W A R S H O C K - dumping site of the trivias, tips and guides, tech news, updates,.etc..

WHY WINDOWS 7 CAN FINALLY RETIRE XP

2009-04-07T19:56:00.003+08:00

Microsoft for some time has been wanting to kill off XP --- and when Windows 7 hits, the company will finally be able to do it. Here's why Windows 7 will let Microsoft pull the plug.
First off, it's no secret that Vista hasn't been embraced by enterprises, many of whom have treated it like the plague. That's unlikely to be the case with Windows 7. One reason: Vista wouldn't run properly on a fair number of PCs in enterprises when it was initially launched because the hardware wasn't high-powered enough.
Today that's no longer the case. Enterprises have gone through at least one round of hardware refresh since the Vista launch, and so now virtually all of their PCs will run Windows 7.
The same thing holds for printers and other peripherals. One of Vista's biggest problems was that too many peripherals wouldn't run with it.
Again, though, that's no longer true. Enterprises have newer peripherals now than they had years ago. Newer peripherals will work with Windows 7, because it was designed to work with Vista-compatible hardware.
In addition, the Windows 7 beta has been quite solid and stable -- so much so that Gartner has been telling businesses that they don't need to hold off until Windows 7 SP1 to plan for deployment -- they can start planning at launch.
Given all that, Microsoft will be able to move enterprises toward Windows 7 and away from XP, ultimately allowing the company to kill XP.
Windows 7 will run on netbooks, which Vista can't do. Because Vista can't power notebooks, Microsoft has had to keep XP alive for the large and growing netbook market. But when Windows 7 ships, Microsoft will have Windows 7 installed on netbooks, not XP. That also will let it kill XP more quickly.
The upshot? Windows 7 will do something that Vista couldn't -- kill XP.

A POWERPOINT ZERO DAY FLAW, TARGETED AND ATTACKED

2009-04-06T17:16:00.003+08:00

Malicious PowerPoint files (.ppt) are currently being used to exploit a newly reported security hole in the Office app. The isn't yet any patch available for the zero-day flaw, but Microsoft says the attacks are currently limited and targeted.
A successful attack would allow for running any command on the victim computer, such as downloading and installing malware. The Microsoft Security Response Center (MSRC) reports that the affected versions of the software are: Microsoft Office PowerPoint 2000 Service Pack 3, Microsoft Office PowerPoint 2002 Service Pack 3, Microsoft Office PowerPoint 2003 Service Pack 3, and Microsoft Office 2004 for Mac.
Microsoft Office PowerPoint 2007 is not affected, according to the MSRC.
Until Redmond releases a patch, your best bet is to upload any remotely suspect PowerPoint e-mail attachments to Virustotal.com for multiple free scans, as these small-scale, zero-day attacks can often be missed by one antivirus program. Also, techies and IT staff can look into using the MOICE converter, which requires installing the Office 2007 compatibility pack and converts binary Office docs into the 2007 XML format. But there are some gotchas with the process, such as losing all macros in converted docs.

CONFICKER WORM UPDATE - THREAT STILL LOOMS

2009-04-03T13:08:00.004+08:00

April 1 has come and gone, and the Internet has not disintegrated and no major cyber-attacks were reported. But Conficker still remains a threat. Now don't panic, this doesn't mean cyber-Armageddon could strike at any minute, it just means you need to make sure your computer is fully updated if it isn't already. Feel better? Good, then let's take a look at what's going on.
Why It Ain't Over Yet
The Conficker Working Group -- which is made up of 27 tech companies and agencies including AOL, F-Secure, Facebook, ICANN, Kaspersky, McAffee, Microsoft, Symantec -- says that Conficker, also known as Downup, Downadup, and Kido, is the largest worldwide computer infection since the SQL Slammer in 2003. The CWG estimates anywhere from 3 to 15 million computers are infected worldwide, and says 30 percent of Windows computers across the globe are not updated with the latest patches to protect against Conficker. The virus authors are also still at large and able to communicate with Conficker, although that capability has been significantly reduced.
Problem Spots

As you can see from this map provided by the CWG, Conficker infections in the United States are happening pretty much everywhere you can find an Internet connection. However, despite all that ominous-looking red, only 6 percent of Conficker infections are in North America. The biggest problem areas are actually concentrated in Asia and South America including Vietnam, Brazil, the Philippines, and Indonesia, as well as Algeria.
The hardest hit areas may also have a correlation to the number of unpatched Windows computers since Asia, Eastern Europe, and South America are areas known to have widespread use of pirated Windows software. Since Microsoft automatically blocks illegitimate copies of Windows from receiving critical updates, those computers remain vulnerable to Conficker, thus perpetuating the risk.
What Conficker is Doing
Yesterday, Conficker began its daily exercise of contacting 500 Web sites from a randomly generated list of 50,000 sites. Conficker will continue to do this every day until it receives instructions to do something else. Further instructions could be a simple software update or the infected computers could work as a botnet to commit theft or attack other computer networks. The problem is that while security and IT professionals are working to block Conficker from getting further instructions, they haven't been able to block all Conficker traffic. So some infected machines have gotten through, but luckily further instructions haven't been issued, yet. Conficker's authors may be laying low until publicity surrounding Conficker dies down before contacting their creation.
If Conficker is updated or receives further instructions, that capability could pass between infected machines without further need of a server or Web site, because Conficker uses a peer-to-peer (p2p) protocol to communicate with other infected machines. That's right, Conficker is file-sharing. With p2p, the worm can distribute software updates much faster than if every infected machine had to communicate with a main server.
The Final Countdown?
Does this mean the world could still end? Probably not, and that was never the concern with Conficker despite the doomsday scenarios you may have read. The fact is that most security experts believe that Conficker is just a typical botnet worm that can be used for identity theft or to commit other forms of cybercrime. Conficker is most likely controlled by an organized crime syndicate in Asia, Eastern Europe, or South America, and the group may even rent out Conficker's capabilities if the botnet every becomes active.
Conficker is a threat only if your computer does not have the latest security patches from Microsoft and an up-to-date antivirus program.

U.S. LIBRARY OF CONGRESS EXTENDS TO YOUTUBE AND ITUNES

2009-04-01T18:33:00.002+08:00

The U.S. Library of Congress has begun uploading its audio archives to iTunes, and it will soon begin to post videos on YouTube, in an effort to make its materials easier for the public to access.
The library already offers the materials at its own Web site, LOC.gov, and through interactive exhibitions on its new, personalized Web site at myLOC.gov, but the expansion to YouTube and Apple's iTunes is part of the library's efforts to make its 15.3 million digital items more accessible, said Matt Raymond, the library's director of communications.
"Our broad strategy is to 'fish where the fish are,' and to use the sites that give our content added value -- in the case of iTunes, ubiquity, portability, etc.," Raymond said in an e-mail.
The decision to post audio and video on iTunes and YouTube follows a successful launch early last year of a library photo archive on Flickr. Since January 2008, the library's photos on Flickr have been viewed about 15.7 million times, and more than 20,000 Flickr users have added the Library of Congress as a contact, said Michelle Springer, digital initiatives project manager in the library's Web Service Division.
The library initially uploaded 3,100 photos to Flickr and has added 50 a week since then.
The library has already uploaded 39 podcasts to iTunes and plans more, Springer said. For its YouTube launch, in coming weeks, the library plans to start with about 100 videos.
Among the items Web surfers can expect on iTunes and YouTube are 100-year-old films from Thomas Edison's studio, book talks with contemporary authors, early industrial films from Westinghouse factories, first-person audio accounts of life in slavery, and inside looks into the library's holdings, including the rough draft of the Declaration of Independence and the contents of President Abraham Lincoln's pockets on the night of his assassination.
The library also has a Twitter stream, and library information is available on more than 30 RSS feeds and e-mail alert services. The library also launched one of the first blogs from a federal agency.
Asked why the library chose YouTube and iTunes, Raymond said the library will continue to explore other ways to share its holdings.
"The library is in an exploration stage with these new media distribution channels," Springer added. "These services are a place to start learning, but our agreements are not exclusive, so other services are certainly possible in the future."
On Thursday, the U.S. General Services Administration announced agreements with Flickr, YouTube, Vimeo and blip.tv that will allow other federal agencies to participate in new media, library officials said. GSA plans to negotiate agreements with other providers.

GOOGLE EARTH 5.0 SHOWCASES IMAGES OF MARS

2009-03-31T20:03:00.008+08:00

Google Earth 5.0 is a fun and free way to waste time, and now it’s even better with the updated Mars in Google Earth, a 3D mapping tool that lets astronomy buffs and armchair astronauts roam the Red Planet.
You now can view antique maps of Mars from over a century ago, as well as the latest images from today’s Mars spacecraft. In addition, you can go on virtual flybys with NASA’s Mars Odyssey and Mars Reconnaissance Orbiter, and get guided tours of the planet from Public Radio’s Ira Flatow and Bill Nye, the Science Guy.
For a quick tutorial of the new Mars in Google Earth features, check out this Google overview.
Below is a brief summary of the highlights:
To travel to the Red Planet, go to the top toolbar and click “Mars.”

This flies you to the Mars, where you can explore current maps or travel back in time to see antique maps by astronomers Giovanni Schiaparelli, Percival Lowell, and others:

For a present-day look at Mars, select images from a variety of modern spacecraft, including the Phoenix and Beagle2 landers and the Opportunity and Spirit rovers:

Conspiracy buffs will want to try the zoom tool. It’s great for exploring mysterious imagery like the Face on Mars:

A guided audio tour helps you find your way around the planet. You can pause the tour to explore areas of interest like the Valles Marineris, a vast system of canyons that’s 1860 miles long:

You can even see satellite images being taken by the NASA THEMIS camera onboard the Mars Odyssey spacecraft.

Mars in Google Earth is a lot of fun! (Sorry, no GPS navigation yet for the Red Planet.)

ROCKSTAR GAMES ANNOUNCES 'WINTER 2009' RELEASE OF MAX PAYNE 3

2009-03-30T18:34:00.003+08:00

With Hollywood actor Mark Wahlberg failing to impress as the big screen iteration of videogame anti-hero Max Payne, ever-controversial software developer Rockstar Games has this week announced it’s preparing its hard-hitting franchise for yet another all-action outing.
Presently in production at Rockstar’s Vancouver-based studio in Canada, Max Payne 3 has been issued with a scheduled release of “Winter 2009” and will be available on the PlayStation 3, Xbox 360 and Games for Windows, according to an official statement.
“We’re starting a new chapter of Max’s life with this game,” enthused Sam Houser, founder of Rockstar Games. “This is Max as we’ve never seen him before, a few years older, more world-weary and cynical than ever.”
While little is presently known about Max Payne 3’s narrative or gameplay structure, an early poster image suggests adult themes typical of the series thanks to a heavily scarred Max sporting a greying beard and blood spattered liberally across his face and neck.
The only nuggets of information dropped by Rockstar see Max emroiled in a world of corruption, turmoil and intense violence as he leaves New York behind and drifts “from bad to worse” on a search for truth that involves being double crossed and trapped in a city filled with violence and bloodshed – staples of the first two series offerings.
“We experience the downward spiral of his life after the events of Max Payne 2 and witness his last chance for salvation,” added Houser.
Developer Rockstar Games is best known for its often controversial but critically acclaimed Grand Theft Auto games, along with similarly highlighted offerings such as Manhunt, Manhunt 2, and Bully (a.k.a. Canis Canem Edit).

NEW YOUTUBE APP FOR WINDOWS MOBILE AND NOKIA SYMBIAN S60

2009-03-29T18:54:00.000+08:00

Expanding the on-the-go reach of its hugely popular video-sharing Web site YouTube, search giant Google Inc. has this week introduced a mobile application specifically for Windows Mobile and Nokia Symbian Series 60 (S60) handset devices.
Beyond expanding the user base of the YouTube application, an official announcement posted to the Google Mobile blog promises “up to 90%” faster start-up times, searches and video loads, while improved access is likely via the addition of a specific YouTube icon to the host phone’s home screen.
“Our goal is to provide you with a great YouTube experience wherever you want to watch videos – whether it’s on your computers, on your television, or on your mobile phone,” outlined Dave Stewart of YouTube’s product marketing team.
“While YouTube has been available for many mobile phones for over a year, today we’re taking a big step forward with a new version of our mobile YouTube application,” he added.
In terms of mobile video performance, the application automatically detects the user’s assigned network capabilities and selects the highest available streaming quality, which Google claims will provide videos that “will look sharper,” and sound that’s “clearer than ever.”
Other enhancements include improved optimised streaming over Wi-Fi and 3G to support an even wider range of networks, while buffering is similarly pushed in order to ensure video playback is possible even in areas where coverage is weakened.
With Google trumpeting that it has “worked really hard to make video playback ‘just work,’” the YouTube application requires no configuration beyond its initial installation and alerts its users whenever updates or improvements become available for the mobile platform.

OBAMA SOLICITING PUBLIC QUESTIONS THROUGH WEB

2009-03-27T18:15:00.008+08:00

President Barack Obama plans to answer questions on that were submitted to the White House through Google Moderator.
On Monday, Obama posted a message on YouTube, which has received more than 10,000 hits to date, telling Americans that "we're going to take advantage of the Internet to bring all of you to the White House to talk about the economy."
The White House is using Google Moderator, an application that allows users to pose questions
and vote on ones that they like. There are 11 categories on the site including small business, veterans and health-care reform. Nearly 12,000 people had submitted questions and cast more than 420,000 votes by Wednesday.
"We're going to compile those questions and votes and then on Thursday I'll be giving you some answers myself," Obama said in his YouTube address. The administration will have a lot of work, though, as nearly 14,000 questions have been submitted so far.
Under the home ownership category the question with the most votes is: "What benefits from the stimulus plan are there to those of us who are paying our mortgages, but living paycheck to paycheck?"
A younger user from Washington, D.C., posed a question in the retirement security forum, "I'm 19 years old and just beginning to see my earnings deducted for Social Security. Though retirement is a long while away, how can you guarantee that this program remains solvent?"
Calling the project an "experiment" Obama said that "it's also an exciting opportunity for me to look at a computer and get a snapshot of what Americans across the country care about."

For custom essays and solution to your essay making problems...visit New Wave Essays

IE8 STILL SLOW AFTER SUNSPIDER TESTS

2009-03-24T12:27:00.002+08:00

Microsoft Corp. may be talking up the performance boost it gave to the just-launched Internet Explorer 8 (IE8), but the new browser remains the slowest of the top five on the market, benchmark tests show.
According to JavaScript rendering tests run by Computerworld, the final version of IE8 is only slightly faster than the browser's Release Candidate 1 (RC1), which Microsoft delivered in January.
Computerworld ran the SunSpider benchmark tests in Windows XP three times for each browser, then averaged the scores.
Google Inc.'s Chrome led all browsers with a score of just 1382 -- in SunSpider, lower scores are better -- making it more than four times faster than IE8. Coming in second was Mozilla Corp.'s Firefox 3.0.7, followed by Apple Inc.'s Safari 3.2.2 for Windows and Opera Software's Opera 9.63.
Firefox proved to be 59% faster than IE8, while Safari was 47 faster faster. Opera, the slowest non-Microsoft production browser, was still 38 percent faster than IE8.
Microsoft, however, has continued to downplay benchmarks such as SunSpider, and instead has promoted page-load time trials that pit browsers against each other in rendering the Web's top 25 destinations. Last week, Microsoft claimed that IE8 loaded more sites faster than either Chrome or Firefox.
At the time, however, James Pratt, a senior program manager for IE, acknowledged that the differences were slight. That's another angle the company has taken when it's talked about IE8's performance. In an interview yesterday, for example, Pratt called IE8 "highly competitive" with other browsers, and dubbed it "the fastest version of IE that we have ever released."
But he also acknowledged that speed is important to users. "We know that speed is critical to people who are using browsers today," Pratt said, "and we recognize that users have a choice when it comes to browser."

GOOGLE CHROME BOOSTS SPEED IN NEW BETA

2009-03-22T10:09:00.003+08:00

Google has upped the ante in the browser speed wars and added a handful of features with a new 2.0 beta version of its Chrome Web browser (you can download the browser here)
. Though Chrome version 1.0 emerged from beta in December, Google decided to move it back into beta testing and tinker. For those who aren't interested in playing with a beta edition, Google still offers the stable version for everyday Chrome users, as well as a developer version.
According to the official Google Chrome blog, the new beta version processes Javascript 25 percent faster on its V8 (the engine on which Chrome is built) benchmark, 35 percent faster on the Sunspider benchmark, and twice as fast as its original beta. Chrome beta also includes features such as form autofill; a full-page zoom that captures not only text but images; autoscroll when you click your mouse's scroll button; and dragging tabs -- a neat feature that puts your tabs in side-by-side symmetrically-sized windows when you drag a tab outside of the original browser window.
Browsing with the Chrome beta and you will find that its speed boost and add-ons made the browser function like a quicker, cleaner version of Firefox. Downloaders should beware, though: Some reports caution that Chrome 2.0 beta is buggy and users have experienced problems with password management.
Last month Apple introduced a souped-up version of its Safari browser, claiming it was faster than its competitors Internet Explorer, Chrome, and Firefox. If Google's claim that this latest beta version of its browser is twice as fast as the original, It would be interesting to see where this leaves Apple and Google in the faster-is-better browser wars.

THIRD CONFICKER VARIANT EXPECTED APRIL 1

2009-03-20T11:17:00.001+08:00

The third Conficker malware variant in infected machines is set to activate April 1, says the director of threat research at CA where the malware sample first discovered last week by Symantec is being examined.
"It's set to go off April 1, 2009 and Conficker will generate 50,000 URLS daily," says Don DeBolt, CA's director of threat research.
Generating that many URLs is a way to hide where it may be calling to download instructions from those who designed it to infected machines. It's not known exactly what those instructions might be but it could involve downloading more malicious code or destroying files.
Antivirus vendor Symantec has also warned of a third wave of Conficker attacks.
CA says it has some ideas about where Conficker originated but isn't discussing that at present.

IE8 FASTER THAN FIREFOX OR CHROME...MICROSOFT

2009-03-18T11:59:00.001+08:00

Microsoft Corp. says that its own speed tests prove Internet Explorer 8 (IE8) is faster than either Firefox or Chrome.
In a report released last week, Microsoft spelled out how it tests browsers in-house, and again stressed that it doesn't buy the idea that benchmarks -- such as those that score JavaScript performance -- accurately compare the players.
"These benchmarks necessarily characterize only a narrow set of the browser functions in a very constrained way," Microsoft's report said. "End users, however, do not operate in a controlled environment."
Microsoft's tests pitted IE8 Release Candidate 1 (RC1), which launched in late January, against Google Inc.'s Chrome 1.0 and Mozilla Corp.'s Firefox 3.0.5, a version from mid-December. The company timed how long it took each browser to completely render the 25 most-popular destinations on the Web, as ranked by the Web metrics firm comScore Inc., which included google.com, facebook.com, amazon.com, and others.
IE8 was fastest in rendering 12 of the 25 sites, said Microsoft, while Chrome took second by beating the others on nine sites. Firefox, meanwhile, was a distant third, coming in first on just four of the 25 domains.
Microsoft did not test other browsers, such as Apple Inc.'s Safari or Opera Software ASA's Opera, said James Pratt, a senior product manager on the IE development team, because it wanted to focus on rivals that "had a good share on the Windows platform."
Both Opera and Safari for Windows have shares of less than 1%, according to the most recent data from Net Applications Inc., with the former, on all platforms, accounting for 0.7% and the latter just 0.3%.
Nor did Microsoft put IE8 in the ring with later versions of Chrome and Firefox. Chrome, for instance, is currently at 2.0.169.1 as a developer-only build, while Firefox just rolled out 3.1 Beta 2. Both browsers boast better performance, specifically faster JavaScript rendering. "IE8 RC1 is a release candidate, and was very close to being done," explained Pratt when asked why newer versions of Chrome and Firefox had not been used. "But Google and Mozilla were still actively working on [those newer browsers], and they weren't super stable."
JavaScript benchmarks have become a point of dispute between Microsoft and its rivals. While Mozilla, Google, Apple and Opera have all updated their JavaScript engines in the last eight months, and have then trumpeted scores in JavaScript test suites like SunSpider, Microsoft executives have dismissed the bragging as so much noise.
Dean Hachamovitch, IE's general manager, has called claims of competitors a "drag race" that Microsoft isn't interested in joining, while Pratt has downplayed comparisons of any kind. "We're at the point, with what people do in the browser, that users can't really tell the difference between browser [performance]," he said in a January interview.
Pratt said that the just-released report backed that up. "As you can see from the scores, the differences between the browsers are actually very small," he said.
When Computerworld last tested the major browsers' JavaScript performance, immediately after the release of the public beta of Safari 4, IE8 ranked last.
Although Google did not respond to a request for comment on Microsoft's benchmarks, Mozilla's Mike Shaver, who heads all development at the company, applauded any attempt to boost IE's performance. "I don't think anyone here has had a chance to really look at their methodology yet or tried to reproduce their results, but to whatever extent Microsoft is working to improve the performance of IE it's a good thing for the Web," said Shaver in an e-mail late Thursday.

