AN Smith Lecture – Mr Mark Scott, Managing Director, ABC

AN Smith Lecture in Journalism
© The University of Melbourne, 2009. All rights reserved.
Live@Melbourne – AN Smith Lecture
Speaker: Mr Mark Scott, Managing Director, ABC
Wednesday, August 14, 2009
Start time: 6:30pm AEST
Duration: 51 min 27 sec

“For those now in media empires, those who want to survive, endure, be part of the future, there is little time to be wistful. Little time to be angry at how things have turned out. They were great days, but they are gone. Certainly there are things that can greatly concern us. Is there a business model for newspapers? How will Australian stories be told in a world awash with global content? What will we share as a community if there is no shared media experience? Where is our commons?
Certainly we see ourselves at the ABC playing an important role in meeting some of these needs. But we all know for sure, there is a greater thirst for knowledge, for insight, for entertainment, for engagement, for viewing and sharing media today than at any other time in history. Never has the audience been bigger. Never has news travelled faster, or been more accessible in more places more quickly. Never has a big news story reached larger audiences in more ways. Ways of telling stories, making them immediate and compelling and alive, have never been more vibrant.The opportunities to connect and engage have never been more exciting.”
– David Scott [3]

In relation to the Murdoch push for pay for view online content;

“You can almost hear the other proprietors urging Murdoch on, assuring him that they are right behind him and they are pushing him through that pay wall as they then scurry away to make as much as they can, for as long as they can, outside the pay wall, to be free to pick up the traffic that flees the sites that now want payment for access.“
– David Scott [4]

LINKS:
[1] AN Smith Lecture in Journalism (2009-Oct-15) [UniMelb Live@Melbourne]
[2] 2009-10-14_smith_lecture_journalism.mp4MP4, 354MB [via: feeds.unimelb]
[3] Media after Empire text of the speech (2009-Oct-14) [ABC Unleashed]
[4] ABC boss takes swipe at ‘emperor’ Murdoch (2009-Oct-15) [ABC News]
[5] The Fall of Rome: ABC Managing Director Mark Scott’s Lecture (2009-Oct-14)
[Crikey]

Adobe Reader 9.2 & Acrobat 9.2

Critical vulnerabilities have been identified in Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. This update represents the second quarterly security update for Adobe Reader and Acrobat.
Adobe recommends users of Adobe Reader 9.1.3 and Acrobat 9.1.3 and earlier versions update to Adobe Reader 9.2 and Acrobat 9.2. Adobe recommends users of Acrobat 8.1.6 and earlier versions update to Acrobat 8.1.7, and users of Acrobat 7.1.3 and earlier versions update to Acrobat 7.1.4. For Adobe Reader users who cannot update to Adobe Reader 9.2, Adobe has provided the Adobe Reader 8.1.7 and Adobe Reader 7.1.4 updates. Updates apply to all platforms: Windows, Macintosh and UNIX. [1]

It ain’t just Microsoft … while MS issued a deluge of patches today, Adobe pushes just one, but theirs addresses no less than 29!! gaping holes in one single update. As we reported earlier, at least one of these 29 vulnerabilities is already being actively exploited. … [2]

LINKS:
[1] Security Updates Available for Adobe Reader and Acrobat APSB09-15 (2009-Oct-13) [Adobe]
[2] Adobe Reader and Acrobat – Black Tuesday continues (2009-Oct-13) [SANS]

CRP09-058, CRP09-059

Patch Tuesday Wednesday (OCT-2009)

This month we have thirteen (13) new security bulletins, a restart will be required.

This month, we released 13 new bulletins which address 33 vulnerabilities in Windows, Internet Explorer and Microsoft Office. Since we published this information in our advance notification (ANS) last Thursday, we have been asked “is this the most bulletins Microsoft has ever released”? The short answer to that question is yes. However, we have, on several occasions, released between 10 and 12 bulletins so this is business as usual. All of our updates go through extensive quality testing and when they reach the bar for broad distribution, we schedule them for release. [1]

8 x Critical, 5 x Important

Bulletin	KB number	Description	Severity	Impact	Software
MS09-50	975517	Vulnerabilities in SMBv2 Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows
MS09-051	975682	Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows
MS09-052	974112	Vulnerability in Windows Media Player Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows
MS09-053	975254	Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Windows
MS09-054	974455	Cumulative Security Update for Internet Explorer	Remote Code Execution	Critical	Microsoft Windows, Internet Explorer
MS09-055	973525	Cumulative Security Update of ActiveX Kill Bits	Remote Code Execution	Critical	Microsoft Windows
MS09-056	974571	Vulnerabilities in Windows CryptoAPI Could Allow Spoofing	Spoofing	Important	Microsoft Windows
MS09-057	969059	Vulnerability in Indexing Service Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Windows
MS09-058	971486	Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege	Elevation of Privilege	Important	Microsoft Windows
MS09-059	975467	Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service	Denial of Service	Important	Microsoft Windows
MS09-060	973965	Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Office
MS09-061	974378	Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight
MS09-062	957488	Vulnerabilities in GDI+ Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft SQL Server, Microsoft Developer Tools, Microsoft Forefront

For this month:
A large number of Remote Code Execution vulnerabilities for this month.

