Security: Indeed, they’re in there. Security holes and vulnerabilities lurking throughout open source programs. Source code analysis specialist Coverity, in fact, has unearthed some 7,800 such defects since kicking off its investigation, under contract from the U.S. Department of Homeland Security, in March, 2006. Those flaws span 11 major open source projects. Amanda, Perl, PHP, Python and Samba, just to name the most well-known. “DHS got involved in the process and awarded the contract under the idea that the work to secure major open source platforms would improve the overall security of businesses and organizations using the involved programs — including the U.S. government,” Matt Hines reports in this Zero Day Security entry. Coverity is finding new holes hourly, according to one official. The news beat: It appears that Yahoo is testing support for OpenID, the authentication standard that could mean surfers no longer have to remember myriad passwords. Vendors including Dell, Hewlett-Packard and Sony are banding together to ease recycling costs on users via a proposed legislative mandate to make reuse and recycling of electronics product the highest priority during the manufacturing process. The EU drops its antitrust probe against Apple after the company agreed to cut the price of music downloads from iTunes in the U.K. And new rootkit Trojan.Mebroot uses old tricks to hide itself from antivirus software.Ongoing coverage: Geek’s Guide to CES. Columnist’s corner: Running cable without a clue sounds like a bad idea but, as our Off the Record author found, it was more common than one might think. Back in the day, that is. “It was the 90s, by the way, which explains why the entity I worked for was still doing all token-ring networking. It wasn’t until much later that IBM even acknowledged the existence of Ethernet — and our CIO wore Blue underwear.” Oh, that’s only the beginning. One of the company’s campuses was begun in the 40’s, and standard practices of the ensuing decades came back to haunt. Our author tracked one user’s problem back to a 600 pair feed cable AT&T has spliced into Y to continue to another wing of the building. “I had to open a 600 pair splice case, tone out which 25 pair Y splice bracket carried her connection, and snip off the other leg of the Y.” Security