An Astonishing Collaboration

On Tuesday, software developers and network-hardware providers released a patch for a significant flaw in the domain-name service (DNS) system. The researcher who found the bug, Dan Kaminsky, talks about the issue and the history of DNS problems in the column, reprinted with permission from his site.

read more | digg story

Latest phishing schemes target Apple - SC Magazine US

It was only a matter of time before Apple users became attractive targets. If you think about the demographics of the typical Mac user it is obvious why they could be perceived as "easy targets"1. The belief that Apple software is not vulnerable2. Economic profile - higher income3. More trusting - not been burned before

read more | digg story

Three Cisco advisories released today

Cisco has released three advisories this week, two that cover DOS vulnerabilities in IOS SSH and the Secure Control Engine (SCE) and one privilege escalation in Cisco Voice Portal (CVP).Of course it was only a matter of time before we start hearing about Cisco IOS have many of the same issues as OS Software. Even more interesting however is the idea that Cisco is promoting the notion that you do not need to buy servers anymore. Instead you can run your server applications on your Cisco enterprise switching infrastructure. Let the patching cycle begin!

read more | digg story

Data Loss Prevention: Where Do We Go From Here?

I would change the idea that it is the CIO that is responsible for protecting information in the enterprise. It is in reality a business responsibility and as such the CEO should take the protection of enterprise data as a priority to protect the organizations information.

read more | digg story

Apple Mac trojan horse aims to steal money from Mac users

"Apple Macintosh users need to learn from the mistakes made by their Windows cousins in the past and ensure that they have defences in place, are up-to-date with patches and exercise caution about what they run on their computer."

read more | digg story

Apple less secure than Microsoft!

I recently heard a so called "security professional" state that security software is not necessary for the Mac. Well, not only are they wrong but the Mac is more likely to be comprimised since Apple is slower to patch than Microsoft. If you have a Mac you might already be 0wnd.

read more | digg story

Mac is the first to fall in Pwn2Own hack contest

A brand-new MacBook Air running a fully patched version of Leopard was the first to fall in a contest that pitted the security of machines running OS X, Vista and Linux. The exploit took less than two minutes to pull off.For all you so called "security professionals" that maintain the Macintosh does not need security software. We people, Mac is the first to fall in Pwn2Own hack contest.

read more | digg story

Have iTunes? "Free" upgrade to vulnerable browser for you!

Not only has Apple engaged in a questionable practice of "upgrading" software that is not installed (read Safari) but as an added feature your new software comes preinstalled with security vulnerabilites. Nice!

read more | digg story

No security software for Apple Macintosh?

I recently read an article from a so call "security expert" that stated Macintosh computers do not need security software. This is the most idiotic statement that I have ever heard a "security expert" make. Blatently irresponsible!

read more | digg story

Technical Cyber Security Alert TA08-079A - Apple Updates for Multiple Vulnerabilities

This could get tiresome, almost like watching Microsoft patches...

National Cyber Alert System

Technical Cyber Security Alert TA08-079A


Apple Updates for Multiple Vulnerabilities

Original release date: March 19, 2008
Last revised: --
Source: US-CERT

Systems Affected

* Apple Mac OS X versions prior to and including 10.4.11 and 10.5.2
* Apple Mac OS X Server versions prior to and including 10.4.11
and
10.5.1
* Apple Safari prior to 3.1, including both OS X and
Windows
versions

Overview

Apple has released the Apple Security Update 2008-002 and Apple
Safari
3.1 to correct multiple vulnerabilities affecting Apple Mac OS X,
Mac
OS X Server, and Apple Safari. Attackers could exploit
these
vulnerabilities to execute arbitrary code, gain access to
sensitive
information, execute cross-site scripting attacks or cause a denial
of
service.

I. Description

Apple Security Update 2008-002 and Apple Safari 3.1 to address
a
number of vulnerabilities affecting Apple Mac OS X, OS X Server,
and
Safari. Further details are available in the US-CERT
Vulnerability
Notes Database.

