VERY,VERY HOT READS, I Would Read The News In This Thread This Thead Is To post Any Thing Ye Want About The News,,NEWS WAS MOVED,READ MY FIRST POS...

HBO: stamping out piracy

p2p news / p2pnet: "Copy protection is not about stamping out piracy. Sure, it will cut down on piracy - at least the casual file-trading that goes on. But at its heart, its about finding new ways to monetize the content. And by 'monetize the content,' I mean charge you multiple times for the same thing'."

For copy protection read DRM (Digital Restrictions Management) and the quote comes at the end of Eric Bangeman's Ars Technica post on the fact HBO argues its programming, and all "Subscription Video On Demand" services, should fall into the category of "Copy Never."

"In a broadcast-flagged world, that translate into consumers not being able to record content broadcast by HBO. No TiVo, no VCR, no video capturing on your PC, no nada," says Bangeman, going on:

Earlier, although the FCC's attempt to enforce the broadcast flag failed, "the networks are moving full steam ahead on getting the flag written into law one way or another," he says, mentioning the infamous analog hole, "and there have been a number of Congressional hearings on piracy and copyright. No matter what the venue, the mantra of the media industry has been the same: restrictions on what consumers can do with their broadcasts are absolutely necessary in order to stop piracy and keep the networks in business."

Meanwhile, the proposed restrictions on recording HBO's programming are, "a clear and simple money grab," adds the Ars Technica item.

"Love watching Deadwood, but missed the premiere of the new episode on Sunday night? Well, you may not be able record it, but HBO will be happy to deliver an on-demand viewing to you for an extra couple of bucks."

Also See:
Ars Technica - HBO wants its programming to be off-limits for DVRs, February 9, 2006

(Friday 10th February 2006)
http://p2pnet.net/story/7882

 

Resident Evil 4' nabs game-of-year award
..This game rocks ....

Capcom's "Resident Evil 4" picked up awards for video game of the year and best action video game at Ziff Davis Media Game Group's annual 1UP Awards in San Francisco on Wednesday.

Full story ZDNet


'Resident Evil 4' nabs game-of-year award
Capcom's "Resident Evil 4" picked up awards for video game of the year and best action video game at Ziff Davis Media Game Group's annual 1UP Awards in San Francisco on Wednesday.
The awards, hosted at the epicenter of the $10 billion video game industry, honored game publishers and developers who have made a powerful impact on American culture and the entertainment industry. During the ceremony, nominees' in-game footage and the 1UP Show podcast were projected on movie screens above the crowd.

A list of winners follows.

* • Game of the year: "Resident Evil 4" (Capcom)

* • Best action game: "Resident Evil 4" (Capcom)

* • Best adventure game: "Shadow of the Colossus" (Sony Computer Entertainment)

* • Best fighting/wrestling game: "Soul Calibur III" (Namco)

* • Best "massively multiplayer" game: "Guild Wars" (NCsoft)

* • Best online/multiplayer game: "Battlefield 2" (Electronic Arts)

* • Best puzzle game: "Lumines" (Ubisoft)

* • Best racing game: "Mario Kart DS" (Nintendo)

* • Best role-playing game: "Dragon Quest VIII: Journey of the Cursed King" (Square Enix)

* • Best shooter game: "Call of Duty 2" (Activision)

* • Best sports/extreme sports game: "Madden NFL 06" (Electronic Arts)

* • Best strategy/simulation game: "Civilization IV" (2K Games)

* • Most innovative game: "Nintendogs" (Nintendo)
http://news.zdnet.com/2100-1040_22-6037538.html

 

Spyware Barely Touches Firefox

In side-by-side tests of Microsoft Internet Explorer and Firefox, IE proved to be far more vulnerable to spyware infections. Most of the exploits that leveraged IE vulnerabilities to plant spyware were based on ActiveX and JavaScript.

By Gregg Keizer
TechWeb News

Feb 9, 2006 02:15 PM

Internet Explorer users can be as much as 21 times more likely to end up with a spyware-infected PC than people who go online with Mozilla's Firefox browser, academic researchers from Microsoft's backyard said in a recently published paper.

"We can't say whether Firefox is a safer browser or not," said Henry Levy, one of the two University of Washington professors who, along with a pair of graduate students, created Web crawlers to scour the Internet for spyware in several 2005 forays. "But we can say that users will have a safer experience [surfing] with Firefox."

In May and October, Levy and colleague Steven Gribble sent their crawlers to 45,000 Web sites, cataloged the executable files found, and tested malicious sites' effectiveness by exposing unpatched versions of Internet Explorer and Firefox to "drive-by downloads." That's the term for the hacker practice of using browser vulnerabilities to install software, sometimes surreptitiously, sometimes not.

"We can't say IE is any less safe," explained Levy, "because we choose to use an unpatched version [of each browser.] We were trying to understand the number of [spyware] threats, so if we used unpatched browsers then we would see more threats."

Levy and Gribble, along with graduate students Alexander Moshchuk and Tanya Bragin, set up IE in two configurations -- one where it behaved as if the user had given permission for all downloads, the other as if the user refused all download permission -- to track the number of successful spyware installations.

During Levy's and Gribble's most recent crawl of October 2005, 1.6 percent of the domains infected the first IE configuration, the one mimicking a naïve user blithely clicking 'Yes;' about a third as many domains (0.6 percent) did drive-by downloads by planting spyware even when the user rejected the installations.

"These numbers may not sound like much," said Gribble, "but consider the number of domains on the Web."

"You definitely want to have all the patches [installed] for Internet Explorer," added Levy.

In the same kind of configurations, Firefox survived relatively unscathed. Only .09 percent of domains infected the Mozilla Corp. browser when it was set, like IE, to act as if the user clicked through security dialogs; no domain managed to infect the Firefox-equipped PC in a drive-by download attack.

Spyware Barely Touches Firefox



(Page 2 of 2) Feb 9, 2006 02:15 PM

Compare those figures, and it seems that IE users who haven't patched their browser are 21 times more likely to have a spyware attack executed -- if not necessarily succeed -- against their machine.

Most of the exploits that leveraged IE vulnerabilities to plant spyware were based on ActiveX and JavaScript, said Gribble. Those two technologies have taken the blame for many of IE problems. In fact, Firefox boosters often point to their browser's lack of support for ActiveX as a big reason why its security claims are legit.

