In a hacking contest pitting Windows, OS X and GNU/Linux against each other, a MacBook Air was the first machine to go down after just two minutes into the second day. The headline is in several places, but I’m linking to Slashdot because comments like these amuse me at 5:30am:
It’s funny how they turned a huge hole in the Safari browser into a commercial for the Mac Air.
“Small size, big holes”
The Motion Picture Association of America (MPAA) recently released software which it urged some of America’s largest universities to employ in order to monitor their networks for unauthorized file sharing. Not only do the universities not owe the MPAA anything, but the toolkit was found by security specialists to raise some major privacy concerns. Steve Worona, director of policy and networking programs at EDUCAUSE, says of the toolkit, “no university network administrator in their right mind would install this toolkit on their networks.”
More interestingly though, the software in question was based on Ubuntu variant Xubuntu and also made use of the Apache web server. There’s enough irony in the use of free and open source software to enforce draconian copyright laws already, but apparently the MPAA was in violation of the GNU GPL, the license the majority of the software is released under, by not making the source code available. Matthew Garrett from the Ubuntu technical board contacted the organization about their violation of copyright which resulted in a removal of the toolkit from the MPAA’s website. It will likely be up again soon once they sort things out, but this episode is both ironic and embarrassing for the MPAA. Calls for stricter copyright begin to sound hypocritical when the MPAA fails to respect other copyright holders’ rights.
I really hope they’re embarrassed, but I’m not holding my breath.
Did you know that when you’re viewing mail in your Gmail account you’re not using a secure connection by default? That means that anyone who’s sniffing traffic on your network can intercept your packets and essentially read your email or, worse yet, steal your session (ie. login to Gmail as you)!
The chances of this actually happening to you are very slim. But Google actually offers HTTPS (ie. encrypted) access to Gmail, so why not take advantage of it? To use HTTPS, you just need to change the “http://” in the address bar to “https://” once you’re logged in and hit enter.
You need to do this ever time to log into Gmail though, which is a bit annoying. That’s why I’ve begun using the GMailSecure script for Greasemonkey. Greasemonkey is a Firefox add-on which allows you to install scripts that customize websites for you. This script simply replaces “http://” with “https://” for you whenever you’re logged into Gmail.
For any security conscious Firefox+Gmail users out there, this add-on ensures that you’re always viewing your email over a secure connection.