Mathieu Lutfy writes "The CBC is reporting that 'Quebec's open-source software association is suing the provincial government, saying it is giving preferential treatment to Microsoft Corp. by buying the company's products rather than using free alternatives. ... Government buyers are using an exception in provincial law that allows them to buy directly from a proprietary vendor when there are no options available, but Facil said that loophole is being abused and goes against other legal requirements to buy locally.' The group also has a press release in English."

risinganger writes "BBC News is reporting that a customer had his password changed without his knowledge. After some less than satisfactory service the customer in question changed his password to 'Llyods is pants.' At some point after that, a member of staff changed the password to 'no it's not.' Requests to change it back to 'Llyods is pants,' 'Barclays is better,' or 'censorship' were met with refusal. Personally I found the original change funny, like the customer did. After all, god forbid a sense of humour rears its ugly head in business. What isn't acceptable is the refusal to change it per the customer's requests after that."

PainMeds tips a recent post in Secure Computing's research blog describing a new SQL injection attack that had infected thousands of MSSQL-based web servers by last weekend, turning them into malware delivery systems. The attack apparently rewrites the server's Web pages to include JavaScript which pushes malware to the visitor as if it were from the genuine site. Sites using Sybase might possibly be vulnerable, as it uses the same exploited syntax that MSSQL does. The post includes an example of the attack. Unlike most malware attacks, this one appears to originate from the site the user is actually visiting. From the blog: "'Similar to phishing, this attack takes advantage of the website visitor's trust in the site they are visiting. Instead of phishing for information, however, malware is sent to the client, which the client has a higher likelihood of accepting being from a trusted site... These web pages are associated with Web sites from around the world and supplying various content — including government sites, sales sites, real estate sites, and financial information sites among others."

robipilot writes "Mac stolen, Mac comes online, owner connects using 'Back to My Mac,' owner takes picture of culprit, and voila, criminal caught. OK, it wasn't quite that simple, but here's an interesting story of using some built-in technology on the Mac to recover a stolen laptop."