Trailrunner7 writes to mention that malware and botnet operators appear to be escalating to the next level by setting up their own virtual data centers. This elevates the criminals to the ISP level, making it much harder to stop them. "The criminals will buy servers and place them in a large data center and then submit an application for a large block of IP space. In some cases, the applicants are asked for nothing more than a letter explaining why they need the IP space, security researchers say. No further investigation is done, and once the criminals have the IP space, they've taken a layer of potential problems out of the equation. 'It's gotten completely out of hand. The bad guys are going to some local registries in Europe and getting massive amounts of IP space and then they just go to a hosting provider and set up their own data centers,' said Alex Lanstein, senior security researcher at FireEye, an anti-malware and anti-botnet vendor. 'It takes one more level out of it: You own your own IP space and you're your own ISP at that point.'"Read more of this storyat Slashdot.
Darren Ginter writes "I find many aspects of desktop virtualization compelling, with one exception: the cost of the thin clients, which typically exceeds that of a traditional box. I understand all of the benefits of desktop virtualization (and the downsides, thanks) but I'm very hung up on spending more for less. While there are some sub-$200 products out there, they all seem to cut corners (give me non-vaporware that will drive a 22" LCD at full resolution). I can PXE boot a homebrew Atom-based thin client for $130, but I'd prefer to be able to buy something assembled. Am I missing something here?"Read more of this storyat Slashdot.
gravyface writes "I've been setting up proper Sender Policy Framework records for all my clients for past year or so, hoping to either maintain or improve their 'reputation' in the email universe. However, there's a lot of IT admins I speak with who either haven't heard of SPF records or haven't bothered setting them up. How many of you are using SPF records for your mail domains? Does it help? How many anti-spam vendors out there use SPF records as part of their 'scorecard'?"Read more of this storyat Slashdot.
Fraggy_the_undead writes "According to German IT news site heise.de, yesterday several 3D showings of Avatar couldn't take place (German; Google translation to English), because the movies were DRM protected such that there had to be a key per copy of the film, per film projector, and per movie server in the theater. The key supplier, by the name Deluxe, was apparently unable to provide a sufficient number of valid keys in time. Moviegoers were offered to get a refund or view an analogue 2D showing instead."Read more of this storyat Slashdot.
coomaria writes "Thought that 2009 was the year botnets died? Well, think again: compromised computers were responsible for distributing 83.4% of the 107 billion spam messages sent around the world every single day this year, and it's going to get worse if intelligent and autonomous botnets arrive in 2010 as predicted."Read more of this storyat Slashdot.
oranghutan writes "A research and development group down under is working to develop an advanced video surveillance system for ports around the world that uses video superimposed onto a 3D map. With 16-megapixel high-definition cameras on a distributed (cabled) network and a proprietary system written in a variety of languages (C++, Python, SQL, etc.), the group from NICTA is aiming to allow security teams at the Port of Brisbane — which is 110km long — to monitor shipping movements, cargo and people. By scrolling along a 3D map, the security teams can click on a location and then get a real-time video feed superimposed onto the map. Authorities from around the world with the right permissions can then access the same system. The main difference from regular surveillance systems is the ability to switch views without having to know camera numbers/locations and the one screen view."Read more of this storyat Slashdot.
snydeq writes "InfoWorld's Randall Kennedy takes an in-depth look at VMware Workstation 7, VirtualBox 3.1, and Parallels Desktop 4, three technologies at the heart of 'the biggest shake-up for desktop virtualization in years.' The shake-up, which sees Microsoft's once promising Virtual PC off in the Windows 7 XP Mode weeds, has put VirtualBox — among the best free open source software available for Windows — out front as a general-purpose VM, filling the void left by VMware's move to make Workstation more appealing to developers and admins. Meanwhile, Parallels finally offers a Desktop for Windows on par with its Mac product, as well as Workstation 4 Extreme, which delivers near native performance for graphics, disk, and network I/O. 'There's some genuine innovation going on, especially in the areas of hardware support and application compatibility,' Kennedy writes. 'All support 32- and 64-bit Windows and Linux hosts and guests, and all have added compelling new VM management capabilities, ranging from automated snapshots to live VM migration.'"Read more of this storyat Slashdot.
zerothink writes "American student Lily Sussman, 21, upon entry into Israel from Taba (Egypt, Sinai) caught Israeli border police in grumpy mood — after two hours of questions and searching through her belongings they decided to put three bullets through her laptop. Explanation? 'I'm sorry but we had to blow up your laptop.' Haaretz also covered the story." All three bullets missed the hard disk.Read more of this storyat Slashdot.
An anonymous reader points out a recent article at Gamesradar discussing the frequency of major bugs and technical issues in freshly-released video games. While such issues are often fixed with updates, questions remain about the legality and ethics of rushing a game to launch. Quoting: "As angry as you may be about getting a buggy title, would you want the law to get involved? Meglena Kuneva, EU Consumer Affairs Commissioner, is putting forward legislation that would legally oblige digital game distributors to give refunds for games, putting games in the same category in consumer law as household appliances. ... This call to arms has been praised by tech expert Andy Tanenbaum, author of books like Operating Systems: Design and Implementation. 'I think the idea that commercial software be judged by the same standards as other commercial products is not so crazy,' he says. 'Cars, TVs, and telephones are all expected to work, and they are full of software. Why not standalone software? I think such legislation would put software makers under pressure to first make sure their software works, then worry about more bells and whistles.'"Read more of this storyat Slashdot.
abell writes "Gravatar offers a global avatar service, using an MD5 hash of the user's email as avatar ID. This piece of information in some cases is enough to retrieve the original email address. Testing a simple attack on stackoverflow.com, I was able to determine the email addresses of more than 10% of the site's users."Read more of this storyat Slashdot.
An anonymous reader writes "Two developers have created 'Detect and Eliminate Computer Assisted Forensics' (DECAF). The tool tries to stop Microsoft's Computer Online Forensic Evidence Extractor (COFEE), which helps law enforcement officials grab data from password-protected or encrypted sources. After COFEE was leaked to the Web, Microsoft issued takedown notices to sites hosting the software." The article notes that DECAF is not open source, so you aren't really going to know for sure what it will do to your computer.Read more of this storyat Slashdot.
EastDakota writes "Project Honey Pot today announced that it had trapped its 1 billionth spammer. To celebrate, the team behind the largest community sourced project tracking online fraud and abuse released a full rundown of statistics on the last five years of spam. Findings include: spam drops 21% on Christmas Day and 32% of New Year's Day; the most spam is sent on Mondays, the least on Saturdays; spammers found at least 956 different ways to spell VIAGRA (e.g., VIAGRA, V1AGRA, V1@GR@, V!AGRA, VIA6RA, etc.) in mail received by the Project; and much more."Read more of this storyat Slashdot.
StonyCreekBare writes "I am wondering what slashdotters have to offer on the idea of Linux based security systems, especially DVR software. I am aware of Zoneminder, but wonder what else is out there? Are there applications that will not only monitor video cameras, but motion sensors and contact closure alarms? What is state of the art in this area, and how do the various Linux platforms stack up in comparison to dedicated embedded solutions? Will these 'play nice' with other software, such as Asterisk, and Misterhouse? Can one server host three or four services applications of this nature, assuming CPU/memory/disk resources are sufficient?"Read more of this storyat Slashdot.