Recent Posts
As does VMWare (VirtualBox ftw). VirtualPC sucksYes, but I'll need to download the 32-bit version to run it in most of the VM solutions available and, AFAICT, in any of the free/cheap options.-Darwin (January 11, 2009, 11:48 AM)
Not necessarily so, VirtualBox now supports 64bit guests if you have VT-x or AMD-V.-Eóin (January 11, 2009, 12:16 PM)
).| Hi all. To add a little humour the what is usually just a list of bad events taking place in the IT realm, the final article for each week will now be my favorite video or article from The Onion News Network for the week. I hope you like it As usual, you can find last week's news here. |
Miscreants broke into Twitter's admin system on Sunday night using a simple password guessing hack, it has emerged.
A teenage hacker, known in the digital underground as GMZ, claims he obtained access to the micro-blogging site’s admin controls using a brute force dictionary attack. After guessing the login identity of an administrator, in part based on the large number of people she followed, GMZ ran an automated password guessing program overnight to reveal that 'Crystal' used the eminently guessable password of "happiness". The 18-year-old student then used these details to offer up access to Twitter accounts on request through Digital Gangster, an underground hacker forum, Wired reports.
The move enabled griefers to break into the Twitter feeds of the likes of Britney Spears, Fox News and US President-Elect Barack Obama on Monday to push out bogus messages. GMZ sat on the sidelines during this attack because he had failed to use a proxy during his password cracking attack, making him more at risk of identification.
A researcher has discovered a way to reliably exploit a known security vulnerability in a wide class of Cisco System routers, a finding that for the first time allows attackers to hijack millions of devices with a single piece of code.
The discovery by Felix "FX" Lindner of Recurity Labs in Berlin brings the write-once-run-anywhere approach of software development to the dark art of compromising routers that form the core of the internet. Previously, reliable exploit code had to be specifically fashioned to one of more than 15,000 different supported builds of IOS, or Internet Operating System, which run various Cisco devices.
A practical attack on Intel's trusted execution technology (TXT) is due to be demonstrated at a hacking conference next month.
Security researchers from Invisible Things Lab have created a technique for compromising the integrity of software loaded via TXT, a key component in Intel's Safer Computing Initiative and part of the chip giant's vPro brand. Intel's TXT technology - which aims to protect systems against tampering - hooks into CPUs and chipsets as well as featuring use of Trusted Platform Module 1.2 (TPM) technology.
For example, the technology ensures programs running on a virtual machine are free to go about their business without interference from other (potentially malicious) packages loaded onto the same system. It also has applications in Digital Rights Management.
After being publicly outed issuing web credentials that were vulnerable to attacks that could allow criminals to spoof the encryption certificates of any website on the internet, VeriSign has issued assurances it has neutralized any real-world threat.
Tim Callan, vice president of VeriSign's product marketing, has said that within hours of last week's news that researchers had uncovered a devastating weakness in secure sockets layer certificates issued by VeriSign subsidiary RapidSSL, the company made changes to ensure all its SSL products were immune to the attacks.
As usual, the truth is a little more complicated.
A denial-of-service attack that limits the number of SMS messages that can be received by Nokia smartphones has been disclosed and demonstrated.
Dubbed the "curse of silence" by German security researcher Tobias Engel, the attack occurs when Nokia Series 60 phones are sent a malformed e-mail message via SMS (Short Message Service). Engel demonstrated the attack on Tuesday at the Chaos Communication Congress in Berlin, according to a blog post by security vendor F-Secure.
At CES 2009, Toshiba showed off a conceptual computer interface that uses hand gestures for control. With simple motion sensing technology and a software interface, Toshiba hopes to open up applications for video games and other interactive media.
Microsoft boss Steve Ballmer used his keynote speech at CES to announce that software developers would get at the trial version on 7 January.
On 9 January members of the public will get the chance to download the successor to Windows for themselves.
Mr Ballmer said Windows 7 would be the pivot of a broader Microsoft push to improve the way its separate software and service families work together.
