Brokers that disclose bugs to their selected list of subscribers are necessarily withholding important information from the rest of the public. Brokers may eventually issue public advisories, but in the meantime, only the vendor and subscribers know about the problem.

An interesting discussion of bug brokers.

Wired News: Bug Bounties Exterminate Holes

In January, a vulnerability in WMF surfaced that let attackers use the Windows' graphics rendering engine that handles WMF images to launch malicious code on users' computers via these images. A number of security researchers posted information about the vulnerability to their mailing lists. Within a few hours, researcher H.D. Moore posted a working example of a WMF exploit--a piece of code written to take advantage of a software flaw--on his Metasploit Web site. Some defended the action, saying it offered insight into the rules security pros needed to put on intrusion-detection systems to avoid getting hit. Others argued that what Moore did enabled the average hacker to more easily exploit the flaw.

Information Week published a long, sensational, and patently dishonest article on security research today. This text makes it seem as if malware authors used the information H.D. Moore published. The fact is that this vulnerability was being exploited by criminal organizations in the wild before anyone in the security research community knew about it. The article fails to make this fact clear because it doesn't fit into the narrative that the reporter is aiming for and undermines the questions the reporter is raising. Would any major news media organization be interesting in a peice that discusses whether intentially dishonest reporting is good or bad for society?

InformationWeek | Security | The Fear Industry | April 17, 2006

The explosive idea of forcing Internet providers to record their customers' online activities for future police access is gaining ground in state capitols and in Washington, D.C.

Top Bush administration officials have endorsed the concept, and some members of the U.S. Congress have said federal legislation is needed to aid law enforcement investigations into child pornography. A bill is already pending in the Colorado State Senate.

Youch! I think the sheep are primed and ready for this step.

This follows the line we have been singing for awhile now. When the draconian shit starts happening, its going to be done in the name of "protecting the children".

ISP snooping gaining support | CNET News.com

One of the jihadist Web sites cautioned its readers to "Beware of Google!!!" with specific warnings about its relatively new product Google Toolbar...

The posting advised Internet cafe users to set up a proxy -- a software program that erases digital footsteps such as Web addresses or other identifiable information -- before Web surfing...

"This kind of tradecraft is essential to survival," Hoffman said.

And now, your moment of zen....

"From a jihadist perspective, they are absolutely right. They should avoid Google like the plague," Brandt said.

Terrorists' Web Chatter Shows Concern About Internet Privacy

Scientists find evidence of a perpetual evolutionary battle in the mind. The process, they suspect, is the key to individuality.

Brain's Darwin Machine - Los Angeles Times

"The question of how economics is taught in France, both at the bottom and at the top of the educational pyramid, is at the heart of the current crisis," said Jean-Pierre Boisivon, director of the Enterprise Institute, a company-financed institute that sponsors the internship program for economics teachers that Scache took part in.

This is the most intelligent analysis of the protests in France that I've seen thus far. The students are doing exactly what they have been taught to do.

Economics, French-style - Europe - International Herald Tribune

Given that there are approximately 50 million .COM domains registered, it is indeed true that the low-hanging fruit domain names are overwhelming taken, and your chances of lucking upon an unnoticed available three-letter acronym (TLA) are close to zero, and your only recourse would be to haggle with domain speculators.

Some interesting data about the state of available domains.

Dennis Forbes - DNS is full. Go home.

Googling around for Younis Tsouli produces some interesting links including this one:

TrackingTheThreat.com is database of open source information about the Al Qaeda terrorist network, developed as a research project of the FMS Advanced Systems Group. Our goal is to apply new technologies and software engineering approaches to open source intelligence while providing researchers and analysts with information about Al Qaeda.

This site has some interesting features:

Use the Network Navigator to perform graphical link analysis on the Al Qaeda network.

Also, take a look at the product suite that FMS Advanced Systems produces.

trackingthethreat.com

While the ICANN Board considers these concerns, and until they are remedied, CIRA will as of this date:

* Suspend its voluntary contribution of funds to ICANN;
* Hold in trust CIRA's voluntary contributions to ICANN;
* Suspend consideration of any Accountability Framework;
* Decline to host or be a major sponsor of any ICANN event; and
* Cease chairing the ccNSO's IANA Working Group.

Canada is the only place in the official DNS system with what I would consider a reasonable whois privacy policy.

Canada suspends involvement with ICANN.

Russia's Federal Security Service closes down Pravda.Ru's Russian version over Danish caricatures.

The Volokh Conspiracy - Pravada's Main Web Page Closed Down by Russian Security Service: