Tech News Weekly: Edition 47

http://arstechnica.com/news.ars/post/20081117-e-mails-show-how-intel-benefited-from-vista-capable-changes.html
It seems Wintel is still truly alive and kicking. Documents have been produced in the "Vista Capable" lawsuit against Microsoft showing that Intel was the sole beneficiary in some of the decisions made about the campaign.

A federal court judge recently unsealed a fresh batch of documents pertaining to the ongoing Vista Capable lawsuit, including two recent filings by both the plaintiff (Diane L. Kelley, et al) and defendant (Microsoft). The first filing, on behalf of Diane L. Kelley, begins by stepping through what we learned from the bevy of internal emails Microsoft was forced to release earlier this year. Plaintiffs allege that Microsoft's behavior as it regards the use of the "Vista Capable" designation constitutes an unfair and deceptive practice, and request summary judgment on this point. Microsoft's filing addresses a somewhat different matter, and requests a protective order from the court that would relieve the company of the obligation to produce CEO Steve Ballmer for deposition.

http://techdirt.com/articles/20081030/0203582685.shtml
Some VERY interesting material on how the legal heavyweights are finally getting involved in RIAA lawsuits...and may actually succeed in proving that much of the RIAA's backing is in fact unconstitutional.

People have been submitting this story nonstop, but I wanted to take some time to read the details before commenting on it. It's not the first time that folks have argued that the damages sought by the RIAA in various lawsuits against file sharers are unconstitutional. However, the few times it's been brought up in court, the arguments haven't been persuasive. However, this time around, it looks like the big legal guns are getting involved, and the argument seems a lot more comprehensive and compelling.

In the past, it's been noted that the RIAA has curiously avoided suing any Harvard students, with one of the theories being that Harvard had made it quite clear to the RIAA that it would fight back hard. And, with Harvard law school at its disposal, and various professors there indicating that they had serious legal problems with the RIAA's strategy, the RIAA simply decided to ignore any file sharing going on at that prestigious university.

http://wikileaks.org/wiki/German_Secret_Intelligence_Service_(BND)_T-Systems_network_assignments,_13_Nov_2008
Via: http://www.schneier.com/blog/archives/2008/11/secret_german_i.html
A document has been fed to Wikileaks detailing several IP address ranges allegedly held by German intelligence agency Bundesnachrichtendienst (BND). There is some proof it is legitimate.

The PDF document holds a single paged scan of an internally distributed mail from German telecommunications company T-Systems (Deutsche Telekom), revealing over two dozen secret IP address ranges in use by the German intelligence service Bundesnachrichtendienst (BND). Independent evidence shows that the claim is almost certainly true and the document itself has been verified by a demand letter from T-systems to Wikileaks.

http://www.nytimes.com/2008/11/16/business/16ping.html?_r=1&oref=slogin
An interesting essay on one potential avenue for misuse of online age verification technology.

Child-safety activists charge that some of the age-verification firms want to help Internet companies tailor ads for children. They say these firms are substituting one exaggerated threat — the menace of online sex predators — with a far more pervasive danger from online marketers like junk food and toy companies that will rush to advertise to children if they are told revealing details about the users.

“It’s particularly upsetting,” said Nancy Willard, an expert on Internet safety who has raised concerns about age verification on her Web site over the last month. “Age verification companies are selling parents on the premise that they can protect the safety of children online, and then they are using this information for market profiling and targeted advertising.”

http://www.slipperybrick.com/2008/11/legos-safe/
Video: http://au.youtube.com/watch?v=XjWt4O4bSjQ
An awfully fun way to spend ones cody-currency.

You might think that a Lego safe would be easy to open. Maybe just remove a few bricks and you’re in. But that’s not the case with this thing, the cutting edge of Lego safe technology. The safe weighs 14 pounds and has a motion detecting alarm so it can’t be moved without creating a huge ruckus.

The lock takes five double digit codes to open it. That translates into over 305 billion different combinations. It even boasts an electronic status display showing the numbers as you turn the combination dials. When you enter the combination, the door electronically opens itself. It’s a great place to store all of your valuable geek stuff.

http://blogs.zdnet.com/security/?p=2190&tag=nl.e589
Discussion started by Carol Haynes: https://www.donationcoder.com/forum/index.php?topic=15803.0
Microsoft have decided to drop their Microsoft OneCare subscript in mid-2009 and replace it with a free anti-virus suite.

