1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

VERY,VERY HOT READS, I Would Read The News In This Thread This Thead Is To post Any Thing Ye Want About The News,,NEWS WAS MOVED,READ MY FIRST POS...

Discussion in 'Safety valve' started by ireland, Jan 4, 2006.

  1. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    HOT NEWS IF YE ARE USING MICROSOFT OFFICE


    Patent spat forces businesses to upgrade Office



    By Ina Fried
    Staff Writer, CNET News.com
    Published: January 30, 2006, 11:19 AM PST
    Tell us what you think about this storyTalkBack E-mail this story to a friendE-mail View this story formatted for printingPrint

    Microsoft has begun e-mailing its corporate customers worldwide, letting them know that they may need to start using a different version of Office as a result of a recent legal setback.

    The software maker said Monday that it has been forced to issue new versions of Office 2003 and Office XP, which change the way Microsoft's Access database interacts with its Excel spreadsheet.

    The move follows a verdict last year by a jury in Orange County, Calif., which found in favor of a patent claim by Guatemalan inventor Carlos Armando Amado. Microsoft was ordered to pay $8.9 million in damages for infringing Amado's 1994 patent. That award covered sales of Office between March 1997 and July 2003.

    "It was recently decided in a court of law that certain portions of code found in Microsoft Office Professional Edition 2003, Microsoft Office Access 2003, Microsoft Office XP Professional and Microsoft Access 2002 infringe a third-party patent," Microsoft said in an e-mail to customers. "As a result, Microsoft must make available a revised version of these products with the allegedly infringing code replaced."

    Although existing customers can keep using older versions on current machines, any new installations of Office 2003 will require Service Pack 2, released by Microsoft in September. Office XP will need to be put into use with a special patch applied.

    Microsoft is also recommending that customers update their existing software with the new code.

    "We understand that this will create an inconvenience for a small percentage of our customers and are committed to working with them through the process and easing the inconvenience as best as possible," Sunny Jensen Charlebois, a Microsoft senior product manager, said in a statement to CNET News.com. The company is readying an all-new version of Office, code-named Office 12, that is due out later this year.

    Microsoft would not say how many customers are affected, but said it is likely only a "small fraction" of Office users. However, the company appears to be requiring all companies to use the new version from now on, so most large organizations could be affected by the move.

    The software maker started notifying customers this month, in an e-mail sent via its sales channel. All those affected will have been informed by next month, Microsoft said.

    Gartner analyst Michael Silver said it is hard to estimate the cost to customers, but said it is a significant impact for companies to move to a new service pack of a major program such as Office.

    "It's probably a multimonth effort" for companies that want to double-check that key databases and critical Excel macros all work, Silver said. The other option is to "roll the dice" and just switch to the new software, but "most companies don’t want to do that with critical resources," he added.

    The question for companies, though, is if they are exposing themselves to potential legal liability if they don't quickly move to the new software. Microsoft promises to indemnify customers from third-party patent claims, but Silver said the license terms also require customers to "immediately" move to any new noninfringing version that Microsoft releases.

    "Immediate is pretty quick," Silver said. "It would be nice if there was some sort of time line that says you have to do it within six months or a year."

    http://news.com.com/Patent+spat+for...+Office/2100-1014_3-6032870.html?tag=nefd.top
     
  2. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Ten Best Intranets of 2006

    Summary:
    This year, we saw increased use of multimedia, e-learning, internal blogs, and mobile access. Winning companies also encouraged consistent design by emphasizing training for content contributors.

    The ten best-designed intranets for 2006 are:

    * Allianz Australia Insurance, Australia
    * ALTANA Pharma AG, Germany
    * Bank of Ireland Group, Ireland
    * Capital One, USA
    * IBM, USA
    * Merrill Lynch, USA
    * METRO Group, Germany
    * O2, UK
    * Staples, USA
    * Vodafone, UK

    This is the first year in which a majority of the winners hail from outside the United States, underlining the continued growth of good intranet design around the world. In fact, the globalization of good intranet design is actually greater than what this simple list implies; many of the winning companies are highly multinational, with team members operating in multiple countries. At Vodafone, for example, intranet technology is managed from Germany, with development efforts occurring in California, Spain, Italy, and Egypt.

    This year's winners are all large companies, with an average size of 80,000 employees. In previous years, we've always had winners with only a few hundred employees, but this year the smallest company has 3,000 employees. It might be that large companies are finally making intranet quality a high priority, and thus their more substantial resources make it harder for smaller companies to compete. One year's results, however, are insufficient to confirm such a trend.

    In any case, while smaller organizations might not have the resources to implement as many features, they can apply many of the lessons learned from large companies' design efforts.

    One trend from earlier years that persists is the strong showing for financial companies. This year, financial companies represent 40% of the winners, while manufacturing companies continue to be underrepresented. The possible reason for this is that financial companies have a tradition of emphasizing usability and white-collar productivity, while manufacturing companies have historically focused on physical concerns and thus have less experience in creating good screen-based designs.
    Continuing Trends
    One notable trend from past competitions -- to enforce a consistent look and feel across the intranet -- is even more prominent this year. Almost all winners have active programs in place to evangelize templates and design standards.

    Several winning intranets have special training activities for content contributors, teaching them how to use design templates correctly and how to produce optimal intranet pages. Templates, after all, give users some leeway in applying styles and layouts. Authors therefore need training to employ templates correctly and thus maintain a consistent intranet design.

    To further this goal, Bank of Ireland, for one, offers an extensive, searchable knowledge base with tips for intranet publishers. Such training support is necessary to achieve a unified intranet design. It's not enough to simply publish rules and design standards; you must teach them as well.

    Another continuing trend we saw was the use of task-based information architectures, rather than IAs based on a company’s business units.

    Navigation systems have become very complete, with good global and local navigation. Companies typically present navigation in the left column of a page, running utility features across the top of the page. Many of the winning intranets also make excellent use of breadcrumbs to further help users orient themselves in the large information spaces found on today’s intranets.

    Another earlier trend that continues to hold for many of this year's winners is the use of kiosks to allow intranet access for employees who don't work in offices. Staples even has kiosks in its stores that let employees show shoppers a special intranet version limited to information that helps facilitate sales. Conversely, the Bank of Ireland intranet contains selected Web content for branch personnel who don't have access to the public Internet from their work terminals.
    Technology Diversity
    As in previous years, the technology used to implement intranets shows astounding diversity. Across the ten winning companies, the teams used a total of 54 different products. Clearly, we're far from a consolidated market in which one or two dominant providers offer everything you need. Instead, intranet teams must stitch together their own solutions with multiple parts from multiple vendors. In fact, 40% of the winners had to custom build their own content management systems (CMS).

    This year's most-used products were Apache, Autonomy, BEA Portal, EMC Documentum, IBM WebSphere, J2EE, Lotus Domino and Lotus Notes, Lucene search engine, Microsoft SQL, Oracle database, Verity, and various versions of Windows servers.
    Multimedia
    Most of this year's winners make significant use of video on their intranets, taking advantage of the high bandwidths usually found on corporate networks. Vodafone probably has the most extensive integration of video, with a special Vodafone TV area featuring video from a global team of correspondents.

    Poorly used, intranet videos can substantially reduce productivity. It's important, for example, to correctly set users' expectations so that they only click through to videos they actually want to see. Merrill Lynch links to videos through a highly effective gateway page that offers a concise summary of the video's event, along with information about the featured speakers. The time required to write such pages is nothing compared to the time it can save thousands of employees.

    Multimedia doesn't have to entail video; simpler media types also have their place. For example, IBM's employee directory includes audio files with the pronunciation of people's names -- a particularly useful feature in a multinational company.
    Web Trends on Intranets
    In addition to increased video use, we see many other general Web trends migrating to the intranet realm. This makes sense, since most employees use websites for business or in their private lives. Thus, they often come to expect or even demand specific features or design approaches commonly found on the Web.

    A striking example of this is ALTANA's system for ordering supplies. The system uses a full-fledged e-commerce metaphor, complete with shopping cart. People are accustomed to picking products in a certain way -- why not leverage this knowledge by designing a feature they already know how to use? Another good example is the IBM intranet's extensive use of weblogs, including a powerful dashboard interface that lets users monitor other blogs, as well as follow-ups to their own postings and comments. Despite considerable Web hype, however, we're not seeing much business blogging in most companies.

    More targeted, task-related tools tend to work better. Staples, for example, offers a blog-like feature where store managers inform each other about their progress in preparing for advertised sales offers. But, rather than offer this feature in a separate community area, Staples has a simple notepad-like annotation field in the intranet area where managers view the advertising circulars. These are just-in-time, just-in-place notes -- just for this one crucial task.

    Finally, we spotted a contra-trend: the first good use of overlay graphics (where an image appears on top of the content). On the Web, this is one of the most annoying and repellant advertising techniques. Nonetheless, Allianz Australia effectively uses overlays to highlight and explain useful new intranet features. Of course, we usually caution against using techniques associated with hated Web design approaches. Do so only with extreme care and only when you're sure that the intranet's special circumstances allow the technique to add value.
    Mobile Access
    Although mobile intranet is not yet widespread, several of this year's winners support mobile features. O2 has a special mobile edition of its intranet that’s optimized for the BlackBerry and strips the homepage down to a few of its most useful links. O2 also nicely integrates the employee directory with mobile features, for example by allowing users to send an SMS with someone's contact information from the directory to their cell phone.

    Vodafone -- the other telecommunications carrier among this year's winners -- also offers extensive mobile access to its intranet, with simplified pages for smartphones. Its mobile intranet scales back content services, using fewer headlines so users can scan news listings on a smaller screen. Important applications, including the employee directory, have special user interfaces optimized for mobile access.

    These mobile-oriented screens drive home the fact that mobile devices and networks have evolved to the point where they can be extremely useful for business people when they're away from the office. Mobile devices are no longer just phones; they're also intranet extensions -- at least when the intranet has features designed for smaller screens. This trend toward offering intranet access from mobile devices will surely continue as an understanding of the concept's value extends beyond the telecommunications companies that are currently leading the way (because of their early aptitudes and interest in mobile technologies).
    Training And E-Learning
    Another trend this year was an increased use of training areas on intranets. The best designs often locate traditional training options and e-learning in one area. After all, from a user's perspective, what's important is learning -- regardless of whether it takes place online or in a classroom. Many intranets also offer special training areas to help new employees learn about their new companies.

    The METRO Group has a particularly extensive set of e-learning features to educate its more than 250,000 employees about the ever-changing retail industry. Many tutorials are presented as interactive Flash animations, with a single interface integrating text, images, and moving images, plus simple controls to pace the presentation.

