Sunday, October 01, 2006

You know, if this is really as common as HP suggests, this is going to be a very impactive law!

http://in.tech.yahoo.com/060930/137/682pf.html

Schwarzenegger signs telephone privacy bill

By Reuters Saturday September 30, 06:50 AM

SAN FRANCISCO (Reuters) - California Gov. Arnold Schwarzenegger signed a law on Friday making it a crime to buy telephone records or obtain them through deceit, an issue that has become important amid a furore over Hewlett-Packard Co.'s attempts to track down boardroom leaks to the press.

... It applies to anyone who sells, buys, or conspires to buy or sell any records of telephone-calling patterns without the written consent of the subscriber, or anyone who obtains such records through fraud or deceit.

... Previous California law prohibited telephone companies from making such records available without first obtaining written permission from the subscriber, but did not lay out criminal penalties for doing so.

... The law also says that any personal telephone data obtained in a way that violates the law will be inadmissable as evidence in any legal or administrative proceeding.



It looks like the various players are tired of fencing with SCO. Yesterday IBM asked for a summary judgment, today its Novell...

http://yro.slashdot.org/article.pl?sid=06/09/30/135229&from=rss

Novell Files for Summary Judgment Against SCO

Posted by CowboyNeal on Saturday September 30, @09:22AM from the barristers-and-barring dept. Novell Caldera The Courts

rm69990 writes "Novell filed a motion with Judge Dale Kimball asking him to grant summary judgment or a preliminary injunction on Novell's claims that SCO wrongfully retained the money it received from Microsoft and Sun for their SVRX licensing and sublicensing agreements. Novell indicated over a year ago, when they initially filed their counterclaims against SCO, that they were planning on asking Judge Kimball to force SCO to turn over these monies. However, Novell only recently received the actual licensing agreements between SCO, Sun and Microsoft through discovery, despite demanding copies of them as early as 2003, and thus was unable to determine that SCO had breached the APA until now, which is why this motion is being filed so late in the case. This motion will likely bankrupt SCO if granted."



Tools & Techniques

http://blog.washingtonpost.com/securityfix/2006/09/snooping_on_your_online_search.html

Snooping on Your Online Searches

SAN DIEGO -- America Online took a lot of heat recently for disclosing what hundreds of thousands of AOL users had searched for online, but the truth is that stealing search results from any Internet user is well within the reach of all Web site owners, according to research published this week.

Atlanta-based security vendor SPI Dynamics released a white paper showing just how easy it is for a Web site owner to mine the recent search queries of anyone visiting the site just by using fairly simple Javascript code.

Javascript is a very powerful cross-platform programming language deployed on millions of Web sites, but it can also be an incredibly invasive tool in the hands of bad guys, as research presented at this year's Black Hat hacker conference made painfully clear.

Basing much of its research on that Black Hat talk, SPI Dynamics found that it is fairly easy for a Web site to use Javascript to check whether a visitor recently searched for a pre-defined list of phrases and/or words. To see this concept in action, navigate to Google.com and then run a search for a word or phrase. Then visit SPI Dynamics' proof-of-concept page, and type in the exact same word or phrase you entered at Google. The SPI page should return the same result you searched for in Google.

This exploit is somewhat limited, in that it requires the snooping Web site to establish a Web page with Javascript code that is already set up to mine a pre-defined set of search terms. But consider how powerful such a tool could be in the hands of a major online retailer, which might want to serve you ads for certain types of products based on the products you've been searching for online. More insidiously, consider a government Web site that queries whether you've searched for certain terms that might make you a target for further investigation, such as "porn," "bomb making," or certain types of illicit drugs.

There are plenty of permutations and different scary scenarios for this type of attack. And this exploit is not limited to Google, as a review of the source page for SPI's exploit shows. In theory, a Web site could use Javascript to query all kinds of information the user enters into a text form field or search engine.

In my experience, turning Javascript off in Internet Explorer tends to lead to kludgy results when browsing many sites, but I've come to love the "noscript" browser plugin or extension for Firefox, which blocks all Javascript by default and lets you decide which sites you trust to allow Javascript code. Obviously, that extension is not a foolproof approach, as even a site that you've marked safe for Javascript in Firefox could turn around and later use the code to probe your search results (or worse), but it's better than nothing.


This same type of resource could be used by any discipline – law, dog training, or snake handling...

http://digg.com/programming/OMG_A_list_of_25_Free_Video_COURSES_on_EVERYTHING_Computer_Science_FTW

OMG! A list of 25+ Free Video COURSES on EVERYTHING Computer Science! FTW!!

diggapleaze submitted by diggapleaze 12 hours 46 minutes ago (via http://freescienceonline.blogspot.com/2006/06/free-computer-science-video-lecture_24.html )

HUNDREDS of videos! Sorry for the sensational title, but I stumbled on this amazing list just now that someone put together of entire college COURSES on computer science. Computer Architecture, Operating System Analysis, Programming Languages, the list goes on and on. Spread the love! It's like getting a full college education for free!

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)