Microsoft today announced plans to kill its Windows Live OneCare PC care and security suite and replace it with a free anti-malware utility.

The new product, code-named “Morro,” will be designed for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios or less powerful PCs, Microsoft said its surprise announcement.

http://blog.wired.com/defense/2008/11/army-bans-usb-d.html
The US Military has banned the use of removable storage on it's classied and unclassified networks in an attempt to stop the spread of a worm that has infected their computer systems.

The Defense Department's geeks are spooked by a rapidly spreading worm crawling across their networks. So they've suspended the use of so-called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.

The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret SIPR and unclassified NIPR nets. The suspension, which includes everything from external hard drives to "floppy disks," is supposed to take effect "immediately." Similar notices went out to the other military services.

http://www.theregister.co.uk/2008/11/18/short_mccolo_resurrection/
http://www.networkworld.com/news/2008/111708-dodgy-isp-briefly-comes-online.html
In followup from this story in last week's news, ISP McColo briefly returned from the dead thanks to a backup arrangement with another ISP in order to allow its client to transfer control of botnets and such to new ISPs.

McColo, a network provider that was yanked offline following reports it enabled more than half the world's spam, briefly returned from the dead over the weekend so it could hand-off command and control channels to a new source, security researchers said.

The rogue network provider regained connectivity for about 12 hours on Saturday by making use of a backup arrangement it had with Swedish internet service provider TeliaSonera. During that time, McColo was observed pushing as much as 15MB of data per second to servers located in Russia, according to Paul Ferguson, a security researcher for anti-virus software maker Trend Micro.

http://www.theregister.co.uk/2008/11/21/e_gold_sentencing/
The top-knobs of notorious online money transfer firm E-Gold have escaped jail after a District Court Judge took leniency on them when she found they had not intentionally serviced criminals.

Three directors of digital currency firm e-gold avoided a spell behind bars on Thursday after earlier pleading guilty to offences for money laundering and running an unlicensed money transfer business.

The three directors, along with the e-gold company itself and parent firm Gold & Silver Reserve, were charged in April 2007 with becoming a clearing house for child pornography payments and investment scams. Prosecutors charged that slack-shod verification meant the service had become a banker to cybercrooks. After initially disputing the charges the defendants pleaded guilty in July 2008.

http://www.theregister.co.uk/2008/11/20/paypay_hyperlink_snafu/
PayPal have been sending customers emails directing them to an incorrect login URL possibly for as long as two months.

PayPal, the online payment service that is a major target of phishers, has been caught sending customer emails that confuse its own login page with a third-party landing site that offers spyware protection and a bevy of other products.

The faux hyperlink to secure.uninitialized.real.error.com was included in official emails PayPal sent to customers to confirm recent payments. PayPal advertised it as the official address to log in to the service. Recipients who configured their systems to read email as HTML wouldn't notice the link was incorrect unless they were paying close attention.

http://www.theregister.co.uk/2008/11/18/london_hospital_malware_shutdown/
Three London hosptals had their computer system shutdown when it became apparent they were infected with malware. The systems have since returned and there is no indication any information on them was exposed.

Three London Hospitals shut down their computer systems on Tuesday in response to a computer virus infection.

Infection by the Mytob worm sparked the emergency response, involving St Bartholomew's (Barts) the Royal London Hospital in Whitechapel and The London Chest Hospital in Bethnal Green. The three hospitals are members of the Barts and The London NHS Trust.

http://www.theregister.co.uk/2008/11/19/mac_trojan/
Look out folks, believe it or not MACs might actually be becoming popular enough to have their own trojans, however ineffectual.

Security researchers have uncovered a rare example of a Trojan that affects Mac PCs.

Lamzev-A creates a backdoor on compromised Mac OS-X systems. The malware typically disguises itself as video codec on dodgy websites. Mac users hoping to watch a clip from a grumble flick get infected instead, a trick carried out by the earlier RSPlug Mac Trojan.

http://www.theregister.co.uk/2008/11/18/bnp_loses_list/
The membership list of Britain's right-wing-nutjob political party has been leaked online. Included are names, phone numbers and email addresses along with various other personal details. Serves them right.

The British National Party has lost its membership list - the whole thing has been published online.