Levy and Gribble didn't set out to verify that, but they did note that the few successful spyware attacks on Firefox were made by Java applets; all, however, required the user's consent to succeed.

Microsoft's made a point to stress that Internet Explorer 7, which just went into open beta for Windows XP, tightens up ActiveX controls by disabling nearly all those already installed. IE 7 then alerts the user and requires consent before it will run an in-place control.

Good thing, because one of the research's most startling conclusions was the number of spyware-infected sites. One out of every 20 executable files on Web sites is spyware, and 1 in 25 domains contain at least one piece of spyware waiting for victims.

"If these numbers are even close to representative for Web sites frequented by users," the paper concluded, "it is not surprising that spyware continues to be of major concern."

The moral, said Levy, is: "If you browse, you're eventually going to get hit with a spyware attack."
http://www.informationweek.com/news/showArticle.jhtml?articleID=179102695

 

Microsoft Patch Day: Critical WMP, Windows Fixes on Tap
..Oh a patching we will go a patching we will go...

On Feb. 14, the Redmond, Wash.-based software plans to release seven security bulletins with patches for multiple software vulnerabilities, at least two of which will be rated critical, the company's highest severity rating.

Full story EWeek


Microsoft Patch Day: Critical WMP, Windows Fixes on Tap
By Ryan Naraine
February 9, 2006

Be the first to comment on this article


Microsoft's security response center won't be playing Cupid this Valentine's Day.
ADVERTISEMENT

On Feb. 14, the Redmond, Wash.-based software plans to release seven security bulletins with patches for multiple software vulnerabilities, at least two of which will be rated critical, the company's highest severity rating.

One of the critical bulletins will address remote exploitable code execution issues in WMP (Windows Media Player), one of Microsoft's most widely deployed products.

Four of the seven bulletins apply to fixes for the Windows operating system, and at least one of those will carry the "critical" rating, Microsoft announced in its advance notice mechanism.

As is customary, the MSRC isn't providing any details until next Tuesday, when the bulletins are posted.

Enterprise IT administrators are also urged to start planning for patch deployment around the Microsoft Office productivity suite.

Two bulletins will address vulnerabilities in the desktop productivity suite that includes the ubiquitous Word, Excel, Outlook and PowerPoint programs.

PointerClick here to read more about Microsoft's confirmation of a new IE/WMF vulnerability.

The maximum severity rating on the Microsoft Office flaws is "important," which applies to a vulnerability that can be exploited to compromise the confidentiality, integrity or availability of data. It also applies to flaws that can lead to denial-of-service conditions.

eWEEK Special Report: Securing Windows

According to a long list of unpatched flaws maintained by eEye Digital Security, there are five overdue issues that have not yet been addressed by Microsoft.

They include a high-risk code execution hole in default installations of Internet Explorer and Outlook that was reported to Microsoft about 250 days ago.

PointerFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internet's Security IT Hub.

Microsoft typically includes IE patches under the Windows umbrella, so it's likely that a cumulative browser patch will be coming in the February batch of updates.

Another eEye-discovered code execution hole affecting Windows 2000, Windows XP and Windows 2003 users is also more than 167 days overdue.

On Feb. 14, Microsoft will ship an update to its malicious software removal tool to add detections for new worms and viruses detected over the last month.

Updated signatures to catch infections from the recent Kama Sutra (Blackworm) attack will be included, the company said.
http://www.eweek.com/article2/0,1759,1924572,00.asp?kc=EWRSS03119TX1K0000594

 

i been playing with this new update with clonecd..not a bad program
note its not on there site yet

SlySoft CloneCD v5.2.7.1 Multilingual

CloneCD is the perfect tool to make backup copies of your music and data CDs, regardless of copy protection. CloneCD's award-winning user interface allows you to copy almost any CD in just a few mouse clicks.

Since the release of 5.0, CloneCD is not only able to copy CDs but also all DVD formats, such as DVD-R, DVD-RW, DVD+R, DVD+RW, DVD+R Dual Layer and DVD-RAM. The movies are copied 1:1 and therefore not modified (compressed). Note that to copy movie DVDs you also require AnyDVD.


CloneCD also works with other formats such as ISO and UDF files and copies CDs/DVDs with the new SafeDisc 3 Copy Protection System. CloneCD allows you to create perfect 1:1 copies of your valuable original compact discs. Should your copy-protected music CD not play in your car audio, the backup created by CloneCD will.


Slysoft combine knowledge and innovation with many years of experience and direct communication with customers to provide constant improvements, therefore making CloneCD the highest quality copying application around.

 

Blind student sues Target

p2p news / p2pnet: Blind people surf on keyboards linked to screen-reading applications which turn text into speech.

But Bruce Sexton jr, 24, a blind UC Berkeley student, says Target Corp doesn't have this facility on its web site. Accordingly, he's filed a class-action lawsuit against the company, saying it's committing civil rights violations.

Target's site doesn't include "alt-text" code embedded under a graphic to allow a screen reader to provide a description of the image to a blind person, the suit said, states the San Francisco Chronicle.

The class-action claims target.com denies blind Californians equal access to goods and services available to people who can see and alleges violations of the Americans with Disabilities Act and various state statutes, says the story, going on:

"Target thus excludes the blind from full and equal participation in the growing Internet economy that is increasingly a fundamental part of daily life," said the suit.

"What I hope is that Target and other online merchants will realize how important it is to reach 1.3 million people in this nation and the growing baby-boomer population who will also be losing vision," Sexton, a third-year student, is quoted as saying.

"Target.com also has inaccessible image maps, the suit said," continues the San Francisco Chronicle, adding, "since Target's site requires the use of a mouse to complete the transaction, it prevents blind people from making purchases online, the suit said."

Blind people have, "complained about (Target's Web site) in particular," Disability Rights Advocates of Berkeley lawyer Mazen Basrawi statesm says the story. "That one's gotten a lot of complaints, especially because it's completely unusable. A blind person cannot make a purchase independently on target.com."

Also See:
San Francisco Chronicle - Blind Cal student sues Target , February 8, 2006

(Friday 10th February 2006)

 

Reverse engineering: DVD Jon,

p2p news / p2pnet: DVD Jon Lech Johansen, who enjoys a little reverse engineering now and then, wonders if anyone else would like to try it out as well.

