Posted on
by

Talk about convoluted. Someone has developed a Java applet that will use one browser to install spyware on another. The applet runs in any browser using the Sun Java Runtime Environment—Firefox, Opera, Mozilla, etc.—and if it can convince you to run the installer, it will install spyware on Internet Explorer. And since you can’t remove Internet Explorer from Windows (you can hide it, but it’s always there…waiting), just using an alternative browser isn’t enough to protect you.

Of course, the obvious solution here is don’t let it install anything. That’s what the Java sandbox is for, after all: applets run in their own little world and can’t touch the rest of your system unless you let them (or they find a hole in the sandbox, which is why you need to keep Java up to date—just like everything else).

Time to emphasize the fact that while Firefox is still safer than IE, it’s not a magic bullet. There is no magic bullet. You can minimize risk, but never eliminate it.

(via SANS Internet Storm Center)

Posted on
by

Fedora Core is following the path blazed by the Linux kernel: having started out as primarily an x86-based project (the 32-bit Intel-based processors from the 386 through the Pentium 4 and Athlon), it’s branching out. Versions 2 and 3 added support for the AMD-64 chips (basis of the Opteron and Athlon 64), and now, with the first test release of Fedora Core 4, official support for both 32-bit and 64-bit PowerPC.

There was a side project already, and most of the pieces that go into a Linux distribution have reached the point where they’re (mostly) platform-independent—all you need to do is recompile them. It takes fine-tuning, of course, and the actual hardware support takes effort. Yellow Dog Linux started out porting Red Hat to the PowerPC so it would run on Macs, and now builds a solid distribution off of Fedora Core, including a high-end server OS targeted for IBM’s PowerPC servers.

It’ll be interesting to compare upcoming versions of Yellow Dog and Fedora Core now that the latter is working on an actual PPC release.

Posted on
by

[Cover]Also in comics news, the nine-part adaptation of Neil Gaiman’s Neverwhere begins in June.

The basic premise is this: In urban areas, we tend to tune out the homeless to the point where we don’t even see them. What if we really don’t see them? What if there’s another world, just slightly out of sync with this one, where the rules are all different. (JMS used a similar springboard for Midnight Nation, but took it in a completely different direction.) There’s poverty, and scavenging… but there’s also magic, and honor, and a society with its own strange codes. The story follows everyman Richard Mayhew as, through a simple act of kindness, he slips through the cracks from London Above to London Below. In order to get back, he has to help a mysterious girl named Door on her quest to find her family’s killers and honor their legacy…and escape the assassins tracking them both!

It’s hard to guess how well this will work. Neil Gaiman’s comics and prose are both fantastic (in every sense of the word). Comic book adaptations of his prose, though, haven’t been nearly as good. The writers have a tendency to preserve too much of the text, and it gets bogged down in narration. It happened with “Murder Mysteries,” with “Only the End of the World Again”, and with “The Price.”

Neverwhere has two advantages, though. It started life as a TV script (he only wrote the novel because he realized that budget limitations and producer interference would prevent them from doing the story “right”), and TV, like comics, is a visual medium. And with nine issues, there should be plenty of room to show, not tell, the story.

Posted on
by

[Cover]On the list of DC comics for June: The Return of Donna Troy #1. Along for the ride: New Teen Titans: Who is Donna Troy?, collecting the classic stories that explored the original Wonder Girl’s past. (And, I suspect, some of the newer stories that screwed it up. It doesn’t mention the Dark Angel storyline, but it does say “and much more,” and includes a bit from the Titans/Outsiders Secret Files that I know I read, but can barely remember.)

Let’s face it: like killing Superman, Troia’s death was never intended to stick. It was an admitted gimmick: what would shake up the Titans and Young Justice so badly that you could break up both teams and create new takes on the Teen Titans and Outsiders? Throw in the backstory with multiple lifetimes and the sequences in Graduation Day itself that showed her in another life, and you’ve got more than a back door to bring her back: she just lingered a bit longer than usual near the revolving door.

I’m of mixed feelings on this. On one hand, I think comics should take death a bit more seriously. If you can bring back Superman, Wonder Woman, Green Arrow, Green Lantern, and a dozen other heroes, why should any of the Titans have expected Donna’s death to be permanent? Why should anyone have expected Sue Dibny’s death in Identity Crisis to be permanent? Then add in the fact that I’d generally rather see comics follow through on changes (Wally replacing Barry as Flash, Kyle replacing Hal as GL, etc.) than reversing them.

On the other hand, Graduation Day was a lousy story. It was basically “How can we dismantle two teams in three issues?” And Donna’s death was clearly intended to be temporary. And unless you count Cassie, the new Wonder Girl, no one really replaced her, so bringing her back doesn’t push anyone else out of the spotlight.

Heck, it’s got George Perez and Phil Jimenez working together. How can I not read it?

Posted on
by

It looks like the FCC isn’t completely insane. After four months, they concluded that the now-infamous Desperate Housewives locker room promo isn’t indecent after all. “Although the scene apparently is intended to be titillating, it simply is not graphic or explicit enough to be indecent under our standard.”

I saw the spot—or at least something that matched the description exactly—and it was no more explicit than typical prime-time fare. I thought it was cheesy, but I honestly didn’t think any more about it, so when the controversy hit, I couldn’t figure out what the big deal was.

But it took them four months to figure this out?

Ah, well, I suppose it’s fast for the FCC. I mean, it took them more than a year to clear a complaint against Angel, by which time the series had been off the air for nine months.

(Incidentally, I’ve never seen a single episode of Desperate Housewives. It just doesn’t look like my kind of show.)

Posted on
by

According to The Beat, a judge has thrown out about half the claims in Marvel’s lawsuit against City of Heroes.

Apparently several of the “infringing” works they cited were in fact made by Marvel, not by players. The judge also threw out claims that the game makers infringed trademarks directly and refused to issue a declaration that they are not a service provider (if they are considered a service provider, then they are shielded from liability under the DMCA as long as they take action quickly enough).

The post mostly reprints a press release from NCsoft, so it’s noticeably upbeat, but they do have precedent on their side—such as Sony vs. Betamax. Well, as long as none of the morons in Congress manage to force the Induce act through. That would basically declare that makers of pens and pencils are liable for any copyright or trademark infringement.

Follow-up post: The suit was settled in December.

Posted on
by

Found this in our mail server logs:

relay=OWNED.HACKED.BITE.ME [IP removed], reject=550 5.7.1 No mail accepted from known spam hosts or exploited systems

This was a connection we rejected because the sending IP was on the Spamhaus XBL list of exploited systems. (Everything from reject on is the error message we returned.) Apparently whoever wrote the spam tool decided to advertise that fact when sending mail.