    Enhancing e-learning user interface controls in this manner is important: people often feel disoriented or frustrated when tutorials take over their screens and don't allow them the freedoms normally inherent in the Web (and intranet) user experiences.

    A notable example of a unique e-learning feature is METRO Group's Knowledge Quest game, which teaches employees advanced retailing concepts. While games are not common on intranets, they do have their place in e-learning, since they can increase learners' motivation by adding an element of fun.

    On the topic of fun, it's worth mentioning the O2 Fun Zone, which lets employees download ringtones -- one of O2's most important products. While not an e-learning feature per se, it does encourage employees to gain more first-hand experience with ringtone use. The O2 Fun Zone also lets employees send each other company-branded e-cards -- featuring such things as holiday, birthday, and get-well wishes -- which enhances a sense of community.
    ROI and Expected Use
    IBM dubbed its employee directory BluePages in reference to the company's "Big Blue" nickname. BluePages is one of the most impressive staff directories we've ever seen (and we've seen hundreds). The design team estimates that the redesign of this killer app saves employees 72 minutes per month. Likewise, IBM's redesign of its managers' area is estimated to save each manager 42 minutes per month -- a particularly important accomplishment given the higher salaries for this user group.

    Given IBM’s size, the productivity gains from improving the intranet's design translate into huge amounts of money. BluePages alone is estimated to save IBM $194 million per year. Of course, smaller companies wouldn't realize quite such large savings, but it's certainly realistic to save an hour or more per employee per month when an intranet is redesigned for usability. At typical, fully loaded hourly rates, this often results in approximate savings of $1,000 per year for each employee -- a cool million for a mid-sized company with a thousand employees.

    In general, too few intranets perform careful studies of productivity improvements, and thus rarely have hard ROI numbers. This was true for most of this year's winners. It's more common to measure an intranet's increased use and then say, "If people use it more, it must be better."

    On that front, across all winners this year, intranet page views increased an average of 106% after redesign. These are obviously winning designs; in general, it's more realistic to expect intranet use to increase by slightly less than 100% after a redesign for increased usability.

    Even so, you can realize even greater usage increases with more specialized applications simply by making them easier to access. For example, Staples has a "profit improvement culture" program for employees to contribute suggestions for making the company more profitable by cutting costs, improving processes, and so on. When the company placed this submission process on the intranet, the number of employee suggestions tripled. Staples estimates it has saved $200 million based on the ideas generated through this program.

    Another way of looking at an intranet's success is to measure the proportion of employees who use the intranet. Among the winners, employee use of the intranet ranges from 75% to 99%. Obviously, the exact percentage of employees who use an intranet will depend on the types of jobs they perform. Office staff and knowledge workers tend to use intranet features more frequently than people who work on a factory floor or process transactions. In general, though, you should aim for at least 75% use overall. If less than half of your office-based employees use the intranet, then you probably have a usability disaster on your hands.
    Usability Methodology and Design Process
    Approaches to intranet design are stabilizing: new designs stay usable longer. On average, this year's winners let 33 months pass between intranet redesigns, up from 29 months for last year's winners. The redesign projects for this year's winners took an average of ten months, which is fairly speedy.

    Despite such rapid design processes, redesign teams are nevertheless finding time for more user research. In looking across six years of design annuals, usability activities are clearly increasing. The following figure shows a comparison between the first three years and the last three years in terms of how often intranet projects employed usability methods:
    [​IMG]

    Proportion of winning intranet projects that employed some of the main usability methods.

    All methods show increased use, though heuristic evaluation has especially grown. This makes sense, because this method relies on evaluating a user interface relative to a known set of usability principles (the "heuristics"). In the early years of intranets, there were no documented intranet usability findings, which made it difficult to use this method. Now, however, intranet designers have access to well-documented user research and systematized knowledge about intranet usability, and they can apply this knowledge to judge their own designs.

    Accessibility is still not a major concern for most intranets. This year, however, we saw many intranet designs that consider users with disabilities and include some accessibility features. Although very few projects went so far as to conduct actual accessibility testing with disabled users, several projects follow basic accessibility guidelines, such as avoiding frozen font sizes.

    This increased attention to accessibility might be related to the larger size, on average, of this year's winning companies. The larger the company, the more employees with disabilities, and thus the greater the payoff from making the intranet accessible. Larger companies are also likely to have more older employees, who often need usability accommodations as well.
    Intranet Branding
    It's an eternal question: Should you give your intranet a special brand name? Among our earlier winners, opinions have been almost evenly split: 59% of intranets were branded, and 41% were simply called "the intranet." This year, however, branding took a major upswing: 80% of the winners use it.

    This year's intranet names include: insite, My One Place, On Demand Workplace (ODW), WorldNet, Networking, vitalO2, Staples@work, and vista.

    One year is hardly a trend, particularly since only 50% of last year's winners were branded. Also, a great design with no name will beat a crummy intranet with a snazzy name anytime. Consistency in design and page layout does more to brand the intranet than any name.

    Finally, there's no need to overdo the branding: intranets are for internal use, and you're not competing against fifty other intranets. We've seen many intranets that overflow with advertising for different business units, or even for the intranet itself. Such heavy promotions backfire. In the best case, users simply ignore them; in the worst case, they drastically reduce user productivity.
    Full Report
    Our 287-page Intranet Design Annual with 193 screenshots of the ten winners for 2006 is available for download.
    http://www.useit.com/alertbox/intranet_design.html
     
  3. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Better Budget Wi-Fi

    Low-cost wireless networking gear from Belkin, Buffalo Technology, and Linksys combine impressive range, fast data transfer speeds, and affordable pricing.


    Yardena Arar
    From the February 2006 issue of PC World magazine
    Posted Tuesday, January 03, 2006

    The trickle-down effect has hit the Wi-Fi world: New, moderately priced routers and notebook cards now promise and deliver some or most of the speed and range improvements first seen last year in costlier products. In our tests of shipping products from three lines--Belkin's Wireless G-Plus MIMO, Buffalo Technology's AirStation Turbo G High Power Wireless, and Linksys's Wireless-G with SRX200--all performed creditably, even at distances that older, standard 802.11g equipment can't cover. However, the Belkin and Linksys products generally outperformed the Buffalo gear.

    Both Linksys's $115 Wireless-G with SRX200 and Belkin's $90 Wireless G-Plus MIMO routers use second-generation chips from Airgo Networks, whose first MIMO (multiple-in, multiple-out) chips powered several of the high-performance lines in our last Wi-Fi roundup.

    Buffalo's $89 AirStation Turbo G High Power Wireless router and $59 notebook card (the least-expensive products in this group) don't depend on MIMO technology; they use older high-speed 802.11g chips and owe their enhanced performance mainly to high-powered amplification of the radio signal.

    Varied Results

    For comparison purposes, we tested the original Linksys SRX router (which is being discontinued) along with the newer products and found that the Linksys SRX200 router with the SRX card--the priciest setup-fell only a bit short of it (see the features comparison chart, "Belkin Leads the Budget Wi-Fi Pack"). Belkin's less expensive G-Plus MIMO products were noticeably slower, especially at close range, where they were only a little faster than routers in Buffalo's line. The new Buffalo model's performance fell off significantly in our long-range test, but many older Wi-Fi setups that we've seen couldn't even connect at that distance. And when we tested the three new routers with a standard 802.11g card on the network, their performance differences shrank.

    If price has been a barrier preventing you from installing a wireless network or upgrading older equipment to improve its range, consider these products; alternatively, you might watch for markdowns on the older and faster technology. If low cost is key, I'd go with the Belkin G-Plus MIMO gear: It costs a little bit more than Buffalo's High Power products, but at long range it's nearly twice as fast.
    -- Yardena Arar

    Features Comparison: Belkin Leads the Budget Wi-Fi Pack

    New Linksys comes closest to original SRX's performance, but Belkin wins out with better pricing.
    Wi-Fi Router and Card PCW Rating Average throughput (mbps)
    Close range Medium range Long range Close range with 802.11g
    Belkin Wireless G-Plus MIMO Router and Notebook Card
    Street: $160 85
    Very Good 26.2 22.6 12.2 19.8
    Bottom line: This model trails the Linksys in performance, but its solid transfer speeds and a bargain price make it our top choice.
    Linksys Wireless-G Broadband Router with SRX200 and Linksys Wireless-G Notebook Card with SRX
    Street: $228 84
    Very Good 37.2 28.8 15.1 22.9
    Bottom line: The Linksys combination delivers super performance, though at this price you can find faster (albeit older) gear.
    Buffalo Technology AirStation Turbo G High Power Wireless Smart Router and Notebook Adapter
    Street: $148 78
    Good 23.8 21.5 6.7 19.5
    Bottom line: An ultralow price for decent range, but the Buffalo's speeds are sluggish and its user interface needs work.
    Linksys Wireless-G Broadband Router with SRX and Linksys Wireless-G Notebook Card with SRX 1 39.3 33.4 15.5 26.4
    HOW WE TEST: Click here for details about our test methodology. 1The original price of this combination was $275.

    http://pcworld.com/reviews/article/0,aid,124010,00.asp
     
  4. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Notebooks Rev Up With Dual-Core Tech

    First dual-core portables tested prove to be multitasking powerhouses.

    Carla Thornton
    From the March 2006 issue of PC World magazine
    Posted Monday, January 30, 2006

    Click here for full-size image. Notebooks are receiving a power boost as Intel brings dual-core technology to its mobile processors. Like dual-core desktops, new dual-core laptops in our tests showed the biggest improvements when doing two tasks at once. And you still get good battery life.

    Eschewing the Pentium M name, Intel's new chips come in two lines: Core Duo T for mainstream notebooks, and Core Duo L low-voltage CPUs for ultralight laptops. The T line will range from the 1.66-GHz T2300 to the 2.16-GHz T2600; the L line will have two variants, the 1.5-GHz L2300 and the 1.66-GHz L2400.


    Advertisement




    Core Duo chips, formerly code-named Yonah, sport a faster, 667-MHz frontside bus (up from 533-MHz); support for faster memory matching the bus speed; a new 945 GM/PM chip set; and Intel's new wireless 802.11a/b/g chip set. Like the Pentium M line, the new CPUs provide a 2MB L2 cache. Additionally, with Intel's power-management technology, they can detect a light workload and shut down one core to improve battery life.

    The PC World Test Center looked at two laptops carrying 2-GHz Core Duo T2500 CPUs and 1GB of RAM: a $1923 HP Pavilion dv1000 and a $2307 Dell Inspiron E1705. Each unit earned a WorldBench 5 score of 97, which puts them among the fastest portables we've ever tested. The highest-scoring model in our current Top 10 chart, the Acer Aspire AS9504WSMi, came with a 2-GHz Pentium M 760 chip and earned a score of 99, just 2 points higher than the Core Duo notebooks despite having double the memory.

