Feed aggregator

Xerox WorkCentre PJL Daemon Buffer Overflow Vulnerability

william points us to a Gizmodo post highlighting a TSA poster that appears to be suggesting that people photographing airplanes at airports somehow have nefarious intentions: This really does seem bizarre. Is it really so evil to take photos of airplanes? Now, some might point out that they're just asking people to be "vigilant" (which is misleading anyway), but how does it help to suggest vigilance should be targeted at people doing an activity which is legal? It's the equivalent of crying wolf, and that doesn't help anyone.

Permalink | Comments | Email This Story

Re: etax 2010 failure to validate remote ssl certificate properly

SQL Injection and XSS vulnerabilities in CubeCart version 4.3.3

[security bulletin] HPSBMA02576 SSRT090231 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code

[SECURITY] [DSA 2107-1] New couchdb package fixes arbitrary code execution

News, Infocus, Columns, Vulnerabilities, Bugtraq ...

An anonymous reader writes "The Swedish police, who have been instrumental in various raids against file sharing sites apparently may have a bit of a piracy problem on their own hands. It seems that they wanted to put together a database of shoe print info for matching shoe prints to the type of shoe at crime scenes. To do so, they used images found online, and some Swedish copyright experts have noted that this appears to violate Swedish copyright law. The police claim that there's an exception for police investigations, but people (and some shoe companies) are pointing out that creating a database isn't about an investigation."

Read more of this story at Slashdot.

Just as products based on ARM's much anticipated Cortex A9 are finally poised to hit the market, the company has announced yet another, even higher-end core design: the A15. Codenamed "Eagle," the A15 architecture is ostensibly aimed at netbooks and tablets, but a look at the spec sheet leaves no doubt that ARM is absolutely gunning for the server market that Intel and AMD currently dominate. Indeed, even going by what little ARM has revealed about the A15, it's very hard to imagine this thing in a smartphone when it launches at 32nm in 2012 or 2013. This is a laptop and server part, and ARM will use it to take the fight to x86.

Read the comments on this post

Just as products based on ARM's much anticipated Cortex A9 are finally poised to hit the market, the company has announced yet another, even higher-end core design: the A15. Codenamed "Eagle," the A15 architecture is ostensibly aimed at netbooks and tablets, but a look at the spec sheet leaves no doubt that ARM is absolutely gunning for the server market that Intel and AMD currently dominate. Indeed, even going by what little ARM has revealed about the A15, it's very hard to imagine this thing in a smartphone when it launches at 32nm in 2012 or 2013. This is a laptop and server part, and ARM will use it to take the fight to x86.

Read the comments on this post

Trailrunner7 writes "There appears to be an actual email worm in circulation right now, using the tried-and-true infection method of sending emails containing malicious executables to all of the names in a user's email address book. The worm arrives via emails with the subject line "Here You Have" or something similar, and the messages contain a link to a site that will download a malicious file to the victim's PC. The malware then drops itself into the Windows directory with a file name of CSRSS.EXE, which is identical to a legitimate Windows file. From there, it's 2001 all over again, as the worm attempts to mail itself to all of the contacts in the victim's Outlook address book."

Read more of this story at Slashdot.

Perhaps other bands have done this in the past, but I just found out about a band from Japan (who, believe it or not, I've seen perform live), The Tokyo Ska Paradise Orchestra (better known as Skapara), that is offering its fans a one-week Hawaiian trip with the band, including a plane ticket from Tokyo, a week with the band in Hawaii, including a private acoustic show on a cruise. The whole thing runs about $2,200, which doesn't seem too crazy if you're a huge fan of the band and want a trip to Hawaii (from Japan). And this is a band with a pretty big following (i.e., has sold out stadiums in Japan).

We've pointed out before that selling "access" to musicians is an excellent scarcity to sell, and with one recent study having 19% of respondents agree to the hyperbolic statement that they would pay anything to meet their favorite music stars, this seems like a business model that could be explored more. And, before people start claiming that we're now saying "the business model is to take vacations with your fans," just like we keep getting people falsely accuse us of saying the business model is to play mini-golf with fans, that's not what we're saying at all. We're just suggesting that bands explore ways in which access can work as a scarcity. It might not work for all acts, but it is an area that some might want to explore.

Permalink | Comments | Email This Story

Gadgetank writes "Researchers out of the Australian National University have created a device, working in conjunction with other necessary devices, that can literally move small particles with light. And only light. The way it works is by shining a hollow laser beam around some tiny glass particles. The researchers heat the air around the particles, and therefore cause the dark center of the beam to remain cool."

Read more of this story at Slashdot.

A new mobile version of the CouchDB database system, called CouchOne Mobile, is available for Google's Android operating system. The mobile version is still at a relatively early stage of development, but it will allow developers to take advantage of CouchDB's sophisticated replication functionality to synchronize data between desktop and mobile applications.

