A US special investigator leading the inquiry into Karl Rove has himself been called out for suspicious behavior, after taking several systems to third-party techs for a thorough data wipe that he says was needed because of malware. Right.While a 7-stage hard drive wipe might lead one to believe that he has "taken to the cleaners" (we all know that a single pass writing a 0's or 1's would be sufficient) I would yell BullS..T to needig to wipe a drive to eliminate a virus. A simple format/reinstall should be adequate wouldn't you think?
read more | digg story
Wednesday, December 5, 2007
Wednesday, November 7, 2007
SANS Internet Storm Center - Quicktime 7.3 patches serious security bugs
It really looks like Apple is going to have to learn some lessons from Microsoft regarding security. The honeymoon is over as Apple becomes increasingly the target of malicious entities bent on cyber domination.
read more | digg story
read more | digg story
Friday, October 26, 2007
Malicious PDF files being spammed out in volume - F-Secure Weblog : News fr
Once software becomes bloatware, which Acrobat Reader has become, it is ripe for just this sort of abuse. Me, I'm going to get a nice simple PDF reader which does not include any "fancy" add-ons. How about you?
read more | digg story
read more | digg story
Symantec Security Response Weblog: We pwn your Desktop!
People will never learn... wake up! It is unfortunate but you must think like the "bad guy/gal" in order to protect yourself. Any unsolicited offer should be immediately suspect. How ironic that offers of "security" actually compromise your system. Why rob a bank or break into a building when you can rob people on the web and get away with it?
read more | digg story
read more | digg story
Wednesday, October 24, 2007
McAfee Avert Labs Blog - PDF mailto Exploit: Seen in wild today!
This is the primary problem with all of the additional functionality the most people never use that is built into today's applications like Adobe Reader and Microsoft Office. Please, PLEASE give me simple software that does only what I want. Maybe the industry should look to Mozilla. With Firefox I get a good browser that can be extended on demand
read more | digg story
read more | digg story
Wednesday, May 30, 2007
Windows firewall squeezes into USB key
A complete Linux-base hardware firewall computer is now available in a tiny, USB key sized device. The "Yoggie Pico" aims to protect both fixed and mobile Windows computers against a wide range of security threats; it guards both wired and wireless network connections.I don't know about you but I'm getting one as soon as they are available!
read more | digg story
read more | digg story
Friday, April 20, 2007
Eight in ten major Web sites highly vulnerable to attack
Link to original
April 19, 2007 (PC World) -- Eight out of ten Web sites contain common flaws that can allow attackers to steal customer data, create phishing exploits, or craft a variety of other attacks, a security company reported today.
WhiteHat Security regularly scans hundreds of "very popular, very high-traffic sites" for its online business customers, says Jeremiah Grossman, the company's founder. "More than likely, you have shopped there, or bank there," he says. Thirty percent of scanned sites contain an urgent vulnerability, such as one that allows direct access to a company database with customer information, he says.
Two out of three scanned sites have one or more cross-site scripting (XSS) flaws, which take advantage of problems with sites' programming and are increasingly used in phishing attacks. A recent eBay scam used a now-fixed XSS hole on the auction site to direct anyone who clicked on a phony car auction to a phishing site.
Monday, April 16, 2007
Glitch Gives Woman Access To Others' Turbo Tax Information
Many people use Turbo Tax to help them file their taxes, but one woman discovered an error in the program that could cost users thousands of dollars and their identities.The woman discovered a key to the backdoor of some tax returns filed online through Turbo Tax."It's ALWAYS a good idea to input your SSN and bank info into a web app!"
read more | digg story
read more | digg story
Thursday, April 12, 2007
DVD Security Group Says It Fixed Flaws
http://ibtimes.com/articles/20070409/dvd-security.htm When will the industry come to understand that this is a loosing battle. Rather than make the distribution of the media more expensive by trying in a futile manner to protect the un-protectable why not simply lower the price such that reasonable people will simply buy the product?
read more | digg story
read more | digg story
Friday, April 6, 2007
Researcher has new attack for embedded devices
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9015618&taxonomyId=17
It was only a matter of time. The attackers go after our networks, and we protect them with firewalls, IDS/IPS, and ect., they go after our applications and we firewall, proxy, and securly code them. Now our "little helper" devices have become our enemy. What will be next?
It was only a matter of time. The attackers go after our networks, and we protect them with firewalls, IDS/IPS, and ect., they go after our applications and we firewall, proxy, and securly code them. Now our "little helper" devices have become our enemy. What will be next?