On his So Sue Me blog Johansen, renowned for his role in the creation of the DeCSS software which unscrambles the content-scrambling system used for DVD licensing enforcement, says, "Here’s how I got started out in the 90s:

Learned x86 assembly by reading Programming the 8086 8088 (I still have my copy. If you are filthy rich and would like to buy it, please do get in touch).

Scoured the net for articles and tutorials on reverse engineering. Fravia’s site was a goldmine.

Lurked in a x86 assembly IRC channel and picked up tips from wise wizards.

So what would you need by way of gear? A hex editor, a disassembler and a kernel mode debugger, he says.

He adds, "You can get by with only free tools, but for serious reversing you will need to spend around 4000 USD on commercial tools.

"Godspeed aspiring reverser!"

(Friday 10th February 2006)
http://p2pnet.net/story/7891

 

MPAA threatens more lawsuits

p2p news / p2pnet: "People all over are gearing up to celebrate some of filmmaking's finest as they are considered for Academy Awards," says MPAA boss Dan 'Jedi' Glickman.

But alas, "The rampant online theft of Oscar-nominated films is a glaring example of the damage piracy can do and in particular to some of the smaller films that depend on revenues to recoup their investments," he says in one of his better non sequiturs.

"If people want to continue to see quality movies that are worthy of taking home Oscar, they must respect copyrights and the hard work of those individuals who make the movies," he says.

The film industry is presently suffering from a notable lack of enthusiasm on the part of its customers, something Glickman, et all, blame on counterfeiters and file sharers, lumped together as pirates, rather than the appallingly bad movies Hollywood pumps out in endless streams.

Not that there isn't method to its madness. As p2pnet's Alex H points out, German taxpayers are significant contributors to Hollywood's bottom line, thanks to largely to the garbage the studios are churning out.

Meanwhile, Glickman's statements came in an announcement that the MPAA is getting ready to launch an indefinite number of lawsuits against an unknown number of unnamed people for supposedly sharing movies on the p2p networks.

Will the next batch of MPAA (Motion Picture Association of America) victims include some of the Hollywood insiders who are increasingly seen to responsible for much of the 'product' that ends up online?

Also See:
significant contributors - Hollywood's Golden Goose, February 9, 2006
Hollywood insiders - Star Wars 'Sith' p2p uploader, January 26, 2006

(Friday 10th February 2006)
http://p2pnet.net/story/7892

 

MPAA: DRM "helps honest users"

2/10/2006 11:03:28 AM, by Ken "Caesar" Fisher

The justifications for Digital Rights Management are many, but they usually involve some flavor of anti-piracy rhetoric. Consumers have accepted DRM into their lives, by and large, but there is a growing awareness that not all DRM is created equal. Rather, consumers appear to gravitate towards DRM solutions that aren't complex or messy; one has only to look at iTunes to see a successful enterprise built atop DRM. In my own experience, I've found that most of Apple's customers view Apple's FairPlay DRM favorably, largely because it doesn't create inconveniences, and it is moderately permissive. But no one goes to the iTunes Music Store because of the DRM. No, the more accurate way to look at it is to say that people go there in spite of it.

The MPAA, however, has a very different spin on DRM. In their view, DRM is your friend, and life without DRM could be messy and complex. So says Dan Glickman, of the Motion Picture Association of America:

"Content owners use DRMs because it provides casual, honest users with guidelines for using and consuming content based on the usage rights that were acquired. Without the use of DRMs, honest consumers would have no guidelines and might eventually come to totally disregard copyright and therefore become a pirate, resulting in great harm to content creators," he said.

Without DRM, you might become a pirate. Welcome to this Brave, New World, friends. The MPAA is here to save us from ourselves.

This cleverly veiled justification comes in response to a question from the BBC about the efficacy of DRM: is DRM useless if movies end up on P2P networks regardless? Glickman's response was slick, and it needed to be. DRM doesn't stop piracy, but the MPAA loves it. Why? It makes them lots and lots of money.

Want to make a back-up of that SpongeBob movie before the kids destroy it? Too bad: the helpful MPAA didn't want you to do that anyway. You could buy another one, though. Want to transfer your DVD to a mobile DVD? Too bad! Perhaps you could buy the UMD though? The helpful MPAA is too worried that you might slip, trip, fall, and accidentally become a pirate while exercising your fair use rights. Fortunately, you can buy your way to safety.
It's all about the Benjamins

Mr. Glickman, I have a question for you (and I know one of your underlings will read this): if DRM is about helping honest users, then why does your DRM make fair use impossible? Why does your DRM make it impossible to backup movies that I have bought? Why is it impossible to legally put DVDs that I've purchased onto my iPod? Why is it impossible for me to extract clips from your movies for educational purposes? These are all things I have a legal right to do, but can't, because of the DMCA: a law that your organization cheerleads for.
Perhaps I don't need an answer from Mr. Glickman. He also told the BBC that DRM aims to "support an orderly market for facilitating efficient economic transactions between content producers and content consumers."

Hold up now. Which is it? I don't remember Jack Valenti and friends saying anything about new economic transactions, really. I do remember plenty of talk about terrorists and drug dealers thriving off of piracy, however, and I remember those kinds of hyperbolic arguments being used to justify draconian laws. Is this the kinder, gentler side of the MPAA? Who knows, but it is surprising to see Glickman essentially admit what's going on: DRM is about economic transactions, that's for sure. But the notion of "facilitating economic transactions" would be better expressed as "legislatively creating a market" for those economic transactions, because that is what DRM is all about. First you make it illegal to circumvent DRM (hello, DMCA), then you put DRM on everything. It's the double-dip, the "pay for this a few times" approach to business. That's why we can't make backups, and that's why they absolutely hate the idea of taking DVD content and putting it on a mobile. You should pay for that. And that. And that there, too.

Indeed, one only has to look at the concept of "customary historic use" to see the dismantling of fair use spurred in large part by the MPAA. Or consider the Digital Transition Content Security Act of 2005. This legislation wants to see something you have been able to do for more than 20 years (namely, record TV) reduced to another method of "facilitating economic transactions" by stripping you of that historical right. Hollywood never got over Betamax and VHS being legal, and DRM is their plan for an 11th hour victory.