II. Impact

The impacts of these vulnerabilities vary. Potential
consequences
include arbitrary code execution, sensitive information
disclosure,
cross-site scripting, and denial of service.

III. Solution

Install updates from Apple

Install Apple Security Update 2008-002. These and other updates
are
available via Software Update or via Apple Downloads.

IV. References

* US-CERT Vulnerability Notes for Apple Security Update 2008-002 -

_2008_002>

* About the security content of Apple Security Update 2008-002 -


* About the security content of Safari 3.1 -


* Mac OS X: Updating your software -


* Apple Support Downloads -


_______________________________________________
ENT_CYBER_STF mailing list
ENT_CYBER_STF@listsmart.osl.state.or.us
http://listsmart.osl.state.or.us/mailman/listinfo/ent_cyber_stf
Hosted by the Oregon State Library (503)378-4246
Please use this contact for technical list questions only.
For informational questions related to message content, please contact the sender of the message, by phone or email.

Cyber Security Alert SA08-079A - Apple Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Cyber Security Alert SA08-079A


Apple Updates for Multiple Vulnerabilities

Original release date: March 19, 2008
Last revised: --
Source: US-CERT

Systems Affected

* Apple Mac OS X
* Apple Safari for Mac and Windows

Overview

Apple Mac OS X and Apple Safari are affected by multiple
vulnerabilities. Apple has released Security Update 2008-002 and
Safari 3.1 to address these vulnerabilities, the most serious of
which may allow a remote attacker to take control of your computer.

Solution

Install an Update

Use Software Update to install Apple Security Update 2008-002 or
Safari 3.1.

Description

Apple Mac OS X is affected by multiple vulnerabilities. These
vulnerabilities could allow an attacker to run malicious programs
on your computer, crash your computer, or access your data without
your approval.

For more technical information, see US-CERT Technical Alert
TA08-079A.

References

* US-CERT Technical Cyber Security Alert TA08-079A -


* Vulnerability notes for Apple Security Update 2008-002 -


* About the security content of Security Update 2008-002 -


* About the security content of Safari 3.1 -


* Mac OS X: Updating your software -


_________________________________________________________________

The most recent version of this document can be found at:


_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to with "SA08-079A Feedback VU#766019" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit .
_________________________________________________________________

Produced 2008 by US-CERT, a government organization.

Terms of use:


____________________________________________________________________

Revision History

March 19, 2008: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR+FiIvRFkHkM87XOAQIxVAf/ScYjb31IbAATwvPA1JpHNgQq/lUuXATt
kaTBFJBK1Ih1ZAy7ht/dh2B6ADCMeytokRGtdhEIGd74M8pPJNL2tXbP4EuhMiH9
Lis56P6HM8+wXxbGvl+fFs5MrNgxmvz++EL3LwlZlN+hR2d0J1w3Gxh/GbcPsSRa
3WvbLEpnTAXs+oDydwoe3MYGMTh9tTwj/g8rPX3t692plYVSiDV9R1a4oFKJfZEA
z6zNu9K4xfE2U6qxev87JxaJHyRv22rWk+jo2tXv3SDcnNNlMvjHaxGpQ29/xd1a
A5CcmQmDeyXHfvpL4TbCpmsIlvkbgkn69ujOg1rNHYMJWvdWlULq4A==
=Xs7c
-----END PGP SIGNATURE-----

Apple Safari Prior to 3.1 Multiple Security Vulnerabilities

Apple Safari is prone to 12 security vulnerabilities. Attackers may exploit these issues to execute arbitrary code, steal cookie-based authentication credentials, spoof secure websites, obtain sensitive information, and crash the affected application. Other attacks are also possible. I guess I'll focus on Apple vulnerabilities for awhile :DSince Mac's are so secure maybe we should have some fun pointing out how wrong this assumption is! "Execute arbitray code" anyone?

read more | digg story

Macintosh Computers Increasingly Vulnerable to Comprimise

If you are a "Security Professional" and you don't think that a Mac needs protection get a new job!Read the previous post!

read more | digg story

Should Mac Users Run Antivirus Software?

