Owners of the .cm Top Level Domain, Cameroon, have stumbled across a controversial new business model. Noticing that their TLD is only one letter short of .com, the Cameroons have now added a wildcard entry to their DNS records pointing all unresolved queries to an ad-based search engine. Unfortunately, ICANN has little control over what a country can do with its own TLD, unlike the earlier attempt by Verisign on the actual .com TLD

Aiding the fight against malware, Google have added a new feature to its search results. Now flagging sites that are suspect of carrying malware, spyware and all other kinds of naughtyware, Google is giving users the option to steer clear by giving them an early warning and offering an alternative search result.

The feature employs a list of known reprobates as determined by the Stop Badware Coalition, of which Google is a member. Upon clicking an offending link, users are presented with a warning and the option to continue or go someplace else.

At this years Black Hat conference in New York, security consultant Brendan O’Connor displayed a proof of concept attack against a Xerox printer. Exploiting vulnerabilities in the printers embedded software; O’Connor was able to snoop on the traffic being passed to the device. During the conference O’Connor highlighted the importance of security in embedded software and pointed out the huge amount of sensitive information that could be leaked if such an attack occurred. Xerox has released a patch for their WorkCenter printers but O’Connor maintains that the issue is not fully resolved.

Whilst the war between HD-DVD and Blu-ray rages on, storage manufacturers have started to look ahead for the next big thing in data containment. InPhase, a Lucent spin off, have been looking into a 3D-storage mechanism over the past 5 years. By stacking data in 3 dimensions, instead of two, InPhase - in cohorts with Hitachi Maxell - claim that by 2010, 3D storage devices will be capable of offering up 1.6TB’s on media the size of a CD, with 300GB devices available by the end of this year.

How Hitachi Maxell’s method differs from say, a dual-layer DVD (and thus 3D-storage model) is unknown, and at $15,000 a writer, $180 a disc, demand is going to be short. To this end InPhase and Hitachi Maxell have been in discussions relating to high capacity devices available to the mass market, one possibility is a small disc, about the size of a postage stamp, that will hold 75-100GB.

More information at : www.inphase-tech.com

Related Stories : 2600uk - 50 Terabyte DVD

As some of you know, I have just added a dedicated page for UK meet details. Considering that most meets occur at the same time, putting out a bulletin for each wasnt very efficient. If anyone has any meets that they would like added to the page please email me via the contact page. Specialist conferences, such as DNS-Con, as well as any meet changes will be posted as and when they occur on the main page.

espo812 of slashdot reports “A story from Washingtonpost.com says, ‘The Senate has ratified a treaty under which the United States will join more than 40 other countries, mainly from Europe, in fighting crimes committed via the Internet.’ Ars Technica says it’s the ‘World’s Worst Internet Law.’”

From the Ars story: “According to the EFF, ‘The treaty requires that the U.S. government help enforce other countries’ ‘cybercrime’ laws–even if the act being prosecuted is not illegal in the United States. That means that countries that have laws limiting free speech on the Net could oblige the F.B.I. to uncover the identities of anonymous U.S. critics, or monitor their communications on behalf of foreign governments. American ISPs would be obliged to obey other jurisdictions’ requests to log their users’ behaviour without due process, or compensation.”

Source : Slashdot - U.S. Senate Ratifies Cybercrime Treaty

The Register is running a two-page article on the cloning of the new biometric passports that are becoming widely implemented. Lukas Grunwald, from Germany’s DN-Systems consultants, demonstrated, at Black Hat, the ease to which a biometric passport can be fraudulently cloned. What may be even more surprising, is that the, widely available, ICAO documentation actually outlines the technical processes in quite a lot of detail.

To read more, please follow this link to The Register