Friday, January 12, 2007

Sounds like they have everything under control... NOT!

http://www.ktvb.com/news/localnews/stories/ktvbn-jan1107-stolen_data.2df71504.html

Stolen UI computers likely have personal data for 70k

02:33 PM MST on Thursday, January 11, 2007 KTVB.COM

BOISE - Three desktop computers have disappeared from the University of Idaho’s Advancement Services office – and now school officials say the personal data of alumni, donors, employees and students may be in danger.

UI says someone stole the computers – and an internal investigation shows that as many as 70,000 social security numbers, names and addresses were stored on the hard drives six months before the theft.

School officials tell NewsChannel 7 that it is unclear if the data was still on the computers at the time of the theft. [“We have no idea what data is stored where.” Bob]

There is currently no evidence any of the data has been misused. The computers are still missing.

The school says it will notify more than 331,000 people who may have been exposed [“Remember, we don't have a clue...” Bob] – with those people living in the state of Idaho receiving an e-mail, and out-of-state folks will receive notice by US Mail. [“Because the Internet only works in Idaho...” Bob]

We deeply regret this incident and the worry and inconvenience it may cause, but we want to assure donors, alumni, students and employees that the University of Idaho is strengthening its processes for securing and storing our sensitive data,” University President Tim White said in a prepared statement.

The computers went missing over the Thanksgiving weekend – and school officials notified Moscow police, who forwarded the case on to the Latah County Sheriff’s Office. Law enforcement officials asked the school to delay notifying those potentially affected.

A special website has been set up – www.identityalert.uidaho.edu, and ahotline established – (866) 351-1860.

UI says it is taking steps to improve security, including physical and digital methods.



This was awfully quick...

http://www.timesdispatch.com/servlet/Satellite?pagename=RTD/MGArticle/RTD_BasicArticle&c=MGArticle&cid=1149192605701

Arrest made in Altria laptop case

Richmond Times-Dispatch Thursday, January 11, 2007

New York police have made an arrest in the theft of five laptops containing the names of about 18,000 past and present employees of Altria, the parent company of Philip Morris USA in Richmond.

Altria spokeswoman Lisa Gonzalez said Philip Morris has sent e-mails and letters to many of its 6,300 area employees whose names, social security numbers and other pension-related information were found on the stolen computers.

The theft occurred in late November in the New York City offices of Towers Perrin, which handles pension and benefit consulting for Altria. Employees at other branches of the company, including Kraft Foods and Philip Morris International, also have been notified.

Altria and Towers Perrin waited to inform the affected employees until after police made an arrest on Dec. 28. Towers Perrin said in its letter that "we have no reason to believe that your information has been misused."

Dewayne Rivers, 30, of Brooklyn, has been charged in the theft. Towers Perrin described Rivers as "a junior-level administrative employee" at its New York offices.

Rivers was released Dec. 28 on $10,000 bail and has an April 5 court date, a spokesman for the Manhattan District Attorney's office said today.


...and this was quite predictable.

http://www.upi.com/NewsTrack/view.php?StoryID=20070111-075324-5127r

Report: VA bridled at security requests

WASHINGTON, Jan. 11 (UPI) -- The Department of Veterans Affairs in Washington didn't take seriously congressional requests to safeguard veterans' information, The Hill reported.

The Capitol Hill newspaper said a tape recording of a meeting between lawmakers and VA officials shows a veterans affairs official accusing Congress of engaging in a power play over the handling of veterans' personal data stored on computers.

The Hill published a portion of the tape in which VA official Dr. Joseph Francis said: "If you want to know what's the real purpose of the data call, read Machiavelli. It's about power; it's about Congress saying, 'VA, you're accountable to us.'"

Security questions originally arose last May when a Veterans Affairs employee took his work computer home, where and it was subsequently stolen. The computer contained the medical and personal information on some 26.5 million veterans and military personnel.

The laptop was eventually recovered, but the theft raised an alarm on Capitol Hill to protect such information in the future.

