Reported at Network World Fusion: “The Federal Communications Commission plans
to prevent DSL service provider Rhythms
Netconnections from discontinuing its
broadband network service, The Wall Street
Journal said on its Web site late Monday.

Rhythms planned to close down at 11:59 p.m.
Tuesday night, but its fate will now be decided
by U.S. Bankruptcy Judge Burton R. Lifland at a
hearing on the issue Tuesday at 10 a.m. in New
York, according to the Journal.”

In a press release announcing the HOAP-1 robot: “The basic simulation software and user-developed programs are designed to run on RT-Linux
on an operating command PC, which communicates with the the robot through a USB interface.
The robot’s internal sensors and actuators (motors) also use USB interface and can be easily
expanded according to needs.”

PC World reports “Some of the nation’s top judges, who set policy for the federal courts, are gearing to
take a stand on whether judges and other court employees should have their PCs and Internet use monitored
at work.

The issue is being raised at the twice-annual Judicial Conference here this week. The judges’ decision could
affect snooping practices for other government employees and, perhaps, workers in general.” Interesting how quickly the judicial branch, which has traditionally ruled in favor or let stand workplace monitoring practices, changes its tune when its their privacy at stake.

Do companies really save money when ditching their servers to go with Linux on a mainframe? Consulting Times publisher Stephen Harris asked one of IBM’s first Linux S/390 customers to run the numbers and came up with some mixed, but ultimately validating, figures.

Commentary from ZDNet: “…we really need something brand new, rather than a Linux
version of MS Office. The supposed benefits of Linux are a tighter OS that’s essentially
impervious to crashing, uses less resources, is open source and thus customizable.

So why take this evolving creation and saddle it with the same old, same old of the redundant
generation of cumbersome software applications?”

Posted at Help Net Security: “he Finder creates an invisible file, “.DS_Store” in each directory which contains
(among other binary gobledygook) a list of files in the directory.

So, if you have EVER viewed a web directory in the Finder, an attacker can just retrieve

http://your.mac.com/some_directory/.dS_store

to learn what files are in that directory.”

Help Net Security posts information regarding vulnerabilities in PAM and NSS modules using a PostgreSQL database: “The attack can execute arbitrary SQL statements under the database user used for
querying the PostgreSQL database. Responses from the database backend can be
faked. Exploiting the vulnerability in a PAM module, an attacker might gain unauthorized
access. The possibilities of an attacker facing a vulnerable NSS module depend heavily
on the system configuration and the offered services.”

Posted at Help Net Security: “he Apache module mod_auth_mysql 1.4,which is shipped since SuSE Linux 7.1,
was found vulnerable to possible bypass authentication by MySQL command
injection.
An adversary could insert MySQL commands along with a password and these
commands will be interpreted by MySQL while mod_auth_mysql is doing the
password lookup in the database. A positive authentication could be returned.”

Associated Press (via San Francisco Chronicle): “Trading was suspended at the New York Stock
Exchange, and officials were deciding whether to shut
for the entire day. The Nasdaq Stock Market said it was
still considering an 11:30 a.m opening, but no final
decision had been made.d

Other markets did close: the American Stock Exchange
and the New York Mercantile Exchange.

The nearby World Financial Center, which houses the
NYMEX, was also evacuated.”

Bugzilla-2.14 is a general security update. The serious security problems
fixed are multiple instances where valid users could obtain data on
“confidential” bugs without authorization; multiple instances of security holes where parameters were not being
checked/escaped properly. More information at Help Net Security.