With fewer than 200 known viruses over all time, is there really any reason to run antivirus software on a Mac, given the cost, intrusiveness, and resource usage? Macintosh security expert Rich Mogull doesn't use antivirus software and recommends that the average Macintosh user avoid it as well. Should you bother?Are you kidding? This is such a stupid argument I don't even know why I'm wasting a blog on it.

read more | digg story

Holes In Your Programs And How They Can Help Install Rootkit

Have you ever wondered why you have anti virus, anti spyware, anti adware ( Microsoft Windows Defender, Spybot, Spywareblaster ) but but still get windows popping up with ads, your hard drive is constantly churning or your internet usage stats have gone sky high. If you run as administrator you are probably already owned.

read more | digg story

We Don’t Need No Education

Security awareness training is costly and does go beyond how we interact with our PC's. I agree one hundred percent with the idea that awareness training should cover physical security, emergency response, and reporting suspicious activity.

read more | digg story

Mac Vs. PC, how about Apache Vs. IIS?

With the proliferation of "drive by" web server comprimises it serves the best interest of the "bad guys" when Apache people on Linux think that because they are not Windows they are immune from Windows exploits. iFrame exploits and malicious Javascript are OS agnostic. Safe surfing!

read more | digg story

Built-in Windows commands to determine if a system has been

Ed Skoudis identifies five useful Windows command-line tools for machine analysis and discusses how they can assist administrators in determining if a machine has been hacked.It's always good to have a command line toolset!

read more | digg story

Data loss prevention (DLP) tools: The new way to prevent ide

To protect confidential information, some security pros are turning to data loss prevention technology. Peter Giannoulis explains the strengths and weaknesses of DLP products.As part of a data classification effort DLP can help a great deal with "tagging" classified data.

read more | digg story

Customized security for virtual machines

As Virtual Machines become more popular methods to increase the security posture of these devices will become increasingly important.

read more | digg story

Cover-up: special investigator "cures" virus with 7-stage hard drive wipe

A US special investigator leading the inquiry into Karl Rove has himself been called out for suspicious behavior, after taking several systems to third-party techs for a thorough data wipe that he says was needed because of malware. Right.While a 7-stage hard drive wipe might lead one to believe that he has "taken to the cleaners" (we all know that a single pass writing a 0's or 1's would be sufficient) I would yell BullS..T to needig to wipe a drive to eliminate a virus. A simple format/reinstall should be adequate wouldn't you think?

read more | digg story

SANS Internet Storm Center - Quicktime 7.3 patches serious security bugs

It really looks like Apple is going to have to learn some lessons from Microsoft regarding security. The honeymoon is over as Apple becomes increasingly the target of malicious entities bent on cyber domination.

read more | digg story

Malicious PDF files being spammed out in volume - F-Secure Weblog : News fr

Once software becomes bloatware, which Acrobat Reader has become, it is ripe for just this sort of abuse. Me, I'm going to get a nice simple PDF reader which does not include any "fancy" add-ons. How about you?

read more | digg story

Symantec Security Response Weblog: We pwn your Desktop!

People will never learn... wake up! It is unfortunate but you must think like the "bad guy/gal" in order to protect yourself. Any unsolicited offer should be immediately suspect. How ironic that offers of "security" actually compromise your system. Why rob a bank or break into a building when you can rob people on the web and get away with it?

read more | digg story

McAfee Avert Labs Blog - PDF mailto Exploit: Seen in wild today!

