Video Codec Shootout:
"There are a great many considerations when it comes to digital video -- such as streaming capabilities, server software and processor load, and licensing costs for packaged media -- that are of more concern to businesses than home users. For the most part, we're not going to focus on these enterprise-oriented issues.
Rather, this is an article for those who want to compress video for home use: to e-mail to family members, put up on a Web site, burn onto a CD, re-compress to fit on a PDA or portable video player, or just archive for later use. Our focus is on middle-of-the-road bitrates suitable for download or CD archives, not extremely low bitrates for streaming over the Internet or very high bitrates for DVD-ROM based packaged media. "
http://www.extremetech.com/print_article/0,1583,a=121163,00.asp
Saturday, March 13, 2004
Microsoft Raises Threat Level of Outlook Hole:
"The Redmond, Wash., software maker increased the threat level of the Outlook security vulnerability to its highest level of four — "critical." The Outlook 2002 hole could let an attacker run malicious code on a user's machine.
Microsoft originally had labeled the vulnerability as "important" and believed that attackers could only exploit the hole if users had set the Outlook Today folder as the default view for Outlook 2002, said Mike Reavey, a Microsoft security program manager.
After issuing a fix for the Outlook hole, as part of Microsoft's March security bulletin releases, the company learned from the researcher who discovered the vulnerability that attackers could reach a wider number of users by forcing them into the view in order to run an exploit, Reavey said."
"It has the potential to affect users that are in any (Outlook 2002) view at all," he said.
http://www.eweek.com/article2/0,1759,1546968,00.asp?kc=EWNWS031104DTX1K0000599
"The Redmond, Wash., software maker increased the threat level of the Outlook security vulnerability to its highest level of four — "critical." The Outlook 2002 hole could let an attacker run malicious code on a user's machine.
Microsoft originally had labeled the vulnerability as "important" and believed that attackers could only exploit the hole if users had set the Outlook Today folder as the default view for Outlook 2002, said Mike Reavey, a Microsoft security program manager.
After issuing a fix for the Outlook hole, as part of Microsoft's March security bulletin releases, the company learned from the researcher who discovered the vulnerability that attackers could reach a wider number of users by forcing them into the view in order to run an exploit, Reavey said."
"It has the potential to affect users that are in any (Outlook 2002) view at all," he said.
http://www.eweek.com/article2/0,1759,1546968,00.asp?kc=EWNWS031104DTX1K0000599
The ASP.NET Resource Kit is available:
"The ASP.NET Resource Kit is available for download free of charge from http://www.msdn.microsoft.com/asp.net/asprk. Developers can also order a copy of the Resource Kit on CD for a small shipping and handling fee.
The MSDN ASP.NET Migration Center and the ASP to ASP.NET and PHP to ASP.NET Migration Guides are located at http://www.msdn.microsoft.com/asp.net/using/migrating/."
http://www.msdn.microsoft.com/asp.net/asprk
"The ASP.NET Resource Kit is available for download free of charge from http://www.msdn.microsoft.com/asp.net/asprk. Developers can also order a copy of the Resource Kit on CD for a small shipping and handling fee.
The MSDN ASP.NET Migration Center and the ASP to ASP.NET and PHP to ASP.NET Migration Guides are located at http://www.msdn.microsoft.com/asp.net/using/migrating/."
http://www.msdn.microsoft.com/asp.net/asprk
Friday, March 12, 2004
Advanced Placement Digital Library in Biology, Physics, and Chemistry:
"Advanced Placement (AP) teachers and students will find resources linked to the AP content outlines, published by the College Board, in biology, physics, and chemistry."
http://apdl.rice.edu/DesktopDefault.aspx
"Advanced Placement (AP) teachers and students will find resources linked to the AP content outlines, published by the College Board, in biology, physics, and chemistry."
http://apdl.rice.edu/DesktopDefault.aspx
Tuesday, March 09, 2004
Symantec Security Response - W32.Netsky@mm Removal Tool:
"Symantec Security Response has developed a removal tool to clean infections of the following Netsky variants.
W32.Netsky.B@mm
W32.Netsky.C@mm
W32.Netsky.D@mm
W32.Netsky.E@mm
W32.Netsky.K@mm"
http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky@mm.removal.tool.html
"Symantec Security Response has developed a removal tool to clean infections of the following Netsky variants.