The Hill said it obtained the recording from a researcher who attended the meeting. [Another one of those pesky security leaks made possible by technology. Bob]



Attention e-Discovery experts! (The Maalox is in the medicine chest...)

http://www.nytimes.com/2007/01/11/technology/11email.html?ex=1326171600&en=499e65a9fea2201d&ei=5088&partner=rssnyt&emc=rss

Firms Fret as Office E-Mail Jumps Security Walls

By BRAD STONE January 11, 2007

SAN FRANCISCO, Jan. 10 — Companies spend millions on systems to keep corporate e-mail safe. If only their employees were as paranoid.

A growing number of Internet-literate workers are forwarding their office e-mail to free Web-accessible personal accounts offered by Google, Yahoo and other companies. Their employers, who envision corporate secrets leaking through the back door of otherwise well-protected computer networks, are not pleased.

“It’s a hole you can drive an 18-wheeler through,” said Paul D. Myer, president of the security firm 8E6 Technologies in Orange, Calif.

It is a battle of best intentions: productivity and convenience pitted against security and more than a little anxiety.

Corporate techies — who, after all, are paid to worry — want strict control over internal company communications and fear that forwarding e-mail might expose proprietary secrets to prying eyes. Employees just want to get to their mail quickly, wherever they are, without leaping through too many security hoops.

Corporate networks, which typically have several layers of defenses against hackers, can require special software and multiple passwords for access. Some companies use systems that give employees a security code that changes every 60 seconds; this must be read from the display screen of a small card and typed quickly.

That is too much for some employees, especially when their computers can store the passwords for their Web-based mail, allowing them to get right down to business.

So far, no major corporate disasters caused by this kind of e-mail forwarding have come to light. But security experts say the risks are real. For example, the flimsier security defenses of Web mail systems could allow viruses or spyware to get through, and employees could unwittingly download them at the office and infect the corporate network.

Also, because messages sent from Web-based accounts do not pass through the corporate mail system, companies could run afoul of federal laws that require them to archive corporate mail and turn it over during litigation.

Lawyers in particular wring their hands over employees using outside e-mail services. They encourage companies to keep messages for as long as necessary and then erase them to keep them out of the reach of legal foes. Companies have no control over the life span of e-mail messages in employees’ Web accounts.

“If employees are just forwarding to their Web e-mail, we have no way to know what they are doing on the other end,” said Joe Fantuzzi, chief executive of the information security firm Workshare. “They could do anything they want. They could be giving secrets to the K.G.B.”

Hospitals have an added legal obligation to protect patient records. But when DeKalb Medical Center in Atlanta started monitoring its staff use of Web-based e-mail, it found that doctors and nurses routinely forwarded confidential medical records to their personal Web mail accounts — not for nefarious purposes, but so they could continue to work from home.

In the months after the hospital began monitoring traffic to Web e-mail services, it identified “a couple hundred incidents,” said Sharon Finney, DeKalb’s information security administrator. “I was surprised about the lack of literacy about the technology we depend on every day,” she said.

DeKalb now forbids the practice, and uses several software systems that monitor the hospital’s outbound e-mail and Web traffic. Ms Finney said she still catches four to five perpetrators a month trying to forward hospital e-mail.

The Web mail services may also be prone to glitches. Last month, Google fixed a bug that caused the disappearance of “some or all” of the stored mail of around 60 users. A week later, it acknowledged a security hole that could have exposed its users’ address books to Internet attackers.

... Many corporate technology professionals express the fear that Google and its rivals may actually own the intellectual property in the e-mail that resides on their systems. [Huh? Bob] Gmail’s terms of service, however, state that e-mail belongs to the user, not to Google. The company’s automated software does scan messages in Gmail, looking for keywords that might generate related text advertisements on the page. A Google spokeswoman said the company has an extensive privacy policy to ensure no humans at Google read user e-mail.



