CTH

Select a Forum: -------------------- Operating Systems: -------------------- Windows 95 Windows 98 Windows ME Windows XP Windows NT, 2000, 2003 Windows Vista Windows 7 Linux Macintosh -------------------- Hardware: -------------------- Hardware Networking -------------------- Software: -------------------- Applications Gaming Internet / Browsers Malware Removal Webdesign & Graphics -------------------- General: -------------------- Comments & Suggestions The Anything Else Forum Open Discussion --------------------

 to top

News Archive |

Posted by: Tweaker
Date added: 16:41 Friday, 6th November 2009
Source: Wired News

The Business Software Alliance is taking the offensive, sending out millions of takedown notices the first six months of the year in a bid to combat piracy.

Reason: if the BSA is to believed, about 41 percent of all software on personal computers is pirated – socking the industry with some $53 billion in losses. That’s the size of the proposed 2010 budget for the state of Illinois.

The alliance, comprised of a host of software makers, ranging from Adobe to Quark, said in a new report Thursday that it has issued 2.4 million takedown notices worldwide to peer-to-peer networks the first half of the year – a 200 percent increase from the same period last year. When it comes to online auction sites, the BSA issued 19,000 takedown requests between January and June – a 4 percent increase from the same period a year ago.

Fear mongering aside, the report, Software Piracy on the Internet: A Threat to Your Security, also says the software piracy is becoming a growing tool for cybercriminals who hawk counterfeit software infected with malware. Scare tactics or not, we don’t doubt that counterfeited software could be filled with botnet-installing malware.

“Globally, there is a significant evidence to link software piracy with the frequency of malware attacks,” the report said. “While this correlation has not been measured with precision, the evidence from industry sources suggests that markets with high software piracy rates also have a tendency to experience high rates of malware infection….”

---

Full linked article

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 00:00 Friday, 6th November 2009
Source: Security Focus

From SecurityFocus
4 November 2009

Description:
------------
A malicious web page can extract out all the data stored within the autocomplete history of a user's Firefox browser. The web page must convince a user to hold down the left or right-arrow keys then the contents of the autocomplete popup can be read. This may includes the search history box within the browser, or other personal details.

However, it was not possible for synthetic events to cause the text field to be filled with the current entry. Therefore some user interaction is required to enable the web page to steal the contents of the drop-down. If a web page can convince a user to hold down or repeatedly press the left or right-arrow keys, it can systematically grab each entry in the drop-down box.

Resolution
----------
Mozilla fixed this issue in the 3.5.4 and 3.0.0.15 releases of Firefox:

»www.mozilla.org/security/announc···-52.html

Technologies Affected
---------------------
Mozilla Firefox 3.5.3 and below
Mozilla Firefox 3.0.0.14 and below

CVE
---
This issue has been assigned CVE number CVE-2009-3370.

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 23:50 Thursday, 5th November 2009
Source: Neowin News

Microsoft is set to release six security bulletin patches this coming Tuesday. Three of the six have been labeled as Critical, Microsoft's highest security rating, and three more patches labeled as Important, the second highest security rating.

The patches are due to release on November 10 and will focus on patching Remote Code Executions and DoS (Denial of Service) flaws in the Windows operating system. Four of the patches will be released for Windows, while two will patch Remote Code Executions in Microsoft Office.

The patches will fix security holes in:

• Windows 2000 Service Pack 4
• Windows XP Service Pack 2 & 3 *
• Windows Vista Service Pack 1 & 2 *
• Windows Server 2003 Service Pack 2 *
• Windows Server 2008 Service Pack 2 *
• Microsoft Office XP
• Microsoft Office 2003
• Microsoft Office 2007
• Microsoft Office 2004 (Mac)
• Microsoft Office 2008 (Mac)

* Both 32bit and 64bit architecture

No updates for Windows 7 will be released. Currently, Windows 7 only has one officially released security patch, released on October 8, 2009.

Some of the updates may require a restart.

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 09:42 Thursday, 5th November 2009
Source: Computer World News

Mozilla plans to overhaul the look and feel of Firefox for Windows, a redesign that will resemble Google's Chrome in several key elements, according to screenshots and discussions on the open-source developer's Web site.

The visual refresh for Windows Vista and Windows 7 will likely take place in two stages. Part of the redesign will land in Firefox 3.7, a minor update now slated to ship in the first half of 2010, while the remaining pieces will wait for Firefox 4.0, a major revision tentatively set for release late next year.

Noting that Firefox's current Windows interface feels "dated and behind," Mozilla wants to spiff up Firefox 3.7 by embracing the "glass" style Microsoft debuted in Vista, moving to a more neutral color palette, hiding the menu bar, trimming the menu to just two items -- "Page" and "Tools" -- and combining "Stop" and "Reload" into one general-purpose button.

The decision to hide the menu bar, which Mozilla initially said would be replaced by a "ribbon"-style design similar to the often-derided look of Microsoft's Office 2007, raised a ruckus in September when users expressed their displeasure. Mozilla later clarified its planning documents, and denied it would "ribbonize" Firefox.

