How likely is a BlackBerry blackout?
Via Howard Bashman at How Appealing
The view from the server room.
"The Globe and Mail has published an article titled Patently Absurd, detailing the whole history of the RIM vs. NTP wireless war. It is a blow by blow account of how a dispute that could have been settled for a few million dollars is now 'a billion-dollar dagger hanging over RIM.'Tags:
As I read two recent posts on the subject topic (Business and I.T. Must Work Together to Manage New "Web 2.0″ Tools by Dennis D. McDonald and Jeremiah Owyang and The Lawyer-IT Dialogue by Simon Fodden), I realized how much of a universal challenge the relationship is - between lawyers and Information Technology (IT). Why is this relationship challenging?
Lawyers share a common context with their clients. Lawyers must be familiar with the problems and issues of their clients. On the other hand, bankruptcy & insolvency lawyers, criminalists and litigators (for example) are not, by default, knowledgeable about Information Technology in general and Web 2.0 in particular1. The lack of shared context between lawyers and IT is unfortunate, because Web 2.0 trends and technologies can benefit lawyers and law firms in a number of ways.
Attorney Herbert L. Fenster, who represents RIM, said the company is fighting the injunction. But he said an injunction would not end BlackBerry use among at least 1 million of its 3 million users in the United States.
Fenster said he believes federal law prohibits U.S. District Judge James R. Spencer from cutting off BlackBerry service to federal, state and local government users and others who rely on the devices to communicate during a public emergency.
(1.) Social Connection Youth IM-Blogosphere: Xanga, LiveJournal, MySpace, etc.
(2.) Mature Personal-Hobby-Family Blogosphere
(3.) Business-Marketing-PR-CEO-Corporate Blogosphere
(4.) Meta Blogosphere (Blog Consultants, Blogologists, Blog Metric Analysts, Blog Trackers, Blog Content Syndicaters/Aggregators, Blog Services, Blogging Tool Providers, Blog Hosts, Blog Directories, etc.)
(5.) Professional/Military/Educational Blogosphere
FrSIRT has notified the ISC that a new exploit has been released utilizing the Stack Overflow vulnerability in Veritas Netbackup Enterprise Server. As a reminder, a specifically crafted packet, sent to the Volume Manager via port 13701, will cause a stack overflow, allowing the attacker to run code of her/his choosing. Authentication by the attacker is not needed to take advantage of this vulnerability. The vulnerability that this exploit takes advantage of is ~60 days old.
Annoying someone via the Internet is now a federal crime.
It's no joke. Last Thursday, President Bush signed into law a prohibition on posting annoying Web messages or sending annoying e-mail messages without disclosing your true identity.
In other words, it's OK to flame someone on a mailing list or in a blog as long as you do it under your real name. Thank Congress for small favors, I guess.
The anonymous harassment provision ( Link ) is the old telephone-annoyance statute that has been on the books for decades. It was updated in the widely (and in many respects deservedly) ridiculed Communications Decency Act to include new technologies, and the cases make clear its applicability to Internet communications. See, e.g., ACLU v. Reno, 929 F. Supp. 824, 829 n.5 (E.D. Pa. 1996) (text here), aff'd, 521 U.S. 824 (1997). Unlike the indecency provisions of the CDA, this scope update was not invalidated in the courts and remains fully effective.In other words, the latest amendment, which supposedly adds Internet communications devices to the scope of the law, is meaningless surplusage.
In a comment to my co-blogger's post, I point out problems with Declan's article. I write: Declan's article is misleading. The provision extends a telephone harassment law to apply to email. Declan describes the provision as applying whenever a person "annoys" another: "A new federal law states that when you annoy someone on the Internet, you must disclose your identity."But that's not what the law says. Instead it provides: "Whoever...utilizes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet... without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person...who receives the communications...shall be fined under title 18 or imprisoned not more than two years, or both."
Note that "annoy" is part of the intent element of the statute -- it requires the intent to annoy, abuse, threaten or harass. Far from an anti-anonymity provision that applies whenever a person annoys another, it is merely a prohibition on harassment.
Declan writes: "In other words, it's OK to flame someone on a mailing list or in a blog as long as you do it under your real name." I don't see any basis for the law to apply in this instance.
Many of you already know this if you receive advance notification from Microsoft. For everybody else, see their announcement about an early release of the WMF patch. The patch and details about it are available here. If you have installed any of the earlier patches or workarounds, here is our recommendation for updating:
1. Reboot your system to clear any vulnerable files from memory
2. Download and apply the new patch
3. Reboot
4. Uninstall the unofficial patch, by using Add/Remove Programs on single systems. If you used msi to install the patch on multiple machines you can uninstall it with this:
msiexec.exe /X{E1CDC5B0-7AFB-11DA-8CD6-0800200C9A66} /qn
5. Re-register the .dll if you previously unregistered it (use the same command but without the "-u"):
regsvr32 %windir%\system32\shimgvw.dll
6. Reboot one more time just for good measure
We tested the patch, and it does block the attack just like the unofficial patch does.
If you experience any problems with the official patch, check support.microsoft.com and call the toll-free number listed for free assistance. Microsoft will not support the unofficial patch. As an alternative to the sequence shown above, you may want to uninstall the unofficial patch first. But make sure you keep shimgvw.dll unregistered until the official patch is applied. Either sequence works in our testing. Removing the unofficial patch later provides an extra layer of protection.
# The usual precautions, such as telling the users not to click or surf to bad sites, updating anti-virus, filtering email, ... will help just like a dop of water helps to fill a bucket. It's just not good enough by far.
* No user interaction is required. This is one of those where the user is a sitting duck, not the offender.
* Many anti-virus signatures still trigger on the payload, not on the call in the WMF and therefore might get a working signature long after you got hit if you are unlucky to get hit early.
* IDS/IPS can be easily bypassed by using off-the-shell tools already available to the bad guys.
* Firewalls will not prevent filesharing once the files are inside.