Tax-free Internet shopping days could be numbered

April 15, 2008 – 2:26 PM

If tax-hungry politicians get their way, the days of ordering items over the Internet and not paying sales tax may become just a fond memory.

Right now, if a California resident orders something from Seattle-based Amazon.com, for instance, he or she won’t be charged sales tax at the time of purchase. That’s because Amazon doesn’t have offices in the state of California.

Pro-tax politicians want to change this by allowing California to force Amazon to collect and submit sales taxes–and they may have found an ally in a U.S. Congress that’s controlled by Democrats. 

Two bills are pending in Congress that would allow tax collectors to target out-of-state Internet and mail-order retailers, and their supporters are optimistic about their political prospects.

“I certainly would love to see a floor vote,” said Neal Osten, federal affairs counsel for the National Conference of State Legislatures (NCSL), a lobby group for state politicians. “We’ve heard encouraging words from the Democratic leadership in the House.”

Meanwhile, pro-tax states are trying their own ways to circumvent a long-standing rule saying a retailer must have physical presence before it can be forced to collect taxes. One effort came from New York state, where legislators recently approved a measure requiring Amazon and other online retailers (that lack a physical presence in the state) to collect sales tax on New Yorkers’ purchases.

Source: CNet

Posted in General BS, Internet | No Comments

Quarterly VoIP Vulnerabilities

April 15, 2008 – 10:44 AM

While most VoIP-related vulnerabilities are posted to the VOIPSA mailing list or blog, I thought it might be useful to have a informal quarterly summary of sorts among VoIP devices per searches from NIST.  I hope folks find it helpful, and of course post comments if I’ve overlooked anything from 1 January 2008 through 31 March 2008.

VoIP Firewalls

Cisco Phones

  • CVE-2008-0531 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
  • CVE-2008-0530 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
  • CVE-2008-0529 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
  • CVE-2008-0528 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
  • CVE-2008-0527 Cisco Unified IP Phone 7935 and 7936 2/14/2008
  • CVE-2008-0526 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G 2/14/2008
  • CVE-2008-1113 Cisco Unified Wireless IP Phone 7921 3/3/2008

Snom Phones

Vocera Phones

Routers & Gateways

Asterisk PBX

Cisco Call Manager

  • CVE-2008-0026 Cisco Unified CallManager/Communications Manager 2/14/2008
  • CVE-2008-0027 Cisco Unified Communications Manager 1/16/2008

UPDATE 4/15/08

  • Milw0rm 5113 Philips VOIP841 PC-Free DECT 6.0 Wireless IP Phone 2-14-2008

    • Source: VOIPSA

    Posted in Hardware, Internet, Networking, Security, Software | No Comments

    11 Critical Security Apps

    April 15, 2008 – 10:35 AM

    If you don’t have security software, your PC is an Internet mugging waiting to happen. We show you the eleven best pieces of software for defending yourself against online thugs.

    The PC security landscape is constantly changing. Well paid, malicious programmers keep cranking out new and different attacks, and the security software vendors do their best to stay ahead. The security vendors also contend with each other, vying (and claiming) to be the very best—it’s tough to sort the wheat from the chaff, and there’s plenty of chaff. More than half the products in our latest Worst Tech roundup are failed security apps. To make matters worse, there’s a ton of rogue antispyware apps out there that actually assault your PC, while claiming to defend it. It’s a mess. But don’t worry: I’ve rounded up all the best security software that’s come through my testing lab in the past few months to create a super-security guide for you. Whether you want a bulletproof security shield or just a spam blocker, there’s a security app here for you.

    The easiest way to secure your PC is to purchase a kitchen-sink security suite that will take care of all your needs. A good suite offers a two-way firewall, protection against viruses and spyware, antispam, and some variation on parental control or identity protection. Even the best suites have strengths and weaknesses. I use Norton Internet Security 2008 myself; I like the intelligence of its no-questions-asked firewall protection and its very good malware protection. I’d install Norton 360 Version 2.0 to give the same protection to friend or relative with less computer experience. But the parental-control features and antispam are weak in both Norton products. And some people, burned by past experiences, can’t quite believe that Norton Internet Security doesn’t slow your machine to a crawl anymore—although it doesn’t! A strong alternative to the Norton family, ZoneAlarm Internet Security 7 spam protection is among the best you’ll find in a suite, and it offers significant identity protection features. Its main drawback is an old-school firewall that (despite considerable and admirable efforts) still asks the user confusing questions, so it’s not for the faint of heart. Check my roundup of Security Suites 2008 and choose one that’s strong in the areas most important to you.

    Read the rest of the story…

    Posted in Internet, Networking, Privacy, Security, Software | No Comments

    Advice for securing your site and your reputation

    April 15, 2008 – 10:09 AM

    Is your company’s Web site hacked? Today, it can be hard to tell. Online crooks who successfully break into a site often sneak in small bits of code that leave no visible trace but can attack visitors who simply view the page.

    In fact, according to a Websense Security Labs report, online thugs who want to spread their viruses, Trojans and other malware are more likely to hack an existing site than to put up their own poisoned page. Of the malicious sites the company found in late 2004, more than half were hacked sites.

    To find out how a company can protect its site and its good name from being hijacked, I talked with Jeremiah Grossman of WhiteHat Security at last week’s RSA security conference here in San Francisco. Grossman has made a big name for himself over the last couple of years by getting the word out about common Javascript vulnerabilities in Web sites.

    His company helps secure sites by scanning for exploitable holes, but the custom service for his mostly enterprise-level customers doesn’t come cheap. So I asked him for tips and suggestions that can help protect all sites, big and small.  Here’s what he said.

    First, know where to look. Grossman says most exploitable vulnerabilities lie in the Web application layer, where custom code handles the communication between the Web server software and the database back-end. This makes sense, because a piece of Web software written by your own software developers isn’t going to undergo the same security testing as say, the Apache Web server or an Oracle database (though said apps are subject to plenty of vulnerabilities themselves).

    Read the rest of this story…

    Posted in Coding, Internet, Networking, Privacy, Security | No Comments

    Load Desktop Backgrounds Immediately in Linux

    April 15, 2008 – 9:05 AM

    When logging into Ubuntu or most any GNOME-based Linux system, users see a blank one-color screen until the actual desktop is loaded—which can make one feel like something’s broken, or at least make your boot experience less fluid. One intrepid Ubuntu hacker, however, shows how to banish the blank screen and have GNOME display your chosen background image or color right away. The tutorial requires installing an “xloadimage” package in Ubuntu, but the open-source package is available in many distributions.

    Via Lifehacker

    Source: Ubuntu Forums

    Posted in Linux | No Comments

    Copyright 2008-2024 PC Sympathy - Entries (RSS) - Sitemap