Important TiVo News

/

TiVo announced yesterday that they're going to be eliminating Lifetimeservice as an option next week, so if you've been meaning to buy a TiVo for someone you know, or a second one for yourself, now is the time to do so, as after that, you'll have to pay a monthly fee as long as you use the service. This has always been the best way to buy a TiVo, as $299/12.95= 23+, so you break even vs. the monthly fee after 24 months.

Amazon has the 80 hour units for $69.99 after rebate.

Or you can pick one up at Best Buy, and TiVo just added Radio Shack as a partner too, so they may have them in their stores soon.

Remember, the Lifetime goes away on March 15, so act quickly, and don't forget to list my e-mail (seth.bokelman@uni.edu) as referring you if you do buy another one, I need a few more referrals for those nifty Bose headphones... :)

If for some reason you find the new pricing methods preferable, they're now including the box in the service plans, but the price varies depending on how long you want to be contracted for:

* The price for a TiVo box and a one-year service commitment is $19.95 a month or $224 prepaid * The price for a TiVo box and a two-year service commitment is $18.95 a month or $369 prepaid * The price for a TiVo box and a three-year service commitment is $16.95 a month or $469 prepaid

I'm not really a fan of this pricing model, but since I'm not planning on replacing my box anytime soon, it doesn't really affect me too much...

Nasty Safari security problem on Mac OS X

/

SANS links to details of a nasty security problem affecting the Mac OS X browser that will automatically run shell scripts linked to from web pages. If you're reading this via a Macintosh, do the following ASAP:

The best immediate recourse against such an attack is to deactivate the option "Open 'safe' files after downloading" in the "General" section of Safari's preferences. Alternative web browsers such as Camino or Firefox do not support the automatic execution of files. These browsers can be prompted to automatically download a file by using the refresh command in the HTML source code of a web page. However, the file will not be executed. Since the Finder selects the icon for a file based on its extension, users are advised to verify that the OS is using the proper file type. This can be done through the information window or in column view.

UNI Computer system hacked

/

I got my notification on Saturday that my personal info may have been exposed in this breach of security, though from what I've heard, it wasn't a "virus" per se, but rather a bot that was on the laptop in question:

UNI warns of ID theft after computer security breach

CEDAR FALLS, Iowa (AP) -- The University of Northern Iowa has warned students and faculty to monitor their bank accounts after someone accessed a computer system holding confidential information.

The university detected last week that a laptop computer holding W-2 forms was illegally accessed, though officials said the person likely did not realize he could obtain tax information for about 6,000 student employees and faculty.

"A virus was detected during routine monitoring," said Tom Schellhardt, vice president for administration and finance. "We immediately took steps to fix the problem and increase security."

The university sent letters to everyone whose data was on that computer, warning them to protect against identity theft by monitoring their accounts and contacting credit reporting agencies.

Steve Moon, the school's director of network services, said the person who used the laptop computer did so to review the print jobs for the W2 forms.

"There had been problems with printing, and the person wanted to review what the print stream was trying to do," he said.

A. Frank Thompson, a UNI professor of finance, said he didn't think W2 forms should be on the computer because the information must be made into a hard copy anyway for tax purposes. Also, "it simply opens up the possibility of that information being inappropriately accessed," he said.