DRM's purpose is to help honest people stay honest? What a joke.
http://arstechnica.com/news.ars/post/20060210-6153.html

 

Antitrust complaints surface over Vista setup screens

2/10/2006 12:49:32 PM, by Ken "Caesar" Fisher

The US Department of Justice has received complaints about the nature of a forthcoming feature of Windows Vista. It's not Internet Explorer, it's not Windows Media Player, it's not even Windows OneCare. No, this brewing debacle concerns the way in which Windows Vista boots on new machines. According to the Antitrust division of the DoJ,

"Plaintiffs have received a complaint regarding the ability of OEM's to customize the first-boot experience in Vista, and in particular concerning the Welcome Center, a new interface that presents the user with various setup options and commercial offers (presented by Microsoft and OEMs) at the end of the initial out-of-the-box experience. Plaintiffs are also talking with several industry members who have expressed additional concerns regarding aspects of Windows Vista."

The identity of the complainant is not known, although the nature of the concern suggests the context of a major OEM such as HP or Dell. Indeed, before the DoJ report was published, Wall Street Journal reported that HP had been fighting with Microsoft over the issue, which leaves them as the most likely culprit in filing an official complaint. Contrary to reports elsewhere, the DoJ has said that they have received only one complaint, not several. In any case, others are likely to sound the alarm, too, because the setup process is something that the OEMs like to monetize (along with your desktop, which they cheerfully pack with endless amounts of crap you have no interest in). Now that the topic has been breached, it will be interesting to see who wishes to protest the issue.

OEMs would like to see a first-time setup process that allows them to customize screens in order to promote brand image and sell additional products such as anti-virus subscriptions, support contracts, and more. Microsoft is expected to use the setup process to promote services such as Windows OneCare.

The complaints are processed by the DoJ as part of its monitoring of the antitrust settlement reached with Microsoft. At the moment, the DoJ reports that they have not yet reached a judgment regarding the validity of these concerns, but they will continue to monitor and assess the situation.
Oh, to envy Apple

Microsoft must envy Apple on days like this. Divorced from the hardware manufacturing part of the equation, Microsoft has been long entwined in battles with OEMs over what gets top billing, and what doesn't. The never-ending tug-of-war between OEMs and Microsoft has led to what can only be called a quagmire on the newly unpacked OEM desktop: applications, services, services for applications, applications to manage your services, all sprawled out all over the place. Oh boy, and dial-up Internet offers! In my past life as a IT type, I found that it took more time to undo the damage done to a new PC by OEMs than it took to set it up. Thank the Giant Head for ghosting system images!

Of course, the OEMs' penchant for loading up a machine with garbage didn't land them on the losing end of the DoJ's tortoise style kung-fu, either. Microsoft's own issues with regards to OEMs and software configurations are well known, as the company was nailed for using its leverage to push out competitors. For now, the company will have to watch on with worry, as the likes of Dell sign pacts with Google to distribute their wares. Yet the evil monopolist in me is pulling for Microsoft in this dispute, if only because system setup is not the time to try and milk people for more money. (And let's face it: when you buy a PC from a major OEM, the "check out" process us already inundated with commercial offerings to begin with. Give it a rest, people.)
http://arstechnica.com/news.ars/post/20060210-6156.html

 

Can Big Brother now read your e-mail without a warrant?

2/10/2006 12:37:05 PM, by Nate Anderson

Can the US government now legally monitor your e-mail "without any evidence of criminal behavior"? That's the report coming from CNet's Declan McCullagh, who claims that a decision made by US District Judge Thomas Hogan last week authorized just such measures. The story prompted one Slashdot reader to comment, "we are losing our liberties faster than we can blink." But is it really that bad? The government is in fact involved in many worrying cases regarding surveillance ("Hello? NSA? Yes, this is the Lost and Found. We discovered your conscience on the back shelf of the janitor's closet and wondered if you'd like it back?"), but a closer look at this particular ruling suggests that it's not the dangerous precedent some folks are making it out to be.

Judge Hogan, who has degrees in classics and in literature, gave an Imperial thumbs up to a Justice Department request to monitor header information (not including subject line information or the content) in all e-mails sent by an unnamed person as part of a grand jury investigation.

He reviewed the portion of federal law dealing with "pen register" and "trap and trace" devices--terms originating in the world of telephone wiretapping--and concluded it "unambiguously" authorizes the e-mail surveillance request.

Why would the judge say this? Let's go to the law. The section of the US Code dealing with such matters gives us a pretty thorough definition of the terms "pen register" and "trap and trace," both of which are old terms used to described technology designed to intercept and record telephone numbers, though not record the contents of the call.

(3) the term "pen register" means a device or process which records or decodes dialing, routing, addressing, or signaling information transmitted by an instrument or facility from which a wire or electronic communication is transmitted, provided, however, that such information shall not include the contents of any communication, but such term does not include any device or process used by a provider or customer of a wire or electronic communication service for billing, or recording as an incident to billing, for communications services provided by such provider or any device or process used by a provider or customer of a wire communication service for cost accounting or other like purposes in the ordinary course of its business;

(4) the term "trap and trace device" means a device or process which captures the incoming electronic or other impulses which identify the originating number or other dialing, routing, addressing, and signaling information reasonably likely to identify the source of a wire or electronic communication, provided, however, that such information shall not include the contents of any communication;

The law also goes on to define the standard that ought to be used by a judge when considering whether to grant such requests. And as the judge said, the wording is unambiguous.

"the court shall enter an ex parte order authorizing the installation and use of a pen register or trap and trace device anywhere within the United States, if the court finds that the attorney for the Government has certified to the court that the information likely to be obtained by such installation and use is relevant to an ongoing criminal investigation."

The judge read the law, which requires only that prosecutors tell the judge that such information is likely to be relevant to their case, and he issued the order as the law requires. It is possible to complain about the law, but the judge's interpretation seems pretty solid, and his ruling hardly sounds like a bit of legislating from the bench. Furthermore, the request comes in the context of a grand jury investigation; it is not simply a Justice Department fishing expedition.

The ruling only authorizes the Justice Department to collect basic header information such as To: and From: fields, much in the same way that records of telephone calls have long been available to investigators without a warrant. For both telephone and Internet communications, the government still needs to show probable evidence of criminal behavior in order to view or listen to the contents of such correspondence.