    The Core Duo systems really showed their mettle when juggling multiple jobs. In our multitasking test, where we browse the Web while converting a video file from one format to another, the two units completed the tasks about 30 percent faster than the Acer did. The new systems also performed very well in our Windows Media Encoder and Roxio VideoWave tests (see chart below).

    The portables ran fairly cool and quiet. Using a nine-cell battery (a $99 option), the 8.2-pound E1705 ran out of gas after 2 hours, 32 minutes--fairly typical for a laptop with a 17-inch wide screen. The 5.6-pound dv1000, a 14-inch wide-screen model, did better at 3 hours, 51 minutes, nearly matching the 4-hour battery life we saw from a single-core version of it last year.

    If you work with multiple apps at once or edit digital media, you'll get a lot out of the new units. And they cost only about $100 more than similarly configured single-core laptops. Core Duo systems should be available now.

    Dual-Core vs. Single-Core Notebooks (chart)

    Laptops with dual-core processors complete digital media work and multiple tasks significantly faster than single-core systems.

    Dual-core vs. Single-Core Notebooks (chart)

    [​IMG]


    Photograph by: Marc Simon
    Related Topics: Intel
    http://pcworld.com/news/article/0,aid,124513,00.asp
     
  5. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    RIAA RICO case hearing,[​IMG]
    p2p news / p2pnet: We've been calling the members of the Big Four record label cartel the Organized Music family since around October last year.

    Tanya Andersen, 42, a disabled mother, lives alone with her eight-year-old daughter. The two exist on government disability payments.

    EMI, Warner Music, Vivendi Universal and Sony BMG are accusing her of downloading and sharing music online but she says the accusation is entirely false and, like Patti Santangelo, is demanding a jury trial to prove it.

    In addition, she launched a counter suit against the Big Four's RIAA under the Oregon RICO Act, claiming the RIAA qualified because it had committed at least two acts of racketeering.

    RICO is short for Racketeering Influenced and Corrupt Organization and it was originally created to combat Organized Crime as epitomised by the Mafia families.

    The Big Four's RIAA (Recording Industry Association of America) wants Andersen's RICO suit dismissed and she, in her turn, has asked to have the RIAA's complaint thrown out, says Recording Industry vs The People.

    Andersen, who lives off a fixed income from Social Security, says she's never shared or downloaded music in her life and before the RIAA attacked her, told its 'investigators' they could examine her computer any time they wanted.

    But the record companies have never bothered.

    "I have always been against music downloading," said Andersen last year after being approached by Mark Eilers from the Tukwila, Washington, 'Settlement Centre' who was demanding money to make the RIAA go away.

    "In fact, I have been a member of BMG's music club for quite some time and I purchase my music either from there or from Target," said Andersen. "When I first got my computer set up almost three years ago, I had a friend set it up for me since I did not know how to do it. She had put Kaaza Lite on there and told me what it was. I never used it and had no interest in doing so. I deleted it since I had no use for it. Even though I deleted it correctly, as is recommended by Microsoft, Mr. Eilers has told me it can hide out in my system and play without me knowing about it. I have done a total check of my computer and it is no where on there.

    "These files you are speaking accusing me of sharing (which Mr. Eiler told me about), are not and never have been on my computer system. Several of those artists, I have never even heard of! One, I understand, is a rap song. I am 42-years-old and do not even like rap music. The login that this person who did this apparently used, which Mr. Eiler told me of, is not a login name I have ever used or heard of.

    "There is no one at my household who could have done what is being said at all. Mr. Eiler had brought up the fact that maybe a babysitter could have done it and that is impossible because I seldom have a sitter since I can't afford to pay one and am usually home."

    The RICO pattern Andersen accuses the RIAA of, "constituted a common course of conduct used by plaintiffs to target thousands of citizens throughout the United States," says Lory R. Lybeck of Lybeck Murphy, the Washington law firm which is acting for her.

    "These activities shared the common objectives of seeking payment of thousands of dollars from each person targeted, regardless of their innocence. These acts had the same or similar purposes, results, participants, victims and methods of commission.

    "The predicate acts of racketeering include, but are not limited to attempted violations of Oregon’s coercion statute ORS 163.275 in furtherance of a plan to commit coercion is a violation of ORICO 166.720.

    " These unlawful activities were not isolated. The record companies have repeated this coercive conduct with many other victims throughout the United States. Settlement Support Center, has reportedly engaged in the same pattern of threatening and coercive conduct.

    "In 2004, the record companies targeted another innocent person in this scheme. When presented with evidence that the defendant did not engage in any of the downloading activities, plaintiffs insisted that her lack of involvement was irrelevant and that plaintiffs reportedly threatened that they would sue her for hundreds of thousands of dollars whether or not she had ever engaged in the alleged file sharing, 'It didn’t matter. Someone is responsible and someone is going to have to pay'."

    February 27 is the date set for both hearings.
    http://p2pnet.net/story/7767

    _____________________________________________________________________
    P

    Victim sues RIAA under RICO Act

    p2p news / p2pnet:- "I just read your 'We're Not Taking It Anymore' Club article on p2pnet.net," emailed Anna. "I've never been sued by RIAA, but I do feel strongly against their actions."

    She suggested the RICO (Racketeering Influenced and Corrupt Organization) might be a way to go, continuing, "Don't laugh. It's a very potent law. It was originally created to battle the Mafiosi, but it has been recently used to file suits against insurance companies (by the medical associations), corrupt moving companies, and even against 'quackbusters.' Google it; it gets to be interesting reading.

    "I believe that what the RIAA (Recording Industry Association of America) is doing is racketeering and harassment. I think a creative lawyer could possibly go to town on this. If they get maybe 15 or 20 people who have been unjustifiably sued by RIAA, I'm sure they'll have a strong case.”

    Now, in what could be the beginning of the end for the Big Music cartel's vicious sue 'em all marketing campaign, RIAA victim Tanya Andersen (upper right) has just counter-sued the RIAA for Oregon RICO violations, fraud, invasion of privacy, abuse of process, electronic trespass, violation of the Computer Fraud and Abuse Act, negligent misrepresentation, the tort of "outrage", and deceptive business practices, says Recording Industry vs The People.

    Andersen, 42, a disabled mother, lives alone with her eight-year-old daughter. The two exist on government disability payments.

    She’s demanding a trial by jury and she’s one of a growing number of people who have had enough of the blatant terror tactics being used by the entertainment and software cartels.

    Represented by Lory Lybeck of Lybeck Murphy in Oregon, Andersen decided she wasn’t going to be bullied into paying an extortionate charge to a blackmail centre acting for the Big Four record label cartel.

    New York mother of five Patricia Santangelo also says she won't be persecuted by EMI, Warner, Universal and Sony BMG, the members of the multi-billion-dollar record label cartel.

    "Don't let your fear of these massive companies allow you to deny your belief in your own innocence," Santangelo, the first RIAA victim to defy the labels, says.

    "Paying these settlements is an admission of guilt. If you're not guilty of violating the law, don't pay."

    "Thug-like threats"
    The first hint of the nightmare Andersen was entering came from Verizon, her ISP.

    "It was something I got in the mail and that I didn't quite understand from them stating they were releasing my private information," Andersen told p2pnet recently. "They had a subpoena attached and it basically sounded to me when I read it that they were just investigating something and wanted my information.

    "I thought, 'Well I haven't done anything wrong so I'm not going to worry about it'."

    The letter told her the company was releasing personal information to the Big Four's RIAA (Recording Industry Association of America), fronted by one of the Settlement Centers the enforcement unit uses to do its dirty work.

    "Copyright infringement is wrong," Andersen's lawyer, Lory Lybeck, told p2pnet. But, "Thug-like threats by multi-national, multi-billion dollar businesses against people who cannot afford to speak or even explain their innonence is a much greater wrong. The music industry with all of its assets and all of its talents has the ability to handle the 'problem' of downloading much more effectively and much more humanely. Their present tactics cause real harm to real people.

    "Theses tactics do nothing to address highjackers, spoofers and commercially motivated copyright infringers around the world."

    Andersen is making the following allegations, among others, says Recording Industry vs The People.

    Read on >>>>>>>>>>>>>>>>>>>>>>>>

    1. For a number of years, a group of large, multinational, multi-billion dollar record companies, including these plaintiffs, have been abusing the federal court judicial

    system for the purpose of waging a public relations and public threat campaign targeting digital file sharing activities. As part of this campaign, these record companies retained MediaSentry to invade private home computers and collect personal information. Based on private information allegedly extracted from these personal home computers, the record companies have reportedly filed lawsuits against more than 13,500 anonymous “John Does.”

    2. The anonymous “John Doe” lawsuits are filed for the sole purpose of information farming and specifically to harvest personal internet protocol addresses from internet service providers.

    3. After an individual’s personal information is harvested, it is given to the record companies’ representatives and the anonymous “John Doe” information farming suits are then typically dismissed.

    4. The record companies provide the personal information to Settlement Support Center, which engages in prohibited and deceptive debt collection activities and other illegal conduct to extract money from the people allegedly identified from the secret lawsuits. Most of the people subjected to these secret suits do not learn that they have been “sued” until demand is made for payment by the record companies’ lawyers or Settlement Support Center.....

    5. Tanya Andersen is a 42-year-old single mother of an eight-year-old daughter living in Tualatin, Oregon. Ms. Andersen is disabled and has a limited income from Social Security.

    6. Ms. Andersen has never downloaded or distributed music online. She has not infringed on any of plaintiffs’ alleged copyrighted interest.....

    7. Ms. Andersen has, however, been the victim of the record companies’ public threat campaign. The threats started when the record companies falsely claimed that Ms. Andersen had been an “unnamed” defendant who was being sued in federal court in the District of Columbia. She was never named in that lawsuit and never received service of a summons and complaint.

    8. Neither did Ms. Andersen receive any timely notice that the suit even existed. That anonymous suit was filed in mid-2004. Ms. Andersen first learned that she was being “sued” when she received a letter dated February 2, 2005, from the Los Angeles, California, law firm Mitchell Silverberg & Knupp, LLP. The LA firm falsely claimed that Ms. Andersen had downloaded music, infringed undisclosed copyrights and owed hundreds of thousands of dollars. Ms. Andersen was understandably shocked, fearful, and upset. ....

    9. After receiving the February 2, 2005 letter, Ms. Andersen contacted the record companies’ “representative,” which turned out to be Settlement Support Center, LLC. This company was formed by the record companies for the sole purpose of coercing payments from people who had been identified as targets in the anonymous information farming suits. Settlement Support Center is a Washington State phone solicitation company which engages in debt collection activities across the country.

