Gmail As Open-Relay Spam Server - sveard writes of a little problem Google is having that has Gmail acting like an open relay. Compounding the issue is the fact that services such as Hotmail and Yahoo trust Gmail as a source of mail. "A recently-discovered flaw in Gmail is capable of turning Google's e-mail service into a highly effective spam machine. According to the Information Security Research Team (INSERT), Gmail is susceptible to a man-in-the-middle attack that allows a spammer to send thousands of bulk e-mails through Google's SMTP service without fear of detection. This attack bypasses both Google's identity fraud protection mechanisms and the current 500-address limit on bulk e-mail."

Read more of this story at Slashdot.

[SlashDot IT]

Windows XP SP3 Creating Havoc - ozmanjusri writes "According to Information Week, within hours of its wide availability Windows XP SP3 had drawn hundreds of complaints from users who claim the update is wreaking havoc on their computers. One user said in a Microsoft newsgroup: 'I downloaded and installed [the SP3] package for IT Professionals and Developers on one of my computers. Now I can't get the computer to boot. I don't think Microsoft should have made this a critical update.' Other sites including IT Wire are also reporting problems, which include include random reboots or the inability to boot at all." Note that XP3 won't install on systems running beta IE8; and after a successful SP3 install users will no longer be able to downgrade from IE7 to IE6.

Read more of this story at Slashdot.

Reducing the Power Consumption of Overclocked PCs - babyshiori writes "Now, that must sound pretty inane. After all, overclockers employ all kinds of power-guzzling methods to improve their CPUs' overclockability. However, there are many good reasons to do so. In this guide, we will not just look at theoretical tips on reducing power consumption in overclocked PCs, we will also look at how well they work in real-life situations. Best of all, we are shown why they will improve our PCs' power efficiency without any real loss in performance. Start doing your part in saving the planet now!"

Read more of this story at Slashdot.

[SlashDot IT]

Google's Shadow Hung Over Microsoft-Yahoo Deal - In the end, Google played a significant part in the undoing of Microsoft's bid for Yahoo, the latest example of Google's...

New Attack Exploits "Safe" Oracle Inputs - Trailrunner7 writes "Database security super-genius David Litchfield has found a way to manipulate common Oracle data types, which were not thought to be exploitable, and inject arbitrary SQL commands. The new method shows that you can no longer assume any data types are safe from attacker input, regardless of their location or function. Litchfield wrote, "In conclusion, even those functions and procedures that don't take user input can be exploited if SYSDATE is used. The lesson here is always, always validate and prevent this type of vulnerability getting into your code. The second lesson is that no longer should DATE or NUMBER data types be considered as safe and not useful as injection vectors: as this paper[PDF] has proved, they are," he writes."

Read more of this story at Slashdot.

[SlashDot IT]

IBM Trying To Patent Timed Code Inspection - theodp writes "A just-published IBM patent application for a Software Inspection Management Tool claims to improve software quality by taking a chess-clock-like approach to code walkthroughs. An inspection rate monitor with 'a pause button, a resume button, a complete button, a total lines inspected indication, and a total lines remaining to be inspected indication' keeps tabs on participants' progress and changes color when management's expectations — measured in lines per hour — are not being met."

Read more of this story at Slashdot.

[SlashDot IT]

Microsoft/Yahoo Deadline Passes With No Deal - Yahoo failed to agree to an acquisition deal with Microsoft by Saturday, the deadline Microsoft had set for wrapping up...

Boston Acoustics Ships Computer Speakers - Boston Acoustics announces two new PC speaker systems.

[Latest News from PC World]

Sun Snags Open Source Virtualization Company, Innotek - BobB writes to mention Sun has acquired Innotek, open source desktop virtualization vendor. "VirtualBox will remain free of charge under Sun and be placed in the company's xVM portfolio of virtualization products, Steve Wilson, Sun's vice president of xVM, wrote in a blog posting. 'If we're going to continue to give it away, why is Sun investing in VirtualBox? In short, because the developers that build applications have a huge amount of influence on how they're deployed," Wilson wrote in his blog. "We believe that developers using VirtualBox can help guide their friends in the data center towards xVM Server as the preferred deployment engine. Beyond that, I think there is a huge opportunity to link with Sun's other developer-related assets like NetBeans, Glassfish and (soon) MySQL.'"

Read more of this story at Slashdot.

How Spam Was Done 70 Years Ago - bitrex writes "Modern Mechanix recently ran a reprint of a 1934 article describing the problem of offshore pirate radio stations broadcasting advertisements and drowning out local, licensed radio programs. 'The primary purpose of the unlicensed broadcast station was to advertise the gambling, liquor, and other dubious pleasure activities of the ship upon which it was built ... they found other sundry rackets, such as a fortune telling program ... After numerous unsuccessful attempts of a local nature, the floating broadcasting establishment was silenced, but only after the state department at Washington, D. C, had made diplomatic representations which forced a Central American country to cancel the ship's registry.' The article also has a great artist's conception of what might be called a machine age 'data haven' bobbing in international waters in the Gulf of Mexico."

Read more of this story at Slashdot.