Saturday, October 09, 2004

Trojan pretends to do good | Tech News on ZDNet

Trojan pretends to do good | Tech News on ZDNet:
"Security company Symantec is warning Internet users of a Trojan horse that removes adware but alters the settings in computers.

While Downloader.Lunii eliminates a variety of adware programs--often known as spyware--the Trojan also tries to maliciously change the security settings of Windows PCs and then downloads files from unknown Web sites, Symantec said.

'It's common that a Trojan will try to change as much security as possible,' said Nigel Beighton, Symantec's director of enterprise strategy. 'They often try to change Microsoft, Symantec and McAfee software.'

Symantec classified Lunii as a low-risk Trojan."

http://news.zdnet.com/2100-1009_22-5400982.html?tag=adnews

Microsoft to tune up Media Center PC

Microsoft to tune up Media Center PC:
"For the first time, Microsoft's Windows XP Media Center Edition is supporting multiple tuners, meaning that consumers will be able to watch one channel while recording another or record two stations at once, CNET News.com has learned. The feature is one of several improvements Microsoft has made with Windows XP Media Center Edition 2005, an update that the company plans to announce next week. "

At the same time, Microsoft is also allowing computer makers to create Media Center PCs that lack the TV recording feature altogether, a move that will allow computer makers to offer PCs with the operating system for less than $800. It's all part of an effort by Microsoft to position Media Center as a more mainstream consumer OS.

Without an all-new version of Windows until Longhorn in 2006, Microsoft is hoping that an improved Media Center OS can help reignite interest in the 3-year-old Windows XP operating system. The launch of the updated Media Center, along with several new companion products, will form a key part of Microsoft's fall marketing blitz designed to sell consumers on the benefits of XP.

The entertainment-oriented Media Center OS is similar to other flavors of Microsoft's flagship Windows XP, but adds a second interface that can play movies, music, digital pictures or television and be controlled via remote control. In its first two incarnations, Media Center has attracted only a niche of the PC market, largely those interested in recording TV shows onto their hard drives.

Microsoft has thus far been largely mum about the new version of Media Center OS, though details have begun to trickle out. As previously reported, the new version has several new features designed to address current shortcomings, such as the ability to burn CDs and DVDs from within the remote-controlled interface.…

http://techrepublic.com.com/5100-22_11-5398938.html?tag=nl.e103

Microsoft Fixes Vexing XP SP2 Incompatibility

Microsoft Fixes Vexing XP SP2 Incompatibility
Numerous applications, including some of Microsoft's own, have encountered compatibility problems with Windows XP SP2 (Service Pack 2). But one application in particular wreaked an inordinate amount of havoc until Microsoft created a removal tool, and now a patch, for it.

That application—which many industry watchers consider to fall more into the adware/spware category—was Total Velocity Software's TV Media application. TV Media hides on users' PCs and displays commercials.


A number of users with TV Media lurking on their PCs who attempted to load SP2 were hit immediately with the dreaded blue screen of death.

Microsoft posted a Knowledge Base article on its Web site in September that outlined the TV Media-SP2 problems. Microsoft posted a downloadable TV Media removal tool around the same time.

The company posted a patch Tuesday that it characterized as a "critical update," which is designed to head off the TV Media problem at the pass.

The TV Media problems were not discovered during SP2 beta testing, said Matt Fingerhut, PSS senior director of consumer technical support. But once Microsoft began rolling out the final SP2 version, TV Media in particular—and spyware in general—started botching SP2 installations.


http://support.microsoft.com/default.aspx?
kbid=885523&product=windowsxpsp2


http://www.microsoft.com/downloads/details.aspx?
amp;amp;amp;displaylang=en&familyid=
F94E8B27-B656-45CD-9668-73134A18231B&displaylang=en


http://www.microsoft.com/downloads/details.aspx?
amp;displaylang=en.&familyid=
65875203-CF1B-4D32-8F32-E00D004659F6&displaylang=en


Microsoft began advising customers a few weeks ago to
scan for and remove all spyware from their PCs before attempting to install SP2.


http://www.eweek.com/article2/0,1759,1667872,00.asp


Friday, October 08, 2004

37signals: An Introduction to Using Patterns in Web Design

37signals: An Introduction to Using Patterns in Web Design:
"The biggest challenge for web designers is the unthinkably huge number of possible ways to solve any given problem. We usually don't think of this because we have our habits and traditions to fall back on, but there are literally billions of possible pixel combinations for each page we make."

