New Linux distribution hits the streets: Damn Vulnerable Linux

DVL is purposely made as insecure as possible by running old versions of software with known vulnerabilities. It's a tool for security researchers to see how exploits and privilege escalation works. I'm sure it'll also be very attractive for people running honey pots to study exploits.

Pretty cool! But what I'm wondering is that system updates on it will look like.

Download image is 1.8 gig.

http://www.damnvulnerablelinux.org/index.html

http://www.geek.com/articles/news/damn-vulnerable-linux-the-most-vulnerable-and-exploitable-operating-system-ever-20100717/

http://linux.slashdot.org/story/10/07/17/2136237/Damn-Vulnerable-Linux-mdash-Most-Vulnerable-Linux-Ever

NHTSA says Toyota sudden acceleration is driver's fault

Independent of Toyota, they tested "dozens" of car computers from recent crashes. They had to use recent crashes because the computer can lose memory when disconnected from power. They found that the drivers were pressing the accelerator, not the brake. There is still the problem with the floor mats getting under the accelerator and jamming it up, this is what killed the CHP officer and his friends in the Lexus in California. Apparently Honda had such a problem so they redesigned the throttle so it pivots from the bottom, not from the top, to fix the problem.

Toyota's data recorder is not the same as a commercial aircraft's flight data recorder. It's not of a robust design that records data at all times. It's not infallible, and it's not designed to record all crash data, so it can't be considered absolutely reliable. The Department of Transportation has experts at analyzing accidents and data, and they worked independently of Toyota. I think this is a pretty strong finding.

I don't have the cite, but I read an article where they took a number of cars out, got them up to top speed, and with their foot holding the throttle wide open they stood on the brakes. In every case they were able to stop the car. Edit: I found a cite: Car & Driver did a test of three cars, all stopped.

I think panic and publicity were the main causes of the Toyota problem, floor mats aside.

In a car that does not have an electronic shifter, there is no reason why you can't put the car in neutral. If you have a stick shift, you can stand on the clutch. And if you're on a straight stretch of road, you can turn off the ignition, being careful to put the key back in the Run position so you don't lock the steering column. You'll lose your power assist for steering and brakes, but they still work when you put some muscle behind it. It's easy to panic in such a situation, of course, which is where mental and physical rehearsal and training come in to play.

http://online.wsj.com/article/SB10001424052748703834604575364871534435744.html

http://tech.slashdot.org/story/10/07/14/0115223/Toyota-Sudden-Acceleration-Is-Driver-Error

Behind the doors of the music industry

Lots of music industry stuff!

An accounting analysis of what musicians get paid! (it ain't much, on the order of 2%). It breaks down and "explains why huge megastars like Lyle Lovett have pointed out that he sold 4.6 million records and never made a dime from album sales. It's why the band 30 Seconds to Mars went platinum and sold 2 million records and never made a dime from album sales. You hear these stories quite often."

http://www.techdirt.com/articles/20100712/23482610186.shtml

http://news.slashdot.org/story/10/07/13/1737224/RIAA-Accounting-mdash-How-Labels-Avoid-Paying-Musicians


Former Rolling Stone editor and author Fred Goodman was looking to write a book on the music undistry from an executive insider perspective, he chose Warner Music CEO Edgar Bronfman Jr. He had amazing access and wrote a book, this interview between Wired and Goodman was interesting.

One very good excerpt: "The sorry fact was that record executives had no personal financial incentive to be forward-thinking. In an industry where bonuses were based on chart performance and market share, incentives were tied to creating hits and not to addressing the fact that the CD business was being rendered unnecessary and needed to be reinvented. With a lethal myopia, the industry went around its day-to-day business and made sure all its windows and doors were locked, completely indifferent to the fact that its house was on fire."

http://www.wired.com/epicenter/2010/07/tell-all-author-discusses-music-industry-in-crisis-part-1-of-2/all/1

Part 2 is not yet up.


This interview that Wired conducted with Tommy Silverman, the founder of Tommyboy Records, gives more information along with discussing ideas that they're hoping will improve the situation, such as 50/50 partnerships with talent so that if the talent doesn't make money, the label doesn't make money, and vice-versa. I think it looks like a good idea, whether or not it would work in practice remains to be seen.

The standard industry practice is that talent get money when they sign with a label, they get money when they give them an album, and that's about it. The costs for the album are so front-loaded that they'll pretty much never be recouped, thanks to creative bookkeeping. So if they're not doing an album every 18 months, they've got to hit the road and sell concert tickets, which might enrich Ticketmaster more than the artist.

"There were only 225 rookie artists in 2008, and less last year, that broke 10,000 albums for the first time — not that that’s the only arbiter of success, but it’s one of them. That year, there were only 10 new artists that broke through by doing it themselves. If you can’t sell 10,000 albums in digital and physical combined, you’re still relatively obscure."

http://www.wired.com/epicenter/2010/07/tom-silverman-proposes-radically-transparent-music-business/all/1


And finally, someone got ahold of the RIAA's IRS Form 990S, which shows all executive compensation and lots of other goodies.

"So all in all, for a 3 year period, they spent around $64,000,000 in legal and investigative expenses to recover around $1,361,000." Interesting business model, that.

http://www.p2pnet.net/story/41631

http://recordingindustryvspeople.blogspot.com/2010/07/ha-ha-ha-ha-ha-riaa-paid-its-lawyers.html

http://yro.slashdot.org/story/10/07/13/2024228/RIAA-Paid-16M-In-Legal-Fees-To-Collect-391K