holden writes "Ian Goldberg, leading security researcher, professor at the University of Waterloo, and co-creator of the Off-the-Record Messaging (OTR) protocol recently gave a talk on protecting your IM conversations. He discusses OTR and its importance in today's world of warrant-less wire tapping. OTR users benefit from being able to have truly private conversations over IM by using encryption to obtain authentication, deniability, and perfect forward secrecy, while working within their existing IM infrastructure. With the recent NSA wiretapping activities and increasing Big Brother presence, security and OTR are increasingly important. An avi of the talk is available by http as well as by bittorrent and a bunch of other formats."Read more of this storyat Slashdot.

  Jamie found a fun story about a 90s Zelda Game Boy ROM that shipped with the source code- not so much on purpose, but more because the linker padded out the last meg of ROM with random memory contents, which happened to include game source code.Read more of this storyat Slashdot.

  eweekhickins writes "A surge of e-commerce traffic on Thanksgiving night and all day Friday apparently caught several retail giants by surprise, with Lowe's, Macys and Victoria's Secret especially hard hit. In fact, almost a third of leading retailers suffered significant slowdowns on Black Friday, according to statistics released this weekend by Keynote Competitive Research, a firm that tracks Web site performance."Read more of this storyat Slashdot.

  An anonymous reader writes "Mark Wilson of Gizmodo.com reports that IBM is applying for a patent for DVDs that contain or download 'on demand' commercials that cannot be skipped. Consumers would be able to purchase these DVDs at a lower price than regular DVDs and pay extra to enjoy their purchase ad-free without having to buy a second DVD. Perhaps this is part of the massive shift in advertising that IBM predicts."Read more of this storyat Slashdot.

  Ian Lamont writes "Computerworld is reporting that Windows XP Service Pack 3 runs MS Office 10% faster than XP SP2 — and is 'considerably faster' than Vista SP1. XP SP3 isn't scheduled to be released until next year, but testers at Devil Mountain Software — the same company which found Vista SP 1 to be hardly any faster than the debut version of Vista — were able to run some benchmarking tests on a release candidate of XP SP3, says the report. While this may be great news for XP owners, it is a problem for Microsoft, which is having trouble convincing business users to migrate to Vista."Read more of this storyat Slashdot.

  g-san writes "Some Mac users are having problems with the latest 10.4.11 update, yours truly included. The problem seems to be caused by the presence of a Boot Camp partition and renders the Mac unable to reboot after the update fails. Note the Geniuses at the Apple stores are recommending a full disk wipe; but data can be recovered via Firewire." MacNN has a note up that if you fall victim to this "known issue" and need to reformat the disk, you can't reinstall Boot Camp because it is no longer available to OS X 10.4 Tiger users.Read more of this storyat Slashdot.

  KentuckyFC writes "The anonymity of the Netflix Prize dataset has been broken by a pair of computer scientists from the University of Texas, according to a report from the physics arXivblog. It turns out that an individual's set of ratings and the dates on which they were made are pretty unique, particularly if the ratings involve films outside the most popular 100 movies. So it's straightforward to find a match by comparing the anonymized data against publicly available ratings on the Internet Movie Database (IMDb) (abstract on the physics arxiv). The researchers used this method to find how individuals on the IMDb privately rated films on Netflix, in the process possibly working out their political affiliation, sexual preferences and a number of other personal details"Read more of this storyat Slashdot.

  ZDOne writes "ZDNet UK has put together a list of some of the biggest obstacles preventing information technology from achieving its true potential, in terms of development and progress. Microsoft's stranglehold on the desktop makes the list, as does the chip-makers' obsession with speed. 'There is more to computing than processor speed -- a point which can be easily proven by comparing a two-year-old PC running Linux with a new PC buckling under the weight of Vista. Shrinking the manufacturing process to enable greater speed has proven essential, but it's running out of magic ... What about smarter ways of tagging data? The semantic web initiative runs along these sorts of lines, so where is the hardware-based equivalent?'"Read more of this storyat Slashdot.

  LarsWestergren writes "Many Mac users have been upset that Apple has not made Java 6 available on the platform. Landon Fuller posts that there is a developer preview release available of Java JDK6 on Mac OSX, Tiger and Leopard. It is based on the BSD port of Sun's Java 6 and is made available under the Java Research License. Charles Nutter posts about impressive JRuby performance gains using Java 6 on his Mac."Read more of this storyat Slashdot.

  Hugh Pickens writes "Apple's QuickTime media player software contains a previously undocumented security weakness in the way QuickTime handles the RTSP media-streaming protocol. The vulnerability is present in QuickTime versions 4.0 through 7.3 (the latest version) on both Windows and Mac systems. Symantec has tested the publicly available exploit code and found that it failed to work properly against Internet Explorer 6/7 or Safari 3 Beta but the exploit works against Firefox if users have chosen QuickTime as the default player for multimedia formats. Firefox users are more susceptible to this attack because Firefox farms off the request directly to the QuickTime Player as a separate process outside of its control, while IE loads the QuickTime Player as an internal plugin and when the overflow occurs, standard buffer-overflow protection is triggered, shutting down the affected processes before any damage can occur."Read more of this storyat Slashdot.

  Andy Guess tips us to his article at Inside Higher Ed offering a detailed look at the snowballing trend of colleges outsourcing their email infrastructure, mostly to Google and Microsoft Live. Even outsourcing just email would presage big changes in the work that IT departments do on campus; but more such changes are on the horizon as schools grapple with entering freshmens' already entrenched online habits.Read more of this storyat Slashdot.

  Via Game|Life, a story on The Age site suggests that password crackers are really enjoying their PlayStation 3s ... and not because Ratchet is a great game. An NZ-based security researcher stated at a local security conference that the supercomputing power of the PS3 is being put to more nefarious uses than Folding@home. "Speed is important to "brute force" password cracking, which relies on guessing all possible combinations of the characters that make up the password. The accelerated technique means passwords protecting Office, PDF, ZIP and Lotus Notes ID files can be cracked with breathtaking speed. However, many other password types are handled more securely in software and remain unaffected by Breese's claimed speed increase." Sony does have some good news this week, though. Either the holiday season or a price drop here in the states has led to a massive sales increase.Read more of this storyat Slashdot.

  The last two weeks have been super-hectic in Brian Aker's life, but we finally have his responses to your questions ready to share with you...Read more of this storyat Slashdot.

  greenrom writes "I work for a small company as a software developer. While investigating a bug in one of our products, I found source code on a website that was nearly identical to code used in our product. Even the comments were the same. It's obvious that a developer at our company found some useful code on the web and copied it. The original author didn't attach any particular license to the code. It's just 200 lines of code the author posted in a forum. Is it legitimate to use source code that's publicly available but doesn't fall under any particular license? If not, what's the best way to deal with this kind of situation? Since I'm now the only person working on this code, there's no practical way to report the situation confidentially. I'm new to the company, and the developer who copied the code is the project lead. Reporting him to management doesn't seem like a good career move. I could rewrite the copied code without reporting him, but since the product is very close to release it would be difficult to make a significant change without providing some justification."Read more of this storyat Slashdot.