AACS, a DRM scheme used to encrypt data on HD-DVD and Blu-Ray disks, would appear to be cracked wide open by that short string of hexadecimal codes, as previously, only disk-specific Volume Keys were compromised. The new hack is the work of Arnezami, a hacker posting at the doom9 forums, fast becoming the front line in the war on DRM.

The new crack follows that from earlier this year, when a hacker by the name of muslix64 broke the AACS system as it applied to each movie. While the earlier hack led to 100 HD-DVD titles and a small number of Blu-Ray movies being decrypted one-by-one, the so-called "processing keys" covers everything so far made.

It's not yet clear what it means for the consumer's ability to copy movies, or, for that matter, that of mass-market piracy operations. The short form is that the user still needs a disk's volume ID to deploy the processing key and break the AACS encryption — but getting the ID is surprisingly easy.

How might the companies respond? The processing key can now be changed for future disks. However, the flaws inherent in the system make it appear easy to discover the replacement: the method of attack itself will be hard to offset without causing knock-on effects. For example, revoking player keys (in advance of obfuscating the keys in memory in future revisions of the system) would render current players unable to view future movies.

There's a slightly odd article doing the rounds that says laptops running Windows Vista could burn through their batteries more quickly than users expect because "some wireless access points aren't configured to take advantage of the new operating system's Wi-Fi power-saving mode".

It sounds like what's happened is that Vista supports a newer technology than many access points -- which is to be expected in the world of computers, since every product isn't on the same release cycle. But what makes this story so strange is that it's written almost as if the problem is with WiFi, not with Vista. It seems rather ridiculous to imply that WiFi access points should be more accommodating to Vista, rather than the other way around, or to suggest that access points are broken because they don't support this feature Vista does.

At a security breakfast hosted by e-mail security firm Messagelabs in Sydney on Wednesday, the general manager of the Australian Computer Emergency Response Team (AusCERT), Graham Ingram, told the audience that popular desktop antivirus applications "don't work".

"At the point we see it as a CERT, which is very early on -- the most popular brands of antivirus on the market … have an 80 percent miss rate. That is not a detection rate that is a miss rate."

"I am not suggesting that there is a difference in the quality of the antivirus products themselves. What is happening is that the bad guys, the criminals, are testing their malicious code against the antivirus products to make sure they are undetectable. This is not a representation of the software," said Ingram.

Computer viruses could be about to take a giant leap and start spreading via smart barcodes, warn experts.

Security researchers have infected a Radio Frequency ID tag with a computer virus to show how the technology is vulnerable to malicious hackers.

"Everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify back-end software and certainly not in a malicious way. Unfortunately, they are wrong," wrote the trio in their research paper.

The researchers showed how to get round the limited computational abilities of the smart tags to use them as an attack vector and corrupt databases holding information about what a company has in storage. To test out the theory the group created a virus for a smart tag that used only 127 characters, uploaded it and watched it in action.

If viruses do appear in smart tags, said the researchers, they are likely to cause problems for companies that read data off the tags. They speculated that consumer activist groups could use smart tags viruses to cause havoc at stores they are targeting.

The incredible saga of the FBI's overbudget $500 million computer system that needed to be scrapped after it turned out it was useless in fighting terrorism apparently had some other problems as well. The news has come out today that a contractor hired to work on the computer system was so frustrated by the bureaucracy he needed to go through to do something as simple as adding a printer to the network, that he used some free internet tools to breach the network and get access to the usernames and passwords of 38,000 FBI employees, including director Robert Mueller. The contractor pleaded guilty to various charges, though even the FBI admits that he only appears to have done what he did to actually get work done. It's not clear which part is more disturbing: that the FBI's computer system was so easily hacked, or that the best way to get work done at the FBI is to breach its computer security.

If it is up to Microsoft, the omnipresent JPEG image format will be replaced by Windows Media Photo.

Windows Media Photo will be supported in Windows Vista and also be made available for Windows XP, Bill Crow, program manager for Windows Media Photo, said in a presentation.

Typically digital cameras today use 6:1 compression, Crow said. Windows Media Photo should offer better pictures at double that level, he said. "We can do it in half the size of a JPEG file."

Microsoft will need to get players such as Adobe Systems and Apple Computer on board to win over the graphics professionals, he noted. A major unknown is licensing, which Microsoft has not yet addressed. "Licensing can kill this," Wells said.

The Chinese government is calling on computer manufacturers to make sure their machines include a legal operating system before they leave the factory.

The notice says all computers made within China's borders should include a pre-installed operating system. This mirrors comments from Microsoft, which has long criticised sales of "naked PCs" as helping pirates.

A separate announcement calls on government departments to make sure their computers are legal.

IBM on Thursday announced that it had scored a breakthrough in file system technology that increases the speed of data access by seven times. Researchers were able to attain a 102-gigabyte per second transfer rate on the ASC Purple supercomputer at Lawrence Livermore National Laboratory in a recent test.

The file system was an astonishing 1.6 petabytes in size, the largest ever in the world, and performance was maintained even as 1,000 clients pushed workloads into the file. The project used 104 Power-based eServer p575 nodes and 416 storage controllers, IBM said in a statement.

Called the General Parallel File System (GPFS), the technology allows for high-speed access to files across multiple nodes of a Linux or AIX cluster. The file system could be used in a variety of fields, including engineering design, digital media and entertainment, data mining, financial analysis, seismic data processing and scientific research.

IBM will push GPFS on several fronts, including an effort to even promote its use on non-IBM hardware. The source code behind the file system will be released to eligible clients who can develop upon the technology and share their work with others.

Google today announced a new "feature" of its Google Desktop software that greatly increases the risk to consumer privacy. If a consumer chooses to use it, the new "Search Across Computers" feature will store copies of the user's Word documents, PDFs, spreadsheets and other text-based documents on Google's own servers, to enable searching from any one of the user's computers. EFF urges consumers not to use this feature, because it will make their personal data more vulnerable to subpoenas from the government and possibly private litigants, while providing a convenient one-stop-shop for hackers who've obtained a user's Google password.

The privacy problem arises because the Electronic Communication Privacy Act of 1986, or ECPA, gives only limited privacy protection to emails and other files that are stored with online service providers—much less privacy than the legal protections for the same information when it's on your computer at home. And even that lower level of legal protection could disappear if Google uses your data for marketing purposes. Google says it is not yet scanning the files it copies from your hard drive in order to serve targeted advertising, but it hasn't ruled out the possibility, and Google's current privacy policy appears to allow it.

Attackers can easily crack even strong Oracle database passwords and gain access to critical enterprise data because of weak password protection mechanisms, researchers have warned.

The duo's paper, "An Assessment of the Oracle Password Hashing Algorithm," calls for Oracle to bolster its password hashing mechanism.

As it now stands, malicious users can recover even strong, well-constructed passwords within minutes, the researchers have found.

It is only the most recent of a long run of security embarrassments for the database company that cooked up the marketing tag "unbreakable"-a brag that it has quietly stepped back from ever since its inception.