How Can The Same Senators Vote Against Net Neutrality, But For Broadcast Flag?

Those who are against adding any language to the latest Telecom Act on net neutrality keep saying it's important not to regulate the industry -- because government involvement leads to inefficient results that could strangle the technology. That's a defensible position (though, there are reasonable responses to it).

However, what makes no sense at all is for a Senator to declare that net neutrality legislation isn't needed because it's a bad idea to regulate this important technology... and then turn around and support the idea of a broadcast flag in the exact same bill. Back in May Senator Stevens telecom bill first came out that he had brought back the broadcast flag concept that refuses to die. After the courts told the FCC that they couldn't mandate a broadcast flag, the entertainment industry hasn't missed an opportunity to try to sneak the broadcast flag amendment into just about any bill they can find.

Today, as the Senate debated various amendments in the telecom bill, they decided to keep the broadcast flag in there (though, it's possible that someone will introduce an amendment to get rid of it later). However, it's hard to see how someone could credibly claim that net neutrality legislation is bad because it adds regulatory hurdles to a new technology, while at the same time saying the broadcast flag is good, because it adds an even bigger regulatory hurdle to technology. About the only reason to support both seems to be if you have to make good to friends you have in both the telco industry and the entertainment industry.

As you can imagine personaly I support keeping Net Neutrality in place to continue the rate of growth we've seen over the last few years. That and the 9 computer network out of my house, all running off one cable connection, would just get to damn expensive!

People Like Their iPods On The Toilet (But Not In The Toilet)

While some are considering laws that would ban driving while iPodding, it seems that iPodding while in the bathroom has at least a few proponents. Unlike talking on your mobile phone, using your iPod from your porcelain potty is a more solitary act -- one less likely to offend others.

Apparently, it's become a big enough deal that someone has created a special toilet paper holder that is actually an iPod accessory. It may be one of the first toilet paper holders that requires an outlet nearby, but then you'll be able to hook up your iPod and play music over its 4 waterproof (of course) speakers as you go about your business. It also recharges your iPod, so you can stay awhile. Of course, hopefully the iPod is locked into the docking part pretty tightly, because apparently it's really bad news should your iPod ever get clogged in your toilet.

That's what happened to the bathroom at one local university, which discovered that the damn thing is nearly indestructible -- and did quite a job clogging up the pipes for the entire semester. Getting the iPod out was no easy feat: "crews simultaneously flushed as many toilets as they could and they turned on every sink. That caused a water surge which pushed the iPod into a larger more accessible pipe. Next, a water company was hired to blast water into the pipe in yet another attempt to get the iPod out of the pipe. That effort worked, but at the same time, the blast of water along with a build-up of air caused geysers to burst from the second floor toilets."

Not mentioned in the article is whether or not the iPod was still working.

Microsoft Patches Plug 21 Security Holes

Microsoft today released a dozen security updates to fix at least 21 vulnerabilities in its Windows operating system and other software, including 12 flaws Redmond labeled "critical," its most severe warning level.

Today's patch bundle is the largest yet for 2006, and includes a huge patch rollup that mends at least eight different flaws -- four of them critical -- in nearly all versions of Microsoft's Internet Explorer Web browser. Microsoft considers a vulnerability "critical" if attackers could exploit it without any action on the part of the victim. As such, critical flaws in IE are especially dangerous because they expose users to the risk of having their computer completely hijacked by the bad guys just by inadvertently visiting a malicious Web site or clicking on a link that redirects them to one.

Microsoft noted in its advisory that instructions showing would-be attackers precisely how to exploit at least two of the IE vulnerabilities has already been published online, though the company said it was not aware of any ongoing attacks that leverage either exploit.

Microsoft numbers its patches sequentially each month, starting with those that fix the most dangerous flaws. The one following the IE patch corrects a problem in the way Windows renders image files ending in ".ART", an image format most commonly used by America Online. Microsoft said an attacker could exploit the vulnerability with a specially crafted image viewable through a Web browser or e-mail reader. This flaw affects nearly all versions of Windows, including Server 2003, Windows XP, Windows 2000, Windows 98, Windows 98SE and Windows ME. Not sure whether this presents any more of a problem for AOL Internet subscribers or for AOL Instant Message users, but I was chatting with SANS Internet Storm Center handler chief technology officer Johannes Ullrich and he brought up a good point: "I could see this getting abused with malformed AIM buddy icons." Yikes.

Another critical update released today fixes a problem with Microsoft's implementation of Javascript, a powerful Web programming language that many sites use (bad guys also have been known to use Javascript flaws to install nasty programs.) Redmond notes that this patch is meant to be installed alongside the IE bundle.

Don't Just Plug Random Crap Into Your Computer

There's been a lot of talk about how iPods and other portable devices pose a security risk to companies, as employees may store important company documents of them. Now there's fear that such devices could upload malware and infect corporate systems.

A team of security specialists recently demonstrated exactly how such an attack might work. First they collected a bunch of cheap USB drives, the type a company might give out for free as a promotion. After loading malware onto them, they simply scattered a bunch of them around the parking lot of a bank at 6:00 AM, when nobody was watching. As the employees got to work, they found the drives just sitting there, and one by one plugged them into their computers as they day went on.

What's funny is that the employees knew there was going to be a security test happening, and yet they still didn't find it suspicious that several USB drives just happened to be in the parking lot when they got to work. It's unfortunate, but it seems that the typical office employee just doesn't understand or care about security. Recall the studies suggesting how easy it is to get employees to give up their passwords in exchange for a cheap gift. While that lesson may seem obvious, just wait for the fearmongering about USB drives, totally missing the point.

Another Court Recognizes Site Owners Aren't Liable For Site Comments

It happens all too often that some website owner in the US is sued with claims of libel over comments on that site in an open forum. We usually point to Section 230 of the Communications Decency Act, and note that it's pretty clear that service providers of such forums are not liable for content they didn't write themselves. We also like to point to a 9th Circuit ruling, noting that, even when such comments are moderated or approved, the site owner or moderator isn't responsible. While the Supreme Court later refused to hear an appeal on the case, meaning the ruling really still only covers the 9th Circuit, the ruling is so reasonable, you'd have to hope other courts would agree with the logic.

It appears some already are. Tech Law Advisor points us to a few different sources covering a District Court ruling (outside of the 9th Circuit) that comes to similar conclusions (even if the article is improperly headlined). The case involves the somewhat infamous TuckerMax forums, which are known for being a bit on the... free wheeling side of things. Apparently, a bunch of anonymous commenters there were upset about a party thrown by some publicist, and posted some relatively mean comments about him in the forums. The publicist then sued Tucker Max, claiming that he was liable for the comments, even though it was clear they weren't made by him. The actual court ruling is an enjoyable read, as the judge clearly explains why he's throwing out the case. He even cites the ridiculous number of censors China employs to filter the internet to explain why it's not reasonable to expect internet site owners to police their forums more carefully -- even as he notes that Tucker Max clearly admits to moderating comments on his site.

The ruling also refers back to an older ruling pointing out the importance of protecting free speech, even when vulgar. It's another reasonable ruling concerning these issues. Hopefully, once enough of these pile up, most lawyers will know better than to file such lawsuits.