Open source group plugs three holes

An open source group that maintains software for securing communications has released a patch to fix several vulnerabilities that were found during a security test by the UK government, reports CNet.

The security flaws exist in the OpenSSL Project`s version of the secure sockets layer (SSL) software used by Web sites and browsers to cryptographically secure data. Two of the flaws could lead to a denial-of-service attack, and a third may allow an attacker to break into a system from the Internet.

Rappers LL Cool J and Public Enemy`s Chuck D rolled up on opposite sides of Capitol Hill on Tuesday for a Senate hearing on the hotly debated topic of file sharing, reports MTV.

Chuck D wasn`t about to let online freedoms be curbed. "P2P to me means power to the people," he said. "I trust the consumer more than I trust the people at the helm of these record companies."

LL used a metaphor to liken the practice to stealing. "If a contractor builds a building, should people be allowed to move into it for free, just because he`s successful?" asked Mr Cool J, as he was addressed at the hearing. "That`s how I feel when I create an album or when I make a film and it`s shooting around the planet for free."

Silicon Graphics is the latest vendor to become ensnarled in the SCO Group`s battle over the use of Unix code in Linux, reports eWeek.

SCO is threatening to terminate SGI`s licence of Unix System V as of 14 October, alleging that SGI has violated the licence by contributing the source code into Linux. But SGI officials deny the allegations and say they will not stop using the licensed code since the licence is fully paid and cannot be terminated.

As US and European companies slash payrolls to cut costs, software work is moving offshore and creating thousands of jobs for India`s low-cost engineers. Headhunters are scrambling to fill the new jobs, reports Reuters.

Gautam Sinha, CEO of TVA Infotech, says his company places about 90 software workers a month, double the number from the start of the year. India`s software sector, including the back-office services industry, added 130 000 - nearly 25% - to its workforce in the year to March. Wage costs are rising but are not yet a threat for a nation that churns out about 200 000 engineers per year, analysts say.

The American Institute of Certified Public Accountants (AICPA) has awarded the WebTrust Seal of Assurance to Comodo, an Internet security firm.

The award came after Comodo adopted WebTrust standards for Certification Authorities and invited KPMG, a professional services firm, to assess its business practices and processes for the issuing and management of digital certificates.

WebTrust is an independent auditing process run under AICPA guidelines, designed to address customer concerns about privacy, security and business practices. The company says WebTrust meets or exceeds US industry consensus standards for privacy established by the Online Privacy Alliance, and substantively meets the standards for the European Union and Canada. Comodo is the first Certification Authority that KPMG has audited in the UK.