Firefox 4.0 will continue the interface changes. Current ideas for that 2010 release include giving users the option of moving the browser's tabs to the top of the application's display, a so-called "tab-on-top" look that other browsers, notably Chrome, have adopted.

Other possible interface changes in Firefox 4.0 would combine the browser's address and search bars -- another visual element within Chrome -- and remove the status bar at the bottom of the display.

The Firefox interface design plans have been spelled out in a long entry on Mozilla's wiki.

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 18:34 Wednesday, 4th November 2009
Source: Neowin News

Yesterday, a senior security advisor at Sophos, who is responsible for working with the security community and communicating information on security threats to IT professionals, posted an entry on his blog entitled "Windows 7 vulnerable to 8 out of 10 viruses". Given the bad publicity that surrounded the launch of Windows Vista, is this yet another failing on the part of Microsoft that will lead to poor adoption of the Windows 7 platform? Fortunately for Microsoft, if you take the time to read the entry, it turns out that the tests are not even close to stringent enough to make claims that many will interpret to mean Windows 7 is vulnerable to 80% of the infections in the wild.

The first known computer virus was created in the early 1970's, and since then literally millions more have been written, with more being created daily for various nefarious reasons. Sophos, in its test of Windows 7 security in late October, tested a clean install of the operating system against ten of these potential infections. Out of the ten, seven infected the machine successfully, with a further one being able to infect the machine once UAC was manually disabled. The viruses chosen for the test were picked from the top of the SophosLab feed, where researchers from around the globe work to identify known and emerging malware spreading across computer systems all over the world.

If the top ten items in the feed had been mac viruses, that are unable to run on Windows, would their headline have been "Windows 7 invulnerable to viruses"? Somehow I think not. This is yet another case of a high profile company publishing results without making it clear exactly what they represent, many people who do not take the time to read the article would assume this means Windows 7 has an 80% chance of becoming infected, when in reality, this is only true if the only ten viruses in the world were the ones with which Sophos conducted the tests. At the end of the day, the only way to truly know the risk of infection of running a Windows 7 machine is to conduct this test with a far larger (and statistically sound) number of viruses, randomly chosen from a pool of all the viruses currently in the wild, as any high school maths student who has studied statistics will tell you.

Windows 7 is not perfect by any means, if it were, anti-virus companies would go out of business, but it is a highly secure operating system. As long as UAC is enabled, and the system is kept patched, and safe computing is practised, the chance of getting infected is minimal. Running an anti-virus package will further decrease the likelihood, but as always, no system is 100% secure.

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 20:03 Tuesday, 3rd November 2009
Source: Neowin News

Apple's iPhone

is rather popular for a few reasons, and one of those is 'jailbreaking'; that is, freeing your device from Apple's limitations and installing any software

desired. However, it's not all good news, as a hacker has recently broken into some phones and demanded a ransom.

The hacker broke into a few unwary Dutch iPhone users

' phones, after they made the mistake of leaving their SSH password default, as initially discovered in this thread (in Dutch). According to Ars Technica, the hacker then sent SMS messages from the phones in question stating, "You iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked [link seems to have been taken down now] and secure your iPhone right now! Right now, I can access all your files." Of course, once you visit the aforementioned site, the hacker asks for a reward of €5 to be sent to a PayPal address in order for him to leave the victim alone. The hacker went on to state, "If you don't pay, it's fine by me, but remember, the way I got access to your iPhone can be used by thousands of others—they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intention of harming you or whatever, but, some hackers do! It's just my advice to secure your phone."

This shows how careful you have to be when messing around with things such as this; a simple slip of the memory can lead to something far more sinister. Though the hacker seems to be pretty unfocused on removing or destroying data, others might not be so forgiving.

Update: The hacker has now posted full instructions on how to remove his software (for free) as well as a guide to changing the root password.

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 20:01 Tuesday, 3rd November 2009
Source: Neowin News

Adobe has taken the gloves off on the fight to get flash onto the iPhone. iPhone users who travel to sites that require flash will get a direct message from Adobe saying that it is not their fault they cant view flash content.

The image (posted below) directly calls out Apple for "restrict[ing the] use of technologies" that are needed to view such content on the iPhone. There are a couple of possible reasons why Apple is restricting the use of flash.

The first, and the most consistent, argument is that flash will drain battery life. Apple likes to show off how long their batteries can last (see new uni-body MacBook and MacBook Pro) and would not want to jeopardize the iPhones battery.

A second hypothesis is that Apple may be working on its own mobile based flash competitor. Apple knows that it has cornered the multimedia phone market and may want to try and push its own mobile flash competitor on the back of the iPhone.

No one really knows what Adobe's motivation is, are they looking out for the general consumer or are they scared Apple may be developing its own competing mobile product? Regardless, Adobe is ready for a fight and doesn't mind putting the consumer in the middle.

