From Info World: “IBM on Wednesday posted an advisory on its Web site that alerted customers to a tool that could potentially decrypt administrator and customer passwords residing on servers that use some IBM e-commerce software.” The vulnerability seems to affect most recent versions of Big Blue’s NetCommerce and WebSphere servers.

“In a major extension of corporate policy, Microsoft has quietly started a program to provide selected large enterprise customers with copies of the source code for Windows 2000 (Professional, Server, Advanced Server and Data Center), Windows XP (released betas) and all related service packs.” IT analysts at MetaGroup explore this development in a guest commentary piece at CNET News.com, asking: Is this Microsoft’s first attempt at Open Source?

The controversial new Uniform Computer Information Transactions Act (UCITA) is under fire once again. After a relatively easy passage of the bill in Virginia and Maryland last year, those opposed to UCITA, opponents are now “moving aggressively to prevent the state legislature from passing the measure.” Thanks to that organized resistance, passage of the bill in the Lone Star State is seen as unlikely — at least this year. Full story at InfoWorld.

From ZDNet Sm@rt Partner: “Simply put, the open-source movement has proven beyond a shadow of a doubt that you can develop great software with dozens of developers using collaborative work techniques. From the world-beating by programs like Apache, Linux and Perl to less well-known, but still important software like OpenSSH (Secure Shell for rlogin, telnet and ftp connections) and Bugzilla (bug tracking), open source is driving much of tomorrow’s software.”

GameSpot confirms that the GameCube, Nintendo’s next-generation gaming console, is on schedule for a July 2001 launch in Japan, an October 2001 release in the United States, and an early 2002 release for European markets.

From SANS Institute: “In the largest criminal Internet attack to date, a group of Eastern European hackers has spent a year systematically exploiting known Windows NT vulnerabilities to steal customer data. More than a million credit cards have been taken and more than 40 sites have been victimized.”

“Microsoft will formally introduce its Hailstorm Web services development platform initiative to the market in a marathon 14-hour session next week in Redmond, Wash.

Hailstorm is a set of Web services, including next-generation versions of Microsoft’s Passport Internet authentication service and its MSN Messenger instant-messaging technology, that are compliant with the Extensible Markup Language data-sharing protocol.” Full report at ZDNet News.

Apple is celebrating a greater than expected availability of Motorola’s 733MHz G4 chips by introducing a new Power Mac that sells for $500 less than the computer maker’s current top of the line model. The new units sport a CD-rewritable drive instead of the more expensive SuperDrive that can read and write both CDs and DVDs. Full story at ZDNet.

What do music industry executives fear more than an unlikely Napster court victory? Congressional intervention. ZDNet News reports that the industry is lobbying hard to keep the US Congress from passing any sort of legislation that could impact digital music delivery. Considering that the last attempt by lawmakers to protect online content resulted in passage of the Digital Millennium Copyright Act, this might not be an entirely bad thing.

Today’s Debian security advisories, as posted to Help Net Security: “When ePerl is installed setuid root, it can switch the UID/GID of the scripts’ owner (details)” … “The AsciiSrc and MultSrc widget in the Athena widget library handle temporary files insecurely (details)” … “It has been reported that one can tweak man2html remotely into consuming all available memory (details)” … “Former versions of sgml-tools created files directly in /tmp in an insecure fashion (details).”