Freaky_Friday wrote with a link to an InfoWorld article about a teenage kid accessing customer information at AOL. The alleged criminal trespass began late last year, and extended up through early April. According to the article, the guy used some 'off-the-shelf' hacking software he downloaded online to gain access to, and then transmit information from, AOL's systems. "The complaint states that Nieves admitted to investigators that he committed the alleged acts because AOL took away his accounts. 'I accessed their internal accounts and their network and used it to try to get my accounts back,' the defendant is quoted as saying in the complaint. He also admitted to posting photos of his exploits in a photo Web site, according to the complaint ... If the defendant was honest about his motivation in his reported confession, it's safe to assume that he wasn't interested in stealing data for financial gain, [Managing director of technology at FTI Consulting Mark] Rasch said. Still, it'll be interesting to find out what steps AOL is taking if customer data was in fact compromised, he said."

Matthew Sparkes writes "NASA will likely shut down its Institute for Advanced Concepts, which funds research into futuristic ideas in spaceflight and aeronautics. The move highlights the budget problems the agency is facing as it struggles to retire the space shuttles and develop a replacement. The institute receives $4 million per year from NASA, whose annual budget is $17 billion. Most of that is used to fund research into innovative technologies; recent grants include the conceptual development of spacecraft that could surf the solar system on magnetic fields, motion-sensitive spacesuits that could generate power and tiny, spherical robots that could explore Mars."

porcupine8 writes "The Kansas State Board of Education has changed the state science standards once again, this time to take out language questioning evolution. This turnaround comes fast on the heels of the ouster given this past election to the ultra-conservative Board members who originally introduced the language. 'Science' has also been re-redefined as 'a human activity of systematically seeking natural explanations' (the word 'natural' had been previously stricken from the definition). If you'd like to see the new standards, a version showing all additions and deletions is available from the KS DOE's website (PDF)."

Rob wrote in with a link to a CBR Online article discussing drive-by pharming, a new exploitation technique developed by Indiana University and Symantec Corporation. While it's not known if the technique is in use 'in the wild', the exploit could easily co-opt the web-browsing habits of a user that had not properly configured their router. "The attack works because most of the popular home routers ship with default passwords, default internal IP address ranges, and web-based configuration interfaces. The exploit is a single line of JavaScript loaded with a default router IP address, a default password, and an HTTP query designed to reconfigure the router to use the attacker's DNS servers." The article goes on to discuss several related and more advanced techniques related to this one, which security companies will have to keep in mind to guard against future attacks.