth Speaks, a companion project to SETI, which focuses on how we would communicate with intelligent extraterrestrial life, should we happen to discover it. Far more effort has been devoted to searching for signals or a means to communicate than the question of what we might say once contact is established, and the folks at SETI have set up a website to gather opinions on what the best questions and statements are. "So far, the messages break down into a few distinct categories. Some people want to throw a block party to welcome the aliens to the neighborhood. Others, less trusting, would warn the aliens that we've got guns and know how to use them. Another group, possibly influenced by having seen too many movies, would have us hide under the bed until they go away. 'If we discover intelligent life beyond Earth, we should not reply — we should freeze and play dead,' wrote one contributor." What would you say first to an alien?

An anonymous reader writes to mention that Microsoft has rolled out a preview version of their Bing Search site earlier than expected. Microsoft's hope at putting a dent in Google's ubiquitous search presence, Bing has several new features including Bing Cashback, Bing Video, and Bing xRank. "Bing Video is really great because of the new thumbnail video feature. Try searching for E3 at Bing Video and you'll quickly see how it works. Simply hover over a video and it starts playing instantly. This is fantastic from the consumer's point of view but what about the publisher? It's almost like Microsoft is stepping on their toes by deploying video search in this manner. Would a user still click on to the site if they can watch the whole video from within the search results? Fair use definitely comes into mind here. Perhaps there should be a 30second limitation on the 'thumbnail preview?'"

jamie points out an update in the case of Jason Fortuny, the Craigslist prankster who was sued last year for publicly posting responses to a fake personal ad. The Citizen Media Law Project's summary of his case now includes a recently entered default judgment (PDF), fining Fortuny "... in the amount of $35,001.00 in statutory damages for Count I, violation of the Copyright Act; $5,000 in compensatory damages for Count II, Public Disclosure of Private Facts, and Count III, Intrusion Upon Seclusion." He has also been ordered to pay more than $34,000 in attorney and court fees.

The Narrative Fallacy writes "Bill Sweetman has a tongue-in-cheek post about how a few years ago he started collecting some of the more outlandish and amusing email subject lines from the many thousands of spam emails he received promoting various 'solutions' related to his private parts. Sweetman, a Canadian internet marketeer now working for Tucows gets a guilty pleasure from the copywriting 'skills' of the spammers. 'Sometimes the writing is clever. Sometimes it is accidentally funny. And sometimes it's just plain bizarre.' Sweetman writes that it takes a certain twisted creative genius to make your spam message stand out from the rest. and gives us ten of his favorite spam subject lines as well as his would-be replies to the messages. Favorites spam subject lines include 'Small friend is for hiding, big friend is for showing off' and Sweetman's reply: 'Even if the product they are pitching works as promised, I still don't think I would be walking around the neighborhood showing off the results.'"

cooper writes "Heise Open posted news about a bug report for the upcoming Ubuntu 9.04 (Jaunty Jackalope) which describes a massive data loss problem when using Ext4 (German version): A crash occurring shortly after the KDE 4 desktop files had been loaded results in the loss of all of the data that had been created, including many KDE configuration files." The article mentions that similar losses can come from some other modern filesystems, too. Update: 03/11 21:30 GMT by T : Headline clarified to dispel the impression that this was a fault in Ext4.

jonr writes "'I call it my billion-dollar mistake. It was the invention of the null reference in 1965. At that time, I was designing the first comprehensive type system for references in an object oriented language (ALGOL W). My goal was to ensure that all use of references should be absolutely safe, with checking performed automatically by the compiler. But I couldn't resist the temptation to put in a null reference, simply because it was so easy to implement. This has led to innumerable errors, vulnerabilities, and system crashes, which have probably caused a billion dollars of pain and damage in the last forty years. In recent years, a number of program analysers like PREfix and PREfast in Microsoft have been used to check references, and give warnings if there is a risk they may be non-null. More recent programming languages like Spec# have introduced declarations for non-null references. This is the solution, which I rejected in 1965.' This is an abstract from Tony Hoare Presentation on QCon. I'm raised on C-style programming languages, and have always used null pointers/references, but I am having trouble of grokking null-reference free language. Is there a good reading out there that explains this?"

MBCook writes "AppleInsider has posted a great article explaining that Wired's story about Japanese iPhone hate was completely false and has been edited at least twice. The comments in the article were recycled and taken out of context, with those interviewed blogging about the mistakes. The piece then goes on to analyze the iPhone's standing in Japan, as well as some of the major factors working for and against it. At last it points out that the Wall Street Journal tried the same myth of failure just after the phone's launch in Japan, recycled from a myth the year before, pushed by a research company with a possible anti-Apple agenda."