The list includes names, addresses, phone numbers and email addresses of all members up to September 2008. It also includes some people's ages, especially those under 18 - the BNP offers family membership for £40. Many entries also contain more personal comments about jobs or hobbies. That's how we know that that BNP members include receptionists, district nurses, amateur historians, pagans, line dancers and a male witch.

http://www.theregister.co.uk/2008/11/18/ssh_sniffer_attack/
A vulnerability that has the potential to reveal the plaintext of an SSH session has been discovered and is confirmed to affect OpenSSH and various commercial SSH clients and servers. The vulnerability is not considered to be particularly harmful, though users are urged to update their software or switch from CBC to stream mode.

UK security researchers have discovered hard-to-exploit cryptographic weaknesses in the Secure Shell (SSH) remote administration protocol.

The shortcoming creates a potential means to recover the plain text of encrypted sessions, depending on remote access configurations. Potential attacks - which would take ninja-like hacking skills to pull off - would involve inducing and observing error conditions. It's much more likely that a potential attack would crash a conversation than yield useful results.

http://news.cnet.com/8301-1009_3-10104997-83.html
Verizon staff have illegitimately accessed the mobile phone records of US president-elect Barack Obama. The phone in question is no longer being used.

President-elect Barack Obama's cell phone billing records were improperly accessed by employees of Verizon Wireless, CNN reported late on Thursday.

Obama's transition team was informed of the breach by Verizon Wireless representatives on Wednesday, team spokesman Robert Gibbs told the news agency. The Secret Service has been informed, Gibbs said.

The phone, a voice flip-phone with no e-mail access, is no longer active or being used by Obama, the report said. Lists of phone numbers and calls made by Obama could have been accessed, but "nobody was monitoring voicemail," Gibbs is quoted as saying.

http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=212100043
Flaws have been found in Microsoft Office Communications Server 2007, Office Communicator, and Windows Live Messenger that could allow an attacker to cause a denial-of-service condition in the software.

Security researchers say they have discovered several vulnerabilities in Microsoft applications that work with voice over IP (VoIP).

VoIPshield Laboratories, a new research division at VoIPshield Systems, says the new vulnerabilities affect applications that use media stream protocols like Real-time Transport Protocol (RTP), a popular standardized packet format for delivering audio and instant messaging over the Internet. The vulnerabilities could allow attackers to launch denial-of-service (DoS) attacks -- not only against the Microsoft applications, but against the entire desktop environment, the researchers say.

http://arstechnica.com/news.ars/post/20081116-foia-docs-show-feds-can-lojack-mobiles-without-telco-help.html
According to documents obtained through Freedom of Information (and a lawsuit, naturally) by the ACLU and the EFF, US federal law enforcement is capable of tracking the location of cellphones without the assistance of cell providers as previously believed.

Courts in recent years have been raising the evidentiary bar law enforcement agents must meet in order to obtain historical cell phone records that reveal information about a target's location. But documents obtained by civil liberties groups under a Freedom of Information Act request suggest that "triggerfish" technology can be used to pinpoint cell phones without involving cell phone providers at all.

Triggerfish, also known as cell-site simulators or digital analyzers, are nothing new: the technology was used in the 1990s to hunt down renowned hacker Kevin Mitnick. By posing as a cell tower, triggerfish trick nearby cell phones into transmitting their serial numbers, phone numbers, and other data to law enforcement. Most previous descriptions of the technology, however, suggested that because of range limitations, triggerfish were only useful for zeroing in on a phone's precise location once cooperative cell providers had given a general location.

http://arstechnica.com/news.ars/post/20081116-analysis-dukes-new-p2p-policy-wont-stop-riaa-lawsuits.html
If nothing else, an interesting insight into the way the RIAA conducts their lawsuits.

Since the RIAA decided to go after on-campus P2P use in a big way back in February 2007, one of the major questions facing university IT departments was how to respond to the RIAA's prelitigation settlement letters. Duke University has decided that it will now require concrete evidence that copyright infringement actually occurred before forwarding those letters to students.

