Archive for February, 2007

RIAA In the News

The popular gadget site Gizmodo has declared March Boycott the RIAA month, saying the very reasons people download music is because of things like the RIAA and DRM. These things keep people from being able to play the music they buy on whatever device they choose to, you have to have an iPod to play tunes from iTunes, a Zune to play music from the Zune Marketplace, etc, and they are right, this is a bunch of crap. Used to be, when you bought your music tapes you could record them on other devices, listen to them however you want but nowadays, that is not the case when you buy music online. If I buy a song from a musician, I should be able to play it wherever I like on whatever device I have, but DRM prevents that, and causes people to download unprotected music online.

Beyond the harassment, extortion, and privacy invasion that the RIAA commits under the guise of lawsuits, they also stifle innovation by treating any open Internet source as a potential way for people to violate their copyrights. Recently, they filed a “motion for reconsideration” in a suit claiming that anything downloaded via an Internet connection is the responsibility of the owner of said connection. While the RIAA is trying to make it easier for them to get money out of the parents of kids they sue, the precedent that it would set would make it difficult, if not impossible, for open WiFi hotspots to exist. That means that the RIAA would make it impossible for you to connect to the web for free while out in a city that provides Internet access merely because you might use it to download music.

In effect, the RIAA’s insistence on strict DRM takes value away from legally purchased music. People have a choice: they can either pirate unrestricted MP3 files that will let them use them however they’d like, or they can pay for files that won’t allow them the freedom to listen where and how they choose. It only makes sense that many tech-savvy people choose to download MP3s rather than pay for crippled files. The RIAA wants people to pay for restrictions and like it. Source: Gizmodo’s Anti-RIAA Manifesto

This is exactly true, Steve Jobs recently called for digital media companies to get rid of the DRM, but that is an easy thing to do when you have nothing to loose, what he should’ve done would be to demand that they drop DRM and let people play their music anywhere, they way it is supposed to be.

In other RIAA news, apparently they don’t like a new bill submitted by Rick Boucher, a Virginia Democrat, and John Doolittle, a California Republican, that would allow consumers to circumvent digital copy restrictions in six limited areas when the copyright owners’ business models are not threatened. This so-called fair use doctrine would allow customers of copyright works to make a limited number of copies, either for reviews, news reporting, teaching and research. The RIAA said this would legalize “hacking”, something else they don’t sound too bright on, look it up fellas.

“The fair use doctrine is threatened today as never before,” Boucher said in a statement. “Historically, the nation’s copyright laws have reflected a carefully calibrated balanced between the rights of copyright owners and the rights of the users of copyrighted material. The Digital Millennium Copyright Act dramatically tilted the copyright balance toward complete copyright protection at the expense of the public’s right to fair use.”

But the RIAA said the bill would effectively repeal the DMCA. The bill would “allow electronics companies to induce others to break the law for their own profit,” it said in a statement. Advances such digital music sales, online games, on-demand movies and e-books can be traced to DMCA protects, the RIAA said. Source: RIAA opposes new fair use bill

Screw the RIAA, these people are going away and they know it, it is easier and easier for artists to create and distribute their own music and other media, it’s just too bad most of it sucks, but, most of the music coming out of those music companies sucks as well. This bill would also limit the statutory damages against individuals and firms who may be found to have engaged in contributory infringement, inducement of infringement, or other indirect infringement.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - February 28, 2007 at 11:12 pm

Categories: Piracy   Tags: , , ,

CompUSA Closing Over Half of It’s Retail Stores

Looks like CompUSA has decided to concentrate on their biggest and most popular stores and are closing 50% of its retail stores. What does this mean? I would be looking for some big sales from your local CompUSA store, we don’t have any around here, but they are bound to be selling some stuff at some pretty good prices.

CompUSA said in a statement it would close 126 of its stores and would receive a $440 million cash capital infusion, but it was not specific as to the source of the cash. The company also said it would cut costs and restructure.

The company operates 225 stores, which its Web site says are located in the United States and Puerto Rico. Source: CompUSA Closing More Than 50 Percent of Stores

Be the first to comment - What do you think?  Posted by Jimmy Daniels - at 10:49 pm

Categories: Tech News   Tags:

All Your PSP’s Belong to Sony

Big companies like big profits, big profits means happy shareholders, board members, executives, etc, so naturally, big companies hate hackers. Three hackers have found a way to unlock your Sony PSP, so you can modify it yourself, copy your games onto a larger and faster memory stick, etc. It also allows you to play pirated games and movies that are not sold on Sony PSP disks. So, I can see one reason they don’t like it, but, like that old saying, “Shoot first, ask questions later”, they assume everyone is bad and will be copying and trading their games illegally. Guilty until you prove your innocent, should be their saying.