CouchDB is a schema-less document-based database that uses JSON as a storage format and JavaScript as a query language. It is popular in the so-called NoSQL community and is increasingly seeing deployment in high-profile business and scientific computing environments.

Read the comments on this post

A new mobile version of the CouchDB database system, called CouchOne Mobile, is available for Google's Android operating system. The mobile version is still at a relatively early stage of development, but it will allow developers to take advantage of CouchDB's sophisticated replication functionality to synchronize data between desktop and mobile applications.

CouchDB is a schema-less document-based database that uses JSON as a storage format and JavaScript as a query language. It is popular in the so-called NoSQL community and is increasingly seeing deployment in high-profile business and scientific computing environments.

Read the comments on this post

I'm Not There (1956) writes "Broadcom, the world's largest manufacturer of Wi-Fi transceivers, open sources its Linux device drivers. This is a big win for Linux users, as there are a lot of users that face Wi-Fi problems when they use Linux on their laptops. With these device drivers now open source, distributions can ship them out-of-the-box, and that means no Linux Wi-Fi problems for new devices and upcoming distributions at all."

Read more of this story at Slashdot.

Venerable author Cory Doctorow and I engaged in a friendly email debate this Summer, with the intention of sharing it to illuminate some issues confronting Free Culture and Creative Commons licenses. It's quite long, but hits on many topics of interest to Techdirt readers.

Read Paley & Doctorow argue over Non-Commercial licenses

Cory releases his books under -NC ("Non-Commercial") licenses. The -NC restriction is Creative Commons' most popular, but has a lot of problems, including incompatibility with Free licenses. As an alternative, I recommend the Creator Endorsed Mark used with a copyleft (such as Share-Alike) license. The sparks fly from there! (Actually it's all very civil, but if I say sparks fly maybe more people will read it.)

I'm curious to read how the Techdirt community weighs on on these issues, so please comment.

Permalink | Comments | Email This Story

An anonymous reader writes "Mozilla has published the first Firefox 4 build that integrates a new JavaScript engine that aims to match the performance in IE9 and reduces the gap to Safari, Opera and Chrome. This is really the big news we have been waiting for all along with Firefox 4 and it appears that the JavaScript performance is pretty dramatic and seems to beat IE9 at least as far as ConceivablyTech shows. Good to see Mozilla back in the game." The Mozilla blog gives a good overview of the improvements this brings; Tom's Hardware also covers the release.

Read more of this story at Slashdot.

Broadcom announced today the initial release of its new open source wireless drivers for Linux. The drivers, which are built using the kernel's own native SoftMAC framework, are currently in the kernel staging tree and are expected to eventually be merged upstream.

Broadcom networking hardware has typically been problematic on Linux because the community-developed open source drivers had to use a proprietary firmware blob from Broadcom that wasn't available under terms that facilitated redistribution. This has historically precluded out-of-the-box support for popular Broadcom chips that are used in many laptops and netbooks. Broadcom is finally addressing the issue and is working with the upstream kernel community.

"Broadcom would like to announce the initial release of a fully-open Linux driver for its latest generation of 11n chipsets. The driver, while still a work in progress, is released as full source and uses the native mac80211 stack," wrote Broadcom's Henry Ptasinski in a message on the Linux wireless mailing list.

When the new drivers are mature and are merged into the kernel mainline, it will allow Linux distributions to provide first-class support several common Broadcom wireless chips. According to a Canonical kernel developer, the new drivers will be included in the upcoming Ubuntu 10.10 release and may be backported to the current stable version. The driver currently supports BCM4313, BCM43224, and BCM43225, but it can be extended in the future to support additional Broadcom hardware components.

Read the comments on this post

Broadcom announced today the initial release of its new open source wireless drivers for Linux. The drivers, which are built using the kernel's own native SoftMAC framework, are currently in the kernel staging tree and are expected to eventually be merged upstream.

Broadcom networking hardware has typically been problematic on Linux because the community-developed open source drivers had to use a proprietary firmware blob from Broadcom that wasn't available under terms that facilitated redistribution. This has historically precluded out-of-the-box support for popular Broadcom chips that are used in many laptops and netbooks. Broadcom is finally addressing the issue and is working with the upstream kernel community.

"Broadcom would like to announce the initial release of a fully-open Linux driver for its latest generation of 11n chipsets. The driver, while still a work in progress, is released as full source and uses the native mac80211 stack," wrote Broadcom's Henry Ptasinski in a message on the Linux wireless mailing list.

When the new drivers are mature and are merged into the kernel mainline, it will allow Linux distributions to provide first-class support several common Broadcom wireless chips. According to a Canonical kernel developer, the new drivers will be included in the upcoming Ubuntu 10.10 release and may be backported to the current stable version. The driver currently supports BCM4313, BCM43224, and BCM43225, but it can be extended in the future to support additional Broadcom hardware components.

Read the comments on this post