Bottom line: this doesn't sound like anything to worry about, and is in fact the ruling that the judge seems required to make by the law that is set before him. Pitching it as some new method for the government to spy on your private communications without a warrant is simply alarmist. The law clearly requires the government to certify that it would be of likely value to an ongoing investigation—which isn't exactly a free pass to spy on any American—and even then, it does not involve the content of the messages. This is little more than bringing the old wiretapping laws into the digital age. As we know from the story of the boy who cried wolf, setting off too many false alarms only deadens the ears of the populace to the very real dangers of a predator creeping through the sheepfold.
http://arstechnica.com/news.ars/post/20060210-6155.html

 

AT&T wielding MPEG-4 patent as potential cash cow

2/10/2006 12:35:27 PM, by Eric Bangeman

Who's up for a game of Patent Mad Libs? We need a proper noun representing the name of a corporation. AT&T... hmm, now we need a verb... has threatened legal action against... a major industry player. How about Apple (that's a popular company) among others over its use of the... now we need a all-encompassing patent; thank goodness there's no shortage of them... video compression used in the MPEG-4 video format.

Unfortunately, it's not just a party game. It's a recently renamed corporation flexing its patent portfolio in an attempt to squeeze royalties out of a number of hardware and software industry players. AT&T owns video compression patents which it claims are used in the MPEG-4 format. The company has already reached licensing agreements with a few companies including Nero and Pentax allowing them to support MPEG-4 in their products.

The MPEG standard is controlled by the International Standards Organization (ISO), while the MPEG Licensing Association (MPEGLA) administers the various patents utilized in both the MPEG-2 and MPEG-4 formats. AT&T is not a participant in either the MPEGLA or the ISO committee that oversees the MPEG patent. In an attempt to keep situations like this from happening frequently, the ISO requires all committee members to agree to license their patents under "reasonable nondiscriminatory" terms. As AT&T has chosen to sit outside the umbrella of the two organizations, it gives the company the opportunity to maximize its revenue from the patents.

According to an AT&T spokesperson, the patents in question cover "a core component" of MPEG-4. In a letter sent to Apple, DivX, and other companies who have yet to license the patents from AT&T, the company said it could provide proof of the infringements and threatened them with triple damages. AT&T says it is willing to make the patents available for licensing for a small fee:

"Each of these companies has been advised that they are offering infringing products, that AT&T can provide proof of infringement, and that AT&T is offering a license under reasonable on non-discriminatory terms," [according to] Michael J. Robinson, licensing director of AT&T Intellectual Property Management

Holding a file format hostage for royalties is not unprecedented. Forgent Networks claims to hold a patent on the popular JPEG image-compression format--a patent that is currently under review by the US Patent and Trademark Office. Previously, Unisys' patenting of the GIF graphics format led not to a patent fight, but to the creation of PNG--which is freely available, unencumbered by IP issues.

AT&T's MPEG-4 patents are currently not under review, although if potential licensees decide the royalty figures quoted by the telecommunications giant are neither reasonable nor nondiscriminatory, they could attempt to have the USPTO review and possibly overturn the patents. Given the high-profile nature of some of the products involved, e.g., the iPod, that may very well happen, especially if AT&T is out for a blatant money grab. However, if it turns out that AT&T's is standing on solid IP ground with its patents, Apple, Creative, DivX, and everyone else using MPEG-4 will have to whip out their checkbooks.
http://arstechnica.com/news.ars/post/20060210-6154.html

 

The Rootkit of All Evil

Sony and Bertelsmann were once the prides of Japan and Germany. Having grown up to become world-spanning megacorporations, they spawned a reckless delinquent named Sony BMG. As children often do, the youngster is having a hard time finding its way in the world - selling music, in particular, as well as controlling the distribution of music it manages to sell. So Sony BMG resolved to turn your computer into a battleground.

The war, of course, is the struggle to control unauthorized duplication of copyrighted material. Music fans demand to make copies, and to its credit Sony tried to meet them halfway. But en route to the meeting place, the company turned down a path that leads to a dark future.

On at least 50 titles released last year, Sony BMG included software that allows users to make up to three copies. To count the number of duplicates made, the discs install programs on the user's computer. And to keep savvy customers from monkeying with the software, the company included a rootkit, secret code that makes itself and the copy-protection files invisible.

The ability to hide files is an invitation to every hacker with, well, something to hide. Miscreants use it to cloak programs designed to take control of the host computer. Players of online games use it to conceal cheats. But there was more to Sony BMG's rootkit. The code could also send information about the user's system back to the mothership.

Blogger Mark Russinovich wrote about the Sony BMG exploit in November, and music fans exploded in righteous fury. After much denial and obfuscation, Sony BMG provided an uninstall routine. It also stopped manufacturing rootkitted titles and recalled those it had shipped. But the damage had been done. More than 2 million discs were already in consumers' hands, ready to blast holes in the system of anybody unfortunate enough to pop one into a CD drive.

I'm not going to scold Sony BMG. The problem here is larger than one ­company's effort to own its customers' desktops and spy on their behavior. The real issue is the blurring of lines between blackhat hacking and legitimate business. It's one thing when Russian gangsters take over a few million computers to shake down online casinos. It's another when commercial enterprises adopt the same methods to protect their market. At that point, good corporate citizenship devolves into vigilantism and the implicit trust between supplier and customer unravels.

Sony BMG isn't the only company to have mistaken malicious exploits for mainstream business practices. The British software developer First 4 Internet, which licensed the rootkit to Sony BMG, built its product on techniques developed for creating viruses, and the company's programmers left a trail of newsgroup requests for information about hacks like crippling CD drives. Ironically, First 4 Internet appropriated parts of its music player from an app known as LAME - a bald infringement of the LAME copyright.

Imagine the mayhem if this kind of attitude were to become widespread: Coca-Cola would use your desktop to propagate spam about its latest bottle-cap sweepstakes. Vonage would keep Skype offers from reaching your inbox. Samsung would make sure that, when your browser tried to load Sony.com, it reached a fake Sony site where nothing worked. Companies would compile vast archives of customer data merely because they could, hoping they'd stumble on a revenue model.

