tjhayes writes "The iPhone App Store released an application called NetShare that allowed the iPhone to tether a laptop to the internet. It was priced at a $10 one-time fee. After being available for approximately 2 hours, the application has disappeared from the apps store. What exactly are AT&T/Apple trying to accomplish here?" They are trying to prove what is wrong with DRM, and demonstrate why hackers want to jailbreak the iPhone.

DrEnter writes "According to this article, Yahoo will offer some compensation after they turn off their DRM servers and Yahoo Music customers will no longer be able to access their music. The company said Wednesday it is offering coupons on request for people to buy songs again through Yahoo's new partner, RealNetworks Inc.'s Rhapsody. Those songs will be in the MP3 format, free of copy protection. Refunds are available for users who 'have serious problems with this arrangement,' Yahoo said. Nice to see them step up and do something, especially without trading one DRM scheme for another."

Alsee writes "Welcome to our first real taste of Trusted Computing: With Vista Enterprise and Vista Ultimate, Service Pack 1 refuses to install on dual boot systems. Trusted Computing is one of the many things that got cut from Vista, but traces of it remain in BitLocker, and that is the problem. The Service Pack patch to your system will invalidate your Trust chain if you are not running the Microsoft-approved Microsoft-trusted boot loader, or if you make other similar unapproved modifications to your system. The Trust chip (the TPM) will then refuse to give you your key to unlock your own hard drive. If you are not running BitLocker then a workaround is available: Switch back to Microsoft's Vista-only boot mode, install the Service Pack, then reapply your dual boot loader. If you are running BitLocker, or if Microsoft resumes implementing Trusted Computing, then you are S.O.L."

mjasay writes "At OSCON this year, MySQL's Brian Aker made this bold statement: 'Microsoft is irrelevant ... We're more worried about Apple.' The Free Software Foundation appears to have caught the hint, and has turned its attention to all-things-Apple with a 'denial of service' attack on the Apple Genius Bars. The idea is to completely book all Genius Bars and then ask the 'geniuses,' over and over again, a few questions about Apple's proprietary ways (while, apparently, real customers with support issues are left to flounder). Lost in this anti-Apple fervor, however, is the Free Software Foundation's complete and conscious failure to protect the web. Richard Stallman has long felt that software that doesn't sit on his desktop doesn't affect his freedom, but isn't the opposite true? Why is the FSF focused on Apple when the bigger concern should be Google, Yahoo!, Amazon, and other web players, a point made by Tim O'Reilly recently at OSCON?" Defective by Design is just one of many FSF projects, remember; it hardly seems fair to say that the FSF has been ignoring the implications of software as a service.

Noodlenose notes a thread up on the Ubuntu forums, where a user is questioning the practices of hardware manufacturer Foxconn. The user describes how his new Foxconn motherboard caused his Linux install to freeze and fire off weird kernel errors. He disassembles the BIOS and concludes that a faulty DSDT table is responsible for the errors. Even though the user makes Foxconn aware of the problem, they refuse to correct it, as 'it doesn't support Linux' and is only 'Microsoft certified.' The user speculates darkly on Foxconn's motives. Read the forum, read the code, and come to your own conclusions. "I disassembled my BIOS to have a look around, and while I won't post the results here, I'll tell you what I did find. They have several different tables, a group for Windows XP and Vista, a group for 2000, a group for NT, Me, 95, 98, etc. that just errors out, and one for LINUX. The one for Linux points to a badly written table that does not correspond to the board's ACPI implementation.' The worst part is Foxconn's insistence that the product is ACPI compliant because their tables passed to Windows work, and that Microsoft gave the the magic WHQL certification."

iminplaya writes with a link to an excellent article at Ars Technica, extracting from it a few choice nuggets: "The bad dream of DRM continues. Yahoo e-mailed its Yahoo! Music Store customers yesterday, telling them it will be closing for good — and the company will take its DRM license key servers offline on September 30, 2008. Sure, it's bad news and yet another example of the sheer lobotomized brain-deadness that has characterized music DRM, but the reaction of most music fans will be: 'Yahoo had an online music store?'... DRM makes things harder for legal users; it creates hassles that illegal users won't deal with; it (often) prevents cross-platform compatibility and movement between devices. In what possible world was that a good strategy for building up the nascent digital download market? The only possible rationales could be 1) to control piracy (which, obviously, it has had no effect on, thanks to the CD and the fact that most DRM is broken) or 2) to nickel-and-dime consumers into accepting a new pay-for-use regime that sees moving tracks from CD to computer to MP3 player as a 'privilege' to be monetized."