    10. When Ms. Andersen contacted Settlement Support Center, she was advised that her personal home computer had been secretly entered by the record companies’ agents, MediaSentry.

    11. Settlement Support Center also falsely claimed that Ms. Andersen had “been viewed” by MediaSentry downloading “gangster rap” music at 4:24 a.m. Settlement Support Center also falsely claimed that Ms. Andersen had used the login name “gotenkito@kazaa.com.” Ms. Andersen does not like “gangster rap,” does not recognize the name “gotenkito,” is not awake at 4:24 a.m. and has never downloaded music.

    12. Settlement Support Center threatened that if Ms. Andersen did not immediately pay them, the record companies would bring an expensive and disruptive federal lawsuit using her actual name and they would get a judgment for hundreds of thousands of dollars.

    13. Ms. Andersen explained to Settlement Support Center that she had never downloaded music, she had no interest in “gangster rap,” and that she had no idea who “gotenkito” was.

    14. Ms. Andersen wrote Settlement Support Center and even asked it to inspect her computer to prove that the claims made against her were false.

    15. An employee of Settlement Support Center admitted to Ms. Andersen that he believed that she had not downloaded any music. He explained, however, that Settlement Support Center and the record companies would not quit their debt collection activities because to do so would encourage other people to defend themselves against the record companies’ claims.

    16. Instead of investigating, the record company plaintiffs filed suit this against Ms. Andersen. F. The Record Companies have no Proof of Infringement.

    17. Despite making false representations to Ms. Andersen that they had evidence of infringement .... plaintiffs knew that they had no factual support for their claims.

    18. No downloading or distribution activity was ever actually observed. None ever occurred. Regardless, the record companies actively continued their coercive and deceptive debt collection actions against her. Ms. Andersen was falsely, recklessly, shamefully, and publicly accused of illegal activities in which she was never involved.

    Ms. Andersen further alleged:

    20. Entering a person’s personal computer without their authorization to snoop around, steal information, or remove files is a violation of the common law prohibition against trespass to chattels.

    21. The record company plaintiffs employed MediaSentry as their agent to break into Ms. Andersen’s personal computer (and those of tens of thousands of other people) to secretly spy on and steal information or remove files. MediaSentry did not have Ms. Andersen’s permission to inspect, copy, or remove private computer files. If MediaSentry accessed her private computer, it did so illegally and secretly. In fact, Ms. Andersen was unaware that the trespass occurred until well after she was anonymously sued.

    22. According to the record companies, the agent, Settlement Support Center used the stolen private information allegedly removed from her home computer in their attempt to threaten and coerce Ms. Anderson into paying thousands of dollars. ....

    Under the provisions of the Computer Fraud and Abuse Act (18 U.S.C. § 1030) it is illegal to break into another person’s private computer to spy, steal or remove private information, damage property, or cause other harm.

    26. Ms. Andersen regularly used her personal computer to communicate with friends and family across the country and for interstate e-commerce. Ms. Andersen had password protection and security in place to protect her computer and personal files from access by others.

    27. The record company plaintiffs employed MediaSentry as their agent to bypass Ms. Andersen’s computer security systems and break into her personal computer to secretly spy and steal or remove private information. MediaSentry did not have her permission to inspect, copy, or remove her private computer files. It gained access secretly and illegally.

    28. According to the record companies’ agent, Settlement Support Center, used this stolen private information in their attempt to threaten and coerce Ms. Andersen into paying thousands of dollars. ....

    31. According to the record companies, Ms. Andersen’s personal computer was invaded by MediaSentry after she was identified with a nine digit code (an Internet Protocol Address (“IPA”)) obtained from the anonymous information farming lawsuits. MediaSentry did not have permission to inspect Ms. Andersen’s private computer files. It gained access only by illegal acts of subterfuge.

    32. The record companies’ agent has falsely represented that information obtained in this invasive and secret manner is proof of Ms. Andersen’s alleged downloading. Ms. Andersen never downloaded music but has been subjected to public derision and embarrassment associated with plaintiffs’ claims and public relations campaign.

    33. The record companies have used this derogatory, harmful information to recklessly and shamefully publicly accuse Ms. Andersen of illegal activities without even taking the opportunity offered by Ms. Andersen to inspect her computer. .....

    36. Despite knowing that infringing activity was not observed, the record companies used the threat of expensive and intrusive litigation as a tool to coerce Ms. Andersen to pay many thousands of dollars for an obligation she did not owe. The record companies pursued their collection activities and this lawsuit for the primary purpose of threatening Ms. Andersen (and many others) as part of its public relations campaign targeting electronic file sharing.

    37. The record companies have falsely represented and pleaded that information obtained in this invasive and secret manner is proof of Ms. Andersen’s alleged downloading and distribution of copyrighted audio recordings. Ms. Andersen never downloaded music but has been subjected to public derision and embarrassment.....

    40. The record companies knowingly represented materially false information to Ms. Andersen in an attempt to extort money from her.

    41. For example, between February and March 2005, the record companies, through their collection agent Settlement Support Center, falsely claimed that they had proof that Ms. Andersen’s IPA had been “viewed” downloading and distributing over 1,000 audio files for which it sought to collect hundreds of thousands of dollars. This statement was materially false. Ms. Andersen never downloaded or distributed any audio files nor did the record companies or any of their agents ever observe any such activity associated with her personal home computer.....

    49. Despite having never observed any downloading or distribution associated with Ms. Andersen’s personal home computer and despite refusing Ms. Andersen’s offer to allow an inspection of her own computer, the record companies wrongfully continued their improper debt collection activities against her.....

    50. The record companies pursued debt collection activities for the inappropriate purpose of illegally threatening Ms. Andersen and many thousands of others. This tortious abuse was motivated by and was a central part of a public relations campaign targeting electronic file sharing.

    51. An employee of Settlement Support Center admitted to Ms. Andersen that he believed that she had not downloaded any music. He explained that Settlement Support Center and the record companies would not quit the debt collection activity against her because to do so would encourage other people to defend themselves against the record companies’ claims.

    52. The record companies were aware of Ms. Andersen’s disabilities and her serious health issues. Settlement Support Center knew that its conduct would cause extreme distress in Ms. Andersen. As a result of defendant’s conduct, Ms. Andersen suffered severe physical and emotional distress and health problems.

    53. The record companies’ conduct resulted in damages, including harm to Ms. Andersen’s health and property in an amount to be specifically proven at trial......

    55. Oregon’s Unlawful Trade Practices Act prohibits those in trade or commerce from engaging in unfair or deceptive practices in the course of business with consumers. ORS 646.605 et seq.

    56. The record companies’ agent, Settlement Support Center, is a company doing business in Washington which was established to engage in debt collection activities in manystates, including Washington and Oregon.

    57. Settlement Support Center acting as the record companies’ agent made false and deceptive statements to Ms. Andersen in an attempt to mislead, threaten, and coerce her into paying thousands of dollars.

    58. Settlement Support Center acting as the record companies’ agent has made similar false and deceptive statements to many other residents of Washington and Oregon, and across the country. The public interest has been and continues to be directly impacted by plaintiffs’ deceptive practices.

    59. The record companies’ conduct resulted in damages and harm to Ms. Andersen and her property in an amount to be specifically proven at trial. ....

    61. The Oregon Racketeer Influenced and Corrupt Organization Act prohibits companies from engaging in organized racketeering or criminal activities. ORS 166.715 et seq.

    62. As fully set forth above, the record companies hired MediaSentry to break into private computers to spy, view files, remove information, and copy images. The record companies received and transmitted the information and images to Settlement Support Center. As the record companies’ agent, Settlement Support Center then falsely claimed that the stolen information and images showed Ms. Andersen’s downloading and distributing over 1,000 audio files. The record companies falsely claimed that Ms. Anderson owed hundreds of thousands of dollars in an attempt to coerce and extort payment from her.

    63. The record companies directed its agents to unlawfully break into private computers and engage in extreme acts of unlawful coercion, extortion, fraud, and other criminal conduct.

    64. The record companies and their agents stood to financially benefit from these deceptive and unlawful acts. Proceeds from these activities are used to fund the operation of the record companies’ continued public threat campaigns.

    65. These unlawful activities were not isolated. The record companies have repeated these unlawful and deceptive actions with many other victims throughout the United States.

    Answer and counterclaim.

    ================

    First they ignore you, then they laugh at you, then they fight you, then you win
    - Mohandas Gandhi

    Something you think we should know? tips[at]p2pnet.net

    (Saturday 1st October 2005)
    http://p2pnet.net/story/6445
     
    Last edited: Jan 30, 2006
  6. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Hollywood Broadway bust,[​IMG]

    p2p news / p2pnet: A joint bust involving Hollywood's finest and the NYPD (New York Police Department) ended in an arrest, says the studios' MPAA (Motion Picture Association of America) in a statement.

    Temporarily shelving less important crimes such as mugging, robbery and murder, NYPD cops and the MPAA raided a nine-story commercial building on Broadway, "where the illegal sale and distribution of counterfeit DVD-Rs was allegedly taking place," says the MPAA, going on:

    "Upon the investigators’ entry, two suspects in the building jumped out of the second floor window in a desperate attempt to escape."

    Another man didn't make it and was arrested inside the building.

    "Police seized an estimated 30,000 DVD-Rs as well as 20,000 CD-Rs from the premises," says the MPAA and, “We applaud the New York Police Department for their vigilant efforts in catching these movie thieves – whether they’re on the streets or mid-air, they have no place to hide,” said MPAA spokesman John G. Malcolm, rather wittily, he thought.

    Through massive and lobbying and with help of friendly congresspersons, the MPAA and brother organization the RIAA (Recording Industry Association of America) have elevated the copying and re-sale of their products to the status of major crime and often use national and international police forces in "busts".

    This time, at least, the MPAA didn't use the exercise an an excuse to dream up figures about supposed losses to its owners.

    Meanwhile, the MPAA was itself recently accused of piracy.

    It made an illegal copy of This Film is Not Yet Rated, says the film's director.
    http://p2pnet.net/story/7768
     
  7. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    'Hand over client names'

    p2p news / p2pnet: Ten ISPs including BT, NTL, Telewest and Tiscali, have been told to hand over the details of 150 UK customers accused of sharing software, says the BBC.

    The High Court order follows a 12-month covert investigation by the Federation Against Software Theft (Fast), it says.

    FAST is, of course, yet another software cartel 'trade' organization that often plays Scotland Yard.

    "An undercover investigator working for Fast in a project codenamed Operation Tracker identified 150 people suspected of illegally sharing software," says the BBC.

    "Most file-sharers use false names and e-mail addresses. So the software anti-piracy group went to the High Court to force the internet providers to hand over customer details."