PATCH NOW:
NOW: MS09-050, MS09-051, MS09-052, MS09-054, MS09-055, MS09-056, MS09-057, MS09-060, MS09-061, MS09-062

LINKS:
[1.] October 2009 Security Bulletin Release (2009-Oct-13) [MS: MSRC]
[2.] Microsoft October 2009 Black Tuesday Overview (2009-Oct-13) [SANS]
[3.] Microsoft Security Bulletin Summary for October 2009 (2009-Oct-13) [MS]
[4.] Microsoft security updates for October 2009 (2009-Oct-13) [MS]
[5.] Assessing the risk of the October security bulletins (2009-Oct-12) [MS: SR&D]
[6.] MS09-056: Addressing the X.509 CryptoAPI ASN.1 security vulnerabilities (2009-Oct-12) [MS: SR&D]
[7.] MS09-051: A note on the affected platforms (2009-Oct-12) [MS: SR&D]
[8.] MS09-050: Exploit timeline for the SMB2 RCE vulnerability (2009-Oct-12) [MS: SR&D]
[9.] MS09-054: Extra info on the attack surface for the IE security bulletin (2009-Oct-12) [MS: SR&D]
[10.] MS09-061: More information about the .NET security bulletin (2009-Oct-12) [MS: SR&D]
[11.] New attack surface reduction feature in GDI+ (2009-Oct-12) [MS: SR&D]

CRP09-057

The Guild: Season 3

Felicia Day who was Penny in Joss Whedon’s awesome web series Dr. Horrible’s Sing-Along Blog (oh and also as Vi in Buffy the Vampire Slayer) is the star, script writer and producer of The Guild – now in Season 3.

The Guild is a independent sitcom web series about a group of online gamers. The show started in the late summer of 2007, and for the first season was financed solely by Paypal donations from LOYAL FANS. Since season 2, The Guild has been distributed by Xbox Live and Microsoft and sponsored by Sprint.
Episodes vary from 3-8 minutes in length, and follow the Guild members’ lives online and offline. …
– www.watchtheguild.com

Continue reading ‘The Guild: Season 3′

This weeks links (2009-10-12)

Australia’s largest university is going Google with Monash University set to offer customised Google Apps for Education to all of its students.
Monash University Vice-Chancellor Professor Edward Byrne said the University’s 58,000 students would be given sign-up details for their opt-in Monash gmails next month, along with information about how they could use other online tools available through Google Applications. …
– A Google future for Australia’s largest university (2009-Oct-14) [Monash Newsline]

Google Wave
What problems does Google Wave solve? (2009-Oct-15) [danieltenner.com]
Top 10 Complaints About Google Wave (2009-Oct-) [eWeek.com]

Kindle me not!
Could be time for Amazon to rethink the delivery via AT&T’s (US) wireless network; international roaming fees for online content == FAIL!

Australian Kindle users will have to pay about 40 per cent more than Americans for books on the Amazon e-book readers and the local publishing industry has expressed serious reservations about supporting the gizmo.
– Kindle in bad books as Aussies hit with higher costs (2009-Oct-12) [The Age]

When Amazon executives were asked at the weekend, how much downloads would cost, an Amazon spokesman revealed that foreign customers – including those in Australia – would be paying a 40% premium than US buyer of their content.
– OZ Set To Pay 40% More For Kindle Content Amazon Admits (2009-Oct-12) [Channel News Australia]

A new hand held radio?
1x KG-UVD1P 136-174/400-480Mhz Dual Band Radio [409shop.com]
Two Way Radio KG-UVD1 [wouxun]

Patch Tuesday, a Heads Up. (Oct-2009)

Next scheduled release: Oct 13, 2009
The heads up for this month is; On Tuesday 13th October (US time; Wednesday 14th October AU time) Microsoft expect to release thirteen (13) new security bulletins, all affecting Windows.

October 2009 Bulletin Release Advance Notification [1]
For October we are releasing 13 bulletins (eight critical and five important), addressing 34 vulnerabilities, affecting Windows, Internet Explorer, Office, Silverlight, Forefront, Developer Tools, and SQL Server. Most of these updates require a restart so please factor that into your deployment planning.