There is a better way to manage this vast complexity than by making big decisions up front and hoping for the best. To make better sites — sites that are functional, beautiful, and "usable" — we have to break our design problems up into small independent chunks based on the real issues within our requirements. Christopher Alexander, who came up with this stuff, calls these chunks patterns.

http://37signals.com/papers/introtopatterns/


A Search Engine For Java Code

A Search Engine For Java Code:
"Can't find that last bit of Java code to complete your project? IBM is developing a search engine it claims will let Java developers find even the briefest code examples in a fraction of the time it now takes. "

Code-named "Prospector , http://snobol.cs.berkeley.edu/prospector-bin/search.py," the engine seeks out code examples that use any or all of J2SE 1.4, Eclipse 3.0, and Eclipse GEF (Graphical Editing Framework) code. IBM is working with the U.C. Berkeley Computer Science Department to fund the venture with a fraction of its $1 billion annual developer budget.

The search engine is currently in beta testing with plans for completion by the end of the year.

http://www.internetnews.com/dev-news/article.php/3417991


Web Analytics: A User's Guide, Part 1

Web Analytics: A User's Guide, Part 1:
"Web analytics is an umbrella term that refers to the tracking of many different indicators: total site usage, which products are selling (and which aren't), trends in usage, type of visitors (age, income, location), where visitors come from, and other factors. Web analytics data guides site managers as they improve their site, and their bottom line.

Running a Web site without such data is like steering a ship without reliable indicators of wind level and sun position: there's no way to find your direction.

Inherent in Web analytics are two key concepts: First, that a site manager examines her data on a regular basis, perhaps weekly or even daily. Second, that a site manager changes her site based on that data, then continues to track that data over time to watch the effect of those decisions. If the new data indicates the change was profitable, stick with it; if not, try a different direction.

The central idea is to trust the data more than your preconceived notions of shopper opinion, or what other sites are doing, or the ego of the CEO. In short, the numbers don't lie. And only by truly following the numbers can a site's revenue be maximized. "

http://www.ecommerce-guide.com/solutions/customer_relations/article.php/3416791

Wednesday, October 06, 2004

Video-Editing Power For Non-Pros by PC Magazine

Video-Editing Power For Non-Pros by PC Magazine:
"While earlier consumer-level packages shunned advanced concepts such as multitrack editing and chroma key capabilities, software developers have recognized that many early adopters are ready for more powerful software—but aren't ready or willing to tackle the $500-and-up packages intended for videographers. The newest entries in this upper-entry-level segment are Adobe Premiere Elements and Pinnacle Studio Plus 9.

To compare these programs, PC Magazine created a 12-minute video project that included a variety of transitions and effects, including slow motion, chroma key, and picture-in-picture (PiP). Studio Plus won two of three trials, producing our DVD in 35 minutes 13 seconds, compared to 50:22 for Premiere Elements; and rendering to a Windows Media file in 31:36, compared to 38:12 for Premiere Elements. That better performance, combined with the program's polish and versatility, make Pinnacle Studio Plus 9 our PC Magazine's Choice among consumer video-editing products."

http://www.pcmag.com/print_article/0,1761,a=135822,00.asp

Tuesday, October 05, 2004

WinXPnews Open Control Panel Applets from the Run Box

WinXPnews Open Control Panel Applets from the Run Box :
"Open Control Panel Applets from the Run Box