This is the primary problem with all of the additional functionality the most people never use that is built into today's applications like Adobe Reader and Microsoft Office. Please, PLEASE give me simple software that does only what I want. Maybe the industry should look to Mozilla. With Firefox I get a good browser that can be extended on demand

read more | digg story

Windows firewall squeezes into USB key

A complete Linux-base hardware firewall computer is now available in a tiny, USB key sized device. The "Yoggie Pico" aims to protect both fixed and mobile Windows computers against a wide range of security threats; it guards both wired and wireless network connections.I don't know about you but I'm getting one as soon as they are available!



read more | digg story

Eight in ten major Web sites highly vulnerable to attack

Link to original

April 19, 2007 (PC World) -- Eight out of ten Web sites contain common flaws that can allow attackers to steal customer data, create phishing exploits, or craft a variety of other attacks, a security company reported today.

WhiteHat Security regularly scans hundreds of "very popular, very high-traffic sites" for its online business customers, says Jeremiah Grossman, the company's founder. "More than likely, you have shopped there, or bank there," he says. Thirty percent of scanned sites contain an urgent vulnerability, such as one that allows direct access to a company database with customer information, he says.

Two out of three scanned sites have one or more cross-site scripting (XSS) flaws, which take advantage of problems with sites' programming and are increasingly used in phishing attacks. A recent eBay scam used a now-fixed XSS hole on the auction site to direct anyone who clicked on a phony car auction to a phishing site.

Glitch Gives Woman Access To Others' Turbo Tax Information

Many people use Turbo Tax to help them file their taxes, but one woman discovered an error in the program that could cost users thousands of dollars and their identities.The woman discovered a key to the backdoor of some tax returns filed online through Turbo Tax."It's ALWAYS a good idea to input your SSN and bank info into a web app!"



read more | digg story

DVD Security Group Says It Fixed Flaws

http://ibtimes.com/articles/20070409/dvd-security.htm When will the industry come to understand that this is a loosing battle. Rather than make the distribution of the media more expensive by trying in a futile manner to protect the un-protectable why not simply lower the price such that reasonable people will simply buy the product?



read more | digg story

Researcher has new attack for embedded devices

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9015618&taxonomyId=17

It was only a matter of time. The attackers go after our networks, and we protect them with firewalls, IDS/IPS, and ect., they go after our applications and we firewall, proxy, and securly code them. Now our "little helper" devices have become our enemy. What will be next?

PHP Hash Table Overwrite Arbitrary Code Execution Vulnerability

The session extension does not set the correct reference count value for the session variables, because it does not include the internal pointer from within the session globals. Due to this unsetting _SESSION and HTTP_SESSION_VARS will destroy the Hashtable containing the session data although the session extension still has an internal pointer toUpgrade you PHP people...



read more | digg story

Exploiting Microsoft DNS Dynamic Updates for Fun and profit

By default, most Microsoft DNS servers integrated with active directory allowinsecure dynamic updates for dns records.This feature allows remote users to create, change and delete DNS records.There are several attack scenarios:You ARE using Microsoft for you DNS right? NOT!!!



read more | digg story

Microsoft Windows Animated Cursor Handling Vulnerability

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. Successful exploitation allows execution of arbitrary code.



read more | digg story

PHP Insecurity - Register_Globals = off

SummaryWhen register_globals is activated the deserialization of the session data can overwrite any global variable, including the _SESSION array. Because of its special implementation this can result in arbitrary code execution.Affected versionsAffected are PHP 4 < 4.4.5 and PHP 5 < 5.2.1



read more | digg story

And we are still using Microsoft IE becuase?

Microsoft confirms Windows zero-day, drive-by exploits by ZDNet's Ryan Naraine -- [UPDATE: March 29, 2007 @ 1:15 PM Eastern] Microsoft has confirmed that this is indeed a zero-day flaw that will require a security update. Although Internet Explorer is the primary attack vector, this is a vulnerability in the way Windows handles animated cursor (.ani) files. From Redmond's security advisory: The threat is caused by insufficient [...]

When will we learn... just one more zero day attack that has to be managed. Honestly it would take less time to "patch" IE by switching to Mozilla Firefox. I noticed recently that while Mozilla is not "bug" free the time it takes to patch a reported vulnerability is hours, or days, at most. Probably an advantage to NOT having the browser integrated into the OS?

