Finnish security company F-Secure released patches for its flagship Windows and Linux anti-virus line Thursday to fix flaws revealed by an independent researcher.

The bugs in 23 editions of F-Secure Anti-Virus, Internet Gatekeeper, and Internet Security affect how it parses .zip and .rar compressed files, according to the researcher, Thierry Zoller, who works for an unnamed Luxembourg security firm.

Maliciously crafted .zip files can be used to create a buffer overflow on PCs defended with F-Secure titles; after that, hackers could load their own code onto the compromised machine. A second flaw can be exploited with specially made .zip or .rar files to hide malicious code from the anti-virus scanning engine, giving users a false sense of security and attackers a way to sneak stuff past protection.

F-Secure dubbed the flaws “Critical,” and rolled out fixes Thursday. Patches can be downloaded from the Helsinki-based company’s FTP servers. (F-Secure Anti-Virus 2004/2005/2006, Internet Security 2004/2005/2006, and Personal Express 6.2 and earlier will automatically retrieve the fixes.)

Source: InformationWeek

Right-to-privacy groups said on Friday an attempt by the Bush administration to force Google Inc. to turn over a broad range of materials from its databases set a dangerous precedent that should worry all Americans.

“This is the camel’s nose under the tent for using search engines and all kinds of data aggregators as surveillance tools,” said Jim Harper of the libertarian Cato Institute who also runs Privacilla.org, an Internet privacy database.

The Bush administration is already under fire from a number of rights groups over security measures it has taken since the September 11, 2001 attacks on America, including pursuing checks on library records and eavesdropping on some telephone calls.

In court papers filed on Wednesday in U.S. District Court in San Jose, the Justice Department stated that Google had refused to comply with a subpoena issued last year for one million random Web addresses from Google’s databases as well as records of all searches entered on Google during any one-week period.

Source: Reuters

The rapidly emerging world of mobile video could have its first copyright test case in TVMyPod, a tiny startup that preloads DVDs of movies, TV shows, and music concerts on brand new video iPods.

The company said Thursday that it plans to offer a new service, which would save consumers the time it takes to convert DVDs to the iTunes format.

The process, according to TVMyPod, takes about two hours to transfer six half-hour television episodes or one movie.

A customer picks which iPod he or she wants, then selects the movies to be loaded on the iPod. Then the company loads the movies onto the iPod and ships the iPod in its original packaging along with the DVDs.

The Digital Millennium Copyright Act of 1998 prohibits the making or selling of devices or services used to circumvent technological measures that prevent copying of protected material. DVDs come equipped with measures designed to protect the material from being copied.

The Somerville, Massachusetts-based company’s founder told Reuters that his company’s process does not involve decryption and that moving content from DVDs to iPods is a one-way transfer.

Source: redherring

Sony is to bring Blu-ray the high capacity optical disc system to the UK as early as March, but only as part of a desktop PC package. The VGC-RC204, which also breaks with Sony PC tradition in that it is the first desktop from the company to run using Microsoft’s Windows XP Media Center Edition operating system, features a Blu-ray recorder that can archive up to 25GB of data on one disc.

Sony is expecting that the £1800 PC will appeal specifically to video editors. The PC also sports a 600GB hard drive and is accompanied by Sony’s MR100 wireless media receiver, which streams audio video and images to other screens and devices. Recordable Blu-ray discs will go on sale next month, with Sony estimating that they will retail for around £10. The recorder isn’t compatible with the 50GB double-sided discs. A laptop with integrated Blu-ray drive will be available later in 2006.

Source: The Register

A 20-year-old US man killed himself live on a webcam on Bulgarian gamers’ forum www.metalgearsolid.org, AFP and other agencies report. Mitchell “Mitch” Lee Stuekerjuergen, aka “Kuja105″, reportedly swallowed antifreeze and pills “after complaining about family problems and a lack of money”, forum administrator Boyan Georgiev told Bulgaria’s BGNES news agency on Wednesday. Stuekerjuergen subesquently died on 4 January in hospital in Illinois.

A certain amount of controversy surrounds the whole sorry affair, with some claiming that other forum members “thought the man was joking, even though he rambled for six hours about the effects of the substances and disappeared from view several times”, as AFP puts it.

Source: The Register

An influential U.S. Senator warned the adult entertainment industry on Thursday that if it does not develop a rating system for its Internet content, Congress will.

“My advice to your clients is that you better do it soon or we will mandate it if you don’t,” Republican Sen. Ted Stevens of Alaska, chairman of the Commerce Committee, told Paul Cambria, general counsel to the Adult Freedom Foundation.

Cambria told the committee hearing that it was the first time his group had been invited to testify before Congress on the issue and he would take the message back to his clients.

“I take that as a message and mandate to my clients that we should do that,” Cambria said. “I might welcome a shot across the bow rather than one between the eyes.”

Tim Lordan, executive director of the Internet Education Foundation, said about 75 percent of Internet pornography comes from overseas, beyond the reach of U.S. laws. He said parents play a crucial role in keeping unwanted material away from their children and that a rating system would help.

Source: Reuters

The former manager of a San Jose, Calif., medical group was indicted on Thursday for stealing medical records for around 200,000 patients.

Joseph Nathaniel Harris of San Jose is accused of stealing computers and DVDs that included detailed medical histories for patients of the San Jose Medical Group in March.

Harris was indicted by a federal grand jury and could face 10 years in prison, according to a statement from Kevin Ryan, U.S. Attorney for the Northern District of California.

Harris was a branch manager at San Jose Medical Group. After resigning from the group, Harris is alleged to have broken back into the Group’s administrative offices and made off with computer equipment, including a DVD with a record of clinic visits for around 200,000 patients.

The DVD included patient’s names, addresses, phone numbers, dates of birth and social security numbers, the statement said.

FBI agents investigating the case subsequently found the DVD in Harris’s car, and he was arrested on Jan. 3.

Source: eWeek

FAQ Preparing to defend a controversial Internet pornography law in court, the Justice Department has demanded search logs from Google, Microsoft, Yahoo and America Online.

The department asked the search giants to hand over millions of records involving what search terms people have used on the sites and what Web sites are accessible via the search engines.

On one level, the situation involves a straightforward question of whether the department’s demands are too onerous and therefore not permitted under federal law. On another, the dispute raises novel questions about search engines’ privacy protections and the relationship that four tech giants have with the federal government.

What does it all mean, and what happens next? Read on @ source

Source: News.com

Apple Computer Inc. has altered its iTunes software after users raised privacy concerns over a new spy-like song-recommendation feature in the music jukebox program.

The company on Tuesday switched the so-called “MiniStore” feature to give users the choice of turning it on, rather than having it automatically activate with its new version update of iTunes.

The company introduced the recommendation feature last week. The MiniStore window pane with music or video suggestions pops up as users play songs from their libraries.

The feature requires that the information on the songs being played be sent to Apple, which in turn churns out related music titles. It’s a type of customization that an increasing number of digital services are adopting.

Source: AP