W32.Netsky.B@mm
W32.Netsky.C@mm
W32.Netsky.D@mm
W32.Netsky.E@mm
W32.Netsky.K@mm"
http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky@mm.removal.tool.html
The Hidden Power of Photoshop CS: Chapter 2: Color Separations. Pt. 1. By Sybex - WebReference.com-:
"Photoshop provides many tools that seem to produce some magic behind the scenes. Channels, one of the most prominent of these tools, allow you to work directly with components of a color model, such as RGB or CMYK. But, as we saw in the previous chapter, channels can actually be simulated using some simple light theory. Understanding what the channels represent can help you make more intelligent color and correction decisions, and can very much change the way you work with images.… "
http://www.webreference.com/graphics/ps1/
"Photoshop provides many tools that seem to produce some magic behind the scenes. Channels, one of the most prominent of these tools, allow you to work directly with components of a color model, such as RGB or CMYK. But, as we saw in the previous chapter, channels can actually be simulated using some simple light theory. Understanding what the channels represent can help you make more intelligent color and correction decisions, and can very much change the way you work with images.… "
http://www.webreference.com/graphics/ps1/
Linux Privilege Escalation Hole Detected:
"For the second time in as many months, security researchers have uncovered a privilege escalation security flaw in the Linux kernel.…"
The flaw carries a "critical" rating and affects Linux versions 2.2 up to and including 2.2.25; it also impacts versions 2.4 up to and including 2.4.24 as well as versions 2.6 up to and including 2.6.2.
"Proper exploitation of this vulnerability leads to local privilege escalation giving an attacker full super-user privileges. The vulnerability may also lead to a denial-of-service attack on the available system memory," iSEC warned.
Linux distributor Gentoo confirmed its implementation of the open source operating system was susceptible to the flaw and strongly urged uses to upgrade to newer, more secure versions.
According to Gentoo, arbitrary code with normal non-superuser privileges may be able to exploit this vulnerability and may disrupt the operation of other parts of the kernel memory management subroutines.
Proper exploitation of this vulnerability may lead to local privilege escalation allowing for the execution of arbitrary code with kernel level root access," Gentoo warning, noting that proof-of-concept exploit code has been created and successfully tested.
The flaw was discovered in the memory subsystem which allows for shrinking, growing, and moving of chunks of memory along any of the allocated memory areas which the kernel possesses. iSEC Security Research found that the code doesn't check the return value of the memory function.…
http://www.internetnews.com/dev-news/article.php/3322911
"For the second time in as many months, security researchers have uncovered a privilege escalation security flaw in the Linux kernel.…"
The flaw carries a "critical" rating and affects Linux versions 2.2 up to and including 2.2.25; it also impacts versions 2.4 up to and including 2.4.24 as well as versions 2.6 up to and including 2.6.2.
"Proper exploitation of this vulnerability leads to local privilege escalation giving an attacker full super-user privileges. The vulnerability may also lead to a denial-of-service attack on the available system memory," iSEC warned.
Linux distributor Gentoo confirmed its implementation of the open source operating system was susceptible to the flaw and strongly urged uses to upgrade to newer, more secure versions.
According to Gentoo, arbitrary code with normal non-superuser privileges may be able to exploit this vulnerability and may disrupt the operation of other parts of the kernel memory management subroutines.
Proper exploitation of this vulnerability may lead to local privilege escalation allowing for the execution of arbitrary code with kernel level root access," Gentoo warning, noting that proof-of-concept exploit code has been created and successfully tested.
The flaw was discovered in the memory subsystem which allows for shrinking, growing, and moving of chunks of memory along any of the allocated memory areas which the kernel possesses. iSEC Security Research found that the code doesn't check the return value of the memory function.…
http://www.internetnews.com/dev-news/article.php/3322911
How to Use Command Line Shortcuts:
"How to Use Command Line Shortcuts"
http://www.microsoft.com/WindowsXP/expertzone/columns/ballew/commandline.asp
"How to Use Command Line Shortcuts"
http://www.microsoft.com/WindowsXP/expertzone/columns/ballew/commandline.asp
Windows XP Support Secrets:
"Windows XP Support Secrets"
http://www.microsoft.com/WindowsXP/expertzone/columns/bott/suppsec.asp
"Windows XP Support Secrets"
http://www.microsoft.com/WindowsXP/expertzone/columns/bott/suppsec.asp
Finding Help Online for New Users:
"Finding Help Online for New Users"
http://www.microsoft.com/windowsxp/expertzone/columns/ballew/02august19.asp
"Finding Help Online for New Users"
http://www.microsoft.com/windowsxp/expertzone/columns/ballew/02august19.asp
Worms Are For Suckers Page 2:
"BE VERY SKEPTICAL OF ANY ATTACHMENT IN E-MAIL. This doesn't mean that you shouldn't trust any attachment at all, but unless you know the sender and were expecting the file, you should scrutinize it and not open it unless you can determine that it's legitimate.