Dell pre-installing Linux. Chalk one up for the penquin!

Dell, oddly enough, is listening to the many thousands of direct requests its customers made during its big public brainstorm (aka IdeaStorm) not so far back. The result of nearly 70% of participants requesting Linux on Dell machines?

http://www.engadget.com/2007/03/29/dell-were-going-linux-and-its-all-because-of-you/

It was only a matter of time. Chalk up one for the Penguin. IBM, and now Dell, who will be next. And, will Linux become a mainstream option? Say goodbye to the Microsoft "tax" on new PC's. It will be interesting to see how Microsoft reacts to this state of affairs?

Of course Microsoft may be ahead of, and in charge of, this change. Novell and Microsoft are playing nice lately and Dell will be distributing Novell's SuSE Linux correct? I wonder if Microsoft will be providing the license for the Dell Linux versions?

Heavy metal music linked with gifted students

New study finds "many adolescent "metalheads" are extremely bright and often use the music to help them deal with the stresses and strains of being gifted social outsiders." Haha, validation.http://www.telegraph.co.uk/connected/main.jhtml?xml=/connected/2007/03/21/nmetal21.xmlSo that's why I listened, and now must listen a second time as my children "cope" with being talented :)



read more | digg story

Nokia N800 Internet Tablet

Future enhancements including Skype, IM clients, and a discussion about how to market a new product category.



read more | digg story

Down with RIAA: Tomorrow is "Bum Rush the Charts" day for iTunes shoppers

An interesting experiment is taking place Thursday on iTunes. Can shoppers and followers of podsafe and independent musicians push one selected 99-cent single to the top of the "most popular" list on iTunes for one day? We'll see. The first lucky band is Black Lab, who is giving half the sale proceeds to a music charity.The people rule. Down with the large record companies Podsafe the world!



read more | digg story

Microsoft executive: Pirating software? Choose Microsoft

Microsoft group president Jeff Raikes told an audience in San Francisco last week that the company hopes people, if they’re going to pirate software, choose to pirate Microsoft software. What’s Raikes thinking?



read more | digg story

Total Information Awareness (TIA) is back now at Homeland Security

GAO investigation into son-of-TIA (ADVISE) is due this week. The system sifts through personal data of US citizens looking for 'patterns' that might indicate terrorist activity. "The technology is expected to analyze more than 3 million 'relationships' or connections per hour."Are you worried about the Government know everything that you do? Not me, I've always wanted an expense paid trip to Cuba, not!



read more | digg story

ThoughtFix on Nokia Internet Tablets: Navicore Navigation Kit Update

ThoughtFix on Nokia Internet Tablets: Navicore Navigation Kit Update

Commodore Returns With New Gaming PCs

Commodore is a name which will bring memories flooding back to many a gamer and it's been announced that the legendary brand is to return with a new range of high specification gaming PCs. The new Commodore PCs optimised for gaming will be launched at the CeBIT show in Germany on March 15.

Source: http://www.pro-g.co.uk/news/06-03-2007-4930-1.html

The Commodore 64 was a pivotal experience and what has led me to my current career as a technologist. The idea that this platform will be re-introduced gets my hopes up so high I wonder if the platform will be able to live up to my expectations?

I am drooling over the March 15th time frame when we will find out more about this exciting announcement!

Microsoft Hit By U.S. DOT Ban On Windows Vista, Explorer 7, and Office 2007

Tens of thousands of federal workers are prohibited from upgrading to the latest versions, according to memos seen by InformationWeek.'In a memo to his staff, DOT chief informationofficer Daniel Mintz says he has placed "an indefinite moratorium" on theupgrades as "there appears to be no compelling technical or business casefor upgrading to these new Microsoft software products. Furthermore,there appears to be specific reasons not to upgrade.'"Amen to that!



read more | digg story

Vista activation cracked by brute force

From the Inquirer:

It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally.

