Top Stories for Today
[336] Apple releases iPhone 2.2 firmware [219] Queuing psychology: Can waiting in line be fun? [208] IT Security's Next Big Threat: Young People [193] Verizon staff had unauthorized access to Obama's cell [186] Massive EU online library looks to compete with Google [185] Piracy fears emerge after hackers crack the PSP 3000 [183] Russian hackers stole my homework [180] LiveCLIQ brings FREE video streaming and recording to the iPhone [172] iTunes 8.0.2 now available, adds VoiceOver capabilities [167] Adobe Air polluted by critical flaws [165] Company sues Facebook over somethingorother [153] China Targets U.S. Computers For Espionage, Report Warns [148] Sex-toy ads pulled from NRC website [148] Vietnam one of world’s leading sources of spam [143] IETF: Should we ignore the Kaminsky bug? [136] Shut Down Your Console To Save The Planet [136] Mobile banking prospects seen better in Asia [122] Analyst upgrades Yahoo, calling stock cheap [114] It’s official: No IE 8 until 2009 View the Top 50 articles
Top 20 of the Last 2 Weeks
|
Verizon staff had unauthorized access to Obama's cell
Posted by l33tdawg on Friday, November 21, 2008 - 07:33 AM (Reads: 193)
|
Source: Reuters
Verizon Wireless said on Thursday that some employees had gained unauthorized access and viewed a personal cell phone account held by President-elect Barack Obama that is now inactive.
An Obama aide said his voice-mail messages and e-mails were not breached in the incident. "We were notified yesterday that employees had accessed the records of an old cell phone no longer in use," the Obama aide said. "No voice or e-mails were listened to or read."
The company said the device in question was a simple voice phone, not a Blackberry or other device designed for e-mail or other data services. In a statement, Verizon Wireless President and Chief Executive Lowell McAdam apologized to Obama and said all employees who had had access to Obama's account, whether authorized or not, were put on immediate leave with pay.
[   ]
| |
iTunes 8.0.2 now available, adds VoiceOver capabilities
Posted by l33tdawg on Friday, November 21, 2008 - 04:38 AM (Reads: 172)
|
Source: TUAW
Apple just released an update to iTunes. Version 8.0.2 "...improves stability and performance and provides a number of important bug fixes." They note that this update adds VoiceOver capabilities for both iTunes and iTunes U. VoiceOver is the built-in screen reader utility for Mac OS X that helps visually challenged users.
In addition to VoiceOver, Apple also includes the following "important" bug fixes:
* Addresses a quality issue creating MP3s on some computers.
* Fixes a connectivity issue with the iTunes Store when using some Internet proxies with Mac OS X.
* Improves accessibility with VoiceOver.
You can get this 60MB update via Software Update (Apple menu > Software Update) or by downloading the installer package from the Apple Support Downloads website.
[ ]
| |
Massive EU online library looks to compete with Google
Posted by l33tdawg on Friday, November 21, 2008 - 04:37 AM (Reads: 186)
|
Source: Physorg
Inspired by ancient Alexandria's attempt to collect the world's knowledge, the EU launches Thursday its Europeana digital library, an online digest of Europe's cultural heritage. Using the latest technologies, the European Union aims to draw together millions of digital objects, ranging from film, photographs, paintings, sound files, maps, manuscripts, newspapers, documents and, of course, books.
From its opening, users will be able to find major literary works like Dante's "Divine Comedy", or masterpieces such as Vermeer's "Girl with a Pearl Earring" or the manuscripts of composers including Beethoven.
The Internet and digitalisation techniques will "enable a Czech student to browse the British library without going to London, or an Irish art lover to get close to the Mona Lisa without queuing at the Louvre," said Viviane Reding, EU commissioner responsible for new technologies.
[ ]
| |
Company sues Facebook over somethingorother
Posted by l33tdawg on Friday, November 21, 2008 - 04:36 AM (Reads: 165)
|
Source: The Register
A Ohio-based technology company is suing Facebook for patent infringement, claiming it invented the platform the insanely popular social networking site uses to store and manage information.
Leader Technology claims Facebook infringes on its patent for "dynamic association of electronically stored information with iterative workflow change," issued by the US Patent and Trademark Office on November 21, 2006. Leader asked that Facebook stop using the technology and seeks unspecified damages.
