Slashdot and other sources are reporting that an update to the popular AVG anti-virus product labels a critical file in Windows XP - user32.dll – as a virus that needs to be removed.  If you do that, it cripples the computer.

AVG has posted a fix, and I’m sure will offer an update to correct the issue.  In the meantime, don’t delete that file if AVG says it is a virus.

I was paranoid for a few minutes thinking that perhaps the story was a ruse by virus writers so people wouldn’t delte their virus, but note this wikipedia entry, and this entry on the AVG site.

 Nov 11 6:15 PM – UPDATE – see the following press release from AVG 

 www.globalfluency.com 

 Palo Alto 

 phone (650) 328-5555 fax (650) 328-5016

 New York 

 Intelligent market engagement™

 AMSTERDAM, The Netherlands, November 11, 2008 –

The problem only affects users of the Dutch, French, Italian, Portuguese, and Spanish

language versions of Windows XP.

AVG is taking these steps to assist users in remedying the problem:

Affected users should follow the weblinks below for further information and to download

the fix tool:

1. http://www.avg.com/support/HotTopics1574 FalsePositiveuser32.dll

2. http://www.avg.com/support/HotTopics1574 FalsePositiveuser32.dll – fix

tool

Affected users unable to use their PCs should contact their AVG reseller or ask a friend

to download the information and fix tool for them. After running the fix tool, users should

run the AVG update program to download and install the correct AVG update.

AVG sincerely regrets the inconvenience users have experienced. We are working to

remedy the problem and ensure that any other potential vulnerabilities are identified and

eliminated before they can impact users.

Contact:

Siobhan MacDermott

AVG

For the London Free Press – November 10, 2008

Read this on Canoe

In a recent decision, Canada’s assistant privacy commissioner expressed “grave concern” after finding a major online company operating nationwide was violating federal privacy laws, years after the Personal Information Protection and Electronic Documents Act (PIPEDA) took effect.

A citizen’s complaint led the Privacy Commissioner to probe Ticketmaster Canada Ltd.’s privacy policy.

Headquartered in the U.S., Ticketmaster promotes events and sells tickets for event providers across Canada. In doing so, it collects and routinely discloses personal information to third parties for secondary marketing purposes.

The complaint alleged Ticketmaster’s practices contravened “principles of access, openness, accountability and consent” required by PIPEDA.

In particular, the complainant believed:

- Ticketmaster’s privacy policy was complicated and overly long;

- The company showed a lack of accountability in the way it handled personal information disclosed to third parties;

- Express, informed consent was not sought;

- Customer access to personal information was difficult.

The commissioner found Ticketmaster’s privacy policy was confusing and inconsistent, and customers weren’t adequately informed of the use and disclosure of their personal information.

Most notably, customers were forced to consent to Ticketmaster’s collection and disclosure to third parties of personal information as a condition of service, in direct contravention of PIPEDA.

Thus, the allegations that Ticketmaster’s practices violated the principles of openness and consent were well- founded.

But the allegation that Ticketmaster’s practices violated the principles of accountability was not well-founded, as adequate protection was provided to customers through contracts with third parties.

As a result of the findings, Ticketmaster revised its privacy policy to meet PIPEDA requirements.

Customers are now given the up-front opportunity to opt in to receive marketing material from Ticketmaster, and to allow the firm to share their personal information with third parties for secondary marketing. This puts control back into the consumer’s hands.

Customers are also now more consistently informed of Ticketmaster’s information-sharing policies.

The impact of this decision reaches beyond online ticket sellers. The assistant commissioner found companies operating in Canada must ensure their business practices comply with PIPEDA. Particularly, they should:

- Explicitly inform consumers of the use of any personal information collected and provide a clear opportunity to opt in or out;

- Protect personal information of customers being disclosed to third parties by contractual or other means;

- Effectively and consistently communicate to customers its personal information use and disclosure policies and practices;

- Ensure privacy policies are easily accessible so custo-mers can become informed without unreasonable effort.

A Canoe tech article says that the owner of the isohunt search engine for bitorrent files has asked the BC Supreme court to rule on whether it violates the copyright Act.