Monday, April 2, 2007
PHP Hash Table Overwrite Arbitrary Code Execution Vulnerability
The session extension does not set the correct reference count value for the session variables, because it does not include the internal pointer from within the session globals. Due to this unsetting _SESSION and HTTP_SESSION_VARS will destroy the Hashtable containing the session data although the session extension still has an internal pointer toUpgrade you PHP people...
read more | digg story
read more | digg story
Exploiting Microsoft DNS Dynamic Updates for Fun and profit
By default, most Microsoft DNS servers integrated with active directory allowinsecure dynamic updates for dns records.This feature allows remote users to create, change and delete DNS records.There are several attack scenarios:You ARE using Microsoft for you DNS right? NOT!!!
read more | digg story
read more | digg story
Microsoft Windows Animated Cursor Handling Vulnerability
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. Successful exploitation allows execution of arbitrary code.
read more | digg story
read more | digg story
PHP Insecurity - Register_Globals = off
SummaryWhen register_globals is activated the deserialization of the session data can overwrite any global variable, including the _SESSION array. Because of its special implementation this can result in arbitrary code execution.Affected versionsAffected are PHP 4 < 4.4.5 and PHP 5 < 5.2.1
read more | digg story
read more | digg story
Friday, March 30, 2007
And we are still using Microsoft IE becuase?
Microsoft confirms Windows zero-day, drive-by exploits by ZDNet's Ryan Naraine -- [UPDATE: March 29, 2007 @ 1:15 PM Eastern] Microsoft has confirmed that this is indeed a zero-day flaw that will require a security update. Although Internet Explorer is the primary attack vector, this is a vulnerability in the way Windows handles animated cursor (.ani) files. From Redmond's security advisory: The threat is caused by insufficient [...]
When will we learn... just one more zero day attack that has to be managed. Honestly it would take less time to "patch" IE by switching to Mozilla Firefox. I noticed recently that while Mozilla is not "bug" free the time it takes to patch a reported vulnerability is hours, or days, at most. Probably an advantage to NOT having the browser integrated into the OS?
Thursday, March 29, 2007
Dell pre-installing Linux. Chalk one up for the penquin!
Dell, oddly enough, is listening to the many thousands of direct requests its customers made during its big public brainstorm (aka IdeaStorm) not so far back. The result of nearly 70% of participants requesting Linux on Dell machines?
http://www.engadget.com/2007/03/29/dell-were-going-linux-and-its-all-because-of-you/
It was only a matter of time. Chalk up one for the Penguin. IBM, and now Dell, who will be next. And, will Linux become a mainstream option? Say goodbye to the Microsoft "tax" on new PC's. It will be interesting to see how Microsoft reacts to this state of affairs?
Of course Microsoft may be ahead of, and in charge of, this change. Novell and Microsoft are playing nice lately and Dell will be distributing Novell's SuSE Linux correct? I wonder if Microsoft will be providing the license for the Dell Linux versions?
http://www.engadget.com/2007/03/29/dell-were-going-linux-and-its-all-because-of-you/
It was only a matter of time. Chalk up one for the Penguin. IBM, and now Dell, who will be next. And, will Linux become a mainstream option? Say goodbye to the Microsoft "tax" on new PC's. It will be interesting to see how Microsoft reacts to this state of affairs?
Of course Microsoft may be ahead of, and in charge of, this change. Novell and Microsoft are playing nice lately and Dell will be distributing Novell's SuSE Linux correct? I wonder if Microsoft will be providing the license for the Dell Linux versions?
Friday, March 23, 2007
Heavy metal music linked with gifted students
New study finds "many adolescent "metalheads" are extremely bright and often use the music to help them deal with the stresses and strains of being gifted social outsiders." Haha, validation.http://www.telegraph.co.uk/connected/main.jhtml?xml=/connected/2007/03/21/nmetal21.xmlSo that's why I listened, and now must listen a second time as my children "cope" with being talented :)
read more | digg story
read more | digg story
Thursday, March 22, 2007
Nokia N800 Internet Tablet
Future enhancements including Skype, IM clients, and a discussion about how to market a new product category.
