Slashdot

blognoggle writes "Roger Sessions, a noted author and expert on complexity, developed a model for calculating the total global cost of IT failure. Roger describes his approach in a white paper titled The IT Complexity Crisis: Danger and Opportunity. He concludes that IT failure costs the global economy a staggering $6.2 trillion per year."

Fraggy_the_undead writes "According to German IT news site heise.de, yesterday several 3D showings of Avatar couldn't take place (German; Google translation to English), because the movies were DRM protected such that there had to be a key per copy of the film, per film projector, and per movie server in the theater. The key supplier, by the name Deluxe, was apparently unable to provide a sufficient number of valid keys in time. Moviegoers were offered to get a refund or view an analogue 2D showing instead."

Benaiah writes "In something seemingly out of a Keanu Reeves movie, an Australian driver was unable to make his freeway exit when his car failed to slow down as he applied the brake. For those of you too lazy to RTFA he tried everything to stop the car including turning off the ignition but to no avail, the computer was in control. Police at one point escorted him down the wrong side of the road at 80km/h(50mp/h) until he eventually was able to stop it by repeatedly stepping on the brake pedal. Ford Australia spokeswoman Sinead McAlary said there has been a recall on that make of car but for a different reason."

An anonymous reader points out a recent article at Gamesradar discussing the frequency of major bugs and technical issues in freshly-released video games. While such issues are often fixed with updates, questions remain about the legality and ethics of rushing a game to launch. Quoting: "As angry as you may be about getting a buggy title, would you want the law to get involved? Meglena Kuneva, EU Consumer Affairs Commissioner, is putting forward legislation that would legally oblige digital game distributors to give refunds for games, putting games in the same category in consumer law as household appliances. ... This call to arms has been praised by tech expert Andy Tanenbaum, author of books like Operating Systems: Design and Implementation. 'I think the idea that commercial software be judged by the same standards as other commercial products is not so crazy,' he says. 'Cars, TVs, and telephones are all expected to work, and they are full of software. Why not standalone software? I think such legislation would put software makers under pressure to first make sure their software works, then worry about more bells and whistles.'"

itwbennett writes "Monday afternoon, Adobe 'received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild,' the company said in a post to the company's Product Security Incident Response Team blog. According to malware tracking group Shadowserver, the vulnerability is due to a bug in the way Reader processes JavaScript code. Several 'tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable,' Shadowserver said in a post on its Web site. The group recommends that concerned users disable JavaScript within Adobe's software as a work-around for this problem. (This can be done by un-checking the 'Enable Acrobat JavaScript' in the Edit -> Preferences -> JavaScript window). 'This is legit and is very bad,' Shadowserver added."

I Don't Believe in Imaginary Property writes "A Microsoft Office 2003 bug is locking people out of their own files, specifically those protected with Microsoft's Rights Management Service. Microsoft has a TechNet bulletin on the issue with a fix. It looks like they screwed up and let a certificate expire. There's no information on when the replacement certificate will expire, though, or what will happen when it does."

An anonymous reader writes "So far, there are over 35 pages of people posting about why EA released Pandemic Studios' final game, Saboteur, to first the EU on December 4th and then, after knowing full well it did not work properly, to the Americas on December 8th. They have been promising to work on a patch that is apparently now in the QA stage of testing. It is not a small bug; rather, if you have an ATI video card and either Windows 7 or Windows Vista, the majority (90%) of users have the game crash after the title screen. Since the marketshare for ATI is nearly equal to that of Nvidia, and the ATI logo is adorning the front page of the Saboteur website, it seems like quite a large mistake to release the game in its current state."

eldavojohn writes "A number of blog posts are surfacing that are calling out the helpful open source community on their documentation. No, not the documentation for the highly skilled technical people, but the documentation from beginner to apprentice. A two-part series by Carla Schroeder lists bad documentation as 'Linux Bug #1' and advises users to use Google as the documentation. We've discussed before some of open source's documentation being out of date. Is it really as bad as these blogs paint it? Has it come down to using Google before a man page?"

MojoKid sends in a piece that takes a step back from Google's much-analyzed OS to look at what it is trying to accomplish. "Last week, Google open-sourced its Chromium OS project, more than a year before the operating system is scheduled for release. In doing so, Google hopes a variety of developers and companies will become involved in the project, and has pledged to release regular updates as well as a comprehensive log of bug reports and fixes. This article takes a look at Google's design vision for Chromium, the unique benefits it offers, and a bit of why Google is throwing its hat into this particular ring in the first place. Chromium, after all, is a Linux-based OS entering the smartbook/netbook market at a time when the product segment is already being well served by a variety of Linux distros, XP, and Windows 7. In the midst of all these options, do we need another operating system? We just might."

duguk writes "Microsoft has confirmed that it is investigating a problem described as the 'black screen of death,' which affects Windows 7 — and reports suggest it affects Vista and XP, too. The firm said it was looking into reports that suggest its latest security update, released on Tuesday 25 November, caused the problem. The error means that users of Windows 7 and earlier operating systems see a totally black screen after logging on to the system." Update: 12/01 22:35 GMT by KD : Microsoft now says that its November Windows updates are not causing the BlackSOD: "The company has found those reports to be inaccurate and our comprehensive investigation has shown that none of the recently released updates are related to the behavior described in the reports."

jtavares2 writes "In what is being dubbed Throttlegate, scores of users on many message boards have been complaining about nexplicably aggressive throttling policies on their Dell Latitude E6500 and E6400 laptops which cause their CPUs to be throttled to less than 5% of their theoretical maximums even while at room temperatures. In many cases, the issue can be triggered just by playing a video or performing some other trivial, but CPU intensive, task. After being banned [PDF] from the Dell Forums for revealing 'non-public information,' one user went so far as to write and publish a 59-page report [PDF] explaining and diagnosing the throttling problem in incredible detail. Dell seems to be silent on the issue, but many users are hoping for a formal recall."

