There’s a local Denial of Service vulnerability in the linux kernel’s ptrace function according to secunia.com. It reportedly is present in kernel’s prior to 2.6.14.2 and is listed as a non-critical vulnerability. (However any security vulnerability should be treated seriously.) 2.6.14.2 is safe and fixes the vulnerability. The vuln was reported “by the vendor”, in this case, the linux kernel devel team.
Author: Avery
-
KDE 3.5 released
The 3.5 release of the KDE (linux) desktop environment has come today. Among other things, konqueror is now the second browser to pass the ACID2, CSS rendering test (ahead of Internet Explorer and Firefox). Konqueror also sports a new adblock feature. There are new applications in the kde-edu cluster of apps as well. This is expected to be the last major release before the KDE 4 series (which should be a fairly big change.) Service releases will be released as necessary for 3.5
-
DoS Exploit for MS-053
Incidents.org has the story on an “in the wild” exploit for MS-053 vulnerability. The patch is out, so if you haven’t already – go ahead with the patching. The vulnerability is entitled “Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)”. The exploit causes 100% cpu utilitzation on visiting a page with a specially crafted file using Internet Explorer. The “attacking” page could essentially cause a system freeze.
-
Community site to help users understand EULA’s better
This is a great lead from Spyware Confidential. There is a relatively new site out and about called eulascan.com. They allow user submitted comments on EULA’s (End User License Agreements). Of course, EULA’s are the terms and conditions that pop up on installing software and (these days) appear on the packaging of everything from software to electronics to books.
-
Adsense Firefox referrals available for those outside the US
For those of you using adsense for your sites outside of the U.S. I’ve just read that adsense firefox referrals are now available internationally. This is coming from the official Google adsense blog. The referral program was opened up in the last month offering site/content owners to add referral links into their content alongside the traditional ad blocks, or ad links. The rollout of the referral service was initially in the U.S. for Firefox referral’s. Google also launched referral links for it’s adsense program. The payout varies for each program, but the Firefox referrals can pay up to $1 each.
-
Your own astromech – R2-D2
If you’ve always wanted your own astromech, it won’t be too much longer to wait. A voice activated R2-D2 will be available next year from Hammacher Schlemmer. It runs on 4 AA and 4 D cell batteries and will sell for ~$120. According to the article it responds to voice commands, can run in “sentry mode” to guard a room (alert if movement), etc…
-
More on the MediaMax DRM software
The OTHER Sony-BMG DRM (Digital Rights Management) software is in the news again today. freedom-to-tinker which did great research into the security flaws that the UNINSTALL process for both XCP and MediaMax had is back to give more disturbing news. What’s interesting here is that even declining the EULA for the software is no protection against having the MediaMax system service install and run….
-
P2P file sharing using GMAIL
Software has been released that essentially allows users to take advantage of GMAIL’s 2+GB of storage space for peer to peer (p2p) file sharing. There are disadvantage’s such as turning over your gmail login info to the group behind the web-based service (!!!!)
-
The eternal beta…
Slashdot has a story from the Wall Street Journal online about why beta’s last so long. Google News’ beta, Microsoft’s Antispyware beta are both mentioned. This has become a new way of marketing software it seems, beta has gone from being considered pre-release/buggy software to… oooo new shiny software. However, with the beta is the disclaimer of liabilities of polished release software. If something goes wrong, “oh it’s just in beta anyway…”
-
Making backups simpler
Linux.com is running an article on easy automated backups with a new program called sbackup. Sbackup is a product of Google’s summer of code and is a GUI to pick and choose what to backup and when to routinely back it up. Apparently the project was also sponsored by Ubuntu. (I’d expect integration into their distro’s admin tools if not already then.)