Friday, February 8, 2008

Fake Critical Windows Vista Update Installs Malware

Free Image Hosting at www.ImageShack.usAttacks that are using Windows Updates in order to spread malware and compromise Microsoft platforms are nothing more than an integral part of the luxuriant threat environment that preys on unsuspecting users. But generally the attacks masquerading as Microsoft Updates are nothing more than social engineering tricks devised to essentially convince the end user to become an active
participant in the compromising of the system. In this context, the level of authenticity of emails allegedly delivering Windows updates is rather low, as such a practice was never deployed by the Redmond company.

In this context, attackers are now seeking to replicate as closely as possible the actual experience that Windows users do associate with the Redmond company. Such as the Microsoft Update. The actual Microsoft Windows Update site can be found here and it is sensitive to the context of the operating system, meaning that when a Vista user will visit the website, the page will change to reflect the platform. Security outfit F-Secure has warned Windows users of the existence of a spoofed Microsoft Update site that spreads malware.

Fake Microsoft Update Site
Free Image Hosting at www.ImageShack.us
The fake Microsoft Update website urges users to immediately install a Critical security update for Windows 2000, Windows Server 2003, Windows XP and Windows Vista. The social engineering scheme is put together to effectively scare the user into installing malware on their machine.

"Watch out for this one. It's not the real Microsoft Update site. Note the real URL (cfm48.com) and the spelling errors ('Please intall'). If you click the Urgent Install button, you'll get a file called WindowsUpdateAgent30-x86-x64.exe, which is not signed by Microsoft. (i.e. Click the button — Download a Trojan-Dropper.) The dropper is now detected as Trojan-Dropper:W32/Agent.DYD, and the dropped malware was already detected as Backdoor:W32/Agent.CVU; this is functionally the same as the earlier Backdoor:W32/Agent.CTH," a F-Secure security expert revealed.

Seize the Best Graffiti Spots via Google Maps

Free Image Hosting at www.ImageShack.us
That’s the name of the website that shows you the best places you could "spray" your contribution to urban art. Based on an offline art project exhibited in Berlin, in 2007, the switching to the Internet can’t do the movement anything but good, as long as it unites every artist’s vision in a global work of art.

Discarded by many, including invariably the local authorities, Graffiti is,
according to Wikipedia, the name for images or lettering scratched, scrawled, painted or marked in any manner or property. Among most of the objections being raised against it, Graffiti is most often scorned at for being an act of unwanted vandalism that the owners of the surfaces being painted have to deal with.

The GraffitiforGod.org website explains how the name came to be and the history of the project: "The idea of mapping roof graffiti was inspired by 'Wax+' and 'Nemo', whose piece can already be seen on Google Maps in Berlins Center. In the style of medieval maps where Jerusalem often stood at the centre of the geographical drawings and God as the heavenly observer from above, this piece marks the centre of 'Graffiti for God'."

Among other things noted on the Google Maps mashup, there are police stations, hospitals, religious institutions and closely monitored areas, so if you see the legend and any of those in the area you were going to tag, or start a more complex piece of work, you’d better scamper ‘cause it ain’t going to be easy to explain to the officers what you were doing with a half-empty spray can in front of a half-painted wall. Chances are, you’re not going to come up with something good enough.

Graffiti aficionados, gear up and head to Google Maps to choose the best site for your message, where even God will see it.

Sapphire Adds New HD 3850 Graphics Card With 1GB of RAM

Free Image Hosting at www.ImageShack.us
Sapphire has launched yet another version of its HD 3850 graphics card, based on Advanced Micro Devices' RV 670 chip. The new graphics card comes with 1 GB of GDDR3 memory onboard, running at a clock
of 829MHz (1.66GHz effective). The RV670 graphics processor comes with an out-of-the-box clock speed of 703MHz, 30MHz more than a reference Radeon HD 3850.

The HD 3850 series comes with AMD's latest Avivo HD Technology for improved video decoding and playback, while the built-in UVD (Unified Video decoder) allows for the hardware-accelerated decoding of high-definition video content (either Blu-Ray or HD-DVD) for both VC-1 and H.264 codecs, which translates into reduced workloads for the system processor. The graphics card provides a new generation HDMI interconnect that lets the user link the computer to any HDMI-Ready display, such as home theater plasma screen or larger LCD displays.

The graphics card comes with the latest CrossfireX technology that lets the user scale the graphics computing power required by the latest gaming titles on the market. The Sapphire HD 3850 has two high speed connectors on each card that allows 2, 3 or even 4 graphics cards to be daisy-chained together (Three graphics cards and up will only be supported in the upcoming release of ATI Catalyst, version 8.3). Moreover, each card comes with Dual-DVI interconnects, which allows the user enjoy up to eight monitors at the same time, a perfect environment for gaming or increased productivity.