    According to the Business Software Alliance, about a quarter of software used in the UK is an unlicensed, counterfeit or pirated copy, says the Beeb.

    However, as Britain's prestigious The Economist once said in BSA or just BS?, the BSA's figures are sometimes just a little fanciful.

    Also See:
    BBC - UK court to unmask 'file-sharers', January 30, 2006
    just a little fanciful - The Economist angers BSA, June 15, 2005

    (Monday 30th January 2006)
    http://p2pnet.net/story/7769
     
  8. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68

    Warner Bros. figures if you can't beat P2P, then make use of it
    Posted by Seán Byrne on 31 January 2006 - 00:00 - Source: The Wall Street Journal

    Warner Bros. has announced that they will make use of BitTorrent technology for selling movies and TV Shows online; the very same technology that is causing the entertainment industry serious problems with mass-piracy. Their service In2Movies will make use of Arvato, which is based on BitTorrent technology to efficiently transfer its content to its customers, which can use other customers as content sources and not just rely on centralised servers. However, the content will need to be authorised by a centralised system to play in order to prevent unauthorised viewing or distribution.

    This service is set to launch in March, which will offer consumers a limited selection of Warner Bros. movies and TV shows. These will be released dubbed in the German language the very same day as their DVD release, with pricing expected to be similar to the DVD versions. Content made available on the initial version of their service will only be playable on PCs, however later on, Warner Bros. aims to allow the playback on suitable portable devices. They will also aim to widen it use of P2P networks and bring its service to other countries over time.

    Warner Bros. claims that using P2P technology to distribute legal content will be one of the most effective means of fighting P2P piracy as these alternatives will be easy to use. They claim that 11.9 million movies were illegally downloaded between 1.7 million users in Germany in the first half of 2005 alone. Thanks to DamnedIfIknow for letting us know about the following news:

    In a move that shows Hollywood is examining the benefits of a technology it long reviled, Time Warner Inc.'s Warner Bros. is expected to announce today that it will sell movies and television shows online in Germany using peer-to-peer technology.

    Warner Bros. is working with Bertelsmann AG and its subsidiary Arvato to create a service called In2Movies, to launch in March. The service will feature movies dubbed into German, including "Batman Begins" and "Harry Potter and the Goblet of Fire," for a fee that Warner says will be similar to the cost of a DVD. It will also offer television shows like "The O.C." and locally made programs and movies. Users, who will have to register for the service, will be able to keep the movie indefinitely. But instead of getting a movie from a central server, pieces of it could come from other people on the network who also bought that movie.

    Some further info can be read on this c|net article.

    In my opinion, this system is unlikely going to do very well unless the movies are priced a fair bit cheaper than their DVD versions. By pricing the online movies similar to their DVD version pricing means that consumers will sooner go for the ‘trusty’ physical version rather than go through the tedious process of obtaining the movie, only to find that these can only be played back on a PC (at least until later on). As this distribution method does not even require as high bandwidth servers as other Video-On-Demand online services, not to mention the lack of retail store costs, disc, case & artwork replication costs, transportation & storage costs, etc. they surely should be able to cut well back on the online pricing also!

    DamnedIfIknow added: Hmm....so they put on their glasses and finally have seen the writing on the wall? Need to drop the price though.
    http://www.cdfreaks.com/news/13011
     
  9. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68

    Software file sharers next to be sued in the UK
    Posted by Quakester2000 on 31 January 2006 - 00:06 - Source: BBC

    Ten internet providers have been ordered by the UK's high court to hand over details of 150 UK customers that have been accused of illegal software sharing. After a 12month investigation by the Federation Against Software Theft (FAST) they have now demanded customer details from ISP's such as BT, NTL, Telewest and Tiscali.

    In the next two weeks the ISP's will be handing over names, addresses and personal details of all the file sharers to FAST. An investigator working for FAST's Operation Tracker identified 150 people of illegally sharing copyright software.

    Since almost every file sharer uses a nick name as well as a fake email address FAST had to apply to the high court to force the ISP's to hand over the personal information. FAST said that it would be talking to crown prosecutions and police once it had the customer’s details. The director at FAST said that taking down the links will not stop the root causes of piracy as they will appear again in a matter of hours. FAST plans to make examples of copyright software sharers by taking them to court instead.

    FAST accuses all 150 people of uploading or sharing copyright software online. Under the current law trafficking pirate software can attract an unlimited fine and up to 2 years in prison.

    FAST warned that this was only the beginning and that a second wave would be coming along. FAST's senior legal console said that they would be bringing action anytime and anywhere where they see software being illegally misused. According to the BSA a quarter of all UK software is unlicensed, copied or pirate.
    LegalTen internet service providers have been ordered to hand over the details of 150 UK customers accused of illegally sharing software. The High Court order follows a 12-month covert investigation by the Federation Against Software Theft (Fast). Among the internet providers are BT, NTL, Telewest and Tiscali.

    Over the next two weeks, they are expected to provide the names, addresses and other personal details of the alleged file-sharers. An undercover investigator working for Fast in a project codenamed Operation Tracker identified 150 people suspected of illegally sharing software.

    Most file-sharers use false names and e-mail addresses. So the software anti-piracy group went to the High Court to force the internet providers to hand over customer details. The federation said it would approach the police and Crown Prosecution Service once it has the personal information.

    "We can easily take down links, but this does not tackle the root causes of software piracy, because the links will reappear elsewhere in a matter of hours," said John Lovelock, director general at Fast. "Instead, we plan to take action a lot further, making an example of the perpetrators to stop them from stealing and passing on the intellectual property of our members for good."

    The federation accuses the 150 individuals of breaking copyright law by uploading software and sharing it online. Penalties for the illegal communication to the public of copyrighted works, including software, can attract a maximum punishment of up to two years imprisonment and/or an unlimited fine.

    Julian Heathcote Hobbins, Fast's senior legal counsel, said the court action was "only the first wave of an ongoing strategy". "We expect to be bringing these actions anytime and anywhere we see software being misused," he said. According to the anti-piracy trade group, the Business Software Alliance, about a quarter of software used in the UK is an unlicensed, counterfeit or pirated copy.
    http://www.cdfreaks.com/news/13010
     
  10. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Serious security hole patched in Winamp version 5.13
    Posted by Dan Bell on 31 January 2006 - 00:39 - Source: FileForum

    Secunia has posted that a nasty, buffer overflow type exploit, was discovered in recent versions of Winamp 5. It is highly recommended that if you are using this software, to head on over to FileForum and snag the update 5.13, which states: Fixed [in_mp3] extremely critical security vulnerability.
    http://fileforum.betanews.com/detail/Winamp_5_Full/1066336873/1


    Below, you can read an explanation of sorts of the nature of the problem from Secunia:

    Description:
    ATmaCA has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system.

    The vulnerability is caused due to a boundary error during the handling of filenames including a computer name. This can be exploited to cause a buffer overflow via a specially crafted playlist containing a filename starting with an overly long computer name (about 1040 bytes).

    Successful exploitation allows execution of arbitrary code on a user's system when e.g. a malicious website is visited.

    The vulnerability has been confirmed in version 5.12. Other versions may also be affected.

    NOTE: An exploit is publicly available.

    Solution:
    Use another product.

    Provided and/or discovered by:
    ATmaCA

    Original Advisory:
    http://milw0rm.com/id.php?id=1458

    Please note: The information, which this Secunia Advisory is based upon, comes from third party unless stated otherwise.

    http://www.cdfreaks.com/news/13012
     
  11. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Google Upgrades Toolbar
    Do I need an update to the toolbar?

    Ummm... I'm gone go with yes on that.

    Google upgraded its toolbar software for Microsoft Internet Explorer on Monday, adding features that suggest ways to finish a query before the user is finished typing, along with custom buttons that allow users to save favorite web sites to the toolbar that runs near the top of the browser window.

    The enhanced search box in Google Toolbar 4.0 works like the auto-suggest feature already available in the Firefox version of the browser. It also displays spelling corrections and options from the user’s search history and bookmarks.

    - Redherring.com
    _____________________________________________________________________

    Google Upgrades Toolbar

    Custom buttons, query suggestions, bookmarks, sending, and account sign-in features added to IE toolbar.
    January 30, 2006

    Google upgraded its toolbar software for Microsoft Internet Explorer on Monday, adding features that suggest ways to finish a query before the user is finished typing, along with custom buttons that allow users to save favorite web sites to the toolbar that runs near the top of the browser window.



    The enhanced search box in Google Toolbar 4.0 works like the auto-suggest feature already available in the Firefox version of the browser. It also displays spelling corrections and options from the user’s search history and bookmarks.



    Mountain View, California-based Google is upgrading the toolbar at a time when Microsoft is readying an upgraded version of its Internet Explorer browser software. Microsoft plans to include a search box of its own within the browser that will steer users to Microsoft’s MSN search service. That could steer users away from Google’s search service.



    Search toolbars are an important way for search engines to direct users toward their service and away from the service linked to the default search button. Yahoo also markets a search toolbar that runs at the top of the browser, as does Amazon with its A9 search engine, and Lycos with its HotBot search engine.



    Google also introduced a corporate version of the toolbar on Monday, Google Toolbar for Enterprise. The beta software includes administration tools and control features for business environments.



    Shares of Google fell $3.00 to $430.49 in recent trading.



    Click on G

    Users can click on the G icon in the Google Toolbar search box to search different Google sites, the current site, or sites for which they have installed custom search buttons.



    The custom search buttons allow users to add buttons to the toolbar to access favorite Internet destinations or Google services such as Google Scholar or Google Video. Google offers a Button Gallery with different icons that can be added to the toolbar, like the custom toolbar selection provided in Microsoft Word.



    “You can make your own buttons in seconds by right-clicking within the search box on any site and selecting ‘Generate Custom Search,’” read Google’s instructions on the site.



    The new toolbar also allows users to create a set of bookmarks that can be accessed from any computer that has the Google Toolbar installed. The bookmarks are stored online, and when users sign in to their Google account from another computer, the toolbar locates the stored bookmarks.



    Users can also access the stored bookmarks from the Search History link in the upper right corner of the Google home page.



    Google Toolbar also lets users share a particular web page or section of a page with someone else via email, text message, or blog, by highlighting the selection they want to share and clicking on the Send To option in the toolbar.



