The Edge of I-Hacked

consumerist.com
Creative’s executive team will be coming in to quite a mess Monday morning, thanks to its VP of Screw Ups, Phil O’Shaughnessy. Friday morning, he posted a warning on the Creative customer forums that told programmer Daniel_K to stop writing his own drivers for their X-Fi sound cards. The cards still won’t work on Vista over a year after the OS was released, because Creative hasn’t released drivers for them—but by Mr. O’Shaughnessy’s account, Daniel_K is “stealing” from Creative by making the cards work. Then the weekend happened.

Over the weekend, Creative’s forums have exploded with posts from angry customers who have sworn to stop buying their products. There’s already a boycott site up at boycottcreative.com.

from Tom’s Hardware

Philadelphia (PA) - Telecommunications company Comcast announced today that it will no longer restrict Internet subscribers from accessing file-sharing programs and websites.

In the last few months, reports began to surface that Comcast was methodically blocking Internet activity it deemed could be used for illegal content distribution. For example, it made users unable to download BitTorrent files, a modern platform commonly used in video and music pirating.

Comcast came under rigorous fire for its decision, with consumer rights advocates and supporters of Net Neutrality crying foul. In February, it went all the way to a hearing by the Federal Communications Commission.

That kind of pressure became too much for Comcast, despite its continuous claims that it was doing nothing wrong. Comcast had contended that its move was actually to reduce the strain on local cable lines.

“This deal is the direct result of public pressure, and the threat of FCC action, against Comcast, but with Comcast’s history of broken promises and record of deception, we can’t just take their word that the Internet is now in safe hands,” said Marvin Ammori, general counsel of the media reform group Free Press in an AP story.

Comcast said it will remove its current discriminatory protocols by the end of the year.

from securityfocus.com

Vancouver, CANADA — In the first attempted attack in the PWN2OWN contest, a security analyst breached the defenses of Apple’s Mac OS X using a bug in the Safari browser and won $10,000 as well as the computer that he compromised.

Charlie Miller, principal analyst with Independent Security Evaluators and the researcher who found some significant flaws in Apple’s iPhone last summer, compromised the Apple MacBook Air in less than a minute. While he refrained from describing the flaw, SecurityFocus learned that the issue affected the Safari browser. Contest officials said that the MacBook Air was running the latest version of Mac OS X, version 10.5.2 or “Leopard.”

Miller — and two colleagues from ISE, Jake Honoroff and Mark Daniel — worked on the code for exploiting the security issue for about three weeks, he told SecurityFocus.

“I was sort of looking for a while, but as soon as we started looking in a particular (code) area, it didn’t take too long,” Miller said.

from Yahoo Finance

The maker of the popular photo-editing software Photoshop on Thursday launched a basic version available for free online.

San Jose, Calif.-based Adobe Systems Inc. says it hopes to boost its name recognition among a new generation of consumers who edit, store and share photos online.

While Photoshop is designed for trained professionals, Adobe says Photoshop Express, which it launched in a “beta” test version, is easier to learn. User comments will be taken into account for future upgrades.

Photoshop Express will be completely Web-based so consumers can use it with any type of computer, operating system and browser. And, once they register, users can get to their accounts from different computers.

Web-based software is increasingly popular, and Adobe knows it’s got to get on that train, said Kathleen Maher, an analyst at Jon Peddie Research.

Many kinds of software are available for use online in a trend known as “software as a service,” or “cloud computing.” The earliest were e-mail programs, but they now include services to create and manage content and even whole operating systems. And they don’t require time-consuming upgrades because they’re maintained by the service provider.

Google Inc. provides a host of such services, as do Microsoft Corp. and others.

“This is the battlefield where Adobe and Microsoft and Google are going to fight some pretty big battles,” Maher said.

Photoshop enters the online photo-management arena many years after such services first appeared. Some companies have already made a big name for themselves, like 9-year-old storage solution Shutterfly Inc., photo-editing service Picnik or image-sharing site Photobucket Inc.

Adobe says providing Photoshop Express for free is part marketing and part a strategy to create up-sell opportunities. It hopes some customers will move from it to boxed software like its $99 Photoshop Elements or to a subscription-based version of Express that’s in the works.

Ron Glaz, a research analyst at IDC, says the move was necessary for Adobe to keep pace. Users are less likely to switch to a software they aren’t familiar with, he said.

“They have a whole market that they are missing out on, and they need to make sure that the market is aware there is a Photoshop solution for them. As that market grows and becomes more sophisticated, hopefully it will generate money,” Glaz said.

“It’s one of those things, if you can’t beat them, join them,” Glaz said. “If they don’t join them, the long run could be really painful.”

On the Web: http://www.photoshop.com/express

from securityfocus.com
On Monday, security firm Tipping Point agreed to offer up to $20,000 as a prize to the first person to compromise each of three laptops running popular operating systems in the second annual PWN2OWN Competition at the CanSecWest conference, which takes place in Vancouver this week. The boost in the bounties came after researchers criticized the company for the more modest prizes announced last week. The first person to compromise any of three laptop computers — running the latest versions of Apple’s Mac OS X, Microsoft Windows Vista and Ubuntu Linux — will receive the prize money and the laptop.