Keep your antivirus software and firewall up to date. They aren't perfect, but they help a lot.
If your mail client can block all executables, let it. Most worms, including NetSky, will be blocked just by this. If not, find some other way to do it. It's just not worth being able to mail executables around. Incidentally, both Outlook and Outlook Express have done this for years, and therefore their users have been immune to these worms. "
http://www.eweek.com/article2/0,1759,1543635,00.asp
"BE VERY SKEPTICAL OF ANY ATTACHMENT IN E-MAIL. This doesn't mean that you shouldn't trust any attachment at all, but unless you know the sender and were expecting the file, you should scrutinize it and not open it unless you can determine that it's legitimate.
Keep your antivirus software and firewall up to date. They aren't perfect, but they help a lot.
If your mail client can block all executables, let it. Most worms, including NetSky, will be blocked just by this. If not, find some other way to do it. It's just not worth being able to mail executables around. Incidentally, both Outlook and Outlook Express have done this for years, and therefore their users have been immune to these worms. "
http://www.eweek.com/article2/0,1759,1543635,00.asp
Worm Masquerades as MyDoom Patch:
"A new worm purporting to contain a patch to defend against MyDoom is attacking Windows machines throughout Europe and parts of North America.
Sober.D appeared Sunday and began spreading in Germany and the United Kingdom. The worm arrives in an e-mail message with a subject line of 'Microsoft Alert: Please Read!' and carries a sending address with a Microsoft domain. The domain extension on the messages are typically from Germany, Israel, Switzerland or Austria. "
The new worm comes a week after the largest, most concentrated onslaught of virus activity in recent memory, which included the appearances of 16 new viruses within about 10 days. Most of those new threats were variants of existing viruses, including MyDoom. The original version of Sober hit the Internet last October and never amounted to much.
Many of the samples of the new variant that antivirus vendors have seen so far have been written in German. The body of the infected message reads:
"New MyDoom Virus Variant Detected! A new variant of the W32.Mydoom (W32.Novarg) worm spread rapidly through the Internet. Anti-virus vendor Central Command claims that 1 in 45 e-mails contains the MyDoom virus. The worm also has a backdoor Trojan capability. By default, the Trojan component listens on port 13468. Protection: Please download this digitally signed attachment. This Update includes the functionality of previously released patches."
The message includes a file attachment that is either an executable or a Zip archive, according to Network Associates Inc.'s analysis of Sober.D. Once installed on a machine, the virus will display a phony error message indicating either that the fake patch has been installed or does not need to be installed on the PC.
Sober.D then scours the machine's hard drive for e-mail addresses and begins mailing itself out.…
http://www.eweek.com/article2/0,1759,1544482,00.asp?kc=EWNWS030804DTX1K0000599
"A new worm purporting to contain a patch to defend against MyDoom is attacking Windows machines throughout Europe and parts of North America.
Sober.D appeared Sunday and began spreading in Germany and the United Kingdom. The worm arrives in an e-mail message with a subject line of 'Microsoft Alert: Please Read!' and carries a sending address with a Microsoft domain. The domain extension on the messages are typically from Germany, Israel, Switzerland or Austria. "
The new worm comes a week after the largest, most concentrated onslaught of virus activity in recent memory, which included the appearances of 16 new viruses within about 10 days. Most of those new threats were variants of existing viruses, including MyDoom. The original version of Sober hit the Internet last October and never amounted to much.