"We have spent a great amount of time and effort in procuring our intellectual property and have taken the steps necessary to protect our proprietary and inventive ideas," said Michael McKibben, founder of Leader in a statement. (Apparently, the first step is announcing the lawsuit to the media before Facebook gets a look at it).
[ ]
| |
Shut Down Your Console To Save The Planet
Posted by l33tdawg on Friday, November 21, 2008 - 04:35 AM (Reads: 136)
|
Source: HardOCP
The Natural Resources Defense Council wants people like me to shut off our consoles when not in use. I suppose this can apply to PCs as well and I know a lot of you guys leave yours running constantly too.
Today, more than 40 percent of all homes in the United States contain at least one video game console. Recognizing that all that gaming could add up to serious demand for electricity, NRDC and Ecos Consulting performed the first ever comprehensive study on the energy use of video game consoles and found that they consumed an estimated 16 billion kilowatt-hours per year -- roughly equal to the annual electricity use of the city of San Diego.
While I can clearly see what the NRDC is trying to say, the problem I have is that my PS3 and PC run Folding@Home 24/7. So, I am torn between saving energy and possibly finding a cure for cancer, Parkinson's disease or Alzheimer's. Then I remembered my car consumes about four dead dinosaurs a week when I drive it (so much for saving the planet) so I said screw it and I keep folding.
[ ]
| |
Mobile banking prospects seen better in Asia
Posted by l33tdawg on Friday, November 21, 2008 - 04:34 AM (Reads: 136)
| |
Source: Physorg
Polillo, a remote island in the northeastern Philippines with poor road infrastructure and no public transport, is set to get a taste of mobile banking long before the developed world does. Faced with a desperate need for money transfers after its only functional bank collapsed, the island's cooperative society recently turned to mobile-services major Smart Communications Inc., a subsidiary of Philippine Long Distance Telephone Co., for help.
Smart is now working with Polillo's cooperative society to put in place a system that will help people on the island send and receive cash "with the ease of a text message," according to Napoleon Nazareno, president and chief executive of PLDT.
"Mobile phone companies have a unique opportunity to not only build new profitable businesses but also help uplift the lives of many people who are part of our economies," said Nazareno.
[ ]
| |
Analyst upgrades Yahoo, calling stock cheap
Posted by l33tdawg on Friday, November 21, 2008 - 04:32 AM (Reads: 122)
| |
Source: Physorg
Needham & Co. analyst Mark May upgraded shares of troubled Internet company Yahoo Inc. on Thursday, after the shares skidded below $10 for the first time in more than five years. May said in a note to clients that following the broad sell-off in Yahoo shares, even a gloomy outlook for online advertising shouldn't prevent investors keen on a bargain from snapping up the stock.
"The downside from here is limited," May wrote, while also noting that the company's recent "change in leadership" may bode well. Yahoo Chief Executive Jerry Yang announced Monday he will step aside, once the company's board of directors finds a replacement.
May upgraded Yahoo shares to buy from hold and established a $12 price target. Shares of Yahoo rose in early trading, but then slid lower amid the broad market sell-off, closing down more than 2 percent at $8.95.
[ ]
| |
It’s official: No IE 8 until 2009
Posted by l33tdawg on Friday, November 21, 2008 - 04:30 AM (Reads: 114)
|
Source: ZDNet (Blog)
After one more public test build early next year, Microsoft plans to release the final version of Internet Explorer 8 in calendar 2009. Microsoft officials shared the updated timetable via a November 19 post on the IE Blog.
Until yesterday, Microsoft’s only official pronouncement of when the final IE 8 release was due was before the end of “this year.” I had heard from insiders that Microsoft was aiming to release the final IE 8 build in November, 2008 — a plan which seemed quite ambitious given how often I “report a Webpage problem” to Microsoft when I’m surfing the Web using IE 8 Beta 2.
IE General Manager Dean Hachamovitch provided information on the updated IE 8 timetable on Wednesday.