“Based on the current feedback, we’ve agreed to keep this contest a ‘best of the best’ showdown, and therefore only one cash prize will be offered per machine,” Terri Forslof, manager of security response for TippingPoint, said in the company’s blog post revising the rules. “Our original goal in offering the chance for multiple persons to compete for cash prizes — even after the boxes were pwned — was to create more opportunity and fairness to the contestants and alleviate issues of timing around who gets to go first.”

from LAist:

Stealing $15 of Del Taco food for you and your buddies can land you a maximum of seven years in prison. That’s what two accomplices are up against in a case where three men filmed themselves tricking Del Taco employees over the phone to give them a free meal and then posting it on YouTube. The video’s “star,” Robert Echeverria, who Rialto police said is a known gang member and was “crying like a baby” at the station before making a plea bargain to serve 30 days in jail with three years of probation.

“How To Scam Del Taco” was posted on YouTube embedded below on February 22nd it has over 20,000 views so far and after a tip to police, the three were soon in custody. The two boys posted bail, but Echeverria remained as he could not produce enough money to follow suit.

For prosecutors, this is a slam dunk case and say they’ve never had anything so ready to go. Echeverria was scheduled to be in court yesterday. The three say they were just fooling around and never intended this to be blown out of “proportion.” Stealing is stealing, isn’t it? Video after the jump.

I am so glad these guys went to jail. If you are going to film a “Social Engineering” attack — make it slick. Not stupid.

from Engadget

Looks like all those rumors yesterday were true — Microsoft has just posted up the official standalone version of Vista SP1. Sure, you’ve been able to get it in one way or another for a while now, but if you’re into silly things like “legit OS updates,” the wow (SP1) is now.

Update: Here are the release notes — as we’ve known for a while now, it’s mostly bug fixes and performance tweaks, but the sheer volume of ‘em is something to behold.

from InformationWeek

It appears that not anyone can sign up and become a registered developer for the iPhone. Apple is sending out rejection letters via e-mail. Twitterers are firing up their tweets in protest and anger.

According to The Unofficial Apple Weblog, people interested in developing for the iPhone are being rejected by the thousands.

Erica Sadun writes, “If you’ve applied for Apple’s iPhone Developer program, check e-mail for your rejection letter. The twitterati are reporting widespread disappointment and anger as thousands of iPhone developer hopefuls have received a ‘Thank you but no thank you’ message in their in-box. The e-mails are arriving with the subject of ‘iPhone Developer Program Enrollment Status’.”

Have any of you received such notice? A number people have responded to Sadun’s piece with comments. More than a few were among those rejected by Apple.

One commenter said, “Denied! That sucks!!! What is or was the criteria? Since the application did not ask you anything important like what are you planning on working on… Are people who are getting accepted top-level ADC members?”

So what does it take, Steve? Do you need to be an official company to develop applications for the iPhone? Do you need to already be an ADC member? Can individuals apply? What are the criteria which you are using to judge these developers? Are you too worried about hackers?

from Threat Level from Wired.com

A new web service that lets users rate and comment on the uniformed police officers in their community is scrambling to restore service Tuesday, after hosting company GoDaddy unceremonious pulled-the-plug on the site in the wake of outrage from criticism-leery cops.

Visitors to RateMyCop.com on Tuesday were redirected to a GoDaddy page reading, “Oops!!!”, which urged the site owner to contact GoDaddy to find out why the company pulled the plug.

RateMyCop founder Gino Sesto says he was given no notice of the suspension. When he called GoDaddy, the company told him that he’d been shut down for “suspicious activity.”

When Sesto got a supervisor on the phone, the company changed its story and claimed the site had surpassed its 3 terabyte bandwidth limit, a claim that Sesto says is nonsense. “How can it be overloaded when it only had 80,00 page views today, and 400,000 yesterday?”

Police departments became uneasy about RateMyCop’s plans to watch the watchers in January, when the Culver City, California, startup began issuing public information requests for lists of uniformed officers.

Then the site went live on February 28th. It stores the names and, in some cases, badge numbers of over 140,000 cops in as many as 500 police departments, and allows users to post comments about police they’ve interacted with, and rate them. The site garnered media interest this week as cops around the country complained that they’d be put at risk if their names were on the internet.

“Having a website like that puts a lot of law enforcement, in my eyes, in danger because it exposes us out there,” Officer Hector Basurto, vice president of the Latino Police Officers Association, told ABC television affiliate KGO.

Since undercover officers aren’t in the database, and the site has no personal information like home addresses, that fear seems unfounded. Chief Jerry Dyer, president of the California Police Chiefs Association, voices what sounds like a more honest concern: that officers will face “unfair maligning” by the citizens they serve.

Sesto says police can post comments as well, and a future version of the site will allow them to authenticate themselves to post rebuttals more prominently. Chief Dyer wants to get legislation passed that would make RateMyCop.com illegal, which, of course, wouldn’t pass constitutional muster in any court in America.

Unfortunately for the startup, the company it chose for hosting is known to be quick to censor its customers. In January of last year, GoDaddy took down entire computer security website — delisting it from DNS — to get a single, archived mailing list post off the web.

On that occasion, at least, it gave the site’s owner 60 seconds notice. GoDaddy notified Seto by posting its “Oops!” message to his public website.

“You put on my website for me to call you, when you have my phone number?,” says Sesto.

A GoDaddy spokeswoman says the company can’t comment on the RateMyCop takedown due to its privacy policy. Sesto says he’s already arranged hosting elsewhere, and hopes to have the site online Tuesday night.

Once again.. Godaddy SUCKS.