But last month three hacker teams – Noobz, Team C+D, and a group led by PSP hacker Dark Alex, coordinating their efforts over the internet, found a flaw in the most recently released version of the firmware – version 3.03.

Using this flaw they devised a way to unlock all PSPs, regardless of their age or the firmware running on it.

Within days of the release of the Noobz team’s downgrader and Dark Alex’s Open Edition firmware, Sony updated its firmware, fixing the flaw which makes unlocking possible.

Anyone buying a new PSP with this firmware installed will be therefore be unable to unlock their console – at least until Noobz, Team C+D and Dark Alex and his crew find another exploit and the whole cat-and-mouse game played by Sony and the hacker teams repeats itself. Source: Three hacker teams unlock the PSP

So, all you existing PSP owners, you can do this and mod away on your PSP, Dark Alex has a site here where you can get the custom PSP firmware, called Dark Alex’s Open Edition, and other various stuff.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - February 27, 2007 at 8:39 pm

Categories: Sony, Video Games   Tags:

Windows Vista WGA Validation Problems Mount

Remember all of the trouble users have had with Windows Genuine Advantage program? It appears some similar problems are cropping up, if you take a look at Windows Vista Validation Issues (Windows Vista) there are over 200 posts detailing problems already, a lot of them appear to be caused by three programs, PC Tools Spyware Doctor (updating to the most recent version fixes the issue), Trend Micro Internet Security and PC-Cillin Anti-Virus (the issue goes away if you install version 14.56 or later), and nProtect GameGuard. The last one is a big problem, as gaming vendors have to get the patch and integrate it to fix the problem. Not good if you are a victim.

The underlying issues were identified by Microsoft a few days after Vista’s release to manufacturing last November and publicly disclosed in this post on the Windows Vista Validation Issues forum:

There are several threads in this forum that refer to Error 0xc004d401 causing non-genuine status or preventing activation. In those threads, we have discussed 3 applications that have been identified as conflicting with Vista software licensing technology (which causes the issue). Source: Problems arise with Vista?s validation

Ed has been detailing WGA problems for awhile now, so it is only fitting that he lead us into the problems with Vista now. He also points us to a post from the Vista Knowledge Base website, detailing troubles installing 9dragons.

I am playing the game when all of a sudden I get popped out of my game back to desktop with a message that my copy of Vista isn’t Genuine. Now I have the receipt, the box it came in, and the hole in my bank account to prove that I do indeed have a legal copy. It turns out that if you install a program your copies of Windows Vista will unactivate itself. I am livid, where does Microsoft get off telling me what I can put on my personal PC? I have been a Wintel network administrator going on 11 years now, and this just seems so over the top. Source: Windows Vista Activation Goes Too Far

I am assuming that 9dragons uses the nProtect GameGuard, but I don’t know this for sure, that website doesn’t list any reasons he thinks it happened, just that uninstalling it fixed the problem. Update: The game does use nProtect, as he notes in another blog post here, Windows Vista Activation Goes Too Far – Part 2. nProtect has been accused of acting like a rootkit, so that is probably why Vista sees it as a bad thing.

Microsoft has published a kb article detailing some reasons you may have to activate on a computer that you didn’t have to activate on before.

You may be prompted to activate Windows Vista on a computer on which Windows Vista activation was not previously required. Although this problem rarely occurs, it may occur during typical use of a Windows Vista-based computer. For example, this problem may occur under one or more of the following conditions:
You install a device driver.
You install a program.
You run a new program.
You remove a program.

This problem may occur because a specific system setting is removed when a program runs with administrative credentials. The removal of this system setting may cause a BIOS validation check to fail. The BIOS validation check is part of the system activation process. Therefore, you may be prompted to activate Windows Vista, even though the system did not previously require activation. For example, this problem is known to occur when you use Intuit QuickBooks 2007. However, this problem may also infrequently occur when you install other programs or device drivers. Source: You may be prompted to activate Windows Vista on a computer on which Windows Vista activation was not previously required

Download and install this patch to fix this problem or to prevent this from happening to you.

A post by from Information Week details troubles he had with Vista, a copy he received from Microsoft, a copy he had already validated.