The Sapphire HD 3850 combines the Unified Shader Architecture with support for Shader Model 4.0 and the upcoming DirectX 10.1. The graphics card is fully compatible with the latest generation of PCI-Express 2.0 interface, that maximizes data transfer rates and lets the user enjoy a smooth gaming experience.

Apple Hit with Patent Suit Over iTunes Store's Allowance Feature

Free Image Hosting at www.ImageShack.us
Not that Apple wasn't on the down side already, but now it is being hit with a patent suit on behalf of Restricted Spending Solutions (RSS), over functions included with the iTunes Allowance feature, within iTunes Store. The small California firm claims to hold a patent on the concepts used by this particular feature within iTunes.

The complaint barely filling 6-pages, RSS claims it developed
in 2001 methods for a "controlled entertainment spending account" that were later adopted by Apple without its authorization, according to appleinsider.com. The Newport Beach-based company also asserts it had successfully patented the concept five years later (2006).

RSS' November 28, 2006 Patent No. 7,143,064 is described as a "computer-based method for allocating funds in pre-established accounts for use by customers, by creating for each customer a customer account file containing a record of funds deposited for the customer, and limiting how the funds in each customer account file may be spent on audio and video entertainment."

Apple, of course, has a more colorful description of iTunes Store's Allowance features, which goes a little something like this: "...a nifty way for you to give a gift that keeps on giving. [It] allows you to send a monthly iTunes Store credit to a family member, friend, or colleague in an amount from $10 to $200. Each month, your chosen amount will automatically be added to your recipient's iTunes Store account."

It is believed that the respective iTunes Store characteristic has been implemented sometime during 2004, or even prior 2004. No proof to back that up just yet, though, but what makes the complaint more interesting is indeed the fact that RSS alleges Apple had full knowledge of its patent "since at least July 7, 2005," according to Apple Insider, thus causing irreparable damage.

Dell Is Phasing Out Its AMD-Based Computer Systems

Free Image Hosting at www.ImageShack.us
Dell is reported to have stopped distributing its AMD-based systems via its online shop. This may seem the end of a long and beautiful friendship with world's second chip manufacturer. The company announced back
in May 2006 that it would sell AMD-based servers to the public, but Dell quickly adopted the AMD chips for its desktop and notebook systems.

Things went just fine between the two partners, or at least until now, because Dell is starting to shake its website off the AMD-powered systems that it has previously sold. The few three laptops that are still available for online purchase are the Latitude D351, Vostro 1000, and Optiplex 740, but Dell has posted a small note for each of them:

"Shop for Dell computers with AMD processors in retail stores. See our retail partners for details.
Computers with AMD processors are not available online."

AMD's situation is already extremely complicated, given the fact that top-tier OEMs are pretty upset because the Barcelonas were not to be found for quite a while. Moreover, Dell turning its back on AMD won't be easy, as AMD tried to go under the PC manufacturer's skin for some time now. Dell's customers who would like to get an AMD-powered machine will have to set foot into a brick-and-mortar distribution point, such as Best Buy, Staples, Wal-Mart or Sam's Club.

AMD is being kicked out of the party at an extremely inappropriate time – not that there would be any appropriate time for being thrown aboard ever: the 2007 revenue reports already kicked in and they don't look too nice. The chip manufacturer reported yearly revenue of $6.012 billion and a net loss of $3.379 billion, while its graphics subsidiary ATI suddenly lost 30 percent of its initial value.

On the other side, Dell is currently busy updating its XPS notebook line to the latest dual-core offerings in the 45-nanometer Penryn family. But it's just business, so may the best win.

openSUSE 11.0 Alpha 2 Available Now

Free Image Hosting at www.ImageShack.us
The second alpha version of openSUSE 11.0 was launched and it is available for download and testing. Although
it is just a development release, this version comes packed with some important improvements. Here are the most essential changes since the Alpha 1:

• KDE 4.0.1 replaced KDE 3.5.8 as the default K Desktop Environment;
• GNOME 2.21.90 was integrated in this release;
• The installer was greatly improved;
• Live CDs for both GNOME and KDE are now available;
• The CD editions support German as an additional language;
• The DVD editions contain only OSS software;
• Linux 2.6.24;
• OpenOffice.org 2.4 Beta;
• Alsa 1.0.16 RC2;
• D-Bus 1.2 RC2;
• X.org 1.4.1 Pre.

The developers have found some bugs, which are not yet fixed. Here is a short list with the most annoying ones:

• Progress dialog "Loading the Package Manager..." blocks the installation-update proposal. Although you can accept the proposal by clicking on the "Accept" button, you can't see the proposed data/values.
• KDE3 autostart applications may crash on KDE4 startup;
• Mono apps do not work on the GNOME LiveCD;
• Missing graphical menu on Live-CD;
• Popups during the installation behave sporadically.