  Tools: Post a comment | Current comments (1) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 20:00 Tuesday, 3rd November 2009
Source: Neowin News

As with Windows Vista, the newest version of Windows brings with it a newer version of Microsoft's DirectX. Windows 7

was released with Direct X 11 support, and it was initially thought that Direct X 11 support would remain a 7-only technology.

Reports indicate that a platform update is being pushed via Windows Update that will enable DirectX 11 support on Vista PC's. With an impressive lineup of Direct X 11 games announced which includes Crysis 2 and The Lord of the Rings Online, Vista users will be happy to know that they can go out and purchase a Radeon 5870 and use it to its full potential.

Windows XP users cannot use any DirectX version above 9.0c, as their OS does not support WDDM.

Microsoft has previously assured Vista users that they would not be left in the cold, this move is indicative of such a commitment.

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 19:57 Tuesday, 3rd November 2009
Source: Computer World News

Microsoft yesterday re-patched Internet Explorer, the third time it's been forced to repair one of the updates from its largest-ever bug fix, which was delivered on Oct. 13.

Monday's fix targeted MS09-054, the update that patched four vulnerabilities, all "critical," in Internet Explorer (IE). According to Christopher Budd, a spokesman for the Microsoft Security Response Center (MSRC), the follow-up hotfix patches Web page display problems introduced by the update. Budd downplayed the severity of the problems, saying that the number of users affected was "limited."

A document on Microsoft's support site outlined the two issues, one that scrambles Web page elements, while the other spawns a "Type Mismatch" script error on sites that use VBScript or a mix of VBScript and JavaScript.

The new problems can crop up in any still-supported edition of IE, including IE 5.01, IE6, IE7 and the newest version, IE8, on all Windows operating systems, including Windows 7.

The troubles are serious enough to prompt Microsoft to push the re-patch to all users. "We plan to release this update through the same broad release channels as the original security update, MS09-054," Budd said in an entry to the MSRC blog yesterday. "Customers will see [the re-patch] offered by default through Windows Update, Microsoft Update and Automatic Updates."

Computerworld confirmed that Windows XP, Vista and Windows 7 systems that had been fully patched last month were offered Monday's update through Windows Update.

Monday's re-patch was the third correction related to Oct. 13's massive security update, which set records for both the number of separate bulletins (13) and the number of vulnerabilities quashed (34).

On Oct. 14, Microsoft offered up a workaround for a problem with MS09-056, then corrected several errors in MS09-062 last Thursday.

The company also revised an August update, MS09-043, last week to correct a patch-detection error that may have left some corporate users who receive updates via Windows Server Update Services (WSUS) unpatched.

It's not unusual for Microsoft to re-release security updates. In June 2008, for example, the company admitted a patch intended to fix a problem in Windows XP's implementation of Bluetooth didn't work. Microsoft blamed human error for the snafu.

The update for MS09-054 can be downloaded from Microsoft's site, or retrieved using Windows Update or WSUS.

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 01:21 Tuesday, 3rd November 2009
Source: Neowin News

With Windows 7

out the door we already know Microsoft

immediately starts work on the servicing of Windows 7. Engineers are now hard at work at creating hot fixes for application compatibility and ironing out any bug reports they receive. The same process occurs for every version of Windows once it has been classed released to manufacturing (RTM).

Notorious for leaking Windows 7 builds during the beta phase, Wzor has provided some early information on the Windows 7 SP1 beta. According to Wzor a beta of Windows 7 SP1 will be released in January 2010 and the schedule is two beta releases and two release candidate releases. Wzor believes SP1 will be ready for OEMs during the Summer months (June/July/August) of 2010 with end users applying the update in the Autumn (September/October/November).

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 01:16 Tuesday, 3rd November 2009
Source: Neowin News

Apple's iTunes Store is the biggest online media distributor on the planet; it offers music, movies, games for the iPod and iPhone, and even TV shows. Although you can buy season passes for shows, soon you'll hopefully be able to subscribe to the service on a monthly basis.

According to All Things Digital, Apple is in the process of gathering support from the popular TV networks in order to have it launch some time early next year, for the sum of $30 a month, though it's unclear whether or not this would work globally or just in the U.S. As expected, the company is said to be against aiming this at any particular piece of hardware

(such as the Apple TV), but instead will have this service integrated into iTunes itself, saving themselves the worry of customers getting frustrated about being forced onto one device.

Though this might be great for those who use iTunes to watch TV shows often, it might not be so great for those who offer the programs themselves. Whilst the network executives are always happy to make more money one way or another, by offering shows through iTunes, it might mean that the relationship between cable networks and cable providers (such as Comcast

, for example) could be severed. Not only that, but it's said that advertising revenue could be at risk, which would be a huge blow dealt to the networks.

If this happens, it should become available some time near the beginning of next year, as mentioned. If such a deal were struck, would you subscribe to shows for a monthly fee through iTunes?

  Tools: Post a comment | Current comments (0) | Link to this news item | Send to a friend | Submit News