New term?

http://www.azstarnet.com/allheadlines/164048.php

Guest Opinion: Bruce Schneier

Technology giving DPS more power to spy on us

Tucson, Arizona | Published: 01.11.2007

The Arizona Department of Public Safety has a new law-enforcement tool: a car-mounted license-plate scanner. Similar to a radar gun, it reads the license plates of moving or parked cars — 250 or more per hour — and links with remote police databases, immediately providing information about the car and owner.

On the face of it, this is nothing new. Police have always been able to run a license plate. The difference is they would do it manually, and that limited its use. It simply wasn't feasible for police to run the plates of every car in a parking garage or every car that passed through an intersection. What's different isn't the police tactic, but the efficiency of the process.

Technology is fundamentally changing the nature of surveillance. Years ago, surveillance meant trench-coated detectives following people down streets. It was laborious and expensive and was used only when there was reasonable suspicion of a crime. Modern surveillance is the policeman with a license-plate scanner, or even a remote license-plate scanner mounted on a traffic light and a policeman sitting at a computer in the station.

It's the same, but it's completely different. It's wholesale surveillance. [I've been calling it “ubiquitous surveillance” but this is a better term. Lots of people probably don't understand “ubiquitous” Bob] And it disrupts the balance between the powers of the police and the rights of the people.

Wholesale surveillance is fast becoming the norm. Automatic toll-collection systems record when individual cars pass through toll booths. We can all be tracked by our cell phones. Our purchases are tracked by banks and credit-card companies, our telephone calls by phone companies, our Internet surfing habits by Web site operators.

The effects of wholesale surveillance on privacy and civil liberties are profound; but, unfortunately, the debate often gets mischaracterized as a question about how much privacy we need to give up in order to be secure. This is wrong. It's obvious that we are all safer when the police can use all techniques at their disposal. What we need are corresponding mechanisms to prevent abuse and that don't place an unreasonable burden on the innocent. [I agree! Bob]

Throughout our nation's history, we have maintained a balance between the necessary interests of the police and the civil rights of the people.

The search-warrant process, as prescribed in the Fourth Amendment, is such a balancing method. So is the minimization requirement for telephone eavesdropping: The police must stop listening to a phone line if the suspect under investigation is not talking.

For license-plate scanners, one obvious protection is to require the police to erase data collected on innocent car owners immediately and not save it. The police have no legitimate need to collect data on everyone's driving habits. Another is to allow car owners access to the information about them used in these automated searches and to allow them to challenge inaccuracies.

We need to go further. Criminal penalties are severe in order to create a deterrent, because it is hard to catch wrongdoers. As they become easier to catch, a realignment is necessary. When the police can automate the detection of a wrongdoing, perhaps there should no longer be any criminal penalty attached. For example, both red-light cameras and speed-trap cameras should issue citations without any "points" assessed against the driver. [Interesting argument. Not sure I agree. Bob]

Wholesale surveillance is not simply a more efficient way for the police to do what they've always done. It's a new police power, one made possible with today's technology and one that will be made easier with tomorrow's.

And with any new police power, we as a society need to take an active role in establishing rules governing its use. To do otherwise is to cede ever more authority to the police.



Bruce again. Here's an article that explains why all those stolen laptops with password aren't as secure as the victim organizations pretend...

http://www.wired.com/news/columns/0,72458-0.html?tw=rss.politics

Secure Passwords Keep You Safer

By Bruce Schneier 02:00 AM Jan, 11, 2007

Ever since I wrote about the 34,000 MySpace passwords I analyzed, people have been asking how to choose secure passwords.

My piece aside, there's been a lot written on this topic over the years -- both serious and humorous -- but most of it seems to be based on anecdotal suggestions rather than actual analytic evidence. What follows is some serious advice.

The attack I'm evaluating against is an offline password-guessing attack. This attack assumes that the attacker either has a copy of your encrypted document, or a server's encrypted password file, and can try passwords as fast as he can. There are instances where this attack doesn't make sense. ATM cards, for example, are secure even though they only have a four-digit PIN, because you can't do offline password guessing. And the police are more likely to get a warrant for your Hotmail account than to bother trying to crack your e-mail password. Your encryption program's key-escrow system is almost certainly more vulnerable than your password, as is any "secret question" you've set up in case you forget your password.