Remember that this is an alpha release and it should NOT be installed on production machines. It is intended to be used for testing purposes only. Please report bugs to the openSUSE Bug Tracker

openSUSE 11.0 release schedule:

6 December 2007: openSUSE 11.0 Alpha 0
17 January 2008: openSUSE 11.0 Alpha 1
7 February 2008: openSUSE 11.0 Alpha 2
18 March 2008: openSUSE 11.0 Alpha 3
17 April 2008: openSUSE 11.0 Beta 1
2 May 2008: openSUSE 11.0 Beta 2
13 May 2008: openSUSE 11.0 Beta 3
29 May 2008: openSUSE 11.0 Release Candidate 1
12 June 2008: openSUSE 11.0 Goldmaster release (internal)
19 June 2008: openSUSE 11.0 Public release

Download it from softpedia
Download openSUSE 11.0 Alpha 2 now from Softpedia.

Download openSUSE 10.3 now from Softpedia.

Download Windows SDK RTM and .NET Framework 3.5 for Windows Vista SP1

Free Image Hosting at www.ImageShack.us
Concomitantly with the releasing to manufacturing of Windows Vista Service Pack 1 and Windows Server 2008, Microsoft also hit RTM with the Windows SDK. On February 7, 2008, the Redmond company announced that the bits for Windows SDK went gold, and as such the Software Development kit had been made available for download.
The Microsoft Windows SDK for Windows Server 2008 and .NET Framework 3.5 can be installed either as an ISO or Web Setup, and is designed to support Windows Server 2008, .NET Framework 3.5, and Windows Vista SP1. On top of this, Windows SDK is compatible with Visual Studio 2008 and Visual Studio 2005 SP1, including Visual Studio Express Editions.

Barry R. Butterklee, Release Product Manager Windows SDK, gave examples of what the Windows SDK brings to the table: "Support for Windows Server 2008 (x86, x64, and Itanium), .NET Framework 3.5, Windows Server 2003, Windows Vista (including SP1), and Windows XP. Visual Studio 2008 C++ command line compiler toolset (with /analyze support) and matching CRT. The SDK headers, libs, and tools integrate with VS2008 when both the SDK and VS2008 are installed. New tools such as XPerf, SqlMetal, xsltc, gc, topoedit, aspnet_merge, and wsdcodegen. Documentation and samples (2200+ sample projects) to explain usage of new Windows Server 2008 and .NET Framework 3.5 features as well as previous platform features."

Via the Windows SDK for Windows Server 2008 and .NET Framework 3.5 developers will be able to access not only documentation, but also samples, header files, libraries, and even tools set up to streamline the building of Windows applications. Essentially, Microsoft provides the resource in an effort to support both native Win32 and managed .NET Framework technologies. "This release was very much a team effort. Many SDK team members went above and beyond the stadard call of duty to ensure that this was a great release. Members of the Dev, Test and Program Management teams pulled together to ensure that we would release a great product," added Jason Sacks, Microsoft Program Manager.

Windows SDK for Windows Server 2008 and .NET Framework 3.5 can be downloaded from here.

Alienware Laptops Lose Appeal Over Missing Side Lights

Free Image Hosting at www.ImageShack.us
Dell's high-end boutique Alienware has been cooking the Area-51 m15x l gaming notebook for some time now, and the enthusiasts have been more or less patiently waiting for its availability. The notebook
is quite an expensive piece and is exclusively dedicated to the laptop gamers. However, the investment will pay off, since the notebook is more of a piece of jewelery, with "six distinct lighting zones," as announced on its webpage.

Rumor has it that the first batch of notebooks have already reached their rightful owners already, but to their dismay, they figured out that the Alienware Area-51 m15x is no longer being shipped with the lights along the side of the LCD, as promised.

Moreover, it seems that Alienware has taken out all the pictures that detailed upon the notebook's lighting, and also performed changes on the documents that detailed upon the "six distinct lighting zones". If the notebook's lid was previously part of the lighting system, now it isn't anymore, and the start button is counted instead.

The new owners (who happened to pay pretty much on the units) started to complain about Dell's not sticking to the agreement. There are no side lights and Alienware states that an update will be released soon to enable the lighting for the units that came without lid-light support:

"The lighting is not currently working on the systems that are being sent out, but an update will be available in a couple of weeks either for download from our site or sent directly to the customer. So even if you do get a system without active lighting, a fix should be along soon after."

However, the situation is not so gloomy as it may seem for the users who already got their units. The led lights are there, only that they cannot be turned on for the moment, since they lack software support. The customers who have not ordered it yet will receive their m15x without any side lights, because the feature has been discontinued.

"Regarding your inquiry, currently, the Area 51 m15x is not being offered with the lighting around the LCD. Some of the models sold in Alienware US do have this feature. It was a limited option which is no longer available."