snydeq writes "InfoWorld's Tom Yager takes a closer look at Apple's iPhone SDK confidentiality agreement, which restricts developers from discussing the SDK or exchanging ideas with others, thereby leaving no room for forums, newsgroups, open source projects, tutorials, magazine articles, users' groups, or books. But because anyone is free to obtain the iPhone SDK by signing up for it, Apple is essentially branding publicly available information as confidential. This 'puzzling contradiction' is the 'antithesis of the developer-friendly Apple Developer Connection' on which the iPhone SDK program is based, Yager contends. 'You'll see arguments from armchair legal analysts that the iPhone developer Agreements won't stand up in court — but those analysts certainly won't stand up in court on your behalf.' Anyone planning to launch an iPhone forum or open source project should have 'a lawyer draft your request for exemption, and make sure that the Apple staffer granting it personally commits to status as authorized to approve exceptions to the iPhone Registered Developer and iPhone SDK Agreements,' Yager warns."

PoliTech notes in a journal entry that "Vista is the gift that just keeps on giving." "Speaking during SanDisk's second-quarter earnings conference call, Chairman and [CEO] Eli Harari said that Windows Vista will present a special challenge for solid state drive makers. 'As soon as you get into Vista applications in notebook and desktop, you start running into very demanding applications because Vista is not optimized for flash memory solid state disk,' he said... 'The next generation controllers need to basically compensate for Vista shortfalls,' he said. 'Unfortunately, (SSDs) performance in the Vista environment falls short of what the market really needs and that is why we need to develop the next generation, which we'll start sampling end of this year, early next year.' Harari said this challenge alone is putting SanDisk behind schedule. "We have very good internal controller technology... That said, I'd say that we are now behind because we did not fully understand, frankly, the limitations in the Vista environment.'"

An anonymous reader writes "Reverse engineering expert Halver Flake has recently mused on Dan Kaminsky's DNS vulnerability. Apparently his musings were close enough to the mark to cause one of the Matasano team, who apparently already knew of the attack, to publish the details on the Matasano blog in a post entitled 'Reliable DNS Forgery in 2008.' The blog post has since been pulled, but evidence of it exists on Google and elsewhere. It appears only a matter of time now before the full details leak." Reader Time out contributes a link to coverage on ZDNet as well.

PainMeds writes "iPhone Atlas is reporting that the first jailbreak for the iPhone 3G has been released, and includes the popular Cydia community installer for distributing free games and applications. Since Apple's SDK was released, web sites have criticized Apple for the restrictions placed on both what developers could write and what APIs they were allowed to use. Others have noted the SDK's incompatibility with the GPL. The Cydia installer has provided a distribution channel for both open source software and software that would otherwise be impossible to build using the restricted SDK. A few applications are already out, including MobileTerminal and NES.app, a Nintendo game console emulator. In just over a week, open development is finally here for the iPhone 3G!"

Ariastis writes "UbiSoft has long been against No-CD patches. Referring to them on their forums would get you warned or banned. But now, they have just officially released a patch for Rainbow 6: Vegas 2, which, when opened in a hex editor, can easily be identified as coming from the RELOADED scene group, not from UbiSoft programmers. A picture of hex analysis is shown in the story. See? Piracy isn't that bad! It saves you from having to code fixes for your own games! (Watch the drama on the Ubi Forums before it gets scrubbed clean.)"

trainman writes "With the release of Firefox 3, those who have been using self-signed certificates for SSL now face a huge issue — the big, scary warning FF3 issues which is very unintuitive for non-technical users. It seems Firefox is pushing more websites in to the monopolistic arms of companies such as Verisign. For smaller, especially non-profit groups, which will never have issues with domain typo scammers, this adds an extra and difficult-to-swallow cost. Does a service such as this need the same level of scrutiny and cost since all that is being done is verifying domain and certificate match? This extra hand holding adds a tremendous cost and allows monopolistic companies such as Verisign to thrive. Can organizations such as Mozilla not move towards a model that helps break this monopoly, helping establish a CA root authority that's cheap (free?) and only links the certificate to the domain, not actual verification of who owns the domain?"

ihatespam writes "Have you ever wanted to know the name of admin@gmail.com? Now you can. Through a bug in Google calendars the names of all registered Gmail accounts are now readily available. All you need to find out the names of any gmail address is a Google calendar account yourself. Depending on your view this ranges from a harmless "feature" to a rather serious privacy violation. According to some reports, spammers are already exploiting this "feature"/bug to send personalized spam messages."