GOOGLE KNOWS WHAT YOU SEARCHED LAST SUMMER

2009-03-16T00:04:00.007+08:00

Google knows who you are. It knows what you search for. It knows what you had for dinner last night and exactly where you like your back to be scratched. And, starting Wednesday, it will deliver ads tailored directly to you.
In a blog post titled "Making ads more interesting," VP of Product Management Susan Wojcicki describes Google's decision to move into behavioral advertising. To wit:
We think we can make online advertising even more relevant and useful by using additional information about the websites people visit. Today we are launching "interest-based" advertising as a beta test on our partner sites and on YouTube. These ads will associate categories of interest -- say sports, gardening, cars, pets -- with your browser, based on the types of sites you visit and the pages you view. We may then use those interest categories to show you more relevant text and display ads.
In other words, the ads Google displays won't just pull from the search terms you're using. Google will also look at all the sites you've visited lately. So if you're searching for, say, "baby wipes" and all you see are ads for porn, Google knows you've been a naughty little monkey.
[Note: Porn is not one of Google's officially sanctioned "categories of interest," but you get the idea.]
The concept isn't new; behavioral ad companies were all the rage a few years ago, which is why AOL, Microsoft, and Yahoo all bought one of their very own. But Google is the proverbial 8,000-pound gorilla -- when it does something, there's usually a boatload of banana peels to slip on.
There are limits, of course. Google associates the ads to a cookie in your browser, not your identity; so it will know about the naughtiness, but won't know which monkey is responsible. If you don't like the idea of Google delivering ads based on your surfing habits -- or you want it to know some of your interests, but not all of them -- you can change the settings in Google's Ads Preferences Manager. You can also opt out entirely, and install a plug-in for IE or Firefox that maintains your opt-out choice even when you nuke all your other cookies.

NOKIA PLANS TO PRODUCE MOBILE COMPUTING DEVICES

2009-03-15T17:25:00.002+08:00

Is Nokia looking to play ASUS and Acer at their own hardware game?

Technology companies intent on increasing their product reach by implementing manufacturing crossovers seems to be a habit that’s gathering momentum.
Moreover, while Netbook heavyweights ASUS and Acer have recently expanded into the world of smartphones, mobile phone titan Nokia has announced a shift of focus towards computer hardware.
Speaking in a recent Finnish television interview with YLE, Nokia CEO Olli-Pekka Kallasvuo has said the Espoo-based market leader is considering plans to begin production of its own line of mobile computer systems, describing the new devices as capable of merging the features and functions of a PC along with those of a mobile handset.
“We don’t have to look even for five years from now to see that what we know as a mobile phone and what we know as a PC are in many ways converging,” said Kallasvuo regarding a move towards portable computing. “We are looking very actively also at this opportunity.”
According to tech publication ITProPortal, a related report offered up by the “well-connected” folks at Unwiredview claims Nokia has already progressed its plans to the point of creating a functional mobile computing device built on an open-source Linux operating system.
The report also suggests the platform could ultimately function on Nokia's own Symbian operating system and physically resembles the Nokia N800 touch-screen Tablet (pictured), which, if true, would eliminate a fully-fledged move into the ultra-portable Netbook or traditional notebook computer category.
Other features apparently crammed into the diminutive device, which is supposed to be on schedule for a 2011 arrival, includes ARM’s multi-core Cortex A9 Sparrow processor and a somewhat unusual button-equipped keyboard with diamond-shaped keys.

PASSWORDS LIST USED BY THE CONFICKER WORM

2009-03-14T17:37:00.004+08:00

It's not possible to emphasise enough the importance of using sensible passwords on your network.
Not just on the areas of your network that you don't want your users to traipse through, but also on the default network shares that are present on installations of commonly used operating systems like Windows NT/2000/XP/2003.
One of the ways in which the Conficker worm (also known as Confick or Downadup) uses to spread is to try and batter its way into ADMIN$ shares using a long list of different passwords.
As you can see in the list below, it relies upon computers using poorly chosen passwords such as dictionary words, "password", "qwerty" or sequences of letters or repeated numbers:

click on the image for a larger view or save the image for your own guide:

One way to make it harder for password-cracking malware like Conficker from spreading across your network is to ensure that no-one is using a poorly-chosen password.
And, of course, please don't delay installing the critical security patch that Microsoft issued late last year.

SECUNIA REPORT SPARKS FIREFOX VS. INTERNET EXPLORER FEUD

2009-03-13T18:18:00.002+08:00

A report by Secunia finds the vulnerabilities in Mozilla Firefox greatly outnumbered those in Internet Explorer, Apple Safari and other browsers in 2008. However, Mozilla was quicker to react than Microsoft when dealing with vulnerabilities disclosed publicly without prior vendor notification, Secunia says.
Mozilla's Firefox Web browser has been gaining market share against Microsoft Internet Explorer for years now. However, in 2008 it surpassed IE in a far less glorious category: number of bugs.
According to browser vulnerability research by Secunia(PDF) 115 security vulnerabilities in Firefox were reported in 2008—nearly twice as many as IE and Apple Safari combined. However, the news is not all bad, as the same report showed that Mozilla was much quicker to respond than Microsoft when flaws were publicly disclosed either prior to or without vendor notification.
Three Firefox vulnerabilities were publicized last year under those conditions. All three were patched, with the longest patch taking 86 days to arrive, according to Secunia. For IE, however, only three of the six such vulnerabilities were patched as of Dec. 31. One of the IE vulnerabilities remained open for 294 days in 2008, according to the report.
The report noted that not all vulnerabilities are created equal. The three aforementioned Firefox flaws were rated "less critical," while the Microsoft vulnerabilities were more of a mixed bag. The three unpatched IE flaws were rated either "not critical" or "less critical." Two of the patched bugs were classified as "moderate" and "high," while the third patched bug was considered "less critical."
On March 4, Mozilla released an update plugging eight security holes in Firefox 3.07, of which six were rated critical. The vulnerabilities affect the browser's garbage collection, PNG libraries, layout and JavaScript engines.
The critical vulnerabilities could enable hackers to run arbitrary code. But there is also a vulnerability rated "high" that could allow a Web site to use nsIRDFService and a cross-domain redirect to steal private data from users authenticated to the redirected Web site.
The update came a day after Opera Software issued a security update for its browser, and roughly a week after Apple released a beta version of Safari 4.

COMPUTER GAMES ARE GOOD FOR CHILDREN, 2500 PARENTS SAY

2009-03-12T07:32:00.001+08:00

Computer games are good for children, according to a Microsoft-commissioned survey in the U.K. that seeks to pacify parents concerned by violence, sex and swearing in games such as Grand Theft Auto IV.
The Play Smart, Play Safe study, which surveyed 2500 parents, found that games are a "great social experience". Sixty-one percent of parents allowed their children to play games labeled with a higher age rating, although 42 percent were worried about their sons and daughters communicating with older users online.
More than fifty percent said games bring families closer together. However, the Microsoft-backed report also surveyed 1000 children, and found 69 percent of them wanted their parents to keep a closer eye on the age certificates of the games they played.
Eight-one percent of British children play computer games at least once a week, according to the research, with more than 75 percent playing against other gamers online.
Mike Rawlinson, director-general of the Entertainment and Leisure Software Publishers Association (ELPSA), told The Telegraph that the fact that so many children are playing games online "reinforces the need for a single age ratings system that protects British children, both on- and off-line, now and in the future".
"This is why the games industry is totally committed to PEGI, the independently regulated Pan-European Game Information System, which we're asking the government to enforce through UK law," he said.

UK NUKE BASE DISPLAYED ON GOOGLE EARTH - VANGUARD CLASS SUBS CLEARLY VISIBLE

2009-03-10T20:15:00.005+08:00

click on the image for a bigger view . . .

Google Earth is once again making news after reports last week that previously blurred images of a British Naval base and images of what are clearly two nuclear subs appeared in the clear. While the images are sensitive, this type of exposure is a fact of life when you consider the nature of the Internet and the availability of satellite imagery.

UK tabloid newspaper, The Sun broke the story of the base located Faslane, Scotland, which had been blurred in the past on Google Earth. However, a recent update kept the images clean and that has caused some to worry, including FUD that terrorists will use images like this to launch attacks. It’s happened before true, but more often than not, the images available from Google and other sources are used as a secondary level of intelligence.

Yet, speaking to The Sun, an MOD spokesman said, “We do everything to protect bases but it’s impossible to control all websites providing satellite imagery. If people are really determined to target these sites they can find these images and there is nothing we can do to stop them.”
It is important to note, the location of the base is well-established. That is not the issue; the problem is the detailed location of the buildings. Google said that they work with governments to blur images if asked, but would not comment on any discussions or why they images are still visible.

OPERA BROWSER UPDATE FIXES CRITICAL SECURITY HOLE, NEW WINAMP FLAW

2009-03-06T14:28:00.001+08:00

Opera today released an update to its Web browser that closes a number of security holes, including one the company rates "Extremely Severe."
The flaw would allow a specially crafted jpeg image to crash Opera and run any command on your PC, which is about as bad as it gets: If you browsed a site with one poisoned image, you could end up with malware.
The new version, 9.64 (release notes), also adds support for two Windows security mechanisms, Data Execution Prevention (DEP) in Windows XP and Address Space Layout Randomization (ASLR) in Windows Vista. So if you use Opera, get this must-have fix by clicking Help | Check for Updates. Opera still annoys with a lack of an auto-update feature, so you'll have to download and run the 5.4 MB installation file to upgrade.
Meanwhile, Secunia warned today of a security flaw in the Winamp media player that can also allow an attacker to have his way with your PC if you open a malicious CAF audio file. Secunia reports that the flaw exists in the latest downloadable version, 5.55, as well as 5.541 and possibly other versions as well. And there's no word yet of a fix, so be extra careful with CAF files.

PSN AMASSED 20MILLION USERS DWARFS XBOX LIVE

2009-03-05T16:43:00.002+08:00

If the videogame blogosphere is to be believed, the once mighty PlayStation brand is on the verge of flopping thanks to the pennywise dominance of Nintendo and Microsoft hardware and a consumer demographic unwilling to invest greater sums of money in Sony’s Blu-ray-equipped PlayStation 3.
However, Sony Computer Entertainment would beg to differ. Having this week rebuffed analyst claims of an imminent price cut to its PS3 console, and highlighting fiscal performance that’s on track for 10 million unit sales, Sony has also moved to draw attention to the successful spread of its PlayStation Network (PSN).
Sony has today announced it has taken the PlayStation Network just 27 months to amass more the 20 million registered users, a substantial figure that outstrips the 17 million users presently active on Microsoft’s Xbox Live network, which is in its seventh year of service.
While both PSN and Xbox Live offer largely similar platforms, including online multiplayer access, demo and trailer downloads, exclusive add-on content, and global gamer socialising, the two differ massively insofar as Xbox Live costs $50 USD per year for full access, while usage on the PlayStation Network is completely free.
Available around the world in 55 countries, the PlayStation Network currently offers some 14,500 downloadable media items (including game content, movies and TV shows) and has already delivered more than 380 million digital downloads with an accompanying value of $180 million USD.

KODAK'S NEW $200 10X OPTICAL ZOOM CAM

2009-03-05T16:36:00.001+08:00

There haven't been many brand-new camera announcements thus far at PMA 2009, the big camera trade show, but Kodak jumped into the fray today by unveiling the Kodak EasyShare Z915.
The Z915 is a pocketable, AA-battery-powered, 10x optical zoom camera (35mm wide-angle to 350mm telephoto) for the recession-friendly price of $200. A 10-megapixel sensor, optical image stabilization, automatic scene optimization, and a 2.5-inch LCD screen are also in the mix.
The Kodak EasyShare Z915 is due in April in a variety of color options: black, gray, blue, and red.

TEENS SURF PORN 87 HOURS A YEAR

2009-03-04T15:54:00.003+08:00

Survey reveals kids spend 87 hours per year surfing porn.
If you’re a concerned but trusting parent striving to avoid staring over your child’s shoulder while they’re surfing the Web, the results of a new study into the online habits of teenagers suggests more stringent monitoring would be well worth considering.
More pointedly, a recent survey carried out by software solutions outfit Cyber Sentinel has revealed that teenage Web users in the UK are spending an average of 1hr and 40mins a week looking at online pornography – which equates to some 87 hours per year.
Beyond the draw and easy access of illicit adult material, the survey of 1,000 teens aged between 13 and 19 also discovered that many are keen on perusing diet and weight-loss Web sites for around 1hr and 35mins per week, while investing a further 1hr and 8mins per week into cosmetic surgery sites.
According to Ellie Puddle, marketing director for Cyber Sentinel, the survey results show that UK teens are using easy online access as a way to avoid asking their parents about a range contentious topics brought to their attention “as a result of modern-day pressures.”
When quizzed as to their online habits, most of the teenage survey respondents admitted they were often left alone with Web access for as much as two hours per day, while around a third said they did actively attempt to hide their online activity from their parents.

A DEMO ON HOW TO HACK SSL

2009-03-03T15:27:00.003+08:00

A researcher has found a convincing way to hack the Secure Sockets Layer (SSL) protocol used to secure logins to a range of Websites, including e-commerce and banking sites.
Using a specially-created app, 'SSLstrip', a researcher calling himself Moxie Marlinspike demonstrated to Black Hat Arlington, Va attendees at last weekend's conference how vulnerable many SSL connections were to an involved but clever man-in-the-middle (MitM) attack where a hacker could proxy traffic from users accessing genuine secure https:// website logins.
To prove the usefulness of the attack to a hypothetical criminal, he claimed the hack had given him access to 117 e-mail accounts, 16 credit card numbers, 7 PayPal log-ins and over 300 other "miscellaneous secure logins" in a 24-hour period. Sites involved included Ticketmaster, Paypal, LinkedIn, Hotmail, and Gmail.
The clever bit is that the attack didn't need to touch the encrypted SSL traffic at all, simply exploit the fact that users almost never call https directly, instead accessing that by calling a conventional http web page first. That fact makes it possible to monitor and map the traffic between the browser and website before the SSL is set up securely, putting itself between the two so that neither site is aware that anything is amiss.
According to Marlinspike, the hack is also able to overcome the possibility that the browser will generate invalid certificate warnings from the fake proxy site, even passing back convincing if bogus favicons such as the traditional https padlock. The only signal that something is wrong would be the lack of the https:// address in the toolbar, something few users would likely notice, he said.

"Lots of times the security of HTTPS comes down to the security of HTTP, and HTTP is not secure," says Marlinspike in his presentation summary . "If we want to avoid the dialogs of death, start with HTTP not HTTPS."
Importantly, the visual indicators that help ordinary users detect such attacks should once again be emphasised, overturning some years in which developers, including browser developers, had downplayed such reinforcement.
"Once we've got control of that, we can do all kinds of stuff to re-introduce the positive indicators people might miss," he says.
An indirect hack on the secure web infrastructure was reported some weeks ago, whereby a flaw in the MD5 encryption algorithm was used to fool certificate authorities into accepting a bogus certificate as the real thing.

NEW SNEAKY VIRUS INFECTS VIA GOOGLE'S DOUBLE CLICK ADS

2009-02-27T21:08:00.003+08:00

Hackers infiltrated popular tech business site eWeek.com using Google's DoubleClick banner ads as a vehicle. Websense caught the malicious coding and published its results, which spurred eWeek to scour its code and remove all phony advertisements.
The pest, named Anti-Virus-1, is complicated and smart. The advertisements are for antivirus software, and when a user clicked on them, the ads redirect to a pornography Website through a series of iframes. Then a PDF pops up loaded with evil code, exploiting a weakness currently festering in the Adobe systems; or the file index.php redirects to the rogue ad server. The server places a file named "winratit.exe" into the user's temporary files folder and stays there without any user interaction.
If the user tries to cleanse the computer by visiting any of several popular software downloading sites, the hack has a twist of the blade waiting: the host file is modified to redirect to even more malicious Websites offering further rogue downloads.
eWeek may not be the first popular Website to be attacked."Given DoubleClick's tremendous reach,it's possible the rogue ads have shown up on Websites other than eWeek," Websense Vice President of Security Research Dan Hubbard told The Register.

MILEY CYRUS VICTIM OF TWITTER HACK

2009-02-25T15:52:00.002+08:00

Following the news that hackers took control of Twitter accounts belonging to a number of celebrities including Barack Obama and Britney Spears, security firm Sophos has revealed that Miley Cyrus is the latest celebrity to have her account with the micro-blogging service compromised.
Cyrus, who stars in the Disney Channel show 'Hannah Montana' and is the daughter of country-music legend Billy Ray Cyrus, found hackers had left poorly-spelt offensive messages on her Twitter page, after accessing her account details. The micro-blogging service has since shut down the page.
"This is just the latest hacking incident to happen on Twitter and chances are it's not going to be the last," said Graham Cluley, senior technology consultant at Sophos.
"Cybercriminals are only ever one step behind the latest computer craze and as tweeting has been growing in popularity, the hackers have been quick to realise the potential in hacking these accounts."
"It appears that Miley didn't learn the lesson last year and hasn't been taking enough care over her password security," Cluely added in reference to an incident last year when hackers broke into her email account and stole photographs of the star, which were later posted on the web.

ONLINE GAMERS ARE TOP PASSWORD-STEALING MALWARE TARGETS

2009-02-24T18:14:00.002+08:00

What's the most common type of malware on the Internet? Viruses? Botnet code? How about password-stealing worms, designed to victimize online gamers?
Microsoft said Thursday it had removed nearly 1 million samples of a particularly virulent password-stealing worm in the first half of February. The company's Malicious Software Removal Tool (MSRT) rooted out more than 981,000 copies of a family of programs called Win32/Taterf, best known for stealing usernames and passwords for games such as World of Warcraft, Legend of Mir and Gamania.
Taterf has been especially widespread for months now. Microsoft removed more than 700,000 copies of it in one day alone last year. The worm is a mutated version of another password stealer, known as Win32/Frethog -- Microsoft has zapped nearly 317,000 copies of Frethog this month.
Online passwords are a popular target because they can be turned to cash, often in untraceable ways. The criminals use the hacked accounts to steal characters and virtual gold or other treasures, which are then sold to fans who pay real-world cash.
Although China has traditionally been the top spot for password-stealing infections, that seems to be changing, Microsoft said in a blog posting. In the first week of February, the top three countries, ranked by number of Taterf infections, were the U.S., Taiwan and Korea, respectively.
The MSRT is available free of charge to Windows users, and it gets monthly updates from Microsoft. Because it is so widely used, it can have a major effect on any piece of malware. MSRT is credited with crushing the notorious Storm worm in 2007.
This month Microsoft added MSRT detection for another notorious botnet, called Srizbi. Total number of Srizbi infections removed since the update: 38,697.

NEW RELEASE FIREFOX 3.0.6 FIXES CRITICAL SECURITY FLAWS

2009-02-05T11:19:00.002+08:00

Mozilla developers released the latest version of their Firefox browser Tuesday, version 3.0.6, which fixes several security bugs in the software.
The most critical issues are bugs in the browser's JavaScript and layout engines that could be exploited by attackers to run unauthorized software on a victim's PC, Mozilla said. The flaws also affect Mozilla's Thunderbird e-mail client and SeaMonkey Internet software suite.
The update, Firefox's first of the year, also fixes five other security bugs in the browser, all of which are considered less critical.
The update includes some other performance and stability improvements, including new code that will help scripted commands, such as those used by Adblock Plus, to work better with plug-ins, and addresses a few display issues reported by users.

COUNTRY WITH THE HIGHEST SMS TRAFFIC

2009-02-03T19:57:00.002+08:00

A total of 6.37 billion text messages were sent through their messaging systems across Asia Pacific over the 2008/2009 Christmas and New Year period.
According to Acision, the communication solutions provider, short message service (SMS) messages formed a large majority of the traffic with 6.36 billion messages, while multimedia messaging service (MMS) messages were recorded at 9.54 million messages.
Philippines sent most messages
The top five countries with the highest SMS traffic processed over the festive season were the Philippines, again leading the ranking with 2.36 billion messages, closely followed by Indonesia (1.193 billion), Malaysia (1.075 billion) and Pakistan (763 million).
Boudewijn Pesch, managing director of Acision, Asia Pacific, said, "The festive season still remains a favourite high traffic period for operators and consumers alike. Compared to last year's traffic, this year the total messaging traffic in Asia Pacific grew by 40 percent."
MMS picks up
"In addition, we are seeing MMS traffic picking up pace across the region with 9.5 million MMS messages processed during this festive season. MMS traffic is bound to increase as consumers become increasingly savvy in interacting with their personal blog sites and applications such as Facebook", Pesch said.
In terms of year-on-year growth, Pakistan traffic volume grew by 253 percent compared to last year during the same period. Other markets that experienced high messaging growth include Philippines (65 percent), Australia (57 percent), Indonesia (27 percent) and Malaysia (13 percent).
"We are seeing a continued demand for robust and reliable SMS infrastructure and high quality end-to-end SMS solutions, as more and more mobile operators place their trust in the Acision's high performance SMSC", Pesch said.