Offline password guessers have gotten both fast and smart. AccessData sells Password Recovery Toolkit, or PRTK. Depending on the software it's attacking, PRTK can test up to hundreds of thousands of passwords per second, and it tests more common passwords sooner than obscure ones.

So the security of your password depends on two things: any details of the software that slow down password guessing, and in what order programs like PRTK guess different passwords.

Some software includes routines deliberately designed to slow down password guessing. Good encryption software doesn't use your password as the encryption key; there's a process that converts your password into the encryption key. And the software can make this process as slow as it wants.

The results are all over the map. Microsoft Office, for example, has a simple password-to-key conversion, so PRTK can test 350,000 Microsoft Word passwords per second on a 3-GHz Pentium 4, which is a reasonably current benchmark computer. WinZip used to be even worse -- well over a million guesses per second for version 7.0 -- but with version 9.0, the cryptosystem's ramp-up function has been substantially increased: PRTK can only test 900 passwords per second. PGP also makes things deliberately hard for programs like PRTK, also only allowing about 900 guesses per second. [“Only” Bob]

When attacking programs with deliberately slow ramp-ups, it's important to make every guess count. A simple six-character lowercase exhaustive character attack, "aaaaaa" through "zzzzzz," has more than 308 million combinations. And it's generally unproductive, because the program spends most of its time testing improbable passwords like "pqzrwj."

According to Eric Thompson of AccessData, a typical password consists of a root plus an appendage. A root isn't necessarily a dictionary word, but it's something pronounceable. An appendage is either a suffix (90 percent of the time) or a prefix (10 percent of the time).

So the first attack PRTK performs is to test a dictionary of about 1,000 common passwords, things like "letmein," "password1," "123456" and so on. Then it tests them each with about 100 common suffix appendages: "1," "4u," "69," "abc," "!" and so on. Believe it or not, it recovers about 24 percent of all passwords with these 100,000 combinations.

Then, PRTK goes through a series of increasingly complex root dictionaries and appendage dictionaries. The root dictionaries include:

* Common word dictionary: 5,000 entries

* Names dictionary: 10,000 entries

* Comprehensive dictionary: 100,000 entries

* Phonetic pattern dictionary: 1/10,000 of an exhaustive character search

The phonetic pattern dictionary is interesting. It's not really a dictionary; it's a Markov-chain routine that generates pronounceable English-language strings of a given length. For example, PRTK can generate and test a dictionary of very pronounceable six-character strings, or just-barely pronounceable seven-character strings. They're working on generation routines for other languages.

PRTK also runs a four-character-string exhaustive search. It runs the dictionaries with lowercase (the most common), initial uppercase (the second most common), all uppercase and final uppercase. It runs the dictionaries with common substitutions: "$" for "s," "@" for "a," "1" for "l" and so on. Anything that's "leet speak" is included here, like "3" for "e."

The appendage dictionaries include things like:

* All two-digit combinations

* All dates from 1900 to 2006

* All three-digit combinations

* All single symbols

* All single digit, plus single symbol

* All two-symbol combinations

AccessData's secret sauce is the order in which it runs the various root and appendage dictionary combinations. The company's research indicates that the password sweet spot is a seven- to nine-character root plus a common appendage, and that it's much more likely for someone to choose a hard-to-guess root than an uncommon appendage.

Normally, PRTK runs on a network of computers. Password guessing is a trivially distributable task, and it can easily run in the background. A large organization like the Secret Service can easily have hundreds of computers chugging away at someone's password. A company called Tableau is building a specialized FPGA hardware add-on to speed up PRTK for slow programs like PGP and WinZip: roughly a 150- to 300-times performance increase.