read more | digg story
read more | digg story
Down with RIAA: Tomorrow is "Bum Rush the Charts" day for iTunes shoppers
An interesting experiment is taking place Thursday on iTunes. Can shoppers and followers of podsafe and independent musicians push one selected 99-cent single to the top of the "most popular" list on iTunes for one day? We'll see. The first lucky band is Black Lab, who is giving half the sale proceeds to a music charity.The people rule. Down with the large record companies Podsafe the world!
read more | digg story
read more | digg story
Wednesday, March 14, 2007
Microsoft executive: Pirating software? Choose Microsoft
Microsoft group president Jeff Raikes told an audience in San Francisco last week that the company hopes people, if they’re going to pirate software, choose to pirate Microsoft software. What’s Raikes thinking?
read more | digg story
read more | digg story
Friday, March 9, 2007
Total Information Awareness (TIA) is back now at Homeland Security
GAO investigation into son-of-TIA (ADVISE) is due this week. The system sifts through personal data of US citizens looking for 'patterns' that might indicate terrorist activity. "The technology is expected to analyze more than 3 million 'relationships' or connections per hour."Are you worried about the Government know everything that you do? Not me, I've always wanted an expense paid trip to Cuba, not!
read more | digg story
read more | digg story
Thursday, March 8, 2007
Wednesday, March 7, 2007
Commodore Returns With New Gaming PCs
Commodore is a name which will bring memories flooding back to many a gamer and it's been announced that the legendary brand is to return with a new range of high specification gaming PCs. The new Commodore PCs optimised for gaming will be launched at the CeBIT show in Germany on March 15.
Source: http://www.pro-g.co.uk/news/06-03-2007-4930-1.html
The Commodore 64 was a pivotal experience and what has led me to my current career as a technologist. The idea that this platform will be re-introduced gets my hopes up so high I wonder if the platform will be able to live up to my expectations?
I am drooling over the March 15th time frame when we will find out more about this exciting announcement!
Source: http://www.pro-g.co.uk/news/06-03-2007-4930-1.html
The Commodore 64 was a pivotal experience and what has led me to my current career as a technologist. The idea that this platform will be re-introduced gets my hopes up so high I wonder if the platform will be able to live up to my expectations?
I am drooling over the March 15th time frame when we will find out more about this exciting announcement!
Monday, March 5, 2007
Microsoft Hit By U.S. DOT Ban On Windows Vista, Explorer 7, and Office 2007
Tens of thousands of federal workers are prohibited from upgrading to the latest versions, according to memos seen by InformationWeek.'In a memo to his staff, DOT chief informationofficer Daniel Mintz says he has placed "an indefinite moratorium" on theupgrades as "there appears to be no compelling technical or business casefor upgrading to these new Microsoft software products. Furthermore,there appears to be specific reasons not to upgrade.'"Amen to that!
read more | digg story
read more | digg story
Vista activation cracked by brute force
From the Inquirer:
It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally.
"To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legit keys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing."
posted by Zonk on Friday March 02, @10:02 on /.
My thoughts...
Microsoft will HAVE to deal with this issue and provide replacement keys. If they do not the run the risk of having "legitimate" customers turning pirate and using crackers tools to activate software that was purchased legally.
Activation is a huge mess and will never be effective. Some would even say that it promotes piracy. If Microsoft wants to really stop the problem with illegal copies of it's software than they will have to price it reasonably. Is Vista a new product, or an upgrade the fixes problems with legacy code? I have six computers at home and paying upwards of $1800 to move all of them to Vista is not going to happen, I'll stick with Linux and XP thank you very much. Now for $600 I would gladly purchase Vista and install it on each and every machine.
It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally.
"To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legit keys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing."
posted by Zonk on Friday March 02, @10:02 on /.
My thoughts...
Microsoft will HAVE to deal with this issue and provide replacement keys. If they do not the run the risk of having "legitimate" customers turning pirate and using crackers tools to activate software that was purchased legally.
Activation is a huge mess and will never be effective. Some would even say that it promotes piracy. If Microsoft wants to really stop the problem with illegal copies of it's software than they will have to price it reasonably. Is Vista a new product, or an upgrade the fixes problems with legacy code? I have six computers at home and paying upwards of $1800 to move all of them to Vista is not going to happen, I'll stick with Linux and XP thank you very much. Now for $600 I would gladly purchase Vista and install it on each and every machine.