"To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legit keys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing."
posted by Zonk on Friday March 02, @10:02 on /.

My thoughts...

Microsoft will HAVE to deal with this issue and provide replacement keys. If they do not the run the risk of having "legitimate" customers turning pirate and using crackers tools to activate software that was purchased legally.

Activation is a huge mess and will never be effective. Some would even say that it promotes piracy. If Microsoft wants to really stop the problem with illegal copies of it's software than they will have to price it reasonably. Is Vista a new product, or an upgrade the fixes problems with legacy code? I have six computers at home and paying upwards of $1800 to move all of them to Vista is not going to happen, I'll stick with Linux and XP thank you very much. Now for $600 I would gladly purchase Vista and install it on each and every machine.

Vista activation cracked by brute force

It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally."To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legitkeys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing."posted by Zonk on Friday March 02, @10:02 (Windows)Microsoft will HAVE to deal with this issue and provide replacement keys. If they do not the run the risk of having "legitimate" customers turning pirate and using crackers tools to activate software that was purchased legally. Activation is a huge mess and will never be effective. Some would even say that it promotes piracy. If Microsoft wants to really stop the problem with illegal copies of it's software than they will have to price it reasonably. Is Vista a new product, or an upgrade the fixes problems with legacy code? I have six computers at home and paying upwards of $1800 to move all of them to Vista is not going to happen, I'll stick with Linux and XP thank you very much. Now for $600 I would gladly purchase Vista and install it on each and every machine.



read more | digg story

Vista activation cracked by brute force

It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally."To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legitkeys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing."posted by Zonk on Friday March 02, @10:02 (Windows)Microsoft will HAVE to deal with this issue and provide replacement keys. If they do not the run the risk of having "legitimate" customers turning pirate and using crackers tools to activate software that was purchased legally. Activation is a huge mess and will never be effective. Some would even say that it promotes piracy. If Microsoft wants to really stop the problem with illegal copies of it's software than they will have to price it reasonably. Is Vista a new product, or an upgrade the fixes problems with legacy code? I have six computers at home and paying upwards of $1800 to move all of them to Vista is not going to happen, I'll stick with Linux and XP thank you very much. Now for $600 I would gladly purchase Vista and install it on each and every machine.



read more | digg story

CNN parent hit by bot worm

Breaking news: Slacking on security patches opens computers up to attack!Do you have Symantec products in hour workplace/home. Is your renewal coming up soon? Time for a change...



read more | digg story

Microsoft and Novell

There has been a lot of noise against the Microsoft/Novell partnership. The naysayers state that this is the end of Linux as we know it. I say "thank god". Let's face it, Linux as a desktop platform has been a pipe dream for years. Sure there are "easy" distributions like Ubuntu (my personal desktop favorite besides Novell Linux Enterprise Desktop) and Linspire.

Let's not kid ourselves the kind of movement that should be seen towards Linux as a desktop is just not happening. Well, that is probably about to change. But that is a longer view right now good things are happening on the Microsoft/Novell server environment.

Microsoft and Novell just announced that not only will SuSE Linux run virtualized on Windows server BUT Windows Longhorn (vaperware as yet?) will run paravitualized under XEN on SuSE. That is an earthquake my friends.

If that wasn't enough Microsoft and Novell are working togather on an open document translator that will allow Office, and OpenOffice, to share files transparently. Will wonders never cease.

I expect we will see many great collaborations between Microsoft and Novell in the future. Will Microsoft assimilate Novell? Maybe. Is this the end of Linux as we know it? Probably. Am I worried? Not at all.

Viva the end of the Revolution. Linux deserves to be mainstream and now it has a chance. After all can't you order a Dell PC with Linux pre-installed? Or can you... that is another blog my friends.