Security researcher Dan Kaminsky made headlines last year when he discovered a critical DNS flaw. If left unpatched it could have crippled vast parts of the Internet.
As 2009 starts up, a new DNS flaw has emerged, but the severity of the threat is less pronounced.
ISC (Internet Systems Consortium) the group leading development of the open source BIND DNS server that dominates the Internet, quietly issued a patch to multiple versions of BIND this week.
If you're an incumbent cable operator who has had the TV market to yourself for several years only to be challenged by an upstart that offers a better service, you've got two options: ratchet up your own offerings or sue the upstart. Faced with an incursion by Verizon's FiOS TV and Internet service into some of its territories, Charter is apparently going with door number two, filing a patent infringement lawsuit against Verizon on the last day of 2008.
At issue are four patents owned by Charter covering video-on-demand services, dynamic pricing for subscription-on-demand services, and a pair of patents covering data transmission. The most interesting appear to be the three patents which relate to video transmission. One patent, 6826197, seems rather generic, describing a data packet with a header, routing information field, data field, data payload, and error correction field. It does have the capability of "efficiently propagating a payload through a multi-user, digital video distribution system," however.
Borrowing the "Not in My Name" slogan popularized by anti-war and pro-Palestinian activists, New Zealand's newborn Creative Freedom Foundation is leading a petition drive to block implementation of copyright legislation slated to take effect at the end of February. Critics charge that Section 92 of the Copyright (New Technologies) Amendment Act, enacted this past April, requires ISPs to act on a principle of "guilt upon accusation," cutting off the Internet connections of users merely alleged to be violating copyright.
Section 92 has also drawn the ire of New Zealand's ISPs, under the umbrella of the Telecommunications Carriers' Forum, which has blasted the reform as "a deeply flawed law that undermines fundamental rights and simply will not work.” Jamie Baddeley, who heads the country's ISP trade association, argues that the legislation, which makes providers legally liable for failing to delete infringing material and disconnect infringers, "has the potential to put some of our smaller innovative members out of business."
All products are vulnerale. the USER is the main exploit entry.Presuming you meant to say "chances are you will be infected by a virus", you are quite right. Well said.
No matter how safe your browsers are, if you constantly visit porn sites, chances are you will infect an virus.-electronixtar (January 10, 2009, 02:07 AM)
That was indeed what i meant to say. My bad, ty 4wd.Experience with routers varies significantly. You'll find it difficult to pinpoint a brand that has good reviews across the board. If you're going to purchase a new unit I would suggest choosing something that it's brand new to the market and that has solid reviews.-Ehtyar (January 09, 2009, 04:12 PM)
Actually, I would have said something that's been on the market for a while and has solid reviews.
No use buying something that's 'brand new to the market' and then 8 months later everyone suddenly finds that the mCPU in it blows up due to the date matching and IP address-4wd (January 09, 2009, 04:47 PM)
both products have been extremely stable (the dlink we had prior to the WGR crashed weekly) and I would most definately purchase a netgear product again.).). I meant just in general usability. IE in the VM noticeably outperformed IE in Vista, as did Firefox. This is also as a comparison to Vista, which certainly doesn't run faster than a host in a VM.Nice one, PhilIndeed. I will sing npp's praise 'till the cows come home...except when it comes to large file support. Definitely try something more up to the task IMO. VIM would likely be my choice if it's available.
I know the next is pretty oooold, but I decided I might as well comment on it since I saw it now:I'm pretty sure my current fav text editor (Notepad++) could handle a file that big, but I can't say for sure since I don't have currently have any text files that size to test it with.Nope, Notepad++ (which is my favorite editor as well) performs miserably when dealing with files of relatively few megabytes in size. This is mainly because it uses the Scintilla edit control, which really wasn't designed for huge amounts of text - and working around that would be really clunky.-40hz (July 31, 2008, 02:00 PM)-f0dder (January 07, 2009, 10:27 PM)
Sorry I don't have anything meaningful to add to the topic.Well neither did I, but that's no excuse to reserve your opinion-Hirudin (January 07, 2009, 05:54 PM)