[ ]
| |
LiveCLIQ brings FREE video streaming and recording to the iPhone
Posted by l33tdawg on Friday, November 21, 2008 - 03:14 AM (Reads: 180)
| |
Source: iPhone Download Blog
L33tdawg: This is pretty cool indeed - of course Cycorder can still just record videos for you but then you don't have the ability to upload from your iPhone itself. Which is kind of a let down considering a 'post to youtube' link would have been absolutely AWESOME. In the meantime however there's LiveCLIQ - plus you could also stream directly which is quite cool as well (we used something similar in bambuser.com for The Pirate Bay keynote webcast during HITBSecConf2008 - Malaysia.
Like Qik and FlixWagon, LiveCLIQ is a free application that allows live streaming and recording of videos directly from your iPhone. Before some of you get too excited, let me tell you right away that this app is only available for jailbroken iPhones. This means that if you’re on a stock iPhone, you will have to wait 2017, until Apple finally decides to add video recording to the iPhone for you to enjoy this neat feature…
Here is how LiveCLIQ works. First I downloaded the application from Cydia. After installing, when you launch the application a message shows up asking for your “token number”. This got me confused for a while. I understood that I needed some type of registration but nothing was telling me where to get this “token number”. The “more info” link for this app in Cydia was showing the LiveCliq.com website and going there didn’t help me at all. After googling “livecliq”, I finally found the LiveCliq.NET website where you can register.
It took a few minutes to figure this out but I finally registered. Then you need to submit your phone number so LiveCLIQ can send you a text message containing a link to your token number. What a straightforward process… NOT! This could have been much easier, simply by allowing me to register directly from my iPhone.
[ ]
| |
Vietnam one of world’s leading sources of spam
Posted by l33tdawg on Friday, November 21, 2008 - 02:59 AM (Reads: 148)
|
Source: Viet Nam News
Viet Nam is not one of the leading Information and Communications Technology (ICT) nations in the world, but it ranks fifth as a source of spam, the Viet Nam Information Security Association said yesterday.
Moreover, many users underestimated the importance of information security in fighting fraud on the internet and failed to take preventive measures, the association told a meeting organised to observe the first national Day of Information Security in HCM City.
The event, held in co-operation with the city’s Department of Information and Communications, aimed at raising awareness of information security in both businesses and public administrative organisations by providing participants with the most up-to-date security technology presented by experts from leading security providers like Microsoft, Kapersky or FPT Telecom.
[ ]
| |
Sex-toy ads pulled from NRC website
Posted by l33tdawg on Friday, November 21, 2008 - 02:51 AM (Reads: 148)
| |
Source: Canada.com
The Red Planet was looking more like a red-light district on Wednesday with a federal government website designed to get children interested in colonizing Mars also advertising lingerie and sex toys.
Before the ads were pulled, the French version of the National Research Council's Marsville project pages featured a series of links with titles such as "sexy lingerie."
Clicking through the links brought up web pages advertising the adults-only products, including one with photographs of a variety of sexual implements sold by U.S.-based company Eden Fantasys, next to images of other paraphernalia such as the "Nymphomation foot-long sex toy case." Another page linked from the Marsville site featured a graphic image of a blue sex toy.
[ ]
| |
IT Security's Next Big Threat: Young People
Posted by l33tdawg on Friday, November 21, 2008 - 02:51 AM (Reads: 208)
|
Source: Dark Reading
First, it was viruses. Then it was financially motivated hackers, followed by insider threats. And the next big danger? People who can't remember the Bee Gees. During the past two weeks, IT security managers have been getting a new warning that turns the old '60s hippie slogan -- "Never trust anyone over 30" -- upside down. The new message: Twenty-somethings are putting the corporate network at risk.
Since Nov. 5, three separate studies -- from Accenture, Intel, and ISACA, a major IT users group -- have indicted the youngest generation of employees as one of the enterprise's newest and most serious security risks. People under the age of 28 -- sometimes called Generation Y and sometimes called Millenials, depending on how you define the category -- are engaging in online behavior that could expose their organizations to data leakage and information theft, the studies say.
The Accenture study, published two weeks ago, queried more than 400 students and employees ranging from age 14 to age 27. It found that more than half (60 percent) of young people "are either unaware of their companies' IT policies or are not inclined to follow them."