My troubles began when I booted up my Vista box for the first time in a couple of weeks. (I still use XP on my main machine. I was thinking of moving over to the new system; now, I’m not so sure.) After booting up, I got a message that my activation period had “expired,” and I would have to reactivate. Even though I had previously — and successfully — activated my copy of Windows Vista, this gave me only the slightest pause, since it was a minor glitch not out of the ordinary from what one might expect with a new operating system.

Did I want to re-activate over the Internet? Of course! Alas, that was not to be; apparently my copy of Vista wasn’t genuine, at least according to my PC. (Did I mention that, as a tech reviewer, I got my copy of Vista directly from Microsoft?) My PC did tell me that I could enter a new product key if I wanted to. (That, and $450, will get you a new copy Vista.) Er, no. Source: Vista Still Seems Buffeted By Windows Genuine Advantage (WGA) ‘False Positives’

More info and help in the following Microsoft articles:

Troubleshooting activation problems

Frequently asked questions

Activation polices and Reduced Functionality Mode

The WGA Blog has a post answering questions on how many copies are flagged as being not genuine, etc, but they don’t really give any numbers, More on: WGA False Positives. It does note that some New WGA Notifications rolling out… soon.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - February 26, 2007 at 8:23 pm

Categories: WGA, Windows Vista   Tags: , , , ,

Great Windows Vista Wallpapers

Hamad Darwish has released the entire set of photos that were taken for Windows Vista in high resolution 1900×1200 on his website, and here is his flickr account.

Hamad Darwish, the Flickr photographer commissioned to shoot Windows Vista wallpapers, has been busy over the last few weeks.

Hamad has since released as promised, the entire set of photos taken for Windows Vista in high-resolution of 1920?1200 pixels on his personal website. Go grab ?em! Source: Hamad releases high-resolution Vista wallpapers

Beautiful stuff.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - at 7:48 pm

Categories: Windows Vista   Tags:

MSN Reporter – Is it a Digg Killer?

Microsoft is trying some interesting social sites in some foreign countries, a service called MSN Reporter has been launched in the Netherlands, Belgium and Norway that is a Digg type of site, where users submit news articles and users vote whether the site is good or bad with a click.

Two things are most striking about MSN Reporter. First, these social news experiments are already being leveraged in the heart of MSN’s larger online properties – nl.msn.com for example displays the top four MSN Reporter stories right on the front page. AOL certainly doesn’t put the top Netscape stories on its front page – there?s a fairly arduous editorial process required just to get stories from the sprawling Weblogs Inc. network onto AOL proper. For MSN to put top social news stories on the front page of a primary site is a big deal.

The second big step taken by MSN Reporter is that unlike supposed Digg clones at Yahoo!, Dell and AOL’s Netscape – MSN Reporter users are able to submit links to pages completely outside of MSN control and no effort is made to keep readers tied to the MSN domain when they visit those sites. Reporter is an important sign that for at least one big player, walled content gardens aren’t as set in stone as we might think. Digg was a key market leader in demonstrating that a site can win in terms of traffic by letting its users point each other off site. Monetization is a big question that remains for these sites, but MSN appears willing in Europe at least to experiment meaningfully with the approach.

There are certainly differences between MSN Reporter and Digg, the most notable being the ability to vote stories down as well as up and the absence of substantial user profiles. Digg has arguably gained a lot of steam from the top users whom until recently won bragging rights from an onsite list of their names and contributions. Source: MSN Experimenting With Most Digg Like Service Yet

There are several write-ups about it

Can this be a Digg Killer? Probably not, or, at least not until Digg users get tired of it. If Microsoft does this right, like opening one for each country and then tying them into one big site, where the top stories from each country carry over and users can vote on them or add news ones, that might have potential. They could spend time building each individual Reporter up, like they are with these three, and it would have to work. I must wish they had an English version I could play with.

So far there has been considerable interest in the new service, with reportedly 500,000 and 800,000 users visiting the site in the 1st and 2nd months respectively. With articles getting up to 10,000 votes and 1,000 comments, this is a on a completely different level to most existing social news sites. This popularity does have some disadvantages though, with an increasing amount of spam now appearing on the site. What makes this such an exciting development however is that the top 4 headlines from MSN Reporter are displayed on the MSN.nl homepage, for all to see. With popularity like this, we could be seeing the start of new era of social news on MSN. Source: MSN enter social news arena with Digg competitor – MSN Reporter

They really have the new look Microsoft is giving everything as well, here is a screenshot. I expect big things from it.
MSN Reporter in the Netherlands

Be the first to comment - What do you think?  Posted by Jimmy Daniels - February 24, 2007 at 7:29 pm

Categories: MSN Reporter   Tags: , ,

USAToday Gives Norwhich a Failing Grade

Nice write-up in the USAToday about the Julie Amero case, if that’s what you want to call it, it is more like one of those old fashioned railroad jobs, where they decided she was guilty and that’s what happened.