How good is all of this? Eric Thompson estimates that with a couple of weeks' to a month's worth of time, his software breaks 55 percent to 65 percent of all passwords. (This depends, of course, very heavily on the application.) Those results are good, but not great.

But that assumes no biographical data. Whenever it can, AccessData collects whatever personal information it can on the subject before beginning. If it can see other passwords, it can make guesses about what types of passwords the subject uses. How big a root is used? What kind of root? Does he put appendages at the end or the beginning? Does he use substitutions? ZIP codes are common appendages, so those go into the file. So do addresses, names from the address book, other passwords and any other personal information. This data ups PRTK's success rate a bit, but more importantly it reduces the time from weeks to days or even hours.

So if you want your password to be hard to guess, you should choose something not on any of the root or appendage lists. You should mix upper and lowercase in the middle of your root. You should add numbers and symbols in the middle of your root, not as common substitutions. Or drop your appendage in the middle of your root. Or use two roots with an appendage in the middle.

Even something lower down on PRTK's dictionary list -- the seven-character phonetic pattern dictionary -- together with an uncommon appendage, is not going to be guessed. Neither is a password made up of the first letters of a sentence, especially if you throw numbers and symbols in the mix. And yes, these passwords are going to be hard to remember, which is why you should use a program like the free and open-source Password Safe to store them all in. (PRTK can test only 900 Password Safe 3.0 passwords per second.)

Even so, none of this might actually matter. AccessData sells another program, Forensic Toolkit, that, among other things, scans a hard drive for every printable character string. It looks in documents, in the Registry, in e-mail, in swap files, in deleted space on the hard drive ... everywhere. And it creates a dictionary from that, and feeds it into PRTK.

And PRTK breaks more than 50 percent of passwords from this dictionary alone.

What's happening is that the Windows operating system's memory management leaves data all over the place in the normal course of operations. You'll type your password into a program, and it gets stored in memory somewhere. Windows swaps the page out to disk, and it becomes the tail end of some file. It gets moved to some far out portion of your hard drive, and there it'll sit forever. Linux and Mac OS aren't any better in this regard.

I should point out that none of this has anything to do with the encryption algorithm or the key length. A weak 40-bit algorithm doesn't make this attack easier, and a strong 256-bit algorithm doesn't make it harder. These attacks simulate the process of the user entering the password into the computer, so the size of the resultant key is never an issue.

For years, I have said that the easiest way to break a cryptographic product is almost never by breaking the algorithm, that almost invariably there is a programming error that allows you to bypass the mathematics and break the product. A similar thing is going on here. The easiest way to guess a password isn't to guess it at all, but to exploit the inherent insecurity in the underlying operating system.


So what are organizations doing about that? Here's one idea.

http://news.com.com/2100-7355_3-6149722.html?part=rss&tag=2547-1_3-0-5&subj=news

PayPal to offer password key fobs to users

Passwords generated for one-time use are designed to increase security for PayPal and its account holders.

By Joris Evers Staff Writer, CNET News.com Published: January 11, 2007, 5:55 PM PST

eBay is getting ready to offer its PayPal users a password-generating key fob that promises to increase the security of the online payment service.

The device displays a new one-time password in the form of a six-digit code about every 30 seconds. PayPal clients who opt to use the device will enter this password along with their regular credentials when signing into the service. The key fob is meant as another weapon in the battle on data-thieving phishing scams.



Is this another Sony Management error?

http://www.sgknox.com/2007/01/11/no-porn-on-blu-ray/

No Porn On Sony HD-DVD Blu-ray?

Thursday, January 11th, 2007 | 8:15 pm

Has Sony gone mad? Prominent adult movie producer Digital Playground (site) says it is forced to use HD DVD instead of Blu-ray, because Sony does not allow XXX-rated movies to be released on Blu-ray.

