Linux bug gives untrusted users root access

A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open source operating system, reports The Register.

The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable.

While attacks can be prevented by implementing a common feature known as mmap_min_addr, the Red Hat Enterprise Linux distribution doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid-October, told The Register.

A New Orleans jury has found Dell liable for $12.8 million in damages on conspiracy and unfair competition charges in a lawsuit about the city's problem-plagued crime camera programme, says The Register.

The computer vendor was sued by local CCTV vendors, Southern Electronics Supply and Active Solutions, in a complex lawsuit alleging the two firms' proprietary camera system was ripped off by the Big Easy's former technology chief, Greg Meffert, and others. It also claims conspiracy with Dell to sell the system.

Southern Electronics and Active had sought $3.6 billion in punitive damages in the lawsuit, but the jury rejected the misappropriation claim. However, it did find Meffert and other City Hall insiders plotted with Dell to interfere with the CCTV firms' contract with the city.

A hacker in the Netherlands broke into some jail-broken iPhones and sent text messages to the owners asking them to pay to find out how to secure their phones, says CNet.

One of the victims posted a screenshot from his iPhone of the SMS received. It said: "Your iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your iPhone right now! Right now, I can access all your files."

The URL provided now displays a message indicating it was reported for spam or phishing abuse and has been deactivated.

According to a report from the UK Public Accounts Committee this week, delays and overspend in the delivery of an offender tracking database were the result of over-optimism and lack of accountability in Whitehall, reports Computing.co.uk.

The system was designed to track offenders as they passed through the prison and probation system.

The C-Nomis project, run by the National Offender Management Service, has doubled in cost, to £513 million, and is expected to be delivered over three years late.