Imagine you know next to nothing about computers. You’re a substitute teacher for a seventh grade class. There’s a computer in the classroom and, knowing you’re going to be sitting there for a while, you ask a fulltime teacher if you can use it. He logs you in with his password and tells you not to shut it off because you couldn’t get back on.
Not that you have a clue about this stuff, but that computer is running Windows 98 and the outdated Internet Explorer 6.02. Its filtering and anti-virus software have expired, and it has no anti-spyware software.

You step out of the classroom for a moment. When you get back the kids are clustered around the computer, checking out hairstyle websites. But one is actually a link to porn sites, and it loads a Trojan onto the unprotected computer.

Suddenly, pop-ups start appearing, X-rated popups. Source: Police, school get failing grade in sad case of Julie Amero

The writer did misspell her name in the title, he must be like me, I never remember to spell check the title either. He really sums it up when he says, “Thus according to that jury, “not having the sense to turn off a computer” is a multi-count felony punishable by 40 years in prison. Wow.” I wish Alex Eckelberry and everyone working on the computer forensics of this case good luck and hope they can find all of the proper evidence to help show she’s inoocent. If there is anything I can do to help, please let me know.

Her husband has started a blog where you can donate to help pay for her case, Julie Amero. From the blog,

George Orwell was a little off, but not by much. Technology has engulfed the average American at an alarming rate. To think that it is possible for the average layperson to understand all the ins and outs of how a computer works is just not reasonable. What’s worse, our employer’s don’t know any more than we do, and they rely on us to identify problems when they happen. If you are lucky, your employer will know what to do when a crisis happens with your system. If not you?ll end up like Julie arrested, ridiculed, demeaned and left with useless teacher’s degree in special education.

The illicit pornography industry is a business with estimated profits in excess of $2 billion annually. That?s a lot of reasons to attract rogue scriptwriters to circumvent any patch that Microsoft can come up with. Make no mistake, these programmers do not care about you or anyone else for that matter. Regardless of where these rogue programmers are located, they operate under the radar of social conscience and in my opinion are or should be considered terrorists or criminals at the very least.

Julie is scheduled to be sentenced on Friday March 2nd, next week.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - at 7:02 am

Categories: Computer Forensics   Tags: , , ,

Firefox 2.0.0.2 Released

Firefox version 2.0.0.2 was released today, download available here.

Fixed in Firefox 2.0.0.2
MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
MFSA 2007-05 XSS and local file access by opening blocked popups
MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
MFSA 2007-03 Information disclosure through cache collisions
MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) Source: Fixes

Windows & Windows Vista
Clicking links in some applications (e.g. some instant messaging programs) might not open them in Firefox, even if you have set it as your default browser. To workaround this problem, go to Start -> Default Programs -> Set default programs for this computer, expand custom, select the radio button next to the app you want to set as the system wide default app (e.g. Firefox, etc.), and apply.
Using the context menu (right-clicking on the Firefox icon) to start in Safe Mode, doesn’t work. As a workaround, use the “Mozilla Firefox (Safe Mode)” menu item that appears in the Start Menu instead.
A Windows Media Player (WMP) plugin is not provided with Windows Vista. As a workaround, in order to view Windows Media content, you can follow these instructions. Note that after installing you may have to get a security update and apply it before you can see the content in the browser.
Vista Parental Controls are not completely honored. In particular, file downloads do not honor Vista’s parental control settings. This will be addressed in an upcoming Firefox release.
When migrating from Internet Explorer 7 to Firefox, cookies and saved form history are not imported. Source: Firefox Release Notes

In total they patched 14 vulnerabilities, but one of the two that were not patched was a serious vulnerability that could allow hackers to inject code remotely just by getting visitors to their malicious webpage, and could let to a compromise of the system. The memory corruption flaw is detailed here memory corruption when onUnload is mixed with document.write()s. US-CERT recommends you disable JavaScript until the flaw is patched.