It does not matter how you stand to porn. It is here and it is a massive business. It is also an industry that is an early adopter for new media technology. VHS might not have won with out the adult film industry adopting it. [Yes, they are that significant! At least, they were back then. Bob]

German Heise has interviewed Joone the founder of Digital Playgrounds at the AVN 2007 show in Las Vegas. Joone says actually said last year he is committed to Blu-ray. Now they announced four HD DVD titles in the United States. In the interview Joone says he was forced to use HD DVD, because no Blu-ray disc manufacturer would make his discs, because Sony was against it and they would loose their license.

If this holds true, Blu-ray is at a major disadvantage and could fail.



Gee, those RFID chips must have greater range than we've been told...

http://yro.slashdot.org/article.pl?sid=07/01/11/2021244&from=rss

MINI Introduces RFID-Activated Billboards

Posted by kdawson on Thursday January 11, @04:30PM from the L.A.-Story-meets-Minority-Report dept. Privacy

frinkster writes "MINI USA has placed interactive billboards in 4 US cities (Chicago, Miami, New York and San Francisco) and invited a few hundred MINI owners in those cities to join their targeted 'advertisement' pilot program. The owners sign up on MINI's website and receive an RFID keyfob in the mail. When that MINI owner drives by the billboard, a targeted message appears. Each owner tells MINI what to show when they drive by, such as 'Jim, you are one sexy beast.' If the pilot program is successful, MINI plans to put up more billboards in more cities and allow every owner to participate. MINI swears that no personal information in contained in the keyfobs and that all communication between the MINI and the owner is subject to their privacy policy and thus the program is completely safe. But how well will they keep their billboard logs away from the prying eyes of law enforcement or private detectives? And what are they doing to prevent 'hackers' from changing the personal messages to insults, such as 'Jim, nice to see you finally emerge from your mother's basement'?"

MINI calls the interactive billboards "Motherboards." [Think they left out a couple of syllables? Bob]



Tools & Techniques for the serious invader of privacy?

http://news.com.com/2061-11128_3-6149531.html?part=rss&tag=2547-1_3-0-5&subj=news

Company with a camera that sees through walls gets $14 million

January 11, 2007 12:36 PM PST

Camero, a company out of Israel that has developed a camera that can "see" things through solid walls, has raised $14 million, bringing the total is has raised to $20 million.

The investment comes about four months after it showed off a prototype of the Xaver800 and began to sell systems to customers. Investors include Greylock Partners, Motorola Ventures and Walden.

The Xaver800 doesn't technically capture images directly. Instead, it issues ultrawideband signals and the data harvested is then used to create 3D models of things the signals bounced off of. The trick is that the camera can capture the signals in cluttered environments or through solid objects. Researchers at U.S. universities are working on similar projects.

The camera is only sold to military and police agencies.

Camero's work typifies the state of the growing high tech industry in Israel. While some multinationals have come out of the country, the local industry thrives mostly on scads of start-ups with relatively futuristic technologies, often associated with the military.

As a result, it's one of the places on the globe where the IPO is still a big deal. Last year, 20 Israeli companies held public offerings. More tech IPOs occurred in the U.S. but the U.S. is also bigger. Seventy six local companies got merged or acquired. The total value of mergers came to $10.6 billion, according to the Israel Venture Capital Research Center.



Don't tell the RIAA, tell your neighborhood garage band...

http://slashdot.org/article.pl?sid=07/01/11/002201&from=rss

Download Only Song to Crack the Top 40

Posted by samzenpus on Wednesday January 10, @10:03PM from the all-shook-up dept. Music The Internet

nagora writes "The BBC is reporting that next week's UK music chart may have the first sign of the end of the recording industry as we know it. From this week (7th Jan, 2006), all downloaded music sales are counted in the official UK chart, not just tracks which have had a physical media release. Now, an unsigned band called Koopa is poised to enter the top 40 without any old-world recording, distribution, or production deals. Band member Joe Murphy says "If someone comes along and gives us an offer, we'll talk to them." before continuing on to add the words the recording industry has been having nightmares about since the introduction of the mp3 format: "If we can get enough exposure and get in the top 40 by the end of the week, do we necessarily need a large label? Probably nowadays, no you don't." Is this finally the crack in the dam we've all been waiting for to wash away the entrenched monopolies of 20th century music production? Or just a sell-out waiting to happen?"


