Blackmoor Vituperative

The US Department of Homeland Security is insisting that Verisign hand over the master keys of the Internet.

If it succeeds, the US will be able to track DNS Security Extensions (DNSSec) all the way back to the servers that represent the name system’s root zone on the Internet.

Effectively it would mean that US spooks could snoop on anyone in the Worldwide wibble and place control of the Interweb tubes firmly in the paws of the US government.

(from The Inquirer, Homeland Security wants master key for the Internet)

Bluetooth headsets are “bling” for boring people: tacky ornamentation that serves no purpose (if you aren’t on the phone, having the thing in your ear serves no purpose), and which only shows the people around you how little taste you have.

It’s the exact opposite of “fashion“.

Not that fashion is all that great a concept to begin with.

Another day, another security hole in Internet Explorer.

Are you listening yet? Switch to Firefox.

Yes, there’s another security hole in Internet Explorer. In other news, water is wet, politicians are dishonest, and teen-agers are horny.

Switch to Firefox, you knuckleheads.

A year after its original launch, a U.S. government-backed project that scans open-source code for flaws is expanding.

The effort, supported by a research contract from the U.S. Department of Homeland Security, is now scanning code of 150 open-source projects, up from the original 50.

“This allows open-source developers to find and resolve defects introduced into the project,” David Maxwell, open-source strategist for Coverity, said in a statement. Coverity makes source-code analysis tools and shares the DHS contract with Stanford University and Symantec.

Since the start of the project, 6,000 bugs that were found have been fixed, according to Coverity. About 700 developers are now registered to access the bug data and 35 million lines of code are scanned every day, the company said.

(from ZDNet, Open-source bug hunt project expands)

On the one hand, I don’t think the federal government should be spending money on things like this. But that is because I don’t think the federal government should be spending money on anything other than what it is specifically given authority to spend money on by the US Constitution — and that ain’t much.

On the other hand, if it’s going to unconstitutionally rob Peter to pay Paul, at least Paul is doing something useful with it in this case. I’d much rather it fund debugging open source software than pay to put every American’s personal information on an expensive, insecure ID card where any identity thief who wants it can grab it.

MySpace.com on Tuesday said it has filed suit against Sanford Wallace, seeking to bar the “spam king” and his affiliated companies from the social-networking site.

In the suit, filed Friday in U.S. District Court for the Central District of California in Los Angeles, MySpace accuses Wallace of violating state and federal laws including the federal Can-Spam Act and California’s antispam and antiphishing statutes, the company said in a statement.

MySpace charges that Wallace launched a phishing scam in October to fraudulently access MySpace profiles. He also allegedly created profiles, groups and forums on MySpace, spammed thousands of users with unwanted advertisements and lured MySpace users to his Web sites, according to the complaint.

“Individuals who try to spam or phish our members are not welcome on MySpace,” Hemanshu Nigam, chief security officer for MySpace, said in the statement. The lawsuit seeks a permanent injunction barring Wallace and his affiliated companies from the MySpace site, in addition to unspecified monetary damages.

(from ZDNet, MySpace wants to bar ‘spam king’)

I think MySpace is a colossal waste of time and energy, but at least they are trying to do the right thing here. This guy Wallace is spamming, phishing, spyware-spreading scum.

Here’s a security tip. Never, ever log into any URL that has been emailed to you. Never.

Always go directly to the URL you have bookmarked (for your bank, let’s say), and log in there.

One of the most common scams I see nowadays is scumbags sending so-called “HTML mail” to their intended victims, and making that so-called “HTML mail” look like an official email from someone the victim does business with (eBay, PayPal, and various banks are the most common spoofed emails). In this so-called “HTML mail” there will be a Login button, or a what appears to be a web address. However, if you look at where this address actually goes, it goes to some scumbag piece of filth’s server, typically in China or Romania but it could just as easily be in Idaho, who then grabs your login and password and rob you of everything you have in that account, and then they sell it online to other scumbag pieces of filth on underground web sites.

There are two things you should learn from this.

1) So-called “HTML mail” is EVIL. Don’t send it. Don’t read it. Disable it in your email client if you can.

2) Never, ever log into a URL that has been emailed to you. Never, ever.

Almost two years ago, the FSF (Free Software Foundation) started work on the first update of the GNU GPL (General Public License) in over a decade. A last-minute hitch, though, is keeping the license from appearing.

The FSF announced at the May 2005 LinuxWorld Expo that the GPLv3 would be out soon . The project has taken a little longer than expected. At last report, the GPLv3 (GNU General Public License 3) was to be out by early 2007.

According to Peter Brown, the FSF’s executive director, “We continue to work on the details of the GPLv3 as it relates to the situation presented by the Novell and Microsoft deal. We are researching issues related to potential unintended consequences of the language we plan to adopt. As soon as we are satisfied with the results of our research we plan to bring forward the next draft.”

As written, the patent clauses in the Novell/Microsoft agreement do not violate the current terms of the GPLv2. The leader of the FSF and chief author of the GPL, Richard Stallman, explained at a GPL meeting in Tokyo in November 2006: “What has happened is, Microsoft has not given Novell a patent license, and thus, section 7 of GPL version 2 does not come into play. Instead, Microsoft offered a patent license that is rather limited to Novell’s customers alone.”

Stallman went on to say that “perhaps it’s a good thing that Microsoft did this now, because we discovered that the text we had written for GPL version 3 would not have blocked this, but it’s not too late and we’re going to make sure that when GPL version 3 really comes out it will block such deals.”

Sources close to the creation of the new version of the GPL believed that correcting this language wouldn’t take long to craft. If so, the GPLv3 would still have appeared by its last scheduled delivery date of January 15, 2007. That did not prove to be the case.

It now appears that there may be one more draft of the GPLv3 before the final version is released. [Sources believe] that the next draft should appear on or immediately before its annual associate member and activist meeting March 27 at the Massachusetts Institute of Technology in Cambridge, Mass.

(from eWeek, Where, Oh Where, Is the GPLv3?)

This is crazy. It’s like an arms race: companies like Microsoft keep trying to find new ways to screw people over, and the FSF keeps having to come up with new defenses against them. Well, I’m glad at least the FSF is in my corner.

Chile Hardware informs us that Intel has launched its Classmate PC in Chile:

Intel has just launched their educational portable computer, Classmate PC, in Chile. This is the first country that has available this sub-notebook which features a Celeron M at 900MHz, 256MB RAM, 2GB of NAND hard drive and runs either Linux or Windows. The retail price is something near 500 dollars and it can only be purchased by government offices. The distribution is in charge of Olidata, the regional partner of Uniwill, an ECS Elitegroup company.

Personally, I’m not sure why anyone would want this PC for $500. For just $100 more you can buy a notebook with significantly better specifications.

(DarkVision Hardware, Intel launches Classmate PC in Chile)

This is not a very good deal, in my opinion. I don’t know, though: maybe laptops cost a lot more in Chile than they do here in the USA.

77.4 percent of all email sent in February 2004 was spam. That is a 2 percent increase from January. (source: MessageLabs)

Personally, well over 90% of the email I get is spam.