A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting (XSS) attacks. The vulnerability is caused due to an error in the way the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler interprets MIME-formatted requests for content blocks within a document.

Well, most of us knew this moment would come, with the only debate left being when this moment would come. Market analyst firm Canalys keeps track of worldwide smartphone shipments, and has concluded that in the fourth quarter of 2010, more Android smartphones were sold than Symbian phones. After a decade of supremacy, the Symbian dominance has been toppled (according to these figures, of course).

"I've always been a great fan of the law of unintended consequences. It takes you places. Unexpected places. Sometimes good, sometimes bad but never a dull moment. The recent kerfuffle over Pirate Bay is too well known to require detailed recounting here. What is really interesting though is where it might just eventually take us in terms of internet freedom. This article describes the one fallout of the legal judgements against Pirate Bay and how its response may unintentionally help to protect and promote internet freedoms."

ChibiOS/RT 2.2.0 has been released. The new release of this open source embedded Real Time Operating System (RTOS) includes support for multiple compilers (Cosmic, GCC, IAR, Keil, Raisonance), drivers and demos for new hardware, internal optimizations and documentation improvements.

"The Intel Atom processor line is associated with low power usage in devices such as a netbook or nettop computer. The emphasis is definitely not on performance, it's on pushing up battery life on a device with a small display and mid-range graphics requirements while still managing a decent desktop experience. Microsoft thinks Atom can do more, though, and wants to use it in servers. With that in mind it is calling on Intel to up the cores in an Atom chip to 16, and deploying it as a low power server chip solution."

"Each time a new version of Windows is released, many computer users find that their hardware is suddenly outdated. For cash-strapped schools, upgrading to the latest hardware with each major software release is simply impossible. A New York startup called NeverWare is offering a possible solution - a server that lets even decade-old PCs upgrade to the latest Windows 7 operating system."

RT-Thread RTOS is an open source real-time operating system for embedded system or microcontrollers, with components which include a hard real-time kernel, a command line shell, a device virtual file system, and a graphic user interface.

"The FBI yesterday executed 40 search warrants around the US to gather evidence on the Anonymous distributed denial of service attacks in defense of WikiLeaks last year - attacks which targeted Visa, MasterCard, PayPal, and Amazon. And when the FBI comes a-knockin', the whole house starts a rockin'."

"Microsoft today announced record second-quarter revenue of $19.95 billion for the quarter ended Dec. 31, 2010. Operating income, net income and diluted earnings per share for the quarter were $8.17 billion, $6.63 billion and $0.77 per share, respectively."

"Sony has won its request for a temporary restraining order in its PS3 jailbreak case against Geohot and fail0verflow, despite a jurisdictional technicality. At the same time, the judge at the US District Court for the Northern District of California has allowed Sony to keep the lawsuit in San Francisco. The restraining order forbids the jailbreak team from distributing or linking the jailbreak procedure, or encouraging others to jailbreak or hack their PS3 or PSN. They've also been ordered to turn over any computers or storage media used to create the jailbreak to Sony's lawyers." Land of the free fail.

"Researchers at North Carolina State University have developed a method to restore a computer operating system to its former state if it is attacked. The concept involves taking a snapshot of the operating system at strategic points in time (such as system calls or interrupts), when it is functioning normally and, then, if the operating system is attacked, to erase everything that was done since the last 'good' snapshot was taken - effectively going back in time to before the operating system attack. The mechanism also allows the operating system to identify the source of the attack and isolate it, so that the operating system will no longer be vulnerable to attacks from that application. The idea of detecting attacks and resetting a system to a safe state is a well-known technique for restoring a system's normal functions after a failure, but this is the first time researchers have developed a system that also incorporates the security fault isolation component. This critical component prevents the operating system from succumbing to the same attack repeatedly."

Fedora is holding a Test Day tomorrow (2011-01-27) to test a new network device naming scheme, as implemented by the biosdevname utility provided by Dell. biosdevname aims to give network interfaces names that are both consistent and appropriate to their physical attributes (onboard device number, or PCI slot), an approach that has been kicked around upstream for a while. This new system will likely come to most distros in future. The Fedora test day will concentrate on making sure it behaves as intended on both new installations and upgrades.

It seems like the content industry has managed to score another hit in its 'fight' against piracy, and this time, it's a big fish. Announced a few weeks ago already, Google has started censoring its auto-complete and instant features for an arbitrary set of search terms - such as 'bittorrent', 'torrent', 'rapidshare', and any terms derived from those (e.g. 'ubuntu torrent' is censored as well).

Before we get underway: I'm sorry, we don't have enough headline space to write 'KDE Releases Development Platform, Applications and Plasma Workspaces 4.6.0'. Then again, do any non-anal people every refer to it that way? No? I thought so. In any case, there's a new KDE version out with lots of new features, bug fixes, and performance enhancements.