    The upgraded toolbar also includes a sign-on feature from within the Settings button. By signing on from within the toolbar, users get access to their Gmail account, Google Groups, and personalized home page.
    http://www.redherring.com/Article.a...Toolbar&sector=Industries&subsector=Computing
     
  12. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    AOL Is Selling Access To Your Inbox
    aol AOL's approach is to turn email delivery into a pay for access business. Those who can afford to pay get through. So if you use AOL for mail, look forward to lots of high value email like mortgage offers, life insurance offers, etc. But what if you are an AOL user and you get your weekly horoscope from a great service that also has marketing messages in it? If that service doesn't pay, your horoscope is going to go into the junk mail folder. And you'll wonder where it went.
    ______________________________________________________________________

    AOL Is Selling Access To Your Inbox

    I have been an investor in a company called Return Path for almost six years. Return Path is in a number of email related businesses, but one that they basically invented is the email delivery assurance business. They work for commercial emailers and help them get permissioned email delivered to inboxes. They work with the commercial senders on changing their practices so that their email will get a reputation as a "good mail" and will get through to the inboxes of the people who have requested the mail.

    Well today AOL announced that it is taking a very different approach. Last year AOL partnered with a competitor of Return Path's called Goodmail that thinks money is the answer to spam. They believe that if you force commercial mailers to pay to get into inboxes, the spammers will be put out of business. Nice theory, but in practice it smells like bribing your way into inboxes.

    Both approaches are EZ Pass for email. But Return Path's approach has always been to get the senders to send email the way consumers want it. Permissioned, relevant, not too often, and stopped when the consumer says "no more".

    AOL's approach is to turn email delivery into a pay for access business. Those who can afford to pay get through. So if you use AOL for mail, look forward to lots of high value email like mortgage offers, life insurance offers, etc.

    But what if you are an AOL user and you get your weekly horoscope from a great service that also has marketing messages in it? If that service doesn't pay, your horoscope is going to go into the junk mail folder. And you'll wonder where it went. What if you get your bank statements via email and your bank refuses to pay to get delivery? Who will pay the late fees when you don't get your statements?

    Until today, Goodmail was only an option not a requirement because AOL also had something called "enhanced whitelist" which allowed commercial mailers with excellent reputations to get through the filters. But I guess that wasn't making them any money. So today, AOL announced that they are "phasing out" their enhanced whitelist program and forcing commercial mailers to use Goodmail if they want their mail to get through to inboxes. They spun that news as a good thing as this piece from ClickZ shows.

    But what is really going on here is that AOL is saying that it doesn't matter if you have a great reputation and have been whitelisted at AOL for years. Now if you want to get commercial mail into their customers inboxes you must pay for delivery.

    And so it's a sad day for email. The spammers have won. They have turned email delivery into a business that can be bought and sold for the highest price. And AOL is leading the way. Of course.

    http://avc.blogs.com/a_vc/2006/01/aol_is_selling_.html
     
  13. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Sony BMG guilty in copyright case

    p2p news / p2pnet: Sony BMG, infamous for planting secret spyware DRM on music CDs to stop users from infringing on its copyrights, has been found guilty of wilful copyright infringement.

    A jury in Houston, Texas, found Suckafree Records, Lil' Flip, his manager Estelle Douglass Hobbs, Sony BMG Music Entertainment, Columbia Records, Loud Records, Lucky Publishing and Hobbs Publishing, "willfully violated the copyrighted music of Tommy Granville, when the Defendants included it on Lil' Flip's platinum-selling CD, Undaground Legend," says AllHipHop.com.

    The jury awarded Granville $150,000, the maximum statutory damages under the law, says the story, going on that Sony was also fined $12,000 for failing to turn over financial documents.

    In a separate action in 2004, NamCo America sued the same defendants for copyright infringement over Lil' Flip's, "Game Over," says AllHipHop.com, adding the suit was settled before it could go to trial.

    Also See:
    AllHipHop.com - Lil' Flip/Sony BMG Music Found Guilty Of Copyright Infringement, January 30, 2006

    (Tuesday 31st January 2006)
    http://p2pnet.net/story/7773

    _______________________________________________

    Lil' Flip/Sony BMG Music Found Guilty Of Copyright Infringement.
    By EbenGregory
    Date: 1/30/2006 5:00 pm



    A jury in Houston Federal Court has found rapper Lil' Flip and Sony BMG Music Entertainment guilty of willful copyright infringement.

    Lil' Flip (real name Wesley Eric Weston) was sued in Nov. 2004 for alleged unauthorized use of three melodies on his major label debut, Undaground Legend.

    The lawsuit, filed in Federal Court in the Southern District of Texas, claimed that the melodies were the creation of Tommy L. Granville, a songwriter and music producer based out of Shreveport, Louisiana.

    The jury verdict found that Suckafree Records, Lil' Flip, his manager Estelle Douglass Hobbs, Sony BMG Music Entertainment, Columbia Records, Loud Records, Lucky Publishing and Hobbs Publishing willfully violated the copyrighted music of Tommy Granville, when the Defendants included it on Lil' Flip's platinum-selling CD, Undaground Legend.

    The lawsuit sought $1.5 million in damages and an unspecified amount for alleged willful infringement of Granville's copyrights.

    The Houston jury awarded Granville $150,000, the maximum statutory damages under the law.

    Magistrate Judge Stacy also fined Sony $12,000 for their failure to adhere to the court's orders to turn over financial documents.

    "We're very pleased that the jury agreed that Tommy Granville's music was illegally taken by these Defendants," Scott Hemingway, attorney for the plaintiff, told AllHipHop.com. "Sony is one of the world's biggest enforcers of its copyright rights and it files 1000's of copyright infringement lawsuits against Internet file-sharers to protect its rights. It is nice to see the jury tell Sony and the other Defendants that they should respect the copyrights of others the same way they want their own copyright rights respected."

    In a separate action in Sept. 2004, NamCo America sued the same set of defendants for copyright infringement over Lil' Flip's hit song, "Game Over."

    In that lawsuit filed in US District Court, Southern District of New York, Namco alleged that their copyright was infringed upon when sounds from the game "Pac-Man" and "Ms. Pac-Man" were included on "Game Over" and its remix.

    That suit was settled prior to going to trial.
    http://www.allhiphop.com/hiphopnews/?ID=5308
     
  14. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Felten and Halderman on DRM: III

    p2p special / p2pnet: Professor Ed Felten and Alex Halderman are working on 'Lessons from the Sony CD DRM Episode,' an academic paper that analyzes, "several not-yet-discussed aspects of the XCP and MediaMax CD copy protection technologies" to, "put the Sony CD episode in context and draw lessons for the future".

    They've been posting section drafts on Felten's Freedom to Tinker Blog, emphasising the sections are part of the draft and shouldn't be formally quoted or cited.

    The final, complete version will be posted on Felten's blog, he says.

    We have posts 1, 2 and 3 here, and 4 and 5, here. Below is the latest and last.

    "By now, you have seen drafts of the all sections of the paper except the introduction, conclusion, and discussion of related work," the say. "The deadline for submission is (late) tomorrow night." >>>>>>>>>>>>>>>>>>>>>>>

    CD DRM: Attacks on the Player
    Freedom to Tinker - Tuesday January 31, 2006

    Increasingly, personal computers—and portable playback devices that attach to them—are users’ primary means of organizing, transporting, and enjoying their music collections. Sony and its DRM vendors recognized their trend when they designed their copy protection technologies. Rather than inhibit all use with PCs, as some earlier anti-copying schemes did~cite{}, XCP and MediaMax allow certain limited uses subject to restrictions imposed by DRM software.

    XCP and MediaMax facilitate use on PCs using their own proprietary media players that are shipped on each protected CD. The schemes use active (and, with XCP, passive) protection to block other applications from accessing the CD audio, but a back door allows the scheme’s own player to bypass the protections.

    The XCP and MediaMax players launch automatically using autorun when a protected disc is inserted into a PC. Both players have similar feature sets. They provide a rudimentary player interface, allowing users to listen to protected albums, and they allow access to “bonus content,'’ such as album art, liner notes, song lyrics, and links to artist web sites. [Footnote: Curiously, this bonus content is seldom copy protected, perhaps because it is of little value.]

    XCP and MediaMax both permit users to burn copies of the entire album a limited number of times (typically 3). These copies are create using a proprietary burning application integrated into the player. They include the player applications and active (and passive, for XCP) protection as the original album, but they do not allow any subsequent generations of copying.

    Another feature of the player applications allows users to rip the tracks from the CD to their hard disks, but only in DRM-protected audio formats. Both schemes support the Windows Media Audio format by using a Microsoft product, the Windows Media Data Session Toolkit [citation[, to deliver DRM licenses that are bound to the PC where the files were ripped. The licenses allow the music to be transferred to portable devices that support Windows Media DRM scheme or burned onto CDs, but the Windows Media files will not be usable if they are copied to another PC.

    Attacks on Player DRM

    The XCP and MediaMax players were designed to enforce usage restrictions specified by content providers. In practice, they provide minimal security, because there are a number of ways that users can bypass the limitations.

    Perhaps the most interesting class of attacks targets the limited number of burned copies permitted by the players. Both players are designed to enforce this limit without communicating with any networked server; therefore, the player must keep track of how many allowed copies remain by storing state on the local machine.

    It is well known that DRM systems like this are vulnerable to rollback attacks. In a rollback attack, the state of the machine is backed up before performing the limited operation (in this case, burning the copy). When the operation is complete, the old system state is restored, and the DRM software is not able to determine that the operation has occurred. This kind of attack is easy to perform with virtual machine software like VMWare, which allows the entire state of the system to be saved or restored in a few clicks. The XCP and MediaMax both fail under this attack, which allows unlimited copies to be burned with their players.

    A refined variation of this attack targets only the specific pieces of state that the DRM system uses to remember the number of copies remaining. The XCP player uses a single file, %windir%system32$sys$filesystem$sys$parking, to record how many copies remain for every XCP album that has been used on the system. [Footnote: We did not determine how the MediaMax player stores the number of copies remaining.] This file is hidden and protected by the XCP rootkit. With the rootkit disabled, a user can back up the file, copy the album, and then restore the backup to set the remaining copy counter back to its original value.

    A more advanced attacker can go further and modify the $sys$parking file to set the counter to an arbitrary value. The file consists of a 16 byte header followed by a series of 177 byte records. For each XCP disc used on the machine, the file contains a whole-disc record and an individual record for each track. Each disc record stores the number of permitted copies remaining for the disc as a 32-bit integer beginning 100 bytes from the start of the record.

    The file is protected by primitive encryption. Each record is XORed with a repeating 256-bit pad. The pad—a single one is used for all records—is randomly chosen when XCP is first installed and stored in the system registry in the key HKLMSOFTWARE$sys$referenceClassID. Note that this key, which is hidden by the rootkit, is intentionally misnamed “ClassID'’ to confuse investigators. Instead of a ClassID it contains the 32 bytes of pad data.

