This article claims that at least one SIP-based VOIP solution is vulnerable to a pretty serious exploit. Although they are withholding details while the vendor is releasing patches, researchers discovered that they could get a SIP phone to silently answer meaning one could listen in on the room. They theorize that other vendors will be vulnerable as well.
Archive for August, 2007
25
Aug
In loving memory…
In memory of Victoria the cat, a gentle soul who provided much companionship.
The Layer 8 blog over at Network World has a post indicating that the Department of Defense is closing down the TALON database in less than a month. TALON was widely criticized by privacy advocates and Congress alike for tracking ordinary citizens.
Setting aside my cynicism for a moment, this is a nice bit of news. Now the cynical person (looking at myself in the mirror) would assume this data won’t be destroyed but just go underground to a program we don’t know about yet. Nothing the Bush administration has done would dissuade me from this interpretation but since I am feeling slightly generous today, props to the DoD.
I just found a useful tool for checking your email anti-virus filtering. The EICAR test file(s) have long been the standard way for safely testing your configuration as it contains no actual virus code but nearly all anti-virus products pretend it does. The problem is, since so many mail providers are scanning outbound mail now (this is generally a good thing) it can be hard to send the test file without triggering a response from your ISP before it can get back to you.
This site will handle mailing you any combination of the test files. Test your setup to make sure you are really protected. The site recommended by my mail server software doesn’t seem to exist anymore so I was happy to find another.
A post over at Consumerist reports on a small victory for consumers. The 9th Circuit Court Of Appeals has ruled the mandatory arbitration clause in Cingular/ATT’s contract in “unconscionable” under California law.
While the scope of this is limited, it is a crack in the armor of the mega corporations that attempt to strip consumers of any rights they still have.  Virtually every service contract you see these days includes this arbitration crap. Score one for the little guys.
NASA says that no fix is necessary for the shuttle based on their thermal studies. Despite objections from the JSC engineering team and Nobel Prize winning physicist Douglas Osheroff, the decision is apparently made. Osheroff was on the investigation board following the Columbia disaster four years ago.
The crew are putting on a brave face, astronauts Alvin Drew and Barbara Morgan both indicated their support for the decision. Of course Alvin is placing his trust in the engineering expertise of those on the ground and the engineers at JSC (Houston) wanted to do the repairs.
In any case, I renew by previous sentiment and wish the crew the best of luck and hope they will be home safe soon.
Update [8/21]: They’re home safe!
Very interesting work being done at AIST in Japan on real 3D images using laser-generated bits of plasma in the air. When they get this scaled up to longer distances and good color range it will be very cool. Of course, you just know that advertisers will be the first to implement it.
This post by Roland Piquepaille at ZDNet has some very interesting pictures of the damage to shuttle Endeavour’s thermal tiles. As they say, a picture is worth a thousand words. The damage looks much more serious than I originally imagined from the news reports. I wish the astronauts good luck in the repair and God speed on their return home.
10
Aug
Suck it SCO…
Well, it took a while but the court has sorted through the pile of crap SCO has been shoveling for the past few years. Novell owns the UNIX and UnixWare coyrights (see the Groklaw post.) In short, since Novell owns the rights they have the ability to waive the claims against IBM and Sequent which they had already done. The court affirmed that SCO is obligated to recognize the waiver and thus the biggest part of the basis for their claims disappeared with the stroke of a pen.
Even better, since SCO licensed “their” Unix IP to Microsoft and Sun, they now owe a bunch of money to Novell in license revenue. To quote Mr. Burns…”exxxcellent.” There is more to be worked out, but chalk one up against this predatory IP litigation crap. The end is nigh for McBride and his motley crew.
Susan Landau of Sun Microsystems has an excellent post up at the Washington Post. The idiots in Congress caved in last week and gave even more latitude in surveillance of communications to the NSA. Applying for secret warrants which are almost never denied and can be filed up to 72 hours after surveillance begins is just too much due process for them to deal with.
Even setting aside the civil liberties issues (which is a huge deal on it’s own), this is just stupid. We just heard about what this kind of surveillance built in to the phone networks can result in with the Greek wiretapping scandal (see Bruce Schneier’s blog.) Regardless of how you feel about the “intelligence” community having this ability, reducing national security by adding what will most certainly be insecure back doors in the process is just asinine.
E-mail Me