Microsoft Security Bulletin Advance Notification for October 2009 [2]
Microsoft Security Bulletin Advance Notification issued: October 8, 2009
Microsoft Security Bulletins to be issued: October 13, 2009
This is an advance notification of security bulletins that Microsoft is intending to release on October 13, 2009.
This bulletin advance notification will be replaced with the October bulletin summary on October 13, 2009. …

LINKS:
[1] October 2009 Bulletin Release Advance Notification (2009-Oct-08) [MSRC]
[2] Microsoft Security Bulletin Advance Notification for October 2009 (2009-Oct-08) [MS]

Adobe Reader & Acrobat 9.1.3 (Win) exploit in the wild

Adobe is aware of reports of a critical vulnerability in Adobe Reader and Acrobat 9.1.3 and earlier (CVE-2009-3459) on Windows, Macintosh and UNIX. There are reports that this issue is being exploited in the wild in limited targeted attacks; the exploit targets Adobe Reader and Acrobat 9.1.3 on Windows.
– Adobe Product Security Incident Response Team (PSIRT)
Adobe Reader and Acrobat issue (2009-Oct-08) [Adobe]

A patch is scheduled for release on October 13.

Adobe is planning to release an update for Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh to resolve critical security issues. Adobe expects to make this update available on October 13, 2009. This update represents the second quarterly security update for Adobe Reader and Acrobat.
– Security Advisory for Adobe Reader and Acrobat APSB09-15 (2009-Oct-08) [Adobe]

Times Higher Education’s World University Rankings 2009

The Times has released it’s annual university world rankings for 2009. With six Australian Unis in the top 50, and eight in the top 100.

17. Australian National University (ANU)
36. The University of Melbourne
36. The University of Sydney
41. Queensland University
45. Monash University
47. University of NSW
81. University of Adelaide
84. University of Western Australia

(times higher education table 2009)

LINKS:
[1] WORLD UNIVERSITY RANKINGS 2009 [Times Higher Education]
[2] Eight elite Aussie unis in top 100 (2009-Oct-08) [The Australian]
[3] ANU world’s best uni outside of US, UK (2009-Oct-08) [SBS]
[4] University of Melbourne – No 36 in the world (2009-Oct-08) [newsroom.melbourne.edu]

stsmixtures 8-Oct-2009

Lucy Suchman speaking on ‘Robot Biographies’ from York University, Toronto at the final STS Mixtures on 7/8 October. {7:00am on 8th October in Melbourne}

WebStream
Connect to the stream via http://www.jvcs.ja.net/s/893kowcw. The webstream will only become active half an hour before the conference is due to start. Instructions [PDF] for the webstream to watch Lucy Suchman on 7/8 October

Stream & Presentation via Media Site Viewer

Having more successful viewing opening the stream in Windows Media Player directly http://tinyurl.com/yc5u7yo

PowerPoint
PowerPoint slides [PPT] for Lucy Suchman’s video conference seminar

Presentation via http://connect.yorku.ca/r73553220/ Adobe Connect Pro.

Paper
Lucy Suchman & Claudia Castañeda Robot Visions [PDF]

Twitter
There is opportunity for those on the web stream to ask questions for Lucy Suchman live via Twitter
@stsmixtures [Twitter]
search?q=stsmixtures [TweetGrid]

@ingermewburn Robots reproduce ‘hetero normative notions of gender’. For example most people who have a ‘roomba’ floor cleaner give it a female name.

McAfee AV Engine 5400

The McAfee Anti-Malware Engine 5.4.00 has been released to the world (RTW), and will appear via the Auto Update process in November 2009.

NEW FEATURES [1]
- It’s faster than before : We’ve listened to our customers who asked for a faster Engine and it delivers superior performance to
current McAfee Anti-Virus products on all supported platforms.

- Improved detection of existing, new and potential threats which increases the depth and breadth of the protection we provide.

- Delivered in a engine for all supported platforms
~ Enhanced support for Adobe Flash (.swf) file format
~ Improved File Decomposition, helping us to detect more threats. Including enhanced support for the Nullsoft Installer file format.

- 100% drop-in compatibility with existing McAfee Anti-Virus products and DAT files. It’s easy to upgrade; just update your Scanning Engine through ePolicy Orchestrator (ePO) and you’re protected. No worrying about compatibility.

- We have digitally signed the engine to allow its origin and integrity to to be checked.(Windows Only)

5400 Schedule [3]
The current schedule for the 5400 Anti-Malware Engine release is as follows:
* Beta 1 – May 2009
* Beta 2- June 2009
* RC – July 2009
* RC 2 – Aug 2009
* RTW – End of August 2009
* Auto Update – November 2009

NOTE: With the release of the 5400 AV Engine you cannot roll back directly to the 5301 Incremental Engine from 5400. You must roll back to 5300 first, then upgrade to 5301. [4]

LINKS:
[1] McAfee AV Engine 5400 Released (2009-Aug-27) [McAfee Support Forums]
[2] McAfee, Inc. – Downloads – Virus Protection – DAT Files [McAfee Downloads]
[3] McAfee Anti-Malware Engine 5.4.00 – RC 2 [McAfee]
[4] AV Engine rollback packages that will return the 5400 AV Engine or 5301 Incremental Engine Update to 5300 on client systems (2009-Aug-27) [McAfee Corporate KnowledgeBase]