A University of Portland student was suspended for writing a program to bypass the Cisco Clean Access NAC system on campus. Apparently this incredibly dangerous activity is a Patriot Act violation. Or, at least, it is if you believe the letters being sent out by the administration at UP who seem to be confusing "skipping security checks" and "hack into a licensed product"

Today, Research In Motion said it is developing a new software application suite that will let BlackBerry applications run on Windows Mobile-based devices.

RIM said they would begin offering the new software suite later this year. Once installed, the software will provide Windows Mobile users with an experience virtually identical to what they would receive on BlackBerry hardware, including BlackBerry e-mail, phone, calendar, address book, tasks, memos, browser, instant messaging and other applications developed for the BlackBerry platform. The devices would also be able to connect to BlackBerry services using BlackBerry Enterprise Server as well as BlackBerry Internet Service.

In this episode, we talk with the writer of our cover story and review on automated code scanners, take a look at the state of application performance monitoring, get a sneak peak at the Blackberry 8800 and talk to Extreme Networks CEO Mark Canepa.

Listen Now | View this Issue's Table of Contents

Security in OS X is a pretty interesting topic to watch on the web. For every stereotypical Mac user, perfectly smug in the invulnerability of their operating system of choice, there is a detractor who claims Macs only seem secure because nobody uses them and thus nobody tries to break their security. The truth, as is usually the case in such things, surely lies somewhere in between.

Earlier this week, editors from several of our sister publications attended the Web 2.0 Expo in San Francisco.Co-presented by O'Reilly Media and our parent company CMP Technology, the Expo welcomed the business, design, technical and marketing professionals and experts who are leading the way in building the next generation of the Web. Taking part in the show were various industry icons, including Google's Eric Schmidt, Amazon's Jeffrey Bezos and Yahoo's Jeff Weiner. Workshops and conferences encouraged open communication and collaboration between attendees and presenters, making this event a unique opportunity for everyone.

There's lots of confusion out there about QoS, VoIP, and 3G, especially as these don't work quite the way many people think. This is an area I've been studying intently as it pertains to various projects, and after hearing QUALCOMM speak recently on the topic in a technical presentation on EVDO Rev A, I thought I would take the opportunity to clear some misconceptions, and organize my own thoughts.

Conspiracy theories abound regarding a variety of topics, from alien crash sites in Roswell, N.M., the true perpetrator of President John F. Kennedy's assassination, and Microsoft's domination in the consumer and enterprise desktop market. So it should come as no surprise when telecom watchdogs start banging their drums concerning the relative dearth of cellular handsets with integrated Wi-Fi--also called dual-mode phones--in the U.S. marketplace. For all the success of home Wi-Fi sales, publicity surrounding metro Wi-Fi networks, and the customer base of both pure-play VoIP providers such as Vonage and Packet8 and 'digital phone' providers such as Time Warner, Cox, and Comcast, it's somewhat ironic that dual-mode handsets haven't seen greater success in the United States.

As the movers and shakers in wide-area wireless converge on Orlando for the CTIA conference and exhibition this week, much of the hype will focus on new wireless devices that run over cellular broadband networks, new mobile services and the emerging market for mobile WiMAX. In one corner, you have a mature oligopoly of cellular carriers catering to the impulsive desires of consumers. In the other corner are members of a renegade WiMAX ecosystem, high on promise but slow to get out of the gate.

A friend of mine IMed me a link to Digg the other day congratulating me on getting voted to the front page. Curious, I checked it out and I was found out it wasn't directly to my article, but to a forum post on Linuxquestions.org.

Mark Canepa, CEO of Extreme Networks, talks about making life easy for it and building a development community.

Let's face it, network monitoring is not fun or interesting. It's downright boring. Scanning line graphs, bar charts, pie charts, and (ick) tabular data is tedious.

Our tech editors debate the security flaws -- and competitive alternatives -- to WEP, the much-derided security protocol for wireless local area networks (WLANs) defined in the 802.11b standard.

We start with this note from Sean Ginevan:

Thomas Ptacek challenged Alan Shimmel recently on whether StillSecure's Cobia™ Unified Network Platform™ is really Open Source. Alan's response is that essentially most folks only care that open source means free, and the source code comes with it. After all, that is the obvious definition of the term without knowing the back history. It's not, however, the actual, accepted definition of the term. See the FSF's discussion of the two terms for a bit more background on "Free Software" and "Open Source".

When I first heard a number of claims that AJAX applications were inherently more insecure than standard web applications, I thought that was ridiculous. After all, as long as you don't do anything stupid like do validation of user input only on the client, what would you have to worry about?

While on one level that may be true, it looks like in the general case I was wrong. Splitting web applications into two distinct programmatic components, one that runs in the browser, and one that runs in the server is more complicated (at the very least you've got to be proficient now in two different languages), and there are definitely new types of vulnerabilities that are specific just to AJAX applications.