Tens of millions of Winamp users are still out there. (credit: Flickr user uzi978 ) As many of us are busy crafting the perfect playlist for grilling outdoors, most likely such labor is happening on a modern streaming service or within iTunes. But during the last 15 years or so, that wasn’t always the case. Today, we resurface our look at the greatest MP3 player that was—Winamp. This piece originally ran on June 24, 2012 (and Winamp finally called it quits in November 2013). MP3s are so natural to the Internet now that it’s almost hard to imagine a time before high-quality compressed music. But there was such a time—and even after “MP3” entered the mainstream, organizing, ripping, and playing back one’s music collection remained a clunky and frustrating experience. Enter Winamp , the skin-able, customizable MP3 player that “really whips the llama’s ass.” In the late 1990s, every music geek had a copy; llama-whipping had gone global, and the big-money acquisition offers quickly followed. AOL famously acquired the company in June 1999 for $80-$100 million —and Winamp almost immediately lost its innovative edge. Read 87 remaining paragraphs | Comments
View article:
Winamp’s woes: How the greatest MP3 player undid itself
ITWire reports: A flaw in systemd, the init system used on many Linux systems, can be exploited using a malicious DNS query to either crash a system or to run code remotely. The vulnerability resides in the daemon systemd-resolved and can be triggered using a TCP payload, according to Ubuntu developer Chris Coulson. This component can be tricked into allocating less memory than needed for a look-up. When the reply is bigger it overflows the buffer allowing an attacker to overwrite memory. This would result in the process either crashing or it could allow for code execution remotely. “A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved in to allocating a buffer that’s too small, and subsequently write arbitrary data beyond the end of it, ” is how Coulson put it. Affected Linux vendors have pushed out patches — but the bug has apparently been present in systemd code since June of 2015. And long-time Slashdot reader walterbyrd also reports a recently-discovered bug where systemd unit files that contain illegal usernames get defaulted to root. Read more of this story at Slashdot. 
US authorities intercepted and recorded millions of phone calls last year under a single wiretap order, authorized as part of a narcotics investigation, ZDNet’s Zack Whittaker reports. From the article: The wiretap order authorized an unknown government agency to carry out real-time intercepts of 3.29 million cell phone conversations over a two-month period at some point during 2016, after the order was applied for in late 2015. The order was signed to help authorities track 26 individuals suspected of involvement with illegal drug and narcotic-related activities in Pennsylvania. The wiretap cost the authorities $335, 000 to conduct and led to a dozen arrests. But the authorities noted that the surveillance effort led to no incriminating intercepts, and none of the handful of those arrested have been brought to trial or convicted. Read more of this story at Slashdot. 
Long-time Slashdot reader nri tipped us off to a developing story in Victoria, Australia. Yahoo News reports: Victoria Police officials announced on Saturday, June 24, they were withdrawing all speed camera infringement notices issued statewide from June 6 after a virus in the cameras turned out to be more widespread than first thought. “That does not mean they [the infringement notices] won’t not be re-issued, ” Assistant Commissioner Doug Fryer told reporters, explaining that he wants to be sure the red light and speed cameras were working correctly. Acting Deputy Commissioner Ross Guenther told reporters on Friday that 55 cameras had been exposed to the ransomware virus, but they’ve now determined 280 cameras had been exposed. The cameras are not connected to the internet, but a maintenance worker unwittingly connected a USB stick with the virus on it to the camera system on June 6. Fryer said that about 1643 tickets would be withdrawn — up from the 590 that police had announced on Friday — and another five and a half thousand tickets pending in the system would be embargoed. Fryer said he was optimistic the 7500 to 8000 tickets affected could be re-issued, but for now police would not issue new tickets until police had reviewed the cameras to ensure they were functioning properly… The “WannaCry” malware caused the cameras to continually reboot, Fryer said. Fryer said there was no indication the malware had caused inaccurate radar readings, but police were being “over cautious” to maintain public faith in the system. Last week Victoria’s Police Minister was “openly furious” with the private camera operator, saying the group hadn’t notified the relevant authorities about the infection. Read more of this story at Slashdot.