    Hiding the pad actually doesn’t increase the security of the design. An attacker who knows only the format of the $sys$parking file and the current number of copies remaining can change the counter to an arbitrary value without. Say the counter indicates that there are x copies remaining and the attacker wants to set it to y copies remaining. Without decrypting the record, she can XOR the padded bytes where the counter is stored with the value (x XOR y). If the original value was padded with p, the new value is (x XOR p) XOR (x XOR y) = (y XOR p), which is just y padded with p.

    iPod Compatibility

    Ironically, Sony itself furnishes directions for carrying out another kind of attack on the player DRM.

    Conspicuously absent from the XCP and MediaMax players is support for the Apple iPod—by far the most popular portable music player with more than 80% of the market [citation]. A Sony FAQ blames Apple for this shortcoming and urges users to direct complaints to them:”Unfortunately, in order to directly and smoothly rip content into iTunes it requires the assistance of Apple. To date, Apple has not been willing to cooperate with our protection vendors to make ripping to iTunes and to the iPod a simple experience.'’ [citation]. Strictly speaking, it is untrue that Sony requires Apple’s cooperation to work with the iPod. They ship thousands of albums that work “smoothly'’ with iTunes every day: unprotected CDs. What Sony has difficulty doing is moving music to the iPod while keeping it wrapped in copy protection. This is because Apple has so far refused to license its proprietary DRM, a system called FairPlay.

    Yet so great is consumer demand for iPod compatibility that Sony gives out—to any customer who fills out a form on its web site [citation] —instructions for working around its own copy protection and transforming the music into a DRM-free format that will work with iTunes. The procedure is simple but cumbersome: users are directed to use the player software to rip the songs into Windows Media DRM files; use Windows Media Player to burn the files to a blank CD, which will be free of copy protection; and then use iTunes to rip the songs once more and transfer them to the iPod.

    XCP’s Hidden iPod Support

    A further irony came to light in the weeks following the public disclosure of the XCP rootkit when it was discovered that XCP itself apparently infringes on the copyrights to several open source software projects. In one case, Sam Hocevar found strong evidence that part of XCP’s code was copied from a program called DRMS, which he co-authored with Jon Lech Johansen and released under the terms of the GPL open source license. This was particularly curious, because the purpose of DRMS is to break Apple’s FairPlay DRM. Its presence is interesting enough to warrant a brief diversion from our discussion of player-related attacks.

    We discovered that XCP utilizes the DRMS code not to remove Apple DRM but to add it, as part of a hidden XCP feature that provides iTunes and iPod compatibility. This functionality shipped on nearly every XCP CD, but it was never enabled or made visible in the XCP user interface. Despite being inactive, the code appears to be fully functional and was compatible with the current version of iTunes when the first XCP CDs were released. [Footnote: XCP’s FairPlay-compatibility code works with iTunes up to iTunes version 4.8. iTunes 4.9, released June 28, 2005, included changes unrelated to FairPlay that cause the XCP code to fail. XCP CDs released after this date do not appear to contain an updated version of the code.] This strongly suggests that the apparently infringing DRMS code was deliberately copied by XCP’s creator, First4Internet, rather than accidentally included as part of a more general purpose media library used for other functions in the copy protection system.

    This isn’t the first time another vendor has tried to make its DRM compatible with FairPlay. FairPlay is the only DRM compatible with iPod, and Apple has declined to license it to rival music distributors, effectively locking rivals out from the iPod platform (at least as long as the rivals insist on using DRM). In 2004, RealNetworks attempted to work around Apple and reverse engineered FairPlay so that Real Player could create FairPlay files for use with the iPod [citation]. Apple responded by making vague legal threats and updating iTunes to break this compatibility. The evidence suggests that First4Internet wanted to create their own iPod compatibility system, but rather than take the time to reverse engineer FairPlay themselves, they copied critical pieces of code from DRMS in violation of the GPL license.

    Understanding how XCP uses code from DRMS requires a some background information about FairPlay. When a customer purchases a song from the iTunes Music Store, she receives a FairPlay encrypted audio file that can only be played with knowledge of a secret key assigned to her by Apple. iTunes retrieves this key from an Apple server and stores it on the hard drive in an encrypted key database (a file called SC Info.sidb). When the user plays the song again, or if she copies it to an iPod, iTunes reads her key from the database instead of reconnecting to the server.

    FairPlay’s security depends on the encrypted key database being difficult anyone but Apple to decipher, so it is protected using a proprietary encryption method and a system-dependent secret key. [Footnote: As security experts predicted, this protection was quickly broken. Today DRMS is able to defeat FairPlay because Jon Lech Johansen reverse engineered the database decryption code in iTunes.] iTunes encrypts the key database using a two step process. First it pads the plaintext database by XORing it with the output of a proprietary pseudorandom number generator (PRNG) using a system-dependent seed; then it applies AES encryption in ECB mode with a system-dependent key. As a consequence of this design, the code for the PRNG is exactly the same whether the file is being encrypted or decrypted. To decrypt, iTunes applies AES decryption, then XORs the same PRNG output again. This explains why parts of the DRMS code—in particular, a function called DoShuffle, which computes the PRNG’s output—are useful for encryption as well as their original purpose, decryption.

    The proprietary PRNG must have been especially difficult to reverse engineer. Rather than expend this effort themselves, XCP’s authors appear to have lifted the DoShuffle code verbatim from DRMS. XCP uses this code to manipulate the iTunes key database in the process of adding FairPlay protection. Starting with an unencrypted audio file, such as a track from a protected CD, XCP applies AAC compression in memory, then encrypts using the same algorithm as FairPlay. Instead of using an Apple-assigned user key, XCP creates a new random user key and, with the help of the DRMS code, adds it to the iTunes key database. This ensures that the song file can only be used on the computer where it was created.

    The XCP FairPlay compatibility code is contained in a file named ECDPlayerControl.ocx that is installed the first time an XCP CD is played. The code can be tested by jumping to a function at debugger offset 0×10010380 (apparently the start of a thread for transferring music to iTunes). This function takes one parameter, a wide character string of the form < “C:test.mp3&#8243;>. This syntax causes the function to convert an MP3 file to a FairPlay-protected AAC file. Variations can be used to specify other audio sources: WAV files, raw audio files, standard unprotected audio CDs, and XCP copy-protected CDs. Before calling the function, you must initialize a Windows CriticalSection object and set the ECX register to the object’s address minus 0×6C.

    The parent function calls a subroutine (offset 0×10027D20) that converts an audio file into a FairPlay-protected AAC file. A second subroutine (offset 0×1008A470) reads the iTunes key database, decrypts it, and, if necessary, adds the XCP user key to the database and re-saves it in encrypted form. The iTunes database encryption function

    (0×1008A0C0) and decryption function (0×1008A300) both made use of the DoShuffle routine (0×10089E00) taken from DRMS.

    MediaMax Player Security Risks

    Besides suffering from several kinds of attacks that expose the music content to copying, the MediaMax player make the user’s system more vulnerable to attack. When a MediaMax CD is inserted into a computer, Windows autorun launched an installer from the disc. Even before the installer displays a license agreement, it copies almost 12 megabytes of files and data related to the MediaMax player to the hard disk and stores them in a folder named

    %programfiles%Common FilesSunnComm Shared. Jesse Burns and Alex Stamos of iSec partners first discovered that the MediaMax installer sets insecure permissions on this directory and the files and programs it contains [citation]. The installer grants “Everyone'’ (all users) the “Full Control'’ privilege. Normally, application files shared by all users on a Windows system can only be modified by members of the “Administrators'’ and “Power Users'’ groups.

    As Burns and Stamos realized, this misconfiguration could lead to a dangerous privilege escalation attack. The incorrect permissions allow a non-privileged user to replace the executable code in the MediaMax player files. A user might plant malicious code deliberately in order to attack the system, or accidentally as the result of an email virus. The next time a user plays a MediaMax-protected CD, the attack code will be executed with that user’s security privileges. The MediaMax player requires Power User or Administrator privileges to run, so it’s likely that the attacker’s code will run with almost complete control of the system.

    Normally, this problem could be fixed by manually correcting the errant permissions. However, MediaMax aggressively updates the installed player code each time the software on a protected disc autoruns or is launched manually. As part of this update, the permissions on the installation directory are reset to the insecure state.

    We discovered a variation of the attack suggested by Burns and Stamos that allows the attack code to be installed and triggered even more easily—simply by inserting MediaMax CDs without ever consenting to the software’s installation. In the original attack, the user needed to accept the MediaMax license agreement before attack code could be inserted or executed, because the code was placed in a file called MMX.EXE that was not copied to the system until after the agreement was accepted. In our version, the attacker modifies a different file, MediaMax.dll, which MediaMax installs even before displaying a license agreement, and places attack code in the file’s DllMain() procedure. The next time a MediaMax CD is inserted, the installer autoruns and immediately attempts to check the version of the installed MediaMax.dll file. The installer calls the Windows LoadLibrary function on the DLL file, which causes the file’s DllMain() procedure to execute, together with any attack code inserted there.

    This problem was exacerbated because part of the MediaMax software are installed automatically and without consent. Users who declined the license agreement would likely assume that MediaMax was not installed, and so most were unaware that they were vulnerable. The same installer code performs the dangerous version check as soon as the CD is inserted. A CD that prompted the user to accept a license before installing would give the user a chance to head off the attack.

    Fixing the problem permanently without losing the use of protected discs requires applying a patch from MediaMax. Unfortunately, we discovered, the initial patch released by Sony in response to the iSec report was capable of triggering precisely the kind of attack it attempted to forestall. In the process of updating MediaMax, the patch checks the version of MediaMax.dll just like the MediaMax installer does. If this file has already been booby trapped by an attacker, the process of applying the security patch could execute the attack code. Prior versions of the MediaMax uninstaller had the same vulnerability, though both the uninstaller and the patch have since been replaced with versions that do not suffer from this problem.

    (Tuesday 31st January 2006)
    http://p2pnet.net/story/7777
     
  15. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Sony PSP Unlimited

    p2p news / p2pnet: PSP owners can now load any software they want, even if Sony doesn't like it.

    "Under Sony's system, only approved software will run on the PSP," says Boing Boing.. "Almost since the day it was first released, this feature has been compromised on PSPs, as PSP owners have reverse-engineered the lockware and produced work-arounds. Sony has responded with a series of 'updates' that downgrade PSPs to prevent their customers from continuing to run their favorite programs."

    The latest is version 2.60 of the PSP firmware, "but as of today, there is a cracked version of this firmware available," Boing Boing states. "Now all PSP owners regardless of their firmware versions can load their own software."

    Its link points to PSPUpdates where Jake declares:

    "That’s right, the day we’ve all been waiting for has finally arrived! Thanks to the fantastic work by our forum moderator Fanjita and his coding companion Ditlew, it is now possible to play vast amounts of homebrew programs and emulators on every PSP in the world, including those with 2.60 Firmware! Thanks to their monumental achievement, every PSP in the world is capable of playing homebrew!