[ ]
| |
Russian hackers stole my homework
Posted by l33tdawg on Friday, November 21, 2008 - 02:48 AM (Reads: 183)
| |
Source: The Inquirer
TECH SAVVY kids of today are coming up with different excuses for failing to submit work on time.
Gone are the days of blaming the dog for eating the homework, new research suggests the average British teacher now hears 15 different homework excuses every week.
The best technique is attempting to blame modern gadgets that older staff members have failed to master. Now the most common excuse for late homework include "the computer crashed", "the internet was down", "a printer failed to work" and "work was deleted by accident".
[ ]
| |
Piracy fears emerge after hackers crack the PSP 3000
Posted by l33tdawg on Friday, November 21, 2008 - 02:47 AM (Reads: 185)
| |
Source: PS3 Center
Sony's latest PlayStation Portable model, the PSP 3000, has been reportedly cracked by hackers.
The original PSP has been a favourite among hackers for some time and now they have found a way to alter the firmware of the PSP 3000. Using a device called the Datel Lite Blue Tool, which allows hackers to access the PSP's service menu, the firmware can be altered allowing both homebrew and pirated games to be used.
Sony has yet to make an official comment on the issue. Hackers discuss their illegal success online, revealing: “Although there were early indications that the PSP3000 had embedded Service Mode capability, it was clear that silicon level investigation would be required to understand the new mechanism.
[ ]
| |
Adobe Air polluted by critical flaws
Posted by l33tdawg on Friday, November 21, 2008 - 02:46 AM (Reads: 167)
|
Source: MX Logic
The Adobe Air web development environment is littered with critical security vulnerabilities which could leave systems open to attack, the company has conceded.
According to ZDNet, the flaws could lead to remote code execution and a potential network security breach if left unresolved. The firm announced that the vulnerabilities are known to affect versions 1.1 and earlier and can all be exploited externally.
It urged firms to upgrade to the latest version in an effort to avoid falling victim to such an attack, which allows hackers to execute untrusted JavaScript code with escalated privileges. ZDNet notes that the security concession was nestled among a flurry of positive announcements about the development platform.
[ ]
| |
IETF: Should we ignore the Kaminsky bug?
Posted by l33tdawg on Friday, November 21, 2008 - 02:46 AM (Reads: 143)
| |
Source: Computer World (Australia)
The Internet engineering community is grappling with what to do about a serious flaw in the DNS discovered mid-year, and the ongoing debate brings to mind a famous quotation from Voltaire: "The perfect is the enemy of the good."
At issue is whether the group should use its resources to encourage DNS registries, ISPs and enterprises to upgrade to the ultimate DNS security solution known as DNSSEC; or whether it should tweak the DNS protocols to address the so-called Kaminsky bug as an interim step. The issue is being debated at a meeting of the IETF, the Internet's leading standards body, being held here this week.
In July, security researcher Dan Kaminsky discovered a DNS bug that allows for cache poisoning attacks, where a hacker redirects traffic from a legitimate Web site to a fake one without the user knowing. With DNSSEC, the IETF already has a solution to the Kaminsky problem and other known DNS vulnerabilities. However, DNSSEC hasn't been widely deployed, although it has been under development for more than a decade.
[ ]
| |
China Targets U.S. Computers For Espionage, Report Warns
Posted by l33tdawg on Friday, November 21, 2008 - 02:45 AM (Reads: 153)
| |
Source: Information Week
Chinese cyberattacks on civilian, government, and military networks are rising, a congressional advisory committee warned in a report released Thursday, and the United States needs to bolster its defenses and engage with allies and Chinese authorities to clarify the consequences of aggression in cyberspace.
"China is targeting U.S. government and commercial computers for espionage," says the U.S.-China Economic and Security Review Commission's (USCC) 2008 Annual Report to Congress. "Alan Paller from the SANS Institute, an Internet security company, believes that in 2007 the 10 most prominent U.S. defense contractors, including Raytheon, Lockheed Martin, Boeing, and Northrop Grumman, were victims of cyberespionage through penetrations of their unclassified networks."
[ ]
| |
Queuing psychology: Can waiting in line be fun?