Good day

Ubuntu "Feisty Fawn" a step closer

Ubuntu is finalising preparations for the release of the next version -- dubbed Feisty Fawn -- of its popular Linux distribution in mid-April. Overnight, Ubuntu developer Tollef Fog Heen announced Ubuntu's main software repository had been frozen -- with no changes allowed to the code -- as the project prepared to release the fifth test version.I LIVE UBUNTU



read more | digg story

Computer glitch triggered Dow Jones plunge

NEW YORK (AP) - A computer glitch triggered a sudden plunge in the Dow Jones industrial average at mid-afternoon Tuesday, turning an already bad day in stocks into a head-turning spectacle.Now, if this could just work in the OTHER direction! Or, maybe a huge crash will occur and we can watch brokers fly out windows?



read more | digg story

Sun Strikes Back at Worm Targeting Telnet Bug

Sun Microsystems has issued an inoculation script for a worm exploiting a recently patched vulnerability in its Solaris 10 operating system.Wouldn't it be great if Microsoft would be this responsive!



read more | digg story

And California Makes Four

The big news of the day is that a legislator in California has decided that it is time to convince his colleagues that California should become the latest U.S. State to get on the open formats bandwagon. If the bill advances, it will the third such pieces of legislation to have been filed in recent weeks (the others are in Texas and Minnesota).



read more | digg story

Dell censors IdeaStorm Linux dissent

It seems pointless seeking ideas and feedback if you’re going to ignore and delete the ones you don’t like. That’s exactly what Dell is doing with its IdeaStorm web site, which has been set up by the company to solicit ideas and feedback. It deleted a post that linked to an article that criticized its handling of the "preinstalled Linux" issue.



read more | digg story

Dell censors IdeaStorm Linux dissent

It seems pointless seeking ideas and feedback if you’re going to ignore and delete the ones you don’t like. That’s exactly what Dell is doing with its IdeaStorm web site, which has been set up by the company to solicit ideas and feedback. It deleted a post that linked to an article that criticized its handling of the "preinstalled Linux" issue.It is Dell's own website and they should be allowed to use it in whatever fashion that they like. The only thing that I would have issue with is if Dell suggested that the site was an OPEN discussion forum and then deleted posts that did not meet an editorial criteria that is shared. It is obvious that the use for this site is driven by the marketing department.



read more | digg story

Konami Slot Machines display subliminal message of Wining Jackpot

The CBC has found that 'winning jackpot symbols' are displayed for a fifth of a second, every 2 seconds: The time it takes for one spin. Konami says it's a 'software glitch'. Ontario pulled the machines. Is that why it feels like the jackpot's always going to be that next / last pull?I think subliminal messages are a great idea. Does anybody remember the movie "They Live" with Rowdy Roddy Piper? There is a huge potential market for those really cool glasses that let you see the truth.



read more | digg story

Vista security overview: too little too late

Vista's Security is not all its cracked up to be. This article explains why.While I would never consider myself a Microsoft lover you have to admit that Vista IS better than XP. At least the 64bit version. If you have a 32 bit processor I would agree, stick with XP SP2 for now.As for shifting the blame to the user for insecure surfing habits this is correct. The computer does not infect itself. If a user does something stupid to infect their PC how is the OS going to stop that. Let me just fire up X-Windows as root on my trusty laptop and let's go surfing!



read more | digg story

SuperNova Not - Storm Large lost in portland!

Portland Oregon - February 17, 2007 - Memorial Coliseum - SuperNova Consert

First, where is Storm Large? A big disapointment that we did not see her at the SuperNova concert in her home town. On second thought that show as of such poor quality that I would not have shown up either.

After watching the second "Rockstar" show "Rockstar SuperNova" I had high hopes for the concert Friday the 17th, 2007 at the Memorial Coliseum in Portland Oregon. Having gone to the extremely good Rockstar INXS concert we were excited for the show. Unfortunately Supernova is a SuperDUD. If you want 40 minutes of screaming this is the act for you.

The only saving grace for the show as when Magni and Delanna performed. They rocked and I would have wished that they were the headliners.

Wow! My very own Blog

I will love it, and feed it, and take it out for walks.