Many of the samples of the new variant that antivirus vendors have seen so far have been written in German. The body of the infected message reads:
"New MyDoom Virus Variant Detected! A new variant of the W32.Mydoom (W32.Novarg) worm spread rapidly through the Internet. Anti-virus vendor Central Command claims that 1 in 45 e-mails contains the MyDoom virus. The worm also has a backdoor Trojan capability. By default, the Trojan component listens on port 13468. Protection: Please download this digitally signed attachment. This Update includes the functionality of previously released patches."
The message includes a file attachment that is either an executable or a Zip archive, according to Network Associates Inc.'s analysis of Sober.D. Once installed on a machine, the virus will display a phony error message indicating either that the fake patch has been installed or does not need to be installed on the PC.
Sober.D then scours the machine's hard drive for e-mail addresses and begins mailing itself out.…
http://www.eweek.com/article2/0,1759,1544482,00.asp?kc=EWNWS030804DTX1K0000599
Monday, March 08, 2004
mezzoblue revised image replacement:
"Plenty of new and interesting revisions to the original Fahrner Image Replacement technique have sprouted up recently. This is an attempt to consolidate them, so that perhaps we can decide on the official replacement.
Requirements: the replacement must solve the screen reader problem, and it must address the 'images off, css on' problem. It is also hoped that a solution will be found that reduces the need for empty elements. The successful technique must work in browsers back to 5.x, but as of the time of writing none of these appear to fail so browser support matrices will be spared.
The two most promising techniques, Phrak and Gilder/Levin are available on a reduced page for screenreader testing."
http://www.mezzoblue.com/tests/revised-image-replacement/
"Plenty of new and interesting revisions to the original Fahrner Image Replacement technique have sprouted up recently. This is an attempt to consolidate them, so that perhaps we can decide on the official replacement.
Requirements: the replacement must solve the screen reader problem, and it must address the 'images off, css on' problem. It is also hoped that a solution will be found that reduces the need for empty elements. The successful technique must work in browsers back to 5.x, but as of the time of writing none of these appear to fail so browser support matrices will be spared.
The two most promising techniques, Phrak and Gilder/Levin are available on a reduced page for screenreader testing."
http://www.mezzoblue.com/tests/revised-image-replacement/
ZDNet AnchorDesk: Virus 'gangs' to blame for recent epidemic:
"It's a busy time for computer viruses and worms. Over the last three weeks, we've seen nearly two dozen variations of Bagle, Netsky, and MyDoom circulate the Net. What gives? It looks like gang warfare is responsible, drive-by shootings on the information highway."
YOU HEARD ME right. "Gangs" of virus writers are currently trying to outdo one another and protect their turf. What they're fighting for is control of thousands of Trojan horses that create stealth peer-to-peer networks out of virus-infected computers worldwide. Such networks can be used to launch next-generation computer viruses or distributed denial-of-service attacks. They can also be sold to spammers who use them to anonymously send messages to our inboxes. Because of all their uses, virus writers consider these networks worth fighting for.
Unfortunately, you and I aren't just bystanders, we're the targets. And the only solution I can offer is what I've been saying for years: Update your antivirus software and don't open unsolicited e-mail messages. I wish there were a magic fix I could offer that would inoculate us all from these viruses, but, unfortunately, I can't. These infections aren't even very original. They use good old-fashioned social engineering, and not a software flaw, to spread.
There appear to be three distinct gangs: the MyDoomers, who are using source code from the MyDoom.b worm to set up stealth networks; the Bagles, who wrote their own unique viral code to establish the same sorts of networks; and the Netskys, who seem to have started the whole imbroglio by thwarting the plans laid down by MyDoom and Bagle.
THE FIGHT seems to have broken out on Feb. 18, when Netsky.b appeared on the Net and began removing traces of MyDoom and Bagle from infected computers. Netsky.b not only removed the viral code, but also the Trojan horse "back doors." These are the tunnels of communication that allow the MyDoom and Bagle gangs to communicate with infected systems and thus set up the valuable peer-to-peer networks. Needless to say, the authors of the Bagle and MyDoom variants took offense--as Netsky spread, their networks began to shrink in size and thus their ability to do harm online diminished.
One week later, on Feb. 25, the Netsky.c variant appeared a hidden message embedded in the code: "We are the skynet--you can't hide yourself---we kill malware...MyDoom.f is a thief of our idea!" (Such messages are known as "greetz.") A few days later, Bagle.J and MyDoom.G responded: "Hey, NetSky...Don't ruin our business, wanna start a war?" and "To NetSky's creator(s): imho, skynet is a decentralized peer-to-peer neural network. We have seen P2P in Slapper in Sinit only. They may be called skynets, but not your...app." (Slapper is a Linux worm that established its own P2P network starting in August 2002; Sinit is a common Trojan horse that also established its own P2P network, starting in October 2003.)