NEW WORM FLOATS OBAMA'S HEAD ON YOUR DESKTOP

2009-02-02T14:13:00.001+08:00

The odds are pretty good that this will never happen to you, but should a floating head of U.S. President Barack Obama pop up on your desktop Monday morning, know this: You've been hit with the Obama worm.
The worm was spotted this past Monday after it infected PCs at a preparatory school in Metairie, Louisiana, and was first reported by Walling Data, a value-added reseller in Claremont, North Carolina. Though it is not detected by any antivirus products right now, it is not considered to be a serious threat because it has infected so few systems.
The worm spreads via USB drive, using the Windows autorun feature to install itself automatically on any drive it connects with. Unlike most of today's profit-driven malware, the Obama worm doesn't steal your credit card number or turn your PC into a remote-controlled zombie system. In fact, it isn't designed to do anything besides float a small picture of Obama at the bottom right corner of your desktop all day every Monday.
Unfortunately, it is so badly written that the worm gradually renders any PC it is run on completely useless, according to Rob Koliha, Walling Data's director of innovation. "It will basically prevent execution of any kind of files."
Because antivirus programs don't detect it yet, it's also hard to know when you've been infected, except on Monday.

STORM USERS SAY: BLACKBERRY STORM IS NO iPHONE KILLER

2009-01-31T17:10:00.002+08:00

The gales of the Blackberry Storm just weren't strong enough to wash away Apple's iPhone success. Between its average reviews and customer complaints over bugs and OS stability, the Storm seems to have severely underperformed in customer satisfaction. And now, the latest figures from Blackberry maker Research In Motion (RIM) show that it has underperformed in sales, too.
Only half million Blackberry Storm devices were sold in the U.S. since November, according to the Wall Street Journal . During the same holiday period, Apple sold more than two million iPhones, totaling over a quarter of the North American smartphone market. RIM's shares have also dropped more than 5 percent since news broke that Storm users are still unhappy with their experience on the device.
Speculation from various sources blames Blackberry Storm's woes on the phone's software glitches, crashes, and bugs. Many of these these problems occurred because of Research In Motion's eagerness to make the Storm available in time for the 2008 holiday season, starting with Black Friday, the biggest shopping day of the year.
RIM tried to address users' complaints and released a software fix for the Blackberry Storm in December. Despite that fix, many users remained unsatisfied with the device's basic functionality, such as the lack of a conventional QWERTY keyboard when the phone is used in portrait mode-a feature that's available on the iPhone and other touch-screen smart phones. RIM officials acknowledged Storm's further software issues and promised another update that will solve many of the phone's problems.
But the Blackberry Storm will soon face even more competition. A new smartphone battle is coming up this year with the imminent launch of Palm's much-hyped Pre. Nokia is also joining the game with its N97, so RIM should address users' concern quickly.

NEW SLEEPER PHONES BY NOKIA

2009-01-31T16:57:00.004+08:00

Nokia announced three attractive new phones--and they couldn't be more boring. While most phone makers are trying to wow consumers with yet another iPhone killer or some super trendy device based on Google's Android platform, Nokia is launching middle-of-the-pack phones with features we've seen before.
Nokia reported disappointing earnings results last week, and the company expects its market share to decline even further during the first few months of 2009. These "new" phones aren't expected to hit the shelves until at least April, around the same time as Nokia's N97.
Will these new phones be able to revive Nokia's recent sagging fortunes? Well, anything's possible. Nokia currently holds a sizable chunk of the cell phone market--about 37 percent--and hopes to attract customers with usable phones and a variety of online services built around its Ovi portal. And, hey, don't we all love that distinctive Nokia ring?
So without further ado, here is Nokia's sleeper cell (phone) lineup:

Nokia 6700 Classic
This phone is a follow up to its popular 6300 model. It has a sleeker design and sports a new 5 megapixel camera, upgraded from the 6300's 2 MP shutter. The phone also features assisted GPS navigation and high-speed HSPA Internet. Nokia hasn't released official U.S. pricing for this little gem, but it should hover around $300. The 6300 is a very popular device and highly rated by users everywhere, so it's no surprise Nokia has built on this success.

The Nokia 6303 Classic
This one comes with a "large" 2.2-inch screen, a 3.2 megapixel camera, assisted GPS, a 3.5mm headphone jack, and a mobile music player. The 6303 will go for about $175.

The Nokia 2700 Classic
This phone falls in the affordable class coming in under $100. It sports a 2 megapixel camera, a music player, and a removable card slot that can take up to 2 GB of storage.
Despite my criticisms, boring but capable phones could be the right move for one of the world's largest phone makers. A sagging economy might reveal a public unwilling to shell out big bucks for the latest touch screen wonder. So these mild mannered phones just might fit the bill...or not.

FOLLOW THE POPE ON YOUTUBE

2009-01-28T20:24:00.002+08:00

The Pope will be taking his 2000-year-old religious message onto the often controversial and irreverent YouTube, the Vatican announced Friday.
The Vatican's dedicated YouTube channel went live at midday on Friday, offering short video news clips of Pope Benedict XVI's activities and links to more in-depth information about the Catholic Church.
There will be no advertising on the channel and the Vatican has not paid Google for a platform on its popular file sharing site, Vatican spokesman Rev. Federico Lombardi told a press conference presenting the new communication initiative.
"The Pope sees it as a positive step," Lombardi said. The Vatican may consider in the future whether it might be possible to carry appropriate advertising on its YouTube site, but would not be doing so immediately, the spokesman said.
"We won't be making money out of the Vatican channel. We believe it is our job to bring important information to our public," Henrique De Castro, managing director of European sales and media solutions at Google, told the press conference.
Initially the channel will carry up to three new videos a day of up to two minutes in length illustrating the Pope's activities or important events taking place in the Vatican, Lombardi said.
The site will offer a number of interactivity options: the possibility of sharing videos with friends, receiving new videos via i-google and a chance to send comments to the Vatican press office, Lombardi said, but he added he could give no guarantee that all messages would be read or receive a reply from his office.
The Vatican's YouTube page will initially operate in English, Italian, Spanish and German and will carry links to its traditional online news outlets. There will be a link to the Vatican's institutional Web site that was founded in 1995, as well as to Vatican TV, Vatican Radio and Vatican State sites, Lombardi said.
"We considered it was a positive thing to be present on Google, to be present where human beings are present," Rev. Claudio Celli, president of the pontifical council for social communications, told the press conference. "This was how the journey of Christianity began."
People had been asking him why the Pope was "lowering" himself by appearing on YouTube, Celli said. "The Pope doesn't lower himself by going on Google. It's a question of having a strategic vision. This is a first small step towards becoming a church that enters into dialogue with today's world."
Asked whether Pope Benedict XVI used the Internet himself, Celli confessed that he wasn't sure. "I presume he does. Knowing the man, my answer would be affirmative."
In a speech on new technologies released Friday, the Pope praised the Internet as offering rich opportunities for dialogue, friendship and spreading the Christian message.

OBAMA'S NEW VIRTUAL HOME - WHITEHOUSE.GOV

2009-01-24T14:50:00.002+08:00

The White House on Pennsylvania Avenue isn't the only presidential home getting a renovation today. Barack Obama's virtual home, WhiteHouse.gov, also has a brand new look to go with the brand new presidency.

Inside the New WhiteHouse.gov
A revamped WhiteHouse.gov went live during Obama's inaugural ceremony this afternoon. The site features a modernized interface with rotating news headlines and an official White House blog. Upon its launch, the main headline proclaimed: "Change Has Come To America." The blog section followed suit with the title: "Change Has Come To WhiteHouse.gov."
Obama's WhiteHouse.gov also offers links to various presidential agenda and a "briefing room" that will host clips of the president's weekly video addresses. Photo slideshows and information on appointments, proclamations, and executive orders will be made available in that section as well.

Limited Interaction
Interestingly, given the ongoing focus on interaction and community involvement, the site does not appear to have an open comment function within the blog section or any other area. There is, however, a "contact" page that offers an HTML-based form to submit questions and comments to the president.
"President Obama is committed to creating the most open and accessible administration in American history," the page states. "To send questions, comments, concerns, or well-wishes to the President or his staff, please use the form below."
The introductory blog does suggest more opportunities for interaction could arise as the weeks wear on.
"Citizen participation will be a priority for the administration, and the Internet will play an important role in that," the site says. "One significant addition to WhiteHouse.gov reflects a campaign promise from the president: we will publish all non-emergency legislation to the website for five days, and allow the public to review and comment before the president signs it."

Launch Issues
Of course, no change is without its share of issues. The site offered a link to Obama's inaugural address before it was actually online, and the first blog post stated Obama had been sworn in before the ceremony had been completed. Still, the virtual transition appears to have gone more smoothly than the last (and only other to date): When President Bush first took office in 2001, his WhiteHouse.gov launched with broken links and template messages in place.

PLAYABLE RESIDENT EVIL 5 DEMO AVAILABLE THIS MONTH

2009-01-21T19:34:00.004+08:00

Resident Evil 5, Capcom's fifth chapter in their renowned zombie-slaying survival horror franchise and first Resident Evil game on Xbox 360 and PS3, releases on March 13, 2009, but you don't have to wait two months to play the game.
A playable Resident Evil 5 demo will be available for download on Monday, January 26 on Xbox Live and about a week later on PSN. The exact date of the RE5 demo on the PlayStation 3 is unknown, but it's promised to be around February 5 when a new PSN update is scheduled to go up.

Two levels from Resident Evil 5's story mode will be included in the free demo which can be played either online or offline in the game's cooperative mode where players massacre parasitic hordes as series hero Chris Redfield and female newcomer Sheva Alomar.

It's still unconfirmed what stages in particular will be in the demo, but they'll likely be the first two levels where you battle infected villagers, the hulking axe-carrying executioner, and even the new one-eyed chainsaw-wielding madman.

RUSSIAN HACKER SENDS MESSAGE TO MICROSOFT THROUGH WIN32/ZLOB

2009-01-18T16:47:00.006+08:00

Here's a new way to get Microsoft to pay attention to you: Slip a brief message into the malicious Trojan horse program you just wrote.
That's what an unnamed Russian hacker did recently with a variation of Win32/Zlob, a Trojan program victims are being tricked into installing on their computers.
The message is surprisingly cordial, given that Microsoft's security researchers spend their days trying to put people like Zlob's author out of business. "Just want to say 'Hello' from Russia. You are really good guys. It was a surprise for me that Microsoft can respond on threats so fast," the hacker wrote, adding, "Happy New Year, guys, and good luck!"
Zlob is one of the most common types of Trojan programs used to attack Windows these days. In a typical Zlob scam, the victim is sent a link to what looks like an interesting video. When the link is clicked, the user is told to install a multimedia codec file in order to watch the video. That file is actually malicious software.
It's not clear whether the author of this message is the creator of Zlob, according to Joe Stewart, a researcher with SecureWorks. That's because "Zlob is one of those things that gets mislabeled by AV companies a lot," he said via e-mail. "Basically any time they see malware being spread by 'you need this video codec...' messages in multimedia files, it gets the Zlob label."
This isn't the first time this particular hacker has sent a note to Microsoft's security group. Last October he wrote a slightly creepy message, saying, "I want to see your eyes the man from Windows Defender's team."
Unlike the October message, this latest note wasn't caught by Microsoft. It was found Friday by a French security researcher using the hacker handle S!Ri.
According to this latest message, it may be the Zlob hacker's last note to Microsoft. "We are closing soon," he wrote. "So, you will not see some of my great ;) ideas in that family of software."
"It warms my heart that they're 'closing soon,'" wrote Microsoft spokesman Tareq Saade in a blog post.
All things considered, hiding messages in source code may not be the most effective way of reaching the Windows Defender team. "Considering the enormous amount of malware we go through every day, it can be difficult to track follow up samples like this," Saade wrote.
The hacker also claimed that Microsoft had once offered him a job to help improve Windows Vista's security. Microsoft hired a large number of outside security consultants to test Vista's code before it was released in late 2006. "It's not interesting for me," the hacker concluded. "Just a life's irony."

PARIS HILTON'S WEB SITE USED AGAIN IN MALWARE ATTACK

2009-01-16T19:21:00.003+08:00

Paris Hilton's Web site has been hacked and is serving visitors a malicious Trojan program designed to steal sensitive information from their computers.
The hack was discovered by security vendor ScanSafe, which said that Parishilton.com (note: this site is not safe to visit as of press time-Jan. 13-2009) had apparently been compromised since Friday. Visitors to the site are presented with a pop-up window urging them to download software in order to enhance their viewing of the site. Whether they click "yes" or "no" on this window, the site then tries to download a malicious program, known as Trojan-Spy.Zbot.YETH, from another Web site.
"The popup points to a directory on that Web site; that's where the malware is being loaded from," said Mary Landesman, a security researcher with ScanSafe. Once installed, the Trojan steals online information and tries to install more malicious software on the victim's computer.
Landesman believes thousands of other Web sites may also be serving up this variant of the attack her firm uncovered. However, Parishilton.com, the celebrity's official Web site, is the best-known target. "The big thing with Paris Hilton is the number of visitors that she gets," Landesman said. "It's always doubly concerning when we see a high-profile Web site get compromised."
To make things worse, most antivirus products are not identifying the Trojan program being served by Parishilton.com. On Monday afternoon, only 12 of the 37 vendors tested by VirusTotal identified the Trojan.

WINDOWS 7 Beta IS NOT ANTIVIRUS-FRIENDLY

2009-01-14T06:18:00.003+08:00

Users trying the Windows 7 beta who keep their computers safe with McAfee virus protection are in for a bit of disappointment -- and a loss of security. According to a Channel Web report, when you try to run McAfee Total Protection in the Windows 7 beta, an error message pops up. "The version of Windows installed on this machine is not supported. Please refer to the product documentation for a list of supported operating systems."

McAfee's antivirus tool isn't the only one affected by the Windows 7 beta. A thread on Norton's community forums mentions errors that occur when running Windows 7. The official response from Norton? "At this time, we do not support Windows 7. Once Windows 7 is released, we will provide solutions for the OS." In the past, prerelease copies or even early shipping versions of Windows updates were often flagged as "potential viruses" by antivirus programs (prompting lots of jokes about Windows being fingered as a virus).
One popular virus protection software that seems to be immediately compatible with Windows 7 beta is Spyware Doctor, which reports in its forums that the software is running smoothly.
Personally, I use Avast on my PC, although I haven't gotten around to checking out Windows 7 yet. It looks like Avast does have some issues, though for the most part it still runs in Windows 7.
The main problem seems to be that Windows 7 is still in beta, so no virus protection software has been optimized for the OS yet. As always when installing beta software, you do so at your own risk. Just know that this risk could impact your entire PC's security.

NATO, US ARMY WEB SITES ATTACKED BY HACKERS

2009-01-12T13:23:00.008+08:00

Hackers have taken down two high-profile targets as they continue their ongoing Web attacks in support of Palestine, defacing Web sites run by the U>S> Army
and the North Atlantic Treaty Organization (NATO).
The attacks on Thursday took down the Web sites for The United States Army Military District of Washington and the NATO Parliamentary Assembly, according to Zone-H, a Web site that tracks defacement activity.
The NATO site is now back online, but the U.S. Army site was still offline Friday morning. A version of the Web page cached by Google reads: "Stop attacks u israel and usa ! you cursed nations ! one day muslims will clean the world from you ! "(Defacement images shown above) NATO didn't immediately respond to a request for comment.
Most other U.S. Army sites do not appear to have been affected by that attack. The U.S. Army Military District of Washington is an army command, based in Fort Lesley J. McNair in Washington, D.C.
Using what's known as a SQL injection attack, the group also defaced the Web site of the Joint Force Headquarters of the National Capital Region, which handles military incident response for the Washington, D.C., area, according to Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham. A U.S. Army spokeswoman was unable to immediately comment on reports of the hacks.
All of these attacks are credited to a Turkish hacking group called Agd_Scorp / Peace Crew.
This group has claimed many Web hacks over the past few months, including Microsoft's Web sites in Canada, Ireland and China; Shell; Harvard University; and the U.S. National Basketball Association, Warner said in a blog posting.
"Although the group is now calling themselves 'Peace Crew,' the same membership was calling itself 'Terrorist Crew' as recently as December," Warner wrote.
As tensions in Gaza have intensified over the past few weeks, loosely organized hacking groups from countries such as Morocco, Turkey and Iran have defaced thousands of Web pages. This latest wave of attacks has mostly focused on Israeli sites, particularly easy targets belonging to individuals or small businesses. However, some high-profile targets have been hit too, such as news site Ynetnews.com.

MORE DETAILS ON SUPERSPEED USB 3.0

2009-01-10T13:11:00.002+08:00

Intel's Jeff Ravencraft, who is also president of the USB Implementers Forum, discussed more details about USB 3.0 today at the Storage Visions conference in Las Vegas.
The focus of the new spec is three-fold: Retain backward compatibility, increase speed, and provide better power handling.
"USB has been the most successful interface in history of personal computing," Ravencraft noted. "Over 6 billion products are in the market, and over 2 billion ship a year now."

Compatability
Backward compatibility shows up in the new standard. USB 3.0 maintains the extensive device class driver infrastructure of USB 2.0, and a USB 2.0 devices will work via a 3.0 connector.

Performance
Performance improvements are notable, too. "We have research that shows that after 1 minute, 1.5 minutes waiting for a transaction, users get impatient.," says Ravencraft. "The transfer times have to get much faster." Hence the evolution of USB SuperSpeed's Sync & Go concept.
SuperSpeed USB 3.0's 5Gbps data rate (compared with Hi-Speed USB 2.0's 480Mbps) should help--and with very clear real-world advantages. For example: A 25GB HD movie will take 13.9 min to transfer with USB 2.0, and 70 seconds with USB 3.0, says Ravencraft.
Practically speaking, the implications are tremendous. Imagine not having to wait hours on end for your full-drive data backup to complete, or not having a lengthy delay when off-loading 32GB flash memory cards from your digital camera.

Power
As for power consumption, "power today is king for portable devices. It is the pinnacle, the focus for the PC, the notebook, and all devices. All of these new specs had to be optimized for power efficiency," says Ravencraft.
For example, there's no longer any device polling, so connected USB devices can enter a virtual sleep mode; more power will be able to go to the device (which will hopefully eliminate some of the power issues we see today with portable hard drives that require extra power from a second USB port); and USB 3.0 will no longer broadcast information to all connected devices, thereby saving power, too. Plus, when a device's battery is drained, it will now still be recognized by a laptop, for example, so you can charge it (this doesn't work with USB 2.0).
The intention is for SuperSpeed USB 3.0 to provide headroom for the next five years.

COMMERCIAL GAMES FOR DOWNLOAD AS FREEWARE

2009-01-08T21:09:00.005+08:00

Who wants scads of commercial PC games for free? No, I don't mean the kind you download illicitly, silly. I'm talking about older but as well a few newer games, including the occasional award-winner, that publishers have made available over the years and on the house.
Games like Richard Garriot's pre-Ultima RPG Akalabeth (1979). Revolution Software's Beneath a Steel Sky (1994). The original Command & Conquer Red Alert (1996). SSI's Dark Sun: Shattered Lands (1993). Rockstar's Grand Theft Auto 2 (1999). Sierra's Tribes 2 (2001). Even S2 Games's just-last-January Savage 2 (2008).
No comment on Wikipedia's value as a repository for factual data, but its "List of Commercial Games Released as Freeware" is both convenient and verifiable. It's an alpha-sorted collection of older and some not-so-old titles with links to their Wiki pages, which in turn link to each game's freeware storehouse.
Have a look. There's Abe Lincoln Must Die! (2007), the fourth in the recently released gonzo Sam & Max series -- obviously bait for the other five episodes outstanding, but worth a look just the same.
Remember Bungie's pre-Halo Marathon Trilogy? Yep, all three, available gratis (and the first one's a whole 4.7MB!).
Pick of the litter? Possibly Virgin's SubSpace. It's a simple two-dimensional multiplayer space shooter, easy to learn, challenging to master, and pathologically habit-forming. It was also still being updated, according to Wikipedia, through 2007.