Are you a keyboard whiz who prefers typing commands to navigating through a bunch of windows with the mouse? Here are the commands for opening some popular Control Panel applets (just type them in the Run box): "

http://www.winxpnews.com/control_panel_applets.cfm

New Phishing System Takes Advantage of JPEG Bug

New Phishing System Takes Advantage of JPEG Bug:
"Symantec Corp.'s Threat Analyst Team has discovered an exploit in the wild that utilizes the recently announced JPEG vulnerability in Microsoft Corp.'s GDI+ library to install a new and sophisticated phishing system.

eWEEK.com spoke with Oliver Friedrichs, senior manager of Symantec Security Response, who said the infected image is not able to attack a system from within Internet Explorer or Outlook, but only from within Windows Explorer, the file system browsing utility. Therefore, an attacker would likely need to entice a user to view the file from within the file system. Perhaps for this reason, Symantec says the spread of the attack is limited for now."

This was the most feared scenario for this vulnerability. Because of the nature of this particular attack, as a heap-based integer underflow vulnerability, implementations of the attack are likely to be specific to the application, perhaps even versions of the application, in which the image is viewed. Friedrichs says that it may not be possible to exploit the vulnerability from within Outlook or Outlook Express.

Once the user views the infected JPEG image, named ducky.jpg, the exploit code launches and downloads a file named ll.exe from the site maybeyes.biz. This file is saved as y.exe in the c:\ directory and executed. y.exe then downloads a second file from maybeyes.biz, upd.exe, and saves it as divxencoder.exe in the %SYSTEMROOT% directory (usually c:\windows) and executes it. This file then injects a DLL file embedded in it into Windows explorer.exe.

The DLL, now infecting Windows Explorer, contacts a different system on the same provider network as maybeyes.biz and downloads from it an XML-based template file. This file describes the phishing spam message to be sent from the infected system and the e-mail addresses to which it should be sent. Analysis on the DLL is not complete.…

http://www.eweek.com/article2/0,1759,1664909,00.asp?kc=ewnws100404dtx1k0000599

Monday, October 04, 2004

Skype for Pocket PC
Skype for Pocket PC is free and simple software that enables you to make free calls anywhere in the world with your handheld. Created by the people who brought you KaZaA, Skype uses innovative P2P (peer-to-peer) technology to connect you with other users. It is quick and easy to install and offers several features, including SkypeOut calling from Skype to regular and mobile phones worldwide, free conference calling, and secure file transfer. Skype calls have better sound quality than your regular phone and are highly secure with end-to-end encryption.

Publisher:Skype
Date added:September 16, 2004
License:Free
Minimum requirements:400 MHz XScale processor,WiFi-enabled
Uninstaller included?:No

http://downloads-zdnet.com.com/Remote-PC-Access/3000-7240-10319519.html?tag=list

Zombie armies behind cyberscrime sprees | Tech News on ZDNet

Zombie armies behind cyberscrime sprees Tech News on ZDNet:
"Security experts are beginning to see a pattern in cybercrimes.

According to communications firm Energis, online crime appears to be occurring in cyclical patterns related to the creation of botnets--zombie armies of PCs that have been taken control of without the owners' knowledge.
'When you see the creation of zombie networks, you can almost see the life cycle of a spam and virus attack,' said Malcom Seagrave, head of security strategy for Energis. 'It's the same with DDoS [denial-of-service] attacks and those who steal data.'
'It's almost predictable. We can't prove it, but we think they are related. They are well-organized and they are beating the security industry.'
Seagrave said combined threats, such as keystroke-logging Trojans embedded in spam, were causing serious damage to company networks.
'Some of their methods, we just can't work out,' he said. 'But the most important way to stop this is user education.' "

Botnets are readily available for hire on the Internet. According to anti-spam campaigner Steve Linford of Spamhaus, botnets are first set up for spammers to hire and then sold on--often for DDoS attacks--when they have been blocked by anti-spam firms.

Seagrave said he thought that online retailers needed to beef up their security in time for Christmas: "You'll almost certainly see a DDoS attack coming before Christmas. Retailers will have to be wary as you can expect a growth in attacks this year."

http://news.zdnet.com/2100-1009_22-5392694.html?tag=adnews