Posted by l33tdawg on Friday, November 21, 2008 - 02:43 AM (Reads: 219)
|
Source: CNN
L33tdawg: I think if you're just waiting in line with absolutely NOTHING to do, then it would be the suck, but if you've got an iPod, iPhone or PSP - it's not so bad :P Oh yes and there's also that old fashion thing people call 'reading material' *grin*
Warning: Standing in line can cause extreme boredom, annoyance and even rage, which is precisely why there is a fascinating science devoted to what makes people tick -- and ticked off -- when forced to wait.
You may not know it, but the seemingly mundane task of forming a queue at the airport, a fast-food joint or a post-Thanksgiving midnight sale is the subject of careful study by experts in the field of queuing psychology.
The findings may not always reduce wait times, but they can cut frustration and make people feel better, or even happy, about waiting in line, said Richard Larson, who has researched queuing psychology for more than two decades.
[ ]
| |
PSP 3000 hacked with Datel Lite Blue Tool
Posted by l33tdawg on Thursday, November 20, 2008 - 01:33 AM (Reads: 642)
| |
Source: Engadget
When it comes to hacking the PSP, the standard model was a popular pastime, but it has been a different story for the PSP 3000. Hackers have found that trying to hack the PSP 3000 a bit of a tough one, but there might be some light at the end of this dark tunnel.
Sony can’t get the champagne out just yet, as Datel have a new battery peripheral called the Datel Lite Blue Tool. The tool will boot the Sony PSP 3000 into service mode, this will allow you to downgrade to an earlier version where cracked firmwares were possible.
Most older PSP’s were able to already do this, but not the PSP 3000, so if you want to hack it then the Datel Lite Blue is the tool for you. The price is $29.99, so it will not break the bank.
[ ]
| |
|
Last 15 Postings to HITB Forum
Packet Storm Security Latest
· fwknop-1.9.9.tar.gzfwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Added support to fwknop for the Linux 'any' interface. Added support for interfacing fwknop with third party software through the addition of three new variables in the access.conf file.Various other fixes and additions.
· kvirc-exec.txtKVIrc version 3.4.2 Shiny URI handler remote code execution exploit.
· vcalendar-disclose.txtVCalendar suffers from a remote database disclosure vulnerability.
· ZDI-08-076.txtA vulnerability allows remote attackers to retrieve arbitrary files on systems with vulnerable installations of EMC Control Center SAN Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SAN Manager Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_SENDFILE requests the service does not validate the requestor allowing any remote attacker to download arbitrary files.
· ZDI-08-075.txtA vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC Control Center SAN Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SAN Manager Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_CTGTRANS requests the process copies packet data into a fixed length stack buffer. Exploitation allows for arbitrary code execution under the context of the SYSTEM user.
· toursmanager-blindsql.txtToursManager suffers from a blind SQL injection vulnerability in tourview.php.
· phprsgal-sql.txtphpRS versions 2.6.x and 2.8.x suffer from a remote SQL injection vulnerability in gallery.php.
· MDVSA-2008-233.txtMandriva Linux Security Advisory 2008-233 - A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code. In addition, the fixes for were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 (this was originally fixed in MDKSA-2005:075). This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this fix already applied. The updated packages have been patched to prevent these issues.
Topics
· All topics
· AMD News (Oct 07, 2008)
· Apple News (Nov 21, 2008)
· Articles (Feb 13, 2006)
· Ask Us (Feb 01, 2003)
· Audio/Video (Nov 12, 2008)
· Encryption (Nov 10, 2008)
· Games (Nov 13, 2008)
· Hardware (Nov 21, 2008)
· HITB News (Sep 25, 2008)
· Industry News (Nov 21, 2008)
· Intel News (Nov 13, 2008)
· Law and Order (Nov 21, 2008)
· Linux (Nov 19, 2008)
· Microsoft (Nov 21, 2008)
· Networking (Nov 12, 2008)
· PDAs (Feb 09, 2007)
· Privacy (Nov 21, 2008)
· Red Hat (Sep 29, 2008)
· Science (Nov 21, 2008)
· Security (Nov 21, 2008)
· Software & Programming (Nov 21, 2008)
· Spam (Nov 21, 2008)
· Technology (Nov 18, 2008)
· Transmeta (Jul 07, 2007)
· Viruses & Malware (Nov 19, 2008)
· Wireless (Nov 12, 2008)
HITB on Facebook
Join our Facebook Group 
|
Re: is that