PIRATED WINDOWS 7 Beta AT BIT TORRENT

2008-12-31T22:57:00.002+08:00

Pirated copies of a Windows 7 build pegged by many as the beta Microsoft will release next month have leaked to the Internet, according to searches at several BitTorrent sites today.
A search on the Pirate Bay BitTorrent site, for example, returned two Windows 7 Build 7000 listings, both of which had been posted Friday.
As of Saturday afternoon, one torrent on Pirate Bay showed more than 1,800 "seeders" -- the term for a computer that has a complete copy of the torrent file -- and about 8,500 "leechers," or computers that have downloaded only part of the complete torrent. The torrent is a disk image of the 32-bit version of Windows 7 Ultimate, Build 7000, according to users commenting on the site and elsewhere on the Internet.
Pirate Bay and other BitTorrent sites, including Mininova, listed the beta build as a 2.44GB download.
This is not the first time Windows 7 has escaped from Microsoft's limited testing pool. Just hours after the company unveiled an earlier version at its Professional Developers Conference in late October, the alpha edition hit BitTorrent.
Users first reported the newest Windows 7 leak on Neowin.net's forums Friday, with the opening message and screenshots coming from someone identified as "+fivestarVIP", who said he was from Beijing, China.
Build 7000 is what Microsoft will issue next month as Windows 7 Beta, according to other reports by Windows bloggers who have copies. Paul Thurrott, for example, posted a review and screenshots of Build 7000 today on his "SuperSite for Windows" site, naming it as the Beta build.
Although Microsoft has promised to open the beta to all users in early 2009, it has been mum on an exact release date. Information published on its own Web site earlier this month, however, hinted that the beta will be available no later than Jan. 13.
Some commentators and bloggers have maintained that Microsoft may release the beta as early as Jan. 7, after CEO Steve Ballmer delivers a keynote that evening at the Consumer Electronics Show in Las Vegas, where he is expected to talk about Windows 7.
The successor to the perception- and problem-plagued Windows Vista will ship in late 2009 or early 2010, according to previous statements by Microsoft executives.

MEET INDIA'S 9-YEAR-OLD CERTIFIED PROFESSIONAL IT

2008-12-27T21:02:00.006+08:00

Microsoft has a new certified professional in its ranks -- and she's 9 years old.
The girl, from the Tamil Nadu region of India, passed Microsoft's exam this week, according to Indian media reports. She's now the youngest person to ever do so, breaking a previous record held by a 10-year-old from Pakistan.
Microsoft's Certified Professional exam is designed for IT professionals. As you'll see, though, being ahead of her age is nothing new for this young gal. She explains her story in the video below.

ANOTHER LIFE EXTENSION FOR WINDOWS XP

2008-12-23T18:03:00.001+08:00

Microsoft has once again put Windows XP on life support, extending the OS's death date to May 30, 2009. This reprieve comes two months after rumors swirled about another potential bail out.
In the new agreement -- first discovered by ChannelWeb -- distributors can purchase XP licenses until January 31, 2009, the original date in which XP was supposed to turn to dust, but take delivery against those orders through May 30.
Windows XP was supposed to stop shipping on January 30, 2008, but that date has been extended several times. It will live on Netbooks until 2010. XP is also still a booming business: Dell started charging $150 per Vista downgrade -- three times as much as the original fee.
Meanwhile, Windows 7's rumored release date hovers around October 2009. With each extension of Windows XP's death, Microsoft inches closer to Windows 7's release, thereby sublimating Vista and its skimpy chances at some kind of late-blooming success. Given the market's resistance to Vista -- and Microsoft's own perceived uncertainty -- we should expect Windows 7 to arrive sooner rather than later so the monstrous software company can save face.

NEW SAMSUNG ANDROID

2008-12-22T19:35:00.001+08:00

Samsung will roll out a mobile phone based on the Google Android operating system by the second quarter of 2009, according to a report from Korean news agency ETNews. While details are sketchy, Samsung will reportedly release the phone via cellular carriers Sprint Nextel and T-Mobile.
The phone will likely be a touchscreen model similar to Samsung's Instinct and Omnia handsets, both of which more closely resemble the Apple iPhone than HTC's less sleek T-Mobile G1, currently the only Google Android phone on the market. Samsung's device will provide all the Google essentials we'd expect, include search, mapping, mail, and instant messaging, the report states, but it's a safe bet that other Google tools will be added as well.
It would appear that Samsung has high hopes for its Google phone. It has reportedly "accelerated" development of the project, adding 30 Linux and Java experts to a design team that now has up to 80 members. It seems likely that Samsung will beat other Open Handset Alliance members to market, including Asus, LG, Motorola, and Sony Ericsson, all of whom have Android-based projects in the works.
The growing interest in the Android OS, as well as the staggering popularity of the iPhone, which now commands over 30 percent of the U.S. smartphone market, is more bad news for Microsoft's Windows Mobile, which is declining in popularity among end users and phone manufacturers alike.
Let's hope the Samsung handset will borrow some of the iPhone's elegance, but a slide-out keyboard would be nice too.

IE BUG USED TO EXPLOIT WORD DOCS

2008-12-20T17:18:00.003+08:00

Attackers are exploiting the just-patched vulnerability in Internet Explorer (IE) by hiding malicious ActiveX controls in Microsoft Word documents, a security company said Thursday.
"Inside the document is an ActiveX control, and in that control is a line that makes it call out to the site that's hosting the malware," said David Marcus, the director of security research and communications for McAfee Inc.'s Avert Labs. "This is a pretty insidious way to attack people, because it's invisible to the eye, the communication with the site."
Embedding malicious ActiveX controls in Word documents isn't new -- Marcus said he had seen it "a time or two" -- but using an ActiveX control to ping a hacker's server for attack code is "definitely an innovation," he added. "They're stepping it up."
The rogue docments can be delivered as attachments to spam e-mail or offered up by hacked sites.
Attackers have been exploiting the IE bug since at least Dec. 9, when reports first surfaced about malicious code found in the wild and on several Chinese hacker servers. McAfee was one of the first security companies to report the emerging exploit.
Since then, Microsoft acknowledged the bug, then offered up a series of advisories urging users to take protective steps until a fix was available.
Wednesday, the company released the patch.
Although other researchers continue to claim that thousands of legitimate Web sites have been compromised, then used to serve "drive-by" attacks against unpatched browsers, Marcus wasn't certain about the numbers he's seen bandied about. "But absolutely, there's been a lot of activity around this," he said. "A lot of the bad guys have embedded IFRAMES in their sites to attack IE."
According to other reports, the IE exploit has been added to one or more multi-strike hacker toolkits that try several different exploits when users visit a compromised or malicious site. "If it's not in one of those yet, it probably will be," said Marcus. "Some of the exploits in those kits are years old, so a good one like this, unpatched until yesterday, will make its way into them."
Marcus recommended that users be cautious about opening Word documents, keep their security software up-to-date, and apply the IE patch as soon as possible.

GOOGLE'S SHUMAN GHOSEMAJUNDER EXPLAINS CLICK FRAUD - a SES Video

2008-12-19T17:09:00.001+08:00

Click fraud is a very complex issue. Unfortunately, much of the information available has been misinterpreted due to that complexity. In this video, Shuman Ghosemajumder of Google gives some information that will hopefully clear up that gray area.
For starters, click fraud is driven by 2 major incentives:
1. Attacking advertisers - when an advertiser tries to hide one of his competitors
2. Inflating affiliates - when an AdSense publisher tries to fraudulently increase his own revenue by generating false clicks
Methods of click fraud stem from simplistic techniques to sophisticated techniques. Simplistic methods include manual clicks such as when a fraudster personally clicks ads on his own computer. It gets a little more sophisticated when a fraudster organizes botnets and uses them for click fraud. Click farms, which consist of individuals or organizations that try to hire people to click on ads continuously, fall somewhere in the middle of the simple and sophisticated click fraud techniques.
Shuman does point out that: “the impact of invalid clicks at Google is minimal.”
Google detects click fraud through simple rules and statistical anomaly detection. Google’s simple rules consist of certain rules they have already defined as what they classify as an invalid click. Since some simple rules can be easily broken, statistical anomaly detection is more effective because it looks at specific activities on websites and compares the expected behavior to the observed behavior. This data gives Google a better understanding of how to detect invalid clicks.
For advertisers wanting to take proactive measures to prevent click fraud, Shuman advises keeping the return on investment (ROI) as the central focus. Research and gather as much data as possible, test everything, and track all results. If you apply these actions and your ROI drops for no reason, you have a good reason to suspect undetected click fraud and should file a claim.

IS CHROME 1.0 READY FOR PRIMETIME?

2008-12-16T20:35:00.002+08:00

Opinion
Google's chief of user experience Marissa Mayer told TechCrunch' Michael Arlington at yesterday's Le Web' 08 conference in Paris that Chrome is coming out of beta. Period. No further explanation was provided and the company did not even issued a press release. The only official information is a low-key Google blog post.
It is very unusual for any vendor to move such a young product out of beta after just 100 days of availability. That is especially true for Google, which had no problems with freezing flagship products in beta for years so far. Gmail is five years old and still carries the beta label, as does the three-year old Docs service.
What about Chrome? If we leave aside for a moment that the 1.0 version is virtually identical with the most recent beta version that preceded it, the removal of a beta label typically implies that a product is reliable enough for everyday use and that it is feature complete. Such a message tries to attract users who were previously put off by a beta product, which usually yells “be careful, bugs!” If you think about it, beta always means "work in progress." Also, any product development team typically aims to test a feature-complete version of a product in a beta or at least release candidate phase, before rolling it out as a final. Chrome may be lightning-fast, but, in our opinion, Chrome is not only rough around the edges. It is also far from being feature-complete.
Stable enough for everyday use? Feature complete?
The company's blog post states that audio and video plug-ins are improved, claiming "better performance and stability." The 1.0 Chrome release still has issues with the Flash plug-in and stopped working on several websites we accessed. Yes, there were thirty-something tabs open, but the Flash plug-in should not crash in a 1.0 browser release regardless of the number of open tabs. Simply put, Chrome 1.0 is as stable as the 0.4.154.22 beta was and Google can’t wiggle itself out of this claim.
Google highlights a bookmark manager and more granular privacy controls in a manner that implies changes in the 1.0 version whereas, in fact, they were first rolled out nearly a month ago in a release with version number 0.4.154.22, followed shortly by a bugfix-only release with the version number 0.4.154.22. The latter was the 13th release in a row, followed by yesterday's 1.0 release.
Google may have a different definition of what is feature-complete and not and it may want to keep the browser as streamlined as possible. But Chrome needs more security and privacy options, its minimal user interface and the variety of configuration options could use some improvements. Right now, Chrome seems to appeal to a very specific user group that looks for uncompromised performance, whereas Firefox appeals to a much broader range and provides a much more reasonable compromise between feature set and streamlined browser design. The product itself is clearly not yet competitive enough to play with the big boys.
Marketing reasons?
Chrome is not a final version in a traditional sense. It is just not a good idea to replace a beta label simply with a final label and hope that it magically becomes final as a result.
The only reasons that make sense to us are marketing related. Beta browsers tend to be stuck below the 1% market share level and are not as strongly adopted as “final” browsers. Perhaps Google got tired of being compared to the market shares of Opera and IE8 Beta? From our perspective, the decision to remove the beta label is a sign of desperation and pure marketing move designed to inflate Chrome's market share.
Also, think about Google’s intention to bundle Chrome with PCs. If you were a PC vendor, would you give your customers a beta browser? As a customer, would you like to get beta software on your PC? Of course not.
Conclusion
The bottom line is: End-users do not benefit from Chrome 1.0 compared to Chrome 0.4.154.22 beta in any way. From a marketing perspective, the removal of the beta status will probably drive Chrome's market share, but the gains will be short lived, if there aren’t any substantial updates that do not offer widespread plug-in support and new end-user features in a timely manner.
Delivering the features users want may be the easiest way to drive user numbers up and create a loyal following. Resort to cheap tactics like pushing a beta product into an official 1.0 status out of the blue is a risky attempt to inflate user numbers and may backfire. As a final product, Chrome has lost its beta benefit in browser comparisons and may not fare as well anymore. Even worse, the credibility of final versions delivered by Google may suffer.
I would have no problem with their removal of the beta label at all if a) Chrome 1.0 brought a jump in quality compared to the most recent beta version or b) if Google provided a Chrome roadmap months in advance, as Mozilla does, to let users know which beta release should be considered the final candidate release.
We still believe that Chrome may become a fantastic browser overall. But yesterday’s 1.0 rollout was wrong. Chrome should still be labeled as a beta product. Sure, it is difficult to downgrade it back again to a 0.9 version. But what about an upgrade to 1.5 beta?
By Christian Zibreg

uTEST BROWSER REPORT: CHROME IS THE BUGGIEST

2008-12-15T17:01:00.002+08:00

As Firefox and Chrome battle it out with new betas and rumored release dates, a newly completed analysis is answering the question over which browser has the most bugs.
Mozilla released Firefox 3.1 beta 2 this week and is now working on a third beta set to debut in early January. Google executives, meanwhile, reportedly indicated during a Web conference interview that Chrome is on the brink of coming out of beta altogether.
Testing, 1, 2, 3
In contrast to what those timelines might suggest, Chrome is being called the buggiest browser of all in a review released Wednesday. Open software testing community uTest used its crowdsource-based model to sign up 1,300 volunteer testers for the project. Each tester compared Firefox 3.1's first beta with Chrome's third beta (0.3.154.9) and Internet Explorer 8 beta 2. Neither Opera nor Safari was included in the analysis.
The testers competed for eight days to see who could uncover the most problems. uTest then verified and compiled the results to determine how each browser fared.
General Findings
The test's overall message is positive: uTest uncovered no major security flaw in any of the three browsers covered. "We're very encouraged by it," says spokesperson Matt Johnston. "In years past, we wouldn't have been able to say that."
The community did, however, discover 672 bugs across the browsers -- an average of almost one bug found for every 15 minutes of testing. All were user interface-related functional or technical issues, Johnston says. One bug, for example, caused a newly opened tab to have faulty color properties. Another caused a blip when trying to import favorites from another browser.
"They were general usability and functional things," Johnston explains.
Browser Breakdown
So here's the breakdown, browser-by-browser:
• Internet Explorer 8 beta 2: 168 bugs identified
• Firefox 3.1 beta 1: 207 bugs identified
• Chrome 0.3.154.9: 297 bugs identified
Among those bugs, 101 were labeled as "showstoppers," or more serious flaws that warrant immediate attention. Firefox had the highest percentage of those, at 24 percent. Twelve percent of Chrome's bugs were deemed "showstoppers," while 9 percent of IE's received the designation.
As for overall usability, Firefox had the highest number of "excellent" ratings, followed by Chrome, then IE -- which did not receive a single "excellent" score. Firefox also came out on top in ratings for general preference.
(The uTest community, by the way, is by its own reporting a fairly tech-savvy crowd. Nearly 80 percent of the members list "software tester" as their full-time professions.)
Putting It All Together
The Chrome-tarnishing results may not be entirely surprising. Chrome -- the newest browser of the three -- has seen numerous bugs and compatibility issues since its debut. Still, each release has made the product more stable than the last. And though Chrome has the smallest market share of the three browsers included here, Google has suggested its biggest push won't start until the software is deemed stable enough for a full release. Then, recent reports indicate, the company will "throw [its] weight behind it," heavily promoting Chrome and possibly even inking deals to have it preinstalled on new PCs.
With the notion that such a full release could be right around the corner, though, one has to hope Google has one serious update ready to roll out. Otherwise, if the uTest results are to be believed, that first full version may still be a bit too buggy for the masses.
JR Raphael

FREE XBOX LIVE TITLES THIS MONTH

2008-12-13T12:44:00.007+08:00

Last week, Xbox Live Director Larry "Major Nelson" Hyrb announced Microsoft's Xbox Live "Friendship is Free" program.
Under the program, eight popular Xbox Live Arcade titles-- A Kingdom for Keflings, Aegis Wing, Bomberman Live, Hardwood Hearts, Hardwood Spades, UNO, Small Arms and Super Street Fighter II Turbo HD Remix--will be free to play online for Xbox Live Silver members all this month.

Normally, gamers have to pay US$8 a month, $20 for three months, or $50 a year to have access to Xbox Live Gold accounts and unlimited online gameplay.
Of course, a caveat to this "Friendship is Free" program exists in the fact that you have to pay for most of the games (the Major confirmed this in an email), although Aegis Wing is free. If you want a free copy of "Friendship is Free" headliner A Kingdom of Keflings, you could try to win one via GamePro Arcade's latest contest!

A SMALLER 32nm CHIP DEVELOPED BY INTEL

2008-12-12T00:15:00.001+08:00

Intel on Wednesday said it finished development work on manufacturing technology that will allow it to produce chips with circuitry just 32-nanometers in size, a billionth of a meter, by the fourth quarter of next year.
The new production technology will enable the company to lower costs and power consumption in chips, while adding more speed and functionality. In general, microprocessing speeds are directly related to the number of transistors on a chip, and the smaller the transistor, the more can be packed together on a single chip die. Smaller production technology lowers costs by enabling companies to increase output.
The development also means Intel will for the fourth consecutive time match its "tick-tock" strategy, a target to introduce an entirely new microprocessor architecture alternating with new production technology roughly every twelve months.
At a technical conference later this month, Intel engineers plan to detail how they will transition from the current crop of 45-nanometer processors to chips that are built on a new 32-nm manufacturing process. Intel is developing this new line of processors under the code name “Westmere,” and Intel plans to bring the first of these 32-nm microprocessors to the market in late 2009. At the same conference, IBM and Taiwan Semiconductor Manufacturing also plan to detail their efforts at developing and manufacturing 32- and 22-nm processors.

JAVA 6.0 UPDATE 11 PATCHES BUGS

2008-12-10T14:20:00.003+08:00

Sun patched at least 14 vulnerabilities in Java last week as it updated the popular software to version 6.0, build 11.
The release notes for Java 1.6.0_11, as Sun dubbed the update, skimped on details about the security flaws that were patched, but listed a total of 14 alerts, each of which will presumably provide information about at least one vulnerability.
Those alerts have not yet been published, however, leaving users in the dark about the specifics of what has been patched.
Sun also addressed 34 non-security problems with 1.6.0_11, ranging from a data corruption bug to a compatibility issue with some Java-based games.
Windows users, who account for the bulk of Java's installs, can update by clicking on the Java icon in the Control Panel, clicking on the "Update" tab, then clicking the "Update Now" button. Users running other operating systems can grab the newest version from Sun's Web site.
Mac OS X users must wait for Apple to craft its own Java update. Unlike rivals like Microsoft , Apple maintains its own version of Java and is responsible for delivering patches to Sun's software.
If the past is an accurate indicator, Apple's customers may not receive yes this Java fixes for months. When Apple refreshed Java in late September, for instance, it fixed more than two dozen vulnerabilities, some of which had been patched in updates for Java for Windows, Linux and Solaris as far back as March 2008 .
Apple has been frequently criticized for its sluggish patching of third-party components, particularly open-source code, that it bundles with its operating system. More than a year ago, Charles Miller, a researcher with Independent Security Evaluators, called Apple's inability to keep up with open-source fixes "negligent." More recently, Miller and others took Apple to task for not scheduling updates , instead releasing them at any time during the month.
Users can check to see which version of Java their machine is currently running by visiting this page on the Sun site.

SYMBIAN FOUNDATION ON OPEN SOURCE OS

2008-12-08T17:43:00.004+08:00

The Symbian Foundation is on track to take over Symbian as an open-source operating system in 2010 and will put out its first distribution of software for developers in the first half of next year, its executive director said Thursday.
The foundation is the successor to the Symbian consortium that has administered the OS since 1998. It is being formed after Nokia agreed to buy the remaining part of Symbian, a deal that closed on Tuesday. The world's largest handset maker, which has been perceived as dominating Symbian since its creation, is releasing the platform as competition for developers grows among Google's Android, Apple's iPhone and other systems.

Nokia, Motorola, NTT DoCoMo, LG Electronics, Samsung, Sony Ericsson, AT&T and other companies agreed in June to form the foundation. Six new members, including AOL, Fujitsu's Cell Telecom division, and Intrinsyc, were announced Thursday at the Symbian Partner Event in San Francisco. That brings total membership to 64, the group said.
The distribution of code coming in the first half of 2009 won't be entirely open source. It will be released to members of the foundation, under a new partner organization that eventually will supplant Symbian's current partner program, said Lee Williams, executive director of the Symbian Foundation. It will include elements of Symbian and of Nokia's Symbian-based S60 platform. The group is already working on code for that distribution.
The open-source OS coming in 2010, will unite Symbian with S60 as well as two other platforms built on it: UIQ and NTT DoCoMo's MOAP (Mobile Oriented Applications Platform).
The foundation is now defining roles within its organization and starting to work on recruiting for those jobs, Williams said. By the end of April, there will be staffers answering calls and e-mail for developer support and other needs, he said.

