 |
Here’s an excerpt from Cory Doctorow‘s upcoming novel for Tor Books, |
My cochlea struck twelve noon and a HUD appeared with my weekly backup reminder. Lil was maneuvering Ben Franklin II out of his niche. I waved good-bye at her back and walked away, to an uplink terminal. Once I was close enough for secure broadband communications, I got ready to back up. My cochlea chimed again and I answered it.
“Yes,” I subvocalized, impatiently. I hated getting distracted from a backup
Oops. More of the same security holes for Microsoft products. This time for SQL Server.
(Mac Observer found the news quite tiresome actually…)
See:
Microsoft warns of holes in SQL Server, by Juan Carlos Perez for CNN.
The first and more serious vulnerability results from the failure of the SQL Server text-generating functions to limit the size of the text to the buffer space allotted by the system. This can lead to a flaw known as buffer overflow, which could allow an attacker to execute code within the system. The extent of the damage that the attacker could cause would depend on how the database administrator has configured the product’s security parameters. In the worst-case scenario, the attacker could gain “significant control over the database, and perhaps over the server itself” and be able to “add, delete, or change data in the database, … reconfigure the operating system, install new software on it, or simply reformat the hard drive,” according to the security bulletin.
The second vulnerability is related to C runtime functions for formatting text strings. The database calls these strings when it runs on Windows NT 4.0, Windows 2000 or Windows XP operating systems. The flaw can make the database vulnerable to a denial of service attack, Microsoft said. The C runtime is the set of executables and files that provide support for programs written in the C programming language, and all Windows platforms ship with a runtime for C, Microsoft said. A “format string” vulnerability occurs when “a function that accepts formatted text for printing doesn’t properly validate it before using it,” Microsoft said.
The crop circles remind a friend of mine of this
cool poem by Lawrence Ferlinghetti. (Thanks, Aaron)
Excerpted from “I Am Waiting”, by Lawrence Ferlinghetti
I am waiting
to get some intimations
of immortality
by recollecting my early childhood
and I am waiting
for the green mornings to come again
youth’s dumb green fields come back again
and I am waiting
for some strains of unpremeditated art
to shake my typewriter
and I am waiting to write
the great indelible poem
and I am waiting
for the last long careless rapture
and I am perpetually waiting
for the fleeing lovers on the Grecian Urn
to catch each other up at last
and embrace
and I am awaiting
perpetually and forever
a renaissance of wonder
Another company is peddling similar technology to the Applied Digital Solutions ID Chip mentioned below.
Here’s an editorial by David Coursey for CNET Asia:
An implanted ID chip? Makes my skin crawl…
The concept of a national identity card–something you’d carry to use for matching with your fingerprint or retinal scan–gains a new dimension with implant technology. Or perhaps the chips could be implanted at birth as a sort of digital birth certificate.
Thinking about such prospects reminds me of three essential aspects of any new invention: The first is that technology is amoral, even when there is a temptation to consider it immoral, instead. Second, it’s pretty hard to keep technology under wraps: If something is technologically possible, somebody is going to do it. And, finally, if something is created, it will probably be both used and abused.
I hope that VeriChip and its ilk–which have great potential to help people–will find their way into the hands of people who are well-intentioned and smart in equal parts. But I am not naive, either. This is what the ongoing privacy debate is about–and the VeriChip gives us another good reason to pay close attention to it.
Implanted ID chips are used by some farmers to keep tabs on their livestock. Now a company that manufactures them, Applied Digital Solutions, is trying to get people used to the idea of implanted chips in humans.
These chips can hold a few sentences of information and show great potential for being teamed up with a National ID card system.
See the articles:
A Chip ID That’s Only Skin-Deep, by David Streitfeld for the LA Times.
and
Next: An ID Chip Planted in Your Body?
, by Robert O’Harrow Jr for the Washington Post.
This is just a brief note regarding the Lord of the Rings film that just came out.
Great flick, but wouldn’t recommend it for young children (say under 10).
The film is only rated PG-13, but I think it was more violent and scary than many slasher films I’ve seen. I understand that parents have to be the judge about what their own kids can handle, but I don’t think that the parents that brought their six year olds to see this movie for Christmas understood that blood and gore were on the agenda.
The six year olds sitting near us were asking to go home after the first hour and many had their jackets over their face until they finally fell asleep in their parents arms.
Just food for thought. (I was expecting a bit tamer flick based on the marketing for the film, I guess.)
I’d like to reiterate that this was a beautiful and exciting grown-up movie 🙂 After three hours, I was ready for more. Guess I’ll have to wait a year…
This article by John Borland for CNET News covers some of the upcoming features of the next round of Morpheus software:
New features planned for file swappers.
Ouch. Bad year for the music industry. (Or just record company propoganda :-).
Check out:
Labels Singing the Blues Over Expensive
Failures
by Jeff Leeds for the L.A. Times.
“I’ve never seen this kind of damage,” said Michael Nathanson, a media analyst
at Sanford C. Bernstein & Co. “You had these tent-pole releases that didn’t
carry their weight this year. And it’s going to get worse.”The major music companies report financial results differently, but most of the
labels are struggling.EMI posted a loss of $77.6million for the first half of its fiscal year–the worst
first-half results in at least five years. Bertelsmann’s BMG Entertainment
reportedly had a loss of more than $70 million this year.Warner Music, once the industry leader, has been posting lower pretax
earnings for three consecutive quarters, and Sony Music reported operating
losses of $91 million for the last two quarters. Universal Music is the only one
of the Big Five record conglomerates to post gains this year.Record executives say the fickle marketplace is making established performers
seem a liability. Much like Hollywood’s movie studios, the major record
companies find themselves forced to pay stratospheric sums–even at the risk
of losing money on the deals–for the industry’s top stars.Swept up in a free-agency frenzy, record labels during the last decade spent
hundreds of millions of dollars to sign such acts as Carey, R.E.M., Bruce
Springsteen, Janet Jackson, Prince and ZZ Top.Record labels sign blockbuster pacts with hopes that mega-stars will at least
pay for themselves and provide momentum for the company to sign new talent.
In a business in which some 90% of the 6,000 CDs released domestically each
year are unprofitable, according to major-label executives, stars are seen as
safe bets–particularly when corporate parents are pressuring music labels to hit
quarterly earnings targets.”
Here’s a cool piece from The Nation detailing how the “big ten” media companies actually own all of it, either directly or indirectly.
See:
The Big Ten , by Mark Crispin Miller. (Thanks, Cory)
Hey cool, Slashdot picked up the Dmitry Sklyarov story. (Thanks, Timothy)
*ZiggyP0P* writes: “We remember hearing how Dmitry was let off and released (so he can finally go home) but how he had to cooperate with the government in the prosecution of his employer as a plea bargain. Turns out that this was all a lie by the Justice Dept. Skylarov has released his own statements which explain what exactly happened. He has entered into no legal plea bargain and he is still employed by Elcomsoft (even though the justice dept called him his former employer).”