As an incentive to get students to settle sooner rather than later, the RIAA has instituted a tiered settlement system. Basically, the faster the student forks over the cash to the record labels, the less it will cost him or her. If a school receives a prelitigation settlement letter from the RIAA and immediately forwards it on to the target, it will cost the student $3,000. If the RIAA needs to file a Doe lawsuit to learn the identity of the student, the cost goes up to $4,000. And should the student seek to block the subpoena or otherwise block the RIAA's attempts to discover the name behind the IP address, the price doubles to $8,000.

http://arstechnica.com/news.ars/post/20081118-tennessee-anti-p2p-law-to-cost-colleges-over-13-million.html
New legislation in the state of Tennessee requiring public and private colleges to to prevent copyright infringement on campus networks is likely to cost $13 million.

With the RIAA's long-running legal war against file-sharing not having the desired effects, the music industry has turned its sights on legislation aimed at getting others to do the dirty work of copyright enforcement. Last week, they scored a victory when the state of Tennessee passed a law that would require colleges and universities to work to prevent copyright infringement over campus networks. It's great news for the RIAA, but bad news for Tennessee students and taxpayers who will have to foot the $13 million bill.

SB 3974 was introduced this past February into the state legislature. Championed by the RIAA, who pointed to the University of Tennessee's no. 4 position on the list of top music piracy schools, and the MPAA, which noted the school's no. 19 spot on its infringement list, the law will force both public and private schools in the state to implement policies to prevent and prohibit copyright infringement on campus computers and networks.

http://arstechnica.com/journals/apple.ars/2008/11/21/apple-lawyers-hand-ipod-hash-cracking-site-a-dmca-notice
As one might expect, Apple isn't taking kindly to attempts to reverse engineer a file system protection mechanism on its iPods.

Although not a widely-publicized addition, one of the newer "features" Apple has added to its iPods and iPhones is a hash that protects the iTunesDB file, which stores information about what music you have on your iPod and where it's located on the iPod's hard drive. As it turns out, Apple doesn't seem to like people meddling with the iPhone and iPod touch hash, and according to Slashdot, Apple lawyers recently sent a DMCA violation notice to a project that was attempting to reverse-engineer the current version of the iTunesDB protection.

Without the ability to access the iTunesDB file, it's harder (or impossible) for iTunes alternatives like Songbird to work fully with iPods. The hash used on things like the iPod classic was cracked fairly quickly, but Apple changed the iTunesDB hash when it released the iPhone and iPod touch 2.0 firmware. According to the notice, Apple is claiming that attempts to reverse-engineer the iPhone 2.0 hash count as circumvention of its FairPlay DRM, possibly because the new hash is more closely related to Apple's DRM technology. Apple really doesn't want people trying to hack FairPlay, and appears to be nipping the iPod hash project in the bud before too much progress is made.

http://arstechnica.com/news.ars/post/20081121-inaction-on-disconnect-pleas-at-root-of-aussie-isp-lawsuit.html
Several Hollywood studios are taking Australian ISP iiNet to court in response to their failure to act on infringement notices.

Seven major film studios and affiliates have filed suit in Australia against one of the country's large ISPs, iiNet, charging the company with a failure to act on detailed reports of illegal file-sharing across its network.

In their quest to police illegal online video sharing, film and television rightsholders have long wanted to deputize ISPs. Going directly after consumers is slow, expensive, and capable of generating substantial bad press (see: RIAA litigation campaign), and it has the added downside of requiring huge amounts of work. Such attempts have been sometimes successful, as in various "graduated response" agreements in Europe, but most often have been sharply resisted by ISPs unwilling and unable to play traffic cop.

http://news.bbc.co.uk/2/hi/technology/7741184.stm
NASA has made its first successful test of the new Disruption-Tolerant Networking (DTN) technology it hopes will be the standard for communication through space in the future.

Nasa has successfully transmitted images to and from a spacecraft 20 million miles away with a communications system based on the net.

The Disruption-Tolerant Networking (DTN) technology is designed to work across vast distances where response times can be measured in days.

Further tests of DTN are due to take place on the International Space Station (ISS) in 2009.

http://blog.wired.com/wiredscience/2008/11/huge-buried-wat.html
Huge subterranean glaciers have been discovered on Mars.

Giant glaciers buried under the surface of Mars at much lower latitudes than any previously known ice are a potential source of drinking water for future astronauts.

The discovery, made using ground-penetrating radar on NASA's Mars Reconnaissance Orbiter, offers new possibilities in the search for life on the red planet.