Eukariote writes "In an article outlining hidden strife in the processor world, Andreas Stiller has reported the scoop that Microsoft advised against the use of Intel Nehalem Xeon (Core i7/i5) processors under Windows Server 2008 R2, but was pressured by Intel to refrain from publishing this advisory. The issue concerns a bug causing spurious interrupts that locks up the Hypervisor of Server 2008. Though there is a hotfix, it is unattractive as it disables power savings and turbo boost states. (The original German-language version of the article is also available.)"

mario.m7 writes "Poste Italiane, the Italian postal service, suffered yesterday from an abnormal computation in ATM and credit card operations, since the decimal comma was not taken into account. The whole sum was therefore multiplied by 100, resulting in a 115,00 Euro transaction being debited as 11.500 Euro! Thousands of accounts are deep in the red and locked (link pumped through translator), so that no more operations are possible. Poste Italiane is gradually recovering the problem, fixing the error and re-crediting the sum debited in excess. Consumer associations have offered support to clients in case this lasts longer and causes damage."

derrida writes "After over a year of intensive development and refactoring, Inkscape 0.47 is out. This version of the SVG-based vector graphics editor brings improved performance and tons of new features, including: timed autosave, Spiro splines, auto-smooth nodes, Eraser tool, new modes in Tweak tool, snapping options toolbar & greater snapping abilities, new live path effects (including Envelope), over 200 preset SVG filters, new Cairo-based PS and EPS export, spell checker, many new extensions, optimized SVG code options, and much more. Additionally, it would be wrong to not mention the hundreds of bug fixes. Check out the full release notes for more information about what has changed, enjoy the screenshots, or just jump right to downloading your package for Windows, Linux, or Mac OS X." We've been following the progress of Inkscape for years (2006, 2005, 2004).

An anonymous reader writes "Researchers have found several security holes in popular Firefox extensions that have an estimated total of 30 million downloads from AMO (the Addons Mozilla community site). Three 0-days were also released. Mozilla doesn't have a security model for extensions and Firefox fully trusts the code of the extensions. There are no security boundaries between extensions and, to make things even worse, an extension can silently modify another extension." The affected extensions are Sage version 1.4.3, InfoRSS 1.1.4.2, and Yoono 6.1.1 (and earlier versions). Clearly the problem is larger than just these three extensions.

seven of five writes with this excerpt from an Associated Press report: "A problem with the FAA system that collects airlines' flight plans caused widespread flight cancellations and delays nationwide Thursday. It was the second time in 15 months that a glitch in the flight plan system caused delays. The FAA said in a statement that it is having a problem processing flight plan information. 'We are investigating the cause of the problem,' the agency said. 'We are processing flight plans manually and expect some delays. We have radar coverage and communications with planes.'"

itwbennett writes "Pity the poor engineer who had to find this one. One of the more interesting of the handful of bugs that have appeared since the launch of Verizon's Droid smartphone has to do with the on-board camera's auto-focus. Apparently it just didn't work. And then suddenly it did. Naturally, this off-again, on-again made the theories fly. But the real reason for the bug was revealed in a comment on an Engadget post by someone claiming to be Google engineer Dan Morrill: 'There's a rounding-error bug in the camera driver's autofocus routine (which uses a timestamp) that causes autofocus to behave poorly on a 24.5-day cycle,' said Morrill. 'That is, it'll work for 24.5 days, then have poor performance for 24.5 days, then work again. The 17th is the start of a new 'works correctly' cycle, so the devices will be fine for a while. A permanent fix is in the works.'"

dag writes "Drupal 6 Social Networking is an interesting book about how to build social networks and why Drupal is a good choice as a platform for building communities. Even if you don't have any Drupal experience yet, this book explains what is needed when you start from scratch and looks at the different facets of a social network." Keep reading for the rest of Dag's review.

rastos1 and several other readers noted that the SSL vulnerability we discussed a couple of weeks back, which some researchers had claimed was too theoretical to worry about, has now been demonstrated by exploit. The attack description is available on securegoose.org. "A Turkish grad student has devised a serious, real-world attack on Twitter that targeted a recently discovered vulnerability in the SSL protocol. The exploit by Anil Kurmus is significant because it successfully targeted the so-called SSL renegotiation bug to steal Twitter login credentials that passed through encrypted data streams. All in all, a man in the middle is able to steal the credentials of a user authenticating himself through HTTPS to a trusted website."

xploraiswakco writes with the first Microsoft-confirmed Windows 7 zero-day vulnerability, with a demonstration exploit publicly available. The problem is in SMBv2 and SMBv1 and affects Windows 7 and Windows Server 2008 R2, but not Vista, XP, or Windows Server 2003. A maliciously crafted URI could hard-crash affected machines beyond any remedy besides pushing the white button. "Microsoft said it may patch the problem, but didn't spell out a timetable or commit to an out-of-cycle update before the next regularly-scheduled Patch Tuesday of December 8. Instead, the company suggested users block TCP ports 139 and 445 at the firewall." Reader xploraiswakco adds, "As important as this the mentioned article is, it should also be pointed out that any IT staff worth their pay packet should already have port 139 blocked at the firewall, and probably port 445, too."