Greetz are not new; often they are directed at rival Internet gangs or antivirus researchers. In December of 2001, rival members of Israeli script kiddie gangs unwittingly released the Goner virus. In that case, the virus (which they called Pentagone) contained greetz with Internet nicknames of the authors: "Pentagone coded by: suid, tested by: ThE_SkuLL and Isatanl." Originally, the authors named in the greetz denied their involvement; shortly thereafter, however, they took credit for the virus when the news media started saying the code was cut and pasted from elsewhere. A short time later, the Israeli youths were arrested and sentenced to 2.5 years in jail.…
http://reviews-zdnet.com.com/AnchorDesk/4520-7297_16-5124832.html?tag=adss
"It's a busy time for computer viruses and worms. Over the last three weeks, we've seen nearly two dozen variations of Bagle, Netsky, and MyDoom circulate the Net. What gives? It looks like gang warfare is responsible, drive-by shootings on the information highway."
YOU HEARD ME right. "Gangs" of virus writers are currently trying to outdo one another and protect their turf. What they're fighting for is control of thousands of Trojan horses that create stealth peer-to-peer networks out of virus-infected computers worldwide. Such networks can be used to launch next-generation computer viruses or distributed denial-of-service attacks. They can also be sold to spammers who use them to anonymously send messages to our inboxes. Because of all their uses, virus writers consider these networks worth fighting for.
Unfortunately, you and I aren't just bystanders, we're the targets. And the only solution I can offer is what I've been saying for years: Update your antivirus software and don't open unsolicited e-mail messages. I wish there were a magic fix I could offer that would inoculate us all from these viruses, but, unfortunately, I can't. These infections aren't even very original. They use good old-fashioned social engineering, and not a software flaw, to spread.
There appear to be three distinct gangs: the MyDoomers, who are using source code from the MyDoom.b worm to set up stealth networks; the Bagles, who wrote their own unique viral code to establish the same sorts of networks; and the Netskys, who seem to have started the whole imbroglio by thwarting the plans laid down by MyDoom and Bagle.
THE FIGHT seems to have broken out on Feb. 18, when Netsky.b appeared on the Net and began removing traces of MyDoom and Bagle from infected computers. Netsky.b not only removed the viral code, but also the Trojan horse "back doors." These are the tunnels of communication that allow the MyDoom and Bagle gangs to communicate with infected systems and thus set up the valuable peer-to-peer networks. Needless to say, the authors of the Bagle and MyDoom variants took offense--as Netsky spread, their networks began to shrink in size and thus their ability to do harm online diminished.
One week later, on Feb. 25, the Netsky.c variant appeared a hidden message embedded in the code: "We are the skynet--you can't hide yourself---we kill malware...MyDoom.f is a thief of our idea!" (Such messages are known as "greetz.") A few days later, Bagle.J and MyDoom.G responded: "Hey, NetSky...Don't ruin our business, wanna start a war?" and "To NetSky's creator(s): imho, skynet is a decentralized peer-to-peer neural network. We have seen P2P in Slapper in Sinit only. They may be called skynets, but not your...app." (Slapper is a Linux worm that established its own P2P network starting in August 2002; Sinit is a common Trojan horse that also established its own P2P network, starting in October 2003.)
Greetz are not new; often they are directed at rival Internet gangs or antivirus researchers. In December of 2001, rival members of Israeli script kiddie gangs unwittingly released the Goner virus. In that case, the virus (which they called Pentagone) contained greetz with Internet nicknames of the authors: "Pentagone coded by: suid, tested by: ThE_SkuLL and Isatanl." Originally, the authors named in the greetz denied their involvement; shortly thereafter, however, they took credit for the virus when the news media started saying the code was cut and pasted from elsewhere. A short time later, the Israeli youths were arrested and sentenced to 2.5 years in jail.…
http://reviews-zdnet.com.com/AnchorDesk/4520-7297_16-5124832.html?tag=adss
Subscribe to:
Posts (Atom)
Posts