OPERA 10 Alpha DESKTOP BROWSER UP FOR PREVIEW

2008-12-06T16:41:00.004+08:00

Opera Software is giving developers and users an early look at its Opera 10 browser, which features a new version of its rendering engine that the company says offers 30 percent improvement in the speed of loading Web pages.
An alpha version of Opera 10 is available online. The rendering engine, called Opera Presto 2.2, is the foundation of all of Opera's browsers, including the popular Opera Mobile. It also runs on the server that powers the Opera Mini, Opera's thin-client browser that is used on cell phones.
Jan Standal, director of consumer product management and developer relations at Opera, said better loading speed and support for Web standards are the key design goals for Opera 10's release.
Standal noted that the alpha of Opera 10 released Thursday received a perfect 100 test score on the Acid3 test, which is the standard test from the Web Standards Project that gauges how well a browser follows generally accepted standards -- such as Javascript, Document Object Model and Cascading Style Sheets -- for Web pages. In the Acid3 test, a browser is expected to render a page a certain way.
Support for Web Font, a technology that allows a Web developer to specify any font that's available on the Internet rather than depend on ones available locally, also is available in the alpha release of Opera 10 as part of the Presto 2.2 software, Standal said.
Opera expects to release a beta of Opera 10 in early 2009 and a full version of the browser before midyear, he said.
While Opera's desktop browser has only a very small market share in the U.S., the software is more popular with users in Europe and Asia.

NEW PASSWORD STEALER TARGETS FIREFOX USERS

2008-12-05T13:27:00.003+08:00

Researchers at BitDefender have discovered a new type of malicious software that collects passwords for banking sites but targets only Firefox users.
The malware, which BitDefender dubbed "Trojan.PWS.ChromeInject.A" sits in Firefox's add-ons folder, said Viorel Canja, the head of BitDefender's lab. The malware runs when Firefox is started.
The malware uses JavaScript to identify more than 100 financial and money transfer Web sites, including Barclays, Wachovia, Bank of America, and PayPal along with two dozen or so Italian and Spanish banks. When it recognizes a Web site, it will collect logins and passwords, forwarding that information to a server in Russia.
Firefox has been continually gaining market share against main competitor Internet Explorer since its debut four years ago, which may be one reason why malware authors are looking for new avenues to infect computers, Canja said.
Users could be infected with the Trojan either from a drive-by download, which can infect a PC by exploiting a vulnerability in a browser, or by being duped into downloading it, Canja said.

When it runs on a PC, it registers itself in Firefox's system files as "Greasemonkey," a well-known collection of scripts that add extra functionality to Web pages rendered by Firefox.
BitDefender has updated its products to detect it, and other vendors will likely follow suit quickly, Canja said. Users could avoid it by only downloading signed, verified software, but that's a measure that restricts the usability of a PC, he said.
The malware is not present in Mozilla's repository of add-ons, Canja said. Mozilla had taken steps to ensure that its official site hosting add-ons -- also called extensions -- are free from malware.
In May, Mozilla acknowledged that the Vietnamese language pack for Firefox contained a bit of unwanted code. Although widely reported as a virus, the language actually contained a line of HTML code that would cause users to view unwanted advertisements.
Mozilla now scans new add-ons for malware. However, those scans will only detect known threats, and there was no signature in the security software Mozilla was using at the time that could detect the code.
Mozilla said the code probably ended up in the language pack after the PC of its developer became infected. More than 16,000 people downloaded the language pack, but only about 1,000 people regularly use it.
After the incident, Mozilla said it would scan add-ons in its repository when antivirus signatures were updated.

MUMBAI SIEGE TERRORISTS USED GOOGLE EARTH

2008-12-02T19:59:00.004+08:00

The terrorists that attacked various locations in south Mumbai last week used digital maps from Google Earth to learn their way around, according to officials investigating the attacks.
Investigations by the Mumbai police, including the interrogation of one nabbed terrorist, suggest that the terrorists were highly trained and used technologies such as satellite phones, and global positioning systems (GPS), according to police.
Google Earth has previously come in for criticism in India, including from the country's former President, A.P.J. Abdul Kalam.
Kalam warned in a 2005 lecture that the easy availability online of detailed maps of countries from services such as Google Earth could be misused by terrorists.
A Google spokeswoman said in an e-mail Monday that Google Earth's imagery is already available through commercial and public sources. Google Earth has also been used by aid agencies for relief operations, which outweighs abusive uses, she said.
Indian security agencies have complained that Google Earth exposed Indian defense and other sensitive installations. Other nations, including China, have made similar complaints regarding military locations.
However the places attacked by terrorists last week did not come under the category of defense or sensitive installations. The information available to the terrorists on Google Earth about the locations they attacked is also available on printed tourism maps of Mumbai. The locations included two hotels, a restaurant, a residential complex and a railway station.
John Ribeiro, IDG News Service

WORLD OF WARCRAFT EXPANSION SHATTERS RECORD

2008-11-30T22:39:00.006+08:00

Online gamers, bow before the king.
According to developer Blizzard, the recently released World of Warcraft expansion Wrath of the Lich King sold over 2.8 million copies in its first 24 hours of availability, making it the single fastest selling PC game in history.
In an official statement, Blizzard CEO and co founder Mike Morhaime expressed thanks.
"We're grateful for the incredible support that players around the world have continued to show for World of Warcraft," he said. "Wrath of the Lich King contains some of the best content we've created for the game so far, and we look forward to seeing even more players log in to experience it in the days ahead."

He didn't, however, express much surprise. That's because the second fastest selling PC game of all time is none other than the first World of Warcraft expansion, The Burning Crusade, which sold through roughly 2.4 million copies in its opening day.
Those numbers are just as stunning as they look. To give some context, it took EA's chart-topping evolutionary simulation Spore a good three weeks to hit the two million mark. And with 11 million active Warcraft subscribers out there, expect more records to be broken before the year is over.
By Ben Silverman

AIDS: REAL IMAGES, REAL PEOPLE, REAL SUFFERINGS

2008-11-30T22:10:00.006+08:00

In observance of this year's World Aids Day, I decided to pause, reflect and pay respect to those suffered and died, not the numbers and figures in the statistics, but the real people who are unwilling victims of this dreadful disease. As I was preparing and gathering resources for my World Aids Day post, with a mindset that this is a usual post with statistics and everything, I came upon this very disturbing Aids In Asia photos, taken in Cambodia. Truly a single picture speaks a thousand words, and it presents me with the harsh and painful reality.

Here's the reality and some words from the photographer:
"Numbers and statistics are just that, nothing more than markings on paper or words on a news program, the human side however is truly disturbing. Patients wait to die alone, coated in flies and nursed by family members. Understaffed hospitals are in such disrepair that they have been deemed biohazard and HAZMAT threats and workers refuse to even enter the premises, much less make necessary repairs and provide care to patients. In several well known hospitals I found myself literally wading through ankle deep piles of disposed needles, catheter bags and soiled linens, as patents navigated hallways with potholes that dropped through to the floors below."
He further dedicates his photos and closes as saying:
"This photo story is dedicated to my new friends who sit quietly and wait to die, those who choose not to sit quietly but fight for the lives and the health of their friends, family, and complete strangers. This photo story should also serve as an attack on the organizations, governments, corporations and pharmaceutical giants who quite simply are doing too little."

Maybe after posting, I will take a short walk outside, take a deep breath and find a quiet corner where I can be alone, maybe mumble a few prayers, and ponder on this lousy overasked question, but weighs a ton at this moment....WHY?

NEW NOKIA 6260 SLIDE HI SPEEDS UPLOAD AND DOWNLOAD

2008-11-28T20:08:00.003+08:00

Nokia's 6260 is the company's first phone with support for both faster download and upload speeds using HSPA (High Speed Packet Access), at up to 10.2 M bits per second and 2M bps respectively.
Nokia has been dragging its feet on support for more bandwidth, but there is now enough demand from consumers and support from network operators for the faster upload and download speeds to make it worth the effort.
Users will be able to take advantage of the higher speeds when uploading images and videos to Web sites, blogs and social networks, and the faster download speeds when, for example, watching videos, according to Nokia.
So far Nokia phone users have been limited to download speeds of 3.6M bps and upload speeds of 384K bps.
Other phones that support faster speeds include the T-Mobile G1, Research in Motion's BlackBerry Storm and the Sony Ericsson Xperia X1.
The 6260 slide is expected to retail for €299 (US$386) before taxes and subsidies, and will ship at the beginning of next year, according to Nokia.
The phone runs Nokia's Series 40 software and offers quick access to search engines from the home screen. Other features include support for Wi-Fi, a 5-megapixel camera and A-GPS (Assisted Global Positioning System).
"Nokia is looking at the current downturn, and I think it sees an opportunity to really consolidate and capitalize on its scale, and keep coming out with more and more feature-rich, aggressively priced devices to put more pressure on its competitors," said Ben Wood, director of research at CCS Insight.

SONY RELEASES ITS V2.53 PS3 UPDATE

2008-11-27T16:46:00.003+08:00

You can learn more about what you didn't realize was wrong with your PS3 from reading these updates. Did you know the browser couldn't play Flash videos? The system couldn't be set to turn off automatically after a given period of inactivity? You couldn't print to network printers? That the mini panel for music playback didn't have a pause icon?
Neither did I. I also had no idea what "mosquito noise" was until I looked it up. Actually I knew what it was, I just called it something else. You'd know it as "fuzz" around the edges of objects in a compressed video or picture. It's technically a subset of the sort of general artifact degradation that can occur when complex data gets dropped or misplaced during an aggressive compression process. The update adds a feature to reduce it on videos saved to the hard disk or played from other media.
Wait. Stop. Back up. What I meant to say, was the last few updates added all that stuff. Seems some sites are confused about what's new and what isn't. In the v2.53 update, the only change is apparently this one:
An update to the PS3™ system software was released on November 26, 2008. You can use this update to upgrade your system software to version 2.53.
New to 2.53: The Internet browser now supports full-screen mode for Adobe® Flash® Player content.*
Support for Adobe® Flash® Player 9 has been added.

HOW'D THOSE TECH PRODUCTS GET THEIR NAMES (Final Installment)

2008-11-26T02:11:00.007+08:00

Coming up with a great technology product or service is only half the battle these days. Creating a name for said product that is at once cool but not too cool or exclusionary, marketable to both early adopters and a broader audience, and, of course, isn't already in use and protected by various trademarks and copyright laws is difficult--to say the least.
The makers of these 10 tech products--the iPod, BlackBerry, Firefox, Twitter, Windows 7, ThinkPad, Android, Wikipedia, Mac OS X and the "Big Cats," and Red Hat Linux--all have displayed certain amounts marketing savvy, common sense and fun-loving spirit in settling on their products' names. Here are the intriguing, surprising and sometimes predictable accounts of their creation.
ThinkPad: Simplicity Wins Out

The venerable line of PC notebooks rolled onto the scene in 1992. While the concept was spot on, there was turmoil at IBM as to what to call it. IBM's pen-computing group wanted to keep it simple; they liked ThinkPad. But IBM's corporate naming committee didn't--it didn't have a number, and every IBM product had to have a number, and how would ThinkPad translate into other languages? Due to the chutzpah of the IBMer who unveiled it, ThinkPad won out, and it was a huge hit for IBM, which eventually sold it to Lenovo in 2005.
Android: Secretive, But Still Not Exciting

You'd think the story behind the naming of the Open Handset Alliance's new open-source platform for mobile devices, which includes the brand-new G1 loaded with Google's goodies, would be cool. But, uh, not so much. Back in 2005, Google quietly acquired a mysterious startup named Android Inc., which had been operating under "a cloak of secrecy" on "making software for mobile phones," reported Businessweek. The result of all Google's secrecy and Internet hype was the debut of T-Mobile's G1 on Oct. 22, 2008.
Wikipedia: Just What It Sounds Like

According to Wikipedia, the name Wikipedia is a portmanteau of wiki (a technology for creating collaborative websites) and encyclopedia (you remember, those large books that, as kids, we ruthlessly plagiarized for school book reports). FYI: a portmanteau is a fancy way of saying that we're going to take two words, jam them together and (hopefully) create a new concept that people will love. So far, so good. In an illustration of the axiom "the more things change the more they stay the same": Today, kids and adults now ruthlessly plagiarize Wikipedia instead of encyclopedias.
Mac OS X and "The Big Cats": Catlike Sleekness and Style

Apple's popular Mac operating system X actually denotes the Roman numeral 10, since it is the OS's tenth release, following Mac OS 9. To the ire of Apple fanboys, many people do refer to it as letter 'X.' More interesting have been the "big cat" code names assigned to each succeeding X release that have stuck with Apple's marketing: Cheetah (10.0), Puma, Jaguar, Panther, Tiger and current kitty Leopard. Snow Leopard has been assigned for the 10.6 release, with rumors that Lynx and Cougar are in the works.
Red Hat Linux: A Name Rich with Meaning

Cofounder Bob Young has given multidimensional origins of the red fedora name:
1. It was named after red, which in Western history is "the symbol of liberation and challenge of authority."
2. Cofounder Marc Ewing wore his grandfather's red Cornell lacrosse hat in college and became known for this tech expertise--those with problems went to see the guy in the red hat.
3. Ewing named his software projects Red Hat 1, Red Hat 2 and so on. "So, when he started his Linux project, he just named it Red Hat Linux," Young said. All righty then!
Thomas Wailgum, CIO

MICROSOFT MSRT UPDATE REMOVES FAKE SECURITY SOFTWARE

2008-11-24T17:43:00.003+08:00

Microsoft said that the anti-malware tool it pushes to Windows users as part of Patch Tuesday removed fake security software from nearly a million PCs during nine days this month.
In a post to the company's malware protection center blog on Wednesday, three of Microsoft's security researchers spelled out the impact this month's edition of the Malicious Software Removal Tool (MSRT) has had on phony security software. In the period from Nov. 11 to Nov. 19, said Scott Wu, Scott Molenkamp and Hamish O'Dea, MSRT purged more than 994,000 machines of what the tool recognizes as "W32/FakeSecSen," the malware label for a broad range of bogus security program with names such as "Advanced Antivirus," "Spyware Preventer," "Ultimate Antivirus 2008" and "XPert Antivirus."
Windows users have been plagued with a flood of worthless security software in recent months as criminals have discovered that they're money-makers. According to one researcher, cyber-crooks can pull in as much as US$5 million a year by installing the rogue programs on PCs, then dunning users with made-up claims that the machine is infected. Unless consumers fork over a payment -- usually $40 to $50 -- the constant stream of pop-up messages continue, making the machine hard to use.
Windows users may install the fake programs because they've been duped into thinking that they're real -- at times, bogus security software has been ranked high in Internet search results -- although the rogue applications are also often secretly installed by malware that's infected a system.
The clean-up job was one of Microsoft's biggest ever. In June 2008, MSRT sniffed out 1.2 million PCs infected with a family of password stealers, while in February, it scrubbed the Vundo Trojan from about a million machines. Over several months at the end of last year, the tool hit the then-notorious Storm Trojan hard, eventually eradicating it from a half-million PCs, something Microsoft bragged about later.
This time, Microsoft took the opportunity to pat itself on the back again. Although each FakeSecSen installation normally contains an .exe file, one or two .dat files, a control panel applet and other components, the MSRT found that only about 20% of the infected PCs it uncovered still harbored the .exe. (Other components remained, however, as evidence of the bogus program's installation.)
Microsoft speculated that the .exe files had been removed by other anti-malware software that had overlooked the other pieces. "Microsoft was able to thoroughly clean systems of FakeSecSen while other malware detection tools may not have caught and cleaned as many executables," said Bill Sisk, a Microsoft security spokesman, in an e-mail.
Windows users can download the MSRT manually from Microsoft's Web site, or via the Windows Update service

NEW GTA lV CONTENT OUT BY FEB.17, 2009 ... ROCKSTAR

2008-11-21T18:04:00.009+08:00

Thank you Rockstar, it's about time we're finally talking release dates for the Grand Theft Auto IV downloadable content you promised ages ago. We won't hold your tardiness against you, though you are rather tardy here. February 17, 2009? That's stringing things out a bit, no?
The first of two episodes, "The Lost and Damned" will be exclusive to Xbox 360 and include a new main character and plot that intersects with GTA IV's central storyline. Rockstar says it'll include new missions "that offer an entirely fresh way to explore Liberty City with new multiplayer modes, weapons and vehicles, and a diverse soundtrack with additional music."

“Making these episodes has enabled us to expand the narrative and the experience of interacting with a game world in really innovative ways,” said Sam Houser, Founder of Rockstar Games. “We hope fans of the game enjoy the new way of experiencing life in Liberty City contained in this first episode.”

Great if belated news for Xbox 360 owners, but why no love for PlayStation 3 or PC (the PC version ships in just a few weeks on 12/2)? Or is all this ballyhoo just a smokescreen for timed exclusivity?

HOW'D THOSE TECH PRODUCTS GET THEIR NAMES {First Part Installment}

2008-11-19T18:51:00.006+08:00

Coming up with a great technology product or service is only half the battle these days. Creating a name for said product that is at once cool but not too cool or exclusionary, marketable to both early adopters and a broader audience, and, of course, isn't already in use and protected by various trademarks and copyright laws is difficult--to say the least.
The makers of these 10 tech products--the iPod, BlackBerry, Firefox, Twitter, Windows 7, ThinkPad, Android, Wikipedia, Mac OS X and the "Big Cats," and Red Hat Linux--all have displayed certain amounts marketing savvy, common sense and fun-loving spirit in settling on their products' names. Here are the intriguing, surprising and sometimes predictable accounts of their creation.
iPod: "Open the pod bay door, Hal"

During Apple's MP3 player development, Steve Jobs spoke of Apple's strategy: the Mac as a hub to other gadgets. Vinnie Chieco, a freelance copywriter Apple hired to help name the gadget before its debut in 2001, fixed on that idea, according to Wired. He brainstormed hubs of all kinds, eventually coming to the concept of a spaceship. You could leave it, but you'd have to return to refuel. The stark plastic front of the prototype inspired the final connection: pod, a la 2001. Add an "i" and the connection to the iMac was complete.
BlackBerry: Sweet Addictiveness

Canada's Research in Motion called on Lexicon Branding to help name its new wireless e-mail device in 2001. The consultancy pushed RIM founders away from the word "e-mail," which research shows can raise blood pressure. Instead, they looked for a name that would evoke joy and somehow give feelings of peace. After someone made the connection that the small buttons on the device resembled a bunch of seeds, Lexicon's team (see profile) explored names like strawberry, melon and various vegetables before settling on blackberry--a word both pleasing and which evoked the black color of the device.
Firefox: Second Time's a Charm

Choosing a name that evokes a product's essence and is available can be quite complicated, as the Mozilla folks found out. The early version of Mozilla's browser was called Firebird, but due to another open-source project with the same name, the Mozilla elders renamed their browser Firefox, which is another name for red panda. Why? "It's easy to remember. It sounds good. It's unique. We like it," they said. Best of all? Nobody else was using it.
Twitter: Connecting the Digital Flock 140 Characters at a Time

When cofounder Biz Stone saw the application that Jack Dorsey created in 2006 he was reminded of the way birds communicate: "Short bursts of information...Everyone is chirping, having a good time." In response, Stone came up with "twttr," and the group eventually added some vowels. It's hard to think of a more evocative name in the tech world than twitter, but what began as what Stone described as "trivial" bursts of communication developed into a powerful means of networking, breaking news, and forum for the 44th U.S. president's campaign.
Windows 7: Counting on the Power of 7

While Microsoft's next OS is kind of a "Ho-hum" name, one has only to look at what happened with the most recent Windows release to understand why Microsoft might have gone back to a tried-and-true naming philosophy: Vista? Ouch. Windows 95 and XP? Those have done much better. Microsoft's Mike Nash announced the name this way: "Simply put, this is the seventh release of Windows, so therefore 'Windows 7' just makes sense." We're betting that Microsoft execs are hoping that number 7 will deliver on its promise of luck--they could sure use a win after Vista.
Thomas Wailgum, CIO
{end of first installment - watch my future posts for the second part installment}

CHEAP SMARTPHONE TREND START-OFFS WITH NEW NOKIA E63

2008-11-18T17:18:00.002+08:00

Nokia's E63 smartphone, announced Wednesday, will cost €199 (US$250) before any subsidies -- a price that puts the phone maker ahead in a burgeoning price war and which one analyst described as "eye-popping."
The E63 is a qwerty messaging device, with a 2.36-inch display, a 2-megapixel camera and two customizable home screen views for both business and personal use. Nokia promises easy e-mail setup and users can surf the Internet using a WLAN.
The phone also comes with support for Files on Ovi, so anyone buying the handset will have access to 1G byte of free online file storage, according to Nokia.
"Nokia has never made any secret of the fact that it wanted to take S60 to aggressive price points and with a retail price of 199 it is certainly showing Nokia can do that," said Ben Wood, director of research at CCS Insight.
Other phone vendors will have no choice but to follow Nokia's lead. Companies that want to be competitive have to match the best prices in the market and with the economy being what it is pricing will become increasingly important, according to Wood.
"Given the current economic climate, price is becoming more important than ever before, because what we are seeing is that the major network operators are starting to take subsidies out of phones, so if you want well-featured phones bought by consumers you have to supply them at an aggressive price," Wood said.
Malik Saadi, principal analyst at Informa Telecoms & Media, has identified the same trend -- the price war will only intensify at a time when new entrants into the market are increasing their pressure on competitors to reduce prices, mainly for feature phones and smartphones, he wrote in a recent research note.
Nokia isn't the only company that plans to put smartphone pricing under pressure. Huawei and newcomer INQ are also getting into the game. Huawei -- a company that has already turned mobile infrastructure pricing on its head -- said last week that it plans to launch both Android and Symbian phones during the first half of next year. And INQ is launching Thursday, with its devices designed to stimulate mass-market mobile data use, featuring a select set of geographically relevant social networking, e-mail and instant messaging applications, according to a company presentation.

