When it comes to net neutrality, can we get along? Google and Verizon, antagonists on the question yet partners in Droid, say yes. The two companies have even teamed up to send the FCC ideas on how to handle network management disputes. 'Google/Verizon say that the Internet should function as an "open platform." That means, to them, that "when a person accesses cyberspace, he or she should be able to connect with any other person that he or she wants to—and that other person should be able to receive his or her message," they write. The 'Net should operate as a place where no "central authority" can make rules that prescribe the possible, and where entrepreneurs and network providers are able to "innovate without permission."'"

nine-times writes "After many years in IT, I've been surprised to notice how much of my traffic is still unencrypted. A lot of businesses that I interact with (both business and personal) are still using unencrypted FTP, and very few people use any kind of encryption for email. Most websites are still using unencrypted HTTP. DNSSEC seems to be picking up some steam, but still doesn't seem to be widely used. I would have thought there would be a concerted effort to move toward encryption for the sake of security, but it doesn't seem to be happening. I wanted to ask the Slashdot community, what do you think the hold up is? Are the existing protocols somehow not good enough? Are the protocols fine, but not supported well enough in software? Is it too complicated to manage the various encryption protocols and keys? Is it ignorance or apathy on the part of the IT community, and that we've failed to demand it from our vendors?"

Barence writes "Microsoft has issued a statement urging people to upgrade their browser to IE8, after the zero-day exploit that was used to attack companies such as Google went public. According to Microsoft's security advisory: 'the vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.' But, although IE6 has been the source of the attacks until now, Microsoft's advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7."

at_slashdot writes "The Perl CPAN Testers have been suffering issues accessing their sites, databases and mirrors. According to a posting on the CPAN Testers' blog, the CPAN Testers' server has been being aggressively scanned by '20-30 bots every few seconds' in what they call 'a dedicated denial of service attack'; these bots 'completely ignore the rules specified in robots.txt.'" From the Heise story linked above: "The bots were identified by their IP addresses, including 65.55.207.x, 65.55.107.x and 65.55.106.x, as coming from Microsoft."

An anonymous reader writes "Interesting video interview on silicon.com with Sheffield University's Noel Sharkey, professor of AI & robotics. The white-haired prof talks state-of-the-robot-nation — discussing the most impressive robots currently clanking about on two-legs (hello Asimo) and who's doing the most interesting things in UK robotics research (something involving crickets apparently). He also voices concerns about military use of robots — suggesting it won't be long before armies are sending out fully autonomous killing machines."

ChiefMonkeyGrinder writes "Key, then, to the Drumbeat project is openness, specifically openness as applied to the Internet. That fits in well with the original impulses behind Mozilla and Firefox. The former was about transforming the Netscape Communicator code into an open source browser, and the latter was about defending open standards from Microsoft's attempt to lock people into Internet Explorer 6 and its proprietary approaches. Both Mozilla and Firefox have succeeded, but the threats have now changed."

carusoj writes "An attack by a Chinese online game provider meant to cripple the servers of its rivals ballooned to cause an Internet outage in much of the country in May, according to police. The escalation began with a distributed denial-of-service attack on a domain registrar that serves many small gaming companies. While the national scale of the effects was unusual, such attacks are common among some small Internet businesses competing to draw customers in China, security researchers say. Police have arrested four people involved in the attack."

Anonymouse writes with this excerpt from SemiAccurate: "Apple keyboards are vulnerable to a hack that puts keyloggers and malware directly into the device's firmware. This could be a serious problem, and now that the presentation and code (PDF) is out there, the bad guys will surely be exploiting it. The vulnerability was discovered by K. Chen, and he gave a talk on it at Black Hat this year (PDF). The concept is simple: a modern Apple keyboard has about 8K of flash memory, and 256 bytes of working RAM. For the intelligent, this is more than enough space to have a field day. ... The new firmware can do anything you want it to. Chen demonstrated code which, when you put in a password and hit return, starts playing back the last five characters typed in, LIFO. It is a rudimentary keylogger; a proof of concept more than anything else. Since there is about 1K of flash free in the keyboard itself, you can log quite a few keystrokes totally transparently."