Here is the current activity listed by US-CERT after the break.
Read more…

Be the first to comment - What do you think?  Posted by Jimmy Daniels - at 6:20 am

Categories: Firefox, Security   Tags:

Top IE7 Add-Ons

Do you wish IE7 came with a spell checker? Would you like to be able to open your last closed tab? How about a preview of the webpage you are getting ready to visit? How about inline search? All of these are available as add-ons to Internet Explorer 7, and many more. Firefox is not the only browser you can trick out and make better, there are many other add-ons to IE7 at the Windows Market Place.

No web browser is perfect, and no web browser does everything just the way everyone wants it to.

Enter add-ons. Also called extensions or plug-ins, add-ons let third-party companies and users with programming skills extend the browser’s functionality in different ways. They are your ticket to a customized web.

Mozilla Firefox is known as the world’s most extensible web browser, which is a big reason for its appeal among web geeks. But users of Microsoft’s Internet Explorer 7, Windows Vista’s native browser, need not be left out in the cold when it comes to add-ons.

Here’s our roundup of the seven best ways to trick out IE7. Source: Seven Best Add-Ons for IE7

Be the first to comment - What do you think?  Posted by Jimmy Daniels - February 23, 2007 at 8:38 pm

Categories: IE7   Tags:

Top 25 Universities in Piracy

Using new software tools the RIAA has released a new top 25 list for Universities around the nation, the top 25 in Piracy. According to the RIAA, they have sent out over 14,500 infringement notices during the 2006-2007 school year, nearly triple the number sent during the previous year. But, this could be because of the better tools, and not because three times as many people are downloading music. Now, this list is just notices sent, they aren’t measuring exactly how many songs are being downloaded, etc, just the total number of infringement notices they have sent to the Universities.

Purdue, on the other hand (my not-so-proud alma mater for today), seems to be taking the “don’t worry, be happy” approach to sitting pretty at the number two spot. The school almost never even notifies the students of copyright infringement, or much of anything, in my experience. Purdue spokesman Steve Tally told the Associated Press, “In a sense, the (complaint) letter is asking us to pursue an investigation and as the service provider we don’t see that as our role.” This attitude expresses either extreme pompousness on Purdue’s part or extreme ignorance. Is that not the whole reason why the RIAA cannot pursue potential infringers individually? The students are currently allowed to hide behind the ISP in this case, the university with the understanding that the ISP will investigate infringement accusations. If Purdue and any other schools who express this attitude don’t feel the need to investigate, then they put themselves at risk of being sued by the RIAA.

Without further ado, the list:

Ohio University – 1,287
Purdue University – 1,068
University of Nebraska at Lincoln – 1,002
University of Tennessee at Knoxville – 959
University of South Carolina – 914
University of Massachusetts at Amherst – 897
Michigan State University – 753
Howard University – 572
North Carolina State University – 550
University of Wisconsin at Madison – 513
University of South Florida – 490
Syracuse University – 488
Northern Illinois University – 487
University of Wisconsin at Eau Claire – 473
Boston University – 470
Northern Michigan University – 457
Kent State University – 424
University of Michigan at Ann Arbor – 400
University of Texas at Austin – 371
North Dakota State University – 360
Indiana University – 353
Western Kentucky University – 353
Seton Hall University – 338
Arizona State University – 336
Marshall University – 331 Source: Forget party schools: The RIAA lists the top piracy schools in the US

It’s good to see one of our local universities in the top 25 again, but this is the wrong list to be on. If ANY of these Universities would like to talk about hardware that can easily detect and block file sharing programs, email me at webmaster at tipsdr.com and I can put you in contact with a vendor who will let you try one of their devices out. This device will stop it without any latency because it does not go inline with your routers, it just needs to see all of the traffic through a span port on your switch to be able to block it.

Under federal law, universities that receive complaints about students illegally distributing copyrighted songs generally must act to stop repeat offenders or else the schools can be sued. The entertainment industry typically can identify a student only by his or her numerical Internet address and must rely on the school to correlate that information with its own records to trace a person’s identity. Source: Music industry cracks down on colleges

This makes Purdue’s stand seem ill advised, as they do not normally notify offenders that have received a complaint from the RIAA, they say it is too much trouble to find them. They also say, our students aren’t repeat offenders, I wonder how they know that, but they don’t know which users are doing it. Curious. Maybe all of the students there just know better after their first download and stop doing it, but, wouldn’t that mean they would stop receiving complaints as well? I would like to hear more from them on how it is too much trouble to track, but they know their students are not repeat offenders.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - at 4:19 pm

Categories: Piracy   Tags: ,

Next Page »