It's time for lawmakers, trade groups, and public-interest organizations to get down to the hard work of hammering out standards for what businesses can and can't do to customers' computers. Such an effort will need to be international, because the Net knows no bounds. It will need to come up with simple, understandable language for end-user licensing agreements. It will need to draw red lines around unacceptably invasive hacks and map gray areas between spying and market research.

I'm not holding my breath, though. After all, we asked for this. We didn't want to ruffle the feathers of the goose that laid the golden egg of technological progress, so we allowed manufacturers to claim more and more control over the ways we use their products and what they can do with our information. It should come as no surprise that they're using that power as a cover for bigger, possibly more lucrative schemes.

You may not be interested in the digital rights war, but that doesn't mean you'll have the luxury of sitting on the sidelines. Because the other side is very, very interested in you.

http://www.wired.com/wired/archive/14.02/posts.html?pg=5

 

Google Copies Your Hard Drive
Google Search = BAD!

Google today announced a new "feature" of its Google Desktop software that greatly increases the risk to consumer privacy. If a consumer chooses to use it, the new "Search Across Computers" feature will store copies of the user's Word documents, PDFs, spreadsheets and other text-based documents on Google's own servers, to enable searching from any one of the user's computers. EFF urges consumers not to use this feature, because it will make their personal data more vulnerable to subpoenas from the government and possibly private litigants, while providing a convenient one-stop-shop for hackers who've obtained a user's Google password.

- Eff.org


February 09, 2006
Google Copies Your Hard Drive - Government Smiles in Anticipation

Consumers Should Not Use New Google Desktop

San Francisco - Google today announced a new "feature" of its Google Desktop software that greatly increases the risk to consumer privacy. If a consumer chooses to use it, the new "Search Across Computers" feature will store copies of the user's Word documents, PDFs, spreadsheets and other text-based documents on Google's own servers, to enable searching from any one of the user's computers. EFF urges consumers not to use this feature, because it will make their personal data more vulnerable to subpoenas from the government and possibly private litigants, while providing a convenient one-stop-shop for hackers who've obtained a user's Google password.

"Coming on the heels of serious consumer concern about government snooping into Google's search logs, it's shocking that Google expects its users to now trust it with the contents of their personal computers," said EFF Staff Attorney Kevin Bankston. "If you use the Search Across Computers feature and don't configure Google Desktop very carefully—and most people won't—Google will have copies of your tax returns, love letters, business records, financial and medical files, and whatever other text-based documents the Desktop software can index. The government could then demand these personal files with only a subpoena rather than the search warrant it would need to seize the same things from your home or business, and in many cases you wouldn't even be notified in time to challenge it. Other litigants—your spouse, your business partners or rivals, whoever—could also try to cut out the middleman (you) and subpoena Google for your files."

The privacy problem arises because the Electronic Communication Privacy Act of 1986, or ECPA, gives only limited privacy protection to emails and other files that are stored with online service providers—much less privacy than the legal protections for the same information when it's on your computer at home. And even that lower level of legal protection could disappear if Google uses your data for marketing purposes. Google says it is not yet scanning the files it copies from your hard drive in order to serve targeted advertising, but it hasn't ruled out the possibility, and Google's current privacy policy appears to allow it.

"This Google product highlights a key privacy problem in the digital age," said Cindy Cohn, EFF's Legal Director. "Many Internet innovations involve storing personal files on a service provider's computer, but under outdated laws, consumers who want to use these new technologies have to surrender their privacy rights. If Google wants consumers to trust it to store copies of personal computer files, emails, search histories and chat logs, and still 'not be evil,' it should stand with EFF and demand that Congress update the privacy laws to better reflect life in the wired world."

For more on Google's data collection:
http://news.com.com/FAQ+When+Google+is+not+your+friend/2100-1025_3-6034666.html?tag=nl http://www.boston.com/news/nation/articles/2006/01/21/google_subpoena_roils_the_web http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2006/01/20/EDGEPGPHA61.DTL http://news.com.com/ Bill+would+force+Web+sites+to+delete+personal+info/2100-1028_3-6036951.html

Contact:

Kevin Bankston
Staff Attorney
Electronic Frontier Foundation
bankston@eff.org

 

Martian meteorite may have held life

* 18:24 10 February 2006
* NewScientist.com news service
* Kimm Groshong



A mix of carbon compounds filling the miniscule veins in a Martian meteorite has refuelled the debate on the possibility of life on Mars. Similarities between the carbon-rich filler and that found in fractured volcanic samples from the Earth's ocean floor dangle the possibility that life produced the Martian material, say scientists.

A team of researchers led by David McKay and Everett Gibson of the Johnson Space Center in Houston, US, raise the scenario as just one possibility after extensively analysing new samples of the Nakhla meteorite.

The UK’s Natural History Museum recently provided the team with fresh samples from the interior of the meteorite, which broke into many pieces upon landing in Egypt in 1911.

Near the tube-like veins in the rock, researchers found iddingsite – a mineral also formed on Earth, mainly through alteration of an iron-based mineral called olivine by water. And within the cracks, they found carbon-rich material that appears dark brown or black.
"Indigenous stuff"

Astrobiologists look for carbon and water in their search for extraterrestrial life. Carbon is the building block of terrestrial life, forming the basis for organic chemistry, and water is necessary to support all forms of life on Earth.

Sceptics have cast doubt on previous claims of organic material in Nakhla, saying the carbonaceous matter was simply contamination from Earth. But Colin Pillinger, a team member from the Open University in Milton Keynes, UK, says results from the new samples from the carefully protected interior of the meteorite lay those concerns to rest. "We're pretty confident this is indigenous stuff,” he says. “We don't think it's contamination.”

The work will be presented at the Lunar and Planetary Science Conference in Houston, US, in March.
Biogenic activity

In two abstracts submitted to the conference, the team outlines possible sources of the carbon-containing components. Either a carbon-bearing impactor introduced them to Mars between 600,000 and 700,000 years ago or they are "products of biogenic activity and introduced by groundwater into the fracture features in Nakhla," the team writes.

The team cites an upcoming study by oceanographer Martin Fisk, of Oregon State University in Corvalis, US, who compared Earth features to Martian meteorites. The authors note "the close resemblance" of Nakhla's carbon-rich material to carbon Fisk noted in veins within basaltic glass from the ocean floor.

