One of the nice things about working on computers is that when it comes to the raw hardware of a system, the engineers have designed a way to communicate what’s wrong (even if it’s just a general idea) even when the hardware has a pretty serious problem. When a computer boots it goes through a POST *(Power On Self Test). This POST process basically is the BIOS (Software embedded in the hardware of the system that exists whether or not an Operating System like Windows is installed) “waking up and testing the hardware.”
Author: Avery
-
Apple iTunes vulnerability on Windows
eEye has discovered a remotely expoitable security vulnerability in Apple’s iTunes software. It affects iTunes 6 and prior and the current security updates (released yesterday) do not address the issue. News.com has coverage as well. Earlier they reported that it affected “all operating systems”, however now they are saying that it’s only been found on Windows systems using iTunes.
-
GMail security problem fixed
Google’s not had a great week it would appear (Sony’s had worse… but that’s another story). The Analytics launch was somewhat rocky from most accounts and there is a GMail security bug that’s been announced and fixed. Details on the bug are here, and a writeup is also here.
Apparently a flaw in the authentication method that Google used could allow a user to log in under another account and read messages as well as pose as a legit user.
-
Keyloggers a growing problem
It’s interesting some years ago when viruses on Windows machines were SOOOO plentiful it seemed like that’s all I spent my time cleaning up, I thought… “you know, most viruses are prankster-ish programs. They rearrange icons, maybe cause Windows to crash, or send random files out to others, but they could be MUCH worse.” Since then, we’ve seen viruses used as delivery tools for mail relays (so that spammers can have more “safe havens”, we’ve seen viruses bring in spyware, both of the last two for “fun and profit”. I don’t know that we’ve really seen the WORST that a virus could be designed to do. However, I’m afraid we’re getting there.
-
Firefox 1.5 RC3
News is coming out that Mozilla Firefox 1.5 RC3 is now available. There’s coverage at mozillazine.org. From the comments there may be a few bugs to work out still, although I’ve just skimmed. I’m not sure if those comments are from people that have tried RC3, or are asking if a bug has been fixed since RC2.
-
Sony and Amazon to buyback cds
It looks as though the recall is being detailed for the Sony cds that use the XCP Digital Rights Management copy protection. Sony has setup a page where customers can request an exchange. Sony will swap cds with DRM for cds without the DRM software. Also, Amazon.com is offering refunds through this link, they advise customers to list “defective as the reason for return.
-
OTHER Sony DRM software has security flaws too.
You almost want to bury your head in the sand at this point if you’re Sony…. Freedom-to-tinker has some details. The last couple weeks the XCP copy protection that Sony uses has been the center of a Firestorm for rootkit capabilities and massive security problems. Well, it seems the OTHER Digital Rights Management (DRM) software they use ( SunnComm MediaMax ) has some serious flaws too.
-
MSN Virtual Earth neat tricks
I’ve spent some time covering some of the neat implementations of Google Maps and Google Earth, I’ve just come across a site that has similar uses for Microsoft’s MSN Virtual Earth. The site is called viavirtualearth.com and not only links to examples of neat things people have done using Virtual Earth, but also articles and how-to’s on implementing some of your own neat-tricks.
At this point, I still find Google maps easier (more intuitive?) to navigate in some of these (I tried a Ufo-maps link which offers both virtual earth and google maps overlays.) That could just be because I’ve used Google Maps more at this point.
-
TRUSTe will offer certification for adware
TRUSTe has announced a program to certify software downloads. Among them are certifications for adware and “trackware” (spyware?). The bullet summary for the article claims this will bring an end to “unwanted popups”. A clip from the article reads as follows…
To be placed on the whitelist, adware and trackware must prominently disclose the types of advertising that will be displayed, personal information that will be tracked, and user settings that may be altered, and must obtain user opt-in consent for the download. An easy uninstall with clear instructions must be provided, and advertisements must be labeled with the name of the adware program. Program participants must maintain separate advertising inventory for users of certified applications. To move legacy users to certified advertising inventory, they must obtain new opt-in consent.