CHROME'S NEW QUIET PATCH BY GOOGLE

2008-11-16T10:34:00.003+08:00

Google Inc. has patched Chrome to prevent attackers from stealing files from PCs running the open-source browser.
The update, however, has not been pushed out to most users yet.
Google quashed the bug in a developer-only version of Chrome that has not been sent to all users via the browser's update mechanism. Chrome users, however, can reset the browser to receive all updates, including the developer editions, with the Channel Chooser plug-in.
Chrome 0.4.154.18, which was released Tuesday, fixes a vulnerability that could be used by hackers to read files on a user's machine, then transfer them to their own malicious servers. "We now prevent local files from connecting to the network with XMLHttpRequest() and also prompt you to confirm a download if it is an HTML file," Mark Larson, Chrome's program manager, said in an entry to the browser's developer blog.
Google also enhanced Chrome by adding several new features to the 0.4.154.18 build, including a bookmark manager, more granular control over the browser's built-in privacy mode and a revamped pop-up blocker.
Larson warned users, however, that Chrome continues to have problems synchronizing offline data using Gears, Google's platform for building Web applications that can be used offline as well as when the user is connected to the Internet. "Sites that use Gears to synchronize offline data may occasionally hang," Larson said. "You should disable offline access for sites until a fix is released."
Chrome 0.4.154.18 also includes a newer version of V8, the name for Google's JavaScript interpreter.
The current "official" beta build of Chrome is 0.3.154.9.
Google's browser accounted for only 0.74% of the browser usage share last month, according to data from Web metrics company Net Applications Inc.

CRITICAL MICROSOFT PATCH FOR WORM RISK

2008-11-15T10:54:00.003+08:00

A scary security flaw that would allow malicious worms to infect one PC and then automatically jump to others prompted Microsoft to release a rare out-of-cycle patch in October. The glitch is critical for both 32-bit and 64-bit versions of Windows XP and Windows Server 2003, and for Windows Server 2000. Microsoft says that targeted attacks exploited the hole prior to the patch's release, and that "detailed exploit code" is currently available online.
This marks the first time since April 2007 that Microsoft has released a fix outside of its normal Patch Tuesday cycle; it wa s sparked by lessons learned from worm epidemics like Blaster and Slammer, which cost users billions of dollars to disinfect in 2003.
Though the new hole is a huge risk, protections put in place since the worms surfaced make another epidemic far less likely. Most important is Windows XP's default-on Windows Firewall: A worm crafted to attack the new flaw would have to establish an external connection, which firewalls usually block. If a PC has no firewall, however, or if it is set up to permit file sharing and an attack comes from an infected PC on the same network, the conquering worm could take over the targeted PC. Business networks, which typically have many PCs configured for file sharing, are thus at high risk.
Windows Vista and Windows Server 2008 have mitigating factors that reduce the risk from "critical" to "important," as rated by Microsoft. The company distributed the fix via Automatic Updates, but alternatively you can download it from Microsoft's Bulletin MS08-067 page. That page also provides further information on the situation.
IE Fixes, Too
On its regular Patch Tuesday schedule, Microsoft supplied fixes for six bad holes in Internet Explorer, underscoring the need to upgrade to IE 7 as soon as possible.
The wide-ranging flaws affect IE 5, 6, and 7 on Windows 2000, XP, Vista, Server 2003, and Server 2008, but they're most serious if you use an older version of IE on Windows XP or 2000. In those cases, an attack could run any command and have its way with your PC. If you've upgraded to IE 7, the flaws permit miscreants to steal user names or other cookie-based data, but nothing more.
Two of the bugs rated as most dangerous in Microsoft's new "exploitability index assessment," which gauges how likely an attack is against a given vulnerability. Get the fixes through Automatic Updates, or download the patch (and read more info on the new exploitability ratings) from MICROSOFT TECHNET.
Insecure F-Secure
Once again, security software has created an insecurity. If an F-Secure's program--ranging from Internet Security 2008 to Anti-Virus 2008 to Home Server Security 2009, in versions dating to 2006--scans a poisoned compressed file, your PC could be compromised. F-Secure says that no attacks have occurred, but if you use any of these versions, make sure that it has picked up the latest program updates (which should happen automatically).

HEART THREATENING EARBUDS

2008-11-12T22:35:00.001+08:00

The dangers of headphones now extend beyond accidentally walking into traffic: a new report released today suggests that pacemakers and implantable cardioverter defibrillators (ICDs) may react negatively to the magnets inside MP3-player headphones.
After testing eight different models of earbuds and clip-on headphones, Harvard researchers determined that patients with pacemakers and ICDs should keep headphones at least 1.2 inches away from the device. The magnets inside the headphones send false signals to the heart that may result in skipped beats or, in the case of ICDs: shutdown. According to the Washington Post, "15 percent of patients with pacemakers and 30 percent of those with defibrillators had a response to the magnets."
Keep in mind these problems arise from internal magnets, so the danger exists even when the MP3 player is not operating.
Some doctors are saying that this news sounds far more ominous than it is. Dr. Spencer Rosero, an associate professor of medicine in the electrophysiology unit at the University of Rochester Medical Center, told the Post that while this information good to know, it's not immediately life-threatening. "It would not kill you," he said. I don't know -- "defibrillator shutdown" sounds pretty dangerous to me.
Though the report suggests that iPods themselves do not interfere with pacemakers, previous reports say otherwise. It's important to remember the breadth of these studies do not encapsulate huge portions of the population and can be easily misread. Still, it's best to be safe and keep those earbuds tucked in your pocket.

DOING NOTHING IS DOING HARM

2008-11-11T12:31:00.009+08:00

I'm taking a time out from my usual blogging post for my blog group, BLOGGERS WANTED TO MAKE A DIFFERENCE, to turn our attention to the plight of refugees worldwide with this brief situationer. Everytime armed conflicts escalates anywhere in the globe so does the refugees population. We also witnessed a significant rise of various humanitarian groups/persons-celebrities along with UNHR helping to find a solution to the this rising refugees pop. and internally displaced persons (IDPs).
Refugee definitions are defined in 1951 Convention and 1969 OAU Convention, wherein 140 countries incorporated their refugee in their national legislation and keeping track of refugees easier. Besides this, there here has always been a conflict of definition of a refugee between UNHR, NGO's and the host country. In line with this, and for a refugee to be adequately protected and documented, a refugee must be registered. With this UNHR often supports countries in register and documenting refugees and categorized them into 7 groups and sub groups:

Refugees - Refugees include individuals recognized under the 1951 Convention relating to the Status of Refugees; its 1967 Protocol; the 1969 OAU Convention Governing the Specific Aspects of Refugee Problems in Africa, except some 4.6 million Palestinian refugees residing in areas of operation of the United Nations Relief and Works Agency for Palestinian Refugees in the Near East (UNRWA).

Asylum-seekers - Asylum-seekers are persons who have applied for asylum or refugee status, but who have not yet received a final decision on their application.

Returned Refugees - The population category of Returned refugees refers to refugees who have returned to their country of origin

Internally Displaced Persons (IDPs) - are people or groups of individuals who have been forced to leave their homes or places of habitual residence, in particular as a result of, or in order to avoid the effects of armed conflict, situations of generalized violence, violations of human rights or natural- or human-made disasters, and who have not crossed an international border.

Returned IDPs - Returned IDPs refers to internally displaced persons who have returned to their place of origin or habitual residence. In returnee situations, UNHCR seeks to reintegrate former IDPs as soon as possible by targeting both returnees as well as receiving communities.

Stateless persons - Stateless persons are individuals not considered as nationals by any State under relevant national laws. UNHCR statistics on statelessness also include people with undetermined nationality.

Other groups or persons of concern - Other groups or persons of concern refers to individuals who do not necessarily fall directly into any of the groups above but to whom UNHCR has extended its protection and/or assistance services, based on humanitarian or other special grounds. Until 2003, this category also included stateless persons.
Georgian women refugees sit on a straw-laden farm transporter as they rest before continuing their flight from Russian troops.

Basing on UNHR's 2007 Global Trends, refugees and IDPs falling under UNHCR’s responsibility was estimated at 25.1 million, available information suggests that a total of 67 million people had been forcibly displaced at the end of 2007. This includes 16 million refugees, of whom 11.4 million fall under UNHCR’s mandate and some 4.6 million Palestinian refugees under the responsibility of the United Nations Relief and Works Agency for Palestinian Refugees in the Near East (UNRWA). The number of IDPs is estimated at 51 million worldwide; some 26 million were displaced as a result of armed conflict and another 25 million were displaced by natural disasters. In addition, while often not considered as being displaced per se, it is estimated that there are some 12 million stateless people worldwide.

Against this global refugee backdrop, how are we Bloggers placed. Keeping in mind, that DOING NOTHING IS DOING HARM. Besides individual financial contributions wherein your $80 can provide 20 wool blankets to protect refugees from the cold, and your $100 can already provide a survival kit to a refugee family, with essentials such as blankets, cooking and heating stove, we can also use our individual talents, although each of us bloggers, originating from different countries and religions with diverse political beliefs will unite in one call - Bloggers Unite !!!

INTEL TO SHIP NEHALEM CHIPS ON NOV. 17

2008-11-09T20:28:00.001+08:00

Intel has scheduled the launch of its first Nehalem chip for Nov. 17, which also will be the day several PC makers begin shipping desktops running the new processor.
Steve Smith, vice president and director of operations for Intel's digital enterprise group, told Computerworld earlier this week that the first Nehalem chip, officially named Core i7, will be a quad-core designed for high-end desktops used by power users and gamers. Intel has been shipping previews of the chips to hardware vendors since September.
Rob Enderle, an analyst at the Enderle Group, said this week that he's been test-driving an Intel-built desktop running the quad-core chip with the hyper threading turned on, so it's virtually an eight-core. "It's fast. It's really fast," said Enderle.
The analyst also noted that the chip shows "significant improvement" in power efficiency, a key requirement for high-performance computing.
The Nehalem architecture features a 45-nanometer, four-core processor with an integrated memory controller that eliminates the need for a front-side bus. The new architecture is modular, which officials say will make it easier to scale from two to eight cores.
The Core i7 chips also are being designed to have two-way, simultaneous multi-threading, use Intel's QuickPath interconnect, and have a three-level cache hierarchy, Intel said.
Smith said an eight-core Nehalem is slated to ship in the second half of 2009, while two-core and four-core Nehalem chips for laptops should ship at about the same time.

A NEW MOTO ANDROID

2008-11-07T05:15:00.003+08:00

With no popular phones released for this holiday season, and hardly any this year, Motorola is set to revamp its entire mobile phone division with the help of Google's mobile operating system, Android.
Sanjay Jha, the company's new handset division chief, is planning large scale job cuts and will slash the number of mobile operating systems the company uses at the moment.
Six is the number of operating systems Motorola uses so far in its phone lineup and the new strategy will reduce this number by three. As reported earlier this month, Motorola gathered a 350 strong Android developers team and now revealed plans use of Google's operating system for its mid-tier phones, which constitute the company's largest volume sales.
The other two remaining mobile phone operating systems at Motorola will be Windows Mobile, which will be used for high-end phones and its proprietary system (P2K OS) for its inexpensive handsets.
Google's Android is based on Linux, an open source standard that Motorola was fancying for quite a while, so there's no wonder that the company adopted Android as its preferred platform. Also, Google isn't asking for any royalties from manufacturers that use Android, so here's another well-spent buck for Motorola.
It's hard to predict whether Android is going to save Motorola from further trouble. However, Motorola seems to be taking the right steps toward a rejuvenated future, also making users happy by providing a decent and easy to maintain software platform.
We should see anytime now an Android-based Moto prototype.

SPAMS WITH THE HIGHEST RATINGS IN MY E-MAIL INBOX

2008-11-05T20:32:00.006+08:00

Email spams can be described in two simple words "junk e-mail". Junk as they are, which are now a common fare in everyone's email inbox, but they can rob and con you and are dangerous, malware embedded, links you to dangerous sites if you heed them. Sometimes before branding them as spam in my Yahoo Mail inbox, I took the time to read them, and found out that they are becoming more creative each day. If you have read my previous post, "One of My Fave Spams ..." you will find that some are amusing to the point of beguiling the ignorance in us. Presently these spams cluttered my inbox in various prose and forms. As usual, no point in being irritated, so, I took the time to read, 'appreciate', and research them in various anti spam sites.
Here's what I found out:

THE "NIGERIAN" E-MAIL SCAMS
The Bait: Con artists claim to be officials, businesspeople, or the surviving spouses of former government honchos in Nigeria or another country whose money is somehow tied up for a limited time. They offer to transfer lots of money into your bank account if you will pay a fee or "taxes" to help them access their money. If you respond to the initial offer, you may receive documents that look "official." Then they ask you to send money to cover transaction and transfer costs and attorney's fees, as well as blank letterhead, your bank account numbers, or other information. They may even encourage you to travel to the country in question, or a neighboring country, to complete the transaction. Some fraudsters have even produced trunks of dyed or stamped money to try to verify their claims.
The Catch: The emails are from crooks trying to steal your money or your identity. Inevitably, in this scenario, emergencies come up, requiring more of your money and delaying the "transfer" of funds to your account. In the end, there aren't any profits for you, and the scam artist vanishes with your money. The harm sometimes can be felt even beyond your pocketbook: according to State Department reports, people who have responded to "pay in advance " solicitations have been beaten, subjected to threats and extortion, and in some cases, murdered.
Your Safety Net: If you receive an email from someone claiming to need your help getting money out of a foreign country, don't respond. If you've lost money to one of these schemes, call your local Secret Service field office. Local field offices are listed in the Blue Pages of your telephone directory.

FOREIGN LOTTERIES
The Bait: Emails boasting enticing odds in foreign lotteries. You may even get a message claiming you've already won! You just have to pay to get your prize or collect your winnings.
The Catch: Most promotions for foreign lotteries are phony. The scammers will ask you to pay "taxes," "customs duties," or fees – and then keep any money you send." Scammers sometime ask you to send funds via wire transfer. Don't send cash or use a money-wiring service because you'll have no recourse if something goes wrong. In addition, lottery hustlers use victims' bank account numbers to make unauthorized withdrawals or their credit card numbers to run up additional charges. And one last important note: participating in a foreign lottery violates U.S. law.
Your Safety Net: Skip these offers. Don't send money now on the promise of a pay-off later.
For more spams update, visit:
Hoax Busters.org
OnGuard OnLine
Snopes.com

'GOOGLE HACKING' POSSIBLE . . . WARNS SECURITY ANALYST

2008-11-03T17:52:00.002+08:00

Search engines such as Google are increasingly being used by hackers against Web applications that hold sensitive data, according to a security expert.
Even with rising awareness about data security, it takes all of a few seconds to pluck Social Security numbers from Web sites using targeted search terms, said Amichai Shulman, founder and chief technology officer for database and application security company Imperva.
The fact that Social Security numbers are even on the Web is a human error; the information should never be published in the first place. But hackers are using Google in more sophisticated ways to automate attacks against Web sites, Shulman said.
Shulman said Imperva recently discovered a way to execute a SQL injection attack that comes from an IP (Internet Protocol) address that belongs to Google.
In a SQL injection attack, a malicious instruction is entered on a Web-based form and answered by a Web application. It often can yield sensitive information from a backend database or be used to plant malicious code on the Web page.
Shulman declined to give details on how the attack works during his presentation at the RSA Conference on Monday, but said it involves Google's advertising system. Google has been notified, he said.
Manipulating Google is particularly useful since it offers anonymity for a hacker plus an automated attack engine, Shulman said.
Tools such as Goolag and Gooscan can execute broad searches across the Web for specific vulnerabilities and return lists of Web sites that have those problems.
"This is no more a script kiddy game -- this is a business," Shulman said. "This is a very powerful hacking capability."
Another attack method is so-called Google worms, which use the search engine to find specific vulnerabilities. With the inclusion of additional code, the vulnerability can be exploited, Shulman said.
"In 2004, this was science fiction," Shulman said. "In 2008, this is a painful reality."
Google and other search engines are taking steps to stop the abuse. For example, Google has stopped certain kinds of searches that could yield a trove of Social Security numbers in a single swoop. It also puts limits on the number of search requests sent per minute, which can slow down mass searches for vulnerable Web sites.
In reality, it just forces hackers to be a bit more patient. Putting limits on search also hurts security professionals who want to do automated daily searches of their Web sites for problems, Shulman said.
Shulman said he's seen another kind of attack called "site masking," which causes a legitimate Web site to simply disappear from search results.
Google's search engine penalizes sites that have duplicate content and will drop one from its index. Hackers can take advantage of this by creating a Web site that has a link to a competitor's Web page but is filtered through a proxy server.
Google indexes the content under the proxy's domain. If this is done enough times with more proxy servers, Google will consider the targeted Web page a duplicate and drop it from its index.
"This is quite a business hassle," Shulman said.
One way Web site administrators can defend against this is barring their Web site from being indexed by anything other than the legitimate IP address of a search engine, Shulman said.

WHAT PROGRAMS I RUN AT STARTUP . .

2008-11-01T12:12:00.005+08:00

Let's just put it this way.. You boot your computer and you let these programs load at startup... your entire Microsoft Office, your Quicktime is always there so why not your Winamp too, and your day is not complete without your tinkering with Photoshop and with Adobe Reader as well. While you're at it, I think you're going to need some guardians, so let's include your all security tools.. your anti virus/spywares in real time. Now we know what happens next when we boot and load all these programs at startup, and it's the right after, I'm stressing here. Most likely these programs will be in the system tray, unused, still in memory usage and running in background. Personally, I have nothing against those programs, in fact I like them, I just don't want their files running around causing extra overhead everytime even when they are not in use.

With the exception of various Microsoft autoloading programs that can't be disabled, here is a brief round up of what programs I allow to autoload at startup and this changes from time to time:

- Security first for my computer, with the Windows Security Center running in background, I let go running my security tools like my antivirus and firewall, and enable my anti spyware to realtime only when I go online.

- useful utilities like MYUsbOnly, which locks my usb ports against uninvited usb devices, 3D Audio Configuration, and Web Accelerator- my accelerator sometimes tends to run long diagnostics when I go online without me enabling it first, so I put it on standby and ready.

- I let go a bit with my desktop decoratives or rather just improving my Windows' interface with WinCustomize-LogOn and Vista Start Menu.
Some Some programs' autoloading can be disabled automaticaly right during the installation stage with their check or uncheck options to appear in the system tray. On already installed programs you can disable them by going to their Menus, Options or Preferences settings, or through their icon's settings in the system tray, there is likely a " to appear in the system tray or startup" option which you can uncheck. There are also some autoloading programs whose icons never appear in the system tray but autoloads everytime are running in the background. With Glary Utilities' Startup Manager these programs are now visible and you can just simply uncheck them to disable their autoloading or even delete their entry. You can also Add Program to startup if you want to. In some cases, there are programs that need to be keep running all the time, from boot to shutdown, for them to function fully, so always be careful and gather the details first about a particular program before disabling it.