    "We here at PSPUpdates and QJ.net are proud to be the first to bring you an exclusive release of eLoader BETA for GTA which now works on 2.01, 2.50, and 2.60 Firmware! With this ground breaking program, you are able to load the many of the existing homebrew games, applications, and emulators that are already available for earlier versions of PSP firmware."

    There's a complete list of working/not working homebrew on fanjita.org but, "just to get you started, here are a few popular homebrew programs that are known to work so you can get started experiencing the full potential of PSP homebrew," says Jake, listing Super Nintendo Emulator, Sega Genesis Emulator, Atari Lynx Emulator, Vortex, Throttle-X, Squarez, Spider Solitaire, PSPRhythm and FileAssistant.

    Also See:
    Boing Boing - PSP lockout broken: Any PSP can run any software again, January 30, 2006
    PSPUpdates - Homebrew Games and Emulation for ALL PSP's!, January 30, 2005

    (Tuesday 31st January 2006)
    http://p2pnet.net/story/7775
     
  16. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Soundclick logs 200K mp3s

    p2p news / p2pnet: New music is what it's all about and, what it's always been about. Without it, no Golden Oldies.

    The Big Four record labels spend millions to make sure you only see their mass-produced, over-priced cookie-cutter 'product,' and only theirs.

    And that's the way the Big Four – Sony BMG, Vivendi Universal, Warner Music and EMI - are trying to keep it by suing their customers into being good little consumers.

    But the Net and p2p changed that and now anyone, anywhere, can showcase his or her music online and to drive the point firmly home, the Soundclick music community passed the 200,000 mark for Creative Commons-licensed mp3s over the weekend.

    And that's a whole lot of music, as Mike Linksvayer posts on the CC site, going on:

    "Soundclick doesn't offer CC-specific search or feeds, which rather points out an opportunity for aggregators.

    "Forunately Google and Yahoo! have both indexed the Soundclick site rather well. Click on one of the previous links or type site:soundclick.com into the search form on the CC find page, which allows you to search Soundclick using Google or Yahoo!'s CC-enabled search.

    "That's a whole lot of music."

    Tune in.

    (Tuesday 31st January 2006)
    http://p2pnet.net/story/7776
     
  17. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    DVDFab Decrypter 2.9.7.0

    DVDFab is simply the easiest way to copy a DVD movie. Just insert the movie and a blank DVD then press Start.

    Your entire movie - including special features, trailers and menus - is copied to a single DVD with just one click and it all happens automatically.

    DVDFab Decrypter is a simple version of DVDFab Express. It copies entire DVD movie to hard disk, and removes all the protections (CSS, RC, RCE, Macrovision, UOPs and Sony ARccOS) while copying.

    http://www.dvdidle.net/download/DVDFabDecrypter29.exe
     
    Last edited: Jan 31, 2006
  18. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    Is your game's copy protection system frying your machine?

    1/31/2006 1:13:33 PM, by Nate Anderson

    Stop me if you've heard this one before: you bring a CD home from the store, pop it into your computer, and it installs a hidden CD/DVD device driver on your PC that tries to prevent you from making copies of the product. No, we're not talking about Sony's rootkit debacle—this time it's copy protection for computer games.

    Starforce, makers of the security software (which also prevents emulators and debuggers from running while the game is launched), offers no apologies for their program or the way it works. In fact, they have gone on the offensive, threatening critics with lawsuits. Cory Doctorow, who recently posted a story about the Starforce software, promptly received an e-mail from Dennis Zhidkov, a public relations manager at StarForce Inc. Mr. Zhidhov, who seems to be a prickly sort of fellow (see the message he left on a CNet forum), had this to say:

    "Dear Sir, calling StarForce 'Anti-copying malware' is a good enough cause to press charges and that is what our corporate lawyer is busy doing right now. I urge you to remove your post from http://www.boingboing.net/2006/01/30/anticopying_malware_.html because it is full of insults, lies, false accusations and rumors. Your article violates approximately 11 international laws. Our USlawyer will contact you shortly. I have also contacted the FBI , because what you are doing is harassment."

    The e-mail raises the intriguing question of how one can violate "approximately" eleven international laws, as well as the related question of what international "laws" are being referenced. Mr. Zhidkov's e-mail aside, though, Starforce has built up a vocal opposition over the years. One web site has even launched a campaign to boycott games that use the system. People are upset because they believe the software installs without their knowledge (Starforce insists that it is mentioned in the game's EULA), then runs as a device driver that they claim can reduce performance.

    "For example, here's one of the common problems brought by Starforce: under Windows XP, if packets are lost during the reading or writing of a disk, XP interprets this as an error and steps the IDE speed down. Eventually it will revert to 16bit compatibility mode rendering a CD/DVD writer virtually unusable. In some circumstances certain drives cannot cope with this mode and it results in physical hardware failure (Most commonly in multiformat CD/DVD writer drives). A sure sign of this step down occurring is that the burn speeds will get slower and slower (no matter what speed you select to burn at). Starforce, on a regular basis, triggers this silent step down. Until it reaches the latter stages most people do not even realise it is happening.

    Moreover, the Starforce drivers, installed on your system, grant ring 0 (system level) privileges to any code under the ring 3 (user level) privileges. Thus, any virus or trojan can get OS privileges and totally control your system."

    But is this true? Ubisoft, one of the largest developers that use Starforce, looked into the issue a few months ago in response to a user outcry. They found that only 0.3% of their testers experienced any problems, and most of the problems experienced had to do with typing a code incorrectly. And a few days ago, Starforce posted a press release claiming that Mark Russinovich (of Sony rootkit fame) had personally vetted their software and found it free of "root-kits or malwares."

    People seem upset more about the fact that they do not know Starforce is being installed, that it installs itself as a hidden device driver, and that it is not always uninstalled correctly than that it actually contains a "rootkit." It also seems clear that the reaction of Starforce PR has not helped matters. (After all, copy protection measures have been in place in video games for ages and don't usually inspire this sort of reaction.) In addition to threats of lawsuits, Mr. Zhidkov has also posted statements like the following one that appeared on the company's website.

    "According to our research those of users [sic] that do run into compatibility problems are beginner-level-hackers that try to go around our protection system."

    He's not exactly extending an olive branch to angry gamers who feel that the privacy of their machines is being violated, and the confrontational attitude is certainly doing the company no favors with those who end up using its product. Whether or not the product actually poses a threat your machine is not clear, and we at Ars take no position on it (so don't, um, sue us under approximately eleven international laws, Mr. Zhidkov), but if you'd like to see if any of your games use Starforce, take a gander at the complete list.

    Note: To check if your computer has the Starforce driver installed, open the Device Manager, select "View-->Show Hidden Devices," then look under "Non Plug-and-play Drivers."
    http://arstechnica.com/news.ars/post/20060131-6084.html
     
  19. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,451
    Likes Received:
    15
    Trophy Points:
    68
    COPY AND PASTE THE FTP'S IN YE BROWSER TO DOWNLOAD

    Nero Burning Rom 6.6.1.4
    per baldbear



    Release date: January 31st, 2006

    Nero Burning Rom - With tools for mastering CDs and writing to erasable RWs, you get a capable WAV editor, an MPEG-1 video encoder, a CD cover designer, and a virus scanner. Nero Burning ROM is a strong choice, whether you're an advanced user or just getting started with CD burning.

    Nero 6 - The Ultimate solution for Data, Video, Photo, Audio and BackUp!


    With Nero 6, Ahead Software presents the follow-up to the famous burning solution Nero Burning ROM 5.5. And what a follow-up!


    Nero 6 is now the name for a whole suite of applications wrapped around the ultimate project launcher Nero StartSmart.


    Nero 6 is your All-in-One solution! With all the powerful and fun applications now included in Nero 6, all of your CD and DVD burning tasks can be managed in a breeze. Burning DVD-Video, Photo, Data, Audio or BackUp – just sit back and see Nero 6 handle it all with ease.


    But this is only one part of the new All-in-One solution. Nero Burning Rom 6 also includes applications edit audio, mix multiple audio tracks like recording studio professionals, watch VCD, SVCD and DVD movies, listen to music, design covers, optimize your drive´s performance and lots, lots more!

    ftp://ftp.us.nero.com/Nero-6.6.1.4_no_yt.exe


    NeroVision Express v3.1.0.25

    Release date: January 31st, 2006

    DVD is now the fastest growing consumer format ever and its hardly surprising.
    Premium quality video, surround sound audio, instant picture control, all in a format that is set to last a lifetime, DVD has surely arrived.
    NeroVision Express guides you through the whole process of creating DVDs, VCDs and SVCDs in an easy and innovative way.

    So imagine being able to take all your home movies or video recordings, and transfer them to DVD or CD in a few easy steps.
    Or what about the real time video capture from your digital camcorder in preparation for that ultimate movie creation?
    Well its all possible from NeroVision Express, the new video-authoring application from the creators of Nero, the Worlds most advanced CD/DVD Recording software.
    NeroVision Express can be used by both advanced users or beginners.

    Key features :


    · Capture your favourite videos to your PC
    · Your video files will be automatically converted during the burn process using Nero's 'state-of-the-art' original MPEG-1, MPEG-2/SVCD, and MPEG-2/DVD encoder plug-in
    · Trim your videos in a fast and flexible way
    · Create chapters using automatic scene detection and/or set chapter marks manually
    · Create and customize menus using pre-defined layout templates and button frames. Add your own background pictures and text design
    · Main menus and sub menus can be designed independently
    · Use the preview mode and the handy remote control to check your video project
    · Burn your captured videos and/or video files on DVDs, Video CDs or Super Video CDs using the same powerful burning engine that has made Nero a household name
    · Wrap your discs in the coolest looking labels and covers with the included Nero Cover Designer
    · By using the same friendly interface that powers Nero Express, burning video to disc will be extremely easy for the novice, and comfortable for the professional

    ftp://ftp2.de.nero.com/software/NeroVisionExpress/NVE-3.1.0.25_no_yt.exe
     
    Last edited: Jan 31, 2006
  20. Starrift

    Starrift Regular member

    Joined:
    Dec 21, 2005
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    26
    Hmmm... i was just looking through all the old threads and noticed that almost 85% of the peeps in those threads are inactive. that must meen it takes some paitences, a good atitude and the drive to actualy be here and be help full. wow thanks to all u mods out there that didnt decide to screw them selfs over like dogy_bot or that other guy Blies or wat ever his name was. ^_^ some day i will join the ranks of the mods... some day *stares off into space /w a twinkle in his eyes*

    *edited for SP*
     
    Last edited: Jan 31, 2006

Share This Page