Some time back I remember an article I had on vcodec not being a legitimate video codec. At the time there was some malware claiming to be vcodec and “required” to view some content…. well, posing as a codec download is a good way to trick people into downloading it seems and there are more out there that use the same trick. Sunbeltblog brings not one, but two fake codec sites to watch for today.
Tag: time
-
Being cautious with web links
Once upon a time the bad payload of a malicious email was it’s attachment, that still happens, but in many cases the links are the real lure – like a worm dangled in the water in front of a hungry fish…. the links though hide a danger on the other side…. the hook in our analogy. Brian Krebs writes about a utility called linkscanner that scans a given link to see if it’s hosting up malware. It’s from a place called Exploit Prevention Labs. I don’t know that I’d trust it completely as a safety net, but it might be worthwhile as another level in the defences.
-
Microsoft’s priorities…
I didn’t really think of this in context, but George Ou points out that Microsoft issued an “out of cycle” patch for their DRM software in response to the FairUse4WM software that stripped DRM protections from Windows Media Files. It took a mere 3 days from being made aware of the issue to releasing a patch. In context, we have seen numerous instances in the last year of “zero-day” vulnerabilities becoming known just after a monthly patch day, and Microsoft waiting until the next patch day to release a fix. So why the different response?
-
Multihead PC
More than once I’ve wished for a second (or third) set of keyboard/mouse/video for my main desktop. Linux is a true multiuser operating system which means that it’s capable of hosting multiple graphical logins at the same time. For MOST things, a single, modern CPU is more than adequate to deal with this (memory is usually the limitation, but 1 GB ought to be enough.) So, I think all of this was prompted by a blurb about hubster which looks like it’s just a VGA-usb adapter. The company that makes it though bill it as a thin client of sorts. So, they’re essentially thinking thin-client over usb as opposed to thin-client over ethernet…
-
FreeDos 1.0 released
After 12 years of effort FreeDos has reached the milestone 1.0 released. It can be found here. I’ve really found freedos to be quite usable for quite some time as a drop in replacement of MS Dos environments. I’m struggling to remember any dos-based prorams that it wouldn’t run well. *(Possibly some games?)
-
Audio on Linux weekend…
For most people here in the US, this last weekend was known as Labor Day weekend, for me though… it was more like Audio on Linux weekend. I’ve mentioned before that I use my computer for most EVERYTHING and that’s not far off…. I have watched movies on the PC, I’ve recorded multitrack audio, captured tv shows to disc, and of course, work…. database server, digitial photos/editing, test web sites, word documents, test various hardware, etc. etc. test software, etc…. vmware…. oh the list could keep going and going and going…. Well, sometimes it seems that optimizing the machine for one thing comes at the expense of another. Since I had to swap out the system board on the main machine (massively failing probably due to overheating…. multiple pci slots had failed, etc….) I hadn’t had a chance to see why some things didn’t work the way I used to….
-
Open Source OCR
I remember several years back I tried out gocr which is an open source character recognition engine. I wasn’t thoroughly impressed, but it sort of worked. Yesterday, I saw the news that Google has released Tesseract as an open source Optical Character Recognition engine. It was originally developed by HP and has been shelved for some time, it’s supposed to be among the top 3 in accuracy according to testing by UNLV. The source code is available at their sourceforge.net page. It’ will be good to see this taken up and integrated as a backend by open source scanning applications. (Maybe even office suites as a “recognize text in image file” type option….)
-
Windows Run as to let a legacy program run in XP limited user mode
Several months back I had to figure out a way to get Create a card gold (5.0?) run on an XP system. The only real problem was that I had setup the account with limited user privileges (shared machine, several users, all with limited account priviliges.) But, somehow the program didn’t work well without administrator priviliges. Giving the account full administrator priviliges all the time was not an option and try as I might, I couldn’t find the right program directory to give expanded permissions that would solve the issue.
-
Sun java update process vulnerable
The Java Runtime Environment from Sun has a vulnerability that’s due in large part to a poor approach to updating it. IF you have not uninstalled previous versions of the JRE on your PC, they are likely still there EVEN after an update AND to make things even worse, a specially designed website could specifiy the version of the JRE to use in dealing with java components on the page. Sun’s advisory here on the issue. The story is from the SecurityFix and I’m bothered by the same point that get’s Brian about this update….
-
Recovering lost files
There’s an article at linux.com that gives a good overview of using testdisk and PhotoRec. Testdisk should be able to recover at the partition level and PhotoRec should be able to just pull the files out of a damaged partition. Truth is Hard drives fail in a number of different ways and some of those can give the same error messages. Not too long ago my brother had a laptop hard drive failure, it gave a “no partition found” kind of error message. We talked about a utility such as ghost4linux (g4l) which includes dd_rescue which does a remarkable job with failing disks.