In this forthcoming paper in Astrobiology, Fisk reports that DNA is associated with the fractures, or tunnels, in rock samples from Earth's ocean floor, a mountain top in Oregon and a rainforest on the California-Oregon border. "There's not DNA distributed throughout the rock, it's very specific to the tunnels," Fisk says.
Nothing's certain

Furthermore, the size and shape of the tunnels in the Earth samples closely resemble those seen in Nakhla. And he says researchers have yet to see a non-biological explanation for the tunnels, although that does not rule out the possibility.

"We're saying here's a phenomena on Earth that we're pretty darn sure are caused by bacteria", and rocks from Mars sport similar features, Fisk says. "I'm letting people draw their own conclusions.”

Pillinger is careful to point out that the new findings do not mean the community has definitive evidence for life on Mars. "We're finding these very strange features, but we can't say anything more than that," he says. "They could have come from several processes and one of them is biological."
Print this pagePrint this page
Email to a friendEmail to a friend
RSS FeedRSS Feed
Cover of latest issue of New Scientist magazine

http://www.newscientistspace.com/article.ns?id=dn8709

 

Give credit cards the finger

2/9/2006 1:39:41 PM, by Nate Anderson

I have a friend who does not carry cash. Apparently, it bulks up his wallet and it's flat-out unnecessary. It also does not earn him airline miles. Cash, in short, is no longer pulling its weight, and my friend has adopted a new monetary policy sure to bring smiles to Visa executives around the world: if he can't charge it, he doesn't need it. (This theory broke down, as so many things do, on the Illinois Tollway, which proved itself decidedly old school in its desire for hard currency.)

I mention this only because credit and debit cards have become the default payment mechanism for millions of Americans—even those that still carry a bit of emergency cash. But if a pair of startup companies have their way, physical plastic cards might soon become as uncool as cash.

Pay by Touch and PayWi (short for "Pay Wireless") want to eliminate the need to carry a wallet, but each has a unique approach. Pay by Touch's plan, as their name suggests, is to use biometric authentication for payment. Their system is already rolled out at several of the largest grocery store chains in the country, and it works like this: take goods to cashier, run finger over scanner, enter seven digit code, select account to use, and bam! You're done. Graphs produced by the company show that this process is faster even than using cash, and Paid by Touch takes pains to point out that the data points they collect from your fingertip scan cannot be reconstituted into a full fingerprint.

A competing system comes from PayWi, which wants to put its payment technology into your mobile phone, and the company makes no secret about what demographic it's targeting: the young and geek chic. The short "How does it work?" section of their website picthes the service as something that can aid one's sex appeal. (From the demo: "The next time you're on a date, PayWi can help you demonstrate what a good catch you are.") And they're right: this would absolutely impress every woman I know.

Unfortunately, while this may enhance your geek cred, it involves more steps than a cash or credit transaction. First, you have to run the PayWi application on your Java-supported mobile phone. Then you have to give the merchant your mobile phone number. Then the charge comes through on your mobile phone, and you need to approve it (entering a tip, if necessary). Then you need to enter your PIN number. The company claims that this helps reduce "check out time by as much as 90%." We're the tiniest bit skeptical, but are open to being convinced.

The biggest problem that both systems face is the requirement that merchants make a substantial new investment, which will certainly limit the rate of adoption, especially among smaller vendors. Consumers, of course, have little reason to use such services until they are widespread in their area of the country, since the primary benefit ("Leave your wallet at home!") won't be a reality. Both attempts at looking beyond the credit card are intriguing, but in terms of simplicity, biometrics certainly beat monkeying about with Java applications on a cell phone, and requires you to carry even less. If such systems can prove themselves to be quick, secure, and accurate, companies like Pay by Touch can expect a fat buyout offer from the credit card giants, who won't stand for being cut out of the game.

Major players are entering the the market as well. Motorola, for instance, is developing a new system (allegedly ready in six to nine months) called the M-Wallet which seeks to make the mobile phone into the payment device, but through a simple swipe of the phone across a scanner rather than through an applet. The idea is to replicate the success of NTT DoCoMo's mobile wallet, which premiered several years ago in Japan. Combine these announcements with the push toward wireless shown by Exxon Mobil's Speedpass system and Mastercard's PayPass card and we can see that contactless payment is here to stay. Even the venerable Illinois Tollway that tripped up my cashless friend has gone wireless, making it simple to pay your tolls while cruising along at full speed. When we at Ars ask our Magic 8-Ball whether plastic payment cards are on the way out, our trusty prognosticator tells us that "all signs point to yes."
http://arstechnica.com/news.ars/post/20060209-6149.html

 

Sony Blu-ray pricing: $23.45

p2p news / p2pnet: Sony Pictures is the first Hollywood studio to release pricing on its high-definition DVDs expected to be introduced early this summer," says Red Herring.

A whacking $23.45. And that's wholesale.

Blu-ray will compete with Toshiba's HD-DVD and among the flics in Sony's initial batch will be the somewhat elderly The Fifth Element, Desperado, Hitch, House of Flying Daggers, Legends of the Fall, and Terminator, says the story. And that's 56% more than the $14.99 it costs for a Hitch DVD from BestBuy.com. A Terminator disc goes for $9.99.

Failure of the Blu-ray and HD DVD firms to reach a unified standard, "has set the stage for a formats war akin to the VHS vs. Betamax battle of the 1980s," says Reuters. "Each side hopes to reignite the sagging $24 billion home video market with new players and discs that offer greater capacity and interactive features.

"Other film studios like Time Warner Inc's Warner Brothers declined comment, while General Electric Co's Universal was unavailable and a spokeswoman for Viacom Paramount Studios said the studio was still working out pricing with retailers."

Toshiba said it'll offer $500 and $800 HD DVD players in March, lower than a $1,000 Blu-ray player model currently under development by Samsung Corp, "a member of the Sony-led Blu-ray camp," says the story, adding:

"HD DVD plans to start rolling out hardware and titles by March and members of the Blu-ray consortium have said they will start shipping players by as early as May."

Still, anyone willing to lash out for an iPod he or she can then load with $1-a-pop DRM tunes from iTunes will probably pay it. And all to watch a movie that's more likely to be garbage than good.