Seems that the Canadian Recording Industry Association has demanded that he take down the links – so rather than waiting for them to take action, he went direct to the courts to ask the question.

In essence, the issue is whether this site is no different than any search engine like Google, with no responsibility over what users search for and do with it when they find what they want – or does it somehow cross a line that makes it liable for any illegal or unauthorized copying that those that use it do.

This could prove to be interesting, and could have broader copyright implications affecting things beyond bittorrent search engines.  This is the type of case than can lead to unintended consequences, so one hopes that the court will take a considered look at the issues in general and the broader consequences of a ruling.

That’s the title of my Slaw post for today.

It reads as follows:

With all the exposure we get these days – including published articles, speaking engagements, blogs, websites, twitter, facebook, linkedin, flickr, … – when do we actually “meet” someone for the first time?

When we meet someone in person, we may very well have seen them in those places, or even had a conversation with them in those places. And because us humans have imperfect memories, when we “meet” for the first time in person, there can be that puzzling “haven’t we met before” thought, look, or conversation. And perhaps we have met before – but just not in a face to face conversation.

(Perhaps only a lawyer could put shades of gray on the meaning of the word “meet” – but I digress.)

So effective immediately, when I “meet” someone for the first time, it will be “nice to see you”, or a nod and hello and a repeat of their name – but not a suggestion that it is the first time we have met.

And as an added bonus, it avoids the occasional faux pas when one has actually met the person in person before, but just failed to recall it at the moment.

For the London Free Press – Nov 3, 2008

Read this on Canoe

The Electronic Frontier Foundation (EFF) recently marked the five-year anniversary of the Recording Industry of America’s (RIAA) mass litigation campaign to curtail music piracy on the Internet by releasing a comprehensive review.

The EFF report (available at eff.org) concluded that the campaign was harmful to music fans and artists alike, but has done little to slow unauthorized file-sharing.

The report notes growing skepticism by academics, watchdog groups and most importantly by the courts about the RIAA’s investigation and strong arm enforcement tactics. The RIAA has sued or threatened to sue almost 30,000 people for file sharing.

The RIAA’s “making available” theory has been rejected by many courts, which denounces the notion that merely having a music file in a “shared” folder on a computer, which may never get copied, constitutes copyright infringement. The EFF’s report suggests the policing campaign has simply taught people to choose to share files in ways that are harder to monitor — such as burning and exchanging CDs and MP3s among friends.

Peer-to-peer (P2P) file sharing is more popular than ever, comprising 45 per cent of Internet traffic and has become a fact of Internet life as P2P popularity has continued to grow yearly.

The main critique of the policing campaign has been that it arbitrarily punishes tens of thousands of people for what tens of millions are doing and barely puts any money in the pockets of artists.

American music fans who have been sued for sharing songs on P2P file sharing networks include children, grandparents, unemployed single mothers and college professors. These individuals are the best customers the music industry has.

New lawsuits are filed monthly and are supplemented by a flood of “pre-litigation” settlement letters designed to extract settlements without the need to enter the courtroom. The RIAA has done away with the court system by threatening individuals with expensive litigation and unfavourable outcomes that leaves a lay person with no alternative but to settle for amounts ranging from $3,000 to $11,000.

An example cited by the RFF of where the disproportionate amount of punishment has had devastating consequences include a single mother who thought she was legally downloading 24 songs with her daughter who was sued for $500,000 and settled for $4,000.

Another example is a student who attempted to negotiate a settlement with the RIAA and explained that she was already in debt to cover her tuition and could not pay any amounts. In response the RIAA representative suggested she drop out of school in order to pay the settlement.

It has become evident that suing music fans is no solution to the P2P problem. The RIAA frequently justifies the lawsuit campaign as the most effective way to get music fans to understand that downloading is illegal and can have serious consequences. The policing campaign has failed however to curtail P2P downloading and has not persuaded music fans that sharing is equivalent to shoplifting.

It is evident that people are going to share music using whatever software they like on whatever computer platform they prefer, regardless of the RIAA’s efforts.