Old school gamer? Wanna play?! Check out our free game servers....

McAfee's website has been has been hit by at least three nasty bugs that left its customers susceptible to phishing and other types of scams. At least one remained unfixed at 12 o' clock today, more than 24 hours after it was first disclosed.

The most serious vulnerability, ironically enough, affected McAfee Secure, a service that certifies the security of sites that conduct ecommerce and other sensitive transactions. Mike Bailey of the Skeptikal.org blog found the site suffered from a CSRF, or cross-site request forgery, that could have allowed attackers to take control of customer accounts.

McAfee has already fixed the bug, but during the five weeks that Bailey monitored it, the site continued to bear the McAfee Security logo, raising questions about just how valuable such a mark is. McAfee Secure, after all, is designed to pinpoint precisely these types of vulnerabilities.

It also shines a bright light on the processes McAfee takes to ensure its websites are free of such hazards. According to Bailey, the vulnerable application was not designed with the benefit of an SDL, or secure development lifecycle, which builds products from scratch to make sure they follow security best practices. He also said that prior to the bug being reported, McAfee "had never performed a full code review for web vulnerabilities."

McAfee spokesman Joris Evers said he didn't know whether the application followed an SDL, but in any event, he said the company follows strict practices to make sure its sites are safe.

"Obviously, we have processes in place that check our websites for vulnerabilities, and unfortunately, it appears a couple slipped through. We will look at the processes we have to make sure that if they're broken, they get fixed."

Bailey's report coincided with the discovery of a separate vulnerability on a part of McAfee's website that handles customer rebates. Lance James, co-founder of Secure Science Corporation and author of Phishing Exposed, created a proof-of-concept link that showed how phishers could use the vulnerability to create authentic-looking spoof pages that bear McAfee's domain name and secure sockets layer certificate while directing visitors to pages that try to steal their personal information.

The vulnerability was publicly disclosed on Monday last.

According to a report released this week by computer security company McAfee, spammers last year generated a whopping 62 trillion junk e-mails.

What does that mean in terms of energy?

Instead of sending messages asking for money or marketing Viagra, the electricity used sending the e-mails could have powered 2.4 million homes for a year or driven a car around the planet 1.6 times, according to the report.

That waste of energy is also polluting the environment.

Anything powered by electricity also emits greenhouse gases. McAfee researchers say each junk e-mail emits 0.3 grams of the greenhouse gas carbon dioxide (CO2). That may not sound like much, but when you consider the volume of global annual spam, it all adds up

EU information society and media Commissioner Viviane Reding has warned EU citizens to be aware that social network businesses are profiling them on the web by tracking their searches, pages browsed and purchases made, and using the information to target them with advertising.

Reding said today that serious privacy issues are at stake, and the Commission is ready to take action and enforce greater online citizen privacy, if national governments fail to tighten rules on data usage and profiling.

“Europeans must have the right to control how their personal information is used,” said Reding, announcing several areas in which the Commission is ready to act to maintain this right, as technology trends make it easier to use, and misuse, personal information.

She warned that the EU would take action where member states fail to implement EU rules ensuring privacy and the need for a person's consent before processing his or her personal data.

“European privacy rules are crystal clear: a person's information can only be used with their prior consent. We cannot give up this basic principle, and have all our exchanges monitored, surveyed and stored in exchange for a promise of ‘more relevant’ advertising! I will not shy away from taking action where an EU country falls short of this duty,” said Reding.

The Commissioner also called on social-networking companies to reinforce privacy protection online.

“Privacy must in my view be a high priority for social networking providers and their users. I firmly believe that at least the profiles of minors must be private by default and unavailable to internet search engines.

“The European Commission has already called on social-networking sites to deal with minors’ profiles carefully, by means of self-regulation. I am ready to follow this up with new rules if I have to,” Reding warned.

Woe betide - once again you cannot trust a damn thing you read on the internet on April 1st! Especially in technology news, every year it get's worse.

Here are some of the best (or worse) joke stories of today

- Internet Reboot Today at 11.59UTC
- Warner Brothers take over the Piratebay
- Guardian Newspaper kills print version and goes to Twitter only
- Miraculous new camera technolgy attaches to your glasses

And my personal favourite:
- vi-oquake3

No real news today folks, but enjoy the fake ones. More here.

PGP irritated its security conscious customers on Tuesday by making the schoolboy error of sending out an email marketing message to a list of around 300 recipients without using the bcc field!

As a result of the slip-up, all the recipients of the marketing email learned the email addresses of other potential buyers. Potential prospects were further inconvenienced when furious replies to the original sender from some people on the list were sent using the "reply all" option, generating a message storm.

At least some of the recipients of the email had recently downloaded trial versions of PGP's software.

A representative of PGP described the error as a one-off mistake, adding that the firm would like to apologise

According to wikipedia - "An economy which grows over a period of time tends to slow down the growth as a part of the normal economic cycle. An economy typically expands for 6-10 years and tends to go into a recession for about six months to 2 years".

The current defaults on homeloans has led to a major crisis in the US and worldwide. Once recession starts consumers lose confidence in the growth of the economy and spend less including technology and software. Is free and open source software (FOSS) a way to cut business costs? As concern about recession - even depression - deepens, more and more companies are asking this question. However, many have trouble knowing how to begin to find an answer.