Also See:
Red Herring - Blu-ray Discs Won’t Be Cheap, February 8, 2006
Reuters - Sony next-generation DVDs to cost about 20 pct more, February 9, 2006

(Friday 10th February 2006)
http://p2pnet.net/story/7881

 

Pioneer's pre-production BDR-101 Blu-ray burner

C'T looks at Pioneer's pre-production BDR-101 Blu-ray burner
Posted by Dan Bell on 10 February 2006 - 00:50 - Source: Heise

Once again we learn from the German publication Heise, that the computer magazine C'T kicks some major butt and scores another blue laser pre-production device. This time, it's a Pioneer Blu-ray burner the BDR-101. The device is able to read and write Blue-ray discs at 2x and DVD with 8x speeds.

The pre-release drive, was just lacking the DRM system AACS. Originally, it was thought that AACS would be finished at the end of January, so Pioneer would have been able to deliver the BDR-101A to their OEM customers. However, the AACS group meeting was delayed until the end of this week, so Pioneer won't be able to deliver the burner to their OEM customers before the end of February.

Since the Pioneer BDR-101's pickup head only has a single lens, support for CDs is lacking. During tests we were able to burn a recordable BD-R from TDK for the first time. The VD-R disc has a capacity of 22.56 GB, slightly more than a rewritable BD-RE with only 22.23 GB. The remaining space is used for replacement sectors and defect management on the BD-RE.

In order to write an entire BD-R with 2x (CLV resulting in 9 MB/s), the BDR-101 needed 45:05 minutes. For this Pioneer delivered a test-PC, running a special version of Nero 7.0.5.2. The disc could also be read at 2x without problems. The average access time to a randomly chosen sector was 300 ms.

The drive was also able to write a DVD-R at 8x (ZCLV) in 10:27 minutes. The writing quality on a TDK recordable was goo with a low error rate. Reading a DVD-R the BDR-101 achieved a transfer rate of 8.2 MB/s with an average access time of 272 ms. A DVD-9 was read at 7.5 MB/s and 252 ms.

The drive's DVD error correction was excellent. It was able to read 99.9% of a badly burned test DVD-R and 100% of a badly pressed DVD-ROM ("Horror Disc").

On the back of the enclosure a small cooler blows air to the outside. It is only active if the drive gets too hot though. During tests the BDR-101 stayed surprisingly cool. The temperature on the surface of a freshly written BD-R disc was only at 32 °C (90 F). The noise level was low as well with 2.3 Sone while reading a BD-R and 1.8 Sone while reading a Video-DVD (measured from a 25 cm distance)

Summarizing it can be said that Pioneer did a great job. Technically the BDR-101 is ready for retail already. The drive recognized every disc and did not show any problems - now we only have to hope for an error free AACS implementation. Pioneer's test PC already was equipped with an nVidia graphics card with Geforce 6600GT and HDMI output. But the manufacturer was not able to give an estimated release date for this card.

The requested price for this drive is quite high however. In the USA the BDR-101A (A stands for AACS) the drive is expected to cost $975 - almost twice as much as Samsung's SH-B022. For Europe no price has been set yet. Pioneer is not going to sell the drive as retail, but only with a basic software package for burning data BD and reading BD movies as bulk, starting at the end of March. Software for authoring Blu-Ray movies won't be available before the end of April according to Pioneer.

If the drive will be able to write to dual layer BD recordables with 50 GB is still unclear as these discs are not yet available. But it should be able to read double layer BD-ROM anyway.

Only the second generation of Pioneer's Blu-ray burners is supposed to read and write CDs. The BDR-102 which is already planned for this year will also be able to write Blu-ray recordables with 4x (single and dual layer). DVD-RAM will be written at 5x and DVD recordables at 16x.

Those of you that can read German and would like to view this story in it's entirety at it's source, may do so by simply following this link to Heise.
http://www.cdfreaks.com/news/13049

 

IRELAND!!!!!!!!! My friggin head hurts!!!!!!

 

THIS ONE I SURE AS HELL WOULD READ !!!!~!~!~!~



Settec protection on German video DVD impairs CD/DVD writers
Posted by Dan Bell on 10 February 2006 - 20:53 - Source: Heise



RTV71 used our news submit to tell us "I guess these characters can"t learn by example." Here's some further details of the actions that can be expected if you are unlucky enough to put a Settec Alpha-DVD protected movie DVD in your PC.

This copy protection is known as Alpha-DVD. The main application receives a different name on every install, using inconspicuous names such as "win32k2.exe" and "msxhtml.exe". Its file properties characterize it as a "System PTHelper". The executable launches as a cloaked process which Process Explorer. The copy protection also loads a DLL file into memory (hadl.dll), which becomes a child process of all running executables. In the system registry, Alpha-DVD sets itself up as "SystemManager" and armors this entry in such a way that it is restored on every reboot.

With the prompting of hadl.dll, all applications begin to query the OS for ASPI and ASAPI drivers as well as a DLL supplied with various products by Slysoft, a company specializing in DVD copying and "ripping" tools. According to Kinowelt, the German distributor of the copy-protected DVD, the purpose of these sweeps is to hinder the duplication of the DVD. It's supposed to become active only when the protected DVD is found in one of the optical drives. If the protected title is located, Alpha-DVD is meant to block the execution of common ripping tools.

However, in web forums German users soon complained about irregularities. Several of them reported that after inserting the copy-protected disc, CD/DVD writing applications could no longer locate optical and virtual disk drives removed from the OS. Neither of these claims could be verified as of yet. However, c't magazine found that Alpha-DVD would not stop polling for drivers if the protected disc was removed from the drive. Even worse, the continuous sweeps seemed to have a negative impact on CD/DVD burning in general.

On two different test machines, the DVD writer kept speeding up and slowing down during the burning process. In instance, this resulted in a destroyed DVD-RW medium. The copy-protected disc was not time. c't can not confirm whether the application actually blocks DVD ripping tools since the use of copy circumvention devices is prohibited under German copyright law.

Well here we go again! More malware for the end user that thought they were just buying a movie. It's bad enough to have to put up with copy protections, but when they become this intrusive it seems that something needs to be done about it. In order to read the English article in it's entirety from the source, just visit this link at Heise. In the meantime, just say "no" to autoplay in Windows.
http://www.cdfreaks.com/news/13052