I Don't Believe in Imaginary Property writes "Malware writers have been obfuscating their JavaScript exploit code for a long time now and SANS is reporting that they've come up with some new tricks. While early obfuscations were easy enough to undo by changing eval() to alert(), they soon shifted to clever use of arguments.callee() in a simple cipher to block it. Worse, now they're using document.referrer, document.location, and location.href to make site-specific versions, too. But SANS managed to stop all that with an 8-line patch to SpiderMonkey that prints out any arguments to eval() before executing them. It seems that malware writers still haven't internalized the lesson of DRM — if my computer can access something in plaintext, I can too."

cliffski raises some questions about the need for game developers to have some amount of data from the users who play their games. He says, "PC Games connecting to a central server to send information (outside of MMOs) have gotten a (deserved) bad reputation in recent years. The huge outcry about Mass Effect and Spore are evidence enough of that. But in gamers' hurry to prevent intrusive DRM systems and dubious privacy-breaking data harvesting, are we throwing out the good with the bad?" Clearly, some aspects of games could be improved by having a better knowledge of average PC specs or knowing which parts of the games are more entertaining to the users. Input from customers helps to improve almost any product, as indicated by the usage of countless surveys and focus groups. But where do we draw the line between being inquisitive and being intrusive? What can game developers do to prove that the collection techniques or the data themselves wouldn't be abused?

dch24 was one of many who noted that the iPhone 2.0 software has already been unlocked writes "If you were wondering how I was doing push email tests on iPhone OS 2.0 and Vodafone UK, this is the reason why. The code wizard commandos at the iPhone Dev Team have been working on this non-stop since the early days of beta testing. In fact, I had iPhone OS 2.0 running on my iPhone since last week. That was version 5A345, two below 5A347, but identical in functionality." Still no word on an iPhone 3G crack.

RCTrucker7 writes with a link to a Maximum PC story, which begins: "Details of Dell's surreptitious collusion with RIAA (Record Industry Association of America) have emerged. Apparently, the computer manufacturer disabled the Stereo Mix/Mono Mix/Wave Out sound recording function on certain notebooks to assuage RIAA. The hardware functionality is being disabled without any prior notice and one blogger has even alleged that he was asked by Dell's customer support staff to [shell] out $99 if he desired the stereo mix option. Gateway and Pac Bell are the other two manufacturers to have bowed to RIAA at the expense of their customers' satisfaction and disabled stereo mix without warning." (There are some workarounds posted in the comments of the linked article.)

christ, jesus H writes "PC gaming may not be dying, but it is in a state of flux. We're seeing developers and publishers blaming piracy for all the ills of PC gaming, but attempts to rein in pirates with the help of DRM only annoys and mobilizes the legitimate customers of your games. The solution? According to David Perry of Shiny Games, PC games are going to be free." (And if anyone has a favorite replacement term for "piracy," in the context of electronic copyright violation, please suggest it below.)

andrewsavikas writes "Starting in July, O'Reilly Media will pilot select books as DRM-free ebook bundles (PDF, EPUB, and Kindle-compatible Mobipocket) priced at or below the cover price of the book. David Pogue comments on the pilot in the wake of his own recent dustup about ebooks and piracy, covered previously on Slashdot."

snydeq writes "InfoWorld's Tom Yager offers insight on how digital TV is rapidly heading toward the kind of lockdown that entertainment and broadcast lobbies desire for the Internet. Standards such as HDMI and HDCP are acting in concert to strip your equipment of its functionality, displaying 'incompatibility' messages when plugged into older HDMI-enabled devices, shutting down analog outputs when active, and requiring balky handshake credentials that force many consumers to reboot their TVs to recover permission to watch them. Even broadcast flagging, which has been overturned by the Court of Appeals, is still on the de-facto table, as the entertainment lobby retains the power to bully technology companies into baking broadcast flagging into their wares. Sure, digital TV has far fewer points of origin than the Internet and is therefore easier to control, but, as Yager writes, 'Internet rights restrictions come through your telecommunications equipment' — and it is likely through that equipment that the entertainment and broadcast lobbies will chip away at your rights on the Web."