One of the changes Internet explorer 7.0 will see is a tightening of restrictions on the zone settings. Currently, there are four security zones for web sites: Internet, Intranet, Trusted Sites and Restricted Sites. Explorer tries to autodetect if a site is within the intranet (which becomes more trusted), or the internet (which becomes less trusted. The problem is this detection can be tricked and so, malicious websites can run in a less restrictive zone.
Category: Computers
-
Sony releases XCP remover
Sony has had a busy day… they’ve released software to remove the XCP DRM program that was the start of all the recent SONY DRM rootkit controversy. Of course, the original DRM software had multiple problems in it’s concept AND implementation, the uninstallers and patches since have also had problems. Today I’ve seen reports that Sony’s uninstaller for the SunnComm MediaMax DRM software (the OTHER approach sony uses for copy protection) has some serious problems.
-
Samba (Windows) domain controller using ubuntu linux
There’s a good how-to at (where else) howtoforge.com on the topic of setting up ubuntu Linux (with samba) as a Primary domain controller for your network of windows machines. This uses tdb instead of LDAP and is suitable for networks with up to 250 users. The advantage here is that it’s simpler to setup than LDAP integration. Of course, samba for simple file/print sharing is fairly easy to setup, the domain controller “stuff” is usually a bit tricker.
-
Interesting vector for browser vulnerability exploit…ebay
incidents.org has received a tip on an ebay item that contained some malicious script…
ISC reader Gareth Attrill pointed us to an eBay auction that has some escaped HTML code that sneaks in a link that tries to get a trojanized .jar (usage.jar) file loaded on anyone who loads the listing. The latest .dat for McAfee immediately detected (and deleted) the code as Exploit-ByteVerify. The lister most likely managed to bypass other protections that otherwise prevents this kind of code from being inserted into item listings. Both eBay and the ISP that is hosting the malware have been notified.
-
Sunncomm/Mediamax software fix FLAWED
Once more in the continuing story…. According to freedom-to-tinker, the “fix” released today for the SunnComm/Mediamax DRM software (the “other” DRM software on sony/bmg discs). Is fatally flawed. The problem the software initially poses is much worse than the company lets on in their release and their advise is…. 1) don’t play a mediamax protected disc in your pc. 2)don’t use the fix, 3) don’t use the old uninstaller.
-
New variation of Sober virus coming in January
Now, we seem to be getting “coming attractions” previews in virus-land…. Anyway, I’ve read at several sources that we are to expect a new variation on the sober worm around January 5th, 2006. It’s said that the date was chosen to mark the formation of the Nazi Party. In the past, variants have spouted pro-nazi sentiments and redirected users to pro-nazi web sites.
-
Sunncomm/MediaMax software fix released
What a long journey it’s been and there is progress in the Sony DRM story. The main issue in the Sony controversy was the XCP DRM software (Digital Rights Management) which was made by first4internet. However, as the first rootkit was discovered, questions began about the MediaMax software (made by SunnComm) which was the OTHER DRM method that Sony made use of. As the story developed it was found that there were security flaws in the ActiveX control which was necessary to uninstall both of the DRM packages…. anyway..
-
Microsoft Fined $32 Million
Microsoft has been fined $32 million by South Korea’s fair trade commision. They are calling for Microsoft to either remove the Media Player and Instant Messenger from Windows, or include competing software. Microsoft has said that such changes may require it to “delay offering new versions in South Korea”, or withdraw Windows from the South Korea market entirely.
-
Good beginners guid to SEO
There is a good beginners guide to Search engine optimization up at this site.
-
Good article on what OpenOffice could learn from Firefox
There’s a good writeup on what OpenOffice.org could learn from firefox. It raises some interesting points. One of which is that software can be designed to meet the needs of say, 60% of the market, the framework firefox has for extenstions helps that other 40% find a way that the browser can meet their needs.