Vista activation cracked by brute force
It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally."To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legitkeys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing."posted by Zonk on Friday March 02, @10:02 (Windows)Microsoft will HAVE to deal with this issue and provide replacement keys. If they do not the run the risk of having "legitimate" customers turning pirate and using crackers tools to activate software that was purchased legally. Activation is a huge mess and will never be effective. Some would even say that it promotes piracy. If Microsoft wants to really stop the problem with illegal copies of it's software than they will have to price it reasonably. Is Vista a new product, or an upgrade the fixes problems with legacy code? I have six computers at home and paying upwards of $1800 to move all of them to Vista is not going to happen, I'll stick with Linux and XP thank you very much. Now for $600 I would gladly purchase Vista and install it on each and every machine.
read more | digg story
read more | digg story
Vista activation cracked by brute force
It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally."To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legitkeys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing."posted by Zonk on Friday March 02, @10:02 (Windows)Microsoft will HAVE to deal with this issue and provide replacement keys. If they do not the run the risk of having "legitimate" customers turning pirate and using crackers tools to activate software that was purchased legally. Activation is a huge mess and will never be effective. Some would even say that it promotes piracy. If Microsoft wants to really stop the problem with illegal copies of it's software than they will have to price it reasonably. Is Vista a new product, or an upgrade the fixes problems with legacy code? I have six computers at home and paying upwards of $1800 to move all of them to Vista is not going to happen, I'll stick with Linux and XP thank you very much. Now for $600 I would gladly purchase Vista and install it on each and every machine.
read more | digg story
read more | digg story
CNN parent hit by bot worm
Breaking news: Slacking on security patches opens computers up to attack!Do you have Symantec products in hour workplace/home. Is your renewal coming up soon? Time for a change...
read more | digg story
read more | digg story
Friday, March 2, 2007
Microsoft and Novell
There has been a lot of noise against the Microsoft/Novell partnership. The naysayers state that this is the end of Linux as we know it. I say "thank god". Let's face it, Linux as a desktop platform has been a pipe dream for years. Sure there are "easy" distributions like Ubuntu (my personal desktop favorite besides Novell Linux Enterprise Desktop) and Linspire.
Let's not kid ourselves the kind of movement that should be seen towards Linux as a desktop is just not happening. Well, that is probably about to change. But that is a longer view right now good things are happening on the Microsoft/Novell server environment.
Microsoft and Novell just announced that not only will SuSE Linux run virtualized on Windows server BUT Windows Longhorn (vaperware as yet?) will run paravitualized under XEN on SuSE. That is an earthquake my friends.
If that wasn't enough Microsoft and Novell are working togather on an open document translator that will allow Office, and OpenOffice, to share files transparently. Will wonders never cease.
I expect we will see many great collaborations between Microsoft and Novell in the future. Will Microsoft assimilate Novell? Maybe. Is this the end of Linux as we know it? Probably. Am I worried? Not at all.
Viva the end of the Revolution. Linux deserves to be mainstream and now it has a chance. After all can't you order a Dell PC with Linux pre-installed? Or can you... that is another blog my friends.
Good day
Let's not kid ourselves the kind of movement that should be seen towards Linux as a desktop is just not happening. Well, that is probably about to change. But that is a longer view right now good things are happening on the Microsoft/Novell server environment.
Microsoft and Novell just announced that not only will SuSE Linux run virtualized on Windows server BUT Windows Longhorn (vaperware as yet?) will run paravitualized under XEN on SuSE. That is an earthquake my friends.
If that wasn't enough Microsoft and Novell are working togather on an open document translator that will allow Office, and OpenOffice, to share files transparently. Will wonders never cease.
I expect we will see many great collaborations between Microsoft and Novell in the future. Will Microsoft assimilate Novell? Maybe. Is this the end of Linux as we know it? Probably. Am I worried? Not at all.
Viva the end of the Revolution. Linux deserves to be mainstream and now it has a chance. After all can't you order a Dell PC with Linux pre-installed? Or can you... that is another blog my friends.