NEW WORM FEEDS ON LATEST MICROSOFT BUG

2008-10-30T14:47:00.001+08:00

One day after Microsoft issued a rare emergency Windows security patch, the bad guys have a few new ways to take advantage of the bug.
By Friday, security researchers had identified a new worm, called Gimmiv, which exploited the vulnerability, and a hacker had posted an early sample of code that could be used to exploit the flaw on the Web.
Microsoft issued the patch more than two weeks ahead of its next security updates because the bug could be used to create an Internet worm attack and Microsoft had already seen a small number of attacks that exploited the flaw.
This vulnerability lies in the Windows Server service used to connect with other devices on networks. Although the firewall software that ships with Windows will block the worm from spreading, security experts are worried that the flaw could be used to spread infections between machines on a local area network, which are not typically protected by firewalls.
And that's exactly what the Gimmiv worm is designed to do, according to Ben Greenbaum, a senior research manager with Symantec. "It is downloaded onto a target machine via social engineering and then proceeds to scan and exploit machines on the same network, using this newly disclosed vulnerability in the Server service," he said.
The worm then loads software that steals passwords, security experts say.
Both Symantec and McAfee said Friday that they had seen only a very small number of attacks based on this exploit, but Symantec says that, starting Thursday evening, they found a 25 percent jump in network scans looking for potentially vulnerable machines. That could be a sign that more attacks are coming.
That scenario becomes more likely, too, as more tools that exploit the flaw are released to the public. On Friday, sample exploit code was posted to the Milw0rm.com hacker site, and over the next few days hackers are expected to move that code into attack tools that are easy to use.
Greenbaum predicted that the attack code will soon be used to build botnet networks of infected computers. "What we are going to see is this attack being added to the arsenal of botcode," he said.
"Once it evolves to the point where people really don't have to know much about the exploit ... those are the situations where people write the worms that do a lot of [damage]," said McAfee researcher Craig Schmugar.
Does he expect a damaging worm to emerge from this latest bug? "If history is a lesson, then yes," he said.
Robert McMillan, IDG News Service

REMOVING A MALICIOUS EXE. {My Search and Destroy against kavo exe.}

2008-10-26T10:04:00.005+08:00

File extensions are the last characters after the period in the name of a file and identifies the type of data found in the file like .gif, .jpg, .bmp associates with image files. Legitimate .exe extensions are executable files that contains code for a program that helps run your computer and the infected ones and allow parasites associated with the file to operate invisibly in background unless the malicious file is removed.
Thats what usually happens, I leave my computer unattended, now comes someone, who wants to copy/save a file, then without thinking inserts a virus infected usb device into my computer without AV scanning..and voila.. a malicious .exe found a new habitat in my computer. I know at that time I'm dealing with a "nobody tells situation" so I have to deal with that malicious .exe directly firsthand.
Now various anti virus and anti rootkit scans reveals vague malicious autorun.ini or autorun.inf files which refreshes everytime after deletion. I then checked my task manager and various auturuns monitors, but the system appears normal, and this .exe hid itself pretty well or already masking as a legitimate file. Unexpectedly, the autorun monitor of my Revo Uninstaller reveals a kavo .exe in my Windows folder. Online research reveals that kavo .exe is used by PWSteal.Lineage, a trojan lineage game password stealer. Opting for manual removal, first I end/block it's process with my Revo's autorun monitor then I reboot my computer into safemode but with System Restore setting Off to prevent the malicious file from creating backups. Words of caution, be careful when deleting or blocking processes with autoruns monitor or you maybe targetting a legitimate file as well. Then I proceeded to the Windows folder and deleted the kavo .exe and to play it safe, the newly saved Word files and images from the infected usb device, sorry to the owner. I then reboot to normal mode, updated my AVG 7.5 Free Edition and run a scan again. Results detected the TrojanPSW, autoruns .ini and .inf, and and finally a kavo .exe who found its way in the System Volume. After wiping off all the malicious files and cleaning my registry files I reboot my computer to Normal Mode and then turn the System Restore back On. For an added security measure I installed MyUSBOnly thereby locking all device ports in my computer and setting the device whitelist to empty, just a precaution because I sometimes left my own devices lying around.
Kavo .exe is rated from moderate to low danger level trojan in various sites. Now with the new and more dangerous trojans/spywares, dealing with them will not be a simple story, and fighting with updated security suites and tools always helps. And last but not the least, as Sun Tzu stated, "Know Your Enemy", read all you can, be informed and updated of all new Virus Definitions Updates from various sites.

GOOD NEWS FOR NOKIA TWEAKERS-Nokia Goes After Google with Open Source Symbian

2008-10-23T17:52:00.003+08:00

Nokia has announced its Symbian mobile operating system will join the likes of Android and will become an open source operating system. The announcement was made Tuesday at the Smartphone Show in London and is seen as a bid to maintain and possibly grow its developer base. This move comes at the same time Google makes its Android source code available to developers. The Nokia news contradicts previous reports on Nokia adopting Android OS.

Fantastic Four
With four major mobile platforms competing with each other now -- from Apple, Blackberry, Google and Nokia -- the competition to gain our hearts and money in exchange for a mobile phone just got hotter. While Apple and Blackberry's platforms are proprietary, Google and Nokia's are left now to battle on the open source realm.
T-Mobile G1, using Google's Android OS, goes on sale today. The next two contenders in the touchscreen smartphone challenge will be the Blackberry Storm (available later this year) and Nokia 5800 Music Express (available early next year).

Style Counts
The actual hardware design of the smartphone may play a big part in driving sales. But the software inside is what actually makes all the difference on the long run. Can you imagine Apple's iPhone running a cumbersome OS with little innovation such as gesture support? That's why Google never built its own gPhone hardware and is focused on nurturing the Android OS. The Android OS will be used by various manufacturers such as Kyocera who will now be able to focus more on the hardware.
Up until now Nokia built its own hardware and develops its own software for its phones just as Apple and Blackberry do. That will change once the Symbian OS becomes an open source project welcoming many more developers to help build the OS. And certainly Nokia will not be the only one benefiting from open source community. Nokia shares its platform with Samsung and Sony Ericsson -- both members of the Symbian Foundation.
Between Nokia's existing support for its Symbian OS and Google's growing support for Android are shaping up to be quite the mobile OS smackdown.
Only time will tell whether Nokia or Google will be the dominant open source smartphone OS. But placing a bet is quite hard to make taking in consideration Nokia's experience with mobile phones and Google's long term commitment to innovation.

MALWARE ALERT: 'Experimental' Security Fix Is Malware, Microsoft Says

2008-10-21T12:58:00.001+08:00

Scammers are sending out phoney e-mails that claim to include critical Windows security alerts, Microsoft warned Monday.
The fake alerts describe themselves as part of a new "experimental private version of an update for all Microsoft Windows OS users," Microsoft said in a note on the scam, posted Monday.
The e-mails then instruct the victim to download an attachment, which is actually a malicious Trojan Horse program known as Win32/Haxdoor. This software records sensitive information such as passwords and credit card numbers and sends this data back to the attackers who are running the scam.
The malware well-known, however, and is detected by antivirus programs as well as Microsoft's free Microsoft Malicious Software Removal Tool (MSRT).
The warning comes the day before Microsoft is set to deliver 11 genuine security fixes. These updates, due Tuesday at around 10 a.m. Pacific include critical security updates for Windows Active Directory, Internet Explorer, Excel and the Microsoft Host Integration Server.
But they will be delivered via Microsoft's standard automated update tools. Major software vendors such as Microsoft simply do not distribute security patches via email.
"As a matter of company policy, Microsoft will never send you an executable attachment," wrote Microsoft spokesman Christopher Budd in a blog posting on the scam. "If you get an e-mail that claims to be a security notification with an attachment, delete it. It is always a spoof."
Microsoft does, however, send out security notification emails to customers who have asked to be told whenever patches are released or updated. These emails are in plain text and never contain any sort of attachment, Budd said.
Users who have doubts about any security notification email they've received can go to Microsoft's Tech Net security Web site, which contains the same information as its e-mail notifications.

Robert McMillan, IDG News Service

UPDATE: HERE's WHY IT's WINDOWS 7

2008-10-20T16:21:00.005+08:00

The mystery of Microsoft's Windows version count has been solved. A day after announcing (in the Windows Vista blog) that the next release of Windows will be called Windows 7, Mike Nash (Microsoft Corporate VP, Windows Product Management) added a post laying out Microsoft's Windows version numbers since Windows 3.x.

Basically, they go like this:

Version 4: Windows 95

Version 4 point releases: Windows 98, 98SE, and ME (4.0.1998, 4.10.2222 and 4.90.3000, respectively).

Version 5: Windows 2000

Version 5 point releases: Windows XP (5.1)

Version 6: Windows Vista

I was surprised to realize that Windows XP (in which Microsoft unified the code bases for Windows 9x and NT/2000) was only a point release. But at least we now know how they got to Windows 7.

Yardena Arar
Oct 15, 2008 8:20 am

OPERA 9.6-Final FOR PC NOW AVAILABLE

2008-10-13T13:05:00.006+08:00

I have been using Opera browsers, both the PC and the mobile-symbian 8.65 and mini opera versions for a long time now. Now this is the browser I turn to when there's topic or any item that needs speed searching and when blog posting. Although I have not yet given the 9.6 a complete run, their usual speed dial, anti-phising security, customize panels are retained in this version. The cool new feature, Previewed Feeds, really works with my Feed Burner.

Here is what's new in Opera 9.6

Expanded Opera Link
Opera lets you take your favorite search engines and the browser history you enter wherever you go. Opera Link also synchronizes notes taken in your Opera browser, your bookmarks, Speed Dial and personal bar.

Optimized Opera Mail
Stuck with a slow connection? Our built-in e-mail client, Opera Mail, now includes “low-bandwidth mode” to retrieve mails even faster when bandwidth is limited.

Prioritized e-mail
Opera Mail has two new ways to manage e-mail conversations. Keep an eye on important threads and contacts by following them, or ignore less important threads and contacts with a single click.

Increased speed:
Opera 9.6 improves the quick responsiveness and page loading of Opera 9.5.

Previewed feeds
Look before you feed. Now you can see an RSS feed’s content before subscribing to it or even bookmarking it. Opera gives you a clean, multi-column preview for each RSS feed so you know what to expect before you subscribe.

Improved fluency
Opera is pleased to add support for Indonesian, Ukrainian, Estonian, Hindi, Telugu, and Tamil languages.

To find out more about Opera 9.6 just visit Opera.com

WARCRAFT MOBILE THEMES 3 Themes Pack.zip

2008-10-09T14:06:00.003+08:00

For DOTA and WoW fans, sample my themes creations I've created ages ago at OwnSkin, being a DOTA fan myself. Along with the 3 mentioned themes, and to complete the pack, I added a Monster Kill.mp3 ringtone at 193kbs. I have uploaded these themes at Zedge, and was edited/deleted right away for copyright reasons. But being persistent, I uploaded it again with little file renaming, and up to now these themes are still earning high star ratings.

Applicable Devices:

Lenovo
P930

Nokia
3230, 6260, 6600, 6620, 6630, 6670, 6680, 6681, 6682, 7610, N70, N72

Panasonic
X700

Samsung
SGH-D720, SGH-D730, SGH-Z600

Download WARCRAFT THEMES and ringtone .zip

HOW ABOUT A LITTLE DISK MANAGEMENT HELP

2008-10-07T13:31:00.004+08:00

After discussing autoruns monitors in my past post, now I am going to introduce a colorful tool. This free tool, WinDirStat, scans and checks all your drive's files and displays a result in form of a colorful treemap.

Now this colorful treemap shows each file in your drives, MP3s, DATs, JPGs, even game's BIKs, in a colored rectangle form and it's size is in proportion to the file's size. With this tool, you now have the data which file occupies a large space in your drives and its location with options to relocate or delete. As the screenshot illustrates, I have a rather large mp3 file as indicated by the blue colored rectangle, followed by dat files, which are to be converted saved movies from discs for my ipod and cell phone. Then clicking on my main drive on the left panel, there's 325mb unknown file that needs to be check. You can click on a colored rectangle and in an instant leads you to the location of that file. You can also click a file in both right and left panel and it leads you to its location on colored treemap below. With WinDirStat I can now monitor my PC in a colorful different perspective and once installed it occupies a mere 1.41 mb space in my drive.

Download WinDirStat

NEW NOKIA TOUCHSCREEN 5800 XPRESS MUSIC

2008-10-04T19:05:00.009+08:00

Armed with a roomy touch display, stereo speakers, and—eventually—a year's worth of free music, Nokia's long-awaited touchscreen phone, and dubbed as the IPhone Killer, will make its debut in London today. Can it compete with the iPhone and T-Mobile's Google-powered G1?
First, let's cover the specs: Measuring 4.4 by 2 by 0.6 inches, the 3G- and Wi-Fi-enabled 5800 (set for global release by the end of the year, but not in North America until the "early part" of 2009) is more or less the same size as the iPhone 3G and the G1, although at 3.8 ounces, it's significantly lighter than both of its touchscreen competitors (the iPhone is about 4.8 ounces, while the G1 weighs in at a hefty 5.6 ounces}.
Regarding the 5800's 3.2-inch touchscreeen, without a chance to try it in person, but the Symbian-powered display looks (from the press images, at least) reasonably sleek—somewhere between the clunkier interface on the G1 and the iPhone's eye-popping UI. No multitouch (so no "pinch"-type gestures), mind you, but the 5800 has an accelerometer that lets you turn the phone sideways for a virtual, landscape-oriented QWERTY keypad. You'll also be able to enter text using a half-size, portrait QWERTY keypad (with a stylus, if you like), T9 text prediction, or handwriting recognition.

Nokia promises a couple of key one-touch interface features, including a "Contacts Bar" that gives you quick access to your "favorite" four contacts, along with a "Media Bar" that'll let you tap into your music, videos, and images. Not bad, although I'd also like to see a status/alerts toolbar like the G1's.
As its name implies, the 5800 XpressMusic is more about tunes than productivity, so don't expect out-of-the-box support for BlackBerry or Exchange servers (although this being a Symbian phone, there's nothing stopping third parties from filling the void). Instead, the 5800 comes with stereo speakers, support for stereo Bluetooth headsets, a 3.5mm headset jack (which doubles as a TV-out port), and up to 16GB of microSD memeory expansion for your tunes.
The phone also comes with a 3.2MP camera, complete with Carl Zeiss optics, a dual LED flash, and video recording (up to 30fps). GPS and Nokia Maps are included for navigation. Sorry, gamers—no N-Gage support on the 5800, at least for now.
Price:no US price details yet
Europe- 279 euros, or about US$385

NEW CELL PHONES FOR FALL -My Personal Picks In Lieu Symbian Nokia

2008-10-02T13:32:00.008+08:00

PC WORLD announced the new cool cellphones series for release this Fall. In this series are 12 new units ranging from LG, Touch Diamond, Blackberry, Samsung, Virgin Mobile, Sony Ericson, Motorola. While eye shopping along these lines I made 3 picks for their {with emphasis on, in lieu of Symbian Nokia, for the SymbianOS tweaks addict that I am} innovativeness, design, with a capital C for curious.

MotoZine ZN5 Packs a 5-Megapixel Camera

The first product from Motorola's partnership with Kodak, the Motorola MotoZine ZN5 features a 5-megapixel camera with autofocus, Xenon flash, 4GB of optional external memory, and settings for low-light environments. The camera also has a fun panoramic mode, which stitches together continuous shots into a single extended image. Pictures can be uploaded and shared in one click to the Kodak gallery or any other photosharing site. Other notable features of the Motozine include a 2.4-inch high-resolution screen, dual compatibility for GSM and Wi-Fi, and stereo Bluetooth.
Already available in China, the MotoZine ZN5 is expected to roll out worldwide later in 2008. Motorola has not yet announced pricing or a carrier for North America.

BlackBerry's Clamshell Pearl
Since the beginning of the BlackBerry, this iconic messaging device has been synonymous with the flat, easy-access candy bar style phone. But with the new BlackBerry Pearl 8220 Flip--Research in Motion's first flip phone--the paradigm changes. And it's about time: Flip phones hold a lot of appeal, and a recent J.D. Power study noted that nearly 70 percent of current cell phone customers use a flip phone. The Pearl 8220 Flip is more compact than other BlackBerry models, making it easy to slip into a pocket. The phone has an outside secondary display for previewing calls and messages, and for viewing the time. The keyboard looks similar to that on other Pearl models: It has 20 keys, and uses SureType Technology coupled with a spelling checker. The new phone has surprisingly strong multimedia chops, too: Turn the phone on its side to watch video in wide-screen mode; upload pictures to Facebook or Flickr; or use BlackBerry Media Sync to transfer music from your iTunes collection to your phone. The built-in GPS and integrated BlackBerry Maps (for location-based information and directions) will help you find your way, and integrated Wi-Fi supports phone calls and data streaming.
The BlackBerry Pearl 8220 Flip will be sold via T-Mobile in the third quarter of this year.

Affordable Samsung Rant

Ideal for text messaging, the Samsung Rant has a horizontal-slide full QWERTY keyboard. The handset also comes with a 2-megapixel camera/camcorder, stereo Bluetooth, expandable memory (up to 16GB), and quick access to Sprint Navigation, Sprint Music Store, and Sprint TV. The Rant is one of many new phones to adopt Sprint's new OneClick user interface, which allows users to customize their phone's home screen with their favorite features and content.
The Samsung Rant will be available in October for $50 with a two-year contract. It comes in red or black, though Best Buy will offer an exclusive purple option as well.
Cool New Cell Phones for Fall
Ginny Mies and Melissa J. Perenson, PC World

BUTTERFLY AWARD FROM NORTURE

2008-10-01T08:26:00.008+08:00

Hurraaah !!! My blogspot which evolved from just an upload for my Picasa Albums is two months old as of tomorrow. After a quick and very brief assessment, I've made 25 posts, member to 8 blog groups, millions and millions away in traffic rank, most important I've made Friends and Contacts and I want to thank you, Guyz.
Happy Blogging to Us All.

Timely as that, I received a Butterfly Award and I'm very happy and thankful. I want to thank Norture for bestowing me this award.

Now I'm forwarding this award to:
1.Shevonne
2.RIZE W0rkShOp
3.Cars and Bikes
4.Let's All Be Friends
5.Life is full of mystery
6.Healthy Solutions
7.Mobile Phones UK

Sponsor message:
1. Put the logo on your blog.
2. Add a link to the person who awarded you.
3. Nominate at least 7 other blogs.
4. Add links to those blogs on yours.
5. Leave a message for your nominees on their blogs
>>>PASS IT ON . . .

MONITOR YOUR PC's AUTORUNS

2008-09-29T16:10:00.003+08:00

There sometimes comes a funny feeling of paranoia when my PC is acting strange. After running anti spyware and anti virus scans with normal results, but still my computer is sluggish. Now comes the need to know feeling what processes and services are running in my computer, usually I run it with Glary Utilities' process manager. Glary works just like your Windows Task Manager but richer. It monitors your computer's running processes, CPU usage percentage, memory usage, program manufacturer, and also rates the program in terms of Trustworthy, Safer, Safe, or Unknown. When in doubt about a running program, you can always go online to obtain more information before finally ending or deleting its running process. Besides the process manager Glary Utilities also comes with a startup manager, file shredder, registry cleaner, junk, disk, and temp files cleaners and various helpful services.
There is also an autorun scan in Revo Uninstaller, whereby a trojan kavo.exe hiding in my computer was identified and named as such, thus making removal easier. Autoruns Systernals also provides a more richer detail of your running programs and services, but whatever autorun monitor you use, be always careful before ending or deleting a running program.

WINDOWS 7 "pre-beta" PREVIEW THIS OCTOBER 28...MICROSOFT

2008-09-29T16:03:00.004+08:00

The first pre-beta version of Windows 7 will be in the hands of developers next month, Microsoft has confirmed.
Speculation that Microsoft was preparing to hand out early versions of Windows 7 began in August, when the software giant revealed that developers would get their first peek at Windows 7 in October 28, with the Professional Developers Conference (PDC) looking the likely event for the operating system's first official demonstration.
Now, Microsoft blogger Dan Fernandez has confirmed the rumor, revealing that every PDC attendee will get a pre-beta build of Windows 7 on an external USB 2.0 drive.
The successor to Windows Vista will also be covered in 21 PDC sessions, with developers expected to be shown improvements to the Windows kernel, networking, and user-interface. The sessions will also cover energy efficiency; graphics systems; building communication applications; documents and printing convergence; new APIs to find, visualize and organize; new text and graphics APIs; the operating system's design principals; and APIs for building context-aware applications.
Microsoft plans to ship the final version of Windows 7 in January 2010.

GAMELOFT MOBILE CLASSIC 5-GAMES GAMEPACK.zip - Nokia S-60 v2

2008-09-26T17:23:00.001+08:00

Medieval Combat-Age of Glory
Tom Clancy's Rainbow6 Lockdown
Tom Clancy's SplinterCell Chaos Theory
Asphalt UrbanGT2
Tom Clancy's Rainbow6 Vegas

Revival time folks, I've been playing most of these games ages ago in their S-30 version with my Nokia 3530 and I became a Gameloft fan after that. And these picks are some of my faves, I know anyone whose gone through many cell phones upgrade, especially Nokias are familiar with these games. Let's just say for a mobile game with limited capacities the graphics are good enough and each game concept in terms of difficulties and levels is fair enough to while your time playing. For those who have not played these games yet {is there anyone?}, try it, and those who have played these games over and over, what the heck, let's play it again.
Download Gameloft Gamepack.zip1.11MB

CONVERT PDF FILES WITHOUT SOFTWARES

2008-09-24T14:22:00.001+08:00

You can convert PDF files to Word, Text, Excel even .jpg free without downloading or paying for converter softwares. Check out ZamZar for your free online conversion.

To convert, just follow their simple 4 steps procedure:
Upload your file
Choose the conversion format
Enter your e-mail address to receive the converted files
Click Convert

Then you will be advised that your file will be sent to via email address that you entered and will be stored for 24 hours after receipt. As for me, I checked my email after a couple of minutes and the ZamZar message is already there with the download link.
Unfortunately, PDF files cannot be directly converted to Excel. Following the usual ZamZar procedure, first, you have to convert your PDF file to Text format, then download the Text file from your ZamZar email, and save the file to your computer. Now open your Microsoft Excel, click File, then Open, when you see the Open File box, below at the Files of Type, change the All Microsoft Excel Files to All Files. Now all files will be visible including your converted Text file. Go to the folder where you saved your converted Text file, Select your Text file and click Open. What you'll see next is another box labeled as Text Import Box. Just check Delimited and click Next.