This blog post explores the safest way to FOSS as one step at a time. Instead of plunging into FOSS all at once, author suggest that you begin with some of your basic desktop productivity software on Windows before making any large scale transition to a FOSS operating system like GNU/Linux. Many FOSS applications have versions for both Windows and GNU/Linux -- and, often, Mac OS X as well -- so you can easily experiment. Then, if you decide to go ahead, you and your staff will already have some training when you switch operating systems.

Even the UK Government have reacted to the recession with a positive spin on open source software.

If you are not willing to go the whole hog and switch Operating Systems, you should at least consider your (open source) alternatives before spending cash. The Open Source Alternative site helps people find free, open source alternatives for the commercial software products they would normally have had to pay for. Well worth a look

I just came off 2 days teaching a class on "Linux For Beginners" at the college in which I work (as a Computer Technician), and I can tell you that I had twice as many students as before and they were all much more interested this time.

The worm is turning, as we all know, but it might just be rotating that little bit quicker due the current economic climate.....

LOL! A teenager from the international financial powerhouse that is Clacton-on-Sea, Essex, was given her marching orders after bosses discovered she'd described her office administrator's post as "boring" on Facebook.

Kimberley Swann, 16, was dragged before the powers that be on Monday morning and summarily dismissed from her job at Ivell Marketing and Logistics, the Telegraph explains. She was handed a letter which read: "Following your comments made on Facebook about your job and the company we feel it is better that, as you are not happy and do not enjoy your work we end your employment with Ivell Marketing & Logistics with immediate effect."

Swann described herself as "shocked" at the perfunctory nature of her ejection as a result of the comment "on her personal site". She protested: "I did not even put the company's name, I just put that my job was boring. They were just being nosy, going through everything. I think it is really sad, it makes them look stupid that they are going to be so petty."

She justified: "I was an office administrator so of course it was boring at first and I knew it would get more interesting."

Stephen Ivell, owner of Ivell Marketing & Logistics, insisted the "global product development and sourcing company" had done everything "by the book". He defended: "It is just a shame that it did not work out because she is a lovely girl. For a small company, when a decision is made, one thinks long and hard about it."

The TUC, though, begged to differ. The organisation's general secretary, Brendan Barber, insisted: "Most employers wouldn't dream of following their staff down the pub to see if they were sounding off about work to their friends."

Listen, Kimberley, seriously - it's the internet. NOTHING is personal about it, WHATSOEVER. And that goes for all you other facef*ck users out there - be careful what you put up, or even better, don't use these feckin' awful "social" sites at all. They will eventually give you brain damage, take away your social skills - and did we mention endanger your job? Which you kinda need?

The UK government has published a new policy aimed at promoting the use of open source software in the public sector.

It is also aimed at promoting open standards and encouraging the re-use of IT solutions. Measures include an education programme, guidance on procurement from the Chief Information Officers (CIO) Council and assessment of new products.

These are among the 10 points of an action plan that forms the centrepiece of the policy.

There are two other main elements. One is to promote open standards by ensuring systems are interoperable and avoiding getting locked into a particular product when possible. The other is that the government will look at the re-use of what it has already bought and aim to make successful solutions available across government.

The Cabinet Office said these measures will help to provide better value for money for taxpayers.

Among the 10 points of the government's action plan are the following:

* The CIO Council and the Office of Government Commerce will develop guidance to ensure open source (in which the source code of the software is freely available), will be given the same consideration as proprietary products. This will include a specification of compliance with open standards (which makes the standards for interoperability freely available) and advice for public sector purchasers on licensing, warranty and indemnity issues for open source.
* The two bodies will also set up a programme of education and capability building in the field.
* The CIO Council will regularly assess open source products for their maturity and recommend those that meet agreed criteria.
* It will also work with systems integrators and software suppliers to open up their solutions to meet open standards, to include open source and facilitate re-use.
* The government will specify requirements by reference to open standards and require compliance with open standards in solutions where feasible.
* Government purchasers will use a standard OGC approved OJEU clause to make clear that solutions are purchased on the basis that they may be re-used elsewhere in the public sector.

Tom Watson, the minister for digital engagement, said the new policy reflects changes to both the open source market and the government's approach to IT.

"The world of technology has moved on hugely since we last set out our thinking on open source, which is why it was so important to update our policy," he said.

"Open source products are more competitive and have become easier to include in business, and major players in the IT industry now support the use of open standards. Several government departments already use open source components and I hope this new policy will encourage others to follow suit.

"Open source software is a not a cure all remedy and is not the only solution to IT questions. However, by levelling the playing field and allowing open source to be as competitive as possible we can ensure that taxpayers get maximum value for money from government IT, something that is more important than ever during the worldwide financial climate."

The announcement follows a recent declaration by shadow chancellor George Osborne that the Conservative Party favours the greater use of open source and would take action to prove a "level playing field".

"At 11:31:30pm UTC on Feb 13, 2009, Unix time will reach 1,234,567,890. Where will you be at this momentous second?" - from Bell Labs

This will be Friday, February 13th at 1831 and 30 seconds EST. If you want to find out what time it will be in your local time, try this Perl script:

perl -e 'print scalar localtime(1234567890),"\n";'

Now if there was any reason to fear Friday the 13th, we agree this is it. That many numbers sequentially in a row representative of time? Who knows what will stop working? Will lex(1) cease to work, will yacc(1)s everywhere revolt? Will the rapture be upon us?

Remember, "DON'T PANIC!".....