Good day
Thursday, March 1, 2007
Ubuntu "Feisty Fawn" a step closer
Ubuntu is finalising preparations for the release of the next version -- dubbed Feisty Fawn -- of its popular Linux distribution in mid-April. Overnight, Ubuntu developer Tollef Fog Heen announced Ubuntu's main software repository had been frozen -- with no changes allowed to the code -- as the project prepared to release the fifth test version.I LIVE UBUNTU
read more | digg story
read more | digg story
Computer glitch triggered Dow Jones plunge
NEW YORK (AP) - A computer glitch triggered a sudden plunge in the Dow Jones industrial average at mid-afternoon Tuesday, turning an already bad day in stocks into a head-turning spectacle.Now, if this could just work in the OTHER direction! Or, maybe a huge crash will occur and we can watch brokers fly out windows?
read more | digg story
read more | digg story
Sun Strikes Back at Worm Targeting Telnet Bug
Sun Microsystems has issued an inoculation script for a worm exploiting a recently patched vulnerability in its Solaris 10 operating system.Wouldn't it be great if Microsoft would be this responsive!
read more | digg story
read more | digg story
And California Makes Four
The big news of the day is that a legislator in California has decided that it is time to convince his colleagues that California should become the latest U.S. State to get on the open formats bandwagon. If the bill advances, it will the third such pieces of legislation to have been filed in recent weeks (the others are in Texas and Minnesota).
read more | digg story
read more | digg story
Dell censors IdeaStorm Linux dissent
It seems pointless seeking ideas and feedback if you’re going to ignore and delete the ones you don’t like. That’s exactly what Dell is doing with its IdeaStorm web site, which has been set up by the company to solicit ideas and feedback. It deleted a post that linked to an article that criticized its handling of the "preinstalled Linux" issue.
read more | digg story
read more | digg story
Dell censors IdeaStorm Linux dissent
It seems pointless seeking ideas and feedback if you’re going to ignore and delete the ones you don’t like. That’s exactly what Dell is doing with its IdeaStorm web site, which has been set up by the company to solicit ideas and feedback. It deleted a post that linked to an article that criticized its handling of the "preinstalled Linux" issue.It is Dell's own website and they should be allowed to use it in whatever fashion that they like. The only thing that I would have issue with is if Dell suggested that the site was an OPEN discussion forum and then deleted posts that did not meet an editorial criteria that is shared. It is obvious that the use for this site is driven by the marketing department.
read more | digg story
read more | digg story
Tuesday, February 27, 2007
Konami Slot Machines display subliminal message of Wining Jackpot
The CBC has found that 'winning jackpot symbols' are displayed for a fifth of a second, every 2 seconds: The time it takes for one spin. Konami says it's a 'software glitch'. Ontario pulled the machines. Is that why it feels like the jackpot's always going to be that next / last pull?I think subliminal messages are a great idea. Does anybody remember the movie "They Live" with Rowdy Roddy Piper? There is a huge potential market for those really cool glasses that let you see the truth.
read more | digg story
read more | digg story
Thursday, February 22, 2007
Vista security overview: too little too late
Vista's Security is not all its cracked up to be. This article explains why.While I would never consider myself a Microsoft lover you have to admit that Vista IS better than XP. At least the 64bit version. If you have a 32 bit processor I would agree, stick with XP SP2 for now.As for shifting the blame to the user for insecure surfing habits this is correct. The computer does not infect itself. If a user does something stupid to infect their PC how is the OS going to stop that. Let me just fire up X-Windows as root on my trusty laptop and let's go surfing!
read more | digg story
read more | digg story
Wednesday, February 21, 2007
SuperNova Not - Storm Large lost in portland!
Portland Oregon - February 17, 2007 - Memorial Coliseum - SuperNova Consert
First, where is Storm Large? A big disapointment that we did not see her at the SuperNova concert in her home town. On second thought that show as of such poor quality that I would not have shown up either.
After watching the second "Rockstar" show "Rockstar SuperNova" I had high hopes for the concert Friday the 17th, 2007 at the Memorial Coliseum in Portland Oregon. Having gone to the extremely good Rockstar INXS concert we were excited for the show. Unfortunately Supernova is a SuperDUD. If you want 40 minutes of screaming this is the act for you.
The only saving grace for the show as when Magni and Delanna performed. They rocked and I would have wished that they were the headliners.
First, where is Storm Large? A big disapointment that we did not see her at the SuperNova concert in her home town. On second thought that show as of such poor quality that I would not have shown up either.
After watching the second "Rockstar" show "Rockstar SuperNova" I had high hopes for the concert Friday the 17th, 2007 at the Memorial Coliseum in Portland Oregon. Having gone to the extremely good Rockstar INXS concert we were excited for the show. Unfortunately Supernova is a SuperDUD. If you want 40 minutes of screaming this is the act for you.
The only saving grace for the show as when Magni and Delanna performed. They rocked and I would have wished that they were the headliners.
Wednesday, February 14, 2007
Subscribe to:
Posts (Atom)