At the Step 2 box, under Delimiters check Space and click Next. Voila, now you will find your Text file divided into columns by vertical lines.

Click Next and at Step 3 click Finish, now save your file as Microsoft Excel. I admit the finished converted Excel file is not completely finish for my taste yet, so as I have to do some editing for it {a PDF revenue tax form for my bookkeeping purposes} to suit my usage. Also the common Excel formula function bar is not present.

BRAD PITT - REPLACING PARIS HILTON AS BIGGEST MALWARE LURE?

2008-09-23T00:23:00.001+08:00

Movie star Brad Pitt has shoved Paris Hilton off the top of a list neither will have coveted being on. A fan entering Pitt's name in a search engine now has a startling one in five chance of finding a malware-hosting site instead, says McAfee.
Pitt is top of the fake website malware league, just ahead of a collection of pop and film stars that reads (in descending order) Beyonce, Justin Timberlake, Heidi Montag, Mariah Carey, Jessica Alba, Lindsay Lohan, Cameron Diaz, George Clooney, and Angelina Jolie.
Hilton no longer even makes the fake web top ten, but can perhaps take some solace from her continued popularity with spammers.
If you're never heard of some of these people then it's a fair bet that you are not the intended target of a technique that has been for some years one of the commonest ways to infect a PC. But still it persists, driven by an apparently insatiable appetite among some Internet users for computer screensavers, wallpaper, ring tones and star pictures, at whatever risk to themselves.
"Cybercriminals employ numerous methods, yet one of the simplest but most effective way is to trick consumers into infecting themselves by capitalizing on Americans' interest in celebrity gossip," commented McAfee's Jeff Green. "Tapping into current events, pop culture or commonly browsed sites is an easy way to achieve this."
Reading the latest statistics, it's hard to avoid the conclusion that malware writers think that the celebrity-obsessed are as recklessly naive as they are star-struck. Most malware-infection techniques have shown some evolution over the last two years, but the fake website ploy just goes on and on.
In fact, a deeper problem is the way users interact with search engines, as was pointed out by McAfee itself only a year ago. McAfee's motives for publicizing the issue aren't entirely neutral - at least one search engine, Yahoo, recently took up using McAfee's SiteAdvisor tool to filter the websites it returns in search boxes.
And for those users who only visit legitimate websites they know about, there is also bad news. The biggest hack trend of the last year has been compromising perfectly legitimate websites to serve malware - witness this week's large attack on the website of BusinessWeek magazine. For Internet users there is no easy escape, only the awareness of the growing number of pitfalls.
Techworld.com
Sep 21, 2008 5:05 am

RESEARCHERS CRAFT MULTIMEDIA PASSWORDS

2008-09-20T16:15:00.000+08:00

Snatched from my WARSHOCK G-blogs

Researchers Craft Multimedia PasswordsJohn E. Dunn
Aug 14, 2008 10:23 pmCanadian researchers have come up with a novel solution to the perennial problem of stupidly insecure passwords — create secure ones using images, MP3 files or videos.
Mohammad Mannan and P.C. van Oorschot of Carleton University in Ottawa, Canada, have come up with ObPwd (object-based password), a way of creating complex, random passwords from SHA-1-based hashes generated using a range of image and sound file types as input.
Instead of using the easy-to-guess name of a pet cat as the password — easy meat for a dictionary cracker — the user could use a picture of the same animal to generate something sophisticated enough to withstand even the best password cracking tools. Getting round the technology would mean having to have access to the specific image or file from which the password was generated.
“Users keep a record (memorized or written) of a pointer to their content used in generating each password. Users can write down the password in a `secure’ place, or re-create it from the content when needed,” write the authors in a public paper on the concept.
The end user’s mental effort is transferred from having to remember a string of text to simply having to know which file was used to create the password, they point out. ObPwd is advanced enough for the researchers to have released the software in beta form as an add-on tool for Mozilla, and as a stand-alone Windows XP utility.
The concept has some limitations. They recommend using files above a certain size — 30 bytes - to create long enough passwords, but not so large that the generation process is slowed down. This rules out using large video files, unless the password is based on only part of the file. They also warn against creating passwords from public material, such as pictures on a Facebook page or common image files. The password from a given file will always be the same, making secure possession of file imperative.
The program could, however, be secured using what is called a ’salt’, a PIN number used to protect the program’s output from a given image, though this would obviously detract from the simplicity of the ObPwd idea.
Obpwd should not be confused with the much simpler idea of using images themselves as pictorial passwords or mnemonics, which has been around for some years. Numerous systems exist to do the latter, including the UK-based PicturePIN.

HOW HACKER IMPERSONATED PALIN, STOLE E-MAIL PASSWORD

2008-09-19T04:59:00.000+08:00

WASHINGTON - Details emerged Thursday behind the break-in of Republican vice presidential candidate Sarah Palin's e-mail account, including a first-hand account suggesting it was vulnerable because a hacker was able to impersonate her online to obtain her password.
The hacker guessed that Alaska's governor had met her husband in high school, and knew Palin's date of birth and home Zip code. Using those details, the hacker tricked Yahoo Inc.'s service into assigning a new password, "popcorn," for Palin's e-mail account, according to a chronology of the crime published on the Web site where the hacking was first revealed.
The FBI and Secret Service launched a formal investigation Wednesday. Yahoo declined to comment Thursday on details of the investigation, citing Palin's privacy and the sensitivity of such investigations.
The person who claimed responsibility for the break-in did not respond Thursday to an e-mail inquiry from The Associated Press.
"i am the lurker who did it, and i would like to tell the story," the person wrote in the account, which circulated on the Internet. What started as a prank was cut short because of panic over the possibility the FBI might investigate, the hacker wrote.
Investigators were waiting to speak with Gabriel Ramuglia of Athens, Ga., who operates an Internet anonymity service used by the hacker. Ramuglia told the AP on Thursday he was reviewing his own logs and promised to turn over any helpful information to authorities because the hacker violated rules against using the anonymity service for illegal activities.
"If you're doing something illegal and causing me issues by doing this, I'm willing to cooperate," Ramuglia said. "Obviously this is the most high profile situation I've dealt with."
The break-in of Palin's private account is especially significant because Palin sometimes uses non-government e-mail to conduct state business. Previously disclosed e-mails indicate her administration embraced Yahoo accounts as an alternative to government e-mail, which could possibly be released to the public under Alaska's Open Records Act.
At the time, critics of Palin's administration were poring over official e-mails they had obtained from the governor's office looking for evidence of improper political activity.
Details of this week's break-in, if authentic, were consistent with speculation by computer security experts who said Yahoo's "forgot-my-password" service almost certainly was exploited. The mechanism allows customers to retrieve or change their password if they can verify their identity by confirming personal information such as birthdate, zip code and the answer to a "secret question," such as a childhood pet's name or school mascot.
Palin's hacker was challenged to guess where Alaska's governor met her husband, Todd. Palin herself recounted in her speech at the Republican National Convention that the pair began dating two decades ago in high school in Wasilla, a town near Anchorage.
"I found out later though (sic) more research that they met at high school, so I did variations of that, high, high school, eventually hit on 'Wasilla high'," the person wrote.
The McCain campaign issued a statement describing the hacking as an invasion of Palin's privacy.
By TED BRIDIS, Associated Press Writer

INTEL's SIX-CORE XEON 7400 NOW HITS THE MARKET

2008-09-18T15:54:00.000+08:00

Intel's latest server chips, the Xeon 7400 series, formerly called Dunnington, are now available in six-core and quad-core models designed to be used in systems with four or more processors.
The new chip line offers a performance bump over its predecessor, the Xeon 7200 series, Intel said. Much of that increase comes from adding a 16M-byte level 3 cache. The 7400 series processors are the first Xeon chips to use a level 3 cache, which stores data closer to the processor cores, helping to boost overall performance.
"With the level 3 cache, that does contain additional performance for some of the high-compute-intensive and data-intensive enterprise applications," said Adesh Gupta, regional server platform manager at Intel Asia-Pacific.
The extra cores also help. Unlike desktops and laptops that rarely run applications capable of tapping the full processing power of quad-core chips, many server applications, like virtualization, run better on multi-core processors.
The first processors to come out of Intel's India Design Center in Bangalore, the Xeon 7400 chips run at clock speeds up to 2.66GHz and have either four or six cores. They are priced ranging from US$856 to $2,729, in 1,000-unit quantities. Servers based on the chips will be available starting Tuesday from vendors like Hewlett-Packard, IBM and Dell, among others.
The Xeon 7400 contains all six cores on one piece of silicon, while Intel's existing line of quad-core Xeon chips pack two pieces of silicon inside a single package. This was possible because the 45-nanometer process used to make the new chip reduces the size of the features on a chip, increases performance and reduces power consumption.
"We knew that this process would help us pack in more transistors," Gupta said.
The Xeon 7400 series is the last member of Intel's Penryn chip family to be released. Later this year, the company will shift to a new processor architecture called Nehalem.
Like earlier chips, the Xeon 7400 relies on a memory controller located in an external chip, which can cause memory bottlenecks in certain applications. The level 3 cache helps to alleviate this problem, but cannot eliminate it entirely. Nehalem will move the memory controller onto the processor itself, which is likely to speed up memory access considerably.
IDG News Service
Sep 16, 2008 2:50 am

UNLOCK YOUR MMC for Nokia Users

2008-09-16T15:35:00.001+08:00

There are plenty of ways of unlocking password guarded MMCs like downloading MMC unlockers or formatting through PC. Why I prefer this unlocking technique, because it is simple without using a PC, no unlockers, and much safer for your data. This can be done by using the famous Fexplorer, a more extensive file manager than the Nokia build in file manager. With Fexplorer you can easily manipulate your files, copy, cut, paste your files to your choice location, you can even rename various file extensions so you can send copyrighted files. That is why whenever I have a new Nokia unit Fexplorer is one of the first applications I install first.

Here's how we find the password for your MMC:

1. Download and Install Fexplorer

2.Open your Fexplorer and you can see C, D, E, Z filing. Move your directional pad up down to highlight C.

3.Press right on your pad, then press Options, then "File", press right, select "Find".

4.You will see a "File To Find" window, type in "mmcstore", then press OK.

5.You will notice that your phone may seem to load for a few seconds, then you will see a "MMC Store" file, press Options, highlight File, press right, select "Editor{Viewer}"

6.Now you can see the password in plain text.

Now you can open your MMC or Remove Password whenever or whatever you like.

HOW TO SPEED DOWNLOAD YOUTUBE,GOOGLE VIDZ WITHOUT DOWNLOADERS

2008-09-15T00:18:00.002+08:00

Want to download videos files from free video hosting sites like YouTube, Google, Break.com, iFilm, and etc. Of course you can using assorted free downloaders for this and that.Now most of these free downloaders are slow when downloading videos files from those video hosting sites.There's a faster way and just for a variation, why don't you try this.
Let's try YouTube videos.. First go to the YouTube video page of your choice and copy the watch url, not the embed code, of your choice video. Go then to KeepVid and paste the copied watch url in the download address bar and then click download.

Then at the DOWNLOAD Page you will be prompted with the following options with instructions:
.flv for low quality video
mp4 for high quality video
Just follow the right click and save instructions and simple as that you are already downloading.

NEED FOR SPEED UNDERCOVER trailer

2008-09-13T10:45:00.001+08:00

I have been a NFS series fan and a follower of the old game series, especially NFS UNDERGROUND 2 which is my favorite. How can you not get hooked by the level upgrades in the career mode, the unlocks, DVD and magazine covers, the cool soundtracks at that time, and especially the outruns. Let's see what makeovers they applied from the old NFS series. I hope you enjoy the trailer. Was that a Porsche being chased by the cops?

Repost from my WARSHOCK G-blogs
.

CELL PHONE ETIQUETTE 101

2008-09-12T12:57:00.002+08:00

Have you ever experienced a cell phone user whom you wanted to pack up and ship to Miss Manners? Or have you ever witnessed a person on a cell phone do something so completely rude that you stop in your tracks? I have, and it continues to intrigue me just how polarizing cell phones can be. Sure, almost everyone has one, but they can drive even their most loyal users crazy.

Though I write about cell phones every day, even I think it makes perfect sense that cell phones are continually cited in studies that say good manners have gone out of the window. You don't need a sociology degree to see just how handsets have changed how we relate to each other; and I'm not talking about their positive effects (though indeed there are some). Rather, I'm talking about how you can put a cell phone in an otherwise courteous person's hand and then watch how that person loses all awareness of the people around him.

Let me emphasize that I'm no luddite. I think cell phones are great and serve a very useful purpose. But just as people hide behind email to avoid face-to-face communication, it's amazing how some cell phone users think a handset makes them so much more important than everyone else. Here's some extreme behavior I've seen and be sure to share your own experiences and advice, as well.

-Be nice to the person behind the counter
Last week I was waiting in line to order lunch behind a man blabbing away on his phone. When he got to the counter, he handed the cafe employee a piece of paper with his order and said, "I'm on an important call." So is it just me or is that completely rude? Doesn't the person behind the lunch counter deserve just an ounce of respect? I think so. Next time Mr. Important, hang up or at least put your caller on hold.

-Take it outside
I'm also in favor of taking your phone outside, or at least away from the table, when you get a call in a restaurant. No one around you, much less your tablemates, care to hear what you have to say. That is, unless you're guiding someone to your table in a cavernous eatery. And if it's really important, you could always text. But even that has a limit, as well.

-Use your inside voice
I'm always fascinated how people's voices (me included) automatically go up a few decibels when they get on a cell phone. I can understand when you're using your phone in a crowd, near a construction site, or next to your local airport runway, but it happens even in quiet rooms. I just don't get it.

-You're welcome
Have you ever held the door for someone who's been on the phone without them acknowledging your presence? It happened to me last week. Remember folks: Even though you're on the phone you still exist in this world to other people.

-Drive to distraction
I know I'll open a whole can of worms here but please, when you're driving with a phone use a headset. And whatever you do, don't text while driving. Yikes.

-Yes, they're talking to you
I don't pay $10 to hear your cell phone ring during a movie so turn it off. But if you absolutely have to keep your phone on, please turn it on vibrate. And please don't start talking until after you've left the theater. It's just being polite. The same goes for weddings, funerals, and other milestone events. Every time I went to my college's graduation, they'd ask people to turn off their phones before the ceremony. And every time, someone's phone would ring and they'd slink out of the building. Remember that when they ask you to turn off your phone, they're talking to you.

-Work out your body, not your mouth
I don't care how important you think you are, the gym is no place for a cell phone. Don't talk when you're doing cardio and don't take up space on equipment so you can sit and catch up the latest dish. If you're bored while you spin, read a magazine.

-Not in the bathroom
Don't use your phone in a public restroom. That's just gross.

-Remember the people around you
If you're out with a group of friends, it's fine to answer the phone for a few minutes. Just don't make that conversation more important than the one you're already having. Granted, I know I'm throwing stone from a glass house, but be courteous and keep it to a limit.

-Bluetooth geeks
I've made no secret of the fact that I think wearing a Bluetooth headset when you're not talking on the phone just make you look like a geek. That's why I'm saying it again here.
By doug_clist

If you have anything to add folks, jaz post it here via comments. I am a Nokia Symbian addict myself and I admit, sometimes I go way beyond the line with my cell phone. Anyone is welcome..thanks.

TYPES OF WOMEN

2008-09-09T08:46:00.000+08:00

HARD-DISK Woman:
She remembers everything, FOREVER.

RAM Woman:
She forgets about you, the moment you turn her off.

WINDOWS Woman:
Everyone knows that she can't do a thing right, but no one can live without her.

EXCEL Woman:
They say she can do a lot of things but you mostly use her for your four basic needs.

SCREENSAVER Woman:
She is good for nothing but at least she is fun!

INTERNET Woman:
Difficult to access.

SERVER Woman:
Always busy when you need her.

MULTIMEDIA Woman:
She makes horrible things look beautiful.

CD-ROM Woman:
She is always faster and faster.

E-MAIL Woman:
Every ten things she says, eight are nonsense.

VIRUS Woman:
Also known as "WIFE"; when you are not expecting her, she comes, installs herself and uses all your resources. If you try to uninstall her you will lose something, if you don't try to uninstall her you will lose everything.
Snatched from Funtoosh.

To good wives .. jaz joking..you are NOT in any way a trojan, worm, or a BankAccount PWS..ha ha

ASIA - PACIFIC LEADS IN BROADBAND

2008-09-08T18:17:00.000+08:00

Zafar Anjum, MIS Asia
Sep 7, 2008 3:05 am

While the Asia Pacific region is making accelerated progress in the telephony sector, the area in which the region really stands out is the uptake of advanced Internet technologies, especially broadband Internet access.
This is according to a report by the International Telecommunication Union (ITU). The ITU launched its key Telecommunication/ICT Indicators Report for the Asia-Pacific region, at the ITU Telecom Asia 2008 in Bangkok, Thailand, on Sept. 1.
The report noted that the Asia-Pacific region is the world's largest broadband market with a 39 per cent share of the globe's total at the end of 2007. In terms of broadband access, the region has seen subscriber numbers growing almost five-fold in five years: from 27 million at the beginning of 2003 to 133 million at the start of 2008.

EVER FASTER ACCESS
In the region's high-income economies, ubiquitous access is progressing through a competitive race to provide ever faster fixed broadband access, the report said.
Providing concrete examples, the report highlighted that operators in Hong Kong (China) and Japan have launched 1G-bps (gigabits per second) broadband and triple-play services aimed at the residential market, featuring applications such as Internet telephony and television. The Republic of Korea leads the world in terms of the percentage of households with fixed broadband access, and no less than five economies in the top ten are from Asia-Pacific. The Republic of Korea, Hong Kong and Japan also lead the world in terms of the proportion of households with fiber optic connections, essential for supporting the next generation of ultra-high speed Internet applications.

LEADERS IN 3G MOBILE
The ITU report further noted that these high-income economies are also leaders in terms of third generation (3G) mobile cellular deployment. "Fixed and mobile broadband technologies complement each other and users enjoy continuous high-speed Internet access," it said.
Citing the case of the Lion City, the report said that in Singapore, a ubiquitous Internet access plan combining unlimited 8M-bps (megabits per second) fixed broadband, 2 M-bps mobile broadband and access at some 800 WiFi hotspots is available for just US$35 per month.

REGIONAL BROADBAND DIVIDE
However, not everyone lives the ultimate high-speed Internet access experience, the report said.
"The regional broadband divide is striking, with poor economies having a close-to-zero broadband penetration, compared to that of rich economies where one in four persons is a broadband subscriber," the report noted.
According to the report, the gap in available broadband speeds between rich and poor countries is as wide as broadband penetration. In Japan, the Republic of Korea and Hong Kong, the minimum advertised broadband speed is faster than the maximum broadband speed in Cambodia, Tonga, Laos and Bangladesh.

MOBILE BROADBAND LAGGING
Another significant point raised by report is how mobile phones are not yet fulfilling the potential of broadband access. "By the end of 2007, only Indonesia, the Maldives, the Philippines and Sri Lanka had commercially deployed WCDMA networks," the report said. "The region's two largest mobile markets, China and India, have yet to launch mobile broadband. By the end of 2007, there were over 120 million mobile broadband subscribers in the region, but almost all (97 percent) were in high income economies."
The report also argues that broadband uptake enables a range of socially desirable and valuable online services in areas such as government, education and health. It also identifies a number of obstacles that policy-makers must address to overcome the broadband gap.

NEED FOR SPEED goes UNDERCOVER November 18

2008-09-07T06:09:00.002+08:00

Maggie Q to star in live-action sequences in EA’s next installment of underground street racer for 360, PS3, PS2, PSP, Wii, DS, and PC.

Snatched from WARSHOCK G-Blogs
.
Black Box & Electronic Arts officially confirm Need for Speed Undercover, a new installment in the popular racing series. This game features the international movie star, Maggie Q (Mission Impossible III and Live Free or Die Hard), as the lead character in the live-action sequences. The good news about this one is EA’s decision to "take the franchise back to its roots and re-introduces break-neck cop chases, the world’s hottest cars and spectacular highway battles."

“Need for Speed Undercover features a deep and engaging story of spectacular Hollywood-style live-action that will transport players into the fictional world of the Tri-City Bay Area,” said Bill Harrison, Need for Speed Undercover Executive Producer. “Working with talent the caliber of Maggie Q allows us to deliver an unparalleled level of storytelling that will keep players engaged in between 180-mile an hour races.”

Need for Speed Undercover hits stores in North America on November 18 and in Europe on November 21. It's currently in the making for the Xbox 360, PS3, Wii, PS2, Nintendo DS, PSP, PC and mobile.