While we're on the subject of the RIAA...

http://techdirt.com/articles/20070110/004225.shtml

History Repeats Itself: How The RIAA Is Like 17th Century French Button-Makers

from the no,-seriously... dept

As regular readers know, I've been working through a series of posts on how economics works when scarcity is removed from some areas. I took a bit of a break over the holidays to catch up on some reading, and to do some further thinking on the subject (along with some interesting discussions with people about the topic). One of the books I picked up was one that I haven't read in well over a decade, but often recommend to others to read if they're interested in learning more about economics, but have no training at all in the subject. It's Robert L. Heilbroner's The Worldly Philosophers. Beyond giving readers a general overview of a variety of different economic theories, the book actually makes them all sound really interesting. It's a good book not necessarily because of the nitty gritty of economics (which it doesn't cover), but because it makes economics interesting, and gives people a good basis to then dig into actual economic theory and not find it boring and meaningless, but see it as a way to better understand what these "philosophers" were discussing.

Reading through an early chapter, though, it struck me how eerily a specific story Heilbroner told about France in 1666 matches up with what's happening today with the way the recording industry has reacted to innovations that have challenged their business models. Just two paragraphs highlight a couple of situations with striking similarities to the world today:

"The question has come up whether a guild master of the weaving industry should be allowed to try an innovation in his product. The verdict: 'If a cloth weaver intends to process a piece according to his own invention, he must not set it on the loom, but should obtain permission from the judges of the town to employ the number and length of threads that he desires, after the question has been considered by four of the oldest merchants and four of the oldest weavers of the guild.' One can imagine how many suggestions for change were tolerated.

Shortly after the matter of cloth weaving has been disposed of, the button makers guild raises a cry of outrage; the tailors are beginning to make buttons out of cloth, an unheard-of thing. The government, indignant that an innovation should threaten a settled industry, imposes a fine on the cloth-button makers. But the wardens of the button guild are not yet satisfied. They demand the right to search people's homes and wardrobes and fine and even arrest them on the streets if they are seen wearing these subversive goods."

Requiring permission to innovate? Feeling entitled to search others' property? Getting the power to act like law enforcement in order to fine or arrest those who are taking part in activities that challenge your business model? Don't these all sound quite familiar? Centuries from now (hopefully much, much sooner), the actions of the RIAA, MPAA and others that match those of the weavers and button-makers of 17th century France will seem just as ridiculous.



Oh wait, we didn't mean that either...”

http://linux.slashdot.org/article.pl?sid=07/01/11/1434224&from=rss

SCO Files To Amend Claims To IBM Case, Again

Posted by kdawson on Thursday January 11, @09:48AM from the give-it-up dept. Caldera Linux

UnknowingFool writes "SCO filed a motion to allow it to change its claims against IBM. Again. A brief recap: In December 2005, SCO was supposed to finally list all claims against IBM. This was the Final Disclosure. In May 2006, SCO filed its experts reports to the court which discussed subjects beyond those in the Final Disclosure. Naturally, IBM objected and wanted to remove certain allegations. Judge Wells ruled from the bench and granted IBM's motion: SCO's experts cannot discuss subjects that were not in the Final Disclosure. Now, SCO wants to amend the December 2005 Final Disclosure to include other allegations."



This is also a good way to carry your hacking tools... Er... So I've been told. (Naturally this crashed the site...)

http://digg.com/software/Carry_a_PC_Repair_System_on_a_USB_Drive

Carry a PC Repair System on a USB Drive

The Daily Cup of Tech computer help site put together a USB-drive based collection of software that'll help you resuscitate any ailing PC. All wrapped up into one convenient, 14.2MB zip file, the USB PC Repair System contains 37 fix-it utilities (via Lifehacker)

http://www.dailycupoftech.com/Downloads/PCRepairSystem.zip

No comments: